1
0
Fork 0
mirror of https://github.com/iiab/iiab.git synced 2025-03-09 15:40:17 +00:00

Merge pull request #56 from iiab/master

sync from iiab/iiab
This commit is contained in:
A Holt 2018-02-11 10:32:58 -05:00 committed by GitHub
commit 920d94d2c9
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 203 additions and 169 deletions

View file

@ -1,61 +1,68 @@
- name: Copy css files
copy: src={{ item }}
dest={{ doc_root }}/common/css
mode=0644
owner=root
group=root
copy:
src: "{{ item }}"
dest: "{{ doc_root }}/common/css"
mode: 0644
owner: root
group: root
with_fileglob:
- html/css/*.css
- html/css/*.css
- name: Copy js files
copy: src={{ item }}
dest={{ doc_root }}/common/js
mode=0644
owner=root
group=root
copy:
src: "{{ item }}"
dest: "{{ doc_root }}/common/js"
mode: 0644
owner: root
group: root
with_fileglob:
- html/js/*.js
- html/js/*.js
- name: Copy fonts files
copy: src={{ item }}
dest={{ doc_root }}/common/fonts
mode=0644
owner=root
group=root
copy:
src: "{{ item }}"
dest: "{{ doc_root }}/common/fonts"
mode: 0644
owner: root
group: root
with_fileglob:
- html/fonts/*
- html/fonts/*
- name: Copy html files
copy: src={{ item }}
dest={{ doc_root }}/common/html
mode=0644
owner=root
group=root
copy:
src: "{{ item }}"
dest: "{{ doc_root }}/common/html"
mode: 0644
owner: root
group: root
with_fileglob:
- html/html/*
- html/html/*
- name: Copy assets files
copy: src={{ item }}
dest={{ doc_root }}/common/assets
mode=0644
owner=root
group=root
copy:
src: "{{ item }}"
dest: "{{ doc_root }}/common/assets"
mode: 0644
owner: root
group: root
with_fileglob:
- html/assets/*
- html/assets/*
# copy all services, even if not permissioned elsewhere
- name: Copy services files
copy: src={{ item }}
dest={{ doc_root }}/common/services
mode=0644
owner=root
group=root
copy:
src: "{{ item }}"
dest: "{{ doc_root }}/common/services"
mode: 0644
owner: root
group: root
with_fileglob:
- html/services/*
- html/services/*
- name: Create symlink from assets to iiab.ini
file: src=/etc/iiab/iiab.ini
dest={{ doc_root }}/common/assets/iiab.ini
owner=root
group=root
state=link
file:
src: "/etc/iiab/iiab.ini"
dest: "{{ doc_root }}/common/assets/iiab.ini"
owner: root
group: root
state: link

View file

@ -1,6 +1,7 @@
- name: Install httpd required packages
package: name={{ item }}
state=present
- name: Install httpd required packages (debian)
package:
name: "{{ item }}"
state: present
with_items:
- apache2
- php{{ php_version }}
@ -10,17 +11,19 @@
- download
when: is_debian
- name: Debian changed sqlite name
package: name=php{{ php_version }}-sqlite
- name: Debian changed sqlite name (debian-8)
package:
name: "php{{ php_version }}-sqlite"
when: is_debian and ansible_distribution_major_version == "8"
#- name: Debian changed sqlite name
# package: name=php{{ php_version }}-sqlite3
# when: ansible_local.local_facts.os_ver == "debian-9"
- name: Install httpd required packages
package: name={{ item }}
state=present
- name: Install httpd required packages (ubuntu)
package:
name: "{{ item }}"
state: present
with_items:
- apache2
- php
@ -28,9 +31,10 @@
- download
when: is_ubuntu
- name: Install httpd required packages
package: name={{ item }}
state=present
- name: Install httpd required packages (redhat)
package:
name: "{{ item }}"
state: present
with_items:
- httpd
- php
@ -40,106 +44,120 @@
- download
when: is_redhat
- name: Remove the default apache2 config file
file: path=/etc/apache2/sites-enabled/000-default.conf
src=/etc/apache2/sites-available/000-default.conf
state=absent
- name: Remove the default apache2 config file (debuntu)
file:
path: /etc/apache2/sites-enabled/000-default.conf
src: /etc/apache2/sites-available/000-default.conf
state: absent
when: is_debuntu
- name: Create httpd config files
template: backup=yes
src={{ item.src }}
dest={{ item.dest }}
owner=root
group=root
mode={{ item.mode }}
template:
backup: yes
src: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: root
group: root
mode: "{{ item.mode }}"
with_items:
- { src: '010-iiab.conf.j2' , dest: '/etc/{{ apache_config_dir }}/010-iiab.conf', mode: '0755' }
- { src: 'proxy_ajp.conf.j2' , dest: '/etc/{{ apache_config_dir }}/proxy_ajp.conf', mode: '0644' }
- { src: 'php.ini.j2' , dest: '/etc/php.ini' , mode: '0644' }
- { src: '010-iiab.conf.j2' , dest: '/etc/{{ apache_config_dir }}/010-iiab.conf', mode: '0755' }
- { src: 'proxy_ajp.conf.j2' , dest: '/etc/{{ apache_config_dir }}/proxy_ajp.conf', mode: '0644' }
- { src: 'php.ini.j2' , dest: '/etc/php.ini' , mode: '0644' }
# remove symlinks for mpm-event, replace with mpm-prefork
- name: Remove mpm event links
file: path=/etc/apache2/mods-enabled/{{ item }}
state=absent
- name: Remove mpm event links (debuntu)
file:
path: "/etc/apache2/mods-enabled/{{ item }}"
state: absent
with_items:
- mpm_event.conf
- mpm_event.load
- mpm_event.conf
- mpm_event.load
when: is_debuntu
- name: Create symlinks for mpm-prefork
file: path=/etc/apache2/mods-enabled/{{ item }}
src=/etc/apache2/mods-available/{{ item }}
state=link
- name: Create symlinks for mpm-prefork (debuntu)
file:
path: "/etc/apache2/mods-enabled/{{ item }}"
src: "/etc/apache2/mods-available/{{ item }}"
state: link
with_items:
- mpm_prefork.conf
- mpm_prefork.load
- mpm_prefork.conf
- mpm_prefork.load
when: is_debuntu
- name: Turn on mod_proxy
- name: Turn on mod_proxy (debuntu)
command: a2enmod {{ item }}
with_items:
- proxy
- proxy_html
- headers
- rewrite
- proxy
- proxy_html
- headers
- rewrite
when: is_debuntu
- name: Create symlinks for enabling our site
file: path=/etc/apache2/sites-enabled/{{ item }}
src=/etc/apache2/sites-available/{{ item }}
state=link
- name: Create symlinks for enabling our site (debuntu)
file:
path: "/etc/apache2/sites-enabled/{{ item }}"
src: "/etc/apache2/sites-available/{{ item }}"
state: link
with_items:
- 010-iiab.conf
- 010-iiab.conf
when: is_debuntu
- name: Remove the default site container
file: dest=/etc/apache2/000-default.conf
state=absent
- name: Remove the default site container (debuntu)
file:
dest: /etc/apache2/000-default.conf
state: absent
when: is_debuntu
- name: Create http pid dir
file: path=/var/run/{{ apache_user }}
mode=0755
owner=root
group=root
state=directory
file:
path: "/var/run/{{ apache_user }}"
mode: 0755
owner: root
group: root
state: directory
- name: Create admin group
group: name=admin
state=present
group:
name: admin
state: present
- name: Add apache user to admin group
user: name={{ apache_user }}
groups=admin
state=present
createhome=no
user:
name: "{{ apache_user }}"
groups: admin
state: present
createhome: no
- name: Create httpd log dir
file: path=/var/log/{{ apache_service }}
mode=0755
owner={{ apache_user }}
group={{ apache_user }}
state=directory
file:
path: "/var/log/{{ apache_service }}"
mode: 0755
owner: "{{ apache_user }}"
group: "{{ apache_user }}"
state: directory
- name: Enable httpd
service: name={{ apache_service }}
enabled=yes
service:
name: "{{ apache_service }}"
enabled: yes
- name: Create iiab-info directory
file: path={{ doc_root }}/info
mode=0755
owner={{ apache_user }}
group={{ apache_user }}
state=directory
file:
path: "{{ doc_root }}/info"
mode: 0755
owner: "{{ apache_user }}"
group: "{{ apache_user }}"
state: directory
- name: Remove iiab-info.conf
file: dest=/etc/{{ apache_config_dir }}/iiab-info.conf
state=absent
file:
dest: "/etc/{{ apache_config_dir }}/iiab-info.conf"
state: absent
- name: Remove iiab-info.conf symlink
file: dest=/etc/apache2/sites-enabled/iiab-info.conf
state=absent
- name: Remove iiab-info.conf symlink (debuntu)
file:
dest: /etc/apache2/sites-enabled/iiab-info.conf
state: absent
when: is_debuntu
- include_tasks: html.yml
@ -147,17 +165,20 @@
- base
- name: Place the script to generate homepages
template: src=refresh-wiki-docs.sh
dest=/usr/bin/iiab-refresh-wiki-docs
mode=0755
template:
src: refresh-wiki-docs.sh
dest: /usr/bin/iiab-refresh-wiki-docs
mode: 0755
- name: Give apache_user permission for poweroff
template: src=020_apache_poweroff.j2
dest=/etc/sudoers.d/020_apache_poweroff
mode=0755
template:
src: 020_apache_poweroff.j2
dest: /etc/sudoers.d/020_apache_poweroff
mode: 0755
when: allow_apache_sudo
- name: Remove apache_user permission for poweroff
file: dest=/etc/sudoers.d/020_apache_poweroff
state=absent
file:
dest: /etc/sudoers.d/020_apache_poweroff
state: absent
when: not allow_apache_sudo

View file

@ -8,7 +8,7 @@ nextcloud_url: /nextcloud
nextcloud_prefix: /opt
nextcloud_data_dir: "{{ content_base }}/nextcloud/data"
nextcloud_dl_url: https://download.nextcloud.com/server/releases/
nextcloud_orig_src_file: latest-12.tar.bz2
nextcloud_orig_src_file: latest-13.tar.bz2
nextcloud_src_file: nextcloud_{{ nextcloud_orig_src_file }}
# we install on mysql with these setting or those from default_vars, etc.

View file

@ -137,10 +137,10 @@
password: "{{ nextcloud_dbpassword }}"
priv: "{{ nextcloud_dbname }}.*:ALL,GRANT"
with_items:
- "{{ nextcloud_dbhost }}"
- 127.0.0.1
- ::1
- localhost
- "{{ nextcloud_dbhost }}"
- 127.0.0.1
- ::1
- localhost
when: mysql_enabled and nextcloud_enabled

View file

@ -1,49 +1,54 @@
# This should go in computed_network.yml, but here for now
# This should go in computed_network.yml, but here for now
- name: Compute Nextcloud listen ip addr for nextcloud.conf
set_fact:
nextcloud_required_ip: "{{ ansible_default_ipv4.network }}/{{ ansible_default_ipv4.netmask }}"
nextcloud_required_ip: "{{ ansible_default_ipv4.network }}/{{ ansible_default_ipv4.netmask }}"
when: ansible_default_ipv4.network is defined
- name: Enable Nextcloud by copying template to httpd config
template: src=nextcloud.conf.j2
dest=/etc/{{ apache_config_dir }}/nextcloud.conf
owner=root
group=root
mode=0644
template:
src: nextcloud.conf.j2
dest: "/etc/{{ apache_config_dir }}/nextcloud.conf"
owner: root
group: root
mode: 0644
when: nextcloud_enabled
- name: Enable Nextcloud
file: path=/etc/apache2/sites-enabled/nextcloud.conf
src=/etc/apache2/sites-available/nextcloud.conf
state=link
- name: Enable Nextcloud (debuntu)
file:
path: /etc/apache2/sites-enabled/nextcloud.conf
src: /etc/apache2/sites-available/nextcloud.conf
state: link
when: nextcloud_enabled and is_debuntu
- name: For redhat, remove the config file
file: path=/etc/{{ apache_config_dir }}/nextcloud.conf
state=absent
- name: Remove the config file if not nextcloud_enabled (redhat)
file:
path: "/etc/{{ apache_config_dir }}/nextcloud.conf"
state: absent
when: not nextcloud_enabled and is_redhat
- name: Restart Apache, so it picks up the new aliases
service: name={{ apache_service }} state=restarted
service:
name: "{{ apache_service }}"
state: restarted
# the install wizard does not succeed if already installed
- name: Determine if Nextcloud is installed
shell: >
sudo -u {{ apache_user }} php
'{{ nextcloud_prefix }}/nextcloud/occ' status |
gawk '/installed:/ { print $3 }'
sudo -u {{ apache_user }} php
'{{ nextcloud_prefix }}/nextcloud/occ' status |
gawk '/installed:/ { print $3 }'
register: returned
- name: Run Nextcloud initial install wizard
shell: >
cd {{ nextcloud_prefix }}/nextcloud;
sudo -u {{ apache_user }} php occ maintenance:install
--database "mysql"
--database-name "{{ nextcloud_dbname }}"
--database-user "{{ nextcloud_dbuser }}"
--database-pass "{{ nextcloud_dbpassword }}"
--admin-user "{{ nextcloud_admin_user }}"
--admin-pass "{{ nextcloud_admin_password }}"
cd {{ nextcloud_prefix }}/nextcloud;
sudo -u {{ apache_user }} php occ maintenance:install
--database "mysql"
--database-name "{{ nextcloud_dbname }}"
--database-user "{{ nextcloud_dbuser }}"
--database-pass "{{ nextcloud_dbpassword }}"
--admin-user "{{ nextcloud_admin_user }}"
--admin-pass "{{ nextcloud_admin_password }}"
when: nextcloud_enabled and returned.stdout == "false"
- name: Allow access from all hosts and ips
@ -54,22 +59,23 @@
- name: Determine if Nextcloud user exists already
shell: >
sudo -u {{ apache_user }} php
'{{ nextcloud_prefix }}/nextcloud/occ' user:list |
grep {{ nextcloud_user }} | wc | cut -d' ' -f1
sudo -u {{ apache_user }} php
'{{ nextcloud_prefix }}/nextcloud/occ' user:list |
grep {{ nextcloud_user }} | wc | cut -d' ' -f1
register: returned_count
# nextcloud wants to make users rather than just mysql users and not done
- name: Create the default user
shell: >
su -s /bin/sh {{ apache_user }} -c
'OC_PASS={{ nextcloud_user_password }};
php {{ nextcloud_prefix }}/nextcloud/occ user:add
--password-from-env --display-name={{ nextcloud_user }}
--group="users" {{ nextcloud_user }}'
su -s /bin/sh {{ apache_user }} -c
'OC_PASS={{ nextcloud_user_password }};
php {{ nextcloud_prefix }}/nextcloud/occ user:add
--password-from-env --display-name={{ nextcloud_user }}
--group="users" {{ nextcloud_user }}'
when: nextcloud_enabled and returned_count == "0"
- name: Remove Rewrite URL
lineinfile: regexp='overwrite.cli.url'
state=absent
dest="{{ nextcloud_prefix }}/nextcloud/config/config.php"
lineinfile:
regexp: "overwrite.cli.url"
state: absent
dest: "{{ nextcloud_prefix }}/nextcloud/config/config.php"

View file

@ -3,7 +3,7 @@
# Installs or upgrades to the best possible Ansible release, so iiab-install
# can proceed. Ensure you're online before running this script!
GOOD_VER="2.4.2" # Ansible version for OLPC, for pip.
GOOD_VER="2.4.3" # Ansible version for OLPC, for pip.
# On other OS's we install/upgrade to the latest Ansible.
# Pin all to 2.4.x in future, if really/truly nec?
CURR_VER="undefined"
@ -20,7 +20,7 @@ if ! which ansible-playbook ; then
yum -y install ca-certificates nss epel-release
yum -y install git bzip2 file findutils gzip hg svn sudo tar which unzip xz zip libselinux-python
yum -y install python-pip python-setuptools python-wheel patch
yum -y install http://releases.ansible.com/ansible/rpm/release/epel-7-x86_64/ansible-2.4.2.0-1.el7.ans.noarch.rpm
yum -y install http://releases.ansible.com/ansible/rpm/release/epel-7-x86_64/ansible-2.4.3.0-1.el7.ans.noarch.rpm
# FOUND="true"
# FAMILY="redhat"
# elif [ -f /etc/fedora-release ]; then