diff --git a/roles/bookstack/defaults/main.yml b/roles/bookstack/defaults/main.yml index 8126dac..a7eb997 100644 --- a/roles/bookstack/defaults/main.yml +++ b/roles/bookstack/defaults/main.yml @@ -56,3 +56,13 @@ bookstack_email_port: 25 # Encryption can be tls, ssl or null bookstack_email_encryption: 'null' +# Default lang +bookstack_default_lang: fr + +# You can set custom directive with this: +# bookstack_settings: +# AUTH_METHOD: saml2 +# SAML2_NAME: SSO +# SAML2_EMAIL_ATTRIBUTE: email +bookstack_settings: {} + diff --git a/roles/bookstack/tasks/directories.yml b/roles/bookstack/tasks/directories.yml index 3e97b06..c3b6fa1 100644 --- a/roles/bookstack/tasks/directories.yml +++ b/roles/bookstack/tasks/directories.yml @@ -13,10 +13,10 @@ - dir: "{{ bookstack_root_dir }}/app" - dir: "{{ bookstack_root_dir }}/sessions" group: "{{ bookstack_php_user }}" - mod: 770 + mode: 770 - dir: "{{ bookstack_root_dir }}/tmp" group: "{{ bookstack_php_user }}" - mod: 770 + mode: 770 - dir: "{{ bookstack_root_dir }}/data" group: "{{ bookstack_php_user }}" mod: 700 diff --git a/roles/bookstack/templates/env.j2 b/roles/bookstack/templates/env.j2 index 76597fc..1029023 100644 --- a/roles/bookstack/templates/env.j2 +++ b/roles/bookstack/templates/env.j2 @@ -15,6 +15,9 @@ MAIL_PASSWORD={{ bookstack_email_pass | quote }} {% endif %} MAIL_ENCRYPTION={{ bookstack_email_encryption }} APP_TIMEZONE={{ system_tz | default('UTC') }} +APP_LANG={{ bookstack_default_lang }} SESSION_COOKIE_NAME=bookstack_{{ bookstack_id }}_session CACHE_PREFIX=bookstack_{{ bookstack_id }} -#STORAGE_TYPE=local_secure +{% for key in bookstack_settings.keys() | list %} +{{ key }}="{{ bookstack_settings[key] }}" +{% endfor %} diff --git a/roles/bookstack/templates/perms.sh.j2 b/roles/bookstack/templates/perms.sh.j2 index 0dab99c..441ce84 100644 --- a/roles/bookstack/templates/perms.sh.j2 +++ b/roles/bookstack/templates/perms.sh.j2 @@ -3,7 +3,7 @@ restorecon -R {{ bookstack_root_dir }} chown root:root {{ bookstack_root_dir }} chmod 700 {{ bookstack_root_dir }} -setfacl -k -b {{ bookstack_root_dir }} +setfacl -R -k -b {{ bookstack_root_dir }} setfacl -m u:{{ bookstack_php_user | default('apache') }}:rx,u:{{ httpd_user | default('apache') }}:x {{ bookstack_root_dir }} find {{ bookstack_root_dir }}/app -type f -exec chmod 644 "{}" \; find {{ bookstack_root_dir }}/app -type d -exec chmod 755 "{}" \; @@ -13,7 +13,7 @@ chown -R {{ bookstack_php_user }} {{ bookstack_root_dir }}/app/bootstrap/cache chmod 700 {{ bookstack_root_dir }}/app/bootstrap/cache chown -R {{ bookstack_php_user }} {{ bookstack_root_dir }}/data chmod 700 {{ bookstack_root_dir }}/data -setfacl -m u:{{ httpd_user | default('apache') }}:rx {{ bookstack_root_dir }} {{ bookstack_root_dir }}/app/public -setfacl -m u:{{ httpd_user | default('apache') }}:x {{ bookstack_root_dir }} {{ bookstack_root_dir }}/data/ -setfacl -R -m u:{{ httpd_user | default('apache') }}:rx {{ bookstack_root_dir }} {{ bookstack_root_dir }}/data/uploads +setfacl -R -m u:{{ httpd_user | default('apache') }}:rx {{ bookstack_root_dir }}/app/public +setfacl -m u:{{ httpd_user | default('apache') }}:x {{ bookstack_root_dir }}/data/ +setfacl -R -m u:{{ httpd_user | default('apache') }}:rx {{ bookstack_root_dir }}/data/uploads find {{ bookstack_root_dir }} -name .htaccess -exec chmod 644 "{}" \;