X-Git-Url: https://freie-schul-it.de/gitweb/fsit_smgt.git/blobdiff_plain/3952ee067ff10b625837064e2f87edc92d7a8665..HEAD:/tasks/kivitendo.yml

diff --git a/tasks/kivitendo.yml b/tasks/kivitendo.yml
index c8c0bf1..5c43226 100644
--- a/tasks/kivitendo.yml
+++ b/tasks/kivitendo.yml
@@ -4,6 +4,186 @@
     pkg:
     - apache2
     - git
-# erweitern mit  
+    - libalgorithm-checkdigits-perl
+    - libapache2-mod-fcgid
+    - libarchive-zip-perl
+    - libauthen-sasl-perl
+    - libcam-pdf-perl
+    - libcgi-pm-perl
+    - libclone-perl
+    - libconfig-std-perl
+    - libcrypt-pbkdf2-perl
+    - libcryptx-perl
+    - libdaemon-generic-perl
+    - libdatetime-event-cron-perl
+    - libdatetime-perl
+    - libdatetime-set-perl
+    - libdbd-pg-perl
+    - libdbi-perl
+    - libemail-address-perl
+    - libemail-mime-perl
+    - libexception-class-perl
+    - libfcgi-perl
+    - libfile-copy-recursive-perl
+    - libfile-flock-perl
+    - libfile-mimeinfo-perl
+    - libfile-slurp-perl
+    - libgd-gd2-perl
+    - libhtml-restrict-perl
+    - libimage-info-perl
+    - libimager-perl
+    - libimager-qrcode-perl
+    - libipc-run-perl
+    - libjson-perl
+    - liblist-moreutils-perl
+    - liblist-utilsby-perl
+    - libmath-round-perl
+    - libnet-smtp-ssl-perl
+    - libnet-sslglue-perl
+    - libparams-validate-perl
+    - libpbkdf2-tiny-perl
+    - libpdf-api2-perl
+    - libregexp-ipv6-perl
+    - librest-client-perl
+    - librose-db-object-perl
+    - librose-db-perl
+    - librose-object-perl
+    - libset-infinite-perl
+    - libsort-naturally-perl
+    - libstring-shellquote-perl
+    - libtemplate-perl
+    - libtext-csv-xs-perl
+    - libtext-iconv-perl
+    - libtext-unidecode-perl
+    - libtry-tiny-perl
+    - liburi-perl
+    - libwww-perl
+    - libxml-libxml-perl
+    - libxml-writer-perl
+    - libyaml-perl
+    - poppler-utils
+    - postgresql
+    - postgresql-contrib
+    - python3-passlib
+    - ssl-cert
+    #- texlive-full
+    - libmail-imapclient-perl
+    - libencode-imaputf7-perl
+    - libuuid-tiny-perl
+
+    - latexmk
+    - texlive-binaries
+    - texlive-fonts-recommended
+    - texlive-lang-german
+    - texlive-lang-greek
+    - texlive-latex-extra
+    - texlive-latex-recommended
+    - texlive-luatex
+    - texlive-plain-generic
+
+- name: Clone repo
+  ansible.builtin.git:
+    dest:    /var/www/kivitendo-erp
+    repo:    "{{ fsit_smgt_kivi_customer_repo }}"
+    version: "{{ fsit_smgt_kivi_customer_version }}"
+
+- name: Copy over Kivitendo.conf
+  ansible.builtin.template:
+    src: kivi_kivitendo.conf.j2
+    dest: /var/www/kivitendo-erp/config/kivitendo.conf
+    owner: www-data
+    mode: 'u=rw,g=rw,o='
+  notify: Restart apache
+
+- name: Make webdav directory
+  ansible.builtin.file:
+    path: /var/www/kivitendo-erp/webdav
+    state: directory
+    mode:  'u=Xrw,g=Xrw,o='
+
+- name: Make kivi_documents directory
+  ansible.builtin.file:
+    path: /var/www/kivitendo-erp/kivi_documents
+    state: directory
+    mode:  'u=Xrw,g=Xrw,o='
+
+- name: Change permissions
+  ansible.builtin.file:
+    owner:   www-data
+    path:    "/var/www/kivitendo-erp/{{ item }}"
+    mode:    'u=Xrw,g=Xrw,o='
+    recurse: true
+  loop:
+    - kivi_documents
+    - users
+    - spool
+    - templates
+    - webdav
+
+# postrgesql for kivi
+- name: Remove existing rules to ensure correct ordering of the rules
+  ansible.builtin.postgresql_pg_hba:
+    dest:      /etc/postgresql/17/main/pg_hba.conf
+    overwrite: true
+    contype:   local
+    users:     all
+    databases: all
+    method:    peer
+
+- name: Allow access from localhost to Postgresql
+  ansible.builtin.postgresql_pg_hba:
+    dest:      /etc/postgresql/17/main/pg_hba.conf
+    contype:   host
+    users:     postgres
+    databases: all
+    address:   127.0.0.1/32
+    method:    trust
+  notify: Restart postgresql
+
+# apache server for kivi
+- name: Activate apache fastcgi, headers and ssl modules
+  community.general.apache2_module:
+    state: present
+    name: "{{ item }}"
+  loop:
+    - fcgid
+    - headers
+    - ssl
+    - rewrite
+    - socache_shmcb
+  notify: Restart apache
+
+- name: Copy over apacha ssl-conf
+  ansible.builtin.copy:
+    src: files/kivitendo/default-ssl.conf
+    dest: /etc/apache2/sites-available/default-ssl.conf
+    mode: '640'
+  notify: Restart apache
+
+- name: Disable 000-default.conf
+  ansible.builtin.command: a2dissite 000-default.conf
+  notify: Restart apache
+
+- name: Enable SSL
+  ansible.builtin.command: a2ensite default-ssl
+  notify: Restart apache
+
+# FIXME 
+- name: Install kivitendo-task-server
+  ansible.builtin.copy:
+    src: files/kivitendo/kivitendo-task-server.service
+    dest: /etc/systemd/system/kivitendo-task-server.service
+    owner: root
+    mode: 'u=rw,g=rw,o='
+  notify: systemd_daemon_reload
+
+# FIXME funktioniert so noch nicht
+#- name: Start kivitendo-task-server
+#  ansible.builtin.systemd:
+#    name: kivitendo-task-server
+#    state: started
+#    enabled: true
+
+# Anleitung adaptiert
 # https://github.com/kivitendo/kivitendo-ansible/blob/master/main.yml
 #