Update to 2023-03-24 18:00

roles/wapt_server/tasks/conf.yml

@@ -0,0 +1,99 @@
+---
+
+- name: Create wapt DB user
+  postgresql_user:
+    db: postgres
+    name: "{{ wapt_db_user }}"
+    password: "{{ wapt_db_pass }}"
+    login_host: "{{ wapt_db_server }}"
+    login_user: sqladmin
+    login_password: "{{ pg_admin_pass }}"
+  tags: wapt
+
+- name: Create the PostgreSQL database
+  postgresql_db:
+    name: wapt
+    encoding: UTF-8
+    template: template0
+    owner: "{{ wapt_db_user }}"
+    login_host: "{{ wapt_db_server }}"
+    login_user: sqladmin
+    login_password: "{{ pg_admin_pass }}"
+  tags: wapt
+
+- name: Enable the hstore extension
+  postgresql_ext:
+    db: "{{ wapt_db_name }}"
+    login_host: "{{ wapt_db_server }}"
+    login_user: sqladmin
+    login_password: "{{ pg_admin_pass }}"
+    name: hstore
+  tags: wapt
+
+- name: Configure WAPT server
+  ini_file: path=/opt/wapt/conf/waptserver.ini section=options option={{ item.option }} value={{ item.value }}
+  with_items:
+    - option: db_name
+      value: "{{ wapt_db_name }}"
+    - option: db_host
+      value: "{{ wapt_db_server }}"
+    - option: db_user
+      value: "{{ wapt_db_user }}"
+    - option: db_password
+      value: "{{ wapt_db_pass }}"
+    - option: waptwua_folder
+      value: /var/www/html/waptwua
+    - option: server_uuid
+      value: "{{ inventory_hostname | to_uuid }}"
+    - option: allow_unauthenticated_connect
+      value: 'False'
+    - option: allow_unauthenticated_registration
+      value: 'False'
+    - option: secret_key
+      value: "{{ wapt_secret_key }}"
+    - option: use_kerberos
+      value: 'False'
+  notify: restart wapt
+  tags: wapt
+
+- name: Configure system proxy
+  ini_file: path=/opt/wapt/conf/waptserver.ini section=options option=http_proxy value={{ system_proxy }}
+  when: system_proxy is defined and system_proxy != ''
+  notify: restart wapt
+  tags: wapt
+
+- name: Check if admin password is set
+  command: grep -qP '^wapt_password' /opt/wapt/conf/waptserver.ini
+  ignore_errors: True
+  register: wapt_admin_pass_set
+  changed_when: False
+  tags: wapt
+
+- when: wapt_admin_pass_set.rc != 0
+  block:
+    - name: Hash the WAPT admin password
+      command: /opt/wapt/bin/python -c 'from passlib.hash import pbkdf2_sha256; print(pbkdf2_sha256.hash("admin".encode("utf8")))'
+      register: wapt_admin_pass_hash
+      changed_when: False
+
+    - set_fact: wapt_admin_pass_hash={{ wapt_admin_pass_hash.stdout }}
+
+    - name: Set default admin password
+      ini_file: path=/opt/wapt/conf/waptserver.ini section=options option=wapt_password value={{ wapt_admin_pass_hash }}
+      notify: restart wapt
+
+  tags: wapt
+
+- name: Set correct ownership for wapt configuration
+  file: path=/opt/wapt/conf/waptserver.ini owner=wapt mode=0600
+  tags: wapt
+
+- name: Deploy nginx config
+  template: src={{ item.src }}.j2 dest={{ item.dest }}
+  loop:
+    - src: nginx.conf
+      dest: /etc/nginx/nginx.conf
+    - src: wapt.conf
+      dest: /etc/nginx/conf.d/wapt.conf
+  notify: restart nginx
+  tags: wapt