Update to 2022-01-26 18:00

roles/taiga/tasks/install.yml

@@ -0,0 +1,135 @@
+---
+
+- name: Install packages
+  package: name={{ taiga_packages }}
+  tags: taiga
+
+- name: Stop services during upgrade
+  service: name={{ item }} state=stopped
+  loop:
+    - taiga-back
+    - taiga-async
+    - taiga-events
+    - taiga-protected
+  when: taiga_install_mode == 'upgrade'
+  tags: taiga
+
+- when: taiga_install_mode != 'none'
+  block:
+    - name: Download components
+      get_url:
+        url: "{{ taiga_archives[item].url }}"
+        dest: "{{ taiga_root_dir }}/tmp"
+        checksum: sha256:{{ taiga_archives[item].sha256 }}
+      loop: "{{ taiga_archives.keys() | list }}"
+
+    - name: Extract archives
+      unarchive:
+        src: "{{ taiga_root_dir }}/tmp/{{ taiga_archives[item].dir | default('taiga-' ~ item ~ '-' ~ taiga_version) }}.tar.gz"
+        dest: "{{ taiga_root_dir }}/tmp"
+        remote_src: True
+      loop: "{{ taiga_archives.keys() | list }}"
+
+    - name: Move components to their final dir
+      synchronize:
+        src: "{{ taiga_root_dir }}/tmp/{{ taiga_archives[item].dir | default('taiga-' ~ item ~ '-' ~ taiga_version) }}/"
+        dest: "{{ taiga_root_dir }}/app/{{ item }}/"
+        delete: True
+        compress: False
+      loop: "{{ taiga_archives.keys() | list }}"
+      delegate_to: "{{ inventory_hostname }}"
+
+    - name: Create the virtualenv
+      pip:
+        name:
+          - pip
+          - wheel
+        virtualenv: "{{ taiga_root_dir }}/venv"
+        virtualenv_command: /bin/python3.9 -m venv
+
+    - name: Install taiga-back dependencies
+      pip:
+        requirements: "{{ taiga_root_dir }}/app/back/requirements.txt"
+        state: "{{ (taiga_install_mode == 'upgrade') | ternary('latest', 'present') }}"
+        virtualenv: "{{ taiga_root_dir }}/venv"
+        virtualenv_command: /bin/python3.9 -m venv
+      #environment:
+      #  PATH: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/usr/pgsql-14/bin/
+    
+    - name: Install the contrib-protected plugin
+      pip:
+        name: git+https://github.com/kaleidos-ventures/taiga-contrib-protected.git@stable#egg=taiga-contrib-protected
+        virtualenv: "{{ taiga_root_dir }}/venv"
+        virtualenv_command: /bin/python3.9 -m venv
+
+    - name: Install dependencies for taiga-events
+      npm:
+        path: "{{ taiga_root_dir }}/app/events/"
+
+    - name: Install requirements for taiga-protected
+      pip:
+        requirements: "{{ taiga_root_dir }}/app/protected/requirements.txt"
+        state: "{{ (taiga_install_mode == 'upgrade') | ternary('latest', 'present') }}"
+        virtualenv: "{{ taiga_root_dir }}/venv"
+        virtualenv_command: /bin/python3.9 -m venv
+
+  tags: taiga
+
+- block:
+    - name: Create the PostgreSQL role
+      postgresql_user:
+        db: postgres
+        name: "{{ taiga_db_user }}"
+        password: "{{ taiga_db_pass }}"
+        login_host: "{{ taiga_db_server }}"
+        login_user: sqladmin
+        login_password: "{{ pg_admin_pass }}"
+
+    - name: Create the PostgreSQL database
+      postgresql_db:
+        name: "{{ taiga_db_name }}"
+        encoding: UTF-8
+        template: template0
+        owner: "{{ taiga_db_user }}"
+        login_host: "{{ taiga_db_server }}"
+        login_user: sqladmin
+        login_password: "{{ pg_admin_pass }}"
+
+  tags: taiga
+
+- name: Install service units
+  template: src={{ item }}.j2 dest=/etc/systemd/system/{{ item }}
+  loop:
+    - taiga-back.service
+    - taiga-async.service
+    - taiga-events.service
+    - taiga-protected.service
+  register: taiga_units
+  tags: taiga
+
+- name: Reload systemd
+  systemd: daemon_reload=True
+  when: taiga_units.results | selectattr('changed','equalto',True) | list | length > 0
+  tags: taiga
+
+- name: Install backup hooks
+  template: src={{ item }}-backup.j2 dest=/etc/backup/{{ item }}.d/taiga mode=700
+  loop:
+    - pre
+    - post
+  tags: taiga
+
+- name: Copy SELinux policy
+  copy: src=taiga.te dest=/etc/selinux/targeted/local/
+  register: taiga_selinux_policy
+  tags: taiga
+
+- name: Compile and load SELinux policy
+  shell: |
+    cd /etc/selinux/targeted/local/
+    checkmodule -M -m -o taiga.mod taiga.te
+    semodule_package -o taiga.pp -m taiga.mod
+    semodule -i /etc/selinux/targeted/local/taiga.pp
+  when: ansible_selinux.status == 'enabled' and taiga_selinux_policy.changed
+  tags: taiga
+