CCCHH/ansible-infra
CCCHH/ansible-infra
2
2
Fork 1
Code Issues 8 Pull requests 8 Wiki Activity Actions

Vendor Galaxy Roles and Collections
Some checks failed
/ Ansible Lint (push) Failing after 5m45s
Details
/ Ansible Lint (pull_request) Failing after 4m59s
Details

Browse source
This commit is contained in:
Stefan Bethke 2026-02-06 22:07:16 +01:00
commit 2aed20393f
3553 changed files with 387444 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

19
ansible_collections/debops/debops/roles/volkszaehler/COPYRIGHT Normal file
View file

@ -0,0 +1,19 @@
volkszaehler - Setup and manage volkszaehler
Copyright (C) 2017 Robin Schneider <ypid@riseup.net>
Copyright (C) 2017 DebOps <https://debops.org/>
SPDX-License-Identifier: GPL-3.0-only
This Ansible role is part of DebOps.
DebOps is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 3, as
published by the Free Software Foundation.
DebOps is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with DebOps. If not, see https://www.gnu.org/licenses/.

584
ansible_collections/debops/debops/roles/volkszaehler/defaults/main.yml Normal file
View file

@ -0,0 +1,584 @@
---
# .. vim: foldmarker=[[[,]]]:foldmethod=marker
# .. Copyright (C) 2017 Robin Schneider <ypid@riseup.net>
# .. Copyright (C) 2017 DebOps <https://debops.org/>
# .. SPDX-License-Identifier: GPL-3.0-only
# .. _volkszahler__ref_defaults:
# debops-contrib.volkszaehler default variables [[[
# =================================================
# .. contents:: Sections
# :local:
#
# .. include:: includes/all.rst
# System packages [[[
# -------------------
# .. envvar:: volkszaehler__base_packages [[[
#
# List of base packages to install.
volkszaehler__base_packages:
- 'git-core'
- '{{ ["php-xml", "php-mbstring"]
if (ansible_local.php.version | d() is version_compare("7", ">="))
else [] }}'
# ]]]
# .. envvar:: volkszaehler__optional_packages [[[
#
# List of optional packages to install.
volkszaehler__optional_packages:
# Server-side chart generation for volkszaehler.
- 'libphp-jpgraph'
# ]]]
# .. envvar:: volkszaehler__packages [[[
#
# List of additional packages to install as configured by the system
# administrator.
volkszaehler__packages: []
# ]]]
# .. envvar:: volkszaehler__deploy_state [[[
#
# What is the desired state which this role should achieve? Possible options:
#
# ``present``
# Default. Ensure that volkszaehler is installed and configured as requested.
#
# ``absent``
# Ensure that volkszaehler is uninstalled and it's configuration is removed.
#
# ``purged``
# Same as ``absent`` but additionally also ensures that the database and
# other persistent data is removed.
#
volkszaehler__deploy_state: 'present'
# ]]]
# ]]]
# FQDN and DNS addresses [[[
# --------------------------
# .. envvar:: volkszaehler__fqdn [[[
#
# The Fully Qualified Domain Name of the volkszaehler instance. This address is
# used to configure the webserver frontend.
volkszaehler__fqdn: 'vz.{{ volkszaehler__domain }}'
# ]]]
# .. envvar:: volkszaehler__domain [[[
#
# Domain that will be configured for the volkszaehler instance.
volkszaehler__domain: '{{ ansible_domain }}'
# ]]]
# ]]]
# Database configuration [[[
# --------------------------
# .. envvar:: volkszaehler__database [[[
#
# Autodetected variable containing the database management system which should be used.
# The supported and tested option is ``mariadb``.
#
# Refer to :ref:`volkszaehler__ref_getting_started` for details.
#
# .. Planned are ``mariadb``, ``postgresql``, ``sqlite``.
#
volkszaehler__database: '{{ ansible_local.volkszaehler.database
if (ansible_local.volkszaehler.database | d())
else ("mariadb"
if (ansible_local | d() and ansible_local.mariadb is defined)
else ("postgresql"
if (ansible_local | d() and ansible_local.postgresql is defined)
else "no-database-detected")) }}'
# ]]]
# .. envvar:: volkszaehler__database_doctrine_map [[[
#
# Database name mapping from the names as used in DebOps to doctrine database
# driver names.
volkszaehler__database_doctrine_map:
'mariadb': 'pdo_mysql'
'postgresql': 'pdo_pgsql'
'sqlite': 'pdo_sqlite'
# Legacy:
'mysql': 'pdo_mysql'
# ]]]
# .. envvar:: volkszaehler__database_server [[[
#
# FQDN of the database server. It will be configured by
# the debops.mariadb_ or debops.postgresql_ role.
volkszaehler__database_server: '{{ ansible_local[volkszaehler__database].server }}'
# ]]]
# .. envvar:: volkszaehler__database_port [[[
#
# Port database is listening on.
volkszaehler__database_port: '{{ ansible_local[volkszaehler__database].port }}'
# ]]]
# .. envvar:: volkszaehler__database_name [[[
#
# Name of the database to use for volkszaehler.
volkszaehler__database_name: 'volkszaehler'
# ]]]
# .. envvar:: volkszaehler__database_user [[[
#
# Database user to use for volkszaehler.
volkszaehler__database_user: 'volkszaehler'
# ]]]
# .. envvar:: volkszaehler__database_password_path [[[
#
# Path to database password file.
volkszaehler__database_password_path: '{{ secret + "/" + volkszaehler__database + "/"
+ ansible_local[volkszaehler__database].delegate_to
+ (("/" + ansible_local[volkszaehler__database].port)
if (volkszaehler__database == "postgresql")
else "")
+ "/credentials/" + volkszaehler__database_user + "/password" }}'
# ]]]
# .. envvar:: volkszaehler__database_password [[[
#
# Database password for volkszaehler.
volkszaehler__database_password: '{{ lookup("password", volkszaehler__database_password_path + " length=48 chars=ascii_letters,digits,.:-_") }}'
# ]]]
# .. envvar:: volkszaehler__database_user_priv [[[
#
# Privileges of the :envvar:`volkszaehler__database_user`.
volkszaehler__database_user_priv: |
{{
[
volkszaehler__database_name + ".*:USAGE",
volkszaehler__database_name + ".*:SELECT,UPDATE,INSERT",
] + ([
volkszaehler__database_name + ".*:DELETE",
] if (volkszaehler__allow_channel_deletion | bool)
else [
volkszaehler__database_name + ".entities_in_aggregator:CREATE,DELETE",
volkszaehler__database_name + ".properties:CREATE,DELETE",
]
)
}}
# ]]]
# .. envvar:: volkszaehler__database_demo_insert [[[
#
# Insert demo data in to database?
volkszaehler__database_demo_insert: False
# ]]]
# .. envvar:: volkszaehler__allow_channel_deletion [[[
#
# Allow channel deletion? Note that you might not be able to change this after
# the database user has been created. You can drop the database user manually
# and let the role re-create the user to enforce new privileges.
volkszaehler__allow_channel_deletion: False
# ]]]
# ]]]
# PHP configuration [[[
# ---------------------
# .. envvar:: volkszaehler__base_php_packages [[[
#
# List of base PHP packages required by volkszaehler.
volkszaehler__base_php_packages:
- 'doctrine-orm'
- 'doctrine-dbal'
- 'symfony-console'
- '{{ ["symfony-http-foundation"] if (not (ansible_distribution == "Ubuntu" and ansible_distribution_release in ["trusty"])) else [] }}'
- '{{ ["symfony-http-kernel"] if (not (ansible_distribution == "Ubuntu" and ansible_distribution_release in ["trusty"])) else [] }}'
- 'symfony-routing'
- '{{ ["mysql"] if (volkszaehler__database in ["mariadb", "mysql"]) else [] }}'
- '{{ ["pgsql"] if (volkszaehler__database in ["postgresql"]) else [] }}'
- '{{ ["libapache2-mod-php"] if (volkszaehler__webserver == "apache") else [] }}'
## Included in normal PHP installations but require it here because it is
## used internally by the role:
- 'json'
# ]]]
# .. envvar:: volkszaehler__optional_php_packages [[[
#
# List of optional PHP packages for volkszaehler.
volkszaehler__optional_php_packages:
# Server-side chart generation for volkszaehler.
- 'libphp-jpgraph'
- 'apcu'
# ]]]
# .. envvar:: volkszaehler__max_file_size [[[
#
# Maximum upload size.
volkszaehler__max_file_size: '1M'
# ]]]
# ]]]
# Webserver configuration [[[
# ---------------------------
# .. envvar:: volkszaehler__webserver [[[
#
# Autodetected variable containing the webserver which should be used.
#
# Refer to :ref:`volkszaehler__ref_getting_started` for details.
volkszaehler__webserver: '{{ ansible_local.volkszaehler.webserver
if (ansible_local.volkszaehler.webserver | d())
else ("apache"
if (ansible_local.apache.enabled | d() | bool)
else ("nginx"
if (ansible_local.nginx.enabled | d() | bool)
else "no-webserver-detected")) }}'
# ]]]
# .. envvar:: volkszaehler__webserver_http_methods [[[
#
# List of allowed HTTP methods.
volkszaehler__webserver_http_methods: |
{{ ['GET', 'HEAD', 'POST', 'PATCH']
+ (['DELETE']
if (volkszaehler__allow_channel_deletion | bool)
else []) }}
# ]]]
# .. envvar:: volkszaehler__apache_modules [[[
#
# Dict of required Apache modules.
volkszaehler__apache_modules:
'rewrite': {}
# ]]]
# ]]]
# Directory paths [[[
# -------------------
# .. envvar:: volkszaehler__home_path [[[
#
# The volkszaehler system account home directory.
volkszaehler__home_path: '{{ ansible_local.nginx.www | d("/srv/www") + "/" + volkszaehler__user }}'
# ]]]
# .. envvar:: volkszaehler__www_path [[[
#
# Base web root directory for volkszaehler.
volkszaehler__www_path: '{{ volkszaehler__git_dest + "/htdocs" }}'
# ]]]
# ]]]
# System user and group [[[
# -------------------------
# .. envvar:: volkszaehler__user [[[
#
# System UNIX account used by the volkszaehler middleware and for application
# deployment.
volkszaehler__user: 'volkszaehler'
# ]]]
# .. envvar:: volkszaehler__group [[[
#
# System UNIX group used by the volkszaehler middleware.
volkszaehler__group: 'volkszaehler'
# ]]]
# .. envvar:: volkszaehler__gecos [[[
#
# Contents of the GECOS field set for the volkszaehler account.
volkszaehler__gecos: 'volkszaehler.org'
# ]]]
# .. envvar:: volkszaehler__shell [[[
#
# The default shell set on the volkszaehler account.
volkszaehler__shell: '/usr/sbin/nologin'
# ]]]
# ]]]
# Volkszaehler sources and deployment [[[
# ---------------------------------------
# .. envvar:: volkszaehler__git_repo [[[
#
# The URI of the volkszaehler git source repository.
volkszaehler__git_repo: 'https://github.com/volkszaehler/volkszaehler.org.git'
# ]]]
# .. envvar:: volkszaehler__git_version [[[
#
# The git branch or tag which will be installed.
# Defaults to the commit hash of latest master as the role was written.
# This is done because volkszaehler development is not cryptographically
# signed and this role wants to comply with the
# `DebOps Software Source Policy <https://docs.debops.org/en/latest/debops-policy/docs/software-source-policy.html#software-installed-from-git-repositories>`__.
# Defaults to the latest stable version. Currently v0.7.
# For PHP versions below 7, a commit before v0.7 is used which is still compatible with PHP 5.
volkszaehler__git_version: '{{ "05422cf80490bb27c43bdde3a427b4f16b55bcbf"
if (ansible_local.php.version | d("7") | int >= 7)
else "fadb821555527d0fb4d729a3f62e238cde10f168" }}'
# ]]]
# .. envvar:: volkszaehler__git_dest [[[
#
# Path where the volkszaehler sources will be checked out (installation path).
volkszaehler__git_dest: '{{ volkszaehler__home_path + "/volkszaehler.org" }}'
# ]]]
# .. envvar:: volkszaehler__git_recursive [[[
#
# Should the git repository be cloned recursively?
volkszaehler__git_recursive: False
# ]]]
# .. envvar:: volkszaehler__git_update [[[
#
# Should new revisions be retrieved from the origin repository?
volkszaehler__git_update: True
# ]]]
# ]]]
# Volkszaehler configuration [[[
# ------------------------------
# .. envvar:: volkszaehler__config_user [[[
#
# The system owner of the :file:`etc/volkszaehler.conf.php` file.
volkszaehler__config_user: '{{ volkszaehler__user
if (volkszaehler__webserver in ["apache"])
else "root" }}'
# ]]]
# .. envvar:: volkszaehler__config_group [[[
#
# The system group of the :file:`etc/volkszaehler.conf.php` file.
volkszaehler__config_group: '{{ (ansible_local.apache.user
if (ansible_local.apache.user | d())
else "www-data")
if (volkszaehler__webserver in ["apache"])
else volkszaehler__user }}'
# ]]]
# .. envvar:: volkszaehler__locale [[[
#
# The default locale to use, ordered by preference.
# See `setlocale <https://secure.php.net/manual/en/function.setlocale.php>`_ for details.
volkszaehler__locale:
- 'en_US'
- 'de_DE'
- 'C'
# ]]]
# .. envvar:: volkszaehler__upstream_config [[[
#
# Configuration as defined by upstream volkszaehler in
# :file:`volkszaehler.conf.template.php`.
volkszaehler__upstream_config:
push:
# Set to True to enable push updates.
enabled: False
server: 5582
broadcast: 8082
routes:
wamp:
- '/'
- '/ws'
websocket: []
security:
maxbodysize: False
locale:
- 'en_US'
- 'de_DE'
- 'C'
# Only used by jpGraph for server-side plotting!
colors:
- '#83CAFF'
- '#7E0021'
- '#579D1C'
- '#FFD320'
- '#FF420E'
- '#004586'
- '#0084D1'
- '#C5000B'
- '#FF950E'
- '#4B1F6F'
- '#AECF00'
- '#314004'
devmode: False
cache:
# Only used if devmode == False
ttl: 3600
debug: 0
# ]]]
# .. envvar:: volkszaehler__role_config [[[
#
# This dict is managed by the role itself, controlled by other default variables.
volkszaehler__role_config:
db:
driver: '{{ volkszaehler__database_doctrine_map[volkszaehler__database] }}'
host: '{{ volkszaehler__database_server }}'
user: '{{ volkszaehler__database_user }}'
password: '{{ volkszaehler__database_password }}'
dbname: '{{ volkszaehler__database_name }}'
charset: 'UTF8'
locale: '{{ volkszaehler__locale }}'
security:
maxbodysize: '{{ volkszaehler__max_file_size }}'
# ]]]
# .. envvar:: volkszaehler__config [[[
#
# This dict is intended to be used in Ansibles global inventory as needed.
volkszaehler__config: {}
# ]]]
# .. envvar:: volkszaehler__group_config [[[
#
# This dict is intended to be used in a host inventory group of Ansible
# (only one host group is supported) as needed.
volkszaehler__group_config: {}
# ]]]
# .. envvar:: volkszaehler__host_config [[[
#
# This dict is intended to be used in the inventory of hosts as needed.
volkszaehler__host_config: {}
# ]]]
# .. envvar:: volkszaehler__combined_config [[[
#
# The configuration written to :file:`etc/volkszaehler.conf.php`.
volkszaehler__combined_config: '{{ volkszaehler__upstream_config
| combine(volkszaehler__role_config,
volkszaehler__config,
volkszaehler__group_config,
volkszaehler__host_config) }}'
# ]]]
# ]]]
# Configuration for other Ansible roles [[[
# -----------------------------------------
# .. envvar:: volkszaehler__mariadb__dependent_databases [[[
#
# Configuration of the volkszaehler database managed by the debops.mariadb_ role.
volkszaehler__mariadb__dependent_databases:
- database: '{{ volkszaehler__database_name }}'
state: '{{ "present" if (volkszaehler__deploy_state != "purged") else "absent" }}'
# ]]]
# .. envvar:: volkszaehler__mariadb__dependent_users [[[
#
# Configuration of the volkszaehler database user managed by the debops.mariadb_ role.
volkszaehler__mariadb__dependent_users:
- database: '{{ volkszaehler__database_name }}'
state: '{{ "present" if (volkszaehler__deploy_state == "present") else "absent" }}'
user: '{{ volkszaehler__database_user }}'
owner: '{{ volkszaehler__user }}'
group: '{{ volkszaehler__group }}'
home: '{{ volkszaehler__home_path }}'
system: True
password: '{{ volkszaehler__database_password }}'
priv_default: False
priv_aux: False
priv: '{{ volkszaehler__database_user_priv }}'
# ]]]
# .. envvar:: volkszaehler__php__dependent_packages [[[
#
# List of PHP packages to install using the debops.php_ role.
volkszaehler__php__dependent_packages:
- '{{ volkszaehler__base_php_packages }}'
- '{{ volkszaehler__optional_php_packages }}'
# ]]]
# .. envvar:: volkszaehler__php__dependent_pools [[[
#
# Configuration of the volkszaehler PHP-FPM pool managed by the debops.php_ role.
volkszaehler__php__dependent_pools:
- name: 'volkszaehler'
user: '{{ volkszaehler__user }}'
group: '{{ volkszaehler__group }}'
owner: '{{ volkszaehler__user }}'
home: '{{ volkszaehler__home }}'
state: '{{ "present" if (volkszaehler__deploy_state == "present") else "absent" }}'
php_admin_values:
post_max_size: '{{ volkszaehler__max_file_size }}'
upload_max_filesize: '{{ volkszaehler__max_file_size }}'
# ]]]
# .. envvar:: volkszaehler__nginx__dependent_upstreams [[[
#
# Configuration of the volkszaehler nginx upstream, used by the debops.nginx_
# Ansible role.
volkszaehler__nginx__dependent_upstreams:
- name: 'php_volkszaehler'
type: 'php'
php_pool: 'volkszaehler'
state: '{{ "present" if (volkszaehler__deploy_state == "present") else "absent" }}'
# ]]]
# .. envvar:: volkszaehler__nginx__dependent_servers [[[
#
# Configuration of the volkszaehler nginx server, used by the debops.nginx_
# Ansible role.
volkszaehler__nginx__dependent_servers:
- name: '{{ volkszaehler__fqdn }}'
filename: 'debops.volkszaehler'
by_role: 'debops-contrib.volkszaehler'
state: '{{ "present" if (volkszaehler__deploy_state == "present") else "absent" }}'
type: 'php'
root: '{{ volkszaehler__www_path }}'
php_upstream: 'php_volkszaehler'
csp: "default-src 'self'; connect-src * ws: wss: http: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline';"
csp_enabled: True
php_limit_except: '{{ volkszaehler__webserver_http_methods }}'
options: |
client_max_body_size {{ volkszaehler__max_file_size }};
client_body_buffer_size 128k;
location:
'/': |
rewrite ^/middleware/(.*) /middleware.php/$1 last;
rewrite ^/frontend/(.*) /$1 last;
# ]]]
# .. envvar:: volkszaehler__apache__dependent_vhosts [[[
#
# Apache virtual host managed by the debops.apache_ role.
volkszaehler__apache__dependent_vhosts:
- type: 'default'
name: '{{ volkszaehler__fqdn }}'
filename: 'debops.volkszaehler'
by_role: 'debops-contrib.volkszaehler'
state: '{{ "present" if (volkszaehler__deploy_state == "present") else "absent" }}'
root: '{{ volkszaehler__www_path }}'
webroot_create: False
options: 'Indexes FollowSymLinks MultiViews'
allow_override: 'FileInfo Limit Options Indexes AuthConfig'
# ]]]
# ]]]
# ]]]

5
ansible_collections/debops/debops/roles/volkszaehler/docs/changelog.rst Normal file
View file

@ -0,0 +1,5 @@
.. Copyright (C) 2017 Robin Schneider <ypid@riseup.net>
.. Copyright (C) 2017 DebOps <https://debops.org/>
.. SPDX-License-Identifier: GPL-3.0-only
.. include:: ../CHANGES.rst

8
ansible_collections/debops/debops/roles/volkszaehler/docs/copyright.rst Normal file
View file

@ -0,0 +1,8 @@
.. Copyright (C) 2017 Robin Schneider <ypid@riseup.net>
.. Copyright (C) 2017 DebOps <https://debops.org/>
.. SPDX-License-Identifier: GPL-3.0-only
Copyright
=========
.. literalinclude:: ../COPYRIGHT

114
ansible_collections/debops/debops/roles/volkszaehler/docs/getting-started.rst Normal file
View file

@ -0,0 +1,114 @@
.. Copyright (C) 2017 Robin Schneider <ypid@riseup.net>
.. Copyright (C) 2017 DebOps <https://debops.org/>
.. SPDX-License-Identifier: GPL-3.0-only
.. _volkszaehler__ref_getting_started:
Getting started
===============
.. include:: includes/all.rst
.. contents::
:local:
Database support
----------------
It is recommended that you install a database server. You can install one on
the same host as volkszaehler or choose a different host:
.. code-block:: none
[debops_service_mariadb_server]
hostname
In case you chose a different host, you will need to specify which of your
database servers the volkszaehler instance should use by specifying the database
server host as :envvar:`volkszaehler__database_server`.
Webserver support
-----------------
The following two webservers are supported by the role:
* Apache_ using debops.apache_.
* Nginx_ using debops.nginx_.
The role maintainer has chosen Nginx as webserver for his deployments.
He added Apache support because he is very familiar with debops.apache_ (author).
Note that integration testing is done with debops.nginx_ only, currently.
In case you chose Apache, you dont need PHP FPM which debops.php_ might
install by default.
To ensure that FPM is not going to be installed, add the following to your
inventory:
.. code-block:: yaml
php__server_api_packages:
- 'cli'
Example inventory
-----------------
To manage volkszaehler on a given host or set of hosts, they need to be added
to the ``[debops_service_volkszaehler_${webserver}]`` Ansible group in the inventory:
.. code:: ini
[debops_service_volkszaehler_apache]
hostname
[debops_service_mariadb_server]
hostname
[debops_service_volkszaehler_nginx]
hostname2
Example playbook
----------------
Ansible playbook that uses the ``debops-contrib.volkszaehler`` role together
with debops.apache_:
.. literalinclude:: playbooks/volkszaehler-apache.yml
:language: yaml
:lines: 1,5-
Ansible playbook that uses the ``debops-contrib.volkszaehler`` role together
with debops.nginx_:
.. literalinclude:: playbooks/volkszaehler-nginx.yml
:language: yaml
:lines: 1,5-
These playbooks are shipped with this role under
:file:`./docs/playbooks/` from which you can symlink them to your
playbook directory.
In case you use multiple `DebOps Contrib`_ roles, consider using the
`DebOps Contrib playbooks`_.
Ansible tags
------------
You can use Ansible ``--tags`` or ``--skip-tags`` parameters to limit what
tasks are performed during Ansible run. This can be used after a host was first
configured to speed up playbook execution, when you are sure that most of the
configuration is already in the desired state.
Available role tags:
``role::volkszaehler:env``
Environment role tag, should be used in the playbook to execute a special
environment role contained in the main role. The environment role prepares
the environment for other dependency roles to work correctly.
``role::volkszaehler``
Main role tag, should be used in the playbook to execute all of the role
tasks as well as role dependencies.
``role::volkszaehler:pkgs``
Tasks related to system package management like installing or
removing packages.

6
ansible_collections/debops/debops/roles/volkszaehler/docs/includes/all.rst Normal file
View file

@ -0,0 +1,6 @@
.. Copyright (C) 2017 Robin Schneider <ypid@riseup.net>
.. Copyright (C) 2017 DebOps <https://debops.org/>
.. SPDX-License-Identifier: GPL-3.0-only
.. include:: includes/global.rst
.. include:: includes/role.rst

6
ansible_collections/debops/debops/roles/volkszaehler/docs/includes/role.rst Normal file
View file

@ -0,0 +1,6 @@
.. Copyright (C) 2017 Robin Schneider <ypid@riseup.net>
.. Copyright (C) 2017 DebOps <https://debops.org/>
.. SPDX-License-Identifier: GPL-3.0-only
.. _volkszaehler.org: https://volkszaehler.org/
.. _volkszaehler: https://volkszaehler.org/

23
ansible_collections/debops/debops/roles/volkszaehler/docs/index.rst Normal file
View file

@ -0,0 +1,23 @@
.. Copyright (C) 2017 Robin Schneider <ypid@riseup.net>
.. Copyright (C) 2017 DebOps <https://debops.org/>
.. SPDX-License-Identifier: GPL-3.0-only
.. _debops-contrib.volkszaehler:
Ansible role: debops-contrib.volkszaehler
=========================================
.. toctree::
:maxdepth: 2
introduction
getting-started
defaults
copyright
changelog
..
Local Variables:
mode: rst
ispell-local-dictionary: "american"
End:

33
ansible_collections/debops/debops/roles/volkszaehler/docs/introduction.rst Normal file
View file

@ -0,0 +1,33 @@
.. Copyright (C) 2017 Robin Schneider <ypid@riseup.net>
.. Copyright (C) 2017 DebOps <https://debops.org/>
.. SPDX-License-Identifier: GPL-3.0-only
Introduction
============
.. include:: includes/all.rst
The ``debops-contrib.volkszaehler`` role allows to setup your own volkszaehler.org_ instance.
volkszaehler.org is a free smart meter implementation with focus on data privacy.
A volkszaehler instance consists of a middleware written in PHP which is backed by a SQL database.
The middleware provides an API for frontends to query data and for controllers to insert data.
This role installs the default middleware together with the
default/bundled HTML/JavaScript frontend.
Installation
~~~~~~~~~~~~
This role requires at least Ansible ``v2.1.5``. To install it, run:
.. code-block:: console
ansible-galaxy install debops-contrib.volkszaehler
..
Local Variables:
mode: rst
ispell-local-dictionary: "american"
End:

72
ansible_collections/debops/debops/roles/volkszaehler/docs/playbooks/volkszaehler-apache.yml Normal file
View file

@ -0,0 +1,72 @@
---
# Copyright (C) 2017 Robin Schneider <ypid@riseup.net>
# Copyright (C) 2017 DebOps <https://debops.org/>
# SPDX-License-Identifier: GPL-3.0-only
- name: Setup and manage volkszaehler with Apache as webserver
collections: [ 'debops.debops', 'debops.roles01',
'debops.roles02', 'debops.roles03' ]
hosts: [ 'debops_service_volkszaehler_apache' ]
become: True
environment: '{{ inventory__environment | d({})
| combine(inventory__group_environment | d({}))
| combine(inventory__host_environment | d({})) }}'
pre_tasks:
- name: Prepare volkszaehler environment
ansible.builtin.import_role:
name: 'volkszaehler'
tasks_from: 'main_env'
tags: [ 'role::volkszaehler', 'role::volkszaehler:env', 'role::mariadb' ]
- name: Prepare php environment
ansible.builtin.import_role:
name: 'php'
tasks_from: 'main_env'
tags: [ 'role::php', 'role::php:env', 'role::logrotate' ]
- name: Prepare apache environment
ansible.builtin.import_role:
name: 'apache'
tasks_from: 'main_env'
tags: [ 'role::apache', 'role::apache:env' ]
roles:
- role: apt_preferences
tags: [ 'role::apt_preferences' ]
apt_preferences__dependent_list:
- '{{ php__apt_preferences__dependent_list }}'
- role: ferm
tags: [ 'role::ferm', 'skip::ferm' ]
ferm__dependent_rules:
- '{{ apache__ferm__dependent_rules }}'
- role: mariadb
tags: [ 'role::mariadb' ]
mariadb__dependent_databases: '{{ volkszaehler__mariadb__dependent_databases }}'
mariadb__dependent_users: '{{ volkszaehler__mariadb__dependent_users }}'
when: (volkszaehler__database == 'mariadb')
- role: php
tags: [ 'role::php' ]
php__dependent_packages:
- '{{ volkszaehler__php__dependent_packages }}'
php__dependent_pools:
- '{{ volkszaehler__php__dependent_pools }}'
- role: logrotate
tags: [ 'role::logrotate' ]
logrotate__dependent_config:
- '{{ php__logrotate__dependent_config }}'
- role: apache
tags: [ 'role::apache' ]
apache__dependent_vhosts:
- '{{ volkszaehler__apache__dependent_vhosts }}'
- role: volkszaehler
tags: [ 'role::volkszaehler' ]

69
ansible_collections/debops/debops/roles/volkszaehler/docs/playbooks/volkszaehler-nginx.yml Normal file
View file

@ -0,0 +1,69 @@
---
# Copyright (C) 2017 Robin Schneider <ypid@riseup.net>
# Copyright (C) 2017 DebOps <https://debops.org/>
# SPDX-License-Identifier: GPL-3.0-only
- name: Setup and manage volkszaehler with Nginx as webserver
collections: [ 'debops.debops', 'debops.roles01',
'debops.roles02', 'debops.roles03' ]
hosts: [ 'debops_service_volkszaehler_nginx' ]
become: True
environment: '{{ inventory__environment | d({})
| combine(inventory__group_environment | d({}))
| combine(inventory__host_environment | d({})) }}'
pre_tasks:
- name: Prepare volkszaehler environment
ansible.builtin.import_role:
name: 'volkszaehler'
tasks_from: 'main_env'
tags: [ 'role::volkszaehler', 'role::volkszaehler:env', 'role::mariadb' ]
- name: Prepare php environment
ansible.builtin.import_role:
name: 'php'
tasks_from: 'main_env'
tags: [ 'role::php', 'role::php:env', 'role::logrotate' ]
roles:
- role: apt_preferences
tags: [ 'role::apt_preferences' ]
apt_preferences__dependent_list:
- '{{ nginx__apt_preferences__dependent_list }}'
- '{{ php__apt_preferences__dependent_list }}'
- role: ferm
tags: [ 'role::ferm', 'skip::ferm' ]
ferm__dependent_rules:
- '{{ nginx__ferm__dependent_rules }}'
- role: mariadb
tags: [ 'role::mariadb' ]
mariadb__dependent_databases: '{{ volkszaehler__mariadb__dependent_databases }}'
mariadb__dependent_users: '{{ volkszaehler__mariadb__dependent_users }}'
when: (volkszaehler__database == 'mariadb')
- role: php
tags: [ 'role::php' ]
php__dependent_packages:
- '{{ volkszaehler__php__dependent_packages }}'
php__dependent_pools:
- '{{ volkszaehler__php__dependent_pools }}'
- role: logrotate
tags: [ 'role::logrotate' ]
logrotate__dependent_config:
- '{{ php__logrotate__dependent_config }}'
- role: nginx
tags: [ 'role::nginx' ]
nginx__dependent_upstreams:
- '{{ volkszaehler__nginx__dependent_upstreams }}'
nginx__dependent_servers:
- '{{ volkszaehler__nginx__dependent_servers }}'
- role: volkszaehler
tags: [ 'role::volkszaehler' ]

10
ansible_collections/debops/debops/roles/volkszaehler/docs/playbooks/volkszaehler.yml Normal file
View file

@ -0,0 +1,10 @@
---
# Copyright (C) 2017 Robin Schneider <ypid@riseup.net>
# Copyright (C) 2017 DebOps <https://debops.org/>
# SPDX-License-Identifier: GPL-3.0-only
- name: Manage Volkszaehler with Apache frontend
import_playbook: 'volkszaehler-apache.yml'
- name: Manage Volkszaehler with nginx frontend
import_playbook: 'volkszaehler-nginx.yml'

32
ansible_collections/debops/debops/roles/volkszaehler/meta/main.yml Normal file
View file

@ -0,0 +1,32 @@
---
# Copyright (C) 2017 Robin Schneider <ypid@riseup.net>
# Copyright (C) 2017-2022 DebOps <https://debops.org/>
# SPDX-License-Identifier: GPL-3.0-only
# Ensure that custom Ansible plugins and modules included in the main DebOps
# collection are available to roles in other collections.
collections: [ 'debops.debops' ]
dependencies: []
galaxy_info:
author: 'Robin Schneider'
description: 'Setup and manage volkszaehler'
company: 'DebOps'
license: 'GPL-3.0-only'
min_ansible_version: '2.1.5'
platforms:
- name: 'Ubuntu'
versions: [ 'all' ]
- name: 'Debian'
versions: [ 'all' ]
galaxy_tags:
- smartmeter
- smarthome
- logging
- web

151
ansible_collections/debops/debops/roles/volkszaehler/tasks/main.yml Normal file
View file

@ -0,0 +1,151 @@
---
# Copyright (C) 2017 Robin Schneider <ypid@riseup.net>
# Copyright (C) 2017 DebOps <https://debops.org/>
# SPDX-License-Identifier: GPL-3.0-only
- name: Import DebOps global handlers
ansible.builtin.import_role:
name: 'global_handlers'
- name: Import DebOps secret role
ansible.builtin.import_role:
name: 'secret'
# System packages [[[
- name: Ensure specified packages are in there desired state
ansible.builtin.package:
name: '{{ q("flattened", (volkszaehler__base_packages
+ volkszaehler__optional_packages
+ volkszaehler__packages)) }}'
state: '{{ "present" if (volkszaehler__deploy_state in ["present"]) else "absent" }}'
register: volkszaehler__register_packages
until: volkszaehler__register_packages is succeeded
tags: [ 'role::volkszaehler:pkgs' ]
# ]]]
# System user and group [[[
- name: Create volkszaehler system group
ansible.builtin.group:
name: '{{ volkszaehler__group }}'
state: '{{ "present" if (volkszaehler__deploy_state == "present") else "absent" }}'
system: True
- name: Create volkszaehler system user
ansible.builtin.user:
name: '{{ volkszaehler__user }}'
group: '{{ volkszaehler__group }}'
home: '{{ volkszaehler__home_path }}'
comment: '{{ volkszaehler__gecos }}'
shell: '{{ volkszaehler__shell }}'
state: '{{ "present" if (volkszaehler__deploy_state == "present") else "absent" }}'
system: True
# ]]]
- name: Enable required Apache modules
community.general.apache2_module:
name: '{{ item.key }}'
state: '{{ item.value.state | d("present") }}'
when: (volkszaehler__webserver == "apache")
with_dict: '{{ volkszaehler__apache_modules }}'
- name: Clone volkszaehler git repository
ansible.builtin.git:
repo: '{{ volkszaehler__git_repo }}'
dest: '{{ volkszaehler__git_dest }}'
version: '{{ volkszaehler__git_version }}'
recursive: '{{ volkszaehler__git_recursive | bool }}'
update: '{{ volkszaehler__git_update | bool }}'
become: True
become_user: '{{ volkszaehler__user }}'
register: volkszaehler__register_git
when: (volkszaehler__deploy_state == "present")
- name: Install volkszaehler config file
ansible.builtin.template:
src: 'etc/volkszaehler.conf.php.j2'
dest: '{{ volkszaehler__git_dest }}/etc/volkszaehler.conf.php'
owner: '{{ volkszaehler__config_user }}'
group: '{{ volkszaehler__config_group }}'
mode: '0640'
validate: 'php -f %s'
when: (volkszaehler__deploy_state == "present")
- name: Install PHP dependencies with composer
community.general.composer: # noqa no-handler
command: 'require'
working_dir: '{{ volkszaehler__git_dest }}'
environment:
PATH: '{{ ansible_env.PATH }}:/usr/local/bin'
register: volkszaehler__register_composer
until: volkszaehler__register_composer is succeeded
become: True
become_user: '{{ volkszaehler__user }}'
when: volkszaehler__register_git is changed
# Database initialization [[[
- name: Write database initialization SQL dump
ansible.builtin.shell: php {{ (volkszaehler__git_dest + "/misc/tools/doctrine") | quote }} \
orm:schema-tool:create --dump-sql > {{ (volkszaehler__home_path + "/create_db.sql") | quote }}
become: True
become_user: '{{ volkszaehler__user }}'
register: volkszaehler__register_sql_init_dump
changed_when: volkszaehler__register_sql_init_dumo.changed | bool
when: (not (ansible_local.volkszaehler[volkszaehler__database + "_initialized"] | bool
if (ansible_local | d() and ansible_local.volkszaehler | d() and
ansible_local.volkszaehler[volkszaehler__database + "_initialized"] | d())
else False))
- name: Import database initialization SQL dump
community.mysql.mysql_db: # noqa no-handler
name: '{{ volkszaehler__database_name }}'
target: '{{ (volkszaehler__home_path + "/create_db.sql") | quote }}'
state: 'import'
login_unix_socket: '/run/mysqld/mysqld.sock'
when: (volkszaehler__register_sql_init_dump is changed and volkszaehler__database in ['mariadb'])
- name: Insert demo data into database
ansible.builtin.shell: set -o nounset -o pipefail -o errexit &&
cat {{ (volkszaehler__git_dest + "/misc/sql/demo.sql") | quote }} | mysql {{ volkszaehler__database_name }}
args:
executable: 'bash'
become: True
become_user: '{{ volkszaehler__user }}'
register: volkszaehler__register_demo_data
changed_when: volkszaehler__register_demo_data.changed | bool
when: (not (ansible_local.volkszaehler[volkszaehler__database + "_demo_insert"] | bool
if (ansible_local | d() and ansible_local.volkszaehler | d() and
ansible_local.volkszaehler[volkszaehler__database + "_demo_insert"] | d())
else False)) and (volkszaehler__database_demo_insert | bool)
# ]]]
- name: Generate proxy classes
ansible.builtin.command: php {{ (volkszaehler__git_dest + "/misc/tools/doctrine") | quote }} orm:generate-proxies
become: True
become_user: '{{ volkszaehler__user }}'
changed_when: False
when: (volkszaehler__deploy_state == "present")
# Ansible local facts [[[
- name: Make sure that Ansible local facts directory is present
ansible.builtin.file:
path: '/etc/ansible/facts.d'
state: 'directory'
owner: 'root'
group: 'root'
mode: '0755'
when: (volkszaehler__deploy_state == "present")
- name: Save volkszaehler local facts
ansible.builtin.template:
src: 'etc/ansible/facts.d/volkszaehler.fact.j2'
dest: '/etc/ansible/facts.d/volkszaehler.fact'
owner: 'root'
group: 'root'
mode: '0644'
notify: [ 'Refresh host facts' ]
when: (volkszaehler__deploy_state == "present")
tags: [ 'meta::facts' ]
- name: Gather facts if they were modified
ansible.builtin.meta: 'flush_handlers'
# ]]]

15
ansible_collections/debops/debops/roles/volkszaehler/tasks/main_env.yml Normal file
View file

@ -0,0 +1,15 @@
---
# vim: foldmarker=[[[,]]]:foldmethod=marker
# Copyright (C) 2017 Robin Schneider <ypid@riseup.net>
# Copyright (C) 2017 DebOps <https://debops.org/>
# SPDX-License-Identifier: GPL-3.0-only
- name: Ensure the parent directory for volkszaehler home exists
ansible.builtin.file:
path: '{{ volkszaehler__home_path | dirname }}'
state: 'directory'
owner: 'root'
group: 'root'
mode: '0755'
when: (volkszaehler__deploy_state == "present")

11
ansible_collections/debops/debops/roles/volkszaehler/templates/etc/ansible/facts.d/volkszaehler.fact.j2 Normal file
View file

@ -0,0 +1,11 @@
{# Copyright (C) 2017 Robin Schneider <ypid@riseup.net>
# Copyright (C) 2017 DebOps <https://debops.org/>
# SPDX-License-Identifier: GPL-3.0-only
#}
{{ ({
"enabled": True,
"database": volkszaehler__database,
"webserver": volkszaehler__webserver,
(volkszaehler__database + "_initialized"): True,
(volkszaehler__database + "_demo_insert"): volkszaehler__database_demo_insert | bool,
}) | to_nice_json }}

9
ansible_collections/debops/debops/roles/volkszaehler/templates/etc/volkszaehler.conf.php.j2 Normal file
View file

@ -0,0 +1,9 @@
{# Copyright (C) 2017 Robin Schneider <ypid@riseup.net>
# Copyright (C) 2017 DebOps <https://debops.org/>
# SPDX-License-Identifier: GPL-3.0-only
#}
<?php
/* {{ ansible_managed }} */
$config = json_decode('{{ volkszaehler__combined_config | to_nice_json }}', true);
?>