Compare commits
No commits in common. "9084f25319bcf16fe1e5e9e4dfa0c16628a76521" and "3261bc7f98201b73385f2cc97cc5397607c3f800" have entirely different histories.
9084f25319
...
3261bc7f98
|
|
@ -65,10 +65,12 @@
|
|||
line: "ALLOWED_HOSTS = ['{{ dns_name }}']"
|
||||
- key: 'USER.*PostgreSQL username'
|
||||
line: " 'USER': '{{ user }}', # PostgreSQL username"
|
||||
- key: 'PASSWORD.*PostgreSQL password'
|
||||
line: " 'PASSWORD': '{{ password.db_pass }}', # PostgreSQL password"
|
||||
- key: '^PLUGINS = '
|
||||
line: "PLUGINS = ['netbox_topology_views']"
|
||||
# XXX unnecessary?
|
||||
#- key: '(OPTIONS|PASSWORD).*PostgreSQL password'
|
||||
# line: " 'OPTIONS': { 'passfile': '{{ user_info.home }}/.pgpass' }, # PostgreSQL password"
|
||||
# not yet compatible, see https://github.com/netbox-community/netbox-topology-views/issues/503
|
||||
#- key: '^PLUGINS = '
|
||||
# line: "PLUGINS = ['netbox_topology_views']"
|
||||
notify: run migrations
|
||||
|
||||
- name: Configure OIDC authentication
|
||||
|
|
@ -87,22 +89,11 @@
|
|||
line: "SOCIAL_AUTH_OIDC_KEY = '{{ password.oidc_client_id }}'"
|
||||
- key: "^SOCIAL_AUTH_OIDC_SECRET ="
|
||||
line: "SOCIAL_AUTH_OIDC_SECRET = '{{ password.oidc_client_secret }}'"
|
||||
# TODO the key should really be upn but it doesn’t seem to work
|
||||
- key: "^SOCIAL_AUTH_OIDC_USERNAME_KEY ="
|
||||
line: "SOCIAL_AUTH_OIDC_USERNAME_KEY = 'email'"
|
||||
notify: run migrations
|
||||
|
||||
- name: Configure various settings
|
||||
lineinfile:
|
||||
path: '{{ user_info.home }}/app/netbox/netbox/configuration.py'
|
||||
regexp: '{{ item.key }}'
|
||||
line: '{{ item.line }}'
|
||||
loop:
|
||||
- key: "^LOGIN_REQUIRED ="
|
||||
line: "LOGIN_REQUIRED = True"
|
||||
- key: "^EXEMPT_VIEW_PERMISSIONS = \\[$"
|
||||
line: "EXEMPT_VIEW_PERMISSIONS = ['*',"
|
||||
notify: restart netbox
|
||||
|
||||
- name: Set additional requirements
|
||||
become: yes
|
||||
become_user: '{{ user }}'
|
||||
|
|
@ -124,7 +115,8 @@
|
|||
#from django.contrib.auth.models import User
|
||||
username = '{{ password.admin_user }}'
|
||||
if not User.objects.filter(username=username):
|
||||
User.objects.create_superuser(username, password='{{ password.admin_pass }}')
|
||||
User.objects.create_superuser(username, '', # TODO email
|
||||
'{{ password.admin_pass }}')
|
||||
sys.exit(1)
|
||||
register: result
|
||||
changed_when: result.rc != 0
|
||||
|
|
|
|||
|
|
@ -10,6 +10,32 @@
|
|||
enabled: true
|
||||
state: started
|
||||
|
||||
- name: Check for existing database password
|
||||
become: yes
|
||||
become_user: '{{ user }}'
|
||||
slurp:
|
||||
path: '~/.pgpass'
|
||||
register: pgpass
|
||||
failed_when: false
|
||||
|
||||
- name: Get database password
|
||||
when: '"content" in pgpass'
|
||||
set_fact: db_password='{{ pgpass.content | b64decode | split(":") | last }}'
|
||||
|
||||
- name: Create database password
|
||||
when: '"content" not in pgpass'
|
||||
set_fact: db_password='{{ lookup("password", "/dev/null", chars=["ascii_letters", "digits"]) }}'
|
||||
|
||||
- name: Create .pgpass
|
||||
become: yes
|
||||
become_user: '{{ user }}'
|
||||
copy:
|
||||
dest: '~/.pgpass'
|
||||
content: |
|
||||
localhost:5432:{{ user }}:{{ user }}:{{ db_password }}
|
||||
force: no
|
||||
mode: 0600
|
||||
|
||||
- become: yes
|
||||
become_user: postgres
|
||||
block:
|
||||
|
|
@ -21,7 +47,8 @@
|
|||
postgresql_user:
|
||||
db: '{{ database | default(user) }}'
|
||||
name: '{{ user }}'
|
||||
password: '{{ password.db_pass }}'
|
||||
password: '{{ db_password }}'
|
||||
no_password_changes: '{{ "content" in pgpass }}'
|
||||
|
||||
- name: Set schema owner
|
||||
postgresql_owner:
|
||||
|
|
|
|||
Loading…
Reference in a new issue