fws
/
ansible-roles
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Ansible roles
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
637 Commits
1 Branch
0 Tags
7.5 MiB
 
 
 
 
 
 
Tag: Branch: Tree: b84d0c8d90
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'b84d0c8d90'
${ noResults }
ansible-roles/roles/zimbra/tasks/main.yml

192 lines
5.0 KiB
Raw Blame History

---
#- name: Build config for domains
# set_fact: zcs_domains_conf={{ zcs_domains_conf | default([]) + [zcs_domain_defaults | combine(zcs_domains[item])] }}
# with_items: "{{ zcs_domains.keys() | list }}"
# tags: zcs
#- set_fact: zcs_domains={{ zcs_domains_conf | default([]) }}
# tags: zcs
- name: Install dependencies
yum:
name:
- tar
- MySQL-python
- perl-JSON
- patch
tags: zcs
- name: Check if zimbra is installed
stat: path=/opt/zimbra/bin/zmprov
register: zcs_zmprov
tags: zcs
#- name: Stop postfix
# service: name=postfix state=stopped enabled=False
# tags: zcs
- include_tasks: install.yml
when:
- zcs_install == True
- not zcs_zmprov.stat.exists
tags: zcs
- name: Exit if not installed
meta: end_host
when: zcs_install != True and (zcs_zmprov is not defined or zcs_zmprov.stat is not defined or not zcs_zmprov.stat.exists)
tags: zcs
- set_fact: zcs_i_am_primary_ldap={{ (inventory_hostname == zcs_primary_ldap) | ternary(True,False) }}
tags: zcs
- name: Fetch the LDAP admin pass
shell: /opt/zimbra/bin/zmlocalconfig -s zimbra_ldap_password | awk '{ print $3}'
changed_when: False
register: zcs_ldap_admin_pass
when: zcs_ldap_admin_pass is not defined
tags: zcs
- set_fact: zcs_ldap_admin_pass={{ zcs_ldap_admin_pass.stdout }}
when: zcs_ldap_admin_pass.stdout is defined
tags: zcs
- name: Install wrapper scripts
template: src=zimbra_wrapper.j2 dest=/usr/local/bin/{{ item }} mode=0755
loop:
- zmprov
- zmcontrol
- zmhostname
- zmmailbox
- zmlocalconfig
tags: zcs
#- name: Check installed components
# command: rpm -q zimbra-{{ item }}
# args:
# warn: False
# register: zcs_components
# failed_when: False
# changed_when: False
# loop:
# - ldap
# - logger
# - mta
# - dnscache
# - snmp
# - store
# - apache
# - spell
# - memcached
# - proxy
# - drive
# tags: zcs
- name: List enabled components
shell: '/opt/zimbra/bin/zmprov getServer {{ inventory_hostname }} zimbraServiceEnabled | perl -ne ''m/^zimbraServiceEnabled: (\w+)/ && print "$1\n"'''
become_user: zimbra
register: zcs_enabled_components
changed_when: False
tags: zcs
- set_fact: zcs_enabled_components={{ zcs_enabled_components.stdout_lines }}
tags: zcs
- include_tasks: "{{ component }}.yml"
loop: "{{ zcs_enabled_components }}"
loop_control:
loop_var: component
tags: zcs
- name: Handle general ports
iptables_raw:
name: zcs_general_ports
state: "{{ (zcs_cluster_ip | length > 0) | ternary('present','absent') }}"
rules: "-A INPUT -m state --state NEW -p tcp -m multiport --dports 22 -s {{ zcs_cluster_ip | join(',') }} -j ACCEPT"
when: iptables_manage | default(True)
tags: zcs
- include_tasks: zmldapsync.yml
when: zcs_i_am_primary_ldap == True
tags: zcs
- name: Install backup help script
get_url:
url: https://git.fws.fr/dani/zimbra/raw/branch/master/zmbh/zmbh.pl
dest: /opt/zimbra/bin/zmbh
mode: '0755'
tags: zcs
- name: Remove old backup helper script
file: path=/usr/local/bin/zmbh.pl state=absent
tags: zcs
- name: Create directories
file: path={{ item.dir }} state=directory owner={{ item.owner | default(omit) }} group={{ item.group | default(omit) }} mode={{ item.mode | default(omit) }}
loop:
- dir: /opt/zimbra/addon_cache
- dir: /opt/zimbra/meta
mode: '0700'
tags: zcs
#- include_tasks: backup.yml
# when: zcs_i_am_primary_ldap == True
# tags: zcs
- name: Identify logger host
shell: /opt/zimbra/bin/zmprov gcf zimbraLogHostname | awk '{ print $2 }'
become_user: zimbra
register: zcs_log_hostname
changed_when: False
tags: zcs
- set_fact: zcs_log_hostname={{ zcs_log_hostname.stdout }}
tags: zcs
- name: Deploy syslog config
template: src=rsyslog.conf.j2 dest=/etc/rsyslog.conf
notify: restart rsyslog
tags: zcs
- name: Set correct SELinux context on logs
block:
- sefcontext:
target: "/opt/zimbra/log(/.*)?"
setype: var_log_t
- command: restorecon -R /opt/zimbra/log
changed_when: False
when: ansible_selinux.status == 'enabled'
tags: zcs
- name: Deploy Let's Encrypt hook
template: src=dehydrated_hook.sh.j2 dest=/etc/dehydrated/hooks_deploy_cert.d/20zimbra.sh mode=755
when: zcs_letsencrypt == True
tags: zcs
- name: Remove Let's Encrypt hook
file: path=/etc/dehydrated/hooks_deploy_cert.d/20zimbra.sh state=absent
when: zcs_letsencrypt != True
tags: zcs
- name: Create pre and post backup hook dir
file: path=/etc/backup/{{ item }}.d state=directory
loop:
- pre
- post
tags: zcs
- name: Deploy pre and post backup scripts
template: src={{ item }}_backup.sh.j2 dest=/etc/backup/{{ item }}.d/zimbra.sh mode=0750
loop:
- pre
- post
tags: zcs
- name: Create backup mount point
file: path=/home/lbkp/zimbra state=directory
tags: zcs
- name: Remove temp files
file: path={{ item }} state=absent
loop:
- /tmp/zimbra
- /tmp/tk_barrydegraaff_sharetoolkit_admin.zip
tags: zcs
- include: filebeat.yml