--- - name: Install server specific packages apt: pkg: - apache2 - git - libalgorithm-checkdigits-perl - libapache2-mod-fcgid - libarchive-zip-perl - libauthen-sasl-perl - libcam-pdf-perl - libcgi-pm-perl - libclone-perl - libconfig-std-perl - libcrypt-pbkdf2-perl - libcryptx-perl - libdaemon-generic-perl - libdatetime-event-cron-perl - libdatetime-perl - libdatetime-set-perl - libdbd-pg-perl - libdbi-perl - libemail-address-perl - libemail-mime-perl - libexception-class-perl - libfcgi-perl - libfile-copy-recursive-perl - libfile-flock-perl - libfile-mimeinfo-perl - libfile-slurp-perl - libgd-gd2-perl - libhtml-restrict-perl - libimage-info-perl - libimager-perl - libimager-qrcode-perl - libipc-run-perl - libjson-perl - liblist-moreutils-perl - liblist-utilsby-perl - libmath-round-perl - libnet-smtp-ssl-perl - libnet-sslglue-perl - libparams-validate-perl - libpbkdf2-tiny-perl - libpdf-api2-perl - libregexp-ipv6-perl - librest-client-perl - librose-db-object-perl - librose-db-perl - librose-object-perl - libset-infinite-perl - libsort-naturally-perl - libstring-shellquote-perl - libtemplate-perl - libtext-csv-xs-perl - libtext-iconv-perl - libtext-unidecode-perl - libtry-tiny-perl - liburi-perl - libwww-perl - libxml-libxml-perl - libxml-writer-perl - libyaml-perl - poppler-utils - postgresql - postgresql-contrib - python3-passlib - ssl-cert #- texlive-full - libmail-imapclient-perl - libencode-imaputf7-perl - libuuid-tiny-perl - latexmk - texlive-binaries - texlive-fonts-recommended - texlive-lang-german - texlive-lang-greek - texlive-latex-extra - texlive-latex-recommended - texlive-luatex - texlive-plain-generic - name: Clone repo ansible.builtin.git: dest: /var/www/kivitendo-erp repo: "{{ fsit_smgt_kivi_customer_repo }}" version: "{{ fsit_smgt_kivi_customer_version }}" - name: Copy over Kivitendo.conf ansible.builtin.template: src: kivi_kivitendo.conf.j2 dest: /var/www/kivitendo-erp/config/kivitendo.conf owner: www-data mode: 'u=rw,g=rw,o=' notify: Restart apache - name: Make webdav directory ansible.builtin.file: path: /var/www/kivitendo-erp/webdav state: directory mode: 'u=Xrw,g=Xrw,o=' - name: Make kivi_documents directory ansible.builtin.file: path: /var/www/kivitendo-erp/kivi_documents state: directory mode: 'u=Xrw,g=Xrw,o=' - name: Change permissions ansible.builtin.file: owner: www-data path: "/var/www/kivitendo-erp/{{ item }}" mode: 'u=Xrw,g=Xrw,o=' recurse: true loop: - kivi_documents - users - spool - templates - webdav # postrgesql for kivi - name: Remove existing rules to ensure correct ordering of the rules ansible.builtin.postgresql_pg_hba: dest: /etc/postgresql/17/main/pg_hba.conf overwrite: true contype: local users: all databases: all method: peer - name: Allow access from localhost to Postgresql ansible.builtin.postgresql_pg_hba: dest: /etc/postgresql/17/main/pg_hba.conf contype: host users: postgres databases: all address: 127.0.0.1/32 method: trust notify: Restart postgresql # apache server for kivi - name: Activate apache fastcgi, headers and ssl modules community.general.apache2_module: state: present name: "{{ item }}" loop: - fcgid - headers - ssl - rewrite - socache_shmcb notify: Restart apache - name: Copy over apacha ssl-conf ansible.builtin.copy: src: files/kivitendo/default-ssl.conf dest: /etc/apache2/sites-available/default-ssl.conf mode: '640' notify: Restart apache - name: Disable 000-default.conf ansible.builtin.command: a2dissite 000-default.conf notify: Restart apache - name: Enable SSL ansible.builtin.command: a2ensite default-ssl notify: Restart apache # FIXME - name: Install kivitendo-task-server ansible.builtin.copy: src: files/kivitendo/kivitendo-task-server.service dest: /etc/systemd/system/kivitendo-task-server.service owner: root mode: 'u=rw,g=rw,o=' notify: systemd_daemon_reload # FIXME funktioniert so noch nicht #- name: Start kivitendo-task-server # ansible.builtin.systemd: # name: kivitendo-task-server # state: started # enabled: true # Anleitung adaptiert # https://github.com/kivitendo/kivitendo-ansible/blob/master/main.yml #