mirror of
https://github.com/ansible-middleware/keycloak.git
synced 2025-04-06 19:00:28 -07:00
99 lines
2.7 KiB
YAML
99 lines
2.7 KiB
YAML
---
|
|
# tasks file for keycloak
|
|
- name: Check prerequisites
|
|
ansible.builtin.include_tasks: prereqs.yml
|
|
tags:
|
|
- prereqs
|
|
|
|
- name: Include firewall config tasks
|
|
ansible.builtin.include_tasks: firewalld.yml
|
|
when: keycloak_quarkus_configure_firewalld
|
|
tags:
|
|
- firewall
|
|
|
|
- name: Include install tasks
|
|
ansible.builtin.include_tasks: install.yml
|
|
tags:
|
|
- install
|
|
|
|
- name: Include systemd tasks
|
|
ansible.builtin.include_tasks: systemd.yml
|
|
tags:
|
|
- systemd
|
|
|
|
- name: "Configure config for keycloak service"
|
|
ansible.builtin.template:
|
|
src: keycloak.conf.j2
|
|
dest: "{{ keycloak.home }}/conf/keycloak.conf"
|
|
owner: "{{ keycloak.service_user }}"
|
|
group: "{{ keycloak.service_group }}"
|
|
mode: 0644
|
|
become: true
|
|
notify:
|
|
- rebuild keycloak config
|
|
- restart keycloak
|
|
|
|
- name: "Configure quarkus config for keycloak service"
|
|
ansible.builtin.template:
|
|
src: quarkus.properties.j2
|
|
dest: "{{ keycloak.home }}/conf/quarkus.properties"
|
|
owner: "{{ keycloak.service_user }}"
|
|
group: "{{ keycloak.service_group }}"
|
|
mode: 0644
|
|
become: true
|
|
notify:
|
|
- restart keycloak
|
|
|
|
- name: Create tcpping cluster node list
|
|
ansible.builtin.set_fact:
|
|
keycloak_quarkus_cluster_nodes: >
|
|
{{ keycloak_quarkus_cluster_nodes | default([]) + [
|
|
{
|
|
"name": item,
|
|
"address": 'jgroups-' + item,
|
|
"inventory_host": hostvars[item].ansible_default_ipv4.address | default(item) + '[' + (keycloak_quarkus_jgroups_port | string) + ']',
|
|
"value": hostvars[item].ansible_default_ipv4.address | default(item)
|
|
}
|
|
] }}
|
|
loop: "{{ ansible_play_batch }}"
|
|
when: keycloak_quarkus_ha_enabled and keycloak_quarkus_ha_discovery == 'TCPPING'
|
|
|
|
- name: "Configure infinispan config for keycloak service"
|
|
ansible.builtin.template:
|
|
src: cache-ispn.xml
|
|
dest: "{{ keycloak.home }}/conf/cache-ispn.xml"
|
|
owner: "{{ keycloak.service_user }}"
|
|
group: "{{ keycloak.service_group }}"
|
|
mode: 0644
|
|
become: true
|
|
notify:
|
|
- rebuild keycloak config
|
|
- restart keycloak
|
|
|
|
- name: Ensure logdirectory exists
|
|
ansible.builtin.file:
|
|
state: directory
|
|
path: "{{ keycloak.log.file | dirname }}"
|
|
owner: "{{ keycloak.service_user }}"
|
|
group: "{{ keycloak.service_group }}"
|
|
mode: 0775
|
|
become: true
|
|
|
|
- name: Flush pending handlers
|
|
ansible.builtin.meta: flush_handlers
|
|
|
|
- name: "Start and wait for keycloak service"
|
|
ansible.builtin.include_tasks: start.yml
|
|
|
|
- name: Check service status
|
|
ansible.builtin.command: "systemctl status keycloak"
|
|
register: keycloak_service_status
|
|
changed_when: false
|
|
|
|
- name: Link default logs directory
|
|
ansible.builtin.file:
|
|
state: link
|
|
src: "{{ keycloak.log.file | dirname }}"
|
|
dest: "{{ keycloak_quarkus_log_target }}"
|
|
force: true
|
|
become: true
|