keycloak data directory exists: file.directory: - name: /opt/keycloak/pg_data - makedirs: True keycloak_docker_net_present: docker_network.present: - name: keycloak keycloak_database_running: docker_container.running: - name: keycloak_postgres - image: {{ salt['pillar.get']('postgres:image:path', 'docker.io/library/postgres') }}:{{ salt['pillar.get']('postgres:image:version', '16') }} - container_name: keycloak_postgres - environment: - POSTGRES_DB: keycloak - POSTGRES_USER: keycloak - POSTGRES_PASSWORD: keycloak - restart: always - networks: - keycloak - binds: - /opt/keycloak/pg_data:/var/lib/postgresql/data keycloak docker container running: docker_container.running: - name: keycloak - image: {{ salt['pillar.get']('keycloak:image:path', 'quay.io/keycloak/keycloak') }}:{{ salt['pillar.get']('keycloak:image:version', '25.0') }} - container_name: keycloak - environment: - KEYCLOAK_ADMIN: {{ salt['pillar.get']('keycloak:config:default:admin_user', 'admin') }} - KEYCLOAK_ADMIN_PASSWORD: {{ salt['pillar.get']('keycloak:config:default:admin_password', 'admin') }} - KC_DB: postgres - KC_DB_URL: {{ salt['pillar.get']('keycloak:config:db:postgres_uri', '') }} - KC_DB_PASSWORD: {{ salt['pillar.get']('keycloak:config:db:postgres_pwd', '') }} - KC_DB_USER: {{ salt['pillar.get']('keycloak:config:db:postgres_user', 'keycloak') }} - KC_HOSTNAME_STRICT: "{{ salt['pillar.get']('keycloak:config:default:hostname_strict', 'true') }}" - KC_HOSTNAME: {{ salt['pillar.get']('keycloak:config:default:site', 'localhost') }} - KC_HOSTNAME_PORT: {{ salt['pillar.get']('keycloak:config:default:port', '443') }} - KC_PROXY: {{ salt['pillar.get']('keycloak:config:default:proxy', 'edge') }} - KC_FEATURES: {{ salt['pillar.get']('keycloak:config:default:features', 'persistent-user-sessions') }} - restart: always - networks: - keycloak - bridge - command: - start - binds: - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro - port_bindings: - "{{ salt['pillar.get']('keycloak:container_web_port', "127.0.0.1:8080") }}:8080"