guillaume
/
ansible-keycloak
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ansible-keycloak/roles/keycloak/tasks/install.yml

165 lines
5.0 KiB
YAML
Raw Blame History

---
- assert:
that:
- keycloak_jboss_home is defined
- keycloak_service_user is defined
- keycloak_dest is defined
- keycloak_archive is defined
- keycloak_download_url is defined
- keycloak_version is defined
quiet: true
- set_fact:
keycloak_service_group: "{{ keycloak_service_user }}"
when:
- not keycloak_service_group is defined
- name: check for an existing deployment
become: yes
stat:
path: "{{ keycloak_jboss_home }}"
register: existing_deploy
- block:
- name: stop the old keycloak service
become: yes
ignore_errors: yes
systemd:
name: keycloak
state: stopped
- name: remove the old Keycloak deployment
become: yes
file:
path: "{{ keycloak_jboss_home }}"
state: absent
when: existing_deploy.stat.exists and keycloak_force_install|bool
- name: check for an existing deployment after possible forced removal
become: yes
stat:
path: "{{ keycloak_jboss_home }}"
- name: create Keycloak service user/group
become: yes
user:
name: "{{ keycloak_service_user }}"
home: /opt/keycloak
system: yes
create_home: no
- name: create Keycloak install location
become: yes
file:
dest: "{{ keycloak_dest }}"
state: directory
owner: "{{ keycloak_service_user }}"
group: "{{ keycloak_service_group }}"
mode: 0750
- block:
- set_fact:
archive: "{{ keycloak_dest }}/{{ keycloak_archive }}"
- name: "Check archive directory {{ archive }}"
stat:
path: "{{ archive }}"
register: archive_path
- name: download Keycloak archive to target
get_url:
url: "{{ keycloak_download_url }}"
dest: "{{ keycloak_dest }}"
owner: "{{ keycloak_service_user }}"
group: "{{ keycloak_service_group }}"
when:
- archive_path is defined
- archive_path.stat is defined
- not archive_path.stat.exists
- not keycloak_rhsso_enable and not zip_file_local_path is defined
- name: "Copy zipfile from local source: {{ zip_file_local_path }}"
ansible.builtin.copy:
src: "{{ zip_file_local_path }}"
dest: "{{ keycloak_dest }}"
owner: "{{ keycloak_service_user }}"
group: "{{ keycloak_service_group }}"
mode: 0750
when:
- archive_path is defined
- archive_path.stat is defined
- not archive_path.stat.exists
- not keycloak_rhsso_enable and zip_file_local_path is defined
- name: extract Keycloak archive on target
unarchive:
remote_src: yes
src: "{{ archive }}"
dest: "{{ keycloak_dest }}"
creates: "{{ keycloak_jboss_home }}"
owner: "{{ keycloak_service_user }}"
group: "{{ keycloak_service_group }}"
notify:
- restart keycloak
become: yes
when: not keycloak_rhsso_enable
- block:
- assert:
that:
- rhsso_rhn_id is defined or zip_file_local_path is defined
quiet: true
fail_msg: "Can't install RHSSO without either RHN ID or RHSSO zip file located on Ansible node"
- name: create download directory
file:
path: /opt/apps
state: directory
owner: "{{ keycloak_service_user }}"
group: "{{ keycloak_service_group }}"
mode: 0750
- include_tasks: get_rhsso.yml
vars:
zipfile_dest: "{{ keycloak_dest }}/{{ keycloak_rhsso_archive }}"
work_dir: "{{ keycloak_dest }}"
target_dir: "{{ keycloak_jboss_home }}"
become: yes
when: keycloak_rhsso_enable
- name: "Install {{ keycloak_jdbc_engine }} driver"
include_role:
name: wildfly_driver
tasks_from: jdbc_driver.yml
vars:
wildfly_user: "{{ keycloak_service_user }}"
jdbc_driver_module_dir: "{{ keycloak_jdbc[keycloak_jdbc_engine].driver_module_dir }}"
jdbc_driver_version: "{{ keycloak_jdbc[keycloak_jdbc_engine].driver_version }}"
jdbc_driver_jar_filename: "{{ keycloak_jdbc[keycloak_jdbc_engine].driver_jar_filename }}"
jdbc_driver_jar_url: "{{ keycloak_jdbc[keycloak_jdbc_engine].driver_jar_url }}"
jdbc_driver_jar_installation_path: "{{ keycloak_jdbc[keycloak_jdbc_engine].driver_module_dir }}/{{ keycloak_jdbc[keycloak_jdbc_engine].driver_jar_filename }}"
jdbc_driver_module_name: "{{ keycloak_jdbc[keycloak_jdbc_engine].driver_module_name }}"
when: keycloak_jdbc[keycloak_jdbc_engine].enabled
- name: "Deploy Keycloak's standalone.xml"
become: yes
template:
src: templates/standalone.xml.j2
dest: "{{ keycloak_config_path_to_standalone_xml }}"
owner: "{{ keycloak_service_user }}"
group: "{{ keycloak_service_group }}"
mode: 0640
notify:
- restart keycloak
when: not keycloak_remotecache.enabled
- name: "Deploy Keycloak's standalone.xml with remote cache store"
become: yes
template:
src: templates/standalone-infinispan.xml.j2
dest: "{{ keycloak_config_path_to_standalone_xml }}"
owner: "{{ keycloak_service_user }}"
group: "{{ keycloak_service_group }}"
mode: 0640
notify:
- restart keycloak
when: keycloak_remotecache.enabled
Reference in New Issue View Git Blame Copy Permalink