Flesh out automated user creation

master
dark 3 years ago
parent b8466fe19d
commit 115f4b0876

@ -11,20 +11,17 @@ kimai:
main: main:
service_name: "kimai" service_name: "kimai"
trusted_hosts: ",0.0.0.0" trusted_hosts: ",0.0.0.0"
admin:
mail: "admin@kimai.local"
password: "changemeplease"
users: users:
# default super admin - name not changeable!
superadmin: superadmin:
roles: mail: "admin@kimai.local"
ROLE_SUPER_ADMIN: true password: "changemeplease"
role: ROLE_SUPER_ADMIN
dark: dark:
mail: "dark@kimai.local" mail: "dark@kimai.local"
password: "changemeplease" password: "changemeplease"
roles: role: ROLE_SUPER_ADMIN
ROLE_SUPER_ADMIN:
services: services:

@ -9,3 +9,58 @@
- name: Create users - name: Create users
meta: "noop" meta: "noop"
- name: Restarting services
block:
- name: restart kimais mysql
docker_compose:
project_src: "{{ kimai.general.base_path }}"
restarted: true
services:
- "{{ kimai.services.mysql.service_name }}"
timeout: 30
listen: kimai_services_restart
- name: gather mysql ip
shell: docker inspect -f {% raw %}'{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}'{% endraw %} $(docker-compose ps -q {{ kimai.services.mysql.service_name }} )
args:
chdir: "{{ kimai.general.base_path }}"
register: kimai_db
listen: kimai_services_restart
- name: Wait for kimai db become ready
ansible.builtin.wait_for:
host: "{{ kimai_db.stdout }}"
port: 3306
delay: 10
listen: kimai_services_restart
- name: restart kimais normal services
docker_compose:
project_src: "{{ kimai.general.base_path }}"
restarted: true
services:
- "{{ kimai.services.nginx.service_name }}"
- "{{ kimai.services.postfix.service_name }}"
- "{{ kimai.main.service_name }}"
timeout: 10
listen: kimai_services_restart
- name: User-Setup
block:
- name: Create non-existent users
shell: >
docker-compose exec {{ kimai.main.service_name }} bash -c '/opt/kimai/bin/console kimai:user:create {{ item.key }} {{ item.value.mail }} {{ item.value.role }} {{ item.value.password }}'
args:
chdir: "{{ kimai.general.base_path }}"
loop: "{{ kimai_users | dict2items | selectattr('value._changed', 'equalto', True) }}"
changed_when: item.value._changed
listen: create_non_existing_users
notify: post_create_non_existing_users
- name: Set changed-Flag on admin users to False
set_fact:
kimai_users: "{{ kimai_users | combine({ item.key: {'mail': item.value.mail, 'password': item.value.password, 'role': item.value.role, '_changed': False} }) }}"
loop: "{{ kimai_users | dict2items | selectattr('value._changed', 'equalto', True) }}"
listen: post_create_non_existing_users

@ -11,47 +11,17 @@
template: template:
src: "docker-compose.yml.j2" src: "docker-compose.yml.j2"
dest: "{{ kimai.general.base_path }}/docker-compose.yml" dest: "{{ kimai.general.base_path }}/docker-compose.yml"
notify: kimai_services_restart
# notify: - name: Flush handlers
# - restart kimai meta: flush_handlers
# - fixup var
# - fixup kimai install
- name: restart kimais mysql
docker_compose:
project_src: "{{ kimai.general.base_path }}"
restarted: true
services:
- "{{ kimai.services.mysql.service_name }}"
timeout: 30
- name: gather mysql ip
shell: docker inspect -f {% raw %}'{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}'{% endraw %} $(docker-compose ps -q {{ kimai.services.mysql.service_name }} )
args:
chdir: "{{ kimai.general.base_path }}"
register: kimai_db
- name: Wait for kimai db become ready
ansible.builtin.wait_for:
host: "{{ kimai_db.stdout }}"
port: 3306
delay: 10
- name: restart kimais normal services
docker_compose:
project_src: "{{ kimai.general.base_path }}"
restarted: true
services:
- "{{ kimai.services.nginx.service_name }}"
- "{{ kimai.services.postfix.service_name }}"
- "{{ kimai.main.service_name }}"
timeout: 10
- name: fixup var - name: fixup var
shell: 'cd {{ kimai.general.base_path }}; docker-compose exec -u root {{ kimai.main.service_name }} bash -c "chmod 777 -R /opt/kimai/var";' shell: 'cd {{ kimai.general.base_path }}; docker-compose exec -u root {{ kimai.main.service_name }} bash -c "chmod 777 -R /opt/kimai/var";'
- name: Create admins - name: Create admins
block: block:
- name: Register existing users as facts - name: Gather existing users
shell: > shell: >
docker-compose exec {{ kimai.services.mysql.service_name }} mysql -u{{ kimai.services.mysql.user }} -p{{ kimai.services.mysql.password}} --execute "SELECT username,roles FROM {{ kimai.services.mysql.db }}.kimai2_users;" -sN 2>/dev/null | awk '{ gsub(/^[ \t]+|[ \t]+$/, ""); gsub(/[ ]+/," "); print $1,"|",$2}' > /kimai_users.txt docker-compose exec {{ kimai.services.mysql.service_name }} mysql -u{{ kimai.services.mysql.user }} -p{{ kimai.services.mysql.password}} --execute "SELECT username,roles FROM {{ kimai.services.mysql.db }}.kimai2_users;" -sN 2>/dev/null | awk '{ gsub(/^[ \t]+|[ \t]+$/, ""); gsub(/[ ]+/," "); print $1,"|",$2}' > /kimai_users.txt
args: args:
@ -62,22 +32,24 @@
check_mode: 'no' check_mode: 'no'
ignore_errors: 'yes' ignore_errors: 'yes'
register: admin_lines register: admin_lines
loop: "{{ kimai.main.users | dict2items | selectattr('value.roles', 'search', 'ROLE_SUPER_ADMIN')}}" loop: "{{ kimai.main.users | dict2items | selectattr('value.role', 'search', 'ROLE_SUPER_ADMIN')}}"
changed_when: admin_lines.rc != 0 changed_when: admin_lines.rc != 0
failed_when: admin_lines is not defined or admin_lines.rc > 1 failed_when: admin_lines is not defined or admin_lines.rc > 1
- name: Debug admin_lines - name: Debug admins to json
debug: debug:
msg: "Creating user: {{ result.item.key }}" msg: "Admins: {{ admin_lines | to_json }}"
loop: "{{ admin_lines.results | selectattr('changed', 'equalto', True) | rejectattr('failed', 'equalto', True) }}" - name: Init fact
loop_control: set_fact:
loop_var: result kimai_users:
# TODO: NOT WORKING YET! Missing parts for mail, password and such. But it's triggered just with absent users already!
- name: Create non-existent admins - name: Make existing admins a fact and model that fact as it is expected
shell: > set_fact:
docker-compose exec {{ kimai.main.service_name }} bash -c '/opt/kimai/bin/console kimai:user:create {{ result.item.key }}' kimai_users: "{{ kimai_users | combine({ result.item.key: {'mail': result.item.value.mail, 'password': result.item.value.password, 'role': result.item.value.role, '_changed': result.changed} }) }}"
loop: "{{ admin_lines.results | selectattr('changed', 'equalto', True) | rejectattr('failed', 'equalto', True) }}" loop: "{{ admin_lines.results | rejectattr('failed', 'equalto', True) }}"
loop_control: loop_control:
loop_var: result loop_var: result
changed_when: result.changed changed_when: result.changed
notify:
- create_non_existing_users

Loading…
Cancel
Save