--- - name: Install needed tools yum: name: - git tags: zcs - name: Configure MySQL bind IP ini_file: section: mysqld option: bind-address value: 0.0.0.0 path: /opt/zimbra/conf/my.cnf mode: 0640 owner: zimbra group: zimbra notify: restart zimbra tags: zcs - name: Get MySQL root password shell: /opt/zimbra/bin/zmlocalconfig -s mysql_root_password | awk '{ print $3 }' become_user: zimbra register: zcs_mysql_root_password changed_when: False tags: zcs - name: Create sqladmin user account mysql_user: name: sqladmin password: '{{ mysql_admin_pass }}' host: '%' priv: '*.*:ALL,GRANT' state: present login_user: root login_password: "{{ zcs_mysql_root_password.stdout }}" login_unix_socket: /opt/zimbra/data/tmp/mysql/mysql.sock when: mysql_admin_pass is defined tags: zcs - name: Handle Zimbra store ports iptables_raw: name: zcs_store_ports state: "{{ (zcs_cluster_ip | length > 0) | ternary('present','absent') }}" rules: "-A INPUT -m state --state NEW -p tcp -m multiport --dports 143,993,7143,7993 -s {{ zcs_cluster_ip | join(',') }} -j ACCEPT\n -A INPUT -m state --state NEW -p tcp -m multiport --dports 110,995,7110,7995 -s {{ zcs_cluster_ip | join(',') }} -j ACCEPT\n -A INPUT -m state --state NEW -p tcp -m multiport --dports 8080,8443,7071,7072,7073 -s {{ zcs_cluster_ip | join(',') }} -j ACCEPT\n -A INPUT -m state --state NEW -p tcp -m multiport --dports 7025,7026 -s {{ zcs_cluster_ip | join(',') }} -j ACCEPT\n -A INPUT -m state --state NEW -p tcp -m multiport --dports 8735,8736 -s {{ zcs_cluster_ip | join(',') }} -j ACCEPT" when: iptables_manage | default(True) tags: zcs - name: Handle Zimbra MySQL ports iptables_raw: name: zcs_mysql_ports state: "{{ (zcs_mysql_src_ip | length > 0) | ternary('present','absent') }}" rules: "-A INPUT -m state --state NEW -p tcp --dport 7306 -s {{ zcs_mysql_src_ip | join(',') }} -j ACCEPT" when: iptables_manage | default(True) tags: zcs #- name: Create ShareToolki cache dir # file: path=/opt/zimbra/addon_cache/sharetoolkit state=directory # tags: zcs # #- name: Clone ShareToolkit repo # git: # repo: https://github.com/Zimbra-Community/shared-mailbox-toolkit.git # dest: /opt/zimbra/addon_cache/sharetoolkit # force: True # register: zcs_sharetoolkit_repo # notify: restart zmmailboxd # tags: zcs # #- name: Remove previous ShareToolkit client zimlet # file: path=/opt/zimbra/zimlets-deployed/_dev/tk_barrydegraaff_sharetoolkit_client state=absent # when: zcs_sharetoolkit_repo.changed # tags: zcs # #- name: Create ShareToolkit client Zimlet directory # file: path=/opt/zimbra/zimlets-deployed/_dev/ state=directory # when: zcs_sharetoolkit_repo.changed # tags: zcs # #- name: Deploy ShareToolkit client zimlet # copy: src=/opt/zimbra/addon_cache/sharetoolkit/tk_barrydegraaff_sharetoolkit_client dest=/opt/zimbra/zimlets-deployed/_dev/ remote_src=True # when: zcs_sharetoolkit_repo.changed # tags: zcs # #- name: Undeploy previous ShareToolkit Zimlet # command: /opt/zimbra/bin/zmzimletctl undeploy tk_barrydegraaff_sharetoolkit_admin # become_user: zimbra # when: zcs_sharetoolkit_repo.changed # tags: zcs # #- name: Create a ZIP archive for ShareToolkit admin zimlet # archive: # path: /opt/zimbra/addon_cache/sharetoolkit/tk_barrydegraaff_sharetoolkit_admin/* # dest: /tmp/tk_barrydegraaff_sharetoolkit_admin.zip # format: zip # when: zcs_sharetoolkit_repo.changed # tags: zcs # #- name: Deploy new ShareToolkit admin zimlet # command: /opt/zimbra/bin/zmzimletctl deploy /tmp/tk_barrydegraaff_sharetoolkit_admin.zip # become_user: zimbra # when: zcs_sharetoolkit_repo.changed # tags: zcs # #- name: Remove previous Java server extension # file: path=/opt/zimbra/lib/ext/ShareToolkit state=absent # when: zcs_sharetoolkit_repo.changed # tags: zcs # #- name: Create ShareToolkit Java server extension dir # file: path=/opt/zimbra/lib/ext/ShareToolkit state=directory # when: zcs_sharetoolkit_repo.changed # tags: zcs # #- name: Deploy new Java server extension # copy: src=/opt/zimbra/addon_cache/sharetoolkit/extension/ShareToolkit/out/artifacts/ShareToolkit/ShareToolkit.jar dest=/opt/zimbra/lib/ext/ShareToolkit/ remote_src=True # when: zcs_sharetoolkit_repo.changed # tags: zcs # #- name: Enable the X-Authenticated-User header # command: /opt/zimbra/bin/zmprov modifyConfig {{ inner_item.attr }} {{ inner_item.value }} # become_user: zimbra # loop: # - attr: zimbraSmtpSendAddAuthenticatedUser # value: 'TRUE' # - attr: zimbraMtaSmtpdSaslAuthenticatedHeader # value: 'yes' # loop_control: # loop_var: inner_item # when: zcs_sharetoolkit_repo.changed # tags: zcs # #- name: Deploy ShareToolkit CLI tools # synchronize: # src: /opt/zimbra/addon_cache/sharetoolkit/bin/ # dest: /usr/local/sbin/ # rsync_opts: # - "--chmod=F755" # delegate_to: "{{ inventory_hostname }}" # when: zcs_sharetoolkit_repo.changed # tags: zcs # #- name: Flush Zimbra cache # command: /opt/zimbra/bin/zmprov flushCache all # become_user: zimbra # when: zcs_sharetoolkit_repo.changed # tags: zcs - name: Remove ADPassword listener (not working with JDK 13) file: path=/opt/zimbra/lib/ext/adpassword state=absent tags: zcs - include_tasks: cas.yml tags: zcs - name: Remove daily report cron task lineinfile: path: /var/spool/cron/zimbra regexp: '.*/opt/zimbra/libexec/zmdailyreport.*' line: '#30 23 * * * /opt/zimbra/libexec/zmdailyreport -m' notify: reload crond tags: zcs # https://forums.zimbra.org/viewtopic.php?t=72204 - name: Remove hostedlogin file: path={{ item }} state=absent loop: - /opt/zimbra/jetty_base/webapps/zimbra/public/hostedlogin.jsp - /opt/zimbra/jetty_base/work/zimbra/jsp/org/apache/jsp/public_/hostedlogin_jsp.class - /opt/zimbra/jetty_base/work/zimbra/jsp/org/apache/jsp/public_/hostedlogin_jsp.java notify: restart zimbra tags: zcs