setup.yml
No OneTemporary
Actions

Authored By

Unknown

Size

3 KB

Referenced Files

None

Subscribers

None

setup.yml
View Options

	#!/usr/bin/ansible-playbook
	- name: Setup kolab deployment on fedora server
	hosts: "{{ hostname }}"
	remote_user: root
	tasks:
	- name: Set hostname
	ansible.builtin.hostname:
	name: "{{ hostname }}"

	- import_tasks: packages.yml

	# - name: Put SELinux in permissive mode for docker
	# selinux:
	# policy: targeted
	# state: permissive

	- ansible.posix.sysctl:
	name: net.ipv4.ip_unprivileged_port_start
	value: '143'
	state: present

	#
	- name: Setup user kolab
	ansible.builtin.user:
	name: kolab
	shell: /bin/bash
	groups: wheel, audio
	append: yes

	- name: sudo without password
	ansible.builtin.lineinfile:
	path: /etc/sudoers
	state: present
	regexp: '^%wheel\s'
	line: '%wheel ALL=(ALL) NOPASSWD: ALL'

	- import_tasks: certbot.yml

	- name: Delete kolab content & directory
	ansible.builtin.file:
	state: absent
	path: /home/kolab/kolab/

	- name: get kolab git repo
	become: true
	become_user: kolab
	git:
	repo: https://git.kolab.org/source/kolab.git
	dest: /home/kolab/kolab
	version: "{{ git_branch }}"
	force: yes

	- name: Permit receiving mail
	firewalld:
	port: 25/tcp
	permanent: yes
	state: enabled
	zone: FedoraServer

	- name: Permit http traffic
	firewalld:
	port: 80/tcp
	permanent: yes
	state: enabled
	zone: FedoraServer

	- name: Permit https traffic
	firewalld:
	port: 443/tcp
	permanent: yes
	state: enabled
	zone: FedoraServer

	- name: Permit UDP traffic for webrtc
	firewalld:
	port: 44444/udp
	permanent: yes
	state: enabled
	zone: FedoraServer

	- name: Permit TCP traffic for webrtc
	firewalld:
	port: 44444/tcp
	permanent: yes
	state: enabled
	zone: FedoraServer

	- name: Configure
	block:
	- name: Run kolabctl deploy
	become: true
	become_user: kolab
	ansible.builtin.command: ./kolabctl configure
	args:
	chdir: /home/kolab/kolab
	environment:
	HOST: "{{ hostname }}"
	OPENEXCHANGERATES_API_KEY: "{{ openexchangerates_api_key }}"
	FIREBASE_API_KEY: "{{ firebase_api_key }}"
	PUBLIC_IP: "{{ public_ip }}"
	ADMIN_PASSWORD: "{{ admin_password }}"
	KOLAB_GIT_REF: "{{ git_branch }}"
	register: result
	always:
	- name: Print output from previous task with newlines
	ansible.builtin.debug:
	msg="{{result.stdout_lines}}"

	- name: Deploy
	block:
	- name: Run kolabctl deploy
	become: true
	become_user: kolab
	ansible.builtin.command: ./kolabctl deploy
	args:
	chdir: /home/kolab/kolab
	environment:
	ADMIN_PASSWORD: "{{ admin_password }}"
	register: result
	always:
	- name: Print output from previous task with newlines
	ansible.builtin.debug:
	msg="{{result.stdout_lines}}"

File Metadata

Mime Type: text/plain
Expires: Mon, Apr 6, 1:37 AM (3 d, 5 h ago)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 18829729
Default Alt Text: setup.yml (3 KB)

setup.ymlNo OneTemporaryActions

setup.ymlView Options

File Metadata

Event Timeline

setup.yml
No OneTemporary
Actions

setup.yml
View Options