- name: Install roundcube ansible.builtin.apt: pkg: - roundcube - roundcube-sqlite3 - roundcube-pgsql - roundcube-plugins - name: create roundcube group when: roundcube_separate_user ansible.builtin.group: name: roundcube system: true - name: Create roundcube user when: roundcube_separate_user ansible.builtin.user: name: roundcube group: roundcube groups: www-data home: /nonexistent create_home: false system: true - name: Create directories for systemd drop-ins when: roundcube_separate_user ansible.builtin.file: path: '/etc/systemd/system/{{ item }}.d' state: directory loop: - roundcube-gc.service - roundcube-cleandb.service - name: Create systemd drop-ins to use separate user when: roundcube_separate_user ansible.builtin.template: src: 10-separate-user.conf.j2 dest: '/etc/systemd/system/{{ item }}' loop: &roundcube_separate_user_dropins - roundcube-gc.service.d/10-separate-user.conf - roundcube-cleandb.service.d/10-separate-user.conf notify: reload systemd - name: Remove systemd drop-ins to use separate user when: not roundcube_separate_user ansible.builtin.file: path: '/etc/systemd/system/{{ item }}' state: absent loop: *roundcube_separate_user_dropins notify: reload systemd # php_version and "restart php-fpm" handler from nginx role - name: Create roundcube php pool when: roundcube_separate_user ansible.builtin.template: src: php-fpm-pool.conf.j2 dest: "/etc/php/{{ php_version }}/fpm/pool.d/roundcube.conf" owner: root group: root mode: 0644 notify: restart php-fpm - name: Create db directory ansible.builtin.file: path: /var/lib/roundcube/db owner: '{{ "roundcube" if roundcube_separate_user else "www-data" }}' group: '{{ "roundcube" if roundcube_separate_user else "www-data" }}' state: directory mode: "0750" - name: Update config ansible.builtin.template: src: config.inc.php.j2 dest: /etc/roundcube/config.inc.php owner: root group: '{{ "roundcube" if roundcube_separate_user else "www-data" }}' mode: "0640"