--- - name: Create user user: name=hackmd - name: Enable https for apt apt: name=apt-transport-https - name: Enable nodesource apt-key apt_key: url="https://deb.nodesource.com/gpgkey/nodesource.gpg.key" - name: Enable nodesource repository apt_repository: repo="deb https://deb.nodesource.com/node_8.x/ {{ ansible_distribution_release }} main" - name: Enable yarnpkg apt-key apt_key: url="https://dl.yarnpkg.com/debian/pubkey.gpg" - name: Enable yarnpkg repository apt_repository: repo="deb https://dl.yarnpkg.com/debian/ stable main" - name: Pin nodejs repository blockinfile: path: /etc/apt/preferences.d/nodejs create: yes block: | Package: * Pin: origin deb.nodesource.com Pin-Priority: 600 - name: Install packages apt: name={{ item }} loop: - build-essential - git - nodejs - postgresql - python-psycopg2 - yarn - name: Unpack hackmd unarchive: src={{ hackmd_archive }} dest=/opt owner=hackmd group=hackmd remote_src=yes creates=/opt/codimd-{{ hackmd_version }} register: hackmd_unarchive - name: Rename hackmd command: mv /opt/server-{{ hackmd_version }} /opt/codimd-{{ hackmd_version }} when: hackmd_unarchive.changed - name: Create hackmd upload path file: path=/opt/codimd/uploads state=directory recurse=yes owner=hackmd group=hackmd - name: Remove old hackmd upload path file: path=/opt/codimd-{{ hackmd_version }}/public/uploads state=absent force=yes - name: Link hackmd upload path file: path=/opt/codimd-{{ hackmd_version }}/public/uploads src=/opt/codimd/uploads state=link owner=hackmd group=hackmd - name: Setup hackmd command: bin/setup chdir=/opt/codimd-{{ hackmd_version }} creates=/opt/codimd-{{ hackmd_version }}/config.json become: true become_user: hackmd - name: Configure hackmd template: src=config.json.j2 dest=/opt/codimd-{{ hackmd_version }}/config.json owner=hackmd register: hackmd_config notify: Restart hackmd - name: Build hackmd frontend command: /usr/bin/npm run build chdir=/opt/codimd-{{ hackmd_version }} become: true become_user: hackmd when: hackmd_unarchive.changed or hackmd_config.changed - name: Configure PostgreSQL database postgresql_db: name={{ hackmd_dbname }} become: true become_user: postgres - name: Configure PostgreSQL user postgresql_user: db={{ hackmd_dbname }} name={{ hackmd_dbuser }} password={{ hackmd_dbpass }} priv=ALL state=present become: true become_user: postgres - name: Configure sequelize template: src=_sequelizerc.j2 dest=/opt/codimd-{{ hackmd_version }}/.sequelizerc owner=hackmd - name: Upgrade database schema command: node_modules/.bin/sequelize db:migrate chdir=/opt/codimd-{{ hackmd_version }} become: true become_user: hackmd when: hackmd_unarchive.changed or hackmd_config.changed - name: Ensure certificates are available command: openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/nginx/ssl/{{ hackmd_domain }}.key -out /etc/nginx/ssl/{{ hackmd_domain }}.crt -days 730 -subj "/CN={{ hackmd_domain }}" creates=/etc/nginx/ssl/{{ hackmd_domain }}.crt notify: Restart nginx - name: Configure certificate manager for hackmd template: src=certs.j2 dest=/etc/acertmgr/{{ hackmd_domain }}.conf notify: Run acertmgr - name: Configure vhost template: src=vhost.j2 dest=/etc/nginx/sites-available/hackmd notify: Restart nginx - name: Enable vhost file: src=/etc/nginx/sites-available/hackmd dest=/etc/nginx/sites-enabled/hackmd state=link notify: Restart nginx - name: Systemd unit for hackmd template: src=hackmd.service.j2 dest=/etc/systemd/system/hackmd.service notify: - Reload systemd - Restart hackmd - name: Start the hackmd service service: name=hackmd state=started enabled=yes