guillaume
/
ansible-keycloak
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

JVM as variable, name all tasks, update README

main
Guido Grazioli 2022-01-04 16:01:37 +01:00
parent 15d3411f45
commit 967d68898a
4 changed files with 19 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
README.md
View File

@ -44,8 +44,8 @@ where `sso_product_id` is the ID for the specific Red Hat Single Sign-On version
## Included roles ## Included roles
* `keycloak`: role for installing the service. * [`keycloak`](https://github.com/ansible-middleware/keycloak/roles/keycloak/REAME.md): role for installing the service. _Requires: python3-netaddr_
* `keycloak_realm`: role for configuring a realm, with clients and users, in an installed service. * [`keycloak_realm`](https://github.com/ansible-middleware/keycloak/roles/keycloak_realm/REAME.md): role for configuring a realm, with clients and users, in an installed service.
## License ## License

19
roles/keycloak/README.md
View File

@ -15,16 +15,17 @@ Role Defaults
| Variable | Description | Default | | Variable | Description | Default |
|:---------|:------------|:---------| |:---------|:------------|:---------|
|`keycloak_ha_enabled`| enable auto configuration for database backend, clustering and remote caches on infinispan | `False` | |`keycloak_ha_enabled`| Enable auto configuration for database backend, clustering and remote caches on infinispan | `False` |
|`keycloak_db_enabled`| enable auto configuration for database backend | `True` if keycloak_ha_enabled is True, else `False` | |`keycloak_db_enabled`| Enable auto configuration for database backend | `True` if keycloak_ha_enabled is True, else `False` |
|`keycloak_admin_user`| Administration console user account | `admin` | |`keycloak_admin_user`| Administration console user account | `admin` |
|`keycloak_bind_address`| address for binding service ports | `0.0.0.0` |`keycloak_bind_address`| Address for binding service ports | `0.0.0.0` |
|`keycloak_host`| hostname | `localhost` |`keycloak_host`| hostname | `localhost` |
|`keycloak_http_port`| HTTP port | `8080` |`keycloak_http_port`| HTTP port | `8080` |
|`keycloak_https_port`| TLS HTTP port | `8443` |`keycloak_https_port`| TLS HTTP port | `8443` |
|`keycloak_management_http_port`| management port | `9990` |`keycloak_management_http_port`| Management port | `9990` |
|`keycloak_management_https_port`| TLS management port | `9993` |`keycloak_management_https_port`| TLS management port | `9993` |
|`keycloak_java_opts`| Additional JVM options | `-Xms1024m -Xmx20480m -XX:MaxPermSize=768m` |`keycloak_java_opts`| Additional JVM options | `-Xms1024m -Xmx20480m -XX:MaxPermSize=768m` |
|`jvm_package`| RHEL java package runtime | `java-1.8.0-openjdk-devel` |
Role Variables Role Variables

1
roles/keycloak/defaults/main.yml
View File

@ -13,6 +13,7 @@ keycloak_rhsso_installdir: "{{ keycloak_dest }}/rh-sso-{{ keycloak_rhsso_version
keycloak_rhsso_base_url: 'https://access.redhat.com/jbossnetwork/restricted/softwareDownload.html?softwareId=' keycloak_rhsso_base_url: 'https://access.redhat.com/jbossnetwork/restricted/softwareDownload.html?softwareId='
### Install location and service settings ### Install location and service settings
jvm_package: java-1.8.0-openjdk-devel
keycloak_dest: /opt/keycloak keycloak_dest: /opt/keycloak
keycloak_jboss_home: "{{ keycloak_rhsso_installdir if rhsso_rhn_id is defined else keycloak_installdir }}" keycloak_jboss_home: "{{ keycloak_rhsso_installdir if rhsso_rhn_id is defined else keycloak_installdir }}"
keycloak_config_dir: "{{ keycloak_jboss_home }}/standalone/configuration" keycloak_config_dir: "{{ keycloak_jboss_home }}/standalone/configuration"

11
roles/keycloak/tasks/prereqs.yml
View File

@ -1,5 +1,5 @@
--- ---
- name: "Validate configuration" - name: Validate configuration
assert: assert:
that: that:
- (keycloak_ha_enabled and keycloak_db_enabled) or (not keycloak_ha_enabled and keycloak_db_enabled) or (not keycloak_ha_enabled and not keycloak_db_enabled) - (keycloak_ha_enabled and keycloak_db_enabled) or (not keycloak_ha_enabled and keycloak_db_enabled) or (not keycloak_ha_enabled and not keycloak_db_enabled)
@ -7,7 +7,7 @@
fail_msg: "Cannot install HA setup without a backend database service. Check keycloak_ha_enabled and keycloak_db_enabled" fail_msg: "Cannot install HA setup without a backend database service. Check keycloak_ha_enabled and keycloak_db_enabled"
success_msg: "{{ 'Configuring HA' if keycloak_ha_enabled else 'Configuring standalone' }}" success_msg: "{{ 'Configuring HA' if keycloak_ha_enabled else 'Configuring standalone' }}"
- name: "Validate credentials" - name: Validate credentials
assert: assert:
that: that:
- (rhn_username is defined and rhsso_rhn_id is defined) or rhsso_rhn_id is not defined - (rhn_username is defined and rhsso_rhn_id is defined) or rhsso_rhn_id is not defined
@ -16,14 +16,15 @@
fail_msg: "Cannot install Red Hat SSO without RHN credentials. Check rhn_username and rhn_password are defined" fail_msg: "Cannot install Red Hat SSO without RHN credentials. Check rhn_username and rhn_password are defined"
success_msg: "{{ 'Installing Red Hat Single Sign-On' if rhsso_rhn_id is defined else 'Installing keycloak.org' }}" success_msg: "{{ 'Installing Red Hat Single Sign-On' if rhsso_rhn_id is defined else 'Installing keycloak.org' }}"
- set_fact: - name: Set required packages facts
set_fact:
required_packages: required_packages:
- "{{ jvm_package | default('java-1.8.0-openjdk-devel') }}" - "{{ jvm_package }}"
- unzip - unzip
- procps-ng - procps-ng
- initscripts - initscripts
- name: "Ensures required packages are installed" - name: Ensures required packages are installed
ansible.builtin.include_tasks: fastpackages/install.yml ansible.builtin.include_tasks: fastpackages/install.yml
vars: vars:
packages_list: "{{ required_packages }}" packages_list: "{{ required_packages }}"