From ffb55f31f1b4f37c92750823fb57881b2a824038 Mon Sep 17 00:00:00 2001 From: muppeth Date: Tue, 18 Oct 2022 13:30:40 +0200 Subject: [PATCH 1/3] updated role to account for changes in frontend --- defaults/main.yml | 29 ++++++++++--------- tasks/git.yml | 2 +- tasks/install.yml | 22 ++++++++++++++ tasks/main.yml | 6 ++-- tasks/user.yml | 2 +- tasks/webgate.yml | 38 +++++++++++++++++++++++++ templates/etc/gpg-mailgate.conf.j2 | 10 +++---- templates/{ => lacre-web}/config.php.j2 | 20 ++++++------- 8 files changed, 95 insertions(+), 34 deletions(-) create mode 100644 tasks/webgate.yml rename templates/{ => lacre-web}/config.php.j2 (87%) diff --git a/defaults/main.yml b/defaults/main.yml index c470180..190c49e 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,11 +1,11 @@ --- lacre_pything_version: '3.9' lacre_repo: 'https://git.disroot.org/Disroot/gpg-lacre.git' -lacre_version: 'php_update' +lacre_version: 'main' lacre_app_dir: '/opt/gpg-lacre' lacre_username: 'lacre' lacre_group: 'lacre' -lacre_homedir: '/var/gpgmailgate/' +lacre_homedir: '/var/lib/gpg-lacre' #lacre_ lacre_apt: - 'python3-m2crypto' @@ -24,21 +24,21 @@ lacre_dec_regex: 'None' lacre_keyhome: '{{ lacre_homedir }}/.gnupg' lacre_cert_path: '{{ lacre_homedir }}/smime' lacre_register_email: 'register@example.org' -lacre_mail_templates: '{{ lacre_homedir }}/register_templates' +lacre_mail_templates: '{{ lacre_app_dir }}/register_templates' lacre_webpanel_url: 'http://example.org' lacre_notification_email: 'gpg-mailgate@example.org' -lacre_mail_templates: '{{ lacre_homedir }}/cron_templates' +lacre_mail_templates: '{{ lacre_app_dir }}/cron_templates' lacre_logfile: '/etc/gpg-lacre-logging.conf' lacre_relay: '127.0.0.1' lacre_port: '10028' lacre_enc_port: '25' lacre_starttls: 'no' -lacre_db_enabled: 'yes' -lacre_db_backend: 'mysql' -lacre_db_name: 'gpgmw' -lacre_db_host: 'localhost' -lacre_db_username: 'user' -lacre_db_password: 'password' +lacre_webgate_db_enabled: 'yes' +lacre_webgate_db_backend: 'mysql' +lacre_webgate_db_name: 'gpgmw' +lacre_webgate_db_host: 'localhost' +lacre_webgatedb_username: 'user' +lacre_webgatedb_password: 'password' #lacre logger lacre_log_loggers_keys: 'root' @@ -57,18 +57,19 @@ lacre_log_postfix_datefmt: '%b %e %H:%M:%S' lacre_log_postfix_style: '%' lacre_log_postfix_validate: 'True' #lacre webgate -lacre_smtp_enabled: 'false' lacre_smtp_username: 'no-reply' lacre_smtp_password: 'chanfeme' lacre_smtp_host: 'example.lan' lacre_smtp_port: '587' lacre_smtp_starttls: 'true' -lacre_cron: 'true' +lacre_webgate_cron: 'true' lacre_webgate_deploy: 'true' lacre_webgate_apt: - 'python3-markdown' - 'python3-mysqldb' -lacre_webgate_webroot: '/var/www/' +lacre_webgate_repo: 'https://git.disroot.org/Lacre/lacre-webgate.git' +lacre_webgate_version: 'main' +lacre_webgate_dir: '/var/www/lacre-web' lacre_webgate_user: 'www-data' lacre_webgate_group: 'www-data' lacre_webgate_email_web: 'admin@example.com' @@ -78,7 +79,7 @@ lacre_webgate_site_url: 'http://example.com/gpgmw' lacre_webgate_site_title: 'PGP key management' lacre_webgate_language: 'english' lacre_webgate_debug: 'enable' -lacre_webgate_mail_smtp: 'false' +lacre_mail_smtp: 'false' lacre_webgate_smtp_host: 'localhost' lacre_webgate_smtp_port: '25' lacre_webgate_smtp_username: 'gpgmw' diff --git a/tasks/git.yml b/tasks/git.yml index 2fa5ef1..42bcfc7 100644 --- a/tasks/git.yml +++ b/tasks/git.yml @@ -1,6 +1,6 @@ --- -- name: '[GIT] - Clone lacre to /opt' +- name: '[GIT] - Clone lacre to app dir' git: repo: '{{ lacre_repo }}' dest: '{{ lacre_app_dir }}' diff --git a/tasks/install.yml b/tasks/install.yml index c05f87d..b4e1535 100644 --- a/tasks/install.yml +++ b/tasks/install.yml @@ -40,3 +40,25 @@ src: '{{ lacre_app_dir }}/lacre' dest: '/usr/local/lib/python{{ lacre_pything_version }}/dist-packages/lacre' state: link + +- name: '[INSTALL] - Set cron file permission' + file: + path: '{{ lacre_app_dir }}/webgate-cron.py' + state: 'file' + mode: 'a+x' + owner: '{{ lacre_username }}' + group: '{{ lacre_group }}' + when: lacre_webgate_cron == 'true' + +- name: '[INSTALL] - Set cron' + cron: + name: "Lacre-webgate cronjob" + state: present + minute: "*/3" + hour: "*" + day: "*" + month: "*" + weekday: "*" + user: "{{ lacre_username }}" + job: '{{ lacre_app_dir }}/webgate-cron.py > /dev/null' + when: lacre_webgate_cron == 'true' diff --git a/tasks/main.yml b/tasks/main.yml index e1308f6..75cd5bc 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -15,8 +15,8 @@ - 'config' - 'configure' -- name: 'Deploy frontend' - include: frontend.yml +- name: 'Deploy Lacre Webgate' + include: webgate.yml tags: - - 'frontend' + - 'webgate' diff --git a/tasks/user.yml b/tasks/user.yml index e9f2726..6097f5f 100644 --- a/tasks/user.yml +++ b/tasks/user.yml @@ -12,7 +12,7 @@ group: '{{ lacre_group }}' state: present -- name: '[USER] - Change ownership to etherpad user' +- name: '[USER] - Change ownership of the app dir' file: path: '{{ lacre_app_dir }}' owner: '{{ lacre_username }}' diff --git a/tasks/webgate.yml b/tasks/webgate.yml new file mode 100644 index 0000000..425c9e1 --- /dev/null +++ b/tasks/webgate.yml @@ -0,0 +1,38 @@ +--- + +- name: '[Lacre-webgate] - Install dependencies' + apt: + name: "{{ lacre_webgate_apt }}" + +- name: '[Lacre-webgate] - clone repository' + git: + repo: '{{ lacre_webgate_repo }}' + dest: '{{ lacre_webgate_dir }}' + force: 'yes' + version: '{{ lacre_webgate_version }}' + become: 'yes' + become_user: '{{ lacre_webgate_user }}' + +- name: '[Lacre-webgate] - Check if db schema is loaded' + shell: + cmd: mysql -h {{ lacre_webgate_db_host }} -u {{ lacre_webgate_db_username }} -p{{ lacre_webgate_db_password }} {{ lacre_webgate_db_name }} -se "SELECT EXISTS (SELECT TABLE_NAME FROM information_schema.TABLES WHERE TABLE_SCHEMA LIKE '{{ lacre_webgate_db_name }}' AND TABLE_TYPE LIKE 'BASE TABLE' AND TABLE_NAME = 'gpgmw_keys' );" + register: lacre_webgate_installed + ignore_errors: true + +- name: '[Lacre-webgate] - Import sql schema' + mysql_db: + state: import + name: "{{ lacre_webgate_db_name }}" + login_host: "{{ lacre_webgate_db_host }}" + login_user: "{{ lacre_webgate_db_username }}" + login_password: "{{ lacre_webgategate_db_password }}" + target: "{{ lacre_webgategate_dir }}/schema.sql" + when: lacre_webgate_installed.stdout != '1' + +- name: '[Lacre-webgate] - Deploy config' + template: + src: 'lacre-web/config.php.j2' + dest: "{{ lacre_webgate_dir }}/public_html/config.php" + owner: "{{ lacre_webgate_user }}" + group: "{{ lacre_webgate_group }}" + diff --git a/templates/etc/gpg-mailgate.conf.j2 b/templates/etc/gpg-mailgate.conf.j2 index 00c0fd1..1e761b6 100644 --- a/templates/etc/gpg-mailgate.conf.j2 +++ b/templates/etc/gpg-mailgate.conf.j2 @@ -94,12 +94,12 @@ port = {{ lacre_smtp_port }} starttls = {{ lacre_smtp_starttls }} [database] -enabled = {{ lacre_db_enabled }} -{% if lacre_db_backend == 'sqlite' %} -url = sqlite://{{ lacre_db_name }} +enabled = {{ lacre_webgate_db_enabled }} +{% if lacre_webgate_db_backend == 'sqlite' %} +url = sqlite://{{ lacre_webgate_db_name }} {% endif %} -{% if lacre_db_backend == 'mysql' %} -url = mysql://{{ lacre_db_username }}:{{ lacre_db_password }}@{{ lacre_db_host }}/{{ lacre_db_name }} +{% if lacre_webgate_db_backend == 'mysql' %} +url = mysql://{{ lacre_webgate_db_username }}:{{ lacre_webgate_db_password }}@{{ lacre_webgate_db_host }}/{{ lacre_webgate_db_name }} {% endif %} [enc_keymap] diff --git a/templates/config.php.j2 b/templates/lacre-web/config.php.j2 similarity index 87% rename from templates/config.php.j2 rename to templates/lacre-web/config.php.j2 index ca35011..e06180c 100644 --- a/templates/config.php.j2 +++ b/templates/lacre-web/config.php.j2 @@ -45,37 +45,37 @@ $config['site_title'] = '{{ lacre_webgate_site_title }}'; $config['language'] = '{{ lacre_webgate_language }}'; //whether debug mode should be enabled -$config['debug'] = {{ lacre_webgate_debug }}; +$config['debug'] = '{{ lacre_webgate_debug }}'; // // MAIL SETTINGS // //whether to send mail through SMTP (instead of PHP mail function) -$config['mail_smtp'] = {{ lacre_webgate_mail_smtp }}; +$config['mail_smtp'] = {{ lacre_mail_smtp }}; //SMTP settings, if mail_smtp is enabled //this requires Net_SMTP from http://pear.php.net/package/Net_SMTP/ to be installed -$config['mail_smtp_host'] = '{{ lacre_webgate_smtp_host }}'; -$config['mail_smtp_port'] = {{ lacre_webgate_smtp_port }}; -$config['mail_smtp_username'] = '{{ lacre_webgate_smtp_username }}'; -$config['mail_smtp_password'] = '{{ lacre_webgate_smtp_password }}'; +$config['mail_smtp_host'] = '{{ lacre_smtp_host }}'; +$config['mail_smtp_port'] = {{ lacre_smtp_port }}; +$config['mail_smtp_username'] = '{{ lacre_smtp_username }}'; +$config['mail_smtp_password'] = '{{ lacre_smtp_password }}'; // // DATABASE SETTINGS // //database name (MySQL only); or see include/dbconnect.php -$config['db_name'] = '{{ lacre_db_name }}'; +$config['db_name'] = '{{ lacre_webgate_db_name }}'; //database host -$config['db_host'] = '{{ lacre_db_host }}'; +$config['db_host'] = '{{ lacre_webgate_db_host }}'; //database username -$config['db_username'] = '{{ lacre_db_username }}'; +$config['db_username'] = '{{ lacre_webgate_db_username }}'; //database password -$config['db_password'] = '{{ lacre_db_password }}'; +$config['db_password'] = '{{ lacre_webgate_db_password }}'; // // PGP VERIFICATION SETTINGS -- 2.30.2 From 7e223dd05a1f29621aae68a0728686d56570119f Mon Sep 17 00:00:00 2001 From: muppeth Date: Wed, 19 Oct 2022 10:23:47 +0200 Subject: [PATCH 2/3] fixed typo --- tasks/webgate.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tasks/webgate.yml b/tasks/webgate.yml index 425c9e1..60097d1 100644 --- a/tasks/webgate.yml +++ b/tasks/webgate.yml @@ -25,8 +25,8 @@ name: "{{ lacre_webgate_db_name }}" login_host: "{{ lacre_webgate_db_host }}" login_user: "{{ lacre_webgate_db_username }}" - login_password: "{{ lacre_webgategate_db_password }}" - target: "{{ lacre_webgategate_dir }}/schema.sql" + login_password: "{{ lacre_webgate_db_password }}" + target: "{{ lacre_webgate_dir }}/schema.sql" when: lacre_webgate_installed.stdout != '1' - name: '[Lacre-webgate] - Deploy config' -- 2.30.2 From 493f92a21098b3cd588c52f13acc3209aa800961 Mon Sep 17 00:00:00 2001 From: muppeth Date: Fri, 21 Oct 2022 22:56:51 +0200 Subject: [PATCH 3/3] added option to deploy only frontend or backend --- defaults/main.yml | 2 ++ tasks/frontend.yml | 73 ---------------------------------------------- tasks/main.yml | 12 ++++++++ tasks/webgate.yml | 2 +- 4 files changed, 15 insertions(+), 74 deletions(-) delete mode 100644 tasks/frontend.yml diff --git a/defaults/main.yml b/defaults/main.yml index 190c49e..3ec9758 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -6,6 +6,8 @@ lacre_app_dir: '/opt/gpg-lacre' lacre_username: 'lacre' lacre_group: 'lacre' lacre_homedir: '/var/lib/gpg-lacre' +lacre_backend_deploy: 'true' +lacre_webgate_deploy: 'true' #lacre_ lacre_apt: - 'python3-m2crypto' diff --git a/tasks/frontend.yml b/tasks/frontend.yml deleted file mode 100644 index e1b540b..0000000 --- a/tasks/frontend.yml +++ /dev/null @@ -1,73 +0,0 @@ ---- - -- name: '[Webgate] - Install dependencies' - apt: - name: "{{ lacre_webgate_apt }}" - -- name: '[Webgate] - Copy files to webdir' - copy: - remote_src: true - src: "{{ lacre_app_dir }}/gpg-mailgate-web/public_html" - dest: "{{ lacre_webgate_webroot }}/gpg-mailgate-web" - owner: "{{ lacre_webgate_user }}" - group: "{{ lacre_webgate_group }}" - -- name: '[Webgate] - Check if db schema is loaded' - shell: - cmd: mysql -h {{ lacre_db_host }} -u {{ lacre_db_username }} -p{{ lacre_db_password }} {{ lacre_db_name }} -se "SELECT EXISTS (SELECT TABLE_NAME FROM information_schema.TABLES WHERE TABLE_SCHEMA LIKE '{{ lacre_db_name }}' AND TABLE_TYPE LIKE 'BASE TABLE' AND TABLE_NAME = 'gpgmw_keys' );" - register: webgate_installed - ignore_errors: true - -- name: '[Webgate] - Import sql schema' - mysql_db: - state: import - name: "{{ lacre_db_name }}" - login_host: "{{ lacre_db_host }}" - login_user: "{{ lacre_db_username }}" - login_password: "{{ lacre_db_password }}" - target: "{{ lacre_app_dir }}/gpg-mailgate-web/schema.sql" - when: webgate_installed.stdout != '1' - -- name: 'Webgate] - Deploy config' - template: - src: 'config.php.j2' - dest: "{{ lacre_webgate_webroot }}/gpg-mailgate-web/public_html/config.php" - owner: "{{ lacre_webgate_user }}" - group: "{{ lacre_webgate_group }}" - -- name: '[Webgate] - Create email template dir' - file: - path: "{{ lacre_homedir }}/cron-templates" - state: directory - owner: "{{ lacre_username }}" - group: "{{ lacre_group }}" - -- name: '[Webgate] - Copy templates to template dir' - copy: - remote_src: true - src: "{{ lacre_app_dir }}/cron_templates" - dest: "{{ lacre_homedir }}/cron-templates" - owner: "{{ lacre_username }}" - group: "{{ lacre_group }}" - -- name: '[Webgate] - Deploy cron.py' - copy: - remote_src: true - src: "{{ lacre_app_dir }}/gpg-mailgate-web/cron.py" - dest: '/usr/local/bin/gpgmw-cron.py' - owner: "{{ lacre_username }}" - group: "{{ lacre_group }}" - mode: a+x - -- name: '[Webgate] - Set cron' - cron: - name: "Webgate cronjob" - state: present - minute: "*/3" - hour: "*" - day: "*" - month: "*" - weekday: "*" - user: "{{ lacre_username }}" - job: '/usr/local/bin/gpgmw-cron.py > /dev/null' - when: lacre_cron == 'true' diff --git a/tasks/main.yml b/tasks/main.yml index 75cd5bc..c4e86d2 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -2,21 +2,33 @@ - name: 'Clone / Update repository' include: git.yml + tags: + - 'backend' + when: lacre_backend_deploy == 'true' - name: 'Create user' include: user.yml + tags: + - 'backend' + when: lacre_backend_deploy == 'true' - name: 'Install Lacre' include: install.yml + tags: + - 'backend' + when: lacre_backend_deploy == 'true' - name: 'Configure Lacre' include: configure.yml tags: - 'config' - 'configure' + - 'backend' + when: lacre_backend_deploy == 'true' - name: 'Deploy Lacre Webgate' include: webgate.yml tags: - 'webgate' + when: lacre_webgate_deploy == 'true' diff --git a/tasks/webgate.yml b/tasks/webgate.yml index 60097d1..53d89bd 100644 --- a/tasks/webgate.yml +++ b/tasks/webgate.yml @@ -27,7 +27,7 @@ login_user: "{{ lacre_webgate_db_username }}" login_password: "{{ lacre_webgate_db_password }}" target: "{{ lacre_webgate_dir }}/schema.sql" - when: lacre_webgate_installed.stdout != '1' + when: lacre_webgate_installed.stdout != '3' - name: '[Lacre-webgate] - Deploy config' template: -- 2.30.2