From 26351e9e112cbe613b40b888829712cddb49fea0 Mon Sep 17 00:00:00 2001 From: Arthur BOUDREAULT Date: Thu, 27 Jan 2022 11:55:40 +0100 Subject: [PATCH 1/6] refactor: transformed the role into a collection --- .gitlab-ci.yml | 2 +- README-FR.md | 178 +++-------------- README.md | 179 +++--------------- galaxy.yml | 65 +++++++ roles/ynh_apps/tasks/main.yml | 25 +++ roles/ynh_backup/README-FR.md | 74 ++++++++ roles/ynh_backup/README.md | 74 ++++++++ roles/ynh_backup/defaults/main.yml | 32 ++++ {meta => roles/ynh_backup/meta}/main.yml | 10 +- roles/ynh_backup/tasks/backup.yml | 52 +++++ roles/ynh_backup/tasks/main.yml | 25 +++ roles/ynh_backup/templates/ynh_backup.sh.j2 | 8 + roles/ynh_config/README-FR.md | 86 +++++++++ roles/ynh_config/README.md | 88 +++++++++ roles/ynh_config/defaults/main.yml | 40 ++++ roles/ynh_config/meta/main.yml | 18 ++ .../ynh_config/tasks}/autoupdate.yml | 10 +- roles/ynh_config/tasks/main.yml | 34 ++++ .../ynh_config/tasks}/smtp_relay.yml | 8 +- .../templates}/ynh_autoupdate.sh.j2 | 0 roles/ynh_setup/README-FR.md | 142 ++++++++++++++ roles/ynh_setup/README.md | 142 ++++++++++++++ .../ynh_setup/defaults}/main.yml | 25 +-- roles/ynh_setup/meta/main.yml | 18 ++ {tasks => roles/ynh_setup/tasks}/app.yml | 10 +- {tasks => roles/ynh_setup/tasks}/apps.yml | 9 +- {tasks => roles/ynh_setup/tasks}/domains.yml | 11 +- {tasks => roles/ynh_setup/tasks}/main.yml | 71 +++++-- {tasks => roles/ynh_setup/tasks}/users.yml | 11 +- 29 files changed, 1092 insertions(+), 355 deletions(-) create mode 100644 galaxy.yml create mode 100644 roles/ynh_apps/tasks/main.yml create mode 100644 roles/ynh_backup/README-FR.md create mode 100644 roles/ynh_backup/README.md create mode 100644 roles/ynh_backup/defaults/main.yml rename {meta => roles/ynh_backup/meta}/main.yml (60%) create mode 100644 roles/ynh_backup/tasks/backup.yml create mode 100644 roles/ynh_backup/tasks/main.yml create mode 100644 roles/ynh_backup/templates/ynh_backup.sh.j2 create mode 100644 roles/ynh_config/README-FR.md create mode 100644 roles/ynh_config/README.md create mode 100644 roles/ynh_config/defaults/main.yml create mode 100644 roles/ynh_config/meta/main.yml rename {tasks => roles/ynh_config/tasks}/autoupdate.yml (92%) create mode 100644 roles/ynh_config/tasks/main.yml rename {tasks => roles/ynh_config/tasks}/smtp_relay.yml (92%) rename {templates => roles/ynh_config/templates}/ynh_autoupdate.sh.j2 (100%) create mode 100644 roles/ynh_setup/README-FR.md create mode 100644 roles/ynh_setup/README.md rename {defaults => roles/ynh_setup/defaults}/main.yml (78%) create mode 100644 roles/ynh_setup/meta/main.yml rename {tasks => roles/ynh_setup/tasks}/app.yml (94%) rename {tasks => roles/ynh_setup/tasks}/apps.yml (93%) rename {tasks => roles/ynh_setup/tasks}/domains.yml (91%) rename {tasks => roles/ynh_setup/tasks}/main.yml (71%) rename {tasks => roles/ynh_setup/tasks}/users.yml (92%) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 35e09dd..53c1e46 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,7 +1,7 @@ --- #-----------------------------------------------------------------------------# # ansible-yunohost allows to deploy Yunohost using Ansible # -# Copyright 2021-2021 Lydra https://www.lydra.fr/ # +# Copyright 2021-present Lydra https://www.lydra.fr/ # # # # this program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # diff --git a/README-FR.md b/README-FR.md index db2aebe..5876a48 100644 --- a/README-FR.md +++ b/README-FR.md @@ -8,176 +8,48 @@ [![GitHub Release Date](https://img.shields.io/github/release-date/LydraFr/ansible-yunohost)](https://github.com/LydraFr/ansible-yunohost) [![GitHub Repo stars](https://img.shields.io/github/stars/LydraFr/ansible-yunohost?style=social)](https://github.com/LydraFr/ansible-yunohost) -# Rôle Ansible : Yunohost + Collection Ansible - lydra.yunohost [🇬🇧 English version](README.md) -Déployez [Yunohost](https://yunohost.org/#/) avec Ansible ! +Cette collection vise à installer, configurer et sauvegarder [Yunohost](https://yunohost.org/#/). +Comme il s'agit d'une collection indépendante, elle peut être publiée selon sa propre cadence de publication. De plus, les rôles qu'elle contient sont mis à jour indépendamment. ## Prérequis -Aucun. +------------ -## Variables du rôle +Votre serveur doit être basé sur du Debian Buster et Yunohost ne doit pas déjà être installé. -Les variables par défaut sont disponibles dans `default/main.yml` cependant il est nécessaire de les surcharger selon vos besoins en termes de domaines, d'utilisateurs et d'applications sur Yunohost. +## Contenu de la collection -### Installation de Yunohost +### Rôles -```yml -# Script pour Debian 10 uniquement. -ynh_install_script_url: https://install.yunohost.org +- [`lydra.yunohost.ynh_setup`](roles/ynh_setup/README-FR.md) : Ce rôle prépare les serveurs à base de Debian-Buster à exécuter Yunohost. Il configure Yunohost avec ses paramètres initiaux et les domaines, utilisateurs et applications de votre choix. +- [`lydra.yunohost.ynh_config`](roles/ynh_config/README-FR.md) : Ce rôle gère la configuration de différents services de Yunohost (relais SMTP, mises à jour automatiques). +- [`lydra.yunohost.ynh_backup`](roles/ynh_backup/README-FR.md) : Ce rôle gère la configuration des sauvegardes. -ynh_admin_password: MYINSECUREPWD_PLZ_OVERRIDE_THIS -``` +### lydra.yunohost Tags du rôle -- `ynh_install_script_url` est le script d'installation des packages Yunohost, par défaut c'est le script officiel. Yunohost ne s'installe que sur Debian 10. -- `ynh_admin_password` est le mot de passe permettant d'accéder à l’interface d’administration du serveur. +------------ -### Gestion des domaines +Ces tags sont applicables suivant les rôles. -```yml -# Liste des domaines gérés par Yunohost. -ynh_main_domain: domain.tld -ynh_extra_domains: - - forum.domain.tld - - wiki.domain.tld -ynh_ignore_dyndns_server: False -``` - -- `ynh_main_domain` correspond au domaine principal qui permet l’accès au serveur ainsi qu’au portail d’authentification des utilisateurs. On peut se contenter d'un nom de domaine qui nous appartient ou en utiliser un en .nohost.me / .noho.st / .ynh.fr (plus d'infos [ici](https://yunohost.org/fr/install/hardware:vps_debian)). -- `ynh_extra_domains` sont des sous-domaines optionnels. Ils permettent d'installer une application par sous-domaine (plus d'infos [ici](https://yunohost.org/fr/dns_subdomains)). -- `ynh_ignore_dyndns_server` permet d'enregistrer les domaines avec un service de DNS dynamique (plus d'infos [ici](https://yunohost.org/fr/dns_dynamicip)). - -### Configuration d'un relais SMTP - -```yml -# paramètres personnalisés du relais SMTP -ynh_smtp_relay: - host: smtp.domain.tld - port: 25 - user: user1 - password: Pa$$w0rd -``` -Yunohost possède son propre serveur SMTP natif mais il est aussi possible de configurer Yunohost pour qu'il utilise un relais SMTP à la place. -Pour faire cela, créez la variable `ynh_smtp_relay` et mettez vos propres valeurs. Vous pouvez en apprendre plus sur les relais SMTP [ici](https://yunohost.org/fr/administrate/specific_use_cases/email_relay). - -### Gestion des utilisateurs - -```yml -# Liste des utilisateurs Yunohost. -ynh_users: - - name: user1 - pass: MYINSECUREPWD_PLZ_OVERRIDE_THIS - firstname: Jane - lastname: Doe - mail_domain: domain.tld -``` - -- `ynh_users` est la liste des utilisateurs à créer. Chaque champ est obligatoire. Certaines applications Yunohost nécessitent qu'un utilisateur soit administrateur de l'application. Il aura ensuite le droit de gérer l'application depuis l'interface l'administration du serveur. Vous pouvez en apprendre plus sur la gestion des utilisateurs Yunohost [ici](https://yunohost.org/fr/administrate/overview/users). - -### Gestion des applications - -```yml -# Liste des applications Yunohost. -ynh_apps: - - label: WikiJS - link: wikijs - args: - domain: wiki.domain.tld - path: / - admin: user1 - is_public: no - - label: Discourse - link: discourse - args: - domain: forum.domain.tld - path: / - admin: user1 - is_public: yes - post_install: - - src: "templates/site_settings.yml.j2" - dest: "/var/www/discourse/config/site_settings.yml" - type: "config" - - - src: "templates/configure_discourse.sh.j2" - dest: "/tmp/configure_discourse.sh" - type: "script" - owner: root - group: root -``` - -- `ynh_apps` est la liste des applications à installer. -- `label` permet de donner un nom personnalisé à l'application sur l'interface utilisateur. -- `link` correspond au nom de l'application Yunohost qu'on veut installer. - -#### Concernant les arguments -- `domain` est obligatoire. Il faut choisir un des domaines de son instance Yunohost. -- `path` est obligatoire. Il faut choisir une URL pour accéder à son application comme `domain.tld/my_app`. Utilisez juste `/` si l'application doit s'installer sur un sous-domaine. -- `is_public` est un argument qu'on retrouve souvent. Paramétré sur `yes`, l'application sera accessible à tout le monde, même sans authentification sur le portail SSO Yunohost. Paramétré sur `no`, l'application ne sera accessible qu'après authentification. - -Pour les autres arguments, il faut se référer au `manifest.json` disponible dans le dépôt de l'application Yunohost qu'on installe. Vous pouvez en apprendre plus sur cette partie [ici](https://yunohost.org/fr/packaging_apps_manifest). - -#### Concernant la post-installation -Il est possible de compléter l'installation des applications par l'ajout de templates jinja de configuration ou de scripts que vous aurez écrit de votre côté. -Pour activer cette fonctionnalité, définissez la variable `post_install` qui correspond à la liste des fichiers de post-installation de votre application. -Cette tâche utilisant le module template, vous pouvez tout à fait utiliser vos propres variables et les appeler dans vos fichiers de template. Pour en savoir sur ce module, cliquez [ici](https://docs.ansible.com/ansible/latest/collections/ansible/builtin/template_module.html). - -- `src` est obligatoire. Il s'agit du répertoire où le fichier de template se situe sur la machine qui execute Ansible. -- `dest` est obligatoire. Il s'agit du répertoire où le fichier de template va être stocké. -- `type` est obligatoire : - - Si vous précisez comme valeur `script` alors le fichier de template aura pour droits 740. Il sera exécuté après son transfert sur le serveur Yunohost (généralement dans `/tmp/`) puis il sera supprimé. - - Si vous précisez comme valeur `config` alors le fichier de template aura pour droits 660. Il sera transféré sur le serveur Yunohost (généralement dans `/var/www/AppName/`) et vous pourrez l'importer avec un script shell à côté par exemple. - -Pour `owner` et `group`, par défaut le fichier va prendre comme utilisateur propriétaire le nom de l'application et comme groupe propriétaire www-data (groupe NGINX). Vous pouvez les changer en précisant des valeurs différentes. - -### Concernant les mises à jour - -```yml -# Autoupdate Yunohost and its apps -ynh_autoupdate: - scheduled: True - special_time: "daily" #Choices are [annually,daily,hourly,monthly,reboot,weekly,yearly] - apps: True - system: True - dest_script: "/usr/bin/" -``` - -Une tâche cron peut être mise en place pour automatiser la vérification des mises à jour système et applications suivant la périodicité de votre choix. - - `ynh_autoupdate.scheduled` : activez la tâche cron en mettant la valeur à `True`. - - `ynh_autoupdate.special_time`: est obligatoire. Elle permet de préciser quand vous souhaitez que cette tâche soit exécutée. Valeurs possibles : (`annually`,`daily`,`hourly`,`monthly`,`reboot`,`weekly`,`yearly`). - Pour en savoir plus sur les _special times_, cliquez [ici](https://docs.ansible.com/ansible/latest/collections/ansible/builtin/cron_module.html). - - `ynh_autoupdate.apps` : est obligatoire. Activez la mise à jour automatique des applications Yunohost en mettant la valeur à `True`. - - `ynh_autoupdate.system` : est obligatoire. Activez la mise à jour automatique du système Yunohost en mettant la valeur à `True`. - - `ynh_autoupdate.dest_script` : c'est le chemin du répertoire où le script de mise à jour sera installé sur le serveur. La valeur par défaut est `/usr/local/bin`. Le script s'appelle `ynh_autoupdate.sh`. - -Si des mises à jour sont disponibles, elles sont faites automatiquement. En cas de problème suite à la mise à jour d'une application, vous pouvez lire les logs qui sont disponibles ici `/var/log/yunohost/categories/operation`. Vous avez aussi la possibilité de revenir à la version précédente car Yunohost fait toujours une sauvegarde automatique d'une application lorsqu'elle est mise à jour. - -Pour en savoir plus sur le fonctionnement des mises à jour dans Yunohost vous pouvez vous rendre [ici](https://yunohost.org/fr/update). Le changelog des versions de Yunohost est aussi disponible [ici](https://forum.yunohost.org/tag/ynh_release). - -## Dépendances - -Aucune. - -## Exemple de Playbook - -```yml ---- -- name: Install Yunohost on Debian Server - hosts: all - become: True - pre_tasks: - - name: Update all packages and index - ansible.builtin.apt: - upgrade: dist - update_cache: yes - - roles: - - lydra.yunohost -``` +|tags|commentaires| +|----|-------| +|yunohost|Tâches spécifiques à Yunohost.| +|users|Tâches spécifiques aux utilisateurs de Yunohost.| +|domains|Tâches spécifiques aux domaines liés à Yunohost.| +|apps|Tâches spécifiques aux applications de Yunohost.| +|update|Tâches liées aux paramètres de mise à jour de Yunohost.| +|smtp|Tâches liées aux paramètres de relais smtp de Yunohost.| +|backup|Tâches liées aux sauvegardes de Yunohost.| +|pkg|Tâches d'installation de paquets.| ## License +------------ + [![ansible-yunohost Copyright 2021 Lydra](https://www.gnu.org/graphics/gplv3-with-text-136x68.png)](https://choosealicense.com/licenses/gpl-3.0/) **ansible-yunohost** est maintenu par [Lydra](https://lydra.fr/) et publié sous la licence GPL3. diff --git a/README.md b/README.md index 3576bf4..1690d7d 100644 --- a/README.md +++ b/README.md @@ -8,175 +8,48 @@ [![GitHub Release Date](https://img.shields.io/github/release-date/LydraFr/ansible-yunohost)](https://github.com/LydraFr/ansible-yunohost) [![GitHub Repo stars](https://img.shields.io/github/stars/LydraFr/ansible-yunohost?style=social)](https://github.com/LydraFr/ansible-yunohost) -# Ansible Role: Yunohost +# Ansible Collection - lydra.yunohost [🇫🇷 French version](README-FR.md) -Deploy [Yunohost](https://yunohost.org/#/) with Ansible! +This collection aims at installing, configuring and backing up [Yunohost](https://yunohost.org/#/). +As this is an independent collection, it can be released on its own release cadence. Moreover, the roles it contains are updated independently. -## Requirements +# Prerequisites -None. +------------ -## Role Variables +Your server must be Debian-Buster based and Yunohost shouldn't be already installed. -Default variables are available in `default/main.yml` however it is necessary to override them according to your needs for Yunohost domains, users and apps. +## Collection contents -### Yunohost Installation +### Roles -```yml -# Debian 10 script only. -ynh_install_script_url: https://install.yunohost.org +- [`lydra.yunohost.ynh_setup`](roles/ynh_setup/README.md): This role prepares servers with Debian-Buster-based to run Yunohost. It sets up Yunohost with its initial settings and domains, users and apps of your choice. +- [`lydra.yunohost.ynh_config`](roles/ynh_config/README.md): This role configures various Yunohost services (SMTP relay, auto updates). +- [`lydra.yunohost.ynh_backup`](roles/ynh_backup/README.md): This role manages the configuration of backups. -ynh_admin_password: MYINSECUREPWD_PLZ_OVERRIDE_THIS -``` +## lydra.yunohost Role Tags -- `ynh_install_script_url` downloads official Yunohost script for installing Yunohost packages. Yunohost is only available on Debian 10. -- `ynh_admin_password` is the password used to access to the server's administration interface. +------------ -### Domain management +These tags are applicable to roles. -```yml -# The list of Yunohost domains. -ynh_main_domain: domain.tld -ynh_extra_domains: - - forum.domain.tld - - wiki.domain.tld -ynh_ignore_dyndns_server: False -``` - -- `ynh_main_domain` is the main domain used by the server's users to access the authentication portal. If you already own a domain name, you probably want to use it here. You can also use a domain in .nohost.me / .noho.st / .ynh.fr (more info [here](https://yunohost.org/en/install/hardware:vps_debian)). -- `ynh_extra_domains` are optional and allow you to install one app per subdomain (more info [here](https://yunohost.org/en/administrate/specific_use_cases/domains/dns_subdomains)). -- `ynh_ignore_dyndns_server` allow to register domains with a Dynamic DNS service (more info [here](https://yunohost.org/en/dns_dynamicip)). - -### SMTP relay configuration - -```yml -# SMTP custom settings -ynh_smtp_relay: - host: smtp.domain.tld - port: 25 - user: user1 - password: Pa$$w0rd -``` - -There is a built-in SMTP server on Yunohost but you can also set up Yunohost to use a SMTP relay instead. -In order to do so, create the `ynh_smtp_relay` variable and provide your own values. You can learn more about SMTP relay [here](https://yunohost.org/en/administrate/specific_use_cases/email_relay). - -### User management - -```yml -# The list of Yunohost users. -ynh_users: - - name: user1 - pass: MYINSECUREPWD_PLZ_OVERRIDE_THIS - firstname: Jane - lastname: Doe - mail_domain: domain.tld -``` -- `ynh_users` is the list of users to create. Each field is mandatory. Some Yunohost applications require that a user be the app administrator. He will then have the right to manage the application from the server administration interface. You can learn more about Yunohost user management [here](https://yunohost.org/en/users). - -### App management - -```yml -# The list of Yunohost apps. -ynh_apps: - - label: WikiJS - link: wikijs - args: - domain: wiki.domain.tld - path: / - admin: user1 - is_public: no - - label: Discourse - link: discourse - args: - domain: forum.domain.tld - path: / - admin: user1 - is_public: yes - post_install: - - src: "templates/site_settings.yml.j2" - dest: "/var/www/discourse/config/site_settings.yml" - type: "config" - - - src: "templates/configure_discourse.sh.j2" - dest: "/tmp/configure_discourse.sh" - type: "script" - owner: root - group: root -``` - -- `ynh_apps` is the list of applications to install. -- `label` allows you to give a custom name to the application on the user interface. -- `link` is the name of the Yunohost application to install. - -#### About the arguments -- `domain` is essential. You have to choose one of the domains of your Yunohost instance. -- `path` is required. You have to choose a URL to access your application like `domain.tld/my_app`. Just use `/` if the application is to be installed on a subdomain. -- `is_public` argument is a common one. Set to `yes`, the application will be accessible to everyone, even without authentication to the Yunohost SSO portal. Set to `no`, the application will be accessible only after authentication. - -For the other arguments, you have to refer to the `manifest.json` available in the repository of the Yunohost application you install. You can learn more about this part [here](https://yunohost.org/fr/packaging_apps_manifest). - -#### About the post-installation -It is possible to complete the installation of applications by adding jinja template configuration files or scripts written by yourself. -To enable this feature, define the `post_install` variable which corresponds to the list of post-installation files of your applications. -Because this task uses the template module, you can use your own variables and call them in your template files. To know more about this module, click [here](https://docs.ansible.com/ansible/latest/collections/ansible/builtin/template_module.html). - -- `src` is mandatory. This is the directory where the template file is located on the machine running Ansible. -- `dest` is mandatory. This is the directory where the template file will be stored. -- `type` is mandatory: - - If you specify `script` as the value, then the template file will have 740 rights. It will be executed after it is transferred to the Yunohost server (usually in `/tmp/`) and then deleted. - - If you specify `config` as the value, then the template file will have 660 rights. It will be transferred to the Yunohost server (usually in `/var/www/AppName/`) and after you could import it with a shell script on the side for example. - -For `owner` and `group`, by default the file will take as owner the name of the application and as owner www-data(NGINX group). You can change them by specifying different values. - -### About the updates - -```yml -# Autoupdate Yunohost and its apps -ynh_autoupdate: - scheduled: True - special_time: "daily" #Choices are [annually,daily,hourly,monthly,reboot,weekly,yearly] - apps: True - system: True - dest_script: "/usr/bin/" -``` - -A cron job can been set up to automate the check for system and application updates on a schedule of your choice. - - `ynh_autoupdate.scheduled` : enables the cron job by setting the value to `True`. - - `ynh_autoupdate.special_time`: it is mandatory. It allows you to specify when you want this task to be executed. Possible values: (`annually`,`daily`,`hourly`,`monthly`,`reboot`,`weekly`,`yearly`). To learn more about special times, click [here](https://docs.ansible.com/ansible/latest/collections/ansible/builtin/cron_module.html). - - `ynh_autoupdate.apps`: is mandatory. Enable automatic updating of Yunohost applications by setting the value to `True`. - - `ynh_autoupdate.system`: is mandatory. Enable automatic updating of the Yunohost system by setting the value to `True`. - - `ynh_autoupdate.dest_script`: it is the path to the directory where the update script will be installed on the server. The default value is `/usr/local/bin`. The script is named `ynh_autoupdate.sh`. - -If available, updates are done automatically. In case of problems following an application update, you can read logs located in `/var/log/yunohost/categories/operation` . You also have the possibility to rollback to the previous version since Yunohost always makes an automatic backup of an application when it is updated. - -To learn more about how updates work in Yunohost you can go [here](https://yunohost.org/fr/update). The changelog of Yunohost versions is also available [here](https://forum.yunohost.org/tag/ynh_release). - -## Dependencies - -None. - -## Example Playbook - -```yml ---- -- name: Install Yunohost on Debian Server - hosts: all - become: True - pre_tasks: - - name: Update all packages and index - ansible.builtin.apt: - upgrade: dist - update_cache: yes - - roles: - - ansible-yunohost -``` +|tags|comment| +|----|-------| +|yunohost|Tasks specific to Yunohost.| +|users|Tasks specific to users in Yunohost.| +|domains|Tasks specific to domains linked to Yunohost.| +|apps|Tasks specific to Yunohost apps.| +|update|Tasks related to Yunohost update settings.| +|smtp|Tasks related to Yunohost smtp relay settings.| +|backup|Tasks related to Yunohost backups.| +|pkg|Tasks that install packages.| ## License +------------ + [![ansible-yunohost Copyright 2021 Lydra](https://www.gnu.org/graphics/gplv3-with-text-136x68.png)](https://choosealicense.com/licenses/gpl-3.0/) **ansible-yunohost** is maintained by [Lydra](https://lydra.fr/) and released under the GPL3 license. diff --git a/galaxy.yml b/galaxy.yml new file mode 100644 index 0000000..5796860 --- /dev/null +++ b/galaxy.yml @@ -0,0 +1,65 @@ +### REQUIRED +# The namespace of the collection. This can be a company/brand/organization or product namespace under which all +# content lives. May only contain alphanumeric lowercase characters and underscores. Namespaces cannot start with +# underscores or numbers and cannot contain consecutive underscores +namespace: lydra + +# The name of the collection. Has the same character restrictions as 'namespace' +name: yunohost + +# The version of the collection. Must be compatible with semantic versioning +version: 1.0.0 + +# The path to the Markdown (.md) readme file. This path is relative to the root of the collection +readme: README.md + +# A list of the collection's content authors. Can be just the name or in the format 'Full Name (url) +# @nicks:irc/im.site#channel' +authors: +- Lydra () + + +### OPTIONAL but strongly recommended +# A short summary description of the collection +description: Yunohost related Roles and Modules + +# Either a single license or a list of licenses for content inside of a collection. Ansible Galaxy currently only +# accepts L(SPDX,https://spdx.org/licenses/) licenses. This key is mutually exclusive with 'license_file' +license: +- GPL-3.0-or-later + +# The path to the license file for the collection. This path is relative to the root of the collection. This key is +# mutually exclusive with 'license' +license_file: 'LICENSE' + +# A list of tags you want to associate with the collection for indexing/searching. A tag name has the same character +# requirements as 'namespace' and 'name' +tags: + - yunohost + - cloud + - web + +# Collections that this collection requires to be installed for it to be usable. The key of the dict is the +# collection label 'namespace.name'. The value is a version range +# L(specifiers,https://python-semanticversion.readthedocs.io/en/latest/#requirement-specification). Multiple version +# range specifiers can be set and are separated by ',' +dependencies: {} + +# The URL of the originating SCM repository +repository: https://github.com/LydraFr/ansible-yunohost + +# The URL to any online docs +documentation: https://github.com/LydraFr/ansible-yunohost/blob/main/README.md + +# The URL to the homepage of the collection/project +homepage: https://github.com/LydraFr/ansible-yunohost + +# The URL to the collection issue tracker +issues: https://lab.frogg.it/lydra/yunohost/ansible-yunohost/-/issues + +# A list of file glob-like patterns used to filter any files or directories that should not be included in the build +# artifact. A pattern is matched from the relative path of the file or directory of the collection directory. This +# uses 'fnmatch' to match the files or directories. Some directories and files like 'galaxy.yml', '*.pyc', '*.retry', +# and '.git' are always filtered +build_ignore: [] + diff --git a/roles/ynh_apps/tasks/main.yml b/roles/ynh_apps/tasks/main.yml new file mode 100644 index 0000000..e54dd79 --- /dev/null +++ b/roles/ynh_apps/tasks/main.yml @@ -0,0 +1,25 @@ +--- +#-----------------------------------------------------------------------------# +# ansible-yunohost allows to deploy Yunohost using Ansible # +# Copyright 2021-present Lydra https://www.lydra.fr/ # +# # +# this program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# this program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +#-----------------------------------------------------------------------------# + +- name: Install Yunohost apps + ansible.builtin.include_tasks: apps.yml + when: ynh_apps + tags: + - apps diff --git a/roles/ynh_backup/README-FR.md b/roles/ynh_backup/README-FR.md new file mode 100644 index 0000000..88030c7 --- /dev/null +++ b/roles/ynh_backup/README-FR.md @@ -0,0 +1,74 @@ +# Rôle Ansible : Yunohost Backup + +[🇬🇧 English version](README.md) + +Sauvegardez [Yunohost](https://yunohost.org/#/) avec Ansible ! + +## Prérequis + +------------ + +Yunohost doit déjà être installé sur votre serveur. + +## Variables du rôle + +------------ + +Les variables par défaut sont disponibles dans `default/main.yml` cependant il est possible de les surcharger selon vos besoins en ... + +### Gestion des sauvegardes + +------------ + +```yml +ynh_backup: + scheduled: True + directory: "/data/backup" + scheduled_hour: "*" + scheduled_minute: "*/30" + scheduled_weekday: "*" + scheduled_month: "*" + system: True + apps: True + src_script: "templates/ynh_backup.sh.j2" + dest_script: "/usr/bin" +``` + +La tâche backup va permettre de sauvegarder les applications Yunohost ainsi que leurs données grâce à la mise en place d'une tâche cron. + +- `ynh_backup.scheduled` : active la fonctionnalité de sauvegarde des applications Yunohost, mettez la valeur à `True`. +- `ynh_backup.directory` : le dossier de sauvegarde par défaut est `/home/yunohost.backup/archives` cependant vous pouvez tout à fait choisir de sauvegarder les backups dans un autre dossier grâce à cette variable. Dans ce cas, de manière à pouvoir restaurer les backups depuis l'interface web, Yunohost créé automatiquement un lien symbolique de l'archive créée vers son dossier par défaut. +- `ynh_backup.scheduled_[hour|minute|weekday|month]`: modifie la planification de la tâche cron. Par défaut elle se déclenchera tous les jours de l'année à 1 heure du matin. Pour plus d'informations concernant les réglages horaires cron, cet outil peut être utile : . +- `ynh_backup.system` : est obligatoire. Activez la sauvegarde du système Yunohost en mettant la valeur à `True`. +- `ynh_backup.apps` : est obligatoire. Activez la sauvegarde des applications Yunohost en mettant la valeur à `True`. +- `src_script`: il s'agit du chemin absolu où le fichier de template se situe sur la machine qui exécute Ansible. Par défaut, il sera stocké dans `templates/ynh_backup.sh.j2`. +- `dest_script`: il s'agit du répertoire où le fichier de template va être stocké. Par défaut, il sera stocké dans `/usr/local/bin/`. Le script s'appelle `ynh_backup.sh`. + +## Dépendances + +------------ + +Aucune. + +## Exemple de Playbook + +------------ + +```yml +--- +- name: Configure Yunohost backups + hosts: all + become: True + collections: + - lydra.yunohost + roles: + - ynh_backup +``` + +## License + +------------ + +[![ansible-yunohost Copyright 2021 Lydra](https://www.gnu.org/graphics/gplv3-with-text-136x68.png)](https://choosealicense.com/licenses/gpl-3.0/) + +**ansible-yunohost** est maintenu par [Lydra](https://lydra.fr/) et publié sous la licence GPL3. diff --git a/roles/ynh_backup/README.md b/roles/ynh_backup/README.md new file mode 100644 index 0000000..a6df157 --- /dev/null +++ b/roles/ynh_backup/README.md @@ -0,0 +1,74 @@ +# Ansible Role: Yunohost + +[🇫🇷 French version](README-FR.md) + +Deploy [Yunohost](https://yunohost.org/#/) with Ansible! + +## Requirements + +------------ + +Yunohost needs to be installed on your server. + +## Role Variables + +------------ + +Default variables are available in `default/main.yml` however it is necessary to override them according to your needs for ... + +### Backups management + +------------ + +```yml +ynh_backup: + scheduled: True + directory: "/data/backup" + scheduled_hour: "*" + scheduled_minute: "*/30" + scheduled_weekday: "*" + scheduled_month: "*" + system: True + apps: True + src_script: "templates/ynh_backup.sh.j2" + dest_script: "/usr/bin" +``` + +The backup task will allow to backup Yunohost applications and their data by setting up a cron job. + +- `ynh_backup.scheduled`: to enable the Yunohost applications backup feature, set the value to `True`. +- `ynh_backup.directory`: the default backup folder is `/home/yunohost.backup/archives` however you can choose to save the backups in another folder with this variable. In this case, in order to be able to restore the backups from the web interface, Yunohost automatically creates a symbolic link from the created archive to its default folder. +- `ynh_backup.scheduled_[hour|minute|weekday|month]`: modifies the scheduling of the cron task. By default it will run every day of the year at 1am. For more information about cron time settings, this tool can be useful: . +- `ynh_backup.system` : is mandatory. Enables automatic backup of the Yunohost system by setting the value to `True`. +- `ynh_backup.apps` : est obligatoire. Enables automatic backup of Yunohost applications by setting the value to `True`. +- `src_script`: this is the absolute path where the template file is located on the machine running Ansible. By default is will be stored in `templates/ynh_backup.sh.j2`. +- `dest_script`: this is the directory where the template file will be stored. By default is will be stored in `/usr/local/bin`. The script is named `ynh_backup.sh`. + +## Dependencies + +------------ + +None. + +## Example Playbook + +------------ + +```yml +--- +- name: Configure Yunohost backups + hosts: all + become: True + collections: + - lydra.yunohost + roles: + - ynh_backup +``` + +## License + +------------ + +[![ansible-yunohost Copyright 2021 Lydra](https://www.gnu.org/graphics/gplv3-with-text-136x68.png)](https://choosealicense.com/licenses/gpl-3.0/) + +**ansible-yunohost** is maintained by [Lydra](https://lydra.fr/) and released under the GPL3 license. diff --git a/roles/ynh_backup/defaults/main.yml b/roles/ynh_backup/defaults/main.yml new file mode 100644 index 0000000..5e8e0dd --- /dev/null +++ b/roles/ynh_backup/defaults/main.yml @@ -0,0 +1,32 @@ +--- +#-----------------------------------------------------------------------------# +# ansible-yunohost allows to deploy Yunohost using Ansible # +# Copyright 2021-present Lydra https://www.lydra.fr/ # +# # +# this program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# this program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +#-----------------------------------------------------------------------------# + +# Variables for backup +ynh_backup: + scheduled: False + # directory: "/data/backup" + # scheduled_hour: 3 + # scheduled_minute: "0" + # scheduled_weekday: "*" + # scheduled_month: "*" + # system: True + # apps: True + # src_script: "templates/ynh_backup.sh.j2" + # dest_script: "/usr/local/bin/" diff --git a/meta/main.yml b/roles/ynh_backup/meta/main.yml similarity index 60% rename from meta/main.yml rename to roles/ynh_backup/meta/main.yml index 8432537..c68ab81 100644 --- a/meta/main.yml +++ b/roles/ynh_backup/meta/main.yml @@ -1,15 +1,15 @@ --- galaxy_info: - role_name: yunohost + role_name: ynh_backup author: lydra - description: Deploy Yunohost with Ansible + description: Backup Yunohost with Ansible license: GPL-v3 min_ansible_version: 2.10 github_branch: main platforms: - - name: Debian - versions: - - buster + - name: Debian + versions: + - buster galaxy_tags: - yunohost - cloud diff --git a/roles/ynh_backup/tasks/backup.yml b/roles/ynh_backup/tasks/backup.yml new file mode 100644 index 0000000..3c071af --- /dev/null +++ b/roles/ynh_backup/tasks/backup.yml @@ -0,0 +1,52 @@ +--- +#-----------------------------------------------------------------------------# +# ansible-yunohost allows to deploy Yunohost using Ansible # +# Copyright 2021-present Lydra https://www.lydra.fr/ # +# # +# this program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# this program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +#-----------------------------------------------------------------------------# + +- name: Create backup folder + ansible.builtin.file: + path: "{{ ynh_backup.directory | default('/home/yunohost.backup/archives') }}" + state: directory + mode: '0750' + tags: + - backup + +- name: Create backup script + ansible.builtin.template: + src: "{{ ynh_backup.src_script | default('templates/ynh_backup.sh.j2') }}" + dest: "{{ ynh_backup.dest_script | default('/usr/local/bin/') }}ynh_backup.sh" + owner: root + group: root + mode: '0740' + tags: + - backup + - cron + +- name: Create cron task to perform YNH backup + ansible.builtin.cron: + name: "auto-backup to {{ ynh_backup.directory | default('/home/yunohost.backup/archives') }}" + month: "{{ ynh_backup.scheduled_month | default('*') }}" + weekday: "{{ ynh_backup.scheduled_weekday | default('*') }}" + hour: "{{ ynh_backup.scheduled_hour | default('1') }}" + minute: "{{ ynh_backup.scheduled_minute | default('0') }}" + user: root + job: "{{ ynh_backup.dest_script | default('/usr/local/bin/') }}ynh_backup.sh" + cron_file: ynh_backup_cron + tags: + - backup + - cron diff --git a/roles/ynh_backup/tasks/main.yml b/roles/ynh_backup/tasks/main.yml new file mode 100644 index 0000000..3b41dc2 --- /dev/null +++ b/roles/ynh_backup/tasks/main.yml @@ -0,0 +1,25 @@ +--- +#-----------------------------------------------------------------------------# +# ansible-yunohost allows to deploy Yunohost using Ansible # +# Copyright 2021-present Lydra https://www.lydra.fr/ # +# # +# this program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# this program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +#-----------------------------------------------------------------------------# + +- name: Enable Yunohost apps backup + ansible.builtin.include_tasks: backup.yml + when: ynh_backup.scheduled + tags: + - backup diff --git a/roles/ynh_backup/templates/ynh_backup.sh.j2 b/roles/ynh_backup/templates/ynh_backup.sh.j2 new file mode 100644 index 0000000..a4a7d40 --- /dev/null +++ b/roles/ynh_backup/templates/ynh_backup.sh.j2 @@ -0,0 +1,8 @@ +#!/bin/sh + +yunohost backup create {% if ynh_backup.system %}--system{% endif %}{% if ynh_backup.apps %} --apps{% endif %}{% if ynh_backup.directory %} --output-directory {{ ynh_backup.directory }}/backup_$(date +%Y%m%d_%H%M) {% endif %} + +{% if ynh_backup.system is false and ynh_backup.apps is false %} + echo "Read the readme to know more about vars ynh_backup.system and ynh_backup.apps" + exit 1 +{% endif %} diff --git a/roles/ynh_config/README-FR.md b/roles/ynh_config/README-FR.md new file mode 100644 index 0000000..8012a06 --- /dev/null +++ b/roles/ynh_config/README-FR.md @@ -0,0 +1,86 @@ +# Rôle Ansible : Yunohost Configuration + +[🇬🇧 English version](README.md) + +Configurez [Yunohost](https://yunohost.org/#/) avec Ansible ! + +## Prérequis + +Yunohost doit déjà être installé sur votre serveur. + +## Variables du rôle + +------------ + +Les variables par défaut sont disponibles dans `default/main.yml` cependant il est possible de les surcharger selon vos besoins. + +### Configuration d'un relais SMTP + +------------ + +```yml +# paramètres personnalisés du relais SMTP +ynh_smtp_relay: + host: smtp.domain.tld + port: 25 + user: user1 + password: Pa$$w0rd +``` + +Yunohost possède son propre serveur SMTP natif mais il est aussi possible de configurer Yunohost pour qu'il utilise un relais SMTP à la place. +Pour faire cela, créez la variable `ynh_smtp_relay` et mettez vos propres valeurs. Vous pouvez en apprendre plus sur les relais SMTP [ici](https://yunohost.org/fr/administrate/specific_use_cases/email_relay). + +### Concernant les mises à jour + +------------ + +```yml +# Autoupdate Yunohost and its apps +ynh_autoupdate: + scheduled: True + special_time: "daily" #Choices are [annually,daily,hourly,monthly,reboot,weekly,yearly] + apps: True + system: True + dest_script: "/usr/bin/" +``` + +Une tâche cron peut être mise en place pour automatiser la vérification des mises à jour système et applications suivant la périodicité de votre choix. + +- `ynh_autoupdate.scheduled` : activez la tâche cron en mettant la valeur à `True`. +- `ynh_autoupdate.special_time`: est obligatoire. Elle permet de préciser quand vous souhaitez que cette tâche soit exécutée. Valeurs possibles : (`annually`,`daily`,`hourly`,`monthly`,`reboot`,`weekly`,`yearly`). Pour en savoir plus sur les _special times_, cliquez [ici](https://docs.ansible.com/ansible/latest/collections/ansible/builtin/cron_module.html). +- `ynh_autoupdate.apps` : est obligatoire. Activez la mise à jour automatique des applications Yunohost en mettant la valeur à `True`. +- `ynh_autoupdate.system` : est obligatoire. Activez la mise à jour automatique du système Yunohost en mettant la valeur à `True`. +- `ynh_autoupdate.dest_script` : c'est le chemin du répertoire où le script de mise à jour sera installé sur le serveur. La valeur par défaut est `/usr/local/bin`. Le script s'appelle `ynh_autoupdate.sh`. + +Si des mises à jour sont disponibles, elles sont faites automatiquement. En cas de problème suite à la mise à jour d'une application, vous pouvez lire les logs qui sont disponibles ici `/var/log/yunohost/categories/operation`. Vous avez aussi la possibilité de revenir à la version précédente car Yunohost fait toujours une sauvegarde automatique d'une application lorsqu'elle est mise à jour. + +Pour en savoir plus sur le fonctionnement des mises à jour dans Yunohost vous pouvez vous rendre [ici](https://yunohost.org/fr/update). Le changelog des versions de Yunohost est aussi disponible [ici](https://forum.yunohost.org/tag/ynh_release). + +## Dépendances + +------------ + +Aucune. + +## Exemple de Playbook + +------------ + +```yml +--- +- name: Configure Yunohost on Debian Server + hosts: all + become: True + collections: + - lydra.yunohost + roles: + - ynh_config +``` + +## License + +------------ + +[![ansible-yunohost Copyright 2021 Lydra](https://www.gnu.org/graphics/gplv3-with-text-136x68.png)](https://choosealicense.com/licenses/gpl-3.0/) + +**ansible-yunohost** est maintenu par [Lydra](https://lydra.fr/) et publié sous la licence GPL3. diff --git a/roles/ynh_config/README.md b/roles/ynh_config/README.md new file mode 100644 index 0000000..068e81b --- /dev/null +++ b/roles/ynh_config/README.md @@ -0,0 +1,88 @@ +# Ansible Role: Yunohost + +[🇫🇷 French version](README-FR.md) + +Deploy [Yunohost](https://yunohost.org/#/) with Ansible! + +## Requirements + +------------ + +None. + +## Role Variables + +------------ + +Default variables are available in `default/main.yml` however it is necessary to override them according to your needs for Yunohost domains, users and apps. + +### SMTP relay configuration + +------------ + +```yml +# SMTP custom settings +ynh_smtp_relay: + host: smtp.domain.tld + port: 25 + user: user1 + password: Pa$$w0rd +``` + +There is a built-in SMTP server on Yunohost but you can also set up Yunohost to use a SMTP relay instead. +In order to do so, create the `ynh_smtp_relay` variable and provide your own values. You can learn more about SMTP relay [here](https://yunohost.org/en/administrate/specific_use_cases/email_relay). + +### About the updates + +------------ + +```yml +# Autoupdate Yunohost and its apps +ynh_autoupdate: + scheduled: True + special_time: "daily" #Choices are [annually,daily,hourly,monthly,reboot,weekly,yearly] + apps: True + system: True + dest_script: "/usr/bin/" +``` + +A cron job can been set up to automate the check for system and application updates on a schedule of your choice. + +- `ynh_autoupdate.scheduled` : enables the cron job by setting the value to `True`. +- `ynh_autoupdate.special_time`: it is mandatory. It allows you to specify when you want this task to be executed. Possible values: (`annually`,`daily`,`hourly`,`monthly`,`reboot`,`weekly`,`yearly`). To learn more about special times, click [here](https://docs.ansible.com/ansible/latest/collections/ansible/builtin/cron_module.html). +- `ynh_autoupdate.apps`: is mandatory. Enables automatic updating of Yunohost applications by setting the value to `True`. +- `ynh_autoupdate.system`: is mandatory. Enables automatic updating of the Yunohost system by setting the value to `True`. +- `ynh_autoupdate.dest_script`: it is the path to the directory where the update script will be installed on the server. The default value is `/usr/local/bin`. The script is named `ynh_autoupdate.sh`. + +If available, updates are done automatically. In case of problems following an application update, you can read logs located in `/var/log/yunohost/categories/operation` . You also have the possibility to rollback to the previous version since Yunohost always makes an automatic backup of an application when it is updated. + +To learn more about how updates work in Yunohost you can go [here](https://yunohost.org/fr/update). The changelog of Yunohost versions is also available [here](https://forum.yunohost.org/tag/ynh_release). + +## Dependencies + +------------ + +None. + +## Example Playbook + +------------ + +```yml +--- +- name: Configure Yunohost on Debian Server + hosts: all + become: True + collections: + - lydra.yunohost + roles: + - ynh_config +``` + +## License + +------------ + +[![ansible-yunohost Copyright 2021 Lydra](https://www.gnu.org/graphics/gplv3-with-text-136x68.png)](https://choosealicense.com/licenses/gpl-3.0/) + +**ansible-yunohost** is maintained by [Lydra](https://lydra.fr/) and released under the GPL3 license. diff --git a/roles/ynh_config/defaults/main.yml b/roles/ynh_config/defaults/main.yml new file mode 100644 index 0000000..502df6d --- /dev/null +++ b/roles/ynh_config/defaults/main.yml @@ -0,0 +1,40 @@ +--- +#-----------------------------------------------------------------------------# +# ansible-yunohost allows to deploy Yunohost using Ansible # +# Copyright 2021-present Lydra https://www.lydra.fr/ # +# # +# this program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# this program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +#-----------------------------------------------------------------------------# + +# Do not touch this variable +# Just to have dict default value +ynh_smtp_relay: + value: null + +# SMTP custom settings (Only override if you need a SMTP relay) +# Example: +# ynh_smtp_relay: + # host: smtp.domain.tld + # port: "25" + # user: user1 + # password: Pa$$w0rd + +# Autoupdate Yunohost and its apps +ynh_autoupdate: + scheduled: False + # special_time: "daily" #Choices are [annually,daily,hourly,monthly,reboot,weekly,yearly] + # apps: True + # system: True + # dest_script: "/usr/local/bin/" diff --git a/roles/ynh_config/meta/main.yml b/roles/ynh_config/meta/main.yml new file mode 100644 index 0000000..7f0cb04 --- /dev/null +++ b/roles/ynh_config/meta/main.yml @@ -0,0 +1,18 @@ +--- +galaxy_info: + role_name: ynh_config + author: lydra + description: Configure Yunohost with Ansible + license: GPL-v3 + min_ansible_version: 2.10 + github_branch: main + platforms: + - name: Debian + versions: + - buster + galaxy_tags: + - yunohost + - cloud + - web + +dependencies: [] diff --git a/tasks/autoupdate.yml b/roles/ynh_config/tasks/autoupdate.yml similarity index 92% rename from tasks/autoupdate.yml rename to roles/ynh_config/tasks/autoupdate.yml index ff923af..d840481 100644 --- a/tasks/autoupdate.yml +++ b/roles/ynh_config/tasks/autoupdate.yml @@ -1,7 +1,7 @@ --- #-----------------------------------------------------------------------------# # ansible-yunohost allows to deploy Yunohost using Ansible # -# Copyright 2021-2021 Lydra https://www.lydra.fr/ # +# Copyright 2021-present Lydra https://www.lydra.fr/ # # # # this program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -25,6 +25,10 @@ owner: root group: root mode: '0740' + tags: + - yunohost + - update + - cron - name: Creates cron task under /etc/cron.d to auto-update Yunohost ansible.builtin.cron: @@ -34,3 +38,7 @@ user: root job: "{{ ynh_autoupdate.dest_script | default('/usr/local/bin/') }}ynh_autoupdate.sh" cron_file: ynh_autoupdate_cron + tags: + - yunohost + - update + - cron diff --git a/roles/ynh_config/tasks/main.yml b/roles/ynh_config/tasks/main.yml new file mode 100644 index 0000000..e9d1561 --- /dev/null +++ b/roles/ynh_config/tasks/main.yml @@ -0,0 +1,34 @@ +--- +#-----------------------------------------------------------------------------# +# ansible-yunohost allows to deploy Yunohost using Ansible # +# Copyright 2021-present Lydra https://www.lydra.fr/ # +# # +# this program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# this program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +#-----------------------------------------------------------------------------# + +- name: Configure SMTP relay + ansible.builtin.include_tasks: smtp_relay.yml + loop: "{{ ynh_smtp_relay | dict2items }}" + when: item.value + tags: + - yunohost + - smtp + +- name: Configures Yunohost autoupdate + ansible.builtin.include_tasks: autoupdate.yml + when: ynh_autoupdate.scheduled + tags: + - yunohost + - update diff --git a/tasks/smtp_relay.yml b/roles/ynh_config/tasks/smtp_relay.yml similarity index 92% rename from tasks/smtp_relay.yml rename to roles/ynh_config/tasks/smtp_relay.yml index 8745870..02de043 100644 --- a/tasks/smtp_relay.yml +++ b/roles/ynh_config/tasks/smtp_relay.yml @@ -1,7 +1,7 @@ --- #-----------------------------------------------------------------------------# # ansible-yunohost allows to deploy Yunohost using Ansible # -# Copyright 2021-2021 Lydra https://www.lydra.fr/ # +# Copyright 2021-present Lydra https://www.lydra.fr/ # # # # this program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -23,8 +23,14 @@ "yunohost settings get smtp.relay.{{ item.key }}" register: _ynh_smtp_current_values changed_when: False + tags: + - yunohost + - smtp - name: Set new SMTP settings ansible.builtin.command: "yunohost settings set smtp.relay.{{ item.key }} -v {{ item.value }}" when: _ynh_smtp_current_values.stdout != item.value + tags: + - yunohost + - smtp diff --git a/templates/ynh_autoupdate.sh.j2 b/roles/ynh_config/templates/ynh_autoupdate.sh.j2 similarity index 100% rename from templates/ynh_autoupdate.sh.j2 rename to roles/ynh_config/templates/ynh_autoupdate.sh.j2 diff --git a/roles/ynh_setup/README-FR.md b/roles/ynh_setup/README-FR.md new file mode 100644 index 0000000..914afac --- /dev/null +++ b/roles/ynh_setup/README-FR.md @@ -0,0 +1,142 @@ +# Rôle Ansible : Yunohost + +[🇬🇧 English version](README.md) + +Déployez [Yunohost](https://yunohost.org/#/) avec Ansible ! + +## Prérequis + +Aucun. + +## Variables du rôle + +Les variables par défaut sont disponibles dans `default/main.yml` cependant il est nécessaire de les surcharger selon vos besoins en termes de domaines, d'utilisateurs et d'applications sur Yunohost. + +### Installation de Yunohost + +```yml +# Script pour Debian 10 uniquement. +ynh_install_script_url: https://install.yunohost.org + +ynh_admin_password: MYINSECUREPWD_PLZ_OVERRIDE_THIS +``` + +- `ynh_install_script_url` est le script d'installation des packages Yunohost, par défaut c'est le script officiel. Yunohost ne s'installe que sur Debian 10. +- `ynh_admin_password` est le mot de passe permettant d'accéder à l’interface d’administration du serveur. + +### Gestion des domaines + +```yml +# Liste des domaines gérés par Yunohost. +ynh_main_domain: domain.tld +ynh_extra_domains: + - forum.domain.tld + - wiki.domain.tld +ynh_ignore_dyndns_server: False +``` + +- `ynh_main_domain` correspond au domaine principal qui permet l’accès au serveur ainsi qu’au portail d’authentification des utilisateurs. On peut se contenter d'un nom de domaine qui nous appartient ou en utiliser un en .nohost.me / .noho.st / .ynh.fr (plus d'infos [ici](https://yunohost.org/fr/install/hardware:vps_debian)). +- `ynh_extra_domains` sont des sous-domaines optionnels. Ils permettent d'installer une application par sous-domaine (plus d'infos [ici](https://yunohost.org/fr/dns_subdomains)). +- `ynh_ignore_dyndns_server` permet d'enregistrer les domaines avec un service de DNS dynamique (plus d'infos [ici](https://yunohost.org/fr/dns_dynamicip)). + +### Gestion des utilisateurs + +```yml +# Liste des utilisateurs Yunohost. +ynh_users: + - name: user1 + pass: MYINSECUREPWD_PLZ_OVERRIDE_THIS + firstname: Jane + lastname: Doe + mail_domain: domain.tld +``` + +- `ynh_users` est la liste des utilisateurs à créer. Chaque champ est obligatoire. Certaines applications Yunohost nécessitent qu'un utilisateur soit administrateur de l'application. Il aura ensuite le droit de gérer l'application depuis l'interface l'administration du serveur. Vous pouvez en apprendre plus sur la gestion des utilisateurs Yunohost [ici](https://yunohost.org/fr/administrate/overview/users). + +### Gestion des applications + +```yml +# Liste des applications Yunohost. +ynh_apps: + - label: WikiJS + link: wikijs + args: + domain: wiki.domain.tld + path: / + admin: user1 + is_public: no + - label: Discourse + link: discourse + args: + domain: forum.domain.tld + path: / + admin: user1 + is_public: yes + post_install: + - src: "templates/site_settings.yml.j2" + dest: "/var/www/discourse/config/site_settings.yml" + type: "config" + + - src: "templates/configure_discourse.sh.j2" + dest: "/tmp/configure_discourse.sh" + type: "script" + owner: root + group: root +``` + +- `ynh_apps` est la liste des applications à installer. +- `label` permet de donner un nom personnalisé à l'application sur l'interface utilisateur. +- `link` correspond au nom de l'application Yunohost qu'on veut installer. + +#### Concernant les arguments + +- `domain` est obligatoire. Il faut choisir un des domaines de son instance Yunohost. +- `path` est obligatoire. Il faut choisir une URL pour accéder à son application comme `domain.tld/my_app`. Utilisez juste `/` si l'application doit s'installer sur un sous-domaine. +- `is_public` est un argument qu'on retrouve souvent. Paramétré sur `yes`, l'application sera accessible à tout le monde, même sans authentification sur le portail SSO Yunohost. Paramétré sur `no`, l'application ne sera accessible qu'après authentification. + +Pour les autres arguments, il faut se référer au `manifest.json` disponible dans le dépôt de l'application Yunohost qu'on installe. Vous pouvez en apprendre plus sur cette partie [ici](https://yunohost.org/fr/packaging_apps_manifest). + +#### Concernant la post-installation + +Il est possible de compléter l'installation des applications par l'ajout de templates jinja de configuration ou de scripts que vous aurez écrit de votre côté. +Pour activer cette fonctionnalité, définissez la variable `post_install` qui correspond à la liste des fichiers de post-installation de votre application. +Cette tâche utilisant le module template, vous pouvez tout à fait utiliser vos propres variables et les appeler dans vos fichiers de template. Pour en savoir sur ce module, cliquez [ici](https://docs.ansible.com/ansible/latest/collections/ansible/builtin/template_module.html). + +- `src` est obligatoire. Il s'agit du répertoire où le fichier de template se situe sur la machine qui execute Ansible. +- `dest` est obligatoire. Il s'agit du répertoire où le fichier de template va être stocké. +- `type` est obligatoire : + - Si vous précisez comme valeur `script` alors le fichier de template aura pour droits 740. Il sera exécuté après son transfert sur le serveur Yunohost (généralement dans `/tmp/`) puis il sera supprimé. + - Si vous précisez comme valeur `config` alors le fichier de template aura pour droits 660. Il sera transféré sur le serveur Yunohost (généralement dans `/var/www/AppName/`) et vous pourrez l'importer avec un script shell à côté par exemple. + +Pour `owner` et `group`, par défaut le fichier va prendre comme utilisateur propriétaire le nom de l'application et comme groupe propriétaire www-data (groupe NGINX). Vous pouvez les changer en précisant des valeurs différentes. + +## Dépendances + +Aucune. + +## Exemple de Playbook + +```yml +--- +- name: Install Yunohost on Debian Server + hosts: all + become: True + collections: + - lydra.yunohost + pre_tasks: + - name: Update all packages and index + ansible.builtin.apt: + upgrade: dist + update_cache: yes + + roles: + - ynh_setup + - ynh_config + - ynh_backup +``` + +## License + +[![ansible-yunohost Copyright 2021 Lydra](https://www.gnu.org/graphics/gplv3-with-text-136x68.png)](https://choosealicense.com/licenses/gpl-3.0/) + +**ansible-yunohost** est maintenu par [Lydra](https://lydra.fr/) et publié sous la licence GPL3. diff --git a/roles/ynh_setup/README.md b/roles/ynh_setup/README.md new file mode 100644 index 0000000..2433777 --- /dev/null +++ b/roles/ynh_setup/README.md @@ -0,0 +1,142 @@ +# Ansible Role: Yunohost + +[🇫🇷 French version](README-FR.md) + +Deploy [Yunohost](https://yunohost.org/#/) with Ansible! + +## Requirements + +None. + +## Role Variables + +Default variables are available in `default/main.yml` however it is necessary to override them according to your needs for Yunohost domains, users and apps. + +### Yunohost Installation + +```yml +# Debian 10 script only. +ynh_install_script_url: https://install.yunohost.org + +ynh_admin_password: MYINSECUREPWD_PLZ_OVERRIDE_THIS +``` + +- `ynh_install_script_url` downloads official Yunohost script for installing Yunohost packages. Yunohost is only available on Debian 10. +- `ynh_admin_password` is the password used to access to the server's administration interface. + +### Domain management + +```yml +# The list of Yunohost domains. +ynh_main_domain: domain.tld +ynh_extra_domains: + - forum.domain.tld + - wiki.domain.tld +ynh_ignore_dyndns_server: False +``` + +- `ynh_main_domain` is the main domain used by the server's users to access the authentication portal. If you already own a domain name, you probably want to use it here. You can also use a domain in .nohost.me / .noho.st / .ynh.fr (more info [here](https://yunohost.org/en/install/hardware:vps_debian)). +- `ynh_extra_domains` are optional and allow you to install one app per subdomain (more info [here](https://yunohost.org/en/administrate/specific_use_cases/domains/dns_subdomains)). +- `ynh_ignore_dyndns_server` allow to register domains with a Dynamic DNS service (more info [here](https://yunohost.org/en/dns_dynamicip)). + +### User management + +```yml +# The list of Yunohost users. +ynh_users: + - name: user1 + pass: MYINSECUREPWD_PLZ_OVERRIDE_THIS + firstname: Jane + lastname: Doe + mail_domain: domain.tld +``` + +- `ynh_users` is the list of users to create. Each field is mandatory. Some Yunohost applications require that a user be the app administrator. He will then have the right to manage the application from the server administration interface. You can learn more about Yunohost user management [here](https://yunohost.org/en/users). + +### App management + +```yml +# The list of Yunohost apps. +ynh_apps: + - label: WikiJS + link: wikijs + args: + domain: wiki.domain.tld + path: / + admin: user1 + is_public: no + - label: Discourse + link: discourse + args: + domain: forum.domain.tld + path: / + admin: user1 + is_public: yes + post_install: + - src: "templates/site_settings.yml.j2" + dest: "/var/www/discourse/config/site_settings.yml" + type: "config" + + - src: "templates/configure_discourse.sh.j2" + dest: "/tmp/configure_discourse.sh" + type: "script" + owner: root + group: root +``` + +- `ynh_apps` is the list of applications to install. +- `label` allows you to give a custom name to the application on the user interface. +- `link` is the name of the Yunohost application to install. + +#### About the arguments + +- `domain` is essential. You have to choose one of the domains of your Yunohost instance. +- `path` is required. You have to choose a URL to access your application like `domain.tld/my_app`. Just use `/` if the application is to be installed on a subdomain. +- `is_public` argument is a common one. Set to `yes`, the application will be accessible to everyone, even without authentication to the Yunohost SSO portal. Set to `no`, the application will be accessible only after authentication. + +For the other arguments, you have to refer to the `manifest.json` available in the repository of the Yunohost application you install. You can learn more about this part [here](https://yunohost.org/fr/packaging_apps_manifest). + +#### About the post-installation + +It is possible to complete the installation of applications by adding jinja template configuration files or scripts written by yourself. +To enable this feature, define the `post_install` variable which corresponds to the list of post-installation files of your applications. +Because this task uses the template module, you can use your own variables and call them in your template files. To know more about this module, click [here](https://docs.ansible.com/ansible/latest/collections/ansible/builtin/template_module.html). + +- `src` is mandatory. This is the directory where the template file is located on the machine running Ansible. +- `dest` is mandatory. This is the directory where the template file will be stored. +- `type` is mandatory: + - If you specify `script` as the value, then the template file will have 740 rights. It will be executed after it is transferred to the Yunohost server (usually in `/tmp/`) and then deleted. + - If you specify `config` as the value, then the template file will have 660 rights. It will be transferred to the Yunohost server (usually in `/var/www/AppName/`) and after you could import it with a shell script on the side for example. + +For `owner` and `group`, by default the file will take as owner the name of the application and as owner www-data(NGINX group). You can change them by specifying different values. + +## Dependencies + +None. + +## Example Playbook + +```yml +--- +- name: Install Yunohost on Debian Server + hosts: all + become: True + collections: + - lydra.yunohost + pre_tasks: + - name: Update all packages and index + ansible.builtin.apt: + upgrade: dist + update_cache: yes + + roles: + - ynh_setup + - ynh_config + - ynh_backup +``` + +## License + +[![ansible-yunohost Copyright 2021 Lydra](https://www.gnu.org/graphics/gplv3-with-text-136x68.png)](https://choosealicense.com/licenses/gpl-3.0/) + +**ansible-yunohost** is maintained by [Lydra](https://lydra.fr/) and released under the GPL3 license. diff --git a/defaults/main.yml b/roles/ynh_setup/defaults/main.yml similarity index 78% rename from defaults/main.yml rename to roles/ynh_setup/defaults/main.yml index d44e47f..3ccb2e0 100644 --- a/defaults/main.yml +++ b/roles/ynh_setup/defaults/main.yml @@ -1,7 +1,7 @@ --- #-----------------------------------------------------------------------------# # ansible-yunohost allows to deploy Yunohost using Ansible # -# Copyright 2021-2021 Lydra https://www.lydra.fr/ # +# Copyright 2021-present Lydra https://www.lydra.fr/ # # # # this program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -36,20 +36,7 @@ ynh_users: null # lastname: Doe # mail_domain: domain.tld -# Do not touch this variable -# Just to have dict default value -ynh_smtp_relay: - value: null - -# SMTP custom settings (Only override if you need a SMTP relay) -# Example: -# ynh_smtp_relay: - # host: smtp.domain.tld - # port: "25" - # user: user1 - # password: Pa$$w0rd - -# The list of Yunohost apps. + # The list of Yunohost apps. ynh_apps: null # - label: Tiny Tiny RSS # link: ttrss @@ -62,11 +49,3 @@ ynh_apps: null # type: script # owner: ttrss # Only provide if different from app name # group: ttrss # Only provide if different from www-data - -# Autoupdate Yunohost and its apps -ynh_autoupdate: - scheduled: False - # special_time: "daily" #Choices are [annually,daily,hourly,monthly,reboot,weekly,yearly] - # apps: True - # system: True - # dest_script: "/usr/local/bin/" diff --git a/roles/ynh_setup/meta/main.yml b/roles/ynh_setup/meta/main.yml new file mode 100644 index 0000000..5d334d6 --- /dev/null +++ b/roles/ynh_setup/meta/main.yml @@ -0,0 +1,18 @@ +--- +galaxy_info: + role_name: ynh_setup + author: lydra + description: Install Yunohost with Ansible + license: GPL-v3 + min_ansible_version: 2.10 + github_branch: main + platforms: + - name: Debian + versions: + - buster + galaxy_tags: + - yunohost + - cloud + - web + +dependencies: [] diff --git a/tasks/app.yml b/roles/ynh_setup/tasks/app.yml similarity index 94% rename from tasks/app.yml rename to roles/ynh_setup/tasks/app.yml index ef15d38..cf7519b 100644 --- a/tasks/app.yml +++ b/roles/ynh_setup/tasks/app.yml @@ -1,7 +1,7 @@ --- #-----------------------------------------------------------------------------# # ansible-yunohost allows to deploy Yunohost using Ansible # -# Copyright 2021-2021 Lydra https://www.lydra.fr/ # +# Copyright 2021-present Lydra https://www.lydra.fr/ # # # # this program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,6 +24,8 @@ --label "{{ ynh_app.label }}" \ --args "{% for key, value in ynh_app.args.items() %}{{ key }}={{ value }}{% if not loop.last %}&{% endif %}{% endfor %}" changed_when: False + tags: + - apps # Post-installation part - name: Create post-install template @@ -35,6 +37,8 @@ mode: "{{ (item.type == 'script') | ternary('740', '660') }}" loop: "{{ ynh_app.post_install|default([]) }}" when: ynh_app.post_install + tags: + - apps - name: Launch post-install script ansible.builtin.command: "{{ ynh_app_post_install.dest }}" @@ -44,6 +48,8 @@ loop_control: loop_var: ynh_app_post_install when: ynh_app_post_install.type == "script" + tags: + - apps - name: Remove script after execution ansible.builtin.file: @@ -53,3 +59,5 @@ loop_control: loop_var: ynh_app_post_install when: ynh_app_post_install.type == "script" + tags: + - apps diff --git a/tasks/apps.yml b/roles/ynh_setup/tasks/apps.yml similarity index 93% rename from tasks/apps.yml rename to roles/ynh_setup/tasks/apps.yml index 53f19ee..b59a807 100644 --- a/tasks/apps.yml +++ b/roles/ynh_setup/tasks/apps.yml @@ -1,7 +1,7 @@ --- #-----------------------------------------------------------------------------# # ansible-yunohost allows to deploy Yunohost using Ansible # -# Copyright 2021-2021 Lydra https://www.lydra.fr/ # +# Copyright 2021-present Lydra https://www.lydra.fr/ # # # # this program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -22,9 +22,13 @@ ansible.builtin.command: yunohost app map --output-as json register: ynh_installed_apps_raw changed_when: False + tags: + - apps - name: Format json of apps ansible.builtin.set_fact: ynh_installed_apps="{{ ynh_installed_apps_raw.stdout | from_json }}" + tags: + - apps - name: Install yunohost apps and perform post-install ansible.builtin.include_tasks: app.yml @@ -32,3 +36,6 @@ loop_control: loop_var: ynh_app when: ynh_app.label not in ynh_installed_apps.values() + tags: + - apps + diff --git a/tasks/domains.yml b/roles/ynh_setup/tasks/domains.yml similarity index 91% rename from tasks/domains.yml rename to roles/ynh_setup/tasks/domains.yml index 43fd607..02a2368 100644 --- a/tasks/domains.yml +++ b/roles/ynh_setup/tasks/domains.yml @@ -1,7 +1,7 @@ --- #-----------------------------------------------------------------------------# # ansible-yunohost allows to deploy Yunohost using Ansible # -# Copyright 2021-2021 Lydra https://www.lydra.fr/ # +# Copyright 2021-present Lydra https://www.lydra.fr/ # # # # this program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -22,11 +22,20 @@ ansible.builtin.command: yunohost domain list --output-as json register: ynh_installed_domains_raw changed_when: False + tags: + - yunohost + - domains - name: Format json of domains ansible.builtin.set_fact: ynh_installed_domains="{{ ynh_installed_domains_raw.stdout | from_json }}" + tags: + - yunohost + - domains - name: Create domains ansible.builtin.command: yunohost domain add {{ item }} with_items: "{{ ynh_extra_domains }}" when: item not in ynh_installed_domains.domains + tags: + - yunohost + - domains diff --git a/tasks/main.yml b/roles/ynh_setup/tasks/main.yml similarity index 71% rename from tasks/main.yml rename to roles/ynh_setup/tasks/main.yml index c8857d7..0105337 100644 --- a/tasks/main.yml +++ b/roles/ynh_setup/tasks/main.yml @@ -1,7 +1,7 @@ --- #-----------------------------------------------------------------------------# # ansible-yunohost allows to deploy Yunohost using Ansible # -# Copyright 2021-2021 Lydra https://www.lydra.fr/ # +# Copyright 2021-present Lydra https://www.lydra.fr/ # # # # this program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,10 +24,49 @@ - git - dialog state: present + tags: + - pkg + - linux + - yunohost + +- name: Create apps and config directories + ansible.builtin.file: + path: "{{ item }}" + state: directory + mode: 0770 + loop: + - "{{ ynh_symlink.appdata_dir }}" + - "{{ ynh_symlink.conf_dir }}" + tags: + - linux + - yunohost + when: ynh_symlink.enabled + +- name: Create symbolic link for Yunohost apps data directory + ansible.builtin.file: + src: /var/www/ + dest: "{{ ynh_symlink.appdata_dir }}/www_symlink" + state: link + tags: + - linux + - yunohost + when: ynh_symlink.enabled + +- name: Create symbolic link for Yunohost configuration directory + ansible.builtin.file: + src: /etc/yunohost/ + dest: "{{ ynh_symlink.conf_dir }}/yunohost_symlink" + state: link + tags: + - linux + - yunohost + when: ynh_symlink.enabled - name: Test if Yunohost is already installed ansible.builtin.stat: path=/etc/yunohost/installed register: ynh_file_install + tags: + - yunohost - name: Download Yunohost install script ansible.builtin.get_url: @@ -35,10 +74,14 @@ dest: /tmp/install_yunohost.sh mode: 700 when: not ynh_file_install.stat.exists + tags: + - yunohost - name: Launch Yunohost install script ansible.builtin.command: /tmp/install_yunohost.sh -a when: not ynh_file_install.stat.exists + tags: + - yunohost - name: Launch Yunohost postinstall ansible.builtin.command: @@ -47,32 +90,32 @@ --password "{{ ynh_admin_password }}" \ {% if ynh_ignore_dyndns_server %} --ignore-dyndns {% endif %} when: not ynh_file_install.stat.exists + tags: + - yunohost + - domains - name: Create extra domains ansible.builtin.include_tasks: domains.yml when: ynh_extra_domains + tags: + - yunohost + - domains - name: Run first Yunohost diagnosis ansible.builtin.command: yunohost diagnosis run when: not ynh_file_install.stat.exists + tags: + - yunohost - name: Install domain certificates ansible.builtin.command: yunohost domain cert-install changed_when: False - -- name: Configure SMTP relay - ansible.builtin.include_tasks: smtp_relay.yml - loop: "{{ ynh_smtp_relay | dict2items }}" - when: item.value + tags: + - yunohost - name: Add Yunohost users ansible.builtin.include_tasks: users.yml when: ynh_users - -- name: Install Yunohost apps - ansible.builtin.include_tasks: apps.yml - when: ynh_apps - -- name: Configures Yunohost autoupdate - ansible.builtin.include_tasks: autoupdate.yml - when: ynh_autoupdate.scheduled + tags: + - yunohost + - users diff --git a/tasks/users.yml b/roles/ynh_setup/tasks/users.yml similarity index 92% rename from tasks/users.yml rename to roles/ynh_setup/tasks/users.yml index 06e3c4c..e13f7ce 100644 --- a/tasks/users.yml +++ b/roles/ynh_setup/tasks/users.yml @@ -1,7 +1,7 @@ --- #-----------------------------------------------------------------------------# # ansible-yunohost allows to deploy Yunohost using Ansible # -# Copyright 2021-2021 Lydra https://www.lydra.fr/ # +# Copyright 2021-present Lydra https://www.lydra.fr/ # # # # this program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -22,9 +22,15 @@ ansible.builtin.command: yunohost user list --output-as json register: ynh_registered_users_raw changed_when: False + tags: + - yunohost + - users - name: Format json of users ansible.builtin.set_fact: ynh_registered_users="{{ ynh_registered_users_raw.stdout | from_json }}" + tags: + - yunohost + - users - name: Create missing Yunohost users ansible.builtin.command: @@ -35,3 +41,6 @@ -p "{{ item.pass }}" loop: "{{ ynh_users }}" when: item.name not in ynh_registered_users.users.keys() + tags: + - yunohost + - users From 5b78dd4c11a516fe3fdf2ce22d98c5ff7a032b84 Mon Sep 17 00:00:00 2001 From: Arthur BOUDREAULT Date: Thu, 3 Feb 2022 14:39:42 +0100 Subject: [PATCH 2/6] refactor: ynh_apps is now a role --- roles/ynh_apps/README-FR.md | 94 ++++++++++++++++++++ roles/ynh_apps/README.md | 94 ++++++++++++++++++++ roles/ynh_apps/defaults/main.yml | 33 +++++++ roles/ynh_apps/meta/main.yml | 18 ++++ roles/{ynh_setup => ynh_apps}/tasks/app.yml | 0 roles/{ynh_setup => ynh_apps}/tasks/apps.yml | 1 - roles/ynh_apps/tasks/main.yml | 1 + roles/ynh_setup/README-FR.md | 58 +----------- roles/ynh_setup/README.md | 58 +----------- roles/ynh_setup/defaults/main.yml | 14 --- 10 files changed, 242 insertions(+), 129 deletions(-) create mode 100644 roles/ynh_apps/README-FR.md create mode 100644 roles/ynh_apps/README.md create mode 100644 roles/ynh_apps/defaults/main.yml create mode 100644 roles/ynh_apps/meta/main.yml rename roles/{ynh_setup => ynh_apps}/tasks/app.yml (100%) rename roles/{ynh_setup => ynh_apps}/tasks/apps.yml (99%) diff --git a/roles/ynh_apps/README-FR.md b/roles/ynh_apps/README-FR.md new file mode 100644 index 0000000..6133aa1 --- /dev/null +++ b/roles/ynh_apps/README-FR.md @@ -0,0 +1,94 @@ +# Rôle Ansible : Yunohost Apps + +[🇬🇧 English version](README.md) + +Installez les applications [Yunohost](https://yunohost.org/#/) avec Ansible ! +Retrouvez la liste des applications Yunohost [ici](https://yunohost.org/fr/applications/catalog). + +## Prérequis + +Aucun. + +## Variables du rôle + +Les variables par défaut sont disponibles dans `default/main.yml` cependant il est nécessaire de les surcharger selon vos besoins en termes de domaines, d'utilisateurs et d'applications sur Yunohost. + +### Gestion des applications + +```yml +# Liste des applications Yunohost. +ynh_apps: + - label: WikiJS + link: wikijs + args: + domain: wiki.domain.tld + path: / + admin: user1 + is_public: no + - label: Discourse + link: discourse + args: + domain: forum.domain.tld + path: / + admin: user1 + is_public: yes + post_install: + - src: "templates/site_settings.yml.j2" + dest: "/var/www/discourse/config/site_settings.yml" + type: "config" + + - src: "templates/configure_discourse.sh.j2" + dest: "/tmp/configure_discourse.sh" + type: "script" + owner: root + group: root +``` + +- `ynh_apps` est la liste des applications à installer. +- `label` permet de donner un nom personnalisé à l'application sur l'interface utilisateur. +- `link` correspond au nom de l'application Yunohost qu'on veut installer. + +#### Concernant les arguments + +- `domain` est obligatoire. Il faut choisir un des domaines de son instance Yunohost. +- `path` est obligatoire. Il faut choisir une URL pour accéder à son application comme `domain.tld/my_app`. Utilisez juste `/` si l'application doit s'installer sur un sous-domaine. +- `is_public` est un argument qu'on retrouve souvent. Paramétré sur `yes`, l'application sera accessible à tout le monde, même sans authentification sur le portail SSO Yunohost. Paramétré sur `no`, l'application ne sera accessible qu'après authentification. + +Pour les autres arguments, il faut se référer au `manifest.json` disponible dans le dépôt de l'application Yunohost qu'on installe. Vous pouvez en apprendre plus sur cette partie [ici](https://yunohost.org/fr/packaging_apps_manifest). + +#### Concernant la post-installation + +Il est possible de compléter l'installation des applications par l'ajout de templates jinja de configuration ou de scripts que vous aurez écrit de votre côté. +Pour activer cette fonctionnalité, définissez la variable `post_install` qui correspond à la liste des fichiers de post-installation de votre application. +Cette tâche utilisant le module template, vous pouvez tout à fait utiliser vos propres variables et les appeler dans vos fichiers de template. Pour en savoir sur ce module, cliquez [ici](https://docs.ansible.com/ansible/latest/collections/ansible/builtin/template_module.html). + +- `src` est obligatoire. Il s'agit du répertoire où le fichier de template se situe sur la machine qui execute Ansible. +- `dest` est obligatoire. Il s'agit du répertoire où le fichier de template va être stocké. +- `type` est obligatoire : + - Si vous précisez comme valeur `script` alors le fichier de template aura pour droits 740. Il sera exécuté après son transfert sur le serveur Yunohost (généralement dans `/tmp/`) puis il sera supprimé. + - Si vous précisez comme valeur `config` alors le fichier de template aura pour droits 660. Il sera transféré sur le serveur Yunohost (généralement dans `/var/www/AppName/`) et vous pourrez l'importer avec un script shell à côté par exemple. + +Pour `owner` et `group`, par défaut le fichier va prendre comme utilisateur propriétaire le nom de l'application et comme groupe propriétaire www-data (groupe NGINX). Vous pouvez les changer en précisant des valeurs différentes. + +## Dépendances + +Aucune. + +## Exemple de Playbook + +```yml +--- +- name: Install Yunohost apps + hosts: all + become: True + collections: + - lydra.yunohost + roles: + - ynh_apps +``` + +## License + +[![ansible-yunohost Copyright 2021 Lydra](https://www.gnu.org/graphics/gplv3-with-text-136x68.png)](https://choosealicense.com/licenses/gpl-3.0/) + +**ansible-yunohost** est maintenu par [Lydra](https://lydra.fr/) et publié sous la licence GPL3. diff --git a/roles/ynh_apps/README.md b/roles/ynh_apps/README.md new file mode 100644 index 0000000..bf42ae5 --- /dev/null +++ b/roles/ynh_apps/README.md @@ -0,0 +1,94 @@ +# Ansible Role: Yunohost Apps + +[🇫🇷 French version](README-FR.md) + +Install [Yunohost](https://yunohost.org/#/) apps with Ansible! +You can find the list of available Yunohost applications [here](https://yunohost.org/en/apps). + +## Requirements + +None. + +## Role Variables + +Default variables are available in `default/main.yml` however it is necessary to override them according to your needs for Yunohost domains, users and apps. + +### App management + +```yml +# The list of Yunohost apps. +ynh_apps: + - label: WikiJS + link: wikijs + args: + domain: wiki.domain.tld + path: / + admin: user1 + is_public: no + - label: Discourse + link: discourse + args: + domain: forum.domain.tld + path: / + admin: user1 + is_public: yes + post_install: + - src: "templates/site_settings.yml.j2" + dest: "/var/www/discourse/config/site_settings.yml" + type: "config" + + - src: "templates/configure_discourse.sh.j2" + dest: "/tmp/configure_discourse.sh" + type: "script" + owner: root + group: root +``` + +- `ynh_apps` is the list of applications to install. +- `label` allows you to give a custom name to the application on the user interface. +- `link` is the name of the Yunohost application to install. + +#### About the arguments + +- `domain` is essential. You have to choose one of the domains of your Yunohost instance. +- `path` is required. You have to choose a URL to access your application like `domain.tld/my_app`. Just use `/` if the application is to be installed on a subdomain. +- `is_public` argument is a common one. Set to `yes`, the application will be accessible to everyone, even without authentication to the Yunohost SSO portal. Set to `no`, the application will be accessible only after authentication. + +For the other arguments, you have to refer to the `manifest.json` available in the repository of the Yunohost application you install. You can learn more about this part [here](https://yunohost.org/fr/packaging_apps_manifest). + +#### About the post-installation + +It is possible to complete the installation of applications by adding jinja template configuration files or scripts written by yourself. +To enable this feature, define the `post_install` variable which corresponds to the list of post-installation files of your applications. +Because this task uses the template module, you can use your own variables and call them in your template files. To know more about this module, click [here](https://docs.ansible.com/ansible/latest/collections/ansible/builtin/template_module.html). + +- `src` is mandatory. This is the directory where the template file is located on the machine running Ansible. +- `dest` is mandatory. This is the directory where the template file will be stored. +- `type` is mandatory: + - If you specify `script` as the value, then the template file will have 740 rights. It will be executed after it is transferred to the Yunohost server (usually in `/tmp/`) and then deleted. + - If you specify `config` as the value, then the template file will have 660 rights. It will be transferred to the Yunohost server (usually in `/var/www/AppName/`) and after you could import it with a shell script on the side for example. + +For `owner` and `group`, by default the file will take as owner the name of the application and as owner www-data(NGINX group). You can change them by specifying different values. + +## Dependencies + +None. + +## Example Playbook + +```yml +--- +- name: Install Yunohost apps + hosts: all + become: True + collections: + - lydra.yunohost + roles: + - ynh_apps +``` + +## License + +[![ansible-yunohost Copyright 2021 Lydra](https://www.gnu.org/graphics/gplv3-with-text-136x68.png)](https://choosealicense.com/licenses/gpl-3.0/) + +**ansible-yunohost** is maintained by [Lydra](https://lydra.fr/) and released under the GPL3 license. diff --git a/roles/ynh_apps/defaults/main.yml b/roles/ynh_apps/defaults/main.yml new file mode 100644 index 0000000..6b023b2 --- /dev/null +++ b/roles/ynh_apps/defaults/main.yml @@ -0,0 +1,33 @@ +--- +#-----------------------------------------------------------------------------# +# ansible-yunohost allows to deploy Yunohost using Ansible # +# Copyright 2021-present Lydra https://www.lydra.fr/ # +# # +# this program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# this program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +#-----------------------------------------------------------------------------# + +# The list of Yunohost apps. +ynh_apps: null + # - label: Tiny Tiny RSS + # link: ttrss + # args: + # domain: domain.tld + # path: /ttrss + # post_install: + # - src: "templates/file.sh.j2" + # dest: "/tmp/script.sh" + # type: script + # owner: ttrss # Only provide if different from app name + # group: ttrss # Only provide if different from www-data diff --git a/roles/ynh_apps/meta/main.yml b/roles/ynh_apps/meta/main.yml new file mode 100644 index 0000000..87b70fa --- /dev/null +++ b/roles/ynh_apps/meta/main.yml @@ -0,0 +1,18 @@ +--- +galaxy_info: + role_name: ynh_apps + author: lydra + description: Install Yunohost apps with Ansible + license: GPL-v3 + min_ansible_version: 2.10 + github_branch: main + platforms: + - name: Debian + versions: + - buster + galaxy_tags: + - yunohost + - cloud + - web + +dependencies: [] diff --git a/roles/ynh_setup/tasks/app.yml b/roles/ynh_apps/tasks/app.yml similarity index 100% rename from roles/ynh_setup/tasks/app.yml rename to roles/ynh_apps/tasks/app.yml diff --git a/roles/ynh_setup/tasks/apps.yml b/roles/ynh_apps/tasks/apps.yml similarity index 99% rename from roles/ynh_setup/tasks/apps.yml rename to roles/ynh_apps/tasks/apps.yml index b59a807..9fb8e0e 100644 --- a/roles/ynh_setup/tasks/apps.yml +++ b/roles/ynh_apps/tasks/apps.yml @@ -38,4 +38,3 @@ when: ynh_app.label not in ynh_installed_apps.values() tags: - apps - diff --git a/roles/ynh_apps/tasks/main.yml b/roles/ynh_apps/tasks/main.yml index e54dd79..289486c 100644 --- a/roles/ynh_apps/tasks/main.yml +++ b/roles/ynh_apps/tasks/main.yml @@ -22,4 +22,5 @@ ansible.builtin.include_tasks: apps.yml when: ynh_apps tags: + - yunohost - apps diff --git a/roles/ynh_setup/README-FR.md b/roles/ynh_setup/README-FR.md index 914afac..195760d 100644 --- a/roles/ynh_setup/README-FR.md +++ b/roles/ynh_setup/README-FR.md @@ -53,63 +53,6 @@ ynh_users: - `ynh_users` est la liste des utilisateurs à créer. Chaque champ est obligatoire. Certaines applications Yunohost nécessitent qu'un utilisateur soit administrateur de l'application. Il aura ensuite le droit de gérer l'application depuis l'interface l'administration du serveur. Vous pouvez en apprendre plus sur la gestion des utilisateurs Yunohost [ici](https://yunohost.org/fr/administrate/overview/users). -### Gestion des applications - -```yml -# Liste des applications Yunohost. -ynh_apps: - - label: WikiJS - link: wikijs - args: - domain: wiki.domain.tld - path: / - admin: user1 - is_public: no - - label: Discourse - link: discourse - args: - domain: forum.domain.tld - path: / - admin: user1 - is_public: yes - post_install: - - src: "templates/site_settings.yml.j2" - dest: "/var/www/discourse/config/site_settings.yml" - type: "config" - - - src: "templates/configure_discourse.sh.j2" - dest: "/tmp/configure_discourse.sh" - type: "script" - owner: root - group: root -``` - -- `ynh_apps` est la liste des applications à installer. -- `label` permet de donner un nom personnalisé à l'application sur l'interface utilisateur. -- `link` correspond au nom de l'application Yunohost qu'on veut installer. - -#### Concernant les arguments - -- `domain` est obligatoire. Il faut choisir un des domaines de son instance Yunohost. -- `path` est obligatoire. Il faut choisir une URL pour accéder à son application comme `domain.tld/my_app`. Utilisez juste `/` si l'application doit s'installer sur un sous-domaine. -- `is_public` est un argument qu'on retrouve souvent. Paramétré sur `yes`, l'application sera accessible à tout le monde, même sans authentification sur le portail SSO Yunohost. Paramétré sur `no`, l'application ne sera accessible qu'après authentification. - -Pour les autres arguments, il faut se référer au `manifest.json` disponible dans le dépôt de l'application Yunohost qu'on installe. Vous pouvez en apprendre plus sur cette partie [ici](https://yunohost.org/fr/packaging_apps_manifest). - -#### Concernant la post-installation - -Il est possible de compléter l'installation des applications par l'ajout de templates jinja de configuration ou de scripts que vous aurez écrit de votre côté. -Pour activer cette fonctionnalité, définissez la variable `post_install` qui correspond à la liste des fichiers de post-installation de votre application. -Cette tâche utilisant le module template, vous pouvez tout à fait utiliser vos propres variables et les appeler dans vos fichiers de template. Pour en savoir sur ce module, cliquez [ici](https://docs.ansible.com/ansible/latest/collections/ansible/builtin/template_module.html). - -- `src` est obligatoire. Il s'agit du répertoire où le fichier de template se situe sur la machine qui execute Ansible. -- `dest` est obligatoire. Il s'agit du répertoire où le fichier de template va être stocké. -- `type` est obligatoire : - - Si vous précisez comme valeur `script` alors le fichier de template aura pour droits 740. Il sera exécuté après son transfert sur le serveur Yunohost (généralement dans `/tmp/`) puis il sera supprimé. - - Si vous précisez comme valeur `config` alors le fichier de template aura pour droits 660. Il sera transféré sur le serveur Yunohost (généralement dans `/var/www/AppName/`) et vous pourrez l'importer avec un script shell à côté par exemple. - -Pour `owner` et `group`, par défaut le fichier va prendre comme utilisateur propriétaire le nom de l'application et comme groupe propriétaire www-data (groupe NGINX). Vous pouvez les changer en précisant des valeurs différentes. - ## Dépendances Aucune. @@ -131,6 +74,7 @@ Aucune. roles: - ynh_setup + - ynh_apps - ynh_config - ynh_backup ``` diff --git a/roles/ynh_setup/README.md b/roles/ynh_setup/README.md index 2433777..4e816a9 100644 --- a/roles/ynh_setup/README.md +++ b/roles/ynh_setup/README.md @@ -53,63 +53,6 @@ ynh_users: - `ynh_users` is the list of users to create. Each field is mandatory. Some Yunohost applications require that a user be the app administrator. He will then have the right to manage the application from the server administration interface. You can learn more about Yunohost user management [here](https://yunohost.org/en/users). -### App management - -```yml -# The list of Yunohost apps. -ynh_apps: - - label: WikiJS - link: wikijs - args: - domain: wiki.domain.tld - path: / - admin: user1 - is_public: no - - label: Discourse - link: discourse - args: - domain: forum.domain.tld - path: / - admin: user1 - is_public: yes - post_install: - - src: "templates/site_settings.yml.j2" - dest: "/var/www/discourse/config/site_settings.yml" - type: "config" - - - src: "templates/configure_discourse.sh.j2" - dest: "/tmp/configure_discourse.sh" - type: "script" - owner: root - group: root -``` - -- `ynh_apps` is the list of applications to install. -- `label` allows you to give a custom name to the application on the user interface. -- `link` is the name of the Yunohost application to install. - -#### About the arguments - -- `domain` is essential. You have to choose one of the domains of your Yunohost instance. -- `path` is required. You have to choose a URL to access your application like `domain.tld/my_app`. Just use `/` if the application is to be installed on a subdomain. -- `is_public` argument is a common one. Set to `yes`, the application will be accessible to everyone, even without authentication to the Yunohost SSO portal. Set to `no`, the application will be accessible only after authentication. - -For the other arguments, you have to refer to the `manifest.json` available in the repository of the Yunohost application you install. You can learn more about this part [here](https://yunohost.org/fr/packaging_apps_manifest). - -#### About the post-installation - -It is possible to complete the installation of applications by adding jinja template configuration files or scripts written by yourself. -To enable this feature, define the `post_install` variable which corresponds to the list of post-installation files of your applications. -Because this task uses the template module, you can use your own variables and call them in your template files. To know more about this module, click [here](https://docs.ansible.com/ansible/latest/collections/ansible/builtin/template_module.html). - -- `src` is mandatory. This is the directory where the template file is located on the machine running Ansible. -- `dest` is mandatory. This is the directory where the template file will be stored. -- `type` is mandatory: - - If you specify `script` as the value, then the template file will have 740 rights. It will be executed after it is transferred to the Yunohost server (usually in `/tmp/`) and then deleted. - - If you specify `config` as the value, then the template file will have 660 rights. It will be transferred to the Yunohost server (usually in `/var/www/AppName/`) and after you could import it with a shell script on the side for example. - -For `owner` and `group`, by default the file will take as owner the name of the application and as owner www-data(NGINX group). You can change them by specifying different values. - ## Dependencies None. @@ -131,6 +74,7 @@ None. roles: - ynh_setup + - ynh_apps - ynh_config - ynh_backup ``` diff --git a/roles/ynh_setup/defaults/main.yml b/roles/ynh_setup/defaults/main.yml index 3ccb2e0..355c99f 100644 --- a/roles/ynh_setup/defaults/main.yml +++ b/roles/ynh_setup/defaults/main.yml @@ -35,17 +35,3 @@ ynh_users: null # firstname: Jane # lastname: Doe # mail_domain: domain.tld - - # The list of Yunohost apps. -ynh_apps: null - # - label: Tiny Tiny RSS - # link: ttrss - # args: - # domain: domain.tld - # path: /ttrss - # post_install: - # - src: "templates/file.sh.j2" - # dest: "/tmp/script.sh" - # type: script - # owner: ttrss # Only provide if different from app name - # group: ttrss # Only provide if different from www-data From 0f79911f3dfbad4bbf013662267bd08fa12b7cd5 Mon Sep 17 00:00:00 2001 From: Arthur BOUDREAULT Date: Thu, 3 Feb 2022 13:41:56 +0100 Subject: [PATCH 3/6] feat: adds symlink management --- README-FR.md | 1 + README.md | 1 + roles/ynh_setup/README-FR.md | 13 +++++++++++ roles/ynh_setup/README.md | 13 +++++++++++ roles/ynh_setup/defaults/main.yml | 9 ++++++++ roles/ynh_setup/tasks/main.yml | 36 +++++++++++-------------------- 6 files changed, 49 insertions(+), 24 deletions(-) diff --git a/README-FR.md b/README-FR.md index 5876a48..1ad3f34 100644 --- a/README-FR.md +++ b/README-FR.md @@ -45,6 +45,7 @@ Ces tags sont applicables suivant les rôles. |smtp|Tâches liées aux paramètres de relais smtp de Yunohost.| |backup|Tâches liées aux sauvegardes de Yunohost.| |pkg|Tâches d'installation de paquets.| +|linux|Tâches liées à l'OS Linux.| ## License diff --git a/README.md b/README.md index 1690d7d..239c7bc 100644 --- a/README.md +++ b/README.md @@ -45,6 +45,7 @@ These tags are applicable to roles. |smtp|Tasks related to Yunohost smtp relay settings.| |backup|Tasks related to Yunohost backups.| |pkg|Tasks that install packages.| +|linux|Tasks related to Linux OS.| ## License diff --git a/roles/ynh_setup/README-FR.md b/roles/ynh_setup/README-FR.md index 195760d..1d3687e 100644 --- a/roles/ynh_setup/README-FR.md +++ b/roles/ynh_setup/README-FR.md @@ -19,11 +19,24 @@ Les variables par défaut sont disponibles dans `default/main.yml` cependant il ynh_install_script_url: https://install.yunohost.org ynh_admin_password: MYINSECUREPWD_PLZ_OVERRIDE_THIS + +ynh_dir: "/data/yunohost" + +ynh_data_dirs: + - path: "{{ ynh_dir }}/etc" + link: "/etc/yunohost" + - path: "{{ ynh_dir }}/var" + link: "/var/www" +ynh_data_dirs.enabled: True ``` - `ynh_install_script_url` est le script d'installation des packages Yunohost, par défaut c'est le script officiel. Yunohost ne s'installe que sur Debian 10. - `ynh_admin_password` est le mot de passe permettant d'accéder à l’interface d’administration du serveur. +- `ynh_data_dirs.enabled`: active les liens symboliques et permet de déplacer les répertoires de configurations et de données de YunoHost où vous le desirez. Mettez la valeur à `True`. +- `ynh_data_dirs.path`: il s'agit des répertoires où stocker les données de configuration de Yunohost ainsi que les applications. +- `ynh_data_dirs.link`: il s'agit des répertoire où seront fait les liens symboliques. + ### Gestion des domaines ```yml diff --git a/roles/ynh_setup/README.md b/roles/ynh_setup/README.md index 4e816a9..5b6afb2 100644 --- a/roles/ynh_setup/README.md +++ b/roles/ynh_setup/README.md @@ -19,11 +19,24 @@ Default variables are available in `default/main.yml` however it is necessary to ynh_install_script_url: https://install.yunohost.org ynh_admin_password: MYINSECUREPWD_PLZ_OVERRIDE_THIS + +ynh_dir: "/data/yunohost" + +ynh_data_dirs: + - path: "{{ ynh_dir }}/etc" + link: "/etc/yunohost" + - path: "{{ ynh_dir }}/var" + link: "/var/www" +ynh_data_dirs.enabled: True ``` - `ynh_install_script_url` downloads official Yunohost script for installing Yunohost packages. Yunohost is only available on Debian 10. - `ynh_admin_password` is the password used to access to the server's administration interface. +- `ynh_data_dirs.enabled`: Enables symbolic links and allows you to move YunoHost's configuration and data directories wherever you want. Set the value to `True`. +- `ynh_data_dirs.path`: these are the directories where Yunohost configuration data and applications are stored. +- `ynh_data_dirs.link`: this is the directory where symbolic links will be made. + ### Domain management ```yml diff --git a/roles/ynh_setup/defaults/main.yml b/roles/ynh_setup/defaults/main.yml index 355c99f..67c1244 100644 --- a/roles/ynh_setup/defaults/main.yml +++ b/roles/ynh_setup/defaults/main.yml @@ -23,6 +23,15 @@ ynh_install_script_url: https://install.yunohost.org ynh_admin_password: MYINSECUREPWD_PLZ_OVERRIDE_THIS +ynh_dir: "/data/yunohost" + +ynh_data_dirs: + - path: "{{ ynh_dir }}/etc" + link: "/etc/yunohost" + - path: "{{ ynh_dir }}/var" + link: "/var/www" +ynh_data_dirs_enabled: True + # The list of Yunohost domains. ynh_main_domain: domain.tld ynh_extra_domains: null diff --git a/roles/ynh_setup/tasks/main.yml b/roles/ynh_setup/tasks/main.yml index 0105337..a2d22ba 100644 --- a/roles/ynh_setup/tasks/main.yml +++ b/roles/ynh_setup/tasks/main.yml @@ -27,40 +27,28 @@ tags: - pkg - linux - - yunohost -- name: Create apps and config directories +- name: Create data and config subdirs of Yunohost ansible.builtin.file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory - mode: 0770 - loop: - - "{{ ynh_symlink.appdata_dir }}" - - "{{ ynh_symlink.conf_dir }}" + mode: "0755" + with_items: + - "{{ ynh_data_dirs }}" tags: - linux - - yunohost - when: ynh_symlink.enabled + when: ynh_data_dirs_enabled -- name: Create symbolic link for Yunohost apps data directory +- name: Create symbolic links for Yunohost subdirs ansible.builtin.file: - src: /var/www/ - dest: "{{ ynh_symlink.appdata_dir }}/www_symlink" + src: "{{ item.path }}" + dest: "{{ item.link }}" state: link + with_items: + - "{{ ynh_data_dirs }}" tags: - linux - - yunohost - when: ynh_symlink.enabled - -- name: Create symbolic link for Yunohost configuration directory - ansible.builtin.file: - src: /etc/yunohost/ - dest: "{{ ynh_symlink.conf_dir }}/yunohost_symlink" - state: link - tags: - - linux - - yunohost - when: ynh_symlink.enabled + when: ynh_data_dirs_enabled - name: Test if Yunohost is already installed ansible.builtin.stat: path=/etc/yunohost/installed From 23f458517c51f79965df9ba27bc125618da5ad4f Mon Sep 17 00:00:00 2001 From: Arthur BOUDREAULT Date: Wed, 16 Feb 2022 13:57:59 +0100 Subject: [PATCH 4/6] refactor: add new pre-task to ynh_setup + fixes in README --- README-FR.md | 3 ++- README.md | 3 ++- roles/ynh_setup/README-FR.md | 6 ------ roles/ynh_setup/README.md | 6 ------ roles/ynh_setup/tasks/main.yml | 9 ++++++++- 5 files changed, 12 insertions(+), 15 deletions(-) diff --git a/README-FR.md b/README-FR.md index 1ad3f34..45d43b7 100644 --- a/README-FR.md +++ b/README-FR.md @@ -26,6 +26,7 @@ Votre serveur doit être basé sur du Debian Buster et Yunohost ne doit pas déj ### Rôles - [`lydra.yunohost.ynh_setup`](roles/ynh_setup/README-FR.md) : Ce rôle prépare les serveurs à base de Debian-Buster à exécuter Yunohost. Il configure Yunohost avec ses paramètres initiaux et les domaines, utilisateurs et applications de votre choix. +- [`lydra.yunohost.ynh_apps`](roles/ynh_apps/README-FR.md): Ce rôle installe les applications Yunohost de votre choix et peut également lancer des tâches de post-installation. - [`lydra.yunohost.ynh_config`](roles/ynh_config/README-FR.md) : Ce rôle gère la configuration de différents services de Yunohost (relais SMTP, mises à jour automatiques). - [`lydra.yunohost.ynh_backup`](roles/ynh_backup/README-FR.md) : Ce rôle gère la configuration des sauvegardes. @@ -37,7 +38,7 @@ Ces tags sont applicables suivant les rôles. |tags|commentaires| |----|-------| -|yunohost|Tâches spécifiques à Yunohost.| +|yunohost|Tâches spécifiques à Yunohost lui-même (installation ou configuration).| |users|Tâches spécifiques aux utilisateurs de Yunohost.| |domains|Tâches spécifiques aux domaines liés à Yunohost.| |apps|Tâches spécifiques aux applications de Yunohost.| diff --git a/README.md b/README.md index 239c7bc..03cc4a1 100644 --- a/README.md +++ b/README.md @@ -26,6 +26,7 @@ Your server must be Debian-Buster based and Yunohost shouldn't be already instal ### Roles - [`lydra.yunohost.ynh_setup`](roles/ynh_setup/README.md): This role prepares servers with Debian-Buster-based to run Yunohost. It sets up Yunohost with its initial settings and domains, users and apps of your choice. +- [`lydra.yunohost.ynh_apps`](roles/ynh_apps/README.md): This role installs Yunohost apps of your choice and can perform post-install tasks. - [`lydra.yunohost.ynh_config`](roles/ynh_config/README.md): This role configures various Yunohost services (SMTP relay, auto updates). - [`lydra.yunohost.ynh_backup`](roles/ynh_backup/README.md): This role manages the configuration of backups. @@ -37,7 +38,7 @@ These tags are applicable to roles. |tags|comment| |----|-------| -|yunohost|Tasks specific to Yunohost.| +|yunohost|Tasks specific to Yunohost itself (setup or configuration).| |users|Tasks specific to users in Yunohost.| |domains|Tasks specific to domains linked to Yunohost.| |apps|Tasks specific to Yunohost apps.| diff --git a/roles/ynh_setup/README-FR.md b/roles/ynh_setup/README-FR.md index 1d3687e..a3976de 100644 --- a/roles/ynh_setup/README-FR.md +++ b/roles/ynh_setup/README-FR.md @@ -79,12 +79,6 @@ Aucune. become: True collections: - lydra.yunohost - pre_tasks: - - name: Update all packages and index - ansible.builtin.apt: - upgrade: dist - update_cache: yes - roles: - ynh_setup - ynh_apps diff --git a/roles/ynh_setup/README.md b/roles/ynh_setup/README.md index 5b6afb2..60edfa2 100644 --- a/roles/ynh_setup/README.md +++ b/roles/ynh_setup/README.md @@ -79,12 +79,6 @@ None. become: True collections: - lydra.yunohost - pre_tasks: - - name: Update all packages and index - ansible.builtin.apt: - upgrade: dist - update_cache: yes - roles: - ynh_setup - ynh_apps diff --git a/roles/ynh_setup/tasks/main.yml b/roles/ynh_setup/tasks/main.yml index a2d22ba..4198159 100644 --- a/roles/ynh_setup/tasks/main.yml +++ b/roles/ynh_setup/tasks/main.yml @@ -17,6 +17,13 @@ # along with this program. If not, see . # # # #-----------------------------------------------------------------------------# +- name: Update all packages and index + ansible.builtin.apt: + upgrade: dist + update_cache: yes + tags: + - pkg + - linux - name: Install requirements ansible.builtin.apt: @@ -45,7 +52,7 @@ dest: "{{ item.link }}" state: link with_items: - - "{{ ynh_data_dirs }}" + - "{{ ynh_data_dirs }}" tags: - linux when: ynh_data_dirs_enabled From 25cf95e439c37db7f1cb7adab67985fa69877f87 Mon Sep 17 00:00:00 2001 From: Arthur BOUDREAULT Date: Thu, 19 May 2022 12:20:37 +0200 Subject: [PATCH 5/6] docs: apply Christophe suggestions for README --- README-FR.md | 14 ++++---------- README.md | 10 ++-------- roles/ynh_backup/README-FR.md | 12 ------------ roles/ynh_backup/README.md | 12 ------------ roles/ynh_backup/tasks/backup.yml | 2 +- roles/ynh_config/README-FR.md | 14 +------------- roles/ynh_config/README.md | 16 +--------------- roles/ynh_setup/README-FR.md | 4 ++-- roles/ynh_setup/README.md | 4 ++-- 9 files changed, 13 insertions(+), 75 deletions(-) diff --git a/README-FR.md b/README-FR.md index 45d43b7..2de31c8 100644 --- a/README-FR.md +++ b/README-FR.md @@ -8,7 +8,7 @@ [![GitHub Release Date](https://img.shields.io/github/release-date/LydraFr/ansible-yunohost)](https://github.com/LydraFr/ansible-yunohost) [![GitHub Repo stars](https://img.shields.io/github/stars/LydraFr/ansible-yunohost?style=social)](https://github.com/LydraFr/ansible-yunohost) - Collection Ansible - lydra.yunohost + Collection Ansible - `lydra.yunohost` [🇬🇧 English version](README.md) @@ -17,22 +17,18 @@ Comme il s'agit d'une collection indépendante, elle peut être publiée selon s ## Prérequis ------------- - Votre serveur doit être basé sur du Debian Buster et Yunohost ne doit pas déjà être installé. ## Contenu de la collection ### Rôles -- [`lydra.yunohost.ynh_setup`](roles/ynh_setup/README-FR.md) : Ce rôle prépare les serveurs à base de Debian-Buster à exécuter Yunohost. Il configure Yunohost avec ses paramètres initiaux et les domaines, utilisateurs et applications de votre choix. -- [`lydra.yunohost.ynh_apps`](roles/ynh_apps/README-FR.md): Ce rôle installe les applications Yunohost de votre choix et peut également lancer des tâches de post-installation. +- [`lydra.yunohost.ynh_setup`](roles/ynh_setup/README-FR.md) : Ce rôle prépare les serveurs à base de Debian-Buster à exécuter Yunohost. Il configure Yunohost avec ses paramètres initiaux, les domaines et les utilisateurs de votre choix. +- [`lydra.yunohost.ynh_apps`](roles/ynh_apps/README-FR.md): Ce rôle installe les applications Yunohost de votre choix et peut également les configurer grâce aux tâches de post-installation. - [`lydra.yunohost.ynh_config`](roles/ynh_config/README-FR.md) : Ce rôle gère la configuration de différents services de Yunohost (relais SMTP, mises à jour automatiques). - [`lydra.yunohost.ynh_backup`](roles/ynh_backup/README-FR.md) : Ce rôle gère la configuration des sauvegardes. -### lydra.yunohost Tags du rôle - ------------- +### Tags du rôle Ces tags sont applicables suivant les rôles. @@ -50,8 +46,6 @@ Ces tags sont applicables suivant les rôles. ## License ------------- - [![ansible-yunohost Copyright 2021 Lydra](https://www.gnu.org/graphics/gplv3-with-text-136x68.png)](https://choosealicense.com/licenses/gpl-3.0/) **ansible-yunohost** est maintenu par [Lydra](https://lydra.fr/) et publié sous la licence GPL3. diff --git a/README.md b/README.md index 03cc4a1..0be9f00 100644 --- a/README.md +++ b/README.md @@ -8,7 +8,7 @@ [![GitHub Release Date](https://img.shields.io/github/release-date/LydraFr/ansible-yunohost)](https://github.com/LydraFr/ansible-yunohost) [![GitHub Repo stars](https://img.shields.io/github/stars/LydraFr/ansible-yunohost?style=social)](https://github.com/LydraFr/ansible-yunohost) -# Ansible Collection - lydra.yunohost +# Ansible Collection - `lydra.yunohost` [🇫🇷 French version](README-FR.md) @@ -17,8 +17,6 @@ As this is an independent collection, it can be released on its own release cade # Prerequisites ------------- - Your server must be Debian-Buster based and Yunohost shouldn't be already installed. ## Collection contents @@ -30,9 +28,7 @@ Your server must be Debian-Buster based and Yunohost shouldn't be already instal - [`lydra.yunohost.ynh_config`](roles/ynh_config/README.md): This role configures various Yunohost services (SMTP relay, auto updates). - [`lydra.yunohost.ynh_backup`](roles/ynh_backup/README.md): This role manages the configuration of backups. -## lydra.yunohost Role Tags - ------------- +## Role Tags These tags are applicable to roles. @@ -50,8 +46,6 @@ These tags are applicable to roles. ## License ------------- - [![ansible-yunohost Copyright 2021 Lydra](https://www.gnu.org/graphics/gplv3-with-text-136x68.png)](https://choosealicense.com/licenses/gpl-3.0/) **ansible-yunohost** is maintained by [Lydra](https://lydra.fr/) and released under the GPL3 license. diff --git a/roles/ynh_backup/README-FR.md b/roles/ynh_backup/README-FR.md index 88030c7..a39d4f8 100644 --- a/roles/ynh_backup/README-FR.md +++ b/roles/ynh_backup/README-FR.md @@ -6,20 +6,14 @@ Sauvegardez [Yunohost](https://yunohost.org/#/) avec Ansible ! ## Prérequis ------------- - Yunohost doit déjà être installé sur votre serveur. ## Variables du rôle ------------- - Les variables par défaut sont disponibles dans `default/main.yml` cependant il est possible de les surcharger selon vos besoins en ... ### Gestion des sauvegardes ------------- - ```yml ynh_backup: scheduled: True @@ -46,14 +40,10 @@ La tâche backup va permettre de sauvegarder les applications Yunohost ainsi que ## Dépendances ------------- - Aucune. ## Exemple de Playbook ------------- - ```yml --- - name: Configure Yunohost backups @@ -67,8 +57,6 @@ Aucune. ## License ------------- - [![ansible-yunohost Copyright 2021 Lydra](https://www.gnu.org/graphics/gplv3-with-text-136x68.png)](https://choosealicense.com/licenses/gpl-3.0/) **ansible-yunohost** est maintenu par [Lydra](https://lydra.fr/) et publié sous la licence GPL3. diff --git a/roles/ynh_backup/README.md b/roles/ynh_backup/README.md index a6df157..91e760a 100644 --- a/roles/ynh_backup/README.md +++ b/roles/ynh_backup/README.md @@ -6,20 +6,14 @@ Deploy [Yunohost](https://yunohost.org/#/) with Ansible! ## Requirements ------------- - Yunohost needs to be installed on your server. ## Role Variables ------------- - Default variables are available in `default/main.yml` however it is necessary to override them according to your needs for ... ### Backups management ------------- - ```yml ynh_backup: scheduled: True @@ -46,14 +40,10 @@ The backup task will allow to backup Yunohost applications and their data by set ## Dependencies ------------- - None. ## Example Playbook ------------- - ```yml --- - name: Configure Yunohost backups @@ -67,8 +57,6 @@ None. ## License ------------- - [![ansible-yunohost Copyright 2021 Lydra](https://www.gnu.org/graphics/gplv3-with-text-136x68.png)](https://choosealicense.com/licenses/gpl-3.0/) **ansible-yunohost** is maintained by [Lydra](https://lydra.fr/) and released under the GPL3 license. diff --git a/roles/ynh_backup/tasks/backup.yml b/roles/ynh_backup/tasks/backup.yml index 3c071af..a956b19 100644 --- a/roles/ynh_backup/tasks/backup.yml +++ b/roles/ynh_backup/tasks/backup.yml @@ -37,7 +37,7 @@ - backup - cron -- name: Create cron task to perform YNH backup +- name: Create cron task to schedule YNH backup script ansible.builtin.cron: name: "auto-backup to {{ ynh_backup.directory | default('/home/yunohost.backup/archives') }}" month: "{{ ynh_backup.scheduled_month | default('*') }}" diff --git a/roles/ynh_config/README-FR.md b/roles/ynh_config/README-FR.md index 8012a06..99d7fc6 100644 --- a/roles/ynh_config/README-FR.md +++ b/roles/ynh_config/README-FR.md @@ -10,14 +10,10 @@ Yunohost doit déjà être installé sur votre serveur. ## Variables du rôle ------------- - Les variables par défaut sont disponibles dans `default/main.yml` cependant il est possible de les surcharger selon vos besoins. ### Configuration d'un relais SMTP ------------- - ```yml # paramètres personnalisés du relais SMTP ynh_smtp_relay: @@ -30,9 +26,7 @@ ynh_smtp_relay: Yunohost possède son propre serveur SMTP natif mais il est aussi possible de configurer Yunohost pour qu'il utilise un relais SMTP à la place. Pour faire cela, créez la variable `ynh_smtp_relay` et mettez vos propres valeurs. Vous pouvez en apprendre plus sur les relais SMTP [ici](https://yunohost.org/fr/administrate/specific_use_cases/email_relay). -### Concernant les mises à jour - ------------- +### Configuration des mises à jour ```yml # Autoupdate Yunohost and its apps @@ -58,14 +52,10 @@ Pour en savoir plus sur le fonctionnement des mises à jour dans Yunohost vous p ## Dépendances ------------- - Aucune. ## Exemple de Playbook ------------- - ```yml --- - name: Configure Yunohost on Debian Server @@ -79,8 +69,6 @@ Aucune. ## License ------------- - [![ansible-yunohost Copyright 2021 Lydra](https://www.gnu.org/graphics/gplv3-with-text-136x68.png)](https://choosealicense.com/licenses/gpl-3.0/) **ansible-yunohost** est maintenu par [Lydra](https://lydra.fr/) et publié sous la licence GPL3. diff --git a/roles/ynh_config/README.md b/roles/ynh_config/README.md index 068e81b..acf1777 100644 --- a/roles/ynh_config/README.md +++ b/roles/ynh_config/README.md @@ -6,20 +6,14 @@ Deploy [Yunohost](https://yunohost.org/#/) with Ansible! ## Requirements ------------- - None. ## Role Variables ------------- - Default variables are available in `default/main.yml` however it is necessary to override them according to your needs for Yunohost domains, users and apps. ### SMTP relay configuration ------------- - ```yml # SMTP custom settings ynh_smtp_relay: @@ -32,9 +26,7 @@ ynh_smtp_relay: There is a built-in SMTP server on Yunohost but you can also set up Yunohost to use a SMTP relay instead. In order to do so, create the `ynh_smtp_relay` variable and provide your own values. You can learn more about SMTP relay [here](https://yunohost.org/en/administrate/specific_use_cases/email_relay). -### About the updates - ------------- +### Updates configuration ```yml # Autoupdate Yunohost and its apps @@ -60,14 +52,10 @@ To learn more about how updates work in Yunohost you can go [here](https://yunoh ## Dependencies ------------- - None. ## Example Playbook ------------- - ```yml --- - name: Configure Yunohost on Debian Server @@ -81,8 +69,6 @@ None. ## License ------------- - [![ansible-yunohost Copyright 2021 Lydra](https://www.gnu.org/graphics/gplv3-with-text-136x68.png)](https://choosealicense.com/licenses/gpl-3.0/) **ansible-yunohost** is maintained by [Lydra](https://lydra.fr/) and released under the GPL3 license. diff --git a/roles/ynh_setup/README-FR.md b/roles/ynh_setup/README-FR.md index a3976de..7475f5a 100644 --- a/roles/ynh_setup/README-FR.md +++ b/roles/ynh_setup/README-FR.md @@ -30,10 +30,10 @@ ynh_data_dirs: ynh_data_dirs.enabled: True ``` -- `ynh_install_script_url` est le script d'installation des packages Yunohost, par défaut c'est le script officiel. Yunohost ne s'installe que sur Debian 10. +- `ynh_install_script_url` est l'url du script d'installation des packages Yunohost, par défaut c'est le script officiel. Yunohost ne s'installe que sur Debian 10. - `ynh_admin_password` est le mot de passe permettant d'accéder à l’interface d’administration du serveur. -- `ynh_data_dirs.enabled`: active les liens symboliques et permet de déplacer les répertoires de configurations et de données de YunoHost où vous le desirez. Mettez la valeur à `True`. +- `ynh_data_dirs.enabled`: active les liens symboliques et permet de déplacer les répertoires de configurations et de données de YunoHost où vous le desirez. Par défaut, cette valeur est à `True`. Nous utilisons les liens symboliques car le dossier `/data` nous sert à faire des sauvegardes de type _object storage_. - `ynh_data_dirs.path`: il s'agit des répertoires où stocker les données de configuration de Yunohost ainsi que les applications. - `ynh_data_dirs.link`: il s'agit des répertoire où seront fait les liens symboliques. diff --git a/roles/ynh_setup/README.md b/roles/ynh_setup/README.md index 60edfa2..14b4b05 100644 --- a/roles/ynh_setup/README.md +++ b/roles/ynh_setup/README.md @@ -30,10 +30,10 @@ ynh_data_dirs: ynh_data_dirs.enabled: True ``` -- `ynh_install_script_url` downloads official Yunohost script for installing Yunohost packages. Yunohost is only available on Debian 10. +- `ynh_install_script_url` The url provided downloads the official Yunohost script for installing Yunohost packages. Yunohost is only available on Debian 10. - `ynh_admin_password` is the password used to access to the server's administration interface. -- `ynh_data_dirs.enabled`: Enables symbolic links and allows you to move YunoHost's configuration and data directories wherever you want. Set the value to `True`. +- `ynh_data_dirs.enabled`: Enables symbolic links and allows you to move YunoHost's configuration and data directories wherever you want. By default, this value is set to `True`. We use symbolic links because the `/data` folder is used by us to make _object storage_ backups. - `ynh_data_dirs.path`: these are the directories where Yunohost configuration data and applications are stored. - `ynh_data_dirs.link`: this is the directory where symbolic links will be made. From 6da3f36a31d8aea17dcd28828b12a50fda1095f0 Mon Sep 17 00:00:00 2001 From: Arthur BOUDREAULT Date: Mon, 23 May 2022 10:45:25 +0200 Subject: [PATCH 6/6] refactor: change backup script vars position so user won't modify them --- roles/ynh_backup/README-FR.md | 4 +--- roles/ynh_backup/README.md | 6 ++---- roles/ynh_backup/defaults/main.yml | 2 -- roles/ynh_backup/tasks/backup.yml | 7 +++---- roles/ynh_backup/vars/main.yml | 23 +++++++++++++++++++++++ 5 files changed, 29 insertions(+), 13 deletions(-) create mode 100644 roles/ynh_backup/vars/main.yml diff --git a/roles/ynh_backup/README-FR.md b/roles/ynh_backup/README-FR.md index a39d4f8..7d58035 100644 --- a/roles/ynh_backup/README-FR.md +++ b/roles/ynh_backup/README-FR.md @@ -28,15 +28,13 @@ ynh_backup: dest_script: "/usr/bin" ``` -La tâche backup va permettre de sauvegarder les applications Yunohost ainsi que leurs données grâce à la mise en place d'une tâche cron. +La tâche _backup_ va permettre de sauvegarder les applications Yunohost ainsi que leurs données grâce à la mise en place d'une tâche cron. Cette sauvegarde utilise celle fournie par [Yunohost](https://yunohost.org/fr/backup) et elle est locale au serveur. - `ynh_backup.scheduled` : active la fonctionnalité de sauvegarde des applications Yunohost, mettez la valeur à `True`. - `ynh_backup.directory` : le dossier de sauvegarde par défaut est `/home/yunohost.backup/archives` cependant vous pouvez tout à fait choisir de sauvegarder les backups dans un autre dossier grâce à cette variable. Dans ce cas, de manière à pouvoir restaurer les backups depuis l'interface web, Yunohost créé automatiquement un lien symbolique de l'archive créée vers son dossier par défaut. - `ynh_backup.scheduled_[hour|minute|weekday|month]`: modifie la planification de la tâche cron. Par défaut elle se déclenchera tous les jours de l'année à 1 heure du matin. Pour plus d'informations concernant les réglages horaires cron, cet outil peut être utile : . - `ynh_backup.system` : est obligatoire. Activez la sauvegarde du système Yunohost en mettant la valeur à `True`. - `ynh_backup.apps` : est obligatoire. Activez la sauvegarde des applications Yunohost en mettant la valeur à `True`. -- `src_script`: il s'agit du chemin absolu où le fichier de template se situe sur la machine qui exécute Ansible. Par défaut, il sera stocké dans `templates/ynh_backup.sh.j2`. -- `dest_script`: il s'agit du répertoire où le fichier de template va être stocké. Par défaut, il sera stocké dans `/usr/local/bin/`. Le script s'appelle `ynh_backup.sh`. ## Dépendances diff --git a/roles/ynh_backup/README.md b/roles/ynh_backup/README.md index 91e760a..06904e6 100644 --- a/roles/ynh_backup/README.md +++ b/roles/ynh_backup/README.md @@ -28,15 +28,13 @@ ynh_backup: dest_script: "/usr/bin" ``` -The backup task will allow to backup Yunohost applications and their data by setting up a cron job. +The _backup_ task will allow to backup Yunohost applications and their data by setting up a cron job. This backup uses the one provided by [Yunohost](https://yunohost.org/fr/backup) and it is local to the server. - `ynh_backup.scheduled`: to enable the Yunohost applications backup feature, set the value to `True`. - `ynh_backup.directory`: the default backup folder is `/home/yunohost.backup/archives` however you can choose to save the backups in another folder with this variable. In this case, in order to be able to restore the backups from the web interface, Yunohost automatically creates a symbolic link from the created archive to its default folder. - `ynh_backup.scheduled_[hour|minute|weekday|month]`: modifies the scheduling of the cron task. By default it will run every day of the year at 1am. For more information about cron time settings, this tool can be useful: . - `ynh_backup.system` : is mandatory. Enables automatic backup of the Yunohost system by setting the value to `True`. -- `ynh_backup.apps` : est obligatoire. Enables automatic backup of Yunohost applications by setting the value to `True`. -- `src_script`: this is the absolute path where the template file is located on the machine running Ansible. By default is will be stored in `templates/ynh_backup.sh.j2`. -- `dest_script`: this is the directory where the template file will be stored. By default is will be stored in `/usr/local/bin`. The script is named `ynh_backup.sh`. +- `ynh_backup.apps` : is mandatory. Enables automatic backup of Yunohost applications by setting the value to `True`. ## Dependencies diff --git a/roles/ynh_backup/defaults/main.yml b/roles/ynh_backup/defaults/main.yml index 5e8e0dd..27500a4 100644 --- a/roles/ynh_backup/defaults/main.yml +++ b/roles/ynh_backup/defaults/main.yml @@ -28,5 +28,3 @@ ynh_backup: # scheduled_month: "*" # system: True # apps: True - # src_script: "templates/ynh_backup.sh.j2" - # dest_script: "/usr/local/bin/" diff --git a/roles/ynh_backup/tasks/backup.yml b/roles/ynh_backup/tasks/backup.yml index a956b19..1a5b2bb 100644 --- a/roles/ynh_backup/tasks/backup.yml +++ b/roles/ynh_backup/tasks/backup.yml @@ -28,14 +28,13 @@ - name: Create backup script ansible.builtin.template: - src: "{{ ynh_backup.src_script | default('templates/ynh_backup.sh.j2') }}" - dest: "{{ ynh_backup.dest_script | default('/usr/local/bin/') }}ynh_backup.sh" + src: "{{ ynh_backup_src_script }}" + dest: "{{ ynh_backup_dest_script }}" owner: root group: root mode: '0740' tags: - backup - - cron - name: Create cron task to schedule YNH backup script ansible.builtin.cron: @@ -45,7 +44,7 @@ hour: "{{ ynh_backup.scheduled_hour | default('1') }}" minute: "{{ ynh_backup.scheduled_minute | default('0') }}" user: root - job: "{{ ynh_backup.dest_script | default('/usr/local/bin/') }}ynh_backup.sh" + job: "{{ ynh_backup_dest_script }}" cron_file: ynh_backup_cron tags: - backup diff --git a/roles/ynh_backup/vars/main.yml b/roles/ynh_backup/vars/main.yml new file mode 100644 index 0000000..9fda391 --- /dev/null +++ b/roles/ynh_backup/vars/main.yml @@ -0,0 +1,23 @@ +--- +#-----------------------------------------------------------------------------# +# ansible-yunohost allows to deploy Yunohost using Ansible # +# Copyright 2021-present Lydra https://www.lydra.fr/ # +# # +# this program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# this program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +#-----------------------------------------------------------------------------# + +# Variables for backup +ynh_backup_src_script: "templates/ynh_backup.sh.j2" +ynh_backup_dest_script: "/usr/local/bin/ynh_backup.sh"