X-Git-Url: https://freie-schul-it.de/gitweb/fsit_smgt.git/blobdiff_plain/bac725d468db849ff839aa86f1228324ff58d273..640776a664e1275383484f72ef66533b0c9da349:/tasks/kivitendo.yml?ds=inline

diff --git a/tasks/kivitendo.yml b/tasks/kivitendo.yml
index faaa69f..5c43226 100644
--- a/tasks/kivitendo.yml
+++ b/tasks/kivitendo.yml
@@ -81,33 +81,33 @@
     - texlive-luatex
     - texlive-plain-generic
 
-- name: Clone repo.
+- name: Clone repo
   ansible.builtin.git:
     dest:    /var/www/kivitendo-erp
     repo:    "{{ fsit_smgt_kivi_customer_repo }}"
     version: "{{ fsit_smgt_kivi_customer_version }}"
 
-- name: Copy over Kivitendo.conf.
-  ansible.builtin.copy:
-    src: files/kivitendo.conf
+- name: Copy over Kivitendo.conf
+  ansible.builtin.template:
+    src: kivi_kivitendo.conf.j2
     dest: /var/www/kivitendo-erp/config/kivitendo.conf
     owner: www-data
     mode: 'u=rw,g=rw,o='
   notify: Restart apache
 
-- name: Make webdav directory.
+- name: Make webdav directory
   ansible.builtin.file:
     path: /var/www/kivitendo-erp/webdav
     state: directory
     mode:  'u=Xrw,g=Xrw,o='
 
-- name: Make kivi_documents directory.
+- name: Make kivi_documents directory
   ansible.builtin.file:
     path: /var/www/kivitendo-erp/kivi_documents
     state: directory
     mode:  'u=Xrw,g=Xrw,o='
 
-- name: Change permissions.
+- name: Change permissions
   ansible.builtin.file:
     owner:   www-data
     path:    "/var/www/kivitendo-erp/{{ item }}"
@@ -130,7 +130,7 @@
     databases: all
     method:    peer
 
-- name: Allow access from localhost to Postgresql.
+- name: Allow access from localhost to Postgresql
   ansible.builtin.postgresql_pg_hba:
     dest:      /etc/postgresql/17/main/pg_hba.conf
     contype:   host
@@ -140,6 +140,50 @@
     method:    trust
   notify: Restart postgresql
 
+# apache server for kivi
+- name: Activate apache fastcgi, headers and ssl modules
+  community.general.apache2_module:
+    state: present
+    name: "{{ item }}"
+  loop:
+    - fcgid
+    - headers
+    - ssl
+    - rewrite
+    - socache_shmcb
+  notify: Restart apache
+
+- name: Copy over apacha ssl-conf
+  ansible.builtin.copy:
+    src: files/kivitendo/default-ssl.conf
+    dest: /etc/apache2/sites-available/default-ssl.conf
+    mode: '640'
+  notify: Restart apache
+
+- name: Disable 000-default.conf
+  ansible.builtin.command: a2dissite 000-default.conf
+  notify: Restart apache
+
+- name: Enable SSL
+  ansible.builtin.command: a2ensite default-ssl
+  notify: Restart apache
+
+# FIXME 
+- name: Install kivitendo-task-server
+  ansible.builtin.copy:
+    src: files/kivitendo/kivitendo-task-server.service
+    dest: /etc/systemd/system/kivitendo-task-server.service
+    owner: root
+    mode: 'u=rw,g=rw,o='
+  notify: systemd_daemon_reload
+
+# FIXME funktioniert so noch nicht
+#- name: Start kivitendo-task-server
+#  ansible.builtin.systemd:
+#    name: kivitendo-task-server
+#    state: started
+#    enabled: true
+
 # Anleitung adaptiert
 # https://github.com/kivitendo/kivitendo-ansible/blob/master/main.yml
 #