dave
/
ansible-playbooks
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
๐Ÿ“— Ansible playbooks and roles for building an idempotent, interconnected and scalable infrastructure
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
2 Branches
0 Tags
425 KiB
Tag: Branch: Tree: eb5feb1fb8
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'eb5feb1fb8'
${ noResults }
ansible-playbooks/roles/seafile/tasks/main.yml

243 lines
5.4 KiB
Raw Normal View History Unescape

init
2 years ago
- name: gather facts
setup:
gather_subset:
- min
- name: fail if this is not debian
fail:
msg: "this role only supports debian hosts"
when: ansible_distribution != 'Debian'
- name: set seaf_cfg
set_fact:
seaf_cfg: "{{ seaf_default_config | d({}) | combine(seaf_config | d({}), recursive=true) }}"
- name: install mariadb
include_role:
name: mariadb
vars:
function: install
mariadb_config:
old_passwords: 0
ssl_ca:
ssl_cert:
ssl_key:
tls_version:
mariadb_enable_tls: no
- name: add mariadb users
include_role:
name: mariadb
vars:
function: add_user
mariadb_server: "{{ inventory_hostname }}"
user:
name: "{{ seaf_db_user }}"
password: "{{ seaf_db_password }}"
privs:
- key: "{{ seaf_db_ccnet }}.*"
value: ALL
- key: "{{ seaf_db_seafile }}.*"
value: ALL
- key: "{{ seaf_db_seahub }}.*"
value: ALL
- name: add mariadb databases
include_role:
name: mariadb
vars:
function: add_db
mariadb_server: "{{ inventory_hostname }}"
database:
name: "{{ item }}"
encoding: utf8
loop:
- "{{ seaf_db_ccnet }}"
- "{{ seaf_db_seafile }}"
- "{{ seaf_db_seahub }}"
- name: install dependencies
include_tasks: tasks/install_packages.yml
vars:
package:
- python3
- python3-setuptools
- python3-pip
- libmariadb-dev
- memcached
- libmemcached-dev
- libffi-dev
- name: install pip dependencies
pip:
name:
- django==3.2.*
- Pillow
- pylibmc
- captcha
- jinja2
- sqlalchemy==1.4.3
- django-pylibmc
- django-simple-captcha
- python3-ldap
- mysqlclient
- pycryptodome==3.12.0
- cffi==1.14.0
- name: create user and group
include_tasks: tasks/create_user.yml
vars:
user:
name: "{{ seaf_user }}"
group: "{{ seaf_group }}"
dir: "{{ seaf_dir }}"
shell: /bin/bash
- name: download and extract seafile distro
unarchive:
src: "https://s3.eu-central-1.amazonaws.com/download.seadrive.org/seafile-server_{{ seaf_version }}_x86-64.tar.gz"
dest: "{{ seaf_dir }}"
remote_src: yes
owner: "{{ seaf_user }}"
group: "{{ seaf_group }}"
creates: "{{ seaf_dir }}/seafile-server-{{ seaf_version }}"
- name: set seafile setup script parameters
set_fact:
seaf_script_params: "{{ [(('--server-name ' ~ (seaf_server_name | quote)) if (seaf_server_name is defined) else ''),
'--server-ip ' ~ (host_fqdn | quote),
'--use-existing-db 1',
'--mysql-user ' ~ seaf_db_user,
'--mysql-user-passwd ' ~ seaf_db_password
] | select() | list | join(' ') }}"
- name: run seafile setup script
shell:
cmd: "./setup-seafile-mysql.sh auto {{ seaf_script_params }}"
chdir: "{{ seaf_dir }}/seafile-server-{{ seaf_version }}"
creates: "{{ seaf_dir }}/seafile-server-latest"
become: yes
become_method: su
become_flags: '-s /bin/bash'
become_user: "{{ seaf_user }}"
register: result
- name: template configs
template:
src: "{{ item.src }}.j2"
dest: "{{ seaf_dir }}/conf/{{ item.dest }}"
force: yes
mode: "{{ item.mode | d(omit) }}"
owner: "{{ seaf_user }}"
group: "{{ seaf_group }}"
loop:
- { src: 'ccnet', dest: 'ccnet.conf' }
- { src: 'seafile', dest: 'seafile.conf' }
- { src: 'seahub_settings', dest: 'seahub_settings.py', mode: '0700' }
notify:
- restart seafile
- restart seahub
- name: template cleanup script
template:
src: cleanup.j2
dest: "{{ seaf_dir }}/cleanup_script.sh"
force: yes
mode: "+x"
owner: "{{ seaf_user }}"
group: "{{ seaf_group }}"
- name: create cron entry for cleanup script
cron:
name: seafile-cleanup
minute: "{{ seaf_cleanup.minute | d(0) }}"
hour: "{{ seaf_cleanup.hour | d(2) }}"
weekday: "{{ seaf_cleanup.weekday | d(0) }}"
job: "{{ seaf_dir }}/cleanup_script.sh"
- name: template systemd init files
template:
src: "{{ item.src }}.j2"
dest: "/etc/systemd/system/{{ item.dest }}.service"
force: yes
loop:
- { src: 'seafile_service', dest: 'seafile' }
- { src: 'seahub_service', dest: 'seahub' }
notify: reload systemd daemons
- name: install and configure memcached
include_role:
name: memcached
- name: install and configure collabora online
include_role:
name: officeonline
- name: install and configure logrotate
include_role:
name: logrotate
vars:
logrotate_services:
- name: seafile
template: logrotate_seafile
- name: install and configure nginx
include_role:
name: nginx
vars:
nginx:
servers:
- conf: nginx_server
certs: "{{ host_tls }}"
security_headers: no
conf:
http:
disable_symlinks: no
ssl_conf_command: []
- name: flush handlers
meta: flush_handlers
- name: add directories to backup plan
include_role:
name: backup
vars:
function: add
backup_items:
- "{{ seaf_dir }}/ccnet"
- "{{ seaf_dir }}/conf"
- "{{ seaf_dir }}/seafile-server-latest"
- "{{ seaf_dir }}/cleanup_script.sh"
- name: enable and start services
systemd:
daemon_reload: yes
enabled: yes
name: "{{ item }}"
state: started
loop:
- seafile
- seahub