Add roundcube_separate_user option
This commit is contained in:
parent
48fc92aade
commit
136668e71f
GPG key ID:
C19B924C0CD13341
3 changed files with 56 additions and 3 deletions
|
|
@ -1,3 +1,4 @@
|
||||||
|
roundcube_separate_user: false
|
||||||
roundcube_config:
|
roundcube_config:
|
||||||
log_driver: syslog
|
log_driver: syslog
|
||||||
db_dsnw: 'sqlite:////var/lib/roundcube/db/roundcube?mode=0640'
|
db_dsnw: 'sqlite:////var/lib/roundcube/db/roundcube?mode=0640'
|
||||||
|
|
@ -5,3 +6,22 @@ roundcube_config:
|
||||||
#smtp_host: 'tls://smtp.example.com:587'
|
#smtp_host: 'tls://smtp.example.com:587'
|
||||||
#des_key: Set this to a 24-char random character string!
|
#des_key: Set this to a 24-char random character string!
|
||||||
cipher_method: AES-256-CBC
|
cipher_method: AES-256-CBC
|
||||||
|
|
||||||
|
roundcube_php_fpm_config:
|
||||||
|
user: roundcube
|
||||||
|
group: roundcube
|
||||||
|
listen: '/run/php/php{{ php_version }}-fpm-roundcube.sock'
|
||||||
|
listen.owner: www-data
|
||||||
|
listen.group: www-data
|
||||||
|
listen.mode: '0660'
|
||||||
|
'php_admin_value[syslog.ident]': roundcube
|
||||||
|
pm: dynamic
|
||||||
|
pm.max_children: 50
|
||||||
|
pm.start_servers: 2
|
||||||
|
pm.min_spare_servers: 2
|
||||||
|
pm.max_spare_servers: 3
|
||||||
|
'env[HOSTNAME]': '$HOSTNAME'
|
||||||
|
'env[PATH]': /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
|
||||||
|
'env[TMP]': /tmp
|
||||||
|
'env[TMPDIR]': /tmp
|
||||||
|
'env[TEMP]': /tmp
|
||||||
|
|
|
||||||
|
|
@ -5,11 +5,39 @@
|
||||||
- roundcube-sqlite3
|
- roundcube-sqlite3
|
||||||
- roundcube-pgsql
|
- roundcube-pgsql
|
||||||
|
|
||||||
|
- name: create roundcube group
|
||||||
|
when: roundcube_separate_user
|
||||||
|
ansible.builtin.group:
|
||||||
|
name: roundcube
|
||||||
|
system: true
|
||||||
|
|
||||||
|
- name: Create roundcube user
|
||||||
|
when: roundcube_separate_user
|
||||||
|
ansible.builtin.user:
|
||||||
|
name: roundcube
|
||||||
|
group: roundcube
|
||||||
|
groups: www-data
|
||||||
|
home: /nonexistent
|
||||||
|
create_home: false
|
||||||
|
system: true
|
||||||
|
|
||||||
|
# php_version and "restart php-fpm" handler from nginx role
|
||||||
|
- name: Create roundcube php pool
|
||||||
|
when: roundcube_separate_user
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: php-fpm-pool.conf.j2
|
||||||
|
dest: "/etc/php/{{ php_version }}/fpm/pool.d/roundcube.conf"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: 0644
|
||||||
|
notify:
|
||||||
|
- restart php-fpm
|
||||||
|
|
||||||
- name: Create db directory
|
- name: Create db directory
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: /var/lib/roundcube/db
|
path: /var/lib/roundcube/db
|
||||||
owner: www-data
|
owner: '{{ "roundcube" if roundcube_separate_user else "www-data" }}'
|
||||||
group: www-data
|
group: '{{ "roundcube" if roundcube_separate_user else "www-data" }}'
|
||||||
state: directory
|
state: directory
|
||||||
mode: "0750"
|
mode: "0750"
|
||||||
|
|
||||||
|
|
@ -18,5 +46,5 @@
|
||||||
src: config.inc.php.j2
|
src: config.inc.php.j2
|
||||||
dest: /etc/roundcube/config.inc.php
|
dest: /etc/roundcube/config.inc.php
|
||||||
owner: root
|
owner: root
|
||||||
group: www-data
|
group: '{{ "roundcube" if roundcube_separate_user else "www-data" }}'
|
||||||
mode: "0640"
|
mode: "0640"
|
||||||
|
|
|
||||||
5
templates/php-fpm-pool.conf.j2
Normal file
5
templates/php-fpm-pool.conf.j2
Normal file
|
|
@ -0,0 +1,5 @@
|
||||||
|
[roundcube]
|
||||||
|
|
||||||
|
{% for key, value in roundcube_php_fpm_config.items() %}
|
||||||
|
{{ key }} = {{ value }}
|
||||||
|
{% endfor %}
|
||||||
Loading…
Add table
Add a link
Reference in a new issue