summaryrefslogtreecommitdiff
path: root/roles/apps/collabora/code/instance/tasks/main.yml
diff options
context:
space:
mode:
Diffstat (limited to 'roles/apps/collabora/code/instance/tasks/main.yml')
-rw-r--r--roles/apps/collabora/code/instance/tasks/main.yml95
1 files changed, 95 insertions, 0 deletions
diff --git a/roles/apps/collabora/code/instance/tasks/main.yml b/roles/apps/collabora/code/instance/tasks/main.yml
new file mode 100644
index 00000000..b0470a5b
--- /dev/null
+++ b/roles/apps/collabora/code/instance/tasks/main.yml
@@ -0,0 +1,95 @@
+---
+- name: prepare storage volume
+ vars:
+ storage_volume: "{{ collabora_code_instances[collabora_code_instance].storage }}"
+ include_role:
+ name: "storage/{{ collabora_code_instances[collabora_code_instance].storage.type }}/volume"
+
+- set_fact:
+ collabora_code_instance_basepath: "{{ storage_volume_mountpoint }}"
+
+- name: create instance config directory
+ file:
+ path: "{{ collabora_code_instance_basepath }}/config"
+ state: directory
+ mode: 0750
+
+- name: generate configuration file
+ template:
+ src: "config/coolwsd.{{ collabora_code_instances[collabora_code_instance].version }}.xml.j2"
+ dest: "{{ collabora_code_instance_basepath }}/config/coolwsd.xml"
+
+- name: generate/install TLS certificates for publishment
+ vars:
+ x509_certificate_name: "collabora-code-{{ collabora_code_instance }}_publish"
+ x509_certificate_hostnames: []
+ x509_certificate_config:
+ ca: "{{ collabora_code_instances[collabora_code_instance].publish.zone.certificate_ca_config }}"
+ cert:
+ common_name: "collabora-code-{{ collabora_code_instance }}.{{ inventory_hostname }}"
+ extended_key_usage:
+ - serverAuth
+ extended_key_usage_critical: yes
+ create_subject_key_identifier: yes
+ not_after: +100w
+ x509_certificate_renewal:
+ install:
+ - dest: "{{ collabora_code_instance_basepath }}/config/ca-chain.cert.pem"
+ src:
+ - ca_cert
+ mode: "0400"
+ owner: 100
+ - dest: "{{ collabora_code_instance_basepath }}/config/cert.pem"
+ src:
+ - cert
+ mode: "0400"
+ owner: 100
+ - dest: "{{ collabora_code_instance_basepath }}/config/key.pem"
+ src:
+ - key
+ owner: 100
+ mode: "0400"
+ include_role:
+ name: "x509/{{ collabora_code_instances[collabora_code_instance].publish.zone.certificate_provider }}/cert"
+
+- name: build custom image
+ when: "'custom_image' in collabora_code_instances[collabora_code_instance]"
+ include_tasks: custom-image.yml
+
+- name: install pod manifest
+ vars:
+ kubernetes_standalone_pod:
+ name: "collabora-code-{{ collabora_code_instance }}"
+ spec: "{{ lookup('template', 'pod-spec.yml.j2') }}"
+ mode: "0600"
+ config_hash_items:
+ - path: "{{ collabora_code_instance_basepath }}/config/coolwsd.xml"
+ properties:
+ - checksum
+ include_role:
+ name: kubernetes/standalone/pod
+
+- name: render nginx-vhost custom config
+ set_fact:
+ collabora_code_nginx_vhost_custom: "{{ lookup('template', 'nginx-vhost.conf.j2') }}"
+
+- name: configure nginx vhost for publishment
+ vars:
+ nginx_vhost__yaml: |
+ name: "collabora-code-{{ collabora_code_instance }}.{{ inventory_hostname }}"
+ template: generic
+ {% if 'tls' in collabora_code_instances[collabora_code_instance].publish %}
+ tls:
+ {{ collabora_code_instances[collabora_code_instance].publish.tls | to_nice_yaml(indent=2) | indent(2) }}
+ {% endif %}
+ hostnames:
+ {% for hostname in collabora_code_instances[collabora_code_instance].publish.hostnames %}
+ - {{ hostname }}
+ {% endfor %}
+ custom: |
+ {{ collabora_code_nginx_vhost_custom | indent(2) }}
+ nginx_vhost: "{{ nginx_vhost__yaml | from_yaml }}"
+ include_role:
+ name: nginx/vhost
+ apply:
+ delegate_to: "{{ collabora_code_instances[collabora_code_instance].publish.zone.publisher }}"
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-06 17:01:25 +0000