Remove specific protokollsystem role

de79de7b · Robin Sonnabend · 3781f3a8 · 3781f3a8 · 3781f3a8 · 3781f3a8
Commit de79de7b authored 7 years ago by Robin Sonnabend
--- a/protokollsystem/defaults/main.yml
+++ b/protokollsystem/defaults/main.yml
---
-# file: protokollsystem/defaults/main.yml
-protokolle_web_root: /var/www/protokollsystem
-protokolle_name: protokollsystem
-protokolle_user: protokolle
-protokolle_group: protokolle
-protokolle_celery_concurrency: 4
-protokolle_ldap_cert: ''
-protokolle_mail: True
-protokolle_mail_from: 'sender@example.com'
-protokolle_mail_host: 'mail.example.com:25'
-protokolle_mail_user: ''
-protokolle_mail_password: ''
-protokolle_mail_tls: False # 'tls' or 'starttls'
-protokolle_celery_broker: 'redis://localhost:6379/0'
-protokolle_url_root: 'protokolle.example.com'
-protokolle_url_proto: 'https'
-protokolle_url_path: '/'
-protokolle_printing: True
-protokolle_printing_server: 'printsrv.example.com:631'
-protokolle_printing_user: 'protokolle'
-protokolle_printing_printers:
-  - printer: kopierer
-    options: ["ColorModel=Gray", "KCStaple=Center", "KCPunch=2HoleEUR", "Duplex=DuplexNoTumble"]
-protokolle_etherpad: True
-protokolle_etherpad_url: 'https://pad.example.com'
-protokolle_wiki: True
-protokolle_wiki_type: MEDIAWIKI
-protokolle_wiki_api: 'https://wiki.example.com/wiki/api.php'
-protokolle_wiki_anonymous: False
-protokolle_wiki_user: ''
-protokolle_wiki_password: ''
-protokolle_wiki_domain: ''
-protokolle_calendar: True
-protokolle_calendar_url: 'https://user:password@groupware.example.com/SOGo/dav/user/Calendar/personal'
-protokolle_admin_mail: 'admin@example.com'
-protokolle_admin_group: 'protokolladmin'
-protokolle_latex_local_templates: '' # local-templates
-protokolle_latex_logo_template: '' # logo.tex
-protokolle_latex_geometry: '' # bottom=1.6cm,top=1.6cm,inner=2.5cm,outer=1.0cm,footskip=1.0cm,headsep=0.6cm
-protokolle_latex_pagestyle: '' # fancy
-protokolle_latex_packages: [] # ["[absolute]{textpos}", "{fancyheadings}"]
-protokolle_latex_header_footer: None # True
-protokolle_logos: []
-protokolle_auth_max_duration: 86400
-protokolle_auth_backends:
-  - type: ADManager
-    host: auth.example.com
-    domain: EXAMPLE
-    user_dn: 'cn=users,dc=example,dc=com'
-    group_dn: 'dc=example,dc=com'
-    ca_cert: ''
-    obsolete: False
-protokolle_auth_obsoletion_warning: ''
--- a/protokollsystem/handlers/main.yml
+++ b/protokollsystem/handlers/main.yml
---
-# file: protokollsystem/handlers/main.yml
- name: reload systemd service files
-  command: systemctl daemon-reload
- name: restart uwsgi for protokollsystem
-  service:
-    name: "{{ item }}"
-    state: restarted
-  with_items:
-    - "{{ protokolle_name }}"
-    - "{{ protokolle_name }}-celery"
- name: create tmpfiles
-  command: systemd-tmpfiles --create
--- a/protokollsystem/meta/main.yml
+++ b/protokollsystem/meta/main.yml
---
-# file: protokollsystem/meta/main.yml
-dependencies:
-  - { role: texlive }
-  - { role: cups-client }
-  - { role: uwsgi-python, uwsgi_name: "{{protokolle_name}}", uwsgi_user: "{{protokolle_user}}", uwsgi_group: "{{protokolle_group}}", uwsgi_path: "{{protokolle_web_root}}", uwsgi_home: "{{protokolle_web_root}}", uwsgi_program: "server.py", uwsgi_callable: "app", uwsgi_command: "runserver", uwsgi_db: "postgres", uwsgi_python: 3, uwsgi_mules: 1, uwsgi_options: ["enable-threads"] }
--- a/protokollsystem/tasks/main.yml
+++ b/protokollsystem/tasks/main.yml
---
-# file: protokollsystem/tasks/main.yml
- name: ensure we have all required software and fonts
-  apt:
-    name: "{{ item }}"
-    state: present
-  with_items:
-    - python3-virtualenv
-    - virtualenv
-    - libxml2-dev
-    - libxslt-dev
-    - fontconfig
-    - tex-gyre
-  tags:
-    - protokollsystem
-    - webservices
- name: ensure the deploy key is available
-  copy:
-    src: "{{ protokolle_deploy_key }}"
-    dest: /root/.ssh/protokolle
-    owner: root
-    group: root
-    mode: 0600
-  tags:
-    - protokollsystem
-    - webservices
-# https://github.com/ansible/ansible/issues/27699
- name: ensure fucking git module is able to clone
-  command: mount -o remount,exec /tmp
-  tags:
-    - protokollsystem
-    - webservices
- name: ensure we have the program
-  git:
-    repo: git@git.fsmpi.rwth-aachen.de:protokollsystem/proto3.git
-    dest: "{{ protokolle_web_root }}"
-    accept_hostkey: True # TODO remove this
-    key_file: /root/.ssh/protokolle
-  notify:
-    - restart uwsgi for protokollsystem
-  tags:
-    - protokollsystem
-    - webservices
- name: ensure fucking git module is not able to clone anymore
-  command: mount -o remount,noexec /tmp
-  tags:
-    - protokollsystem
-    - webservices
- name: ensure we have a virtualenv
-  pip:
-    requirements: "{{ protokolle_web_root }}/requirements.txt"
-    virtualenv: "{{ protokolle_web_root }}/"
-    virtualenv_python: python3
-  notify:
-    - restart uwsgi for protokollsystem
-  tags:
-    - protokollsystem
-    - webservices
- name: ensure we have our config
-  template:
-    src: config.py.j2
-    dest: "{{ protokolle_web_root }}/config.py"
-    owner: "{{ protokolle_user }}"
-    group: "{{ protokolle_group }}"
-    mode: 0640
-  notify:
-    - restart uwsgi for protokollsystem
-  tags:
-    - protokollsystem
-    - webservices
- name: check our config
-  command: "{{protokolle_web_root}}/bin/python {{protokolle_web_root}}/configproxy.py check --log-level warning"
-  args:
-    chdir: "{{protokolle_web_root}}"
-  become: yes
-  become_user: "{{protokolle_user}}"
-  changed_when: no
-  tags:
-    - protokollsystem
-    - webservices
- name: ensure data model upgrades are applied
-  command: "{{protokolle_web_root}}/bin/python {{protokolle_web_root}}/server.py db upgrade"
-  args:
-    chdir: "{{protokolle_web_root}}"
-  become: yes
-  become_user: "{{protokolle_user}}"
-  notify:
-    - restart uwsgi for protokollsystem
-  tags:
-    - protokollsystem
-    - webservices
- name: ensure we have our local templates
-  copy:
-    src: "{{ protokolle_local_templates }}"
-    dest: "{{ protokolle_web_root }}/"
-    owner: "{{ protokolle_user }}"
-    group: "{{ protokolle_group }}"
-    mode: 0644
-  when: protokolle_local_templates|default('') != ''
-  notify:
-    - restart uwsgi for protokollsystem
-  tags:
-    - protokollsystem
-    - webservices
- name: ensure one local template is the default
-  file:
-    src: "{{ protokolle_web_root }}/{{ protokolle_latex_local_templates }}/{{ protokolle_local_templates_default }}/{{ item.path }}"
-    dest: "{{ protokolle_web_root }}/{{ protokolle_latex_local_templates }}/{{ item.path }}"
-    state: link
-  with_filetree: "{{ protokolle_local_templates }}/{{ protokolle_local_templates_default }}"
-  when: protokolle_local_templates|default(False) and protokolle_local_templates_default|default(False)
-  notify:
-    - restart uwsgi for protokollsystem
-  tags:
-    - protokollsystem
-    - webservices
- name: ensure the unit file exists
-  template:
-    src: protokollsystem.service.j2
-    dest: "/etc/systemd/system/{{ protokolle_name }}.service"
-    owner: root
-    group: root
-    mode: 0644
-  notify:
-    - reload systemd service files
-    - restart uwsgi for protokollsystem
-  tags:
-    - protokollsystem
-    - webservices
- name: ensure the celery unit file exists
-  template:
-    src: celery.service.j2
-    dest: "/etc/systemd/system/{{ protokolle_name }}-celery.service"
-    owner: root
-    group: root
-    mode: 0644
-  notify:
-    - reload systemd service files
-    - restart uwsgi for protokollsystem
-  tags:
-    - protokollsystem
-    - webservices
- meta: flush_handlers
- name: ensure the services are enabled
-  service:
-    name: "{{ item }}"
-    enabled: yes
-    state: started
-  with_items:
-    - "{{ protokolle_name }}"
-    - "{{ protokolle_name }}-celery"
-  tags:
-    - protokollsystem
-    - webservices
--- a/protokollsystem/templates/celery.service.j2
+++ b/protokollsystem/templates/celery.service.j2
-[Unit]
-Description={{ protokolle_name }}-Celery
-After=network.target
-[Service]
-User={{ protokolle_user }}
-Group={{ protokolle_group }}
-WorkingDirectory={{ protokolle_web_root }}
-Environment=VIRTUAL_ENV="{{ protokolle_web_root }}"
-ExecStart={{ protokolle_web_root }}/bin/celery -A server.celery worker --loglevel=DEBUG --concurrency={{ protokolle_celery_concurrency }}
-Restart=always
-[Install]
-WantedBy=multi-user.target
--- a/protokollsystem/templates/config.py.j2
+++ b/protokollsystem/templates/config.py.j2
-SQLALCHEMY_DATABASE_URI = "postgresql://{{ protokolle_user }}:@/{{ protokolle_name }}"
-SQLALCHEMY_TRACK_MODIFICATIONS = False
-SECRET_KEY = "{{ protokolle_secret }}"
-DEBUG = False
-MAIL_ACTIVE = {{ protokolle_mail }}
-MAIL_FROM = "{{ protokolle_mail_from }}"
-MAIL_HOST = "{{ protokolle_mail_host }}"
-MAIL_USER = "{{ protokolle_mail_user }}"
-MAIL_PASSWORD = "{{ protokolle_mail_password }}"
-{% if protokolle_mail_tls == 'tls' %}
-MAIL_USE_TLS = True
-MAIL_USE_STARTTLS = False
-{% elif protokolle_mail_tls == 'starttls' %}
-MAIL_USE_TLS = False
-MAIL_USE_STARTTLS = True
-{% else %}
-MAIL_USE_TLS = False
-MAIL_USE_STARTTLS = False
-{% endif %}
-CELERY_BROKER_URL = "{{ protokolle_celery_broker }}"
-CELERY_TASK_SERIALIZER = "pickle"
-CELERY_ACCEPT_CONTENT = ["pickle"]
-{% if protokolle_sentry_dsn is defined %}
-SENTRY_DSN = "{{protokolle_sentry_dsn}}"
-{% endif %}
-SERVER_NAME = "{{ protokolle_url_root }}"
-PREFERRED_URL_SCHEME = "{{ protokolle_url_proto }}"
-URL_ROOT = "{{ protokolle_url_root }}"
-URL_PROTO = "{{ protokolle_url_proto }}"
-URL_PATH = "{{ protokolle_url_path }}"
-URL_PARAMS = ""
-PRINTING_ACTIVE = {{ protokolle_printing }}
-PRINTING_SERVER = "{{ protokolle_printing_server }}"
-PRINTING_USER = "{{ protokolle_printing_user }}"
-PRINTING_PRINTERS = {
-{% for p in protokolle_printing_printers %}
-	"{{ p.printer }}": [
-{% for o in p.options %}
-		"{{ o }}",
-{% endfor %}
-	],
-{% endfor %}
-}
-ETHERPAD_ACTIVE = {{ protokolle_etherpad }}
-ETHERPAD_URL = "{{ protokolle_etherpad_url }}"
-EMPTY_ETHERPAD = """Welcome to Etherpad!
-This pad text is synchronized as you type, so that everyone viewing this page sees the same text. This allows you to collaborate seamlessly on documents!
-Get involved with Etherpad at http://etherpad.org
-"""
-WIKI_ACTIVE = {{ protokolle_wiki }}
-WIKI_TYPE = "{{ protokolle_wiki_type }}"
-WIKI_API_URL = "{{ protokolle_wiki_api }}"
-WIKI_ANONYMOUS = {{ protokolle_wiki_anonymous }}
-WIKI_USER = "{{ protokolle_wiki_user }}"
-WIKI_PASSWORD = "{{ protokolle_wiki_password }}"
-WIKI_DOMAIN = "{{ protokolle_wiki_domain }}"
-CALENDAR_ACTIVE = {{ protokolle_calendar }}
-CALENDAR_URL = "{{ protokolle_calendar_url }}"
-CALENDAR_DEFAULT_DURATION = 3
-CALENDAR_MAX_REQUESTS = 10
-CALENDAR_TIMEZONE_MAP = {
-    "CET": "Europe/Berlin",
-    "CEST": "Europe/Berlin",
-}
-SESSION_PROTECTION = "strong"
-SECURITY_KEY = "{{ protokolle_security_key }}"
-from common.auth import LdapManager, ADManager
-AUTH_MAX_DURATION = {{ protokolle_auth_max_duration }}
-AUTH_BACKENDS = [
-{% for auth in protokolle_auth_backends %}
-    {{ auth.type }}(
-        {% if auth.host is defined %}
-        host="{{ auth.host }}",
-        {% elif auth.hosts is defined %}
-        host=(
-        {% for host in auth.hosts %}
-        "{{host}}",
-        {% endfor %}
-        )
-        {% endif %}
-        domain="{{ auth.domain }}",
-        user_dn="{{ auth.user_dn }}",
-        group_dn="{{ auth.group_dn }}",
-        ca_cert="{{ auth.ca_cert }}"),
-{% endfor %}
-]
-OBSOLETION_WARNING = "{{ protokolle_auth_obsoletion_warning }}"
-ERROR_CONTEXT_LINES = 3
-PAGE_LENGTH = 20
-PAGE_DIFF = 3
-MAX_INDEX_DAYS = 14
-MAX_PAST_INDEX_DAYS = 2
-MAX_PAST_INDEX_DAYS_BEFORE_REMINDER = 14
-HTML_LEVEL_OFFSET = 3
-ADMIN_MAIL = "{{ protokolle_admin_mail }}"
-ADMIN_GROUP = "{{ protokolle_admin_group }}"
-PARSER_LAZY = False
-FUZZY_MIN_SCORE = 90
-{#
-FONTS = {
-    "main": {
-        "extension": ".otf",
-        "path": "/usr/share/fonts/OTF/",
-        "regular": "NimbusSans-Regular",
-        "bold": "NimbusSans-Bold",
-        "italic": "NimbusSans-Oblique",
-        "bolditalic": "NimbusSans-BoldOblique"
-    },
-    "roman": {
-        "extension": ".otf",
-        "path": "/usr/share/fonts/OTF/",
-        "regular": "NimbusRoman-Regular",
-        "bold": "NimbusRoman-Bold",
-        "italic": "NimbusRoman-Italic",
-        "bolditalic": "NimbusRoman-BoldItalic"
-    },
-    "sans": {
-        "extension": ".otf",
-        "path": "/usr/share/fonts/OTF/",
-        "regular": "NimbusSans-Regular",
-        "bold": "NimbusSans-Bold",
-        "italic": "NimbusSans-Oblique",
-        "bolditalic": "NimbusSans-BoldOblique"
-    },
-    "mono": {
-        "extension": ".otf",
-        "path": "/usr/share/fonts/OTF/",
-        "regular": "NimbusMonoPS-Regular",
-        "bold": "NimbusMonoPS-Bold",
-        "italic": "NimbusMonoPS-Italic",
-        "bolditalic": "NimbusMonoPS-BoldItalic"
-    }
-}
-#}
-FONTS = {
-    "main": {
-        "extension": ".pfb",
-        "path": "/usr/share/fonts/type1/gsfonts/",
-        "regular": "n019003l",
-        "bold": "n019004l",
-        "italic": "n019023l",
-        "bolditalic": "n019024l"
-    },
-    "roman": {
-        "extension": ".pfb",
-        "path": "/usr/share/fonts/type1/gsfonts/",
-        "regular": "n021003l",
-        "bold": "n021004l",
-        "italic": "n021023l",
-        "bolditalic": "n021024l"
-    },
-    "sans": {
-        "extension": ".pfb",
-        "path": "/usr/share/fonts/type1/gsfonts/",
-        "regular": "n019003l",
-        "bold": "n019004l",
-        "italic": "n019023l",
-        "bolditalic": "n019024l"
-    },
-    "mono": {
-        "extension": ".pfb",
-        "path": "/usr/share/fonts/type1/gsfonts/",
-        "regular": "n022003l",
-        "bold": "n022004l",
-        "italic": "n022023l",
-        "bolditalic": "n022024l"
-    }
-}
-DOCUMENTS_PATH = "documents"
-PRIVATE_KEYWORDS = ["private", "internal", "privat", "intern"]
-LATEX_BULLETPOINTS = [
-    r"\textbullet",
-    r"\normalfont \bfseries \textendash",
-    r"$\circ$",
-    r"\textperiodcentered"
-]
-{% if protokolle_latex_local_templates %}
-LATEX_LOCAL_TEMPLATES = "{{ protokolle_latex_local_templates }}"
-{% endif %}
-{% if protokolle_latex_logo_template %}
-LATEX_LOGO_TEMPLATE = "{{ protokolle_latex_logo_template }}"
-{% endif %}
-{% if protokolle_latex_geometry %}
-LATEX_GEOMETRY = "{{ protokolle_latex_geometry }}"
-{% endif %}
-{% if protokolle_latex_pagestyle %}
-LATEX_PAGESTYLE = "{{ protokolle_latex_pagestyle }}"
-{% endif %}
-{% if protokolle_latex_packages %}
-LATEX_ADDITIONAL_PACKAGES = ["{{ protokolle_latex_packages|join('", "') }}"]
-{% endif %}
-{% if protokolle_latex_header_footer %}
-LATEX_HEADER_FOOTER = True
-{% elif protokolle_latex_header_footer == False %}
-LATEX_HEADER_FOOTER = False
-{% endif %}
-LATEX_TEMPLATES = {
-{% for logo in protokolle_logos %}
-    "{{ logo.id }}": {
-        "name": "{{ logo.name }}",
-        "logo": "{{ logo.tex }}",
-    },
-{% endfor %}
-}
-#def dummy_todomail_provider():
-#    return {"example": ("Name", "mail@example.com")}
-#
-#ADDITIONAL_TODOMAIL_PROVIDERS = [
-#    dummy_todomail_provider
-#]
--- a/protokollsystem/templates/protokollsystem.service.j2
+++ b/protokollsystem/templates/protokollsystem.service.j2
-[Unit]
-Description={{ protokolle_name }}
-After=network.target
-Wants=protokollsystem-celery.service
-[Service]
-{% if protokolle_ldap_cert %}
-Environment=LDAPTLS_CACERT={{ protokolle_ldap_cert }}
-{% endif %}
-ExecStart=/usr/bin/uwsgi --ini /etc/uwsgi/apps-available/{{ protokolle_name }}.ini
-ExecReload=/bin/kill -HUP $MAINPID
-ExecStop=/bin/kill -INT $MAINPID
-Restart=always
-Type=notify
-NotifyAccess=all
-KillSignal=SIGQUIT
-[Install]
-WantedBy=multi-user.target