diff --git a/README.md b/README.md
index 4629763dae4d19d04c3039e15705f63be4cd58ec..1d5e18a7b0e7c996d6a7c7dd57eb45d7841e2d97 100644
--- a/README.md
+++ b/README.md
@@ -7,6 +7,8 @@ Ce rôle se charge d'installer keycloack. À terme, il se chargera aussi de fair
Il ne se charge pas d'ajouter des utilisateurices, ni de configurer les intégrations avec les services tiers.
+Ce rôle va utiliser la configuration "high availability" pour Keycloack par défault.
+
Requirements
------------
diff --git a/tasks/install-configuration.yml b/tasks/install-configuration.yml
index ed97d539c095cf1413af30cc23dea272095b97dd..101d7799efe0ee645f9fb46fea20b893cc88de16 100644
--- a/tasks/install-configuration.yml
+++ b/tasks/install-configuration.yml
@@ -1 +1,3 @@
---
+
+- name : Configuring Keycloak
diff --git a/tasks/install-reverse-proxy.yml b/tasks/install-reverse-proxy.yml
index ed97d539c095cf1413af30cc23dea272095b97dd..09531451b0961c7331bb8cabe08b5b9b4b68c440 100644
--- a/tasks/install-reverse-proxy.yml
+++ b/tasks/install-reverse-proxy.yml
@@ -1 +1,7 @@
---
+
+- name : Installing Nginx
+
+- name : Configuring Nginx to reverse proxy Keycloak
+
+- name : Configuring Nginx to process the SSL certificates
diff --git a/tasks/install-run-service.yml b/tasks/install-run-service.yml
index ed97d539c095cf1413af30cc23dea272095b97dd..7fabfdb28cbec0fafc9601e550d447e6b5af4932 100644
--- a/tasks/install-run-service.yml
+++ b/tasks/install-run-service.yml
@@ -1 +1,5 @@
---
+
+- name : Installing the SystemD service script
+
+- name : Launching the service
diff --git a/tasks/install-service.yml b/tasks/install-service.yml
index ed97d539c095cf1413af30cc23dea272095b97dd..77cf8924a98205261a0979fb86157bee8450ab3c 100644
--- a/tasks/install-service.yml
+++ b/tasks/install-service.yml
@@ -1 +1,33 @@
---
+
+- name : Checking for existing installation
+ stat:
+ path: "{{ keycloak_jboss_home }}"
+ register: existing_deploy
+
+- block:
+ - name: Stopping the old keycloak service
+ systemd:
+ name: "{{ keycloak_service_name }}"
+ state: stopped
+ ignore_errors: true
+
+ - name: Removing the old Keycloak deployment
+ file:
+ path: "{{ keycloak_jboss_home }}"
+ state: absent
+ when: existing_deploy.stat.exists and keycloak_force_install | bool
+
+
+- name: Checking for an existing deployment after possible forced removal
+ stat:
+ path: "{{ keycloak_jboss_home }}"
+ register: existing_deploy
+
+- name: Downloading Keycloak
+
+- name: Extracting Keycloak
+
+- name: Downloading postgresql jdbc driver
+
+- name: Create module.xml for postgresql jdbc driver
diff --git a/tasks/install-ssl.yml b/tasks/install-ssl.yml
index ed97d539c095cf1413af30cc23dea272095b97dd..32251461b4f91b8eb4f00bde7d1dbadf597d956e 100644
--- a/tasks/install-ssl.yml
+++ b/tasks/install-ssl.yml
@@ -1 +1,9 @@
---
+
+- name : Installing Let's Encrypt
+
+- name : Configuring the certificates for Keycloak
+
+- name : Verifing the SSL certificates
+
+- name : Setting up automatic renewal of the certificates
diff --git a/tasks/install-update.yml b/tasks/install-update.yml
index ed97d539c095cf1413af30cc23dea272095b97dd..d126430f43101fbaff0978df72d2b2ab41675735 100644
--- a/tasks/install-update.yml
+++ b/tasks/install-update.yml
@@ -1 +1,5 @@
---
+
+- name : Verifying that we are running the last version of Keycloak
+
+- name : Updating the variables to install the last version of keycloak
diff --git a/tasks/main.yml b/tasks/main.yml
index a125d67d65365085408292643bd1f299b1b3a462..93e2875a8e11c79b3d05a8431a08da9c4e926833 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -10,23 +10,25 @@
# Get the database running
- include: install-database.yml
+# TODO: The part will only be executed in the case of an update
+#- include: install-update.yml
+
+# TODO: This part will only be executed if we're restoring from a backup
+#- include: reinstall-from-backup.yml
+
# Download and install the service from archive
- include: install-service.yml
-# Configuration of the SSL certificates
-- include: install-ssl.yml
-
# Configure the service via configuration files
- include: install-configuration.yml
# Install NGINX as a reverse proxy
- include: install-reverse-proxy.yml
+# Configuration of the SSL certificates
+- include: install-ssl.yml
+
# Launch the service
- include: install-run-service.yml
-# The part will only be executed in the case of an update
-- include: install-update.yml
-
-# This part will only be executed if we're restoring from a backup
-- include: reinstall-from-backup.yml
+# --- As of here, the service should be running and accessible
diff --git a/vars/main.yml b/vars/main.yml
index a5906831eb93141eb612905614b79eaa8183e0d6..387959f0fc15d9f2629ccf6fc735d8dfd8a717ad 100644
--- a/vars/main.yml
+++ b/vars/main.yml
@@ -1,2 +1,38 @@
---
# vars file for sso-lqdn
+
+## General (required)
+keycloak_version: "12.0.1"
+keycloak_url: "https://github.com/keycloak/keycloak/releases/download/{{ keycloak_version }}/keycloak-{{ keycloak_version }}.zip"
+keycloak_force_install: false
+keycloak_create_admin: false
+keycloak_admin_user: "admin"
+
+## General (optional)
+keycloak_service_user: "keycloak"
+keycloak_service_group: "{{ keycloak_service_user }}"
+keycloak_service_name: "keycloak"
+keycloak_base_path: "/var/www/keycloak"
+keycloak_jboss_home: "{{ keycloak_base_path }}/keycloak-{{ keycloak_version }}"
+keycloak_config_dir: "{{ keycloak_jboss_home }}/standalone/configuration"
+keycloak_startup_timeout: "300"
+keycloak_java_opts: "-Xms256m -Xmx1024m"
+
+## Database
+keycloak_postgresql_jdbc_version: "42.2.18"
+keycloak_postgresql_jdbc_url: "https://jdbc.postgresql.org/download/postgresql-{{ keycloak_postgresql_jdbc_version }}.jar"
+keycloak_postgresql_host: "localhost"
+keycloak_postgresql_port: "5432"
+keycloak_postgresql_database: "keycloak"
+
+## Networking
+keycloak_behind_reverseproxy: true
+keycloak_bind_address: "127.0.0.1"
+keycloak_http_port: "8080"
+keycloak_https_port: "8443"
+keycloak_management_http_port: "9990"
+keycloak_management_https_port: "9993"
+
+## Customization
+keycloak_profile_preview: false
+keycloak_welcome_theme: "keycloak"