wip: keycloak

Author: jacobdotcosta

README.adoc

@@ -50,6 +50,16 @@ Install the Ansible requirements.
 ansible-galaxy collection install -r requirements.yml
 ----
 
+== Infrastructure
+
+* link:./kubernetes[Kubernetes]
+* link:./ocp[OpenShift Container Platform]
+* link:./proxmox[Proxmox]
+
+== Applications
+
+* link:./keycloak[Keycloak]
+
 == Other considerations
 
 Check the link:./_local_config/README.adoc[`_local_config`] information.

keycloak/index.adoc keycloak/README.adockeycloak/index.adoc renamed to keycloak/README.adoc

@@ -10,3 +10,4 @@
 
 == Kubernetes
 
+link:k8s[Keycloak on Kubernetes]

keycloak/k8s/ansible/defaults/main.yaml

@@ -4,6 +4,7 @@ app_version: "26.1.3"
 
 db_name: keycloak
 db_user: keycloak
+db_type: postgresql
 # storage_class: local-storage
 
 volumes:
@@ -13,4 +14,4 @@ volumes:
     owner_group: 26
     component: database
 
-db_image_tag: 14
+db_image_tag: 17

keycloak/k8s/helm/ansible/keycloak-install-playbook.yaml

@@ -25,22 +25,29 @@
       state: present
 
 - name: "Deploy PostgreSQL"
-  ansible.builtin.import_playbook: pgsql/k8s/helm/ansible/pgsql-install-playbook.yaml
+  ansible.builtin.import_playbook: ../../../../pgsql/k8s/helm/ansible/pgsql-install-playbook.yaml
 
 - name: "Install KEYCLOAK"
   hosts: "localhost"
   gather_facts: "{{ gathering_host_info | default('true') | bool == true }}"
 
   tasks:
+
+    - name: "Template Keycloak Helm values file"
+      ansible.builtin.template:
+        src: "helm-keycloak-values.yaml.j2"
+        dest: "/tmp/helm-keycloak-values.yaml"
+        mode: '0644'
+
     - name: "Deploy Keycloak with Helm"
       kubernetes.core.helm:
         name: "{{ app_name }}"
         chart_ref: "{{ trikora_helm_project_dir }}/charts/keycloak"
         release_namespace: "{{ app_namespace }}"
         wait: true
-        # replace: true
+        replace: true
         values_files:
-          - /tmp/helm-keycloak-keycloak-values.yaml
+          - "/tmp/helm-keycloak-values.yaml"
       register: keycloak_helm_res 
 
     - name: "Print Helm chart result"

keycloak/k8s/helm/ansible/keycloak-uninstall-playbook.yaml

@@ -14,50 +14,26 @@
 
   tasks:
 
-    - name: "Uninstall GLPI with Helm"
+    - name: "Uninstall Keycloak chart"
       kubernetes.core.helm:
-        name: glpi
+        name: "{{ app_name }}"
         release_namespace: "{{ app_namespace }}"
         state: absent
         wait: true
       register: glpi_helm_res 
 
-    # - name: "Uninstall GLPI with Helm"
-    #   ansible.builtin.shell: |
-    #     helm uninstall --namespace glpi glpi
-    #   args:
-    #     chdir: "{{ trikora_helm_project_dir }}"
-    #   register: glpi_helm_res
-
-    - name: "Print GLPI uninstall result"
-      ansible.builtin.debug:
-        msg:
-          - "glpi_helm_res: {{ glpi_helm_res }}"
-
-    - name: "Free the GLPI PV so they become available"
-      ansible.builtin.shell: |
-        kubectl patch pv {{ app_namespace }}-{{ item }}-pv -p '{"spec":{"claimRef": null}}'
-      # kubernetes.core.k8s:
-      #   kind: PV
-      #   name: "{{ app_namespace }}-{{ item }}-pv"
-      #   definition:
-      #     spec:
-      #       claimRef: null
-      loop:
-        - glpi-config
-        - glpi-files
-        - glpi-log
-        - glpi-marketplace
-        - glpi-plugins
-
-    - name: "Patch the GLPI PV so they will be bound to the correct PVC"
-      ansible.builtin.shell: |
-        kubectl patch pv {{ app_namespace }}-{{ item }}-pv -p '{"spec":{"claimRef": {"name": "{{ item }}", "namespace": "{{ app_namespace }}"}}}'
-      loop:
-        - glpi-config
-        - glpi-files
-        - glpi-log
-        - glpi-marketplace
-        - glpi-plugins
+    - name: "Uninstall PostgreSQL chart"
+      kubernetes.core.helm:
+        name: "postgresql"
+        release_namespace: "{{ app_namespace }}"
+        state: absent
+        wait: true
+      register: glpi_helm_res
 
+    - name: "Remove keycloak namespace"
+      kubernetes.core.k8s:
+        name: "{{ app_namespace }}"
+        api_version: v1
+        kind: Namespace
+        state: absent
 ...

keycloak/k8s/helm/ansible/templates/helm-keycloak-values.yaml.j2

@@ -14,3 +14,9 @@ ingress:
             serviceName: http
             servicePort: 8080
 
+persistence:
+  dbType: {{ db_type }}
+  dbPort: {{ db_port }}
+  dbName: {{ db_name }}
+  dbUser: {{ db_user }}}
+  dbPassword: {{ db_password }}

keycloak/k8s/helm/ansible/templates/helm-postgresql-values.yaml.j2

@@ -69,6 +69,4 @@ persistence:
   dbUser: {{ db_user | default('keycloak') }}
   dbPassword: {{ db_password }}
   dbDataSize: 10Gi
-  #mountPath: "/var/lib/mysql:Z"
-  dbPassword: {{ db_password }}
   localDbUser: 1