Looks like my little starter blog is working. At least there is some activity around it.
After all the things I went back to rewriting my infra components to Podman Quadlets 1 by utilizing Ansible. I think, I figured out general pattern. Yet, I’m not quite happy how do I handle network creation. I need to encapsulate it into single generic role instead writing the same network role in every collection.
Now I need to dynamically generate and inject Keycloak Admin secrets from the HashiCorp Vault. I can do that manually. Or I can do that with Ansible. But I want it to be dynamic and trace-able.
After Keycloak will be bootstrapped, I need to configure SSO for the Vault itself.