X-Git-Url: https://freie-schul-it.de/gitweb/fsit_smgt.git/blobdiff_plain/9ce819f608fed6506d6bb22271b4f17b6df31bda..e90bfd594054020d79964adf4995614bf8579711:/tasks/kivitendo.yml?ds=inline diff --git a/tasks/kivitendo.yml b/tasks/kivitendo.yml index 7c288ff..a9019ad 100644 --- a/tasks/kivitendo.yml +++ b/tasks/kivitendo.yml @@ -89,7 +89,7 @@ - name: Copy over Kivitendo.conf. ansible.builtin.copy: - src: files/kivitendo.conf + src: files/kivitendo/kivitendo.conf dest: /var/www/kivitendo-erp/config/kivitendo.conf owner: www-data mode: 'u=rw,g=rw,o=' @@ -101,7 +101,6 @@ state: directory mode: 'u=Xrw,g=Xrw,o=' - - name: Make kivi_documents directory. ansible.builtin.file: path: /var/www/kivitendo-erp/kivi_documents @@ -121,6 +120,53 @@ - templates - webdav +# postrgesql for kivi +- name: Remove existing rules to ensure correct ordering of the rules + ansible.builtin.postgresql_pg_hba: + dest: /etc/postgresql/17/main/pg_hba.conf + overwrite: true + contype: local + users: all + databases: all + method: peer + +- name: Allow access from localhost to Postgresql. + ansible.builtin.postgresql_pg_hba: + dest: /etc/postgresql/17/main/pg_hba.conf + contype: host + users: postgres + databases: all + address: 127.0.0.1/32 + method: trust + notify: Restart postgresql + +# apache server for kivi +- name: Activate apache fastcgi, headers and ssl modules. + community.general.apache2_module: + state: present + name: "{{ item }}" + loop: + - fcgid + - headers + - ssl + - rewrite + - socache_shmcb + notify: Restart apache + +- name: Copy over apacha ssl-conf + ansible.builtin.copy: + src: files/kivitendo/default-ssl.conf + dest: /etc/apache2/sites-available/default-ssl.conf + mode: '640' + notify: Restart apache + +- name: Disable 000-default.conf + ansible.builtin.command: a2dissite 000-default.conf + notify: Restart apache + +- name: Enable SSL + ansible.builtin.command: a2ensite default-ssl + notify: Restart apache # Anleitung adaptiert # https://github.com/kivitendo/kivitendo-ansible/blob/master/main.yml