onlyoffice documentserver installation

4 years ago · 87486db906
--- a/README.md
+++ b/README.md
@@ -1,2 +1,3 @@
 # ansible-role-onlyoffice
 # https://helpcenter.onlyoffice.com/de/server/integration-edition/linux/linux-installation.aspx
--- a/defaults/main.yaml
+++ b/defaults/main.yaml
@@ -0,0 +1,8 @@
 onlyoffice_server_name: "{{ inventory_hostname }}"
 onlyoffice_db_host: localhost
 onlyoffice_db_name: onlyoffice
 onlyoffice_db_user: onlyoffice
 onlyoffice_db_pass: onlyoffice
 onlyoffice_documentserver_token: secret
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -0,0 +1,4 @@
 ---
 - name: restart onlyoffice documentserver
  command: supervisorctl restart all
--- a/tasks/certificate.yaml
+++ b/tasks/certificate.yaml
@@ -0,0 +1,13 @@
 ---
 - import_role:
    name: certificate
  vars:
    certificate_name: "{{onlyoffice_server_name}}"
    certificate_common_name: "{{onlyoffice_server_name}}"
    certificate_directory: /etc/ssl
    certificate_key_usage:
      - digitalSignature
      - keyEncipherment
    certificate_extended_key_usage:
      - serverAuth
--- a/tasks/config.yaml
+++ b/tasks/config.yaml
@@ -0,0 +1,7 @@
 ---
 - name: onlyoffice documentserver config
  copy:
    content: "{{ onlyoffice_documentserver_local_json | to_json }}"
    dest: /etc/onlyoffice/documentserver/local.json
  notify: restart onlyoffice documentserver
--- a/tasks/database.yaml
+++ b/tasks/database.yaml
@@ -0,0 +1,27 @@
 ---
 - name: postgresql user
  postgresql_user:
    name: "{{ onlyoffice_db_user }}"
    password: "{{ onlyoffice_db_pass }}"
  delegate_to: "{{ (onlyoffice_db_host != 'localhost') | ternary(onlyoffice_db_host,inventory_hostname) }}"
  become: yes
  become_user: postgres
 - name: postgresql database
  postgresql_db:
    name: "{{onlyoffice_db_name}}"
    owner: "{{onlyoffice_db_user}}"
  delegate_to: "{{ (onlyoffice_db_host != 'localhost') | ternary(onlyoffice_db_host,inventory_hostname) }}"
  become: yes
  become_user: postgres
 - name: postgresql access
  postgresql_privs:
    db: "{{onlyoffice_db_name}}"
    privs: ALL
    type: database
    role: "{{ onlyoffice_db_user }}"
  delegate_to: "{{ (onlyoffice_db_host != 'localhost') | ternary(onlyoffice_db_host,inventory_hostname) }}"
  become: yes
  become_user: postgres
--- a/tasks/license.yaml
+++ b/tasks/license.yaml
@@ -0,0 +1,8 @@
 ---
 - name: copy onlyoffice license
  copy:
    src: license.lic
    dest: /var/www/onlyoffice/Data/license.lic
  failed_when: false
  notify: restart onlyoffice documentserver
--- a/tasks/main.yaml
+++ b/tasks/main.yaml
@@ -0,0 +1,20 @@
 ---
 - import_tasks: setup.yaml
 - import_tasks: database.yaml
 - import_tasks: pre-install-config.yaml
 - name: onlyoffice documentserver debian package
  apt:
    pkg: onlyoffice-documentserver
 - import_tasks: license.yaml
 - import_tasks: config.yaml
 - import_role:
    name: nginx
 - import_tasks: certificate.yaml
 - import_tasks: nginx.yaml
--- a/tasks/nginx.yaml
+++ b/tasks/nginx.yaml
@@ -0,0 +1,25 @@
 ---
 - name: nginx nextcloud vhost
  template:
    src: nginx-vhost.conf.j2
    dest: /etc/nginx/sites-available/onlyoffice
  notify: restart nginx
 - name: remove default onlyoffice config
  file:
    path: /etc/nginx/conf.d/ds.conf
    state: absent
  notify: restart nginx
 - name: nginx nextcloud vhost enabled
  file:
    src: ../sites-available/onlyoffice
    dest: /etc/nginx/sites-enabled/onlyoffice
    state: link
  notify: restart nginx
 - name: start nginx
  service:
    name: nginx
    state: started
--- a/tasks/pre-install-config.yaml
+++ b/tasks/pre-install-config.yaml
@@ -0,0 +1,29 @@
 ---
 - name: set onlyoffice database host
  debconf:
    name: onlyoffice-documentserver
    question: onlyoffice/db-host
    value: "{{ onlyoffice_db_host }}"
    vtype: string
 - name: set onlyoffice database user
  debconf:
    name: onlyoffice-documentserver
    question: onlyoffice/db-user
    value: "{{ onlyoffice_db_user }}"
    vtype: string
 - name: set onlyoffice database pass
  debconf:
    name: onlyoffice-documentserver
    question: onlyoffice/db-pass
    value: "{{ onlyoffice_db_pass }}"
    vtype: string
 - name: set onlyoffice database name
  debconf:
    name: onlyoffice-documentserver
    question: onlyoffice/db-name
    value: "{{ onlyoffice_db_name }}"
    vtype: string
--- a/tasks/setup.yaml
+++ b/tasks/setup.yaml
@@ -0,0 +1,23 @@
 ---
 - name: debian package requirements
  apt:
    pkg:
      - nginx-extras
      - rabbitmq-server
      - redis-server
      - postgresql
      # required by ansible
      - gnupg
      - python-psycopg2
 - name: onlyoffice apt repo key
  apt_key:
    keyserver: keyserver.ubuntu.com
    id: CB2DE8E5
    keyring: /etc/apt/trusted.gpg.d/onlyoffice.gpg
 - name: onlyoffice apt repo
  apt_repository:
    repo: deb https://download.onlyoffice.com/repo/debian squeeze main
    filename: onlyoffice
--- a/templates/nginx-vhost.conf.j2
+++ b/templates/nginx-vhost.conf.j2
@@ -0,0 +1,32 @@
 {{ ansible_managed | comment }}
 include /etc/nginx/includes/http-common.conf;
 server {
  listen 80;
  listen [::]:80;
  server_tokens off;
  server_name {{onlyoffice_server_name}};
  location /.well-known/acme-challenge {
    default_type "text/plain";
    root /var/www/default;
  }
  # enforce https
  #return 301 https://$server_name:443$request_uri;
 }
 server {
  listen 443;
  listen [::]:443;
  server_tokens off;
  server_name {{onlyoffice_server_name}};
  ssl_certificate /etc/ssl/certs/{{onlyoffice_server_name}}.fullchain.pem;
  ssl_certificate_key /etc/ssl/private/{{onlyoffice_server_name}}.key.pem;
  include /etc/nginx/includes/ds-*.conf;
 }
--- a/vars/main.yaml
+++ b/vars/main.yaml
@@ -0,0 +1,31 @@
 onlyoffice_documentserver_local_json:
  services:
    CoAuthoring:
      sql:
        type: postgres
        dbHost: "{{ onlyoffice_db_host }}"
        dbPort: '5432'
        dbName: "{{ onlyoffice_db_name }}"
        dbUser: "{{ onlyoffice_db_user }}"
        dbPass: "{{ onlyoffice_db_pass }}"
      redis:
        host: localhost
      token:
        enable:
          request:
            inbox: true
            outbox: true
          browser: true
        inbox:
          header: Authorization
        outbox:
          header: Authorization
      secret:
        inbox:
          string: "{{ onlyoffice_documentserver_token }}"
        outbox:
          string: "{{ onlyoffice_documentserver_token }}"
        session:
          string: "{{ onlyoffice_documentserver_token }}"
  rabbitmq:
    url: amqp://guest:guest@localhost