ansible-role-rocketchat/tasks/rocketchat.yml

---
- name: Install unzip using apt
  become: true
  apt: name=unzip state=latest update_cache=yes force_apt_get=yes

- name: "NOTSCORED | 3.5.1.6 | PATCH | Ensure firewall rules exist for all open ports"
  become: true
  ufw:
    rule: allow
    proto: tcp
    port: "{{ item }}"
  loop:
    - '3000'
    - '80'
    - '443'
    - '22'

- name: Creates directory structure for rocketchat data
  file:
    path: /home/{{ main_user }}/rocketchat/data
    state: directory
    owner: "{{ main_user }}"
    group: "{{ main_user }}"
    mode: 0775

- name: Creates directory structure for nginx data
  file:
    path: /home/{{ main_user }}/rocketchat/nginx
    state: directory
    owner: "{{ main_user }}"
    group: "{{ main_user }}"
    mode: 0775

- name: Creates directory structure for upload data
  file:
    path: /home/{{ main_user }}/rocketchat/uploads
    state: directory
    owner: "{{ main_user }}"
    group: "{{ main_user }}"
    mode: 0775

- name: copy docker compose to server
  become_user: "{{ main_user }}"
  copy:
    src: files/docker-compose.yml
    dest: /home/{{ main_user }}/rocketchat/

- name: bring down rocketchat docker-compose
  become_user: "{{ main_user }}"
  docker_compose:
    project_src: /home/{{ main_user }}/rocketchat/
    state: absent
  register: __remove_rocketchat
  tags:
    - bring-down

- name: update permissions
  become: true
  file:
    path: /home/{{ main_user }}
    state: directory
    recurse: yes
    owner: "{{ main_user }}"
    group: "{{ main_user }}"
    mode: 0775

- name: setup nginx reverse proxy from template
  template:
    src: templates/nginx.conf.j2
    dest: /home/{{ main_user }}/rocketchat/nginx/nginx.conf

- name: docker compose up
  become_user: "{{ main_user }}"
  docker_compose:
    project_src: /home/{{ main_user }}/rocketchat/
    state: present
  register: __rocketchat

- name: debug docker compose down
  debug:
    var: __remove_rocketchat

- name: debug docker compose up debug
  debug:
    var: __rocketchat
first commit 2022-05-27 23:27:40 +00:00			`---`
			`- name: Install unzip using apt`
harden tag to harden.yml task, become: true on installing unzip in rocketchat task 2022-07-07 20:48:50 +00:00			`become: true`
first commit 2022-05-27 23:27:40 +00:00			`apt: name=unzip state=latest update_cache=yes force_apt_get=yes`

			`- name: "NOTSCORED \| 3.5.1.6 \| PATCH \| Ensure firewall rules exist for all open ports"`
become = true on update permissions + set ufw allowed ports for RC 2022-07-07 21:03:54 +00:00			`become: true`
first commit 2022-05-27 23:27:40 +00:00			`ufw:`
			`rule: allow`
			`proto: tcp`
			`port: "{{ item }}"`
			`loop:`
			`- '3000'`
			`- '80'`
			`- '443'`
			`- '22'`

add create directory for nginx data/docker volumes 2022-05-30 04:09:48 +00:00			`- name: Creates directory structure for rocketchat data`
first commit 2022-05-27 23:27:40 +00:00			`file:`
template for ngnix reverse proxy + rocketchat task updates converted from assetto role 2022-05-30 02:03:23 +00:00			`path: /home/{{ main_user }}/rocketchat/data`
first commit 2022-05-27 23:27:40 +00:00			`state: directory`
			`owner: "{{ main_user }}"`
			`group: "{{ main_user }}"`
			`mode: 0775`

add create directory for nginx data/docker volumes 2022-05-30 04:09:48 +00:00			`- name: Creates directory structure for nginx data`
			`file:`
			`path: /home/{{ main_user }}/rocketchat/nginx`
			`state: directory`
			`owner: "{{ main_user }}"`
			`group: "{{ main_user }}"`
			`mode: 0775`

uploads directory, update docker-compose w/ mmap migration to wiredTiger 2022-07-08 01:33:50 +00:00			`- name: Creates directory structure for upload data`
			`file:`
			`path: /home/{{ main_user }}/rocketchat/uploads`
			`state: directory`
			`owner: "{{ main_user }}"`
			`group: "{{ main_user }}"`
			`mode: 0775`

copy docker compose to server 2022-05-30 03:38:56 +00:00			`- name: copy docker compose to server`
			`become_user: "{{ main_user }}"`
			`copy:`
duh 2022-05-30 04:00:13 +00:00			`src: files/docker-compose.yml`
copy docker compose to server 2022-05-30 03:38:56 +00:00			`dest: /home/{{ main_user }}/rocketchat/`
move docker compose to wihtin this reo, update copy to server task 2022-05-30 03:52:02 +00:00
template for ngnix reverse proxy + rocketchat task updates converted from assetto role 2022-05-30 02:03:23 +00:00			`- name: bring down rocketchat docker-compose`
first commit 2022-05-27 23:27:40 +00:00			`become_user: "{{ main_user }}"`
			`docker_compose:`
template for ngnix reverse proxy + rocketchat task updates converted from assetto role 2022-05-30 02:03:23 +00:00			`project_src: /home/{{ main_user }}/rocketchat/`
first commit 2022-05-27 23:27:40 +00:00			`state: absent`
template for ngnix reverse proxy + rocketchat task updates converted from assetto role 2022-05-30 02:03:23 +00:00			`register: __remove_rocketchat`
first commit 2022-05-27 23:27:40 +00:00			`tags:`
			`- bring-down`

			`- name: update permissions`
become = true on update permissions + set ufw allowed ports for RC 2022-07-07 21:03:54 +00:00			`become: true`
first commit 2022-05-27 23:27:40 +00:00			`file:`
			`path: /home/{{ main_user }}`
			`state: directory`
			`recurse: yes`
			`owner: "{{ main_user }}"`
			`group: "{{ main_user }}"`
			`mode: 0775`

template for ngnix reverse proxy + rocketchat task updates converted from assetto role 2022-05-30 02:03:23 +00:00			`- name: setup nginx reverse proxy from template`
			`template:`
fixed nginx template file 2022-05-30 04:03:36 +00:00			`src: templates/nginx.conf.j2`
template for ngnix reverse proxy + rocketchat task updates converted from assetto role 2022-05-30 02:03:23 +00:00			`dest: /home/{{ main_user }}/rocketchat/nginx/nginx.conf`

first commit 2022-05-27 23:27:40 +00:00			`- name: docker compose up`
			`become_user: "{{ main_user }}"`
			`docker_compose:`
template for ngnix reverse proxy + rocketchat task updates converted from assetto role 2022-05-30 02:03:23 +00:00			`project_src: /home/{{ main_user }}/rocketchat/`
first commit 2022-05-27 23:27:40 +00:00			`state: present`
template for ngnix reverse proxy + rocketchat task updates converted from assetto role 2022-05-30 02:03:23 +00:00			`register: __rocketchat`
first commit 2022-05-27 23:27:40 +00:00
			`- name: debug docker compose down`
			`debug:`
template for ngnix reverse proxy + rocketchat task updates converted from assetto role 2022-05-30 02:03:23 +00:00			`var: __remove_rocketchat`
first commit 2022-05-27 23:27:40 +00:00
template for ngnix reverse proxy + rocketchat task updates converted from assetto role 2022-05-30 02:03:23 +00:00			`- name: debug docker compose up debug`
first commit 2022-05-27 23:27:40 +00:00			`debug:`
template for ngnix reverse proxy + rocketchat task updates converted from assetto role 2022-05-30 02:03:23 +00:00			`var: __rocketchat`