From f6713c6b2ee70b62f68979af14081f4f30627da3 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Sun, 24 Jun 2018 14:33:04 -0400 Subject: [PATCH 01/95] Create Ansible play --- roles/lokole/mediawiki/defaults/main.yml | 24 ++++ roles/lokole/mediawiki/tasks/install.yml | 112 ++++++++++++++++++ roles/lokole/mediawiki/tasks/main.yml | 3 + .../mediawiki/templates/mediawiki.conf.j2 | 6 + 4 files changed, 145 insertions(+) create mode 100644 roles/lokole/mediawiki/defaults/main.yml create mode 100644 roles/lokole/mediawiki/tasks/install.yml create mode 100644 roles/lokole/mediawiki/tasks/main.yml create mode 100644 roles/lokole/mediawiki/templates/mediawiki.conf.j2 diff --git a/roles/lokole/mediawiki/defaults/main.yml b/roles/lokole/mediawiki/defaults/main.yml new file mode 100644 index 000000000..e75396acb --- /dev/null +++ b/roles/lokole/mediawiki/defaults/main.yml @@ -0,0 +1,24 @@ +mediawiki_major_version: "1.31" +mediawiki_minor_version: "0" +mediawiki_version: "{{ mediawiki_major_version }}.{{ mediawiki_minor_version }}" + +mediawiki_download_base_url: "https://releases.wikimedia.org/mediawiki/{{ mediawiki_major_version }}" +mediawiki_src: "mediawiki-{{ mediawiki_version }}.tar.gz" + +mediawiki_db_name: iiab_mediawiki +mediawiki_db_user: iiab_mediawiki_user +mediawiki_db_user_password: changeme + +mediawiki_admin_user: Admin +mediawiki_admin_user_password: changeme + +mediawiki_site_name: Community Wiki + +mediawiki_install: True +mediawiki_enabled: True + +mediawiki_install_path: "{{ content_base }}" +mediawiki_abs_path: "{{ mediawiki_install_path }}/mediawiki-{{ mediawiki_version }}" + +mediawiki_url: /mediawiki +mediawiki_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}/{{ mediawiki_url }}" diff --git a/roles/lokole/mediawiki/tasks/install.yml b/roles/lokole/mediawiki/tasks/install.yml new file mode 100644 index 000000000..cd89c0c71 --- /dev/null +++ b/roles/lokole/mediawiki/tasks/install.yml @@ -0,0 +1,112 @@ +- name: Install packages required by MediaWiki + package: + name: "{{ item }}" + state: present + with_items: + - "php{{ php_version }}-intl" + - "php{{ php_version }}-mbstring" + tags: + - download + +- name: Download MediaWiki software, per roles/mediawiki/defaults/main.yml + get_url: + url: "{{ mediawiki_download_base_url }}/{{ mediawiki_src }}" + dest: "{{ downloads_dir }}" + timeout: "{{ download_timeout }}" +# force: yes +# backup: yes + register: mediawiki_download_output + when: internet_available + +- name: Unpack download to permanent location + unarchive: + src: "{{ downloads_dir }}/{{ mediawiki_src }}" + dest: "{{ mediawiki_install_path }}" + owner: root + group: "{{ apache_user }}" + mode: 0755 + keep_newer: yes + +- name: MySQL database needs to be running if we are trying to create a new db + service: + state: started + name: "{{ mysql_service }}" + +- name: Create MySQL mediawiki database + mysql_db: + name: "{{ mediawiki_db_name }}" + state: present + +- name: Create MySQL mediawiki database user + mysql_user: + name: "{{ mediawiki_db_user }}" + password: "{{ mediawiki_db_user_password }}" + priv: "{{ mediawiki_db_name }}.*:ALL,GRANT" + state: present + +- name: Configure MediaWiki + shell: > + php '{{ mediawiki_abs_path }}/maintenance/install.php' + --dbname={{ mediawiki_db_name }} + --dbserver="localhost" + --installdbuser={{ mediawiki_db_user }} + --installdbpass={{ mediawiki_db_user_password }} + --dbuser={{ mediawiki_db_user }} + --dbpass={{ mediawiki_db_user_password }} + --scriptpath=/mediawiki + --lang=en + --pass={{ mediawiki_admin_user_password }} + "{{ mediawiki_site_name }}" + "{{ mediawiki_admin_user }}" + args: + chdir: "{{ mediawiki_abs_path }}" + creates: "{{ mediawiki_abs_path }}/LocalSettings.php" + +- name: Copy mediawiki httpd conf file + template: + src: mediawiki.conf.j2 + dest: "/etc/{{ apache_config_dir }}/mediawiki.conf" + +- name: Enable httpd conf file if we are disabled (debuntu) + file: + src: /etc/apache2/sites-available/mediawiki.conf + dest: /etc/apache2/sites-enabled/mediawiki.conf + state: link + when: mediawiki_enabled and is_debuntu + +- name: Remove httpd conf file if we are disabled (OS's other than debuntu) + file: + path: /etc/apache2/sites-enabled/mediawiki.conf + state: absent + when: not mediawiki_enabled and is_debuntu + +- name: Restart Apache, so it picks up the new aliases + service: + name: "{{ apache_service }}" + state: restarted + +- name: Add 'mediawiki' to list of services at /etc/iiab/iiab.ini + ini_file: + dest: "{{ service_filelist }}" + section: mediawiki + option: "{{ item.option }}" + value: "{{ item.value }}" + with_items: + - option: name + value: mediawiki + - option: description + value: '"mediawiki is a blog and web site management application."' + - option: mediawiki_src + value: "{{ mediawiki_src }}" + - option: mediawiki_abs_path + value: "{{ mediawiki_abs_path }}" + - option: mediawiki_db_name + value: "{{ mediawiki_db_name }}" + - option: mediawiki_db_user + value: "{{ mediawiki_db_user }}" + - option: mediawiki_url + value: "{{ mediawiki_url }}" + - option: mediawiki_full_url + value: "{{ mediawiki_full_url }}" + - option: mediawiki_enabled + value: "{{ mediawiki_enabled }}" diff --git a/roles/lokole/mediawiki/tasks/main.yml b/roles/lokole/mediawiki/tasks/main.yml new file mode 100644 index 000000000..6c77d3e7c --- /dev/null +++ b/roles/lokole/mediawiki/tasks/main.yml @@ -0,0 +1,3 @@ +- name: Include the install playbook + include_tasks: install.yml + when: mediawiki_install diff --git a/roles/lokole/mediawiki/templates/mediawiki.conf.j2 b/roles/lokole/mediawiki/templates/mediawiki.conf.j2 new file mode 100644 index 000000000..1da5e193b --- /dev/null +++ b/roles/lokole/mediawiki/templates/mediawiki.conf.j2 @@ -0,0 +1,6 @@ +Alias {{ mediawiki_url }} {{ mediawiki_abs_path }} + + Options Indexes FollowSymLinks + AllowOverride All + Require all granted + From 7c047bf95ef6fd5e580fd11abccdd3edda42dda3 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Sat, 7 Jul 2018 21:20:45 -0400 Subject: [PATCH 02/95] Move to superfolder --- roles/lokole/mediawiki/defaults/main.yml | 24 ---- roles/lokole/mediawiki/tasks/install.yml | 112 ------------------ roles/lokole/mediawiki/tasks/main.yml | 3 - .../mediawiki/templates/mediawiki.conf.j2 | 6 - 4 files changed, 145 deletions(-) delete mode 100644 roles/lokole/mediawiki/defaults/main.yml delete mode 100644 roles/lokole/mediawiki/tasks/install.yml delete mode 100644 roles/lokole/mediawiki/tasks/main.yml delete mode 100644 roles/lokole/mediawiki/templates/mediawiki.conf.j2 diff --git a/roles/lokole/mediawiki/defaults/main.yml b/roles/lokole/mediawiki/defaults/main.yml deleted file mode 100644 index e75396acb..000000000 --- a/roles/lokole/mediawiki/defaults/main.yml +++ /dev/null @@ -1,24 +0,0 @@ -mediawiki_major_version: "1.31" -mediawiki_minor_version: "0" -mediawiki_version: "{{ mediawiki_major_version }}.{{ mediawiki_minor_version }}" - -mediawiki_download_base_url: "https://releases.wikimedia.org/mediawiki/{{ mediawiki_major_version }}" -mediawiki_src: "mediawiki-{{ mediawiki_version }}.tar.gz" - -mediawiki_db_name: iiab_mediawiki -mediawiki_db_user: iiab_mediawiki_user -mediawiki_db_user_password: changeme - -mediawiki_admin_user: Admin -mediawiki_admin_user_password: changeme - -mediawiki_site_name: Community Wiki - -mediawiki_install: True -mediawiki_enabled: True - -mediawiki_install_path: "{{ content_base }}" -mediawiki_abs_path: "{{ mediawiki_install_path }}/mediawiki-{{ mediawiki_version }}" - -mediawiki_url: /mediawiki -mediawiki_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}/{{ mediawiki_url }}" diff --git a/roles/lokole/mediawiki/tasks/install.yml b/roles/lokole/mediawiki/tasks/install.yml deleted file mode 100644 index cd89c0c71..000000000 --- a/roles/lokole/mediawiki/tasks/install.yml +++ /dev/null @@ -1,112 +0,0 @@ -- name: Install packages required by MediaWiki - package: - name: "{{ item }}" - state: present - with_items: - - "php{{ php_version }}-intl" - - "php{{ php_version }}-mbstring" - tags: - - download - -- name: Download MediaWiki software, per roles/mediawiki/defaults/main.yml - get_url: - url: "{{ mediawiki_download_base_url }}/{{ mediawiki_src }}" - dest: "{{ downloads_dir }}" - timeout: "{{ download_timeout }}" -# force: yes -# backup: yes - register: mediawiki_download_output - when: internet_available - -- name: Unpack download to permanent location - unarchive: - src: "{{ downloads_dir }}/{{ mediawiki_src }}" - dest: "{{ mediawiki_install_path }}" - owner: root - group: "{{ apache_user }}" - mode: 0755 - keep_newer: yes - -- name: MySQL database needs to be running if we are trying to create a new db - service: - state: started - name: "{{ mysql_service }}" - -- name: Create MySQL mediawiki database - mysql_db: - name: "{{ mediawiki_db_name }}" - state: present - -- name: Create MySQL mediawiki database user - mysql_user: - name: "{{ mediawiki_db_user }}" - password: "{{ mediawiki_db_user_password }}" - priv: "{{ mediawiki_db_name }}.*:ALL,GRANT" - state: present - -- name: Configure MediaWiki - shell: > - php '{{ mediawiki_abs_path }}/maintenance/install.php' - --dbname={{ mediawiki_db_name }} - --dbserver="localhost" - --installdbuser={{ mediawiki_db_user }} - --installdbpass={{ mediawiki_db_user_password }} - --dbuser={{ mediawiki_db_user }} - --dbpass={{ mediawiki_db_user_password }} - --scriptpath=/mediawiki - --lang=en - --pass={{ mediawiki_admin_user_password }} - "{{ mediawiki_site_name }}" - "{{ mediawiki_admin_user }}" - args: - chdir: "{{ mediawiki_abs_path }}" - creates: "{{ mediawiki_abs_path }}/LocalSettings.php" - -- name: Copy mediawiki httpd conf file - template: - src: mediawiki.conf.j2 - dest: "/etc/{{ apache_config_dir }}/mediawiki.conf" - -- name: Enable httpd conf file if we are disabled (debuntu) - file: - src: /etc/apache2/sites-available/mediawiki.conf - dest: /etc/apache2/sites-enabled/mediawiki.conf - state: link - when: mediawiki_enabled and is_debuntu - -- name: Remove httpd conf file if we are disabled (OS's other than debuntu) - file: - path: /etc/apache2/sites-enabled/mediawiki.conf - state: absent - when: not mediawiki_enabled and is_debuntu - -- name: Restart Apache, so it picks up the new aliases - service: - name: "{{ apache_service }}" - state: restarted - -- name: Add 'mediawiki' to list of services at /etc/iiab/iiab.ini - ini_file: - dest: "{{ service_filelist }}" - section: mediawiki - option: "{{ item.option }}" - value: "{{ item.value }}" - with_items: - - option: name - value: mediawiki - - option: description - value: '"mediawiki is a blog and web site management application."' - - option: mediawiki_src - value: "{{ mediawiki_src }}" - - option: mediawiki_abs_path - value: "{{ mediawiki_abs_path }}" - - option: mediawiki_db_name - value: "{{ mediawiki_db_name }}" - - option: mediawiki_db_user - value: "{{ mediawiki_db_user }}" - - option: mediawiki_url - value: "{{ mediawiki_url }}" - - option: mediawiki_full_url - value: "{{ mediawiki_full_url }}" - - option: mediawiki_enabled - value: "{{ mediawiki_enabled }}" diff --git a/roles/lokole/mediawiki/tasks/main.yml b/roles/lokole/mediawiki/tasks/main.yml deleted file mode 100644 index 6c77d3e7c..000000000 --- a/roles/lokole/mediawiki/tasks/main.yml +++ /dev/null @@ -1,3 +0,0 @@ -- name: Include the install playbook - include_tasks: install.yml - when: mediawiki_install diff --git a/roles/lokole/mediawiki/templates/mediawiki.conf.j2 b/roles/lokole/mediawiki/templates/mediawiki.conf.j2 deleted file mode 100644 index 1da5e193b..000000000 --- a/roles/lokole/mediawiki/templates/mediawiki.conf.j2 +++ /dev/null @@ -1,6 +0,0 @@ -Alias {{ mediawiki_url }} {{ mediawiki_abs_path }} - - Options Indexes FollowSymLinks - AllowOverride All - Require all granted - From b4a850e48442f4847c9b9b2a5a10c831ee44e07a Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Sat, 7 Jul 2018 21:21:42 -0400 Subject: [PATCH 03/95] yeah --- roles/lokole/defaults/main.yml | 24 +++++ roles/lokole/tasks/install.yml | 112 +++++++++++++++++++++++ roles/lokole/tasks/main.yml | 3 + roles/lokole/templates/mediawiki.conf.j2 | 6 ++ 4 files changed, 145 insertions(+) create mode 100644 roles/lokole/defaults/main.yml create mode 100644 roles/lokole/tasks/install.yml create mode 100644 roles/lokole/tasks/main.yml create mode 100644 roles/lokole/templates/mediawiki.conf.j2 diff --git a/roles/lokole/defaults/main.yml b/roles/lokole/defaults/main.yml new file mode 100644 index 000000000..e75396acb --- /dev/null +++ b/roles/lokole/defaults/main.yml @@ -0,0 +1,24 @@ +mediawiki_major_version: "1.31" +mediawiki_minor_version: "0" +mediawiki_version: "{{ mediawiki_major_version }}.{{ mediawiki_minor_version }}" + +mediawiki_download_base_url: "https://releases.wikimedia.org/mediawiki/{{ mediawiki_major_version }}" +mediawiki_src: "mediawiki-{{ mediawiki_version }}.tar.gz" + +mediawiki_db_name: iiab_mediawiki +mediawiki_db_user: iiab_mediawiki_user +mediawiki_db_user_password: changeme + +mediawiki_admin_user: Admin +mediawiki_admin_user_password: changeme + +mediawiki_site_name: Community Wiki + +mediawiki_install: True +mediawiki_enabled: True + +mediawiki_install_path: "{{ content_base }}" +mediawiki_abs_path: "{{ mediawiki_install_path }}/mediawiki-{{ mediawiki_version }}" + +mediawiki_url: /mediawiki +mediawiki_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}/{{ mediawiki_url }}" diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml new file mode 100644 index 000000000..cd89c0c71 --- /dev/null +++ b/roles/lokole/tasks/install.yml @@ -0,0 +1,112 @@ +- name: Install packages required by MediaWiki + package: + name: "{{ item }}" + state: present + with_items: + - "php{{ php_version }}-intl" + - "php{{ php_version }}-mbstring" + tags: + - download + +- name: Download MediaWiki software, per roles/mediawiki/defaults/main.yml + get_url: + url: "{{ mediawiki_download_base_url }}/{{ mediawiki_src }}" + dest: "{{ downloads_dir }}" + timeout: "{{ download_timeout }}" +# force: yes +# backup: yes + register: mediawiki_download_output + when: internet_available + +- name: Unpack download to permanent location + unarchive: + src: "{{ downloads_dir }}/{{ mediawiki_src }}" + dest: "{{ mediawiki_install_path }}" + owner: root + group: "{{ apache_user }}" + mode: 0755 + keep_newer: yes + +- name: MySQL database needs to be running if we are trying to create a new db + service: + state: started + name: "{{ mysql_service }}" + +- name: Create MySQL mediawiki database + mysql_db: + name: "{{ mediawiki_db_name }}" + state: present + +- name: Create MySQL mediawiki database user + mysql_user: + name: "{{ mediawiki_db_user }}" + password: "{{ mediawiki_db_user_password }}" + priv: "{{ mediawiki_db_name }}.*:ALL,GRANT" + state: present + +- name: Configure MediaWiki + shell: > + php '{{ mediawiki_abs_path }}/maintenance/install.php' + --dbname={{ mediawiki_db_name }} + --dbserver="localhost" + --installdbuser={{ mediawiki_db_user }} + --installdbpass={{ mediawiki_db_user_password }} + --dbuser={{ mediawiki_db_user }} + --dbpass={{ mediawiki_db_user_password }} + --scriptpath=/mediawiki + --lang=en + --pass={{ mediawiki_admin_user_password }} + "{{ mediawiki_site_name }}" + "{{ mediawiki_admin_user }}" + args: + chdir: "{{ mediawiki_abs_path }}" + creates: "{{ mediawiki_abs_path }}/LocalSettings.php" + +- name: Copy mediawiki httpd conf file + template: + src: mediawiki.conf.j2 + dest: "/etc/{{ apache_config_dir }}/mediawiki.conf" + +- name: Enable httpd conf file if we are disabled (debuntu) + file: + src: /etc/apache2/sites-available/mediawiki.conf + dest: /etc/apache2/sites-enabled/mediawiki.conf + state: link + when: mediawiki_enabled and is_debuntu + +- name: Remove httpd conf file if we are disabled (OS's other than debuntu) + file: + path: /etc/apache2/sites-enabled/mediawiki.conf + state: absent + when: not mediawiki_enabled and is_debuntu + +- name: Restart Apache, so it picks up the new aliases + service: + name: "{{ apache_service }}" + state: restarted + +- name: Add 'mediawiki' to list of services at /etc/iiab/iiab.ini + ini_file: + dest: "{{ service_filelist }}" + section: mediawiki + option: "{{ item.option }}" + value: "{{ item.value }}" + with_items: + - option: name + value: mediawiki + - option: description + value: '"mediawiki is a blog and web site management application."' + - option: mediawiki_src + value: "{{ mediawiki_src }}" + - option: mediawiki_abs_path + value: "{{ mediawiki_abs_path }}" + - option: mediawiki_db_name + value: "{{ mediawiki_db_name }}" + - option: mediawiki_db_user + value: "{{ mediawiki_db_user }}" + - option: mediawiki_url + value: "{{ mediawiki_url }}" + - option: mediawiki_full_url + value: "{{ mediawiki_full_url }}" + - option: mediawiki_enabled + value: "{{ mediawiki_enabled }}" diff --git a/roles/lokole/tasks/main.yml b/roles/lokole/tasks/main.yml new file mode 100644 index 000000000..6c77d3e7c --- /dev/null +++ b/roles/lokole/tasks/main.yml @@ -0,0 +1,3 @@ +- name: Include the install playbook + include_tasks: install.yml + when: mediawiki_install diff --git a/roles/lokole/templates/mediawiki.conf.j2 b/roles/lokole/templates/mediawiki.conf.j2 new file mode 100644 index 000000000..1da5e193b --- /dev/null +++ b/roles/lokole/templates/mediawiki.conf.j2 @@ -0,0 +1,6 @@ +Alias {{ mediawiki_url }} {{ mediawiki_abs_path }} + + Options Indexes FollowSymLinks + AllowOverride All + Require all granted + From 69ef417cfea0d1ae8643d075e0557eb57acfe161 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Sat, 7 Jul 2018 21:31:08 -0400 Subject: [PATCH 04/95] Substitute 'mediawiki' with 'lokole' --- roles/lokole/defaults/main.yml | 34 +++--- roles/lokole/tasks/install.yml | 102 +++++++++--------- roles/lokole/tasks/main.yml | 2 +- .../{mediawiki.conf.j2 => lokole.conf.j2} | 4 +- 4 files changed, 71 insertions(+), 71 deletions(-) rename roles/lokole/templates/{mediawiki.conf.j2 => lokole.conf.j2} (51%) diff --git a/roles/lokole/defaults/main.yml b/roles/lokole/defaults/main.yml index e75396acb..3e7f00dfa 100644 --- a/roles/lokole/defaults/main.yml +++ b/roles/lokole/defaults/main.yml @@ -1,24 +1,24 @@ -mediawiki_major_version: "1.31" -mediawiki_minor_version: "0" -mediawiki_version: "{{ mediawiki_major_version }}.{{ mediawiki_minor_version }}" +lokole_major_version: "1.31" +lokole_minor_version: "0" +lokole_version: "{{ lokole_major_version }}.{{ lokole_minor_version }}" -mediawiki_download_base_url: "https://releases.wikimedia.org/mediawiki/{{ mediawiki_major_version }}" -mediawiki_src: "mediawiki-{{ mediawiki_version }}.tar.gz" +lokole_download_base_url: "https://github.com/ascoderu/opwen-webapp/archive/" +lokole_src: "{{ lokole_version }}.tar.gz" -mediawiki_db_name: iiab_mediawiki -mediawiki_db_user: iiab_mediawiki_user -mediawiki_db_user_password: changeme +lokole_db_name: iiab_lokole +lokole_db_user: iiab_lokole_user +lokole_db_user_password: changeme -mediawiki_admin_user: Admin -mediawiki_admin_user_password: changeme +lokole_admin_user: Admin +lokole_admin_user_password: changeme -mediawiki_site_name: Community Wiki +lokole_site_name: Community Wiki -mediawiki_install: True -mediawiki_enabled: True +lokole_install: True +lokole_enabled: True -mediawiki_install_path: "{{ content_base }}" -mediawiki_abs_path: "{{ mediawiki_install_path }}/mediawiki-{{ mediawiki_version }}" +lokole_install_path: "{{ content_base }}" +lokole_abs_path: "{{ lokole_install_path }}/lokole-{{ lokole_version }}" -mediawiki_url: /mediawiki -mediawiki_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}/{{ mediawiki_url }}" +lokole_url: /lokole +lokole_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}/{{ lokole_url }}" diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index cd89c0c71..bcefb5b5a 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -1,4 +1,4 @@ -- name: Install packages required by MediaWiki +- name: Install packages required by Lokole package: name: "{{ item }}" state: present @@ -8,20 +8,20 @@ tags: - download -- name: Download MediaWiki software, per roles/mediawiki/defaults/main.yml +- name: Download Lokole software, per roles/lokole/defaults/main.yml get_url: - url: "{{ mediawiki_download_base_url }}/{{ mediawiki_src }}" + url: "{{ lokole_download_base_url }}/{{ lokole_src }}" dest: "{{ downloads_dir }}" timeout: "{{ download_timeout }}" # force: yes # backup: yes - register: mediawiki_download_output + register: lokole_download_output when: internet_available - name: Unpack download to permanent location unarchive: - src: "{{ downloads_dir }}/{{ mediawiki_src }}" - dest: "{{ mediawiki_install_path }}" + src: "{{ downloads_dir }}/{{ lokole_src }}" + dest: "{{ lokole_install_path }}" owner: root group: "{{ apache_user }}" mode: 0755 @@ -32,81 +32,81 @@ state: started name: "{{ mysql_service }}" -- name: Create MySQL mediawiki database +- name: Create MySQL lokole database mysql_db: - name: "{{ mediawiki_db_name }}" + name: "{{ lokole_db_name }}" state: present -- name: Create MySQL mediawiki database user +- name: Create MySQL lokole database user mysql_user: - name: "{{ mediawiki_db_user }}" - password: "{{ mediawiki_db_user_password }}" - priv: "{{ mediawiki_db_name }}.*:ALL,GRANT" + name: "{{ lokole_db_user }}" + password: "{{ lokole_db_user_password }}" + priv: "{{ lokole_db_name }}.*:ALL,GRANT" state: present -- name: Configure MediaWiki +- name: Configure Lokole shell: > - php '{{ mediawiki_abs_path }}/maintenance/install.php' - --dbname={{ mediawiki_db_name }} + php '{{ lokole_abs_path }}/maintenance/install.php' + --dbname={{ lokole_db_name }} --dbserver="localhost" - --installdbuser={{ mediawiki_db_user }} - --installdbpass={{ mediawiki_db_user_password }} - --dbuser={{ mediawiki_db_user }} - --dbpass={{ mediawiki_db_user_password }} - --scriptpath=/mediawiki + --installdbuser={{ lokole_db_user }} + --installdbpass={{ lokole_db_user_password }} + --dbuser={{ lokole_db_user }} + --dbpass={{ lokole_db_user_password }} + --scriptpath=/lokole --lang=en - --pass={{ mediawiki_admin_user_password }} - "{{ mediawiki_site_name }}" - "{{ mediawiki_admin_user }}" + --pass={{ lokole_admin_user_password }} + "{{ lokole_site_name }}" + "{{ lokole_admin_user }}" args: - chdir: "{{ mediawiki_abs_path }}" - creates: "{{ mediawiki_abs_path }}/LocalSettings.php" + chdir: "{{ lokole_abs_path }}" + creates: "{{ lokole_abs_path }}/LocalSettings.php" -- name: Copy mediawiki httpd conf file +- name: Copy lokole httpd conf file template: - src: mediawiki.conf.j2 - dest: "/etc/{{ apache_config_dir }}/mediawiki.conf" + src: lokole.conf.j2 + dest: "/etc/{{ apache_config_dir }}/lokole.conf" - name: Enable httpd conf file if we are disabled (debuntu) file: - src: /etc/apache2/sites-available/mediawiki.conf - dest: /etc/apache2/sites-enabled/mediawiki.conf + src: /etc/apache2/sites-available/lokole.conf + dest: /etc/apache2/sites-enabled/lokole.conf state: link - when: mediawiki_enabled and is_debuntu + when: lokole_enabled and is_debuntu - name: Remove httpd conf file if we are disabled (OS's other than debuntu) file: - path: /etc/apache2/sites-enabled/mediawiki.conf + path: /etc/apache2/sites-enabled/lokole.conf state: absent - when: not mediawiki_enabled and is_debuntu + when: not lokole_enabled and is_debuntu - name: Restart Apache, so it picks up the new aliases service: name: "{{ apache_service }}" state: restarted -- name: Add 'mediawiki' to list of services at /etc/iiab/iiab.ini +- name: Add 'lokole' to list of services at /etc/iiab/iiab.ini ini_file: dest: "{{ service_filelist }}" - section: mediawiki + section: lokole option: "{{ item.option }}" value: "{{ item.value }}" with_items: - option: name - value: mediawiki + value: lokole - option: description - value: '"mediawiki is a blog and web site management application."' - - option: mediawiki_src - value: "{{ mediawiki_src }}" - - option: mediawiki_abs_path - value: "{{ mediawiki_abs_path }}" - - option: mediawiki_db_name - value: "{{ mediawiki_db_name }}" - - option: mediawiki_db_user - value: "{{ mediawiki_db_user }}" - - option: mediawiki_url - value: "{{ mediawiki_url }}" - - option: mediawiki_full_url - value: "{{ mediawiki_full_url }}" - - option: mediawiki_enabled - value: "{{ mediawiki_enabled }}" + value: '"lokole is an email service."' + - option: lokole_src + value: "{{ lokole_src }}" + - option: lokole_abs_path + value: "{{ lokole_abs_path }}" + - option: lokole_db_name + value: "{{ lokole_db_name }}" + - option: lokole_db_user + value: "{{ lokole_db_user }}" + - option: lokole_url + value: "{{ lokole_url }}" + - option: lokole_full_url + value: "{{ lokole_full_url }}" + - option: lokole_enabled + value: "{{ lokole_enabled }}" diff --git a/roles/lokole/tasks/main.yml b/roles/lokole/tasks/main.yml index 6c77d3e7c..dee0435b3 100644 --- a/roles/lokole/tasks/main.yml +++ b/roles/lokole/tasks/main.yml @@ -1,3 +1,3 @@ - name: Include the install playbook include_tasks: install.yml - when: mediawiki_install + when: lokole_install diff --git a/roles/lokole/templates/mediawiki.conf.j2 b/roles/lokole/templates/lokole.conf.j2 similarity index 51% rename from roles/lokole/templates/mediawiki.conf.j2 rename to roles/lokole/templates/lokole.conf.j2 index 1da5e193b..ccbebe98e 100644 --- a/roles/lokole/templates/mediawiki.conf.j2 +++ b/roles/lokole/templates/lokole.conf.j2 @@ -1,5 +1,5 @@ -Alias {{ mediawiki_url }} {{ mediawiki_abs_path }} - +Alias {{ lokole_url }} {{ lokole_abs_path }} + Options Indexes FollowSymLinks AllowOverride All Require all granted From 41c3cddaf2d69ef1d477b4c2a234bb5a1e356148 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Thu, 12 Jul 2018 21:35:39 -0400 Subject: [PATCH 05/95] Use actual version; don't split into separate major and minor variables --- roles/lokole/defaults/main.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/roles/lokole/defaults/main.yml b/roles/lokole/defaults/main.yml index 3e7f00dfa..39807d87c 100644 --- a/roles/lokole/defaults/main.yml +++ b/roles/lokole/defaults/main.yml @@ -1,6 +1,4 @@ -lokole_major_version: "1.31" -lokole_minor_version: "0" -lokole_version: "{{ lokole_major_version }}.{{ lokole_minor_version }}" +lokole_version: "0.1.24" lokole_download_base_url: "https://github.com/ascoderu/opwen-webapp/archive/" lokole_src: "{{ lokole_version }}.tar.gz" From 7fe65d5d96487486c0a3d74c78f52605a879d067 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Thu, 12 Jul 2018 22:14:39 -0400 Subject: [PATCH 06/95] Change to correct dependencies --- roles/lokole/tasks/install.yml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index bcefb5b5a..c08f12416 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -1,10 +1,12 @@ - name: Install packages required by Lokole - package: + apt: name: "{{ item }}" state: present with_items: - - "php{{ php_version }}-intl" - - "php{{ php_version }}-mbstring" + - make + - python3-venv + - npm + - shellcheck tags: - download From 427df463ad375ae7320f03528670d095ded66cd0 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Thu, 12 Jul 2018 22:44:10 -0400 Subject: [PATCH 07/95] Using PyPI --- roles/lokole/defaults/main.yml | 3 --- roles/lokole/tasks/install.yml | 47 ++++++++++++++++++++-------------- 2 files changed, 28 insertions(+), 22 deletions(-) diff --git a/roles/lokole/defaults/main.yml b/roles/lokole/defaults/main.yml index 39807d87c..245b2b1c2 100644 --- a/roles/lokole/defaults/main.yml +++ b/roles/lokole/defaults/main.yml @@ -1,8 +1,5 @@ lokole_version: "0.1.24" -lokole_download_base_url: "https://github.com/ascoderu/opwen-webapp/archive/" -lokole_src: "{{ lokole_version }}.tar.gz" - lokole_db_name: iiab_lokole lokole_db_user: iiab_lokole_user lokole_db_user_password: changeme diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index c08f12416..722774509 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -3,31 +3,40 @@ name: "{{ item }}" state: present with_items: - - make + - python3 + - python3-pip - python3-venv - - npm - - shellcheck + - python3-dev + - libffi-dev + - libssl-dev + - bcrypt tags: - download -- name: Download Lokole software, per roles/lokole/defaults/main.yml - get_url: - url: "{{ lokole_download_base_url }}/{{ lokole_src }}" - dest: "{{ downloads_dir }}" - timeout: "{{ download_timeout }}" -# force: yes -# backup: yes - register: lokole_download_output +- name: Install Lokole from PyPI + pip: + name: opwen_email_client + virtualenv: null # TODO figure this out + tags: + - download when: internet_available -- name: Unpack download to permanent location - unarchive: - src: "{{ downloads_dir }}/{{ lokole_src }}" - dest: "{{ lokole_install_path }}" - owner: root - group: "{{ apache_user }}" - mode: 0755 - keep_newer: yes +# - name: Download Lokole software, per roles/lokole/defaults/main.yml +# git: +# repo: "{{ lokole_git_repo }}" +# version: "{{ lokole_version }}" +# dest: "{{ lokole_install_path }}" +# register: lokole_download_output +# when: internet_available + +# - name: Unpack download to permanent location +# unarchive: +# src: "{{ downloads_dir }}/{{ lokole_src }}" +# dest: "{{ }}" +# owner: root +# group: "{{ apache_user }}" +# mode: 0755 +# keep_newer: yes - name: MySQL database needs to be running if we are trying to create a new db service: From 77a789453435eaee37f94e1b46841ea3229b0853 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Fri, 13 Jul 2018 21:47:33 -0400 Subject: [PATCH 08/95] Add config file template --- roles/lokole/templates/webapp_secrets.sh.j2 | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 roles/lokole/templates/webapp_secrets.sh.j2 diff --git a/roles/lokole/templates/webapp_secrets.sh.j2 b/roles/lokole/templates/webapp_secrets.sh.j2 new file mode 100644 index 000000000..c48afd45f --- /dev/null +++ b/roles/lokole/templates/webapp_secrets.sh.j2 @@ -0,0 +1,10 @@ +export OPWEN_STATE_DIRECTORY='{{lokole_run_directory}}' +export OPWEN_SESSION_KEY='{{lokole_config_session_key}}' +export OPWEN_PASSWORD_SALT='{{opwen_webapp_config_password_salt}}' +export OPWEN_ADMIN_SECRET='{{opwen_webapp_admin_secret}}' +export OPWEN_REMOTE_ACCOUNT_NAME='{{opwen_webapp_config_remote_account_name}}' +export OPWEN_REMOTE_ACCOUNT_KEY='{{opwen_webapp_config_remote_account_key}}' +export OPWEN_CLIENT_ID='{{opwen_webapp_config_client_id}}' +export OPWEN_CLIENT_NAME='{{opwen_webapp_config_client_name}}' +export OPWEN_EMAIL_SERVER_READ_API='{{opwen_server_read_host}}' +export OPWEN_EMAIL_SERVER_WRITE_API='{{opwen_server_write_host}}' From 606a9a7ab1ed61a4c2b23e10bd3759261cc50668 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Sat, 14 Jul 2018 23:14:43 -0400 Subject: [PATCH 09/95] Hardcode OPWEN_CLIENT_NAME to iiab + hostname --- roles/lokole/templates/webapp_secrets.sh.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/lokole/templates/webapp_secrets.sh.j2 b/roles/lokole/templates/webapp_secrets.sh.j2 index c48afd45f..1fec63686 100644 --- a/roles/lokole/templates/webapp_secrets.sh.j2 +++ b/roles/lokole/templates/webapp_secrets.sh.j2 @@ -5,6 +5,6 @@ export OPWEN_ADMIN_SECRET='{{opwen_webapp_admin_secret}}' export OPWEN_REMOTE_ACCOUNT_NAME='{{opwen_webapp_config_remote_account_name}}' export OPWEN_REMOTE_ACCOUNT_KEY='{{opwen_webapp_config_remote_account_key}}' export OPWEN_CLIENT_ID='{{opwen_webapp_config_client_id}}' -export OPWEN_CLIENT_NAME='{{opwen_webapp_config_client_name}}' +export OPWEN_CLIENT_NAME='iiab-{{ iiab_hostname }}' export OPWEN_EMAIL_SERVER_READ_API='{{opwen_server_read_host}}' export OPWEN_EMAIL_SERVER_WRITE_API='{{opwen_server_write_host}}' From c65aa361e3ded25cf29e54817974fbefad0b342d Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Sat, 14 Jul 2018 23:35:56 -0400 Subject: [PATCH 10/95] Adding more global variables --- roles/lokole/defaults/main.yml | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/roles/lokole/defaults/main.yml b/roles/lokole/defaults/main.yml index 245b2b1c2..68364ee0d 100644 --- a/roles/lokole/defaults/main.yml +++ b/roles/lokole/defaults/main.yml @@ -17,3 +17,16 @@ lokole_abs_path: "{{ lokole_install_path }}/lokole-{{ lokole_version }}" lokole_url: /lokole lokole_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}/{{ lokole_url }}" + +# Global variables provided by setup-lokole.sh L157-166 +# https://github.com/ascoderu/opwen-webapp/blob/master/setup/setup-lokole.sh#L157 +#opwen_network_name: 'Lokole' # use IIAB's wifi +#opwen_network_password: 'Ascoderu' +#opwen_server_read_host: 'api.mailserver.read.lokole.ca' # local-only anyway +#opwen_server_write_host: 'api.mailserver.write.lokole.ca' +#opwen_server_inbox_host: 'api.mailserver.inbox.lokole.ca' +opwen_server_locale: '{{ default_language }}' +opwen_server_timezone: '{{ local_tz }}' +opwen_user: "${USER}" +opwen_device: "${HOSTNAME}" +opwen_port: "${LOKOLE_PORT:-80}" # probably unnecessary From 50e648769939b75018280d49f099b9216a44aea2 Mon Sep 17 00:00:00 2001 From: Angela Liu Date: Sat, 21 Jul 2018 15:18:35 -0400 Subject: [PATCH 11/95] Setup Lokole virtualenv --- roles/lokole/defaults/main.yml | 2 ++ roles/lokole/tasks/install.yml | 4 +++- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/roles/lokole/defaults/main.yml b/roles/lokole/defaults/main.yml index 68364ee0d..c6d2b6294 100644 --- a/roles/lokole/defaults/main.yml +++ b/roles/lokole/defaults/main.yml @@ -15,6 +15,8 @@ lokole_enabled: True lokole_install_path: "{{ content_base }}" lokole_abs_path: "{{ lokole_install_path }}/lokole-{{ lokole_version }}" +lokole_venv: "{{ lokole_abs_path }}/venv" + lokole_url: /lokole lokole_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}/{{ lokole_url }}" diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index 722774509..61bc57cbe 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -16,7 +16,9 @@ - name: Install Lokole from PyPI pip: name: opwen_email_client - virtualenv: null # TODO figure this out + version: "{{ lokole_version }}" + virtualenv: "{{ lokole_venv }}" + virtualenv_program: python3 -m venv "{{ lokole_venv }}" tags: - download when: internet_available From 1284a622466640b662faa848bc1d1800b144b9a2 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Sun, 22 Jul 2018 02:07:31 -0400 Subject: [PATCH 12/95] Start on config stuff --- roles/lokole/tasks/install.yml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index 61bc57cbe..60500966d 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -23,6 +23,21 @@ - download when: internet_available +# - name: Generate session key +# password: +# length: 32 +# encrypt: no +# _terms: /dev/null +# tags: +# - configure + +- name: Configure Lokole + template: + src: webapp_secrets.sh.j2 + dest: {{ lokole_wd }}/webapp_secrets.sh + tags: + - configure + # - name: Download Lokole software, per roles/lokole/defaults/main.yml # git: # repo: "{{ lokole_git_repo }}" From f1cc074c0f14170d1a249c71d40439363f1ce4dc Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Sun, 22 Jul 2018 23:29:57 -0400 Subject: [PATCH 13/95] Setup config file for local-only mode, add password generation --- roles/lokole/defaults/main.yml | 3 +++ roles/lokole/tasks/install.yml | 10 +--------- roles/lokole/templates/webapp_secrets.sh.j2 | 10 ++-------- 3 files changed, 6 insertions(+), 17 deletions(-) diff --git a/roles/lokole/defaults/main.yml b/roles/lokole/defaults/main.yml index c6d2b6294..0c4da9fac 100644 --- a/roles/lokole/defaults/main.yml +++ b/roles/lokole/defaults/main.yml @@ -17,6 +17,9 @@ lokole_abs_path: "{{ lokole_install_path }}/lokole-{{ lokole_version }}" lokole_venv: "{{ lokole_abs_path }}/venv" +# TODO decide what directory to make this +lokole_run_directory: "{{ lokole_abs_path }}" + lokole_url: /lokole lokole_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}/{{ lokole_url }}" diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index 60500966d..b027b65f1 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -23,18 +23,10 @@ - download when: internet_available -# - name: Generate session key -# password: -# length: 32 -# encrypt: no -# _terms: /dev/null -# tags: -# - configure - - name: Configure Lokole template: src: webapp_secrets.sh.j2 - dest: {{ lokole_wd }}/webapp_secrets.sh + dest: {{ lokole_run_directory }}/webapp_secrets.sh tags: - configure diff --git a/roles/lokole/templates/webapp_secrets.sh.j2 b/roles/lokole/templates/webapp_secrets.sh.j2 index 1fec63686..11a2a8a2e 100644 --- a/roles/lokole/templates/webapp_secrets.sh.j2 +++ b/roles/lokole/templates/webapp_secrets.sh.j2 @@ -1,10 +1,4 @@ export OPWEN_STATE_DIRECTORY='{{lokole_run_directory}}' -export OPWEN_SESSION_KEY='{{lokole_config_session_key}}' -export OPWEN_PASSWORD_SALT='{{opwen_webapp_config_password_salt}}' -export OPWEN_ADMIN_SECRET='{{opwen_webapp_admin_secret}}' -export OPWEN_REMOTE_ACCOUNT_NAME='{{opwen_webapp_config_remote_account_name}}' -export OPWEN_REMOTE_ACCOUNT_KEY='{{opwen_webapp_config_remote_account_key}}' -export OPWEN_CLIENT_ID='{{opwen_webapp_config_client_id}}' +export OPWEN_SESSION_KEY='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=32 encrypt=no }}' +export OPWEN_PASSWORD_SALT='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=16 encrypt=no }}' export OPWEN_CLIENT_NAME='iiab-{{ iiab_hostname }}' -export OPWEN_EMAIL_SERVER_READ_API='{{opwen_server_read_host}}' -export OPWEN_EMAIL_SERVER_WRITE_API='{{opwen_server_write_host}}' From 8d36fe0df09077d7f70728f8273def7274714871 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Sun, 22 Jul 2018 23:41:45 -0400 Subject: [PATCH 14/95] Only one directory for Lokole - multiple versions not supported --- roles/lokole/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/lokole/defaults/main.yml b/roles/lokole/defaults/main.yml index 0c4da9fac..8c82c3952 100644 --- a/roles/lokole/defaults/main.yml +++ b/roles/lokole/defaults/main.yml @@ -13,7 +13,7 @@ lokole_install: True lokole_enabled: True lokole_install_path: "{{ content_base }}" -lokole_abs_path: "{{ lokole_install_path }}/lokole-{{ lokole_version }}" +lokole_abs_path: "{{ lokole_install_path }}/lokole" lokole_venv: "{{ lokole_abs_path }}/venv" From 83330fbcf6206faa21086d3027675def6a4cf10f Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Sun, 22 Jul 2018 23:56:13 -0400 Subject: [PATCH 15/95] Reorganize config file --- roles/lokole/defaults/main.yml | 25 ++++++++++--------------- 1 file changed, 10 insertions(+), 15 deletions(-) diff --git a/roles/lokole/defaults/main.yml b/roles/lokole/defaults/main.yml index 8c82c3952..7b5f405cc 100644 --- a/roles/lokole/defaults/main.yml +++ b/roles/lokole/defaults/main.yml @@ -1,25 +1,20 @@ +--- +# Information needed to install Lokole lokole_version: "0.1.24" +lokole_install_path: "{{ content_base }}/lokole" +lokole_venv: "{{ lokole_install_path }}/venv" + +# Information needed to run Lokole +lokole_user: lokole +lokole_run_directory: /home/{{ lokole_user }}/state lokole_db_name: iiab_lokole lokole_db_user: iiab_lokole_user lokole_db_user_password: changeme -lokole_admin_user: Admin -lokole_admin_user_password: changeme - -lokole_site_name: Community Wiki - lokole_install: True lokole_enabled: True -lokole_install_path: "{{ content_base }}" -lokole_abs_path: "{{ lokole_install_path }}/lokole" - -lokole_venv: "{{ lokole_abs_path }}/venv" - -# TODO decide what directory to make this -lokole_run_directory: "{{ lokole_abs_path }}" - lokole_url: /lokole lokole_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}/{{ lokole_url }}" @@ -32,6 +27,6 @@ lokole_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}/{{ lokole_url }}" #opwen_server_inbox_host: 'api.mailserver.inbox.lokole.ca' opwen_server_locale: '{{ default_language }}' opwen_server_timezone: '{{ local_tz }}' -opwen_user: "${USER}" -opwen_device: "${HOSTNAME}" +# opwen_user: lokole # superseded by lokole_user +# opwen_device: "{{ iiab_hostname }}" # just use iiab_hostname opwen_port: "${LOKOLE_PORT:-80}" # probably unnecessary From c0772a24b2c9e654969a45c0fb04f2e370eb9f6e Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Mon, 23 Jul 2018 00:03:04 -0400 Subject: [PATCH 16/95] Cleanup --- roles/lokole/defaults/main.yml | 2 ++ roles/lokole/tasks/install.yml | 19 ++----------------- 2 files changed, 4 insertions(+), 17 deletions(-) diff --git a/roles/lokole/defaults/main.yml b/roles/lokole/defaults/main.yml index 7b5f405cc..0fc567e3c 100644 --- a/roles/lokole/defaults/main.yml +++ b/roles/lokole/defaults/main.yml @@ -8,6 +8,8 @@ lokole_venv: "{{ lokole_install_path }}/venv" lokole_user: lokole lokole_run_directory: /home/{{ lokole_user }}/state +# Everything below this line is unused + lokole_db_name: iiab_lokole lokole_db_user: iiab_lokole_user lokole_db_user_password: changeme diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index b027b65f1..d3ecf7e92 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -26,26 +26,11 @@ - name: Configure Lokole template: src: webapp_secrets.sh.j2 - dest: {{ lokole_run_directory }}/webapp_secrets.sh + dest: "{{ lokole_run_directory }}/webapp_secrets.sh" tags: - configure -# - name: Download Lokole software, per roles/lokole/defaults/main.yml -# git: -# repo: "{{ lokole_git_repo }}" -# version: "{{ lokole_version }}" -# dest: "{{ lokole_install_path }}" -# register: lokole_download_output -# when: internet_available - -# - name: Unpack download to permanent location -# unarchive: -# src: "{{ downloads_dir }}/{{ lokole_src }}" -# dest: "{{ }}" -# owner: root -# group: "{{ apache_user }}" -# mode: 0755 -# keep_newer: yes +# Everything below this line is unused - name: MySQL database needs to be running if we are trying to create a new db service: From 30c59ade8ed1b2332dba5e183aa7539c5a7df0a2 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Mon, 23 Jul 2018 00:05:52 -0400 Subject: [PATCH 17/95] Change tag to install --- roles/lokole/tasks/install.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index d3ecf7e92..bb6d4a3ab 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -11,7 +11,7 @@ - libssl-dev - bcrypt tags: - - download + - install - name: Install Lokole from PyPI pip: @@ -20,7 +20,7 @@ virtualenv: "{{ lokole_venv }}" virtualenv_program: python3 -m venv "{{ lokole_venv }}" tags: - - download + - install when: internet_available - name: Configure Lokole From 2eefe1bf924b9c20f0d517d76a03928f30a4af06 Mon Sep 17 00:00:00 2001 From: Angela Liu Date: Mon, 23 Jul 2018 00:06:23 -0400 Subject: [PATCH 18/95] Fix virtualenv command --- roles/lokole/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index bb6d4a3ab..0d99e3360 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -18,7 +18,7 @@ name: opwen_email_client version: "{{ lokole_version }}" virtualenv: "{{ lokole_venv }}" - virtualenv_program: python3 -m venv "{{ lokole_venv }}" + virtualenv_command: python3 -m venv "{{ lokole_venv }}" tags: - install when: internet_available From 01f792a7371346f1c9560cfdc3f0a95331d417fa Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Mon, 23 Jul 2018 00:21:36 -0400 Subject: [PATCH 19/95] Add missing end quotes --- roles/lokole/templates/webapp_secrets.sh.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/lokole/templates/webapp_secrets.sh.j2 b/roles/lokole/templates/webapp_secrets.sh.j2 index 11a2a8a2e..4a02f59f2 100644 --- a/roles/lokole/templates/webapp_secrets.sh.j2 +++ b/roles/lokole/templates/webapp_secrets.sh.j2 @@ -1,4 +1,4 @@ export OPWEN_STATE_DIRECTORY='{{lokole_run_directory}}' -export OPWEN_SESSION_KEY='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=32 encrypt=no }}' -export OPWEN_PASSWORD_SALT='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=16 encrypt=no }}' +export OPWEN_SESSION_KEY='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=32 encrypt=no' }}' +export OPWEN_PASSWORD_SALT='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=16 encrypt=no' }}' export OPWEN_CLIENT_NAME='iiab-{{ iiab_hostname }}' From 5d484823416f016ff8e7f9b9e41b52b0cd516ae1 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Mon, 23 Jul 2018 00:30:49 -0400 Subject: [PATCH 20/95] Add readme --- roles/lokole/README.rst | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 roles/lokole/README.rst diff --git a/roles/lokole/README.rst b/roles/lokole/README.rst new file mode 100644 index 000000000..149bcc24d --- /dev/null +++ b/roles/lokole/README.rst @@ -0,0 +1,5 @@ +============= +Lokole README +============= + +This Ansible role installs Lokole within Internet-in-a-Box. From 4939c7a7abefee215aabf0e8b41c93eaaf9ba012 Mon Sep 17 00:00:00 2001 From: Angela Liu Date: Mon, 23 Jul 2018 19:11:16 -0400 Subject: [PATCH 21/95] Add missing parentheses in template and make sure run directory exists --- roles/lokole/tasks/install.yml | 5 +++++ roles/lokole/templates/webapp_secrets.sh.j2 | 4 ++-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index 0d99e3360..24b072e74 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -22,6 +22,11 @@ tags: - install when: internet_available + +- name: Create run directory + file: + path: "{{ lokole_run_directory }}" + state: directory - name: Configure Lokole template: diff --git a/roles/lokole/templates/webapp_secrets.sh.j2 b/roles/lokole/templates/webapp_secrets.sh.j2 index 4a02f59f2..2ab18a7f8 100644 --- a/roles/lokole/templates/webapp_secrets.sh.j2 +++ b/roles/lokole/templates/webapp_secrets.sh.j2 @@ -1,4 +1,4 @@ export OPWEN_STATE_DIRECTORY='{{lokole_run_directory}}' -export OPWEN_SESSION_KEY='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=32 encrypt=no' }}' -export OPWEN_PASSWORD_SALT='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=16 encrypt=no' }}' +export OPWEN_SESSION_KEY='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=32 encrypt=no') }}' +export OPWEN_PASSWORD_SALT='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=16 encrypt=no') }}' export OPWEN_CLIENT_NAME='iiab-{{ iiab_hostname }}' From 3d91af9c538e088c11b4fed77f88607211cfe57d Mon Sep 17 00:00:00 2001 From: Angela Liu Date: Mon, 23 Jul 2018 22:22:03 -0400 Subject: [PATCH 22/95] Update password encryption --- roles/lokole/templates/webapp_secrets.sh.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/lokole/templates/webapp_secrets.sh.j2 b/roles/lokole/templates/webapp_secrets.sh.j2 index 2ab18a7f8..44dcfbae6 100644 --- a/roles/lokole/templates/webapp_secrets.sh.j2 +++ b/roles/lokole/templates/webapp_secrets.sh.j2 @@ -1,4 +1,4 @@ export OPWEN_STATE_DIRECTORY='{{lokole_run_directory}}' -export OPWEN_SESSION_KEY='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=32 encrypt=no') }}' -export OPWEN_PASSWORD_SALT='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=16 encrypt=no') }}' +export OPWEN_SESSION_KEY='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=32') }}' +export OPWEN_PASSWORD_SALT='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=16') }}' export OPWEN_CLIENT_NAME='iiab-{{ iiab_hostname }}' From b5f14f6f077fe4e5070a147c5cb64527b32d7188 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Mon, 23 Jul 2018 22:57:12 -0400 Subject: [PATCH 23/95] SQLite comes with Python so no database setup required --- roles/lokole/defaults/main.yml | 6 ------ roles/lokole/tasks/install.yml | 35 ---------------------------------- 2 files changed, 41 deletions(-) diff --git a/roles/lokole/defaults/main.yml b/roles/lokole/defaults/main.yml index 0fc567e3c..5a65b5009 100644 --- a/roles/lokole/defaults/main.yml +++ b/roles/lokole/defaults/main.yml @@ -8,12 +8,6 @@ lokole_venv: "{{ lokole_install_path }}/venv" lokole_user: lokole lokole_run_directory: /home/{{ lokole_user }}/state -# Everything below this line is unused - -lokole_db_name: iiab_lokole -lokole_db_user: iiab_lokole_user -lokole_db_user_password: changeme - lokole_install: True lokole_enabled: True diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index 24b072e74..36b25a674 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -37,41 +37,6 @@ # Everything below this line is unused -- name: MySQL database needs to be running if we are trying to create a new db - service: - state: started - name: "{{ mysql_service }}" - -- name: Create MySQL lokole database - mysql_db: - name: "{{ lokole_db_name }}" - state: present - -- name: Create MySQL lokole database user - mysql_user: - name: "{{ lokole_db_user }}" - password: "{{ lokole_db_user_password }}" - priv: "{{ lokole_db_name }}.*:ALL,GRANT" - state: present - -- name: Configure Lokole - shell: > - php '{{ lokole_abs_path }}/maintenance/install.php' - --dbname={{ lokole_db_name }} - --dbserver="localhost" - --installdbuser={{ lokole_db_user }} - --installdbpass={{ lokole_db_user_password }} - --dbuser={{ lokole_db_user }} - --dbpass={{ lokole_db_user_password }} - --scriptpath=/lokole - --lang=en - --pass={{ lokole_admin_user_password }} - "{{ lokole_site_name }}" - "{{ lokole_admin_user }}" - args: - chdir: "{{ lokole_abs_path }}" - creates: "{{ lokole_abs_path }}/LocalSettings.php" - - name: Copy lokole httpd conf file template: src: lokole.conf.j2 From 7c256b8a724931662e331eca9ac0d17117dc1bfd Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Mon, 23 Jul 2018 23:00:50 -0400 Subject: [PATCH 24/95] Lokole interfaces with httpd via a Unix domain socket --- roles/lokole/defaults/main.yml | 10 ++-------- roles/lokole/templates/lokole.conf.j2 | 3 +++ 2 files changed, 5 insertions(+), 8 deletions(-) diff --git a/roles/lokole/defaults/main.yml b/roles/lokole/defaults/main.yml index 5a65b5009..6bac2fd35 100644 --- a/roles/lokole/defaults/main.yml +++ b/roles/lokole/defaults/main.yml @@ -14,15 +14,9 @@ lokole_enabled: True lokole_url: /lokole lokole_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}/{{ lokole_url }}" +lokole_domain_socket: "{{ lokole_install_path }}/lokole_gunicorn.sock" + # Global variables provided by setup-lokole.sh L157-166 # https://github.com/ascoderu/opwen-webapp/blob/master/setup/setup-lokole.sh#L157 -#opwen_network_name: 'Lokole' # use IIAB's wifi -#opwen_network_password: 'Ascoderu' -#opwen_server_read_host: 'api.mailserver.read.lokole.ca' # local-only anyway -#opwen_server_write_host: 'api.mailserver.write.lokole.ca' -#opwen_server_inbox_host: 'api.mailserver.inbox.lokole.ca' opwen_server_locale: '{{ default_language }}' opwen_server_timezone: '{{ local_tz }}' -# opwen_user: lokole # superseded by lokole_user -# opwen_device: "{{ iiab_hostname }}" # just use iiab_hostname -opwen_port: "${LOKOLE_PORT:-80}" # probably unnecessary diff --git a/roles/lokole/templates/lokole.conf.j2 b/roles/lokole/templates/lokole.conf.j2 index ccbebe98e..b31bd771c 100644 --- a/roles/lokole/templates/lokole.conf.j2 +++ b/roles/lokole/templates/lokole.conf.j2 @@ -1,3 +1,6 @@ +ProxyPass {{ lokole_url }} http://unix:{{lokole_domain_socket}} + + Alias {{ lokole_url }} {{ lokole_abs_path }} Options Indexes FollowSymLinks From 9a0cc846308ff52e22deedbab2d7705ff5557103 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Tue, 24 Jul 2018 00:29:07 -0400 Subject: [PATCH 25/95] Start creating webapp.sh script template See https://github.com/ascoderu/opwen-webapp/blob/master/setup/setup-lokole.sh#L384 --- roles/lokole/templates/webapp.sh.j2 | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 roles/lokole/templates/webapp.sh.j2 diff --git a/roles/lokole/templates/webapp.sh.j2 b/roles/lokole/templates/webapp.sh.j2 new file mode 100644 index 000000000..65a2738f0 --- /dev/null +++ b/roles/lokole/templates/webapp.sh.j2 @@ -0,0 +1,9 @@ +#!/usr/bin/env sh +. '${opwen_webapp_envs}' + +'{{lokole_venv}}/bin/gunicorn' \\ + --timeout='300' \\ + --workers='${opwen_webapp_workers}' \\ + --bind='unix:{{lokole_domain_socket}}' \\ + --log-level='error' \\ + 'opwen_email_client.webapp:app' From dcff723590c3cb06146cb1cc14c22c08b6b06c16 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Thu, 26 Jul 2018 01:15:32 -0400 Subject: [PATCH 26/95] Have template compute number of workers wanted --- roles/lokole/templates/webapp.sh.j2 | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/lokole/templates/webapp.sh.j2 b/roles/lokole/templates/webapp.sh.j2 index 65a2738f0..0030e7c11 100644 --- a/roles/lokole/templates/webapp.sh.j2 +++ b/roles/lokole/templates/webapp.sh.j2 @@ -1,9 +1,9 @@ #!/usr/bin/env sh . '${opwen_webapp_envs}' -'{{lokole_venv}}/bin/gunicorn' \\ - --timeout='300' \\ - --workers='${opwen_webapp_workers}' \\ - --bind='unix:{{lokole_domain_socket}}' \\ - --log-level='error' \\ +'{{lokole_venv}}/bin/gunicorn' \ + --timeout='300' \ + --workers='{{ [4, ansible_memtotal_mb / 200] | min | int }}' \ + --bind='unix:{{lokole_domain_socket}}' \ + --log-level='error' \ 'opwen_email_client.webapp:app' From 25f0331b71707d35dcf0db36b5f950c920e1197f Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Thu, 26 Jul 2018 01:20:07 -0400 Subject: [PATCH 27/95] Add play for writing Gunicorn config file --- roles/lokole/tasks/install.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index 36b25a674..5fd7681e4 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -35,6 +35,15 @@ tags: - configure +- name: Configure Gunicorn + template: + src: webapp.sh.j2 + dest: "{{ lokole_run_directory }}/webapp.sh" + tags: + - configure + + + # Everything below this line is unused - name: Copy lokole httpd conf file From 25e5529eed32f56f3907799b6d7ffb1baeed0f85 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Thu, 26 Jul 2018 22:45:11 -0400 Subject: [PATCH 28/95] Fix templating and add comments to httpd config file --- roles/lokole/templates/lokole.conf.j2 | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/roles/lokole/templates/lokole.conf.j2 b/roles/lokole/templates/lokole.conf.j2 index b31bd771c..5c3f96fb7 100644 --- a/roles/lokole/templates/lokole.conf.j2 +++ b/roles/lokole/templates/lokole.conf.j2 @@ -1,8 +1,10 @@ +# Root directory goes to Lokole web server ProxyPass {{ lokole_url }} http://unix:{{lokole_domain_socket}} +# /static directory is stored on filesystem +Alias {{ lokole_url }}/static {{ lokole_install_path }} -Alias {{ lokole_url }} {{ lokole_abs_path }} - + Options Indexes FollowSymLinks AllowOverride All Require all granted From a9d7cef475980bf115a1066f4e66f3cdd0d50f94 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Fri, 27 Jul 2018 00:31:17 -0400 Subject: [PATCH 29/95] Security features --- roles/lokole/templates/lokole.conf.j2 | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/roles/lokole/templates/lokole.conf.j2 b/roles/lokole/templates/lokole.conf.j2 index 5c3f96fb7..3587d26de 100644 --- a/roles/lokole/templates/lokole.conf.j2 +++ b/roles/lokole/templates/lokole.conf.j2 @@ -7,5 +7,13 @@ Alias {{ lokole_url }}/static {{ lokole_install_path }} Options Indexes FollowSymLinks AllowOverride All + + # Don't allow modifications in static directory Require all granted + + Require all denied + + +# Disable TRACE to prevent cross-site tracing +TraceEnable off From 3bbd63e00dd33972f2110a0f7362f05379404f6a Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Fri, 27 Jul 2018 00:31:58 -0400 Subject: [PATCH 30/95] We don't need to override --- roles/lokole/templates/lokole.conf.j2 | 1 - 1 file changed, 1 deletion(-) diff --git a/roles/lokole/templates/lokole.conf.j2 b/roles/lokole/templates/lokole.conf.j2 index 3587d26de..3816cdbca 100644 --- a/roles/lokole/templates/lokole.conf.j2 +++ b/roles/lokole/templates/lokole.conf.j2 @@ -6,7 +6,6 @@ Alias {{ lokole_url }}/static {{ lokole_install_path }} Options Indexes FollowSymLinks - AllowOverride All # Don't allow modifications in static directory Require all granted From 825052fac7ae752bda62fa8183aa0e0b9355f4e9 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Fri, 27 Jul 2018 00:33:16 -0400 Subject: [PATCH 31/95] Directory listings are a privacy risk! --- roles/lokole/templates/lokole.conf.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/lokole/templates/lokole.conf.j2 b/roles/lokole/templates/lokole.conf.j2 index 3816cdbca..33561e427 100644 --- a/roles/lokole/templates/lokole.conf.j2 +++ b/roles/lokole/templates/lokole.conf.j2 @@ -5,7 +5,7 @@ ProxyPass {{ lokole_url }} http://unix:{{lokole_domain_socket}} Alias {{ lokole_url }}/static {{ lokole_install_path }} - Options Indexes FollowSymLinks + Options FollowSymLinks # Don't allow modifications in static directory Require all granted From bf21c330a9db109533cc85cef0802c2d2c11de2d Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Sat, 28 Jul 2018 00:58:27 -0400 Subject: [PATCH 32/95] /static only contains static content, not attachments This reverts commit cf75610fcfe29c693659185b3d9bfd84114426d7. --- roles/lokole/templates/lokole.conf.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/lokole/templates/lokole.conf.j2 b/roles/lokole/templates/lokole.conf.j2 index 33561e427..3816cdbca 100644 --- a/roles/lokole/templates/lokole.conf.j2 +++ b/roles/lokole/templates/lokole.conf.j2 @@ -5,7 +5,7 @@ ProxyPass {{ lokole_url }} http://unix:{{lokole_domain_socket}} Alias {{ lokole_url }}/static {{ lokole_install_path }} - Options FollowSymLinks + Options Indexes FollowSymLinks # Don't allow modifications in static directory Require all granted From 4681099cba97d58e65915f4b313c97d6cdd2fbb0 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Sun, 29 Jul 2018 13:57:14 -0400 Subject: [PATCH 33/95] Use Apache's domain socket URI syntax --- roles/lokole/templates/lokole.conf.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/lokole/templates/lokole.conf.j2 b/roles/lokole/templates/lokole.conf.j2 index 3816cdbca..9ed5b4b23 100644 --- a/roles/lokole/templates/lokole.conf.j2 +++ b/roles/lokole/templates/lokole.conf.j2 @@ -1,5 +1,5 @@ # Root directory goes to Lokole web server -ProxyPass {{ lokole_url }} http://unix:{{lokole_domain_socket}} +ProxyPass {{ lokole_url }} unix:{{ lokole_domain_socket }}|{{ lokole_full_url }} # /static directory is stored on filesystem Alias {{ lokole_url }}/static {{ lokole_install_path }} From 83e6627861230288d4577f6cdb4491092b37cce7 Mon Sep 17 00:00:00 2001 From: rgangela99 Date: Sat, 28 Jul 2018 13:24:12 -0400 Subject: [PATCH 34/95] add systemd service and add task to compile translations --- roles/lokole/defaults/main.yml | 2 +- roles/lokole/tasks/install.yml | 46 ++++++++++++++++++------ roles/lokole/templates/lokole.service.j2 | 16 +++++++++ roles/lokole/templates/webapp.sh.j2 | 4 +-- 4 files changed, 55 insertions(+), 13 deletions(-) create mode 100644 roles/lokole/templates/lokole.service.j2 diff --git a/roles/lokole/defaults/main.yml b/roles/lokole/defaults/main.yml index 6bac2fd35..f69099d63 100644 --- a/roles/lokole/defaults/main.yml +++ b/roles/lokole/defaults/main.yml @@ -14,7 +14,7 @@ lokole_enabled: True lokole_url: /lokole lokole_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}/{{ lokole_url }}" -lokole_domain_socket: "{{ lokole_install_path }}/lokole_gunicorn.sock" +lokole_domain_socket: "{{ lokole_run_directory }}/lokole_gunicorn.sock" # Global variables provided by setup-lokole.sh L157-166 # https://github.com/ascoderu/opwen-webapp/blob/master/setup/setup-lokole.sh#L157 diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index 5fd7681e4..6828fe652 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -22,11 +22,22 @@ tags: - install when: internet_available - + +- name: Compile translations + shell: | + python_version=$(python3 -c 'from sys import version_info; print("%s.%s" % (version_info.major, version_info.minor));';) + {{ lokole_venv }}/bin/pybabel compile -d {{ item }}/translations + with_items: + - "{{ lokole_venv }}/lib/python${python_version}/site-packages/opwen_email_client/webapp" + tags: + - install + - name: Create run directory file: path: "{{ lokole_run_directory }}" state: directory + tags: + - configure - name: Configure Lokole template: @@ -39,10 +50,31 @@ template: src: webapp.sh.j2 dest: "{{ lokole_run_directory }}/webapp.sh" + mode: a+x tags: - configure +- name: Create 'lokole' service + template: + src: lokole.service.j2 + dest: "/etc/systemd/system/lokole.service" + tags: + - systemd +- name: Enable 'lokole' service + systemd: + daemon_reload: yes + name: lokole + enabled: yes + state: restarted + when: lokole_enabled + +- name: Disable 'lokole' service + systemd: + name: lokole + enabled: no + state: stopped + when: not lokole_enabled # Everything below this line is unused @@ -53,7 +85,7 @@ - name: Enable httpd conf file if we are disabled (debuntu) file: - src: /etc/apache2/sites-available/lokole.conf + src: /etc/{{ apache_config_dir }}/lokole.conf dest: /etc/apache2/sites-enabled/lokole.conf state: link when: lokole_enabled and is_debuntu @@ -80,14 +112,8 @@ value: lokole - option: description value: '"lokole is an email service."' - - option: lokole_src - value: "{{ lokole_src }}" - - option: lokole_abs_path - value: "{{ lokole_abs_path }}" - - option: lokole_db_name - value: "{{ lokole_db_name }}" - - option: lokole_db_user - value: "{{ lokole_db_user }}" + - option: lokole_run_directory + value: "{{ lokole_run_directory }}" - option: lokole_url value: "{{ lokole_url }}" - option: lokole_full_url diff --git a/roles/lokole/templates/lokole.service.j2 b/roles/lokole/templates/lokole.service.j2 new file mode 100644 index 000000000..29643cabd --- /dev/null +++ b/roles/lokole/templates/lokole.service.j2 @@ -0,0 +1,16 @@ +[Unit] +Description=Provides the Lokole Server +#Requires=lokole.socket +After=network.target + +[Service] +Type=simple +ExecStart=/bin/bash {{ lokole_run_directory }}/webapp.sh +ExecReload=/bin/kill -s HUP $MAINPID +ExecStop=/bin/kill -s TERM $MAINPID +User=root +Group=root +PrivateTmp=true + +[Install] +WantedBy=multi-user.target diff --git a/roles/lokole/templates/webapp.sh.j2 b/roles/lokole/templates/webapp.sh.j2 index 0030e7c11..87290925a 100644 --- a/roles/lokole/templates/webapp.sh.j2 +++ b/roles/lokole/templates/webapp.sh.j2 @@ -1,9 +1,9 @@ #!/usr/bin/env sh -. '${opwen_webapp_envs}' +. '{{lokole_run_directory}}/webapp_secrets.sh' '{{lokole_venv}}/bin/gunicorn' \ --timeout='300' \ --workers='{{ [4, ansible_memtotal_mb / 200] | min | int }}' \ - --bind='unix:{{lokole_domain_socket}}' \ + --bind='unix:{{ lokole_domain_socket }}' \ --log-level='error' \ 'opwen_email_client.webapp:app' From 244be9f2d714a2a053a6fccb01e17dfae228d7eb Mon Sep 17 00:00:00 2001 From: rgangela99 Date: Sat, 28 Jul 2018 13:31:33 -0400 Subject: [PATCH 35/95] Add /lokole/ to path for links from webapp --- roles/lokole/defaults/main.yml | 2 +- roles/lokole/templates/lokole.conf.j2 | 11 ++++++++++- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/roles/lokole/defaults/main.yml b/roles/lokole/defaults/main.yml index f69099d63..afb4458b0 100644 --- a/roles/lokole/defaults/main.yml +++ b/roles/lokole/defaults/main.yml @@ -12,7 +12,7 @@ lokole_install: True lokole_enabled: True lokole_url: /lokole -lokole_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}/{{ lokole_url }}" +lokole_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}{{ lokole_url }}" lokole_domain_socket: "{{ lokole_run_directory }}/lokole_gunicorn.sock" diff --git a/roles/lokole/templates/lokole.conf.j2 b/roles/lokole/templates/lokole.conf.j2 index 9ed5b4b23..10f5ff65b 100644 --- a/roles/lokole/templates/lokole.conf.j2 +++ b/roles/lokole/templates/lokole.conf.j2 @@ -1,5 +1,14 @@ # Root directory goes to Lokole web server -ProxyPass {{ lokole_url }} unix:{{ lokole_domain_socket }}|{{ lokole_full_url }} + +ProxyRequests off +ProxyPass {{ lokole_url }}/ unix:{{ lokole_domain_socket }}|http://{{ iiab_hostname }}.{{ iiab_domain }}/ + + + ProxyPassReverse / + ProxyHTMLEnable On + ProxyHTMLURLMap / {{ lokole_url }}/ + RequestHeader unset Accept-Encoding + # /static directory is stored on filesystem Alias {{ lokole_url }}/static {{ lokole_install_path }} From e977186af7dceefca66e3a3e0923f9916589df99 Mon Sep 17 00:00:00 2001 From: Angela Liu Date: Mon, 8 Oct 2018 17:17:52 -0400 Subject: [PATCH 36/95] Add lokole to 6-generic-apps role --- roles/6-generic-apps/tasks/main.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/roles/6-generic-apps/tasks/main.yml b/roles/6-generic-apps/tasks/main.yml index 01fcd7340..8712e315c 100644 --- a/roles/6-generic-apps/tasks/main.yml +++ b/roles/6-generic-apps/tasks/main.yml @@ -44,6 +44,12 @@ name: wordpress when: wordpress_install tags: wordpress + +- name: LOKOLE + include_role: + name: lokole + when: lokole_install + tags: lokole - name: Recording STAGE 6 HAS COMPLETED ==================== lineinfile: From 992496d33f9196bbecb04a9bac5720fff318bd13 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Mon, 8 Oct 2018 20:01:15 -0400 Subject: [PATCH 37/95] Don't use with_items: deprecated --- roles/lokole/tasks/install.yml | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index 6828fe652..76fe7137d 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -1,15 +1,14 @@ - name: Install packages required by Lokole apt: - name: "{{ item }}" + name: + - python3 + - python3-pip + - python3-venv + - python3-dev + - libffi-dev + - libssl-dev + - bcrypt state: present - with_items: - - python3 - - python3-pip - - python3-venv - - python3-dev - - libffi-dev - - libssl-dev - - bcrypt tags: - install From 88fb3c990c121b8ad8f6b2107d54387231434e21 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Sun, 24 Jun 2018 14:33:04 -0400 Subject: [PATCH 38/95] Create Ansible play --- roles/lokole/mediawiki/defaults/main.yml | 24 ++++ roles/lokole/mediawiki/tasks/install.yml | 112 ++++++++++++++++++ roles/lokole/mediawiki/tasks/main.yml | 3 + .../mediawiki/templates/mediawiki.conf.j2 | 6 + 4 files changed, 145 insertions(+) create mode 100644 roles/lokole/mediawiki/defaults/main.yml create mode 100644 roles/lokole/mediawiki/tasks/install.yml create mode 100644 roles/lokole/mediawiki/tasks/main.yml create mode 100644 roles/lokole/mediawiki/templates/mediawiki.conf.j2 diff --git a/roles/lokole/mediawiki/defaults/main.yml b/roles/lokole/mediawiki/defaults/main.yml new file mode 100644 index 000000000..e75396acb --- /dev/null +++ b/roles/lokole/mediawiki/defaults/main.yml @@ -0,0 +1,24 @@ +mediawiki_major_version: "1.31" +mediawiki_minor_version: "0" +mediawiki_version: "{{ mediawiki_major_version }}.{{ mediawiki_minor_version }}" + +mediawiki_download_base_url: "https://releases.wikimedia.org/mediawiki/{{ mediawiki_major_version }}" +mediawiki_src: "mediawiki-{{ mediawiki_version }}.tar.gz" + +mediawiki_db_name: iiab_mediawiki +mediawiki_db_user: iiab_mediawiki_user +mediawiki_db_user_password: changeme + +mediawiki_admin_user: Admin +mediawiki_admin_user_password: changeme + +mediawiki_site_name: Community Wiki + +mediawiki_install: True +mediawiki_enabled: True + +mediawiki_install_path: "{{ content_base }}" +mediawiki_abs_path: "{{ mediawiki_install_path }}/mediawiki-{{ mediawiki_version }}" + +mediawiki_url: /mediawiki +mediawiki_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}/{{ mediawiki_url }}" diff --git a/roles/lokole/mediawiki/tasks/install.yml b/roles/lokole/mediawiki/tasks/install.yml new file mode 100644 index 000000000..cd89c0c71 --- /dev/null +++ b/roles/lokole/mediawiki/tasks/install.yml @@ -0,0 +1,112 @@ +- name: Install packages required by MediaWiki + package: + name: "{{ item }}" + state: present + with_items: + - "php{{ php_version }}-intl" + - "php{{ php_version }}-mbstring" + tags: + - download + +- name: Download MediaWiki software, per roles/mediawiki/defaults/main.yml + get_url: + url: "{{ mediawiki_download_base_url }}/{{ mediawiki_src }}" + dest: "{{ downloads_dir }}" + timeout: "{{ download_timeout }}" +# force: yes +# backup: yes + register: mediawiki_download_output + when: internet_available + +- name: Unpack download to permanent location + unarchive: + src: "{{ downloads_dir }}/{{ mediawiki_src }}" + dest: "{{ mediawiki_install_path }}" + owner: root + group: "{{ apache_user }}" + mode: 0755 + keep_newer: yes + +- name: MySQL database needs to be running if we are trying to create a new db + service: + state: started + name: "{{ mysql_service }}" + +- name: Create MySQL mediawiki database + mysql_db: + name: "{{ mediawiki_db_name }}" + state: present + +- name: Create MySQL mediawiki database user + mysql_user: + name: "{{ mediawiki_db_user }}" + password: "{{ mediawiki_db_user_password }}" + priv: "{{ mediawiki_db_name }}.*:ALL,GRANT" + state: present + +- name: Configure MediaWiki + shell: > + php '{{ mediawiki_abs_path }}/maintenance/install.php' + --dbname={{ mediawiki_db_name }} + --dbserver="localhost" + --installdbuser={{ mediawiki_db_user }} + --installdbpass={{ mediawiki_db_user_password }} + --dbuser={{ mediawiki_db_user }} + --dbpass={{ mediawiki_db_user_password }} + --scriptpath=/mediawiki + --lang=en + --pass={{ mediawiki_admin_user_password }} + "{{ mediawiki_site_name }}" + "{{ mediawiki_admin_user }}" + args: + chdir: "{{ mediawiki_abs_path }}" + creates: "{{ mediawiki_abs_path }}/LocalSettings.php" + +- name: Copy mediawiki httpd conf file + template: + src: mediawiki.conf.j2 + dest: "/etc/{{ apache_config_dir }}/mediawiki.conf" + +- name: Enable httpd conf file if we are disabled (debuntu) + file: + src: /etc/apache2/sites-available/mediawiki.conf + dest: /etc/apache2/sites-enabled/mediawiki.conf + state: link + when: mediawiki_enabled and is_debuntu + +- name: Remove httpd conf file if we are disabled (OS's other than debuntu) + file: + path: /etc/apache2/sites-enabled/mediawiki.conf + state: absent + when: not mediawiki_enabled and is_debuntu + +- name: Restart Apache, so it picks up the new aliases + service: + name: "{{ apache_service }}" + state: restarted + +- name: Add 'mediawiki' to list of services at /etc/iiab/iiab.ini + ini_file: + dest: "{{ service_filelist }}" + section: mediawiki + option: "{{ item.option }}" + value: "{{ item.value }}" + with_items: + - option: name + value: mediawiki + - option: description + value: '"mediawiki is a blog and web site management application."' + - option: mediawiki_src + value: "{{ mediawiki_src }}" + - option: mediawiki_abs_path + value: "{{ mediawiki_abs_path }}" + - option: mediawiki_db_name + value: "{{ mediawiki_db_name }}" + - option: mediawiki_db_user + value: "{{ mediawiki_db_user }}" + - option: mediawiki_url + value: "{{ mediawiki_url }}" + - option: mediawiki_full_url + value: "{{ mediawiki_full_url }}" + - option: mediawiki_enabled + value: "{{ mediawiki_enabled }}" diff --git a/roles/lokole/mediawiki/tasks/main.yml b/roles/lokole/mediawiki/tasks/main.yml new file mode 100644 index 000000000..6c77d3e7c --- /dev/null +++ b/roles/lokole/mediawiki/tasks/main.yml @@ -0,0 +1,3 @@ +- name: Include the install playbook + include_tasks: install.yml + when: mediawiki_install diff --git a/roles/lokole/mediawiki/templates/mediawiki.conf.j2 b/roles/lokole/mediawiki/templates/mediawiki.conf.j2 new file mode 100644 index 000000000..1da5e193b --- /dev/null +++ b/roles/lokole/mediawiki/templates/mediawiki.conf.j2 @@ -0,0 +1,6 @@ +Alias {{ mediawiki_url }} {{ mediawiki_abs_path }} + + Options Indexes FollowSymLinks + AllowOverride All + Require all granted + From 09cac9b4bdc85faa52bed455ab39e6b87a0d2167 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Sat, 7 Jul 2018 21:20:45 -0400 Subject: [PATCH 39/95] Move to superfolder --- roles/lokole/mediawiki/defaults/main.yml | 24 ---- roles/lokole/mediawiki/tasks/install.yml | 112 ------------------ roles/lokole/mediawiki/tasks/main.yml | 3 - .../mediawiki/templates/mediawiki.conf.j2 | 6 - 4 files changed, 145 deletions(-) delete mode 100644 roles/lokole/mediawiki/defaults/main.yml delete mode 100644 roles/lokole/mediawiki/tasks/install.yml delete mode 100644 roles/lokole/mediawiki/tasks/main.yml delete mode 100644 roles/lokole/mediawiki/templates/mediawiki.conf.j2 diff --git a/roles/lokole/mediawiki/defaults/main.yml b/roles/lokole/mediawiki/defaults/main.yml deleted file mode 100644 index e75396acb..000000000 --- a/roles/lokole/mediawiki/defaults/main.yml +++ /dev/null @@ -1,24 +0,0 @@ -mediawiki_major_version: "1.31" -mediawiki_minor_version: "0" -mediawiki_version: "{{ mediawiki_major_version }}.{{ mediawiki_minor_version }}" - -mediawiki_download_base_url: "https://releases.wikimedia.org/mediawiki/{{ mediawiki_major_version }}" -mediawiki_src: "mediawiki-{{ mediawiki_version }}.tar.gz" - -mediawiki_db_name: iiab_mediawiki -mediawiki_db_user: iiab_mediawiki_user -mediawiki_db_user_password: changeme - -mediawiki_admin_user: Admin -mediawiki_admin_user_password: changeme - -mediawiki_site_name: Community Wiki - -mediawiki_install: True -mediawiki_enabled: True - -mediawiki_install_path: "{{ content_base }}" -mediawiki_abs_path: "{{ mediawiki_install_path }}/mediawiki-{{ mediawiki_version }}" - -mediawiki_url: /mediawiki -mediawiki_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}/{{ mediawiki_url }}" diff --git a/roles/lokole/mediawiki/tasks/install.yml b/roles/lokole/mediawiki/tasks/install.yml deleted file mode 100644 index cd89c0c71..000000000 --- a/roles/lokole/mediawiki/tasks/install.yml +++ /dev/null @@ -1,112 +0,0 @@ -- name: Install packages required by MediaWiki - package: - name: "{{ item }}" - state: present - with_items: - - "php{{ php_version }}-intl" - - "php{{ php_version }}-mbstring" - tags: - - download - -- name: Download MediaWiki software, per roles/mediawiki/defaults/main.yml - get_url: - url: "{{ mediawiki_download_base_url }}/{{ mediawiki_src }}" - dest: "{{ downloads_dir }}" - timeout: "{{ download_timeout }}" -# force: yes -# backup: yes - register: mediawiki_download_output - when: internet_available - -- name: Unpack download to permanent location - unarchive: - src: "{{ downloads_dir }}/{{ mediawiki_src }}" - dest: "{{ mediawiki_install_path }}" - owner: root - group: "{{ apache_user }}" - mode: 0755 - keep_newer: yes - -- name: MySQL database needs to be running if we are trying to create a new db - service: - state: started - name: "{{ mysql_service }}" - -- name: Create MySQL mediawiki database - mysql_db: - name: "{{ mediawiki_db_name }}" - state: present - -- name: Create MySQL mediawiki database user - mysql_user: - name: "{{ mediawiki_db_user }}" - password: "{{ mediawiki_db_user_password }}" - priv: "{{ mediawiki_db_name }}.*:ALL,GRANT" - state: present - -- name: Configure MediaWiki - shell: > - php '{{ mediawiki_abs_path }}/maintenance/install.php' - --dbname={{ mediawiki_db_name }} - --dbserver="localhost" - --installdbuser={{ mediawiki_db_user }} - --installdbpass={{ mediawiki_db_user_password }} - --dbuser={{ mediawiki_db_user }} - --dbpass={{ mediawiki_db_user_password }} - --scriptpath=/mediawiki - --lang=en - --pass={{ mediawiki_admin_user_password }} - "{{ mediawiki_site_name }}" - "{{ mediawiki_admin_user }}" - args: - chdir: "{{ mediawiki_abs_path }}" - creates: "{{ mediawiki_abs_path }}/LocalSettings.php" - -- name: Copy mediawiki httpd conf file - template: - src: mediawiki.conf.j2 - dest: "/etc/{{ apache_config_dir }}/mediawiki.conf" - -- name: Enable httpd conf file if we are disabled (debuntu) - file: - src: /etc/apache2/sites-available/mediawiki.conf - dest: /etc/apache2/sites-enabled/mediawiki.conf - state: link - when: mediawiki_enabled and is_debuntu - -- name: Remove httpd conf file if we are disabled (OS's other than debuntu) - file: - path: /etc/apache2/sites-enabled/mediawiki.conf - state: absent - when: not mediawiki_enabled and is_debuntu - -- name: Restart Apache, so it picks up the new aliases - service: - name: "{{ apache_service }}" - state: restarted - -- name: Add 'mediawiki' to list of services at /etc/iiab/iiab.ini - ini_file: - dest: "{{ service_filelist }}" - section: mediawiki - option: "{{ item.option }}" - value: "{{ item.value }}" - with_items: - - option: name - value: mediawiki - - option: description - value: '"mediawiki is a blog and web site management application."' - - option: mediawiki_src - value: "{{ mediawiki_src }}" - - option: mediawiki_abs_path - value: "{{ mediawiki_abs_path }}" - - option: mediawiki_db_name - value: "{{ mediawiki_db_name }}" - - option: mediawiki_db_user - value: "{{ mediawiki_db_user }}" - - option: mediawiki_url - value: "{{ mediawiki_url }}" - - option: mediawiki_full_url - value: "{{ mediawiki_full_url }}" - - option: mediawiki_enabled - value: "{{ mediawiki_enabled }}" diff --git a/roles/lokole/mediawiki/tasks/main.yml b/roles/lokole/mediawiki/tasks/main.yml deleted file mode 100644 index 6c77d3e7c..000000000 --- a/roles/lokole/mediawiki/tasks/main.yml +++ /dev/null @@ -1,3 +0,0 @@ -- name: Include the install playbook - include_tasks: install.yml - when: mediawiki_install diff --git a/roles/lokole/mediawiki/templates/mediawiki.conf.j2 b/roles/lokole/mediawiki/templates/mediawiki.conf.j2 deleted file mode 100644 index 1da5e193b..000000000 --- a/roles/lokole/mediawiki/templates/mediawiki.conf.j2 +++ /dev/null @@ -1,6 +0,0 @@ -Alias {{ mediawiki_url }} {{ mediawiki_abs_path }} - - Options Indexes FollowSymLinks - AllowOverride All - Require all granted - From ecce959c2257db254beb31ecc30d2089949c18c6 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Sat, 7 Jul 2018 21:21:42 -0400 Subject: [PATCH 40/95] Copy files from mediawiki role --- roles/lokole/defaults/main.yml | 36 ++--- roles/lokole/tasks/install.yml | 175 +++++++++++------------ roles/lokole/tasks/main.yml | 2 +- roles/lokole/templates/mediawiki.conf.j2 | 6 + 4 files changed, 109 insertions(+), 110 deletions(-) create mode 100644 roles/lokole/templates/mediawiki.conf.j2 diff --git a/roles/lokole/defaults/main.yml b/roles/lokole/defaults/main.yml index afb4458b0..e75396acb 100644 --- a/roles/lokole/defaults/main.yml +++ b/roles/lokole/defaults/main.yml @@ -1,22 +1,24 @@ ---- -# Information needed to install Lokole -lokole_version: "0.1.24" -lokole_install_path: "{{ content_base }}/lokole" -lokole_venv: "{{ lokole_install_path }}/venv" +mediawiki_major_version: "1.31" +mediawiki_minor_version: "0" +mediawiki_version: "{{ mediawiki_major_version }}.{{ mediawiki_minor_version }}" -# Information needed to run Lokole -lokole_user: lokole -lokole_run_directory: /home/{{ lokole_user }}/state +mediawiki_download_base_url: "https://releases.wikimedia.org/mediawiki/{{ mediawiki_major_version }}" +mediawiki_src: "mediawiki-{{ mediawiki_version }}.tar.gz" -lokole_install: True -lokole_enabled: True +mediawiki_db_name: iiab_mediawiki +mediawiki_db_user: iiab_mediawiki_user +mediawiki_db_user_password: changeme -lokole_url: /lokole -lokole_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}{{ lokole_url }}" +mediawiki_admin_user: Admin +mediawiki_admin_user_password: changeme -lokole_domain_socket: "{{ lokole_run_directory }}/lokole_gunicorn.sock" +mediawiki_site_name: Community Wiki -# Global variables provided by setup-lokole.sh L157-166 -# https://github.com/ascoderu/opwen-webapp/blob/master/setup/setup-lokole.sh#L157 -opwen_server_locale: '{{ default_language }}' -opwen_server_timezone: '{{ local_tz }}' +mediawiki_install: True +mediawiki_enabled: True + +mediawiki_install_path: "{{ content_base }}" +mediawiki_abs_path: "{{ mediawiki_install_path }}/mediawiki-{{ mediawiki_version }}" + +mediawiki_url: /mediawiki +mediawiki_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}/{{ mediawiki_url }}" diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index 76fe7137d..cd89c0c71 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -1,121 +1,112 @@ -- name: Install packages required by Lokole - apt: - name: - - python3 - - python3-pip - - python3-venv - - python3-dev - - libffi-dev - - libssl-dev - - bcrypt +- name: Install packages required by MediaWiki + package: + name: "{{ item }}" state: present + with_items: + - "php{{ php_version }}-intl" + - "php{{ php_version }}-mbstring" tags: - - install + - download -- name: Install Lokole from PyPI - pip: - name: opwen_email_client - version: "{{ lokole_version }}" - virtualenv: "{{ lokole_venv }}" - virtualenv_command: python3 -m venv "{{ lokole_venv }}" - tags: - - install +- name: Download MediaWiki software, per roles/mediawiki/defaults/main.yml + get_url: + url: "{{ mediawiki_download_base_url }}/{{ mediawiki_src }}" + dest: "{{ downloads_dir }}" + timeout: "{{ download_timeout }}" +# force: yes +# backup: yes + register: mediawiki_download_output when: internet_available -- name: Compile translations - shell: | - python_version=$(python3 -c 'from sys import version_info; print("%s.%s" % (version_info.major, version_info.minor));';) - {{ lokole_venv }}/bin/pybabel compile -d {{ item }}/translations - with_items: - - "{{ lokole_venv }}/lib/python${python_version}/site-packages/opwen_email_client/webapp" - tags: - - install +- name: Unpack download to permanent location + unarchive: + src: "{{ downloads_dir }}/{{ mediawiki_src }}" + dest: "{{ mediawiki_install_path }}" + owner: root + group: "{{ apache_user }}" + mode: 0755 + keep_newer: yes -- name: Create run directory - file: - path: "{{ lokole_run_directory }}" - state: directory - tags: - - configure +- name: MySQL database needs to be running if we are trying to create a new db + service: + state: started + name: "{{ mysql_service }}" -- name: Configure Lokole +- name: Create MySQL mediawiki database + mysql_db: + name: "{{ mediawiki_db_name }}" + state: present + +- name: Create MySQL mediawiki database user + mysql_user: + name: "{{ mediawiki_db_user }}" + password: "{{ mediawiki_db_user_password }}" + priv: "{{ mediawiki_db_name }}.*:ALL,GRANT" + state: present + +- name: Configure MediaWiki + shell: > + php '{{ mediawiki_abs_path }}/maintenance/install.php' + --dbname={{ mediawiki_db_name }} + --dbserver="localhost" + --installdbuser={{ mediawiki_db_user }} + --installdbpass={{ mediawiki_db_user_password }} + --dbuser={{ mediawiki_db_user }} + --dbpass={{ mediawiki_db_user_password }} + --scriptpath=/mediawiki + --lang=en + --pass={{ mediawiki_admin_user_password }} + "{{ mediawiki_site_name }}" + "{{ mediawiki_admin_user }}" + args: + chdir: "{{ mediawiki_abs_path }}" + creates: "{{ mediawiki_abs_path }}/LocalSettings.php" + +- name: Copy mediawiki httpd conf file template: - src: webapp_secrets.sh.j2 - dest: "{{ lokole_run_directory }}/webapp_secrets.sh" - tags: - - configure - -- name: Configure Gunicorn - template: - src: webapp.sh.j2 - dest: "{{ lokole_run_directory }}/webapp.sh" - mode: a+x - tags: - - configure - -- name: Create 'lokole' service - template: - src: lokole.service.j2 - dest: "/etc/systemd/system/lokole.service" - tags: - - systemd - -- name: Enable 'lokole' service - systemd: - daemon_reload: yes - name: lokole - enabled: yes - state: restarted - when: lokole_enabled - -- name: Disable 'lokole' service - systemd: - name: lokole - enabled: no - state: stopped - when: not lokole_enabled - -# Everything below this line is unused - -- name: Copy lokole httpd conf file - template: - src: lokole.conf.j2 - dest: "/etc/{{ apache_config_dir }}/lokole.conf" + src: mediawiki.conf.j2 + dest: "/etc/{{ apache_config_dir }}/mediawiki.conf" - name: Enable httpd conf file if we are disabled (debuntu) file: - src: /etc/{{ apache_config_dir }}/lokole.conf - dest: /etc/apache2/sites-enabled/lokole.conf + src: /etc/apache2/sites-available/mediawiki.conf + dest: /etc/apache2/sites-enabled/mediawiki.conf state: link - when: lokole_enabled and is_debuntu + when: mediawiki_enabled and is_debuntu - name: Remove httpd conf file if we are disabled (OS's other than debuntu) file: - path: /etc/apache2/sites-enabled/lokole.conf + path: /etc/apache2/sites-enabled/mediawiki.conf state: absent - when: not lokole_enabled and is_debuntu + when: not mediawiki_enabled and is_debuntu - name: Restart Apache, so it picks up the new aliases service: name: "{{ apache_service }}" state: restarted -- name: Add 'lokole' to list of services at /etc/iiab/iiab.ini +- name: Add 'mediawiki' to list of services at /etc/iiab/iiab.ini ini_file: dest: "{{ service_filelist }}" - section: lokole + section: mediawiki option: "{{ item.option }}" value: "{{ item.value }}" with_items: - option: name - value: lokole + value: mediawiki - option: description - value: '"lokole is an email service."' - - option: lokole_run_directory - value: "{{ lokole_run_directory }}" - - option: lokole_url - value: "{{ lokole_url }}" - - option: lokole_full_url - value: "{{ lokole_full_url }}" - - option: lokole_enabled - value: "{{ lokole_enabled }}" + value: '"mediawiki is a blog and web site management application."' + - option: mediawiki_src + value: "{{ mediawiki_src }}" + - option: mediawiki_abs_path + value: "{{ mediawiki_abs_path }}" + - option: mediawiki_db_name + value: "{{ mediawiki_db_name }}" + - option: mediawiki_db_user + value: "{{ mediawiki_db_user }}" + - option: mediawiki_url + value: "{{ mediawiki_url }}" + - option: mediawiki_full_url + value: "{{ mediawiki_full_url }}" + - option: mediawiki_enabled + value: "{{ mediawiki_enabled }}" diff --git a/roles/lokole/tasks/main.yml b/roles/lokole/tasks/main.yml index dee0435b3..6c77d3e7c 100644 --- a/roles/lokole/tasks/main.yml +++ b/roles/lokole/tasks/main.yml @@ -1,3 +1,3 @@ - name: Include the install playbook include_tasks: install.yml - when: lokole_install + when: mediawiki_install diff --git a/roles/lokole/templates/mediawiki.conf.j2 b/roles/lokole/templates/mediawiki.conf.j2 new file mode 100644 index 000000000..1da5e193b --- /dev/null +++ b/roles/lokole/templates/mediawiki.conf.j2 @@ -0,0 +1,6 @@ +Alias {{ mediawiki_url }} {{ mediawiki_abs_path }} + + Options Indexes FollowSymLinks + AllowOverride All + Require all granted + From 80d9d341bf8cbf6bb733fd7fe444d4c6f1b60338 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Sat, 7 Jul 2018 21:31:08 -0400 Subject: [PATCH 41/95] Substitute 'mediawiki' with 'lokole' --- roles/lokole/defaults/main.yml | 34 ++++---- roles/lokole/tasks/install.yml | 102 +++++++++++------------ roles/lokole/tasks/main.yml | 2 +- roles/lokole/templates/lokole.conf.j2 | 27 +----- roles/lokole/templates/mediawiki.conf.j2 | 6 -- 5 files changed, 72 insertions(+), 99 deletions(-) delete mode 100644 roles/lokole/templates/mediawiki.conf.j2 diff --git a/roles/lokole/defaults/main.yml b/roles/lokole/defaults/main.yml index e75396acb..3e7f00dfa 100644 --- a/roles/lokole/defaults/main.yml +++ b/roles/lokole/defaults/main.yml @@ -1,24 +1,24 @@ -mediawiki_major_version: "1.31" -mediawiki_minor_version: "0" -mediawiki_version: "{{ mediawiki_major_version }}.{{ mediawiki_minor_version }}" +lokole_major_version: "1.31" +lokole_minor_version: "0" +lokole_version: "{{ lokole_major_version }}.{{ lokole_minor_version }}" -mediawiki_download_base_url: "https://releases.wikimedia.org/mediawiki/{{ mediawiki_major_version }}" -mediawiki_src: "mediawiki-{{ mediawiki_version }}.tar.gz" +lokole_download_base_url: "https://github.com/ascoderu/opwen-webapp/archive/" +lokole_src: "{{ lokole_version }}.tar.gz" -mediawiki_db_name: iiab_mediawiki -mediawiki_db_user: iiab_mediawiki_user -mediawiki_db_user_password: changeme +lokole_db_name: iiab_lokole +lokole_db_user: iiab_lokole_user +lokole_db_user_password: changeme -mediawiki_admin_user: Admin -mediawiki_admin_user_password: changeme +lokole_admin_user: Admin +lokole_admin_user_password: changeme -mediawiki_site_name: Community Wiki +lokole_site_name: Community Wiki -mediawiki_install: True -mediawiki_enabled: True +lokole_install: True +lokole_enabled: True -mediawiki_install_path: "{{ content_base }}" -mediawiki_abs_path: "{{ mediawiki_install_path }}/mediawiki-{{ mediawiki_version }}" +lokole_install_path: "{{ content_base }}" +lokole_abs_path: "{{ lokole_install_path }}/lokole-{{ lokole_version }}" -mediawiki_url: /mediawiki -mediawiki_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}/{{ mediawiki_url }}" +lokole_url: /lokole +lokole_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}/{{ lokole_url }}" diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index cd89c0c71..bcefb5b5a 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -1,4 +1,4 @@ -- name: Install packages required by MediaWiki +- name: Install packages required by Lokole package: name: "{{ item }}" state: present @@ -8,20 +8,20 @@ tags: - download -- name: Download MediaWiki software, per roles/mediawiki/defaults/main.yml +- name: Download Lokole software, per roles/lokole/defaults/main.yml get_url: - url: "{{ mediawiki_download_base_url }}/{{ mediawiki_src }}" + url: "{{ lokole_download_base_url }}/{{ lokole_src }}" dest: "{{ downloads_dir }}" timeout: "{{ download_timeout }}" # force: yes # backup: yes - register: mediawiki_download_output + register: lokole_download_output when: internet_available - name: Unpack download to permanent location unarchive: - src: "{{ downloads_dir }}/{{ mediawiki_src }}" - dest: "{{ mediawiki_install_path }}" + src: "{{ downloads_dir }}/{{ lokole_src }}" + dest: "{{ lokole_install_path }}" owner: root group: "{{ apache_user }}" mode: 0755 @@ -32,81 +32,81 @@ state: started name: "{{ mysql_service }}" -- name: Create MySQL mediawiki database +- name: Create MySQL lokole database mysql_db: - name: "{{ mediawiki_db_name }}" + name: "{{ lokole_db_name }}" state: present -- name: Create MySQL mediawiki database user +- name: Create MySQL lokole database user mysql_user: - name: "{{ mediawiki_db_user }}" - password: "{{ mediawiki_db_user_password }}" - priv: "{{ mediawiki_db_name }}.*:ALL,GRANT" + name: "{{ lokole_db_user }}" + password: "{{ lokole_db_user_password }}" + priv: "{{ lokole_db_name }}.*:ALL,GRANT" state: present -- name: Configure MediaWiki +- name: Configure Lokole shell: > - php '{{ mediawiki_abs_path }}/maintenance/install.php' - --dbname={{ mediawiki_db_name }} + php '{{ lokole_abs_path }}/maintenance/install.php' + --dbname={{ lokole_db_name }} --dbserver="localhost" - --installdbuser={{ mediawiki_db_user }} - --installdbpass={{ mediawiki_db_user_password }} - --dbuser={{ mediawiki_db_user }} - --dbpass={{ mediawiki_db_user_password }} - --scriptpath=/mediawiki + --installdbuser={{ lokole_db_user }} + --installdbpass={{ lokole_db_user_password }} + --dbuser={{ lokole_db_user }} + --dbpass={{ lokole_db_user_password }} + --scriptpath=/lokole --lang=en - --pass={{ mediawiki_admin_user_password }} - "{{ mediawiki_site_name }}" - "{{ mediawiki_admin_user }}" + --pass={{ lokole_admin_user_password }} + "{{ lokole_site_name }}" + "{{ lokole_admin_user }}" args: - chdir: "{{ mediawiki_abs_path }}" - creates: "{{ mediawiki_abs_path }}/LocalSettings.php" + chdir: "{{ lokole_abs_path }}" + creates: "{{ lokole_abs_path }}/LocalSettings.php" -- name: Copy mediawiki httpd conf file +- name: Copy lokole httpd conf file template: - src: mediawiki.conf.j2 - dest: "/etc/{{ apache_config_dir }}/mediawiki.conf" + src: lokole.conf.j2 + dest: "/etc/{{ apache_config_dir }}/lokole.conf" - name: Enable httpd conf file if we are disabled (debuntu) file: - src: /etc/apache2/sites-available/mediawiki.conf - dest: /etc/apache2/sites-enabled/mediawiki.conf + src: /etc/apache2/sites-available/lokole.conf + dest: /etc/apache2/sites-enabled/lokole.conf state: link - when: mediawiki_enabled and is_debuntu + when: lokole_enabled and is_debuntu - name: Remove httpd conf file if we are disabled (OS's other than debuntu) file: - path: /etc/apache2/sites-enabled/mediawiki.conf + path: /etc/apache2/sites-enabled/lokole.conf state: absent - when: not mediawiki_enabled and is_debuntu + when: not lokole_enabled and is_debuntu - name: Restart Apache, so it picks up the new aliases service: name: "{{ apache_service }}" state: restarted -- name: Add 'mediawiki' to list of services at /etc/iiab/iiab.ini +- name: Add 'lokole' to list of services at /etc/iiab/iiab.ini ini_file: dest: "{{ service_filelist }}" - section: mediawiki + section: lokole option: "{{ item.option }}" value: "{{ item.value }}" with_items: - option: name - value: mediawiki + value: lokole - option: description - value: '"mediawiki is a blog and web site management application."' - - option: mediawiki_src - value: "{{ mediawiki_src }}" - - option: mediawiki_abs_path - value: "{{ mediawiki_abs_path }}" - - option: mediawiki_db_name - value: "{{ mediawiki_db_name }}" - - option: mediawiki_db_user - value: "{{ mediawiki_db_user }}" - - option: mediawiki_url - value: "{{ mediawiki_url }}" - - option: mediawiki_full_url - value: "{{ mediawiki_full_url }}" - - option: mediawiki_enabled - value: "{{ mediawiki_enabled }}" + value: '"lokole is an email service."' + - option: lokole_src + value: "{{ lokole_src }}" + - option: lokole_abs_path + value: "{{ lokole_abs_path }}" + - option: lokole_db_name + value: "{{ lokole_db_name }}" + - option: lokole_db_user + value: "{{ lokole_db_user }}" + - option: lokole_url + value: "{{ lokole_url }}" + - option: lokole_full_url + value: "{{ lokole_full_url }}" + - option: lokole_enabled + value: "{{ lokole_enabled }}" diff --git a/roles/lokole/tasks/main.yml b/roles/lokole/tasks/main.yml index 6c77d3e7c..dee0435b3 100644 --- a/roles/lokole/tasks/main.yml +++ b/roles/lokole/tasks/main.yml @@ -1,3 +1,3 @@ - name: Include the install playbook include_tasks: install.yml - when: mediawiki_install + when: lokole_install diff --git a/roles/lokole/templates/lokole.conf.j2 b/roles/lokole/templates/lokole.conf.j2 index 10f5ff65b..ccbebe98e 100644 --- a/roles/lokole/templates/lokole.conf.j2 +++ b/roles/lokole/templates/lokole.conf.j2 @@ -1,27 +1,6 @@ -# Root directory goes to Lokole web server - -ProxyRequests off -ProxyPass {{ lokole_url }}/ unix:{{ lokole_domain_socket }}|http://{{ iiab_hostname }}.{{ iiab_domain }}/ - - - ProxyPassReverse / - ProxyHTMLEnable On - ProxyHTMLURLMap / {{ lokole_url }}/ - RequestHeader unset Accept-Encoding - - -# /static directory is stored on filesystem -Alias {{ lokole_url }}/static {{ lokole_install_path }} - - +Alias {{ lokole_url }} {{ lokole_abs_path }} + Options Indexes FollowSymLinks - - # Don't allow modifications in static directory + AllowOverride All Require all granted - - Require all denied - - -# Disable TRACE to prevent cross-site tracing -TraceEnable off diff --git a/roles/lokole/templates/mediawiki.conf.j2 b/roles/lokole/templates/mediawiki.conf.j2 deleted file mode 100644 index 1da5e193b..000000000 --- a/roles/lokole/templates/mediawiki.conf.j2 +++ /dev/null @@ -1,6 +0,0 @@ -Alias {{ mediawiki_url }} {{ mediawiki_abs_path }} - - Options Indexes FollowSymLinks - AllowOverride All - Require all granted - From 12816c45f2df7b2a2b3c895b4447ec890b56e788 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Thu, 12 Jul 2018 21:35:39 -0400 Subject: [PATCH 42/95] Use actual version; don't split into separate major and minor variables --- roles/lokole/defaults/main.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/roles/lokole/defaults/main.yml b/roles/lokole/defaults/main.yml index 3e7f00dfa..39807d87c 100644 --- a/roles/lokole/defaults/main.yml +++ b/roles/lokole/defaults/main.yml @@ -1,6 +1,4 @@ -lokole_major_version: "1.31" -lokole_minor_version: "0" -lokole_version: "{{ lokole_major_version }}.{{ lokole_minor_version }}" +lokole_version: "0.1.24" lokole_download_base_url: "https://github.com/ascoderu/opwen-webapp/archive/" lokole_src: "{{ lokole_version }}.tar.gz" From ebda624baf9a2e8c2858c1f70ca6fcab22b6492e Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Thu, 12 Jul 2018 22:14:39 -0400 Subject: [PATCH 43/95] Change to correct dependencies --- roles/lokole/tasks/install.yml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index bcefb5b5a..c08f12416 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -1,10 +1,12 @@ - name: Install packages required by Lokole - package: + apt: name: "{{ item }}" state: present with_items: - - "php{{ php_version }}-intl" - - "php{{ php_version }}-mbstring" + - make + - python3-venv + - npm + - shellcheck tags: - download From e573424ad0f3527931b0eabdfb82074c3b0f50ef Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Thu, 12 Jul 2018 22:44:10 -0400 Subject: [PATCH 44/95] Using PyPI --- roles/lokole/defaults/main.yml | 3 --- roles/lokole/tasks/install.yml | 47 ++++++++++++++++++++-------------- 2 files changed, 28 insertions(+), 22 deletions(-) diff --git a/roles/lokole/defaults/main.yml b/roles/lokole/defaults/main.yml index 39807d87c..245b2b1c2 100644 --- a/roles/lokole/defaults/main.yml +++ b/roles/lokole/defaults/main.yml @@ -1,8 +1,5 @@ lokole_version: "0.1.24" -lokole_download_base_url: "https://github.com/ascoderu/opwen-webapp/archive/" -lokole_src: "{{ lokole_version }}.tar.gz" - lokole_db_name: iiab_lokole lokole_db_user: iiab_lokole_user lokole_db_user_password: changeme diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index c08f12416..722774509 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -3,31 +3,40 @@ name: "{{ item }}" state: present with_items: - - make + - python3 + - python3-pip - python3-venv - - npm - - shellcheck + - python3-dev + - libffi-dev + - libssl-dev + - bcrypt tags: - download -- name: Download Lokole software, per roles/lokole/defaults/main.yml - get_url: - url: "{{ lokole_download_base_url }}/{{ lokole_src }}" - dest: "{{ downloads_dir }}" - timeout: "{{ download_timeout }}" -# force: yes -# backup: yes - register: lokole_download_output +- name: Install Lokole from PyPI + pip: + name: opwen_email_client + virtualenv: null # TODO figure this out + tags: + - download when: internet_available -- name: Unpack download to permanent location - unarchive: - src: "{{ downloads_dir }}/{{ lokole_src }}" - dest: "{{ lokole_install_path }}" - owner: root - group: "{{ apache_user }}" - mode: 0755 - keep_newer: yes +# - name: Download Lokole software, per roles/lokole/defaults/main.yml +# git: +# repo: "{{ lokole_git_repo }}" +# version: "{{ lokole_version }}" +# dest: "{{ lokole_install_path }}" +# register: lokole_download_output +# when: internet_available + +# - name: Unpack download to permanent location +# unarchive: +# src: "{{ downloads_dir }}/{{ lokole_src }}" +# dest: "{{ }}" +# owner: root +# group: "{{ apache_user }}" +# mode: 0755 +# keep_newer: yes - name: MySQL database needs to be running if we are trying to create a new db service: From 51ef6e74c87873847c9996cb37c675e1c3304c38 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Fri, 13 Jul 2018 21:47:33 -0400 Subject: [PATCH 45/95] Add config file template --- roles/lokole/templates/webapp_secrets.sh.j2 | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/roles/lokole/templates/webapp_secrets.sh.j2 b/roles/lokole/templates/webapp_secrets.sh.j2 index 44dcfbae6..c48afd45f 100644 --- a/roles/lokole/templates/webapp_secrets.sh.j2 +++ b/roles/lokole/templates/webapp_secrets.sh.j2 @@ -1,4 +1,10 @@ export OPWEN_STATE_DIRECTORY='{{lokole_run_directory}}' -export OPWEN_SESSION_KEY='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=32') }}' -export OPWEN_PASSWORD_SALT='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=16') }}' -export OPWEN_CLIENT_NAME='iiab-{{ iiab_hostname }}' +export OPWEN_SESSION_KEY='{{lokole_config_session_key}}' +export OPWEN_PASSWORD_SALT='{{opwen_webapp_config_password_salt}}' +export OPWEN_ADMIN_SECRET='{{opwen_webapp_admin_secret}}' +export OPWEN_REMOTE_ACCOUNT_NAME='{{opwen_webapp_config_remote_account_name}}' +export OPWEN_REMOTE_ACCOUNT_KEY='{{opwen_webapp_config_remote_account_key}}' +export OPWEN_CLIENT_ID='{{opwen_webapp_config_client_id}}' +export OPWEN_CLIENT_NAME='{{opwen_webapp_config_client_name}}' +export OPWEN_EMAIL_SERVER_READ_API='{{opwen_server_read_host}}' +export OPWEN_EMAIL_SERVER_WRITE_API='{{opwen_server_write_host}}' From e139469b45865d4c7cbc4ca5a532e32575f33570 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Sat, 14 Jul 2018 23:14:43 -0400 Subject: [PATCH 46/95] Hardcode OPWEN_CLIENT_NAME to iiab + hostname --- roles/lokole/templates/webapp_secrets.sh.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/lokole/templates/webapp_secrets.sh.j2 b/roles/lokole/templates/webapp_secrets.sh.j2 index c48afd45f..1fec63686 100644 --- a/roles/lokole/templates/webapp_secrets.sh.j2 +++ b/roles/lokole/templates/webapp_secrets.sh.j2 @@ -5,6 +5,6 @@ export OPWEN_ADMIN_SECRET='{{opwen_webapp_admin_secret}}' export OPWEN_REMOTE_ACCOUNT_NAME='{{opwen_webapp_config_remote_account_name}}' export OPWEN_REMOTE_ACCOUNT_KEY='{{opwen_webapp_config_remote_account_key}}' export OPWEN_CLIENT_ID='{{opwen_webapp_config_client_id}}' -export OPWEN_CLIENT_NAME='{{opwen_webapp_config_client_name}}' +export OPWEN_CLIENT_NAME='iiab-{{ iiab_hostname }}' export OPWEN_EMAIL_SERVER_READ_API='{{opwen_server_read_host}}' export OPWEN_EMAIL_SERVER_WRITE_API='{{opwen_server_write_host}}' From 94e5c831a3f24bfd96d57777e872311ecb199af7 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Sat, 14 Jul 2018 23:35:56 -0400 Subject: [PATCH 47/95] Adding more global variables --- roles/lokole/defaults/main.yml | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/roles/lokole/defaults/main.yml b/roles/lokole/defaults/main.yml index 245b2b1c2..68364ee0d 100644 --- a/roles/lokole/defaults/main.yml +++ b/roles/lokole/defaults/main.yml @@ -17,3 +17,16 @@ lokole_abs_path: "{{ lokole_install_path }}/lokole-{{ lokole_version }}" lokole_url: /lokole lokole_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}/{{ lokole_url }}" + +# Global variables provided by setup-lokole.sh L157-166 +# https://github.com/ascoderu/opwen-webapp/blob/master/setup/setup-lokole.sh#L157 +#opwen_network_name: 'Lokole' # use IIAB's wifi +#opwen_network_password: 'Ascoderu' +#opwen_server_read_host: 'api.mailserver.read.lokole.ca' # local-only anyway +#opwen_server_write_host: 'api.mailserver.write.lokole.ca' +#opwen_server_inbox_host: 'api.mailserver.inbox.lokole.ca' +opwen_server_locale: '{{ default_language }}' +opwen_server_timezone: '{{ local_tz }}' +opwen_user: "${USER}" +opwen_device: "${HOSTNAME}" +opwen_port: "${LOKOLE_PORT:-80}" # probably unnecessary From ff41cbf2a6a41888b58a9e4b1ee60a2b352fe515 Mon Sep 17 00:00:00 2001 From: Angela Liu Date: Sat, 21 Jul 2018 15:18:35 -0400 Subject: [PATCH 48/95] Setup Lokole virtualenv --- roles/lokole/defaults/main.yml | 2 ++ roles/lokole/tasks/install.yml | 4 +++- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/roles/lokole/defaults/main.yml b/roles/lokole/defaults/main.yml index 68364ee0d..c6d2b6294 100644 --- a/roles/lokole/defaults/main.yml +++ b/roles/lokole/defaults/main.yml @@ -15,6 +15,8 @@ lokole_enabled: True lokole_install_path: "{{ content_base }}" lokole_abs_path: "{{ lokole_install_path }}/lokole-{{ lokole_version }}" +lokole_venv: "{{ lokole_abs_path }}/venv" + lokole_url: /lokole lokole_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}/{{ lokole_url }}" diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index 722774509..61bc57cbe 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -16,7 +16,9 @@ - name: Install Lokole from PyPI pip: name: opwen_email_client - virtualenv: null # TODO figure this out + version: "{{ lokole_version }}" + virtualenv: "{{ lokole_venv }}" + virtualenv_program: python3 -m venv "{{ lokole_venv }}" tags: - download when: internet_available From 95c7ddafd007ecb1c623f61241bcb49e133f894b Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Sun, 22 Jul 2018 02:07:31 -0400 Subject: [PATCH 49/95] Start on config stuff --- roles/lokole/tasks/install.yml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index 61bc57cbe..60500966d 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -23,6 +23,21 @@ - download when: internet_available +# - name: Generate session key +# password: +# length: 32 +# encrypt: no +# _terms: /dev/null +# tags: +# - configure + +- name: Configure Lokole + template: + src: webapp_secrets.sh.j2 + dest: {{ lokole_wd }}/webapp_secrets.sh + tags: + - configure + # - name: Download Lokole software, per roles/lokole/defaults/main.yml # git: # repo: "{{ lokole_git_repo }}" From 593bd01fcdc2eb45378771253ec3adc4d309b399 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Sun, 22 Jul 2018 23:29:57 -0400 Subject: [PATCH 50/95] Setup config file for local-only mode, add password generation --- roles/lokole/defaults/main.yml | 3 +++ roles/lokole/tasks/install.yml | 10 +--------- roles/lokole/templates/webapp_secrets.sh.j2 | 10 ++-------- 3 files changed, 6 insertions(+), 17 deletions(-) diff --git a/roles/lokole/defaults/main.yml b/roles/lokole/defaults/main.yml index c6d2b6294..0c4da9fac 100644 --- a/roles/lokole/defaults/main.yml +++ b/roles/lokole/defaults/main.yml @@ -17,6 +17,9 @@ lokole_abs_path: "{{ lokole_install_path }}/lokole-{{ lokole_version }}" lokole_venv: "{{ lokole_abs_path }}/venv" +# TODO decide what directory to make this +lokole_run_directory: "{{ lokole_abs_path }}" + lokole_url: /lokole lokole_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}/{{ lokole_url }}" diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index 60500966d..b027b65f1 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -23,18 +23,10 @@ - download when: internet_available -# - name: Generate session key -# password: -# length: 32 -# encrypt: no -# _terms: /dev/null -# tags: -# - configure - - name: Configure Lokole template: src: webapp_secrets.sh.j2 - dest: {{ lokole_wd }}/webapp_secrets.sh + dest: {{ lokole_run_directory }}/webapp_secrets.sh tags: - configure diff --git a/roles/lokole/templates/webapp_secrets.sh.j2 b/roles/lokole/templates/webapp_secrets.sh.j2 index 1fec63686..11a2a8a2e 100644 --- a/roles/lokole/templates/webapp_secrets.sh.j2 +++ b/roles/lokole/templates/webapp_secrets.sh.j2 @@ -1,10 +1,4 @@ export OPWEN_STATE_DIRECTORY='{{lokole_run_directory}}' -export OPWEN_SESSION_KEY='{{lokole_config_session_key}}' -export OPWEN_PASSWORD_SALT='{{opwen_webapp_config_password_salt}}' -export OPWEN_ADMIN_SECRET='{{opwen_webapp_admin_secret}}' -export OPWEN_REMOTE_ACCOUNT_NAME='{{opwen_webapp_config_remote_account_name}}' -export OPWEN_REMOTE_ACCOUNT_KEY='{{opwen_webapp_config_remote_account_key}}' -export OPWEN_CLIENT_ID='{{opwen_webapp_config_client_id}}' +export OPWEN_SESSION_KEY='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=32 encrypt=no }}' +export OPWEN_PASSWORD_SALT='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=16 encrypt=no }}' export OPWEN_CLIENT_NAME='iiab-{{ iiab_hostname }}' -export OPWEN_EMAIL_SERVER_READ_API='{{opwen_server_read_host}}' -export OPWEN_EMAIL_SERVER_WRITE_API='{{opwen_server_write_host}}' From 01b1b72f211240893286b75c274eea9e5fdeefb3 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Sun, 22 Jul 2018 23:41:45 -0400 Subject: [PATCH 51/95] Only one directory for Lokole - multiple versions not supported --- roles/lokole/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/lokole/defaults/main.yml b/roles/lokole/defaults/main.yml index 0c4da9fac..8c82c3952 100644 --- a/roles/lokole/defaults/main.yml +++ b/roles/lokole/defaults/main.yml @@ -13,7 +13,7 @@ lokole_install: True lokole_enabled: True lokole_install_path: "{{ content_base }}" -lokole_abs_path: "{{ lokole_install_path }}/lokole-{{ lokole_version }}" +lokole_abs_path: "{{ lokole_install_path }}/lokole" lokole_venv: "{{ lokole_abs_path }}/venv" From b44f2c7bc1191168ff878e4d07eaf9e47ca54910 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Sun, 22 Jul 2018 23:56:13 -0400 Subject: [PATCH 52/95] Reorganize config file --- roles/lokole/defaults/main.yml | 25 ++++++++++--------------- 1 file changed, 10 insertions(+), 15 deletions(-) diff --git a/roles/lokole/defaults/main.yml b/roles/lokole/defaults/main.yml index 8c82c3952..7b5f405cc 100644 --- a/roles/lokole/defaults/main.yml +++ b/roles/lokole/defaults/main.yml @@ -1,25 +1,20 @@ +--- +# Information needed to install Lokole lokole_version: "0.1.24" +lokole_install_path: "{{ content_base }}/lokole" +lokole_venv: "{{ lokole_install_path }}/venv" + +# Information needed to run Lokole +lokole_user: lokole +lokole_run_directory: /home/{{ lokole_user }}/state lokole_db_name: iiab_lokole lokole_db_user: iiab_lokole_user lokole_db_user_password: changeme -lokole_admin_user: Admin -lokole_admin_user_password: changeme - -lokole_site_name: Community Wiki - lokole_install: True lokole_enabled: True -lokole_install_path: "{{ content_base }}" -lokole_abs_path: "{{ lokole_install_path }}/lokole" - -lokole_venv: "{{ lokole_abs_path }}/venv" - -# TODO decide what directory to make this -lokole_run_directory: "{{ lokole_abs_path }}" - lokole_url: /lokole lokole_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}/{{ lokole_url }}" @@ -32,6 +27,6 @@ lokole_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}/{{ lokole_url }}" #opwen_server_inbox_host: 'api.mailserver.inbox.lokole.ca' opwen_server_locale: '{{ default_language }}' opwen_server_timezone: '{{ local_tz }}' -opwen_user: "${USER}" -opwen_device: "${HOSTNAME}" +# opwen_user: lokole # superseded by lokole_user +# opwen_device: "{{ iiab_hostname }}" # just use iiab_hostname opwen_port: "${LOKOLE_PORT:-80}" # probably unnecessary From 2e6e816abd5facc1653736e67277f41d91e6dd17 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Mon, 23 Jul 2018 00:03:04 -0400 Subject: [PATCH 53/95] Cleanup --- roles/lokole/defaults/main.yml | 2 ++ roles/lokole/tasks/install.yml | 19 ++----------------- 2 files changed, 4 insertions(+), 17 deletions(-) diff --git a/roles/lokole/defaults/main.yml b/roles/lokole/defaults/main.yml index 7b5f405cc..0fc567e3c 100644 --- a/roles/lokole/defaults/main.yml +++ b/roles/lokole/defaults/main.yml @@ -8,6 +8,8 @@ lokole_venv: "{{ lokole_install_path }}/venv" lokole_user: lokole lokole_run_directory: /home/{{ lokole_user }}/state +# Everything below this line is unused + lokole_db_name: iiab_lokole lokole_db_user: iiab_lokole_user lokole_db_user_password: changeme diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index b027b65f1..d3ecf7e92 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -26,26 +26,11 @@ - name: Configure Lokole template: src: webapp_secrets.sh.j2 - dest: {{ lokole_run_directory }}/webapp_secrets.sh + dest: "{{ lokole_run_directory }}/webapp_secrets.sh" tags: - configure -# - name: Download Lokole software, per roles/lokole/defaults/main.yml -# git: -# repo: "{{ lokole_git_repo }}" -# version: "{{ lokole_version }}" -# dest: "{{ lokole_install_path }}" -# register: lokole_download_output -# when: internet_available - -# - name: Unpack download to permanent location -# unarchive: -# src: "{{ downloads_dir }}/{{ lokole_src }}" -# dest: "{{ }}" -# owner: root -# group: "{{ apache_user }}" -# mode: 0755 -# keep_newer: yes +# Everything below this line is unused - name: MySQL database needs to be running if we are trying to create a new db service: From fed6ef62fccd2c84b84f5204fceddabd56469a34 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Mon, 23 Jul 2018 00:05:52 -0400 Subject: [PATCH 54/95] Change tag to install --- roles/lokole/tasks/install.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index d3ecf7e92..bb6d4a3ab 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -11,7 +11,7 @@ - libssl-dev - bcrypt tags: - - download + - install - name: Install Lokole from PyPI pip: @@ -20,7 +20,7 @@ virtualenv: "{{ lokole_venv }}" virtualenv_program: python3 -m venv "{{ lokole_venv }}" tags: - - download + - install when: internet_available - name: Configure Lokole From 95fea93dac62a17874a6d77afa63bec123eecfe2 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Mon, 23 Jul 2018 00:21:36 -0400 Subject: [PATCH 55/95] Add missing end quotes --- roles/lokole/templates/webapp_secrets.sh.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/lokole/templates/webapp_secrets.sh.j2 b/roles/lokole/templates/webapp_secrets.sh.j2 index 11a2a8a2e..4a02f59f2 100644 --- a/roles/lokole/templates/webapp_secrets.sh.j2 +++ b/roles/lokole/templates/webapp_secrets.sh.j2 @@ -1,4 +1,4 @@ export OPWEN_STATE_DIRECTORY='{{lokole_run_directory}}' -export OPWEN_SESSION_KEY='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=32 encrypt=no }}' -export OPWEN_PASSWORD_SALT='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=16 encrypt=no }}' +export OPWEN_SESSION_KEY='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=32 encrypt=no' }}' +export OPWEN_PASSWORD_SALT='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=16 encrypt=no' }}' export OPWEN_CLIENT_NAME='iiab-{{ iiab_hostname }}' From 84d914408861ffd9ea3e2dc301050d7e7f66fce9 Mon Sep 17 00:00:00 2001 From: Angela Liu Date: Mon, 23 Jul 2018 00:06:23 -0400 Subject: [PATCH 56/95] Fix virtualenv command --- roles/lokole/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index bb6d4a3ab..0d99e3360 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -18,7 +18,7 @@ name: opwen_email_client version: "{{ lokole_version }}" virtualenv: "{{ lokole_venv }}" - virtualenv_program: python3 -m venv "{{ lokole_venv }}" + virtualenv_command: python3 -m venv "{{ lokole_venv }}" tags: - install when: internet_available From 86fba559549785663d686de747cc50d1f590fc00 Mon Sep 17 00:00:00 2001 From: Angela Liu Date: Mon, 23 Jul 2018 19:11:16 -0400 Subject: [PATCH 57/95] Add missing parentheses in template and make sure run directory exists --- roles/lokole/tasks/install.yml | 5 +++++ roles/lokole/templates/webapp_secrets.sh.j2 | 4 ++-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index 0d99e3360..24b072e74 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -22,6 +22,11 @@ tags: - install when: internet_available + +- name: Create run directory + file: + path: "{{ lokole_run_directory }}" + state: directory - name: Configure Lokole template: diff --git a/roles/lokole/templates/webapp_secrets.sh.j2 b/roles/lokole/templates/webapp_secrets.sh.j2 index 4a02f59f2..2ab18a7f8 100644 --- a/roles/lokole/templates/webapp_secrets.sh.j2 +++ b/roles/lokole/templates/webapp_secrets.sh.j2 @@ -1,4 +1,4 @@ export OPWEN_STATE_DIRECTORY='{{lokole_run_directory}}' -export OPWEN_SESSION_KEY='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=32 encrypt=no' }}' -export OPWEN_PASSWORD_SALT='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=16 encrypt=no' }}' +export OPWEN_SESSION_KEY='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=32 encrypt=no') }}' +export OPWEN_PASSWORD_SALT='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=16 encrypt=no') }}' export OPWEN_CLIENT_NAME='iiab-{{ iiab_hostname }}' From 5cb9dfe5b783af40b5c57791b26a4472382c5326 Mon Sep 17 00:00:00 2001 From: Angela Liu Date: Mon, 23 Jul 2018 22:22:03 -0400 Subject: [PATCH 58/95] Update password encryption --- roles/lokole/templates/webapp_secrets.sh.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/lokole/templates/webapp_secrets.sh.j2 b/roles/lokole/templates/webapp_secrets.sh.j2 index 2ab18a7f8..44dcfbae6 100644 --- a/roles/lokole/templates/webapp_secrets.sh.j2 +++ b/roles/lokole/templates/webapp_secrets.sh.j2 @@ -1,4 +1,4 @@ export OPWEN_STATE_DIRECTORY='{{lokole_run_directory}}' -export OPWEN_SESSION_KEY='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=32 encrypt=no') }}' -export OPWEN_PASSWORD_SALT='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=16 encrypt=no') }}' +export OPWEN_SESSION_KEY='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=32') }}' +export OPWEN_PASSWORD_SALT='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=16') }}' export OPWEN_CLIENT_NAME='iiab-{{ iiab_hostname }}' From 88752e419a5c2708d11374969bee56a72bff25ad Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Mon, 23 Jul 2018 22:57:12 -0400 Subject: [PATCH 59/95] SQLite comes with Python so no database setup required --- roles/lokole/defaults/main.yml | 6 ------ roles/lokole/tasks/install.yml | 35 ---------------------------------- 2 files changed, 41 deletions(-) diff --git a/roles/lokole/defaults/main.yml b/roles/lokole/defaults/main.yml index 0fc567e3c..5a65b5009 100644 --- a/roles/lokole/defaults/main.yml +++ b/roles/lokole/defaults/main.yml @@ -8,12 +8,6 @@ lokole_venv: "{{ lokole_install_path }}/venv" lokole_user: lokole lokole_run_directory: /home/{{ lokole_user }}/state -# Everything below this line is unused - -lokole_db_name: iiab_lokole -lokole_db_user: iiab_lokole_user -lokole_db_user_password: changeme - lokole_install: True lokole_enabled: True diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index 24b072e74..36b25a674 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -37,41 +37,6 @@ # Everything below this line is unused -- name: MySQL database needs to be running if we are trying to create a new db - service: - state: started - name: "{{ mysql_service }}" - -- name: Create MySQL lokole database - mysql_db: - name: "{{ lokole_db_name }}" - state: present - -- name: Create MySQL lokole database user - mysql_user: - name: "{{ lokole_db_user }}" - password: "{{ lokole_db_user_password }}" - priv: "{{ lokole_db_name }}.*:ALL,GRANT" - state: present - -- name: Configure Lokole - shell: > - php '{{ lokole_abs_path }}/maintenance/install.php' - --dbname={{ lokole_db_name }} - --dbserver="localhost" - --installdbuser={{ lokole_db_user }} - --installdbpass={{ lokole_db_user_password }} - --dbuser={{ lokole_db_user }} - --dbpass={{ lokole_db_user_password }} - --scriptpath=/lokole - --lang=en - --pass={{ lokole_admin_user_password }} - "{{ lokole_site_name }}" - "{{ lokole_admin_user }}" - args: - chdir: "{{ lokole_abs_path }}" - creates: "{{ lokole_abs_path }}/LocalSettings.php" - - name: Copy lokole httpd conf file template: src: lokole.conf.j2 From 0f54fb57bd0733aab8633ac073ce679a41481002 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Mon, 23 Jul 2018 23:00:50 -0400 Subject: [PATCH 60/95] Lokole interfaces with httpd via a Unix domain socket --- roles/lokole/defaults/main.yml | 10 ++-------- roles/lokole/templates/lokole.conf.j2 | 3 +++ 2 files changed, 5 insertions(+), 8 deletions(-) diff --git a/roles/lokole/defaults/main.yml b/roles/lokole/defaults/main.yml index 5a65b5009..6bac2fd35 100644 --- a/roles/lokole/defaults/main.yml +++ b/roles/lokole/defaults/main.yml @@ -14,15 +14,9 @@ lokole_enabled: True lokole_url: /lokole lokole_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}/{{ lokole_url }}" +lokole_domain_socket: "{{ lokole_install_path }}/lokole_gunicorn.sock" + # Global variables provided by setup-lokole.sh L157-166 # https://github.com/ascoderu/opwen-webapp/blob/master/setup/setup-lokole.sh#L157 -#opwen_network_name: 'Lokole' # use IIAB's wifi -#opwen_network_password: 'Ascoderu' -#opwen_server_read_host: 'api.mailserver.read.lokole.ca' # local-only anyway -#opwen_server_write_host: 'api.mailserver.write.lokole.ca' -#opwen_server_inbox_host: 'api.mailserver.inbox.lokole.ca' opwen_server_locale: '{{ default_language }}' opwen_server_timezone: '{{ local_tz }}' -# opwen_user: lokole # superseded by lokole_user -# opwen_device: "{{ iiab_hostname }}" # just use iiab_hostname -opwen_port: "${LOKOLE_PORT:-80}" # probably unnecessary diff --git a/roles/lokole/templates/lokole.conf.j2 b/roles/lokole/templates/lokole.conf.j2 index ccbebe98e..b31bd771c 100644 --- a/roles/lokole/templates/lokole.conf.j2 +++ b/roles/lokole/templates/lokole.conf.j2 @@ -1,3 +1,6 @@ +ProxyPass {{ lokole_url }} http://unix:{{lokole_domain_socket}} + + Alias {{ lokole_url }} {{ lokole_abs_path }} Options Indexes FollowSymLinks From fabb435019845679644cd70891487f0722fcb226 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Tue, 24 Jul 2018 00:29:07 -0400 Subject: [PATCH 61/95] Start creating webapp.sh script template See https://github.com/ascoderu/opwen-webapp/blob/master/setup/setup-lokole.sh#L384 --- roles/lokole/templates/webapp.sh.j2 | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/lokole/templates/webapp.sh.j2 b/roles/lokole/templates/webapp.sh.j2 index 87290925a..65a2738f0 100644 --- a/roles/lokole/templates/webapp.sh.j2 +++ b/roles/lokole/templates/webapp.sh.j2 @@ -1,9 +1,9 @@ #!/usr/bin/env sh -. '{{lokole_run_directory}}/webapp_secrets.sh' +. '${opwen_webapp_envs}' -'{{lokole_venv}}/bin/gunicorn' \ - --timeout='300' \ - --workers='{{ [4, ansible_memtotal_mb / 200] | min | int }}' \ - --bind='unix:{{ lokole_domain_socket }}' \ - --log-level='error' \ +'{{lokole_venv}}/bin/gunicorn' \\ + --timeout='300' \\ + --workers='${opwen_webapp_workers}' \\ + --bind='unix:{{lokole_domain_socket}}' \\ + --log-level='error' \\ 'opwen_email_client.webapp:app' From 8c312f0109f0ad1f62f9cec650ef683309547f79 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Thu, 26 Jul 2018 01:15:32 -0400 Subject: [PATCH 62/95] Have template compute number of workers wanted --- roles/lokole/templates/webapp.sh.j2 | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/lokole/templates/webapp.sh.j2 b/roles/lokole/templates/webapp.sh.j2 index 65a2738f0..0030e7c11 100644 --- a/roles/lokole/templates/webapp.sh.j2 +++ b/roles/lokole/templates/webapp.sh.j2 @@ -1,9 +1,9 @@ #!/usr/bin/env sh . '${opwen_webapp_envs}' -'{{lokole_venv}}/bin/gunicorn' \\ - --timeout='300' \\ - --workers='${opwen_webapp_workers}' \\ - --bind='unix:{{lokole_domain_socket}}' \\ - --log-level='error' \\ +'{{lokole_venv}}/bin/gunicorn' \ + --timeout='300' \ + --workers='{{ [4, ansible_memtotal_mb / 200] | min | int }}' \ + --bind='unix:{{lokole_domain_socket}}' \ + --log-level='error' \ 'opwen_email_client.webapp:app' From 24a67c504c16e8962c45b92719d366a1c8f8d2a5 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Thu, 26 Jul 2018 01:20:07 -0400 Subject: [PATCH 63/95] Add play for writing Gunicorn config file --- roles/lokole/tasks/install.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index 36b25a674..5fd7681e4 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -35,6 +35,15 @@ tags: - configure +- name: Configure Gunicorn + template: + src: webapp.sh.j2 + dest: "{{ lokole_run_directory }}/webapp.sh" + tags: + - configure + + + # Everything below this line is unused - name: Copy lokole httpd conf file From 65aa02c5566dc078b68ecb6e0204ed93bbbf048e Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Thu, 26 Jul 2018 22:45:11 -0400 Subject: [PATCH 64/95] Fix templating and add comments to httpd config file --- roles/lokole/templates/lokole.conf.j2 | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/roles/lokole/templates/lokole.conf.j2 b/roles/lokole/templates/lokole.conf.j2 index b31bd771c..5c3f96fb7 100644 --- a/roles/lokole/templates/lokole.conf.j2 +++ b/roles/lokole/templates/lokole.conf.j2 @@ -1,8 +1,10 @@ +# Root directory goes to Lokole web server ProxyPass {{ lokole_url }} http://unix:{{lokole_domain_socket}} +# /static directory is stored on filesystem +Alias {{ lokole_url }}/static {{ lokole_install_path }} -Alias {{ lokole_url }} {{ lokole_abs_path }} - + Options Indexes FollowSymLinks AllowOverride All Require all granted From e9c0f3ab9693d0606dde44e8e51cb84766deade2 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Fri, 27 Jul 2018 00:31:17 -0400 Subject: [PATCH 65/95] Security features --- roles/lokole/templates/lokole.conf.j2 | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/roles/lokole/templates/lokole.conf.j2 b/roles/lokole/templates/lokole.conf.j2 index 5c3f96fb7..3587d26de 100644 --- a/roles/lokole/templates/lokole.conf.j2 +++ b/roles/lokole/templates/lokole.conf.j2 @@ -7,5 +7,13 @@ Alias {{ lokole_url }}/static {{ lokole_install_path }} Options Indexes FollowSymLinks AllowOverride All + + # Don't allow modifications in static directory Require all granted + + Require all denied + + +# Disable TRACE to prevent cross-site tracing +TraceEnable off From 1af7166049b53e1dfbabc87fc0410e7c05abf6ba Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Fri, 27 Jul 2018 00:31:58 -0400 Subject: [PATCH 66/95] We don't need to override --- roles/lokole/templates/lokole.conf.j2 | 1 - 1 file changed, 1 deletion(-) diff --git a/roles/lokole/templates/lokole.conf.j2 b/roles/lokole/templates/lokole.conf.j2 index 3587d26de..3816cdbca 100644 --- a/roles/lokole/templates/lokole.conf.j2 +++ b/roles/lokole/templates/lokole.conf.j2 @@ -6,7 +6,6 @@ Alias {{ lokole_url }}/static {{ lokole_install_path }} Options Indexes FollowSymLinks - AllowOverride All # Don't allow modifications in static directory Require all granted From 656e3214548bd4d169e36ec595c05f0352693412 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Fri, 27 Jul 2018 00:33:16 -0400 Subject: [PATCH 67/95] Directory listings are a privacy risk! --- roles/lokole/templates/lokole.conf.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/lokole/templates/lokole.conf.j2 b/roles/lokole/templates/lokole.conf.j2 index 3816cdbca..33561e427 100644 --- a/roles/lokole/templates/lokole.conf.j2 +++ b/roles/lokole/templates/lokole.conf.j2 @@ -5,7 +5,7 @@ ProxyPass {{ lokole_url }} http://unix:{{lokole_domain_socket}} Alias {{ lokole_url }}/static {{ lokole_install_path }} - Options Indexes FollowSymLinks + Options FollowSymLinks # Don't allow modifications in static directory Require all granted From 8f2cfea1861342456735d1f3f9f04a715524cb0e Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Sat, 28 Jul 2018 00:58:27 -0400 Subject: [PATCH 68/95] /static only contains static content, not attachments This reverts commit cf75610fcfe29c693659185b3d9bfd84114426d7. --- roles/lokole/templates/lokole.conf.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/lokole/templates/lokole.conf.j2 b/roles/lokole/templates/lokole.conf.j2 index 33561e427..3816cdbca 100644 --- a/roles/lokole/templates/lokole.conf.j2 +++ b/roles/lokole/templates/lokole.conf.j2 @@ -5,7 +5,7 @@ ProxyPass {{ lokole_url }} http://unix:{{lokole_domain_socket}} Alias {{ lokole_url }}/static {{ lokole_install_path }} - Options FollowSymLinks + Options Indexes FollowSymLinks # Don't allow modifications in static directory Require all granted From d1e68050e84e2a659b320befc0e64ce14f9e12ab Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Sun, 29 Jul 2018 13:57:14 -0400 Subject: [PATCH 69/95] Use Apache's domain socket URI syntax --- roles/lokole/templates/lokole.conf.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/lokole/templates/lokole.conf.j2 b/roles/lokole/templates/lokole.conf.j2 index 3816cdbca..9ed5b4b23 100644 --- a/roles/lokole/templates/lokole.conf.j2 +++ b/roles/lokole/templates/lokole.conf.j2 @@ -1,5 +1,5 @@ # Root directory goes to Lokole web server -ProxyPass {{ lokole_url }} http://unix:{{lokole_domain_socket}} +ProxyPass {{ lokole_url }} unix:{{ lokole_domain_socket }}|{{ lokole_full_url }} # /static directory is stored on filesystem Alias {{ lokole_url }}/static {{ lokole_install_path }} From 0675ad8777d37fd4b259aea1ee0d33ca0bfe2f73 Mon Sep 17 00:00:00 2001 From: rgangela99 Date: Sat, 28 Jul 2018 13:24:12 -0400 Subject: [PATCH 70/95] add systemd service and add task to compile translations --- roles/lokole/defaults/main.yml | 2 +- roles/lokole/tasks/install.yml | 46 ++++++++++++++++++++++------- roles/lokole/templates/webapp.sh.j2 | 4 +-- 3 files changed, 39 insertions(+), 13 deletions(-) diff --git a/roles/lokole/defaults/main.yml b/roles/lokole/defaults/main.yml index 6bac2fd35..f69099d63 100644 --- a/roles/lokole/defaults/main.yml +++ b/roles/lokole/defaults/main.yml @@ -14,7 +14,7 @@ lokole_enabled: True lokole_url: /lokole lokole_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}/{{ lokole_url }}" -lokole_domain_socket: "{{ lokole_install_path }}/lokole_gunicorn.sock" +lokole_domain_socket: "{{ lokole_run_directory }}/lokole_gunicorn.sock" # Global variables provided by setup-lokole.sh L157-166 # https://github.com/ascoderu/opwen-webapp/blob/master/setup/setup-lokole.sh#L157 diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index 5fd7681e4..6828fe652 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -22,11 +22,22 @@ tags: - install when: internet_available - + +- name: Compile translations + shell: | + python_version=$(python3 -c 'from sys import version_info; print("%s.%s" % (version_info.major, version_info.minor));';) + {{ lokole_venv }}/bin/pybabel compile -d {{ item }}/translations + with_items: + - "{{ lokole_venv }}/lib/python${python_version}/site-packages/opwen_email_client/webapp" + tags: + - install + - name: Create run directory file: path: "{{ lokole_run_directory }}" state: directory + tags: + - configure - name: Configure Lokole template: @@ -39,10 +50,31 @@ template: src: webapp.sh.j2 dest: "{{ lokole_run_directory }}/webapp.sh" + mode: a+x tags: - configure +- name: Create 'lokole' service + template: + src: lokole.service.j2 + dest: "/etc/systemd/system/lokole.service" + tags: + - systemd +- name: Enable 'lokole' service + systemd: + daemon_reload: yes + name: lokole + enabled: yes + state: restarted + when: lokole_enabled + +- name: Disable 'lokole' service + systemd: + name: lokole + enabled: no + state: stopped + when: not lokole_enabled # Everything below this line is unused @@ -53,7 +85,7 @@ - name: Enable httpd conf file if we are disabled (debuntu) file: - src: /etc/apache2/sites-available/lokole.conf + src: /etc/{{ apache_config_dir }}/lokole.conf dest: /etc/apache2/sites-enabled/lokole.conf state: link when: lokole_enabled and is_debuntu @@ -80,14 +112,8 @@ value: lokole - option: description value: '"lokole is an email service."' - - option: lokole_src - value: "{{ lokole_src }}" - - option: lokole_abs_path - value: "{{ lokole_abs_path }}" - - option: lokole_db_name - value: "{{ lokole_db_name }}" - - option: lokole_db_user - value: "{{ lokole_db_user }}" + - option: lokole_run_directory + value: "{{ lokole_run_directory }}" - option: lokole_url value: "{{ lokole_url }}" - option: lokole_full_url diff --git a/roles/lokole/templates/webapp.sh.j2 b/roles/lokole/templates/webapp.sh.j2 index 0030e7c11..87290925a 100644 --- a/roles/lokole/templates/webapp.sh.j2 +++ b/roles/lokole/templates/webapp.sh.j2 @@ -1,9 +1,9 @@ #!/usr/bin/env sh -. '${opwen_webapp_envs}' +. '{{lokole_run_directory}}/webapp_secrets.sh' '{{lokole_venv}}/bin/gunicorn' \ --timeout='300' \ --workers='{{ [4, ansible_memtotal_mb / 200] | min | int }}' \ - --bind='unix:{{lokole_domain_socket}}' \ + --bind='unix:{{ lokole_domain_socket }}' \ --log-level='error' \ 'opwen_email_client.webapp:app' From 7920722aa350e62e46e45a1c718dbb3e4e39248d Mon Sep 17 00:00:00 2001 From: rgangela99 Date: Sat, 28 Jul 2018 13:31:33 -0400 Subject: [PATCH 71/95] Add /lokole/ to path for links from webapp --- roles/lokole/defaults/main.yml | 2 +- roles/lokole/templates/lokole.conf.j2 | 11 ++++++++++- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/roles/lokole/defaults/main.yml b/roles/lokole/defaults/main.yml index f69099d63..afb4458b0 100644 --- a/roles/lokole/defaults/main.yml +++ b/roles/lokole/defaults/main.yml @@ -12,7 +12,7 @@ lokole_install: True lokole_enabled: True lokole_url: /lokole -lokole_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}/{{ lokole_url }}" +lokole_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}{{ lokole_url }}" lokole_domain_socket: "{{ lokole_run_directory }}/lokole_gunicorn.sock" diff --git a/roles/lokole/templates/lokole.conf.j2 b/roles/lokole/templates/lokole.conf.j2 index 9ed5b4b23..10f5ff65b 100644 --- a/roles/lokole/templates/lokole.conf.j2 +++ b/roles/lokole/templates/lokole.conf.j2 @@ -1,5 +1,14 @@ # Root directory goes to Lokole web server -ProxyPass {{ lokole_url }} unix:{{ lokole_domain_socket }}|{{ lokole_full_url }} + +ProxyRequests off +ProxyPass {{ lokole_url }}/ unix:{{ lokole_domain_socket }}|http://{{ iiab_hostname }}.{{ iiab_domain }}/ + + + ProxyPassReverse / + ProxyHTMLEnable On + ProxyHTMLURLMap / {{ lokole_url }}/ + RequestHeader unset Accept-Encoding + # /static directory is stored on filesystem Alias {{ lokole_url }}/static {{ lokole_install_path }} From f6ca22f8a0abf40009c7b4c278dfd6d35d123f76 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Mon, 8 Oct 2018 20:01:15 -0400 Subject: [PATCH 72/95] Don't use with_items: deprecated --- roles/lokole/tasks/install.yml | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index 6828fe652..76fe7137d 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -1,15 +1,14 @@ - name: Install packages required by Lokole apt: - name: "{{ item }}" + name: + - python3 + - python3-pip + - python3-venv + - python3-dev + - libffi-dev + - libssl-dev + - bcrypt state: present - with_items: - - python3 - - python3-pip - - python3-venv - - python3-dev - - libffi-dev - - libssl-dev - - bcrypt tags: - install From 0734549df989221fecbcfcc41debfbaad674d11b Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Mon, 8 Oct 2018 20:12:40 -0400 Subject: [PATCH 73/95] Remove "unused" disclaimer --- roles/lokole/tasks/install.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index 76fe7137d..c53476f29 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -75,8 +75,6 @@ state: stopped when: not lokole_enabled -# Everything below this line is unused - - name: Copy lokole httpd conf file template: src: lokole.conf.j2 From fa57a5314e2790dfbec9a603f86c2fa339f9c11f Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Tue, 9 Oct 2018 21:08:42 -0400 Subject: [PATCH 74/95] Begin work on README.rst --- roles/lokole/README.rst | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/roles/lokole/README.rst b/roles/lokole/README.rst index 149bcc24d..729323c89 100644 --- a/roles/lokole/README.rst +++ b/roles/lokole/README.rst @@ -2,4 +2,16 @@ Lokole README ============= -This Ansible role installs Lokole within Internet-in-a-Box. +This Ansible role installs the `Lokole web app `_ within Internet-in-a-Box. Lokole is a project by the Canadian-Congolese non-profit `Ascoderu `_. + +The Lokole is a simple email client that offers functionality like: + +1. Self-service creation of user accounts +2. Read emails sent to the account +3. Write emails including rich formatting +4. Send attachments + +Using It +-------- + +Lokole should be accessible at http://box/lokole/. From 77407e4820c125e53df6a7ff084bdff150c92163 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 3 Nov 2018 13:23:31 -0400 Subject: [PATCH 75/95] This is backwards Co-Authored-By: aidan-fitz --- roles/lokole/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index c53476f29..e5e20e9b1 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -80,7 +80,7 @@ src: lokole.conf.j2 dest: "/etc/{{ apache_config_dir }}/lokole.conf" -- name: Enable httpd conf file if we are disabled (debuntu) +- name: Enable httpd conf file if lokole_enabled (debuntu) file: src: /etc/{{ apache_config_dir }}/lokole.conf dest: /etc/apache2/sites-enabled/lokole.conf From eed01b133317cdd4828d365726faa45202f49edd Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 3 Nov 2018 13:23:42 -0400 Subject: [PATCH 76/95] Put this string in quotes Co-Authored-By: aidan-fitz --- roles/lokole/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index e5e20e9b1..079ebcc50 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -82,7 +82,7 @@ - name: Enable httpd conf file if lokole_enabled (debuntu) file: - src: /etc/{{ apache_config_dir }}/lokole.conf + src: "/etc/{{ apache_config_dir }}/lokole.conf" dest: /etc/apache2/sites-enabled/lokole.conf state: link when: lokole_enabled and is_debuntu From 116c0ea0d8071f744d6f594a84b1a83804a698f7 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 3 Nov 2018 13:24:08 -0400 Subject: [PATCH 77/95] ini location may vary Co-Authored-By: aidan-fitz --- roles/lokole/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index 079ebcc50..4b520f1ae 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -98,7 +98,7 @@ name: "{{ apache_service }}" state: restarted -- name: Add 'lokole' to list of services at /etc/iiab/iiab.ini +- name: Add 'lokole' variable values to {{ iiab_ini_file }} ini_file: dest: "{{ service_filelist }}" section: lokole From 1374aa89ec82c6d15c23b483de9124b140c039fc Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 3 Nov 2018 13:25:57 -0400 Subject: [PATCH 78/95] Update roles/lokole/tasks/install.yml Co-Authored-By: aidan-fitz --- roles/lokole/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index 4b520f1ae..97ec4947c 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -100,7 +100,7 @@ - name: Add 'lokole' variable values to {{ iiab_ini_file }} ini_file: - dest: "{{ service_filelist }}" + path: "{{ iiab_ini_file }}" section: lokole option: "{{ item.option }}" value: "{{ item.value }}" From 791dc952d4379155b4ae7d8375cf2e2be0ccce3d Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 3 Nov 2018 13:26:04 -0400 Subject: [PATCH 79/95] Put in quotes Co-Authored-By: aidan-fitz --- roles/lokole/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/lokole/defaults/main.yml b/roles/lokole/defaults/main.yml index afb4458b0..63fcfaf44 100644 --- a/roles/lokole/defaults/main.yml +++ b/roles/lokole/defaults/main.yml @@ -6,7 +6,7 @@ lokole_venv: "{{ lokole_install_path }}/venv" # Information needed to run Lokole lokole_user: lokole -lokole_run_directory: /home/{{ lokole_user }}/state +lokole_run_directory: "/home/{{ lokole_user }}/state" lokole_install: True lokole_enabled: True From 0b31c608c307a076ecd423d6fdbc6b8a68b1af32 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 3 Nov 2018 13:26:14 -0400 Subject: [PATCH 80/95] Put in double quotes Co-Authored-By: aidan-fitz --- roles/lokole/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/lokole/defaults/main.yml b/roles/lokole/defaults/main.yml index 63fcfaf44..61bdd7c73 100644 --- a/roles/lokole/defaults/main.yml +++ b/roles/lokole/defaults/main.yml @@ -18,5 +18,5 @@ lokole_domain_socket: "{{ lokole_run_directory }}/lokole_gunicorn.sock" # Global variables provided by setup-lokole.sh L157-166 # https://github.com/ascoderu/opwen-webapp/blob/master/setup/setup-lokole.sh#L157 -opwen_server_locale: '{{ default_language }}' +opwen_server_locale: "{{ default_language }}" opwen_server_timezone: '{{ local_tz }}' From 9659350d9992b013ac1f659cb09f009d09f28a80 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 3 Nov 2018 13:26:30 -0400 Subject: [PATCH 81/95] Use double quotes Co-Authored-By: aidan-fitz --- roles/lokole/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/lokole/defaults/main.yml b/roles/lokole/defaults/main.yml index 61bdd7c73..e5cfc77c1 100644 --- a/roles/lokole/defaults/main.yml +++ b/roles/lokole/defaults/main.yml @@ -19,4 +19,4 @@ lokole_domain_socket: "{{ lokole_run_directory }}/lokole_gunicorn.sock" # Global variables provided by setup-lokole.sh L157-166 # https://github.com/ascoderu/opwen-webapp/blob/master/setup/setup-lokole.sh#L157 opwen_server_locale: "{{ default_language }}" -opwen_server_timezone: '{{ local_tz }}' +opwen_server_timezone: "{{ local_tz }}" From 916a1c48cabf0ea6e650de1a05b343a8f1a40b81 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 3 Nov 2018 13:28:15 -0400 Subject: [PATCH 82/95] Remove quotes Co-Authored-By: aidan-fitz --- roles/lokole/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index 97ec4947c..7accb17e7 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -56,7 +56,7 @@ - name: Create 'lokole' service template: src: lokole.service.j2 - dest: "/etc/systemd/system/lokole.service" + dest: /etc/systemd/system/lokole.service tags: - systemd From 719a1df13d186fe8276f76c63ed56e23d99c7df6 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 4 Nov 2018 01:14:53 -0400 Subject: [PATCH 83/95] Update test.yml --- tests/test.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/test.yml b/tests/test.yml index 3d858cc75..858e12830 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -32,6 +32,7 @@ - { role: kalite } - { role: kiwix } - { role: kolibri } + - { role: lokole } - { role: mediawiki } - { role: mongodb } - { role: monit } From 134093e07a78a3334cdb2185326b86620b164ca9 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 4 Nov 2018 01:16:21 -0400 Subject: [PATCH 84/95] Update README.rst --- roles/lokole/README.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/lokole/README.rst b/roles/lokole/README.rst index 729323c89..6c84e42df 100644 --- a/roles/lokole/README.rst +++ b/roles/lokole/README.rst @@ -2,7 +2,7 @@ Lokole README ============= -This Ansible role installs the `Lokole web app `_ within Internet-in-a-Box. Lokole is a project by the Canadian-Congolese non-profit `Ascoderu `_. +This Ansible role installs the `Lokole web app `_ within Internet-in-a-Box. Lokole is a project by the Canadian-Congolese non-profit `Ascoderu `_. The Lokole is a simple email client that offers functionality like: @@ -14,4 +14,4 @@ The Lokole is a simple email client that offers functionality like: Using It -------- -Lokole should be accessible at http://box/lokole/. +Lokole should be accessible at http://box/lokole From 99624b9f12020830a3d4d28a5d841dcfe4a5e729 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 4 Nov 2018 01:22:12 -0400 Subject: [PATCH 85/95] Update main.yml --- roles/lokole/defaults/main.yml | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/roles/lokole/defaults/main.yml b/roles/lokole/defaults/main.yml index e5cfc77c1..b1272ad1b 100644 --- a/roles/lokole/defaults/main.yml +++ b/roles/lokole/defaults/main.yml @@ -1,10 +1,9 @@ ---- -# Information needed to install Lokole +# Info needed to install Lokole lokole_version: "0.1.24" -lokole_install_path: "{{ content_base }}/lokole" -lokole_venv: "{{ lokole_install_path }}/venv" +lokole_install_path: "{{ content_base }}/lokole" # /library/lokole +lokole_venv: "{{ lokole_install_path }}/venv" # /library/lokole/venv -# Information needed to run Lokole +# Info needed to run Lokole lokole_user: lokole lokole_run_directory: "/home/{{ lokole_user }}/state" @@ -12,7 +11,7 @@ lokole_install: True lokole_enabled: True lokole_url: /lokole -lokole_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}{{ lokole_url }}" +lokole_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}{{ lokole_url }}" # http://box.lan/lokole lokole_domain_socket: "{{ lokole_run_directory }}/lokole_gunicorn.sock" From 5e2000400b79c250cbcd6b86d30a0eac75bef863 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 4 Nov 2018 01:23:59 -0400 Subject: [PATCH 86/95] Update main.yml --- roles/lokole/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/lokole/tasks/main.yml b/roles/lokole/tasks/main.yml index dee0435b3..55a1173c0 100644 --- a/roles/lokole/tasks/main.yml +++ b/roles/lokole/tasks/main.yml @@ -1,3 +1,3 @@ -- name: Include the install playbook +- name: Run Lokole's install.yml if lokole_install include_tasks: install.yml when: lokole_install From a3fcf0b36739ceb5bf58dca500d9a661f07243e0 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 4 Nov 2018 01:26:15 -0400 Subject: [PATCH 87/95] Update default_vars.yml --- vars/default_vars.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 2bbd8fe7b..067b2f72f 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -290,6 +290,10 @@ elgg_mysql_password: elgg4kids ejabberd_install: False ejabberd_enabled: False +# Lokole (email) +lokole_install: True +lokole_enabled: False + # Nextcloud nextcloud_install: True nextcloud_enabled: False From a67f6423a7ef5d23d39ae2f55e59c3931749abde Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 4 Nov 2018 01:26:48 -0400 Subject: [PATCH 88/95] Update local_vars_min.yml --- vars/local_vars_min.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/vars/local_vars_min.yml b/vars/local_vars_min.yml index 71d10826f..16511c97a 100644 --- a/vars/local_vars_min.yml +++ b/vars/local_vars_min.yml @@ -170,6 +170,9 @@ elgg_enabled: False ejabberd_install: False ejabberd_enabled: False +lokole_install: False +lokole_enabled: False + nextcloud_install: False nextcloud_enabled: False From 01772882c69d0160e56d06b3bb94e0afa02a1271 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 4 Nov 2018 01:27:06 -0400 Subject: [PATCH 89/95] Update local_vars_medium.yml --- vars/local_vars_medium.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/vars/local_vars_medium.yml b/vars/local_vars_medium.yml index 26e3e3b0d..c024cfe4d 100644 --- a/vars/local_vars_medium.yml +++ b/vars/local_vars_medium.yml @@ -170,6 +170,9 @@ elgg_enabled: True ejabberd_install: False ejabberd_enabled: False +lokole_install: False +lokole_enabled: False + nextcloud_install: True nextcloud_enabled: True From 39da463121d1f573526659e5574b4ab07718d1d0 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 4 Nov 2018 01:27:40 -0400 Subject: [PATCH 90/95] Update local_vars_big.yml --- vars/local_vars_big.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/vars/local_vars_big.yml b/vars/local_vars_big.yml index 5548682bb..2cc707ec2 100644 --- a/vars/local_vars_big.yml +++ b/vars/local_vars_big.yml @@ -170,6 +170,9 @@ elgg_enabled: True ejabberd_install: True ejabberd_enabled: False +lokole_install: True +lokole_enabled: True + nextcloud_install: True nextcloud_enabled: True From 6fd91dacd51fd75fe978781d405dda1583d3430d Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 4 Nov 2018 01:32:26 -0400 Subject: [PATCH 91/95] Update main.yml --- roles/6-generic-apps/tasks/main.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/6-generic-apps/tasks/main.yml b/roles/6-generic-apps/tasks/main.yml index 8712e315c..b7fe93cc2 100644 --- a/roles/6-generic-apps/tasks/main.yml +++ b/roles/6-generic-apps/tasks/main.yml @@ -27,6 +27,12 @@ when: ejabberd_install tags: ejabberd +- name: LOKOLE + include_role: + name: lokole + when: lokole_install + tags: lokole + - name: NEXTCLOUD include_role: name: nextcloud @@ -44,12 +50,6 @@ name: wordpress when: wordpress_install tags: wordpress - -- name: LOKOLE - include_role: - name: lokole - when: lokole_install - tags: lokole - name: Recording STAGE 6 HAS COMPLETED ==================== lineinfile: From 6c0deea8cc0719033a76031cb9c960cf6c3a7275 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 4 Nov 2018 01:33:09 -0400 Subject: [PATCH 92/95] Update lokole.conf.j2 --- roles/lokole/templates/lokole.conf.j2 | 2 ++ 1 file changed, 2 insertions(+) diff --git a/roles/lokole/templates/lokole.conf.j2 b/roles/lokole/templates/lokole.conf.j2 index 10f5ff65b..5462444e8 100644 --- a/roles/lokole/templates/lokole.conf.j2 +++ b/roles/lokole/templates/lokole.conf.j2 @@ -1,5 +1,7 @@ # Root directory goes to Lokole web server +RedirectMatch ^{{ lokole_url }}$ {{ lokole_url }}/ + ProxyRequests off ProxyPass {{ lokole_url }}/ unix:{{ lokole_domain_socket }}|http://{{ iiab_hostname }}.{{ iiab_domain }}/ From 8f94e3373b2c1a6b964e5508cf298fcbca9f6de3 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 4 Nov 2018 01:50:04 -0400 Subject: [PATCH 93/95] Update install.yml --- roles/lokole/tasks/install.yml | 32 +++++++++++++++++++------------- 1 file changed, 19 insertions(+), 13 deletions(-) diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index 7accb17e7..203fe49fe 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -1,4 +1,4 @@ -- name: Install packages required by Lokole +- name: "Install 7 packages for Lokole: python3, python3-pip, python3-venv, python3-dev, libffi-dev, libssl-dev, bcrypt" apt: name: - python3 @@ -12,7 +12,7 @@ tags: - install -- name: Install Lokole from PyPI +- name: pip install opwen_email_client (Lokole) {{ lokole_version }} from PyPI to {{ lokole_venv }} pip: name: opwen_email_client version: "{{ lokole_version }}" @@ -31,21 +31,21 @@ tags: - install -- name: Create run directory +- name: Create dir {{ lokole_run_directory }} file: path: "{{ lokole_run_directory }}" state: directory tags: - configure -- name: Configure Lokole +- name: Install {{ lokole_run_directory }}/webapp_secrets.sh from template, to configure Lokole template: src: webapp_secrets.sh.j2 dest: "{{ lokole_run_directory }}/webapp_secrets.sh" tags: - configure -- name: Configure Gunicorn +- name: Install {{ lokole_run_directory }}/webapp.sh from template, to configure Gunicorn template: src: webapp.sh.j2 dest: "{{ lokole_run_directory }}/webapp.sh" @@ -53,14 +53,14 @@ tags: - configure -- name: Create 'lokole' service +- name: Install unit file /etc/systemd/system/lokole.service from template template: src: lokole.service.j2 dest: /etc/systemd/system/lokole.service tags: - systemd -- name: Enable 'lokole' service +- name: Enable & Restart 'lokole' systemd service, with daemon_reload, if lokole_enabled systemd: daemon_reload: yes name: lokole @@ -68,32 +68,38 @@ state: restarted when: lokole_enabled -- name: Disable 'lokole' service +- name: Disable 'lokole' service, if not lokole_enabled systemd: name: lokole enabled: no state: stopped when: not lokole_enabled -- name: Copy lokole httpd conf file +- name: Install /etc/{{ apache_config_dir }}/lokole.conf from template, for http://box/lokole template: src: lokole.conf.j2 dest: "/etc/{{ apache_config_dir }}/lokole.conf" -- name: Enable httpd conf file if lokole_enabled (debuntu) +- name: Symlink /etc/apache2/sites-enabled/lokole.conf to /etc/{{ apache_config_dir }}/lokole.conf, if lokole_enabled (debuntu) file: src: "/etc/{{ apache_config_dir }}/lokole.conf" - dest: /etc/apache2/sites-enabled/lokole.conf + path: /etc/apache2/sites-enabled/lokole.conf state: link when: lokole_enabled and is_debuntu -- name: Remove httpd conf file if we are disabled (OS's other than debuntu) +- name: Remove /etc/apache2/sites-enabled/lokole.conf, if not lokole_enabled (debuntu) file: path: /etc/apache2/sites-enabled/lokole.conf state: absent when: not lokole_enabled and is_debuntu -- name: Restart Apache, so it picks up the new aliases +- name: Remove /etc/{{ apache_config_dir }}/lokole.conf, if not lokole_enabled (OS's other than debuntu) + file: + path: "/etc/{{ apache_config_dir }}/lokole.conf" + state: absent + when: (not lokole_enabled) and (not is_debuntu) + +- name: Restart Apache ({{ apache_service }}) to enable/disable http://box/lokole service: name: "{{ apache_service }}" state: restarted From cd4f5d23a72a288d29e077f797aaaa636d750f22 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 4 Nov 2018 01:54:42 -0400 Subject: [PATCH 94/95] Update README.rst --- roles/lokole/README.rst | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/roles/lokole/README.rst b/roles/lokole/README.rst index 6c84e42df..824202d07 100644 --- a/roles/lokole/README.rst +++ b/roles/lokole/README.rst @@ -15,3 +15,8 @@ Using It -------- Lokole should be accessible at http://box/lokole + +Known Issues +------------ + +Please see `#1282 `_. From 2a486b7b0ffdf80b1c3efe925a80215900683b23 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 4 Nov 2018 01:14:14 -0500 Subject: [PATCH 95/95] Update install.yml --- roles/lokole/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index 203fe49fe..68f368fdb 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -114,7 +114,7 @@ - option: name value: lokole - option: description - value: '"lokole is an email service."' + value: '"Lokole is an email service that works offline, for rural communities."' - option: lokole_run_directory value: "{{ lokole_run_directory }}" - option: lokole_url