mirror of
https://github.com/ansible-middleware/keycloak.git
synced 2025-04-06 10:50:31 -07:00
Guido Grazioli
GitHub
commit
7a0a99a31c
22 changed files with 234 additions and 25 deletions
11
bindep.txt
11
bindep.txt
|
|
@ -1,8 +1,9 @@
|
||||||
|
python3-dev [compile platform:dpkg]
|
||||||
python3-devel [compile platform:rpm]
|
python3-devel [compile platform:rpm]
|
||||||
python39-devel [compile platform:centos-8 platform:rhel-8]
|
python39-devel [compile platform:centos-8 platform:rhel-8]
|
||||||
git-lfs [platform:rpm]
|
git-lfs [platform:rpm platform:dpkg]
|
||||||
python3-netaddr [platform:rpm]
|
python3-netaddr [platform:rpm platform:dpkg]
|
||||||
python3-lxml [platform:rpm]
|
python3-lxml [platform:rpm platform:dpkg]
|
||||||
python3-jmespath [platform:rpm]
|
python3-jmespath [platform:rpm platform:dpkg]
|
||||||
python3-requests [platform:rpm]
|
python3-requests [platform:rpm platform:dpkg]
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -18,5 +18,12 @@
|
||||||
name:
|
name:
|
||||||
- java-1.8.0-openjdk
|
- java-1.8.0-openjdk
|
||||||
state: present
|
state: present
|
||||||
|
when: ansible_facts['os_family'] == "RedHat"
|
||||||
|
|
||||||
|
- name: Install JDK8
|
||||||
|
become: yes
|
||||||
|
ansible.builtin.apt:
|
||||||
|
name:
|
||||||
|
- openjdk-8-jdk
|
||||||
|
state: present
|
||||||
|
when: ansible_facts['os_family'] == "Debian"
|
||||||
|
|
|
||||||
|
|
@ -2,6 +2,15 @@
|
||||||
- name: Prepare
|
- name: Prepare
|
||||||
hosts: all
|
hosts: all
|
||||||
tasks:
|
tasks:
|
||||||
|
- name: Install sudo
|
||||||
|
ansible.builtin.apt:
|
||||||
|
name:
|
||||||
|
- sudo
|
||||||
|
- openjdk-17-jdk-headless
|
||||||
|
state: present
|
||||||
|
when:
|
||||||
|
- ansible_facts.os_family == 'Debian'
|
||||||
|
|
||||||
- name: "Ensure common prepare phase are set."
|
- name: "Ensure common prepare phase are set."
|
||||||
ansible.builtin.include_tasks: ../prepare.yml
|
ansible.builtin.include_tasks: ../prepare.yml
|
||||||
|
|
||||||
|
|
@ -11,11 +20,30 @@
|
||||||
name:
|
name:
|
||||||
- java-17-openjdk-headless
|
- java-17-openjdk-headless
|
||||||
state: present
|
state: present
|
||||||
|
when:
|
||||||
|
- ansible_facts.os_family == 'RedHat'
|
||||||
|
|
||||||
- name: Link default logs directory
|
- name: Link default logs directory
|
||||||
become: yes
|
become: yes
|
||||||
|
ansible.builtin.file:
|
||||||
|
state: link
|
||||||
|
src: "{{ item }}"
|
||||||
|
dest: /opt/openjdk
|
||||||
|
force: true
|
||||||
|
with_fileglob:
|
||||||
|
- /usr/lib/jvm/java-17-openjdk*
|
||||||
|
when:
|
||||||
|
- ansible_facts.os_family == "Debian"
|
||||||
|
|
||||||
|
- name: Link default logs directory
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
state: link
|
state: link
|
||||||
src: /usr/lib/jvm/jre-17-openjdk
|
src: /usr/lib/jvm/jre-17-openjdk
|
||||||
dest: /opt/openjdk
|
dest: /opt/openjdk
|
||||||
force: true
|
force: true
|
||||||
|
when:
|
||||||
|
- ansible_facts.os_family == "RedHat"
|
||||||
|
|
||||||
|
- name: "Display hera_home if defined."
|
||||||
|
ansible.builtin.set_fact:
|
||||||
|
hera_home: "{{ lookup('env', 'HERA_HOME') }}"
|
||||||
|
|
|
||||||
|
|
@ -2,6 +2,15 @@
|
||||||
- name: Prepare
|
- name: Prepare
|
||||||
hosts: all
|
hosts: all
|
||||||
tasks:
|
tasks:
|
||||||
|
- name: Install sudo
|
||||||
|
ansible.builtin.package:
|
||||||
|
name: sudo
|
||||||
|
state: present
|
||||||
|
|
||||||
|
- name: "Display hera_home if defined."
|
||||||
|
ansible.builtin.set_fact:
|
||||||
|
hera_home: "{{ lookup('env', 'HERA_HOME') }}"
|
||||||
|
|
||||||
- name: "Ensure common prepare phase are set."
|
- name: "Ensure common prepare phase are set."
|
||||||
ansible.builtin.include_tasks: ../prepare.yml
|
ansible.builtin.include_tasks: ../prepare.yml
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -10,6 +10,7 @@ Requirements
|
||||||
This role requires the `python3-netaddr` library installed on the controller node.
|
This role requires the `python3-netaddr` library installed on the controller node.
|
||||||
|
|
||||||
* to install via yum/dnf: `dnf install python3-netaddr`
|
* to install via yum/dnf: `dnf install python3-netaddr`
|
||||||
|
* to install via apt: `apt install python3-netaddr`
|
||||||
* or via pip: `pip install netaddr==0.8.0`
|
* or via pip: `pip install netaddr==0.8.0`
|
||||||
* or via the collection: `pip install -r requirements.txt`
|
* or via the collection: `pip install -r requirements.txt`
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -8,7 +8,8 @@ keycloak_installdir: "{{ keycloak_dest }}/keycloak-{{ keycloak_version }}"
|
||||||
keycloak_offline_install: false
|
keycloak_offline_install: false
|
||||||
|
|
||||||
### Install location and service settings
|
### Install location and service settings
|
||||||
keycloak_jvm_package: java-1.8.0-openjdk-headless
|
keycloak_jvm_package: "{{ 'java-1.8.0-openjdk-headless' if ansible_facts.os_family == 'RedHat' else 'openjdk-8-jdk-headless' }}"
|
||||||
|
|
||||||
keycloak_java_home:
|
keycloak_java_home:
|
||||||
keycloak_dest: /opt/keycloak
|
keycloak_dest: /opt/keycloak
|
||||||
keycloak_jboss_home: "{{ keycloak_installdir }}"
|
keycloak_jboss_home: "{{ keycloak_installdir }}"
|
||||||
|
|
@ -33,6 +34,7 @@ keycloak_service_startlimitburst: "5"
|
||||||
keycloak_service_restartsec: "10s"
|
keycloak_service_restartsec: "10s"
|
||||||
|
|
||||||
keycloak_configure_firewalld: false
|
keycloak_configure_firewalld: false
|
||||||
|
keycloak_configure_iptables: false
|
||||||
|
|
||||||
### administrator console password
|
### administrator console password
|
||||||
keycloak_admin_password: ''
|
keycloak_admin_password: ''
|
||||||
|
|
|
||||||
|
|
@ -11,6 +11,11 @@ argument_specs:
|
||||||
default: "keycloak-legacy-{{ keycloak_version }}.zip"
|
default: "keycloak-legacy-{{ keycloak_version }}.zip"
|
||||||
description: "keycloak install archive filename"
|
description: "keycloak install archive filename"
|
||||||
type: "str"
|
type: "str"
|
||||||
|
keycloak_configure_iptables:
|
||||||
|
# line 33 of keycloak/defaults/main.yml
|
||||||
|
default: false
|
||||||
|
description: "Ensure iptables is running and configure keycloak ports"
|
||||||
|
type: "bool"
|
||||||
keycloak_configure_firewalld:
|
keycloak_configure_firewalld:
|
||||||
# line 33 of keycloak/defaults/main.yml
|
# line 33 of keycloak/defaults/main.yml
|
||||||
default: false
|
default: false
|
||||||
|
|
|
||||||
6
roles/keycloak/tasks/debian.yml
Normal file
6
roles/keycloak/tasks/debian.yml
Normal file
|
|
@ -0,0 +1,6 @@
|
||||||
|
---
|
||||||
|
- name: Include firewall config tasks
|
||||||
|
ansible.builtin.include_tasks: iptables.yml
|
||||||
|
when: keycloak_configure_iptables
|
||||||
|
tags:
|
||||||
|
- firewall
|
||||||
|
|
@ -4,14 +4,27 @@
|
||||||
register: rpm_info
|
register: rpm_info
|
||||||
changed_when: false
|
changed_when: false
|
||||||
failed_when: false
|
failed_when: false
|
||||||
|
when: ansible_facts.os_family == "RedHat"
|
||||||
|
|
||||||
- name: "Add missing packages to the yum install list"
|
- name: "Add missing packages to the yum install list"
|
||||||
ansible.builtin.set_fact:
|
ansible.builtin.set_fact:
|
||||||
packages_to_install: "{{ packages_to_install | default([]) + rpm_info.stdout_lines | map('regex_findall', 'package (.+) is not installed$') | default([]) | flatten }}"
|
packages_to_install: "{{ packages_to_install | default([]) + rpm_info.stdout_lines | map('regex_findall', 'package (.+) is not installed$') | default([]) | flatten }}"
|
||||||
|
when: ansible_facts.os_family == "RedHat"
|
||||||
|
|
||||||
- name: "Install packages: {{ packages_to_install }}"
|
- name: "Install packages: {{ packages_to_install }}"
|
||||||
become: true
|
become: true
|
||||||
ansible.builtin.yum:
|
ansible.builtin.yum:
|
||||||
name: "{{ packages_to_install }}"
|
name: "{{ packages_to_install }}"
|
||||||
state: present
|
state: present
|
||||||
when: packages_to_install | default([]) | length > 0
|
when:
|
||||||
|
- packages_to_install | default([]) | length > 0
|
||||||
|
- ansible_facts.os_family == "RedHat"
|
||||||
|
|
||||||
|
- name: "Install packages: {{ packages_list }}"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.package:
|
||||||
|
name: "{{ packages_list }}"
|
||||||
|
state: present
|
||||||
|
when:
|
||||||
|
- packages_list | default([]) | length > 0
|
||||||
|
- ansible_facts.os_family == "Debian"
|
||||||
|
|
|
||||||
23
roles/keycloak/tasks/iptables.yml
Normal file
23
roles/keycloak/tasks/iptables.yml
Normal file
|
|
@ -0,0 +1,23 @@
|
||||||
|
---
|
||||||
|
- name: Ensure required package iptables are installed
|
||||||
|
ansible.builtin.include_tasks: fastpackages.yml
|
||||||
|
vars:
|
||||||
|
packages_list:
|
||||||
|
- iptables
|
||||||
|
|
||||||
|
- name: "Configure firewall ports for {{ keycloak.service_name }}"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.iptables:
|
||||||
|
destination_port: "{{ item }}"
|
||||||
|
action: "insert"
|
||||||
|
rule_num: 6 # magic number I forget why
|
||||||
|
chain: "INPUT"
|
||||||
|
policy: "ACCEPT"
|
||||||
|
protocol: tcp
|
||||||
|
loop:
|
||||||
|
- "{{ keycloak_http_port }}"
|
||||||
|
- "{{ keycloak_https_port }}"
|
||||||
|
- "{{ keycloak_management_http_port }}"
|
||||||
|
- "{{ keycloak_management_https_port }}"
|
||||||
|
- "{{ keycloak_jgroups_port }}"
|
||||||
|
- "{{ keycloak_ajp_port }}"
|
||||||
|
|
@ -5,11 +5,17 @@
|
||||||
tags:
|
tags:
|
||||||
- prereqs
|
- prereqs
|
||||||
|
|
||||||
- name: Include firewall config tasks
|
- name: Debian specific tasks
|
||||||
ansible.builtin.include_tasks: firewalld.yml
|
ansible.builtin.include_tasks: debian.yml
|
||||||
when: keycloak_configure_firewalld
|
when: ansible_facts.os_family == "Debian"
|
||||||
tags:
|
tags:
|
||||||
- firewall
|
- unbound
|
||||||
|
|
||||||
|
- name: RedHat specific tasks
|
||||||
|
ansible.builtin.include_tasks: redhat.yml
|
||||||
|
when: ansible_facts.os_family == "RedHat"
|
||||||
|
tags:
|
||||||
|
- unbound
|
||||||
|
|
||||||
- name: Include install tasks
|
- name: Include install tasks
|
||||||
ansible.builtin.include_tasks: install.yml
|
ansible.builtin.include_tasks: install.yml
|
||||||
|
|
@ -26,6 +32,7 @@
|
||||||
when:
|
when:
|
||||||
- sso_apply_patches is defined and sso_apply_patches
|
- sso_apply_patches is defined and sso_apply_patches
|
||||||
- sso_enable is defined and sso_enable
|
- sso_enable is defined and sso_enable
|
||||||
|
- ansible_facts.os_family == "RedHat"
|
||||||
tags:
|
tags:
|
||||||
- install
|
- install
|
||||||
- patch
|
- patch
|
||||||
|
|
|
||||||
|
|
@ -42,6 +42,6 @@
|
||||||
packages_list:
|
packages_list:
|
||||||
- "{{ keycloak_jvm_package }}"
|
- "{{ keycloak_jvm_package }}"
|
||||||
- unzip
|
- unzip
|
||||||
- procps-ng
|
- "{{ 'procps-ng' if ansible_facts.os_family == 'RedHat' else 'procps' }}"
|
||||||
- initscripts
|
- "{{ 'initscripts' if ansible_facts.os_family == 'RedHat' else 'apt' }}"
|
||||||
- tzdata-java
|
- "{{ 'tzdata-java' if ansible_facts.os_family == 'RedHat' else 'tzdata' }}"
|
||||||
|
|
|
||||||
6
roles/keycloak/tasks/redhat.yml
Normal file
6
roles/keycloak/tasks/redhat.yml
Normal file
|
|
@ -0,0 +1,6 @@
|
||||||
|
---
|
||||||
|
- name: Include firewall config tasks
|
||||||
|
ansible.builtin.include_tasks: firewalld.yml
|
||||||
|
when: keycloak_configure_firewalld
|
||||||
|
tags:
|
||||||
|
- firewall
|
||||||
|
|
@ -10,9 +10,32 @@
|
||||||
notify:
|
notify:
|
||||||
- restart keycloak
|
- restart keycloak
|
||||||
|
|
||||||
|
- name: Determine JAVA_HOME for selected JVM RPM
|
||||||
|
ansible.builtin.set_fact:
|
||||||
|
rpm_java_home: "/lib/jvm/java-{{ keycloak_jvm_package | regex_search('(?<=java-)[0-9.]+') }}-openjdk-{{ 'arm64' if ansible_architecture == 'aarch64' else 'amd64' }}"
|
||||||
|
when:
|
||||||
|
- ansible_facts.os_family == 'Debian'
|
||||||
|
|
||||||
- name: Determine JAVA_HOME for selected JVM RPM
|
- name: Determine JAVA_HOME for selected JVM RPM
|
||||||
ansible.builtin.set_fact:
|
ansible.builtin.set_fact:
|
||||||
rpm_java_home: "/etc/alternatives/jre_{{ keycloak_jvm_package | regex_search('(?<=java-)[0-9.]+') }}"
|
rpm_java_home: "/etc/alternatives/jre_{{ keycloak_jvm_package | regex_search('(?<=java-)[0-9.]+') }}"
|
||||||
|
when:
|
||||||
|
- ansible_facts.os_family == 'RedHat'
|
||||||
|
|
||||||
|
- name: "Configure sysconfig file for {{ keycloak.service_name }} service"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: keycloak-sysconfig.j2
|
||||||
|
dest: /etc/default/keycloak
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: 0644
|
||||||
|
vars:
|
||||||
|
keycloak_rpm_java_home: "{{ rpm_java_home }}"
|
||||||
|
when:
|
||||||
|
- ansible_facts.os_family == "Debian"
|
||||||
|
notify:
|
||||||
|
- restart keycloak
|
||||||
|
|
||||||
- name: "Configure sysconfig file for {{ keycloak.service_name }} service"
|
- name: "Configure sysconfig file for {{ keycloak.service_name }} service"
|
||||||
become: true
|
become: true
|
||||||
|
|
@ -24,6 +47,8 @@
|
||||||
mode: 0644
|
mode: 0644
|
||||||
vars:
|
vars:
|
||||||
keycloak_rpm_java_home: "{{ rpm_java_home }}"
|
keycloak_rpm_java_home: "{{ rpm_java_home }}"
|
||||||
|
when:
|
||||||
|
- ansible_facts.os_family == "RedHat"
|
||||||
notify:
|
notify:
|
||||||
- restart keycloak
|
- restart keycloak
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -9,7 +9,7 @@ keycloak_quarkus_installdir: "{{ keycloak_quarkus_dest }}/keycloak-{{ keycloak_q
|
||||||
keycloak_quarkus_offline_install: false
|
keycloak_quarkus_offline_install: false
|
||||||
|
|
||||||
### Install location and service settings
|
### Install location and service settings
|
||||||
keycloak_quarkus_jvm_package: java-17-openjdk-headless
|
keycloak_quarkus_jvm_package: "{{ 'java-17-openjdk-headless' if ansible_facts.os_family == 'RedHat' else 'openjdk-17-jdk-headless' }}"
|
||||||
keycloak_quarkus_java_home:
|
keycloak_quarkus_java_home:
|
||||||
keycloak_quarkus_dest: /opt/keycloak
|
keycloak_quarkus_dest: /opt/keycloak
|
||||||
keycloak_quarkus_home: "{{ keycloak_quarkus_installdir }}"
|
keycloak_quarkus_home: "{{ keycloak_quarkus_installdir }}"
|
||||||
|
|
|
||||||
6
roles/keycloak_quarkus/tasks/debian.yml
Normal file
6
roles/keycloak_quarkus/tasks/debian.yml
Normal file
|
|
@ -0,0 +1,6 @@
|
||||||
|
---
|
||||||
|
- name: Include firewall config tasks
|
||||||
|
ansible.builtin.include_tasks: iptables.yml
|
||||||
|
when: keycloak_configure_iptables
|
||||||
|
tags:
|
||||||
|
- firewall
|
||||||
|
|
@ -4,14 +4,27 @@
|
||||||
register: rpm_info
|
register: rpm_info
|
||||||
changed_when: false
|
changed_when: false
|
||||||
failed_when: false
|
failed_when: false
|
||||||
|
when: ansible_facts.os_family == "RedHat"
|
||||||
|
|
||||||
- name: "Add missing packages to the yum install list"
|
- name: "Add missing packages to the yum install list"
|
||||||
ansible.builtin.set_fact:
|
ansible.builtin.set_fact:
|
||||||
packages_to_install: "{{ packages_to_install | default([]) + rpm_info.stdout_lines | map('regex_findall', 'package (.+) is not installed$') | default([]) | flatten }}"
|
packages_to_install: "{{ packages_to_install | default([]) + rpm_info.stdout_lines | map('regex_findall', 'package (.+) is not installed$') | default([]) | flatten }}"
|
||||||
|
when: ansible_facts.os_family == "RedHat"
|
||||||
|
|
||||||
- name: "Install packages: {{ packages_to_install }}"
|
- name: "Install packages: {{ packages_to_install }}"
|
||||||
become: true
|
become: true
|
||||||
ansible.builtin.yum:
|
ansible.builtin.yum:
|
||||||
name: "{{ packages_to_install }}"
|
name: "{{ packages_to_install }}"
|
||||||
state: present
|
state: present
|
||||||
when: packages_to_install | default([]) | length > 0
|
when:
|
||||||
|
- packages_to_install | default([]) | length > 0
|
||||||
|
- ansible_facts.os_family == "RedHat"
|
||||||
|
|
||||||
|
- name: "Install packages: {{ packages_list }}"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.package:
|
||||||
|
name: "{{ packages_list }}"
|
||||||
|
state: present
|
||||||
|
when:
|
||||||
|
- packages_list | default([]) | length > 0
|
||||||
|
- ansible_facts.os_family == "Debian"
|
||||||
|
|
|
||||||
20
roles/keycloak_quarkus/tasks/iptables.yml
Normal file
20
roles/keycloak_quarkus/tasks/iptables.yml
Normal file
|
|
@ -0,0 +1,20 @@
|
||||||
|
---
|
||||||
|
- name: Ensure required package iptables are installed
|
||||||
|
ansible.builtin.include_tasks: fastpackages.yml
|
||||||
|
vars:
|
||||||
|
packages_list:
|
||||||
|
- iptables
|
||||||
|
|
||||||
|
- name: "Configure firewall ports for {{ keycloak.service_name }}"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.iptables:
|
||||||
|
destination_port: "{{ item }}"
|
||||||
|
action: "insert"
|
||||||
|
rule_num: 6 # magic number I forget why
|
||||||
|
chain: "INPUT"
|
||||||
|
policy: "ACCEPT"
|
||||||
|
protocol: tcp
|
||||||
|
loop:
|
||||||
|
- "{{ keycloak_quarkus_http_port }}"
|
||||||
|
- "{{ keycloak_quarkus_https_port }}"
|
||||||
|
- "{{ keycloak_quarkus_jgroups_port }}"
|
||||||
|
|
@ -5,11 +5,17 @@
|
||||||
tags:
|
tags:
|
||||||
- prereqs
|
- prereqs
|
||||||
|
|
||||||
- name: Include firewall config tasks
|
- name: Debian specific tasks
|
||||||
ansible.builtin.include_tasks: firewalld.yml
|
ansible.builtin.include_tasks: debian.yml
|
||||||
when: keycloak_quarkus_configure_firewalld
|
when: ansible_facts.os_family == "Debian"
|
||||||
tags:
|
tags:
|
||||||
- firewall
|
- unbound
|
||||||
|
|
||||||
|
- name: RedHat specific tasks
|
||||||
|
ansible.builtin.include_tasks: redhat.yml
|
||||||
|
when: ansible_facts.os_family == "RedHat"
|
||||||
|
tags:
|
||||||
|
- unbound
|
||||||
|
|
||||||
- name: Include install tasks
|
- name: Include install tasks
|
||||||
ansible.builtin.include_tasks: install.yml
|
ansible.builtin.include_tasks: install.yml
|
||||||
|
|
|
||||||
|
|
@ -29,6 +29,6 @@
|
||||||
packages_list:
|
packages_list:
|
||||||
- "{{ keycloak_quarkus_jvm_package }}"
|
- "{{ keycloak_quarkus_jvm_package }}"
|
||||||
- unzip
|
- unzip
|
||||||
- procps-ng
|
- "{{ 'procps-ng' if ansible_facts.os_family == 'RedHat' else 'procps' }}"
|
||||||
- initscripts
|
- "{{ 'initscripts' if ansible_facts.os_family == 'RedHat' else 'apt' }}"
|
||||||
- tzdata-java
|
- "{{ 'tzdata-java' if ansible_facts.os_family == 'RedHat' else 'tzdata' }}"
|
||||||
|
|
|
||||||
6
roles/keycloak_quarkus/tasks/redhat.yml
Normal file
6
roles/keycloak_quarkus/tasks/redhat.yml
Normal file
|
|
@ -0,0 +1,6 @@
|
||||||
|
---
|
||||||
|
- name: Include firewall config tasks
|
||||||
|
ansible.builtin.include_tasks: firewalld.yml
|
||||||
|
when: keycloak_quarkus_configure_firewalld
|
||||||
|
tags:
|
||||||
|
- firewall
|
||||||
|
|
@ -2,8 +2,31 @@
|
||||||
- name: Determine JAVA_HOME for selected JVM RPM
|
- name: Determine JAVA_HOME for selected JVM RPM
|
||||||
ansible.builtin.set_fact:
|
ansible.builtin.set_fact:
|
||||||
rpm_java_home: "/etc/alternatives/jre_{{ keycloak_quarkus_jvm_package | regex_search('(?<=java-)[0-9.]+') }}"
|
rpm_java_home: "/etc/alternatives/jre_{{ keycloak_quarkus_jvm_package | regex_search('(?<=java-)[0-9.]+') }}"
|
||||||
|
when:
|
||||||
|
- ansible_facts.os_family == "RedHat"
|
||||||
|
|
||||||
- name: "Configure sysconfig file for keycloak service"
|
- name: Determine JAVA_HOME for selected JVM RPM
|
||||||
|
ansible.builtin.set_fact:
|
||||||
|
rpm_java_home: "/lib/jvm/java-{{ keycloak_quarkus_jvm_package | regex_search('(?!:openjdk-)[0-9.]+') }}-openjdk-{{ 'arm64' if ansible_architecture == 'aarch64' else 'amd64' }}"
|
||||||
|
when:
|
||||||
|
- ansible_facts.os_family == "Debian"
|
||||||
|
|
||||||
|
- name: "Configure sysconfig file for {{ keycloak.service_name }} service"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: keycloak-sysconfig.j2
|
||||||
|
dest: /etc/default/keycloak
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: 0644
|
||||||
|
vars:
|
||||||
|
keycloak_rpm_java_home: "{{ rpm_java_home }}"
|
||||||
|
when:
|
||||||
|
- ansible_facts.os_family == "Debian"
|
||||||
|
notify:
|
||||||
|
- restart keycloak
|
||||||
|
|
||||||
|
- name: "Configure sysconfig file for {{ keycloak.service_name }} service"
|
||||||
become: true
|
become: true
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: keycloak-sysconfig.j2
|
src: keycloak-sysconfig.j2
|
||||||
|
|
@ -13,6 +36,8 @@
|
||||||
mode: 0644
|
mode: 0644
|
||||||
vars:
|
vars:
|
||||||
keycloak_rpm_java_home: "{{ rpm_java_home }}"
|
keycloak_rpm_java_home: "{{ rpm_java_home }}"
|
||||||
|
when:
|
||||||
|
- ansible_facts.os_family == "RedHat"
|
||||||
notify:
|
notify:
|
||||||
- restart keycloak
|
- restart keycloak
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue