Skip to content

Commit

Permalink
Merge pull request #178 from Aeyk/ubuntu
Browse files Browse the repository at this point in the history 
Ubuntu compatibility
  • Loading branch information
@guidograzioli
guidograzioli authored Mar 18, 2024
2 parents 1cecf51 + fdce0bd commit 7a0a99a
Show file tree
Hide file tree
Showing 22 changed files with 234 additions and 25 deletions.
11 changes: 6 additions & 5 deletions bindep.txt
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,9 @@
python3-dev [compile platform:dpkg]
python3-devel [compile platform:rpm]
python39-devel [compile platform:centos-8 platform:rhel-8]
git-lfs [platform:rpm]
python3-netaddr [platform:rpm]
python3-lxml [platform:rpm]
python3-jmespath [platform:rpm]
python3-requests [platform:rpm]
git-lfs [platform:rpm platform:dpkg]
python3-netaddr [platform:rpm platform:dpkg]
python3-lxml [platform:rpm platform:dpkg]
python3-jmespath [platform:rpm platform:dpkg]
python3-requests [platform:rpm platform:dpkg]

9 changes: 8 additions & 1 deletion molecule/default/prepare.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,5 +18,12 @@
name:
- java-1.8.0-openjdk
state: present
when: ansible_facts['os_family'] == "RedHat"


- name: Install JDK8
become: yes
ansible.builtin.apt:
name:
- openjdk-8-jdk
state: present
when: ansible_facts['os_family'] == "Debian"
28 changes: 28 additions & 0 deletions molecule/quarkus-devmode/prepare.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,15 @@
- name: Prepare
hosts: all
tasks:
- name: Install sudo
ansible.builtin.apt:
name:
- sudo
- openjdk-17-jdk-headless
state: present
when:
- ansible_facts.os_family == 'Debian'

- name: "Ensure common prepare phase are set."
ansible.builtin.include_tasks: ../prepare.yml

Expand All @@ -11,11 +20,30 @@
name:
- java-17-openjdk-headless
state: present
when:
- ansible_facts.os_family == 'RedHat'

- name: Link default logs directory
become: yes
ansible.builtin.file:
state: link
src: "{{ item }}"
dest: /opt/openjdk
force: true
with_fileglob:
- /usr/lib/jvm/java-17-openjdk*
when:
- ansible_facts.os_family == "Debian"

- name: Link default logs directory
ansible.builtin.file:
state: link
src: /usr/lib/jvm/jre-17-openjdk
dest: /opt/openjdk
force: true
when:
- ansible_facts.os_family == "RedHat"

- name: "Display hera_home if defined."
ansible.builtin.set_fact:
hera_home: "{{ lookup('env', 'HERA_HOME') }}"
9 changes: 9 additions & 0 deletions molecule/quarkus/prepare.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,15 @@
- name: Prepare
hosts: all
tasks:
- name: Install sudo
ansible.builtin.package:
name: sudo
state: present

- name: "Display hera_home if defined."
ansible.builtin.set_fact:
hera_home: "{{ lookup('env', 'HERA_HOME') }}"

- name: "Ensure common prepare phase are set."
ansible.builtin.include_tasks: ../prepare.yml

Expand Down
1 change: 1 addition & 0 deletions roles/keycloak/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ Requirements
This role requires the `python3-netaddr` library installed on the controller node.

* to install via yum/dnf: `dnf install python3-netaddr`
* to install via apt: `apt install python3-netaddr`
* or via pip: `pip install netaddr==0.8.0`
* or via the collection: `pip install -r requirements.txt`

Expand Down
4 changes: 3 additions & 1 deletion roles/keycloak/defaults/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,8 @@ keycloak_installdir: "{{ keycloak_dest }}/keycloak-{{ keycloak_version }}"
keycloak_offline_install: false

### Install location and service settings
keycloak_jvm_package: java-1.8.0-openjdk-headless
keycloak_jvm_package: "{{ 'java-1.8.0-openjdk-headless' if ansible_facts.os_family == 'RedHat' else 'openjdk-8-jdk-headless' }}"

keycloak_java_home:
keycloak_dest: /opt/keycloak
keycloak_jboss_home: "{{ keycloak_installdir }}"
Expand All @@ -33,6 +34,7 @@ keycloak_service_startlimitburst: "5"
keycloak_service_restartsec: "10s"

keycloak_configure_firewalld: false
keycloak_configure_iptables: false

### administrator console password
keycloak_admin_password: ''
Expand Down
5 changes: 5 additions & 0 deletions roles/keycloak/meta/argument_specs.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,11 @@ argument_specs:
default: "keycloak-legacy-{{ keycloak_version }}.zip"
description: "keycloak install archive filename"
type: "str"
keycloak_configure_iptables:
# line 33 of keycloak/defaults/main.yml
default: false
description: "Ensure iptables is running and configure keycloak ports"
type: "bool"
keycloak_configure_firewalld:
# line 33 of keycloak/defaults/main.yml
default: false
Expand Down
6 changes: 6 additions & 0 deletions roles/keycloak/tasks/debian.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
---
- name: Include firewall config tasks
ansible.builtin.include_tasks: iptables.yml
when: keycloak_configure_iptables
tags:
- firewall
15 changes: 14 additions & 1 deletion roles/keycloak/tasks/fastpackages.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,14 +4,27 @@
register: rpm_info
changed_when: false
failed_when: false
when: ansible_facts.os_family == "RedHat"

- name: "Add missing packages to the yum install list"
ansible.builtin.set_fact:
packages_to_install: "{{ packages_to_install | default([]) + rpm_info.stdout_lines | map('regex_findall', 'package (.+) is not installed$') | default([]) | flatten }}"
when: ansible_facts.os_family == "RedHat"

- name: "Install packages: {{ packages_to_install }}"
become: true
ansible.builtin.yum:
name: "{{ packages_to_install }}"
state: present
when: packages_to_install | default([]) | length > 0
when:
- packages_to_install | default([]) | length > 0
- ansible_facts.os_family == "RedHat"

- name: "Install packages: {{ packages_list }}"
become: true
ansible.builtin.package:
name: "{{ packages_list }}"
state: present
when:
- packages_list | default([]) | length > 0
- ansible_facts.os_family == "Debian"
23 changes: 23 additions & 0 deletions roles/keycloak/tasks/iptables.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
---
- name: Ensure required package iptables are installed
ansible.builtin.include_tasks: fastpackages.yml
vars:
packages_list:
- iptables

- name: "Configure firewall ports for {{ keycloak.service_name }}"
become: true
ansible.builtin.iptables:
destination_port: "{{ item }}"
action: "insert"
rule_num: 6 # magic number I forget why
chain: "INPUT"
policy: "ACCEPT"
protocol: tcp
loop:
- "{{ keycloak_http_port }}"
- "{{ keycloak_https_port }}"
- "{{ keycloak_management_http_port }}"
- "{{ keycloak_management_https_port }}"
- "{{ keycloak_jgroups_port }}"
- "{{ keycloak_ajp_port }}"
15 changes: 11 additions & 4 deletions roles/keycloak/tasks/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,11 +5,17 @@
tags:
- prereqs

- name: Include firewall config tasks
ansible.builtin.include_tasks: firewalld.yml
when: keycloak_configure_firewalld
- name: Debian specific tasks
ansible.builtin.include_tasks: debian.yml
when: ansible_facts.os_family == "Debian"
tags:
- firewall
- unbound

- name: RedHat specific tasks
ansible.builtin.include_tasks: redhat.yml
when: ansible_facts.os_family == "RedHat"
tags:
- unbound

- name: Include install tasks
ansible.builtin.include_tasks: install.yml
Expand All @@ -26,6 +32,7 @@
when:
- sso_apply_patches is defined and sso_apply_patches
- sso_enable is defined and sso_enable
- ansible_facts.os_family == "RedHat"
tags:
- install
- patch
Expand Down
6 changes: 3 additions & 3 deletions roles/keycloak/tasks/prereqs.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,6 @@
packages_list:
- "{{ keycloak_jvm_package }}"
- unzip
- procps-ng
- initscripts
- tzdata-java
- "{{ 'procps-ng' if ansible_facts.os_family == 'RedHat' else 'procps' }}"
- "{{ 'initscripts' if ansible_facts.os_family == 'RedHat' else 'apt' }}"
- "{{ 'tzdata-java' if ansible_facts.os_family == 'RedHat' else 'tzdata' }}"
6 changes: 6 additions & 0 deletions roles/keycloak/tasks/redhat.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
---
- name: Include firewall config tasks
ansible.builtin.include_tasks: firewalld.yml
when: keycloak_configure_firewalld
tags:
- firewall
25 changes: 25 additions & 0 deletions roles/keycloak/tasks/systemd.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,9 +10,32 @@
notify:
- restart keycloak

- name: Determine JAVA_HOME for selected JVM RPM
ansible.builtin.set_fact:
rpm_java_home: "/lib/jvm/java-{{ keycloak_jvm_package | regex_search('(?<=java-)[0-9.]+') }}-openjdk-{{ 'arm64' if ansible_architecture == 'aarch64' else 'amd64' }}"
when:
- ansible_facts.os_family == 'Debian'

- name: Determine JAVA_HOME for selected JVM RPM
ansible.builtin.set_fact:
rpm_java_home: "/etc/alternatives/jre_{{ keycloak_jvm_package | regex_search('(?<=java-)[0-9.]+') }}"
when:
- ansible_facts.os_family == 'RedHat'

- name: "Configure sysconfig file for {{ keycloak.service_name }} service"
become: true
ansible.builtin.template:
src: keycloak-sysconfig.j2
dest: /etc/default/keycloak
owner: root
group: root
mode: 0644
vars:
keycloak_rpm_java_home: "{{ rpm_java_home }}"
when:
- ansible_facts.os_family == "Debian"
notify:
- restart keycloak

- name: "Configure sysconfig file for {{ keycloak.service_name }} service"
become: true
Expand All @@ -24,6 +47,8 @@
mode: 0644
vars:
keycloak_rpm_java_home: "{{ rpm_java_home }}"
when:
- ansible_facts.os_family == "RedHat"
notify:
- restart keycloak

Expand Down
2 changes: 1 addition & 1 deletion roles/keycloak_quarkus/defaults/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ keycloak_quarkus_installdir: "{{ keycloak_quarkus_dest }}/keycloak-{{ keycloak_q
keycloak_quarkus_offline_install: false

### Install location and service settings
keycloak_quarkus_jvm_package: java-17-openjdk-headless
keycloak_quarkus_jvm_package: "{{ 'java-17-openjdk-headless' if ansible_facts.os_family == 'RedHat' else 'openjdk-17-jdk-headless' }}"
keycloak_quarkus_java_home:
keycloak_quarkus_dest: /opt/keycloak
keycloak_quarkus_home: "{{ keycloak_quarkus_installdir }}"
Expand Down
6 changes: 6 additions & 0 deletions roles/keycloak_quarkus/tasks/debian.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
---
- name: Include firewall config tasks
ansible.builtin.include_tasks: iptables.yml
when: keycloak_configure_iptables
tags:
- firewall
15 changes: 14 additions & 1 deletion roles/keycloak_quarkus/tasks/fastpackages.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,14 +4,27 @@
register: rpm_info
changed_when: false
failed_when: false
when: ansible_facts.os_family == "RedHat"

- name: "Add missing packages to the yum install list"
ansible.builtin.set_fact:
packages_to_install: "{{ packages_to_install | default([]) + rpm_info.stdout_lines | map('regex_findall', 'package (.+) is not installed$') | default([]) | flatten }}"
when: ansible_facts.os_family == "RedHat"

- name: "Install packages: {{ packages_to_install }}"
become: true
ansible.builtin.yum:
name: "{{ packages_to_install }}"
state: present
when: packages_to_install | default([]) | length > 0
when:
- packages_to_install | default([]) | length > 0
- ansible_facts.os_family == "RedHat"

- name: "Install packages: {{ packages_list }}"
become: true
ansible.builtin.package:
name: "{{ packages_list }}"
state: present
when:
- packages_list | default([]) | length > 0
- ansible_facts.os_family == "Debian"
20 changes: 20 additions & 0 deletions roles/keycloak_quarkus/tasks/iptables.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
---
- name: Ensure required package iptables are installed
ansible.builtin.include_tasks: fastpackages.yml
vars:
packages_list:
- iptables

- name: "Configure firewall ports for {{ keycloak.service_name }}"
become: true
ansible.builtin.iptables:
destination_port: "{{ item }}"
action: "insert"
rule_num: 6 # magic number I forget why
chain: "INPUT"
policy: "ACCEPT"
protocol: tcp
loop:
- "{{ keycloak_quarkus_http_port }}"
- "{{ keycloak_quarkus_https_port }}"
- "{{ keycloak_quarkus_jgroups_port }}"
14 changes: 10 additions & 4 deletions roles/keycloak_quarkus/tasks/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,11 +5,17 @@
tags:
- prereqs

- name: Include firewall config tasks
ansible.builtin.include_tasks: firewalld.yml
when: keycloak_quarkus_configure_firewalld
- name: Debian specific tasks
ansible.builtin.include_tasks: debian.yml
when: ansible_facts.os_family == "Debian"
tags:
- firewall
- unbound

- name: RedHat specific tasks
ansible.builtin.include_tasks: redhat.yml
when: ansible_facts.os_family == "RedHat"
tags:
- unbound

- name: Include install tasks
ansible.builtin.include_tasks: install.yml
Expand Down
6 changes: 3 additions & 3 deletions roles/keycloak_quarkus/tasks/prereqs.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,6 @@
packages_list:
- "{{ keycloak_quarkus_jvm_package }}"
- unzip
- procps-ng
- initscripts
- tzdata-java
- "{{ 'procps-ng' if ansible_facts.os_family == 'RedHat' else 'procps' }}"
- "{{ 'initscripts' if ansible_facts.os_family == 'RedHat' else 'apt' }}"
- "{{ 'tzdata-java' if ansible_facts.os_family == 'RedHat' else 'tzdata' }}"
6 changes: 6 additions & 0 deletions roles/keycloak_quarkus/tasks/redhat.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
---
- name: Include firewall config tasks
ansible.builtin.include_tasks: firewalld.yml
when: keycloak_quarkus_configure_firewalld
tags:
- firewall
Loading

0 comments on commit 7a0a99a

Please sign in to comment.