ansible-keycloak/roles/keycloak/tasks/systemd.yml

---
- name: "Configure {{ keycloak.service_name }} service script wrapper"
  become: yes
  ansible.builtin.template:
    src: keycloak-service.sh.j2
    dest: "{{ keycloak_dest }}/keycloak-service.sh"
    owner: root
    group: root
    mode: 0755
  notify:
    - restart keycloak

- name: Determine JAVA_HOME for selected JVM RPM  # noqa blocked_modules
  ansible.builtin.shell: |
    set -o pipefail
    rpm -ql {{ keycloak_jvm_package }} | grep -Po '/usr/lib/jvm/.*(?=/bin/java$)'    
  args:
    executable: /bin/bash
  changed_when: False
  register: rpm_java_home

- name: "Configure sysconfig file for {{ keycloak.service_name }} service"
  become: yes
  ansible.builtin.template:
    src: keycloak-sysconfig.j2
    dest: /etc/sysconfig/keycloak
    owner: root
    group: root
    mode: 0644
  vars:
    keycloak_rpm_java_home: "{{ rpm_java_home.stdout }}"
  notify:
    - restart keycloak

- name: "Configure systemd unit file for {{ keycloak.service_name }} service"
  ansible.builtin.template:
    src: keycloak.service.j2
    dest: /etc/systemd/system/keycloak.service
    owner: root
    group: root
    mode: 0644
  become: yes
  register: systemdunit
  notify:
    - restart keycloak

- name: Reload systemd
  become: yes
  ansible.builtin.systemd:
    daemon_reload: yes
  when: systemdunit.changed

- name: "Start and wait for {{ keycloak.service_name }} service (first node db)"
  ansible.builtin.include_tasks: start_keycloak.yml
  run_once: yes
  when: keycloak_db_enabled

- name: "Start and wait for {{ keycloak.service_name }} service (remaining nodes)"
  ansible.builtin.include_tasks: start_keycloak.yml

- name: Check service status
  ansible.builtin.command: "systemctl status keycloak"
  register: keycloak_service_status
  changed_when: False

- name: Verify service status
  ansible.builtin.assert:
    that:
      - keycloak_service_status is defined
      - keycloak_service_status.stdout is defined

- name: Flush handlers
  ansible.builtin.meta: flush_handlers