--- ### tags: ### update_database ### update_deployment (keycloak, iam, connect) ### update_realms ### update_harbor_realm ### update_argocd_realm ### update_gitea_realm ### update_awx_realm ### update_connect_realm ### update_harbor ### update_connections (connect) ### update_configurations (connect) ############################################################# # Setup stage default databases (postgres01) ############################################################# - name: 'apply setup to {{ host | default("postgres01") }}' hosts: '{{ host | default("postgres01") }}' serial: "{{ serial_number | default(5) }}" become: true vars: ansible_ssh_host: "{{ stage_server_domain }}" pre_tasks: - name: "Import constraints check" import_tasks: tasks/constraints_check.yml become: false tags: - always tasks: - name: "Updating databases on {{ inventory_hostname }}" include_role: name: postgres tasks_from: _update_database_state apply: tags: - update_database tags: - update_database vars: postgres_acls: "{{ stage_postgres_acls }}" ############################################################# # Setup stage keycloak with stage default realms ############################################################# - name: 'apply setup to {{ host | default("keycloak") }}' hosts: '{{ host | default("keycloak") }}' serial: "{{ serial_number | default(5) }}" become: true vars: ansible_ssh_host: "{{ stage_server_domain }}" pre_tasks: - name: "Import autodiscover pre-tasks" import_tasks: tasks/autodiscover_pre_tasks.yml become: false tags: - always tasks: - name: "Install server based keycloak" include_role: name: keycloak vars: keycloak_postgres_database: "{{ stage_database_management_keycloak_name }}" keycloak_postgres_username: "{{ stage_database_management_keycloak_name }}" keycloak_postgres_password: "{{ stage_database_management_keycloak_password }}" shared_service_hostname_harbor: "{{ shared_service_kube_hostname_harbor }}/prodnso" tags: - update_deployment - name: "Setup stage harbor realm" include_role: name: harbor_realm apply: tags: - update_realms - update_harbor_realm tags: - update_realms - update_harbor_realm vars: current_realm_password_policy: "" - name: "Setup stage argocd realm" include_role: name: argocd_realm apply: tags: - update_realms - update_argocd_realm tags: - update_realms - update_argocd_realm vars: current_realm_password_policy: "" - name: "Setup stage gitea realm" include_role: name: gitea_realm apply: tags: - update_realms - update_gitea_realm tags: - update_realms - update_gitea_realm vars: current_realm_password_policy: "" - name: "Setup stage pgadmin4 realm" include_role: name: pgadmin4_realm apply: tags: - update_realms - update_pgadmin4_realm tags: - update_realms - update_pgadmin4_realm vars: current_realm_password_policy: "" - name: "Setup stage awx realm" include_role: name: awx_realm apply: tags: - update_realms - update_awx_realm tags: - update_realms - update_awx_realm vars: current_realm_password_policy: "" - name: "Setup stage connect realm" include_role: name: connect_realm apply: tags: - update_realms - update_connect_realm tags: - update_realms - update_connect_realm vars: current_realm_password_policy: "" current_realm_name: "{{ management_oidc_realm }}" # TODO migrate from realm infrastructure current_realm_users_base: - username: "{{ management_admin_username }}" password: "{{ management_admin_password }}" email: "{{ connect_admin_email }}" firstName: "Netgo" lastName: "Administrator" requiredActions: [] connect_client_id: "{{ management_oidc_client_id }}" client_web_origin_connect: "{{ shared_service_url_management }}" connect_oidc_client_secret: "{{ management_oidc_client_secret }}" ############################################################# # Setup stage harbor configuration ############################################################# - name: 'apply setup to {{ host | default("virtual") }}' hosts: '{{ host | default("virtual") }}' serial: "{{ serial_number | default(5) }}" connection: local gather_facts: no become: no pre_tasks: - name: "Import autodiscover pre-tasks" import_tasks: tasks/autodiscover_pre_tasks.yml become: false tags: - always tasks: - name: "Setup stage harbor configuration" include_role: name: harbor_config apply: tags: - update_harbor tags: - update_harbor ############################################################# # Setup stage iam ############################################################# - name: 'apply setup to {{ host | default("iam") }}' hosts: '{{ host | default("iam") }}' serial: "{{ serial_number | default(5) }}" become: true vars: ansible_ssh_host: "{{ stage_server_domain }}" pre_tasks: - name: "Import autodiscover pre-tasks" import_tasks: tasks/autodiscover_pre_tasks.yml become: false tags: - always tasks: - name: "Install server based iam" include_role: name: iam tags: - update_deployment ############################################################# # ############################################################# - name: 'apply setup to {{ host | default("management") }}' hosts: '{{ host | default("management") }}' serial: "{{ serial_number | default(5) }}" become: true vars: ansible_ssh_host: "{{ stage_server_domain }}" current_realm_name: "{{ management_oidc_realm }}" connect_postgres_database: "{{ stage_database_management_connect_name }}" connect_oidc_client_secret: "{{ management_oidc_client_secret }}" pre_tasks: - name: "Import autodiscover pre-tasks" import_tasks: tasks/autodiscover_pre_tasks.yml become: false tags: - always tasks: - name: "Install server based connect" include_role: name: management tags: - update_deployment - name: "Setup stage connect configuration" include_role: name: management tags: - update_connections - update_configurations