diff --git a/all.yml b/all.yml index 4579391d..ac216f33 100755 --- a/all.yml +++ b/all.yml @@ -41,6 +41,7 @@ - import_playbook: plays/nginx.yml - import_playbook: plays/ntp.yml - import_playbook: plays/nullmailer.yml +- import_playbook: plays/onlyoffice.yml - import_playbook: plays/owncloud.yml - import_playbook: plays/postfix.yml - import_playbook: plays/postgresql.yml diff --git a/host_vars/chene.adm.crans.org.yml b/host_vars/chene.adm.crans.org.yml new file mode 100644 index 00000000..c8deaa80 --- /dev/null +++ b/host_vars/chene.adm.crans.org.yml @@ -0,0 +1,10 @@ +--- +interfaces: + adm: ens18 + srv_nat: ens19 + +loc_unattended: + reboot: true + +loc_needrestart: + override: [] diff --git a/hosts b/hosts index a6d30cfb..98babe28 100644 --- a/hosts +++ b/hosts @@ -308,6 +308,7 @@ apprentis.adm.crans.org belenios.adm.crans.org boeing.adm.crans.org cas.adm.crans.org +chene.adm.crans.org constellation-dev.adm.crans.org eclaircie.adm.crans.org eclat.adm.crans.org diff --git a/plays/onlyoffice.yml b/plays/onlyoffice.yml new file mode 100755 index 00000000..9e93547b --- /dev/null +++ b/plays/onlyoffice.yml @@ -0,0 +1,6 @@ +#!/usr/bin/env ansible-playbook +--- +# Deploy Onlyoffice +- hosts: chene.adm.crans.org + roles: + - onlyoffice diff --git a/roles/onlyoffice/tasks/main.yml b/roles/onlyoffice/tasks/main.yml new file mode 100644 index 00000000..0dff11be --- /dev/null +++ b/roles/onlyoffice/tasks/main.yml @@ -0,0 +1,40 @@ +--- +- name: Install gpg + apt: + update_cache: true + name: + - gpg + register: apt_result + retries: 3 + until: apt_result is succeeded + +- name: Import public key of Onlyoffice repository + apt_key: + url: https://download.onlyoffice.com/GPG-KEY-ONLYOFFICE + +- name: Configure Onlyoffice repository + template: + src: apt/sources.list.d/onlyoffice.list.j2 + dest: /etc/apt/sources.list.d/onlyoffice.list + mode: 0644 + owner: root + group: root + +- name: Install onlyoffice + apt: + update_cache: true + name: + - rabbitmq-server + - nginx + - nginx-extras + - ttf-mscorefonts-installer + - onlyoffice-documentserver + register: apt_result + retries: 3 + until: apt_result is succeeded + +- name: Indicate role in motd + template: + src: update-motd.d/05-service.j2 + dest: /etc/update-motd.d/05-onlyoffice + mode: 0755 diff --git a/roles/onlyoffice/templates/apt/sources.list.d/onlyoffice.list.j2 b/roles/onlyoffice/templates/apt/sources.list.d/onlyoffice.list.j2 new file mode 100644 index 00000000..81a66453 --- /dev/null +++ b/roles/onlyoffice/templates/apt/sources.list.d/onlyoffice.list.j2 @@ -0,0 +1,3 @@ +{{ ansible_header | comment }} + +deb https://download.onlyoffice.com/repo/debian squeeze main diff --git a/roles/onlyoffice/templates/update-motd.d/05-service.j2 b/roles/onlyoffice/templates/update-motd.d/05-service.j2 new file mode 100755 index 00000000..04f270c3 --- /dev/null +++ b/roles/onlyoffice/templates/update-motd.d/05-service.j2 @@ -0,0 +1,3 @@ +#!/usr/bin/tail +14 +{{ ansible_header | comment }} +> Onlyoffice a été déployé sur cette machine. diff --git a/roles/sudo/templates/sudoers.bookworm.j2 b/roles/sudo/templates/sudoers.bookworm.j2 new file mode 100644 index 00000000..9f018b88 --- /dev/null +++ b/roles/sudo/templates/sudoers.bookworm.j2 @@ -0,0 +1,27 @@ +{{ ansible_header | comment }} +# +# See the man page for details on how to write a sudoers file. +# +Defaults env_reset +Defaults mail_badpass +Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" + +# Host alias specification +User_Alias USERS= %_user +User_Alias NOUNOUS= %_nounou + +# User alias specification + +# Cmnd alias specification + +# User privilege specification +root ALL=(ALL:ALL) ALL + +{% if 'virtu' in group_names %} +# Pour vérifier quels vms sont sur quels virtus +USERS ALL=(root:ALL) NOPASSWD:/usr/sbin/qm list + +{% endif %} +# See sudoers(5) for more information on "@include" directives: + +@includedir /etc/sudoers.d