parent
19ee03f655
commit
23f29bf982
17 changed files with 268 additions and 0 deletions
@ -0,0 +1,30 @@ |
|||||||
|
--- |
||||||
|
|
||||||
|
itop_id: 1 |
||||||
|
itop_manage_upgrade: True |
||||||
|
itop_version: 2.7.2-1 |
||||||
|
itop_build: 6483 |
||||||
|
itop_archive_url: https://sourceforge.net/projects/itop/files/itop/{{ item_version }}/iTop-{{ itop_version }}-{{ itop_build }}.zip |
||||||
|
itop_archive_sha1: 8efede1ba82ce49e35e7eee8b652a75533bfef81 |
||||||
|
|
||||||
|
itop_root_dir: /opt/itop_{{ itop_id }} |
||||||
|
itop_php_user: php-itop_{{ itop_id }} |
||||||
|
itop_php_version: 74 |
||||||
|
|
||||||
|
# If you prefer using a custom PHP FPM pool, set it's name. |
||||||
|
# You might need to adjust itop_php_user |
||||||
|
# itop_php_fpm_pool: custom_itop |
||||||
|
|
||||||
|
|
||||||
|
itop_db_server: "{{ mysql_server | default('localhost') }}" |
||||||
|
# itop_db_port: 3306 |
||||||
|
itop_db_name: itop_{{ itop_id }} |
||||||
|
itop_db_user: itop_{{ itop_id }} |
||||||
|
# If not defined, a random pass will be generated and stored in the meta directory (under itop_root_dir) |
||||||
|
# itop_db_pass: itop |
||||||
|
|
||||||
|
# itop_alias: itop |
||||||
|
# itop_src_ip: [] |
||||||
|
# - 192.168.7.0/24 |
||||||
|
# - 10.2.0.0/24 |
||||||
|
|
@ -0,0 +1,8 @@ |
|||||||
|
--- |
||||||
|
|
||||||
|
allow_duplicates: True |
||||||
|
dependencies: |
||||||
|
- role: httpd_php |
||||||
|
- role: mysql_server |
||||||
|
when: itop_db_server in [ 'localhost', '127.0.0.1' ] |
||||||
|
|
@ -0,0 +1,9 @@ |
|||||||
|
--- |
||||||
|
|
||||||
|
- import_tasks: ../includes/webapps_compress_archive.yml |
||||||
|
vars: |
||||||
|
- root_dir: "{{ itop_root_dir }}" |
||||||
|
- version: "{{ itop_current_version }}" |
||||||
|
when: itop_install_mode == 'upgrade' |
||||||
|
tags: itop |
||||||
|
|
@ -0,0 +1,10 @@ |
|||||||
|
--- |
||||||
|
|
||||||
|
- import_tasks: ../includes/webapps_archive.yml |
||||||
|
vars: |
||||||
|
- root_dir: "{{ itop_root_dir }}" |
||||||
|
- version: "{{ itop_current_version }}" |
||||||
|
- db_name: "{{ itop_db_name }}" |
||||||
|
- db_server: "{{ itop_db_server }}" |
||||||
|
tags: itop |
||||||
|
|
@ -0,0 +1,11 @@ |
|||||||
|
--- |
||||||
|
|
||||||
|
- name: Remove temp and obsolete files |
||||||
|
file: path={{ item }} state=absent |
||||||
|
loop: |
||||||
|
- "{{ itop_root_dir }}/tmp/iTop-{{ itop_version }}-{{ item_build }}.zip" |
||||||
|
- "{{ itop_root_dir }}/tmp/web" |
||||||
|
- "{{ itop_root_dir }}/tmp/INSTALL" |
||||||
|
- "{{ itop_root_dir }}/tmp/README" |
||||||
|
- "{{ itop_root_dir }}/tmp/LICENSE" |
||||||
|
tags: itop |
@ -0,0 +1,9 @@ |
|||||||
|
--- |
||||||
|
|
||||||
|
- import_tasks: ../includes/webapps_webconf.yml |
||||||
|
vars: |
||||||
|
- app_id: itop_{{ dolibarr_id }} |
||||||
|
- php_version: "{{ itop_php_version }}" |
||||||
|
- php_fpm_pool: "{{ itop_php_fpm_pool | default('') }}" |
||||||
|
tags: itop |
||||||
|
|
@ -0,0 +1,21 @@ |
|||||||
|
--- |
||||||
|
|
||||||
|
- name: Create directory structure |
||||||
|
file: path={{ item.dir }} state=directory mode={{ item.mode | default(omit) }} |
||||||
|
with_items: |
||||||
|
- dir: "{{ itop_root_dir }}" |
||||||
|
- dir: "{{ itop_root_dir }}/archives" |
||||||
|
mode: 700 |
||||||
|
- dir: "{{ itop_root_dir }}/tmp" |
||||||
|
owner: "{{ itop_php_user }}" |
||||||
|
mode: 700 |
||||||
|
- dir: "{{ itop_root_dir }}/sessions" |
||||||
|
owner: "{{ itop_php_user }}" |
||||||
|
mode: 700 |
||||||
|
- dir: "{{ itop_root_dir }}/meta" |
||||||
|
mode: 700 |
||||||
|
- dir: "{{ itop_root_dir }}/backup" |
||||||
|
mode: 700 |
||||||
|
- dir: "{{ itop_root_dir }}/data" |
||||||
|
tags: itop |
||||||
|
|
@ -0,0 +1,19 @@ |
|||||||
|
--- |
||||||
|
|
||||||
|
- block: |
||||||
|
- import_tasks: ../includes/webapps_set_install_mode.yml |
||||||
|
vars: |
||||||
|
- root_dir: "{{ itop_root_dir }}" |
||||||
|
- version: "{{ itop_version }}" |
||||||
|
- set_fact: itop_install_mode={{ (install_mode == 'upgrade' and not itop_manage_upgrade) | ternary('none',install_mode) }} |
||||||
|
- set_fact: itop_current_version={{ current_version | default('') }} |
||||||
|
tags: itop |
||||||
|
|
||||||
|
- when: itop_db_pass is not defined |
||||||
|
block: |
||||||
|
- import_tasks: ../includes/get_rand_pass.yml |
||||||
|
vars: |
||||||
|
- pass_file: "{{ itop_root_dir }}/meta/ansible_dbpass" |
||||||
|
- set_fact: itop_db_pass={{ rand_pass }} |
||||||
|
tags: itop |
||||||
|
|
@ -0,0 +1,39 @@ |
|||||||
|
--- |
||||||
|
|
||||||
|
- name: Install needed tools |
||||||
|
yum: |
||||||
|
name: |
||||||
|
- tar |
||||||
|
- mariadb |
||||||
|
- acl |
||||||
|
tags: itop |
||||||
|
|
||||||
|
- when: itop_install_mode != 'none' |
||||||
|
block: |
||||||
|
- name: Download iTop |
||||||
|
get_url: |
||||||
|
url: "{{ itop_archive_url }}" |
||||||
|
dest: "{{ itop_root_dir }}/tmp/" |
||||||
|
checksum: "sha1:{{ itop_archive_sha1 }}" |
||||||
|
|
||||||
|
- name: Extract iTop archive |
||||||
|
unarchive: |
||||||
|
src: "{{ itop_root_dir }}/tmp/iTop-{{ itop_version }}-{{ itop_build }}.zip" |
||||||
|
dest: "{{ itop_root_dir }}/tmp" |
||||||
|
remote_src: yes |
||||||
|
|
||||||
|
- name: Move files to the correct directory |
||||||
|
synchronize: |
||||||
|
src: "{{ itop_root_dir }}/tmp/web/" |
||||||
|
dest: "{{ itop_root_dir }}/web/" |
||||||
|
recursive: True |
||||||
|
delete: True |
||||||
|
delegate_to: "{{ inventory_hostname }}" |
||||||
|
tags: itop |
||||||
|
|
||||||
|
- name: Install backup hooks |
||||||
|
template: src={{ item }}-backup.sh.j2 dest=/etc/backup/{{ item }}.d/itop_{{ itop_id }} mode=700 |
||||||
|
loop: |
||||||
|
- pre |
||||||
|
- post |
||||||
|
tags: itop |
@ -0,0 +1,14 @@ |
|||||||
|
--- |
||||||
|
|
||||||
|
- include: user.yml |
||||||
|
- include: directories.yml |
||||||
|
- include: facts.yml |
||||||
|
- include: archive_pre.yml |
||||||
|
when: itop_install_mode == 'upgrade' |
||||||
|
- include: install.yml |
||||||
|
- include: conf.yml |
||||||
|
- include: archive_post.yml |
||||||
|
when: itop_install_mode == 'upgrade' |
||||||
|
- include: write_version.yml |
||||||
|
- include: cleanup.yml |
||||||
|
|
@ -0,0 +1,8 @@ |
|||||||
|
--- |
||||||
|
|
||||||
|
- import_tasks: ../includes/create_system_user.yml |
||||||
|
vars: |
||||||
|
- user: "{{ itop_php_user }}" |
||||||
|
- comment: "PHP FPM for itop {{ itop_id }}" |
||||||
|
tags: itop |
||||||
|
|
@ -0,0 +1,8 @@ |
|||||||
|
--- |
||||||
|
|
||||||
|
- import_tasks: ../includes/webapps_post.yml |
||||||
|
vars: |
||||||
|
- root_dir: "{{ itop_root_dir }}" |
||||||
|
- version: "{{ itop_version }}" |
||||||
|
tags: itop |
||||||
|
|
@ -0,0 +1,20 @@ |
|||||||
|
{% if itop_alias is defined %} |
||||||
|
Alias /{{ itop_alias }} {{ itop_root_dir }}/web/ |
||||||
|
{% else %} |
||||||
|
# No alias defined, create a vhost to access it |
||||||
|
{% endif %} |
||||||
|
|
||||||
|
RewriteEngine On |
||||||
|
<Directory {{ itop_root_dir }}/web/> |
||||||
|
AllowOverride All |
||||||
|
Options FollowSymLinks |
||||||
|
{% if itop_src_ip is defined %} |
||||||
|
Require ip {{ itop_src_ip | join(' ') }} |
||||||
|
{% else %} |
||||||
|
Require all granted |
||||||
|
{% endif %} |
||||||
|
<FilesMatch \.php$> |
||||||
|
SetHandler "proxy:unix:/run/php-fpm/{{ itop_php_fpm_pool | default('itop_' + itop_id | string) }}.sock|fcgi://localhost" |
||||||
|
</FilesMatch> |
||||||
|
</Directory> |
||||||
|
|
@ -0,0 +1,8 @@ |
|||||||
|
#!/bin/sh |
||||||
|
|
||||||
|
restorecon -R {{ itop_root_dir }} |
||||||
|
chown -R {{ itop_php_user }} {{ itop_root_dir }}/data |
||||||
|
chmod 700 {{ itop_root_dir }}/data |
||||||
|
setfacl -R -m u:{{ httpd_user | default('apache') }}:rX {{ itop_root_dir }}/data |
||||||
|
|
||||||
|
|
@ -0,0 +1,38 @@ |
|||||||
|
; {{ ansible_managed }} |
||||||
|
|
||||||
|
[itop_{{ itop_id }}] |
||||||
|
|
||||||
|
listen.owner = root |
||||||
|
listen.group = {{ httpd_user | default('apache') }} |
||||||
|
listen.mode = 0660 |
||||||
|
listen = /run/php-fpm/itop_{{ itop_id }}.sock |
||||||
|
user = {{ itop_php_user }} |
||||||
|
group = {{ itop_php_user }} |
||||||
|
catch_workers_output = yes |
||||||
|
|
||||||
|
pm = dynamic |
||||||
|
pm.max_children = 15 |
||||||
|
pm.start_servers = 3 |
||||||
|
pm.min_spare_servers = 3 |
||||||
|
pm.max_spare_servers = 6 |
||||||
|
pm.max_requests = 5000 |
||||||
|
request_terminate_timeout = 60m |
||||||
|
|
||||||
|
php_flag[display_errors] = off |
||||||
|
php_admin_flag[log_errors] = on |
||||||
|
php_admin_value[error_log] = syslog |
||||||
|
php_admin_value[memory_limit] = 512M |
||||||
|
php_admin_value[session.save_path] = {{ itop_root_dir }}/sessions |
||||||
|
php_admin_value[upload_tmp_dir] = {{ itop_root_dir }}/tmp |
||||||
|
php_admin_value[sys_temp_dir] = {{ itop_root_dir }}/tmp |
||||||
|
php_admin_value[post_max_size] = 20M |
||||||
|
php_admin_value[upload_max_filesize] = 20M |
||||||
|
php_admin_value[disable_functions] = system, show_source, symlink, dl, shell_exec, passthru, phpinfo, escapeshellarg, escapeshellcmd |
||||||
|
php_admin_value[open_basedir] = {{ itop_root_dir }} |
||||||
|
php_admin_value[max_execution_time] = 900 |
||||||
|
php_admin_value[max_input_time] = 120 |
||||||
|
php_admin_flag[allow_url_include] = off |
||||||
|
php_admin_flag[allow_url_fopen] = on |
||||||
|
php_admin_flag[file_uploads] = on |
||||||
|
php_admin_flag[session.cookie_httponly] = on |
||||||
|
|
@ -0,0 +1,3 @@ |
|||||||
|
#!/bin/bash -e |
||||||
|
|
||||||
|
rm -f {{ itop_root_dir }}/backup/* |
@ -0,0 +1,13 @@ |
|||||||
|
#!/bin/bash -e |
||||||
|
|
||||||
|
/usr/bin/mysqldump \ |
||||||
|
{% if itop_db_server not in ['127.0.0.1','localhost'] %} |
||||||
|
--user={{ itop_db_user }} \ |
||||||
|
--password={{ itop_db_pass | quote }} \ |
||||||
|
--host={{ itop_db_server }} \ |
||||||
|
{% if itop_db_port is defined %} |
||||||
|
--port={{ itop_db_port }} \ |
||||||
|
{% endif %} |
||||||
|
{% endif %} |
||||||
|
--quick --single-transaction \ |
||||||
|
--add-drop-table {{ itop_db_name }} | zstd -c > {{ itop_root_dir }}/backup/{{ itop_db_name }}.sql.zst |
Loading…
Reference in new issue