Update to 2020-04-29 20:00

master
Daniel Berteaud 5 years ago
parent 90775dce80
commit 4e732b539e
  1. 3
      roles/onlyoffice_document_server/defaults/main.yml
  2. 19
      roles/onlyoffice_document_server/templates/oods.json.j2
  3. 8
      roles/seafile/defaults/main.yml
  4. BIN
      roles/seafile/files/seafile-pro-server_7.1.3_x86-64_CentOS.tar.gz
  5. 2
      roles/seafile/meta/main.yml
  6. 2
      roles/seafile/tasks/cleanup.yml
  7. 2
      roles/seafile/tasks/conf.yml
  8. 53
      roles/seafile/tasks/install.yml
  9. 16
      roles/seafile/templates/gunicorn.conf.py.j2
  10. 4
      roles/seafile/templates/seafile.conf.j2
  11. 1
      roles/seafile/templates/seafile.service.j2
  12. 3
      roles/seafile/templates/seahub.service.j2
  13. 3
      roles/seafile/templates/seahub_settings.py.j2

@ -11,4 +11,7 @@ oo_db_port: 3306
oo_redis_server: localhost oo_redis_server: localhost
oo_redis_port: 6379 oo_redis_port: 6379
# Secret key
# oo_secret: XXXX
oo_ds_vhost: onlyoffice-ds.{{ ansible_domain }} oo_ds_vhost: onlyoffice-ds.{{ ansible_domain }}

@ -9,6 +9,25 @@
}, },
"services": { "services": {
"CoAuthoring": { "CoAuthoring": {
{% if oo_secret is defined %}
"secret": {
"inbox": {
"string": "{{ oo_secret }}"
},
"outbox": {
"string": "{{ oo_secret }}"
}
},
"token": {
"enable": {
"browser": true,
"request": {
"inbox": true,
"outbox": true
}
}
},
{% endif %}
"sql": { "sql": {
"type": "mysql", "type": "mysql",
"dbHost": "{{ oo_db_server }}", "dbHost": "{{ oo_db_server }}",

@ -11,11 +11,11 @@
# MaxUsers = "9" # MaxUsers = "9"
# Mode = "subscription" # Mode = "subscription"
# etc... # etc...
seafile_version: "{{ seafile_license is defined | ternary('7.0.12','7.0.5') }}" seafile_version: "{{ seafile_license is defined | ternary('7.1.3','7.1.3') }}"
# Archive URL and sha1 are only used for the community version # Archive URL and sha1 are only used for the community version
seafile_archive_url: https://download.seadrive.org/seafile-server_{{ seafile_version }}_x86-64.tar.gz seafile_archive_url: https://download.seadrive.org/seafile-server_{{ seafile_version }}_x86-64.tar.gz
seafile_archive_sha1: a648e149301432ea0af4de83233a4c8cd1c60ada seafile_archive_sha1: b94b63bb7ea770e4afdc8e5d8ac82d8fc10e0403
seafile_root_dir: /opt/seafile seafile_root_dir: /opt/seafile
seafile_data_dir: "{{ seafile_root_dir }}/data" seafile_data_dir: "{{ seafile_root_dir }}/data"
@ -67,6 +67,8 @@ seafile_ldap_auth: "{{ (ad_auth | default(False) or ldap_auth | default(False))
seafile_ldap_uri: "{{ ad_auth | default(False) | ternary('ldaps://' + ad_realm | default(samba_realm) | default(ansible_domain) | lower,ldap_uri | regex_replace('^ldap://(.*)','ldaps://\\1')) }}" seafile_ldap_uri: "{{ ad_auth | default(False) | ternary('ldaps://' + ad_realm | default(samba_realm) | default(ansible_domain) | lower,ldap_uri | regex_replace('^ldap://(.*)','ldaps://\\1')) }}"
seafile_ldap_base: "{{ ad_auth | default(False) | ternary('DC=' + ad_realm | default(samba_realm) | default(ansible_domain) | regex_replace('\\.',',DC='), 'ou=Users,' + ldap_base) }}" seafile_ldap_base: "{{ ad_auth | default(False) | ternary('DC=' + ad_realm | default(samba_realm) | default(ansible_domain) | regex_replace('\\.',',DC='), 'ou=Users,' + ldap_base) }}"
# seafile_ldap_bind_dn: # seafile_ldap_bind_dn:
# Note that seafile_ldap_bind_pass should not contain special caracter, as it might break the parser and
# prevent seafevents from starting !
# seafile_ldap_bind_pass: # seafile_ldap_bind_pass:
seafile_ldap_login_attr: "{{ ad_auth | default(False) | ternary('userPrincipalName','mail') }}" seafile_ldap_login_attr: "{{ ad_auth | default(False) | ternary('userPrincipalName','mail') }}"
seafile_ldap_filter: "{{ ad_auth | default(False) | ternary('&(objectClass=user)(objectCategory=person)(primaryGroupId=513)','objectClass=inetOrgPerson') }}" seafile_ldap_filter: "{{ ad_auth | default(False) | ternary('&(objectClass=user)(objectCategory=person)(primaryGroupId=513)','objectClass=inetOrgPerson') }}"
@ -110,6 +112,8 @@ seafile_site_title: 'Mon cloud privé'
# Set to your OnlyOffice url to enable integration # Set to your OnlyOffice url to enable integration
# seafile_oo_uri: https://oods.example.org/ # seafile_oo_uri: https://oods.example.org/
# Optional secret token shared with OnlyOffice
# seafile_oo_secret: XXXXX
# Enable ClamAV scanning of files # Enable ClamAV scanning of files
# Only available if you run the PRO edition # Only available if you run the PRO edition

Binary file not shown.

@ -1,5 +1,7 @@
--- ---
dependencies: dependencies:
- role: repo_nux_dextop - role: repo_nux_dextop
- role: memcached_server
when: seafile_memcached_server is search('^(127\.0\.0\.1|localhost)')
- role: clamav - role: clamav
when: seafile_license is defined and seafile_scan_av == True when: seafile_license is defined and seafile_scan_av == True

@ -5,7 +5,7 @@
with_items: with_items:
- "{{ seafile_root_dir }}/tmp/seafile-server_{{ seafile_version }}_x86-64.tar.gz" - "{{ seafile_root_dir }}/tmp/seafile-server_{{ seafile_version }}_x86-64.tar.gz"
- "{{ seafile_root_dir }}/tmp/seafile-server-{{ seafile_version }}" - "{{ seafile_root_dir }}/tmp/seafile-server-{{ seafile_version }}"
- "{{ seafile_root_dir }}/tmp/seafile-pro-server_{{ seafile_version }}_x86-64.tar.gz" - "{{ seafile_root_dir }}/tmp/seafile-pro-server_{{ seafile_version }}_x86-64_CentOS.tar.gz"
- "{{ seafile_root_dir }}/tmp/seafile-pro-server-{{ seafile_version }}" - "{{ seafile_root_dir }}/tmp/seafile-pro-server-{{ seafile_version }}"
- /etc/cron.d/seafil_gc - /etc/cron.d/seafil_gc
- "{{ seafile_root_dir }}/db_dumps" - "{{ seafile_root_dir }}/db_dumps"

@ -13,7 +13,7 @@
- seafdav.conf - seafdav.conf
- seafile.conf - seafile.conf
- seahub_settings.py - seahub_settings.py
- gunicorn.conf - gunicorn.conf.py
notify: notify:
- restart seafile - restart seafile
- restart seahub - restart seahub

@ -3,12 +3,11 @@
- name: Install RPM dependencies - name: Install RPM dependencies
yum: yum:
name: name:
- python-imaging - python3
- python3-setuptools
- python3-pip
- python3-virtualenv
- MySQL-python - MySQL-python
- python-memcached
- python-ldap
- python-urllib3
- python-virtualenv
- ffmpeg - ffmpeg
- ffmpeg-devel - ffmpeg-devel
- libmemcached-devel - libmemcached-devel
@ -23,20 +22,39 @@
- unoconv # For seafile-pro - unoconv # For seafile-pro
tags: seafile tags: seafile
- name: Check if py2 venv is setup
stat: path={{ seafile_root_dir }}/bin/python2
register: seafile_py2
tags: seafile
- name: Clear the venv as we migrate to py3
file: path={{ seafile_root_dir }}/{{ item }} state=absent
loop:
- lib
- lib64
- bin
- include
when: seafile_py2.stat.exists
tags: seafile
- name: Install or update python modules in the virtualenv - name: Install or update python modules in the virtualenv
pip: pip:
state: latest state: "{{ (seafile_install_mode == 'upgrade') | ternary('latest', 'present') }}"
virtualenv: "{{ seafile_root_dir }}" virtualenv: "{{ seafile_root_dir }}"
virtualenv_python: python2.7 virtualenv_command: /usr/bin/virtualenv-3
virtualenv_python: /usr/bin/python3
name: name:
- pip - Pillow
- virtualenv
- pillow
#- moviepy
- pylibmc - pylibmc
- captcha
- jinja2
- sqlalchemy
- psd-tools
- django-pylibmc - django-pylibmc
- django-simple-captcha
- python3-ldap
- requests_oauthlib - requests_oauthlib
- MySQL-python #- wsgidav
notify: notify:
- restart seafile - restart seafile
- restart seahub - restart seahub
@ -58,7 +76,7 @@
tags: seafile tags: seafile
- name: Copy Seafile pro archive - name: Copy Seafile pro archive
copy: src=seafile-pro-server_{{ seafile_version }}_x86-64.tar.gz dest={{ seafile_root_dir }}/tmp/ copy: src=seafile-pro-server_{{ seafile_version }}_x86-64_CentOS.tar.gz dest={{ seafile_root_dir }}/tmp/
when: when:
- seafile_install_mode != 'none' - seafile_install_mode != 'none'
- seafile_license is defined - seafile_license is defined
@ -66,7 +84,7 @@
- name: Extract seafile archive - name: Extract seafile archive
unarchive: unarchive:
src: "{{ seafile_root_dir }}/tmp/seafile-{{ seafile_license is defined | ternary('pro-','') }}server_{{ seafile_version }}_x86-64.tar.gz" src: "{{ seafile_root_dir }}/tmp/{{ seafile_license is defined | ternary('seafile-pro-server_' ~ seafile_version ~ '_x86-64_CentOS.tar.gz','seafile-server_' ~ seafile_version ~ '_x86-64.tar.gz') }}"
dest: "{{ seafile_root_dir }}/tmp" dest: "{{ seafile_root_dir }}/tmp"
remote_src: yes remote_src: yes
when: seafile_install_mode != 'none' when: seafile_install_mode != 'none'
@ -82,6 +100,13 @@
when: seafile_install_mode != 'none' when: seafile_install_mode != 'none'
tags: seafile tags: seafile
- name: Chown seafile install dir
command: chown -R {{ seafile_user }}:{{ seafile_group }} {{ seafile_root_dir }}/seafile-server/*
args:
warn: False
when: seafile_install_mode != 'none'
tags: seafile
- name: Check if avatar is a dir or a link - name: Check if avatar is a dir or a link
stat: path={{ seafile_root_dir }}/seafile-server/seahub/media/avatars stat: path={{ seafile_root_dir }}/seafile-server/seahub/media/avatars
register: seafile_avatar register: seafile_avatar

@ -0,0 +1,16 @@
import os
daemon = True
workers = 5
bind = "0.0.0.0:{{ seafile_seahub_port }}"
pids_dir = '{{ seafile_root_dir }}/pids'
pidfile = os.path.join(pids_dir, 'seahub.pid')
logs_dir = '{{ seafile_root_dir }}/logs'
errorlog = os.path.join(logs_dir, 'gunicorn_error.log')
accesslog = os.path.join(logs_dir, 'gunicorn_access.log')
timeout = 1200
limit_request_line = 8190

@ -1,9 +1,6 @@
[general] [general]
enable_syslog = true enable_syslog = true
[fileserver]
port = {{ seafile_seafile_port }}
[database] [database]
type = mysql type = mysql
host = {{ seafile_db_server }} host = {{ seafile_db_server }}
@ -24,6 +21,7 @@ keep_days = {{ seafile_default_history }}
{% endif %} {% endif %}
[fileserver] [fileserver]
port = {{ seafile_seafile_port }}
{% if seafile_max_upload_size is defined %} {% if seafile_max_upload_size is defined %}
max_upload_size = {{ seafile_max_upload_size }} max_upload_size = {{ seafile_max_upload_size }}
{% endif %} {% endif %}

@ -4,6 +4,7 @@ After=network.target mariadb.service
[Service] [Service]
Type=forking Type=forking
Environment=PATH={{ seafile_root_dir }}/bin:/bin:/usr/bin
ExecStart={{ seafile_root_dir }}/seafile-server/seafile.sh start ExecStart={{ seafile_root_dir }}/seafile-server/seafile.sh start
ExecStop={{ seafile_root_dir }}/seafile-server-latest/seafile.sh stop ExecStop={{ seafile_root_dir }}/seafile-server-latest/seafile.sh stop
User={{ seafile_user }} User={{ seafile_user }}

@ -4,7 +4,8 @@ After=network.target seafile.service
[Service] [Service]
Type=forking Type=forking
Environment=PYTHONPATH={{ seafile_root_dir }}/lib64/python2.7/site-packages/ Environment=PYTHONPATH={{ seafile_root_dir }}/lib64/python3.6/site-packages/
Environment=PYTHON={{ seafile_root_dir }}/bin/python
ExecStart={{ seafile_root_dir }}/seafile-server/seahub.sh {{ seafile_seahub_fastcgi | ternary('start-fastcgi','start') }} {{ seafile_seahub_port }} ExecStart={{ seafile_root_dir }}/seafile-server/seahub.sh {{ seafile_seahub_fastcgi | ternary('start-fastcgi','start') }} {{ seafile_seahub_port }}
ExecStop={{ seafile_root_dir }}/seafile-server/seahub.sh stop ExecStop={{ seafile_root_dir }}/seafile-server/seahub.sh stop
User={{ seafile_user }} User={{ seafile_user }}

@ -140,6 +140,9 @@ VERIFY_ONLYOFFICE_CERTIFICATE = True
ONLYOFFICE_APIJS_URL = "{{ (seafile_oo_uri is search('api\.js$')) | ternary(seafile_oo_uri,seafile_oo_uri | regex_replace('/$','') + '/web-apps/apps/api/documents/api.js') }}" ONLYOFFICE_APIJS_URL = "{{ (seafile_oo_uri is search('api\.js$')) | ternary(seafile_oo_uri,seafile_oo_uri | regex_replace('/$','') + '/web-apps/apps/api/documents/api.js') }}"
ONLYOFFICE_FILE_EXTENSION = ('doc', 'docx', 'ppt', 'pptx', 'xls', 'xlsx', 'odt', 'fodt', 'odp', 'fodp', 'ods', 'fods') ONLYOFFICE_FILE_EXTENSION = ('doc', 'docx', 'ppt', 'pptx', 'xls', 'xlsx', 'odt', 'fodt', 'odp', 'fodp', 'ods', 'fods')
ONLYOFFICE_EDIT_FILE_EXTENSION = ('docx', 'pptx', 'xlsx', 'odt', 'ods', 'odp') ONLYOFFICE_EDIT_FILE_EXTENSION = ('docx', 'pptx', 'xlsx', 'odt', 'ods', 'odp')
{% if seafile_oo_secret is defined %}
ONLYOFFICE_JWT_SECRET = '{{ seafile_oo_secret }}'
{% endif %}
{% endif %} {% endif %}
{% if seafile_public_url is search '^https://' %} {% if seafile_public_url is search '^https://' %}

Loading…
Cancel
Save