saibotk-de/infrastructure
saibotk-de/infrastructure
1
0
Fork 0
Code Issues Pull requests Releases 42 Activity
infrastructure/roles/keycloak/templates/keycloak-postgres.container.j2

42 lines
1.1 KiB
Django/Jinja
Raw Blame History

{{ ansible_managed | comment }}
[Unit]
Description = Postgres for keycloak
[Service]
Restart = always
RestartSec = 5s
[Container]
Image = {{ keycloak_postgres_containerimage }}:{{ keycloak_postgres_image_tag }}
ContainerName = keycloak-postgres
AutoUpdate = registry
LogDriver = journald
NoNewPrivileges = true
ReadOnly = true
DropCapability = all
AddCapability = CHOWN DAC_OVERRIDE SETUID SETGID
UserNS = auto:size=65535
{% if keycloak_selinux_level != omit %}
SecurityLabelLevel = {{ keycloak_selinux_level }}
{% endif %}
Network = keycloak.network
ExposeHostPort = 5432
EnvironmentFile = {{ keycloak_install_dir }}/keycloak-postgres.env
Volume = {{ keycloak_install_dir }}/postgres:/var/lib/postgresql/data:U
Tmpfs = /run/postgresql:rw,noexec,nosuid,nodev,size=1m
Tmpfs = /tmp:rw,noexec,nosuid,nodev,size=50m
PodmanArgs = --memory={{ keycloak_postgres_memory_high }}
PodmanArgs = --memory-swap={{ keycloak_postgres_swap_max }}
PodmanArgs = --memory-reservation={{ keycloak_postgres_memory_low }}
PodmanArgs = --stop-signal=SIGINT
[Install]
WantedBy = default.target
Reference in a new issue View git blame Copy permalink