--- # tasks file for keycloak - name: Check prerequisites ansible.builtin.include_tasks: prereqs.yml tags: - prereqs - always - name: Check for deprecations ansible.builtin.include_tasks: deprecations.yml tags: - always - name: Distro specific tasks ansible.builtin.include_tasks: "{{ ansible_os_family | lower }}.yml" tags: - unbound - name: Include install tasks ansible.builtin.include_tasks: install.yml tags: - install - name: Include systemd tasks ansible.builtin.include_tasks: systemd.yml tags: - systemd - name: Include configuration key store tasks when: keycloak.config_key_store_enabled ansible.builtin.include_tasks: config_store.yml tags: - install - name: Create tcpping cluster node list ansible.builtin.set_fact: keycloak_quarkus_cluster_nodes: > {{ keycloak_quarkus_cluster_nodes | default([]) + [ { "name": item, "address": 'jgroups-' + item, "inventory_host": hostvars[item].ansible_default_ipv4.address | default(item) + '[' + (keycloak_quarkus_jgroups_port | string) + ']', "value": hostvars[item].ansible_default_ipv4.address | default(item) } ] }} loop: "{{ ansible_play_batch }}" when: keycloak_quarkus_ha_enabled and keycloak_quarkus_ha_discovery == 'TCPPING' - name: "Configure config files for keycloak service" ansible.builtin.template: src: "{{ item }}.j2" dest: "{{ keycloak.home }}/conf/{{ item }}" owner: "{{ keycloak.service_user }}" group: "{{ keycloak.service_group }}" mode: '0640' become: true loop: - keycloak.conf - quarkus.properties - cache-ispn.xml notify: - rebuild keycloak config - restart keycloak - name: Ensure logdirectory exists ansible.builtin.file: state: directory path: "{{ keycloak.log.file | dirname }}" owner: "{{ keycloak.service_user }}" group: "{{ keycloak.service_group }}" mode: '0775' become: true - name: Flush pending handlers ansible.builtin.meta: flush_handlers - name: "Start and wait for keycloak service" ansible.builtin.include_tasks: start.yml - name: Link default logs directory ansible.builtin.file: state: link src: "{{ keycloak.log.file | dirname }}" dest: "{{ keycloak_quarkus_log_target }}" force: true become: true - name: Check service status ansible.builtin.systemd_service: name: "{{ keycloak.service_name }}" register: keycloak_service_status changed_when: false - name: "Trigger bootstrapped notification: remove `keycloak_quarkus_admin_user[_pass]` env vars" when: - not ansible_local.keycloak.general.bootstrapped | default(false) | bool # it was not bootstrapped prior to the current role's execution - keycloak_service_status.status.ActiveState == "active" # but it is now ansible.builtin.assert: { that: true, quiet: true } changed_when: true notify: - bootstrapped - name: Flush pending handlers ansible.builtin.meta: flush_handlers