Merge pull request #11 from UdelaRInterior/issue2-upstream

PostgreSQL integration

README.md

@@ -1,15 +1,16 @@
 # sympa
-This is an Ansible role which sets up a sympa
+
+This is an Ansible role which sets up a [Sympa](https://sympa.org) mailing list manager.
 
 
 ## Requirements
 
-Debian or Ubuntu with a webserver that serves the sympa web app and a mysql database for it.
+Debian stretch or Ubuntu server. MySQL/MariaDB or PostgreSQL database options. Database manager can be previously installed in the host (default) or optionnally installed by the role itself. Webserver for Sympa should be configured elsewhere. 
 
 
 ## Role Variables
 
-For the full documentation see https://sympa-community.github.io/, this was tested with Sympa Version 6.2.16
+For the full documentation see https://sympa-community.github.io/, this role was tested with Sympa Version 6.2.16 (Debian stretch sympa package).
 
 ### List Templates
 `sympa_template_lists` is a list of templates to be defined.
@@ -58,7 +59,7 @@ Each entry consists of the following:
 | `name`    | :heavy_check_mark: | Name of the auth option like ldap, user_table |
 | `options` | :heavy_check_mark: | Dict of options for the auth method           |
 
-## Example
+#### Example
 
 ```yaml
 sympa_auth:
@@ -90,7 +91,7 @@ Each list entry contains the following:
 | `path`  | :heavy_check_mark: | Path of the category  |
 | `title` | :heavy_check_mark: | Title of the category |
 
-## Example
+#### Example
 
 ```yaml
 sympa_topics:
@@ -100,6 +101,13 @@ title: Art
 title: Expressionism
 ```
 
+### Database manager
+
+| Name                       | Required/Default   | Description                                                                               |
+|:---------------------------|:------------------:|:------------------------------------------------------------------------------------------|
+| `sympa_db_type`            | `mysql`            | Choice of database manager. `MySQL` or `PostgreSQL`. `mysql` and `Pg` values are acceptable, but deprecated. Other database options are not managed. |
+| `sympa_install_db_package` | `False`            | Whether the db manager is installed previously (`False`) or the role installs it (`True`) |
+
 ### Sympa Variables
 
 | Name                                       | Required/Default                                                                                                      | Description                                                                                                                                                                                                                                                                                                                              |
@@ -207,3 +215,4 @@ This work is licensed under a [Creative Commons Attribution-ShareAlike 4.0 Inter
 ## Author Information
 
 * [Fritz Otlinghaus (Scriptkiddi)](https://github.com/Scriptkiddi) [email protected]_
+* [UdelaR Interior](https://github.com/UdelaRInterior) contributions

defaults/main.yml

@@ -1,4 +1,7 @@
 ---
+## Sympa Ansible role default variables
+
+sympa_domain: "{{ ansible_fqdn }}"
 sympa_show_default_templates: false
 sympa_template_lists: []
 ## Define the following variables for ldap alias manager
@@ -8,9 +11,13 @@ sympa_template_lists: []
 #  ssl: true
 #  queue_transport: sympa
 #  bouncequeue_transport: sympabounce
+
+## Database variables
+sympa_db_type: mysql             #'MySQL' or 'mysql'. or 'PostgreSQL' or 'Pg'. 'mysql' and 'Pg' values are deprecated
+sympa_install_db_package: False  # 'True' for this role to install mysql or postgresql package, 'False' if installed elsewhere 
 sympa_db_name: sympa
 sympa_db_host: localhost
-sympa_db_port: 3306
+sympa_db_port: "{{ 5432 if sympa_db_type == 'PostgreSQL' else 3306 }}"
 sympa_db_user: sympa
 sympa_lang: en
 sympa_auth:
@@ -113,4 +120,21 @@ sympa_default_home: home
 sympa_edit_list: owner
 sympa_ldap_force_canonical_email: 1
 sympa_review_page_size: 25
+sympa_webserver_type: Other                        # 'Other' or 'Apache 2'
 sympa_web_page_title: Mailing lists service
+
+sympa_apache2_configure: false
+sympa_www_domain: '{{ sympa_domain }}'
+sympa_server_admin: 'listmaster@{{ sympa_domain }}'
+sympa_wwsympa_url: 'https://{{ sympa_www_domain }}/{{ sympa_script_alias }}'
+sympa_script_alias: wws
+sympa_static_alias: static-sympa
+
+## SSL webserver certificates
+sympa_ssl_cert_file:     /etc/ssl/certs/ssl-cert-snakeoil.pem
+sympa_ssl_cert_key_file: /etc/ssl/private/ssl-cert-snakeoil.key
+## It's worthful to install certbot and define
+# sympa_ssl_cert_file:     /etc/letsencrypt/live/{{ sympa_www_domain }}/cert.pem
+# sympa_ssl_cert_key_file: /etc/letsencrypt/live/{{ sympa_www_domain }}/privkey.pem
+
+...

tasks/main.yml

@@ -1,36 +1,43 @@
-- name: Set database to mysql
-  debconf:
-    name: sympa
-    question: sympa/database-type
-    value: mysql
-    vtype: select
+---
+## Sympa configuration main tasks file
 
-- name: Set webserver to other
-  debconf:
-    name: sympa
-    question: wwsympa/webserver_type
-    value: Other
-    vtype: select
+- name: Check that "debconf" and "debconf-utils" are installed
+  apt:
+    name:
+    - debconf
+    - debconf-utils
+    state: latest
+
+- name: MySQL/MariaDB configuration
+  include_tasks: mysql.yml
+  when: sympa_db_type == 'MySQL' or sympa_db_type == 'mysql'
+  tags: mysql
 
-- name: "Set dbconfig-install to no"
+- name: PostgreSQL configuration
+  include_tasks: postgresql.yml
+  when: sympa_db_type == 'PostgreSQL' or sympa_db_type == 'Pg'
+  tags: postgresql
+
+- name: Set debconf options for sympa
   debconf:
-    name: sympa
-    question: sympa/dbconfig-install
-    value: no
-    vtype: boolean
-  changed_when: false
-
-- name: Create a new database with name '{{ sympa_db_name }}'
-  mysql_db:
-    name: "{{ sympa_db_name }}"
-    encoding: utf8
-
-- name: Create DB user '{{ sympa_db_user }}'
-  mysql_user:
-    name: "{{ sympa_db_user }}"
-    password: "{{ sympa_db_password | mandatory }}"
-    priv: '{{ sympa_db_name }}.*:ALL,GRANT'
-  no_log: True
+    name: "{{ item.name }}"
+    question: "{{ item.question }}"
+    value: "{{ item.value }}"
+    vtype: "{{ item.vtype }}"
+  loop:
+      ## set the database type
+  - { name: 'sympa', question: 'sympa/database-type', value: '{{ sympa_db_type }}' , vtype: select }
+      ## This Ansible role configures the database, not dbconfig at sympa package installation 
+  - { name: 'sympa', question: 'sympa/dbconfig-install', value: 'false' , vtype: boolean }
+      ## Set the sympa database name
+  - { name: 'sympa', question: 'sympa/db/dbname', value: '{{ sympa_db_name }}' , vtype: string }
+      ## Set the sympa database user
+  - { name: 'sympa', question: 'sympa/db/app-user', value: '{{ sympa_db_user }}' , vtype: string }
+      ## Use the localhost for database (and not a distant host to define)
+  - { name: 'sympa', question: 'sympa/remote/host', value: 'localhost' , vtype: select }
+      ## Set the webserver type
+  - { name: 'sympa', question: 'wwsympa/webserver_type', value: '{{ sympa_webserver_type }}' , vtype: select }
+
 
 - name: Create sympa dir
   file:
@@ -51,6 +58,7 @@
     name:
       - sympa
       - fcgiwrap
+    state: latest
 
 - name: Fix permissions
   file:
@@ -173,3 +181,5 @@
     minute: "0"
     hour: "2"
     job: "/usr/lib/sympa/bin/sympa.pl --reload_list_config"
+
+...

tasks/mysql.yml

@@ -0,0 +1,52 @@
+---
+## MySQL configuration for sympa
+
+- name: Check MySQL installation
+  block: 
+  - name: Gather installed packages
+    package_facts:
+      manager: auto
+
+  - name: Check if mysql server package is installed
+    assert:
+      that: >
+        ansible_facts.packages['default-mysql-server'] is defined or
+        ansible_facts.packages['mysql-server'] is defined or
+        ansible_facts.packages['mariadb-server-10.1'] is defined   
+      ## The last condition could be replaced by a jinja2 json_query filter to match any version 
+      fail_msg: "No mysql package found. We stop, because we can't install sympa without its database. Sorry."
+      success_msg: "mysql package found. We can continue!"
+  when: not sympa_install_db_package
+
+- name: Install MySQL packages 
+  apt: 
+    name: 
+    - default-mysql-server
+    - python-dev
+    - default-libmysqlclient-dev
+    state: present
+  when: sympa_install_db_package
+
+- name: Install pip, if not yet installed
+  apt: 
+    name: python-pip
+    state: present
+
+- name: install mysqlclient pip module, if not yet installed
+  pip: 
+    name: mysqlclient
+    state: present
+
+- name: Create a new database with name '{{ sympa_db_name }}'
+  mysql_db:
+    name: "{{ sympa_db_name }}"
+    encoding: utf8
+
+- name: Create DB user '{{ sympa_db_user }}'
+  mysql_user:
+    name: "{{ sympa_db_user }}"
+    password: "{{ sympa_db_password | mandatory }}"
+    priv: '{{ sympa_db_name }}.*:ALL,GRANT'
+  no_log: True
+
+...

tasks/postgresql.yml

@@ -0,0 +1,63 @@
+---
+## PostgreSQL installation and configuration for sympa
+
+- name: Check PostgreSQL installation
+  block: 
+  - name: Gather installed packages
+    package_facts:
+      manager: auto
+
+  - name: Check if postgresql server package is installed
+    assert:
+      that: ansible_facts.packages['postgresql'] is defined
+      fail_msg: "No postgresql package found. We stop, because we can't install sympa without its database. Sorry."
+      success_msg: "postgresql package found. We can continue!"
+  when: not sympa_install_db_package
+
+- name: Install PostgreSQL
+  apt:
+    state: present
+    update_cache: yes
+    cache_valid_time: 3600
+    name:
+      - postgresql
+      - postgresql-contrib
+      - libpq-dev
+      - python-psycopg2
+      - dbconfig-pgsql
+  when: sympa_install_db_package
+  tags: postgresql
+
+- name: Create sympa database
+  become: true
+  become_user: postgres
+  postgresql_db:
+    name: "{{ sympa_db_name }}"
+    encoding: UTF-8
+    lc_collate: es_UY.UTF-8
+    lc_ctype: es_UY.UTF-8
+    template: template0
+    state: present
+  tags: postgresql
+
+- name: Create sympa user with access to the database
+  become: true
+  become_user: postgres
+  postgresql_user:
+    db: "{{ sympa_db_name }}"
+    name: "{{ sympa_db_user }}"
+    password: "{{ sympa_db_password | mandatory }}"
+    priv: ALL
+    state: present
+
+
+## Debconf keys for sympa database
+
+- name: Set password debconf option for Sympa PostgreSQL database
+  debconf:
+    name: sympa
+    question: sympa/pgsql/app-pass
+    value: "{{ sympa_db_password | mandatory }}"
+    vtype: password
+
+...

templates/sympa.conf.j2

@@ -283,7 +283,7 @@ parsed_family_files	{{ sympa_parsed_family_files }}
 ## db_type
 ## Type of the database (mysql|Pg|Oracle|Sybase|SQLite)
 ## Be careful to the case
-db_type	mysql
+db_type	{{ sympa_db_type }}
 
 ## db_name
 ## Name of the database