blob: a9122d1f9ad7fc61d98b43005ccec815bc60d2c2 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
|
---
- name: Create doorman user
user:
comment: 'Doorman Doris'
name: doorman
shell: '/bin/bash'
uid: 3000
group: users
groups:
- dialout
- gpio
- name: Check out lockserver repo
git:
dest: '~doorman/lockserver'
repo: 'https://github.com/labitat/lockserver.git'
accept_hostkey: yes
clone: yes
update: yes
remote: origin
- name: Make sure doorman owns git repo
file:
dest: '~doorman/lockserver'
owner: doorman
group: users
recurse: yes
- name: Initialize database
command:
argv:
- '/usr/bin/sqlite3'
- 'users.db'
- '.read lockserver/structure.sql'
become_user: doorman
args:
chdir: '/home/doorman'
creates: '/home/doorman/users.db'
- name: Make sure ~doorman/.config exists
file:
dest: '~doorman/.config'
state: directory
owner: doorman
group: users
mode: 0700
- name: Create lockserver.ini
vars:
lockserver_conf: '{{ lockserver_conf_role|combine(lockserver_conf_secrets) }}'
ini_file:
path: '~doorman/.config/lockserver.ini'
section: "{{ item.key.split('.',1)[0] }}"
option: "{{ item.key.split('.',1)[1] }}"
value: "{{ item.value|ternary(item.value,omit) }}"
state: "{{ item.value|ternary('present','absent') }}"
owner: doorman
group: users
mode: 0600
with_dict: '{{ lockserver_conf }}'
when: lockserver_conf_secrets|length > 0
- name: Install lockserver service
copy:
dest: '/etc/systemd/system/lockserver.service'
src: lockserver.service
owner: root
group: root
mode: 0644
register: lockserver_service
- name: Reload systemd
command: systemctl daemon-reload
when: lockserver_service is changed
- name: Enable lockserver service
systemd:
name: lockserver.service
enabled: yes
masked: no
state: started
# vim: set ts=2 sw=2 et:
|