144 lines
4.7 KiB
YAML
144 lines
4.7 KiB
YAML
---
|
|
|
|
- name: Install packages
|
|
package: name={{ taiga_packages }}
|
|
tags: taiga
|
|
|
|
- name: Wipe the venv during upgrades
|
|
file: path={{ taiga_root_dir }}/venv state=absent
|
|
when: taiga_install_mode == 'upgrade'
|
|
|
|
- when: taiga_install_mode != 'none'
|
|
block:
|
|
- name: Download components
|
|
get_url:
|
|
url: "{{ taiga_archives[item].url }}"
|
|
dest: "{{ taiga_root_dir }}/tmp"
|
|
checksum: sha256:{{ taiga_archives[item].sha256 }}
|
|
loop: "{{ taiga_archives.keys() | list }}"
|
|
|
|
- name: Extract archives
|
|
unarchive:
|
|
src: "{{ taiga_root_dir }}/tmp/{{ taiga_archives[item].dir | default('taiga-' ~ item ~ '-' ~ taiga_archives[item].version) }}.tar.gz"
|
|
dest: "{{ taiga_root_dir }}/tmp"
|
|
remote_src: True
|
|
loop: "{{ taiga_archives.keys() | list }}"
|
|
|
|
- name: Move components to their final dir
|
|
synchronize:
|
|
src: "{{ taiga_root_dir }}/tmp/{{ taiga_archives[item].dir | default('taiga-' ~ item ~ '-' ~ taiga_archives[item].version) }}/"
|
|
dest: "{{ taiga_root_dir }}/app/{{ item }}/"
|
|
delete: True
|
|
compress: False
|
|
loop: "{{ taiga_archives.keys() | list }}"
|
|
delegate_to: "{{ inventory_hostname }}"
|
|
|
|
- name: Create the virtualenv
|
|
pip:
|
|
name:
|
|
- pip
|
|
- wheel
|
|
virtualenv: "{{ taiga_root_dir }}/venv"
|
|
virtualenv_command: /bin/python3.9 -m venv
|
|
|
|
- name: Install taiga-back dependencies
|
|
pip:
|
|
requirements: "{{ taiga_root_dir }}/app/back/requirements.txt"
|
|
state: "{{ (taiga_install_mode == 'upgrade') | ternary('latest', 'present') }}"
|
|
virtualenv: "{{ taiga_root_dir }}/venv"
|
|
virtualenv_command: /bin/python3.9 -m venv
|
|
|
|
- name: Install the contrib-protected plugin
|
|
pip:
|
|
name: git+https://github.com/kaleidos-ventures/taiga-contrib-protected.git@stable#egg=taiga-contrib-protected
|
|
virtualenv: "{{ taiga_root_dir }}/venv"
|
|
virtualenv_command: /bin/python3.9 -m venv
|
|
|
|
- name: Clone the openid-auth plugin
|
|
git:
|
|
repo: https://github.com/robrotheram/taiga-contrib-openid-auth.git
|
|
dest: "{{ taiga_root_dir }}/app/back/taiga-contrib-openid-auth"
|
|
|
|
- name: Install the openid-auth backend plugin
|
|
command: "{{ taiga_root_dir }}/venv/bin/pip3 install -e ."
|
|
args:
|
|
chdir: "{{ taiga_root_dir }}/app/back/taiga-contrib-openid-auth/back"
|
|
|
|
- name: Create the front plugin dir
|
|
file: path={{ taiga_root_dir }}/app/front/dist/plugins/ state=directory
|
|
|
|
- name: Install the openid-auth front plugin
|
|
copy: src={{ taiga_root_dir }}/app/back/taiga-contrib-openid-auth/front/dist/ dest={{ taiga_root_dir }}/app/front/dist/plugins/openid-auth/ remote_src=True
|
|
|
|
- name: Install dependencies for taiga-events
|
|
npm:
|
|
path: "{{ taiga_root_dir }}/app/events/"
|
|
|
|
- name: Install requirements for taiga-protected
|
|
pip:
|
|
requirements: "{{ taiga_root_dir }}/app/protected/requirements.txt"
|
|
state: "{{ (taiga_install_mode == 'upgrade') | ternary('latest', 'present') }}"
|
|
virtualenv: "{{ taiga_root_dir }}/venv"
|
|
virtualenv_command: /bin/python3.9 -m venv
|
|
|
|
tags: taiga
|
|
|
|
- block:
|
|
- name: Create the PostgreSQL role
|
|
postgresql_user:
|
|
db: postgres
|
|
name: "{{ taiga_db_user }}"
|
|
password: "{{ taiga_db_pass }}"
|
|
login_host: "{{ taiga_db_server }}"
|
|
login_user: sqladmin
|
|
login_password: "{{ pg_admin_pass }}"
|
|
|
|
- name: Create the PostgreSQL database
|
|
postgresql_db:
|
|
name: "{{ taiga_db_name }}"
|
|
encoding: UTF-8
|
|
template: template0
|
|
owner: "{{ taiga_db_user }}"
|
|
login_host: "{{ taiga_db_server }}"
|
|
login_user: sqladmin
|
|
login_password: "{{ pg_admin_pass }}"
|
|
|
|
tags: taiga
|
|
|
|
- name: Install service units
|
|
template: src={{ item }}.j2 dest=/etc/systemd/system/{{ item }}
|
|
loop:
|
|
- taiga-back.service
|
|
- taiga-async.service
|
|
- taiga-events.service
|
|
- taiga-protected.service
|
|
register: taiga_units
|
|
tags: taiga
|
|
|
|
- name: Reload systemd
|
|
systemd: daemon_reload=True
|
|
when: taiga_units.results | selectattr('changed','equalto',True) | list | length > 0
|
|
tags: taiga
|
|
|
|
- name: Install backup hooks
|
|
template: src={{ item }}-backup.j2 dest=/etc/backup/{{ item }}.d/taiga mode=700
|
|
loop:
|
|
- pre
|
|
- post
|
|
tags: taiga
|
|
|
|
- name: Copy SELinux policy
|
|
copy: src=taiga.te dest=/etc/selinux/targeted/local/
|
|
register: taiga_selinux_policy
|
|
tags: taiga
|
|
|
|
- name: Compile and load SELinux policy
|
|
shell: |
|
|
cd /etc/selinux/targeted/local/
|
|
checkmodule -M -m -o taiga.mod taiga.te
|
|
semodule_package -o taiga.pp -m taiga.mod
|
|
semodule -i /etc/selinux/targeted/local/taiga.pp
|
|
when: ansible_selinux.status == 'enabled' and taiga_selinux_policy.changed
|
|
tags: taiga
|
|
|