gitea-admin
/
hetzner-ansible
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
prodnso
main
qa
feature/DEV-655
feature/SC-124
feature/SC-55
feature/DEV-470_2nd
feature/DEV-380_2nd
feature/DEV-380
master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5d604700dd'
${ noResults }
hetzner-ansible/roles/keycloak/tasks/main.yml

125 lines
3.5 KiB
YAML
Raw Blame History

---
### tags:
### update_deployment
### update_realms
- name: "Setup DNS configuration for {{ inventory_hostname }}"
include_role:
name: sma_digitalocean
tasks_from: domain
vars:
record_data: "{{ stage_server_ip }}"
record_name: "{{ inventory_hostname }}"
- name: "Check if {{ inventory_hostname }}/docker-compose.yml exists"
stat:
path: '{{ service_base_path }}/{{ inventory_hostname }}/docker-compose.yml'
register: check_docker_compose_file
tags:
- update_deployment
- name: "Stop {{ inventory_hostname }}"
community.docker.docker_compose:
project_src: '{{ service_base_path }}/{{ inventory_hostname }}'
state: absent
when: check_docker_compose_file.stat.exists
tags:
- update_deployment
- name: "Deploy docker templates for {{ inventory_hostname }}"
include_role:
name: sma_deploy
tasks_from: templates
vars:
current_config: "_docker"
current_base_path: "{{ service_base_path }}"
current_destination: "{{ inventory_hostname }}"
current_owner: "{{ docker_owner }}"
current_group: "{{ docker_group }}"
current_docker: "{{ keycloak_docker }}"
- name: "Deploy service templates for {{ inventory_hostname }}"
include_role:
name: sma_deploy
tasks_from: templates
vars:
current_config: "keycloak"
current_base_path: "{{ service_base_path }}"
current_destination: "{{ inventory_hostname }}"
current_owner: "{{ docker_owner }}"
current_group: "{{ docker_group }}"
- name: "Start {{ inventory_hostname }}"
community.docker.docker_compose:
project_src: '{{ service_base_path }}/{{ inventory_hostname }}'
state: present
pull: yes
tags:
- update_deployment
- name: "Setting local keycloak url"
set_fact:
keycloak_server_url: "http://localhost:{{ service_port_keycloak_external }}"
when: "'keycloak' in group_names"
- name: "Wait for <localhost:{{ keycloak_server_url }}>"
wait_for:
host: "localhost"
port: '{{ service_port_keycloak_external }}'
delay: 60
- name: "Authenticate with Keycloak server"
uri:
url: "{{ keycloak_server_url }}/auth/realms/master/protocol/openid-connect/token"
method: POST
body_format: form-urlencoded
body: 'username={{ keycloak_admin_username }}&password={{ keycloak_admin_password }}&client_id=admin-cli&grant_type=password'
retries: 5
delay: 5
register: keycloak_authentication
tags:
- update_realms
- name: "Printing master realm access_token"
debug:
msg: "{{ keycloak_authentication.json.access_token }}"
tags:
- always
when:
- debug
- name: "Setting smardigo-theme for master realm"
community.general.keycloak_realm:
id: "master"
realm: "master"
auth_realm: "master"
auth_client_id: "admin-cli"
auth_username: "{{ keycloak_admin_username }}"
auth_password: "{{ keycloak_admin_password }}"
auth_keycloak_url: "{{ keycloak_server_url }}/auth"
account_theme: "smardigo-theme"
admin_theme: "smardigo-theme"
login_theme: "smardigo-theme"
registration_allowed: no
reset_password_allowed: no
login_with_email_allowed: no
duplicate_emails_allowed: yes
internationalization_enabled: yes
default_locale: "de"
supported_locales:
- "de"
- "en"
events_enabled: yes
events_expiration: 604800
admin_events_enabled: yes
smtp_server:
host: "{{ shared_service_mail_hostname }}"
from: "{{ keycloak_id }}@smardigo.digital"
events_listeners:
- "jboss-logging"
- "metrics-listener"
state: present
tags:
- update_realms
Reference in New Issue View Git Blame Copy Permalink