feat(docker): Add karakeep and keycloak services

Signed-off-by: Tuan-Dat Tran <tuan-dat.tran@tudattr.dev>
2025-04-24 20:24:33 +02:00
parent 6934a9f5fc
commit 42196a32dc
11 changed files with 776 additions and 629 deletions
--- a/roles/docker_host/templates/keycloak/realm.json.j2
+++ b/roles/docker_host/templates/keycloak/realm.json.j2
@@ -0,0 +1,77 @@
+{
+  "realm": "{{ keycloak.realm }}",
+  "enabled": true,
+  "displayName": "{{ keycloak.display_name }}",
+  "displayNameHtml": "<div class=\"kc-logo-text\">{{keycloak.display_name}}</div>",
+  "bruteForceProtected": true,
+  "users": [
+  {%- for user in keycloak.users %}
+    {
+      "username": "{{ user.username }}",
+      "enabled": true,
+      "credentials": [
+        {
+          "type": "password",
+          "value": "{{ user.password }}",
+          "temporary": false
+        }
+      ],
+      "realmRoles": [
+    {%- for realm_role in user.realm_roles %}
+        "{{ realm_role }}"{%- if not loop.last %},{%- endif %}
+    {% endfor %}
+      ],
+      "clientRoles": {
+        "account": [
+    {%- for account in user.client_roles.account %}
+        "{{ account }}"{%- if not loop.last %},{%- endif %}
+    {% endfor %}
+        ]
+      }
+    },
+  {% endfor %}
+    {
+      "username": "{{ keycloak.admin.username }}",
+      "enabled": true,
+      "credentials": [
+        {
+          "type": "password",
+          "value": "{{ keycloak.admin.password }}",
+          "temporary": false
+        }
+      ],
+      "realmRoles": [
+    {%- for realm_role in keycloak.admin.realm_roles %}
+        "{{ realm_role }}"{% if not loop.last %},{% endif %}
+    {% endfor %}
+      ],
+      "clientRoles": {
+        "realm-management": [
+    {%- for realm_management in keycloak.admin.client_roles.realm_management %}
+        "{{ realm_management }}"{%- if not loop.last %},{%- endif %}
+    {% endfor %}
+        ],
+        "account": [
+    {%- for account in keycloak.admin.client_roles.account %}
+        "{{ account }}"{%- if not loop.last %},{%- endif %}
+    {% endfor %}
+        ]
+      }
+    }
+  ],
+  "roles": {
+    "realm": [
+    {%- for role in keycloak.roles.realm %}
+      {
+        "name": "{{ role.name }}",
+        "description": "{{ role.name }}"
+      }{% if not loop.last %},{% endif %}
+    {% endfor %}
+    ]
+  },
+  "defaultRoles": [
+    {%- for role in keycloak.roles.default_roles %}
+        "{{ role }}"{% if not loop.last %},{% endif %}
+    {% endfor %}
+  ]
+}