Passbolt role starts to work.

README.md

@@ -1,5 +1,8 @@
 # Servers
 
+Dependencies:
+ - tschifftner.exim4_sendonly
+
 ## TODO
 
 - [ ] Setup watchghost

playbook.yml

@@ -37,69 +37,88 @@
     static_domain: 2012.pycon.fr
     static_repo: https://github.com/AFPy/pyconfr_2012
 
-# - hosts: pycons
-#   roles: [passbolt]
-#   vars:
-#     passbolt_tmpdir: "/srv/passbolt-tmp/"
-#     passbolt_homedir: "/srv/passbolt/"
-#     passbolt_webroot: "/srv/passbolt/www/"
-#     passbolt_use_ssl: True
-#     passbolt_url: "https://passbolt.afpy.org"
-#     passbolt_domain: "passbolt.afpy.org"
-#     passbolt_gpgkey_length: 4096
-#     passbolt_gpgkey_sublength: 4096
-#     passbolt_gpgkey_email: "passbolt@afpy.org"
-#     passbolt_dbpass: "{{ vault_passbolt_dbpass }}"
-#     passbolt_smtp_sender_email: "passbolt@afpy.org"
-#     passbolt_php_fpm_user: "www-data"
-#     passbolt_php_fpm_group: "www-data"
-#
-#     passbolt_php_fpm_includedir: /etc/php/7.0/fpm/pool.d/
-#     passbolt_php_fpm_listen: /var/run/php/fpm.sock
-#     passbolt_dbport: 3306
-#     mysql_root_username: root
-#     mysql_root_password: "{{ vault_mysql_root_password }}"
-#     mysql_databases:
-#       - name: passbolt
-#         encoding: utf8mb4
-#         collation: utf8mb4_unicode_ci
-#     mysql_users:
-#       - name: passbolt
-#         password: "{{ vault_passbolt_dbpass }}"
-#         priv: "passbolt.*:ALL"
-#     mysql_packages:
-#     - mariadb-server
-#     - mariadb-client
-#     - python-mysqldb
-#     mysql_bind_address: '127.0.0.1'
-#     php_memory_limit: "512M"
-#     php_date_timezone: "Europe/Paris"
-#     php_webserver_daemon: "nginx"
-#     php_enable_php_fpm: true
-#     php_enable_webserver: false
-#     php_default_version_debian: "7.0"
-#     nginx_sites:
-#         passbolt_http:
-#             - listen 80
-#             - server_name "{{ passbolt_domain }}"
-#             - location / {
-#               return 301 https://{{ passbolt_domain }}$request_uri;
-#               }
-#
-#         passbolt:
-#             - listen 443 ssl
-#             - server_name passbolt.afpy.org
-#             - server_tokens off
-#             - include snippets/letsencrypt-{{ passbolt_domain }}.conf
-#             - root {{ passbolt_webroot }}/webroot/
-#             - location / { try_files $uri /index.php$is_args$args; }
-#             - location ~ \.php(/|$) {
-#               fastcgi_pass unix:{{ passbolt_php_fpm_listen }};
-#               fastcgi_split_path_info ^(.+\.php)(/.*)$;
-#               fastcgi_read_timeout 500;
-#               include fastcgi_params;
-#               fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
-#               fastcgi_param SERVER_NAME $http_host;
-#               fastcgi_param DOCUMENT_ROOT $realpath_root;
-#               internal;
-#               }
+- hosts: pycons
+  roles: [tschifftner.exim4_sendonly, passbolt]
+  tasks:
+    - name: Create passbolt backup directory
+      file:
+        path: /src/passbolt_backup/
+        owner: root
+        group: root
+        mode: 0700
+        state: directory
+      tags: backup
+    - name: Setup mysql passbolt backup
+      cron:
+        name: passbolt mysql backup
+        minute: 20
+        hour: 5
+        job: '/usr/bin/mysqldump passbolt > /src/$(date +"\%Y-\%m-\%d")-passbolt_backup.sql'
+      tags: backup
+
+
+  vars:
+    passbolt_tmpdir: "/srv/passbolt-tmp/"
+    passbolt_homedir: "/srv/passbolt/"
+    passbolt_webroot: "/srv/passbolt/www/"
+    passbolt_use_ssl: True
+    passbolt_url: "https://passbolt.afpy.org"
+    passbolt_domain: "passbolt.afpy.org"
+    passbolt_gpgkey_length: 4096
+    passbolt_gpgkey_sublength: 4096
+    passbolt_gpgkey_email: "passbolt@afpy.org"
+    passbolt_dbpass: "{{ vault_passbolt_dbpass }}"
+    passbolt_smtp_sender_email: "passbolt@afpy.org"
+
+    passbolt_php_fpm_includedir: /etc/php/7.0/fpm/pool.d/
+    passbolt_php_fpm_listen: /var/run/php/fpm.sock
+    passbolt_php_fpm_user: passbolt
+    passbolt_php_fpm_group: passbolt
+
+    passbolt_dbport: 3306
+    mysql_root_username: root
+    mysql_root_password: "{{ vault_mysql_root_password }}"
+    mysql_databases:
+      - name: passbolt
+        encoding: utf8mb4
+        collation: utf8mb4_unicode_ci
+    mysql_users:
+      - name: passbolt
+        password: "{{ vault_passbolt_dbpass }}"
+        priv: "passbolt.*:ALL"
+    mysql_packages:
+    - mariadb-server
+    - mariadb-client
+    - python-mysqldb
+    mysql_bind_address: '127.0.0.1'
+    php_memory_limit: "512M"
+    php_date_timezone: "Europe/Paris"
+    php_webserver_daemon: "nginx"
+    php_enable_php_fpm: true
+    php_enable_webserver: false
+    php_default_version_debian: "7.0"
+    nginx_sites:
+        passbolt_http:
+            - listen 80
+            - server_name "{{ passbolt_domain }}"
+            - location / {
+              return 301 https://{{ passbolt_domain }}$request_uri;
+              }
+
+        passbolt:
+            - listen 443 ssl
+            - server_name passbolt.afpy.org
+            - server_tokens off
+            - include snippets/letsencrypt-{{ passbolt_domain }}.conf
+            - root {{ passbolt_webroot }}/webroot/
+            - location / { try_files $uri /index.php$is_args$args; }
+            - location ~ \.php(/|$) {
+              fastcgi_pass unix:{{ passbolt_php_fpm_listen }};
+              fastcgi_split_path_info ^(.+\.php)(/.*)$;
+              fastcgi_read_timeout 500;
+              include fastcgi_params;
+              fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
+              fastcgi_param SERVER_NAME $http_host;
+              fastcgi_param DOCUMENT_ROOT $realpath_root;
+              internal;
+              }