Ansible roles
181 lines
4.7 KiB

#- name: Build config for domains
# set_fact: zcs_domains_conf={{ zcs_domains_conf | default([]) + [zcs_domain_defaults | combine(zcs_domains[item])] }}
# with_items: "{{ zcs_domains.keys() | list }}"
# tags: zcs
#- set_fact: zcs_domains={{ zcs_domains_conf | default([]) }}
# tags: zcs
- name: Install dependencies
- tar
- MySQL-python
- perl-JSON
tags: zcs
- name: Check if zimbra is installed
stat: path=/opt/zimbra/bin/zmprov
register: zcs_zmprov
tags: zcs
#- name: Stop postfix
# service: name=postfix state=stopped enabled=False
# tags: zcs
- include_tasks: install.yml
- zcs_install == True
- not zcs_zmprov.stat.exists
tags: zcs
- name: Exit if not installed
meta: end_host
when: zcs_install != True and not zcs_zmprov.stat.exists
tags: zcs
- set_fact: zcs_i_am_primary_ldap={{ (inventory_hostname == zcs_primary_ldap) | ternary(True,False) }}
tags: zcs
- name: Fetch the LDAP admin pass
shell: /opt/zimbra/bin/zmlocalconfig -s zimbra_ldap_password | awk '{ print $3}'
changed_when: False
register: zcs_ldap_admin_pass
when: zcs_ldap_admin_pass is not defined
tags: zcs
- set_fact: zcs_ldap_admin_pass={{ zcs_ldap_admin_pass.stdout }}
when: zcs_ldap_admin_pass.stdout is defined
tags: zcs
- name: Install wrapper scripts
template: src=zimbra_wrapper.j2 dest=/usr/local/bin/{{ item }} mode=0755
- zmprov
- zmcontrol
- zmhostname
- zmmailbox
- zmlocalconfig
tags: zcs
#- name: Check installed components
# command: rpm -q zimbra-{{ item }}
# args:
# warn: False
# register: zcs_components
# failed_when: False
# changed_when: False
# loop:
# - ldap
# - logger
# - mta
# - dnscache
# - snmp
# - store
# - apache
# - spell
# - memcached
# - proxy
# - drive
# tags: zcs
- name: List enabled components
shell: '/opt/zimbra/bin/zmprov getServer {{ inventory_hostname }} zimbraServiceEnabled | perl -ne ''m/^zimbraServiceEnabled: (\w+)/ && print "$1\n"'''
become_user: zimbra
register: zcs_enabled_components
changed_when: False
tags: zcs
- set_fact: zcs_enabled_components={{ zcs_enabled_components.stdout_lines }}
tags: zcs
- include_tasks: "{{ component }}.yml"
loop: "{{ zcs_enabled_components }}"
loop_var: component
tags: zcs
- name: Handle general ports
name: zcs_general_ports
state: "{{ (zcs_cluster_ip | length > 0) | ternary('present','absent') }}"
rules: "-A INPUT -m state --state NEW -p tcp -m multiport --dports 22 -s {{ zcs_cluster_ip | join(',') }} -j ACCEPT"
when: iptables_manage | default(True)
tags: zcs
- include_tasks: zmldapsync.yml
when: zcs_i_am_primary_ldap == True
tags: zcs
- name: Install backup help script
dest: /opt/zimbra/bin/zmbh
mode: '0755'
tags: zcs
- name: Remove old backup helper script
file: path=/usr/local/bin/ state=absent
tags: zcs
- name: Create directories
file: path={{ item.dir }} state=directory owner={{ item.owner | default(omit) }} group={{ | default(omit) }} mode={{ item.mode | default(omit) }}
- dir: /opt/zimbra/addon_cache
- dir: /opt/zimbra/meta
mode: '0700'
tags: zcs
#- include_tasks: backup.yml
# when: zcs_i_am_primary_ldap == True
# tags: zcs
- name: Identify logger host
shell: /opt/zimbra/bin/zmprov gcf zimbraLogHostname | awk '{ print $2 }'
become_user: zimbra
register: zcs_log_hostname
changed_when: False
tags: zcs
- set_fact: zcs_log_hostname={{ zcs_log_hostname.stdout }}
tags: zcs
- name: Deploy syslog config
template: src=rsyslog.conf.j2 dest=/etc/rsyslog.conf
notify: restart rsyslog
tags: zcs
- name: Deploy Let's Encrypt hook
template: dest=/etc/dehydrated/hooks_deploy_cert.d/ mode=755
when: zcs_letsencrypt == True
tags: zcs
- name: Remove Let's Encrypt hook
file: path=/etc/dehydrated/hooks_deploy_cert.d/ state=absent
when: zcs_letsencrypt != True
tags: zcs
- name: Create pre and post backup hook dir
file: path=/etc/backup/{{ item }}.d state=directory
- pre
- post
tags: zcs
- name: Deploy pre and post backup scripts
template: src={{ item }} dest=/etc/backup/{{ item }}.d/ mode=0750
- pre
- post
tags: zcs
- name: Create backup mount point
file: path=/home/lbkp/zimbra state=directory
tags: zcs
- name: Remove temp files
file: path={{ item }} state=absent
- /tmp/zimbra
- /tmp/
tags: zcs
- include: filebeat.yml