Add components to help keep certs up to date.
This commit is contained in:
96
tasks/server/software/onlyoffice.yml
Normal file
96
tasks/server/software/onlyoffice.yml
Normal file
@ -0,0 +1,96 @@
|
||||
---
|
||||
# Create OnlyOffice server for use with Nextcloud.
|
||||
|
||||
## Pre-Reqs ##
|
||||
|
||||
- name: Server | OnlyOffice | Pre-Requirements | Install
|
||||
package:
|
||||
name:
|
||||
- gnupg
|
||||
- python3-certbot-nginx
|
||||
state: present
|
||||
|
||||
|
||||
## Install ##
|
||||
# https://helpcenter.onlyoffice.com/installation/docs-community-install-ubuntu.aspx
|
||||
|
||||
# Dependencies #
|
||||
|
||||
- name: Server | OnlyOffice | Postgres | Install
|
||||
package:
|
||||
name: postgresql
|
||||
state: present
|
||||
|
||||
- name: Server | OnlyOffice | Postgres | Configure
|
||||
shell: '{{ item }}'
|
||||
loop:
|
||||
- psql -c "CREATE DATABASE onlyoffice;"
|
||||
- psql -c "CREATE USER onlyoffice WITH password 'onlyoffice';"
|
||||
- psql -c "GRANT ALL privileges ON DATABASE onlyoffice TO onlyoffice;"
|
||||
become_user: postgres
|
||||
ignore_errors: yes
|
||||
|
||||
- name: Server | OnlyOffice | RabbitMQ | Install
|
||||
package:
|
||||
name: rabbitmq-server
|
||||
state: present
|
||||
|
||||
# Actual Program #
|
||||
|
||||
- name: Server | OnlyOffice | Docs | Add Repo
|
||||
shell: '{{ item }}'
|
||||
loop:
|
||||
- apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys CB2DE8E5
|
||||
- echo "deb https://download.onlyoffice.com/repo/debian squeeze main" | tee /etc/apt/sources.list.d/onlyoffice.list
|
||||
- apt update
|
||||
|
||||
- name: Server | OnlyOffice | Docs | Install
|
||||
package:
|
||||
name:
|
||||
- ttf-mscorefonts-installer
|
||||
- onlyoffice-documentserver
|
||||
state: present
|
||||
|
||||
|
||||
|
||||
## HTTPS ##
|
||||
# https://helpcenter.only{{ ansible_histname }}.com/installation/docs-community-https-linux.aspx
|
||||
|
||||
# Certs #
|
||||
|
||||
- name: Server | OnlyOffice | HTTPS | Check For Cert
|
||||
shell: "ls -l /etc/letsencrypt/live/{{ ansible_hostname }}.{{ domain }}/{fullchain,privkey}.pem"
|
||||
register: onlyoffice_cert
|
||||
|
||||
- name: Server | OnlyOffice | HTTPS | Create Cert
|
||||
shell: "certbot --nginx -d {{ ansible_hostname }}.{{ domain }}"
|
||||
when: onlyoffice_cert.failed
|
||||
|
||||
# Config #
|
||||
|
||||
#- name: Server | OnlyOffice | HTTPS | Check For Config
|
||||
# shell: ls -l /etc/onlyoffice/documentserver/nginx/ds.conf
|
||||
# register: onlyoffice_cert
|
||||
#
|
||||
#- name: Server | OnlyOffice | HTTPS | Create Config
|
||||
# shell: cp -f /etc/onlyoffice/documentserver/nginx/ds-ssl.conf.tmpl /etc/onlyoffice/documentserver/nginx/ds.conf
|
||||
# when: onlyoffice_cert.failed
|
||||
#
|
||||
#- name: Server | OnlyOffice | HTTPS | Modify Config
|
||||
# lineinfile:
|
||||
# path: /etc/onlyoffice/documentserver/nginx/ds.conf
|
||||
# regexp: '{{ item.regexp }}'
|
||||
# line: '{{ item.line }}; # MANAGED BY ANSIBLE'
|
||||
# state: present
|
||||
# create: no
|
||||
# backup: yes
|
||||
# loop:
|
||||
# - { "regexp": "ssl_certificate ", "line": " ssl_certificate /etc/letsencrypt/live/{{ ansible_hostname }}.{{ domain }}/fullchain.pem" }
|
||||
# - { "regexp": "ssl_certificate_key ", "line": " ssl_certificate_key /etc/letsencrypt/live/{{ ansible_hostname }}.{{ domain }}/privkey.pem" }
|
||||
|
||||
# Services #
|
||||
|
||||
- name: Server | OnlyOffice | HTTPS | Reload nginx
|
||||
service:
|
||||
name: nginx
|
||||
status: reloaded
|
||||
Reference in New Issue
Block a user