ansible-roles/roles/wapt_server/tasks/conf.yml

---

- name: Create wapt DB user
  postgresql_user:
    db: postgres
    name: "{{ wapt_db_user }}"
    password: "{{ wapt_db_pass }}"
    login_host: "{{ wapt_db_server }}"
    login_user: sqladmin
    login_password: "{{ pg_admin_pass }}"
  tags: wapt

- name: Create the PostgreSQL database
  postgresql_db:
    name: wapt
    encoding: UTF-8
    template: template0
    owner: "{{ wapt_db_user }}"
    login_host: "{{ wapt_db_server }}"
    login_user: sqladmin
    login_password: "{{ pg_admin_pass }}"
  tags: wapt

- name: Enable the hstore extension
  postgresql_ext:
    db: "{{ wapt_db_name }}"
    login_host: "{{ wapt_db_server }}"
    login_user: sqladmin
    login_password: "{{ pg_admin_pass }}"
    name: hstore
  tags: wapt

- name: Configure WAPT server
  ini_file: path=/opt/wapt/conf/waptserver.ini section=options option={{ item.option }} value={{ item.value }}
  with_items:
    - option: db_name
      value: "{{ wapt_db_name }}"
    - option: db_host
      value: "{{ wapt_db_server }}"
    - option: db_user
      value: "{{ wapt_db_user }}"
    - option: db_password
      value: "{{ wapt_db_pass }}"
    - option: waptwua_folder
      value: /var/www/html/waptwua
    - option: server_uuid
      value: "{{ inventory_hostname | to_uuid }}"
    - option: allow_unauthenticated_connect
      value: 'False'
    - option: allow_unauthenticated_registration
      value: 'False'
    - option: secret_key
      value: "{{ wapt_secret_key }}"
    - option: use_kerberos
      value: 'False'
  notify: restart wapt
  tags: wapt

- name: Configure system proxy
  ini_file: path=/opt/wapt/conf/waptserver.ini section=options option=http_proxy value={{ system_proxy }}
  when: system_proxy is defined and system_proxy != ''
  notify: restart wapt
  tags: wapt

- name: Check if admin password is set
  command: grep -qP '^wapt_password' /opt/wapt/conf/waptserver.ini
  ignore_errors: True
  register: wapt_admin_pass_set
  changed_when: False
  tags: wapt

- when: wapt_admin_pass_set.rc != 0
  block:
    - name: Hash the WAPT admin password
      command: /opt/wapt/bin/python -c 'from passlib.hash import pbkdf2_sha256; print(pbkdf2_sha256.hash("admin".encode("utf8")))'
      register: wapt_admin_pass_hash
      changed_when: False

    - set_fact: wapt_admin_pass_hash={{ wapt_admin_pass_hash.stdout }}

    - name: Set default admin password
      ini_file: path=/opt/wapt/conf/waptserver.ini section=options option=wapt_password value={{ wapt_admin_pass_hash }}
      notify: restart wapt

  tags: wapt

- name: Set correct ownership for wapt configuration
  file: path=/opt/wapt/conf/waptserver.ini owner=wapt mode=0600
  tags: wapt

- name: Deploy nginx config
  template: src={{ item.src }}.j2 dest={{ item.dest }}
  loop:
    - src: nginx.conf
      dest: /etc/nginx/nginx.conf
    - src: wapt.conf
      dest: /etc/nginx/conf.d/wapt.conf
  notify: restart nginx
  tags: wapt
Update to 2023-03-24 18:00 2023-03-24 18:00:15 +01:00			`---`

			`- name: Create wapt DB user`
			`postgresql_user:`
			`db: postgres`
			`name: "{{ wapt_db_user }}"`
			`password: "{{ wapt_db_pass }}"`
			`login_host: "{{ wapt_db_server }}"`
			`login_user: sqladmin`
			`login_password: "{{ pg_admin_pass }}"`
			`tags: wapt`

			`- name: Create the PostgreSQL database`
			`postgresql_db:`
			`name: wapt`
			`encoding: UTF-8`
			`template: template0`
			`owner: "{{ wapt_db_user }}"`
			`login_host: "{{ wapt_db_server }}"`
			`login_user: sqladmin`
			`login_password: "{{ pg_admin_pass }}"`
			`tags: wapt`

			`- name: Enable the hstore extension`
			`postgresql_ext:`
			`db: "{{ wapt_db_name }}"`
			`login_host: "{{ wapt_db_server }}"`
			`login_user: sqladmin`
			`login_password: "{{ pg_admin_pass }}"`
			`name: hstore`
			`tags: wapt`

			`- name: Configure WAPT server`
			`ini_file: path=/opt/wapt/conf/waptserver.ini section=options option={{ item.option }} value={{ item.value }}`
			`with_items:`
			`- option: db_name`
			`value: "{{ wapt_db_name }}"`
			`- option: db_host`
			`value: "{{ wapt_db_server }}"`
			`- option: db_user`
			`value: "{{ wapt_db_user }}"`
			`- option: db_password`
			`value: "{{ wapt_db_pass }}"`
			`- option: waptwua_folder`
			`value: /var/www/html/waptwua`
			`- option: server_uuid`
			`value: "{{ inventory_hostname \| to_uuid }}"`
			`- option: allow_unauthenticated_connect`
			`value: 'False'`
			`- option: allow_unauthenticated_registration`
			`value: 'False'`
			`- option: secret_key`
			`value: "{{ wapt_secret_key }}"`
			`- option: use_kerberos`
			`value: 'False'`
			`notify: restart wapt`
			`tags: wapt`

			`- name: Configure system proxy`
			`ini_file: path=/opt/wapt/conf/waptserver.ini section=options option=http_proxy value={{ system_proxy }}`
			`when: system_proxy is defined and system_proxy != ''`
			`notify: restart wapt`
			`tags: wapt`

			`- name: Check if admin password is set`
			`command: grep -qP '^wapt_password' /opt/wapt/conf/waptserver.ini`
			`ignore_errors: True`
			`register: wapt_admin_pass_set`
			`changed_when: False`
			`tags: wapt`

			`- when: wapt_admin_pass_set.rc != 0`
			`block:`
			`- name: Hash the WAPT admin password`
			`command: /opt/wapt/bin/python -c 'from passlib.hash import pbkdf2_sha256; print(pbkdf2_sha256.hash("admin".encode("utf8")))'`
			`register: wapt_admin_pass_hash`
			`changed_when: False`

			`- set_fact: wapt_admin_pass_hash={{ wapt_admin_pass_hash.stdout }}`

			`- name: Set default admin password`
			`ini_file: path=/opt/wapt/conf/waptserver.ini section=options option=wapt_password value={{ wapt_admin_pass_hash }}`
			`notify: restart wapt`

			`tags: wapt`

			`- name: Set correct ownership for wapt configuration`
			`file: path=/opt/wapt/conf/waptserver.ini owner=wapt mode=0600`
			`tags: wapt`

			`- name: Deploy nginx config`
			`template: src={{ item.src }}.j2 dest={{ item.dest }}`
			`loop:`
			`- src: nginx.conf`
			`dest: /etc/nginx/nginx.conf`
			`- src: wapt.conf`
			`dest: /etc/nginx/conf.d/wapt.conf`
			`notify: restart nginx`
			`tags: wapt`