evoadmin-mail: fix default config and evoadmin user

2017-10-11 15:17:58 +02:00 · 2017-10-11 15:17:58 +02:00 · 556311a607
parent e0c9de352b
commit 556311a607
6 changed files with 134 additions and 18 deletions
--- a/webapps/evoadmin-mail/tasks/user.yml
+++ b/webapps/evoadmin-mail/tasks/user.yml
@ -40,11 +40,48 @@

 - name: "Change perms on evoadminmail document root"
  file:
-    dest: "{{ evoadminmail_document_root}}"
+    dest: "{{ evoadminmail_document_root }}"
    owner: "www-{{ evoadminmail_username }}"
    group: "{{ evoadminmail_username }}"
    recurse: yes

+- name: "Copy connect.php"
+  template:
+    src: connect.php.j2
+    dest: "{{ evoadminmail_document_root }}/evoadmin/htdocs/connect.php"
+    owner: "www-{{ evoadminmail_username }}"
+    group: "{{ evoadminmail_username }}"
+  when: ldap_admin_password is defined 
+
+- name: "Copy conf.php"
+  template:
+    src: conf.php.j2
+    dest: "{{ evoadminmail_document_root }}/evoadmin/htdocs/config/conf.php"
+    owner: "www-{{ evoadminmail_username }}"
+    group: "{{ evoadminmail_username }}"
+
+- name: create a password for evoadmin user
+  command: "apg -n 1 -m 16 -M lcN"
+  register: evoadminmail_admin_password
+  changed_when: False
+
+- name: upload ldif for evoadmin user
+  template:
+    src: evoadmin.ldif.j2
+    dest: /root/evolinux_evoadminmail_admin.ldif
+    mode: "0640"
+
+- name: inject config
+  command: slapadd -l /root/evolinux_evoadminmail_admin.ldif
+
+- name: create log file
+  file:
+    dest: /var/log/evoadmin-mail.log
+    state: touch
+    owner: "www-{{ evoadminmail_username }}"
+    group: "adm"
+    mode: "0640"
+
 - include: remount_usr_rw.yml
  when: evoadminmail_scripts_dir | search ("/usr")

--- a/webapps/evoadmin-mail/tasks/web.yml
+++ b/webapps/evoadmin-mail/tasks/web.yml
@ -28,12 +28,3 @@
  changed_when: "'Disabling site' in cmd_a2dissite.stdout"
  notify: reload apache2
  when: not evoadminmail_enable_vhost
-
-#- name: Copy config file for evoadmin
-#  template:
-#    src: config.local.php.j2
-#    dest: "{{ evoadminmail_document_root}}/conf/config.local.php"
-#    mode: "0644"
-#    owner: evoadmin
-#    group: evoadmin
-#    force: no
--- a/webapps/evoadmin-mail/templates/conf.php.j2
+++ b/webapps/evoadmin-mail/templates/conf.php.j2
@ -0,0 +1,56 @@
+<?php
+
+// Email pour les notifications
+$conf['admin']['mail'] = 'evoadminmail_contact_email or general_alert_email | mandatory';
+// login des superadmins
+// Note: utile uniquement si domaines/driver=ldap, laisser vide sinon...
+$conf['admin']['logins'] = array('evoadmin');
+// What do you want?
+// 0 = nothing...
+// 1 = only mail accounts
+// 2 = only samba accounts
+// 3 = mail and samba accounts
+$conf['admin']['what'] = 1;
+// use hook.php instead of hook-dist.php
+$conf['admin']['use_hook'] = false;
+// enable quota
+$conf['admin']['quota'] = true;
+
+// compatibilite LDAP
+$conf['evoadmin']['version'] = 3;
+$conf['url']['webroot'] = '/evoadmin';
+
+$conf['domaines']['onlyone'] = false;
+$conf['domaines']['driver'] = 'ldap';
+$conf['domaines']['file']['all'] = array('example.com');
+$conf['domaines']['file']['gid'] = 1000;
+// Pack Mail "virtuel"... attention
+// uniquement possible si $conf['admin']['what']=1 !!
+$conf['domaines']['ldap']['virtual'] = true;
+
+// Mode cluster
+// Uniquement en mode mail seul et des utilisateurs virtuels
+$conf['evoadmin']['cluster'] = false;
+
+// auth SMTP by default ?
+$conf['evoadmin']['useauthsmtp'] = false;
+
+// Si comptes virtuels
+$conf['unix']['uid'] = 5000;
+
+// Si pas virtuel
+$conf['unix']['minuid'] = 1000;
+$conf['unix']['mingid'] = 1000;
+
+$conf['html']['title'] = "Interface d'administration XXX";
+
+// gestion des logs
+$conf['log']['priority'] = PEAR_LOG_DEBUG;
+$conf['log']['name'] = '/var/log/evoadmin-mail.log';
+$conf['log']['software'] = 'evoadminmail';
+$conf['log']['enabled'] = true;
+
+// samba
+$conf['samba']['dn'] = 'DOMAINNAME';
+$conf['samba']['sid'] = 'S-1-5-21-XXX-XXX-XXX';
+$conf['samba']['admin_default'] = false;
--- a/webapps/evoadmin-mail/templates/config.local.php.j2
+++ b/webapps/evoadmin-mail/templates/config.local.php.j2
@ -1,8 +0,0 @@
-<?php
-
-$localconf['admin']['mail'] = '{{ evoadmin_contact_email or general_alert_email | mandatory }}';
-$localconf['debug'] = FALSE;
-// Add local users that should be superadmin
-$localconf['superadmin'] = array();
-$localconf['script_path'] = '{{ evoadmin_scripts_dir }}';
-$localconf['cluster'] = FALSE;
--- a/webapps/evoadmin-mail/templates/connect.php.j2
+++ b/webapps/evoadmin-mail/templates/connect.php.j2
@ -0,0 +1,28 @@
+<?php
+
+/**
+ * Secrete parameters
+ *
+ * $Id: connect-dist.php,v 1.3 2007-05-22 21:12:23 reg Exp $
+ *
+ * @author Gregory Colpart <reg@evolix.fr>
+ * @version 1.0
+ */
+
+define("LDAP_URI","ldap://127.0.0.1");
+$ldap_servers = array('ldap://127.0.0.1');
+define("LDAP_BASE","{{ ldap_suffix }}");
+define("LDAP_ADMIN_DN","cn=admin,{{ ldap_suffix }}");
+define("LDAP_ADMIN_PASS","{{ ldap_admin_password.stdout }}");
+
+define("SUDOBIN","/usr/bin/sudo");
+define("SUDOSCRIPT","/usr/share/scripts/evoadmin.sh");
+define("SUDOPASS","xxxxxx");
+
+define('SERVEUR','localhost');
+define('SERVEURPORT',3306);
+define('BASE','horde');
+define('NOM', 'horde');
+define('PASSE', 'xxxx');
+
+?>
--- a/webapps/evoadmin-mail/templates/evoadmin.ldif.j2
+++ b/webapps/evoadmin-mail/templates/evoadmin.ldif.j2
@ -0,0 +1,12 @@
+dn: uid=evoadmin,{{ ldap_suffix }}
+uid: evoadmin
+cn: Evoadmin ADM
+uidNumber: 4242
+gidNumber: 4242
+homeDirectory: /dev/null
+isAdmin: TRUE
+mailacceptinggeneralid: evoadmin@{{ ansible_fqdn }}
+objectClass: mailAccount
+objectClass: organizationalRole
+objectClass: posixAccount
+userPassword: {{ evoadminmail_admin_password.stdout }}