blob: 89b4ddee1e53f13beb261d1b02e0289daa9fc08b (
plain) (
tree)
|
|
---
- name: Create doorman user
user:
comment: 'Doorman Doris'
name: doorman
shell: '/bin/bash'
uid: 3000
group: users
groups:
- dialout
- gpio
- name: Check out lockserver repo
git:
dest: '~doorman/lockserver'
repo: 'https://github.com/labitat/lockserver.git'
accept_hostkey: yes
clone: yes
update: yes
remote: origin
- name: Make sure doorman owns git repo
file:
dest: '~doorman/lockserver'
owner: doorman
group: users
recurse: yes
- name: Initialize database
command:
argv:
- '/usr/bin/sqlite3'
- 'users.db'
- '.read lockserver/structure.sql'
become_user: doorman
args:
chdir: '/home/doorman'
creates: '/home/doorman/users.db'
- name: Make sure ~doorman/.config exists
file:
dest: '~doorman/.config'
state: directory
owner: doorman
group: users
mode: 0700
- name: Create lockserver.ini
vars:
lockserver_conf: '{{ lockserver_conf_role|combine(lockserver_conf_secrets) }}'
ini_file:
path: '~doorman/.config/lockserver.ini'
section: "{{ item.key.split('.',1)[0] }}"
option: "{{ item.key.split('.',1)[1] }}"
value: "{{ (item.value is string)|ternary(item.value,omit) }}"
state: "{{ (item.value is string)|ternary('present','absent') }}"
owner: doorman
group: users
mode: 0600
with_dict: '{{ lockserver_conf }}'
when: lockserver_conf_secrets|length > 0
- name: Install lockserver service
copy:
dest: '/etc/systemd/system/lockserver.service'
src: lockserver.service
owner: root
group: root
mode: 0644
register: lockserver_service
- name: Reload systemd
command: systemctl daemon-reload
when: lockserver_service is changed
- name: Enable lockserver service
systemd:
name: lockserver.service
enabled: yes
masked: no
state: started
# vim: set ts=2 sw=2 et:
|