roles/ipsilon/tasks/main.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65

---
# Configuration for the ipsilon webapp

- name: clean yum metadata
  command: yum clean all
  tags:
  - packages

- name: install needed packages
  yum: pkg={{ item }} state=present
  with_items:
  - ipsilon
  - ipsilon-authfas
  - ipsilon-openid
  - ipsilon-persona
  - python-psycopg2
  - libsemanage-python
  tags:
  - packages

- name: copy ipsilon templates
  copy: src=templates/
        dest=/usr/share/ipsilon/templates-fedora
        owner=ipsilon group=ipsilon mode=0666 

- name: copy ipsilon ui assets
  copy: src=ui-fedora/
        dest=/usr/share/ipsilon/ui/fedora
        owner=ipsilon group=ipsilon mode=0666 

- name: copy ipsilon configuration
  template: src={{ item }}.conf
            dest=/etc/ipsilon/{{ item }}.conf
            owner=ipsilon group=ipsilon mode=0600
  with_items:
  - ipsilon
  - configuration
  tags:
  - config
  notify:
  - restart apache

- name: copy ipsilon httpd config
  copy: src=ipsilon-httpd.conf
        dest=/etc/httpd/conf.d/ipsilon.conf

- name: copy persona private key
  copy: src={{ private }}/files/ipsilon/persona.key dest=/etc/ipsilon/persona.key
        owner=ipsilon group=ipsilon mode=0600
  when: env != "staging"

- name: copy persona STG private key
  copy: src={{ private }}/files/ipsilon/persona.stg.key dest=/etc/ipsilon/persona.stg.key
        owner=ipsilon group=ipsilon mode=0600
  when: env == "staging"

- name: set sebooleans so ipsilon can talk to the db
  action: seboolean name=httpd_can_network_connect_db
                    state=true
                    persistent=true

- name: apply selinux type to the wsgi file
  file: >
    dest=/usr/libexec/ipsilon
    setype=httpd_sys_content_t