create radicale role

This commit is contained in:
vincent 2019-10-11 18:57:11 +02:00
parent 8e985a84c0
commit 9e959607af
2 changed files with 6 additions and 60 deletions

View File

@ -1,6 +1,6 @@
--- ---
radicale_server_username: radicale radicale_server_username: radicale
radicale_server_home_dir: "/var/lib/{{ radicale_server_username }}" radicale_server_home_dir: "/mnt/diskstation/CardDav"
radicale_service_state: started radicale_service_state: started
# See https://radicale.org/configuration/ # See https://radicale.org/configuration/
@ -56,7 +56,7 @@ radicale_config:
# List of Radicale user information as a dictionary. # List of Radicale user information as a dictionary.
radicale_users: radicale_users:
- name: admin # The username. - name: admin # The username.
password: admin # Their password. This should probably be vault-encrypted. password: "{{vault_CardDav}}" # Their password. This should probably be vault-encrypted.
# As an alternative to a password, you can specify a bcrypt hash. # As an alternative to a password, you can specify a bcrypt hash.
# Create this hash using the standard `htpasswd` utility, then # Create this hash using the standard `htpasswd` utility, then
# paste it here. This method allows a user to generate a password # paste it here. This method allows a user to generate a password

View File

@ -1,45 +1,9 @@
--- ---
- name: Install Radicale package dependencies. - name: Install Radicale package dependencies.
apt: package:
name: "{{ packages }}" state: present # required. Whether to install (C(present)), or remove (C(absent)) a package. Other states depend on the underlying package module, i.e C(latest).
vars: name: radicale # required. Package name, or package specifier with version, like C(name-1.0).,Be aware that packages are not always named the same and this module will not 'translate' them per distro.
packages: use: auto # not required. The required package manager module to use (yum, apt, etc). The default 'auto' will use existing facts or try to autodetect it.,You should only use this field if the automatic selection is not working for some reason.
- python3
- python3-pip
- python3-setuptools
- apache2-utils
# These three are for Ansible itself to run on the managed host.
- python-setuptools
- python-passlib
- python-bcrypt
- name: Install Radicale Python dependencies.
pip:
executable: pip3 # Radicale requires Python 3.3 or greater.
name: "{{ item }}"
state: present
loop:
- passlib
- bcrypt
- name: Create Radicale system user.
user:
name: "{{ radicale_server_username }}"
system: true
home: "{{ radicale_server_home_dir }}"
shell: "/bin/false"
state: present
- name: Install Radicale.
pip:
executable: pip3 # Radicale requires Python 3.3 or greater.
name: radicale
state: present
- name: Create Radicale configuration directory.
file:
path: /etc/radicale
state: directory
- name: Write Radicale configuration file. - name: Write Radicale configuration file.
template: template:
@ -52,9 +16,6 @@
copy: copy:
src: rights.conf src: rights.conf
dest: "{{ radicale_server_home_dir }}/rights.conf" dest: "{{ radicale_server_home_dir }}/rights.conf"
owner: "{{ radicale_server_username }}"
group: "{{ radicale_server_username }}"
mode: "400"
notify: notify:
- Restart Radicale. - Restart Radicale.
@ -80,9 +41,6 @@
password: "{{ item.password }}" password: "{{ item.password }}"
state: "{{ item.state | default('present') }}" state: "{{ item.state | default('present') }}"
crypt_scheme: "bcrypt" crypt_scheme: "bcrypt"
mode: "600"
owner: "{{ radicale_server_username }}"
group: "{{ radicale_server_username }}"
loop: "{{ radicale_users }}" loop: "{{ radicale_users }}"
- name: Set Radicale user with password hash. - name: Set Radicale user with password hash.
@ -92,20 +50,8 @@
path: "{{ radicale_config.auth.htpasswd_filename | default('/var/lib/radicale/users.htpasswd') }}" path: "{{ radicale_config.auth.htpasswd_filename | default('/var/lib/radicale/users.htpasswd') }}"
line: "{{ item.name }}:{{ item.bcrypt_hash }}" line: "{{ item.name }}:{{ item.bcrypt_hash }}"
state: "{{ item.state | default('present') }}" state: "{{ item.state | default('present') }}"
mode: "600"
owner: "{{ radicale_server_username }}"
group: "{{ radicale_server_username }}"
loop: "{{ radicale_users }}" loop: "{{ radicale_users }}"
- name: Create systemd service unit.
template:
src: radicale.service.j2
dest: /etc/systemd/system/radicale.service
# TODO:
#validate: "systemd-analyze verify %s"
notify:
- Reload systemd.
- Restart Radicale.
- name: Start and enable Radicale service. - name: Start and enable Radicale service.
service: service: