--- # tasks file for keycloak - name: Check prerequisites ansible.builtin.include_tasks: prereqs.yml tags: - prereqs - name: Include firewall config tasks ansible.builtin.include_tasks: firewalld.yml when: keycloak_configure_firewalld tags: - firewall - name: Include install tasks ansible.builtin.include_tasks: install.yml tags: - install - name: Include systemd tasks ansible.builtin.include_tasks: systemd.yml tags: - systemd - name: Include patch install tasks ansible.builtin.include_tasks: rhsso_patch.yml when: keycloak_rhsso_apply_patches and keycloak_rhsso_enable tags: - install - patch - name: Link default logs directory ansible.builtin.file: state: link src: "{{ keycloak_jboss_home }}/standalone/log" dest: /var/log/keycloak - block: - name: Check admin credentials by generating a token ansible.builtin.uri: url: "{{ keycloak_url }}/auth/realms/master/protocol/openid-connect/token" method: POST body: "client_id={{ keycloak_auth_client }}&username={{ keycloak_admin_user }}&password={{ keycloak_admin_password }}&grant_type=password" validate_certs: no register: keycloak_auth_response until: keycloak_auth_response.status == 200 retries: 2 delay: 2 rescue: - name: "Create {{ keycloak.service_name }} admin user" ansible.builtin.command: args: argv: - "{{ keycloak_jboss_home }}/bin/add-user-keycloak.sh" - "-rmaster" - "-u{{ keycloak_admin_user }}" - "-p{{ keycloak_admin_password }}" changed_when: yes become: yes - name: "Restart {{ keycloak.service_name }}" ansible.builtin.include_tasks: tasks/restart_keycloak.yml - name: "Wait until {{ keycloak.service_name }} becomes active {{ keycloak.health_url }}" ansible.builtin.uri: url: "{{ keycloak.health_url }}" register: keycloak_status until: keycloak_status.status == 200 retries: 25 delay: 10