Commit 82d92167 authored by nono's avatar nono 💻
Browse files

Modification de la mise à jour de Keycloak

parent ac1ec1d9
......@@ -3,6 +3,7 @@
# Adding the Java Database Driver
- name : Installation of the latest Java OpenJDK Driver
become: yes
package :
name :
- libmariadb-java
......@@ -11,6 +12,7 @@
# Creating the database user and password for keycloak
- name: "Delete the anonymous user."
become: yes
mysql_user:
user: ""
state: "absent"
......@@ -20,6 +22,7 @@
ignore_errors: yes
- name: "Removes the MySQL test database"
become: yes
mysql_db:
name: test
state: absent
......@@ -29,6 +32,7 @@
ignore_errors: yes
- name: "Add Database {{ keycloak_db_name }}."
become: yes
mysql_db:
name: "{{ keycloak_db_name }}"
login_user: root
......@@ -37,6 +41,7 @@
state: present
- name: "Configure the database user."
become: yes
mysql_user:
name: "{{ keycloak_db_admin }}"
password: "{{ keycloak_db_pwd }}"
......
---
- name: Updating APT cache
become: yes
apt:
update_cache: yes
- name : Installation of the latest Java OpenJDK
become: yes
package :
name :
- default-jdk
name : default-jdk
state : latest
- name : Installation of zip and tar
become: yes
package :
name :
- zip
......@@ -14,6 +21,7 @@
state : latest
- name : Installation of MariaDB
become: yes
package :
name :
- mariadb-server
......
---
- name: Installing the SystemD service script
become: yes
template:
src: "keycloak.service.j2"
dest: "/etc/systemd/system/keycloak.service"
owner: root
group: root
mode: 0644
become: yes
notify:
- reload systemd
- restart keycloak
- name: Enable and start the SystemD service script
become: yes
service:
name: keycloak
state: started
enabled: yes
---
- name : Checking for existing installation
- name : Checking for existing installation of the same version
stat:
path: "{{ keycloak_jboss_home }}"
register: existing_deploy
- block:
- name: Stopping the old keycloak service
- name: Stopping the existing keycloak service
systemd:
name: "{{ keycloak_service_name }}"
state: stopped
ignore_errors: true
- name: Removing the old Keycloak deployment
- name: Removing the existing Keycloak deployment
file:
path: "{{ keycloak_jboss_home }}"
state: absent
......@@ -23,7 +23,7 @@
path: "{{ keycloak_jboss_home }}"
register: existing_deploy
- name: create Keycloak install location
- name: Create Keycloak install location
file:
dest: "{{ keycloak_base_path }}"
state: directory
......@@ -32,7 +32,7 @@
become: yes
- block:
- name: download Keycloak archive to target
- name: Download Keycloak archive to target
get_url:
url: "{{ keycloak_url }}"
dest: "{{ keycloak_dest }}"
......@@ -52,12 +52,14 @@
when: keycloak_archive_on_target
- block:
- name: download Keycloak archive to local
- name: Download Keycloak archive to local
delegate_to: localhost
get_url:
url: "{{ keycloak_url }}"
dest: "{{ keycloak_local_download_dest }}/{{ keycloak_archive }}"
- name: extract Keycloak archive on local
become: yes
unarchive:
remote_src: no
src: "{{ keycloak_local_download_dest }}/{{ keycloak_archive }}"
......@@ -65,27 +67,39 @@
creates: "{{ keycloak_jboss_home }}"
owner: "{{ keycloak_service_user }}"
group: "{{ keycloak_service_group }}"
become: yes
notify:
- restart keycloak
when: not keycloak_archive_on_target
- name: Create MariaDB module directory
become: yes
file:
dest: "{{ keycloak_jboss_home }}/modules/org/mariadb/jdbc/main/"
state: directory
owner: "{{ keycloak_service_user }}"
group: "{{ keycloak_service_group }}"
become: yes
mode: "u=rwx,g=rwx,o=r"
- name: Create module.xml for mariadb jdbc driver
become: yes
copy:
src: "module-mariadb.xml"
dest: "{{ keycloak_jboss_home }}/modules/org/mariadb/jdbc/main/module.xml"
owner: "{{ keycloak_service_user }}"
group: "{{ keycloak_service_group }}"
mode: "u=rwx,g=rx,o=r"
- name: Secure MariaDB module directory permission
become: yes
file:
dest: "{{ keycloak_jboss_home }}/modules/org/mariadb/jdbc/main/"
state: directory
owner: "{{ keycloak_service_user }}"
group: "{{ keycloak_service_group }}"
mode: "u=rwx,g=rx,o=r"
- name: Add systemd unit file for keycloak service
become: yes
template:
src: "keycloak.service.j2"
dest: "/etc/systemd/system/{{ keycloak_service_name }}.service"
......
---
# tasks file for sso-lqdn
# We start by creating a keycloack user and home
- include: install-users.yml
- name: Creating a keycloack user and home
include_tasks: install-users.yml
# We're making sure Java and other deps are available on the system
- include: install-dependencies.yml
- name: Making sure Java and other deps are available on the system
include_tasks: install-dependencies.yml
# Get the database running
- include: install-database.yml
- name: Get the database running
include_tasks: install-database.yml
# Download and install the service from archive
- include: install-service.yml
- name: Download and install the service from archive
include_tasks: install-service.yml
# Configure the service via configuration files
- include: install-configuration.yml
# Update the service
- include: update-service.yml
- name: Import data from previous versions and update the installation.
include_tasks: update-service.yml
when: keycloak_previous_version is defined
- name: Warn the user if no update has been made
debug:
msg: "WARNING : No data will be imported from previous versions, no update done."
when: keycloak_previous_version is not defined
# Launch the service
- include: install-run-service.yml
......
# Update the keycloak installation
- name: Checking for pre-existing installation
stat:
path: "{{ keycloak_base_path }}/keycloak-{{ keycloak_previous_version }}"
register: is_there_an_existing_keycloak
# Stop the service
- name: Stopping the service for the update.
systemd:
name: "{{ keycloak_service_name }}"
state: stopped
ignore_errors: true
# Delete the data/tx-object-store/ transaction directory
- name: Deleting the data/tx-object-store/ transaction directory
file:
path: "{{ keycloak_base_path }}/keycloak-{{ keycloak_previous_version }}/standalone/data/tx-object-store/"
state: absent
# Backup the old installation
#- name: Making a copy of the current installation
# NB: Not needed as we are installing to a new directory anyways. We don't touch
# the old directory.
# Backup the database
- name: Backing up the of database
shell: mysqldump keycloak > /root/keycloak-backup-$(date --iso).sql
# Upgrade the server
#- name: Upgrading the server with the new files
# This is actually reinstalling the files.
# copy the KEYCLOAK_HOME/standalone/ directory from the previous installation over the directory in the new installation.
- name: Copying the standalone directory from the previous installation
copy:
src: "{{ keycloak_base_path }}/keycloak-{{ keycloak_previous_version }}/standalone"
dest: "{{ keycloak_base_path }}/keycloak-{{ keycloak_version }}/standalone"
remote_src: yes
# Run the upgrade script
# bin/jboss-cli.sh --file=bin/migrate-standalone-ha.cli
- name: Running the upgrade script
shell: "{{ keycloak_jboss_home}}/bin/jboss-cli.sh --file={{ keycloak_jboss_home}}/bin/migrate-standalone-ha.cli"
- name: Printing status of pre-existing installation
debug:
msg: "{{ is_there_an_existing_keycloak }}"
- name: Updating if needed
block:
# Stop the service
- name: Stopping the service for the update.
become: yes
systemd:
name: "{{ keycloak_service_name }}"
state: stopped
ignore_errors: true
# Delete the data/tx-object-store/ transaction directory
- name: Deleting the data/tx-object-store/ transaction directory
file:
path: "{{ keycloak_base_path }}/keycloak-{{ keycloak_previous_version }}/standalone/data/tx-object-store/"
state: absent
# Backup the old installation
#- name: Making a copy of the current installation
# NB: Not needed as we are installing to a new directory anyways. We don't touch
# the old directory.
# Backup the database
- name: Backing up the of database
become: yes
shell: mysqldump keycloak > /root/keycloak-backup-$(date --iso).sql
# Upgrade the server
#- name: Upgrading the server with the new files
# This is actually reinstalling the files.
# copy the KEYCLOAK_HOME/standalone/ directory from the previous installation over the directory in the new installation.
- name: Copying the standalone directory from the previous installation
become: yes
copy:
src: "{{ keycloak_base_path }}/keycloak-{{ keycloak_previous_version }}/standalone"
dest: "{{ keycloak_base_path }}/keycloak-{{ keycloak_version }}/standalone"
remote_src: yes
# Run the upgrade script
# bin/jboss-cli.sh --file=bin/migrate-standalone-ha.cli
- name: Running the upgrade script
shell: "{{ keycloak_jboss_home}}/bin/jboss-cli.sh --file={{ keycloak_jboss_home}}/bin/migrate-standalone-ha.cli"
when: is_there_an_existing_keycloak.stat.exists
- name: Update state
debug:
msg: "No update done."
when: not is_there_an_existing_keycloak.stat.exists
- name: Force systemd to reread configs
become: yes
ansible.builtin.systemd:
daemon_reload: yes
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment