Skip to content
Snippets Groups Projects
Select Git revision
  • master default protected
  • 673-add-devblog-pages
  • update-onboarding
  • increase-burst-on-archmanweb
  • add-aurweb-tracing
  • block-uptime-robots
  • enable-gitlab-spamcheck
  • dbscripts-git-repo
  • artifact-signing-rfc
  • mysql_dashboard
  • upgrade_docs
  • aur_robots.txt
  • mariadb-nocow
13 results
Blame Permalink
Code owners
Assign users and groups as approvers for specific file changes. Learn more.
main.yml 1.36 KiB 
---

- name: install keycloak
  pacman: name=keycloak state=present

- name: template keycloak config
  template: src=standalone.xml.j2 dest=/etc/keycloak/standalone.xml owner=keycloak group=keycloak mode=600
  notify:
    - restart keycloak

- name: create an admin user
  command: /opt/keycloak/bin/add-user-keycloak.sh -u "{{ vault_keycloak_admin_user }}" -p "{{ vault_keycloak_admin_password }}"
  args:
    creates: /opt/keycloak/standalone/configuration/keycloak-add-user.json

- name: start and enable keycloak
  service: name=keycloak enabled=yes state=started

- name: open firewall hole
  firewalld: port={{ item }} permanent=true state=enabled immediate=yes
  when: configure_firewall
  with_items:
    - 80/tcp
    - 443/tcp
  tags:
    - firewall

- name: create postgres keycloak user
  postgresql_user: name="{{ keycloak_db_user }}" password="{{ keycloak_db_password }}"
  become: yes
  become_user: postgres
  become_method: su
  no_log: True

- name: create keycloak db
  postgresql_db: name=keycloak owner="{{ keycloak_db_user }}"
  become: yes
  become_user: postgres
  become_method: su

- name: make nginx log dir
  file: path="/var/log/nginx/{{ keycloak_domain }}" state=directory owner=root mode=0755

- name: set up nginx
  template: src=nginx.d.conf.j2 dest=/etc/nginx/nginx.d/keycloak.conf owner=root group=root mode=0644
  notify:
    - reload nginx
  tags: ['nginx']