[INFO] Créer le dépôt
This commit is contained in:
parent
d9b6bf9864
commit
bc3fdaefc5
45
README.md
45
README.md
@ -1,3 +1,44 @@
|
||||
# role_modele
|
||||
# role_radicale
|
||||
|
||||
Modèle
|
||||
Rôle de déploiement de radicale.
|
||||
|
||||
## Dépendance
|
||||
|
||||
Le rôle *users* est requis afin que l'utilisateur `radicale` exécutant le service soit créé.
|
||||
|
||||
## Variables
|
||||
|
||||
### radicale_root_path
|
||||
|
||||
Emplacement pour la configuration et les données.
|
||||
|
||||
*<span style="text-decoration: underline">Valeur par défaut:</span> `/srv/radicale`*
|
||||
|
||||
### radicale_auth_type
|
||||
|
||||
Type d'authentification à radicale.
|
||||
|
||||
*<span style="text-decoration: underline">Valeur par défaut:</span> aucune*
|
||||
|
||||
## Exemple d'utilisation
|
||||
|
||||
### inventory.yml
|
||||
|
||||
```yaml
|
||||
---
|
||||
|
||||
all:
|
||||
hosts:
|
||||
host1.ykn.local:
|
||||
```
|
||||
|
||||
### playbook.yml
|
||||
|
||||
```yaml
|
||||
---
|
||||
|
||||
- name: Déployer radicale
|
||||
hosts: host1.ykn.local
|
||||
roles:
|
||||
- name: radicale
|
||||
```
|
||||
|
6
defaults/main.yml
Normal file
6
defaults/main.yml
Normal file
@ -0,0 +1,6 @@
|
||||
---
|
||||
# defaults file for radicale
|
||||
|
||||
radicale_root_path: /srv/radicale
|
||||
|
||||
radicale_auth_type: ""
|
10
handlers/main.yml
Normal file
10
handlers/main.yml
Normal file
@ -0,0 +1,10 @@
|
||||
---
|
||||
# handlers file for dnsmasq
|
||||
|
||||
- name: Redémarrer radicale.service
|
||||
ansible.builtin.systemd:
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
enabled: true
|
||||
name: radicale.service
|
||||
become: true
|
@ -1,7 +1,7 @@
|
||||
galaxy_info:
|
||||
namespace: ykn
|
||||
author: pulsar89.5
|
||||
description: Rôle modèle
|
||||
description: Rôle de déploiement de radicale
|
||||
|
||||
license: GPL-3.0-or-later
|
||||
|
||||
@ -12,4 +12,12 @@ galaxy_info:
|
||||
versions:
|
||||
- all
|
||||
|
||||
dependencies: []
|
||||
dependencies:
|
||||
- role: users
|
||||
vars:
|
||||
users_role_radicale:
|
||||
- name: radicale
|
||||
comment: "Dedicated user for radicale"
|
||||
update_password: on_create
|
||||
password_lock: true
|
||||
shell: /sbin/nologin
|
||||
|
44
tasks/main.yml
Normal file
44
tasks/main.yml
Normal file
@ -0,0 +1,44 @@
|
||||
---
|
||||
# tasks file for radicale
|
||||
|
||||
- name: Installer les prérequis
|
||||
ansible.builtin.package:
|
||||
name: python3-pip
|
||||
state: latest
|
||||
become: true
|
||||
|
||||
- name: Installer le paquet via pip
|
||||
ansible.builtin.pip:
|
||||
name: radicale
|
||||
state: latest
|
||||
become: true
|
||||
notify: Redémarrer radicale.service
|
||||
|
||||
- name: Créer l'emplacement de stockage
|
||||
ansible.builtin.file:
|
||||
path: "{{ radicale_root_path }}"
|
||||
state: directory
|
||||
owner: radicale
|
||||
group: radicale
|
||||
mode: u=rwX,g=rX,o=
|
||||
become: true
|
||||
|
||||
- name: Déployer le service
|
||||
ansible.builtin.template:
|
||||
owner: root
|
||||
group: root
|
||||
mode: u=rw,g=r,o=r
|
||||
src: radicale.service.j2
|
||||
dest: /etc/systemd/system/radicale.service
|
||||
become: true
|
||||
notify: Redémarrer radicale.service
|
||||
|
||||
- name: Déployer la configuration
|
||||
ansible.builtin.template:
|
||||
owner: root
|
||||
group: radicale
|
||||
mode: u=rw,g=r,o=
|
||||
src: radicale.conf.j2
|
||||
dest: "{{ radicale_root_path }}/radicale.conf"
|
||||
become: true
|
||||
notify: Redémarrer radicale.service
|
22
templates/radicale.conf.j2
Normal file
22
templates/radicale.conf.j2
Normal file
@ -0,0 +1,22 @@
|
||||
# {{ ansible_managed }}
|
||||
|
||||
{% if radicale_auth_type | length > 0 %}
|
||||
[auth]
|
||||
type={{ radicale_auth_type }}
|
||||
{% endif %}
|
||||
|
||||
[encoding]
|
||||
request=utf-8
|
||||
stock=utf-8
|
||||
|
||||
[logging]
|
||||
level=debug
|
||||
|
||||
[rights]
|
||||
type=owner_only
|
||||
|
||||
[server]
|
||||
hosts=0.0.0.0:5232, [::]:5232
|
||||
|
||||
[storage]
|
||||
filesystem_folder={{ radicale_root_path }}
|
27
templates/radicale.service.j2
Normal file
27
templates/radicale.service.j2
Normal file
@ -0,0 +1,27 @@
|
||||
# {{ ansible_managed }}
|
||||
|
||||
[Unit]
|
||||
Description=A simple CalDAV (calendar) and CardDAV (contact) server
|
||||
After=network.target
|
||||
Requires=network.target
|
||||
|
||||
[Service]
|
||||
Environment="RADICALE_CONFIG={{ radicale_root_path }}/radicale.conf"
|
||||
ExecStart=/usr/bin/env python3 -m radicale
|
||||
Restart=on-failure
|
||||
User=radicale
|
||||
# Deny other users access to the calendar data
|
||||
UMask=0027
|
||||
# Optional security settings
|
||||
PrivateTmp=true
|
||||
ProtectSystem=strict
|
||||
ProtectHome=true
|
||||
PrivateDevices=true
|
||||
ProtectKernelTunables=true
|
||||
ProtectKernelModules=true
|
||||
ProtectControlGroups=true
|
||||
NoNewPrivileges=true
|
||||
ReadWritePaths={{ radicale_root_path }}
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
Loading…
Reference in New Issue
Block a user