guillaume
/
ansible-keycloak
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

keycloak: default jvm to headless variant, add jdbc validation

main
Guido Grazioli 2022-05-09 15:57:12 +02:00
parent fbc0d7ab99
commit 8341416ee0
No known key found for this signature in database
GPG Key ID: 22C8C31EF2BC093B
4 changed files with 16 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
roles/keycloak/README.md
View File

@ -65,7 +65,7 @@ Role Defaults
|`keycloak_service_user`| posix account username | `keycloak` | |`keycloak_service_user`| posix account username | `keycloak` |
|`keycloak_service_group`| posix account group | `keycloak` | |`keycloak_service_group`| posix account group | `keycloak` |
|`keycloak_service_pidfile`| pid file path for service | `/run/keycloak.pid` | |`keycloak_service_pidfile`| pid file path for service | `/run/keycloak.pid` |
|`keycloak_jvm_package`| RHEL java package runtime | `java-1.8.0-openjdk-devel` | |`keycloak_jvm_package`| RHEL java package runtime | `java-1.8.0-openjdk-headless` |
|`keycloak_java_home`| JAVA_HOME of installed JRE, leave empty for using specified keycloak_jvm_package RPM path | `None` | |`keycloak_java_home`| JAVA_HOME of installed JRE, leave empty for using specified keycloak_jvm_package RPM path | `None` |
|`keycloak_java_opts`| Additional JVM options | `-Xms1024m -Xmx2048m` | |`keycloak_java_opts`| Additional JVM options | `-Xms1024m -Xmx2048m` |

2
roles/keycloak/meta/argument_specs.yml
View File

@ -78,7 +78,7 @@ argument_specs:
type: "bool" type: "bool"
keycloak_jvm_package: keycloak_jvm_package:
# line 23 of keycloak/defaults/main.yml # line 23 of keycloak/defaults/main.yml
default: "java-1.8.0-openjdk-devel" default: "java-1.8.0-openjdk-headless"
description: "RHEL java package runtime rpm" description: "RHEL java package runtime rpm"
type: "str" type: "str"
keycloak_java_home: keycloak_java_home:

14
roles/keycloak/tasks/prereqs.yml
View File

@ -4,7 +4,7 @@
that: that:
- keycloak_admin_password | length > 12 - keycloak_admin_password | length > 12
quiet: True quiet: True
fail_msg: "The console administrator password is empty or invalid. Please set the keycloak_admin_password variable to a 16+ char long string" fail_msg: "The console administrator password is empty or invalid. Please set the keycloak_admin_password variable to a 12+ char long string"
success_msg: "{{ 'Console administrator password OK' }}" success_msg: "{{ 'Console administrator password OK' }}"
- name: Validate configuration - name: Validate configuration
@ -24,6 +24,18 @@
fail_msg: "Cannot install Red Hat SSO without RHN credentials. Check rhn_username and rhn_password are defined" fail_msg: "Cannot install Red Hat SSO without RHN credentials. Check rhn_username and rhn_password are defined"
success_msg: "{{ 'Installing Red Hat Single Sign-On' if keycloak_rhsso_enable else 'Installing keycloak.org' }}" success_msg: "{{ 'Installing Red Hat Single Sign-On' if keycloak_rhsso_enable else 'Installing keycloak.org' }}"
- name: Validate persistence configuration
ansible.builtin.assert:
that:
- keycloak_jdbc_engine is defined and keycloak_jdbc_engine in [ 'postgres', 'mariadb' ]
- keycloak_jdbc_url | length > 0
- keycloak_db_user | length > 0
- keycloak_db_pass | length > 0
quiet: True
when: keycloak_db_enabled
fail_msg: "Configuration for the JDBC persistence is invalid or incomplete"
success_msg: "Configuring JDBC persistence using {{ keycloak_jdbc_engine }} database"
- name: Ensure required packages are installed - name: Ensure required packages are installed
ansible.builtin.include_tasks: fastpackages.yml ansible.builtin.include_tasks: fastpackages.yml
vars: vars:

1
roles/keycloak/tasks/systemd.yml
View File

@ -1,3 +1,4 @@
---
- name: "Configure {{ keycloak.service_name }} service script wrapper" - name: "Configure {{ keycloak.service_name }} service script wrapper"
become: yes become: yes
ansible.builtin.template: ansible.builtin.template: