diff --git a/manifests/config.pp b/manifests/config.pp index 063108b..bc3273c 100644 --- a/manifests/config.pp +++ b/manifests/config.pp @@ -1,71 +1,89 @@ # Private class. class keycloak::config { assert_private() file { '/opt/keycloak': ensure => 'link', target => $keycloak::install_base } # Template uses: # - $keycloak::install_base # - $keycloak::admin_user # - $keycloak::admin_user_password file { 'kcadm-wrapper.sh': ensure => 'file', path => "${keycloak::install_base}/bin/kcadm-wrapper.sh", owner => $keycloak::user, group => $keycloak::group, mode => '0750', content => template('keycloak/kcadm-wrapper.sh.erb'), show_diff => false, } $_add_user_keycloak_cmd = "${keycloak::install_base}/bin/add-user-keycloak.sh" $_add_user_keycloak_args = "--user ${keycloak::admin_user} --password ${keycloak::admin_user_password} --realm master" $_add_user_keycloak_state = "${keycloak::install_base}/.create-keycloak-admin-${keycloak::datasource_driver}" exec { 'create-keycloak-admin': command => "${_add_user_keycloak_cmd} ${_add_user_keycloak_args} && touch ${_add_user_keycloak_state}", creates => $_add_user_keycloak_state, notify => Class['keycloak::service'], } file { "${keycloak::install_base}/standalone/configuration": ensure => 'directory', owner => $keycloak::user, group => $keycloak::group, mode => '0750', } file { "${keycloak::install_base}/standalone/configuration/profile.properties": ensure => 'file', owner => $keycloak::user, group => $keycloak::group, content => template('keycloak/profile.properties.erb'), mode => '0644', notify => Class['keycloak::service'], } file { "${keycloak::install_base}/config.cli": ensure => 'file', owner => $keycloak::user, group => $keycloak::group, mode => '0600', content => template('keycloak/config.cli.erb'), notify => Exec['jboss-cli.sh --file=config.cli'], show_diff => false, } exec { 'jboss-cli.sh --file=config.cli': command => "${keycloak::install_base}/bin/jboss-cli.sh --file=config.cli", cwd => $keycloak::install_base, user => $keycloak::user, group => $keycloak::group, refreshonly => true, logoutput => true, notify => Class['keycloak::service'], } create_resources('keycloak::truststore::host', $keycloak::truststore_hosts) + if $keycloak::service_java_opts { + $java_opts_ensure = 'present' + } else { + $java_opts_ensure = 'absent' + } + + if $keycloak::service_java_opts =~ Array { + $service_java_opts = join($keycloak::service_java_opts, ' ') + } else { + $service_java_opts = $keycloak::service_java_opts + } + file_line { 'standalone.conf-JAVA_OPTS': + ensure => $java_opts_ensure, + path => "${keycloak::install_base}/bin/standalone.conf", + line => "JAVA_OPTS=\"\$JAVA_OPTS ${service_java_opts}\"", + match => '^JAVA_OPTS=', + notify => Class['keycloak::service'], + } } diff --git a/spec/acceptance/1_class_spec.rb b/spec/acceptance/1_class_spec.rb index 564e895..d3f8850 100644 --- a/spec/acceptance/1_class_spec.rb +++ b/spec/acceptance/1_class_spec.rb @@ -1,124 +1,124 @@ require 'spec_helper_acceptance' describe 'keycloak class:' do context 'default parameters' do it 'runs successfully' do pp = <<-EOS class { 'keycloak': } EOS apply_manifest(pp, catch_failures: true) apply_manifest(pp, catch_changes: true) end describe file("/opt/keycloak-#{RSpec.configuration.keycloak_version}") do it { is_expected.to be_directory } end describe service('keycloak') do it { is_expected.to be_enabled } it { is_expected.to be_running } end end context 'default with clustered mode enable' do it 'runs successfully' do pp = <<-EOS class { 'keycloak': operating_mode => 'clustered', } EOS apply_manifest(pp, catch_failures: true) apply_manifest(pp, catch_changes: true) end describe service('keycloak') do it { is_expected.to be_enabled } it { is_expected.to be_running } end end context 'default with mysql datasource' do it 'runs successfully' do pp = <<-EOS include mysql::server class { 'keycloak': datasource_driver => 'mysql', } EOS apply_manifest(pp, catch_failures: true) apply_manifest(pp, catch_changes: true) end describe service('keycloak') do it { is_expected.to be_enabled } it { is_expected.to be_running } end describe port(8080) do it { is_expected.to be_listening.on('0.0.0.0').with('tcp') } end describe port(9990) do it { is_expected.to be_listening.on('127.0.0.1').with('tcp') } end end context 'default with postgresql datasource' do it 'runs successfully' do pp = <<-EOS include postgresql::server class { 'keycloak': datasource_driver => 'postgresql', } EOS apply_manifest(pp, catch_failures: true) apply_manifest(pp, catch_changes: true) end describe service('keycloak') do it { is_expected.to be_enabled } it { is_expected.to be_running } end describe port(8080) do it { is_expected.to be_listening.on('0.0.0.0').with('tcp') } end describe port(9990) do it { is_expected.to be_listening.on('127.0.0.1').with('tcp') } end end context 'changes to defaults' do it 'runs successfully' do pp = <<-EOS include mysql::server class { 'keycloak': datasource_driver => 'mysql', proxy_https => true, - service_java_opts => '-Xmx512m -Xms512m', + service_java_opts => '-Xmx512m -Xms64m', } EOS apply_manifest(pp, catch_failures: true) apply_manifest(pp, catch_changes: true) end describe service('keycloak') do it { is_expected.to be_enabled } it { is_expected.to be_running } end describe port(8080) do it { is_expected.to be_listening.on('0.0.0.0').with('tcp') } end describe port(9990) do it { is_expected.to be_listening.on('127.0.0.1').with('tcp') } end end end diff --git a/templates/keycloak.service.erb b/templates/keycloak.service.erb index d83147f..6a9243f 100644 --- a/templates/keycloak.service.erb +++ b/templates/keycloak.service.erb @@ -1,28 +1,21 @@ [Unit] Description=Jboss Application Server After=network.target [Service] Type=idle <% if scope['keycloak::service_environment_file'] -%> EnvironmentFile=<%= scope['keycloak::service_environment_file'] %> <% end -%> -<% if scope['keycloak::service_java_opts'] -%> -<% if scope['keycloak::service_java_opts'].is_a?(Array) -%> -Environment="JAVA_OPTS=<%= scope['keycloak::service_java_opts'].join(' ') %>" -<% else %> -Environment="JAVA_OPTS=<%= scope['keycloak::service_java_opts'] %>" -<% end -%> -<% end -%> User=<%= scope['keycloak::user'] %> Group=<%= scope['keycloak::group'] %> <% if scope['keycloak::operating_mode'] == 'standalone'-%> ExecStart=<%= scope['keycloak::install_base'] %>/bin/standalone.sh -b <%= scope['keycloak::service_bind_address'] %> -Djboss.http.port=<%= scope['keycloak::http_port'] %><% if scope['keycloak::service_extra_opts'] -%> <%= scope['keycloak::service_extra_opts'] -%><% end %> <% elsif scope['keycloak::operating_mode'] == 'clustered'-%> ExecStart=<%= scope['keycloak::install_base'] %>/bin/standalone.sh --server-config=standalone-ha.xml -b <%= scope['keycloak::service_bind_address'] %> -Djboss.http.port=<%= scope['keycloak::http_port'] %><% if scope['keycloak::service_extra_opts'] -%> <%= scope['keycloak::service_extra_opts'] -%><% end %> <% end -%> TimeoutStartSec=600 TimeoutStopSec=600 [Install] WantedBy=multi-user.target