diff --git a/request-tracker/defaults/main.yml b/request-tracker/defaults/main.yml
index 7bae692ee3e71199c217429bce1647827c2ce28b..69cb68ae3b7e877f5fb8190d1a87eab17ce81d52 100644
--- a/request-tracker/defaults/main.yml
+++ b/request-tracker/defaults/main.yml
@@ -1,2 +1,3 @@
---
rt_enable_acmetool: False
+rt_workers: 4
diff --git a/request-tracker/tasks/main.yml b/request-tracker/tasks/main.yml
index 68b7ca82a6917a8d61dbf5d6630a1cc0f8fd8c46..6e3b8b11d4de68a45e7e742e2b7aa9a8a581796f 100644
--- a/request-tracker/tasks/main.yml
+++ b/request-tracker/tasks/main.yml
@@ -1,83 +1,106 @@
-- name: Have RT packages installed
- apt: name={{item}} state=present
- with_items:
- - request-tracker4
- - rt4-fcgi
- - rt4-db-postgresql
- - debconf-utils
+- name: Have the config folder
+ file:
+ path: /etc/request-tracker4/RT_SiteConfig.d
+ owner: root
+ group: www-data
+ mode: 0750
+ state: directory
+ recurse: yes
tags:
- - packages
- rt
-- name: Remove Debian’s config
- file:
- dest: /etc/request-tracker4/RT_SiteConfig.d/{{item}}.pm
- state: link
- src: /dev/null
- force: yes
- with_items:
- - 40-timezone
- - 50-debconf
- - 51-dbconfig-common
- - 60-logging
+- name: Have RT placeholder config installed
+ template:
+ src: RT_SiteConfig.pm.j2
+ dest: /etc/request-tracker4/RT_SiteConfig.pm
+ owner: root
+ group: www-data
+ mode: 0640
+ tags:
+ - rt
notify:
- restart RT
+
+- name: Have RT config installed
+ template:
+ src: "RT_SiteConfig.d/{{ item }}.j2"
+ dest: "/etc/request-tracker4/RT_SiteConfig.d/{{ item }}"
+ owner: root
+ group: www-data
+ mode: 0640
+ with_items:
+ - 40-timezone.pm
+ - 50-debconf.pm
+ - 60-logging.pm
+ - 70-ldap.pm
tags:
- - config
- rt
+ notify:
+ - restart RT
-- name: Have RT config installed
- template: src=RT_SiteConfig.pm.j2 dest=/etc/request-tracker4/RT_SiteConfig.pm owner=root group=www-data mode=0660
+- name: Have dbconfig config installed
+ template:
+ src: dbconfig.conf.j2
+ dest: /etc/dbconfig-common/request-tracker4.conf
+ owner: root
+ group: root
+ mode: 0600
tags:
- rt
- - config
notify:
- restart RT
+
+- import_tasks: postgres.yml
-- name: Debconf RT
- debconf: name=request-tracker4 question={{item.q}} value={{item.v}} vtype={{item.t}}
+- name: Have RT packages installed
+ apt:
+ name: "{{ item }}"
+ state: present
+ install_recommends: no
with_items:
- - { q: 'request-tracker4/install-cronjobs', v: 'true', t: 'boolean' }
- notify:
- - restart RT
+ - request-tracker4
+ - rt4-fcgi
+ - rt4-db-postgresql
tags:
- rt
-- include: postgres.yml
-
- name: Have nginx config for RT installed
- template: src=nginx-rt.j2 dest=/etc/nginx/sites-available/rt
+ template:
+ src: nginx-rt.j2
+ dest: /etc/nginx/sites-available/rt
tags:
- rt
- - config
notify:
- restart nginx
- name: Have nginx default config removed
- file: path=/etc/nginx/sites-enabled/default state=absent
+ file:
+ path: /etc/nginx/sites-enabled/default
+ state: absent
tags:
- rt
- - config
notify:
- restart nginx
- name: Have nginx config for RT activated
- file: state=link src=/etc/nginx/sites-available/rt dest=/etc/nginx/sites-enabled/rt
+ file:
+ state: link
+ src: /etc/nginx/sites-available/rt
+ dest: /etc/nginx/sites-enabled/rt
tags:
- rt
- - config
notify:
- restart nginx
-
-# DEBIAN, FOR FUCK’S SAKE
-- name: Have RT enabled for sysvinit
- lineinfile:
- path: /etc/default/rt4-fcgi
- regexp: '^enabled='
- line: 'enabled=1'
+
+- name: Have fcgi env installed
+ template:
+ src: fcgi-env.j2
+ dest: /etc/default/rt4-fcgi
+ owner: root
+ group: root
+ mode: 0644
tags:
- rt
- - service
- name: Have DB for RT initialized
shell: "rt-setup-database --action init --skip-create && touch /etc/request-tracker4/.db_initialized"
@@ -98,7 +121,10 @@
- rt
- name: Have RT up und running
- service: name={{item}} state=started enabled=yes
+ service:
+ name: "{{ item }}"
+ state: started
+ enabled: yes
with_items:
- rt4-fcgi
- request-tracker4
@@ -108,4 +134,3 @@
- restart nginx
tags:
- rt
- - service
diff --git a/request-tracker/templates/RT_SiteConfig.d/40-timezone.pm.j2 b/request-tracker/templates/RT_SiteConfig.d/40-timezone.pm.j2
new file mode 100644
index 0000000000000000000000000000000000000000..a7c7909ae76fb86e7f2df178ae99ab3b7ebe6335
--- /dev/null
+++ b/request-tracker/templates/RT_SiteConfig.d/40-timezone.pm.j2
@@ -0,0 +1,6 @@
+# dynamically find out the current timezone
+my $zone = "UTC";
+$zone=`/bin/cat /etc/timezone`
+ if -f "/etc/timezone";
+chomp $zone;
+Set($Timezone, $zone);
diff --git a/request-tracker/templates/RT_SiteConfig.d/50-debconf.pm.j2 b/request-tracker/templates/RT_SiteConfig.d/50-debconf.pm.j2
new file mode 100644
index 0000000000000000000000000000000000000000..993a34338ea00c76d8899120ece826d79adf4e62
--- /dev/null
+++ b/request-tracker/templates/RT_SiteConfig.d/50-debconf.pm.j2
@@ -0,0 +1,42 @@
+# THE BASICS:
+
+### General
+Set($rtname, '{{rt_name}}');
+Set($OwnerEmail, '{{rt_owner}}');
+Set($MessageBoxRichText, 0);
+Set($PreferRichText, 0);
+Set($PlainTextMono, 1);
+Set($AllowLoginPasswordAutoComplete, 1);
+Set($DisallowExecuteCode, 1);
+Set($Organization, '{{rt_organization}}');
+
+### Web
+Set($WebDomain, '{{rt_webdomain}}');
+Set($CanonicalizeRedirectURLs, 1);
+Set($CanonicalizeURLsInFeeds, 1);
+Set($WebPort, '443');
+Set($WebPath , "");
+Set($WebBaseURL , 'https://{{rt_webdomain}}');
+
+### Addresses
+Set($CorrespondAddress, '{{rt_correspondaddress}}');
+Set($CommentAddress, '{{rt_commentaddress}}');
+
+### E-Mail
+Set($ParseNewMessageForTicketCcs, 1);
+Set($SetOutgoingMailFrom, '{{rt_bounceaddress}}');
+Set($UseFriendlyToLine, 1);
+Set($NotifyActor, 1);
+
+### Logo
+Set($LogoAltText, '{{rt_logotext}}');
+Set($LogoLinkURL, '{{rt_logolinkurl}}');
+#Set($LogoURL, it’s easier to upload this in the web interface);
+
+# should prevent crashing caused by nginx
+# from: https://rt-wiki.bestpractical.com/wiki/FreeBSDInstallGuide
+$SIG{'PIPE'} = sub {
+ print STDERR "SIGPIPE @_\n";
+};
+
+
diff --git a/request-tracker/templates/RT_SiteConfig.d/60-logging.pm.j2 b/request-tracker/templates/RT_SiteConfig.d/60-logging.pm.j2
new file mode 100644
index 0000000000000000000000000000000000000000..28c13fd98d4e1746bb74a4c0f0837864567150af
--- /dev/null
+++ b/request-tracker/templates/RT_SiteConfig.d/60-logging.pm.j2
@@ -0,0 +1,7 @@
+# Logging to file isn't a good default strategy; see #747076
+Set($LogToFile , undef);
+Set($LogDir, '/var/log/request-tracker4');
+Set($LogToFileNamed , "rt.log"); #log to rt.log
+
+# Log to Syslog by default instead
+Set($LogToSyslog, 'warning');
diff --git a/request-tracker/templates/RT_SiteConfig.d/70-ldap.pm.j2 b/request-tracker/templates/RT_SiteConfig.d/70-ldap.pm.j2
new file mode 100644
index 0000000000000000000000000000000000000000..05116c7349fba8304c5de7c1295cee05614a0e62
--- /dev/null
+++ b/request-tracker/templates/RT_SiteConfig.d/70-ldap.pm.j2
@@ -0,0 +1,44 @@
+### LDAP
+Set($LDAPHost,'{{rt_ldaphost}}');
+Set($LDAPUser,'{{rt_ldapuser}}');
+Set($LDAPPassword,'{{lookup('passwordstore', rt_ldappass)}}');
+Set($LDAPBase,'{{rt_ldapbase}}');
+Set($LDAPFilter, '(&(objectClass=user)(!(objectClass=computer))(uidNumber=*)(unixHomeDirectory=*)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))');
+Set($LDAPMapping, {Name => 'sAMAccountName', # required
+ EmailAddress => 'mail',
+ RealName => 'displayName',
+ WorkPhone => 'telephoneNumber',
+ Organization => 'departmentName'});
+
+
+# If you want to sync Groups from LDAP into RT
+
+Set($LDAPGroupBase, '{{rt_ldapbase}}');
+Set($LDAPGroupFilter, '(&(objectclass=group)(|{{rt_ldapgroups}}))');
+Set($LDAPGroupMapping, {Name => 'cn',
+ Member_Attr => 'member',
+ Member_Attr_Value => 'dn',
+ Description => 'description'});
+
+
+### Login
+Set($ExternalAuthPriority, [ 'My_LDAP' ]);
+Set($ExternalInfoPriority, [ 'My_LDAP' ]);
+Set($AutoCreateNonExternalUsers, 1);
+Set($ExternalSettings, {
+ 'My_LDAP' => {
+ 'type' => 'ldap',
+ 'server' => '{{rt_ldaphost}}',
+ 'user' => '{{rt_ldapuser}}',
+ 'pass' => '{{lookup('passwordstore', rt_ldappass)}}',
+ 'base' => '{{rt_ldapbase}}',
+ 'filter' => '(&(objectClass=user)(!(objectClass=computer))(uidNumber=*)(unixHomeDirectory=*)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))',
+ 'attr_match_list' => ['Name', 'EmailAddress'],
+ 'attr_map' => {
+ 'Name' => 'sAMAccountName',
+ 'EmailAddress' => 'mail',
+ 'RealName' => 'displayName',
+ },
+ },
+});
+
diff --git a/request-tracker/templates/RT_SiteConfig.pm.j2 b/request-tracker/templates/RT_SiteConfig.pm.j2
index 5ade83c5f96945db86d3c55e8dbcd7a7b80d8854..48b9151acc4acd91f13c5fabfc2f54803214596e 100644
--- a/request-tracker/templates/RT_SiteConfig.pm.j2
+++ b/request-tracker/templates/RT_SiteConfig.pm.j2
@@ -1,106 +1,3 @@
-# vim:ft=perl
-
-### General
-Set($OwnerEmail, '{{rt_owner}}');
-Set($MessageBoxRichText, 0);
-Set($PreferRichText, 0);
-Set($PlainTextMono, 1);
-Set($AllowLoginPasswordAutoComplete, 1);
-Set($DisallowExecuteCode, 1);
-Set($Organization, '{{rt_organization}}');
-Set($rtname, '{{rt_name}}');
-
-### Web
-Set($WebDomain, '{{rt_webdomain}}');
-Set($CanonicalizeRedirectURLs, 1);
-Set($CanonicalizeURLsInFeeds, 1);
-Set($WebPort, '443');
-
-### Addresses
-Set($CorrespondAddress, '{{rt_correspondaddress}}');
-Set($CommentAddress, '{{rt_commentaddress}}');
-
-### LDAP
-Set($LDAPHost,'{{rt_ldaphost}}');
-Set($LDAPUser,'{{rt_ldapuser}}');
-Set($LDAPPassword,'{{lookup('passwordstore', rt_ldappass)}}');
-Set($LDAPBase,'{{rt_ldapbase}}');
-Set($LDAPFilter, '(&(objectClass=user)(!(objectClass=computer))(uidNumber=*)(unixHomeDirectory=*)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))');
-Set($LDAPMapping, {Name => 'sAMAccountName', # required
- EmailAddress => 'mail',
- RealName => 'displayName',
- WorkPhone => 'telephoneNumber',
- Organization => 'departmentName'});
-
-# If you want to sync Groups from LDAP into RT
-
-Set($LDAPGroupBase, '{{rt_ldapbase}}');
-Set($LDAPGroupFilter, '(&(objectclass=group)(|{{rt_ldapgroups}}))');
-Set($LDAPGroupMapping, {Name => 'cn',
- Member_Attr => 'member',
- Member_Attr_Value => 'dn',
- Description => 'description'});
-
-### Login
-Set($ExternalAuthPriority, [ 'My_LDAP' ]);
-Set($ExternalInfoPriority, [ 'My_LDAP' ]);
-Set($AutoCreateNonExternalUsers, 1);
-Set($ExternalSettings, {
- 'My_LDAP' => {
- 'type' => 'ldap',
- 'server' => '{{rt_ldaphost}}',
- 'user' => '{{rt_ldapuser}}',
- 'pass' => '{{lookup('passwordstore', rt_ldappass)}}',
- 'base' => '{{rt_ldapbase}}',
- 'filter' => '(&(objectClass=user)(!(objectClass=computer))(uidNumber=*)(unixHomeDirectory=*)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))',
- 'attr_match_list' => ['Name', 'EmailAddress'],
- 'attr_map' => {
- 'Name' => 'sAMAccountName',
- 'EmailAddress' => 'mail',
- 'RealName' => 'displayName',
- },
- },
-});
-
-
-### Timezone
-my $zone = "UTC";
-$zone=`/bin/cat /etc/timezone`
- if -f "/etc/timezone";
-chomp $zone;
-Set($Timezone, $zone);
-
-### Logging
-# Logging to file isn't a good default strategy; see #747076
-Set($LogToFile , undef);
-Set($LogDir, '/var/log/request-tracker4');
-Set($LogToFileNamed , "rt.log"); #log to rt.log
-
-# Log to Syslog by default instead
-Set($LogToSyslog, 'debug');
-
-
-### Database
-Set($DatabaseType, 'Pg');
-Set($DatabaseUser , 'www-data');
-Set($DatabaseHost, '');
-Set($DatabasePort, '');
-Set($DatabaseName, 'rtdb');
-
-### E-Mail
-Set($ParseNewMessageForTicketCcs, 1);
-Set($SetOutgoingMailFrom, '{{rt_bounceaddress}}');
-Set($UseFriendlyToLine, 1);
-Set($NotifyActor, 1);
-
-### Logo
-Set($LogoAltText, '{{rt_logotext}}');
-Set($LogoLinkURL, '{{rt_logolinkurl}}');
-#Set($LogoURL, it’s easier to upload this in the web interface);
-
-# should prevent crashing caused by nginx
-# from: https://rt-wiki.bestpractical.com/wiki/FreeBSDInstallGuide
-$SIG{'PIPE'} = sub {
- print STDERR "SIGPIPE @_\n";
-};
-
+# Default RT_SiteConfig.pm for Debian
+# Since RT 4.4, snippets from /etc/request-tracker4/RT_SiteConfig.d
+# are read in by RT itself, so this file is now empty.
diff --git a/request-tracker/templates/dbconfig.conf.j2 b/request-tracker/templates/dbconfig.conf.j2
new file mode 100644
index 0000000000000000000000000000000000000000..99bdd3e073410579f1d1f4943890942518cfdae0
--- /dev/null
+++ b/request-tracker/templates/dbconfig.conf.j2
@@ -0,0 +1,87 @@
+# automatically generated by the maintainer scripts of request-tracker4
+# any changes you make will be preserved, though your comments
+# will be lost! to change your settings you should edit this
+# file and then run "dpkg-reconfigure request-tracker4"
+
+# dbc_install: configure database with dbconfig-common?
+# set to anything but "true" to opt out of assistance
+dbc_install='true'
+
+# dbc_upgrade: upgrade database with dbconfig-common?
+# set to anything but "true" to opt out of assistance
+dbc_upgrade='true'
+
+# dbc_remove: deconfigure database with dbconfig-common?
+# set to anything but "true" to opt out of assistance
+dbc_remove='true'
+
+# dbc_dbtype: type of underlying database to use
+# this exists primarily to let dbconfig-common know what database
+# type to use when a package supports multiple database types.
+# don't change this value unless you know for certain that this
+# package supports multiple database types
+dbc_dbtype='pgsql'
+
+# dbc_dbuser: database user
+# the name of the user who we will use to connect to the database.
+dbc_dbuser='www-data'
+
+# dbc_dbpass: database user password
+# the password to use with the above username when connecting
+# to a database, if one is required
+dbc_dbpass=''
+
+# dbc_dballow: allowed host to connect from
+# only for database types that support specifying the host from
+# which the database user is allowed to connect from
+# this string defines for which host the dbc_dbuser is allowed
+# to connect
+# this value is only really used again when you reconfigure the
+# package
+dbc_dballow='localhost'
+
+# dbc_dbserver: database host.
+# leave unset to use localhost (or a more efficient local method
+# if it exists).
+dbc_dbserver='/var/run/postgresql'
+
+# dbc_dbport: remote database port
+# leave unset to use the default. only applicable if you are
+# using a remote database.
+dbc_dbport=''
+
+# dbc_dbname: name of database
+# this is the name of your application's database.
+dbc_dbname='rtdb'
+
+# dbc_dbadmin: name of the administrative user
+# this is the administrative user that is used to create all of the above
+# The exception is the MySQL/MariaDB localhost case, where this value is
+# ignored and instead is determined from /etc/mysql/debian.cnf.
+dbc_dbadmin='postgres'
+
+# dbc_basepath: base directory to hold database files
+# leave unset to use the default. only applicable if you are
+# using a local (filesystem based) database.
+dbc_basepath=''
+
+##
+## postgresql specific settings. if you don't use postgresql,
+## you can safely ignore all of these
+##
+
+# dbc_ssl: should we require ssl?
+# set to "true" to require that connections use ssl
+dbc_ssl=''
+
+# dbc_authmethod_admin: authentication method for admin
+# dbc_authmethod_user: authentication method for dbuser
+# see the section titled "AUTHENTICATION METHODS" in
+# /usr/share/doc/dbconfig-common/README.pgsql for more info
+dbc_authmethod_admin='ident'
+dbc_authmethod_user='ident'
+
+##
+## end postgresql specific settings
+##
+
diff --git a/request-tracker/templates/fcgi-env.j2 b/request-tracker/templates/fcgi-env.j2
new file mode 100644
index 0000000000000000000000000000000000000000..0b9f2dd171abd8116ca8331e8da607a038eaa0cd
--- /dev/null
+++ b/request-tracker/templates/fcgi-env.j2
@@ -0,0 +1,11 @@
+# Defaults for request-tracker4 initscript
+# sourced by /etc/init.d/rt4-fcgi
+
+#
+# This is a POSIX shell fragment
+#
+
+enabled=1
+
+# number of RT workers:
+workers={{ rt_workers }}