[keycloak-dev] Deploying Keycloak via Ansible
Juraci Paixão Kröhling
juraci at kroehling.de
Fri Jan 8 04:08:40 EST 2016
Looks really nice! A couple of comments:
1) I'd rather not open the management port on firewalld. If I would need
to access the Wildfly console, I'd make a SSH tunnel and load it as if
it were localhost. IIRC, the management ports are bound only to
localhost anyway, so, opening the management port is not effective.
2) I'd follow the standards from the Wildfly package. Run
$ rpm -ql wildfly
to see where Wildfly puts the stuff. But instead of installing things on
/usr/share/wildfly, for instance, you could install on
/usr/share/keycloak , copying the SELinux context from
/usr/share/wildfly . This way, you get the extra security features from
that.
Those are only "nice things to have" and all in all, I think you did a
great job with this!
- Juca.
On 07.01.2016 19:44, Adam Young wrote:
> For my work, I need to be able to automate deploying Keycloak. I've
> been using Ansible, so, here is my first hack at it:
>
> http://adam.younglogic.com/2016/01/deploying-keycloak-via-ansible/
>
> Feedback welcome.
>
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
More information about the keycloak-dev
mailing list