feat: ubuntu compatibility

2025-07-29 08:01:33 -07:00 · 2024-03-16 18:17:20 +00:00 · 2024-03-16 18:17:20 +00:00 · b9d9874a00
commit b9d9874a00
parent d74820190f
22 changed files with 222 additions and 26 deletions
--- a/roles/keycloak_quarkus/tasks/debian.yml
+++ b/roles/keycloak_quarkus/tasks/debian.yml
@ -0,0 +1,6 @@
+---
+- name: Include firewall config tasks
+  ansible.builtin.include_tasks: iptables.yml
+  when: keycloak_configure_iptables
+  tags:
+    - firewall
--- a/roles/keycloak_quarkus/tasks/fastpackages.yml
+++ b/roles/keycloak_quarkus/tasks/fastpackages.yml
@ -4,14 +4,27 @@
  register: rpm_info
  changed_when: false
  failed_when: false
+  when: ansible_facts.os_family == "RedHat"

 - name: "Add missing packages to the yum install list"
  ansible.builtin.set_fact:
    packages_to_install: "{{ packages_to_install | default([]) + rpm_info.stdout_lines | map('regex_findall', 'package (.+) is not installed$') | default([]) | flatten }}"
+  when: ansible_facts.os_family == "RedHat"

 - name: "Install packages: {{ packages_to_install }}"
  become: true
  ansible.builtin.yum:
    name: "{{ packages_to_install }}"
    state: present
-  when: packages_to_install | default([]) | length > 0
+  when:
+  - packages_to_install | default([]) | length > 0
+  - ansible_facts.os_family == "RedHat"
+
+- name: "Install packages: {{ packages_list }}"
+  become: true
+  ansible.builtin.package:
+    name: "{{ packages_list }}"
+    state: present
+  when:
+    - packages_list | default([]) | length > 0
+    - ansible_facts.os_family == "Debian"
--- a/roles/keycloak_quarkus/tasks/iptables.yml
+++ b/roles/keycloak_quarkus/tasks/iptables.yml
@ -0,0 +1,20 @@
+---
+- name: Ensure required package iptables are installed
+  ansible.builtin.include_tasks: fastpackages.yml
+  vars:
+    packages_list:
+      - iptables
+
+- name: "Configure firewall ports for {{ keycloak.service_name }}"
+  become: true
+  ansible.builtin.iptables:
+    destination_port: "{{ item }}"
+    action: "insert"
+    rule_num: 6 # magic number I forget why
+    chain: "INPUT"
+    policy: "ACCEPT"
+    protocol: tcp
+  loop:
+    - "{{ keycloak_quarkus_http_port }}"
+    - "{{ keycloak_quarkus_https_port }}"
+    - "{{ keycloak_quarkus_jgroups_port }}"
--- a/roles/keycloak_quarkus/tasks/main.yml
+++ b/roles/keycloak_quarkus/tasks/main.yml
@ -5,11 +5,17 @@
  tags:
    - prereqs

- name: Include firewall config tasks
-  ansible.builtin.include_tasks: firewalld.yml
-  when: keycloak_quarkus_configure_firewalld
+- name: Debian specific tasks
+  ansible.builtin.include_tasks: debian.yml
+  when: ansible_facts.os_family == "Debian"
  tags:
-    - firewall
+    - unbound
+
+- name: RedHat specific tasks
+  ansible.builtin.include_tasks: redhat.yml
+  when: ansible_facts.os_family == "RedHat"
+  tags:
+    - unbound

 - name: Include install tasks
  ansible.builtin.include_tasks: install.yml
--- a/roles/keycloak_quarkus/tasks/prereqs.yml
+++ b/roles/keycloak_quarkus/tasks/prereqs.yml
@ -29,6 +29,6 @@
    packages_list:
      - "{{ keycloak_quarkus_jvm_package }}"
      - unzip
-      - procps-ng
-      - initscripts
-      - tzdata-java
+      - "{{ 'procps-ng' if ansible_facts.os_family == 'RedHat' else 'procps' }}"
+      - "{{ 'initscripts' if ansible_facts.os_family == 'RedHat' else 'apt' }}"
+      - "{{ 'tzdata-java' if ansible_facts.os_family == 'RedHat' else 'tzdata' }}"
--- a/roles/keycloak_quarkus/tasks/redhat.yml
+++ b/roles/keycloak_quarkus/tasks/redhat.yml
@ -0,0 +1,6 @@
+---
+- name: Include firewall config tasks
+  ansible.builtin.include_tasks: firewalld.yml
+  when: keycloak_quarkus_configure_firewalld
+  tags:
+    - firewall
--- a/roles/keycloak_quarkus/tasks/systemd.yml
+++ b/roles/keycloak_quarkus/tasks/systemd.yml
@ -2,8 +2,31 @@
 - name: Determine JAVA_HOME for selected JVM RPM
  ansible.builtin.set_fact:
    rpm_java_home: "/etc/alternatives/jre_{{ keycloak_quarkus_jvm_package | regex_search('(?<=java-)[0-9.]+') }}"
+  when:
+    - ansible_facts.os_family == "RedHat"

- name: "Configure sysconfig file for keycloak service"
+- name: Determine JAVA_HOME for selected JVM RPM
+  ansible.builtin.set_fact:
+    rpm_java_home: "/lib/jvm/java-{{ keycloak_quarkus_jvm_package | regex_search('(?!:openjdk-)[0-9.]+') }}-openjdk-{{ 'arm64' if ansible_architecture == 'aarch64' else 'amd64' }}"
+  when:
+    - ansible_facts.os_family == "Debian"
+
+- name: "Configure sysconfig file for {{ keycloak.service_name }} service"
+  become: true
+  ansible.builtin.template:
+    src: keycloak-sysconfig.j2
+    dest: /etc/default/keycloak
+    owner: root
+    group: root
+    mode: 0644
+  vars:
+    keycloak_rpm_java_home: "{{ rpm_java_home }}"
+  when:
+    - ansible_facts.os_family == "Debian"
+  notify:
+    - restart keycloak
+
+- name: "Configure sysconfig file for {{ keycloak.service_name }} service"
  become: true
  ansible.builtin.template:
    src: keycloak-sysconfig.j2
@ -13,6 +36,8 @@
    mode: 0644
  vars:
    keycloak_rpm_java_home: "{{ rpm_java_home }}"
+  when:
+    - ansible_facts.os_family == "RedHat"
  notify:
    - restart keycloak