Hung-Wei Chiu | 6a075af | 2021-09-09 22:33:06 +0000 | [diff] [blame^] | 1 | --- |
| 2 | # keycloak tasks/main.yml |
| 3 | # |
| 4 | # SPDX-FileCopyrightText: © 2021 Open Networking Foundation <support@opennetworking.org> |
| 5 | # SPDX-License-Identifier: Apache-2.0 |
| 6 | |
| 7 | - name: include OS-specific tasks |
| 8 | include_tasks: "{{ ansible_os_family }}.yml" |
| 9 | |
| 10 | - name: Create group for Keycloak |
| 11 | group: |
| 12 | name: "{{ keycloak_groupname }}" |
| 13 | |
| 14 | - name: Create user for Keycloak |
| 15 | user: |
| 16 | name: "{{ keycloak_username }}" |
| 17 | group: "{{ keycloak_groupname }}" |
| 18 | comment: "{{ keycloak_comment }}" |
| 19 | shell: "{{ keycloak_shell }}" |
| 20 | system: true |
| 21 | password_lock: true |
| 22 | |
| 23 | - name: Create keycloak dist directory |
| 24 | file: |
| 25 | path: "{{ keycloak_dist_dir }}" |
| 26 | owner: "{{ keycloak_username }}" |
| 27 | group: "{{ keycloak_groupname }}" |
| 28 | state: directory |
| 29 | mode: 0700 |
| 30 | |
| 31 | - name: Download keycloak |
| 32 | get_url: |
| 33 | url: "{{ keycloak_download_url }}" |
| 34 | dest: "{{ keycloak_dist_dir }}" |
| 35 | timeout: 30 |
| 36 | checksum: "{{ keycloak_checksum }}" |
| 37 | become: true |
| 38 | become_user: "{{ keycloak_username }}" |
| 39 | |
| 40 | - name: Extract keycloak |
| 41 | unarchive: |
| 42 | remote_src: true |
| 43 | src: "{{ keycloak_dist_dir }}/keycloak-{{ keycloak_version }}.tar.gz" |
| 44 | dest: "{{ keycloak_base_dir }}" |
| 45 | owner: "{{ keycloak_username }}" |
| 46 | group: "{{ keycloak_groupname }}" |
| 47 | creates: "{{ keycloak_base_dir }}/keycloak-{{ keycloak_version }}" |
| 48 | |
| 49 | - name: Link Keycloak distro to working dir |
| 50 | file: |
| 51 | state: "link" |
| 52 | src: "{{ keycloak_base_dir }}/keycloak-{{ keycloak_version }}" |
| 53 | dest: "{{ keycloak_working_dir }}" |
| 54 | |
| 55 | - name: Check admin account |
| 56 | command: |
| 57 | chdir: "{{ keycloak_working_dir }}/bin/" |
| 58 | cmd: > |
| 59 | ./kcadm.sh get users |
| 60 | --server http://localhost:8080/auth |
| 61 | --realm master --user {{ keycloak_admin_username }} |
| 62 | --password {{ keycloak_admin_password }} |
| 63 | register: kcadm_result |
| 64 | changed_when: false |
| 65 | failed_when: false |
| 66 | |
| 67 | - name: Create admin account |
| 68 | command: |
| 69 | chdir: "{{ keycloak_working_dir }}/bin/" |
| 70 | cmd: > |
| 71 | ./add-user-keycloak.sh |
| 72 | --realm master --user {{ keycloak_admin_username }} |
| 73 | --password {{ keycloak_admin_password }} |
| 74 | when: kcadm_result.rc != 0 |
| 75 | notify: |
| 76 | - "start-keycloak" |
| 77 | - "restart-keycloak" |