-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy pathmattermost-example-playbook.yml
130 lines (109 loc) · 4.26 KB
/
mattermost-example-playbook.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
---
# set to host or a group from inventory:
- hosts: MYHOST.domain.tld
vars_files:
# - my_vault.yml
roles:
# baserole:
- { role: selfhostx.ansible.baserole }
- { role: selfhostx.certbot }
- { role: geerlingguy.mysql }
- { role: stefanux.mysqlbackup }
- { role: selfhostx.ansible.nginx_common }
- { role: selfhostx.certbot }
# - { role: selfhostx.ansible.mattermost } -> included at the end
vars:
ansible_python_interpreter: /usr/bin/python3
# vault: FIXME:
mysql_root_password: "-> Vault"
mattermost_db_password: "-> Vault"
mattermost_atrestencryptkey: "-> Vault"
mattermost_smtppassword: "-> Vault"
# letsencrypt:
certbot_create_method: nginx
certbot_certs:
- domains:
- MYHOST.domain.tld
certbot_auto_renew_minute: 19
certbot_auto_renew_hour: 3
certbot_admin_email: [email protected]
certbot_create_if_missing: true
certbot_install_from_source: false
# mariadb
# mysql_root_password: "-> vault"
mysql_database: "mattermost"
mysql_encoding: "utf8mb4"
mysql_collation: "utf8mb4_general_ci"
mysql_username: "mattermost"
mysql_user_password: "{{ mattermost_db_password }}"
mysql_bind_address: '127.0.0.1'
mysql_root_password_update: true
mysql_user_password_update: true
# initial run:
# mattermost_managed_config: True
# later:
mattermost_managed_config: False
mattermost_publiclinksalt: "-> vault"
mattermost_hostname: MYHOST.domain.tld
mattermost_sitename: "my mattermost site"
mattermost_version: "7.1.4"
mattermost_db_type: "mysql"
mattermost_db_server: "tcp(localhost:3306)"
mattermost_db_user: "{{ mysql_username }}"
mattermost_db_database: "{{ mysql_database }}"
mattermost_db_mysql_collation: "{{ mysql_collation }}"
# enable user invites etc: https://docs.mattermost.com/configure/configuration-settings.html#enable-account-creation
mattermost_enableusercreation: True
# mattermost_nginx_ssl_certificate: "/etc/letsencrypt/live/{{ mattermost_hostname }}/fullchain.pem"
# mattermost_nginx_ssl_certificate_key: "/etc/letsencrypt/live/{{ mattermost_hostname }}/privkey.pem"
# customize e-mails:
mattermost_feedbackname: ""
mattermost_feedbackemail: ""
mattermost_replytoaddress: "[email protected]"
mattermost_feedbackorganization: ""
mattermost_sendemailnotifications: false
mattermost_enablesmtpauth: false
mattermost_smtpusername: "[email protected]"
# mattermost_smtppassword: "-> vault"
mattermost_smtpserver: "my-smtp-relay.domain.tld"
mattermost_smtpport: 587
mattermost_email_connectionsecurity: "STARTTLS"
# https://docs.mattermost.com/configure/configuration-settings.html#email-notification-contents
# full|generic in old E20
mattermost_emailnotificationcontentstype: "full"
# https://docs.mattermost.com/configure/configuration-settings.html#push-notification-contents
# generic_no_channel|generic|full|id_loaded
mattermost_sendpushnotifications_enable: true
mattermost_sendpushnotifications_content: "full"
mattermost_userstatusawaytimeout: 300
# unattended upgrade (automatic upgrades on debian; does not include mattermost):
unattended_mail: 'root'
unattended_minimal_steps: true
unattended_mail_only_on_error: true
unattended_remove_unused_dependencies: true
unattended_automatic_reboot: true
unattended_automatic_reboot_time: 03:43
unattended_random_sleep: 300
tasks:
- name: Create mattermost DB
community.mysql.mysql_db:
name: "{{ mysql_database }}"
encoding: "{{ mysql_encoding }}"
collation: "{{ mysql_collation }}"
- name: Grant Access to mattermost DB
community.mysql.mysql_user:
name: "{{ mysql_username }}"
# host: "%"
host: localhost
password: "{{ mysql_user_password }}"
priv: "{{ mysql_database }}.*:ALL"
- name: Install mattermost
ansible.builtin.include_role:
name: "selfhostx.ansible.mattermost"
# OPTIONAL: unattended-upgrades
# - name: Include unattended-upgrades for virtual systems
# ansible.builtin.include_role:
# name: jnv.unattended-upgrades
# when:
# - "'machine_is_virtual' in group_names"
# - ansible_os_family == "Debian"