mirror of
https://github.com/ansible-middleware/keycloak.git
synced 2025-04-07 03:10:31 -07:00
104 lines
2.9 KiB
YAML
104 lines
2.9 KiB
YAML
---
|
|
# tasks file for keycloak
|
|
- name: Check prerequisites
|
|
ansible.builtin.include_tasks: prereqs.yml
|
|
tags:
|
|
- prereqs
|
|
- always
|
|
|
|
- name: Check for deprecations
|
|
ansible.builtin.include_tasks: deprecations.yml
|
|
tags:
|
|
- always
|
|
|
|
- name: Distro specific tasks
|
|
ansible.builtin.include_tasks: "{{ ansible_os_family | lower }}.yml"
|
|
tags:
|
|
- unbound
|
|
|
|
- name: Include install tasks
|
|
ansible.builtin.include_tasks: install.yml
|
|
tags:
|
|
- install
|
|
|
|
- name: Include systemd tasks
|
|
ansible.builtin.include_tasks: systemd.yml
|
|
tags:
|
|
- systemd
|
|
|
|
- name: Include configuration key store tasks
|
|
when: keycloak.config_key_store_enabled
|
|
ansible.builtin.include_tasks: config_store.yml
|
|
tags:
|
|
- install
|
|
|
|
- name: Create tcpping cluster node list
|
|
ansible.builtin.set_fact:
|
|
keycloak_quarkus_cluster_nodes: >
|
|
{{ keycloak_quarkus_cluster_nodes | default([]) + [
|
|
{
|
|
"name": item,
|
|
"address": 'jgroups-' + item,
|
|
"inventory_host": hostvars[item].ansible_default_ipv4.address | default(item) + '[' + (keycloak_quarkus_jgroups_port | string) + ']',
|
|
"value": hostvars[item].ansible_default_ipv4.address | default(item)
|
|
}
|
|
] }}
|
|
loop: "{{ ansible_play_batch }}"
|
|
when: keycloak_quarkus_ha_enabled and keycloak_quarkus_ha_discovery == 'TCPPING'
|
|
|
|
- name: "Configure config files for keycloak service"
|
|
ansible.builtin.template:
|
|
src: "{{ item }}.j2"
|
|
dest: "{{ keycloak.home }}/conf/{{ item }}"
|
|
owner: "{{ keycloak.service_user }}"
|
|
group: "{{ keycloak.service_group }}"
|
|
mode: '0640'
|
|
become: true
|
|
loop:
|
|
- keycloak.conf
|
|
- quarkus.properties
|
|
- cache-ispn.xml
|
|
notify:
|
|
- rebuild keycloak config
|
|
- restart keycloak
|
|
|
|
- name: Ensure logdirectory exists
|
|
ansible.builtin.file:
|
|
state: directory
|
|
path: "{{ keycloak.log.file | dirname }}"
|
|
owner: "{{ keycloak.service_user }}"
|
|
group: "{{ keycloak.service_group }}"
|
|
mode: '0775'
|
|
become: true
|
|
|
|
- name: Flush pending handlers
|
|
ansible.builtin.meta: flush_handlers
|
|
|
|
- name: "Start and wait for keycloak service"
|
|
ansible.builtin.include_tasks: start.yml
|
|
|
|
- name: Link default logs directory
|
|
ansible.builtin.file:
|
|
state: link
|
|
src: "{{ keycloak.log.file | dirname }}"
|
|
dest: "{{ keycloak_quarkus_log_target }}"
|
|
force: true
|
|
become: true
|
|
|
|
- name: Check service status
|
|
ansible.builtin.systemd_service:
|
|
name: "{{ keycloak.service_name }}"
|
|
register: keycloak_service_status
|
|
changed_when: false
|
|
|
|
- name: "Trigger bootstrapped notification: remove `keycloak_quarkus_admin_user[_pass]` env vars"
|
|
when:
|
|
- not ansible_local.keycloak.general.bootstrapped | default(false) | bool # it was not bootstrapped prior to the current role's execution
|
|
- keycloak_service_status.status.ActiveState == "active" # but it is now
|
|
ansible.builtin.assert: { that: true, quiet: true }
|
|
changed_when: true
|
|
notify:
|
|
- bootstrapped
|
|
|
|
- name: Flush pending handlers
|
|
ansible.builtin.meta: flush_handlers
|