You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
75 lines
1.4 KiB
75 lines
1.4 KiB
- name: install login packages
|
|
apt:
|
|
name: "{{ item }}"
|
|
state: present
|
|
update_cache: yes
|
|
cache_valid_time: 3600
|
|
install_recommends: '{{ install_recommends | default("no") }}'
|
|
with_items:
|
|
- git
|
|
- python3
|
|
- python3-ldap3
|
|
- python3-flask
|
|
|
|
- name: clone login repository
|
|
git:
|
|
repo: http://projects.lilik.it/lilik/lilik_users3.git
|
|
dest: /srv/login
|
|
notify:
|
|
- restart login
|
|
|
|
- name: add login user
|
|
user:
|
|
name: login
|
|
system: yes
|
|
home: /srv/login
|
|
|
|
- name: slurp slap secret file
|
|
slurp:
|
|
src: /etc/slapd.secret
|
|
register: slapdsecret
|
|
failed_when: false
|
|
changed_when: false
|
|
delegate_to: ldap
|
|
|
|
- set_fact:
|
|
ldap_password: "{{ slapdsecret['content'] | b64decode }}"
|
|
|
|
- name: add login config
|
|
template:
|
|
src: config.py.j2
|
|
dest: /srv/login/config.py
|
|
mode: 440
|
|
owner: login
|
|
group: login
|
|
|
|
register: add_login_startup_script
|
|
notify:
|
|
- restart login
|
|
|
|
- name: add systemd service for api server
|
|
template:
|
|
src: login.service
|
|
dest: /etc/systemd/system/login.service
|
|
|
|
- name: create /var/log/login.log
|
|
file:
|
|
path: /var/log/login.log
|
|
owner: login
|
|
group: login
|
|
mode: 0664
|
|
state: file
|
|
|
|
- name: add nginx configurations
|
|
template:
|
|
src: login.conf
|
|
dest: "/etc/nginx/locations/{{ server_fqdn }}/login.conf"
|
|
notify:
|
|
- restart nginx
|
|
|
|
- name: reload systemd
|
|
systemd:
|
|
daemon_reload: yes
|
|
name: login
|
|
state: started
|
|
enabled: yes
|