Keycloak deplyoment

terraform/main.tf

@@ -1,12 +1,14 @@
+variable "endpoint" {
+  default = "192.168.15.92"
+}
 module "caddy" {
   source               = "./modules/caddy"
   cloudflare_api_token = var.cloudflare_caddy_api_token
-  endpoint             = "192.168.15.92"
+  endpoint             = var.endpoint
   providers = {
     nomad = nomad
   }
 }
-
 module "postgree" {
   source            = "./modules/postgreeSQL"
   postgree_user     = var.postgree_user
@@ -18,3 +20,14 @@ module "postgree" {
   }
 }
 
+module "keycloak" {
+  source            = "./modules/keycloak"
+  postgree_user     = var.postgree_user
+  postgree_password = var.postgree_password
+  postgree_endpoint = var.endpoint
+  KC_USER =  var.kc_user
+  KC_PASSWORD = var.kc_password
+  providers = {
+    nomad = nomad
+  }
+}

terraform/modules/caddy/conf/Caddyfile

@@ -47,4 +47,11 @@ pgadmin.lab.marioverde.com.br {
     tls {
 	    dns cloudflare "${cloudflare_api_token}"
     }
+}
+
+keycloak.lab.marioverde.com.br {
+    reverse_proxy "${endpoint}:7080"
+    tls {
+	    dns cloudflare "${cloudflare_api_token}"
+    }
 }

terraform/modules/keycloak/conf/keycloak.hcl

@@ -0,0 +1,63 @@
+job "keycloak" {
+  datacenters = ["dc"]
+  type        = "service"
+
+  group "keycloak" {
+    count = 1
+
+    network {
+
+      port "keycloak_1" {
+        static = 7080
+        to     = 8080
+      }
+    }
+
+    restart {
+      attempts = 2
+      interval = "5m"
+      delay    = "30s"
+      mode     = "delay"
+    }
+
+    task "keycloak" {
+      driver = "docker"
+      
+      config {
+        image = "quay.io/keycloak/keycloak:latest"
+        volumes = [
+        ]
+        args = ["start"]
+        ports = ["keycloak_1"]
+      }
+      env {
+          KC_DB="postgres"
+          KC_DB_URL="jdbc:postgresql://${POSTGREE_ENDPOINT}:5432/"
+          KC_DB_URL_HOST="${POSTGREE_ENDPOINT}:5432"
+          KC_DB_USERNAME="${POSTGREE_USER}"
+          KC_DB_PASSWORD="${POSTGREE_PASSWORD}"
+          KC_HOSTNAME_STRICT="false"
+          KC_HOSTNAME_STRICT_BACKCHANNEL="false"
+          KEYCLOAK_ADMIN="${KC_USER}"
+          KEYCLOAK_ADMIN_PASSWORD="${KC_PASSWORD}"
+          KC_PROXY="edge"
+      }
+
+      resources {
+        cpu    = 1000
+        memory = 1024
+      }
+      service {
+            name = "keycloak"
+            port = "keycloak_1"
+            provider = "nomad"
+        }
+
+      logs {
+        max_files     = 5
+        max_file_size = 15
+      }
+    }
+
+  }
+}

terraform/modules/keycloak/job.tf

@@ -0,0 +1,10 @@
+resource "nomad_job" "app" {
+  jobspec = templatefile("${path.module}/conf/keycloak.hcl", {
+    NOMAD_ALLOC_DIR   = "/alloc"
+    POSTGREE_ENDPOINT = var.postgree_endpoint
+    POSTGREE_USER     = var.postgree_user
+    POSTGREE_PASSWORD = var.postgree_password
+    KC_USER = var.KC_USER
+    KC_PASSWORD = var.KC_PASSWORD
+  })
+}

terraform/modules/keycloak/providers..tf

@@ -0,0 +1,9 @@
+terraform {
+  required_providers {
+    nomad = {
+      source  = "hashicorp/nomad"
+      version = "2.0.0-rc.1"
+    }
+  }
+  required_version = ">= 0.14"
+}

terraform/modules/keycloak/variables.tf

@@ -0,0 +1,24 @@
+variable "postgree_user" {
+  type        = string
+  description = "Postgree username"
+}
+
+variable "postgree_password" {
+  type        = string
+  description = "Poastgree password"
+}
+
+variable "postgree_endpoint" {
+  type        = string
+  description = "Postgree endpoint"
+}
+
+variable "KC_USER" {
+  type        = string
+  description = "Keycloak default user"
+}
+
+variable "KC_PASSWORD" {
+  type        = string
+  description = "Keycloak default password"
+}

terraform/variables.tf

@@ -22,3 +22,13 @@ variable "pgadmin_password" {
   type        = string
   description = "PgAdmin password"
 }
+
+variable "kc_user" {
+  type        = string
+  description = "Keycloak default user"
+}
+
+variable "kc_password" {
+  type        = string
+  description = "Keycloak default password"
+}