Commit cdf431ce authored by Mathieu Lutfy's avatar Mathieu Lutfy Committed by bgm
Browse files

Update the aegir role (ansible 2.7 compat)

parent c92cb66d
--- ---
# Installs Aegir3 (http://www.aegirproject.org) # Installs Aegir3 (http://www.aegirproject.org)
# Assumes Debian Stretch, with MariaDB, Nginx, php7-fpm # Assumes Debian, with MariaDB, Nginx, php-fpm
- include_vars: "{{ ansible_distribution }}_{{ ansible_distribution_major_version }}.yml" - include_vars: "{{ ansible_distribution }}_{{ ansible_distribution_major_version }}.yml"
when: phpversion is undefined when: phpversion is undefined
...@@ -45,8 +45,8 @@ ...@@ -45,8 +45,8 @@
# https://github.com/gaspaio/ansible-devbox/blob/master/roles/mysql/tasks/server.yml # https://github.com/gaspaio/ansible-devbox/blob/master/roles/mysql/tasks/server.yml
# Install server using a preseed file to set the root password # Install server using a preseed file to set the root password
- name: Check for previous MySQL installation - name: Check for previous MySQL installation
shell: "[ -f /usr/sbin/mysqld ]" stat:
ignore_errors: True path: /usr/sbin/mysqld
register: mysqld_exists register: mysqld_exists
- apt: name={{ item }} state=present install_recommends=no - apt: name={{ item }} state=present install_recommends=no
...@@ -55,13 +55,13 @@ ...@@ -55,13 +55,13 @@
- name: Generate a root password for MySQL - name: Generate a root password for MySQL
shell: pwgen 15 1 > /root/.mysql.root shell: pwgen 15 1 > /root/.mysql.root
when: mysqld_exists|failed when: not mysqld_exists.stat.exists
- name: Preseed Aegir Debian configurations - name: Preseed Aegir Debian configurations
shell: "{{ item }} | debconf-set-selections" shell: "{{ item }} | debconf-set-selections"
with_items: with_items:
- echo "mariadb-server-10.2 mysql-server/root_password password `cat /root/.mysql.root`" - echo "mariadb-server-10.3 mysql-server/root_password password `cat /root/.mysql.root`"
- echo "mariadb-server-10.2 mysql-server/root_password_again password `cat /root/.mysql.root`" - echo "mariadb-server-10.3 mysql-server/root_password_again password `cat /root/.mysql.root`"
- echo "debconf aegir/site string {{ inventory_hostname }}" - echo "debconf aegir/site string {{ inventory_hostname }}"
- echo "debconf aegir/db_host string 127.0.0.1" - echo "debconf aegir/db_host string 127.0.0.1"
- echo "debconf aegir/db_user string root" - echo "debconf aegir/db_user string root"
...@@ -83,123 +83,97 @@ ...@@ -83,123 +83,97 @@
- packages - packages
- apt: - apt:
name: "{{ item }}" name: "nginx"
state: present state: present
install_recommends: no install_recommends: no
default_release: jessie-backports when: ("'aegir_apache' not in group_names")
with_items:
- nginx
when: ("'aegir-apache' not in group_names") and (ansible_distribution_release == "jessie")
tags: tags:
- packages - packages
- aegir-nginx - aegir-nginx
- apt: - apt:
name: "{{ item }}" name: "php{{ phpversion }}-fpm"
state: present state: present
install_recommends: no install_recommends: no
with_items: when: "'aegir_apache' not in group_names"
- nginx
when: ("'aegir-apache' not in group_names") and (ansible_distribution_release == "stretch")
tags:
- packages
- aegir-nginx
# nb: imagick is required by Mosaico
- apt: name={{ item }} state=present install_recommends=no
with_items:
- "php{{ phpversion }}-gd"
- "php{{ phpversion }}-cli"
- "php{{ phpversion }}-curl"
- "php{{ phpversion }}-imagick"
- "php{{ phpversion }}-intl"
- "php{{ phpversion }}-json"
- "php{{ phpversion }}-ldap"
- "php{{ phpversion }}-mysql"
- "php{{ phpversion }}-soap"
- "php{{ phpversion }}-zip"
- "php{{ phpversion }}-xsl"
tags: tags:
- packages - packages
- packages-php - packages-php
- aegir-php - aegir-php
- apt: name={{ item }} state=present install_recommends=no # nb: imagick is required by Mosaico
with_items: - apt:
- "php{{ phpversion }}-mcrypt" name: [
when: phpversion <= 7.0 "php{{ phpversion }}",
tags: "php{{ phpversion }}-bcmath",
- packages "php{{ phpversion }}-gd",
- packages-php "php{{ phpversion }}-cli",
- aegir-php "php{{ phpversion }}-curl",
"php{{ phpversion }}-intl",
- apt: name={{ item }} state=present install_recommends=no "php{{ phpversion }}-json",
with_items: "php{{ phpversion }}-ldap",
- "php{{ phpversion }}-mbstring" "php{{ phpversion }}-mysql",
- "php{{ phpversion }}-zip" "php{{ phpversion }}-soap",
- "php-imagick" "php{{ phpversion }}-zip",
when: phpversion >= 7.0 "php{{ phpversion }}-xsl",
tags: "php{{ phpversion }}-mbstring",
- packages "php{{ phpversion }}-zip",
- packages-php "php-imagick"
- aegir-php ]
state: present
- apt: name={{ item }} state=present install_recommends=no install_recommends: no
with_items:
- "php{{ phpversion }}-fpm"
when: "'aegir-apache' not in group_names"
tags: tags:
- packages - packages
- packages-php - packages-php
- aegir-php - aegir-php
# This is to help deal with Debian Stretch upgrades # This is to help deal with Debian Stretch upgrades
- apt: name={{ item }} state=absent install_recommends=no - apt:
with_items: name: [
- php5-fpm php5-fpm,
- php5-gd php5-gd,
- php5-cli php5-cli,
- php5-common php5-common,
- php5-curl php5-curl,
- php5-intl php5-intl,
- php5-json php5-json,
- php5-ldap php5-ldap,
- php5-mcrypt php5-mcrypt,
- php5-mysql php5-mysql,
- php5-xsl php5-xsl,
- php-soap php-soap
]
state: absent
install_recommends: no
when: ansible_distribution_release == "stretch" when: ansible_distribution_release == "stretch"
tags: tags:
- packages - packages
- packages-php - packages-php
- aegir-php - aegir-php
- apt: name={{ item }} state=present install_recommends=no - apt:
with_items: name: [
- pwgen patch, # required for drush make
- curl pwgen,
- gettext curl,
- xauth gettext,
- xvfb xauth,
- libxrender1 xvfb,
- fonts-dejavu-core libxrender1,
- imagemagick ttf-mscorefonts-installer,
tags: fonts-dejavu-core,
- packages imagemagick
]
# FIXME in Debian Stretch state: present
- name: Install ondir install_recommends: no
apt:
deb: http://ftp.us.debian.org/debian/pool/main/o/ondir/ondir_0.2.3+git0.55279f03-1_amd64.deb
tags: tags:
- packages - packages
- packages-ondir
# A bit off topic, but too often had the issue where mailname was misconfigured # A bit off topic, but too often had the issue where mailname was misconfigured
- copy: content="{{ inventory_hostname }}" dest=/etc/mailname - copy: content="{{ inventory_hostname }}" dest=/etc/mailname
- file: path=/etc/mailname owner=root group=root mode=0644 - file: path=/etc/mailname owner=root group=root mode=0644
# MariaDB 10.2 # MariaDB 10.3
- apt_key: keyserver=keyserver.ubuntu.com id=0xF1656F24C74CD1D8 - apt_key: keyserver=keyserver.ubuntu.com id=0xF1656F24C74CD1D8
tags: tags:
- packages - packages
...@@ -207,7 +181,7 @@ ...@@ -207,7 +181,7 @@
- aegir-mariadb - aegir-mariadb
- apt_repository: - apt_repository:
repo="deb http://ftp.osuosl.org/pub/mariadb/repo/10.2/debian {{ ansible_distribution_release }} main" repo="deb http://ftp.osuosl.org/pub/mariadb/repo/10.3/debian {{ ansible_distribution_release }} main"
update_cache=yes update_cache=yes
state=present state=present
tags: tags:
...@@ -215,9 +189,14 @@ ...@@ -215,9 +189,14 @@
- aegir - aegir
- aegir-mariadb - aegir-mariadb
- apt: name={{ item }} state=present - apt:
with_items: name: [
- mariadb-server "mariadb-client-10.3",
"mariadb-server-10.3",
"mariadb-server"
]
state: present
install_recommends: no
tags: tags:
- packages - packages
- aegir - aegir
...@@ -282,10 +261,23 @@ ...@@ -282,10 +261,23 @@
- aegir - aegir
- aegir-locales - aegir-locales
- apt: pkg=aegir3 state=installed - apt:
name: aegir3
state: present
install_recommends: no
tags:
- aegir
- name: Add the aegir user to the admin group
user: name="aegir"
groups=adm
append=yes
tags:
- aegir
- aegir-adm
- name: Download provision_symbiotic from Github - name: Download provision_symbiotic from Github
sudo_user: aegir become_user: aegir
git: repo=https://github.com/coopsymbiotic/provision_symbiotic.git git: repo=https://github.com/coopsymbiotic/provision_symbiotic.git
version=master version=master
dest=/var/aegir/.drush/provision_symbiotic dest=/var/aegir/.drush/provision_symbiotic
...@@ -294,7 +286,7 @@ ...@@ -294,7 +286,7 @@
- aegir-provision-symbiotic - aegir-provision-symbiotic
- name: Download provision_customhtaccess from Github - name: Download provision_customhtaccess from Github
sudo_user: aegir become_user: aegir
git: repo=https://github.com/mlutfy/provision_customhtaccess.git git: repo=https://github.com/mlutfy/provision_customhtaccess.git
version=master version=master
dest=/var/aegir/.drush/provision_customhtaccess dest=/var/aegir/.drush/provision_customhtaccess
...@@ -357,7 +349,7 @@ ...@@ -357,7 +349,7 @@
shell: "drush @hostmaster en hosting_nginx_https -y" shell: "drush @hostmaster en hosting_nginx_https -y"
become: true become: true
become_user: aegir become_user: aegir
when: "'aegir-apache' not in group_names" when: "'aegir_apache' not in group_names"
tags: tags:
- aegir-hosting-https - aegir-hosting-https
...@@ -365,7 +357,7 @@ ...@@ -365,7 +357,7 @@
shell: "drush @hostmaster en hosting_apache_https -y" shell: "drush @hostmaster en hosting_apache_https -y"
become: true become: true
become_user: aegir become_user: aegir
when: "'aegir-apache' in group_names" when: "'aegir_apache' in group_names"
tags: tags:
- aegir-hosting-https - aegir-hosting-https
...@@ -425,34 +417,20 @@ ...@@ -425,34 +417,20 @@
- name: Restart Aegir hosting queue - name: Restart Aegir hosting queue
service: name=hosting-queued state=restarted service: name=hosting-queued state=restarted
# This is absurd, but wkhtmltopdf cannot fetch https without this package # Requirements for the wkhtmltox 0.15 package
# affects Debian Stretch.
# https://github.com/wkhtmltopdf/wkhtmltopdf/issues/3001#issuecomment-309673453
- apt: name={{ item }} state=absent install_recommends=no - apt: name={{ item }} state=absent install_recommends=no
with_items: with_items:
- libssl1.0-dev - fontconfig
when: ansible_distribution_release == "stretch" - xfonts-base
- xfonts-75dpi
tags: tags:
- packages - packages
- aegir - aegir
- aegir-wkhtmltopdf - aegir-wkhtmltopdf
- name: Download wkhtmltopdf - name: Install wkhtmltopdf from deb
get_url: apt:
url=https://github.com/wkhtmltopdf/wkhtmltopdf/releases/download/0.12.4/wkhtmltox-0.12.4_linux-generic-amd64.tar.xz deb: https://github.com/wkhtmltopdf/wkhtmltopdf/releases/download/0.12.5/wkhtmltox_0.12.5-1.stretch_amd64.deb
dest=/usr/local/wkhtmltox-0.12.4_linux-generic-amd64.tar.xz
mode=0644
tags:
- aegir
- aegir-wkhtmltopdf
- unarchive: src=/usr/local/wkhtmltox-0.12.4_linux-generic-amd64.tar.xz dest=/usr/local/ copy=no
tags:
- aegir
- aegir-wkhtmltopdf
- name: Create symlink for wkhtmltopdf
file: src=/usr/local/wkhtmltox/bin/wkhtmltopdf dest=/usr/local/bin/wkhtmltopdf state=link
tags: tags:
- aegir - aegir
- aegir-wkhtmltopdf - aegir-wkhtmltopdf
...@@ -506,10 +484,38 @@ ...@@ -506,10 +484,38 @@
tags: tags:
- aegir-weekly - aegir-weekly
- name: Deploy the civicrm-pull-patch script - name: Aegir | Deploy civicrm-pull-patch
template: src=usr/local/bin/civicrm-pull-patch dest=/usr/local/bin/civicrm-pull-patch owner=root group=root mode=0755 template: src=usr/local/bin/civicrm-pull-patch dest=/usr/local/bin/civicrm-pull-patch owner=root group=root mode=0755
tags: tags:
- aegir-civicrm-pull-patch - aegir-civicrm-scripts
- name: Aegir | Deploy cvlog
template: src=usr/local/bin/cvlog dest=/usr/local/bin/cvlog owner=root group=root mode=0755
tags:
- aegir-civicrm-scripts
- name: Aegir | Deploy civicrm-update-translations
template: src=usr/local/bin/civicrm-update-translations dest=/usr/local/bin/civicrm-update-translations owner=root group=root mode=0755
tags:
- aegir-civicrm-scripts
- aegir-civicrm-translations
- name: Aegir | Download CiviCRM translations
shell: "/usr/local/bin/civicrm-update-translations"
args:
creates: /var/aegir/l10n-civicrm
tags:
- aegir-civicrm-translations
# Source: https://lab.symbiotic.coop/coopsymbiotic/aegir-helpers
- name: Aegir | Download aegir-helpers
get_url:
url: "https://www.symbiotic.coop/sites/www.symbiotic.coop/files/ansible/aegir-helpers"
dest: /usr/local/bin/aegir-helpers
mode: '0755'
tags:
- aegir-civicrm-scripts
- aegir-helpers
- include: letsencrypt.yml - include: letsencrypt.yml
- include: settings-php.yml - include: settings-php.yml
...@@ -519,6 +525,11 @@ ...@@ -519,6 +525,11 @@
tags: tags:
- aegir-civicrm - aegir-civicrm
- name: Aegir | Deploy our local.drushrc.php
template: src=var/aegir/dot.drush/local.drushrc.php dest=/var/aegir/local.drushrc.php owner=aegir group=aegir mode=0644
tags:
- aegir-drush
- name: bash | Deploy bashrc, profile, ondir configurations - name: bash | Deploy bashrc, profile, ondir configurations
template: src=var/aegir/dot{{ item }} dest=/var/aegir/{{ item }} owner=aegir group=aegir mode=0644 template: src=var/aegir/dot{{ item }} dest=/var/aegir/{{ item }} owner=aegir group=aegir mode=0644
with_items: with_items:
...@@ -533,6 +544,11 @@ ...@@ -533,6 +544,11 @@
tags: tags:
- aegir-sudoers - aegir-sudoers
- name: Deploy our duct tape script to safely reload nginx
template: src=usr/local/bin/aegir-reload-nginx.sh dest=/usr/local/bin/aegir-reload-nginx.sh owner=root group=root mode=0755
tags:
- aegir-sudoers
- name: ssh | Create the .ssh directory for the Aegir user - name: ssh | Create the .ssh directory for the Aegir user
file: path=/var/aegir/.ssh state=directory mode="{{ aegir_ssh_dir_permission }}" owner=aegir group="{{ aegir_ssh_dir_group }}" file: path=/var/aegir/.ssh state=directory mode="{{ aegir_ssh_dir_permission }}" owner=aegir group="{{ aegir_ssh_dir_group }}"
tags: tags:
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment