diff --git a/deploy/redhat/tasks/api_install.yml b/deploy/redhat/tasks/api_install.yml index 6602dfb..42295bf 100644 --- a/deploy/redhat/tasks/api_install.yml +++ b/deploy/redhat/tasks/api_install.yml @@ -15,11 +15,12 @@ yum: name={{item}} state=present with_items: - nodejs + - npm when: ALL_IN_ONE == False -- name: Install npm - shell: curl -L https://www.npmjs.org/install.sh | sh - when: ALL_IN_ONE == False +# - name: Install npm +# shell: curl -L https://www.npmjs.org/install.sh | sh +# when: ALL_IN_ONE == False - name: Install node.js module forever as global npm: name=forever global=yes diff --git a/deploy/redhat/tasks/postfix.yml b/deploy/redhat/tasks/postfix.yml index ac0100f..6633f48 100644 --- a/deploy/redhat/tasks/postfix.yml +++ b/deploy/redhat/tasks/postfix.yml @@ -2,9 +2,9 @@ # Licensed under the Apache License, Version 2.0 the "License"; # you may not use this file except in compliance with the License. # You may obtain a copy of the License at -# +# # http://www.apache.org/licenses/LICENSE-2.0 -# +# # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -16,12 +16,12 @@ # yum: name={{item}} state=present # with_items: # - postfix - - - + + + - name: Postfix | Download archive get_url: url=ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.11.1.tar.gz dest=/usr/local/src/ timeout=60 - + - name: Postfix | Unarchive download command: chdir=/usr/local/src/ tar xzvf postfix-2.11.1.tar.gz @@ -29,7 +29,7 @@ yum: name={{item}} state=present with_items: - db4-devel - - cyrus-sasl + - cyrus-sasl - cyrus-sasl-devel - openssl - openssl-devel @@ -37,49 +37,49 @@ - pcre-devel - openldap - openldap-devel - + - name: Postfix | Copy header db.h command: cp /usr/include/libdb4/db.h /usr/include when: ansible_os_family == "RedHat" and {{ ansible_distribution_version | version_compare('7.0', '>=') }} - name: Postfix | Execute make makefiles1 - command: chdir=/usr/local/src/postfix-2.11.1 make makefiles CCARGS='-fPIC -DUSE_TLS -DUSE_SSL -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -DPREFIX=\\"/usr\\" -DHAS_PCRE -I/usr/include/openssl -DHAS_PGSQL -I/usr/pgsql-9.3/lib -I/usr/include/sasl -I/usr/pgsql-9.3/include -I/usr/include' AUXLIBS='-L/usr/lib64 -L/usr/lib64/libdb4 -L/usr/lib64/openssl -lssl -lcrypto -L/usr/pgsql-9.3/lib -lpq -L/usr/lib64/sasl2 -lsasl2 -lpcre -lz -lm -lldap -llber -Wl,-rpath,/usr/lib64/openssl -pie -Wl,-z,relro' OPT='-O' DEBUG='-g' + command: chdir=/usr/local/src/postfix-2.11.1 make makefiles CCARGS='-fPIC -DUSE_TLS -DUSE_SSL -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -DPREFIX=\\"/usr\\" -DHAS_PCRE -I/usr/include/openssl -DHAS_PGSQL -I/usr/pgsql-9.6/lib -I/usr/include/sasl -I/usr/pgsql-9.6/include -I/usr/include' AUXLIBS='-L/usr/lib64 -L/usr/lib64/libdb4 -L/usr/lib64/openssl -lssl -lcrypto -L/usr/pgsql-9.6/lib -lpq -L/usr/lib64/sasl2 -lsasl2 -lpcre -lz -lm -lldap -llber -Wl,-rpath,/usr/lib64/openssl -pie -Wl,-z,relro' OPT='-O' DEBUG='-g' when: ansible_os_family == "RedHat" and {{ ansible_distribution_version | version_compare('7.0', '>=') }} - name: Postfix | Execute make makefiles2 - command: chdir=/usr/local/src/postfix-2.11.1 make makefiles CCARGS='-fPIC -DUSE_TLS -DUSE_SSL -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -DPREFIX=\\"/usr\\" -DHAS_PCRE -I/usr/include/openssl -DHAS_PGSQL -I/usr/pgsql-9.3/lib -I/usr/include/sasl -I/usr/pgsql-9.3/include -I/usr/include' AUXLIBS='-L/usr/lib64 -L/usr/lib64/libdb4 -L/usr/lib64/openssl -lssl -lcrypto -L/usr/pgsql-9.3/lib -lpq -L/usr/lib64/sasl2 -lsasl2 -lpcre -lz -lm -lldap -llber -Wl,-rpath,/usr/lib64/openssl -pie -Wl,-z,relro' OPT='-O' DEBUG='-g' + command: chdir=/usr/local/src/postfix-2.11.1 make makefiles CCARGS='-fPIC -DUSE_TLS -DUSE_SSL -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -DPREFIX=\\"/usr\\" -DHAS_PCRE -I/usr/include/openssl -DHAS_PGSQL -I/usr/pgsql-9.6/lib -I/usr/include/sasl -I/usr/pgsql-9.6/include -I/usr/include' AUXLIBS='-L/usr/lib64 -L/usr/lib64/libdb4 -L/usr/lib64/openssl -lssl -lcrypto -L/usr/pgsql-9.6/lib -lpq -L/usr/lib64/sasl2 -lsasl2 -lpcre -lz -lm -lldap -llber -Wl,-rpath,/usr/lib64/openssl -pie -Wl,-z,relro' OPT='-O' DEBUG='-g' when: ansible_os_family == "RedHat" and {{ ansible_distribution_version | version_compare('7.0', '<') }} - name: Postfix | Execute make command: chdir=/usr/local/src/postfix-2.11.1 make - + - name: Postfix | Execute make upgrade command: chdir=/usr/local/src/postfix-2.11.1 make upgrade - + - name: Postfix | Configure Postfix lineinfile: dest=/etc/postfix/main.cf regexp='^\s*inet_interfaces\s*=.*' line="inet_interfaces=all" notify: Restart postfix - + - name: Create the postfix user 'direct' postgresql_user: name=direct state=present encrypted=yes role_attr_flags=NOSUPERUSER,NOCREATEDB,NOCREATEROLE sudo_user: "{{postgresql_admin_user}}" - + - name: Create the postfix database 'maildb' postgresql_db: name=maildb state=present owner=direct sudo_user: "{{postgresql_admin_user}}" - + - name: Create postfix database structure command: psql -d maildb -c "{{lookup('file', '../files/postfix.sql')}}" sudo_user: "{{postgresql_admin_user}}" - - + + - name: Create pgsql directory file: path=/etc/postfix/pgsql state=directory - + - name: Add postfix user to maildb postgresql_user: name=postfix state=present password={{POSTFIX_PASSWORD}} db=maildb role_attr_flags=LOGIN sudo_user: "{{postgresql_admin_user}}" - + - name: Grant privileges on tables to user postgresql_privs: database=maildb roles=postfix schema=public type=table objs=ALL_IN_SCHEMA grant_option=yes state=present priv=ALL sudo_user: "{{postgresql_admin_user}}" @@ -89,18 +89,18 @@ sudo_user: "{{postgresql_admin_user}}" - name: Set authentication method for postfix - lineinfile: dest=/var/lib/pgsql/9.3/data/pg_hba.conf + lineinfile: dest=/var/lib/pgsql/9.6/data/pg_hba.conf regexp='(# Put your actual configuration here\n)(local maildb postfix password)?' - backrefs=yes - state=present - line='\1local maildb postfix password\nlocal maildb direct trust' + backrefs=yes + state=present + line='\1local maildb postfix password\nlocal maildb direct trust' sudo_user: "{{postgresql_admin_user}}" - # notify: + # notify: # - Reload postgres - + - name: Postfix | Reload postgres after setting authentication method - service: name=postgresql-9.3 state=reloaded - + service: name=postgresql-9.6 state=reloaded + - name: Postfix | Add local domain to domains database command: "{{SPOOL}}/tools/direct_domain add -d {{MAIL_DOMAIN}} -t local" sudo_user: direct @@ -110,13 +110,13 @@ - add_domain - add_root_and_domain - + - name: Postfix | Add virtual maps template: src=templates/{{item}} dest=/etc/postfix/pgsql/{{item}} with_items: - virtual_mailbox_maps.cf - virtual_mailbox_domains.cf - + - name: Postfix | Edit postfix config file and service entries command: postconf {{item}} @@ -127,7 +127,7 @@ - "-e 'virtual_mailbox_domains =pgsql:/etc/postfix/pgsql/virtual_mailbox_domains.cf'" - "-e 'virtual_mailbox_maps = pgsql:/etc/postfix/pgsql/virtual_mailbox_maps.cf'" - "-M direct-rx/unix='direct-rx unix - n n - - pipe flags=RXq user=direct argv=/var/spool/direct/smimercv.py ${queue_id} ${recipient} ${sender}'" - notify: + notify: - Restart postfix - + diff --git a/deploy/redhat/tasks/postgres.yml b/deploy/redhat/tasks/postgres.yml index af67b5a..1fbdb48 100644 --- a/deploy/redhat/tasks/postgres.yml +++ b/deploy/redhat/tasks/postgres.yml @@ -12,54 +12,55 @@ # limitations under the License. - name: Install PGDG CentOS 6 - yum: name=http://yum.postgresql.org/9.3/redhat/rhel-6-x86_64/pgdg-centos93-9.3-1.noarch.rpm + yum: name=http://yum.postgresql.org/9.6/redhat/rhel-6-x86_64/pgdg-centos93-9.6-1.noarch.rpm when: ansible_distribution == "CentOS" and {{ ansible_distribution_version | version_compare('7.0', '<') }} sudo: yes - name: Install PGDG RedHat 6 - yum: name=http://yum.postgresql.org/9.3/redhat/rhel-6-x86_64/pgdg-redhat93-9.3-1.noarch.rpm + yum: name=http://yum.postgresql.org/9.6/redhat/rhel-6-x86_64/pgdg-redhat93-9.6-1.noarch.rpm when: ansible_distribution == "RedHat" and {{ ansible_distribution_version | version_compare('7.0', '<') }} sudo: yes - name: Install PGDG CentOS 7 - yum: name=http://yum.postgresql.org/9.3/redhat/rhel-7-x86_64/pgdg-centos93-9.3-1.noarch.rpm + yum: name=http://yum.postgresql.org/9.6/redhat/rhel-7-x86_64/pgdg-centos93-9.6-1.noarch.rpm when: ansible_distribution == "CentOS" and {{ ansible_distribution_version | version_compare('7.0', '>=') }} sudo: yes - name: Install PGDG RedHat 7 - yum: name=http://yum.postgresql.org/9.3/redhat/rhel-7-x86_64/pgdg-redhat93-9.3-1.noarch.rpm + yum: name=https://download.postgresql.org/pub/repos/yum/9.6/redhat/rhel-7-x86_64/pgdg-redhat96-9.6-3.noarch.rpm + #yum: name=http://yum.postgresql.org/9.3/redhat/rhel-7-x86_64/pgdg-redhat93-9.6-1.noarch.rpm when: ansible_distribution == "RedHat" and {{ ansible_distribution_version | version_compare('7.0', '>=') }} sudo: yes - name: Install PostgreSql packages yum: name={{ item }} state=present with_items: - - postgresql93-server - - postgresql93-contrib + - postgresql96-server + - postgresql96-contrib - python-psycopg2 - name: Initialize new PostgreSql cluster RedHat-CentOS 6 - command: /etc/init.d/postgresql-9.3 initdb + command: /etc/init.d/postgresql-9.6 initdb args: - creates: /var/lib/pgsql/9.3/data/postgresql.conf + creates: /var/lib/pgsql/9.6/data/postgresql.conf when: "{{ ansible_distribution_version | version_compare('7.0', '<') }}" - name: Initialize new PostgreSql cluster RedHat-CentOS 7 - command: /usr/pgsql-9.3/bin/postgresql93-setup initdb + command: /usr/pgsql-9.6/bin/postgresql96-setup initdb args: - creates: /var/lib/pgsql/9.3/data/postgresql.conf + creates: /var/lib/pgsql/9.6/data/postgresql.conf when: "{{ ansible_distribution_version | version_compare('7.0', '>=') }}" - name: Configure pg_hba.conf template: src: templates/pg_hba.conf.j2 - dest: "/var/lib/pgsql/9.3/data/pg_hba.conf" + dest: "/var/lib/pgsql/9.6/data/pg_hba.conf" owner: "{{ postgresql_admin_user }}" group: "{{ postgresql_admin_user }}" mode: 0640 - name: Ensure PostgreSQL is listening on all addresses - lineinfile: dest=/var/lib/pgsql/9.3/data/postgresql.conf + lineinfile: dest=/var/lib/pgsql/9.6/data/postgresql.conf regexp='^#?listen_addresses\s*=' line="listen_addresses = '*'" state=present @@ -68,4 +69,4 @@ # command: chkconfig postgresql on - name: Check postgresql started and set it to be started at boot - service: name=postgresql-9.3 state=started enabled=yes + service: name=postgresql-9.6 state=started enabled=yes diff --git a/deploy/ubuntu/files/postfix.sql b/deploy/ubuntu/files/postfix.sql index b778c7e..bf1a22b 100644 --- a/deploy/ubuntu/files/postfix.sql +++ b/deploy/ubuntu/files/postfix.sql @@ -1,12 +1,12 @@ --- Copyright 2014 MedicaSoft LLC USA and Info World SRL +-- Copyright 2014 MedicaSoft LLC USA and Info World SRL -- Licensed under the Apache License, Version 2.0 (the "License"); -- you may not use this file except in compliance with the License. -- You may obtain a copy of the License at --- +-- -- http://www.apache.org/licenses/LICENSE-2.0 --- +-- -- Unless required by applicable law or agreed to in writing, software --- distributed under the License is distributed on an "AS IS" BASIS, +-- distributed under the License is distributed on an AS-IS BASIS, -- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -- See the License for the specific language governing permissions and -- limitations under the License. @@ -34,7 +34,7 @@ ALTER INDEX address_lower_index OWNER TO direct; -- users trigger on address insert or update - + CREATE OR REPLACE FUNCTION setUserDetails() RETURNS trigger LANGUAGE plpgsql AS $$ DECLARE userNameP varchar(100); @@ -42,13 +42,13 @@ DECLARE address varchar(200); i int; BEGIN - address := NEW.address; - i := position('@' in address); + address := NEW.address; + i := position('@' in address); userNameP := substring(address from 0 for i); domainP := substring(address from i+1); UPDATE users SET userName=userNameP, domain=domainP WHERE id=NEW.id; - + RETURN NEW; END $$; @@ -58,10 +58,10 @@ DROP TRIGGER IF EXISTS userAddressTrigger on users; CREATE TRIGGER userAddressTrigger AFTER INSERT OR UPDATE OF address ON users FOR EACH ROW EXECUTE PROCEDURE setUserDetails(); - - + + CREATE TABLE IF NOT EXISTS messages ( id serial NOT NULL, @@ -139,7 +139,7 @@ WITH ( ALTER TABLE domains OWNER TO direct; - + CREATE TABLE IF NOT EXISTS bundles ( id serial NOT NULL, diff --git a/deploy/ubuntu/playbook.yml b/deploy/ubuntu/playbook.yml index 85e4700..e134f62 100644 --- a/deploy/ubuntu/playbook.yml +++ b/deploy/ubuntu/playbook.yml @@ -2,9 +2,9 @@ # Licensed under the Apache License, Version 2.0 the "License"; # you may not use this file except in compliance with the License. # You may obtain a copy of the License at -# +# # http://www.apache.org/licenses/LICENSE-2.0 -# +# # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -13,14 +13,16 @@ --- - hosts: all - vars_files: + strategy: debug + vars_files: - vars/vars.yml - sudo: yes + sudo: yes + gather_facts: False - tasks: + tasks: - include: tasks/prereqs.yml - - include: tasks/postgres.yml - - include: tasks/certificates.yml + - include: tasks/postgres.yml + - include: tasks/certificates.yml - include: tasks/pdns.yml user=postgres - include: tasks/postfix.yml user=postgres - include: tasks/api_install.yml @@ -29,6 +31,6 @@ - include: tasks/logstash.yml - include: tasks/kibana.yml - include: tasks/nginx.yml - - handlers: + + handlers: - include: handlers/handlers.yml diff --git a/deploy/ubuntu/tasks/api_deploy.yml b/deploy/ubuntu/tasks/api_deploy.yml index a671e19..376957c 100644 --- a/deploy/ubuntu/tasks/api_deploy.yml +++ b/deploy/ubuntu/tasks/api_deploy.yml @@ -2,9 +2,9 @@ # Licensed under the Apache License, Version 2.0 the "License"; # you may not use this file except in compliance with the License. # You may obtain a copy of the License at -# +# # http://www.apache.org/licenses/LICENSE-2.0 -# +# # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -16,14 +16,14 @@ - name: Copy API config file template: src=templates/config.js.j2 dest={{SPOOL}}/api/config.js - + - name: Install the required Node.js packages npm: path={{SPOOL}}/api - -- name: Set Node.js app as Upstart service - template: src=templates/direct.conf.j2 dest=/etc/init/direct.conf - + +- name: Set Node.js app as systemd service + template: src=templates/direct.service.j2 dest=/etc/systemd/system/direct.service + - name: Start Node.js service - service: name=direct state=started + service: name=direct state=started diff --git a/deploy/ubuntu/tasks/elasticsearch.yml b/deploy/ubuntu/tasks/elasticsearch.yml index 48c7b91..cbf64b2 100644 --- a/deploy/ubuntu/tasks/elasticsearch.yml +++ b/deploy/ubuntu/tasks/elasticsearch.yml @@ -2,9 +2,9 @@ # Licensed under the Apache License, Version 2.0 the "License"; # you may not use this file except in compliance with the License. # You may obtain a copy of the License at -# +# # http://www.apache.org/licenses/LICENSE-2.0 -# +# # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -12,19 +12,20 @@ # limitations under the License. - name: Install JDK dependencies + apt: name=software-properties-common state=present apt: name=python-software-properties state=present -- name: Add JDK repository +- name: Add JDK repository apt_repository: repo=ppa:webupd8team/java state=present - name: Configure JDK installer - debconf: name=oracle-java7-installer question="{{item.question}}" value="{{item.value}}" vtype='select' unseen=no + debconf: name={{java_apt_package}} question="{{item.question}}" value="{{item.value}}" vtype='select' unseen=no with_items: - { question: 'shared/accepted-oracle-license-v1-1', value: "true" } - name: Install jdk - apt: name=oracle-java7-installer state=present - + apt: name={{java_apt_package}} state=present + # - name: Install openjdk7-jdk # apt: name=openjdk-7-jdk state=present force=yes @@ -33,10 +34,10 @@ - name: Download elasticsearch 1.2.1 deb get_url: url=https://download.elasticsearch.org/elasticsearch/elasticsearch/elasticsearch-1.2.1.deb dest=/opt/elasticsearch/elasticsearch-1.2.1.deb - -- name: Install elasticsearch 1.2.1 - apt: deb=/opt/elasticsearch/elasticsearch-1.2.1.deb - + +- name: Install elasticsearch 1.2.1 + apt: deb=/opt/elasticsearch/elasticsearch-1.2.1.deb + - name: Configure elasticsearch lineinfile: line="{{item}}" dest=/etc/elasticsearch/elasticsearch.yml state=present with_items: @@ -44,14 +45,14 @@ - "node.name: logstash_node" notify: - Restart elasticsearch - + - name: Start ES on boot command: sudo update-rc.d elasticsearch defaults 95 10 - -- name: Install ES curator + +- name: Install ES curator pip: name=elasticsearch-curator state=present - -#TODO # Create /etc/cron.daily/elasticsearch_curator Cron Job + +#TODO # Create /etc/cron.daily/elasticsearch_curator Cron Job #- name: Set execute permision on /etc/cron.daily/elasticsearch_curator # file: path=/etc/cron.daily/elasticsearch_curator mode=770 - + diff --git a/deploy/ubuntu/tasks/postfix.yml b/deploy/ubuntu/tasks/postfix.yml index 5586f18..3005b7a 100644 --- a/deploy/ubuntu/tasks/postfix.yml +++ b/deploy/ubuntu/tasks/postfix.yml @@ -2,9 +2,9 @@ # Licensed under the Apache License, Version 2.0 the "License"; # you may not use this file except in compliance with the License. # You may obtain a copy of the License at -# +# # http://www.apache.org/licenses/LICENSE-2.0 -# +# # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -26,23 +26,23 @@ - name: Create the postfix user 'direct' postgresql_user: name=direct state=present encrypted=yes role_attr_flags=NOSUPERUSER,NOCREATEDB,NOCREATEROLE sudo_user: "{{user}}" - + - name: Create the postfix database 'maildb' postgresql_db: name=maildb state=present owner=direct sudo_user: "{{user}}" - + - name: Create postfix database structure command: psql -d maildb -c "{{lookup('file', '../files/postfix.sql')}}" sudo_user: "{{user}}" - + - name: Install python development headers (requirement for python-ldap) apt: name={{item}} state=present - with_items: + with_items: - python-dev - libldap2-dev - - libsasl2-dev + - libsasl2-dev - libssl-dev - + - name: Install python-ldap (dependencies for Python scripts) pip: name=python-ldap state=present @@ -52,59 +52,59 @@ - name: Install M2Crypto (dependencies for Python scripts) pip: name=M2Crypto state=present - - name: Install other dependencies for Python scripts + - name: Install other dependencies for Python scripts pip: name={{item}} state=present with_items: - psycopg2 - dnspython - - - name: Copy server files to remote node + + - name: Copy server files to remote node copy: src=../../src/smime/{{item}} dest=/var/spool/direct/{{item}} - with_items: + with_items: - certdisco.py - certvld.py - crypto.py - mdn.py - smimercv.py - smimesend.py - + - name: Set file attributes file: path=/var/spool/direct/{{item}} group=direct owner=direct mode=770 - with_items: + with_items: - certdisco.py - certvld.py - crypto.py - mdn.py - smimercv.py - smimesend.py - + - name: Create pgsql directory file: path=/etc/postfix/pgsql state=directory - + - name: Add postfix user to maildb postgresql_user: name=postfix state=present password={{POSTFIX_PASSWORD}} db=maildb role_attr_flags=LOGIN sudo_user: "{{user}}" - + - name: Grant select priviledges to user postgresql_privs: database=maildb roles=postfix schema=public type=table objs=ALL_IN_SCHEMA grant_option=yes state=present priv=SELECT sudo_user: "{{user}}" - + - name: Set authentication method for postfix - lineinfile: dest=/etc/postgresql/9.3/main/pg_hba.conf + lineinfile: dest={{POSTGRES_CONFIG_PATH}} regexp='(# Put your actual configuration here\n)(local maildb postfix password)?' - backrefs=yes - state=present - line='\1local maildb postfix password' + backrefs=yes + state=present + line='\1local maildb postfix password' - notify: + notify: - Reload postgres - + - name: Add virtual maps template: src=templates/{{item}} dest=/etc/postfix/pgsql/{{item}} with_items: - virtual_mailbox_maps.cf - virtual_mailbox_domains.cf - + - name: Add local domain to domains database command: "{{SPOOL}}/tools/direct_domain add -d {{MAIL_DOMAIN}} -t local" sudo_user: direct @@ -118,7 +118,7 @@ - "-e 'virtual_mailbox_domains =pgsql:/etc/postfix/pgsql/virtual_mailbox_domains.cf'" - "-e 'virtual_mailbox_maps = pgsql:/etc/postfix/pgsql/virtual_mailbox_maps.cf'" - "-M direct-rx/unix='direct-rx unix - n n - - pipe flags=RXq user=direct argv=/var/spool/direct/smimercv.py ${queue_id} ${recipient} ${sender}'" - notify: + notify: - Reload postfix - + diff --git a/deploy/ubuntu/tasks/prereqs.yml b/deploy/ubuntu/tasks/prereqs.yml index 6636734..a10b2c8 100644 --- a/deploy/ubuntu/tasks/prereqs.yml +++ b/deploy/ubuntu/tasks/prereqs.yml @@ -2,26 +2,28 @@ # Licensed under the Apache License, Version 2.0 the "License"; # you may not use this file except in compliance with the License. # You may obtain a copy of the License at -# +# # http://www.apache.org/licenses/LICENSE-2.0 -# +# # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +- name: install python 2 + raw: test -e /usr/bin/python || (apt -y update && apt install -y python-minimal) + +- name: Update repositories cache + apt: update_cache=yes -- name: Update repositories cache - apt: update_cache=yes - - name: Install unzip apt: name=unzip state=present - + - name: Create Direct group group: name=direct state=present - name: Create Direct user - user: name=direct home={{SPOOL}} group=direct + user: name=direct home={{SPOOL}} group=direct - name: Create Direct file structure file: path={{item}} state=directory group=direct owner=direct mode=770 @@ -39,7 +41,7 @@ - "{{SPOOL}}/tmp" - "{{SPOOL}}/tools" - /home/root/ - - /home/root/direct + - /home/root/direct - name: Copy scripts in {{SPOOL}}/tools folder copy: src=../../src/tools/ dest={{SPOOL}}/tools/ @@ -51,7 +53,7 @@ file: path=~direct/.bash_profile state=touch - name: Add {{SPOOL}}/tools folder to PATH for direct user - lineinfile: dest=~direct/.bash_profile line='{{item}}' state=present + lineinfile: dest=~direct/.bash_profile line='{{item}}' state=present with_items: - "PATH=$PATH:{{SPOOL}}/tools" - "export PATH" diff --git a/deploy/ubuntu/vars/vars.yml b/deploy/ubuntu/vars/vars.yml index f7bf453..60a3f76 100644 --- a/deploy/ubuntu/vars/vars.yml +++ b/deploy/ubuntu/vars/vars.yml @@ -2,9 +2,9 @@ # Licensed under the Apache License, Version 2.0 the "License"; # you may not use this file except in compliance with the License. # You may obtain a copy of the License at -# +# # http://www.apache.org/licenses/LICENSE-2.0 -# +# # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -20,22 +20,27 @@ EXTERNAL_IP: "10.0.0.1" API_HOSTNAME: "abelian.medicasoft.us" API_PORT: 8085 -#Configure Elastic Search host and port used by Nginx and Logstash; -#it can be either an internal host and port (if elasticsearch server is accessible from nginx and logstash with an internal IP / localhost) -#or an external host and port +#Configure Elastic Search host and port used by Nginx and Logstash; +#it can be either an internal host and port (if elasticsearch server is accessible from nginx and logstash with an internal IP / localhost) +#or an external host and port ELASTICSEARCH_HOST: "127.0.0.1" ELASTICSEARCH_PORT: "9200" #Configure Elastic Search url used by Kibana -#it should be the External URL to ElasticSearch (and then the port 80 is FIXED by nginx configuration) e.g. http://external_host:80 +#it should be the External URL to ElasticSearch (and then the port 80 is FIXED by nginx configuration) e.g. http://external_host:80 ELASTICSEARCH_HTTP_URL: "http://abelian.medicasoft.us:80" #kibana KIBANA_LOGIN_USERNAME: "abelian" KIBANA_LOGIN_PASSWORD: "password" +#Postgres +POSTGRES_CONFIG_PATH: "/etc/postgresql/9.5/main/pg_hba.conf" + +#java +java_apt_package: oracle-java8-installer #other paths and settings -SPOOL: "/var/spool/direct" +SPOOL: "/var/spool/direct" TEMP_SQL_PATH: "/home/sql-direct-tmp" POSTFIX_PASSWORD: "{{lookup('password', 'credentials/postfixpass length=10')}}" \ No newline at end of file