124 lines
2.9 KiB
YAML
124 lines
2.9 KiB
YAML
---
|
|
- tags: etherpad
|
|
block:
|
|
- name: Install dependencies
|
|
apt:
|
|
name: [ gpg, nginx, postgresql, python3-psycopg2 ]
|
|
|
|
- name: Import nodesource signing key
|
|
apt_key:
|
|
url: https://deb.nodesource.com/gpgkey/nodesource.gpg.key
|
|
notify: apt update
|
|
|
|
- name: Install nodesource source list
|
|
template:
|
|
src: nodesource.list
|
|
dest: /etc/apt/sources.list.d/nodesource.list
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
notify: apt update
|
|
|
|
- meta: flush_handlers
|
|
|
|
- name: Install nodejs
|
|
apt:
|
|
name: nodejs
|
|
|
|
- name: Add database user
|
|
become: true
|
|
become_method: su
|
|
become_user: postgres
|
|
no_log: yes
|
|
postgresql_user:
|
|
name: etherpad
|
|
password: "{{ etherpad_db_password }}"
|
|
|
|
- name: Add database
|
|
become: true
|
|
become_method: su
|
|
become_user: postgres
|
|
postgresql_db:
|
|
name: "{{ etherpad_db_name }}"
|
|
owner: "{{ etherpad_db_user }}"
|
|
|
|
- name: Add etherpad user
|
|
user:
|
|
name: etherpad
|
|
home: /var/lib/etherpad
|
|
|
|
- name: Create log file
|
|
file:
|
|
path: /var/log/etherpad.log
|
|
state: touch
|
|
owner: etherpad
|
|
group: etherpad
|
|
mode: 0644
|
|
|
|
- name: Create source directory
|
|
file:
|
|
path: /opt/etherpad
|
|
state: directory
|
|
owner: etherpad
|
|
group: etherpad
|
|
mode: 0755
|
|
|
|
- name: Clone etherpad source
|
|
become: yes
|
|
become_method: su
|
|
become_user: etherpad
|
|
git:
|
|
repo: https://github.com/ether/etherpad-lite.git
|
|
version: master
|
|
dest: /opt/etherpad
|
|
accept_hostkey: yes
|
|
notify: restart etherpad
|
|
|
|
- name: Install etherpad config
|
|
template:
|
|
src: settings.json
|
|
dest: /opt/etherpad/settings.json
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
notify: restart etherpad
|
|
|
|
- name: Install etherpad service
|
|
template:
|
|
src: etherpad.service
|
|
dest: /etc/systemd/system/etherpad.service
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
notify: restart etherpad
|
|
|
|
- name: Clear default nginx site
|
|
file:
|
|
state: absent
|
|
path: /etc/nginx/sites-enabled/default
|
|
notify: reload nginx
|
|
|
|
- name: Install nginx config
|
|
template:
|
|
src: nginx-site.conf
|
|
dest: /etc/nginx/sites-enabled/etherpad
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
notify: reload nginx
|
|
|
|
- name: Allow HTTP and HTTPS
|
|
iptables:
|
|
chain: INPUT
|
|
protocol: tcp
|
|
destination_port: "{{ item.port }}"
|
|
ctstate: NEW
|
|
jump: ACCEPT
|
|
ip_version: "{{ item.ip }}"
|
|
action: insert
|
|
with_items:
|
|
- { ip: ipv4, port: 80 }
|
|
- { ip: ipv4, port: 443 }
|
|
- { ip: ipv6, port: 80 }
|
|
- { ip: ipv6, port: 443 }
|
|
notify: persist iptables
|