diff --git a/keycloak/scripts/ansible/inventories/local/hosts b/keycloak/scripts/ansible/inventories/local/hosts index 3634f2c7..74af6e13 100644 --- a/keycloak/scripts/ansible/inventories/local/hosts +++ b/keycloak/scripts/ansible/inventories/local/hosts @@ -6,6 +6,7 @@ dev-postgresql-1 [dev-postgresql-slave:children] + [postgresql-master:children] dev-postgresql-master @@ -18,9 +19,148 @@ postgresql-master [postgresql-restore:children] postgresql-master +[dev-keycloak-1] +10.113.0.4 ansible_ssh_user=deployer ansible_ssh_private_key_file=/run/secrets/deployer-ssh-key ansible_sudo_pass="{{ deployer_sudo_pass }}" + +[dev-keycloak-2] +10.113.0.5 ansible_ssh_user=deployer ansible_ssh_private_key_file=/run/secrets/deployer-ssh-key ansible_sudo_pass="{{ deployer_sudo_pass }}" + + +[dev-log-es-1] +10.10.3.10 ansible_ssh_user=deployer node_name=dev-log-es-1 es_etc_node_master=true es_etc_node_data=true ansible_ssh_private_key_file=/run/secrets/deployer-ssh-key ansible_sudo_pass="{{ deployer_sudo_pass }}" + +[dev-es-1] +10.10.3.7 ansible_ssh_user=deployer es_instance_name=dev-es-1 es_etc_node_master=true es_etc_node_data=true ansible_ssh_private_key_file=/run/secrets/deployer-ssh-key ansible_sudo_pass="{{ deployer_sudo_pass }}" + +[dev-es-2] +10.10.3.8 ansible_ssh_user=deployer es_instance_name=dev-es-2 es_etc_node_master=true es_etc_node_data=true ansible_ssh_private_key_file=/run/secrets/deployer-ssh-key ansible_sudo_pass="{{ deployer_sudo_pass }}" + +[dev-es-3] +10.10.3.6 ansible_ssh_user=deployer es_instance_name=dev-es-3 es_etc_node_master=true es_etc_node_data=true ansible_ssh_private_key_file=/run/secrets/deployer-ssh-key ansible_sudo_pass="{{ deployer_sudo_pass }}" + +[dev-cassandra-1] +10.10.4.4 ansible_ssh_user=deployer ansible_ssh_private_key_file=/run/secrets/deployer-ssh-key ansible_sudo_pass="{{ deployer_sudo_pass }}" + +[dev-swarm-bootstrap-manager] +172.16.0.5 ansible_ssh_user=deployer ansible_ssh_private_key_file=/run/secrets/deployer-ssh-key ansible_sudo_pass="{{ deployer_sudo_pass }}" + +[dev-swarm-manager] +172.16.0.5 ansible_ssh_user=deployer ansible_ssh_private_key_file=/run/secrets/deployer-ssh-key ansible_sudo_pass="{{ deployer_sudo_pass }}" + +[dev-keycloak1] +10.113.0.4 ansible_ssh_user=deployer ansible_ssh_private_key_file=/run/secrets/deployer-ssh-key ansible_sudo_pass="{{ deployer_sudo_pass }}" + +[dev-keycloak2] +10.113.0.5 ansible_ssh_user=deployer ansible_ssh_private_key_file=/run/secrets/deployer-ssh-key ansible_sudo_pass="{{ deployer_sudo_pass }}" + +[keycloak:children] +dev-keycloak1 +dev-keycloak2 + +[swarm-agent-docker-prune] +localhost ansible_connection=local + +[dev-kong-api] +localhost ansible_connection=local + +[kong-api:children] +dev-kong-api + +[dev-grafana-dashboards-export] +localhost ansible_connection=local + +[grafana-dashboards-export:children] +dev-grafana-dashboards-export + +[dev-grafana-dashboards-import] +localhost ansible_connection=local + +[grafana-dashboards-import:children] +dev-grafana-dashboards-import + +[swarm-bootstrap-manager:children] +dev-swarm-bootstrap-manager + +[swarm-manager:children] +dev-swarm-manager + + +[dev-es:children] +dev-es-1 +dev-es-2 +dev-es-3 + +[dev-log-es:children] +dev-log-es-1 + +[es:children] +dev-es + +[es-backup:children] +dev-es-1 + +[log-es-backup:children] +dev-log-es-1 + +[log-es:children] +dev-log-es + +[cassandra:children] +dev-cassandra-1 + +[dev-keycloak:children] +dev-keycloak-1 +dev-keycloak-2 + +[swarm-agent-for-prometheus] +10.0.0.9 ansible_ssh_user=ops ansible_ssh_private_key_file=/run/secrets/ops-private-key + +[swarm-agent-for-grafana] +10.0.0.12 ansible_ssh_user=ops ansible_ssh_private_key_file=/run/secrets/ops-private-key + +[swarm-agent-for-alertmanager] +10.0.0.9 ansible_ssh_user=ops ansible_ssh_private_key_file=/run/secrets/ops-private-key + [local] localhost ansible_connection=local [localhost] localhost ansible_connection=local +[non-swarm-nodes:children] +postgresql-master +postgresql-slave +postgresql-backup +postgresql-restore +es +cassandra +log-es +keycloak +local +localhost + +[local-task-runners:children] +kong-api +grafana-dashboards-export +grafana-dashboards-import + +[swarm-nodes:children] +swarm-manager +swarm-bootstrap-manager +swarm-agent-for-prometheus +swarm-agent-for-grafana +swarm-agent-for-alertmanager + +[node-exporter:children] +non-swarm-nodes +swarm-manager + +[log-forwarder:children] +non-swarm-nodes +swarm-manager + +[dev:children] +non-swarm-nodes +swarm-nodes +local-task-runners + diff --git a/keycloak/scripts/ansible/roles/keycloak/tasks/deploy.yml b/keycloak/scripts/ansible/roles/keycloak/tasks/deploy.yml new file mode 100644 index 00000000..e0a187ec --- /dev/null +++ b/keycloak/scripts/ansible/roles/keycloak/tasks/deploy.yml @@ -0,0 +1,50 @@ +- name: status service + become: yes + command: /etc/init.d/keycloak status + register: keycloak + poll: 5 + async: 10 + +- name: stop service + become: yes + command: /etc/init.d/keycloak stop && Pkill keycloak + when: "keycloak.stdout.find('running') != -1" + poll: 5 + async: 10 + ignore_errors: yes + +- name: remove keycloak + become: yes + file: path="{{keycloak_home}}" state=absent + +- name: change build script permissions + become: yes + file: path=/opt owner={{wildfly_user}} group={{wildfly_group}} mode=0755 recurse=yes + +- name: Paste keycloak package on server + copy: src="sunbird_auth_{{sunbird_auth_version}}.zip" dest="/opt/" force=no owner={{wildfly_user}} group={{wildfly_group}} + +- name: extarct the folder + unarchive: src="/opt/sunbird_auth_{{sunbird_auth_version}}.zip" dest=/opt/ copy=no owner={{wildfly_user}} group={{wildfly_group}} + +- name: move the folder name + command: mv sunbird_auth_{{sunbird_auth_version}} keycloak + args: + chdir: /opt + +- name: remove the sunbird_auth_{{sunbird_auth_version}} + become: yes + file: path=/opt/sunbird_auth_{{sunbird_auth_version}} state=absent + +- name: Create management user + command: "{{ wildfly_dir }}/bin/add-user-keycloak.sh -r master -u {{ keycloak_management_user }} -p {{ keycloak_management_password }}" + become_user: "{{ wildfly_user }}" + when: keycloak_management_user is defined and + keycloak_management_password is defined + ignore_errors: yes + +- name: start service + become: yes + command: /etc/init.d/keycloak start + poll: 5 + async: 5 diff --git a/keycloak/scripts/ansible/roles/keycloak/tasks/main.yml b/keycloak/scripts/ansible/roles/keycloak/tasks/main.yml index 5a0d0c00..51e08a8e 100644 --- a/keycloak/scripts/ansible/roles/keycloak/tasks/main.yml +++ b/keycloak/scripts/ansible/roles/keycloak/tasks/main.yml @@ -2,3 +2,6 @@ tags: - build +- include: deploy.yml + tags: + - deploy