Add components to help keep certs up to date.

tasks/server/software/grafana.yml

@@ -0,0 +1,40 @@
+---
+# Install everything needed for a Grafana subsite.
+# https://grafana.com/docs/grafana/latest/getting-started/getting-started/
+
+## Pre-reqs ##
+
+- name: Server | Grafana | Pre-Requirements | Install
+  package: 
+    name: 
+      - apt-transport-https
+      - software-properties-common
+      - wget
+    state: present
+
+## Install ##
+
+- name: Server | Grafana | Install | Add Repo
+  shell: '{{ item }}'
+  loop:
+    - wget -q -O - https://packages.grafana.com/gpg.key | apt-key add -
+    - echo "deb https://packages.grafana.com/oss/deb stable main" | tee /etc/apt/sources.list.d/grafana.list
+    - apt update
+
+- name: Server | Grafana | Install | Main
+  package: 
+    name: 
+      - grafana
+    state: present
+
+## Configure ##
+
+- name: Server | Grafana | Configure
+  shell: '{{ item }}'
+  loop:
+    - systemctl daemon-reload
+    - systemctl enable grafana-server
+    - systemctl start grafana-server
+
+## SMTP ##
+# TODO allow server to send mail for invites, alerting, and password resets.

tasks/server/software/influxdb1.yml

@@ -0,0 +1,28 @@
+---
+# InfluxDB 1.* to be used with Grafana.
+# https://docs.influxdata.com/influxdb/v1.8/introduction/get-started/
+
+- name: Server | InfluxDB1 | Check
+  shell: which influxd
+  register: influxdb_check
+  ignore_errors: yes
+
+- name: Server | InfluxDB1 | Install
+  shell: "{{ item }}"
+  args:
+    chdir: "{{ ansible_env.HOME }}/Downloads/"
+  loop:
+    - mv influxdb_1.8.4_amd64.deb ~/TRASH/ 2>/dev/null; exit 0
+    - wget https://dl.influxdata.com/influxdb/releases/influxdb_1.8.4_amd64.deb
+    - sudo dpkg -i influxdb_1.8.4_amd64.deb
+    - service influxdb start
+    - sleep 10
+  when: influxdb_check.failed
+
+- name: Server | InfluxDB1 | Config
+  shell: "{{ item }}"
+  loop:
+    - influx -execute "create database main"
+    - influx -execute "show databases"
+    - influx -database main -execute "INSERT cpu,host=success,region=test value=1.00"
+  when: influxdb_check.failed

tasks/server/software/influxdb2.yml

@@ -0,0 +1,25 @@
+---
+# Create an Influx2.0 DB. Have not successfully used in Grafana yet.
+# https://docs.influxdata.com/influxdb/v2.0/get-started/?t=Linux
+
+- name: Server | InfluxDB2 | Check
+  shell: which influxd
+  register: influxdb_check
+  ignore_errors: yes
+
+- name: Server | InfluxDB2 | Install
+  shell: "{{ item }}"
+  args:
+    chdir: "{{ ansible_env.HOME }}/Downloads/"
+  loop:
+    - mv influxdb2-2.0.4-amd64.deb ~/TRASH/ 2>/dev/null; exit 0
+    - wget https://dl.influxdata.com/influxdb/releases/influxdb2-2.0.4-amd64.deb
+    - sudo dpkg -i influxdb2-2.0.4-amd64.deb
+    - service influxdb start
+    - sleep 10
+  when: influxdb_check.failed
+
+- name: Server | InfluxDB2 | Config
+  shell: "{{ item }}"
+  loop:
+    - influx setup -f -u ling -p initpassword -o Hyperling -b main -r 0

tasks/server/software/onlyoffice.yml

@@ -0,0 +1,96 @@
+---
+# Create OnlyOffice server for use with Nextcloud.
+
+## Pre-Reqs ##
+
+- name: Server | OnlyOffice | Pre-Requirements | Install
+  package: 
+    name: 
+      - gnupg
+      - python3-certbot-nginx
+    state: present
+
+
+## Install ##
+# https://helpcenter.onlyoffice.com/installation/docs-community-install-ubuntu.aspx
+
+# Dependencies #
+
+- name: Server | OnlyOffice | Postgres | Install
+  package: 
+    name: postgresql
+    state: present
+
+- name: Server | OnlyOffice | Postgres | Configure
+  shell: '{{ item }}'
+  loop:
+    - psql -c "CREATE DATABASE onlyoffice;"
+    - psql -c "CREATE USER onlyoffice WITH password 'onlyoffice';"
+    - psql -c "GRANT ALL privileges ON DATABASE onlyoffice TO onlyoffice;"
+  become_user: postgres
+  ignore_errors: yes
+
+- name: Server | OnlyOffice | RabbitMQ | Install
+  package: 
+    name: rabbitmq-server
+    state: present
+
+# Actual Program #
+
+- name: Server | OnlyOffice | Docs | Add Repo
+  shell: '{{ item }}'
+  loop:
+    - apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys CB2DE8E5
+    - echo "deb https://download.onlyoffice.com/repo/debian squeeze main" | tee /etc/apt/sources.list.d/onlyoffice.list
+    - apt update
+
+- name: Server | OnlyOffice | Docs | Install
+  package: 
+    name: 
+      - ttf-mscorefonts-installer
+      - onlyoffice-documentserver
+    state: present
+
+
+
+## HTTPS ##
+# https://helpcenter.only{{ ansible_histname }}.com/installation/docs-community-https-linux.aspx
+
+# Certs #
+
+- name: Server | OnlyOffice | HTTPS | Check For Cert
+  shell: "ls -l /etc/letsencrypt/live/{{ ansible_hostname }}.{{ domain }}/{fullchain,privkey}.pem"
+  register: onlyoffice_cert
+
+- name: Server | OnlyOffice | HTTPS | Create Cert
+  shell: "certbot --nginx -d {{ ansible_hostname }}.{{ domain }}"
+  when: onlyoffice_cert.failed
+
+# Config #
+
+#- name: Server | OnlyOffice | HTTPS | Check For Config
+#  shell: ls -l /etc/onlyoffice/documentserver/nginx/ds.conf
+#  register: onlyoffice_cert
+#
+#- name: Server | OnlyOffice | HTTPS | Create Config
+#  shell: cp -f /etc/onlyoffice/documentserver/nginx/ds-ssl.conf.tmpl /etc/onlyoffice/documentserver/nginx/ds.conf
+#  when: onlyoffice_cert.failed
+#
+#- name: Server | OnlyOffice | HTTPS | Modify Config
+#  lineinfile:
+#    path: /etc/onlyoffice/documentserver/nginx/ds.conf
+#    regexp: '{{ item.regexp }}'
+#    line: '{{ item.line }}; # MANAGED BY ANSIBLE'
+#    state: present
+#    create: no
+#    backup: yes
+#  loop:
+#    - { "regexp": "ssl_certificate ", "line": "  ssl_certificate /etc/letsencrypt/live/{{ ansible_hostname }}.{{ domain }}/fullchain.pem" }
+#    - { "regexp": "ssl_certificate_key ", "line": "  ssl_certificate_key /etc/letsencrypt/live/{{ ansible_hostname }}.{{ domain }}/privkey.pem" }
+
+# Services #
+
+- name: Server | OnlyOffice | HTTPS | Reload nginx
+  service:
+    name: nginx
+    status: reloaded