forked from evolix/ansible-roles
115 lines
3 KiB
YAML
115 lines
3 KiB
YAML
---
|
|
|
|
- name: Create evoadmin account
|
|
user:
|
|
name: "{{ evoadminmail_username }}"
|
|
comment: "Evoadmin Web Account"
|
|
home: "{{ evoadminmail_home_dir}}"
|
|
shell: /bin/bash
|
|
password: "!"
|
|
|
|
- name: Create log/ directory
|
|
file:
|
|
path: "{{ evoadminmail_home_dir}}/log"
|
|
state: directory
|
|
owner: "{{ evoadminmail_username }}"
|
|
group: "{{ evoadminmail_username }}"
|
|
mode: "0750"
|
|
|
|
- name: Create www-evoadminmail group
|
|
group:
|
|
name: "www-{{ evoadminmail_username }}"
|
|
state: present
|
|
|
|
- name: "Create www-evoadmin (Debian 9 or later)"
|
|
user:
|
|
name: "www-{{ evoadminmail_username }}"
|
|
home: "{{ evoadminmail_home_dir}}/www"
|
|
shell: /bin/bash
|
|
createhome: no
|
|
when: ansible_distribution_major_version | version_compare('9', '>=')
|
|
|
|
- name: Install Git
|
|
apt:
|
|
name: git
|
|
state: present
|
|
|
|
- name: "Clone evoadmin repository (Debian 9 or later)"
|
|
git:
|
|
repo: https://forge.evolix.org/evoadmin-mail.git
|
|
dest: "{{ evoadminmail_document_root}}"
|
|
version: master
|
|
update: yes
|
|
when: ansible_distribution_major_version | version_compare('9', '>=')
|
|
|
|
- name: "Change perms on evoadminmail document root"
|
|
file:
|
|
dest: "{{ evoadminmail_document_root }}"
|
|
owner: "www-{{ evoadminmail_username }}"
|
|
group: "{{ evoadminmail_username }}"
|
|
recurse: yes
|
|
|
|
- name: "Copy connect.php"
|
|
template:
|
|
src: connect.php.j2
|
|
dest: "{{ evoadminmail_document_root }}/htdocs/config/connect.php"
|
|
owner: "www-{{ evoadminmail_username }}"
|
|
group: "{{ evoadminmail_username }}"
|
|
when: ldap_admin_password is defined
|
|
|
|
- name: "Copy conf.php"
|
|
template:
|
|
src: conf.php.j2
|
|
dest: "{{ evoadminmail_document_root }}/htdocs/config/conf.php"
|
|
owner: "www-{{ evoadminmail_username }}"
|
|
group: "{{ evoadminmail_username }}"
|
|
|
|
- name: create a password for evoadmin user
|
|
command: "apg -n 1 -m 16 -M lcN"
|
|
register: evoadminmail_admin_password
|
|
changed_when: False
|
|
|
|
- name: upload ldif for evoadmin user
|
|
template:
|
|
src: evoadmin.ldif.j2
|
|
dest: /root/evolinux_evoadminmail_admin.ldif
|
|
mode: "0640"
|
|
|
|
- name: inject config
|
|
command: slapadd -l /root/evolinux_evoadminmail_admin.ldif
|
|
|
|
- name: create log file
|
|
file:
|
|
dest: /var/log/evoadmin-mail.log
|
|
state: touch
|
|
owner: "www-{{ evoadminmail_username }}"
|
|
group: "adm"
|
|
mode: "0640"
|
|
|
|
- include_role:
|
|
name: remount-usr
|
|
when: evoadminmail_scripts_dir | search ("/usr")
|
|
|
|
- name: "Create {{ evoadminmail_scripts_dir }}"
|
|
file:
|
|
dest: "{{ evoadminmail_scripts_dir }}"
|
|
# recurse: yes
|
|
mode: "0700"
|
|
state: directory
|
|
|
|
# we use a shell command to have a "changed" thet really reflects the result.
|
|
- name: Fix permissions
|
|
shell: "chmod -R --verbose u=rwX,g=rX,o= {{ item }}"
|
|
register: command_result
|
|
changed_when: "'changed' in command_result.stdout"
|
|
# failed_when: False
|
|
with_items:
|
|
- "{{ evoadminmail_home_dir}}/www"
|
|
|
|
#- name: Add evoadmin sudoers file
|
|
# template:
|
|
# src: sudoers.j2
|
|
# dest: /etc/sudoers.d/evoadmin
|
|
# mode: "0600"
|
|
# validate: "visudo -cf %s"
|