---
- name: Install the keycloak distribution
  tags: keycloak
  block:
  - name: Create the keycloak user
    ansible.builtin.user:
      name: '{{ keycloak_user }}'
      home: '{{ keycloak_install_dir }}'
      createhome: false
      shell: /usr/sbin/nologin
      system: true

  - name: Create the keycloak installation directory, if it does not already exist.
    ansible.builtin.file:
      dest: '{{ keycloak_install_dir }}'
      owner: root
      group: root
      state: directory
      recurse: true

  - name: Create the keycloak log directory
    file: dest={{ keycloak_log_directory }} state=directory owner={{ keycloak_user }} group={{ keycloak_user }} mode='0755'

  - name: Download the keycloak distribution
    unarchive: remote_src=yes src={{ keycloak_download_url }} dest={{ keycloak_install_dir }} owner=root group=root
    args:
      creates: '{{ keycloak_install_dir }}/{{ keycloak_distribution }}'

  - name: Set the permissions of the {{ keycloak_data_directory }} directory 
    ansible.builtin.file:
      dest: '{{ keycloak_data_directory }}'
      state: directory
      owner: '{{ keycloak_user }}'
      group: '{{ keycloak_user }}'
      mode: 0750
      recurse: true
    tags: [ keycloak, keycloak_data_dir ]


  - name: Set the permissions of the {{ keycloak_runtime_home }}/lib/quarkus directory 
    ansible.builtin.file:
      dest: '{{ keycloak_runtime_home }}/lib/quarkus'
      state: directory
      owner: '{{ keycloak_user }}'
      group: '{{ keycloak_user }}'
      mode: 0750
      recurse: true
    tags: [ keycloak, keycloak_data_dir ]

  - name: Avatar directory
    ansible.builtin.file:
      dest: '{{ keycloak_external_avatar_dir }}'
      state: directory
      owner: '{{ keycloak_user }}'
      group: '{{ keycloak_user }}'
      mode: 0750
    when: not keycloak_external_avatar_dir_enabled