forked from SSSD/sssd-ci-containers
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Adding new container for Keycloak. Container defined in separate docker-compose since it is unnecessary for general SSSD testing. Container build ansible role added and Makefile and scripts updated to reflect the new keycloak container. Signed-off-by: Scott Poore <[email protected]>
- Loading branch information
Showing
29 changed files
with
367 additions
and
26 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,31 @@ | ||
| -----BEGIN CERTIFICATE----- | ||
| MIIFTzCCAzegAwIBAgITPJ2nsJjf6JgZjc5YZi1LZL1I4DANBgkqhkiG9w0BAQsF | ||
| ADArMQ0wCwYDVQQKDAR0ZXN0MQ0wCwYDVQQLDARzc3NkMQswCQYDVQQDDAJjYTAe | ||
| Fw0yMzAzMzAyMDE3MjFaFw00MjEyMTUyMDE3MjFaMD0xDTALBgNVBAoMBHRlc3Qx | ||
| DTALBgNVBAsMBHNzc2QxHTAbBgNVBAMMFG1hc3Rlci5rZXljbG9hay50ZXN0MIIC | ||
| IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo3v/0s0OAKNG8508BGXHb6pW | ||
| 5NMatadps42KYSY+PKNd96ANMfOrSstFCDgxMM33abOZl4FyLCfsZv5++XCYiQ6x | ||
| KCgO/RYqH0YXUOw560RKOismA3fWbIsgwb8LecOR73LpOot/pIo5HAgKYjMu72Gy | ||
| GBpBeKeMhIdKwaAYdCkjy1VsDIdaCC0RrcR+ZP3PI4ksCzx6icICReM9UJmzvRvT | ||
| YPz/E99OvfVd+d2WQiSysePLygV0xYMI70YkTTDrZvAs4R3Qfe1DGYqLGu8dvLsd | ||
| awWNdJcASgu1ODV0hKRZLHd+8OkpmROG7SxWv5F+XzIplmMjy0N6hxXzQeUwx0Uh | ||
| /LE4QgW1Za0qS/SFkdaWBoP86SpjvXYvrAgiSQs3X+HLp6SlZCgk0fmhWzeLluYk | ||
| XyiGmTLnoV6+YoeXR79P2pPaoAMmyyeitDtLzAadnFmXaxV9ZqGETu1VSOZtjNRz | ||
| sBz8EpboPxputeDV3h5MlWMNR1mqjt8WCPH3vAP0IaXC26OpWumDjLV6x4UmcuBM | ||
| x7GWSnx4f94AMtapECahWbqlY/Zs8zRjUP3GoC8g4SA/Ck2DaIEcjABYH3YyXL/4 | ||
| MA6fSqyTJ8zwCsg0CIUckud8qmpAoy9laLGWcQY2/jbh8bE2cWh91jksc+SRQe1x | ||
| ppub9iP6mtksihb88XkCAwEAAaNaMFgwHwYDVR0jBBgwFoAUEjy3xbVnEZuxbtPG | ||
| ee5h0fTCBn0wCQYDVR0TBAIwADALBgNVHQ8EBAMCBPAwHQYDVR0OBBYEFCR8rEJ+ | ||
| +3dGG+WhrodO9w2q3jAbMA0GCSqGSIb3DQEBCwUAA4ICAQAdTHDnLLtbdG9SVVpJ | ||
| zvajm4TeEqrB07BvTsY4N9eboTK/A3mj68E8gj1NsehYsbqyBDg7dUXOacFSFXBj | ||
| GB0+eaHPmerjokB0pJBxc0TCrlLL5sV1wd0LFziqPBUUEG2Q9Y85YZqOCfY9Ta3n | ||
| DJb1PIl5/AH76b+MT3+v/7OftyGmkDGL3H4l+S27ki87AeP4CuroNLfJ8L5tIKHk | ||
| nkCXF3MWcbhWQ3qnGx6K8jGby8lwGler91QCQSSOVswtAOcixXU24dVqZQDiE/nr | ||
| 6lT97EE9rvWOc61BnL7Po8cADlH9uWBsAMjl3NHt9XdLGSlrjsfLSmqVHLbL8GUm | ||
| g5fp87K+ishQiWOXBz0KhLjbouFJZQgqmojF3d3SKP25F/gwpl2s2OTl3TiBShaa | ||
| a7qB4pOI4n7TEso05PvPUlvNe/52iBz4dfd8Alic4G+4ApExrjiPBK2VdgVun0bQ | ||
| qN6M4RW7cudTORnOENDGp9aO+AB4G1xcH4kiZa/FWvgPRT3FmMzeV8cYQg23vM9q | ||
| 066Vu3gp+lRLHncoBxdJuXtaY6gT3cgptnQLvXhiZfwaPaNQLDi+UWZ9+rPMGkD6 | ||
| yBthELFTGw93h0RojVj+VKCUY6NnrNvbxhcQntwhNHt0ot7B280iR1eZnmlwbMCI | ||
| qpEVBfEoqIYxBQG/ksqYrICzsA== | ||
| -----END CERTIFICATE----- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,52 @@ | ||
| -----BEGIN PRIVATE KEY----- | ||
| MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQCje//SzQ4Ao0bz | ||
| nTwEZcdvqlbk0xq1p2mzjYphJj48o133oA0x86tKy0UIODEwzfdps5mXgXIsJ+xm | ||
| /n75cJiJDrEoKA79FiofRhdQ7DnrREo6KyYDd9ZsiyDBvwt5w5Hvcuk6i3+kijkc | ||
| CApiMy7vYbIYGkF4p4yEh0rBoBh0KSPLVWwMh1oILRGtxH5k/c8jiSwLPHqJwgJF | ||
| 4z1QmbO9G9Ng/P8T30699V353ZZCJLKx48vKBXTFgwjvRiRNMOtm8CzhHdB97UMZ | ||
| iosa7x28ux1rBY10lwBKC7U4NXSEpFksd37w6SmZE4btLFa/kX5fMimWYyPLQ3qH | ||
| FfNB5TDHRSH8sThCBbVlrSpL9IWR1pYGg/zpKmO9di+sCCJJCzdf4cunpKVkKCTR | ||
| +aFbN4uW5iRfKIaZMuehXr5ih5dHv0/ak9qgAybLJ6K0O0vMBp2cWZdrFX1moYRO | ||
| 7VVI5m2M1HOwHPwSlug/Gm614NXeHkyVYw1HWaqO3xYI8fe8A/QhpcLbo6la6YOM | ||
| tXrHhSZy4EzHsZZKfHh/3gAy1qkQJqFZuqVj9mzzNGNQ/cagLyDhID8KTYNogRyM | ||
| AFgfdjJcv/gwDp9KrJMnzPAKyDQIhRyS53yqakCjL2VosZZxBjb+NuHxsTZxaH3W | ||
| OSxz5JFB7XGmm5v2I/qa2SyKFvzxeQIDAQABAoICAAm1RpkKR7tWdtNnIiYBtEDn | ||
| jN7sQVEJtr9sl4vS1U3NBrq6dKYjeefIX9pP2e3zwS4z9do3G+RO350zHi+qVciH | ||
| yJHhpRg23Xv7cc2CpaLYrI69OrXogyFxdpnCwkfyCuO8/2gUWhlXgvIs8Q7pSq94 | ||
| 7fY78ujbDD9feFs8qk8VlVRRB4hL7lb/dCYNPdM59je+QNEO/5jYHkHvr1eutOt1 | ||
| ME15YJ1ZvKePn0vD8pUNcFYbeKHPxqIm+Jwa3nN+BPCZMRUSK+wab4pf/Yg1LF8l | ||
| fmb5Tq/eeqwq+1Ex7XAmAUygcPeV5Pw72l6RrDoWhfpZtHoDe5/pqyhD76zZUxbd | ||
| 8gtHv7fJ+MPy0eNbYJgLqRuHvX+ro36wqLt3zP6rrBXibiwolgissNqUQUgwGjqE | ||
| 5yw+ENn60W2QqIzZrIOpSxOodJ9yhhnTPNgFPVUzzVPQvpodgXUOAqxzi8qNwIkU | ||
| NSrnvduh1jBNvg3vHMg6Ux0n19rAeJdM7NwJoPdcX3Z7CS/AQPMHwMUksMJUpZWR | ||
| i8j3H0Edd9cSInxPHDZaksNLH8K51vt/9OtGdois0bUYwihKrQK3xoDgUdMQ8ZNk | ||
| rgBo/+jxIM+XZMJBULIK/Uj/a1lDe5a/gAA1XQHR1K3ay9WUyXhgauW7JSUJ7cX3 | ||
| 4/lHthOHMvxrLjjMHmftAoIBAQDKsNUEjPfRjfyROJFY3nyLXagU9+TijQyx7elg | ||
| MMTabmQPGiF1TSn3ecJxFucg3mtzjyootIwFqj+TlqJ5Ui3NedmTqk/IK2UGncJW | ||
| jNZH2f2ldJS+U0+PGqXTC+uI8Ny5Z6VUYs+pnclChDAsP2jwCtwVp4aRoqZq9TeW | ||
| gz1hbH1//lV2U7UTUqxS/HdZTO4XwzacfVhAdzD0Z3qg5WR4FyLt7qadK1hZzZXC | ||
| SGKyWDRvTTEijs/h1NwtIzHNm5P5VhfQzTfzHfrfM6SFJEXoBIgQoCdrPsqH7ksa | ||
| Fz3N4uAZmRi1dcJSu/x+k/4b4//qhsJ1AkBi9JM5W9DVPVMNAoIBAQDOe2betiQe | ||
| +Bp605LTka1DHoE1YLhce5Rr87yaIc0H99T2W+fJJHlbcJ0aAaJr/7MLdbSIB1SW | ||
| HarNy5uqIOZzklop5C3iLPUx7h5fNJQmwrljpJ1E46K1e7QKZrIzywKkzrHWm+ak | ||
| Ftzs7P5vF9ucHrrme9UecYh6shiEBlR6+YQtruV/GkMz02B2GjHBD6h15OsPMhdv | ||
| VUH0mDamUBSuWfCveJIf3aVh90Bttl/eA8RkB+5C5WAEFwyBJjN7ptyf7a/IUO8e | ||
| UKL5Y421cKnq37PU4bJA+l11X68jrTvyUnX/koeKIWclMpJOJg5nz7eMv0z1llKv | ||
| +BfUAK3J5m0dAoIBAQDBQspZhG/mhxODBATST5FA8RQKqjK7MPIh1U7oQJfyDb+q | ||
| BqhQSDrzlE0pt0S5ulmJ3b+9ACliXWoxNzfDpe+2M7CZc5KOsZGqNVHPZIoMCHYp | ||
| BHeu4ZDCSg5CpOL3t3E99u1VAMIwYBo+KfwktHFCL5iZrRpKUmOLKDTQdmJYOjGP | ||
| kNm78SR+QB2/IqpJo2iBj8jKfVlgXkV3RBNQxmh9eNH9O8fxpBqhxbw9evdgRWn5 | ||
| lgh7guAD3Anzn9Mk0GrPGp+qn4HxdWx21a7QpD1jdK6n64yqXTyPT06cmfx8Cw7S | ||
| WX+NxbJ7YHLn3gQ0Y7jnzYYsOvFZaQnXbww3xjkhAoIBAQCFS9zJAcSnyXsut88d | ||
| jfnQTq0TDHF4Ir9aQWsMBa4a6r8sm4Aytb0ybqy80TlNhzDKwR3egvz0PAq7+Clx | ||
| 1vNuwJg8WvXUATn5FcO9qm/J5gNQdECi7GFpz4YXAN0h2njGdDkSVmq6m5fby9Ml | ||
| XL2FN8FocaDPmnOE4dw5vuxixxmxdCrrtsSTfG3VUGu2OqmCElo84RWH5f5CLNF6 | ||
| 5E+1jpJ2dNvAfpH5gGizavzQkpYCDayeuv0VJtwHs+WgecQL6qGEK9tyMpRDcyVU | ||
| cHsBCZFKaLlugTI8R50E5xy//sP2TV36qj2wIcmZca/zDIFt90Fzeau/teWMEzQe | ||
| FwdxAoIBAEZdO6/WwuXH7v5uKdInGmkxxswdnAaPCulSM6ruUHh2XvGFTa557OkT | ||
| p9zYDlMWrt7IZ55CaeLMbTqliY5/Ic+srBDw1111JJv1ARHg1+TrZ8AjgSzQSHX+ | ||
| lO1UnQlu6eQ5PkE4Ns6yoD9gJzxRgHxHkifhWzJfwqHJ7bAk7CA/6Jbpvuwe7y4j | ||
| X2xf4k7HRrVzAP/jwL1d9Nnzk2xEJ6WjNcmWNeYOJt5Wog9t1pyqnI5iwZDhRHKi | ||
| H25jt3nPjG1LQU+Bix2qeuKoqjP3bsAakrsrQKckopA70egSPpUpwD5246TcItty | ||
| wpmmCXuBcDn5+o3D4ZI7fZ9QVn9bi28= | ||
| -----END PRIVATE KEY----- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| -----BEGIN OPENSSH PRIVATE KEY----- | ||
| b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAaAAAABNlY2RzYS | ||
| 1zaGEyLW5pc3RwMjU2AAAACG5pc3RwMjU2AAAAQQQo6x4yFjX+7NouHZzMyXid7gRR5C0W | ||
| UtZ8wzOyE8jMAmserl+FLtj5rh03iXnYNQyoM6e28YjFTW40S6QgGeEOAAAAuD0IGAs9CB | ||
| gLAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCjrHjIWNf7s2i4d | ||
| nMzJeJ3uBFHkLRZS1nzDM7ITyMwCax6uX4Uu2PmuHTeJedg1DKgzp7bxiMVNbjRLpCAZ4Q | ||
| 4AAAAhAJEZoIsYYJM1zgrQBNpJ/nBQkUB0KX/edjVHvxTtLcj8AAAAG1dlbGwga25vd24g | ||
| a2V5IGZvciBzc3NkLWNpLgECAwQ= | ||
| -----END OPENSSH PRIVATE KEY----- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCjrHjIWNf7s2i4dnMzJeJ3uBFHkLRZS1nzDM7ITyMwCax6uX4Uu2PmuHTeJedg1DKgzp7bxiMVNbjRLpCAZ4Q4= Well known key for sssd-ci. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| -----BEGIN OPENSSH PRIVATE KEY----- | ||
| b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAaAAAABNlY2RzYS | ||
| 1zaGEyLW5pc3RwMjU2AAAACG5pc3RwMjU2AAAAQQT5YcfqE2FEyZuoZAMuSoMl13D/SH4j | ||
| bYxbU/L7MWvpLeW2VvqQquJRGOzYCsGrWC5rSF1SjFm/dMilBJm2WhxsAAAAuCuqfD4rqn | ||
| w+AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPlhx+oTYUTJm6hk | ||
| Ay5KgyXXcP9IfiNtjFtT8vsxa+kt5bZW+pCq4lEY7NgKwatYLmtIXVKMWb90yKUEmbZaHG | ||
| wAAAAhAJi8m6d8fgyJSMNeKPf+U1BdH1PunSHV/VOpqPHSu4VsAAAAG1dlbGwga25vd24g | ||
| a2V5IGZvciBzc3NkLWNpLgECAwQ= | ||
| -----END OPENSSH PRIVATE KEY----- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPlhx+oTYUTJm6hkAy5KgyXXcP9IfiNtjFtT8vsxa+kt5bZW+pCq4lEY7NgKwatYLmtIXVKMWb90yKUEmbZaHGw= Well known key for sssd-ci. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| -----BEGIN OPENSSH PRIVATE KEY----- | ||
| b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAaAAAABNlY2RzYS | ||
| 1zaGEyLW5pc3RwMjU2AAAACG5pc3RwMjU2AAAAQQRIiqAbVB3EEMISmR5AGDh78F5/TK4l | ||
| +TrlOTvnye1/nx4kv/Nv2C3UDNsYENsePybKPiFNkd4i8UjCdjAIfgmGAAAAuDVOCT81Tg | ||
| k/AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEiKoBtUHcQQwhKZ | ||
| HkAYOHvwXn9MriX5OuU5O+fJ7X+fHiS/82/YLdQM2xgQ2x4/Jso+IU2R3iLxSMJ2MAh+CY | ||
| YAAAAhAM8elf2XwkTxqk2BecXGp9Vg5a+2Dnj2NU/m3zlB9fXjAAAAG1dlbGwga25vd24g | ||
| a2V5IGZvciBzc3NkLWNpLgECAwQ= | ||
| -----END OPENSSH PRIVATE KEY----- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEiKoBtUHcQQwhKZHkAYOHvwXn9MriX5OuU5O+fJ7X+fHiS/82/YLdQM2xgQ2x4/Jso+IU2R3iLxSMJ2MAh+CYY= Well known key for sssd-ci. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,21 @@ | ||
| services: | ||
| keycloak: | ||
| image: ${REGISTRY}/ci-keycloak:${TAG} | ||
| container_name: keycloak | ||
| hostname: master.keycloak.test | ||
| dns: 172.16.100.2 | ||
| env_file: ./env.containers | ||
| cap_add: | ||
| - SYS_ADMIN | ||
| - SYS_PTRACE | ||
| - AUDIT_WRITE | ||
| - AUDIT_CONTROL | ||
| - NET_ADMIN | ||
| - SYS_CHROOT | ||
| security_opt: | ||
| - apparmor=unconfined | ||
| - label=disable | ||
| - seccomp=unconfined | ||
| networks: | ||
| sssd: | ||
| ipv4_address: 172.16.100.70 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| base_url: https://github.com/keycloak/keycloak/releases/download |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,118 @@ | ||
| - name: Get Keycloak latest version info | ||
| uri: | ||
| url: https://api.github.com/repos/keycloak/keycloak/releases/latest | ||
| method: GET | ||
| return_content: yes | ||
| status_code: 200 | ||
| body_format: json | ||
| register: result | ||
|
|
||
| - name: Set keycloak_url fact | ||
| set_fact: | ||
| keycloak_url: "{{ base_url }}/{{ result.json.tag_name }}/keycloak-{{ result.json.tag_name }}.tar.gz" | ||
|
|
||
| - name: Print keycloak_url | ||
| debug: | ||
| msg: "keycloak_url={{ keycloak_url }}" | ||
|
|
||
| - name: Create Keycloak user/group | ||
| user: | ||
| name: keycloak | ||
| home: /opt/keycloak | ||
| system: yes | ||
| create_home: yes | ||
|
|
||
| - name: Download software zipfile | ||
| get_url: | ||
| url: "{{ keycloak_url }}" | ||
| dest: /tmp/keycloak.tgz | ||
|
|
||
| - name: Unzip software | ||
| unarchive: | ||
| remote_src: yes | ||
| src: /tmp/keycloak.tgz | ||
| dest: /opt/keycloak | ||
| owner: keycloak | ||
| group: keycloak | ||
| extra_opts: | ||
| - --strip-components=1 | ||
|
|
||
| - name: Change ownership of files in /data/certs | ||
| file: | ||
| path: /data/certs/master.keycloak.test.key | ||
| mode: 0644 | ||
|
|
||
| - name: Add CA certificate to keystore | ||
| shell: | | ||
| keytool -noprompt -import \ | ||
| -keystore /data/certs/master.keycloak.test.keystore \ | ||
| -file /data/certs/ca.crt \ | ||
| -alias ca.crt \ | ||
| -trustcacerts -storepass {{ service.keycloak.admin_password }} | ||
| args: | ||
| creates: /data/certs/master.keycloak.test.keystore | ||
|
|
||
| - name: Add Keycloak certificate to keystore | ||
| shell: | | ||
| keytool -noprompt -import \ | ||
| -keystore /data/certs/master.keycloak.test.keystore \ | ||
| -file /data/certs/master.keycloak.test.crt \ | ||
| -alias master.keycloak.test.crt \ | ||
| -trustcacerts -storepass {{ service.keycloak.admin_password }} | ||
| - name: Run build step for Keycloak | ||
| shell: | | ||
| su - keycloak -c ''' | ||
| export KEYCLOAK_ADMIN=admin | ||
| export KEYCLOAK_ADMIN_PASSWORD={{ service.keycloak.admin_password }} | ||
| export KC_HOSTNAME=$(hostname):8443 | ||
| export KC_HTTPS_CERTIFICATE_FILE=/data/certs/master.keycloak.test.crt | ||
| export KC_HTTPS_CERTIFICATE_KEY_FILE=/data/certs/master.keycloak.test.key | ||
| export KC_HTTPS_TRUST_STORE_FILE=/data/certs/master.keycloak.test.keystore | ||
| export KC_HTTPS_TRUST_STORE_PASSWORD={{ service.keycloak.admin_password }} | ||
| export KC_HTTP_RELATIVE_PATH=/auth | ||
| /opt/keycloak/bin/kc.sh build | ||
| ''' | ||
| - name: Create Keycloak service env file | ||
| copy: | ||
| content: | | ||
| KEYCLOAK_ADMIN=admin | ||
| KEYCLOAK_ADMIN_PASSWORD={{ service.keycloak.admin_password }} | ||
| KC_HOSTNAME={{ inventory_hostname }} | ||
| KC_HTTPS_CERTIFICATE_FILE=/data/certs/master.keycloak.test.crt | ||
| KC_HTTPS_CERTIFICATE_KEY_FILE=/data/certs/master.keycloak.test.key | ||
| KC_HTTPS_TRUST_STORE_FILE=/data/certs/master.keycloak.test.keystore | ||
| KC_HTTPS_TRUST_STORE_PASSWORD={{ service.keycloak.admin_password }} | ||
| KC_HTTP_RELATIVE_PATH=/auth | ||
| dest: /etc/keycloak.env | ||
|
|
||
| - name: Create systemd Keycloak service file | ||
| copy: | ||
| content: | | ||
| [Unit] | ||
| Description=Keycloak Server | ||
| After=network.target | ||
| [Service] | ||
| Type=idle | ||
| EnvironmentFile=/etc/keycloak.env | ||
| User=keycloak | ||
| Group=keycloak | ||
| ExecStart=/opt/keycloak/bin/kc.sh start | ||
| TimeoutStartSec=600 | ||
| TimeoutStopSec=600 | ||
| [Install] | ||
| WantedBy=multi-user.target | ||
| dest: /etc/systemd/system/keycloak.service | ||
|
|
||
| - name: Reload systemd to pickup changes added for Keycloak | ||
| systemd: | ||
| daemon_reload: yes | ||
|
|
||
| - name: Enable Keycloak service | ||
| systemd: | ||
| name: keycloak | ||
| enabled: yes |
Oops, something went wrong.