Merge pull request #2 from roles-ansible/docs

Adding docs and fixing result error
2024-08-16 10:19:52 +02:00 · 2022-11-14 13:51:50 +01:00 · 2022-11-14 13:51:50 +01:00 · 0fbb422f3d
commit 0fbb422f3d
parent 1657361974 2ce4e1ce5a
5 changed files with 95 additions and 8 deletions
--- a/README.md
+++ b/README.md
@ -1,3 +1,5 @@
+[![MIT License](https://raw.githubusercontent.com/roles-ansible/ansible_role_etebase/main/.github/license.svg)](https://github.com/roles-ansible/ansible_role_etebase/blob/main/LICENSE)
+
 Ansible role EteBase - EteSync 2.0 Server Backend
 ===================================================
 Ansible role to Setup and Confugure Etebase - The Backend from EteSync 2.0 -> https://github.com/etesync/server
@ -5,3 +7,61 @@ Ansible role to Setup and Confugure Etebase - The Backend from EteSync 2.0 -> ht
 ```
 WORK IN PROGRESS!!!
 ```
+
+ Details
+---------
+This Ansible role installs and configures etebase, the backend of etesync. A piece of software to securely sync your contacts, calendars, tasks and notes!
+In this Ansible role, a separate user is created for etebase. The latest release of etebase is downloaded to the home of this user. A configuration is created. The specified Python dependencies are installed in a venv. And optionally etebase can be started automatically via a systemd service and uvicorn.
+What this Ansible role does not create are users in Etebase. And the configuration for the web server is not created either.
+
+ Default Variables
+-----------
+| variable | value | description |
+| -------- | ----- | ----------- |
+| etebase__user | 'etebase' | The Unix User for etebase |
+| etebase__group | 'etebase' | The Unix Group for etebase |
+| etebase__user_home | '/var/lib/etebase' | Etebase User Home |
+| etebase__shell | '/bin/false' | Default Shell of Etebase User |
+| etebase__venv | "{{ etebase__user_home }}/venv" | Etebase venv path |
+| etebase__socket | '/tmp/etebase_server.sock' | Etebase Socket path *(only if ``etebase__systemd_setup`` is set to ``true``)* |
+| etebase__package_state | 'present' | Set to ``latest`` to upgrade all etebase required system and pip packages to the latest version |
+| etebase__version | 'latest' | Etebase Release Tag |
+| etebase__secrets_dir | "{{ etebase__user_home }}/secrets" | Path to store etebase secrets |
+| etebase__collectstatic | true | Generate static files for etebase |
+| etebase__restart_webserver | false | Set to ``true`` to restart the webserver on config change *(etebase__systemd_setup needed)*|
+| etebase__webserver_service | 'nginx.service' | Which systemd unit should be restartet for the webserver |
+| etebase__systemd_setup | false | Set to ``true`` to start etebase as systemd unit with the systemd socket configured above |
+| submodules_versioncheck | false | should we do a simple version check for this ansible role |
+
+
+ Options for etebase-server.ini
+------------------------------
+
+| variable | value | description |
+| -------- | ----- | ----------- |
+| etebase__global_secret_file | '{{ etebase__secrets_dir }}/secret.txt' | path of secret.txt
+| etebase__global_debug | false | Set debug to true |
+| etebase__global_static_root | "{{ etebase__user_home }}/static_root" | Path of static root |
+| etebase__global_media_root: "{{ etebase__user_home }}/media_root"
+| etebase__global_extra | '' | Variable for aditional parameter in the ``[global]`` section of the config file |
+| etebase__allowed_hosts_allowed_host1 | '\*' | The allowed Host for this etebase server | 
+| etebase__allowed_hosts_extra | '' |Variable for aditional parameter in the ``[allowed_hosts]`` section of the config file |
+| etebase__database_engine | 'django.db.backends.sqlite3' | Databse Engine |
+| etebase__database_name | "{{ etebase__secrets_dir }}/etebase.db.sqlite3" | Path of the sqlite3 database |
+| etebase__database_extra | '' | Variable for aditional parametet in the ``[database]`` section of the config file |
+| etebase__database_options_extra | '' | Variable for aditional parameter in the ``[database_options]`` section of the config file |
+| etebase__ldap_extra | '' | Variable for aditional parameter in the ``[ldap]`` section of the config file |
+| etebase__config_extra | '' |Variable for aditional parameter at the end of the config file |
+
+ Additional Information
+------------------------
+You find more information about the webserver config at [github.com/etesync/server/wiki/Production-setup-using-Nginx](https://github.com/etesync/server/wiki/Production-setup-using-Nginx). Please remember the value you used for the ``etebase__socket`` variable, if you used this role to start the [unicorn](https://www.uvicorn.org/) ASGI server via systemd. For this you have to set ``etebase__systemd_setup`` to ``true``.
+
+You have to create a admin User by yourself. To do this, log in manually as priviledged user, change to the ``etebase__user_home``. Enter the downloaded etebase code direcotory and run the 'python3 ./manage.py createsuperuser' command:
+```bash
+cd /var/lib/etebase/
+ls etebase_*
+cd etebase_v0.10.0  # example versiom
+/var/lib/etebase/venv/bin/python3 ./manage.py createsuperuser
+```
+
--- a/tasks/configure.yml
+++ b/tasks/configure.yml
@ -21,7 +21,7 @@
  with_items:
    - "{{ etebase__global_static_root }}"

- name: "Create mediac data directorys"
+- name: "Create media data directorys"
  become: true
  ansible.builtin.file:
    path: "{{ item }}"
--- a/tasks/filepermissions.yml
+++ b/tasks/filepermissions.yml
@ -0,0 +1,27 @@
+---
+- name: "Make sure static data is set properly"
+  become: true
+  ansible.builtin.file:
+    path: "{{ item }}"
+    state: directory
+    group: "{{ etebase__group }}"
+    owner: "{{ etebase__user }}"
+    recurse: true
+    mode: 'u=rwX,g=rX,o=rX'
+  with_items:
+    - "{{ etebase__global_static_root }}"
+
+- name: "Set and cleanup file permissions again"
+  become: true
+  ansible.builtin.file:
+    path: "{{ item }}"
+    state: directory
+    group: "{{ etebase__group }}"
+    owner: "{{ etebase__user }}"
+    recurse: true
+    mode: 'u=rwX,g=rX,o='
+  with_items:
+    - "{{ etebase__global_media_root }}"
+    - "{{ etebase__secrets_dir }}"
+    - "{{ etebase__venv }}"
+    - "{{ etebase__user_home }}/etebase_{{ etebase_version_target }}"
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -24,3 +24,6 @@
 - name: Setup Systemd Service
  ansible.builtin.include_tasks: systemd.yml
  when: etebase__systemd_setup | bool
+
+- name: Cleanup file permissions
+  ansible.builtin.include_tasks: filepermissions.yml
--- a/tasks/migrate.yml
+++ b/tasks/migrate.yml
@ -10,7 +10,7 @@
 - name: Print output of python3 manage.py migrate
  ansible.builtin.debug:
    verbosity: 1
-    msg: "{{ _etebase_migrate.result }}"
+    msg: "{{ _etebase_migrate.stdout }}"

 - name: Create static files
  become: true
@ -23,7 +23,7 @@
 - name: Print output of python3 manage.py collectstatic
  ansible.builtin.debug:
    verbosity: 1
-    msg: "{{ _etebase_collectstatic.result }}"
+    msg: "{{ _etebase_collectstatic.stdout }}"

 - name: "Fix File Permissions for secret directory"
  become: true
@ -51,8 +51,5 @@

 - name: Print hint how to create admin User
  ansible.builtin.debug:
-    msg: |
-      To create a admin user, run
-      'cd {{ etebase__user_home }}/etebase_{{ etebase_version_target }};
-      {{ etebase__venv }}/bin/python3 ./manage.py createsuperuser'
-      as priviledged user.
+    # yamllint disable-line rule:line-length
+    msg: "To create a admin user, run 'cd {{ etebase__user_home }}/etebase_{{ etebase_version_target }}; {{ etebase__venv }}/bin/python3 ./manage.py createsuperuser' as priviledged user."