Flesh out automated user creation

2021-12-27 01:47:11 +01:00 · 2021-12-27 01:47:11 +01:00 · 115f4b0876
commit 115f4b0876
parent b8466fe19d
3 changed files with 80 additions and 56 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -11,20 +11,17 @@ kimai:
  main:
    service_name: "kimai"
    trusted_hosts: ",0.0.0.0"
-
-    admin:
-      mail: "admin@kimai.local"
-      password: "changemeplease"
  
    users:
+    # default super admin - name not changeable!
      superadmin:
-        roles:
-          ROLE_SUPER_ADMIN: true
+        mail: "admin@kimai.local"
+        password: "changemeplease"
+        role: ROLE_SUPER_ADMIN
      dark:
        mail: "dark@kimai.local"
        password: "changemeplease"
-        roles:
-          ROLE_SUPER_ADMIN:
+        role: ROLE_SUPER_ADMIN
    
    
  services:
--- a/handlers/main.yml
+++ b/handlers/main.yml
@ -9,3 +9,58 @@

 - name: Create users
  meta: "noop"
+
+- name: Restarting services
+  block:
+
+  - name: restart kimais mysql
+    docker_compose:
+      project_src: "{{ kimai.general.base_path }}"
+      restarted: true
+      services: 
+        - "{{ kimai.services.mysql.service_name }}"
+      timeout: 30
+    listen: kimai_services_restart
+
+  - name: gather mysql ip
+    shell: docker inspect -f {% raw %}'{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}'{% endraw %} $(docker-compose ps -q {{ kimai.services.mysql.service_name }} )
+    args:
+      chdir: "{{ kimai.general.base_path }}"
+    register: kimai_db
+    listen: kimai_services_restart
+
+  - name: Wait for kimai db become ready
+    ansible.builtin.wait_for:
+      host: "{{ kimai_db.stdout }}"
+      port: 3306
+      delay: 10
+    listen: kimai_services_restart
+
+  - name: restart kimais normal services
+    docker_compose:
+      project_src: "{{ kimai.general.base_path }}"
+      restarted: true
+      services: 
+        - "{{ kimai.services.nginx.service_name }}"
+        - "{{ kimai.services.postfix.service_name }}"
+        - "{{ kimai.main.service_name }}"
+      timeout: 10
+    listen: kimai_services_restart
+
+- name: User-Setup
+  block:
+  - name: Create non-existent users
+    shell: > 
+      docker-compose exec {{ kimai.main.service_name }} bash -c '/opt/kimai/bin/console kimai:user:create {{ item.key }} {{ item.value.mail }} {{ item.value.role }} {{ item.value.password }}'
+    args:
+      chdir: "{{ kimai.general.base_path }}"
+    loop: "{{ kimai_users | dict2items | selectattr('value._changed', 'equalto', True) }}"
+    changed_when: item.value._changed
+    listen: create_non_existing_users
+    notify: post_create_non_existing_users
+
+  - name: Set changed-Flag on admin users to False
+    set_fact:
+      kimai_users: "{{ kimai_users | combine({ item.key: {'mail': item.value.mail, 'password': item.value.password, 'role': item.value.role, '_changed': False} }) }}"
+    loop: "{{ kimai_users | dict2items | selectattr('value._changed', 'equalto', True) }}"
+    listen: post_create_non_existing_users
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -11,47 +11,17 @@
  template:
    src: "docker-compose.yml.j2"
    dest: "{{ kimai.general.base_path }}/docker-compose.yml"
+  notify: kimai_services_restart

-#  notify: 
-#  - restart kimai
-#  - fixup var
-#  - fixup kimai install
-
- name: restart kimais mysql
-  docker_compose:
-    project_src: "{{ kimai.general.base_path }}"
-    restarted: true
-    services: 
-      - "{{ kimai.services.mysql.service_name }}"
-    timeout: 30
- name: gather mysql ip
-  shell: docker inspect -f {% raw %}'{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}'{% endraw %} $(docker-compose ps -q {{ kimai.services.mysql.service_name }} )
-  args:
-    chdir: "{{ kimai.general.base_path }}"
-  register: kimai_db
-
- name: Wait for kimai db become ready
-  ansible.builtin.wait_for:
-    host: "{{ kimai_db.stdout }}"
-    port: 3306
-    delay: 10
-  
- name: restart kimais normal services
-  docker_compose:
-    project_src: "{{ kimai.general.base_path }}"
-    restarted: true
-    services: 
-      - "{{ kimai.services.nginx.service_name }}"
-      - "{{ kimai.services.postfix.service_name }}"
-      - "{{ kimai.main.service_name }}"
-    timeout: 10
+- name: Flush handlers
+  meta: flush_handlers

 - name: fixup var
  shell: 'cd {{ kimai.general.base_path }}; docker-compose exec -u root {{ kimai.main.service_name }} bash -c "chmod 777 -R /opt/kimai/var";'

 - name: Create admins
  block:
-    - name: Register existing users as facts
+    - name: Gather existing users
      shell: >
        docker-compose exec {{ kimai.services.mysql.service_name }}  mysql -u{{ kimai.services.mysql.user }} -p{{ kimai.services.mysql.password}} --execute "SELECT username,roles FROM {{ kimai.services.mysql.db }}.kimai2_users;"  -sN 2>/dev/null | awk '{ gsub(/^[ \t]+|[ \t]+$/, ""); gsub(/[ ]+/," "); print $1,"|",$2}' > /kimai_users.txt
      args: 
@ -62,22 +32,24 @@
      check_mode: 'no'
      ignore_errors: 'yes'
      register: admin_lines
-      loop: "{{ kimai.main.users | dict2items | selectattr('value.roles', 'search', 'ROLE_SUPER_ADMIN')}}"
+      loop: "{{ kimai.main.users | dict2items | selectattr('value.role', 'search', 'ROLE_SUPER_ADMIN')}}"
      changed_when: admin_lines.rc != 0
-      failed_when: admin_lines is not defined or admin_lines.rc > 1 
-
-    - name: Debug admin_lines
+      failed_when: admin_lines is not defined or admin_lines.rc > 1
+    
+    - name: Debug admins to json
      debug:
-        msg: "Creating user: {{ result.item.key }}"
-      loop: "{{ admin_lines.results | selectattr('changed', 'equalto', True) | rejectattr('failed', 'equalto', True) }}"
-      loop_control:
-        loop_var: result
+        msg: "Admins: {{ admin_lines | to_json }}"
+    - name: Init fact
+      set_fact:
+        kimai_users:

-# TODO: NOT WORKING YET! Missing parts for mail, password and such. But it's triggered just with absent users already!
-    - name: Create non-existent admins
-      shell: > 
-        docker-compose exec {{ kimai.main.service_name }} bash -c '/opt/kimai/bin/console kimai:user:create {{ result.item.key }}'
-      loop: "{{ admin_lines.results | selectattr('changed', 'equalto', True) | rejectattr('failed', 'equalto', True) }}"
+    
+    - name: Make existing admins a fact and model that fact as it is expected
+      set_fact:
+        kimai_users: "{{ kimai_users | combine({ result.item.key: {'mail': result.item.value.mail, 'password': result.item.value.password, 'role': result.item.value.role, '_changed': result.changed} }) }}"
+      loop: "{{ admin_lines.results | rejectattr('failed', 'equalto', True) }}"
      loop_control:
        loop_var: result
-      changed_when: result.changed
+      changed_when: result.changed
+      notify: 
+        - create_non_existing_users