diff --git a/.vagrant/bundler/global.sol b/.vagrant/bundler/global.sol new file mode 100644 index 0000000..ae7b58a --- /dev/null +++ b/.vagrant/bundler/global.sol @@ -0,0 +1 @@ +{"dependencies":[["log4r",[">= 0"]],["concurrent-ruby",["~> 1.0"]],["i18n",[">= 0"]],["micromachine",[">= 2","< 4"]],["vagrant-vbguest",["= 0.30.0"]]],"checksum":"ac193b2839b02154a27c9193edd954e989553da100475db696fcf64e20ad9f80","vagrant_version":"2.3.3"} \ No newline at end of file diff --git a/.vagrant/machines/movim/virtualbox/action_provision b/.vagrant/machines/movim/virtualbox/action_provision new file mode 100644 index 0000000..19dba3b --- /dev/null +++ b/.vagrant/machines/movim/virtualbox/action_provision @@ -0,0 +1 @@ +1.5:ec5793b0-ceb6-404e-ba41-b2b43e30fd6d \ No newline at end of file diff --git a/.vagrant/machines/movim/virtualbox/action_set_name b/.vagrant/machines/movim/virtualbox/action_set_name new file mode 100644 index 0000000..9d43439 --- /dev/null +++ b/.vagrant/machines/movim/virtualbox/action_set_name @@ -0,0 +1 @@ +1670096946 \ No newline at end of file diff --git a/.vagrant/machines/movim/virtualbox/box_meta b/.vagrant/machines/movim/virtualbox/box_meta new file mode 100644 index 0000000..ff22d6c --- /dev/null +++ b/.vagrant/machines/movim/virtualbox/box_meta @@ -0,0 +1 @@ +{"name":"generic/debian11","version":"3.5.0","provider":"virtualbox","directory":"boxes/generic-VAGRANTSLASH-debian11/3.5.0/virtualbox"} \ No newline at end of file diff --git a/.vagrant/machines/movim/virtualbox/creator_uid b/.vagrant/machines/movim/virtualbox/creator_uid new file mode 100644 index 0000000..e37d32a --- /dev/null +++ b/.vagrant/machines/movim/virtualbox/creator_uid @@ -0,0 +1 @@ +1000 \ No newline at end of file diff --git a/.vagrant/machines/movim/virtualbox/id b/.vagrant/machines/movim/virtualbox/id new file mode 100644 index 0000000..77af714 --- /dev/null +++ b/.vagrant/machines/movim/virtualbox/id @@ -0,0 +1 @@ +ec5793b0-ceb6-404e-ba41-b2b43e30fd6d \ No newline at end of file diff --git a/.vagrant/machines/movim/virtualbox/index_uuid b/.vagrant/machines/movim/virtualbox/index_uuid new file mode 100644 index 0000000..1448bbc --- /dev/null +++ b/.vagrant/machines/movim/virtualbox/index_uuid @@ -0,0 +1 @@ +53e603e8c70a43e1ae7098aa24d70574 \ No newline at end of file diff --git a/.vagrant/machines/movim/virtualbox/private_key b/.vagrant/machines/movim/virtualbox/private_key new file mode 100644 index 0000000..1822957 --- /dev/null +++ b/.vagrant/machines/movim/virtualbox/private_key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEArQw426dhZaPjlA8mab51eREE7DYyYDz+mqo2/6PFnFwn4BRr +MhXARLKaxTv1KFi3wFvzTrWDc8JmjWrUhxKySyz6UEBAEYwK/EyAqmNm2EaZpQFq +54y8qCWBdIvVticvaktaw6EKoZYqBnd/b44SG/002I4LtS/362IR8MbQ3g8yGZfj +cjbR9UVkXORfC8dgZlPn0Qoi1hwESa8urHTlA9oCmIH4oTMrgQQuv+wzT2vOSBZX +RV7hVpdarFlKOnrgivbAM1dRQQlVirAkKzFGsIX+qe5f599z3rTTVUxcRTNxVki9 +VDJREcCC7uX89xlSPA7PKTGYJuqSXQLlRfyu3QIDAQABAoIBAACYYAJSq6Seb244 +4/XUNJBkubK27g+joQRaOdifyLDNJnOlcNwbt1xFIaHIkbJN/RQ8JSc0atZwMxwa +XNx2f6HC4UPZgVuKuZ15foV8kRgmt0drBE3NYH4CGH29B0m8AHRUJKgK3jyLu6D0 +6F9bzgFMpAe8IY3cx7EoQk2/w9hCNeBk7vrNc5bqRgxerm0wA2C7koFxZIs1Pm2D +ru02V7wC8ZJZa7pZqjmgktIfVD4Tzl8oSYXBAKNgusZ4IhdFdXbttwVZujjceG7V +FuSNaj+36kMF3kBDu5wjmiOZDGIbZcsVFEJNsSvexyELGMBKT+Y/tyyHA89WCsuQ +masKJF0CgYEA6dCpxw7Z9AZIbhrRWcJVsngrRejiujcjvbkYFL3oxnKoHwE78gSS +WsCE4b9ZUCMNqrFJWux24Kpjje/194GrS0l8HQUci/k0ddqc/G24TaE46tluMiJ7 +IqFdmdDK2yOZ/EqwOly6z0zUKOuaPegrKrps18yWPkrkhyNKlji2wh8CgYEAvXeH +PQYq/ayO9vY7mPN4zrwB7cyJFwIxLE0Ky7C8p4TjlX70h550DQcyOZ+DtaTuRnoj +qK5C0/NFYL4bFMIMfa8xxiHYCStuRW7ec0d+R3KS+O2UyZ+D5kZsmxOBOiA8B0xa +cKkaQzUr46FA+1itBwLgfCLzybYOvauc98bHh4MCgYB7vc7cZmO63chfXRoGou6v +sSFVslarrprfwaGY+JjEzdFj90c+YmUCWnj48EfYPXTyLTlhQVv4srRVXfWSs7Fv ++sgQo6/j9FNrO/NxNLAhhX2V7NSA+/am8TeUPAffyguole6GNKU5KLPvpCDROpn9 +1wPbgY7SENi5HFhRAFrYiQKBgEMJS5xX1lYy+9J9hNC1NIVRGA2fVNIDQIrAJ5Wy +Ts2mwy9d3/8sHTuO1EJ3Ig7e8D+Xb457OcHsTRvRp5tMnUbK+f10dA+qgjWm6KY5 +IYD+FOpmhUJhYjXTrRGhcROz3AlpBobeDiDBa2n64BcOZQoaBntlkoRIGicZ1UwF +1QspAoGBANTVKzVTG/W48hzKOzOEJMmz/THS6h/yWc3tSC4FUmI3OIsS+dGMzW9A +zWngAFK8CIkd0H0tiIVz7JBDAzl4XLeDjTHjpvFDaqVt6ll7xTUpfvdiNabENj0H +k7u1LU6u427Oo4elQXynKn5+YkpWms3JH0rA7XeQOJfzFXSFrtcl +-----END RSA PRIVATE KEY----- diff --git a/.vagrant/machines/movim/virtualbox/synced_folders b/.vagrant/machines/movim/virtualbox/synced_folders new file mode 100644 index 0000000..9e26dfe --- /dev/null +++ b/.vagrant/machines/movim/virtualbox/synced_folders @@ -0,0 +1 @@ +{} \ No newline at end of file diff --git a/.vagrant/machines/movim/virtualbox/vagrant_cwd b/.vagrant/machines/movim/virtualbox/vagrant_cwd new file mode 100644 index 0000000..acb4ff5 --- /dev/null +++ b/.vagrant/machines/movim/virtualbox/vagrant_cwd @@ -0,0 +1 @@ +/home/muppeth/Projects/Ansible-roles/movim \ No newline at end of file diff --git a/.vagrant/rgloader/loader.rb b/.vagrant/rgloader/loader.rb new file mode 100644 index 0000000..c3c05b0 --- /dev/null +++ b/.vagrant/rgloader/loader.rb @@ -0,0 +1,9 @@ +# This file loads the proper rgloader/loader.rb file that comes packaged +# with Vagrant so that encoded files can properly run with Vagrant. + +if ENV["VAGRANT_INSTALLER_EMBEDDED_DIR"] + require File.expand_path( + "rgloader/loader", ENV["VAGRANT_INSTALLER_EMBEDDED_DIR"]) +else + raise "Encoded files can't be read outside of the Vagrant installer." +end diff --git a/Playbooks/movim.yml b/Playbooks/movim.yml new file mode 100644 index 0000000..0720f5d --- /dev/null +++ b/Playbooks/movim.yml @@ -0,0 +1,14 @@ +--- + +- hosts: movim + roles: + - postgresql + - nginx + - php-fpm + - movim + + vars_files: + - ../defaults/main.yml + vars: + ansible_python_interpreter: /usr/bin/python3 + diff --git a/Vagrantfile b/Vagrantfile new file mode 100644 index 0000000..36b19d0 --- /dev/null +++ b/Vagrantfile @@ -0,0 +1,20 @@ +# -*- mode: ruby -*- +# vi: set ft=ruby : + +# All Vagrant configuration is done below. The "2" in Vagrant.configure +# configures the configuration version (we support older styles for +# backwards compatibility). Please don't change it unless you know what +# you're doing. +Vagrant.configure("2") do |config| + #config.ssh.insert_key = false + config.vm.define "movim" do |movim| + movim.vm.box = "generic/debian11" + movim.vm.provider :libvirt do |libvirt| + libvirt.memory = 256 + end + movim.vm.network "forwarded_port", guest: 80, host: 8888, host_ip: "192.168.33.6" + movim.vm.network "forwarded_port", guest: 443, host: 4443, host_ip: "192.168.33.6" + movim.vm.network "private_network", ip: "192.168.33.6" + +end +end diff --git a/defaults/main.yml b/defaults/main.yml new file mode 100644 index 0000000..f757e9e --- /dev/null +++ b/defaults/main.yml @@ -0,0 +1,102 @@ +--- + +#PHP +php_version: '8.0' +php_etc_path: '/etc/php' +install_php: 'true' +pool_listen: '/var/run/php/php{{ php_version }}-fpm.sock' + +php_pkgs: + - php{{ php_version }}-fpm + - php{{ php_version }}-curl + - php{{ php_version }}-mbstring + - php{{ php_version }}-imagick + - php{{ php_version }}-gd + - php{{ php_version }}-pgsql + - php{{ php_version }}-xml + - composer + +#MOVIM +movim_release_dir_path: '/var/www/movim_releases' +movim_app_username: 'www-data' +movim_app_group: 'www-data' +movim_latest_path: '/var/www/movim_latest' +movim_version: '0.20' +movim_db_type: 'pgsql' +movim_web_name: 'localhost' +movim_web_port: '80' +movim_web_schema: 'http' +movim_web_port: '80' +movim_ws_listen: 'localhost' +movim_ws_schema: 'http' +movim_ws_port: '8080' + + +movim_db_user: 'movimadmin' +movim_db_passwd: 'changeme' +movim_db_host: 'localhost' +movim_db_port: '5432' +movim_db_name: 'movim' + +#nginx +nginx_default_vhost: 'movim' +nginx_default_vhost_ssl: 'movim' +nginx_www_dir: '/var/www/' +nginx_vhosts: + +- name: 'movim' + template: 'movim' + proto: '{{ movim_web_schema }}' + listen: '{{ movim_web_port }}' + root: 'movim_latest/public' + index: 'index.php' + upstream: '{{ movim_ws_listen }}' + upstream_port: '{{ movim_ws_port }}' + upstream_schema: '{{ movim_ws_schema }}' + use_access_log: 'true' + use_error_log: 'true' + nginx_error_log_level: 'warn' + fastcgi_pass: 'unix:{{ pool_listen }}' + upstream_params: + - 'fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;' + - 'fastcgi_index index.php;' + - 'include /etc/nginx/fastcgi_params;' + - 'fastcgi_pass unix:{{ pool_listen }};' + state: 'enable' + letsencrypt: 'false' + +#Postgres +postgresql_version: 13 +postgresql_listen_addresses: + - "127.0.0.1" + +postgresql_pg_hba_default: + - { type: local, database: all, user: '{{ postgresql_admin_user }}', address: '', method: '{{ postgresql_default_auth_method }}', comment: '' } + - { type: local, database: all, user: all, address: '', method: '{{ postgresql_default_auth_method }}', comment: '"local" is for Unix domain socket connections only' } + - { type: host, database: all, user: all, address: '127.0.0.1/32', method: '{{ postgresql_default_auth_method_hosts }}', comment: 'IPv4 local connections:' } + +postgresql_databases: + - name: '{{ movim_db_name }}' + owner: '{{ movim_db_user }}' # optional; specify the owner of the database + uuid_ossp: yes + +postgresql_database_extensions: + - db: '{{ movim_db_name }}' + extensions: + - citext + - pg_trgm + # hstore: no # flag to install the hstore extension on this database (yes/no) + #uuid_ossp: yes # flag to install the uuid-ossp extension on this database (yes/no) + #citext: yes # flag to install the citext extension on this database (yes/no) + +postgresql_users: + - name: '{{ movim_db_user }}' + pass: '{{ movim_db_passwd }}' + encrypted: yes # denotes if the password is already encrypted. + +postgresql_user_privileges: + - name: '{{ movim_db_user }}' # user name + db: '{{ movim_db_name }}' # database + priv: "ALL" # privilege string format: example: INSERT,UPDATE/table:SELECT/anothertable:ALL + role_attr_flags: "" # role attribute flags + diff --git a/handlers/main.yml b/handlers/main.yml new file mode 100644 index 0000000..8cb4df4 --- /dev/null +++ b/handlers/main.yml @@ -0,0 +1,7 @@ + +--- + +- name: restart movim + systemd: + name: movim + state: restarted diff --git a/tasks/configure.yml b/tasks/configure.yml new file mode 100644 index 0000000..da6c3e3 --- /dev/null +++ b/tasks/configure.yml @@ -0,0 +1,17 @@ + +--- + +- name: '[CONFIGURE] - Deploy db config file' + template: + src: 'db.inc.php.j2' + dest: "{{ movim_latest_path }}/config/db.inc.php" + mode: 0644 + owner: "{{ movim_app_username }}" + group: "{{ movim_app_group }}" + +- name: '[CONFIGURE] - run db migration' + shell: + cmd: "composer movim:migrate" + chdir: "{{ movim_latest_path }}" + become: yes + become_user: '{{ movim_app_username }}' diff --git a/tasks/install.yml b/tasks/install.yml new file mode 100644 index 0000000..53729b9 --- /dev/null +++ b/tasks/install.yml @@ -0,0 +1,30 @@ +--- + +- name: '[INSTALL APP] - Get movim release' + file: + path: "{{ movim_release_dir_path }}" + state: directory + + +- name: "[INSTALL] - Download movim release" + unarchive: + src: "https://github.com/movim/movim/archive/refs/tags/v{{ movim_version }}.zip" + dest: "{{ movim_release_dir_path }}" + owner: '{{ movim_app_username }}' + group: '{{ movim_app_group }}' + remote_src: yes + +- name: "[INSTALL] - Link to current release" + file: + src: "{{ movim_release_dir_path }}/movim-{{ movim_version }}/" + dest: "{{ movim_latest_path }}" + state: link + mode: 0750 + +- name: "[INSTALL] - Install / Update dependecies with Composer" + shell: + cmd: "composer install" + chdir: "{{ movim_latest_path }}" + become: yes + become_user: '{{ movim_app_username }}' + diff --git a/tasks/main.yml b/tasks/main.yml new file mode 100644 index 0000000..6170214 --- /dev/null +++ b/tasks/main.yml @@ -0,0 +1,6 @@ +--- + + +- include: 'install.yml' +- include: 'configure.yml' +- include: 'systemd.yml' diff --git a/tasks/systemd.yml b/tasks/systemd.yml new file mode 100644 index 0000000..7225d74 --- /dev/null +++ b/tasks/systemd.yml @@ -0,0 +1,20 @@ + +--- + +- name: '[SYSTEMD] - Deploy Systemd config' + template: + src: etc/systemd/system/movim.service.j2 + dest: /etc/systemd/system/movim.service + owner: root + group: root + mode: 0644 + register: movim_systemd + +- name: '[SYSTEMD] - Enable systemd' + systemd: + name: movim + enabled: yes + state: started + daemon_reload: yes + notify: + restart movim diff --git a/templates/db.inc.php.j2 b/templates/db.inc.php.j2 new file mode 100644 index 0000000..cd0930b --- /dev/null +++ b/templates/db.inc.php.j2 @@ -0,0 +1,18 @@ + '{{ movim_db_type }}', + # The database username + 'username' => '{{ movim_db_user }}', + # The password + 'password' => '{{ movim_db_passwd }}', + # Where can we find the database ? + 'host' => '{{ movim_db_host }}', + # The port number, 3306 for MySQL and 5432 for PostgreSQL + 'port' => {{ movim_db_port }}, + # The database name + 'database' => '{{ movim_db_name }}' +]; + diff --git a/templates/etc/systemd/system/movim.service.j2 b/templates/etc/systemd/system/movim.service.j2 new file mode 100644 index 0000000..e0e5fe6 --- /dev/null +++ b/templates/etc/systemd/system/movim.service.j2 @@ -0,0 +1,20 @@ +[Unit] +Description=Movim daemon +After=network.target local-fs.target + +[Service] +User={{ movim_app_username }} +Type=simple +Environment=PUBLIC_URL={{ movim_web_schema }}://{{ movim_web_name }}:{{ movim_web_port }} +Environment=WS_PORT={{ movim_web_port }} +EnvironmentFile=-/etc/default/movim +ExecStart=/usr/bin/php daemon.php start --url={{ movim_ws_listen }} --port={{ movim_ws_port }} +WorkingDirectory={{ movim_latest_path }} +StandardOutput=syslog +SyslogIdentifier=movim +PIDFile=/run/movim.pid +Restart=on-failure +RestartSec=10 + +[Install] +WantedBy=multi-user.target