From 8622e4fe18cc500ee593388f7a6c42f5752f4de9 Mon Sep 17 00:00:00 2001 From: Daniel Berteaud Date: Thu, 26 Aug 2021 10:00:06 +0200 Subject: [PATCH] Update to 2021-08-26 10:00 --- README.md | 9 ++++++--- roles/appsmith/defaults/main.yml | 4 ++-- roles/elasticsearch/tasks/main.yml | 8 ++++---- roles/navidrome/defaults/main.yml | 4 ++-- roles/paperless_ng/meta/main.yml | 1 + roles/paperless_ng/tasks/conf.yml | 4 ++++ roles/paperless_ng/tasks/directories.yml | 1 + roles/paperless_ng/templates/paperless.conf.j2 | 1 + roles/paperless_ng/vars/RedHat-8.yml | 3 +++ 9 files changed, 24 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index 3dbc196..d39fabe 100644 --- a/README.md +++ b/README.md @@ -143,9 +143,12 @@ nginx_auto_letsencrypt_cert: True # Default vhost settings nginx_default_vhost_extra: auth: llng - naxsi: False - naxsi_learn: True - csp: "default-src 'self' 'unsafe-inline' blob:; style-src-elem 'self' 'unsafe-inline' data:; img-src 'self' data: blob: https://stats.fws.fr; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://stats.fws.fr blob:; font-src 'self' data:" + csp: >- + default-src 'self' 'unsafe-inline' blob:; + style-src-elem 'self' 'unsafe-inline' data:; + img-src 'self' data: blob: https://stats.fws.fr; + script-src 'self' 'unsafe-inline' 'unsafe-eval' https://stats.fws.fr blob:; + font-src 'self' data: proxy: cache: True backend: http://web1.fws.fr diff --git a/roles/appsmith/defaults/main.yml b/roles/appsmith/defaults/main.yml index 1fdfda9..b9626df 100644 --- a/roles/appsmith/defaults/main.yml +++ b/roles/appsmith/defaults/main.yml @@ -1,11 +1,11 @@ --- # Version to deploy -appsmith_version: 1.5.13 +appsmith_version: 1.5.15 # URL of the source archive appsmith_archive_url: https://github.com/appsmithorg/appsmith/archive/v{{ appsmith_version }}.tar.gz # sha1sum of the archive -appsmith_archive_sha1: dc5dd143ee781e3b17438f485bdada8b878c8fb6 +appsmith_archive_sha1: 55834598899879579baa3e6a97620016332a353d # Root directory where appsmith will be installed appsmith_root_dir: /opt/appsmith diff --git a/roles/elasticsearch/tasks/main.yml b/roles/elasticsearch/tasks/main.yml index f846b45..1d42527 100644 --- a/roles/elasticsearch/tasks/main.yml +++ b/roles/elasticsearch/tasks/main.yml @@ -50,6 +50,10 @@ - post tags: es +- name: Create backup dir + file: path={{ es_backup_dir }} state=directory owner=elasticsearch group=elasticsearch mode=700 + tags: es + - name: Create systemd unit snippet dir file: path=/etc/systemd/system/elasticsearch.service.d state=directory tags: es @@ -80,10 +84,6 @@ service: name=elasticsearch state=started enabled=True tags: es -- name: Create backup dir - file: path={{ es_backup_dir }} state=directory owner=elasticsearch group=elasticsearch mode=700 - tags: es - - name: Declare repo in ElasticSearch uri: url: http://localhost:{{ es_port }}/_snapshot/lbkp diff --git a/roles/navidrome/defaults/main.yml b/roles/navidrome/defaults/main.yml index 5e16f9a..693d3ea 100644 --- a/roles/navidrome/defaults/main.yml +++ b/roles/navidrome/defaults/main.yml @@ -1,11 +1,11 @@ --- # Version to deploy -nd_version: 0.44.1 +nd_version: 0.45.1 # URL of the archive nd_archive_url: https://github.com/navidrome/navidrome/releases/download/v{{ nd_version }}/navidrome_{{ nd_version }}_Linux_x86_64.tar.gz # Expected sha1 of the archive -nd_archive_sha1: 39acb4fc6f4375d50da96c00ecc07045b0263dca +nd_archive_sha1: f9ed7672d520afdfd80002c3cf91619d42785faf # Should ansible handle upgrades, or only initial install ? nd_manage_upgrade: True diff --git a/roles/paperless_ng/meta/main.yml b/roles/paperless_ng/meta/main.yml index a46619b..23e7545 100644 --- a/roles/paperless_ng/meta/main.yml +++ b/roles/paperless_ng/meta/main.yml @@ -6,3 +6,4 @@ dependencies: when: paperless_db_server in ['localhost','127.0.0.1'] - role: redis_server when: paperless_redis_url | urlsplit('hostname') in ['localhost','127.0.0.1'] + - role: repo_rpmfusion # for ffmpeg, required by unpaper diff --git a/roles/paperless_ng/tasks/conf.yml b/roles/paperless_ng/tasks/conf.yml index f77eb93..399d038 100644 --- a/roles/paperless_ng/tasks/conf.yml +++ b/roles/paperless_ng/tasks/conf.yml @@ -23,6 +23,9 @@ app_path: "{{ paperless_root_dir }}/app/src" virtualenv: "{{ paperless_root_dir }}/venv" + - name: Set correct permissions + file: path={{ paperless_root_dir }}/media recurse=True owner={{ paperless_user }} group={{ paperless_user }} + tags: ged - when: paperless_install_mode == 'install' @@ -36,3 +39,4 @@ DJANGO_SUPERUSER_PASSWORD: '{{ paperless_admin_pass }}' tags: ged + diff --git a/roles/paperless_ng/tasks/directories.yml b/roles/paperless_ng/tasks/directories.yml index 8ea8b89..377b500 100644 --- a/roles/paperless_ng/tasks/directories.yml +++ b/roles/paperless_ng/tasks/directories.yml @@ -22,6 +22,7 @@ mode: 700 - dir: media owner: "{{ paperless_user }}" + mode: 700 - dir: static - dir: consume owner: "{{ paperless_user }}" diff --git a/roles/paperless_ng/templates/paperless.conf.j2 b/roles/paperless_ng/templates/paperless.conf.j2 index 51433c6..90ba912 100644 --- a/roles/paperless_ng/templates/paperless.conf.j2 +++ b/roles/paperless_ng/templates/paperless.conf.j2 @@ -24,6 +24,7 @@ PAPERLESS_CONSUMER_DELETE_DUPLICATES=True PAPERLESS_CONSUMER_RECURSIVE=True PAPERLESS_CONSUMER_SUBDIRS_AS_TAGS=True PAPERLESS_CONVERT_TMPDIR={{ paperless_root_dir }}/tmp +PAPERLESS_SCRATCH_DIR={{ paperless_root_dir }}/tmp {% if paperless_auth_header is defined %} PAPERLESS_ENABLE_HTTP_REMOTE_USER=True PAPERLESS_HTTP_REMOTE_USER_HEADER_NAME={{ paperless_auth_header }} diff --git a/roles/paperless_ng/vars/RedHat-8.yml b/roles/paperless_ng/vars/RedHat-8.yml index eea8558..6da96c4 100644 --- a/roles/paperless_ng/vars/RedHat-8.yml +++ b/roles/paperless_ng/vars/RedHat-8.yml @@ -13,8 +13,11 @@ paperless_packages: - libpq-devel - file-libs - tesseract + - tesseract-osd - tesseract-langpack-fra - tesseract-langpack-deu - tesseract-langpack-spa - tesseract-langpack-ita - policycoreutils + - unpaper + - ghostscript