├── handlers └── main.yml ├── .yamllint.yaml ├── .config └── ansible-lint.yml ├── templates └── keycloak.sh.j2 ├── .gitignore ├── meta ├── requirements.yml └── main.yml ├── .github └── workflows │ └── build.yml ├── test.yml ├── vars └── main.yml ├── dl-checksum.sh ├── README.md ├── platform-matrix-v1.json ├── LICENSE ├── tasks └── main.yml └── defaults └── main.yml /handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for keycloak 3 | -------------------------------------------------------------------------------- /.yamllint.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | rules: 3 | line-length: disable 4 | -------------------------------------------------------------------------------- /.config/ansible-lint.yml: -------------------------------------------------------------------------------- 1 | --- 2 | skip_list: 3 | - 'name[template]' 4 | -------------------------------------------------------------------------------- /templates/keycloak.sh.j2: -------------------------------------------------------------------------------- 1 | export PATH=$PATH:{{ keycloak_link_dir }}/bin 2 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | **~*.retry 2 | Dockerfile.* 3 | requirements.yml 4 | !meta/requirements.yml 5 | **/*undo-tree* 6 | .ansible -------------------------------------------------------------------------------- /meta/requirements.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: andrewrothstein.unarchivedeps 3 | version: 3.0.4 4 | - name: andrewrothstein.temurin 5 | version: 2.0.7 6 | -------------------------------------------------------------------------------- /.github/workflows/build.yml: -------------------------------------------------------------------------------- 1 | --- 2 | jobs: 3 | bake-ansible-images-v1: 4 | uses: andrewrothstein/.github/.github/workflows/bake-ansible-images-v1.yml@develop 5 | 'on': push 6 | -------------------------------------------------------------------------------- /test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Testing andrewrothstein.keycloak 3 | hosts: all 4 | roles: 5 | - role: '{{ playbook_dir }}' 6 | tasks: 7 | - name: Executing 'kc.sh --version' 8 | ansible.builtin.command: sh -lc 'kc.sh --version' 9 | changed_when: false 10 | register: keycloak_test_output 11 | - name: Output of 'kc.sh --version' 12 | ansible.builtin.debug: 13 | msg: '{{ keycloak_test_output.stdout }}' 14 | -------------------------------------------------------------------------------- /vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | keycloak_name: keycloak-{{ keycloak_ver }} 3 | keycloak_tgz: '{{ keycloak_name }}.tar.gz' 4 | keycloak_tmp_tgz: /tmp/{{ keycloak_tgz }} 5 | keycloak_tgz_url: '{{ keycloak_mirror }}/{{ keycloak_ver }}/{{ keycloak_tgz }}' 6 | keycloak_checksum: '{{ keycloak_checksums[keycloak_ver] }}' 7 | 8 | keycloak_install_dir: '{{ keycloak_parent_install_dir }}/{{ keycloak_name }}' 9 | keycloak_link_dir: '{{ keycloak_parent_install_dir }}/keycloak' 10 | -------------------------------------------------------------------------------- /dl-checksum.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env sh 2 | set -e 3 | DIR=~/Downloads 4 | MIRROR=https://github.com/keycloak/keycloak/releases/download 5 | 6 | # https://github.com/keycloak/keycloak/releases/download/12.0.4/keycloak-12.0.4.tar.gz.sha1 7 | 8 | dl_ver() { 9 | local ver=$1 10 | local url=$MIRROR/$ver/keycloak-${ver}.tar.gz.sha1 11 | 12 | printf " # %s\n" $url 13 | printf " '%s': sha1:%s\n" $ver $(curl -sSLf $url) 14 | } 15 | 16 | dl_ver ${1:-26.4.6} 17 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | andrewrothstein.keycloak 2 | ========= 3 | ![Build Status](https://github.com/andrewrothstein/ansible-keycloak/actions/workflows/build.yml/badge.svg) 4 | 5 | Installs [KeyCloak](http://www.keycloak.org/) 6 | 7 | Requirements 8 | ------------ 9 | 10 | See [meta/main.yml](meta/main.yml) 11 | 12 | Role Variables 13 | -------------- 14 | 15 | See [defaults/main.yml](defaults/main.yml) 16 | 17 | Dependencies 18 | ------------ 19 | 20 | See [meta/main.yml](meta/main.yml) 21 | 22 | Example Playbook 23 | ---------------- 24 | 25 | ```yml 26 | - hosts: servers 27 | roles: 28 | - andrewrothstein.keycloak 29 | ``` 30 | 31 | License 32 | ------- 33 | 34 | MIT 35 | 36 | Author Information 37 | ------------------ 38 | 39 | Andrew Rothstein 40 | -------------------------------------------------------------------------------- /meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | galaxy_info: 3 | author: Andrew Rothstein 4 | company: BlackRock 5 | description: Installs keycloak 6 | galaxy_tags: 7 | - sso 8 | - secret 9 | - key 10 | license: MIT 11 | min_ansible_version: '2.0' 12 | namespace: andrewrothstein 13 | platforms: 14 | - name: Alpine 15 | versions: 16 | - all 17 | - name: ArchLinux 18 | versions: 19 | - all 20 | - name: Debian 21 | versions: 22 | - bookworm 23 | - bullseye 24 | - name: EL 25 | versions: 26 | - '8' 27 | - '9' 28 | - name: Fedora 29 | versions: 30 | - '41' 31 | - '42' 32 | - name: Ubuntu 33 | versions: 34 | - jammy 35 | - noble 36 | role_name: keycloak 37 | -------------------------------------------------------------------------------- /platform-matrix-v1.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "OS": "alpine", 4 | "OS_VER": "3.21" 5 | }, 6 | { 7 | "OS": "alpine", 8 | "OS_VER": "3.22" 9 | }, 10 | { 11 | "OS": "alpine", 12 | "OS_VER": "edge" 13 | }, 14 | { 15 | "OS": "archlinux", 16 | "OS_VER": "latest" 17 | }, 18 | { 19 | "OS": "debian", 20 | "OS_VER": "bookworm" 21 | }, 22 | { 23 | "OS": "debian", 24 | "OS_VER": "bullseye" 25 | }, 26 | { 27 | "OS": "fedora", 28 | "OS_VER": "41" 29 | }, 30 | { 31 | "OS": "fedora", 32 | "OS_VER": "42" 33 | }, 34 | { 35 | "OS": "rockylinux", 36 | "OS_VER": "8" 37 | }, 38 | { 39 | "OS": "rockylinux", 40 | "OS_VER": "9" 41 | }, 42 | { 43 | "OS": "ubuntu", 44 | "OS_VER": "jammy" 45 | }, 46 | { 47 | "OS": "ubuntu", 48 | "OS_VER": "noble" 49 | } 50 | ] -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2017 Andrew Rothstein 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | 23 | -------------------------------------------------------------------------------- /tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Installing andrewrothstein.temurin 3 | ansible.builtin.include_role: 4 | name: andrewrothstein.temurin 5 | vars: 6 | temurin_app: jre 7 | - name: Check for existing install at {{ keycloak_install_dir }} 8 | become: true 9 | become_user: root 10 | ansible.builtin.stat: 11 | path: '{{ keycloak_install_dir }}' 12 | changed_when: false 13 | register: keycloak_binary 14 | - name: Downloading and installing keycloak 15 | when: not keycloak_binary.stat.exists 16 | block: 17 | - name: Downloading {{ keycloak_tgz_url }}... 18 | become: true 19 | become_user: root 20 | ansible.builtin.get_url: 21 | url: '{{ keycloak_tgz_url }}' 22 | dest: '{{ keycloak_tmp_tgz }}' 23 | checksum: '{{ keycloak_checksum }}' 24 | mode: '644' 25 | - name: Installing andrewrothstein.unarchivedeps 26 | ansible.builtin.include_role: 27 | name: andrewrothstein.unarchivedeps 28 | - name: Unarchiving {{ keycloak_tmp_tgz }} 29 | become: true 30 | become_user: root 31 | ansible.builtin.unarchive: 32 | remote_src: true 33 | src: '{{ keycloak_tmp_tgz }}' 34 | dest: '{{ keycloak_parent_install_dir }}' 35 | creates: '{{ keycloak_install_dir }}' 36 | always: 37 | - name: Rm {{ keycloak_tmp_tgz }} 38 | become: true 39 | become_user: root 40 | ansible.builtin.file: 41 | path: '{{ keycloak_tmp_tgz }}' 42 | state: absent 43 | 44 | - name: Linking {{ keycloak_link_dir }} to {{ keycloak_install_dir }} 45 | become: true 46 | become_user: root 47 | ansible.builtin.file: 48 | src: '{{ keycloak_install_dir }}' 49 | dest: '{{ keycloak_link_dir }}' 50 | state: link 51 | 52 | - name: Adding keycloak to the default bash login shell's path 53 | become: true 54 | become_user: root 55 | with_items: 56 | - f: keycloak.sh 57 | d: /etc/profile.d 58 | ansible.builtin.template: 59 | src: '{{ item.f }}.j2' 60 | dest: '{{ item.d }}/{{ item.f }}' 61 | mode: '{{ item.m | default("644") }}' 62 | -------------------------------------------------------------------------------- /defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | keycloak_ver: 26.4.6 3 | keycloak_mirror: https://github.com/keycloak/keycloak/releases/download 4 | 5 | keycloak_parent_install_dir: /usr/local 6 | 7 | keycloak_checksums: 8 | # https://downloads.jboss.org/keycloak/3.2.1.Final/keycloak-3.2.1.Final.tar.gz.sha1 9 | '3.2.1.Final': sha1:de6d7ac62e2a82c7ecdfcf04c9970163415d9b75 10 | # https://downloads.jboss.org/keycloak/3.4.3.Final/keycloak-3.4.3.Final.tar.gz.sha1 11 | '3.4.3.Final': sha1:f2b1272ab8d4413f408b444bc2108740845bc976 12 | # https://downloads.jboss.org/keycloak/4.4.0.Final/keycloak-4.4.0.Final.tar.gz.sha1 13 | '4.4.0.Final': sha1:5a1cf11f69862ff6944267a4e5509e9afaedddcb 14 | # https://downloads.jboss.org/keycloak/4.6.0.Final/keycloak-4.6.0.Final.tar.gz.sha1 15 | '4.6.0.Final': sha1:1dadc90860ec429a35e6e50b5ac4f4b6a7511dcc 16 | # https://downloads.jboss.org/keycloak/4.7.0.Final/keycloak-4.7.0.Final.tar.gz.sha1 17 | '4.7.0.Final': sha1:abb81b88ab762d58cb9d9c20948649265acfc356 18 | # https://downloads.jboss.org/keycloak/4.8.3.Final/keycloak-4.8.3.Final.tar.gz.sha1 19 | '4.8.3.Final': sha1:16abcbeb6a76f46a985eff66d69a326ca9a64a54 20 | # https://downloads.jboss.org/keycloak/5.0.0/keycloak-5.0.0.tar.gz.sha1 21 | '5.0.0': sha1:45848b55c36c8df3cbfeb156c7e4a71b61c4674a 22 | # https://downloads.jboss.org/keycloak/6.0.1/keycloak-6.0.1.tar.gz.sha1 23 | '6.0.1': sha1:472b37ccc9b5bb3119295c2880db49aada2fe9ed 24 | # https://downloads.jboss.org/keycloak/7.0.0/keycloak-7.0.0.tar.gz.sha1 25 | '7.0.0': sha1:0b55ca857682928968efaf64b75dbe0c16b7644c 26 | # https://downloads.jboss.org/keycloak/7.0.1/keycloak-7.0.1.tar.gz.sha1 27 | '7.0.1': sha1:eb2213cf652c08a61a756e32343a138e13a31c95 28 | # https://downloads.jboss.org/keycloak/8.0.0/keycloak-8.0.0.tar.gz.sha1 29 | '8.0.0': sha1:c08d2fffa5a054eb47d1833aadf95a1d3e09df9f 30 | # https://downloads.jboss.org/keycloak/8.0.1/keycloak-8.0.1.tar.gz.sha1 31 | '8.0.1': sha1:ca4d73cdba3b8ccea6777b0edbbe6bfafcc29a00 32 | # https://downloads.jboss.org/keycloak/9.0.0/keycloak-9.0.0.tar.gz.sha1 33 | '9.0.0': sha1:a667600d9e849a13e14e1bcb3b9821e28ce4ae9c 34 | # https://downloads.jboss.org/keycloak/10.0.2/keycloak-10.0.2.tar.gz.sha1 35 | '10.0.2': sha1:2b90bdefd3c837b2f3cc3d44263b6503cd6fbf62 36 | # https://downloads.jboss.org/keycloak/11.0.0/keycloak-11.0.0.tar.gz.sha1 37 | '11.0.0': sha1:398a328a180682ee58b06df148938f5de710f89f 38 | # https://github.com/keycloak/keycloak/releases/download/12.0.4/keycloak-12.0.4.tar.gz.sha1 39 | '12.0.4': sha1:803e4f9f085b0560649c2486aa4378a66ddc08f0 40 | # https://github.com/keycloak/keycloak/releases/download/13.0.1/keycloak-13.0.1.tar.gz.sha1 41 | '13.0.1': sha1:940f300ecb8105c855528bd952fe5023001ec34d 42 | # https://github.com/keycloak/keycloak/releases/download/14.0.0/keycloak-14.0.0.tar.gz.sha1 43 | '14.0.0': sha1:894a7b4eee2f99f57b603c3ea7d28cd3420c0cce 44 | # https://github.com/keycloak/keycloak/releases/download/15.0.0/keycloak-15.0.0.tar.gz.sha1 45 | '15.0.0': sha1:8986ede748bd7cceef828669160e8b1de004be5f 46 | # https://github.com/keycloak/keycloak/releases/download/15.0.1/keycloak-15.0.1.tar.gz.sha1 47 | '15.0.1': sha1:55026a7b41b8d4aa6de151d77880373e5e709bb0 48 | # https://github.com/keycloak/keycloak/releases/download/15.0.2/keycloak-15.0.2.tar.gz.sha1 49 | '15.0.2': sha1:806f2ec9d64c9350d11cda809449239b60fae868 50 | # https://github.com/keycloak/keycloak/releases/download/15.1.0/keycloak-15.1.0.tar.gz.sha1 51 | '15.1.0': sha1:cb4613a8dd1987e6a47e7571af55f4e8cf3a54fc 52 | # https://github.com/keycloak/keycloak/releases/download/15.1.1/keycloak-15.1.1.tar.gz.sha1 53 | '15.1.1': sha1:914803c64b43941178acb6bdff9d99076fc7dccd 54 | # https://github.com/keycloak/keycloak/releases/download/16.0.0/keycloak-16.0.0.tar.gz.sha1 55 | '16.0.0': sha1:5efc0fdf404e8985e6a2eaa84daaa99e5440e327 56 | # https://github.com/keycloak/keycloak/releases/download/16.1.0/keycloak-16.1.0.tar.gz.sha1 57 | '16.1.0': sha1:876f64dea6e862543c6eb979450b4f1422025b33 58 | # https://github.com/keycloak/keycloak/releases/download/16.1.1/keycloak-16.1.1.tar.gz.sha1 59 | '16.1.1': sha1:4acc5d20bc3d26e25aa3bcffbc50ac9b76135c93 60 | # https://github.com/keycloak/keycloak/releases/download/19.0.1/keycloak-19.0.1.tar.gz.sha1 61 | '19.0.1': sha1:b15576f141ab51b436b777b0fdbfcd722bda2f54 62 | # https://github.com/keycloak/keycloak/releases/download/20.0.2/keycloak-20.0.2.tar.gz.sha1 63 | '20.0.2': sha1:49ccaddaf8e507b088386e731f2c6a9057a47ea9 64 | # https://github.com/keycloak/keycloak/releases/download/22.0.1/keycloak-22.0.1.tar.gz.sha1 65 | '22.0.1': sha1:eea6076b99a78f88104e3a08618f4422d0ff16e2 66 | # https://github.com/keycloak/keycloak/releases/download/24.0.2/keycloak-24.0.2.tar.gz.sha1 67 | '24.0.2': sha1:8b23e722df38fa7661a8eeb6e032c72c9e0818a9 68 | # https://github.com/keycloak/keycloak/releases/download/25.0.1/keycloak-25.0.1.tar.gz.sha1 69 | '25.0.1': sha1:8109ac7505c6f70763c247b5e52be4667585b0ce 70 | # https://github.com/keycloak/keycloak/releases/download/25.0.2/keycloak-25.0.2.tar.gz.sha1 71 | '25.0.2': sha1:c37d8545e8c0cf761a162922002b0d0d35d36ed8 72 | # https://github.com/keycloak/keycloak/releases/download/25.0.4/keycloak-25.0.4.tar.gz.sha1 73 | '25.0.4': sha1:ced25eed2079aa5900e2620393e0842bc59caaaa 74 | # https://github.com/keycloak/keycloak/releases/download/26.0.5/keycloak-26.0.5.tar.gz.sha1 75 | '26.0.5': sha1:4e3201ed7785166af7342eb757a462e691df9db6 76 | # https://github.com/keycloak/keycloak/releases/download/26.0.6/keycloak-26.0.6.tar.gz.sha1 77 | '26.0.6': sha1:083cc470c8f85862dd985361fc856357a62db4bb 78 | # https://github.com/keycloak/keycloak/releases/download/26.1.0/keycloak-26.1.0.tar.gz.sha1 79 | '26.1.0': sha1:26f54b126f9cb4a2bf49175b83717fe92ffbba48 80 | # https://github.com/keycloak/keycloak/releases/download/26.2.0/keycloak-26.2.0.tar.gz.sha1 81 | '26.2.0': sha1:19e592ba75d581f22b0756dba86b68d82605893e 82 | # https://github.com/keycloak/keycloak/releases/download/26.2.1/keycloak-26.2.1.tar.gz.sha1 83 | '26.2.1': sha1:191a9bc0313dba627282857ca62227a1f9ec7277 84 | # https://github.com/keycloak/keycloak/releases/download/26.2.2/keycloak-26.2.2.tar.gz.sha1 85 | '26.2.2': sha1:42c63e3c0fbc2782ce3b31c08e2089bd928ca121 86 | # https://github.com/keycloak/keycloak/releases/download/26.2.3/keycloak-26.2.3.tar.gz.sha1 87 | '26.2.3': sha1:40423b1128286ddda3d97f7c5f811d9af75dfa26 88 | # https://github.com/keycloak/keycloak/releases/download/26.2.4/keycloak-26.2.4.tar.gz.sha1 89 | '26.2.4': sha1:814b9b3e149e90ca1e6eda2963a72d480f3bd840 90 | # https://github.com/keycloak/keycloak/releases/download/26.2.5/keycloak-26.2.5.tar.gz.sha1 91 | '26.2.5': sha1:b0f6aa48625a090713ca0964cad47846af84ebc3 92 | # https://github.com/keycloak/keycloak/releases/download/26.3.0/keycloak-26.3.0.tar.gz.sha1 93 | '26.3.0': sha1:0593485435b15d08337a573c85dcf0bb2c6c9638 94 | # https://github.com/keycloak/keycloak/releases/download/26.3.1/keycloak-26.3.1.tar.gz.sha1 95 | '26.3.1': sha1:a0c5b70bf7b638c9eaf85c86d5d4774d6d4586a6 96 | # https://github.com/keycloak/keycloak/releases/download/26.3.2/keycloak-26.3.2.tar.gz.sha1 97 | '26.3.2': sha1:3568d70a13866c35e4aafa3bcadac70b0945afeb 98 | # https://github.com/keycloak/keycloak/releases/download/26.3.3/keycloak-26.3.3.tar.gz.sha1 99 | '26.3.3': sha1:054c70005ca9789b97acb8407fd043df6ed90f03 100 | # https://github.com/keycloak/keycloak/releases/download/26.3.4/keycloak-26.3.4.tar.gz.sha1 101 | '26.3.4': sha1:41e333c551580a7d1ef73d59716234afdbb367e0 102 | # https://github.com/keycloak/keycloak/releases/download/26.3.5/keycloak-26.3.5.tar.gz.sha1 103 | '26.3.5': sha1:8ab57bc4b844e95de37128cbfadf791e605f45e5 104 | # https://github.com/keycloak/keycloak/releases/download/26.4.0/keycloak-26.4.0.tar.gz.sha1 105 | '26.4.0': sha1:b58fa285f6bd761da13bf11fba29c9d281ea4296 106 | # https://github.com/keycloak/keycloak/releases/download/26.4.1/keycloak-26.4.1.tar.gz.sha1 107 | '26.4.1': sha1:128c06f257b82e90d2c3301b888ede9a59c06820 108 | # https://github.com/keycloak/keycloak/releases/download/26.4.2/keycloak-26.4.2.tar.gz.sha1 109 | '26.4.2': sha1:c0a967c43ff9fb950c2b5851f75f52326cd9f7ed 110 | # https://github.com/keycloak/keycloak/releases/download/26.4.4/keycloak-26.4.4.tar.gz.sha1 111 | '26.4.4': sha1:d19f48eaa586f19d8e7821fd1491491f401b8dc2 112 | # https://github.com/keycloak/keycloak/releases/download/26.4.5/keycloak-26.4.5.tar.gz.sha1 113 | '26.4.5': sha1:a0c40be94a758bc7b2c6c7214088e26e75c71bdb 114 | # https://github.com/keycloak/keycloak/releases/download/26.4.6/keycloak-26.4.6.tar.gz.sha1 115 | '26.4.6': sha1:547bbd151d4315c182369631f30427169a3928cd 116 | --------------------------------------------------------------------------------