Drop passbolt, we moved to pass (see github.com/afpy/pass).
This commit is contained in:
parent
4362a92cd1
commit
b5b7442d9e
13
README.md
13
README.md
|
@ -4,7 +4,6 @@ On découpe nos *playbooks* Ansible par rôles :
|
|||
|
||||
- `site.yml`: Inclu tous les autres, pratique pour tout exécuter.
|
||||
- `pycon.yml`: Pour les pycon.fr
|
||||
- `passbolt.yml`: Pour passbolt.
|
||||
- `backup.yml`: Configure rsnapshot pour sauvegarder nos serveurs.
|
||||
- ...
|
||||
|
||||
|
@ -19,8 +18,6 @@ Puis pour jouer les *playbooks* :
|
|||
|
||||
- Pour tout relancer : `ansible-playbook site.yml`
|
||||
- Pour configurer les PyCons : `ansible-playbook pycons.yml`
|
||||
- Pour configurer Passbolt : `ansible-playbook passbolt.yml`
|
||||
(attention voir [#15](https://github.com/laxathom/ansible-role-passbolt/issues/15)).
|
||||
|
||||
## TODO
|
||||
|
||||
|
@ -68,7 +65,7 @@ Liste des jails toujours utiles :
|
|||
- smtpd (/usr/local/etc/mail/smtpd.conf)
|
||||
- dovecot (comptes: /usr/local/etc/mail/tables/passwd)
|
||||
- spamd
|
||||
- mailman: Le sitepass est disponnible dans passbolt.
|
||||
- mailman: Le sitepass est disponnible dans [pass](https://github.com/AFPy/pass/).
|
||||
- http: toujours utile pour https://lists.afpy.org
|
||||
|
||||
|
||||
|
@ -112,14 +109,6 @@ backup storage.afpy.org:/var/www/ storage.afpy.org/
|
|||
```
|
||||
|
||||
|
||||
## Passbolt
|
||||
|
||||
See [passbolt backup documentation](https://help.passbolt.com/hosting/backup).
|
||||
|
||||
On a un CRON qui lance un `mysqldump` vers `/srv/backups/passbolt.sql`
|
||||
sur le serveur du passbolt, qui dont pourrait se faire sauvegarder par rsnapshot.
|
||||
|
||||
|
||||
## BBB
|
||||
|
||||
On a installé le BBB simplement, sur bbb.afpy.org, une machine dédiée :
|
||||
|
|
15
backup.yml
15
backup.yml
|
@ -1,20 +1,5 @@
|
|||
---
|
||||
|
||||
- hosts: rsnapshoters
|
||||
roles: [common]
|
||||
tasks:
|
||||
- name: Setup rsnapshot cron
|
||||
include_role: name=rsnapshoter
|
||||
vars:
|
||||
rsnapshotted_hosts: "{{ groups.rsnapshotted }}"
|
||||
rsnapshot_backups:
|
||||
- remote: passbolt.afpy.org:/srv/backups/
|
||||
path: passbolt.afpy.org/
|
||||
- remote: passbolt.afpy.org:/srv/passbolt/www/webroot/img/public/
|
||||
path: passbolt.afpy.org/
|
||||
- remote: passbolt.afpy.org:/srv/passbolt/www/config/
|
||||
path: passbolt.afpy.org/
|
||||
|
||||
- hosts: rsnapshotted
|
||||
roles: [common]
|
||||
tasks:
|
||||
|
|
|
@ -4,15 +4,9 @@ deb.afpy.org
|
|||
[dl]
|
||||
dl.afpy.org
|
||||
|
||||
[rsnapshoters]
|
||||
silence.local # Yes it's on Julien's LAN.
|
||||
|
||||
[rsnapshotted]
|
||||
deb.afpy.org
|
||||
|
||||
[passbolt]
|
||||
deb.afpy.org
|
||||
|
||||
[alains]
|
||||
deb.afpy.org
|
||||
|
||||
|
|
93
passbolt.yml
93
passbolt.yml
|
@ -1,93 +0,0 @@
|
|||
---
|
||||
|
||||
- hosts: passbolt
|
||||
roles: [common, tschifftner.exim4_sendonly, laxathom.passbolt]
|
||||
tasks:
|
||||
- name: Create passbolt backup directory
|
||||
file:
|
||||
path: /srv/backups/
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0700
|
||||
state: directory
|
||||
tags: backup
|
||||
|
||||
- name: Setup mysql passbolt backup
|
||||
cron:
|
||||
name: passbolt mysql backup
|
||||
minute: 20
|
||||
hour: 5
|
||||
job: '/usr/bin/mysqldump passbolt > /srv/backups/passbolt.sql'
|
||||
tags: backup
|
||||
|
||||
vars:
|
||||
passbolt_version: "2.12.0"
|
||||
passbolt_tmpdir: "/srv/passbolt-tmp/"
|
||||
passbolt_homedir: "/srv/passbolt/"
|
||||
passbolt_webroot: "/srv/passbolt/www/"
|
||||
passbolt_use_ssl: True
|
||||
passbolt_url: "https://passbolt.afpy.org"
|
||||
passbolt_domain: "passbolt.afpy.org"
|
||||
passbolt_gpgkey_length: 4096
|
||||
passbolt_gpgkey_sublength: 4096
|
||||
passbolt_gpgkey_email: "passbolt@afpy.org"
|
||||
passbolt_dbpass: "{{ vault_passbolt_dbpass }}"
|
||||
passbolt_smtp_sender_email: "passbolt@afpy.org"
|
||||
|
||||
passbolt_php_fpm_includedir: /etc/php/7.3/fpm/pool.d/
|
||||
passbolt_php_fpm_listen: /var/run/php/fpm.sock
|
||||
passbolt_php_fpm_user: passbolt
|
||||
passbolt_php_fpm_group: passbolt
|
||||
passbolt_php_fpm_listen_owner: www-data
|
||||
passbolt_php_fpm_listen_group: www-data
|
||||
|
||||
passbolt_dbport: 3306
|
||||
mysql_root_username: root
|
||||
mysql_root_password: "{{ vault_mysql_root_password }}"
|
||||
mysql_databases:
|
||||
- name: passbolt
|
||||
encoding: utf8mb4
|
||||
collation: utf8mb4_unicode_ci
|
||||
mysql_users:
|
||||
- name: passbolt
|
||||
password: "{{ vault_passbolt_dbpass }}"
|
||||
priv: "passbolt.*:ALL"
|
||||
mysql_packages:
|
||||
- mariadb-server
|
||||
- mariadb-client
|
||||
- python-mysqldb
|
||||
mysql_bind_address: '127.0.0.1'
|
||||
php_memory_limit: "512M"
|
||||
php_date_timezone: "Europe/Paris"
|
||||
php_webserver_daemon: "nginx"
|
||||
php_enable_php_fpm: true
|
||||
php_enable_webserver: false
|
||||
nginx_sites:
|
||||
passbolt_http:
|
||||
- listen 80
|
||||
- server_name "{{ passbolt_domain }}"
|
||||
- access_log /var/log/nginx/passbolt.afpy.org-access.log
|
||||
- error_log /var/log/nginx/passbolt.afpy.org-error.log
|
||||
- location / {
|
||||
return 301 https://{{ passbolt_domain }}$request_uri;
|
||||
}
|
||||
|
||||
passbolt:
|
||||
- listen 443 ssl
|
||||
- server_name passbolt.afpy.org
|
||||
- server_tokens off
|
||||
- access_log /var/log/nginx/passbolt.afpy.org-access.log
|
||||
- error_log /var/log/nginx/passbolt.afpy.org-error.log
|
||||
- include snippets/letsencrypt-{{ passbolt_domain }}.conf
|
||||
- root {{ passbolt_webroot }}/webroot/
|
||||
- location / { try_files $uri /index.php$is_args$args; }
|
||||
- location ~ \.php(/|$) {
|
||||
fastcgi_pass unix:{{ passbolt_php_fpm_listen }};
|
||||
fastcgi_split_path_info ^(.+\.php)(/.*)$;
|
||||
fastcgi_read_timeout 500;
|
||||
include fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
|
||||
fastcgi_param SERVER_NAME $http_host;
|
||||
fastcgi_param DOCUMENT_ROOT $realpath_root;
|
||||
internal;
|
||||
}
|
|
@ -4,5 +4,3 @@ roles:
|
|||
version: master
|
||||
- src: tschifftner.exim4_sendonly
|
||||
version: master
|
||||
- src: laxathom.passbolt
|
||||
version: master
|
||||
|
|
1
site.yml
1
site.yml
|
@ -4,7 +4,6 @@
|
|||
- import_playbook: pycon.fr.yml
|
||||
- import_playbook: afpy.org.yml
|
||||
- import_playbook: logs.afpy.org.yml
|
||||
# - import_playbook: passbolt.yml # See https://github.com/laxathom/ansible-role-passbolt/issues/15
|
||||
- import_playbook: backup.yml
|
||||
- import_playbook: autoconfig.yml
|
||||
- import_playbook: alain.yml
|
||||
|
|
Loading…
Reference in New Issue