guillaume/ansible-keycloak
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add mariadb default, add config validation

Browse Source
This commit is contained in:
Guido Grazioli 2021-12-17 14:56:28 +01:00
parent 78adb450b2
commit 9c97baf03b
3 changed files with 38 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
roles/keycloak/defaults/main.yml
View File

@ -36,6 +36,7 @@ keycloak_url: "http://{{ keycloak_host }}:{{ keycloak_http_port }}"
keycloak_management_url: "http://{{ keycloak_host }}:{{ keycloak_management_http_port }}" keycloak_management_url: "http://{{ keycloak_host }}:{{ keycloak_management_http_port }}"
# enable auto configuration for database backend, clustering and remote caches on infinispan # enable auto configuration for database backend, clustering and remote caches on infinispan
keycloak_ha_enabled: False keycloak_ha_enabled: False
keycloak_db_enabled: False
# keycloak administration console user # keycloak administration console user
keycloak_admin_user: admin keycloak_admin_user: admin
@ -58,9 +59,10 @@ keycloak_remotecache:
trust_store_path: /path/to/jks/keystore trust_store_path: /path/to/jks/keystore
trust_store_password: changeme trust_store_password: changeme
keycloak_jdbc_engine: postgres
keycloak_jdbc: keycloak_jdbc:
postgres: postgres:
enabled: "{{ keycloak_ha_enabled }}" enabled: "{{ keycloak_ha_enabled and keycloak_jdbc_engine == 'postgres' }}"
driver_module_name: "org.postgresql" driver_module_name: "org.postgresql"
driver_module_dir: "{{ keycloak_jboss_home }}/modules/org/postgresql/main" driver_module_dir: "{{ keycloak_jboss_home }}/modules/org/postgresql/main"
driver_version: 9.4.1212 driver_version: 9.4.1212
@ -69,3 +71,13 @@ keycloak_jdbc:
connection_url: "{{ postgres_jdbc_url | default('jdbc:postgresql://localhost:5432/keycloak') }}" connection_url: "{{ postgres_jdbc_url | default('jdbc:postgresql://localhost:5432/keycloak') }}"
db_user: "{{ postgres_db_user | default('keycloak-user') }}" db_user: "{{ postgres_db_user | default('keycloak-user') }}"
db_password: "{{ postgres_db_pass | default('keycloak-pass') }}" db_password: "{{ postgres_db_pass | default('keycloak-pass') }}"
mariadb:
enabled: "{{ keycloak_ha_enabled and keycloak_jdbc_engine == 'mariadb' }}"
driver_module_name: "org.mariadb"
driver_module_dir: "{{ keycloak_jboss_home }}/modules/org/mariadb/main"
driver_version: 2.7.4
driver_jar_filename: "mariadb-java-client-2.7.4.jar"
driver_jar_url: "https://repo1.maven.org/maven2/org/mariadb/jdbc/mariadb-java-client/2.7.4/mariadb-java-client-2.7.4.jar"
connection_url: "{{ mariadb_jdbc_url | default('jdbc:mariadb://localhost:3306/keycloak') }}"
db_user: "{{ mariadb_db_user | default('keycloak-user') }}"
db_password: "{{ mariadb_db_pass | default('keycloak-pass') }}"

16
roles/keycloak/tasks/install.yml
View File

@ -112,19 +112,19 @@
become: yes become: yes
when: keycloak_rhsso_enable when: keycloak_rhsso_enable
- name: "Install Postresql driver" - name: "Install {{ keycloak_jdbc_engine }} driver"
include_role: include_role:
name: wildfly_driver name: wildfly_driver
tasks_from: jdbc_driver.yml tasks_from: jdbc_driver.yml
vars: vars:
wildfly_user: "{{ keycloak_service_user }}" wildfly_user: "{{ keycloak_service_user }}"
jdbc_driver_module_dir: "{{ keycloak_jdbc.postgres.driver_module_dir }}" jdbc_driver_module_dir: "{{ keycloak_jdbc[keycloak_jdbc_engine].driver_module_dir }}"
jdbc_driver_version: "{{ keycloak_jdbc.postgres.driver_version }}" jdbc_driver_version: "{{ keycloak_jdbc[keycloak_jdbc_engine].driver_version }}"
jdbc_driver_jar_filename: "{{ keycloak_jdbc.postgres.driver_jar_filename }}" jdbc_driver_jar_filename: "{{ keycloak_jdbc[keycloak_jdbc_engine].driver_jar_filename }}"
jdbc_driver_jar_url: "{{ keycloak_jdbc.postgres.driver_jar_url }}" jdbc_driver_jar_url: "{{ keycloak_jdbc[keycloak_jdbc_engine].driver_jar_url }}"
jdbc_driver_jar_installation_path: "{{ keycloak_jdbc.postgres.driver_module_dir }}/{{ keycloak_jdbc.postgres.driver_jar_filename }}" jdbc_driver_jar_installation_path: "{{ keycloak_jdbc[keycloak_jdbc_engine].driver_module_dir }}/{{ keycloak_jdbc[keycloak_jdbc_engine].driver_jar_filename }}"
jdbc_driver_module_name: "{{ keycloak_jdbc.postgres.driver_module_name }}" jdbc_driver_module_name: "{{ keycloak_jdbc[keycloak_jdbc_engine].driver_module_name }}"
when: keycloak_jdbc.postgres.enabled when: keycloak_jdbc[keycloak_jdbc_engine].enabled
- name: "Deploy Keycloak's standalone.xml" - name: "Deploy Keycloak's standalone.xml"
become: yes become: yes

17
roles/keycloak/tasks/prereqs.yml
View File

@ -1,4 +1,21 @@
--- ---
- name: "Validate configuration"
assert:
that:
- (keycloak_ha_enabled and keycloak_db_enabled) or (not keycloak_ha_enabled and keycloak_db_enabled) or (not keycloak_ha_enabled and not keycloak_db_enabled)
quiet: True
fail_msg: "Cannot install HA setup without a backend database service. Check keycloak_ha_enabled and keycloak_ha_enabled"
success_msg: "{{ 'Configuring HA' if keycloak_ha_enabled else 'Configuring standalone' }}"
- name: "Validate credentials"
assert:
that:
- (rhn_username is defined and rhsso_rhn_id is defined) or rhsso_rhn_id is not defined
- (rhn_password is defined and rhsso_rhn_id is defined) or rhsso_rhn_id is not defined
quiet: True
fail_msg: "Cannot install Red Hat SSO without RHN credentials. Check rhn_username and rhn_password are defined"
success_msg: "{{ 'Installing Red Hat Single Sign-On' if rhsso_rhn_id is defined else 'Installing keycloak.org' }}"
- set_fact: - set_fact:
required_packages: required_packages:
- "{{ jvm_package | default('java-1.8.0-openjdk-devel') }}" - "{{ jvm_package | default('java-1.8.0-openjdk-devel') }}"