115 lines
4.1 KiB
YAML
115 lines
4.1 KiB
YAML
---
|
|
- name: "Configure Keycloak instances"
|
|
block:
|
|
|
|
- name: "Assure Keycloak instance is stopped"
|
|
service:
|
|
name: keycloak
|
|
state: stopped
|
|
become: true
|
|
|
|
- name: "Check if the themes are already installed"
|
|
stat:
|
|
path: "{{ keycloak_themes }}/d4science"
|
|
register: d4sciencethemes
|
|
|
|
- name: "Git checkout of d4science themes"
|
|
git:
|
|
repo: 'https://code-repo.d4science.org/gCubeSystem/d4science-keycloak-themes.git'
|
|
dest: "/tmp/checkout/d4science-keycloak-themes"
|
|
when: not d4sciencethemes.stat.exists or updatethemes
|
|
|
|
- name: "Copy themes in the proper folder"
|
|
copy:
|
|
src: "/tmp/checkout/d4science-keycloak-themes/src/themes/"
|
|
dest: "{{ keycloak_themes }}/"
|
|
owner: "keycloak"
|
|
group: "keycloak"
|
|
directory_mode: "yes"
|
|
mode: "u=rwx,g=rwx,o="
|
|
remote_src: "yes"
|
|
when: not d4sciencethemes.stat.exists or updatethemes
|
|
|
|
- name: "Check if the avatar-storage module is already installed"
|
|
stat:
|
|
path: "{{ keycloak_modules }}/org/gcube/keycloak/avatar-storage/main"
|
|
register: storagemodule
|
|
|
|
- name: "Remove old avatar-storage module"
|
|
file:
|
|
path: "{{ keycloak_modules }}/org/gcube/keycloak/avatar-storage"
|
|
state: absent
|
|
when: storagemodule.stat.exists and updatemodule
|
|
|
|
- name: "Download avatar-storage JAR from Maven repo"
|
|
maven_artifact:
|
|
group_id: org.gcube
|
|
artifact_id: avatar-storage
|
|
extension: jar
|
|
repository_url: 'https://maven.research-infrastructures.eu/nexus/content/repositories/gcube-staging-jenkins'
|
|
dest: "/tmp/avatar-storage.jar"
|
|
verify_checksum: "always"
|
|
when: not storagemodule.stat.exists or updatemodule
|
|
|
|
- name: "Install avatar-storage Keycloak module"
|
|
shell:
|
|
cmd: './bin/jboss-cli.sh --command="module add --name=org.gcube.keycloak.avatar-storage --resources=/tmp/avatar-storage.jar --dependencies=org.keycloak.keycloak-core,org.keycloak.keycloak-services,org.keycloak.keycloak-server-spi,org.keycloak.keycloak-server-spi-private,org.jboss.logging"'
|
|
chdir: "{{ keycloak_home }}"
|
|
when: not storagemodule.stat.exists or updatemodule
|
|
|
|
- name: "Switch ON Keycloak server instance"
|
|
service:
|
|
name: keycloak
|
|
state: started
|
|
become: true
|
|
|
|
- name: "Waiting for server start"
|
|
pause:
|
|
seconds: 20
|
|
|
|
- name: "Enable avatar-storage module in Keycloak conf"
|
|
shell:
|
|
cmd: './bin/jboss-cli.sh --connect --controller=localhost:9990 --command="/subsystem=keycloak-server:list-add(name=providers, value=module:org.gcube.keycloak.avatar-storage)"'
|
|
chdir: "{{ keycloak_home }}"
|
|
when: not storagemodule.stat.exists
|
|
|
|
- name: "Restart Keycloak server instance to load new provider configuration"
|
|
service:
|
|
name: keycloak
|
|
state: stopped
|
|
become: true
|
|
when: not storagemodule.stat.exists
|
|
|
|
- service:
|
|
name: keycloak
|
|
state: started
|
|
become: true
|
|
when: not storagemodule.stat.exists
|
|
|
|
- name: "Waiting for server start"
|
|
pause:
|
|
seconds: 20
|
|
when: not storagemodule.stat.exists
|
|
|
|
- name: "Download keycloak-d4science-bundle EAR from Maven repo"
|
|
maven_artifact:
|
|
group_id: org.gcube
|
|
artifact_id: keycloak-d4science-bundle
|
|
extension: ear
|
|
repository_url: 'https://maven.research-infrastructures.eu/nexus/content/repositories/gcube-staging-jenkins'
|
|
dest: "/tmp/keycloak-d4science-bundle.ear"
|
|
verify_checksum: "always"
|
|
when: updateear
|
|
|
|
- name: "Deploy keycloak-d4science-bundle EAR on Keycloak"
|
|
copy:
|
|
src: "/tmp/keycloak-d4science-bundle.ear"
|
|
dest: "{{ keycloak_deployments }}/keycloak-d4science-bundle.ear"
|
|
owner: "keycloak"
|
|
group: "keycloak"
|
|
directory_mode: "yes"
|
|
mode: "u=rw,g=rw,o="
|
|
remote_src: "yes"
|
|
when: updateear
|
|
|