Merge branch 'roundcube' into 'newinfra'

Roundcube See merge request nounous/ansible!87
2020-09-18 18:03:30 +02:00 · 2020-09-18 18:03:30 +02:00 · 1eb06b96ab
parent 0a78e01bcb 206f0ced7d
commit 1eb06b96ab
8 changed files with 89 additions and 43 deletions
--- a/group_vars/roundcube.yml
+++ b/group_vars/roundcube.yml
@ -0,0 +1,31 @@
+roundcube_glob:
+  name: Crans
+  imap_server: owl.adm.crans.org
+  smtp_server: smtp.adm.crans.org
+  pgsql_server: pgsql.adm.crans.org
+  mail_domain: crans.org
+  des_key: "{{ vault_roundcube_des_key }}"
+  plugins:
+    - repo: 'https://gitlab.crans.org/nounous/roundcube-intranet.git'
+      name: intranet
+      version: HEAD
+    - repo: 'https://gitlab.crans.org/nounous/roundcube-plugin-filters.git'
+      name: filters
+      version: filters-2.2.0
+    - repo: 'https://gitlab.crans.org/nounous/roundcube-plugin-automatic_addressbook.git'
+      name: automatic_addressbook
+      version: 0.4.3
+    - repo: 'https://gitlab.crans.org/nounous/roundcube-plugin-identity_smtp.git'
+      name: identity_smtp
+      version: HEAD
+    - name: zipdownload
+    - name: attachment_reminder
+    - name: newmail_notifier
+    - name: listcommands
+    - name: thunderbird_labels
+    - name: contextmenu
+  logo:
+    elastic_login: https://www.crans.org/images/crans_black.svg
+    elastic: https://www.crans.org/images/crans.svg
+    larry: https://www.crans.org/images/crans_banner.png
+    classic: https://www.crans.org/images/crans_banner.png
--- a/10
+++ b/10
@ -4,9 +4,7 @@
 # > We name servers according to location, then type.
 # > Then we regroup everything in global geographic and type groups.

-# [horde]
-# horde-srv.adm.crans.org
-#
+
 # [framadate]
 # voyager.adm.crans.org
 #
@ -32,6 +30,12 @@ fluxx.adm.crans.org
 hodaur.adm.crans.org
 frontdaur.adm.crans.org

+[roundcube]
+roundcube-srv.adm.crans.org
+
+[horde]
+horde-srv.adm.crans.org
+
 [radius]
 routeur-sam.adm.crans.org

--- a/plays/roundcube.yml
+++ b/plays/roundcube.yml
@ -1,8 +1,8 @@
 #!/usr/bin/env ansible-playbook
 ---
-# Deploy Roundcube
- hosts: roundcube-srv.adm.crans.org
+
+- hosts: roundcube
  vars:
-    roundcube_des_key: "{{ vault_roundcube_des_key }}"
+    roundcube: '{{ roundcube_glob | default({}) | combine(roundcube_loc | default({})) }}'
  roles:
    - roundcube
--- a/roles/roundcube/README.md
+++ b/roles/roundcube/README.md
@ -0,0 +1,20 @@
+# ROUNDCUBE
+
+Ce rôle installe roundcube sur un serveur.
+
+## VARS
+
+roundcube :
+  - name: le nom sans espace du serveur
+  - imap_server: l'uri du serveur imap
+  - smtp_server: l'uri du serveur smtp
+  - des_key: une clé pour chiffrer les mots de passes des utilisateurs. Elle
+    doit faire exactement 24 caractères
+  - mail_domain: le nom de domaine des mails
+  - pgsql_server: l'uri du serveur sur lequel se trouve la base de données au
+    format postgresql.
+  - plugins: une liste de plugin a chargé. Chaque élément est une liste
+    comprenant:
+    - repo: le repo git où est stocké le plugin
+    - name: le nom du plugin
+    - version: la version du plugin
--- a/roles/roundcube/tasks/main.yml
+++ b/roles/roundcube/tasks/main.yml
@ -33,41 +33,24 @@
    repo: "{{ item.repo }}"
    dest: "/etc/roundcube/plugins/{{ item.name }}"
    version: "{{ item.version }}"
-  loop:
-    - repo: https://gitlab.adm.crans.org/nounous/roundcube-intranet.git
-      name: intranet
-      version: HEAD
-    - repo: https://gitlab.adm.crans.org/nounous/roundcube-plugin-filters.git
-      name: filters
-      version: filters-2.2.0
-    - repo: https://gitlab.adm.crans.org/nounous/roundcube-plugin-automatic_addressbook.git
-      name: automatic_addressbook
-      version: 0.4.3
-    - repo: https://gitlab.adm.crans.org/nounous/roundcube-plugin-identity_smtp.git
-      name: identity_smtp
-      version: HEAD
+  loop: "{{ roundcube.plugins }}"
+  when: item.repo is defined

 - name: Symlink custom plugins (1)
  file:
-    src: "/usr/share/roundcube/plugins/{{ item }}"
-    dest: "/var/lib/roundcube/plugins/{{ item }}"
+    src: "/usr/share/roundcube/plugins/{{ item.name }}"
+    dest: "/var/lib/roundcube/plugins/{{ item.name }}"
    state: link
-  loop:
-    - intranet
-    - filters
-    - automatic_addressbook
-    - identity_smtp
+  loop: "{{ roundcube.plugins }}"
+  when: item.repo is defined

- name: Symlink custom plugins (1)
+- name: Symlink custom plugins (2)
  file:
-    src: "/etc/roundcube/plugins/{{ item }}"
-    dest: "/usr/share/roundcube/plugins/{{ item }}"
+    src: "/etc/roundcube/plugins/{{ item.name }}"
+    dest: "/usr/share/roundcube/plugins/{{ item.name }}"
    state: link
-  loop:
-    - intranet
-    - filters
-    - automatic_addressbook
-    - identity_smtp
+  loop: "{{ roundcube.plugins }}"
+  when: item.repo is defined

 - name: Copy NGINX site
  template:
--- a/roles/roundcube/templates/nginx/roundcube.j2
+++ b/roles/roundcube/templates/nginx/roundcube.j2
@ -23,4 +23,6 @@ server {
    set_real_ip_from 10.231.136.0/24;
    set_real_ip_from 2a0c:700:0:2::/64;
    real_ip_header P-Real-Ip;
+
+    client_max_body_size 10G;
 }
--- a/roles/roundcube/templates/roundcube/config.inc.php.j2
+++ b/roles/roundcube/templates/roundcube/config.inc.php.j2
@ -35,7 +35,7 @@ include_once("/etc/roundcube/debian-db-roundcube.php");
 // %s - domain name after the '@' from e-mail address provided at login screen
 // For example %n = mail.domain.tld, %t = domain.tld
 $config['default_host'] = array(
-  'owl.adm.crans.org' => 'Crans Imap',
+  '{{ roundcube.imap_server }}' => '{{ roundcube.name }} Imap',
 );

 // SMTP server host (for sending mails).
@ -48,7 +48,7 @@ $config['default_host'] = array(
 // %d - domain (http hostname $_SERVER['HTTP_HOST'] without the first part)
 // %z - IMAP domain (IMAP hostname without the first part)
 // For example %n = mail.domain.tld, %t = domain.tld
-$config['smtp_server'] = 'smtp.adm.crans.org';
+$config['smtp_server'] = '{{ roundcube.smtp_server }}';

 // SMTP port. Use 25 for cleartext, 465 for Implicit TLS, or 587 for STARTTLS (default)
 $config['smtp_port'] = 25;
@ -72,15 +72,12 @@ $config['product_name'] = 'Crans Webmail';
 // in the session record. For the default cipher method it must be
 // exactly 24 characters long.
 // YOUR KEY MUST BE DIFFERENT THAN THE SAMPLE VALUE FOR SECURITY REASONS
-$config['des_key'] = '{{ roundcube_des_key }}';
+$config['des_key'] = '{{ roundcube.des_key }}';

 // List of active plugins (in plugins/ directory)
 // Debian: install roundcube-plugins first to have any
 $config['plugins'] = array(
-    'intranet',
-    'filters',
-    'automatic_addressbook',
-    'identity_smtp',
+    {{ "'" + roundcube.plugins | map(attribute='name') | list | join("',\n    '") + "'"}},
 );

 // skin name: folder from skins/
@ -91,5 +88,14 @@ $config['skin'] = 'elastic';
 //         see defaults.inc.php for additional informations
 $config['enable_spellcheck'] = false;

+// Custom logo
+$config['skin_logo'] = array(
+    "elastic:login[small]" => "{{ roundcube.logo.elastic_login }}",
+    "elastic:login" => "{{ roundcube.logo.elastic_login }}",
+    "elastic:*" => "{{ roundcube.logo.elastic }}",
+    "larry:*" => "{{ roundcube.logo.larry }}",
+    "classic:*" => "{{ roundcube.logo.classic }}"
+);
+
 // This domain will be used to form e-mail addresses of new users
-$config['mail_domain'] = 'crans.org';
+$config['mail_domain'] = '{{ roundcube.mail_domain }}';
--- a/roles/roundcube/templates/roundcube/debian-db.php.j2
+++ b/roles/roundcube/templates/roundcube/debian-db.php.j2
@ -4,6 +4,6 @@ $dbuser='roundcube';
 $dbpass='';
 $basepath='';
 $dbname='roundcube';
-$dbserver='pgsql.adm.crans.org';
+$dbserver='{{ roundcube.pgsql_server }}';
 $dbport='';
 $dbtype='pgsql';