---
- name: Install dependencies
ansible.builtin.apt:
state: present
pkg:
- gpg
- postgresql
- python3-psycopg2
- apt-transport-https
- name: Import nodesource signing key
ansible.builtin.shell:
cmd: curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor
-o /usr/share/keyrings/nodesource.gpg
args:
creates: /usr/share/keyrings/nodesource.gpg
notify: apt update
- name: Install nodesource source list
ansible.builtin.template:
src: nodesource.list
dest: /etc/apt/sources.list.d/nodesource.list
owner: root
group: root
mode: 0644
notify: apt update
- name: Install nodejs apt preference
ansible.builtin.template:
src: nodejs-apt-pref
dest: /etc/apt/preferences.d/nodejs
owner: root
group: root
mode: 0644
notify: apt update
- ansible.builtin.meta: flush_handlers
- name: Install nodejs
ansible.builtin.apt:
name: nodejs
- name: Add database user
become: true
become_method: su
become_user: postgres
no_log: yes
community.postgresql.postgresql_user:
name: etherpad
password: "{{ etherpad_db_password }}"
- name: Add database
become: true
become_method: su
become_user: postgres
community.postgresql.postgresql_db:
name: "{{ etherpad_db_name }}"
owner: "{{ etherpad_db_user }}"
- name: Add etherpad user
ansible.builtin.user:
name: etherpad
home: /var/lib/etherpad
- name: Create log file
ansible.builtin.file:
path: /var/log/etherpad.log
state: touch
owner: etherpad
group: etherpad
mode: 0644
- name: Create source directory
ansible.builtin.file:
path: /opt/etherpad
state: directory
owner: etherpad
group: etherpad
mode: 0755
- name: Clone etherpad source
become: yes
become_method: su
become_user: etherpad
ansible.builtin.git:
repo: https://github.com/ether/etherpad-lite.git
version: master
dest: /opt/etherpad
accept_hostkey: yes
notify: restart etherpad
- name: Install etherpad config
ansible.builtin.template:
src: settings.json
dest: /opt/etherpad/settings.json
owner: root
group: root
mode: 0644
notify: restart etherpad
- name: Install etherpad service
ansible.builtin.template:
src: etherpad.service
dest: /etc/systemd/system/etherpad.service
owner: root
group: root
mode: 0644
notify: restart etherpad
- name: Start etherpad
ansible.builtin.systemd:
daemon_reload: true
name: etherpad
state: started
enabled: yes
- name: Install nginx config
ansible.builtin.template:
src: nginx-site.conf
dest: /etc/nginx/sites-enabled/etherpad
owner: root
group: root
mode: 0644
notify: reload nginx
- name: Allow HTTP and HTTPS
ansible.builtin.iptables:
chain: INPUT
protocol: tcp
destination_port: "{{ item.port }}"
ctstate: NEW
jump: ACCEPT
ip_version: "{{ item.ip }}"
action: insert
with_items:
- { ip: ipv4, port: 80 }
- { ip: ipv4, port: 443 }
- { ip: ipv6, port: 80 }
- { ip: ipv6, port: 443 }
notify: persist iptables
when: not nft | bool