1
0
Fork 0
mirror of https://github.com/roles-ansible/ansible_role_etebase.git synced 2024-08-16 10:19:52 +02:00

Merge pull request #2 from roles-ansible/docs

Adding docs and fixing result error
This commit is contained in:
L3D 2022-11-14 13:51:50 +01:00 committed by GitHub
commit 0fbb422f3d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 95 additions and 8 deletions

View file

@ -1,3 +1,5 @@
[![MIT License](https://raw.githubusercontent.com/roles-ansible/ansible_role_etebase/main/.github/license.svg)](https://github.com/roles-ansible/ansible_role_etebase/blob/main/LICENSE)
Ansible role EteBase - EteSync 2.0 Server Backend
===================================================
Ansible role to Setup and Confugure Etebase - The Backend from EteSync 2.0 -> https://github.com/etesync/server
@ -5,3 +7,61 @@ Ansible role to Setup and Confugure Etebase - The Backend from EteSync 2.0 -> ht
```
WORK IN PROGRESS!!!
```
Details
---------
This Ansible role installs and configures etebase, the backend of etesync. A piece of software to securely sync your contacts, calendars, tasks and notes!
In this Ansible role, a separate user is created for etebase. The latest release of etebase is downloaded to the home of this user. A configuration is created. The specified Python dependencies are installed in a venv. And optionally etebase can be started automatically via a systemd service and uvicorn.
What this Ansible role does not create are users in Etebase. And the configuration for the web server is not created either.
Default Variables
-----------
| variable | value | description |
| -------- | ----- | ----------- |
| etebase__user | 'etebase' | The Unix User for etebase |
| etebase__group | 'etebase' | The Unix Group for etebase |
| etebase__user_home | '/var/lib/etebase' | Etebase User Home |
| etebase__shell | '/bin/false' | Default Shell of Etebase User |
| etebase__venv | "{{ etebase__user_home }}/venv" | Etebase venv path |
| etebase__socket | '/tmp/etebase_server.sock' | Etebase Socket path *(only if ``etebase__systemd_setup`` is set to ``true``)* |
| etebase__package_state | 'present' | Set to ``latest`` to upgrade all etebase required system and pip packages to the latest version |
| etebase__version | 'latest' | Etebase Release Tag |
| etebase__secrets_dir | "{{ etebase__user_home }}/secrets" | Path to store etebase secrets |
| etebase__collectstatic | true | Generate static files for etebase |
| etebase__restart_webserver | false | Set to ``true`` to restart the webserver on config change *(etebase__systemd_setup needed)*|
| etebase__webserver_service | 'nginx.service' | Which systemd unit should be restartet for the webserver |
| etebase__systemd_setup | false | Set to ``true`` to start etebase as systemd unit with the systemd socket configured above |
| submodules_versioncheck | false | should we do a simple version check for this ansible role |
Options for etebase-server.ini
------------------------------
| variable | value | description |
| -------- | ----- | ----------- |
| etebase__global_secret_file | '{{ etebase__secrets_dir }}/secret.txt' | path of secret.txt
| etebase__global_debug | false | Set debug to true |
| etebase__global_static_root | "{{ etebase__user_home }}/static_root" | Path of static root |
| etebase__global_media_root: "{{ etebase__user_home }}/media_root"
| etebase__global_extra | '' | Variable for aditional parameter in the ``[global]`` section of the config file |
| etebase__allowed_hosts_allowed_host1 | '\*' | The allowed Host for this etebase server |
| etebase__allowed_hosts_extra | '' |Variable for aditional parameter in the ``[allowed_hosts]`` section of the config file |
| etebase__database_engine | 'django.db.backends.sqlite3' | Databse Engine |
| etebase__database_name | "{{ etebase__secrets_dir }}/etebase.db.sqlite3" | Path of the sqlite3 database |
| etebase__database_extra | '' | Variable for aditional parametet in the ``[database]`` section of the config file |
| etebase__database_options_extra | '' | Variable for aditional parameter in the ``[database_options]`` section of the config file |
| etebase__ldap_extra | '' | Variable for aditional parameter in the ``[ldap]`` section of the config file |
| etebase__config_extra | '' |Variable for aditional parameter at the end of the config file |
Additional Information
------------------------
You find more information about the webserver config at [github.com/etesync/server/wiki/Production-setup-using-Nginx](https://github.com/etesync/server/wiki/Production-setup-using-Nginx). Please remember the value you used for the ``etebase__socket`` variable, if you used this role to start the [unicorn](https://www.uvicorn.org/) ASGI server via systemd. For this you have to set ``etebase__systemd_setup`` to ``true``.
You have to create a admin User by yourself. To do this, log in manually as priviledged user, change to the ``etebase__user_home``. Enter the downloaded etebase code direcotory and run the 'python3 ./manage.py createsuperuser' command:
```bash
cd /var/lib/etebase/
ls etebase_*
cd etebase_v0.10.0 # example versiom
/var/lib/etebase/venv/bin/python3 ./manage.py createsuperuser
```

View file

@ -21,7 +21,7 @@
with_items:
- "{{ etebase__global_static_root }}"
- name: "Create mediac data directorys"
- name: "Create media data directorys"
become: true
ansible.builtin.file:
path: "{{ item }}"

27
tasks/filepermissions.yml Normal file
View file

@ -0,0 +1,27 @@
---
- name: "Make sure static data is set properly"
become: true
ansible.builtin.file:
path: "{{ item }}"
state: directory
group: "{{ etebase__group }}"
owner: "{{ etebase__user }}"
recurse: true
mode: 'u=rwX,g=rX,o=rX'
with_items:
- "{{ etebase__global_static_root }}"
- name: "Set and cleanup file permissions again"
become: true
ansible.builtin.file:
path: "{{ item }}"
state: directory
group: "{{ etebase__group }}"
owner: "{{ etebase__user }}"
recurse: true
mode: 'u=rwX,g=rX,o='
with_items:
- "{{ etebase__global_media_root }}"
- "{{ etebase__secrets_dir }}"
- "{{ etebase__venv }}"
- "{{ etebase__user_home }}/etebase_{{ etebase_version_target }}"

View file

@ -24,3 +24,6 @@
- name: Setup Systemd Service
ansible.builtin.include_tasks: systemd.yml
when: etebase__systemd_setup | bool
- name: Cleanup file permissions
ansible.builtin.include_tasks: filepermissions.yml

View file

@ -10,7 +10,7 @@
- name: Print output of python3 manage.py migrate
ansible.builtin.debug:
verbosity: 1
msg: "{{ _etebase_migrate.result }}"
msg: "{{ _etebase_migrate.stdout }}"
- name: Create static files
become: true
@ -23,7 +23,7 @@
- name: Print output of python3 manage.py collectstatic
ansible.builtin.debug:
verbosity: 1
msg: "{{ _etebase_collectstatic.result }}"
msg: "{{ _etebase_collectstatic.stdout }}"
- name: "Fix File Permissions for secret directory"
become: true
@ -51,8 +51,5 @@
- name: Print hint how to create admin User
ansible.builtin.debug:
msg: |
To create a admin user, run
'cd {{ etebase__user_home }}/etebase_{{ etebase_version_target }};
{{ etebase__venv }}/bin/python3 ./manage.py createsuperuser'
as priviledged user.
# yamllint disable-line rule:line-length
msg: "To create a admin user, run 'cd {{ etebase__user_home }}/etebase_{{ etebase_version_target }}; {{ etebase__venv }}/bin/python3 ./manage.py createsuperuser' as priviledged user."