99 lines
3.2 KiB
YAML
99 lines
3.2 KiB
YAML
---
|
|
- name: Set system settings to registry
|
|
xoxys.general.ucr:
|
|
path: "{{ item.path }}"
|
|
value: "{{ item.value }}"
|
|
state: "{{ item.state | default('present') }}"
|
|
loop: "{{ __usc_registry_settings + ucs_registry_extra }}"
|
|
loop_control:
|
|
label: "{{ item.path }}={{ item.value }}"
|
|
|
|
- name: Create system groups
|
|
community.general.udm_group:
|
|
name: "{{ item.name }}"
|
|
description: "{{ item.description | default(omit) }}"
|
|
subpath: "{{ item.subpath | default(omit) }}"
|
|
ou: "{{ item.ou | default(omit) }}"
|
|
state: "{{ item.state | default('present') }}"
|
|
loop: "{{ ucs_system_groups }}"
|
|
loop_control:
|
|
label: "{{ item.name }}"
|
|
|
|
- name: Set acl for shares
|
|
ansible.posix.acl:
|
|
path: "{{ item.path }}"
|
|
entity: "{{ item.entity }}"
|
|
etype: "{{ item.etype }}"
|
|
permissions: "{{ item.permissions }}"
|
|
state: "{{ item.state | default('query') }}"
|
|
recursive: "{{ item.recursive | default('no') }}"
|
|
default: "{{ item.default | default('no') }}"
|
|
loop: "{{ ucs_filesystem_acl }}"
|
|
loop_control:
|
|
label: "{{ item.path }}"
|
|
|
|
- name: Setup custom cronjobs
|
|
ansible.builtin.cron:
|
|
name: "{{ item.name }}"
|
|
minute: "{{ item.minute | default(0) }}"
|
|
hour: "{{ item.hour | default(3) }}"
|
|
day: "{{ item.day | default('*') }}"
|
|
weekday: "{{ item.weekday | default('*') }}"
|
|
month: "{{ item.month | default('*') }}"
|
|
user: "{{ item.user | default('root') }}"
|
|
cron_file: univention-custom
|
|
job: "{{ item.job }}"
|
|
state: "{{ item.state | default('present') }}"
|
|
loop: "{{ ucs_cronjobs }}"
|
|
loop_control:
|
|
label: "{{ item.name }}"
|
|
|
|
- name: Configure custom TLS certificates
|
|
when: ucs_custom_tls_enabled | bool
|
|
block:
|
|
- name: Set apache2 ucr vars
|
|
xoxys.general.ucr:
|
|
path: "{{ item.path }}"
|
|
value: "{{ item.value }}"
|
|
loop:
|
|
- path: apache2/ssl/certificate
|
|
value: "{{ ucs_custom_tls_cert_path }}"
|
|
- path: apache2/ssl/key
|
|
value: "{{ ucs_custom_tls_key_path }}"
|
|
- path: saml/apache2/ssl/certificate
|
|
value: "{{ ucs_custom_tls_cert_path }}"
|
|
- path: saml/apache2/ssl/key
|
|
value: "{{ ucs_custom_tls_key_path }}"
|
|
loop_control:
|
|
label: "{{ item.path }}={{ item.value }}"
|
|
notify: __ucs_apache_restart
|
|
when: ucs_custom_tls_apache2_enabled
|
|
|
|
- name: Set dovecot ucr vars
|
|
xoxys.general.ucr:
|
|
path: "{{ item.path }}"
|
|
value: "{{ item.value }}"
|
|
loop:
|
|
- path: mail/dovecot/ssl/certificate,
|
|
value: "{{ ucs_custom_tls_cert_path }}"
|
|
- path: mail/dovecot/ssl/key
|
|
value: "{{ ucs_custom_tls_key_path }}"
|
|
loop_control:
|
|
label: "{{ item.path }}={{ item.value }}"
|
|
notify: __ucs_dovecot_restart
|
|
when: ucs_custom_tls_dovecot_enabled
|
|
|
|
- name: Set postfix ucr vars
|
|
xoxys.general.ucr:
|
|
path: "{{ item.path }}"
|
|
value: "{{ item.value }}"
|
|
loop:
|
|
- path: mail/postfix/ssl/certificate
|
|
value: "{{ ucs_custom_tls_cert_path }}"
|
|
- path: mail/postfix/ssl/key
|
|
value: "{{ ucs_custom_tls_key_path }}"
|
|
loop_control:
|
|
label: "{{ item.path }}={{ item.value }}"
|
|
notify: __ucs_postfix_restart
|
|
when: ucs_custom_tls_postfix_enabled
|