external/iiab
1
0
Fork 0
mirror of https://github.com/iiab/iiab.git synced 2025-03-09 15:40:17 +00:00
Code Issues Releases Wiki Activity

Lokole system user

Browse source
This commit is contained in:
Jerry Vonau 2021-05-18 06:29:05 -05:00
parent 719c88a930
commit a85418df12
5 changed files with 23 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

3
roles/lokole/defaults/main.yml
View file

@ -22,8 +22,9 @@ lokole_venv: "{{ lokole_install_path }}/venv" # /library/lokole/venv
# Info needed to run Lokole:
lokole_user: lokole
lokole_url: /lokole
lokole_uid: "2000"
lokole_run_directory: /home/{{ lokole_user }}/state
lokole_domain_socket: "{{ lokole_run_directory }}/lokole_gunicorn.sock"
lokole_domain_socket: "/run/lokole_gunicorn.sock"
lokole_sim_type: LocalOnly
lokole_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}{{ lokole_url }}" # http://box.lan/lokole

16
roles/lokole/tasks/install.yml
View file

@ -71,6 +71,14 @@
with_items:
- "{{ lokole_venv }}/lib/python${python_version}/site-packages/opwen_email_client/webapp"
- name: Create system {{ lokole_user }} user
ansible.builtin.user:
state: present
name: "{{ lokole_user }}"
system: yes
uid: "{{ lokole_uid }}"
home: /home/{{ lokole_user }}
- name: mkdir {{ lokole_run_directory }}
file:
state: directory
@ -79,15 +87,15 @@
# lets try to catch settings.env creation at registration time
# can't tell if the routine doesn't like settings.env being missing
- name: mkdir /lokole
- name: mkdir /{{ lokole_user }}
file:
state: directory
path: /lokole
path: /{{ lokole_user }}
- name: Link {{ lokole_run_directory }} to /lokole/state
file:
state: link
path: /lokole/state
path: "{{ lokole_user }}/state"
src: "{{ lokole_run_directory }}"
- name: Install {{ lokole_run_directory }}/webapp_secrets.sh from template, to configure Lokole
@ -102,7 +110,7 @@
dest: "{{ lokole_run_directory }}/webapp.sh"
mode: a+x
- name: Create admin user with password, for http://box{{ lokole_url }} # http://box/lokole
- name: Create Lokole admin user with password, for http://box{{ lokole_url }} # http://box/lokole
shell: |
. {{ lokole_run_directory }}/webapp_secrets.sh
{{ lokole_venv }}/bin/manage.py createadmin --name='{{ lokole_admin_user }}' --password='{{ lokole_admin_password }}'

2
roles/lokole/templates/celery.service.j2
View file

@ -6,7 +6,7 @@ Before=celerybeat.service
[Service]
Type=simple
ExecStart={{ lokole_venv }}/bin/celery --app=opwen_email_client.webapp.tasks worker --loglevel=info --concurrency=2
ExecStart={{ lokole_venv }}/bin/celery --uid={{ lokole_uid }} --gid={{ lokole_uid }} --app=opwen_email_client.webapp.tasks worker --loglevel=info --concurrency=2
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill TERM $MAINPID

7
roles/lokole/templates/settings.env.j2 Normal file
View file

@ -0,0 +1,7 @@
OPWEN_SIM_TYPE='{{ lokole_sim_type }}'
OPWEN_STATE_DIRECTORY='{{ lokole_run_directory }}'
OPWEN_APP_ROOT='{{ lokole_url }}/'
OPWEN_MAX_UPLOAD_SIZE_MB=10
OPWEN_SYNC_SCHEDULE='1,16,31,46 * * * *'
OPWEN_SESSION_KEY='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=32') }}'
OPWEN_PASSWORD_SALT='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=16') }}'

2
roles/lokole/templates/webapp_secrets.sh.j2
View file

@ -1,6 +1,6 @@
export OPWEN_SIM_TYPE='{{ lokole_sim_type }}'
export OPWEN_STATE_DIRECTORY='{{ lokole_run_directory }}'
export OPWEN_APP_ROOT='{{ lokole_url }}'
export OPWEN_APP_ROOT='{{ lokole_url }}/'
export OPWEN_MAX_UPLOAD_SIZE_MB=10
export OPWEN_SYNC_SCHEDULE='1,16,31,46 * * * *'
export OPWEN_SESSION_KEY='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=32') }}'