2017-07-03 18:22:24 +02:00
|
|
|
---
|
|
|
|
|
|
|
|
- name: Create evoadmin account
|
|
|
|
user:
|
|
|
|
name: evoadmin
|
|
|
|
comment: "Evoadmin Web Account"
|
2019-08-27 15:58:08 +02:00
|
|
|
home: "{{ evoadmin_home_dir }}"
|
2017-07-03 18:22:24 +02:00
|
|
|
password: "!"
|
2020-12-17 08:05:16 +01:00
|
|
|
system: yes
|
2017-07-03 18:22:24 +02:00
|
|
|
|
|
|
|
- name: Create www-evoadmin group
|
|
|
|
group:
|
|
|
|
name: www-evoadmin
|
|
|
|
state: present
|
|
|
|
|
2017-09-18 22:36:14 +02:00
|
|
|
- name: "Create www-evoadmin and add to group shadow (jessie)"
|
|
|
|
user:
|
|
|
|
name: www-evoadmin
|
|
|
|
groups: shadow
|
2019-09-23 21:57:08 +02:00
|
|
|
append: True
|
2017-09-18 22:36:14 +02:00
|
|
|
when: ansible_distribution_release == "jessie"
|
|
|
|
|
|
|
|
- name: "Create www-evoadmin (Debian 9 or later)"
|
|
|
|
user:
|
|
|
|
name: www-evoadmin
|
2020-12-17 08:05:16 +01:00
|
|
|
system: yes
|
2020-02-25 10:45:35 +01:00
|
|
|
when: ansible_distribution_major_version is version('9', '>=')
|
2017-09-18 22:36:14 +02:00
|
|
|
|
2018-09-09 23:42:15 +02:00
|
|
|
- name: Is /etc/aliases present?
|
|
|
|
stat:
|
|
|
|
path: /etc/aliases
|
|
|
|
register: etc_aliases
|
|
|
|
|
|
|
|
- name: Set evoadmin aliases
|
|
|
|
lineinfile:
|
|
|
|
dest: /etc/aliases
|
|
|
|
line: "{{ item.line }}"
|
|
|
|
regexp: "{{ item.regexp }}"
|
|
|
|
state: present
|
2021-05-04 14:18:40 +02:00
|
|
|
loop:
|
2021-08-27 11:01:26 +02:00
|
|
|
- { line: 'evoadmin: root', regexp: '^evoadmin:' }
|
|
|
|
- { line: 'www-evoadmin: root', regexp: '^www-evoadmin:' }
|
2018-09-09 23:42:15 +02:00
|
|
|
notify: "newaliases"
|
|
|
|
when: etc_aliases.stat.exists
|
|
|
|
|
2017-10-07 23:04:47 +02:00
|
|
|
- name: Git is needed to clone the evoadmin repository
|
2017-07-03 18:22:24 +02:00
|
|
|
apt:
|
|
|
|
name: git
|
|
|
|
state: present
|
|
|
|
|
2017-09-08 04:03:04 +02:00
|
|
|
- name: "Clone evoadmin repository (jessie)"
|
2017-07-03 18:22:24 +02:00
|
|
|
git:
|
|
|
|
repo: https://forge.evolix.org/evoadmin-web.git
|
2018-04-20 10:22:11 +02:00
|
|
|
dest: "{{ evoadmin_document_root }}"
|
2017-08-23 04:28:21 +02:00
|
|
|
version: jessie
|
2019-09-23 21:57:08 +02:00
|
|
|
update: False
|
2017-08-23 04:28:21 +02:00
|
|
|
when: ansible_distribution_release == "jessie"
|
|
|
|
|
2017-09-08 04:03:04 +02:00
|
|
|
- name: "Clone evoadmin repository (Debian 9 or later)"
|
2017-08-23 04:28:21 +02:00
|
|
|
git:
|
|
|
|
repo: https://forge.evolix.org/evoadmin-web.git
|
2018-04-20 10:22:11 +02:00
|
|
|
dest: "{{ evoadmin_document_root }}"
|
2017-08-23 04:28:21 +02:00
|
|
|
version: master
|
2019-09-23 21:57:08 +02:00
|
|
|
update: False
|
2020-02-25 10:45:35 +01:00
|
|
|
when: ansible_distribution_major_version is version('9', '>=')
|
2017-07-03 18:22:24 +02:00
|
|
|
|
2017-10-07 21:48:00 +02:00
|
|
|
- name: Change ownership on git repository
|
|
|
|
file:
|
2018-04-20 10:22:11 +02:00
|
|
|
dest: "{{ evoadmin_document_root }}"
|
2017-10-07 21:48:00 +02:00
|
|
|
owner: "{{ evoadmin_username }}"
|
2017-10-07 23:05:20 +02:00
|
|
|
group: "{{ evoadmin_username }}"
|
2019-09-23 21:57:08 +02:00
|
|
|
recurse: True
|
2017-10-07 21:48:00 +02:00
|
|
|
|
2018-04-20 10:23:35 +02:00
|
|
|
- name: Create evoadmin log directory
|
|
|
|
file:
|
|
|
|
name: "{{ evoadmin_log_dir }}"
|
|
|
|
owner: "{{ evoadmin_username }}"
|
|
|
|
group: "{{ evoadmin_username }}"
|
|
|
|
state: directory
|
|
|
|
|
2017-11-07 12:18:02 +01:00
|
|
|
- include_role:
|
2019-11-29 14:00:25 +01:00
|
|
|
name: evolix/remount-usr
|
2019-12-31 15:32:40 +01:00
|
|
|
when: evoadmin_scripts_dir is search ("/usr")
|
2017-08-03 22:15:27 +02:00
|
|
|
|
2017-07-03 18:22:24 +02:00
|
|
|
- name: "Create {{ evoadmin_scripts_dir }}"
|
|
|
|
file:
|
|
|
|
dest: "{{ evoadmin_scripts_dir }}"
|
2019-09-23 21:57:08 +02:00
|
|
|
# recurse: True
|
2017-07-03 18:22:24 +02:00
|
|
|
mode: "0700"
|
|
|
|
state: directory
|
|
|
|
|
|
|
|
- name: Install scripts like web-add.sh
|
2018-04-20 10:22:11 +02:00
|
|
|
shell: "cp {{ evoadmin_document_root }}/scripts/* {{ evoadmin_scripts_dir }}/"
|
2017-07-03 18:22:24 +02:00
|
|
|
args:
|
|
|
|
creates: "{{ evoadmin_scripts_dir }}/web-add.sh"
|
|
|
|
|
2018-09-09 23:25:53 +02:00
|
|
|
# we use a shell command to have a "changed" that really reflects the result.
|
2017-07-03 18:22:24 +02:00
|
|
|
- name: Fix permissions
|
2017-10-07 23:04:47 +02:00
|
|
|
command: "chmod -R --verbose u=rwX,g=rX,o= {{ evoadmin_document_root }}"
|
2017-07-03 18:22:24 +02:00
|
|
|
register: command_result
|
|
|
|
changed_when: "'changed' in command_result.stdout"
|
2019-09-23 21:57:08 +02:00
|
|
|
# failed_when: False
|
2017-10-07 23:04:47 +02:00
|
|
|
args:
|
2019-09-23 21:57:08 +02:00
|
|
|
warn: False
|
2017-07-03 18:22:24 +02:00
|
|
|
|
|
|
|
- name: Add evoadmin sudoers file
|
|
|
|
template:
|
2019-05-06 22:00:45 +02:00
|
|
|
src: "{{ item }}"
|
2017-07-03 18:22:24 +02:00
|
|
|
dest: /etc/sudoers.d/evoadmin
|
|
|
|
mode: "0600"
|
2019-08-27 15:58:08 +02:00
|
|
|
force: "{{ evoadmin_sudoers_conf_force }}"
|
2017-07-03 18:22:24 +02:00
|
|
|
validate: "visudo -cf %s"
|
2021-05-04 13:39:47 +02:00
|
|
|
loop: "{{ query('first_found', templates) }}"
|
|
|
|
vars:
|
|
|
|
templates:
|
|
|
|
- "templates/evoadmin-web/sudoers.{{ inventory_hostname }}.j2"
|
2021-05-19 14:35:08 +02:00
|
|
|
- "templates/evoadmin-web/sudoers.{{ host_group | default('all') }}.j2"
|
2021-05-04 13:39:47 +02:00
|
|
|
- "templates/evoadmin-web/sudoers.j2"
|
|
|
|
- "templates/sudoers.j2"
|
2019-08-27 15:58:08 +02:00
|
|
|
register: evoadmin_sudoers_conf
|