keycloak-formula/keycloak/init.sls
2024-09-08 21:18:25 +02:00

53 lines
2.2 KiB
Text

keycloak data directory exists:
file.directory:
- name: /opt/keycloak/pg_data
- makedirs: True
keycloak_docker_net_present:
docker_network.present:
- name: keycloak
keycloak_database_running:
docker_container.running:
- name: keycloak_postgres
- image: {{ salt['pillar.get']('postgres:image:path', 'docker.io/library/postgres') }}:{{ salt['pillar.get']('postgres:image:version', '16') }}
- container_name: keycloak_postgres
- environment:
- POSTGRES_DB: keycloak
- POSTGRES_USER: keycloak
- POSTGRES_PASSWORD: keycloak
- restart: always
- networks:
- keycloak
- binds:
- /opt/keycloak/pg_data:/var/lib/postgresql/data
keycloak docker container running:
docker_container.running:
- name: keycloak
- image: {{ salt['pillar.get']('keycloak:image:path', 'quay.io/keycloak/keycloak') }}:{{ salt['pillar.get']('keycloak:image:version', '25.0') }}
- container_name: keycloak
- environment:
- KEYCLOAK_ADMIN: {{ salt['pillar.get']('keycloak:config:default:admin_user', 'admin') }}
- KEYCLOAK_ADMIN_PASSWORD: {{ salt['pillar.get']('keycloak:config:default:admin_password', 'admin') }}
- KC_DB: postgres
- KC_DB_URL: {{ salt['pillar.get']('keycloak:config:db:postgres_uri', '') }}
- KC_DB_PASSWORD: {{ salt['pillar.get']('keycloak:config:db:postgres_pwd', '') }}
- KC_DB_USER: {{ salt['pillar.get']('keycloak:config:db:postgres_user', 'keycloak') }}
- KC_HOSTNAME_STRICT: "{{ salt['pillar.get']('keycloak:config:default:hostname_strict', 'true') }}"
- KC_HOSTNAME: {{ salt['pillar.get']('keycloak:config:default:site', 'localhost') }}
- KC_HOSTNAME_PORT: {{ salt['pillar.get']('keycloak:config:default:port', '443') }}
- KC_PROXY: {{ salt['pillar.get']('keycloak:config:default:proxy', 'edge') }}
- KC_FEATURES: {{ salt['pillar.get']('keycloak:config:default:features', 'persistent-user-sessions') }}
- restart: always
- networks:
- keycloak
- bridge
- command:
- start
- binds:
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
- port_bindings:
- "{{ salt['pillar.get']('keycloak:container_web_port', "127.0.0.1:8080") }}:8080"