Browse Source

Add ansible galaxy structure, README and optimized a bit

pull/1/head
Leo Maroni 9 months ago
parent
commit
971b2a9276
No known key found for this signature in database GPG Key ID: B1ADA545CD2CBACD
10 changed files with 196 additions and 19 deletions
  1. +29
    -0
      .travis.yml
  2. +21
    -0
      LICENSE
  3. +57
    -0
      README.md
  4. +20
    -13
      defaults/main.yml
  5. +49
    -0
      meta/main.yml
  6. +1
    -1
      tasks/config.yml
  7. +7
    -0
      tasks/main.yml
  8. +5
    -5
      templates/config.json.j2
  9. +2
    -0
      tests/inventory
  10. +5
    -0
      tests/test.yml

+ 29
- 0
.travis.yml View File

@ -0,0 +1,29 @@
---
language: python
python: "3.8"
# Use the new container infrastructure
sudo: false
# Install ansible
addons:
apt:
packages:
- python-pip
install:
# Install ansible
- pip install ansible
# Check ansible version
- ansible --version
# Create ansible.cfg with correct roles_path
- printf '[defaults]\nroles_path=../' >ansible.cfg
script:
# Basic role syntax check
- ansible-playbook tests/test.yml -i tests/inventory --syntax-check
notifications:
webhooks: https://galaxy.ansible.com/api/v1/notifications/

+ 21
- 0
LICENSE View File

@ -0,0 +1,21 @@
MIT License
Copyright (c) 2020 Leo 'em0lar' Maroni
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

+ 57
- 0
README.md View File

@ -0,0 +1,57 @@
# Ansible role for HedgeDoc
Ansible role for installing and configuring HedgeDoc without Docker
## Requirements
* Node.js (for example with [geerlingguy.nodejs](https://github.com/geerlingguy/ansible-role-nodejs))
* Yarn package manager (for example with [ocha.yarn](https://github.com/ocha/ansible-role-yarn))
## Role Variables
### General (required)
| Variable Name | Function | example value |
| ------------- | -------- | ------- |
| `hedgedoc_domain` | Main domain of HedgeDoc | `hedgedoc.example.org` |
| `hedgedoc_session_secret` | Cookie session secret used to sign the session cookie | `ThisIsSecret!Do_not_useMe` |
### Database (required)
| Variable Name | Function | default | comment |
| ------------- | -------- | ------- | ------- |
| `hedgedoc_db_dialect` | Dialect of the database | `postgres` | one of `mysql`, `postgres`, `sqlite` and `mssql` |
| `hedgedoc_db_host` | Host the database is running on | `localhost` | |
| `hedgedoc_db_username` | Username of the database | `hedgedoc` | |
| `hedgedoc_db_password` | Password of the database user | | |
| `hedgedoc_db_port` | Port of the database server | `localhost` | |
| `hedgedoc_db_storage` | Path to the sqlite file | | (only required and used when using sqlite) |
### General (optional)
| Variable Name | Function | default | comment |
| ------------- | -------- | ------- | ------- |
| `hedgedoc_port` | Port HedgeDoc will listen on | `3000` | |
| `hedgedoc_allowed_origins` | Domain name whitelist | `[ "{{ hedgedoc_domain }}" ]` | |
| `hedgedoc_upload_type` | Where to upload images | `filesystem` | |
| `hedgedoc_loglevel` | Kinds of log HedgeDoc will output to stdout | `warn` | one of `debug`, `verbose`, `info`, `warn` and `error` |
| `hedgedoc_additional_config` | Plain text block added to the configuration file | | |
### Security (optional)
| Variable Name | Function | default | comment |
| ------------- | -------- | ------- | ------- |
| `hedgedoc_hsts_enable` | Enable [HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) | `true` | |
| `hedgedoc_csp_enable` | Enable [CSP](https://en.wikipedia.org/wiki/Content_Security_Policy) | `true` | |
### Login and privileges (optional)
| Variable Name | Function | default | comment |
| ------------- | -------- | ------- | ------- |
| `hedgedoc_allow_email_login` | Enable Login with E-Mail | `true` | |
| `hedgedoc_allow_email_register` | Enable Registration (on web-interface) with E-Mail | `true` | |
| `hedgedoc_allow_free_url` | Allow creating notes by accessing a non-existent note url | `true` | |
| `hedgedoc_allow_anonymous` | Allow anonymous (not logged in) access | `true` | |
| `hedgedoc_allow_anonymous_edits` | Allow users to set note permission to `freely` to allow not logged in users editing notes | `true` | |
## Dependencies
This role does not have any dependencies.
## License
MIT

+ 20
- 13
defaults/main.yml View File

@ -1,18 +1,27 @@
hedgedoc_version: 1.7.0-rc1
hedgedoc_source: https://github.com/hedgedoc/hedgedoc/releases/download/{{ hedgedoc_version }}/hedgedoc-{{ hedgedoc_version }}.tar.gz
---
hedgedoc_version: "1.7.0-rc1"
hedgedoc_source: "https://github.com/hedgedoc/hedgedoc/releases/download/{{ hedgedoc_version }}/hedgedoc-{{ hedgedoc_version }}.tar.gz"
hedgedoc_base_path: /opt/hedgedoc
hedgedoc_base_path: "/opt/hedgedoc"
hedgedoc_user: hedgedoc
hedgedoc_group: hedgedoc
hedgedoc_user: "hedgedoc"
hedgedoc_group: "hedgedoc"
hedgedoc_db_dialect: postgres
hedgedoc_db_host: localhost
hedgedoc_db_database: hedgedoc
hedgedoc_db_port: 5432
hedgedoc_db_username: hedgedoc
hedgedoc_loglevel: "warn"
hedgedoc_config_template_path: config.json.j2
hedgedoc_db_dialect: "postgres"
hedgedoc_db_host: "localhost"
hedgedoc_db_username: "hedgedoc"
hedgedoc_db_password: ""
hedgedoc_db_database: "hedgedoc"
hedgedoc_db_port: "5432"
hedgedoc_db_storage: ""
hedgedoc_allowed_origins: [
"{{ hedgedoc_domain }}"
]
hedgedoc_port: 3000
hedgedoc_upload_type: "filesystem"
hedgedoc_allow_email_login: true
hedgedoc_allow_email_register: true
@ -22,5 +31,3 @@ hedgedoc_allow_anonymous: true
hedgedoc_csp_enable: true
hedgedoc_hsts_enable: true
hedgedoc_allow_pdf_export: true
hedgedoc_upload_type: "filesystem"

+ 49
- 0
meta/main.yml View File

@ -0,0 +1,49 @@
galaxy_info:
author: Leo 'em0lar' Maroni
description: Ansible role for installing and configuring HedgeDoc without Docker
# company: your company (optional)
# If the issue tracker for your role is not on github, uncomment the
# next line and provide a value
# issue_tracker_url: http://example.com/issue/tracker
# Choose a valid license ID from https://spdx.org - some suggested licenses:
# - BSD-3-Clause (default)
# - MIT
# - GPL-2.0-or-later
# - GPL-3.0-only
# - Apache-2.0
# - CC-BY-4.0
license: MIT
min_ansible_version: 2.1
# If this a Container Enabled role, provide the minimum Ansible Container version.
# min_ansible_container_version:
#
# Provide a list of supported platforms, and for each platform a list of versions.
# If you don't wish to enumerate all versions for a particular platform, use 'all'.
# To view available platforms and versions (or releases), visit:
# https://galaxy.ansible.com/api/v1/platforms/
#
platforms:
- name: Debian
versions:
- all
- name: Ubuntu
versions:
- all
galaxy_tags:
- hedgedoc
# List tags for your role here, one per line. A tag is a keyword that describes
# and categorizes the role. Users find roles by searching for tags. Be sure to
# remove the '[]' above, if you add tags to this list.
#
# NOTE: A tag is limited to a single word comprised of alphanumeric characters.
# Maximum 20 tags per role.
dependencies: []
# List your role dependencies here, one per line. Be sure to remove the '[]' above,
# if you add dependencies to this list.

+ 1
- 1
tasks/config.yml View File

@ -1,7 +1,7 @@
---
- name: Upload config.json
template:
src: "{{ hedgedoc_config_template_path }}"
src: "config.json.j2"
dest: "{{ hedgedoc_base_path }}/config.json"
owner: "{{ hedgedoc_user }}"
group: "{{ hedgedoc_group }}"


+ 7
- 0
tasks/main.yml View File

@ -13,6 +13,13 @@
shell: "/bin/false"
system: yes
- name: Install requirements
package:
name:
- sudo
- git
state: present
- import_tasks: "install.yml"
- import_tasks: "config.yml"


+ 5
- 5
templates/config.json.j2 View File

@ -1,15 +1,15 @@
{
"production": {
"loglevel": "{{ hedgedoc_loglevel | default('warn') }}",
"loglevel": "{{ hedgedoc_loglevel }}",
"imageUploadType": "{{ hedgedoc_upload_type }}",
"allowPDFExport": {{ hedgedoc_allow_pdf_export | bool | lower }},
"db": {
"username": "{{ hedgedoc_db_username }}",
"password": "{{ hedgedoc_db_password }}",
"database": "{{ hedgedoc_db_database }}",
"host": "{{ hedgedoc_db_host }}",
"port": "{{ hedgedoc_db_port }}",
"dialect": "{{ hedgedoc_db_dialect }}"
"dialect": "{{ hedgedoc_db_dialect }}",
"storage": "{{ hedgedoc_db_storage }}"
},
"tmpPath": "/tmp/",
"docsPath": "./public/docs",
@ -27,14 +27,14 @@
"preload": true
},
"csp": {
"enable": true,
"enable": {{ hedgedoc_csp_enable | bool | lower }},
"directives": {
"scriptSrc": "{{ hedgedoc_domain }}",
"styleSrc": "{{ hedgedoc_domain }}",
"fontSrc": "{{ hedgedoc_domain }}"
},
"upgradeInsecureRequests": "auto",
"addDefaults": {{ hedgedoc_csp_enable | bool | lower }}
"addDefaults": true
},
"allowAnonymous": {{ hedgedoc_allow_anonymous | bool | lower }},
"allowAnonymousEdits": {{ hedgedoc_allow_anonymous_edits | bool | lower }},


+ 2
- 0
tests/inventory View File

@ -0,0 +1,2 @@
localhost

+ 5
- 0
tests/test.yml View File

@ -0,0 +1,5 @@
---
- hosts: localhost
remote_user: root
roles:
- ./

Loading…
Cancel
Save