Allow hostname setting to not use default value (#275)

Fixes #274
treydock · Feb 15, 2023 · df8c15d · df8c15d
1 parent 295d2c3
commit df8c15d
Show file tree

Hide file tree

Showing 3 changed files with 20 additions and 4 deletions.
diff --git a/README.md b/README.md
@@ -271,6 +271,8 @@ apache::vhost { 'idp.example.com':
 }
 ```
 
+**NOTE:** Can set `hostname` parameter to `unset` if you wish for that configuration to not be set in the Keycloak configuration if you wish for Keycloak to not use strict hostname checking and respond to multiple hostnames.
+
 ### Deploy SPI
 
 A simple example of deploying a custom SPI from a URL:

diff --git a/manifests/init.pp b/manifests/init.pp
@@ -52,6 +52,7 @@
 #   Additional configs for keycloak.conf
 # @param hostname
 #   hostname to set in keycloak.conf
+#   Set to `unset` or `UNSET` to not define this in keycloak.conf
 # @param http_enabled
 #   Whether to enable HTTP
 # @param http_host
@@ -225,7 +226,7 @@
   Optional[Stdlib::Absolutepath] $service_environment_file = undef,
   Keycloak::Configs $configs = {},
   Hash[String, Variant[String[1],Boolean,Array]] $extra_configs = {},
-  Stdlib::Host $hostname = $facts['networking']['fqdn'],
+  Variant[Stdlib::Host, Enum['unset','UNSET']] $hostname = $facts['networking']['fqdn'],
   Boolean $http_enabled = true,
   Stdlib::IP::Address $http_host = '0.0.0.0',
   Stdlib::Port $http_port = 8080,
@@ -326,7 +327,7 @@
     'features' => $features,
     'features-disabled' => $features_disabled,
     'proxy' => $proxy,
-  }
+  }.filter |$key, $value| { $value =~ NotUndef and ! ($value in ['unset', 'UNSET']) }
   if $truststore {
     $truststore_configs = {
       'https-trust-store-file' => $truststore_file,
@@ -350,11 +351,16 @@
       $validator_server = $config['http-host']
     }
   } else {
+    if $config['hostname'] in ['unset', 'UNSET'] {
+      $hostname = $facts['networking']['fqdn']
+    } else {
+      $hostname = $config['hostname']
+    }
     $wrapper_protocol = 'https'
     $wrapper_port = $config['https-port']
-    $wrapper_address = $config['hostname']
+    $wrapper_address = $hostname
     $validator_port = $config['https-port']
-    $validator_server = $config['hostname']
+    $validator_server = $hostname
     $validator_ssl = true
   }
   $wrapper_server = "${wrapper_protocol}://${wrapper_address}:${wrapper_port}${config['http-relative-path']}"

diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb
@@ -142,6 +142,14 @@
                                      ])
         end
 
+        context 'when hostname is unset' do
+          let(:params) { { hostname: 'unset' } }
+
+          it do
+            is_expected.to contain_file("/opt/keycloak-#{version}/conf/keycloak.conf").without_content(%r{^hostname=})
+          end
+        end
+
         context 'when features defined' do
           let(:params) { { features: ['authorization', 'impersonation'] } }
-Original file line number
+Diff line change
@@ Expand Up / @@ -271,6 +271,8 @@ apache::vhost { 'idp.example.com': @@
     }
     ```
+    **NOTE:** Can set `hostname` parameter to `unset` if you wish for that configuration to not be set in the Keycloak configuration if you wish for Keycloak to not use strict hostname checking and respond to multiple hostnames.
     ### Deploy SPI
     A simple example of deploying a custom SPI from a URL:
@@ Expand Down @@