Deploy roundcube conf and plugins

plays/roundcube.yml

@@ -0,0 +1,8 @@
+#!/usr/bin/env ansible-playbook
+---
+# Deploy Roundcube
+- hosts: roundcube-srv.adm.crans.org
+  vars:
+    roundcube_des_key: "{{ vault_roundcube_des_key }}"
+  roles:
+    - roundcube

roles/roundcube/tasks/main.yml

@@ -6,16 +6,68 @@
     name:
       - nginx
       - roundcube
+      - roundcube-pgsql
       - roundcube-plugins
+      - roundcube-plugins-extra
       - php-fpm
       - php-gd
       - php-pspell
-      - php-crypt-gpg
-      - php-net-ldap3
   register: apt_result
   retries: 3
   until: apt_result is succeeded
 
+- name: Configure Roundcube
+  template:
+    src: "roundcube/{{ item }}.j2"
+    dest: "/etc/roundcube/{{ item }}"
+    owner: root
+    group: www-data
+    mode: 0640
+  loop:
+    - debian-db.php
+    - config.inc.php
+
+- name: Clone custom plugins
+  git:
+    repo: "{{ item.repo }}"
+    dest: "/etc/roundcube/plugins/{{ item.name }}"
+    version: "{{ item.version }}"
+  loop:
+    - repo: https://gitlab.adm.crans.org/nounous/roundcube-intranet.git
+      name: intranet
+      version: HEAD
+    - repo: https://gitlab.adm.crans.org/nounous/roundcube-plugin-filters.git
+      name: filters
+      version: filters-2.2.0
+    - repo: https://gitlab.adm.crans.org/nounous/roundcube-plugin-automatic_addressbook.git
+      name: automatic_addressbook
+      version: 0.4.3
+    - repo: https://gitlab.adm.crans.org/nounous/roundcube-plugin-identity_smtp.git
+      name: identity_smtp
+      version: HEAD
+
+- name: Symlink custom plugins (1)
+  file:
+    src: "/usr/share/roundcube/plugins/{{ item }}"
+    dest: "/var/lib/roundcube/plugins/{{ item }}"
+    state: link
+  loop:
+    - intranet
+    - filters
+    - automatic_addressbook
+    - identity_smtp
+
+- name: Symlink custom plugins (1)
+  file:
+    src: "/etc/roundcube/plugins/{{ item }}"
+    dest: "/usr/share/roundcube/plugins/{{ item }}"
+    state: link
+  loop:
+    - intranet
+    - filters
+    - automatic_addressbook
+    - identity_smtp
+
 - name: Copy NGINX site
   template:
     src: nginx/roundcube.j2

roles/roundcube/templates/roundcube/config.inc.php.j2

@@ -0,0 +1,83 @@
+<?php
+{{ ansible_header | comment('cblock') }}
+
+/*
++-----------------------------------------------------------------------+
+| Local configuration for the Roundcube Webmail installation.           |
+|                                                                       |
+| This is a sample configuration file only containing the minimum       |
+| setup required for a functional installation. Copy more options       |
+| from defaults.inc.php to this file to override the defaults.          |
+|                                                                       |
+| This file is part of the Roundcube Webmail client                     |
+| Copyright (C) 2005-2013, The Roundcube Dev Team                       |
+|                                                                       |
+| Licensed under the GNU General Public License version 3 or            |
+| any later version with exceptions for skins & plugins.                |
+| See the README file for a full license statement.                     |
++-----------------------------------------------------------------------+
+*/
+
+$config = array();
+
+/* Do not set db_dsnw here, use dpkg-reconfigure roundcube-core to configure database ! */
+include_once("/etc/roundcube/debian-db-roundcube.php");
+
+// The IMAP host chosen to perform the log-in.
+// Leave blank to show a textbox at login, give a list of hosts
+// to display a pulldown menu or set one host as string.
+// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://
+// Supported replacement variables:
+// %n - hostname ($_SERVER['SERVER_NAME'])
+// %t - hostname without the first part
+// %d - domain (http hostname $_SERVER['HTTP_HOST'] without the first part)
+// %s - domain name after the '@' from e-mail address provided at login screen
+// For example %n = mail.domain.tld, %t = domain.tld
+$config['default_host'] = array(
+  'owl.adm.crans.org' => 'Crans Imap',
+);
+
+// SMTP server host (for sending mails).
+// Enter hostname with prefix tls:// to use STARTTLS, or use
+// prefix ssl:// to use the deprecated SSL over SMTP (aka SMTPS)
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - hostname ($_SERVER['SERVER_NAME'])
+// %t - hostname without the first part
+// %d - domain (http hostname $_SERVER['HTTP_HOST'] without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %t = domain.tld
+$config['smtp_server'] = 'smtp.adm.crans.org';
+
+// Use roundcube username as SMTP user
+$config['smtp_user'] = '%u';
+
+// SMTP password (if required) if you use %p as the password Roundcube
+// will use the current user's password for login
+$config['smtp_pass'] = '';
+
+// This key is used to encrypt the users imap password which is stored
+// in the session record (and the client cookie if remember password is enabled).
+// please provide a string of exactly 24 chars.
+// YOUR KEY MUST BE DIFFERENT THAN THE SAMPLE VALUE FOR SECURITY REASONS
+$config['des_key'] = '{{ roundcube_des_key }}';
+
+// List of active plugins (in plugins/ directory)
+// Debian: install roundcube-plugins first to have any
+$config['plugins'] = array(
+    'intranet',
+    'filters',
+    'automatic_addressbook',
+    'identity_smtp',
+);
+
+// skin name: folder from skins/
+$config['skin'] = 'larry';
+
+// Disable spellchecking
+// Debian: spellshecking needs additional packages to be installed, or calling external APIs
+//         see defaults.inc.php for additional informations
+$config['enable_spellcheck'] = false;
+
+// This domain will be used to form e-mail addresses of new users
+$config['mail_domain'] = 'crans.org';

roles/roundcube/templates/roundcube/debian-db.php.j2

@@ -0,0 +1,9 @@
+<?php
+{{ ansible_header | comment('cblock') }}
+$dbuser='roundcube';
+$dbpass='';
+$basepath='';
+$dbname='roundcube';
+$dbserver='pgsql.adm.crans.org';
+$dbport='';
+$dbtype='pgsql';