jpp/ansible-roles
1
0
Fork 0
mirror of https://git.lapiole.org/dani/ansible-roles.git synced 2025-04-12 00:03:17 +02:00
Code Issues Packages Projects Releases Wiki Activity
ansible-roles/roles/wapt_server/tasks/conf.yml
Daniel Berteaud 3e527570d2 Update to 2023-06-29 10:00
2023-06-29 10:00:34 +02:00

114 lines
3.3 KiB
YAML
Raw Blame History

---
- name: Create wapt DB user
postgresql_user:
db: postgres
name: "{{ wapt_db_user }}"
password: "{{ wapt_db_pass }}"
login_host: "{{ wapt_db_server }}"
login_user: sqladmin
login_password: "{{ pg_admin_pass }}"
tags: wapt
- name: Create the PostgreSQL database
postgresql_db:
name: wapt
encoding: UTF-8
template: template0
owner: "{{ wapt_db_user }}"
login_host: "{{ wapt_db_server }}"
login_user: sqladmin
login_password: "{{ pg_admin_pass }}"
tags: wapt
- name: Enable the hstore extension
postgresql_ext:
db: "{{ wapt_db_name }}"
login_host: "{{ wapt_db_server }}"
login_user: sqladmin
login_password: "{{ pg_admin_pass }}"
name: hstore
tags: wapt
- name: Configure WAPT server
ini_file: path=/opt/wapt/conf/waptserver.ini section=options option={{ item.option }} value={{ item.value }}
with_items:
- option: db_name
value: "{{ wapt_db_name }}"
- option: db_host
value: "{{ wapt_db_server }}"
- option: db_user
value: "{{ wapt_db_user }}"
- option: db_password
value: "{{ wapt_db_pass }}"
- option: waptwua_folder
value: /var/www/html/waptwua
- option: server_uuid
value: "{{ inventory_hostname | to_uuid }}"
- option: allow_unauthenticated_connect
value: 'False'
- option: allow_unauthenticated_registration
value: 'False'
- option: secret_key
value: "{{ wapt_secret_key }}"
- option: use_kerberos
value: 'False'
notify: restart wapt
tags: wapt
- name: Configure system proxy
ini_file: path=/opt/wapt/conf/waptserver.ini section=options option=http_proxy value={{ system_proxy }}
when: system_proxy is defined and system_proxy != ''
notify: restart wapt
tags: wapt
- name: Check if admin password is set
command: grep -qP '^wapt_password' /opt/wapt/conf/waptserver.ini
ignore_errors: True
register: wapt_admin_pass_set
changed_when: False
tags: wapt
- when: wapt_admin_pass_set.rc != 0
block:
- name: Hash the WAPT admin password
command: /opt/wapt/bin/python -c 'from passlib.hash import pbkdf2_sha256; print(pbkdf2_sha256.hash("admin".encode("utf8")))'
register: wapt_admin_pass_hash
changed_when: False
- set_fact: wapt_admin_pass_hash={{ wapt_admin_pass_hash.stdout }}
- name: Set default admin password
ini_file: path=/opt/wapt/conf/waptserver.ini section=options option=wapt_password value={{ wapt_admin_pass_hash }}
notify: restart wapt
tags: wapt
- name: Set correct ownership for wapt configuration
file: path=/opt/wapt/conf/waptserver.ini owner=wapt mode=0600
tags: wapt
- name: Deploy nginx config
template: src={{ item.src }}.j2 dest={{ item.dest }}
loop:
- src: nginx.conf
dest: /etc/nginx/nginx.conf
- src: wapt.conf
dest: /etc/nginx/conf.d/wapt.conf
notify: restart nginx
tags: wapt
- name: Deploy rsync configuration
template: src=rsyncd.conf.j2 dest=/etc/rsyncd.conf.d/waptrepo.conf
tags: wapt
- name: Deploy WAPT Repo rsync secret
copy: content=wapt:{{ wapt_rsync_pass }} dest=/opt/wapt/conf/rsync.secrets mode=400 owner=root group=root
when: wapt_rsync_pass is defined
tags: wapt
- name: Remove rsync secret
file: path=/opt/wapt/conf/rsync.secrets state=absent
when: wapt_rsync_pass is not defined
tags: wapt
Reference in New Issue View Git Blame Copy Permalink