40 lines
866 B
Django/Jinja
40 lines
866 B
Django/Jinja
{{ ansible_managed | comment }}
|
|
|
|
[Unit]
|
|
Description = Keycloak Server
|
|
Requires = keycloak-postgres.service
|
|
After = keycloak-postgres.service
|
|
|
|
[Service]
|
|
Restart = always
|
|
RestartSec = 5s
|
|
|
|
[Container]
|
|
Image = {{ keycloak_containerimage }}:{{ keycloak_image_tag }}
|
|
ContainerName = keycloak
|
|
|
|
Exec = start \
|
|
--db=postgres \
|
|
--proxy-headers=xforwarded \
|
|
--http-enabled=true \
|
|
--features=persistent-user-sessions
|
|
|
|
AutoUpdate = registry
|
|
LogDriver = journald
|
|
|
|
NoNewPrivileges = true
|
|
DropCapability = all
|
|
UserNS = auto:size=65535
|
|
|
|
Network = keycloak.network
|
|
Network = caddy.network
|
|
ExposeHostPort = 8080
|
|
|
|
EnvironmentFile = {{ keycloak_install_dir }}/keycloak.env
|
|
|
|
PodmanArgs = --memory={{ keycloak_memory_high }}
|
|
PodmanArgs = --memory-swap={{ keycloak_swap_max }}
|
|
PodmanArgs = --memory-reservation={{ keycloak_memory_low }}
|
|
|
|
[Install]
|
|
WantedBy = default.target
|