|
|
|
---
|
|
|
|
|
|
|
|
#- name: Build config for domains
|
|
|
|
# set_fact: zcs_domains_conf={{ zcs_domains_conf | default([]) + [zcs_domain_defaults | combine(zcs_domains[item])] }}
|
|
|
|
# with_items: "{{ zcs_domains.keys() | list }}"
|
|
|
|
# tags: zcs
|
|
|
|
#- set_fact: zcs_domains={{ zcs_domains_conf | default([]) }}
|
|
|
|
# tags: zcs
|
|
|
|
|
|
|
|
- name: Install dependencies
|
|
|
|
yum:
|
|
|
|
name:
|
|
|
|
- tar
|
|
|
|
- MySQL-python
|
|
|
|
- perl-JSON
|
|
|
|
- patch
|
|
|
|
tags: zcs
|
|
|
|
|
|
|
|
- name: Check if zimbra is installed
|
|
|
|
stat: path=/opt/zimbra/bin/zmprov
|
|
|
|
register: zcs_zmprov
|
|
|
|
tags: zcs
|
|
|
|
|
|
|
|
#- name: Stop postfix
|
|
|
|
# service: name=postfix state=stopped enabled=False
|
|
|
|
# tags: zcs
|
|
|
|
|
|
|
|
- include_tasks: install.yml
|
|
|
|
when:
|
|
|
|
- zcs_install == True
|
|
|
|
- not zcs_zmprov.stat.exists
|
|
|
|
tags: zcs
|
|
|
|
|
|
|
|
- name: Exit if not installed
|
|
|
|
meta: end_host
|
|
|
|
when: zcs_install != True and (zcs_zmprov is not defined or zcs_zmprov.stat is not defined or not zcs_zmprov.stat.exists)
|
|
|
|
tags: zcs
|
|
|
|
|
|
|
|
- set_fact: zcs_i_am_primary_ldap={{ (inventory_hostname == zcs_primary_ldap) | ternary(True,False) }}
|
|
|
|
tags: zcs
|
|
|
|
|
|
|
|
- name: Fetch the LDAP admin pass
|
|
|
|
shell: /opt/zimbra/bin/zmlocalconfig -s zimbra_ldap_password | awk '{ print $3}'
|
|
|
|
changed_when: False
|
|
|
|
register: zcs_ldap_admin_pass
|
|
|
|
when: zcs_ldap_admin_pass is not defined
|
|
|
|
tags: zcs
|
|
|
|
- set_fact: zcs_ldap_admin_pass={{ zcs_ldap_admin_pass.stdout }}
|
|
|
|
when: zcs_ldap_admin_pass.stdout is defined
|
|
|
|
tags: zcs
|
|
|
|
|
|
|
|
- name: Install wrapper scripts
|
|
|
|
template: src=zimbra_wrapper.j2 dest=/usr/local/bin/{{ item }} mode=0755
|
|
|
|
loop:
|
|
|
|
- zmprov
|
|
|
|
- zmcontrol
|
|
|
|
- zmhostname
|
|
|
|
- zmmailbox
|
|
|
|
- zmlocalconfig
|
|
|
|
tags: zcs
|
|
|
|
|
|
|
|
#- name: Check installed components
|
|
|
|
# command: rpm -q zimbra-{{ item }}
|
|
|
|
# args:
|
|
|
|
# warn: False
|
|
|
|
# register: zcs_components
|
|
|
|
# failed_when: False
|
|
|
|
# changed_when: False
|
|
|
|
# loop:
|
|
|
|
# - ldap
|
|
|
|
# - logger
|
|
|
|
# - mta
|
|
|
|
# - dnscache
|
|
|
|
# - snmp
|
|
|
|
# - store
|
|
|
|
# - apache
|
|
|
|
# - spell
|
|
|
|
# - memcached
|
|
|
|
# - proxy
|
|
|
|
# - drive
|
|
|
|
# tags: zcs
|
|
|
|
|
|
|
|
- name: List enabled components
|
|
|
|
shell: '/opt/zimbra/bin/zmprov getServer {{ inventory_hostname }} zimbraServiceEnabled | perl -ne ''m/^zimbraServiceEnabled: (\w+)/ && print "$1\n"'''
|
|
|
|
become_user: zimbra
|
|
|
|
register: zcs_enabled_components
|
|
|
|
changed_when: False
|
|
|
|
tags: zcs
|
|
|
|
- set_fact: zcs_enabled_components={{ zcs_enabled_components.stdout_lines }}
|
|
|
|
tags: zcs
|
|
|
|
|
|
|
|
- include_tasks: "{{ component }}.yml"
|
|
|
|
loop: "{{ zcs_enabled_components }}"
|
|
|
|
loop_control:
|
|
|
|
loop_var: component
|
|
|
|
tags: zcs
|
|
|
|
|
|
|
|
- name: Handle general ports
|
|
|
|
iptables_raw:
|
|
|
|
name: zcs_general_ports
|
|
|
|
state: "{{ (zcs_cluster_ip | length > 0) | ternary('present','absent') }}"
|
|
|
|
rules: "-A INPUT -m state --state NEW -p tcp -m multiport --dports 22 -s {{ zcs_cluster_ip | join(',') }} -j ACCEPT"
|
|
|
|
when: iptables_manage | default(True)
|
|
|
|
tags: zcs
|
|
|
|
|
|
|
|
- include_tasks: zmldapsync.yml
|
|
|
|
when: zcs_i_am_primary_ldap == True
|
|
|
|
tags: zcs
|
|
|
|
|
|
|
|
- name: Install backup help script
|
|
|
|
get_url:
|
|
|
|
url: https://git.fws.fr/dani/zimbra/raw/branch/master/zmbh/zmbh.pl
|
|
|
|
dest: /opt/zimbra/bin/zmbh
|
|
|
|
mode: '0755'
|
|
|
|
tags: zcs
|
|
|
|
|
|
|
|
- name: Remove old backup helper script
|
|
|
|
file: path=/usr/local/bin/zmbh.pl state=absent
|
|
|
|
tags: zcs
|
|
|
|
|
|
|
|
- name: Create directories
|
|
|
|
file: path={{ item.dir }} state=directory owner={{ item.owner | default(omit) }} group={{ item.group | default(omit) }} mode={{ item.mode | default(omit) }}
|
|
|
|
loop:
|
|
|
|
- dir: /opt/zimbra/addon_cache
|
|
|
|
- dir: /opt/zimbra/meta
|
|
|
|
mode: '0700'
|
|
|
|
tags: zcs
|
|
|
|
|
|
|
|
#- include_tasks: backup.yml
|
|
|
|
# when: zcs_i_am_primary_ldap == True
|
|
|
|
# tags: zcs
|
|
|
|
|
|
|
|
- name: Identify logger host
|
|
|
|
shell: /opt/zimbra/bin/zmprov gcf zimbraLogHostname | awk '{ print $2 }'
|
|
|
|
become_user: zimbra
|
|
|
|
register: zcs_log_hostname
|
|
|
|
changed_when: False
|
|
|
|
tags: zcs
|
|
|
|
- set_fact: zcs_log_hostname={{ zcs_log_hostname.stdout }}
|
|
|
|
tags: zcs
|
|
|
|
|
|
|
|
- name: Deploy syslog config
|
|
|
|
template: src=rsyslog.conf.j2 dest=/etc/rsyslog.conf
|
|
|
|
notify: restart rsyslog
|
|
|
|
tags: zcs
|
|
|
|
|
|
|
|
- name: Set correct SELinux context on logs
|
|
|
|
block:
|
|
|
|
- sefcontext:
|
|
|
|
target: "/opt/zimbra/log(/.*)?"
|
|
|
|
setype: var_log_t
|
|
|
|
- command: restorecon -R /opt/zimbra/log
|
|
|
|
changed_when: False
|
|
|
|
when: ansible_selinux.status == 'enabled'
|
|
|
|
tags: zcs
|
|
|
|
|
|
|
|
- name: Deploy Let's Encrypt hook
|
|
|
|
template: src=dehydrated_hook.sh.j2 dest=/etc/dehydrated/hooks_deploy_cert.d/20zimbra.sh mode=755
|
|
|
|
when: zcs_letsencrypt == True
|
|
|
|
tags: zcs
|
|
|
|
|
|
|
|
- name: Remove Let's Encrypt hook
|
|
|
|
file: path=/etc/dehydrated/hooks_deploy_cert.d/20zimbra.sh state=absent
|
|
|
|
when: zcs_letsencrypt != True
|
|
|
|
tags: zcs
|
|
|
|
|
|
|
|
- name: Create pre and post backup hook dir
|
|
|
|
file: path=/etc/backup/{{ item }}.d state=directory
|
|
|
|
loop:
|
|
|
|
- pre
|
|
|
|
- post
|
|
|
|
tags: zcs
|
|
|
|
|
|
|
|
- name: Deploy pre and post backup scripts
|
|
|
|
template: src={{ item }}_backup.sh.j2 dest=/etc/backup/{{ item }}.d/zimbra.sh mode=0750
|
|
|
|
loop:
|
|
|
|
- pre
|
|
|
|
- post
|
|
|
|
tags: zcs
|
|
|
|
|
|
|
|
- name: Create backup mount point
|
|
|
|
file: path=/home/lbkp/zimbra state=directory
|
|
|
|
tags: zcs
|
|
|
|
|
|
|
|
- name: Remove temp files
|
|
|
|
file: path={{ item }} state=absent
|
|
|
|
loop:
|
|
|
|
- /tmp/zimbra
|
|
|
|
- /tmp/tk_barrydegraaff_sharetoolkit_admin.zip
|
|
|
|
tags: zcs
|
|
|
|
|
|
|
|
- include: filebeat.yml
|