tasks/kivitendo.yml

   1 ---
   2 - name: Install server specific packages
   3   apt:
   4     pkg:
   5     - apache2
   6     - git
   7     - libalgorithm-checkdigits-perl
   8     - libapache2-mod-fcgid
   9     - libarchive-zip-perl
  10     - libauthen-sasl-perl
  11     - libcam-pdf-perl
  12     - libcgi-pm-perl
  13     - libclone-perl
  14     - libconfig-std-perl
  15     - libcrypt-pbkdf2-perl
  16     - libcryptx-perl
  17     - libdaemon-generic-perl
  18     - libdatetime-event-cron-perl
  19     - libdatetime-perl
  20     - libdatetime-set-perl
  21     - libdbd-pg-perl
  22     - libdbi-perl
  23     - libemail-address-perl
  24     - libemail-mime-perl
  25     - libexception-class-perl
  26     - libfcgi-perl
  27     - libfile-copy-recursive-perl
  28     - libfile-flock-perl
  29     - libfile-mimeinfo-perl
  30     - libfile-slurp-perl
  31     - libgd-gd2-perl
  32     - libhtml-restrict-perl
  33     - libimage-info-perl
  34     - libimager-perl
  35     - libimager-qrcode-perl
  36     - libipc-run-perl
  37     - libjson-perl
  38     - liblist-moreutils-perl
  39     - liblist-utilsby-perl
  40     - libmath-round-perl
  41     - libnet-smtp-ssl-perl
  42     - libnet-sslglue-perl
  43     - libparams-validate-perl
  44     - libpbkdf2-tiny-perl
  45     - libpdf-api2-perl
  46     - libregexp-ipv6-perl
  47     - librest-client-perl
  48     - librose-db-object-perl
  49     - librose-db-perl
  50     - librose-object-perl
  51     - libset-infinite-perl
  52     - libsort-naturally-perl
  53     - libstring-shellquote-perl
  54     - libtemplate-perl
  55     - libtext-csv-xs-perl
  56     - libtext-iconv-perl
  57     - libtext-unidecode-perl
  58     - libtry-tiny-perl
  59     - liburi-perl
  60     - libwww-perl
  61     - libxml-libxml-perl
  62     - libxml-writer-perl
  63     - libyaml-perl
  64     - poppler-utils
  65     - postgresql
  66     - postgresql-contrib
  67     - python3-passlib
  68     - ssl-cert
  69     #- texlive-full
  70     - libmail-imapclient-perl
  71     - libencode-imaputf7-perl
  72     - libuuid-tiny-perl
  73
  74     - latexmk
  75     - texlive-binaries
  76     - texlive-fonts-recommended
  77     - texlive-lang-german
  78     - texlive-lang-greek
  79     - texlive-latex-extra
  80     - texlive-latex-recommended
  81     - texlive-luatex
  82     - texlive-plain-generic
  83
  84 - name: Clone repo
  85   ansible.builtin.git:
  86     dest:    /var/www/kivitendo-erp
  87     repo:    "{{ fsit_smgt_kivi_customer_repo }}"
  88     version: "{{ fsit_smgt_kivi_customer_version }}"
  89
  90 - name: Copy over Kivitendo.conf
  91   ansible.builtin.template:
  92     src: kivi_kivitendo.conf.j2
  93     dest: /var/www/kivitendo-erp/config/kivitendo.conf
  94     owner: www-data
  95     mode: 'u=rw,g=rw,o='
  96   notify: Restart apache
  97
  98 - name: Make webdav directory
  99   ansible.builtin.file:
 100     path: /var/www/kivitendo-erp/webdav
 101     state: directory
 102     mode:  'u=Xrw,g=Xrw,o='
 103
 104 - name: Make kivi_documents directory
 105   ansible.builtin.file:
 106     path: /var/www/kivitendo-erp/kivi_documents
 107     state: directory
 108     mode:  'u=Xrw,g=Xrw,o='
 109
 110 - name: Change permissions
 111   ansible.builtin.file:
 112     owner:   www-data
 113     path:    "/var/www/kivitendo-erp/{{ item }}"
 114     mode:    'u=Xrw,g=Xrw,o='
 115     recurse: true
 116   loop:
 117     - kivi_documents
 118     - users
 119     - spool
 120     - templates
 121     - webdav
 122
 123 # postrgesql for kivi
 124 - name: Remove existing rules to ensure correct ordering of the rules
 125   ansible.builtin.postgresql_pg_hba:
 126     dest:      /etc/postgresql/17/main/pg_hba.conf
 127     overwrite: true
 128     contype:   local
 129     users:     all
 130     databases: all
 131     method:    peer
 132
 133 - name: Allow access from localhost to Postgresql
 134   ansible.builtin.postgresql_pg_hba:
 135     dest:      /etc/postgresql/17/main/pg_hba.conf
 136     contype:   host
 137     users:     postgres
 138     databases: all
 139     address:   127.0.0.1/32
 140     method:    trust
 141   notify: Restart postgresql
 142
 143 # apache server for kivi
 144 - name: Activate apache fastcgi, headers and ssl modules
 145   community.general.apache2_module:
 146     state: present
 147     name: "{{ item }}"
 148   loop:
 149     - fcgid
 150     - headers
 151     - ssl
 152     - rewrite
 153     - socache_shmcb
 154   notify: Restart apache
 155
 156 - name: Copy over apacha ssl-conf
 157   ansible.builtin.copy:
 158     src: files/kivitendo/default-ssl.conf
 159     dest: /etc/apache2/sites-available/default-ssl.conf
 160     mode: '640'
 161   notify: Restart apache
 162
 163 - name: Disable 000-default.conf
 164   ansible.builtin.command: a2dissite 000-default.conf
 165   notify: Restart apache
 166
 167 - name: Enable SSL
 168   ansible.builtin.command: a2ensite default-ssl
 169   notify: Restart apache
 170
 171 # FIXME
 172 - name: Install kivitendo-task-server
 173   ansible.builtin.copy:
 174     src: files/kivitendo/kivitendo-task-server.service
 175     dest: /etc/systemd/system/kivitendo-task-server.service
 176     owner: root
 177     mode: 'u=rw,g=rw,o='
 178   notify: systemd_daemon_reload
 179
 180 # FIXME funktioniert so noch nicht
 181 #- name: Start kivitendo-task-server
 182 #  ansible.builtin.systemd:
 183 #    name: kivitendo-task-server
 184 #    state: started
 185 #    enabled: true
 186
 187 # Anleitung adaptiert
 188 # https://github.com/kivitendo/kivitendo-ansible/blob/master/main.yml
 189 #