Skip to content

Commit

Permalink
Merge pull request #187 from roumano/parse_proxy_headers
Browse files Browse the repository at this point in the history 
Permit parse reverse proxy headers
  • Loading branch information
@guidograzioli
guidograzioli authored Apr 17, 2024
2 parents 10d4cb8 + ea57f8b commit 4ba9014
Show file tree
Hide file tree
Showing 3 changed files with 11 additions and 2 deletions.
2 changes: 1 addition & 1 deletion roles/keycloak_quarkus/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ Role Defaults
|`keycloak_quarkus_https_trust_store_enabled`| Enalbe confiugration of a trust store | `False` |
|`keycloak_quarkus_trust_store_file`| The file pat to the trust store | `{{ keycloak.home }}/conf/trust_store.p12` |
|`keycloak_quarkus_trust_store_password`| Password for the trust store | `""` |

|`keycloak_quarkus_proxy_headers`| Parse reverse proxy headers (`forwarded` or `xforwardedPassword`) | `""` |

* Hostname configuration

Expand Down
4 changes: 4 additions & 0 deletions roles/keycloak_quarkus/meta/argument_specs.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -285,6 +285,10 @@ argument_specs:
default: 'edge'
type: "str"
description: "The proxy address forwarding mode if the server is behind a reverse proxy. Set to 'none' if not using a proxy"
keycloak_quarkus_proxy_headers:
default: ""
type: "str"
description: "Parse reverse proxy headers (`forwarded` or `xforwardedPassword`), overrides the deprecated keycloak_quarkus_proxy_mode argument"
keycloak_quarkus_start_dev:
default: false
type: "bool"
Expand Down
7 changes: 6 additions & 1 deletion roles/keycloak_quarkus/templates/keycloak.conf.j2
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,9 +54,14 @@ cache-config-file=cache-ispn.xml
{% endif %}

{% if keycloak_quarkus_proxy_mode is defined and keycloak_quarkus_proxy_mode != "none" %}
# Proxy
# Deprecated Proxy configuration
proxy={{ keycloak_quarkus_proxy_mode }}
{% endif %}
{% if keycloak_quarkus_proxy_headers is defined and keycloak_quarkus_proxy_headers != "none" %}
# Proxy
proxy-headers={{ keycloak_quarkus_proxy_headers }}
{% endif %}

spi-sticky-session-encoder-infinispan-should-attach-route={{ keycloak_quarkus_spi_sticky_session_encoder_infinispan_should_attach_route | d(true) | lower }}

# Transaction
Expand Down

0 comments on commit 4ba9014

Please sign in to comment.