diff --git a/defaults/main.yml b/defaults/main.yml index 59f37cf..f045d05 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -12,6 +12,7 @@ keycloak_conf_directory: '{{ keycloak_runtime_home }}/conf' keycloak_providers_directory: '{{ keycloak_runtime_home }}/providers' keycloak_data_directory: '{{ keycloak_runtime_home }}/data' keycloak_log_directory: '/var/log/keycloak' +keycloak_service_name: keycloak keycloak_optimize_build_at_startup: true keycloak_upgrade_db_at_startup: false keycloak_disabled_features: [] @@ -54,9 +55,6 @@ keycloak_database_name: keycloak keycloak_database_user: keycloak_u # keycloak_database_password: 'define it into a vault file' keycloak_database_host: 'localhost' -keycloak_database_max_pool_size: '50' -keycloak_database_jboss_connection_checker: true -keycloak_database_idle_timeouts_min: 1 keycloak_admin_user: kadmin # keycloak_admin_password: 'define it into a vault file' diff --git a/handlers/main.yml b/handlers/main.yml index 80714ed..871bd28 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,3 +1,5 @@ --- - name: Restart Keycloak - service: name=keycloak state=restarted + ansible.builtin.service: + name: '{{ keycloak_service_name }}' + state: restarted diff --git a/tasks/main.yml b/tasks/main.yml index 6c25e6e..3a20b36 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -9,7 +9,7 @@ - name: Install the keycloak systemd unit ansible.builtin.template: src: keycloak.service.j2 - dest: /etc/systemd/system/keycloak.service + dest: '/etc/systemd/system/{{ keycloak_service_name }}.service' owner: root group: root mode: 0644 @@ -21,9 +21,9 @@ daemon_reload: yes when: keycloak_unit is changed - - name: ensure that the keycloak service is running and enabled + - name: ensure that the {{ keycloak_service_name }} service is running and enabled ansible.builtin.service: - name: keycloak + name: '{{ keycloak_service_name }}' state: started enabled: true diff --git a/templates/keycloak-letsencrypt-hook.j2 b/templates/keycloak-letsencrypt-hook.j2 index f02b63a..ba5ceaf 100644 --- a/templates/keycloak-letsencrypt-hook.j2 +++ b/templates/keycloak-letsencrypt-hook.j2 @@ -30,9 +30,9 @@ chmod 440 ${KEYCLOAK_KEYFILE} ${KEYCLOAK_CERTFILE} chown root ${KEYCLOAK_KEYFILE} ${KEYCLOAK_CERTFILE} chgrp keycloak ${KEYCLOAK_KEYFILE} ${KEYCLOAK_CERTFILE} -logger "acme-keycloak-hook: Restart the keycloak service after a certificate renewal" -systemctl restart keycloak >> $LE_LOGFILE 2>&1 -echo "acme-keycloak-hook: Restart the keycloak service" >> $LE_LOGFILE +logger "acme-keycloak-hook: Restart the {{ keycloak_service_name }} service after a certificate renewal" +systemctl restart {{ keycloak_service_name }} >> $LE_LOGFILE 2>&1 +echo "acme-keycloak-hook: Restart the {{ keycloak_service_name }} service" >> $LE_LOGFILE logger "acme-keycloak-hook: Done" echo "acme-keycloak-hook: Done." >> $LE_LOGFILE diff --git a/templates/keycloak.service.j2 b/templates/keycloak.service.j2 index e591267..5107180 100644 --- a/templates/keycloak.service.j2 +++ b/templates/keycloak.service.j2 @@ -1,5 +1,5 @@ [Unit] -Description=Keycloak Application Server +Description=Keycloak Application Server, running with Quarkus After=syslog.target network.target {% if keycloak_before_nginx %} Before=nginx.service diff --git a/vars/main.yml b/vars/main.yml index 3be2693..9594e90 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -4,14 +4,9 @@ openjdk_pkgs: - jre - jdk -nginx_webroot: '/opt/keycloak/keycloak-{{ keycloak_version }}/welcome-content' keycloak_user: 'keycloak' keycloak_version: '{{ keycloak_major_version }}.{{ keycloak_minor_version }}.{{ keycloak_point_version }}' keycloak_distribution: 'keycloak-{{ keycloak_version }}' keycloak_distribution_archive: '{{ keycloak_distribution }}.tar.gz' keycloak_download_url: 'https://github.com/keycloak/keycloak/releases/download/{{ keycloak_version }}/{{ keycloak_distribution_archive }}' keycloak_runtime_home: '{{ keycloak_install_dir }}/{{ keycloak_distribution }}' -jboss_home: '{{ keycloak_runtime_home }}' -keycloak_owned_directories: - - '{{ keycloak_data_directory }}' - - '{{ keycloak_external_avatar_dir }}'