forked from bitlair/ansible
137 lines
3.5 KiB
YAML
137 lines
3.5 KiB
YAML
---
|
|
- tags: etherpad
|
|
block:
|
|
- name: Install dependencies
|
|
ansible.builtin.apt:
|
|
name: [ gpg, postgresql, python3-psycopg2, apt-transport-https ]
|
|
|
|
- name: Import nodesource signing key
|
|
ansible.builtin.shell:
|
|
cmd: curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor
|
|
-o /usr/share/keyrings/nodesource.gpg
|
|
args:
|
|
creates: /usr/share/keyrings/nodesource.gpg
|
|
notify: apt update
|
|
|
|
- name: Install nodesource source list
|
|
ansible.builtin.template:
|
|
src: nodesource.list
|
|
dest: /etc/apt/sources.list.d/nodesource.list
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
notify: apt update
|
|
|
|
- name: Install nodejs apt preference
|
|
ansible.builtin.template:
|
|
src: nodejs-apt-pref
|
|
dest: /etc/apt/preferences.d/nodejs
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
notify: apt update
|
|
|
|
- ansible.builtin.meta: flush_handlers
|
|
|
|
- name: Install nodejs
|
|
ansible.builtin.apt:
|
|
name: nodejs
|
|
|
|
- name: Add database user
|
|
become: true
|
|
become_method: su
|
|
become_user: postgres
|
|
no_log: yes
|
|
community.postgresql.postgresql_user:
|
|
name: etherpad
|
|
password: "{{ etherpad_db_password }}"
|
|
|
|
- name: Add database
|
|
become: true
|
|
become_method: su
|
|
become_user: postgres
|
|
community.postgresql.postgresql_db:
|
|
name: "{{ etherpad_db_name }}"
|
|
owner: "{{ etherpad_db_user }}"
|
|
|
|
- name: Add etherpad user
|
|
ansible.builtin.user:
|
|
name: etherpad
|
|
home: /var/lib/etherpad
|
|
|
|
- name: Create log file
|
|
ansible.builtin.file:
|
|
path: /var/log/etherpad.log
|
|
state: touch
|
|
owner: etherpad
|
|
group: etherpad
|
|
mode: 0644
|
|
|
|
- name: Create source directory
|
|
ansible.builtin.file:
|
|
path: /opt/etherpad
|
|
state: directory
|
|
owner: etherpad
|
|
group: etherpad
|
|
mode: 0755
|
|
|
|
- name: Clone etherpad source
|
|
become: yes
|
|
become_method: su
|
|
become_user: etherpad
|
|
ansible.builtin.git:
|
|
repo: https://github.com/ether/etherpad-lite.git
|
|
version: master
|
|
dest: /opt/etherpad
|
|
accept_hostkey: yes
|
|
notify: restart etherpad
|
|
|
|
- name: Install etherpad config
|
|
ansible.builtin.template:
|
|
src: settings.json
|
|
dest: /opt/etherpad/settings.json
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
notify: restart etherpad
|
|
|
|
- name: Install etherpad service
|
|
ansible.builtin.template:
|
|
src: etherpad.service
|
|
dest: /etc/systemd/system/etherpad.service
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
notify: restart etherpad
|
|
|
|
- name: Start etherpad
|
|
ansible.builtin.systemd:
|
|
daemon_reload: true
|
|
name: etherpad
|
|
state: started
|
|
enabled: yes
|
|
|
|
- name: Install nginx config
|
|
ansible.builtin.template:
|
|
src: nginx-site.conf
|
|
dest: /etc/nginx/sites-enabled/etherpad
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
notify: reload nginx
|
|
|
|
- name: Allow HTTP and HTTPS
|
|
ansible.builtin.iptables:
|
|
chain: INPUT
|
|
protocol: tcp
|
|
destination_port: "{{ item.port }}"
|
|
ctstate: NEW
|
|
jump: ACCEPT
|
|
ip_version: "{{ item.ip }}"
|
|
action: insert
|
|
with_items:
|
|
- { ip: ipv4, port: 80 }
|
|
- { ip: ipv4, port: 443 }
|
|
- { ip: ipv6, port: 80 }
|
|
- { ip: ipv6, port: 443 }
|
|
notify: persist iptables
|