diff --git a/defaults/main.yml b/defaults/main.yml index 1f94a8a..0b7b221 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -6,6 +6,7 @@ roundcube_username_domain: systemli.org roundcube_product_name: Systemli Webmail roundcube_support_url: https://www.systemli.org/kontakt.html roundcube_user: roundcube +roundcube_group: roundcube roundcube_user_shell: /bin/false roundcube_user_home: "/var/www/{{ roundcube_domain }}" roundcube_path: "{{ roundcube_user_home }}/www" diff --git a/tasks/carddav.yml b/tasks/carddav.yml index a6fd82a..2e9afbf 100644 --- a/tasks/carddav.yml +++ b/tasks/carddav.yml @@ -20,5 +20,5 @@ src: "plugins/carddav/config.inc.php.j2" dest: "{{ roundcube_path }}/plugins/carddav/config.inc.php" owner: "{{ roundcube_user }}" - group: "{{ roundcube_user }}" + group: "{{ roundcube_group }}" mode: 0640 diff --git a/tasks/enigma.yml b/tasks/enigma.yml index dedfc3c..83fd346 100644 --- a/tasks/enigma.yml +++ b/tasks/enigma.yml @@ -5,5 +5,5 @@ path: "{{ roundcube_enigma_home }}" state: directory owner: "{{ roundcube_user }}" - group: "{{ roundcube_user }}" + group: "{{ roundcube_group }}" mode: 0700 diff --git a/tasks/getmail.yml b/tasks/getmail.yml index cf06e50..109269d 100644 --- a/tasks/getmail.yml +++ b/tasks/getmail.yml @@ -11,7 +11,7 @@ src: plugins/getmail/config.inc.php.j2 dest: "{{ roundcube_path }}/plugins/getmail/config.inc.php" owner: "{{ roundcube_user }}" - group: "{{ roundcube_user }}" + group: "{{ roundcube_group }}" mode: 0640 notify: Update database for getmail diff --git a/tasks/main.yml b/tasks/main.yml index 4be8089..c9cc46d 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -10,11 +10,16 @@ pkg: "cron" state: present +- name: Ensure roundcube group is present + group: + name: "{{ roundcube_group }}" + - name: Ensure roundcube user is present user: name: "{{ roundcube_user }}" home: "{{ roundcube_user_home }}" shell: "{{ roundcube_user_shell }}" + groups: "{{ roundcube_group }}" - name: Install Roundcube dependencies apt: @@ -47,6 +52,8 @@ get_url: url: "https://github.com/roundcube/roundcubemail/releases/download/{{ roundcube_version }}/roundcubemail-{{ roundcube_version }}-complete.tar.gz" dest: "{{ roundcube_user_home }}" + owner: "{{ roundcube_user }}" + group: "{{ roundcube_group }}" mode: '0440' when: not ansible_check_mode register: download @@ -56,7 +63,7 @@ src: "{{ roundcube_user_home }}/roundcubemail-{{ roundcube_version }}-complete.tar.gz" dest: "{{ roundcube_user_home }}" owner: "{{ roundcube_user }}" - group: "{{ roundcube_user }}" + group: "{{ roundcube_group }}" mode: 0750 copy: no when: download.changed @@ -65,7 +72,10 @@ file: src: "{{ roundcube_user_home }}/roundcubemail-{{ roundcube_version }}/" dest: "{{ roundcube_path }}" + owner: "{{ roundcube_user }}" + group: "{{ roundcube_group }}" state: link + follow: False mode: 0755 register: link notify: Restart apache @@ -75,7 +85,7 @@ src: "{{ item }}.j2" dest: "{{ roundcube_path }}/{{ item }}" owner: "{{ roundcube_user }}" - group: "{{ roundcube_user }}" + group: "{{ roundcube_group }}" mode: 0640 with_items: - config/config.inc.php diff --git a/tasks/skin.yml b/tasks/skin.yml index 1f3e75f..d774944 100644 --- a/tasks/skin.yml +++ b/tasks/skin.yml @@ -12,7 +12,7 @@ file: path: "{{ roundcube_path }}/skins/{{ roundcube_skin }}/" owner: "{{ roundcube_user }}" - group: "{{ roundcube_user }}" + group: "{{ roundcube_group }}" recurse: true when: roundcube_skin == 'elastic_systemli' @@ -21,7 +21,7 @@ src: "roundcube/{{ roundcube_custom_logo }}" dest: "{{ roundcube_path }}/skins/{{ roundcube_skin }}/images/{{ roundcube_custom_logo }}" owner: "{{ roundcube_user }}" - group: "{{ roundcube_user }}" + group: "{{ roundcube_group }}" mode: 0644 when: roundcube_custom_logo is defined @@ -30,6 +30,6 @@ src: "roundcube/{{ roundcube_custom_favicon }}" dest: "{{ roundcube_path }}/skins/{{ roundcube_skin }}/images/{{ roundcube_custom_favicon }}" owner: "{{ roundcube_user }}" - group: "{{ roundcube_user }}" + group: "{{ roundcube_group }}" mode: 0644 when: roundcube_custom_favicon | default()