Add CodiMD container

codimd.yml

@@ -0,0 +1,7 @@
+---
+# Install CodiMD on corresponding containers
+- hosts: codimd
+  roles:
+   - debian-backports
+   - codimd
+

hosts

@@ -5,6 +5,7 @@ horus               ansible_host=10.128.0.1
 
 [ovh-container]
 matrix-riot-web     ansible_host=10.128.0.53
+codimd              ansible_host=10.128.0.55
 services-bdd.adm.auro.re
 phabricator.adm.auro.re
 horus-wiki          ansible_host=10.128.0.51

roles/codimd/README.md

@@ -0,0 +1,7 @@
+# Rôle CodiMD
+
+Ce rôle Ansible permet d'installer CodiMD.
+
+Il doit être exécuté en tant que super-utilisateur
+(option `-b` pour `--become`).
+

roles/codimd/handlers/main.yml

@@ -0,0 +1,5 @@
+---
+# Reload systemd daemons when a service file changes
+- name: Reload systemd daemons
+  command: systemctl daemon-reload
+

roles/codimd/tasks/0_apt_dependencies.yml

@@ -0,0 +1,20 @@
+---
+# For NodeJS package
+- name: Configure NodeJS pin
+  when: ansible_distribution == 'Debian' and ansible_distribution_release == 'stretch'
+  template:
+    src: 'apt/nodejs'
+    dest: '/etc/apt/preferences.d/nodejs'
+    mode: 0644
+
+# Install CodiMD dependencies
+- name: Install required packages
+  apt:
+    name: "{{ item }}"
+    state: present
+    update_cache: yes
+  with_items:
+    - git
+    - nodejs
+    - npm
+

roles/codimd/tasks/1_user_group.yml

@@ -0,0 +1,27 @@
+---
+# Security #1
+- name: Create CodiMD system group
+  group:
+    name: codimd
+    system: yes
+    state: present
+
+# Security #2
+- name: Create CodiMD user
+  user:
+    name: codimd
+    group: codimd
+    home: '/var/local/codimd'
+    comment: CodiMD
+    system: yes
+    state: present
+
+# Security #3
+- name: Secure CodiMD home directory
+  file:
+    path: '/var/local/codimd'
+    state: directory
+    owner: codimd
+    group: codimd
+    mode: 0750
+

roles/codimd/tasks/main.yml

@@ -0,0 +1,20 @@
+---
+# Install APT dependencies
+- include_tasks: 0_apt_dependencies.yml
+
+# Create CodiMD user and group
+- include_tasks: 1_user_group.yml
+
+# Download CodiMD
+- name: Clone CodiMD project
+  git:
+    repo: "https://github.com/hackmdio/codimd.git"
+    dest: /var/local/codimd/codimd
+    version: "1.2.1"
+  become: true
+  become_user: codimd
+
+# TODO Configurer et créer un service
+# https://github.com/hackmdio/codimd#instructions
+# https://github.com/hackmdio/codimd#configuration-files
+

roles/codimd/templates/apt/nodejs

@@ -0,0 +1,7 @@
+# /etc/apt/preferences.d/dokuwiki
+# Deployed with Aurore Ansible !
+
+Package: node* libuv1*
+Pin: release a=stretch-backports
+Pin-Priority: 600
+

roles/codimd/templates/systemd/codimd.service.j2

@@ -0,0 +1,19 @@
+# /etc/systemd/system/etherpad-lite.service
+# Deployed with Aurore Ansible !
+
+[Unit]
+Description=Etherpad-lite, the collaborative editor.
+After=syslog.target network-online.target mysql.service postgresql.service
+Conflicts=shutdown.target
+
+[Service]
+Type=simple
+User=etherpad
+Group=etherpad
+WorkingDirectory=/var/local/etherpad/etherpad-lite
+ExecStart=/usr/bin/nodejs /var/local/etherpad/etherpad-lite/node_modules/ep_etherpad-lite/node/server.js
+Restart=always
+
+[Install]
+WantedBy=multi-user.target
+