diff --git a/group_vars/all/vault b/group_vars/all/vault
index e6892a8..2794112 100644
--- a/group_vars/all/vault
+++ b/group_vars/all/vault
@@ -1,7 +1,14 @@
 $ANSIBLE_VAULT;1.1;AES256
-66346339616339316665383163613863376439383934626434313163376634306435656437353165
-6263666165323933346232356234656137646466336466360a656639643838323563643235363933
-30333435366138343930636130373239663735303164636639633039326131343533343561393561
-3864653732636464320a396563643963393862353962323462616231393332633131633832336338
-36633138646430623563316538643534666230363638333732633432316533343263303766616561
-6431623436633030393133616166323434613464636631646338
+32366334663864626633613637366638313737333863613564633066343832313732646261613862
+6235326333333030336233363963623964643736353336630a666637623235313237383961396532
+65326234323631646537333130623331633633383634313030613065646566343866666163383663
+6131323731666232320a356162666437363538383163666230663636636662346365623263363838
+63636330636438663962653636366332366363666661366263306537363533663830346437363031
+65383531333631383033383561633633383665306335663364636166653266303765373234356135
+65656665333636633539323765616364666332323365333333343436613939393966313731373461
+65376633663638653632383761303939376463353166653135333132353937316636376165633936
+63363730616538353366666330646564373765613363653062383263653362663266346238643066
+64366437623736616631373134333439373062373537316134373033666464383532666436306231
+65333139653330383133363163623635306432653438303438616636363531633439303862346638
+35343065353966613838376338306132626132313632643765323436313961306535623235633364
+6461
diff --git a/group_vars/all/vault.exemple b/group_vars/all/vault.exemple
new file mode 100644
index 0000000..198225f
--- /dev/null
+++ b/group_vars/all/vault.exemple
@@ -0,0 +1,5 @@
+vault_email: user@example.com
+
+# keycloak
+vault_admin_keycloak: admin
+vault_mdp_admin_keycloak: my_password
diff --git a/roles/install_keycloak/tasks/main.yml b/roles/install_keycloak/tasks/main.yml
index c5efe2e..de5724b 100644
--- a/roles/install_keycloak/tasks/main.yml
+++ b/roles/install_keycloak/tasks/main.yml
@@ -8,6 +8,14 @@
   debug:
     msg: This is a test server, do not use in production
 
+- name: Copy env variables
+  template:
+    src: dot_env.j2
+    dest: /var/local/keycloak/.env
+    mode: 0400
+    owner: root
+    group: staff
+
 - name: Copy docker-compose.yml
   template:
     src: docker-compose.yml.j2
diff --git a/roles/install_keycloak/templates/docker-compose.yml.j2 b/roles/install_keycloak/templates/docker-compose.yml.j2
index 37532be..0c7806f 100644
--- a/roles/install_keycloak/templates/docker-compose.yml.j2
+++ b/roles/install_keycloak/templates/docker-compose.yml.j2
@@ -6,5 +6,8 @@ services:
     image: jboss/keycloak
     container_name: keycloak
     restart: always
+    environment:
+      - "KEYCLOAK_USER=${USERNAME}"
+      - "KEYCLOAK_PASSWORD=${PASSWORD}"
     ports:
-      - "80:8080"
+      - 80:8080
diff --git a/roles/install_keycloak/templates/dot_env.j2 b/roles/install_keycloak/templates/dot_env.j2
new file mode 100644
index 0000000..dd648b0
--- /dev/null
+++ b/roles/install_keycloak/templates/dot_env.j2
@@ -0,0 +1,4 @@
+# {{ ansible_managed }}
+
+USERNAME={{ vault_admin_keycloak }}
+PASSWORD={{ vault_mdp_admin_keycloak }}