Compare commits
	
		
			1 Commits
		
	
	
		
			2367e94000
			...
			transcaffe
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
| bca5e68288 | 
| @@ -29,6 +29,8 @@ concise area of concern. | ||||
| - [`openproject`](roles/openproject/README.md): Deploys an [openproject.org](https://www.openproject.org) | ||||
|   installation using the upstream provided docker-compose setup. | ||||
|  | ||||
| - [`pretix`](roles/pretix/README.md): Deploy [pretix](https://pretix.eu), the open source online ticketing solution. | ||||
|  | ||||
| - [`snipe_it`](roles/snipe_it/README.md): Deploys [Snipe-IT](https://snipeitapp.com/), | ||||
|   the free and open-source IT asset (and license) management with a powerful REST API | ||||
|  | ||||
|   | ||||
| @@ -24,3 +24,4 @@ tags: | ||||
|   - snipeit | ||||
|   - docker | ||||
|   - phpldapadmin | ||||
|   - pretix | ||||
|   | ||||
							
								
								
									
										99
									
								
								playbooks/pretix.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										99
									
								
								playbooks/pretix.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,99 @@ | ||||
| --- | ||||
| - import_playbook: finallycoffee.databases.postgresql_client | ||||
|   when: pretix_configure_postgresql | default(true) | ||||
|   vars: | ||||
|     postgresql_hosts: "{{ pretix_hosts | default('pretix') }}" | ||||
|     postgresql_become: >-2 | ||||
|       {{ pretix_postgresql_client_become | default(pretix_become | default(true)) }} | ||||
|     postgresql_client_database: "{{ pretix_postgresql_database | default('pretix') }}" | ||||
|     postgresql_client_username: "{{ pretix_postgresql_user | default('pretix') }}" | ||||
|     postgresql_client_password: >-2 | ||||
|       {{ pretix_postgresql_password | mandatory(msg='pretix postgresql password is required') }} | ||||
|  | ||||
| - import_playbook: finallycoffee.databases.valkey | ||||
|   when: pretix_configure_valkey | default(true) | ||||
|   vars: | ||||
|     valkey_hosts: "{{ pretix_hosts | default('pretix') }}" | ||||
|     valkey_instance: "pretix" | ||||
|     valkey_secret: "{{ pretix_redis_secret | mandatory(msg='pretix valkey secret is required') }}" | ||||
|     valkey_config_user: | ||||
|       - "default on +@all -DEBUG ~* &* >{{ pretix_redis_secret }}" | ||||
|     valkey_container_ports: | ||||
|       - "{{ pretix_redis_bind_addr | default('127.0.10.1:6739') }}:{{ valkey_config_port }}" | ||||
|     valkey_config_bind: | ||||
|       - "0.0.0.0" | ||||
|       - "-::" | ||||
|  | ||||
| - name: Install and configure pretix | ||||
|   hosts: "{{ pretix_hosts | default('pretix') }}" | ||||
|   become: "{{ pretix_become | default(true) }}" | ||||
|   gather_facts: "{{ pretix_gather_facts | default(false) }}" | ||||
|   roles: | ||||
|     - role: finallycoffee.services.pretix | ||||
|       vars: | ||||
|         pretix_config_url: "https://{{ pretix_domain }}" | ||||
|         pretix_config_database_name: "{{ pretix_postgresql_database | default('pretix') }}" | ||||
|         pretix_config_database_user: "{{ pretix_postgresql_user | default('pretix') }}" | ||||
|         pretix_config_database_password: "{{ pretix_postgresql_password }}" | ||||
|         pretix_config_redis_location: >-2 | ||||
|           redis://:{{ pretix_redis_secret }}@{{ pretix_redis_bind_addr }}/0 | ||||
|         pretix_config_celery_backend: >-2 | ||||
|           redis://:{{ pretix_redis_secret }}@{{ pretix_redis_bind_addr }}/1 | ||||
|         pretix_config_celery_broker: >-2 | ||||
|           redis://:{{ pretix_redis_secret }}@{{ pretix_redis_bind_addr }}/2 | ||||
|     - role: finallycoffee.base.nginx | ||||
|       when: pretix_configure_nginx | default(true) | ||||
|       vars: | ||||
|         nginx_container_name: "nginx-pretix" | ||||
|         nginx_container_labels: "{{ pretix_nginx_container_labels | default({}, true) }}" | ||||
|         nginx_config_file: "{{ nginx_base_path }}/nginx-pretix.conf" | ||||
|         nginx_config: |+ | ||||
|           server { | ||||
|               listen 80 default_server; | ||||
|               server_name {{ pretix_domain }}; | ||||
|               add_header Referrer-Policy same-origin; | ||||
|               add_header X-Content-Type-Options nosniff; | ||||
|               location / { | ||||
|                   proxy_pass http://{{ pretix_config_wsgi_bind_addr }}; | ||||
|                   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | ||||
|                   proxy_set_header X-Forwarded-Proto https; | ||||
|                   proxy_set_header Host $http_host; | ||||
|               } | ||||
|               location /media/ { | ||||
|                   alias {{ pretix_media_dir }}/; | ||||
|                   expires 7d; | ||||
|                   access_log off; | ||||
|               } | ||||
|               location ^~ /media/cachedfiles { | ||||
|                   deny all; | ||||
|                   return 404; | ||||
|               } | ||||
|               location ^~ /media/invoices { | ||||
|                   deny all; | ||||
|                   return 404; | ||||
|               } | ||||
|               location /static/staticfiles.json { | ||||
|                   deny all; | ||||
|                   return 404; | ||||
|               } | ||||
|               location /static/CACHE/manifest.json { | ||||
|                   deny all; | ||||
|                   return 404; | ||||
|               } | ||||
|               location /static/ { | ||||
|                   alias {{ pretix_static_asset_dir }}; | ||||
|                   access_log off; | ||||
|                   expires 365d; | ||||
|                   add_header Cache-Control "public"; | ||||
|               } | ||||
|           } | ||||
|         pretix_python_version: >-2 | ||||
|           python{{ ansible_python.version.major }}.{{ ansible_python.version.minor }} | ||||
|         pretix_static_asset_dir: >-2 | ||||
|           {{ pretix_virtualenv_dir }}/lib/{{ pretix_python_version }}/site-packages/pretix/static.dist/ | ||||
|         nginx_container_volumes: | ||||
|           - "{{ nginx_config_file }}:/etc/nginx/conf.d/nginx.conf:ro" | ||||
|           - "{{ pretix_media_dir }}:{{ pretix_media_dir }}:ro" | ||||
|           - "{{ pretix_static_asset_dir }}:{{ pretix_static_asset_dir }}:ro" | ||||
|   vars: | ||||
|     pretix_redis_bind_addr: "127.0.10.1:6739" | ||||
							
								
								
									
										54
									
								
								roles/pretix/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										54
									
								
								roles/pretix/README.md
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,54 @@ | ||||
| # `finallycoffee.services.pretix` ansible role | ||||
|  | ||||
| Deploy [pretix](https://pretix.eu) using ansible. Note that this | ||||
| role does not configure pretix beyond its own configuration file, | ||||
| and requires changing a default admin password after a successful | ||||
| installation. | ||||
|  | ||||
| ## Configuration | ||||
|  | ||||
| For all available configuration options, see [`defaults/main/config.yml`](defaults/main/config.yml) | ||||
| and other supporting files in the [`defaults/main/`](defaults/main/) folder. | ||||
|  | ||||
| To add custom configuration to pretix, populate them in `pretix_config`, | ||||
| where they will be (recusively) merged into the default configuration. | ||||
|  | ||||
| ### Required | ||||
|  | ||||
| - `pretix_domain`: domain of the pretix instance | ||||
| - `pretix_postgresql_password`: password for the (default: postgresql) database | ||||
| - `pretix_config_redis_location`: connection string for the main pretix redis database | ||||
| - `pretix_config_celery_backend`: connection string for the celery backend, can be a (different!) redis database | ||||
| - `pretix_config_celery_broker`: connection string for the celery broker, can be a (yet another different) redis database | ||||
|  | ||||
| For examples on how a redis server (like valkey) can be configured | ||||
| for redis, see [`playbooks/pretix.yml`](../../playbooks/pretix.yml). | ||||
|  | ||||
| ### Mailing | ||||
|  | ||||
| Set up mails in pretix by populating the following variables: | ||||
| - `pretix_config_mail_host`: domain/IP and optional port of the SMTP server | ||||
| - `pretix_config_mail_user`: SMTP user to authenticate | ||||
| - `pretix_config_mail_password`: password for the SMTP user | ||||
|  | ||||
| ### Plugins | ||||
|  | ||||
| To install more plugins, list the wanted `pypi` packages as a list in | ||||
| `pretix_plugins`. They will be installed in the created virtualenv, and migrations and an asset rebuild will be automatically started. | ||||
|  | ||||
| If your plugin requires custom configuration (f.ex.: `pretix-oidc`), | ||||
| add the configuration into `pretix_config`. | ||||
|  | ||||
| ## Troubleshooting | ||||
|  | ||||
| ### virtualenv | ||||
|  | ||||
| By default, the virtualenv is located in `/var/lib/pretix/virtualenv`. | ||||
| This can be controlled by setting `pretix_virtualenv_dir`. | ||||
|  | ||||
| NOTE: To fix a broken virtualenv, try setting `pretix_virtualenv_state` to `forcereinstall` (see | ||||
| [`ansible.builtin.pip` on docs.ansible.com](https://docs.ansible.com/ansible/latest/collections/ansible/builtin/pip_module.html)). | ||||
|  | ||||
| NOTE: To install pip packages or execute migrations in the virtualenv, ansible | ||||
| needs to become the unprivilated `pretix_user` (default: `pretix`). This might | ||||
| require having the `acl` system package installed. | ||||
							
								
								
									
										86
									
								
								roles/pretix/defaults/main/config.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										86
									
								
								roles/pretix/defaults/main/config.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,86 @@ | ||||
| --- | ||||
| pretix_config_instance_name: "My pretix installation" | ||||
| pretix_config_url: "https://pretix.example.org" | ||||
| pretix_config_currency: "EUR" | ||||
| pretix_config_data_dir: "{{ pretix_data_dir }}" | ||||
| pretix_config_trust_x_forwarded_for: "on" | ||||
| pretix_config_trust_x_forwarded_proto: "on" | ||||
|  | ||||
| pretix_config_wsgi_name: "pretix" | ||||
| pretix_config_wsgi_workers: 4 | ||||
| pretix_config_wsgi_max_requests: 100 | ||||
| pretix_config_wsgi_log_level: "info" | ||||
| pretix_config_wsgi_bind_addr: "127.0.0.1:8345" | ||||
| pretix_config_worker_log_level: "{{ pretix_config_wsgi_log_level }}" | ||||
|  | ||||
| pretix_config_database_backend: postgresql | ||||
| pretix_config_database_name: pretix | ||||
| pretix_config_database_user: pretix | ||||
| pretix_config_database_password: ~ | ||||
| pretix_config_database_host: "" | ||||
|  | ||||
| pretix_config_mail_host: ~ | ||||
| pretix_config_mail_from: "tickets@example.org" | ||||
| pretix_config_mail_user: ~ | ||||
| pretix_config_mail_password: ~ | ||||
| pretix_config_mail_tls: true | ||||
| pretix_config_mail_ssl: false | ||||
|  | ||||
| pretix_config_redis_location: ~ | ||||
| pretix_config_redis_sessions: true | ||||
|  | ||||
| pretix_config_celery_backend: ~ | ||||
| pretix_config_celery_broker: ~ | ||||
|  | ||||
| pretix_app_config: | ||||
|   url: "{{ pretix_config_url }}" | ||||
|   instance_name: "{{ pretix_config_instance_name }}" | ||||
|   datadir: "{{ pretix_config_data_dir }}" | ||||
|   trust_x_forwarded_for: "{{ pretix_config_trust_x_forwarded_for }}" | ||||
|   trust_x_forwarded_proto: "{{ pretix_config_trust_x_forwarded_proto }}" | ||||
|   currency: "{{ pretix_config_currency }}" | ||||
|  | ||||
| pretix_database_config: | ||||
|   backend: "{{ pretix_config_database_backend }}" | ||||
|   name: "{{ pretix_config_database_name }}" | ||||
|   user: "{{ pretix_config_database_user }}" | ||||
|   password: "{{ pretix_config_database_password }}" | ||||
|   host: "{{ pretix_config_database_host }}" | ||||
|  | ||||
| pretix_mail_minimal_config: | ||||
|   host: "{{ pretix_config_mail_host }}" | ||||
|   from: "{{ pretix_config_mail_from }}" | ||||
| pretix_mail_config: >-2 | ||||
|   {{ pretix_mail_minimal_config | ||||
|     | combine({'user': pretix_config_mail_user} if pretix_config_mail_user else {}) | ||||
|     | combine({'password': pretix_config_mail_password} if pretix_config_mail_password else {}) | ||||
|     | combine({'ssl': pretix_config_mail_ssl | bool | ternary('on', 'off')} if pretix_config_mail_ssl else {}) | ||||
|     | combine({'tls': pretix_config_mail_tls | bool | ternary('on', 'off')} if pretix_config_mail_tls else {}) | ||||
|   }} | ||||
|  | ||||
| pretix_redis_config: | ||||
|   location: "{{ pretix_config_redis_location }}" | ||||
|   sessions: "{{ pretix_config_redis_sessions | bool | ternary('true', 'false') }}" | ||||
|  | ||||
| pretix_celery_config: | ||||
|   backend: "{{ pretix_config_celery_backend }}" | ||||
|   broker: "{{ pretix_config_celery_broker }}" | ||||
|  | ||||
| pretix_config: {} | ||||
| pretix_default_config: | ||||
|   pretix: "{{ pretix_app_config }}" | ||||
|   database: "{{ pretix_database_config }}" | ||||
|   mail: "{{ pretix_mail_config }}" | ||||
|   redis: "{{ pretix_redis_config }}" | ||||
|   celery: "{{ pretix_celery_config }}" | ||||
|  | ||||
| pretix_config_merged: >-2 | ||||
|   {{ pretix_default_config | combine(pretix_config | default({}), recursive=True) }} | ||||
|  | ||||
| pretix_config_file_content: |+2 | ||||
|   {% for kv in (pretix_config_merged | dict2items) %} | ||||
|   [{{ kv.key }}] | ||||
|   {% for entry in ((kv.value | default({}, true)) | dict2items) %} | ||||
|   {{ entry.key }}={{ entry.value }} | ||||
|   {% endfor %} | ||||
|   {% endfor %} | ||||
							
								
								
									
										16
									
								
								roles/pretix/defaults/main/main.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										16
									
								
								roles/pretix/defaults/main/main.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,16 @@ | ||||
| --- | ||||
| pretix_version: "2025.7.1" | ||||
| pretix_state: "present" | ||||
| pretix_deployment_method: "systemd" | ||||
|  | ||||
| pretix_config_file: "/etc/pretix/pretix.cfg" | ||||
| pretix_config_file_owner: "{{ pretix_user_id }}" | ||||
| pretix_config_file_group: "{{ pretix_group_id }}" | ||||
| pretix_config_file_mode: "0640" | ||||
| pretix_config_dir: "{{ pretix_config_file | dirname }}" | ||||
| pretix_install_dir: "/var/lib/pretix" | ||||
| pretix_virtualenv_dir: "{{ pretix_install_dir }}/virtualenv" | ||||
| pretix_data_dir: "{{ pretix_install_dir }}/data" | ||||
| pretix_media_dir: "{{ pretix_data_dir }}/media" | ||||
|  | ||||
| pretix_plugins: [] | ||||
							
								
								
									
										22
									
								
								roles/pretix/defaults/main/system_packages.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										22
									
								
								roles/pretix/defaults/main/system_packages.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,22 @@ | ||||
| --- | ||||
| pretix_debian_packages: | ||||
|   - "git" | ||||
|   - "build-essential" | ||||
|   - "python3-dev" | ||||
|   - "python3-venv" | ||||
|   - "python3" | ||||
|   - "python3-pip" | ||||
|   - "libxml2-dev" | ||||
|   - "libxslt1-dev" | ||||
|   - "libffi-dev" | ||||
|   - "zlib1g-dev" | ||||
|   - "libssl-dev" | ||||
|   - "gettext" | ||||
|   - "libpq-dev" | ||||
|   - "libjpeg-dev" | ||||
|   - "libopenjp2-7-dev" | ||||
|   - "nodejs" | ||||
|  | ||||
| pretix_packages: | ||||
|   "debian": | ||||
|     "12": "{{ pretix_debian_packages }}" | ||||
							
								
								
									
										50
									
								
								roles/pretix/defaults/main/systemd.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										50
									
								
								roles/pretix/defaults/main/systemd.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,50 @@ | ||||
| --- | ||||
| pretix_systemd_unit_description: "pretix web service" | ||||
| pretix_systemd_unit_after: "network.target" | ||||
| pretix_systemd_unit_file_path: >-2 | ||||
|   /etc/systemd/system/{{ pretix_systemd_service_name }} | ||||
|  | ||||
| pretix_systemd_service_name: "pretix.service" | ||||
| pretix_systemd_service_user: "{{ pretix_user }}" | ||||
| pretix_systemd_service_group: "{{ pretix_user }}" | ||||
| pretix_systemd_service_environment: | ||||
|   VIRTUAL_ENV: "{{ pretix_virtualenv_dir }}" | ||||
|   PATH: "{{ pretix_virtualenv_dir }}/bin:/usr/local/bin:/usr/bin:/bin" | ||||
| pretix_systemd_service_working_directory: "{{ pretix_install_dir }}" | ||||
| pretix_systemd_service_exec_start: >-2 | ||||
|   {{ pretix_virtualenv_dir }}/bin/gunicorn pretix.wsgi | ||||
|   --name {{ pretix_config_wsgi_name }} | ||||
|   --workers {{ pretix_config_wsgi_workers }} | ||||
|   --max-requests {{ pretix_config_wsgi_max_requests }} | ||||
|   --log-level={{ pretix_config_wsgi_log_level }} | ||||
|   --bind={{ pretix_config_wsgi_bind_addr }} | ||||
| pretix_systemd_service_restart: "on-failure" | ||||
|  | ||||
| pretix_systemd_install_wanted_by: "multi-user.target" | ||||
|  | ||||
| # pretix worker | ||||
| pretix_worker_systemd_service_name: "pretix-worker.service" | ||||
| pretix_worker_systemd_service_description: "pretix worker service" | ||||
| pretix_worker_systemd_unit_file_path: >-2 | ||||
|   /etc/systemd/system/{{ pretix_worker_systemd_service_name }} | ||||
| pretix_worker_systemd_service_exec_start: >-2 | ||||
|   {{ pretix_virtualenv_dir }}/bin/celery | ||||
|   -A pretix.celery_app worker | ||||
|   -l  {{ pretix_config_worker_log_level }} | ||||
|  | ||||
| # pretix cron | ||||
| pretix_cron_systemd_service_name: "pretix-cron.service" | ||||
| pretix_cron_systemd_service_description: "pretix cron service" | ||||
| pretix_cron_systemd_unit_file_path: >-2 | ||||
|   /etc/systemd/system/{{ pretix_cron_systemd_service_name }} | ||||
| pretix_cron_systemd_service_exec_start: >-2 | ||||
|   python3 -m pretix runperiodic | ||||
|  | ||||
| pretix_cron_systemd_timer_name: "pretix-cron.timer" | ||||
| pretix_cron_systemd_timer_description: "pretix cron timer" | ||||
| pretix_cron_systemd_timer_file_path: >-2 | ||||
|   /etc/systemd/system/{{ pretix_cron_systemd_timer_name }} | ||||
| pretix_cron_systemd_timer_on_active_sec: 1800 | ||||
| pretix_cron_systemd_timer_on_startup_sec: >-2 | ||||
|   {{ pretix_cron_systemd_timer_on_active_sec }} | ||||
| pretix_cron_systemd_timer_accuracy_sec: 60 | ||||
							
								
								
									
										7
									
								
								roles/pretix/defaults/main/user.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										7
									
								
								roles/pretix/defaults/main/user.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,7 @@ | ||||
| --- | ||||
| pretix_user: "pretix" | ||||
| pretix_user_system: true | ||||
| pretix_user_create_home: false | ||||
|  | ||||
| pretix_user_id: "{{ pretix_user_info.uid | default(pretix_user) }}" | ||||
| pretix_group_id: "{{ pretix_user_info.group | default(pretix_user) }}" | ||||
							
								
								
									
										11
									
								
								roles/pretix/defaults/main/virtualenv.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										11
									
								
								roles/pretix/defaults/main/virtualenv.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,11 @@ | ||||
| --- | ||||
| pretix_virtualenv_state: "{{ pretix_state }}" | ||||
| pretix_virtualenv_packages: | ||||
|   - "pip" | ||||
|   - "setuptools" | ||||
|   - "wheel" | ||||
|   - "gunicorn" | ||||
|   - "pretix=={{ pretix_version }}" | ||||
|  | ||||
| pretix_virtualenv_site_packages: false | ||||
| pretix_virtualenv_command: "python3 -m venv" | ||||
							
								
								
									
										6
									
								
								roles/pretix/handlers/main.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										6
									
								
								roles/pretix/handlers/main.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,6 @@ | ||||
| --- | ||||
| - name: Ensure pretix systemd service is restarted | ||||
|   listen: pretix_restart | ||||
|   ansible.builtin.systemd_service: | ||||
|     name: "{{ pretix_systemd_service_name }}" | ||||
|     state: "restarted" | ||||
							
								
								
									
										9
									
								
								roles/pretix/meta/main.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										9
									
								
								roles/pretix/meta/main.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,9 @@ | ||||
| --- | ||||
| allow_duplicates: true | ||||
| dependencies: [] | ||||
| galaxy_info: | ||||
|   role_name: pretix | ||||
|   description: Ansible role to deploy pretix (https://pretix.eu) | ||||
|   galaxy_tags: | ||||
|     - pretix | ||||
|     - ticketing | ||||
							
								
								
									
										14
									
								
								roles/pretix/tasks/check.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										14
									
								
								roles/pretix/tasks/check.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,14 @@ | ||||
| --- | ||||
| - name: Ensure 'pretix_state' is valid | ||||
|   ansible.builtin.fail: | ||||
|     msg: >-2 | ||||
|       Unsupported pretix_state '{{ pretix_state }}'. | ||||
|       Supported states are {{ pretix_states | join(', ') }} | ||||
|   when: pretix_state not in pretix_states | ||||
|  | ||||
| - name: Ensure 'pretix_deployment_method' is valid | ||||
|   ansible.builtin.fail: | ||||
|     msg: >-2 | ||||
|       Unsupported pretix_state '{{ pretix_deployment_method }}'. | ||||
|       Supported states are {{ pretix_deployment_methods | join(', ') }} | ||||
|   when: pretix_deployment_method not in pretix_deployment_methods | ||||
							
								
								
									
										10
									
								
								roles/pretix/tasks/configure.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										10
									
								
								roles/pretix/tasks/configure.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,10 @@ | ||||
| --- | ||||
| - name: Ensure configuration file is written | ||||
|   ansible.builtin.copy: | ||||
|     dest: "{{ pretix_config_file }}" | ||||
|     content: "{{ pretix_config_file_content }}" | ||||
|     owner: "{{ pretix_config_file_owner }}" | ||||
|     group: "{{ pretix_config_file_group }}" | ||||
|     mode: "{{ pretix_config_file_mode }}" | ||||
|   when: pretix_state == 'present' | ||||
|   register: pretix_config_file_info | ||||
							
								
								
									
										64
									
								
								roles/pretix/tasks/deploy-systemd.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										64
									
								
								roles/pretix/tasks/deploy-systemd.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,64 @@ | ||||
| --- | ||||
| - name: Ensure virtualenv in {{ pretix_virtualenv_dir }} is present | ||||
|   ansible.builtin.pip: | ||||
|     name: "{{ pretix_virtualenv_packages + pretix_plugins }}" | ||||
|     state: "{{ pretix_virtualenv_state }}" | ||||
|     chdir: "{{ pretix_install_dir }}" | ||||
|     virtualenv: "{{ pretix_virtualenv_dir }}" | ||||
|     virtualenv_command: "{{ pretix_virtualenv_command | default(omit, true) }}" | ||||
|     virtualenv_site_packages: "{{ pretix_virtualenv_site_packages }}" | ||||
|   become: true | ||||
|   become_user: "{{ pretix_user }}" | ||||
|   register: pretix_virtualenv_info | ||||
|  | ||||
| # TODO: determine to only do this on a) upgrades or b) initial deployis | ||||
| - name: Ensure pretix database migrations are run | ||||
|   ansible.builtin.command: | ||||
|     cmd: "{{ pretix_virtualenv_dir }}/bin/python -m pretix migrate" | ||||
|     chdir: "{{ pretix_install_dir }}" | ||||
|   environment: | ||||
|     VIRTUAL_ENV: "{{ pretix_virtualenv_dir }}" | ||||
|   become: true | ||||
|   become_user: "{{ pretix_user }}" | ||||
|   notify: pretix_restart | ||||
|   when: | ||||
|     - pretix_state == 'present' | ||||
|     - pretix_virtualenv_info.changed or pretix_config_file_info.changed | ||||
|  | ||||
| # TODO: determine to only do this on a) upgrades or b) initial deployis | ||||
| - name: Ensure pretix static assets are built | ||||
|   ansible.builtin.command: | ||||
|     cmd: "{{ pretix_virtualenv_dir }}/bin/python -m pretix rebuild" | ||||
|     chdir: "{{ pretix_install_dir }}" | ||||
|   environment: | ||||
|     VIRTUAL_ENV: "{{ pretix_virtualenv_dir }}" | ||||
|   become: true | ||||
|   become_user: "{{ pretix_user }}" | ||||
|   notify: pretix_restart | ||||
|   when: | ||||
|     - pretix_state == 'present' | ||||
|     - pretix_virtualenv_info.changed or pretix_config_file_info.changed | ||||
|  | ||||
| - name: Ensure pretix systemd service is enabled | ||||
|   ansible.builtin.systemd_service: | ||||
|     name: "{{ _service }}" | ||||
|     enabled: true | ||||
|   when: pretix_state == 'present' | ||||
|   loop: | ||||
|     - "{{ pretix_systemd_service_name }}" | ||||
|     - "{{ pretix_worker_systemd_service_name }}" | ||||
|     - "{{ pretix_cron_systemd_service_name }}" | ||||
|     - "{{ pretix_cron_systemd_timer_name }}" | ||||
|   loop_control: | ||||
|     loop_var: _service | ||||
|  | ||||
| - name: Ensure pretix systemd service is {{ pretix_state }} | ||||
|   ansible.builtin.systemd_service: | ||||
|     name: "{{ _service }}" | ||||
|     state: "{{ (pretix_state == 'present') | ternary('started', 'stopped') }}" | ||||
|   loop: | ||||
|     - "{{ pretix_systemd_service_name }}" | ||||
|     - "{{ pretix_worker_systemd_service_name }}" | ||||
|     - "{{ pretix_cron_systemd_timer_name }}" | ||||
|   loop_control: | ||||
|     loop_var: _service | ||||
							
								
								
									
										5
									
								
								roles/pretix/tasks/deploy.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										5
									
								
								roles/pretix/tasks/deploy.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,5 @@ | ||||
| --- | ||||
| - name: Ensure pretix is deployed using {{ pretix_deployment_method }} | ||||
|   ansible.builtin.include_tasks: | ||||
|     file: "deploy-{{ pretix_deployment_method }}.yml" | ||||
|   when: pretix_state == 'present' | ||||
							
								
								
									
										16
									
								
								roles/pretix/tasks/main.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										16
									
								
								roles/pretix/tasks/main.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,16 @@ | ||||
| --- | ||||
| - name: Ensure preconditions are met | ||||
|   ansible.builtin.include_tasks: | ||||
|     file: "check.yml" | ||||
|  | ||||
| - name: Ensure deployment preparations are done | ||||
|   ansible.builtin.include_tasks: | ||||
|     file: "prepare.yml" | ||||
|  | ||||
| - name: Ensure pretix is configured | ||||
|   ansible.builtin.include_tasks: | ||||
|     file: "configure.yml" | ||||
|  | ||||
| - name: Ensure pretix is deployed | ||||
|   ansible.builtin.include_tasks: | ||||
|     file: "deploy.yml" | ||||
							
								
								
									
										61
									
								
								roles/pretix/tasks/prepare-systemd.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										61
									
								
								roles/pretix/tasks/prepare-systemd.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,61 @@ | ||||
| --- | ||||
| - name: Ensure ansible facts are collected | ||||
|   ansible.builtin.setup: | ||||
|     gather_subset: | ||||
|       - "!all" | ||||
|       - "pkg_mgr" | ||||
|       - "distribution" | ||||
|       - "distribution_release" | ||||
|       - "distribution_version" | ||||
|       - "distribution_major_version" | ||||
|  | ||||
| - name: Ensure system packages are present (apt) | ||||
|   ansible.builtin.apt: | ||||
|     name: "{{ package }}" | ||||
|     state: "{{ pretix_state }}" | ||||
|   loop: "{{ pretix_packages[ansible_distribution | lower][ansible_distribution_major_version] }}" | ||||
|   loop_control: | ||||
|     loop_var: "package" | ||||
|   when: ansible_facts['pkg_mgr'] == 'apt' | ||||
|  | ||||
| # TODO: add pretix worker and cron | ||||
| - name: Ensure systemd unit {{ pretix_systemd_unit_name }} is {{ pretix_state }} | ||||
|   ansible.builtin.template: | ||||
|     src: "pretix.service.j2" | ||||
|     dest: "{{ pretix_systemd_unit_file_path }}" | ||||
|   register: pretix_systemd_unit_info | ||||
|   notify: | ||||
|     - pretix_restart | ||||
|  | ||||
| - name: Ensure systemd unit {{ pretix_worker_systemd_unit_name }} is {{ pretix_state }} | ||||
|   ansible.builtin.template: | ||||
|     src: "pretix.service.j2" | ||||
|     dest: "{{ pretix_worker_systemd_unit_file_path }}" | ||||
|   register: pretix_worker_systemd_unit_info | ||||
|   vars: | ||||
|     pretix_systemd_service_exec_start: "{{ pretix_worker_systemd_service_exec_start }}" | ||||
|     pretix_systemd_service_description: "{{ pretix_worker_systemd_service_description }}" | ||||
|  | ||||
| - name: Ensure systemd unit {{ pretix_cron_systemd_service_name }} is {{ pretix_state }} | ||||
|   ansible.builtin.template: | ||||
|     src: "pretix.service.j2" | ||||
|     dest: "{{ pretix_cron_systemd_unit_file_path }}" | ||||
|   register: pretix_cron_systemd_unit_info | ||||
|   vars: | ||||
|     pretix_systemd_service_exec_start: "{{ pretix_cron_systemd_service_exec_start }}" | ||||
|     pretix_systemd_service_description: "{{ pretix_cron_systemd_service_description }}" | ||||
|  | ||||
| - name: Ensure systemd timer unit {{ pretix_cron_systemd_timer_name }} is {{ pretix_state }} | ||||
|   ansible.builtin.template: | ||||
|     src: "pretix-cron.timer.j2" | ||||
|     dest: "{{ pretix_cron_systemd_timer_file_path }}" | ||||
|   register: pretix_cron_systemd_timer_info | ||||
|  | ||||
| - name: Ensure systemd is reloaded | ||||
|   ansible.builtin.systemd_service: | ||||
|     daemon_reload: true | ||||
|   when: >-2 | ||||
|     pretix_systemd_unit_info.changed | ||||
|     or pretix_worker_systemd_unit_info.changed | ||||
|     or pretix_cron_systemd_unit_info.changed | ||||
|     or pretix_cron_systemd_timer_info.changed | ||||
							
								
								
									
										29
									
								
								roles/pretix/tasks/prepare.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										29
									
								
								roles/pretix/tasks/prepare.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,29 @@ | ||||
| --- | ||||
| - name: Ensure pretix user '{{ pretix_user }}' is {{ pretix_state }} | ||||
|   ansible.builtin.user: | ||||
|     name: "{{ pretix_user }}" | ||||
|     state: "{{ pretix_state }}" | ||||
|     system: "{{ pretix_user_system }}" | ||||
|     create_home: "{{ pretix_user_create_home }}" | ||||
|   register: pretix_user_info | ||||
|  | ||||
| - name: Ensure host directories are {{ pretix_state }} | ||||
|   ansible.builtin.file: | ||||
|     path: "{{ item.path }}" | ||||
|     owner: "{{ item.owner | default(pretix_user_id) }}" | ||||
|     group: "{{ item.group | default(pretix_group_id) }}" | ||||
|     mode: "{{ item.mode | default('0750') }}" | ||||
|     state: "directory" | ||||
|   loop: | ||||
|     - path: "{{ pretix_config_dir }}" | ||||
|     - path: "{{ pretix_virtualenv_dir }}" | ||||
|     - path: "{{ pretix_data_dir }}" | ||||
|     - path: "{{ pretix_media_dir }}" | ||||
|   when: pretix_state == 'present' | ||||
|  | ||||
| - name: Ensure deployment-type specific preparations for '{{ pretix_deployment_method }}' are run | ||||
|   ansible.builtin.include_tasks: | ||||
|     file: "prepare-{{ pretix_deployment_method }}.yml" | ||||
|   when: | ||||
|     - pretix_state == 'present' | ||||
|     - pretix_deployment_method in ['systemd'] | ||||
							
								
								
									
										10
									
								
								roles/pretix/templates/pretix-cron.timer.j2
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										10
									
								
								roles/pretix/templates/pretix-cron.timer.j2
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,10 @@ | ||||
| [Unit] | ||||
| Description={{ pretix_cron_systemd_timer_description }} | ||||
|  | ||||
| [Timer] | ||||
| OnActiveSec={{ pretix_cron_systemd_timer_on_active_sec }} | ||||
| OnStartupSec={{ pretix_cron_systemd_timer_on_startup_sec }} | ||||
| AccuracySec={{ pretix_cron_systemd_timer_accuracy_sec }} | ||||
|  | ||||
| [Install] | ||||
| WantedBy=timers.target | ||||
							
								
								
									
										16
									
								
								roles/pretix/templates/pretix.service.j2
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										16
									
								
								roles/pretix/templates/pretix.service.j2
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,16 @@ | ||||
| [Unit] | ||||
| Description={{ pretix_systemd_unit_description }} | ||||
| After={{ pretix_systemd_unit_after }} | ||||
|  | ||||
| [Service] | ||||
| User={{ pretix_systemd_service_user }} | ||||
| Group={{ pretix_systemd_service_group }} | ||||
| {% for kv in pretix_systemd_service_environment | dict2items %} | ||||
| Environment="{{ kv.key }}={{ kv.value }}" | ||||
| {% endfor %} | ||||
| WorkingDirectory={{ pretix_systemd_service_working_directory }} | ||||
| ExecStart={{ pretix_systemd_service_exec_start }} | ||||
| Restart={{ pretix_systemd_service_restart }} | ||||
|  | ||||
| [Install] | ||||
| WantedBy={{ pretix_systemd_install_wanted_by }} | ||||
							
								
								
									
										7
									
								
								roles/pretix/vars/main.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										7
									
								
								roles/pretix/vars/main.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,7 @@ | ||||
| --- | ||||
| pretix_states: | ||||
|   - "present" | ||||
|   - "absent" | ||||
|  | ||||
| pretix_deployment_methods: | ||||
|   - "systemd" | ||||
		Reference in New Issue
	
	Block a user