Initial commit

README.md

@@ -0,0 +1,38 @@
+# Role : docker_paheko
+
+
+## Services fournis
+
+Installation de paheko sur un serveur docker_host
+
+
+## Variables
+
+Fournir les variables suivantes. Par exemple :
+
+```yaml
+docker_paheko_fqdn: paheko.example.com
+docker_paheko_version: 1.2.4
+docker_paheko_data_dir: /data1
+docker_paheko_service_id: paheko
+docker_paheko_smtp_server: smtp.example.com
+docker_paheko_secret_key: ici_le_secret_key
+docker_paheko_max_file_size_mb: 8
+docker_paheko_quota_gb: 1
+```
+
+| Option                         | Valeur par défaut | Description                                                                               |
+|--------------------------------|-------------------|-------------------------------------------------------------------------------------------|
+| docker_paheko_fqdn             |                   | Le nom de domaine pour lequel le service paheko répond                                    |
+| docker_paheko_version          |                   | La version de l'image docker paheko                                                       |
+| docker_paheko_data_dir         |                   | L'emplacement dans lequel se trouvent les volumes de donnees docker pour le service       |
+| docker_paheko_service_id       |                   | Le nom de service souhaité : conditionne le nommage des volumes et le routage par traefik |
+| docker_paheko_smtp_server      |                   | L'adresse du serveur smtp par lequel le service envoie les courriels                      |
+| docker_paheko_secret_key       |                   | S'obtient avec `openssl rand -base64 40`                                                  |
+| docker_paheko_max_file_size_mb |                   | Taille max en Mo des fichiers déposables dans paheko                                      |
+| docker_paheko_quota_gb         |                   | Taille max en Go de l'instance paheko                                                     |
+
+
+## Premier démarrage dans paheko
+
+Se connecter à paheko et enregistrer un premier utilisateur administrateur de l'instance paheko.

handlers/main.yml

@@ -0,0 +1,5 @@
+- name: docker-compose-up
+  shell: |
+    docker-compose up -d
+  args:
+    chdir: /opt/{{ docker_paheko_service_id }}/

meta/main.yml

@@ -0,0 +1,8 @@
+galaxy_info:
+  author: Olivier Navas
+  description: Modèle d'installation Libretic pour paheko
+  license: GPL-3.0-only
+  min_ansible_version: 2.9
+  galaxy_tags: []
+
+dependencies: []

tasks/main.yml

@@ -0,0 +1,20 @@
+- name: docker directory
+  file:
+    path: /opt/{{ docker_paheko_service_id }}/
+    state: directory
+    
+- name: docker data directory
+  file:
+    path: "{{ docker_paheko_data_dir }}/{{ docker_paheko_service_id }}/"
+    state: directory
+  register: _datadir
+    
+- name: prepare docker-compose.yml and files
+  template:
+    src: "{{ item }}"
+    dest: /opt/{{ docker_paheko_service_id }}/
+  with_items:
+    - docker-compose.yml
+    - config.local.php
+    - php.ini
+  notify: docker-compose-up

templates/config.local.php

@@ -0,0 +1,20 @@
+<?php
+namespace Garradin;
+
+// Some random key of more than 30 characters 
+// openssl rand -base64 40
+const SECRET_KEY = '{{ docker_paheko_secret_key }}';
+
+// SMTP parameters
+const SMTP_HOST = '{{ docker_paheko_smtp_server }}';
+const SMTP_PORT = 25;
+const SMTP_SECURITY = 'NONE';
+
+// Upgrades should be handled by new docker image version
+const ENABLE_UPGRADES = false;
+
+// Storage quota
+const FILE_STORAGE_QUOTA = {{ docker_paheko_quota_gb }}*1024*1024*1024;
+
+// Command line to use chromium to generate PDF documents
+const PDF_COMMAND = 'chromium --no-sandbox --headless --disable-dev-shm-usage --autoplay-policy=no-user-gesture-required --no-first-run --disable-gpu --disable-features=DefaultPassthroughCommandDecoder --use-fake-ui-for-media-stream --use-fake-device-for-media-stream --disable-sync --print-to-pdf=%2$s %1$s';

templates/docker-compose.yml

@@ -0,0 +1,25 @@
+# {{ ansible_managed }}
+
+version: '3.1'
+
+services:
+  paheko:
+    image: libretic/paheko:{{ docker_paheko_version }}
+    restart: always
+    volumes:
+      - ./config.local.php:/var/www/paheko/config.local.php
+      - ./php.ini:/usr/local/etc/php/php.ini
+      - {{ docker_paheko_data_dir }}/{{ docker_paheko_service_id }}/data:/var/www/paheko/data
+      - /var/www/paheko/data/plugins
+    labels:
+      - "traefik.enable=true"
+      - "traefik.docker.network=traefik"
+      - "traefik.http.routers.{{ docker_paheko_service_id }}.entrypoints=web"
+      - "traefik.http.routers.{{ docker_paheko_service_id }}.rule=Host(`{{ docker_paheko_fqdn }}`)"
+      - "traefik.http.services.{{ docker_paheko_service_id }}.loadbalancer.server.port=80"
+    networks:
+      - traefik
+
+networks:
+  traefik:
+    external: true

templates/php.ini

@@ -0,0 +1,72 @@
+# from production php.ini
+[PHP]
+engine = On
+short_open_tag = Off
+precision = 14
+output_buffering = 4096
+zlib.output_compression = Off
+implicit_flush = Off
+unserialize_callback_func =
+serialize_precision = -1
+disable_functions =
+disable_classes =
+zend.enable_gc = On
+zend.exception_ignore_args = On
+expose_php = On
+max_execution_time = 30
+max_input_time = 60
+memory_limit = 128M
+error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
+display_errors = Off
+display_startup_errors = Off
+log_errors = On
+log_errors_max_len = 1024
+ignore_repeated_errors = Off
+ignore_repeated_source = Off
+report_memleaks = On
+variables_order = "GPCS"
+request_order = "GP"
+register_argc_argv = Off
+auto_globals_jit = On
+post_max_size = {{ docker_paheko_max_file_size_mb }}M
+auto_prepend_file =
+auto_append_file =
+default_mimetype = "text/html"
+default_charset = "UTF-8"
+doc_root =
+user_dir =
+enable_dl = Off
+file_uploads = On
+upload_max_filesize = {{ docker_paheko_max_file_size_mb }}M
+max_file_uploads = 20
+allow_url_fopen = On
+allow_url_include = Off
+default_socket_timeout = 60
+[Session]
+session.save_handler = files
+session.use_strict_mode = 0
+session.use_cookies = 1
+session.use_only_cookies = 1
+session.name = PHPSESSID
+session.auto_start = 0
+session.cookie_lifetime = 0
+session.cookie_path = /
+session.cookie_domain =
+session.cookie_httponly =
+session.cookie_samesite =
+session.serialize_handler = php
+session.gc_probability = 1
+session.gc_divisor = 1000
+session.gc_maxlifetime = 1440
+session.referer_check =
+session.cache_limiter = nocache
+session.cache_expire = 180
+session.use_trans_sid = 0
+session.sid_length = 26
+session.trans_sid_tags = "a=href,area=href,frame=src,form="
+session.sid_bits_per_character = 5
+[Assertion]
+zend.assertions = -1
+[Tidy]
+tidy.clean_output = Off
+