ansible-collections/middleware_automation.keycloak
1
0
Fork 0
mirror of https://github.com/ansible-middleware/keycloak.git synced 2025-04-08 11:50:29 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Merge pull request #140 from guidograzioli/molecule_jbcs_to_nginx

Browse source 
use nginx instead of jbcs for https_revproxy test
This commit is contained in:
Guido Grazioli 2023-12-05 20:09:08 +01:00 committed by GitHub
commit 33e6d428b5
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 26 additions and 26 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.github/workflows/ci.yml vendored
View file

@ -15,4 +15,4 @@ jobs:
with: with:
fqcn: 'middleware_automation/keycloak' fqcn: 'middleware_automation/keycloak'
molecule_tests: >- molecule_tests: >-
[ "default", "overridexml", "quarkus", "quarkus-devmode" ] [ "default", "overridexml", "https_revproxy", "quarkus", "quarkus-devmode" ]

2
molecule/https_revproxy/molecule.yml
View file

@ -41,8 +41,6 @@ provisioner:
ansible_python_interpreter: "{{ ansible_playbook_python }}" ansible_python_interpreter: "{{ ansible_playbook_python }}"
env: env:
ANSIBLE_FORCE_COLOR: "true" ANSIBLE_FORCE_COLOR: "true"
REDHAT_PRODUCT_DOWNLOAD_CLIENT_ID: "${PROD_JBOSSNETWORK_API_CLIENTID}"
REDHAT_PRODUCT_DOWNLOAD_CLIENT_SECRET: "${PROD_JBOSSNETWORK_API_SECRET}"
verifier: verifier:
name: ansible name: ansible
scenario: scenario:

45
molecule/https_revproxy/prepare.yml
View file

@ -3,7 +3,7 @@
hosts: all hosts: all
tasks: tasks:
- name: Install sudo - name: Install sudo
ansible.builtin.yum: ansible.builtin.dnf:
name: sudo name: sudo
state: present state: present
@ -14,36 +14,35 @@
- name: Prepare proxy - name: Prepare proxy
hosts: proxy hosts: proxy
vars: vars:
jbcs_mod_cluster_enable: True nginx_proxy: |
jbcs_configure_firewalld: False location / {
jbcs_offline_install: False proxy_set_header Host $host;
jbcs_bind_address: '*' proxy_set_header X-Real-IP $remote_addr;
jbcs_proxy_pass: proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- path: / proxy_set_header X-Forwarded-Proto $scheme;
url: http://instance:8080/ proxy_pass http://instance:8080;
reverse_path: / }
reverse_url: http://instance:8080/
external_domain_name: proxy
rhn_username: "{{ lookup('env', 'REDHAT_PRODUCT_DOWNLOAD_CLIENT_ID') }}"
rhn_password: "{{ lookup('env', 'REDHAT_PRODUCT_DOWNLOAD_CLIENT_SECRET') }}"
roles: roles:
- middleware_automation.jbcs.jbcs - elan.simple_nginx_reverse_proxy
pre_tasks: pre_tasks:
- name: Create certificate request - name: Create certificate request
ansible.builtin.command: openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 365 -nodes -subj '/CN=proxy' ansible.builtin.command: openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 365 -nodes -subj '/CN=proxy'
delegate_to: localhost delegate_to: localhost
changed_when: False changed_when: false
- name: Make certificate directory
ansible.builtin.file:
path: /etc/nginx/tls
state: directory
- name: Copy certificates - name: Copy certificates
ansible.builtin.copy: ansible.builtin.copy:
src: "{{ item.name }}" src: "{{ item.name }}"
dest: "{{ item.dest }}" dest: "{{ item.dest }}"
mode: 0444 mode: 0444
become: True become: true
loop: loop:
- { name: 'cert.pem', dest: '/etc/pki/tls/certs/proxy.crt' } - { name: 'cert.pem', dest: '/etc/nginx/tls/certificate.crt' }
- { name: 'key.pem', dest: '/etc/pki/tls/private/proxy.key' } - { name: 'key.pem', dest: '/etc/nginx/tls/certificate.key' }
- name: Update CA trust
- name: update_ca_trust ansible.builtin.command: update-ca-trust
command: update-ca-trust changed_when: false
become: True become: true

3
molecule/requirements.yml
View file

@ -6,3 +6,6 @@ collections:
- name: ansible.posix - name: ansible.posix
- name: community.docker - name: community.docker
version: ">=1.9.1" version: ">=1.9.1"
roles:
- name: elan.simple_nginx_reverse_proxy