ansible-keycloak/roles/keycloak/tasks/main.yml

72 lines
2.1 KiB
YAML
Raw Permalink Normal View History

---
# tasks file for keycloak
2022-02-15 13:24:03 +00:00
- name: Check prerequisites
2022-02-24 14:00:10 +00:00
ansible.builtin.include_tasks: prereqs.yml
tags:
- prereqs
- name: Include firewall config tasks
ansible.builtin.include_tasks: firewalld.yml
when: keycloak_configure_firewalld
tags:
- firewall
- name: Include install tasks
ansible.builtin.include_tasks: install.yml
tags:
- install
- name: Include systemd tasks
ansible.builtin.include_tasks: systemd.yml
tags:
- systemd
- name: Include patch install tasks
ansible.builtin.include_tasks: rhsso_patch.yml
2022-09-19 14:02:55 +00:00
when:
- sso_apply_patches is defined and sso_apply_patches
- sso_enable is defined and sso_enable
tags:
- install
- patch
- name: Link default logs directory
2022-02-24 14:00:10 +00:00
ansible.builtin.file:
state: link
2022-01-27 13:23:11 +00:00
src: "{{ keycloak_jboss_home }}/standalone/log"
dest: /var/log/keycloak
2022-05-11 09:33:52 +00:00
- name: Set admin credentials and restart if not already created
block:
2022-03-17 09:45:55 +00:00
- name: Check admin credentials by generating a token (supposed to fail on first installation)
2022-02-24 14:00:10 +00:00
ansible.builtin.uri:
2021-12-16 13:24:06 +00:00
url: "{{ keycloak_url }}/auth/realms/master/protocol/openid-connect/token"
method: POST
body: "client_id={{ keycloak_auth_client }}&username={{ keycloak_admin_user }}&password={{ keycloak_admin_password }}&grant_type=password"
validate_certs: no
register: keycloak_auth_response
until: keycloak_auth_response.status == 200
retries: 2
delay: 2
rescue:
2022-01-27 13:23:11 +00:00
- name: "Create {{ keycloak.service_name }} admin user"
2022-02-24 14:00:10 +00:00
ansible.builtin.command:
2021-12-16 13:24:06 +00:00
args:
argv:
- "{{ keycloak_jboss_home }}/bin/add-user-keycloak.sh"
- "-rmaster"
- "-u{{ keycloak_admin_user }}"
- "-p{{ keycloak_admin_password }}"
2022-02-15 12:14:36 +00:00
changed_when: yes
2021-12-16 13:24:06 +00:00
become: yes
2022-01-27 13:23:11 +00:00
- name: "Restart {{ keycloak.service_name }}"
2022-02-24 14:00:10 +00:00
ansible.builtin.include_tasks: tasks/restart_keycloak.yml
2022-01-27 13:23:11 +00:00
- name: "Wait until {{ keycloak.service_name }} becomes active {{ keycloak.health_url }}"
2022-02-24 14:00:10 +00:00
ansible.builtin.uri:
2022-01-27 13:23:11 +00:00
url: "{{ keycloak.health_url }}"
register: keycloak_status
until: keycloak_status.status == 200
retries: 25
delay: 10