Actually, we don't need python at all

plays/lib/config.yml

@@ -0,0 +1,7 @@
+---
+- name: Load app config into playbook context
+  include_vars:
+    dir: "{{ app_config_root }}"
+    extensions:
+      - yml
+      - yaml

plays/lib/database.yml

@@ -0,0 +1,25 @@
+---
+- name: "Create {{ db['type'] }} database"
+  no_log: true
+  shell: "
+    dokku
+    {{ db['type'] }}:create
+    {{ app }}
+    --password {{ db_passwd }}
+    --root-password {{ root_db_passwd }}
+  "
+  args:
+    creates: "/var/lib/dokku/services/{{ db['type'] }}/{{ app }}"
+
+- name: Link mariadb database to application
+  dokku_service_link:
+    app: keycloak
+    name: keycloak
+    service: mariadb
+
+- name: Specify mariadb docker volume mounts
+  dokku_storage:
+    app: keycloak
+    mounts:
+      - /var/lib/dokku/services/mariadb/keycloak:/var/lib/mysql
+

plays/lib/domain.yml

@@ -0,0 +1,7 @@
+---
+- name: "Configure {{ domain }} domain with Dokku"
+  dokku_domains:
+    app: "{{ app }}"
+    domains:
+      - "{{ domain }}"
+    state: present

plays/lib/vault.yml

@@ -0,0 +1,13 @@
+---
+- name: Check if vault variables are available for loading
+  stat:
+    path: "{{ app_config_root }}/vault/"
+  register: vault_dir
+
+- name: Load vault variables into playbook context
+  include_vars:
+    dir: "{{ app_config_root }}/vault/"
+    extensions:
+      - yml
+      - yaml
+  when: vault_dir.stat.exists