fws
/
ansible-roles
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Update to 2021-11-24 11:00

Browse Source
master
Daniel Berteaud 3 years ago
parent 02cca6b343
commit e0bcc3ef3e
12 changed files with 118 additions and 98 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      roles/bookstack/defaults/main.yml
  2. 6
      roles/etherpad/defaults/main.yml
  3. 29
      roles/etherpad/tasks/archive_pre.yml
  4. 10
      roles/etherpad/tasks/cleanup.yml
  5. 4
      roles/etherpad/tasks/conf.yml
  6. 4
      roles/etherpad/tasks/directories.yml
  7. 66
      roles/etherpad/tasks/facts.yml
  8. 65
      roles/etherpad/tasks/install.yml
  9. 5
      roles/etherpad/templates/etherpad.service.j2
  10. 8
      roles/etherpad/templates/perms.sh.j2
  11. 2
      roles/etherpad/templates/post_backup.sh.j2
  12. 13
      roles/etherpad/templates/pre_backup.sh.j2

4
roles/bookstack/defaults/main.yml
Unescape View File

@ -1,11 +1,11 @@
--- ---
# Version to deploy # Version to deploy
bookstack_version: '21.11' bookstack_version: '21.11.1'
# URL of the arhive # URL of the arhive
bookstack_archive_url: https://github.com/BookStackApp/BookStack/archive/v{{ bookstack_version }}.tar.gz bookstack_archive_url: https://github.com/BookStackApp/BookStack/archive/v{{ bookstack_version }}.tar.gz
# Expected sha1 of the archive # Expected sha1 of the archive
bookstack_archive_sha1: 5e468cffd7c1a44e3d927c621d9edf6a6af5aedd bookstack_archive_sha1: 1e4fa33649a2fabbd081ec219908bc15d27a808a
# Should ansible handle bookstack upgrades or just the inintial install # Should ansible handle bookstack upgrades or just the inintial install
bookstack_manage_upgrade: True bookstack_manage_upgrade: True

6
roles/etherpad/defaults/main.yml
Unescape View File

@ -3,9 +3,9 @@
etherpad_id: 1 etherpad_id: 1
etherpad_root_dir: /opt/etherpad_{{ etherpad_id }} etherpad_root_dir: /opt/etherpad_{{ etherpad_id }}
etherpad_user: etherpad_{{ etherpad_id }} etherpad_user: etherpad_{{ etherpad_id }}
etherpad_version: 1.8.14 etherpad_version: 1.8.15
etherpad_archive_url: https://github.com/ether/etherpad-lite/archive/{{ etherpad_version }}.tar.gz etherpad_archive_url: https://github.com/ether/etherpad-lite/archive/{{ etherpad_version }}.tar.gz
etherpad_archive_sha1: 6df38bd74bf87c95196382e374a701dca12d8226 etherpad_archive_sha1: c7995d0418c919d97e62c941e70fb20940ce7b35
etherpad_port: 9003 etherpad_port: 9003
etherpad_src_ip: [] etherpad_src_ip: []
@ -26,7 +26,5 @@ etherpad_plugins_base:
- adminpads - adminpads
- delete_after_delay - delete_after_delay
- delete_empty_pads - delete_empty_pads
- small_list
- markdown
etherpad_plugins_extra: [] etherpad_plugins_extra: []
etherpad_plugins: "{{ etherpad_plugins_base + etherpad_plugins_extra }}" etherpad_plugins: "{{ etherpad_plugins_base + etherpad_plugins_extra }}"

29
roles/etherpad/tasks/archive_pre.yml
Unescape View File

@ -1,9 +1,28 @@
--- ---
- import_tasks: ../includes/webapps_archive.yml - name: Create archive dir
vars: file: path={{ etherpad_root_dir }}/archives/{{ etherpad_current_version }} state=directory mode=700
- root_dir: "{{ etherpad_root_dir }}"
- version: "{{ current_version }}"
- db_name: "{{ etherpad_db_name }}"
tags: etherpad tags: etherpad
- name: Archive previous version
synchronize:
src: "{{ etherpad_root_dir }}/{{ etherpad_web_dir.stat.exists | ternary('web','app') }}" # previous versions were installed in the web subdir, now in app)
dest: "{{ etherpad_root_dir }}/archives/{{ etherpad_current_version }}/"
compress: False
delete: True
delegate_to: "{{ inventory_hostname }}"
tags: etherpad
- name: Dump the database
mysql_db:
state: dump
name: "{{ etherpad_db_name }}"
target: "{{ etherpad_root_dir }}/archives/{{ etherpad_current_version }}/{{ etherpad_db_name }}.sql.xz"
login_host: "{{ etherpad_db_server | default(mysql_server) }}"
login_user: "{{ etherpad_db_user }}"
login_password: "{{ etherpad_db_pass }}"
quick: True
single_transaction: True
environment:
XZ_OPT: -T0
tags: etherpad

10
roles/etherpad/tasks/cleanup.yml
Unescape View File

@ -1,8 +1,10 @@
--- ---
- name: Remove temp files - name: Remove temp and obsolete files
file: path={{ etherpad_root_dir }}/tmp/{{ item }} state=absent file: path={{ etherpad_root_dir }}/{{ item }} state=absent
loop: loop:
- etherpad-lite-{{ etherpad_version }} - tmp/etherpad-lite-{{ etherpad_version }}
- etherpad-lite-{{ etherpad_version }}.tar.gz - tmp/etherpad-lite-{{ etherpad_version }}.tar.gz
- web
- db_dumps
tags: etherpad tags: etherpad

4
roles/etherpad/tasks/conf.yml
Unescape View File

@ -1,7 +1,7 @@
--- ---
- name: Configure random keys - name: Configure random keys
copy: content={{ item.value }} dest={{ etherpad_root_dir }}/web/{{ item.file }} copy: content={{ item.value }} dest={{ etherpad_root_dir }}/app/{{ item.file }} owner={{ etherpad_user }} group={{ etherpad_user }} mode=600
loop: loop:
- file: SESSIONKEY.txt - file: SESSIONKEY.txt
value: "{{ etherpad_session_key }}" value: "{{ etherpad_session_key }}"
@ -10,6 +10,6 @@
tags: etherpad tags: etherpad
- name: Deploy service configuration - name: Deploy service configuration
template: src=settings.json.j2 dest={{ etherpad_root_dir }}/web/settings.json template: src=settings.json.j2 dest={{ etherpad_root_dir }}/app/settings.json
notify: restart etherpad notify: restart etherpad
tags: etherpad tags: etherpad

4
roles/etherpad/tasks/directories.yml
Unescape View File

@ -8,11 +8,11 @@
- dir: tmp - dir: tmp
mode: 770 mode: 770
group: "{{ etherpad_user }}" group: "{{ etherpad_user }}"
- dir: db_dumps - dir: backup
mode: 700 mode: 700
- dir: archives - dir: archives
mode: 700 mode: 700
- dir: web - dir: app
owner: "{{ etherpad_user }}" owner: "{{ etherpad_user }}"
tags: etherpad tags: etherpad

66
roles/etherpad/tasks/facts.yml
Unescape View File

@ -1,44 +1,46 @@
--- ---
- import_tasks: ../includes/webapps_set_install_mode.yml - block:
vars: - import_tasks: ../includes/webapps_set_install_mode.yml
root_dir: "{{ etherpad_root_dir }}" vars:
version: "{{ etherpad_version }}" root_dir: "{{ etherpad_root_dir }}"
tags: etherpad version: "{{ etherpad_version }}"
- set_fact: etherpad_install_mode={{ install_mode }} - set_fact: etherpad_install_mode={{ install_mode }}
- set_fact: etherpad_current_version={{ current_version | default('') }}
tags: etherpad tags: etherpad
- import_tasks: ../includes/get_rand_pass.yml - when: etherpad_db_pass is not defined
vars: block:
- pass_file: "{{etherpad_root_dir }}/meta/ansible_dbpass" - import_tasks: ../includes/get_rand_pass.yml
when: etherpad_db_pass is not defined vars:
tags: etherpad - pass_file: "{{etherpad_root_dir }}/meta/ansible_dbpass"
- set_fact: etherpad_db_pass={{ rand_pass }} - set_fact: etherpad_db_pass={{ rand_pass }}
when: etherpad_db_pass is not defined
tags: etherpad tags: etherpad
- import_tasks: ../includes/get_rand_pass.yml - block:
vars: - import_tasks: ../includes/get_rand_pass.yml
- pass_file: "{{etherpad_root_dir }}/meta/ansible_session_key" vars:
tags: etherpad - pass_file: "{{etherpad_root_dir }}/meta/ansible_session_key"
- set_fact: etherpad_session_key={{ rand_pass }} - set_fact: etherpad_session_key={{ rand_pass }}
tags: etherpad tags: etherpad
- import_tasks: ../includes/get_rand_pass.yml - when: etherpad_api_key is not defined
vars: block:
- pass_file: "{{etherpad_root_dir }}/meta/ansible_api_key" - import_tasks: ../includes/get_rand_pass.yml
when: etherpad_api_key is not defined vars:
tags: etherpad - pass_file: "{{etherpad_root_dir }}/meta/ansible_api_key"
- set_fact: etherpad_api_key={{ rand_pass }} - set_fact: etherpad_api_key={{ rand_pass }}
when: etherpad_api_key is not defined
tags: etherpad tags: etherpad
- import_tasks: ../includes/get_rand_pass.yml - when: etherpad_admin_pass is not defined
vars: block:
- pass_file: "{{etherpad_root_dir }}/meta/ansible_admin_pass" - import_tasks: ../includes/get_rand_pass.yml
when: etherpad_admin_pass is not defined vars:
tags: etherpad - pass_file: "{{etherpad_root_dir }}/meta/ansible_admin_pass"
- set_fact: etherpad_admin_pass={{ rand_pass }} - set_fact: etherpad_admin_pass={{ rand_pass }}
when: etherpad_admin_pass is not defined
tags: etherpad tags: etherpad
- name: Check if web dir exists
stat: path={{ etherpad_root_dir }}/web
register: etherpad_web_dir
tags: etherpad

65
roles/etherpad/tasks/install.yml
Unescape View File

@ -7,48 +7,45 @@
notify: restart etherpad notify: restart etherpad
tags: etherpad tags: etherpad
- name: Download etherpad - when: etherpad_install_mode != 'none'
get_url: block:
url: "{{ etherpad_archive_url }}" - name: Download etherpad
dest: "{{ etherpad_root_dir }}/tmp" get_url:
checksum: "sha1:{{ etherpad_archive_sha1 }}" url: "{{ etherpad_archive_url }}"
when: etherpad_install_mode != 'none' dest: "{{ etherpad_root_dir }}/tmp"
tags: etherpad checksum: "sha1:{{ etherpad_archive_sha1 }}"
- name: Extract etherpad
unarchive:
src: "{{ etherpad_root_dir }}/tmp/etherpad-lite-{{ etherpad_version }}.tar.gz"
dest: "{{ etherpad_root_dir }}/tmp/"
remote_src: True
- name: Move etherpad to its correct dir
synchronize:
src: "{{ etherpad_root_dir }}/tmp/etherpad-lite-{{ etherpad_version }}/"
dest: "{{ etherpad_root_dir }}/app/"
recursive: True
delete: True
compress: False
delegate_to: "{{ inventory_hostname }}"
become_user: "{{ etherpad_user }}"
- name: Extract etherpad
unarchive:
src: "{{ etherpad_root_dir }}/tmp/etherpad-lite-{{ etherpad_version }}.tar.gz"
dest: "{{ etherpad_root_dir }}/tmp/"
remote_src: True
when: etherpad_install_mode != 'none'
tags: etherpad
- name: Move etherpad to its correct dir
synchronize:
src: "{{ etherpad_root_dir }}/tmp/etherpad-lite-{{ etherpad_version }}/"
dest: "{{ etherpad_root_dir }}/web/"
recursive: True
delete: True
delegate_to: "{{ inventory_hostname }}"
become_user: "{{ etherpad_user }}"
when: etherpad_install_mode != 'none'
tags: etherpad
- name: Ensure node_modules dir exists
file: path={{ etherpad_root_dir }}/web/node_modules state=directory
tags: etherpad
- name: Link etherpad sources in node_modules
file: src={{ etherpad_root_dir }}/web/src dest={{ etherpad_root_dir }}/web/node_modules/ep_etherpad-lite state=link
tags: etherpad tags: etherpad
- name: Install node modules - name: Install node modules
npm: path={{ etherpad_root_dir }}/web/node_modules/ep_etherpad-lite production=True state={{ (etherpad_install_mode == 'none') | ternary('present','latest') }} npm:
path: "{{ etherpad_root_dir }}/app/src"
state: "{{ (etherpad_install_mode == 'none') | ternary('present','latest') }}"
become_user: "{{ etherpad_user }}" become_user: "{{ etherpad_user }}"
notify: restart etherpad
tags: etherpad tags: etherpad
- name: Install plugins - name: Install plugins
npm: name=ep_{{ item }} path={{ etherpad_root_dir }}/web/node_modules/ep_etherpad-lite production=True state={{ (etherpad_install_mode == 'none') | ternary('present','latest') }} npm:
name: ep_{{ item }}
path: "{{ etherpad_root_dir }}/app/src"
state: "{{ (etherpad_install_mode == 'none') | ternary('present','latest') }}"
loop: "{{ etherpad_plugins }}" loop: "{{ etherpad_plugins }}"
become_user: "{{ etherpad_user }}" become_user: "{{ etherpad_user }}"
notify: restart etherpad notify: restart etherpad

5
roles/etherpad/templates/etherpad.service.j2
Unescape View File

@ -6,9 +6,8 @@ After=syslog.target network.target
Type=simple Type=simple
User={{ etherpad_user }} User={{ etherpad_user }}
Group={{ etherpad_user }} Group={{ etherpad_user }}
WorkingDirectory={{ etherpad_root_dir }}/web WorkingDirectory={{ etherpad_root_dir }}/app
ExecStartPre=/bin/rm -f {{ etherpad_root_dir }}/web/var/minified* ExecStart=/usr/bin/node ./src/node/server.js
ExecStart=/usr/bin/node ./node_modules/ep_etherpad-lite/node/server.js
PrivateTmp=yes PrivateTmp=yes
PrivateDevices=yes PrivateDevices=yes
ProtectSystem=full ProtectSystem=full

8
roles/etherpad/templates/perms.sh.j2
Unescape View File

@ -1,7 +1,7 @@
#!/bin/bash -e #!/bin/bash -e
restorecon -R {{ etherpad_root_dir }} restorecon -R {{ etherpad_root_dir }}
chown -R {{ etherpad_user }}:{{ etherpad_user }} {{ etherpad_root_dir }}/web chown -R {{ etherpad_user }}:{{ etherpad_user }} {{ etherpad_root_dir }}/app
find {{ etherpad_root_dir }}/web -type f -exec chmod 644 "{}" \; find {{ etherpad_root_dir }}/app -type f -exec chmod 644 "{}" \;
find {{ etherpad_root_dir }}/web -type d -exec chmod 755 "{}" \; find {{ etherpad_root_dir }}/app -type d -exec chmod 755 "{}" \;
chmod 640 {{ etherpad_root_dir }}/web/{settings.json,SESSIONKEY.txt,APIKEY.txt} chmod 600 {{ etherpad_root_dir }}/app/{settings.json,SESSIONKEY.txt,APIKEY.txt}

2
roles/etherpad/templates/post_backup.sh.j2
Unescape View File

@ -1,3 +1,3 @@
#!/bin/sh #!/bin/sh
rm -f {{ etherpad_root_dir }}/db_dumps/* rm -f {{ etherpad_root_dir }}/backup/*

13
roles/etherpad/templates/pre_backup.sh.j2
Unescape View File

@ -2,8 +2,11 @@
set -eo pipefail set -eo pipefail
/usr/bin/mysqldump --user={{ etherpad_db_user }} \ /usr/bin/mysqldump \
--password={{ etherpad_db_pass | quote }} \ {% if etherpad_db_server not in ['localhost', '127.0.0.1'] %}
--host={{ etherpad_db_server }} \ --user={{ etherpad_db_user }} \
--quick --single-transaction \ --password={{ etherpad_db_pass | quote }} \
--add-drop-table {{ etherpad_db_name }} | zstd -c > {{ etherpad_root_dir }}/db_dumps/{{ etherpad_db_name }}.sql.zst --host={{ etherpad_db_server }} \
{% endif %}
--quick --single-transaction \
--add-drop-table {{ etherpad_db_name }} | zstd -c > {{ etherpad_root_dir }}/backup/{{ etherpad_db_name }}.sql.zst

Write Preview
Loading…
Cancel
Save