From 26be376b5cfb3d872096fc8269c91fba31822b95 Mon Sep 17 00:00:00 2001
From: Guido Grazioli <ggraziol@redhat.com>
Date: Mon, 10 Jan 2022 17:37:14 +0100
Subject: [PATCH] Template preferIPv4Stack, add health check after handler

---
 roles/keycloak/defaults/main.yml                |  3 ++-
 roles/keycloak/tasks/main.yml                   | 13 ++++++++++---
 roles/keycloak/templates/keycloak-service.sh.j2 |  2 +-
 3 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/roles/keycloak/defaults/main.yml b/roles/keycloak/defaults/main.yml
index 0f1999f..b2f45e8 100644
--- a/roles/keycloak/defaults/main.yml
+++ b/roles/keycloak/defaults/main.yml
@@ -33,7 +33,8 @@ keycloak_http_port: 8080
 keycloak_https_port: 8443
 keycloak_management_http_port: 9990
 keycloak_management_https_port: 9993
-keycloak_java_opts: "-Xms1024m -Xmx20480m -XX:MaxPermSize=768m"
+keycloak_java_opts: "-Xms1024m -Xmx2048m"
+keycloak_prefer_ipv4: True
 
 ### Enable configuration for database backend, clustering and remote caches on infinispan
 keycloak_ha_enabled: False
diff --git a/roles/keycloak/tasks/main.yml b/roles/keycloak/tasks/main.yml
index 0a37894..66f56b3 100644
--- a/roles/keycloak/tasks/main.yml
+++ b/roles/keycloak/tasks/main.yml
@@ -27,9 +27,16 @@
       args:
         argv:
           - "{{ keycloak_jboss_home }}/bin/add-user-keycloak.sh"
-          - -rmaster
-          - -u{{ keycloak_admin_user }}
-          - -p{{ keycloak_admin_password }}
+          - "-rmaster"
+          - "-u{{ keycloak_admin_user }}"
+          - "-p{{ keycloak_admin_password }}"
       become: yes
     - name: restart keycloak
       include_tasks: tasks/restart_keycloak.yml
+    - name: "Wait until Keycloak becomes active {{ health_url }}"
+      uri:
+        url: "{{ health_url }}"
+      register: keycloak_status
+      until: keycloak_status.status == 200
+      retries: 25
+      delay: 10
diff --git a/roles/keycloak/templates/keycloak-service.sh.j2 b/roles/keycloak/templates/keycloak-service.sh.j2
index c52a464..422ccde 100755
--- a/roles/keycloak/templates/keycloak-service.sh.j2
+++ b/roles/keycloak/templates/keycloak-service.sh.j2
@@ -82,7 +82,7 @@ startKeycloak() {
         -Djboss.management.http.port=${KEYCLOAK_MANAGEMENT_HTTP_PORT} \
         -Djboss.management.https.port=${KEYCLOAK_MANAGEMENT_HTTPS_PORT} \
         -Djboss.node.name={{ inventory_hostname }} \
-      {% if ansible_facts.virtualization_type in ['docker','oci','containerd'] %}-Djava.net.preferIPv4Stack=true -Djava.net.preferIPv4Addresses=true {% endif %}\
+      {% if keycloak_prefer_ipv4 %}-Djava.net.preferIPv4Stack=true -Djava.net.preferIPv4Addresses=true {% endif %}\
       {% if keycloak_config_standalone_xml is defined %}--server-config={{ keycloak_config_standalone_xml }}{% endif %} \
       2>&1 >> "${KEYCLOAK_LOGFILE}" &
     while [ ! -f ${KEYCLOAK_PIDFILE} ]; do sleep 1; done