gitea-admin
/
hetzner-ansible
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
prodnso
main
qa
feature/DEV-655
feature/SC-124
feature/SC-55
feature/DEV-470_2nd
feature/DEV-380_2nd
feature/DEV-380
master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'd97bedc8f1'
${ noResults }
hetzner-ansible/roles/keycloak/tasks/main.yml

133 lines
4.1 KiB
YAML
Raw Blame History

---
### tags:
### create_users
### create_groups
### update_realms
### update_deployment
### configure_container
- name: "Setup DNS configuration for {{ inventory_hostname }}"
include_role:
name: _digitalocean
tasks_from: domain
vars:
record_data: "{{ stage_server_ip }}"
record_name: "{{ inventory_hostname }}"
- name: "Check if {{ inventory_hostname }}/docker-compose.yml exists"
stat:
path: '{{ service_base_path }}/{{ inventory_hostname }}/docker-compose.yml'
register: check_docker_compose_file
tags:
- update_deployment
- name: "Stop {{ inventory_hostname }}"
shell: docker-compose down
args:
chdir: '{{ service_base_path }}/{{ inventory_hostname }}'
when: check_docker_compose_file.stat.exists
ignore_errors: yes
tags:
- update_deployment
- name: "Deploy docker templates for {{ inventory_hostname }}"
include_role:
name: _deploy
tasks_from: templates
vars:
current_config: "_docker"
current_base_path: "{{ service_base_path }}"
current_destination: "{{ inventory_hostname }}"
current_owner: "{{ docker_owner }}"
current_group: "{{ docker_group }}"
current_docker: "{{ keycloak_docker }}"
- name: "Deploy service templates for {{ inventory_hostname }}"
include_role:
name: _deploy
tasks_from: templates
vars:
current_config: "keycloak"
current_base_path: "{{ service_base_path }}"
current_destination: "{{ inventory_hostname }}"
current_owner: "{{ docker_owner }}"
current_group: "{{ docker_group }}"
- name: "Update {{ inventory_hostname }}"
shell: docker-compose pull
args:
chdir: '{{ service_base_path }}/{{ inventory_hostname }}'
tags:
- update_deployment
- name: "Start {{ inventory_hostname }}"
shell: docker-compose up -d
args:
chdir: '{{ service_base_path }}/{{ inventory_hostname }}'
tags:
- update_deployment
- name: "Wait for {{ service_port_keycloak_external }}"
wait_for:
port: '{{ service_port_keycloak_external }}'
delay: 60
- name: "Authenticate with Keycloak server"
uri:
url: "http://localhost:{{ service_port_keycloak_external }}/auth/realms/master/protocol/openid-connect/token"
method: POST
body_format: form-urlencoded
body: 'username={{ keycloak_admin_username }}&password={{ keycloak_admin_password }}&client_id=admin-cli&grant_type=password'
retries: 5
delay: 5
register: keycloak_authentication
tags:
- create_users
- create_groups
- update_realms
- name: "Setup realms"
include_tasks: configure_realm.yml
vars:
current_realm_name: '{{ current_realm.name }}'
current_realm_display_name: '{{ current_realm.display_name }}'
current_realm_clients: '{{ current_realm.clients | default([]) }}'
access_token: "{{ keycloak_authentication.json.access_token }}"
with_items: "{{ keycloak.realms }}"
loop_control:
loop_var: current_realm
tags:
- update_realms
- name: "Create realm users"
include_tasks: create_realm_users.yml
vars:
current_realm_name: "{{ item.name }}"
current_realm_users: "{{ item.users | default([]) }}"
access_token: "{{ keycloak_authentication.json.access_token }}"
with_items: "{{ keycloak.realms }}"
tags:
- create_users
- update_realms
- name: "Create realm groups"
include_tasks: create_realm_groups.yml
vars:
current_realm_name: "{{ item.name }}"
current_realm_groups: "{{ item.groups | default([]) }}"
access_token: "{{ keycloak_authentication.json.access_token }}"
with_items: "{{ keycloak.realms }}"
tags:
- create_groups
- update_realms
- name: "Activate event listeners"
shell: |
docker exec {{ keycloak_id }} /bin/sh -c "/opt/jboss/keycloak/bin/kcadm.sh config credentials --server http://localhost:8080/auth --realm master --user $KEYCLOAK_USER --password $KEYCLOAK_PASSWORD"
docker exec {{ keycloak_id }} /bin/sh -c "/opt/jboss/keycloak/bin/kcadm.sh update events/config -s 'eventsEnabled=true' -s 'adminEventsEnabled=true' -s 'eventsListeners+=metrics-listener'"
docker exec {{ keycloak_id }} /bin/sh -c "usr/bin/rm -f /opt/jboss/.keycloak/kcadm.config"
tags:
- update_deployment
- configure_container
Reference in New Issue View Git Blame Copy Permalink