slfhst/ansible
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

: add koillection

Browse Source
This commit is contained in:
VC
2025-03-02 14:17:44 +01:00
parent 4bf895ceab
commit 123e62ffac
8 changed files with 175 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
roles/postgres/vars/main.yml → inventory/group_vars/pgsqlservers.yml
View File

26
inventory/host_vars/web1.dmz.mateu.be.yml
View File

@@ -18,6 +18,8 @@ web_hostname:
- host: r.mateu.be - host: r.mateu.be
- host: ff.libertus.eu - host: ff.libertus.eu
type: firefly3 type: firefly3
- host: koi.libertus.eu
type: koillection
firefly3_app_key: !vault | firefly3_app_key: !vault |
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
@@ -110,3 +112,27 @@ nextcloud_pg_password: !vault |
39333636373365373638393930303063333066376362363262343239353632393663306564643061 39333636373365373638393930303063333066376362363262343239353632393663306564643061
3761366163373132360a643234333137313131396334303762616634333661396337393731323334 3761366163373132360a643234333137313131396334303762616634333661396337393731323334
3361 3361
koillection_pg_role: "koillection"
koillection_pg_database: "koillectiondb"
koillection_pg_password: !vault |
$ANSIBLE_VAULT;1.1;AES256
31313736366532653862656463323561373630373564633061373964336531636332363630616231
3631336633626539343035663065373537313166373363360a393166393966303931363165303531
36613534313235646437373561643661323365316537636436623230646436343463343736396664
6534373438376339610a343533323765623337323066343636343263633434393639633037346236
66663432376635323735633466313463326563373662666533303737343163613838
koillection_app_secret: !vault |
$ANSIBLE_VAULT;1.1;AES256
32386264366435326136303431663564386366633664313030613133643237396566313162303162
3466653566313865636661343830363938333338393564380a323363323365653163646265636537
33373761343136666666333364333735353133343362383932623531636262663961336163303637
3232613062386366610a393465343637643338323633613234373262643039653336396639613766
32323638626166343365386438646136366130633765313734623733333432383866
koillection_jwt_passphrase: !vault |
$ANSIBLE_VAULT;1.1;AES256
36353937633530626333396264353963613938306463653238633464626535346631393065386636
6463306331373035616436323533383332666163623033320a623033656231333239623238306462
61316662646161376466333862653732383030343762303637346163366266393935396335333962
6363346638633337370a333261316335613433356566323432356661353564373833666535626663
30363635333331643831626236623965663633643666666564356434303436303832

1
playbooks/webapps.yml
View File

@@ -4,6 +4,7 @@
hosts: web1.dmz.mateu.be hosts: web1.dmz.mateu.be
diff: true diff: true
roles: roles:
- koillection
- bac - bac
- roundcube - roundcube
- shaarli - shaarli

15
roles/koillection/tasks/db.yml Normal file
View File

@@ -0,0 +1,15 @@
---
- name: Create koillection db role
become_user: postgres
become: true
community.postgresql.postgresql_user:
name: "{{ koillection_pg_role }}"
password: "{{ koillection_pg_password }}"
- name: Create koillection db
become_user: postgres
become: true
community.postgresql.postgresql_db:
name: "{{ koillection_pg_database }}"
owner: "{{ koillection_pg_role }}"

55
roles/koillection/tasks/main.yml Normal file
View File

@@ -0,0 +1,55 @@
---
- name: Init db
ansible.builtin.include_tasks: db.yml
- name: Create application directory
ansible.builtin.file:
state: directory
dest: "{{ koillection_home }}"
owner: root
group: www-data
mode: "0o750"
- name: Install koillection application
ansible.builtin.unarchive:
remote_src: true
src: "{{ koillection_url }}"
dest: "{{ koillection_home }}"
owner: root
group: www-data
mode: "a-rwx,u+rwX,g+rX"
extra_opts: ['--strip-components=1']
exclude:
- .env
- config/jwt
- name: Put config file
ansible.builtin.template:
src: "env.j2"
dest: "{{ koillection_home }}/.env"
owner: root
group: www-data
mode: "0o640"
- name: Check writable dirs
ansible.builtin.file:
state: directory
dest: "{{ koillection_home }}/{{ item }}"
owner: root
group: www-data
mode: "g+w"
recurse: true
loop:
- "var"
- "config/jwt"
- "public/uploads"
- "public/tmp"
- name: Run lexik jwt
become: true
become_user: www-data
ansible.builtin.command:
cmd: "php bin/console lexik:jwt:generate-keypair"
chdir: "{{ koillection_home }}"
creates: "{{ koillection_home }}/config/jwt/private.pem"

44
roles/koillection/templates/env.j2 Normal file
View File

@@ -0,0 +1,44 @@
########################################################################################################
# WEB
#
# APP_DEBUG=1 displays detailed error message
#
# APP_SECRET is a random string used for security, you can use for example openssl rand -base64 21
# APP_SECRET is automatically generated when using Docker
#
# PHP_TZ, see possible values here https://www.w3schools.com/php/php_ref_timezones.asp
########################################################################################################
APP_DEBUG=0
APP_ENV=prod
APP_SECRET={{ koillection_app_secret }}
HTTPS_ENABLED=1
UPLOAD_MAX_FILESIZE=20M
PHP_MEMORY_LIMIT=512M
PHP_TZ=Europe/Paris
########################################################################################################
# API
#
#
# JWT_PASSPHRASE is a random string used for security, you can use for example openssl rand -base64 21
# JWT_PASSPHRASE is automatically generated when using Docker
########################################################################################################
CORS_ALLOW_ORIGIN='^https?://(localhost|127\.0\.0\.1)(:[0-9]+)?$'
JWT_SECRET_KEY=%kernel.project_dir%/config/jwt/private.pem
JWT_PUBLIC_KEY=%kernel.project_dir%/config/jwt/public.pem
JWT_PASSPHRASE={{ koillection_jwt_passphrase }}
########################################################################################################
# DATABASE
########################################################################################################
DB_DRIVER=pdo_pgsql
DB_NAME={{ koillection_pg_database }}
DB_HOST=localhost
DB_PORT=5432
DB_USER={{ koillection_pg_role }}
DB_PASSWORD={{ koillection_pg_password }}
DB_VERSION={{ postgres_pg_version }}

8
roles/koillection/vars/main.yml Normal file
View File

@@ -0,0 +1,8 @@
---
koillection_version: "1.6.10"
koillection_url: "https://giteu.be/koillection/koillection/releases/download/{{ koillection_version }}/koillection-{{ koillection_version }}.tar.gz"
koillection_access_url: "{{ web_hostname | selectattr('type', 'defined') | selectattr('type', '==', 'koillection') | map(attribute='host') | first }}"
koillection_home: "/srv/http/{{ koillection_access_url }}"

26
roles/nginx/templates/vhosts/koi.libertus.eu.conf.j2 Normal file
View File

@@ -0,0 +1,26 @@
server {
{% include './templates/header.conf.j2' %}
root /srv/http/koi.libertus.eu/public;
index index.html index.htm index.php;
# Media: images, icons, video, audio, fonts
location ~* \.(?:jpg|jpeg|gif|png|webp|ico|svg|webm|eot|ttf|otf|woff|woff2|js|css)$ {
expires 2w;
access_log off;
}
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
try_files $uri $document_root$fastcgi_script_name =404;
include fastcgi_params;
fastcgi_pass unix:/run/php/php{{ php_version }}-fpm.sock;
}
}