mirror of
https://github.com/ansible-middleware/keycloak.git
synced 2025-04-07 03:10:31 -07:00
43 lines
1.2 KiB
YAML
43 lines
1.2 KiB
YAML
---
|
|
- name: Prepare
|
|
hosts: all
|
|
tasks:
|
|
- name: Install sudo
|
|
ansible.builtin.yum:
|
|
name: sudo
|
|
state: present
|
|
|
|
- name: "Display hera_home if defined."
|
|
ansible.builtin.set_fact:
|
|
hera_home: "{{ lookup('env', 'HERA_HOME') }}"
|
|
|
|
- name: Create certificate request
|
|
ansible.builtin.command: openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 365 -nodes -subj '/CN=instance'
|
|
delegate_to: localhost
|
|
changed_when: False
|
|
|
|
- name: Set /etc/hosts
|
|
ansible.builtin.lineinfile:
|
|
dest: /etc/hosts
|
|
line: "127.0.0.1 instance"
|
|
state: present
|
|
delegate_to: localhost
|
|
become: yes
|
|
when:
|
|
- hera_home is defined
|
|
- hera_home | length == 0
|
|
|
|
- name: Create conf directory # risky-file-permissions in test user account does not exist yet
|
|
ansible.builtin.file:
|
|
state: directory
|
|
path: /opt/keycloak/keycloak-22.0.3/conf/
|
|
mode: 0755
|
|
|
|
- name: Copy certificates
|
|
ansible.builtin.copy:
|
|
src: "{{ item }}"
|
|
dest: "/opt/keycloak/keycloak-22.0.3/conf/{{ item }}"
|
|
mode: 0444
|
|
loop:
|
|
- cert.pem
|
|
- key.pem
|