feat(docker): Add karakeep and keycloak services

Signed-off-by: Tuan-Dat Tran <tuan-dat.tran@tudattr.dev>
2025-04-24 20:24:33 +02:00
parent 6934a9f5fc
commit 42196a32dc
11 changed files with 776 additions and 629 deletions
--- a/group_vars/docker/keycloak.yml
+++ b/group_vars/docker/keycloak.yml
@@ -0,0 +1,51 @@
+keycloak_admin_hash: "{{ vault.docker.keycloak.admin.hash }}"
+
+keycloak_config:
+  reals:
+    - realm: homelab
+      display_name: "Homelab Realm"
+      users:
+        - username: tudattr
+          password: "{{ vault.docker.keycloak.user.password }}"
+          realm_roles:
+            - offline_access
+            - uma_authorization
+          client_roles:
+            account:
+              - view-profile
+              - manage-account
+      admin:
+        username: "serviceadmin-{{ keycloak_admin_hash }}"
+        password: "{{ vault.docker.keycloak.admin.password }}"
+        realm_roles:
+          - offline_access
+          - uma_authorization
+          - admin
+        client_roles:
+          realm_management:
+            - realm-admin
+          account:
+            - view-profile
+            - manage-account
+      roles:
+        realm:
+          - name: admin
+            description: "Administrator role for the homelab realm"
+        default_roles:
+          - offline_access
+          - uma_authorization
+    - realm: master
+      display_name: "master"
+      admin:
+        username: "serviceadmin-{{ keycloak_admin_hash }}"
+        password: "{{ vault.docker.keycloak.admin.password }}"
+        realm_roles:
+          - offline_access
+          - uma_authorization
+          - admin
+        client_roles:
+          realm_management:
+            - realm-admin
+          account:
+            - view-profile
+            - manage-account