Looks really nice! A couple of comments:
1) I'd rather not open the management port on firewalld. If I would need
to access the Wildfly console, I'd make a SSH tunnel and load it as if
it were localhost. IIRC, the management ports are bound only to
localhost anyway, so, opening the management port is not effective.
2) I'd follow the standards from the Wildfly package. Run
$ rpm -ql wildfly
to see where Wildfly puts the stuff. But instead of installing things on
/usr/share/wildfly, for instance, you could install on
/usr/share/keycloak , copying the SELinux context from
/usr/share/wildfly . This way, you get the extra security features from
that.
Those are only "nice things to have" and all in all, I think you did a
great job with this!
- Juca.
On 07.01.2016 19:44, Adam Young wrote:
For my work, I need to be able to automate deploying Keycloak.
I've
been using Ansible, so, here is my first hack at it:
http://adam.younglogic.com/2016/01/deploying-keycloak-via-ansible/
Feedback welcome.
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev