mirror of
https://git.lapiole.org/dani/ansible-roles.git
synced 2025-04-12 00:03:17 +02:00
Update to 2023-04-13 10:00
This commit is contained in:
Daniel Berteaud
parent
138c0bf3b2
commit
67ff12777e
@ -1,7 +1 @@
|
||||
---
|
||||
|
||||
dependencies:
|
||||
- role: repo_lux # EL8 doesn't have tomcat anymore
|
||||
when:
|
||||
- ansible_os_family == 'RedHat'
|
||||
- ansible_distribution_major_version is version('8','>=')
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
|
||||
glpi_id: 1
|
||||
glpi_manage_upgrade: True
|
||||
glpi_version: '10.0.6'
|
||||
glpi_version: '10.0.7'
|
||||
glpi_archive_url: https://github.com/glpi-project/glpi/releases/download/{{ glpi_version }}/glpi-{{ glpi_version }}.tgz
|
||||
glpi_archive_sha256: d30d915a7cdc2f0e117a38e86b528f787a41e5ffdf9c3a5f9f4a1b8a70bf91ce
|
||||
glpi_archive_sha256: 0d51de960272d3d5b322e83d74a8261423d4baefad5ef815402591e8ead04e53
|
||||
glpi_root_dir: /opt/glpi_{{ glpi_id }}
|
||||
glpi_php_user: php-glpi_{{ glpi_id }}
|
||||
# If set, will use the following custom PHP FPM pool, which must be created
|
||||
@ -43,17 +43,17 @@ glpi_plugins:
|
||||
sha256: fe1b9ad1ef9bc95953e47dc6b0112e028ed98c43656aab608bf06d0cb5e1bf4c
|
||||
url: https://github.com/InfotelGLPI/manufacturersimports/releases/download/3.0.5/glpi-manufacturersimports-3.0.5.tar.bz2
|
||||
tag:
|
||||
version: 2.10.0
|
||||
sha256: e3777fb313cd9b2d2b2ee8ef3a25fd35f1103659fc01629a13052dd0572d8d72
|
||||
url: https://github.com/pluginsGLPI/tag/releases/download/2.10.0/glpi-tag-2.10.0.tar.bz2
|
||||
version: 2.11.0
|
||||
sha256: 8804753e72b32892d7e5564386c54843850d21cf60198ce5da90b7deae8663e8
|
||||
url: https://github.com/pluginsGLPI/tag/releases/download/2.11.0/glpi-tag-2.11.0.tar.bz2
|
||||
mreporting:
|
||||
version: 1.8.2
|
||||
sha256: 6563eb016d9e2106f2f3ac99eaf8add4260797526f7ece32b42df895ec2d90b4
|
||||
url: https://github.com/pluginsGLPI/mreporting/releases/download/1.8.2/glpi-mreporting-1.8.2.tar.bz2
|
||||
fields:
|
||||
version: 1.20.0
|
||||
sha256: cb24179a4cc9f623b860e8b4a81a06ffa39c4c3baae98f2f71697f1b6eca1066
|
||||
url: https://github.com/pluginsGLPI/fields/releases/download/1.20.0/glpi-fields-1.20.0.tar.bz2
|
||||
version: 1.20.4
|
||||
sha256: e921ac7b5c76cd4b06e2855a69b74a944378614d4d7549d886def9362feee029
|
||||
url: https://github.com/pluginsGLPI/fields/releases/download/1.20.4/glpi-fields-1.20.4.tar.bz2
|
||||
webapplications:
|
||||
version: 4.0.1
|
||||
sha256: bbd3a9a01c2bd708af83563ed162ebfa9f56fdd616aaf6f1892e9a36e970ec9d
|
||||
|
||||
@ -14,6 +14,7 @@
|
||||
- "{{ glpi_root_dir }}/tmp/glpi"
|
||||
- "{{ glpi_root_dir }}/tmp/glpi-{{ glpi_version }}.tgz"
|
||||
- "{{ glpi_root_dir }}/db_dumps"
|
||||
- "{{ glpi_root_dir }}/web/sso.php"
|
||||
- /etc/backup/pre.d/glpi_{{ glpi_id }}_dump_db
|
||||
- /etc/backup/post.d/glpi_{{ glpi_id }}_rm_dump
|
||||
tags: glpi
|
||||
|
||||
@ -31,7 +31,7 @@
|
||||
tags: glpi
|
||||
|
||||
- name: Deploy sso.php script
|
||||
template: src=sso.php.j2 dest={{ glpi_root_dir }}/web/sso.php
|
||||
template: src=sso.php.j2 dest={{ glpi_root_dir }}/web/public/sso.php
|
||||
tags: glpi
|
||||
|
||||
- name: Deploy logrotate conf
|
||||
|
||||
@ -1,10 +1,10 @@
|
||||
{% if glpi_alias is defined %}
|
||||
Alias /{{ glpi_alias }} {{ glpi_root_dir }}/web
|
||||
Alias /{{ glpi_alias }} {{ glpi_root_dir }}/web/public
|
||||
{% else %}
|
||||
# No alias defined, create a vhost to access it
|
||||
{% endif %}
|
||||
|
||||
<Directory {{ glpi_root_dir }}/web>
|
||||
<Directory {{ glpi_root_dir }}/web/public>
|
||||
AllowOverride All
|
||||
Options FollowSymLinks
|
||||
{% if glpi_src_ip is defined %}
|
||||
@ -12,18 +12,16 @@ Alias /{{ glpi_alias }} {{ glpi_root_dir }}/web
|
||||
{% else %}
|
||||
Require all granted
|
||||
{% endif %}
|
||||
|
||||
RewriteEngine On
|
||||
RewriteCond %{REQUEST_FILENAME} !-f
|
||||
RewriteRule ^ index.php [L,QSA]
|
||||
|
||||
<FilesMatch \.php$>
|
||||
# For some (unknown) reason, files at the root like apirest.php won't be handled by the rewrite rule
|
||||
# So force SCRIPT_NAME here (except for sso.php which is in the public subdir)
|
||||
ProxyFCGISetEnvIf "reqenv('Request_URI') !~ m/sso\.php$/" SCRIPT_FILENAME "{{ glpi_root_dir }}/web/public/index.php"
|
||||
SetHandler "proxy:unix:/run/php-fpm/{{ glpi_php_fpm_pool | default('glpi_' + glpi_id | string) }}.sock|fcgi://localhost"
|
||||
</FilesMatch>
|
||||
|
||||
<FilesMatch "(.ansible_version|.git.*|(CONTRIBUTING|SUPPORT|CHANGELOG|COPYING)\.(md|txt))">
|
||||
Require all denied
|
||||
</FilesMatch>
|
||||
|
||||
</Directory>
|
||||
|
||||
{% for dir in [ 'scripts', 'locales', 'config', 'inc', 'vendor', '.github', 'bin' ] %}
|
||||
<Directory {{ glpi_root_dir }}/web/{{ dir }}>
|
||||
Require all denied
|
||||
</Directory>
|
||||
{% endfor %}
|
||||
|
||||
@ -27,10 +27,12 @@ php_admin_value[sys_temp_dir] = {{ glpi_root_dir }}/tmp
|
||||
php_admin_value[post_max_size] = 100M
|
||||
php_admin_value[upload_max_filesize] = 100M
|
||||
php_admin_value[disable_functions] = system, show_source, symlink, exec, dl, shell_exec, passthru, phpinfo, escapeshellarg, escapeshellcmd
|
||||
php_admin_value[open_basedir] = {{ glpi_root_dir }}:/usr/share/pear/:/usr/share/php/
|
||||
php_admin_value[max_execution_time] = 60
|
||||
php_admin_value[open_basedir] = {{ glpi_root_dir }}:/usr/share/pear/:/usr/share/php/:/etc/redhat-release
|
||||
php_admin_value[max_execution_time] = 600
|
||||
php_admin_value[max_input_time] = 60
|
||||
php_admin_value[session.use_trans_sid] = 0
|
||||
php_admin_flag[allow_url_include] = off
|
||||
php_admin_flag[allow_url_fopen] = off
|
||||
php_admin_flag[file_uploads] = on
|
||||
php_admin_flag[session.cookie_httponly] = on
|
||||
php_admin_flag[session.auto_start] = off
|
||||
|
||||
@ -28,6 +28,7 @@
|
||||
file: path=/etc/yum.repos.d/{{ item }}.repo state=absent
|
||||
loop:
|
||||
- fws
|
||||
- lux
|
||||
tags: repo
|
||||
|
||||
- include_tasks: epel_{{ ansible_os_family }}-{{ ansible_distribution_major_version }}.yml
|
||||
|
||||
@ -4,9 +4,9 @@
|
||||
yum_repository:
|
||||
name: epel
|
||||
description: "Extra Package for Enterprise Linux"
|
||||
baseurl: http://mirrors.ircam.fr/pub/fedora/epel/$releasever/Everything/$basearch http://mir01.syntis.net/epel/$releasever/Everything/$basearch
|
||||
baseurl: https://fr2.rpmfind.net/linux/epel/$releasever/Everything/$basearch https://mirror.in2p3.fr/pub/epel/$releasever/Everything/$basearch
|
||||
gpgcheck: True
|
||||
gpgkey: https://mir01.syntis.net/epel/RPM-GPG-KEY-EPEL-8
|
||||
gpgkey: https://mirror.in2p3.fr/pub/epel/RPM-GPG-KEY-EPEL-8
|
||||
exclude: dehydrated
|
||||
tags: repo
|
||||
|
||||
@ -14,7 +14,7 @@
|
||||
yum_repository:
|
||||
name: epel-modular
|
||||
description: "Extra Packages for Enterprise Linux Modular $releasever - $basearch"
|
||||
baseurl: http://mirrors.ircam.fr/pub/fedora/epel/$releasever/Modular/$basearch http://mir01.syntis.net/epel/$releasever/Modular/$basearch
|
||||
baseurl: https://fr2.rpmfind.net/linux/epel/$releasever/Modular/$basearch https://mirror.in2p3.fr/pub/epel/$releasever/Modular/$basearch
|
||||
gpgcheck: True
|
||||
gpgkey: https://mir01.syntis.net/epel/RPM-GPG-KEY-EPEL-8
|
||||
gpgkey: https://mirror.in2p3.fr/pub/epel/RPM-GPG-KEY-EPEL-8
|
||||
tags: repo
|
||||
|
||||
@ -4,9 +4,9 @@
|
||||
yum_repository:
|
||||
name: epel
|
||||
description: "Extra Package for Enterprise Linux"
|
||||
baseurl: http://mirrors.ircam.fr/pub/fedora/epel/$releasever/Everything/$basearch http://mir01.syntis.net/epel/$releasever/Everything/$basearch
|
||||
baseurl: https://fr2.rpmfind.net/linux/epel/$releasever/Everything/$basearch https://mirror.in2p3.fr/pub/epel/$releasever/Everything/$basearch
|
||||
gpgcheck: True
|
||||
gpgkey: https://mir01.syntis.net/epel/RPM-GPG-KEY-EPEL-9
|
||||
gpgkey: https://mirror.in2p3.fr/pub/epel/RPM-GPG-KEY-EPEL-8
|
||||
exclude: dehydrated
|
||||
tags: repo
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user