From e42ae47dc0c57120211725b7e7b5c6ffa1d324ad Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Wed, 26 Jul 2017 18:54:49 +0200 Subject: [PATCH 01/56] Fix license --- meta/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/main.yml b/meta/main.yml index 820e408..bed14d8 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -10,7 +10,7 @@ galaxy_info: company: 'DebOps' author: 'Reto Gantenbein' description: 'Manage Roundcube, a browser-based IMAP client written in PHP' - license: 'GPLv3' + license: 'GPL-3.0' min_ansible_version: '1.8.0' platforms: From 851eb084a592d5e244197e59c86ed08445b03269 Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Wed, 26 Jul 2017 18:55:08 +0200 Subject: [PATCH 02/56] Update mariadb users variable --- docs/playbooks/roundcube.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/playbooks/roundcube.yml b/docs/playbooks/roundcube.yml index d4cd02c..bee50e2 100644 --- a/docs/playbooks/roundcube.yml +++ b/docs/playbooks/roundcube.yml @@ -26,7 +26,7 @@ - role: debops.mariadb tags: [ 'role::mariadb' ] - mariadb_users: + mariadb__dependent_users: - database: '{{ roundcube__database_map[roundcube__database].dbname }}' user: '{{ roundcube__database_map[roundcube__database].dbuser }}' password: '{{ roundcube__database_map[roundcube__database].dbpass }}' From 52f753ac6ae221268d16f0cadd84ff3462ba905a Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Wed, 26 Jul 2017 18:55:54 +0200 Subject: [PATCH 03/56] Update keepachangelog.com version --- CHANGES.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGES.rst b/CHANGES.rst index a0e84f7..b87e538 100644 --- a/CHANGES.rst +++ b/CHANGES.rst @@ -6,7 +6,7 @@ Changelog **debops-contrib.roundcube** This project adheres to `Semantic Versioning `__ -and `human-readable changelog `__. +and `human-readable changelog `__. The current role maintainer_ is ganto_. From be3f1d0c834df151de432de9167ccf327f748417 Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Thu, 27 Jul 2017 07:08:03 +0200 Subject: [PATCH 04/56] Make system account more configurable --- defaults/main.yml | 41 +++++++++++++++++++++++++++++++---------- tasks/main.yml | 5 ++--- 2 files changed, 33 insertions(+), 13 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 0ddaa6b..b704d6e 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -9,29 +9,50 @@ # # .. include:: includes/all.rst -# .. Roundcube source and deployment [[[1 +# .. Roundcube user account [[[ # -# ----------------------------------- -# Roundcube source and deployment -# ----------------------------------- +# -------------------------- +# Roundcube user account +# -------------------------- -# .. envvar:: roundcube__user +# .. envvar:: roundcube__user [[[ # # Roundcube system user account roundcube__user: 'roundcube' - -# .. envvar:: roundcube__group + # ]]] +# .. envvar:: roundcube__group [[[ # # Roundcube system user group roundcube__group: 'roundcube' + # ]]] +# .. envvar:: roundcube__home [[[ +# +# Path to the home directory of the Roundcube system account. +roundcube__home: '{{ (ansible_local.root.home + if (ansible_local|d() and ansible_local.root|d() and + ansible_local.root.home|d()) + else "/var/local") + "/" + roundcube_user }}' -# .. envvar:: roundcube__home + # ]]] +# .. envvar:: roundcube__comment [[[ # -# Roundcube home directory -roundcube__home: '{{ ansible_local.root.home + "/" + roundcube__user }}' +# The GECOS string set for the Roundcube account. +roundcube__comment: 'Roundcube Webmail' + # ]]] +# .. envvar:: roundcube__shell [[[ +# +# The default shell of the Roundcube account. +roundcube__shell: '/usr/sbin/nologin' + # ]]] + # ]]] +# .. Roundcube source and deployment [[[1 +# +# ----------------------------------- +# Roundcube source and deployment +# ----------------------------------- # .. envvar:: roundcube__src # diff --git a/tasks/main.yml b/tasks/main.yml index 4639066..835e846 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -17,9 +17,8 @@ name: '{{ roundcube__user }}' group: '{{ roundcube__group }}' home: '{{ roundcube__home }}' - shell: '/usr/sbin/nologin' - comment: 'Roundcube' - createhome: False + shell: '{{ roundcube__shell }}' + comment: '{{ roundcube__comment }}' system: True state: 'present' From abec95140d409a07431d97f39c3fee8975ef7074 Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Thu, 27 Jul 2017 07:13:18 +0200 Subject: [PATCH 05/56] Migrate to 'nginx__dependent_upstreams' --- defaults/main.yml | 14 ++++++++------ docs/playbooks/roundcube.yml | 4 ++-- 2 files changed, 10 insertions(+), 8 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index b704d6e..0ed4d27 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -314,14 +314,16 @@ roundcube__nginx_server: roundcube__nginx_access_policy: '' -# .. envvar:: roundcube__nginx_upstream_php5 +# .. envvar:: roundcube__nginx__dependent_upstreams # # PHP upstream server configuration managed by the debops.nginx_ role. -roundcube__nginx_upstream_php5: - enabled: True - name: 'php5_roundcube' - type: 'php5' - php5: 'roundcube' +roundcube__nginx__dependent_upstreams: + + - name: 'php_roundcube' + by_role: 'debops-contrib.roundcube' + enabled: True + type: 'php' + php_pool: 'roundcube' # .. envvar:: roundcube__php5_packages diff --git a/docs/playbooks/roundcube.yml b/docs/playbooks/roundcube.yml index bee50e2..39ffe9d 100644 --- a/docs/playbooks/roundcube.yml +++ b/docs/playbooks/roundcube.yml @@ -21,8 +21,8 @@ tags: [ 'role::nginx' ] nginx_servers: - '{{ roundcube__nginx_server }}' - nginx_upstreams: - - '{{ roundcube__nginx_upstream_php5 }}' + nginx__dependent_upstreams: + - '{{ roundcube__nginx__dependent_upstreams }}' - role: debops.mariadb tags: [ 'role::mariadb' ] From 2e291e17146f549e705a997ac059e9979c426cf7 Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Thu, 27 Jul 2017 07:25:39 +0200 Subject: [PATCH 06/56] Migrate to 'nginx__dependent_servers' --- defaults/main.yml | 80 +++++++++++++++++------------------- docs/playbooks/roundcube.yml | 4 +- 2 files changed, 40 insertions(+), 44 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 0ed4d27..d0dc47e 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -261,52 +261,48 @@ roundcube__extra_packages: [] # Role-dependent configuration # -------------------------------- -# .. envvar:: roundcube__nginx_server +# .. envvar:: roundcube__nginx__dependent_servers [[[ # # :program:`nginx` server configuration managed by the debops.nginx_ role. -roundcube__nginx_server: - by_role: 'ansible-roundcube' - enabled: True - type: 'php5' - name: '{{ roundcube__domain }}' - root: '{{ roundcube__git_checkout }}' - access_policy: '{{ roundcube__nginx_access_policy }}' - index: 'index.php' - - options: | - autoindex off; - client_max_body_size {{ roundcube__max_file_size }}M; - client_body_buffer_size 128k; - - location: - '/': | - try_files $uri $uri/ @roundcube; - - '@roundcube': | - rewrite ^/favicon\.ico$ skins/larry/images/favicon.ico last; - - '~ ^/?(installer|[A-Z0-9]+$)': | - deny all; - - '~ ^/?(\.git|\.tx|SQL|bin|config|logs|temp|tests|program\/(include|lib|localization|steps))': | - deny all; - - '~ /(README\.md|composer\.json-dist|composer\.json|package\.xml|Dockerfile)$': | - deny all; - - php5: 'php5_roundcube' - php5_options: | - fastcgi_intercept_errors on; - fastcgi_ignore_client_abort off; - fastcgi_connect_timeout 60; - fastcgi_send_timeout 180; - fastcgi_read_timeout 180; - fastcgi_buffer_size 128k; - fastcgi_buffers 4 256k; - fastcgi_busy_buffers_size 256k; - fastcgi_temp_file_write_size 256k; +roundcube__nginx__dependent_servers: + - type: 'default' + enabled: True + default: False + by_role: 'debops-contrib.roundcube' + filename: 'debops-contrib.roundcube' + name: '{{ roundcube__domain }}' + root: '{{ roundcube__git_checkout }}' + access_policy: '{{ roundcube__nginx_access_policy }}' + index: 'index.php' + + options: | + autoindex off; + client_max_body_size {{ roundcube__max_file_size }}M; + client_body_buffer_size 128k; + + location_list: + - pattern: '/' + options: | + try_files $uri $uri/ @roundcube; + + - pattern: '@roundcube' + options: | + rewrite ^/favicon\.ico$ skins/larry/images/favicon.ico last; + + - pattern: '~ ^/?(installer|[A-Z0-9]+$)' + options: | + deny all; + + - pattern: '~ ^/?(\.git|\.tx|SQL|bin|config|logs|temp|tests|program\/(include|lib|localization|steps))' + options: | + deny all; + + - pattern: '~ /(README\.md|composer\.json-dist|composer\.json|package\.xml|Dockerfile)$' + options: | + deny all; + # ]]] # .. envvar:: roundcube__nginx_access_policy # # Name of the "nginx access policy" for Roundcube webpage. See debops.nginx_ diff --git a/docs/playbooks/roundcube.yml b/docs/playbooks/roundcube.yml index 39ffe9d..73a3d9e 100644 --- a/docs/playbooks/roundcube.yml +++ b/docs/playbooks/roundcube.yml @@ -19,8 +19,8 @@ - role: debops.nginx tags: [ 'role::nginx' ] - nginx_servers: - - '{{ roundcube__nginx_server }}' + nginx__dependent_servers: + - '{{ roundcube__nginx__dependent_servers }}' nginx__dependent_upstreams: - '{{ roundcube__nginx__dependent_upstreams }}' From 58ee54eb6c14cc21118914c79600c7c3a83a99cd Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Thu, 27 Jul 2017 07:27:23 +0200 Subject: [PATCH 07/56] Add dependency to debops.ferm to allow http/https access --- docs/playbooks/roundcube.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docs/playbooks/roundcube.yml b/docs/playbooks/roundcube.yml index 73a3d9e..3c30c40 100644 --- a/docs/playbooks/roundcube.yml +++ b/docs/playbooks/roundcube.yml @@ -17,6 +17,11 @@ php5_pools: - '{{ roundcube__php5_pool }}' + - role: debops.ferm + tags: [ 'role::ferm', 'role::nginx' ] + ferm__dependent_rules: + - '{{ nginx__ferm__dependent_rules }}' + - role: debops.nginx tags: [ 'role::nginx' ] nginx__dependent_servers: From 194ed45891a707afe7b199b3d6d083c0501a6d3b Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Thu, 27 Jul 2017 19:18:37 +0200 Subject: [PATCH 08/56] Migrate from 'debops.php5' to 'debops.php' role --- defaults/main.yml | 98 ++++++++++++++++++++++++++++-------- docs/playbooks/roundcube.yml | 15 +++--- 2 files changed, 87 insertions(+), 26 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index d0dc47e..7326e59 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -9,6 +9,64 @@ # # .. include:: includes/all.rst +# .. Packages and installation [[[ +# +# ----------------------------- +# Packages and installation +# ----------------------------- + +# .. envvar:: roundcube__required_php_packages [[[ +# +# List of PHP packages required by Roundcube. +# Refer to the `official Roundcube documentation `__ for details. +roundcube__required_php_packages: + # Included in the base install: + # - 'dom' + # - 'iconv' + # - 'mbstring' + # - 'openssl' + # - 'session' + # - 'sockets' + # - 'xml' + + - 'json' + + # Bundled: + # - 'mail-mime' + # - 'net-smtp' + # - 'net-socket' + # - 'auth-sasl' + + # ]]] +# .. envvar:: roundcube__optional_php_packages [[[ +# +# List of recommended/optional PHP packages for Roundcube. +# Refer to the `official Roundcube documentation `__ for details. +roundcube__optional_php_packages: + # Included in the base install: + # - 'zip' + + - 'iconv' + - 'pspell' + + # ]]] +# .. envvar:: roundcube__base_php_packages [[[ +# +# List of base PHP packages required by Roundcube. +roundcube__base_php_packages: + - '{{ roundcube__required_php_packages }}' + - '{{ roundcube__optional_php_packages }}' + - '{{ [ "mysql" ] if (roundcube__database_map[roundcube__database].dbtype in [ "mariadb", "mysql" ]) else [] }}' + - '{{ [ "sqlite" ] if (roundcube__database_map[roundcube__database].dbtype == "sqlite") else [] }}' + + # ]]] +# .. envvar:: roundcube__extra_packages [[[ +# +# List of additional Debian packages (e. g. language dictionaries) that should +# be installed with Roundcube +roundcube__extra_packages: [] + # ]]] + # ]]] # .. Roundcube user account [[[ # # -------------------------- @@ -248,13 +306,6 @@ roundcube__plugins: [] roundcube__max_file_size: '30' -# .. envvar:: roundcube__extra_packages -# -# List of additional Debian packages (e. g. language dictionaries) that should -# be installed with Roundcube -roundcube__extra_packages: [] - - # .. Role-dependent configuration [[[1 # # -------------------------------- @@ -322,30 +373,35 @@ roundcube__nginx__dependent_upstreams: php_pool: 'roundcube' -# .. envvar:: roundcube__php5_packages +# .. envvar:: roundcube__php__dependent_packages [[[ # -# List of PHP5 packages required by Roundcube. -roundcube__php5_packages: [ 'php-auth-sasl', 'php5-gd', 'php5-intl', 'php5-json', - 'php5-mcrypt', 'php-mail-mime', 'php-mail-mimedecode', - 'php-net-smtp', 'php-net-socket', 'php-pear' ] +# List of PHP packages to install using the debops.php_ role. +roundcube__php__dependent_packages: + - '{{ roundcube__base_php_packages }}' + - '{{ roundcube__optional_php_packages }}' + - '{{ roundcube__custom_php_packages }}' -# .. envvar:: roundcube__php5_pool + # ]]] +# .. envvar:: roundcube__php__dependent_pools [[[ # -# PHP pool managed by the `debops.php5 `_ -# role. -roundcube__php5_pool: - enabled: True +# PHP pools managed by the debops.php_ role. +roundcube__php__dependent_pools: name: 'roundcube' + by_role: 'debops-contrib.roundcube' user: '{{ roundcube__user }}' group: '{{ roundcube__group }}' - php_admin_value: + php_values: + ## https://secure.php.net/manual/en/info.configuration.php#ini.upload-max-filesize + upload_max_filesize: '{{ roundcube__max_file_size }}M' + + ## https://secure.php.net/manual/en/ini.core.php#ini.post-max-size + post_max_size: '{{ roundcube__max_file_size }}M' + display_errors: 'off' log_errors: 'on' error_log: 'logs/errors' - upload_max_filesize: '{{ roundcube__max_file_size }}M' - post_max_size: '{{ roundcube__max_file_size }}M' memory_limit: '64M' register_globals: 'off' zlib.output_compression: 'off' @@ -356,3 +412,5 @@ roundcube__php5_pool: session.gc_maxlifetime: '21600' session.gc_divisor: '500' session.gc_probability: '1' + # ]]] + # ]]] diff --git a/docs/playbooks/roundcube.yml b/docs/playbooks/roundcube.yml index 3c30c40..0e269fe 100644 --- a/docs/playbooks/roundcube.yml +++ b/docs/playbooks/roundcube.yml @@ -10,18 +10,21 @@ roles: - - role: debops.php5 - tags: [ 'role::php5' ] - php5_packages: - - '{{ roundcube__php5_packages }}' - php5_pools: - - '{{ roundcube__php5_pool }}' + - role: debops.php/env + tags: [ 'role::php', 'role::php:env' ] - role: debops.ferm tags: [ 'role::ferm', 'role::nginx' ] ferm__dependent_rules: - '{{ nginx__ferm__dependent_rules }}' + - role: debops.php + tags: [ 'role::php' ] + php__dependent_packages: + - '{{ roundcube__php__dependent_packages }}' + php__dependent_pools: + - '{{ roundcube__php__dependent_pools }}' + - role: debops.nginx tags: [ 'role::nginx' ] nginx__dependent_servers: From 8c7a4a9027169b3c31302336e02d390ddde6edfa Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Thu, 3 Aug 2017 07:21:21 +0200 Subject: [PATCH 09/56] Define forgotten variable 'roundcube__custom_php_packages' --- defaults/main.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/defaults/main.yml b/defaults/main.yml index 7326e59..4ccb55f 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -49,6 +49,12 @@ roundcube__optional_php_packages: - 'iconv' - 'pspell' + # ]]] +# .. envvar:: roundcube__custom_php_packages [[[ +# +# List of user defined PHP packages for Roundcube. +roundcube__custom_php_packages: [] + # ]]] # .. envvar:: roundcube__base_php_packages [[[ # From 751f8852bdb49c42124617b91153706c0b11c56f Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Thu, 3 Aug 2017 07:22:39 +0200 Subject: [PATCH 10/56] PHP iconv is already included by default --- defaults/main.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/defaults/main.yml b/defaults/main.yml index 4ccb55f..b0c1b5b 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -46,7 +46,6 @@ roundcube__optional_php_packages: # Included in the base install: # - 'zip' - - 'iconv' - 'pspell' # ]]] From 195a73f9cf89321c9442c92e7b25db3e9f1bcc5f Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Thu, 3 Aug 2017 07:23:45 +0200 Subject: [PATCH 11/56] Add 'debops.apt_preferences' role dependency --- docs/playbooks/roundcube.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/docs/playbooks/roundcube.yml b/docs/playbooks/roundcube.yml index 0e269fe..e62766c 100644 --- a/docs/playbooks/roundcube.yml +++ b/docs/playbooks/roundcube.yml @@ -13,6 +13,12 @@ - role: debops.php/env tags: [ 'role::php', 'role::php:env' ] + - role: debops.apt_preferences + tags: [ 'role::apt_preferences', 'role::nginx', 'role::php' ] + apt_preferences__dependent_list: + - '{{ nginx__apt_preferences__dependent_list }}' + - '{{ php__apt_preferences__dependent_list }}' + - role: debops.ferm tags: [ 'role::ferm', 'role::nginx' ] ferm__dependent_rules: From 244e5ff7d1e96c1372174aaa5035796930b091c1 Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Thu, 3 Aug 2017 19:56:06 +0200 Subject: [PATCH 12/56] Set 'roundcube__git_version' to 1.3.0, fix 'roundcube__home' --- defaults/main.yml | 87 +++++++++++++++++++++++------------------------ 1 file changed, 42 insertions(+), 45 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index b0c1b5b..6814209 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -96,7 +96,7 @@ roundcube__group: 'roundcube' roundcube__home: '{{ (ansible_local.root.home if (ansible_local|d() and ansible_local.root|d() and ansible_local.root.home|d()) - else "/var/local") + "/" + roundcube_user }}' + else "/var/local") + "/" + roundcube__user }}' # ]]] # .. envvar:: roundcube__comment [[[ @@ -111,19 +111,45 @@ roundcube__comment: 'Roundcube Webmail' roundcube__shell: '/usr/sbin/nologin' # ]]] # ]]] -# .. Roundcube source and deployment [[[1 +# .. Roundcube source and deployment [[[ # # ----------------------------------- # Roundcube source and deployment # ----------------------------------- -# .. envvar:: roundcube__src +# .. envvar:: roundcube__git_repo [[[ +# +# Roundcube source repository +roundcube__git_repo: 'https://github.com/roundcube/roundcubemail.git' + + # ]]] +# .. envvar:: roundcube__git_dest [[[ +# +# Roundcube source directory on the host +roundcube__git_dest: '{{ roundcube__src + "/" + roundcube__git_repo.split("://")[1] }}' + + # ]]] +# .. envvar:: roundcube__git_tag [[[ +# +# Roundcube release tag to deploy +roundcube__git_version: '1.3.0' + + # ]]] +# .. envvar:: roundcube__git_checkout [[[ +# +# Default path where Roundcube source files will be deployed +roundcube__git_checkout: '{{ roundcube__www + "/sites/" + + (roundcube__domain if roundcube__domain is string else roundcube__domain[0]) + + "/public" }}' + + # ]]] +# .. envvar:: roundcube__src [[[ # # Base path for git bare repository with Roundcube source roundcube__src: '{{ ansible_local.root.src + "/" + roundcube__user }}' - -# .. envvar:: roundcube__www + # ]]] +# .. envvar:: roundcube__www [[[ # # Base web root directory for Roundcube website roundcube__www: '{{ (ansible_local.nginx.www @@ -131,8 +157,8 @@ roundcube__www: '{{ (ansible_local.nginx.www ansible_local.nginx|d()) else "/srv/www" ) + "/" + roundcube__user }}' - -# .. envvar:: roundcube__webserver_user + # ]]] +# .. envvar:: roundcube__webserver_user [[[ # # Roundcube webserver user (needs read-only access to the website code) roundcube__webserver_user: '{{ ansible_local.nginx.user @@ -141,33 +167,8 @@ roundcube__webserver_user: '{{ ansible_local.nginx.user ansible_local.nginx.user|d()) else "www-data" }}' - -# .. envvar:: roundcube__git_repo -# -# Roundcube source repository -roundcube__git_repo: 'https://github.com/roundcube/roundcubemail.git' - - -# .. envvar:: roundcube__git_dest -# -# Roundcube source directory on the host -roundcube__git_dest: '{{ roundcube__src + "/" + roundcube__git_repo.split("://")[1] }}' - - -# .. envvar:: roundcube__git_tag -# -# Roundcube release tag to deploy -roundcube__git_version: '1.1.9' - - -# .. envvar:: roundcube__git_checkout -# -# Default path where Roundcube source files will be deployed -roundcube__git_checkout: '{{ roundcube__www + "/sites/" + - (roundcube__domain if roundcube__domain is string else roundcube__domain[0]) + - "/public" }}' - - + # ]]] + # ]]] # .. Database configuration [[[1 # # -------------------------- @@ -217,6 +218,7 @@ roundcube__database_schema: '{{ roundcube__git_checkout + "/SQL/mysql.initial.sq if (roundcube__database_map[roundcube__database].dbtype == "mysql") else ""}}' + # .. Roundcube application options [[[1 # # --------------------------------- @@ -404,18 +406,13 @@ roundcube__php__dependent_pools: ## https://secure.php.net/manual/en/ini.core.php#ini.post-max-size post_max_size: '{{ roundcube__max_file_size }}M' - display_errors: 'off' - log_errors: 'on' - error_log: 'logs/errors' + ## https://github.com/roundcube/roundcubemail/wiki/Install-Requirements + file_uploads: 'on' + mbstring.func_overload: 'off' memory_limit: '64M' - register_globals: 'off' - zlib.output_compression: 'off' - magic_quotes_gpc: 'off' - magic_quites_runtime: 'off' - suhosin.session.encrypt: 'off' + magic_quotes_runtime: 'off' + magic_quotes_sybase: 'off' session.auto_start: 'off' - session.gc_maxlifetime: '21600' - session.gc_divisor: '500' - session.gc_probability: '1' + suhosin.session.encrypt: 'off' # ]]] # ]]] From 516f9bc0e5ff3ba80cfc8a61b3f68307183b99a1 Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Thu, 3 Aug 2017 20:03:34 +0200 Subject: [PATCH 13/56] Cleanup hard-coded php package dependencies --- defaults/main.yml | 2 ++ tasks/main.yml | 9 ++------- 2 files changed, 4 insertions(+), 7 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 6814209..622fc80 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -63,6 +63,8 @@ roundcube__base_php_packages: - '{{ roundcube__optional_php_packages }}' - '{{ [ "mysql" ] if (roundcube__database_map[roundcube__database].dbtype in [ "mariadb", "mysql" ]) else [] }}' - '{{ [ "sqlite" ] if (roundcube__database_map[roundcube__database].dbtype == "sqlite") else [] }}' + - '{{ [ "net-sieve" ] if ("managesieve" in roundcube__plugins) else [] }}' + - '{{ [ "crypt-gpg" ] if ("enigma" in roundcube__plugins) else [] }}' # ]]] # .. envvar:: roundcube__extra_packages [[[ diff --git a/tasks/main.yml b/tasks/main.yml index 835e846..2460129 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -25,17 +25,12 @@ # ---- Deployment ---- -- name: Install required dependencies for Roundcube +- name: Install optional packages for Roundcube apt: pkg: '{{ item }}' state: 'present' install_recommends: False - with_flattened: - - [ '{{ roundcube__extra_packages }}' ] - - [ '{{ "php5-sqlite" if roundcube__database_map[roundcube__database].dbtype == "sqlite" else [] }}' ] - - [ '{{ "php5-mysql" if roundcube__database_map[roundcube__database].dbtype == "mysql" else [] }}' ] - - [ '{{ "php-net-sieve" if "managesieve" in roundcube__plugins else [] }}' ] - - [ '{{ "php-crypt-gpg" if "enigma" in roundcube__plugins else [] }}' ] + with_items: '{{ roundcube__extra_packages }}' - name: Install Roundcube packages apt: From f87ff355d1b710c606a06288ccca56e89a732e1e Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Thu, 3 Aug 2017 20:09:26 +0200 Subject: [PATCH 14/56] Fix 'roundcube__src' if 'ansible_local.root' is not defined --- defaults/main.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/defaults/main.yml b/defaults/main.yml index 622fc80..4e8a9a7 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -148,7 +148,10 @@ roundcube__git_checkout: '{{ roundcube__www + "/sites/" + # .. envvar:: roundcube__src [[[ # # Base path for git bare repository with Roundcube source -roundcube__src: '{{ ansible_local.root.src + "/" + roundcube__user }}' +roundcube__src: '{{ (ansible_local.root.src + if (ansible_local|d() and ansible_local.root|d() and + ansible_local.root.src|d()) + else "/usr/local/src") + "/" + roundcube__user }}' # ]]] # .. envvar:: roundcube__www [[[ From bba4626f54906322d6e816677dc7aaa265f47a04 Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Thu, 3 Aug 2017 20:48:30 +0200 Subject: [PATCH 15/56] Re-define php upstream used by nginx --- defaults/main.yml | 21 ++++++++++++++++----- 1 file changed, 16 insertions(+), 5 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 4e8a9a7..53914bc 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -329,12 +329,11 @@ roundcube__max_file_size: '30' # :program:`nginx` server configuration managed by the debops.nginx_ role. roundcube__nginx__dependent_servers: - - type: 'default' - enabled: True - default: False - by_role: 'debops-contrib.roundcube' + - name: '{{ roundcube__domain }}' filename: 'debops-contrib.roundcube' - name: '{{ roundcube__domain }}' + by_role: 'debops-contrib.roundcube' + type: 'php' + default: False root: '{{ roundcube__git_checkout }}' access_policy: '{{ roundcube__nginx_access_policy }}' index: 'index.php' @@ -365,6 +364,18 @@ roundcube__nginx__dependent_servers: options: | deny all; + php_upstream: 'php_roundcube' + php_options: | + fastcgi_intercept_errors on; + fastcgi_ignore_client_abort off; + fastcgi_connect_timeout 60; + fastcgi_send_timeout 180; + fastcgi_read_timeout 180; + fastcgi_buffer_size 128k; + fastcgi_buffers 4 256k; + fastcgi_busy_buffers_size 256k; + fastcgi_temp_file_write_size 256k; + # ]]] # .. envvar:: roundcube__nginx_access_policy # From e7517dd1c8a5f4cfe1238e270e6c215cdaf90821 Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Fri, 4 Aug 2017 07:00:45 +0200 Subject: [PATCH 16/56] Add 'pear' to required PHP packages Fixes "Uncaught Error: Class 'PEAR' not found in /srv/www/roundcube/sites/roundcube.example.com/public/program/lib/Roundcube/bootstrap.php:101" --- defaults/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/defaults/main.yml b/defaults/main.yml index 53914bc..9482608 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -30,6 +30,7 @@ roundcube__required_php_packages: # - 'xml' - 'json' + - 'pear' # Bundled: # - 'mail-mime' From 09c8b3184a7018d34ef86beb7443b9f686078ea8 Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Fri, 4 Aug 2017 07:38:27 +0200 Subject: [PATCH 17/56] Cleanup database definition, fix sqlite driver installation Add new variables 'roundcube__database_password_path' and 'roundcube__database_name'. --- defaults/main.yml | 56 +++++++++++++++++++++++++++++------------------ 1 file changed, 35 insertions(+), 21 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 9482608..1aa6a39 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -62,8 +62,8 @@ roundcube__custom_php_packages: [] roundcube__base_php_packages: - '{{ roundcube__required_php_packages }}' - '{{ roundcube__optional_php_packages }}' - - '{{ [ "mysql" ] if (roundcube__database_map[roundcube__database].dbtype in [ "mariadb", "mysql" ]) else [] }}' - - '{{ [ "sqlite" ] if (roundcube__database_map[roundcube__database].dbtype == "sqlite") else [] }}' + - '{{ [ "mysql" ] if (roundcube__database_map[roundcube__database].dbtype == "mysql") else [] }}' + - '{{ [ "sqlite3" ] if (roundcube__database_map[roundcube__database].dbtype == "sqlite") else [] }}' - '{{ [ "net-sieve" ] if ("managesieve" in roundcube__plugins) else [] }}' - '{{ [ "crypt-gpg" ] if ("enigma" in roundcube__plugins) else [] }}' @@ -181,27 +181,41 @@ roundcube__webserver_user: '{{ ansible_local.nginx.user # Database configuration # -------------------------- -# .. envvar:: roundcube__database_user +# .. envvar:: roundcube__database [[[ # -# Roundcube database user account -roundcube__database_user: 'roundcube' - +# Database definition to use from the :envvar:`roundcube__database_map`. +roundcube__database: 'sqlite-default' -# .. envvar:: roundcube__database_password + # ]]] +# .. envvar:: roundcube__database_user [[[ # -# Roundcube database password -roundcube__database_password: "{{ lookup('password', secret + '/credentials/' + ansible_fqdn + '/roundcube/' + roundcube__database + '/' + roundcube__database_user + '/password length=30') }}" - +# Database user account to use for Roundcube. +roundcube__database_user: 'roundcube' -# .. envvar:: roundcube__database + # ]]] +# .. envvar:: roundcube__database_password_path [[[ # -# Database definition to use from the :envvar:`roundcube__database_map` -roundcube__database: 'sqlite-default' +# Path to the database password file. +roundcube__database_password_path: '{{ secret + "/credentials/" + ansible_fqdn + + "/roundcube/" + roundcube__database + + "/" + roundcube__database_user + "/password" }}' + # ]]] +# .. envvar:: roundcube__database_password [[[ +# +# Database password for the account given in :envvar:`roundcube__database_user`. +roundcube__database_password: '{{ lookup("password", roundcube__database_password_path + " length=30") }}' + # ]]] +# .. envvar:: roundcube__database_name [[[ +# +# Name of the database to use for Roundcube. +roundcube__database_name: 'roundcubemail' -# .. envvar:: roundcube__database_map + # ]]] +# .. envvar:: roundcube__database_map [[[ # -# Database connection definitions +# Database connection definitions. Selet the database connection to use in +# :envvar:`roundcube__database`. roundcube__database_map: sqlite-default: @@ -210,21 +224,21 @@ roundcube__database_map: mysql-default: dbtype: 'mysql' - dbname: 'roundcubemail' + dbname: '{{ roundcube__database_name }}' dbuser: '{{ roundcube__database_user }}' dbpass: '{{ roundcube__database_password }}' dbhost: 'localhost' dbtableprefix: '' - -# .. envvar:: roundcube__database_schema + # ]]] +# .. envvar:: roundcube__database_schema [[[ # -# Roundcube database schema loaded by Ansible +# Initial Roundcube database schema loaded by Ansible. roundcube__database_schema: '{{ roundcube__git_checkout + "/SQL/mysql.initial.sql" if (roundcube__database_map[roundcube__database].dbtype == "mysql") else ""}}' - - + # ]]] + # ]]] # .. Roundcube application options [[[1 # # --------------------------------- From 8b604f6bfb16c932a501ea5d7b111c352f79b3b6 Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Fri, 4 Aug 2017 07:49:37 +0200 Subject: [PATCH 18/56] Add 'mbstring' to required PHP packages Fixes "Call to undefined function mb_strtolower()" --- defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/defaults/main.yml b/defaults/main.yml index 1aa6a39..21a52d1 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -23,12 +23,12 @@ roundcube__required_php_packages: # Included in the base install: # - 'dom' # - 'iconv' - # - 'mbstring' # - 'openssl' # - 'session' # - 'sockets' # - 'xml' + - 'mbstring' - 'json' - 'pear' From 709dbc9ffb06b0db3562ac9bcb323ebaa0f55d34 Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Fri, 4 Aug 2017 19:23:53 +0200 Subject: [PATCH 19/56] Install some PHP packages via package manager depending on release --- defaults/main.yml | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 21a52d1..110f01e 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -30,13 +30,6 @@ roundcube__required_php_packages: - 'mbstring' - 'json' - - 'pear' - - # Bundled: - # - 'mail-mime' - # - 'net-smtp' - # - 'net-socket' - # - 'auth-sasl' # ]]] # .. envvar:: roundcube__optional_php_packages [[[ @@ -62,10 +55,18 @@ roundcube__custom_php_packages: [] roundcube__base_php_packages: - '{{ roundcube__required_php_packages }}' - '{{ roundcube__optional_php_packages }}' + - '{{ [ "crypt-gpg" ] if (ansible_distribution_release in [ "sid" ]) and ("enigma" in roundcube__plugins) + else [] }}' - '{{ [ "mysql" ] if (roundcube__database_map[roundcube__database].dbtype == "mysql") else [] }}' + - '{{ [ "net-idna2" ] if ansible_distribution_release in [ "stretch", "buster", "sid", "zesty", "artful" ] + else [] }}' + - '{{ [ "net-smtp" ] if ansible_distribution_release in [ "stretch", "buster", "sid", "xenial", "yakkety", "zesty", "artful" ] + else [] }}' + - '{{ [ "mail-mime" ] if ansible_distribution_release in [ "stretch", "buster", "sid", "xenial", "yakkety", "zesty", "artful" ] + else [] }}' + - '{{ [ "pear" ] if ansible_distribution_release in [ "stretch", "buster", "sid", "xenial", "yakkety", "zesty", "artful" ] + else [] }}' - '{{ [ "sqlite3" ] if (roundcube__database_map[roundcube__database].dbtype == "sqlite") else [] }}' - - '{{ [ "net-sieve" ] if ("managesieve" in roundcube__plugins) else [] }}' - - '{{ [ "crypt-gpg" ] if ("enigma" in roundcube__plugins) else [] }}' # ]]] # .. envvar:: roundcube__extra_packages [[[ From 20037b0f02ea672cdd15b51f922c33f4509d89a9 Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Fri, 4 Aug 2017 19:41:50 +0200 Subject: [PATCH 20/56] Run PHP composer to install missing packages --- tasks/deploy_roundcube.yml | 20 ++++++++++++++++++++ templates/srv/www/sites/composer.json.j2 | 2 ++ 2 files changed, 22 insertions(+) create mode 100644 templates/srv/www/sites/composer.json.j2 diff --git a/tasks/deploy_roundcube.yml b/tasks/deploy_roundcube.yml index 10d223f..563a480 100644 --- a/tasks/deploy_roundcube.yml +++ b/tasks/deploy_roundcube.yml @@ -90,6 +90,26 @@ register: roundcube__register_checkout changed_when: roundcube__register_target_tag.stdout != roundcube__git_version +- name: Read PHP composer template + command: cat {{ roundcube__git_checkout }}/composer.json-dist + become_user: '{{ roundcube__user }}' + register: roundcube__register_composer_json + changed_when: False + +- name: Generate PHP composer.json + template: + src: 'srv/www/sites/composer.json.j2' + dest: '{{ roundcube__git_checkout }}/composer.json' + owner: 'root' + group: '{{ roundcube__group }}' + mode: '0640' + +- name: Install missing PHP packages via composer + composer: + command: install + working_dir: '{{ roundcube__git_checkout }}' + become_user: '{{ roundcube__user }}' + - name: Enable cleandb.sh Cron job cron: name: Roundcube daily database housekeeping diff --git a/templates/srv/www/sites/composer.json.j2 b/templates/srv/www/sites/composer.json.j2 new file mode 100644 index 0000000..0253774 --- /dev/null +++ b/templates/srv/www/sites/composer.json.j2 @@ -0,0 +1,2 @@ +{% set _composer_json = (roundcube__register_composer_json.stdout | from_json) %} +{{ _composer_json | to_nice_json }} From e758d766fe5a75242ba44da807ca496a64c04003 Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Mon, 7 Aug 2017 06:44:07 +0200 Subject: [PATCH 21/56] PHP 'zip' is not included in common, add it to optional packages --- defaults/main.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/defaults/main.yml b/defaults/main.yml index 110f01e..1817c9c 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -38,9 +38,10 @@ roundcube__required_php_packages: # Refer to the `official Roundcube documentation `__ for details. roundcube__optional_php_packages: # Included in the base install: - # - 'zip' + # - fileinfo - 'pspell' + - 'zip' # ]]] # .. envvar:: roundcube__custom_php_packages [[[ From fe812a36b671fead1c7dc7cd32e5808a09ffc600 Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Mon, 7 Aug 2017 07:02:22 +0200 Subject: [PATCH 22/56] Run post-installation script for javascripts, install deps --- defaults/main.yml | 8 +++++++- tasks/deploy_roundcube.yml | 6 ++++++ tasks/main.yml | 4 +++- 3 files changed, 16 insertions(+), 2 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 1817c9c..7d22fda 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -69,11 +69,17 @@ roundcube__base_php_packages: else [] }}' - '{{ [ "sqlite3" ] if (roundcube__database_map[roundcube__database].dbtype == "sqlite") else [] }}' + # ]]] +# .. envvar:: roundcube__packages [[[ +# +# Debian Packages required for the Roundcube installation. +roundcube__packages: [ 'curl', 'file', 'unzip' ] + # ]]] # .. envvar:: roundcube__extra_packages [[[ # # List of additional Debian packages (e. g. language dictionaries) that should -# be installed with Roundcube +# be installed with Roundcube. roundcube__extra_packages: [] # ]]] # ]]] diff --git a/tasks/deploy_roundcube.yml b/tasks/deploy_roundcube.yml index 563a480..b7fa24f 100644 --- a/tasks/deploy_roundcube.yml +++ b/tasks/deploy_roundcube.yml @@ -110,6 +110,12 @@ working_dir: '{{ roundcube__git_checkout }}' become_user: '{{ roundcube__user }}' +- name: Install Javascript packages + command: bin/install-jsdeps.sh + args: + chdir: '{{ roundcube__git_checkout }}' + become_user: '{{ roundcube__user }}' + - name: Enable cleandb.sh Cron job cron: name: Roundcube daily database housekeeping diff --git a/tasks/main.yml b/tasks/main.yml index 2460129..5ed74aa 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -30,7 +30,9 @@ pkg: '{{ item }}' state: 'present' install_recommends: False - with_items: '{{ roundcube__extra_packages }}' + with_flattened: + - '{{ roundcube__packages }}' + - '{{ roundcube__extra_packages }}' - name: Install Roundcube packages apt: From c49c6e7223ec73200f445a65e12e21a6878dcc7c Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Mon, 7 Aug 2017 07:10:06 +0200 Subject: [PATCH 23/56] Remove support for packaged Roundcube in wheezy --- tasks/main.yml | 13 +------------ 1 file changed, 1 insertion(+), 12 deletions(-) diff --git a/tasks/main.yml b/tasks/main.yml index 5ed74aa..1a76797 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -25,7 +25,7 @@ # ---- Deployment ---- -- name: Install optional packages for Roundcube +- name: Install pre-requisite packages for Roundcube apt: pkg: '{{ item }}' state: 'present' @@ -34,18 +34,7 @@ - '{{ roundcube__packages }}' - '{{ roundcube__extra_packages }}' -- name: Install Roundcube packages - apt: - name: '{{ item }}' - state: 'present' - install_recommends: False - with_items: - - [ 'roundcube', 'roundcube-core' ] - when: (ansible_distribution == 'Debian' and - ansible_distribution_release == 'wheezy' ) - - include: deploy_roundcube.yml - when: (ansible_distribution_release != 'wheezy' ) # ---- Configuration ---- From 8d0212f8def0c5a00119b553fe52dfd14629d5d0 Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Mon, 7 Aug 2017 18:22:08 +0200 Subject: [PATCH 24/56] Update changelog --- CHANGES.rst | 56 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 56 insertions(+) diff --git a/CHANGES.rst b/CHANGES.rst index b87e538..0b56f04 100644 --- a/CHANGES.rst +++ b/CHANGES.rst @@ -16,6 +16,62 @@ The current role maintainer_ is ganto_. .. _debops-contrib.roundcube master: https://github.com/debops-contrib/ansible-roundcube/compare/v0.1.3...master +Added +~~~~~ + +- Added new soft dependency on debops.ferm_ to the example playbook. [ganto_] + +- Added new soft dependency on debops.apt_preferences_ to the example playbook + to satisfy possible package pinning requirements of the debops.nginx_ and + debops.php_ roles. [ganto_] + +- New configuration variables :envvar:`roundcube__shell` and + :envvar:`roundcube__comment` to customize the Roundcube system account. [ganto_] + +- New configuration variables :envvar:`roundcube__database_password_path` and + :envvar:`roundcube__database_name` for easier customization of the database + setup. [ganto_] + +- Install PHP packages which cannot be satisfied by the APT package manager + via PHP's own :command:`composer` dependency manager. [ganto_] + +- Run post-install script provided by upstream which downloads the required + Javascript libraries served to the Web browsers. [ganto_] + + +Changed +~~~~~~~ + +- Set default Roundcube version to 1.3.0. [ganto_] + +- Adjusted the debops.nginx_ configuration to make use of the role's dependent + variables which required minor format changes and variable name adjustments to + correspond to the DebOps naming conventions: + `roundcube__nginx_server` → :envvar:`roundcube__nginx__dependent_servers` + `roundcube__nginx_upstream_php5` → :envvar:`roundcube__nginx__dependent_upstreams` + [ganto_] + +- Make use of the debops.mariadb_ dependent variables in the example playbook. + [ganto_] + +- Updated PHP role dependency from `debops.php5` to the more capable debops.php_. + This changed the format and name of the following variables: + `roundcube__php5_packages` → :envvar:`roundcube__php__dependent_packages` + `roundcube__php5_pool` → :envvar:`roundcube__php__dependent_pools` + + +Fixed +~~~~~ + +- Fixed definition of :envvar:`roundcube__home` and :envvar:`roundcube__src` in + cases where the local facts defined by debops.core_ are not available. [ganto_] + + +Removed +~~~~~~~ + +- Remove support for Debian (oldoldstable) wheezy. [ganto_] + `debops-contrib.roundcube v0.1.3_` - 2017-07-26 ----------------------------------------------- From 2dc43a30f66849dd04df434af43d3d41b6a18264 Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Mon, 7 Aug 2017 18:23:03 +0200 Subject: [PATCH 25/56] Only run install-jsdeps.sh when jquery is not found yet --- tasks/deploy_roundcube.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/tasks/deploy_roundcube.yml b/tasks/deploy_roundcube.yml index b7fa24f..4d548ca 100644 --- a/tasks/deploy_roundcube.yml +++ b/tasks/deploy_roundcube.yml @@ -114,6 +114,7 @@ command: bin/install-jsdeps.sh args: chdir: '{{ roundcube__git_checkout }}' + creates: 'public/js/jquery.min.js' become_user: '{{ roundcube__user }}' - name: Enable cleandb.sh Cron job From c16623c6142155b0a5f033e144f7468b944cf871 Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Wed, 9 Aug 2017 06:29:40 +0200 Subject: [PATCH 26/56] Re-organize PHP package installation, add composer.phar --- defaults/main.yml | 42 ++++++++++++++----- tasks/deploy_roundcube.yml | 8 ++++ tasks/main.yml | 1 + .../lookup/roundcube__apt_php_packages.j2 | 7 ++++ 4 files changed, 47 insertions(+), 11 deletions(-) create mode 100644 templates/lookup/roundcube__apt_php_packages.j2 diff --git a/defaults/main.yml b/defaults/main.yml index 7d22fda..4254450 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -55,24 +55,44 @@ roundcube__custom_php_packages: [] # List of base PHP packages required by Roundcube. roundcube__base_php_packages: - '{{ roundcube__required_php_packages }}' + - '{{ roundcube__apt_php_packages }}' - '{{ roundcube__optional_php_packages }}' - - '{{ [ "crypt-gpg" ] if (ansible_distribution_release in [ "sid" ]) and ("enigma" in roundcube__plugins) - else [] }}' - '{{ [ "mysql" ] if (roundcube__database_map[roundcube__database].dbtype == "mysql") else [] }}' - - '{{ [ "net-idna2" ] if ansible_distribution_release in [ "stretch", "buster", "sid", "zesty", "artful" ] - else [] }}' - - '{{ [ "net-smtp" ] if ansible_distribution_release in [ "stretch", "buster", "sid", "xenial", "yakkety", "zesty", "artful" ] - else [] }}' - - '{{ [ "mail-mime" ] if ansible_distribution_release in [ "stretch", "buster", "sid", "xenial", "yakkety", "zesty", "artful" ] - else [] }}' - - '{{ [ "pear" ] if ansible_distribution_release in [ "stretch", "buster", "sid", "xenial", "yakkety", "zesty", "artful" ] - else [] }}' - '{{ [ "sqlite3" ] if (roundcube__database_map[roundcube__database].dbtype == "sqlite") else [] }}' + # ]]] +# .. envvar:: roundcube__apt_php_packages [[[ +# +# PHP packages which are installed via APT repository if they are available +# in a sufficiently new version in the current distribution. The required +# minimal versions are taken from the composer.json.dist of the Roundcube +# 1.3.0 release. If you install an older version of Roundcube you may want +# to adjust this list. +roundcube__apt_php_packages: '{{ [ "mail-mime", "net-smtp", "pear" ] + if ansible_distribution_release in [ "stretch", "buster", "sid", "xenial", "yakkety", "zesty", "artful" ] + else [] }}' + + # ]]] +# .. envvar:: roundcube__composer_phar_url [[[ +# +# URL to the composer.phar script which will be used to install PHP packages +# not available in the APT repository on distribution releases which don't +# package PHP composer. If this is set to `False`, :command:`composer` will +# be installed via APT package manager. +roundcube__composer_phar_url: '{{ "https://getcomposer.org/composer.phar" + if ansible_distribution_release in + [ "jessie", "trusty" ] else False }}' + + # ]]] +# .. envvar:: roundcube__composer_packages [[[ +# +# APT packages required to install PHP composer. +roundcube__composer_packages: [ 'composer '] + # ]]] # .. envvar:: roundcube__packages [[[ # -# Debian Packages required for the Roundcube installation. +# APT packages required for the Roundcube installation. roundcube__packages: [ 'curl', 'file', 'unzip' ] # ]]] diff --git a/tasks/deploy_roundcube.yml b/tasks/deploy_roundcube.yml index 4d548ca..094f626 100644 --- a/tasks/deploy_roundcube.yml +++ b/tasks/deploy_roundcube.yml @@ -104,6 +104,14 @@ group: '{{ roundcube__group }}' mode: '0640' +- name: Download composer.phar if requested + get_url: + url: '{{ roundcube__composer_phar_url }}' + dest: '{{ roundcube__git_checkout }}' + mode: '0640' + become_user: '{{ roundcube__user }}' + when: roundcube__composer_phar_url + - name: Install missing PHP packages via composer composer: command: install diff --git a/tasks/main.yml b/tasks/main.yml index 1a76797..ca10246 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -32,6 +32,7 @@ install_recommends: False with_flattened: - '{{ roundcube__packages }}' + - '{{ roundcube__composer_packages if not roundcube__composer_phar_url else [] }}' - '{{ roundcube__extra_packages }}' - include: deploy_roundcube.yml diff --git a/templates/lookup/roundcube__apt_php_packages.j2 b/templates/lookup/roundcube__apt_php_packages.j2 new file mode 100644 index 0000000..3e7bb7f --- /dev/null +++ b/templates/lookup/roundcube__apt_php_packages.j2 @@ -0,0 +1,7 @@ +{% set _apt_php_packages = [] %} +{% for _pkg in roundcube__apt_php_package_map.keys() %} +{% if ansible_distribution_release in roundcube__apt_php_package_map[_pkg] %} +{% set _ = _apt_php_packages.append(_pkg | replace("_", "-")) %} +{% endif %} +{% endfor %} +{{ _apt_php_packages | to_json }} From 2ed0694f3013d313ded2991afc590abb6bb7e374 Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Wed, 9 Aug 2017 16:56:48 +0200 Subject: [PATCH 27/56] Fix javascript file check --- tasks/deploy_roundcube.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/deploy_roundcube.yml b/tasks/deploy_roundcube.yml index 094f626..1e32371 100644 --- a/tasks/deploy_roundcube.yml +++ b/tasks/deploy_roundcube.yml @@ -122,7 +122,7 @@ command: bin/install-jsdeps.sh args: chdir: '{{ roundcube__git_checkout }}' - creates: 'public/js/jquery.min.js' + creates: 'program/js/jquery.min.js' become_user: '{{ roundcube__user }}' - name: Enable cleandb.sh Cron job From d78d8f644b09de0f3de147fb7c4786af544fdd32 Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Wed, 9 Aug 2017 17:18:28 +0200 Subject: [PATCH 28/56] Use 'roundcube__packages' for user defined packages --- CHANGES.rst | 4 ++++ defaults/main.yml | 35 ++++++++++++++++++----------------- 2 files changed, 22 insertions(+), 17 deletions(-) diff --git a/CHANGES.rst b/CHANGES.rst index 0b56f04..f6fc9e0 100644 --- a/CHANGES.rst +++ b/CHANGES.rst @@ -58,6 +58,10 @@ Changed This changed the format and name of the following variables: `roundcube__php5_packages` → :envvar:`roundcube__php__dependent_packages` `roundcube__php5_pool` → :envvar:`roundcube__php__dependent_pools` + [ganto_] + +- Renamed ``roundcube__extra_packages`` to :envvar:`roundcube__packages` to be + consistent with other DebOps roles. [ganto_] Fixed diff --git a/defaults/main.yml b/defaults/main.yml index 4254450..b78445c 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -73,15 +73,17 @@ roundcube__apt_php_packages: '{{ [ "mail-mime", "net-smtp", "pear" ] else [] }}' # ]]] -# .. envvar:: roundcube__composer_phar_url [[[ +# .. envvar:: roundcube__packages [[[ # -# URL to the composer.phar script which will be used to install PHP packages -# not available in the APT repository on distribution releases which don't -# package PHP composer. If this is set to `False`, :command:`composer` will -# be installed via APT package manager. -roundcube__composer_phar_url: '{{ "https://getcomposer.org/composer.phar" - if ansible_distribution_release in - [ "jessie", "trusty" ] else False }}' +# List of additional APT packages (e. g. language dictionaries) that should +# be installed with Roundcube. +roundcube__packages: [] + + # ]]] +# .. envvar:: roundcube__base_packages [[[ +# +# APT packages required for the Roundcube installation. +roundcube__base_packages: [ 'curl', 'file', 'unzip' ] # ]]] # .. envvar:: roundcube__composer_packages [[[ @@ -90,18 +92,17 @@ roundcube__composer_phar_url: '{{ "https://getcomposer.org/composer.phar" roundcube__composer_packages: [ 'composer '] # ]]] -# .. envvar:: roundcube__packages [[[ +# .. envvar:: roundcube__composer_phar_url [[[ # -# APT packages required for the Roundcube installation. -roundcube__packages: [ 'curl', 'file', 'unzip' ] +# URL to the composer.phar script which will be used to install PHP packages +# not available in the APT repository on distribution releases which don't +# package PHP composer. If this is set to `False`, :command:`composer` will +# be installed via APT package manager. +roundcube__composer_phar_url: '{{ "https://getcomposer.org/composer.phar" + if ansible_distribution_release in + [ "jessie", "trusty" ] else False }}' # ]]] -# .. envvar:: roundcube__extra_packages [[[ -# -# List of additional Debian packages (e. g. language dictionaries) that should -# be installed with Roundcube. -roundcube__extra_packages: [] - # ]]] # ]]] # .. Roundcube user account [[[ # From e8a8dbd918eb5c366c5dc250a296c0b05c2dd55f Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Wed, 9 Aug 2017 17:20:03 +0200 Subject: [PATCH 29/56] Fix RST syntax --- CHANGES.rst | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/CHANGES.rst b/CHANGES.rst index f6fc9e0..15d7c84 100644 --- a/CHANGES.rst +++ b/CHANGES.rst @@ -47,17 +47,17 @@ Changed - Adjusted the debops.nginx_ configuration to make use of the role's dependent variables which required minor format changes and variable name adjustments to correspond to the DebOps naming conventions: - `roundcube__nginx_server` → :envvar:`roundcube__nginx__dependent_servers` - `roundcube__nginx_upstream_php5` → :envvar:`roundcube__nginx__dependent_upstreams` + ``roundcube__nginx_server`` → :envvar:`roundcube__nginx__dependent_servers` + ``roundcube__nginx_upstream_php5`` → :envvar:`roundcube__nginx__dependent_upstreams` [ganto_] - Make use of the debops.mariadb_ dependent variables in the example playbook. [ganto_] -- Updated PHP role dependency from `debops.php5` to the more capable debops.php_. +- Updated PHP role dependency from ``debops.php5`` to the more capable debops.php_. This changed the format and name of the following variables: - `roundcube__php5_packages` → :envvar:`roundcube__php__dependent_packages` - `roundcube__php5_pool` → :envvar:`roundcube__php__dependent_pools` + ``roundcube__php5_packages`` → :envvar:`roundcube__php__dependent_packages` + ``roundcube__php5_pool`` → :envvar:`roundcube__php__dependent_pools` [ganto_] - Renamed ``roundcube__extra_packages`` to :envvar:`roundcube__packages` to be From 58a1b6fb26832725fa084388cdbd20515d4495fc Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Wed, 9 Aug 2017 17:22:23 +0200 Subject: [PATCH 30/56] Use trusty image on Travis-CI --- .travis.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 3332e8f..0ca7101 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,6 +1,7 @@ --- -sudo: True +sudo: required +dist: trusty language: 'python' python: '2.7' From 30d5304993018bfabbbb1d3ceda3a1e5172c8b20 Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Wed, 9 Aug 2017 17:28:52 +0200 Subject: [PATCH 31/56] Fix variable rename from d78d8f6 in task --- tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/main.yml b/tasks/main.yml index ca10246..e56e45e 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -31,9 +31,9 @@ state: 'present' install_recommends: False with_flattened: + - '{{ roundcube__base_packages }}' - '{{ roundcube__packages }}' - '{{ roundcube__composer_packages if not roundcube__composer_phar_url else [] }}' - - '{{ roundcube__extra_packages }}' - include: deploy_roundcube.yml From 5ad3a6e3137350ffbd6a7d0c68349e114340f7c5 Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Wed, 9 Aug 2017 17:45:53 +0200 Subject: [PATCH 32/56] Various fixes and adjustments for yaml2rst and vim syntax folding --- defaults/main.yml | 148 ++++++++++++++++++++-------------------------- 1 file changed, 65 insertions(+), 83 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index b78445c..04f4891 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,18 +1,15 @@ --- # .. vim: foldmarker=[[[,]]]:foldmethod=marker -# Default variables -# ================= +# debops-contrib.roundcube default variables [[[ +# ============================================== # .. contents:: Sections # :local: # # .. include:: includes/all.rst -# .. Packages and installation [[[ -# -# ----------------------------- -# Packages and installation +# Packages and installation [[[ # ----------------------------- # .. envvar:: roundcube__required_php_packages [[[ @@ -104,24 +101,21 @@ roundcube__composer_phar_url: '{{ "https://getcomposer.org/composer.phar" # ]]] # ]]] -# .. Roundcube user account [[[ -# -# -------------------------- -# Roundcube user account +# Roundcube user account [[[ # -------------------------- # .. envvar:: roundcube__user [[[ # -# Roundcube system user account +# Roundcube system user account. roundcube__user: 'roundcube' # ]]] # .. envvar:: roundcube__group [[[ # -# Roundcube system user group +# Roundcube system user group. roundcube__group: 'roundcube' - # ]]] + # ]]] # .. envvar:: roundcube__home [[[ # # Path to the home directory of the Roundcube system account. @@ -143,33 +137,30 @@ roundcube__comment: 'Roundcube Webmail' roundcube__shell: '/usr/sbin/nologin' # ]]] # ]]] -# .. Roundcube source and deployment [[[ -# -# ----------------------------------- -# Roundcube source and deployment +# Roundcube source and deployment [[[ # ----------------------------------- # .. envvar:: roundcube__git_repo [[[ # -# Roundcube source repository +# Roundcube source repository. roundcube__git_repo: 'https://github.com/roundcube/roundcubemail.git' # ]]] # .. envvar:: roundcube__git_dest [[[ # -# Roundcube source directory on the host +# Roundcube source directory on the host. roundcube__git_dest: '{{ roundcube__src + "/" + roundcube__git_repo.split("://")[1] }}' # ]]] # .. envvar:: roundcube__git_tag [[[ # -# Roundcube release tag to deploy +# Roundcube release tag to deploy. roundcube__git_version: '1.3.0' # ]]] # .. envvar:: roundcube__git_checkout [[[ # -# Default path where Roundcube source files will be deployed +# Default path where Roundcube source files will be deployed. roundcube__git_checkout: '{{ roundcube__www + "/sites/" + (roundcube__domain if roundcube__domain is string else roundcube__domain[0]) + "/public" }}' @@ -177,7 +168,7 @@ roundcube__git_checkout: '{{ roundcube__www + "/sites/" + # ]]] # .. envvar:: roundcube__src [[[ # -# Base path for git bare repository with Roundcube source +# Base path for git bare repository with Roundcube source. roundcube__src: '{{ (ansible_local.root.src if (ansible_local|d() and ansible_local.root|d() and ansible_local.root.src|d()) @@ -186,7 +177,7 @@ roundcube__src: '{{ (ansible_local.root.src # ]]] # .. envvar:: roundcube__www [[[ # -# Base web root directory for Roundcube website +# Base web root directory for Roundcube website. roundcube__www: '{{ (ansible_local.nginx.www if (ansible_local|d() and ansible_local.nginx|d()) @@ -195,7 +186,7 @@ roundcube__www: '{{ (ansible_local.nginx.www # ]]] # .. envvar:: roundcube__webserver_user [[[ # -# Roundcube webserver user (needs read-only access to the website code) +# Roundcube webserver user (needs read-only access to the website code). roundcube__webserver_user: '{{ ansible_local.nginx.user if (ansible_local|d() and ansible_local.nginx|d() and @@ -204,10 +195,7 @@ roundcube__webserver_user: '{{ ansible_local.nginx.user # ]]] # ]]] -# .. Database configuration [[[1 -# -# -------------------------- -# Database configuration +# Database configuration [[[ # -------------------------- # .. envvar:: roundcube__database [[[ @@ -268,104 +256,97 @@ roundcube__database_schema: '{{ roundcube__git_checkout + "/SQL/mysql.initial.sq # ]]] # ]]] -# .. Roundcube application options [[[1 -# -# --------------------------------- -# Roundcube application options +# Roundcube application options [[[ # --------------------------------- -# .. envvar:: roundcube__domain +# .. envvar:: roundcube__domain [[[ # # String or List of domains which will be used to access the roundcube instance. roundcube__domain: [ 'roundcube.{{ ansible_domain }}' ] - -# .. envvar:: roundcube__default_host + # ]]] +# .. envvar:: roundcube__default_host [[[ # -# Mail host chosen to perform the log-in +# Mail host chosen to perform the log-in. roundcube__default_host: 'localhost' - -# .. envvar:: roundcube__smtp_server + # ]]] +# .. envvar:: roundcube__smtp_server [[[ # -# SMTP server host (for sending mails) +# SMTP server host (for sending mails). roundcube__smtp_server: '' - -# .. envvar:: roundcube__smtp_port + # ]]] +# .. envvar:: roundcube__smtp_port [[[ # -# SMTP port +# SMTP port. roundcube__smtp_port: '25' - -# .. envvar:: roundcube__smtp_user + # ]]] +# .. envvar:: roundcube__smtp_user [[[ # # SMTP username (if required) if you use %u as the username Roundcube will -# use the current username for login +# use the current username for login. roundcube__smtp_user: '' - -# .. envvar:: roundcube__smtp_pass + # ]]] +# .. envvar:: roundcube__smtp_pass [[[ # # SMTP password (if required) if you use %p as the password Roundcube will -# use the current user's password for login +# use the current user's password for login. roundcube__smtp_pass: '' - -# .. envvar:: roundcube__des_key + # ]]] +# .. envvar:: roundcube__des_key [[[ # # Encryption key for the users imap password which is stored in the session # record (and the client cookie if remember password is enabled). roundcube__des_key: '{{ lookup("password", secret + "/credentials/" + ansible_fqdn + "/roundcube/des_key chars=hexdigits length=24") }}' - -# .. envvar:: roundcube__local_config_map + # ]]] +# .. envvar:: roundcube__local_config_map [[[ # -# Custom configuration values for the Roundcube config.inc.php +# Custom configuration values for the Roundcube config.inc.php. roundcube__local_config_map: {} - -# .. envvar:: roundcube__group_local_config_map + # ]]] +# .. envvar:: roundcube__group_local_config_map [[[ # # Custom configuration values which can be defined on a group level and -# eventually are merged with :envvar:`roundcube__local_config_map` +# eventually are merged with :envvar:`roundcube__local_config_map`. roundcube__group_local_config_map: {} - -# .. envvar:: roundcube__host_local_config_map + # ]]] +# .. envvar:: roundcube__host_local_config_map [[[ # # Custom configuration values which can be defined ona host level and -# eventually are merged with :envvar:`roundcube__local_config_map` +# eventually are merged with :envvar:`roundcube__local_config_map`. roundcube__host_local_config_map: {} - -# .. envvar:: roundcube__default_plugins + # ]]] +# .. envvar:: roundcube__default_plugins [[[ # -# List of plugins shipped and enabled by default with Roundcube +# List of plugins shipped and enabled by default with Roundcube. roundcube__default_plugins: [ 'archive', 'filesystem_attachments', 'jqueryui', 'zipdownload' ] - -# .. envvar:: roundcube__plugins + # ]]] +# .. envvar:: roundcube__plugins [[[ # # Additional Roundcube plugins to enable. Check the :file:`plugins/` folder for -# the plugins shipped by default +# the plugins shipped by default. roundcube__plugins: [] - - -# ------------------- -# Other variables + # ]]] + # ]]] +# Other variables [[[ # ------------------- -# .. envvar:: roundcube__max_file_size +# .. envvar:: roundcube__max_file_size [[[ # -# Maximum upload size, in MB +# Maximum upload size, in MB. roundcube__max_file_size: '30' - - -# .. Role-dependent configuration [[[1 -# -# -------------------------------- -# Role-dependent configuration + # ]]] + # ]]] +# Role-dependent configuration [[[ # -------------------------------- # .. envvar:: roundcube__nginx__dependent_servers [[[ @@ -408,7 +389,6 @@ roundcube__nginx__dependent_servers: options: | deny all; - php_upstream: 'php_roundcube' php_options: | fastcgi_intercept_errors on; fastcgi_ignore_client_abort off; @@ -420,15 +400,17 @@ roundcube__nginx__dependent_servers: fastcgi_busy_buffers_size 256k; fastcgi_temp_file_write_size 256k; + php_upstream: 'php_roundcube' + # ]]] -# .. envvar:: roundcube__nginx_access_policy +# .. envvar:: roundcube__nginx_access_policy [[[ # # Name of the "nginx access policy" for Roundcube webpage. See debops.nginx_ # Ansible role for more details. roundcube__nginx_access_policy: '' - -# .. envvar:: roundcube__nginx__dependent_upstreams + # ]]] +# .. envvar:: roundcube__nginx__dependent_upstreams [[[ # # PHP upstream server configuration managed by the debops.nginx_ role. roundcube__nginx__dependent_upstreams: @@ -439,12 +421,11 @@ roundcube__nginx__dependent_upstreams: type: 'php' php_pool: 'roundcube' - + # ]]] # .. envvar:: roundcube__php__dependent_packages [[[ # # List of PHP packages to install using the debops.php_ role. roundcube__php__dependent_packages: - - '{{ roundcube__base_php_packages }}' - '{{ roundcube__optional_php_packages }}' - '{{ roundcube__custom_php_packages }}' @@ -476,3 +457,4 @@ roundcube__php__dependent_pools: suhosin.session.encrypt: 'off' # ]]] # ]]] + # ]]] From 05f65c5e07fdd187c5c2fda2151029d00203ccd2 Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Thu, 10 Aug 2017 06:54:19 +0200 Subject: [PATCH 33/56] Fix condition on when to use the composer.phar URL --- tasks/deploy_roundcube.yml | 3 ++- tasks/main.yml | 5 ++++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/tasks/deploy_roundcube.yml b/tasks/deploy_roundcube.yml index 1e32371..c5b005a 100644 --- a/tasks/deploy_roundcube.yml +++ b/tasks/deploy_roundcube.yml @@ -110,7 +110,8 @@ dest: '{{ roundcube__git_checkout }}' mode: '0640' become_user: '{{ roundcube__user }}' - when: roundcube__composer_phar_url + when: (roundcube__composer_phar_url is string) and + (roundcube__composer_phar_url | length > 7) - name: Install missing PHP packages via composer composer: diff --git a/tasks/main.yml b/tasks/main.yml index e56e45e..905694a 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -33,7 +33,10 @@ with_flattened: - '{{ roundcube__base_packages }}' - '{{ roundcube__packages }}' - - '{{ roundcube__composer_packages if not roundcube__composer_phar_url else [] }}' + - '{{ roundcube__composer_packages + if (not roundcube__composer_phar_url is string) and + (roundcube__composer_phar_url | length > 7)) + else [] }}' - include: deploy_roundcube.yml From 7e7f06d2e95f852d421c3b8e6d7b351872506469 Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Thu, 10 Aug 2017 07:14:39 +0200 Subject: [PATCH 34/56] Make sure the available composer is run --- tasks/deploy_roundcube.yml | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/tasks/deploy_roundcube.yml b/tasks/deploy_roundcube.yml index c5b005a..d29426c 100644 --- a/tasks/deploy_roundcube.yml +++ b/tasks/deploy_roundcube.yml @@ -113,11 +113,21 @@ when: (roundcube__composer_phar_url is string) and (roundcube__composer_phar_url | length > 7) -- name: Install missing PHP packages via composer +- name: Install missing PHP packages via composer.phar + command: php composer.phar install + args: + chdir: '{{ roundcube__git_checkout }}' + become_user: '{{ roundcube__user }}' + when: (roundcube__composer_phar_url is string) and + (roundcube__composer_phar_url | length > 7) + +- name: Install missing PHP packages via system-wide composer composer: command: install working_dir: '{{ roundcube__git_checkout }}' become_user: '{{ roundcube__user }}' + when: not ((roundcube__composer_phar_url is string) and + (roundcube__composer_phar_url | length > 7)) - name: Install Javascript packages command: bin/install-jsdeps.sh From 7e61097ce2ae5d7d951437c21f5ada904be8d5ee Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Thu, 10 Aug 2017 07:21:56 +0200 Subject: [PATCH 35/56] Fix syntax error --- tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/main.yml b/tasks/main.yml index 905694a..d18430f 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -35,7 +35,7 @@ - '{{ roundcube__packages }}' - '{{ roundcube__composer_packages if (not roundcube__composer_phar_url is string) and - (roundcube__composer_phar_url | length > 7)) + (roundcube__composer_phar_url | length > 7) else [] }}' - include: deploy_roundcube.yml From 92cddd10a537b8d410c37c6845d590122ea877af Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Fri, 11 Aug 2017 06:40:38 +0200 Subject: [PATCH 36/56] Add soft dependency on 'debops.logrotate' --- CHANGES.rst | 3 +++ docs/playbooks/roundcube.yml | 5 +++++ 2 files changed, 8 insertions(+) diff --git a/CHANGES.rst b/CHANGES.rst index 15d7c84..a99b0b9 100644 --- a/CHANGES.rst +++ b/CHANGES.rst @@ -25,6 +25,9 @@ Added to satisfy possible package pinning requirements of the debops.nginx_ and debops.php_ roles. [ganto_] +- Added new soft dependency on debops.logrotate_ to the example playbook to + handle logfile rotation of PHP-FPM. [ganto_] + - New configuration variables :envvar:`roundcube__shell` and :envvar:`roundcube__comment` to customize the Roundcube system account. [ganto_] diff --git a/docs/playbooks/roundcube.yml b/docs/playbooks/roundcube.yml index e62766c..0b45b6a 100644 --- a/docs/playbooks/roundcube.yml +++ b/docs/playbooks/roundcube.yml @@ -19,6 +19,11 @@ - '{{ nginx__apt_preferences__dependent_list }}' - '{{ php__apt_preferences__dependent_list }}' + - role: debops.logrotate + tags: [ 'role::logrotate' ] + logrotate__dependent_config: + - '{{ php__logrotate__dependent_config }}' + - role: debops.ferm tags: [ 'role::ferm', 'role::nginx' ] ferm__dependent_rules: From 0c626804424b889984024ef4aec6adf7e18df8d7 Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Mon, 14 Aug 2017 18:22:21 +0200 Subject: [PATCH 37/56] List all PHP packages also the one's bundled with php-common Depends on debops/ansible-php#41 --- defaults/main.yml | 21 +++++++++------------ 1 file changed, 9 insertions(+), 12 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 04f4891..23f2575 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -17,14 +17,13 @@ # List of PHP packages required by Roundcube. # Refer to the `official Roundcube documentation `__ for details. roundcube__required_php_packages: - # Included in the base install: - # - 'dom' - # - 'iconv' - # - 'openssl' - # - 'session' - # - 'sockets' - # - 'xml' - + - 'iconv' + - 'openssl' + - 'session' + - 'sockets' + - 'xml' + # Included in the xml package + #- 'dom' - 'mbstring' - 'json' @@ -34,9 +33,7 @@ roundcube__required_php_packages: # List of recommended/optional PHP packages for Roundcube. # Refer to the `official Roundcube documentation `__ for details. roundcube__optional_php_packages: - # Included in the base install: - # - fileinfo - + - 'fileinfo' - 'pspell' - 'zip' @@ -46,7 +43,7 @@ roundcube__optional_php_packages: # List of user defined PHP packages for Roundcube. roundcube__custom_php_packages: [] - # ]]] + # ]]] # .. envvar:: roundcube__base_php_packages [[[ # # List of base PHP packages required by Roundcube. From 2670406f919e29d414da0959168c0096b086dfd5 Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Thu, 17 Aug 2017 07:47:07 +0200 Subject: [PATCH 38/56] Fix condition for composer.phar, update docs to be more explicit --- defaults/main.yml | 19 ++++++++++++++++--- tasks/deploy_roundcube.yml | 9 +++------ tasks/main.yml | 4 +--- 3 files changed, 20 insertions(+), 12 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 23f2575..8e4a7ae 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -85,6 +85,21 @@ roundcube__base_packages: [ 'curl', 'file', 'unzip' ] # APT packages required to install PHP composer. roundcube__composer_packages: [ 'composer '] + # ]]] +# .. envvar:: roundcube__composer_phar [[[ +# +# If this is set to ``True`` the ``composer.phar`` script will be downloaded +# from the :envvar:`roundcube__composer_phar_url` and used to install the +# missing PHP packages. If this is set to ``False`` the system-wide +# :command:`composer` is used. +# WARNING: Setting this variable to ``True`` has some security implications as +# the download is not cryptographically verified. This is only meant to be a +# work-around for old distribution releases not supporting the downstream +# packaged :command:`composer`. +roundcube__composer_phar: '{{ True + if ansible_distribution_release in [ "jessie", "trusty" ] + else False }}' + # ]]] # .. envvar:: roundcube__composer_phar_url [[[ # @@ -92,9 +107,7 @@ roundcube__composer_packages: [ 'composer '] # not available in the APT repository on distribution releases which don't # package PHP composer. If this is set to `False`, :command:`composer` will # be installed via APT package manager. -roundcube__composer_phar_url: '{{ "https://getcomposer.org/composer.phar" - if ansible_distribution_release in - [ "jessie", "trusty" ] else False }}' +roundcube__composer_phar_url: 'https://getcomposer.org/composer.phar' # ]]] # ]]] diff --git a/tasks/deploy_roundcube.yml b/tasks/deploy_roundcube.yml index d29426c..2692b4f 100644 --- a/tasks/deploy_roundcube.yml +++ b/tasks/deploy_roundcube.yml @@ -110,24 +110,21 @@ dest: '{{ roundcube__git_checkout }}' mode: '0640' become_user: '{{ roundcube__user }}' - when: (roundcube__composer_phar_url is string) and - (roundcube__composer_phar_url | length > 7) + when: roundcube__composer_phar|bool - name: Install missing PHP packages via composer.phar command: php composer.phar install args: chdir: '{{ roundcube__git_checkout }}' become_user: '{{ roundcube__user }}' - when: (roundcube__composer_phar_url is string) and - (roundcube__composer_phar_url | length > 7) + when: roundcube__composer_phar|bool - name: Install missing PHP packages via system-wide composer composer: command: install working_dir: '{{ roundcube__git_checkout }}' become_user: '{{ roundcube__user }}' - when: not ((roundcube__composer_phar_url is string) and - (roundcube__composer_phar_url | length > 7)) + when: not roundcube__composer_phar|bool - name: Install Javascript packages command: bin/install-jsdeps.sh diff --git a/tasks/main.yml b/tasks/main.yml index d18430f..7d9c744 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -34,9 +34,7 @@ - '{{ roundcube__base_packages }}' - '{{ roundcube__packages }}' - '{{ roundcube__composer_packages - if (not roundcube__composer_phar_url is string) and - (roundcube__composer_phar_url | length > 7) - else [] }}' + if roundcube__composer_phar|bool else [] }}' - include: deploy_roundcube.yml From cf28e89b0730891d41fd64af48d6565135b6cf44 Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Thu, 17 Aug 2017 07:55:56 +0200 Subject: [PATCH 39/56] Conditionally set changed state on composer.phar run --- tasks/deploy_roundcube.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tasks/deploy_roundcube.yml b/tasks/deploy_roundcube.yml index 2692b4f..98be268 100644 --- a/tasks/deploy_roundcube.yml +++ b/tasks/deploy_roundcube.yml @@ -118,6 +118,8 @@ chdir: '{{ roundcube__git_checkout }}' become_user: '{{ roundcube__user }}' when: roundcube__composer_phar|bool + register: roundcube__register_composer_phar + changed_when: not "Nothing to install or update" in roundcube__register_composer_phar.stderr|d('') - name: Install missing PHP packages via system-wide composer composer: From 70ef1c58c51b26779e734c19b2ad876c9c71b512 Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Thu, 17 Aug 2017 08:05:19 +0200 Subject: [PATCH 40/56] Fix composer package installation condition --- tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/main.yml b/tasks/main.yml index 7d9c744..c8edbe9 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -34,7 +34,7 @@ - '{{ roundcube__base_packages }}' - '{{ roundcube__packages }}' - '{{ roundcube__composer_packages - if roundcube__composer_phar|bool else [] }}' + if not roundcube__composer_phar|bool else [] }}' - include: deploy_roundcube.yml From 1f7c642bab7d6da689177a8907cc6dcf1486635c Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Thu, 17 Aug 2017 18:02:25 +0200 Subject: [PATCH 41/56] Remove roundcube user name from 'roundcube__www' This fixes debops-contrib/ansible-roundcube#15 --- CHANGES.rst | 4 ++++ defaults/main.yml | 7 +++---- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/CHANGES.rst b/CHANGES.rst index a99b0b9..5211cb9 100644 --- a/CHANGES.rst +++ b/CHANGES.rst @@ -66,6 +66,10 @@ Changed - Renamed ``roundcube__extra_packages`` to :envvar:`roundcube__packages` to be consistent with other DebOps roles. [ganto_] +- Changed default configuration of :envvar:`roundcube__www` from + ``/srv/www/{{ roundcube__user }}`` to ``/srv/www`` to be more consistent with + other system-wide Web applications. [ganto_] + Fixed ~~~~~ diff --git a/defaults/main.yml b/defaults/main.yml index 8e4a7ae..e4da2ce 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -188,10 +188,9 @@ roundcube__src: '{{ (ansible_local.root.src # .. envvar:: roundcube__www [[[ # # Base web root directory for Roundcube website. -roundcube__www: '{{ (ansible_local.nginx.www - if (ansible_local|d() and - ansible_local.nginx|d()) - else "/srv/www" ) + "/" + roundcube__user }}' +roundcube__www: '{{ ansible_local.nginx.www + if (ansible_local|d() and ansible_local.nginx|d()) + else "/srv/www" }}' # ]]] # .. envvar:: roundcube__webserver_user [[[ From 5e8c63943219bf8fe298389b18ccb8ce60344a7b Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Fri, 18 Aug 2017 18:58:11 +0200 Subject: [PATCH 42/56] Rework meta and update README.md --- README.md | 50 ++++++++++++++++++++++----------------------- meta/ansigenome.yml | 4 +++- meta/main.yml | 14 ++++++++++--- 3 files changed, 38 insertions(+), 30 deletions(-) diff --git a/README.md b/README.md index d652d04..b08ee6f 100644 --- a/README.md +++ b/README.md @@ -1,53 +1,51 @@ -## [![DebOps project](http://debops.org/images/debops-small.png)](http://debops.org) roundcube +## [![DebOps](https://debops.org/images/debops-small.png)](https://debops.org) roundcube -[![Travis CI](http://img.shields.io/travis/debops-contrib/ansible-roundcube.svg?style=flat)](http://travis-ci.org/debops-contrib/ansible-roundcube) -[![test-suite](http://img.shields.io/badge/test--suite-ansible--roundcube-blue.svg?style=flat)](https://github.com/ganto/test-suite/tree/master/ansible-roundcube/) -[![Ansible Galaxy](http://img.shields.io/badge/galaxy-debops--contrib.roundcube-660198.svg?style=flat)](https://galaxy.ansible.com/debops-contrib/roundcube/) -[![Platforms](http://img.shields.io/badge/platforms-debian-lightgrey.svg?style=flat)](#) + -### Warning, this is a Beta role +[![Travis CI](https://img.shields.io/travis/debops-contrib/ansible-roundcube.svg?style=flat)](https://travis-ci.org/debops-contrib/ansible-roundcube) +[![test-suite](https://img.shields.io/badge/test--suite-ansible--roundcube-blue.svg?style=flat)](https://github.com/debops-contrib/test-suite/tree/master/ansible-roundcube/) +[![Ansible Galaxy](https://img.shields.io/badge/galaxy-debops--contrib.roundcube-660198.svg?style=flat)](https://galaxy.ansible.com/debops-contrib/roundcube/) -This role has been marked by the author as a beta role, which means that it -might be significantly changed in the future. Be careful while using this role -in a production environment. -*** - -This role installs and manages [Roundcube](http://roundcube.net/), a IMAP Web -client written in PHP. +This role installs and manages [Roundcube](http://roundcube.net/), a IMAP Web client written in PHP. ### Installation -This role requires at least Ansible `v1.8.0`. To install it, run: +This role requires at least Ansible `v2.3.0`. To install it, run: ```Shell ansible-galaxy install debops-contrib.roundcube ``` +### Documentation + +More information about `debops-contrib.roundcube` can be found in the +[official debops-contrib.roundcube documentation](https://docs.debops.org/en/latest/ansible/roles/ansible-roundcube/docs/). + + +### Role dependencies + +- `debops.secret` + ### Are you using this as a standalone role without DebOps? You may need to include missing roles from the [DebOps common playbook](https://github.com/debops/debops-playbooks/blob/master/playbooks/common.yml) into your playbook. -[Try DebOps now](https://github.com/debops/debops) for a complete solution to run your Debian-based infrastructure. +[Try DebOps now](https://debops.org/) for a complete solution to run your Debian-based infrastructure. -### Role dependencies - -* ``debops.secret`` - -* ``debops.nginx`` - -* ``debops.php5`` -* ``debops.mariadb`` ### Authors and license -`roundcube` role was written by: - -- [Reto Gantenbein](https://linuxmonk.ch/) | [e-mail](mailto:reto.gantenbein@linuxmonk.ch) | [GitHub](https://github.com/ganto) +- [Reto Gantenbein](https://linuxmonk.ch/) (maintainer) | [e-mail](mailto:reto.gantenbein@linuxmonk.ch) | [GitHub](https://github.com/ganto) License: [GPLv3](https://tldrlegal.com/license/gnu-general-public-license-v3-%28gpl-3%29) + +*** + +This role is part of [DebOps](https://debops.org/). README generated by [ansigenome](https://github.com/nickjj/ansigenome/). diff --git a/meta/ansigenome.yml b/meta/ansigenome.yml index f619402..d37f86f 100644 --- a/meta/ansigenome.yml +++ b/meta/ansigenome.yml @@ -1,7 +1,9 @@ +--- + ansigenome_info: + galaxy_url: 'https://galaxy.ansible.com/debops-contrib/roundcube/' github_url: 'https://github.com/debops-contrib/ansible-roundcube' git_branch: 'master' - galaxy_url: 'https://galaxy.ansible.com/debops-contrib/roundcube/' travis: True diff --git a/meta/main.yml b/meta/main.yml index bed14d8..af8ede1 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -4,23 +4,31 @@ dependencies: - role: debops.secret - galaxy_info: company: 'DebOps' author: 'Reto Gantenbein' description: 'Manage Roundcube, a browser-based IMAP client written in PHP' license: 'GPL-3.0' - min_ansible_version: '1.8.0' + min_ansible_version: '2.3.0' platforms: + - name: Ubuntu + versions: + - trusty + - xenial + - zesty + - name: Debian versions: - - wheezy - jessie + - stretch + - buster galaxy_tags: - debops + - email - mail + - imap - web From d4fade384e0a48824e52841bc2b17f15bbcc864b Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Tue, 22 Aug 2017 18:34:38 +0200 Subject: [PATCH 43/56] Add upgrade guide --- CHANGES.rst | 5 +++ UPGRADE.rst | 83 ++++++++++++++++++++++++++++++++++++++++ docs/getting-started.rst | 8 ++++ docs/index.rst | 3 +- docs/upgrade.rst | 1 + 5 files changed, 99 insertions(+), 1 deletion(-) create mode 100644 UPGRADE.rst create mode 100644 docs/upgrade.rst diff --git a/CHANGES.rst b/CHANGES.rst index 5211cb9..1de2b93 100644 --- a/CHANGES.rst +++ b/CHANGES.rst @@ -1,3 +1,5 @@ +.. _roundcube__ref_changelog: + Changelog ========= @@ -10,6 +12,9 @@ and `human-readable changelog `__. The current role maintainer_ is ganto_. +Refer to the :ref:`roundcube__ref_upgrade_notes` when you intend to upgrade to a +new release of this role. + `debops-contrib.roundcube master`_ - unreleased ----------------------------------------------- diff --git a/UPGRADE.rst b/UPGRADE.rst new file mode 100644 index 0000000..fed94bd --- /dev/null +++ b/UPGRADE.rst @@ -0,0 +1,83 @@ +.. _roundcube__ref_upgrade_notes: + +Upgrade notes +============= + +The upgrade notes only describe necessary changes that you might need to make +to your setup in order to use a new role release. Refer to the +:ref:`roundcube__ref_changelog` for more details about what has changed. + + +From v0.1.3 to v.0.2.0 +---------------------- + +Due to changes in the role dependencies and some adjustments in the role's +default values, your setup is likely to break if you simply execute the +updated role. To avoid this, take care of the following issues: + +- If you are using a custom playbook, make sure to review the changes in + :ref:`roundcube__ref_example_playbook`. + +- The following variables were replaced and therefore are not defined + anymore in the default variables: + + - ``roundcube__nginx_server`` + - ``roundcube__nginx_upstream_php5`` + - ``roundcube__php5_packages`` + - ``roundcube__php5_pool`` + - ``roundcube__extra_packages`` + + In case your playbook is referencing one of them, make sure they are + properly defined in your inventory or update your playbook. If you are using + the example playbook but customized one of those variables in your Ansible + inventory update the definition accordingly. + +- The default installation path defined in :envvar:`roundcube__www` changed. + If you didn't customize its value the Roundcube installation will be under + a new file system path after the installation. + +**Upgrade procedure** + +The following procedure is valid if you are using the role dependencies as +defined in the example playbook. + +1. Make sure you have the latest version of the DebOps roles. + + .. code:: shell + + $ debops-update + +2. Make sure you have the lastest version of the debops-contrib.roundcube_ + role. In your DebOps project directory run: + + .. code:: shell + + $ ansible-galaxy install --force --no-deps --roles-path=ansible/roles debops-contrib.roundcube + +2. Review the :ref:`roundcube__ref_changelog` and make sure your Ansible + inventory is adjusted to the variable changes (if necessary). + +3. Remove the nginx virtual host and PHP definitions created by the + debops.nginx_ role from the Roundcube server: + + .. code:: shell + + # rm /etc/nginx/{sites-available,sites-enabled}/roundcube.example.com.conf + # rm /etc/nginx/conf.d/upstream_php5_roundcube.conf + +4. Run the role (e.g. via example playbook): + + .. code:: shell + + $ debops ansible/roles/debops-contrib.roundcube/docs/playbooks/roundcube.yml + +5. In case you are using the default configuration copy the Roundcube + SQLite database containing the user settings to the new installation path. + + .. code:: shell + + $ cp /srv/www/roundcube/sites/roundcube.example.com/public/db/roundcube.db \ + /srv/www/sites/roundcube.example.com/public/db + +6. If you manually installed some additional plugins you might need to re- + install or update them for the new Roundcube version. diff --git a/docs/getting-started.rst b/docs/getting-started.rst index b6dbab9..c1f94a3 100644 --- a/docs/getting-started.rst +++ b/docs/getting-started.rst @@ -1,9 +1,13 @@ +.. _roundcube__ref_getting_started: + Getting started =============== .. contents:: :local: +.. _roundcube__ref_default_setup: + Default setup ------------- @@ -13,6 +17,8 @@ release which is then accessible via ``https://roundcube.``. .. _nginx: https://github.com/debops/ansible-nginx +.. _roundcube__ref_example_inventory: + Example inventory ----------------- @@ -22,6 +28,8 @@ You can install Roundcube on a host by adding it to the [debops_service_roundcube] hostname +.. _roundcube__ref_example_playbook: + Example playbook ---------------- diff --git a/docs/index.rst b/docs/index.rst index eb93ee3..31e1d88 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -1,4 +1,4 @@ -.. _debops.roundcube: +.. _debops-contrib.roundcube: Ansible role: debops-contrib.roundcube ====================================== @@ -13,6 +13,7 @@ Ansible role: debops-contrib.roundcube copyright credits changelog + upgrade .. Local Variables: diff --git a/docs/upgrade.rst b/docs/upgrade.rst new file mode 100644 index 0000000..4bfb72d --- /dev/null +++ b/docs/upgrade.rst @@ -0,0 +1 @@ +.. include:: ../UPGRADE.rst From a1dd00e55420a4ea31bf992b8fdf7dd49ff1de38 Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Wed, 23 Aug 2017 07:57:01 +0200 Subject: [PATCH 44/56] Fix missing include, add hint about manual SQL update --- UPGRADE.rst | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/UPGRADE.rst b/UPGRADE.rst index fed94bd..9f9a330 100644 --- a/UPGRADE.rst +++ b/UPGRADE.rst @@ -3,6 +3,8 @@ Upgrade notes ============= +.. include:: includes/all.rst + The upgrade notes only describe necessary changes that you might need to make to your setup in order to use a new role release. Refer to the :ref:`roundcube__ref_changelog` for more details about what has changed. @@ -79,5 +81,16 @@ defined in the example playbook. $ cp /srv/www/roundcube/sites/roundcube.example.com/public/db/roundcube.db \ /srv/www/sites/roundcube.example.com/public/db -6. If you manually installed some additional plugins you might need to re- +6. In case Roundcube was installed into a new directory but you didn't use the + default :envvar:`roundcube__www` configuration before the update or you + experience SQL schema issues, you need to manually run the upstream post + update script on the Roundcube server. The given ``--version`` parameter + indicates the previous Roundcube version you were updating from. + + .. code:: shell + + # su roundcube -s /bin/bash \ + -c "php /srv/www/sites/roundcube.example.com/public/bin/update.sh --version=1.1.9" + +7. If you manually installed some additional plugins you might need to re- install or update them for the new Roundcube version. From 6a3c29904d514682b9c9b929635040f5a2902ff6 Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Wed, 23 Aug 2017 18:02:54 +0200 Subject: [PATCH 45/56] Run database upgrade if version update is detected --- tasks/deploy_roundcube.yml | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/tasks/deploy_roundcube.yml b/tasks/deploy_roundcube.yml index 98be268..3ea6b3c 100644 --- a/tasks/deploy_roundcube.yml +++ b/tasks/deploy_roundcube.yml @@ -1,5 +1,22 @@ --- +- name: Get version of previous Roundcube installation + command: sed -n "s/^define('RCMAIL_VERSION', '\(.*\)');/\1/p" \ + {{ roundcube__git_checkout }}/program/include/iniset.php + changed_when: False + failed_when: False + register: roundcube__register_version + +- name: Get version of old Roundcube installation + command: sed -n "s/^define('RCMAIL_VERSION', '\(.*\)');/\1/p" \ + /srv/www/roundcube/sites/{{ + roundcube__domain if roundcube__domain is string + else roundcube__domain[0] }}/public/program/include/iniset.php + changed_when: False + failed_when: False + register: roundcube__register_version_old + when: roundcube__register_version.stdout == '' + # ---- Deployment ---- # roundcube is checked out based on tags instead of branches, and since we @@ -135,6 +152,17 @@ creates: 'program/js/jquery.min.js' become_user: '{{ roundcube__user }}' +- name: Update database schema + command: 'php bin/updatedb.sh --package=roundcube --dir={{ roundcube__git_checkout }}/SQL' + args: + chdir: '{{ roundcube__git_checkout }}' + become_user: '{{ roundcube__user }}' + register: roundcube__register_updatedb + changed_when: not roundcube__register_updatedb.stdout == '' + when: (not roundcube__register_version.stdout == '' and + roundcube__git_version | version_compare(roundcube__register_version.stdout, '>')) or + (not roundcube__register_version_old | skipped) + - name: Enable cleandb.sh Cron job cron: name: Roundcube daily database housekeeping From e2e108d072b1c8e73244244504ccc715c2aedec9 Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Wed, 23 Aug 2017 18:54:24 +0200 Subject: [PATCH 46/56] Adjust SQL upgrade command, fix typo --- UPGRADE.rst | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/UPGRADE.rst b/UPGRADE.rst index 9f9a330..2b1289a 100644 --- a/UPGRADE.rst +++ b/UPGRADE.rst @@ -10,8 +10,8 @@ to your setup in order to use a new role release. Refer to the :ref:`roundcube__ref_changelog` for more details about what has changed. -From v0.1.3 to v.0.2.0 ----------------------- +From v0.1.3 to v0.2.0 +--------------------- Due to changes in the role dependencies and some adjustments in the role's default values, your setup is likely to break if you simply execute the @@ -90,7 +90,8 @@ defined in the example playbook. .. code:: shell # su roundcube -s /bin/bash \ - -c "php /srv/www/sites/roundcube.example.com/public/bin/update.sh --version=1.1.9" + -c "php /srv/www/sites/roundcube.example.com/public/bin/updatedb.sh \ + --package=roundcube --dir=/srv/www/sites/roundcube.example.com/public/SQL" 7. If you manually installed some additional plugins you might need to re- install or update them for the new Roundcube version. From 1b8328ff17667a02407092763d7e036118af043d Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Wed, 23 Aug 2017 19:47:37 +0200 Subject: [PATCH 47/56] Fix database upgrade condition for fresh installation --- tasks/deploy_roundcube.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tasks/deploy_roundcube.yml b/tasks/deploy_roundcube.yml index 3ea6b3c..6e2d9c0 100644 --- a/tasks/deploy_roundcube.yml +++ b/tasks/deploy_roundcube.yml @@ -161,7 +161,8 @@ changed_when: not roundcube__register_updatedb.stdout == '' when: (not roundcube__register_version.stdout == '' and roundcube__git_version | version_compare(roundcube__register_version.stdout, '>')) or - (not roundcube__register_version_old | skipped) + (not roundcube__register_version_old | skipped and + not roundcube__register_version_old.stdout == '') - name: Enable cleandb.sh Cron job cron: From 9e2bbf065c7d70a2ee6b2984c58644847dbe9a59 Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Wed, 23 Aug 2017 19:53:57 +0200 Subject: [PATCH 48/56] Improve condition for version query on role upgrade --- tasks/deploy_roundcube.yml | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/tasks/deploy_roundcube.yml b/tasks/deploy_roundcube.yml index 6e2d9c0..e6a3466 100644 --- a/tasks/deploy_roundcube.yml +++ b/tasks/deploy_roundcube.yml @@ -1,13 +1,16 @@ --- -- name: Get version of previous Roundcube installation +- name: Get version of current Roundcube installation command: sed -n "s/^define('RCMAIL_VERSION', '\(.*\)');/\1/p" \ {{ roundcube__git_checkout }}/program/include/iniset.php changed_when: False failed_when: False register: roundcube__register_version -- name: Get version of old Roundcube installation +# this task is necessary, to trigger proper database upgrades after +# updating the role to v0.2.0 because the default installation path +# has changed. +- name: Get version of deprecated Roundcube installation on role upgrade command: sed -n "s/^define('RCMAIL_VERSION', '\(.*\)');/\1/p" \ /srv/www/roundcube/sites/{{ roundcube__domain if roundcube__domain is string @@ -15,7 +18,10 @@ changed_when: False failed_when: False register: roundcube__register_version_old - when: roundcube__register_version.stdout == '' + when: (roundcube__register_version.stdout == '') and + (not roundcube__git_checkout == '/srv/www/roundcube/sites/' + + (roundcube__domain if roundcube__domain is string + else roundcube__domain[0]) + '/public') # ---- Deployment ---- From f04e18b3022bbd60ce6caecebd911830c9333849 Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Fri, 25 Aug 2017 08:31:15 +0200 Subject: [PATCH 49/56] Make sure upgradedb.sh is run after configuration task --- tasks/deploy_roundcube.yml | 16 ++++------------ tasks/main.yml | 12 ++++++++++++ 2 files changed, 16 insertions(+), 12 deletions(-) diff --git a/tasks/deploy_roundcube.yml b/tasks/deploy_roundcube.yml index e6a3466..cc1dc9f 100644 --- a/tasks/deploy_roundcube.yml +++ b/tasks/deploy_roundcube.yml @@ -23,6 +23,7 @@ + (roundcube__domain if roundcube__domain is string else roundcube__domain[0]) + '/public') + # ---- Deployment ---- # roundcube is checked out based on tags instead of branches, and since we @@ -119,6 +120,9 @@ register: roundcube__register_composer_json changed_when: False + +# ---- Post deployment ---- + - name: Generate PHP composer.json template: src: 'srv/www/sites/composer.json.j2' @@ -158,18 +162,6 @@ creates: 'program/js/jquery.min.js' become_user: '{{ roundcube__user }}' -- name: Update database schema - command: 'php bin/updatedb.sh --package=roundcube --dir={{ roundcube__git_checkout }}/SQL' - args: - chdir: '{{ roundcube__git_checkout }}' - become_user: '{{ roundcube__user }}' - register: roundcube__register_updatedb - changed_when: not roundcube__register_updatedb.stdout == '' - when: (not roundcube__register_version.stdout == '' and - roundcube__git_version | version_compare(roundcube__register_version.stdout, '>')) or - (not roundcube__register_version_old | skipped and - not roundcube__register_version_old.stdout == '') - - name: Enable cleandb.sh Cron job cron: name: Roundcube daily database housekeeping diff --git a/tasks/main.yml b/tasks/main.yml index c8edbe9..89dc7c8 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -61,5 +61,17 @@ group: '{{ roundcube__group }}' mode: '0640' +- name: Update database schema + command: 'php bin/updatedb.sh --package=roundcube --dir={{ roundcube__git_checkout }}/SQL' + args: + chdir: '{{ roundcube__git_checkout }}' + become_user: '{{ roundcube__user }}' + register: roundcube__register_updatedb + changed_when: not roundcube__register_updatedb.stdout == '' + when: (not roundcube__register_version.stdout == '' and + roundcube__git_version | version_compare(roundcube__register_version.stdout, '>')) or + (not roundcube__register_version_old | skipped and + not roundcube__register_version_old.stdout == '') + - name: Post hooks include: '{{ lookup("task_src", "roundcube/post_main.yml") }}' From b7b63b6090fec4ab911312f203f5355c20bc3ece Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Fri, 25 Aug 2017 18:16:53 +0200 Subject: [PATCH 50/56] Re-group tasks and add Ansible tags --- tasks/configure_mysql.yml | 2 -- tasks/deploy_roundcube.yml | 39 ++++++++++++++------------------- tasks/main.yml | 45 +++++++++++++++++++++++++------------- 3 files changed, 47 insertions(+), 39 deletions(-) diff --git a/tasks/configure_mysql.yml b/tasks/configure_mysql.yml index da62f1b..5131dd8 100644 --- a/tasks/configure_mysql.yml +++ b/tasks/configure_mysql.yml @@ -6,7 +6,6 @@ state: 'present' delegate_to: '{{ ansible_local.mariadb.delegate_to }}' register: roundcube__register_database_status - tags: [ 'role::roundcube:database' ] - name: Import initial database schema mysql_db: @@ -17,4 +16,3 @@ login_password: '{{ roundcube__database_map[roundcube__database].dbpass }}' login_host: '{{ ansible_local.mariadb.server }}' when: (roundcube__register_database_status|d() is defined and roundcube__register_database_status.changed) - tags: [ 'role::roundcube:database' ] diff --git a/tasks/deploy_roundcube.yml b/tasks/deploy_roundcube.yml index cc1dc9f..8bb37e8 100644 --- a/tasks/deploy_roundcube.yml +++ b/tasks/deploy_roundcube.yml @@ -1,27 +1,22 @@ --- -- name: Get version of current Roundcube installation - command: sed -n "s/^define('RCMAIL_VERSION', '\(.*\)');/\1/p" \ - {{ roundcube__git_checkout }}/program/include/iniset.php - changed_when: False - failed_when: False - register: roundcube__register_version - -# this task is necessary, to trigger proper database upgrades after -# updating the role to v0.2.0 because the default installation path -# has changed. -- name: Get version of deprecated Roundcube installation on role upgrade - command: sed -n "s/^define('RCMAIL_VERSION', '\(.*\)');/\1/p" \ - /srv/www/roundcube/sites/{{ - roundcube__domain if roundcube__domain is string - else roundcube__domain[0] }}/public/program/include/iniset.php - changed_when: False - failed_when: False - register: roundcube__register_version_old - when: (roundcube__register_version.stdout == '') and - (not roundcube__git_checkout == '/srv/www/roundcube/sites/' - + (roundcube__domain if roundcube__domain is string - else roundcube__domain[0]) + '/public') +# ---- System Account ---- + +- name: Create Roundcube group + group: + name: '{{ roundcube__group }}' + system: True + state: 'present' + +- name: Create Roundcube user + user: + name: '{{ roundcube__user }}' + group: '{{ roundcube__group }}' + home: '{{ roundcube__home }}' + shell: '{{ roundcube__shell }}' + comment: '{{ roundcube__comment }}' + system: True + state: 'present' # ---- Deployment ---- diff --git a/tasks/main.yml b/tasks/main.yml index 89dc7c8..160745e 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -6,21 +6,30 @@ # ---- Environment ---- -- name: Create Roundcube group - group: - name: '{{ roundcube__group }}' - system: True - state: 'present' - -- name: Create Roundcube user - user: - name: '{{ roundcube__user }}' - group: '{{ roundcube__group }}' - home: '{{ roundcube__home }}' - shell: '{{ roundcube__shell }}' - comment: '{{ roundcube__comment }}' - system: True - state: 'present' +- name: Get version of current Roundcube installation + command: sed -n "s/^define('RCMAIL_VERSION', '\(.*\)');/\1/p" \ + {{ roundcube__git_checkout }}/program/include/iniset.php + changed_when: False + failed_when: False + register: roundcube__register_version + tags: [ 'role::roundcube:database' ] + +# this task is necessary, to trigger proper database upgrades after +# updating the role to v0.2.0 because the default installation path +# has changed. +- name: Get version of deprecated Roundcube installation on role upgrade + command: sed -n "s/^define('RCMAIL_VERSION', '\(.*\)');/\1/p" \ + /srv/www/roundcube/sites/{{ + roundcube__domain if roundcube__domain is string + else roundcube__domain[0] }}/public/program/include/iniset.php + changed_when: False + failed_when: False + register: roundcube__register_version_old + when: (roundcube__register_version.stdout == '') and + (not roundcube__git_checkout == '/srv/www/roundcube/sites/' + + (roundcube__domain if roundcube__domain is string + else roundcube__domain[0]) + '/public') + tags: [ 'role::roundcube:database' ] # ---- Deployment ---- @@ -35,8 +44,10 @@ - '{{ roundcube__packages }}' - '{{ roundcube__composer_packages if not roundcube__composer_phar|bool else [] }}' + tags: [ 'role::roundcube:pkg' ] - include: deploy_roundcube.yml + tags: [ 'role::roundcube:deployment' ] # ---- Configuration ---- @@ -49,9 +60,11 @@ group: '{{ roundcube__group }}' mode: '0750' when: roundcube__database_map[roundcube__database].dbtype == 'sqlite' + tags: [ 'role::roundcube:database' ] - include: configure_mysql.yml when: roundcube__database_map[roundcube__database].dbtype == 'mysql' + tags: [ 'role::roundcube:database' ] - name: Configure Roundcube template: @@ -60,6 +73,7 @@ owner: 'root' group: '{{ roundcube__group }}' mode: '0640' + tags: [ 'role::roundcube:config' ] - name: Update database schema command: 'php bin/updatedb.sh --package=roundcube --dir={{ roundcube__git_checkout }}/SQL' @@ -72,6 +86,7 @@ roundcube__git_version | version_compare(roundcube__register_version.stdout, '>')) or (not roundcube__register_version_old | skipped and not roundcube__register_version_old.stdout == '') + tags: [ 'role::roundcube:database' ] - name: Post hooks include: '{{ lookup("task_src", "roundcube/post_main.yml") }}' From 9be2f6a4d4e5502ef3b31df0dd3036ba39fce238 Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Fri, 25 Aug 2017 18:21:37 +0200 Subject: [PATCH 51/56] Update documentation, add doc for Ansible tags --- docs/getting-started.rst | 47 +++++++++++++++++++++++++++++++++++----- 1 file changed, 41 insertions(+), 6 deletions(-) diff --git a/docs/getting-started.rst b/docs/getting-started.rst index c1f94a3..b5ac2a1 100644 --- a/docs/getting-started.rst +++ b/docs/getting-started.rst @@ -6,35 +6,70 @@ Getting started .. contents:: :local: +.. include:: includes/all.rst + + .. _roundcube__ref_default_setup: Default setup ------------- -If you don't specify any configuration values, the role will setup a `nginx`_ +If you don't specify any configuration values, the role will setup a Nginx_ HTTP server running a default installation of the latest Roundcube stable release which is then accessible via ``https://roundcube.``. +SQLite is used as database backend for storing the user settings. -.. _nginx: https://github.com/debops/ansible-nginx .. _roundcube__ref_example_inventory: Example inventory ----------------- -You can install Roundcube on a host by adding it to the -``[debops_service_roundcube]`` Ansible group in your Ansible inventory:: +Roundcube can be installed on a given host by adding it to the +``[debops_service_roundcube]`` Ansible inventory group:: [debops_service_roundcube] hostname + .. _roundcube__ref_example_playbook: Example playbook ---------------- -Here's an example playbook which uses the ``debops-contrib.roundcube`` role to install -Roundcube: +The following playbook can be used with DebOps. If you are using these role +without DebOps you might need to adapt them to make them work in your setup. .. literalinclude:: playbooks/roundcube.yml :language: yaml + +This playbook is also shipped with the role under :file:`docs/playbooks/`. + + +.. _roundcube__ref_default_setup: + +Ansible tags +------------ + +You can use Ansible ``--tags`` or ``--skip-tags`` parameters to limit what +tasks are performed during Ansible run. This can be used after a host was first +configured to speed up playbook execution, when you are sure that most of the +configuration is already in the desired state. + +Available role tags: + +``role::roundcube`` + Main role tag, should be used in the playbook to execute all of the role + tasks as well as role dependencies. + +``role::roundcube:pkg`` + Run tasks related to system package installation. + +``role::roundcube:deployment`` + Run tasks related to the application deployment and update. + +``role::roundcube:config`` + Run tasks related to the Roundcube application configuration. + +``role::roundcube:database`` + Run tasks related to setup or update the database user and schema. From 2a554cdb95d3304886a5c0b1beadd92b081a9c9e Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Fri, 25 Aug 2017 18:25:17 +0200 Subject: [PATCH 52/56] Fix links to version diffs --- CHANGES.rst | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/CHANGES.rst b/CHANGES.rst index 1de2b93..d4ac42f 100644 --- a/CHANGES.rst +++ b/CHANGES.rst @@ -89,7 +89,7 @@ Removed - Remove support for Debian (oldoldstable) wheezy. [ganto_] -`debops-contrib.roundcube v0.1.3_` - 2017-07-26 +`debops-contrib.roundcube v0.1.3`_ - 2017-07-26 ----------------------------------------------- .. _debops-contrib.roundcube v0.1.3: https://github.com/debops-contrib/ansible-roundcube/compare/v0.1.2...v0.1.3 @@ -108,7 +108,7 @@ Fixed - Probe if :envvar:`roundcube__domain` is a string and construct :envvar:`roundcube__git_checkout` accordingly. [cultcom] -`debops-contrib.roundcube v0.1.2_` - 2017-03-09 +`debops-contrib.roundcube v0.1.2`_ - 2017-03-09 ----------------------------------------------- .. _debops-contrib.roundcube v0.1.2: https://github.com/debops-contrib/ansible-roundcube/compare/v0.1.1...v0.1.2 @@ -134,7 +134,7 @@ Fixed indentation of example playbook. [ganto_] -`debops-contrib.roundcube v0.1.1_` - 2016-08-03 +`debops-contrib.roundcube v0.1.1`_ - 2016-08-03 ----------------------------------------------- .. _debops-contrib.roundcube v0.1.1: https://github.com/debops-contrib/ansible-roundcube/compare/v0.1.0...v0.1.1 From 9a8def1a72cea3eb10755563f8eb76bac9923f1f Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Fri, 25 Aug 2017 18:34:30 +0200 Subject: [PATCH 53/56] Fix build failure due to copy/paste error --- docs/getting-started.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/getting-started.rst b/docs/getting-started.rst index b5ac2a1..34e314f 100644 --- a/docs/getting-started.rst +++ b/docs/getting-started.rst @@ -46,7 +46,7 @@ without DebOps you might need to adapt them to make them work in your setup. This playbook is also shipped with the role under :file:`docs/playbooks/`. -.. _roundcube__ref_default_setup: +.. _roundcube__ref_ansible_tags: Ansible tags ------------ From 6e0dd119674ce1ba60e3f33d98643cb4de032d45 Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Fri, 25 Aug 2017 18:46:34 +0200 Subject: [PATCH 54/56] Remove erroneously committed lookup template --- templates/lookup/roundcube__apt_php_packages.j2 | 7 ------- 1 file changed, 7 deletions(-) delete mode 100644 templates/lookup/roundcube__apt_php_packages.j2 diff --git a/templates/lookup/roundcube__apt_php_packages.j2 b/templates/lookup/roundcube__apt_php_packages.j2 deleted file mode 100644 index 3e7bb7f..0000000 --- a/templates/lookup/roundcube__apt_php_packages.j2 +++ /dev/null @@ -1,7 +0,0 @@ -{% set _apt_php_packages = [] %} -{% for _pkg in roundcube__apt_php_package_map.keys() %} -{% if ansible_distribution_release in roundcube__apt_php_package_map[_pkg] %} -{% set _ = _apt_php_packages.append(_pkg | replace("_", "-")) %} -{% endif %} -{% endfor %} -{{ _apt_php_packages | to_json }} From 98ac47b43b501f0bf4631adfc51e9fe6151c9177 Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Fri, 25 Aug 2017 18:50:26 +0200 Subject: [PATCH 55/56] Add hint about future use of the composer.json.j2 --- templates/srv/www/sites/composer.json.j2 | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/templates/srv/www/sites/composer.json.j2 b/templates/srv/www/sites/composer.json.j2 index 0253774..b1a0291 100644 --- a/templates/srv/www/sites/composer.json.j2 +++ b/templates/srv/www/sites/composer.json.j2 @@ -1,2 +1,7 @@ +{# This template has no other functionality than simply printing out the +# composer.json content as it was read from the composer.json.dist. It is +# meant to be used to adjust the PHP package list in the future according +# to plugins requirements or packages installed via apt. +#} {% set _composer_json = (roundcube__register_composer_json.stdout | from_json) %} {{ _composer_json | to_nice_json }} From ab029c08f27403f75f27acdccfb0d286c6860c59 Mon Sep 17 00:00:00 2001 From: Reto Gantenbein Date: Mon, 28 Aug 2017 08:00:42 +0200 Subject: [PATCH 56/56] Switch rolespec test repository to debops/test-suite --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 0ca7101..bd7962b 100644 --- a/.travis.yml +++ b/.travis.yml @@ -13,7 +13,7 @@ install: True script: - 'git clone --depth 1 https://github.com/nickjj/rolespec' - - 'cd rolespec ; bin/rolespec -r https://github.com/ganto/debops-test-suite' + - 'cd rolespec ; bin/rolespec -r https://github.com/debops/test-suite' notifications: webhooks: https://galaxy.ansible.com/api/v1/notifications/