diff --git a/roles/authelia-for-wiki_js/defaults/main.json b/roles/authelia-for-wiki_js/defaults/main.json index adb7105..98ccb23 100644 --- a/roles/authelia-for-wiki_js/defaults/main.json +++ b/roles/authelia-for-wiki_js/defaults/main.json @@ -2,5 +2,5 @@ "var_authelia_for_wiki_js_wiki_js_url_base": "https://wiki_js.example.org", "var_authelia_for_wiki_js_client_id": "wiki_js", "var_authelia_for_wiki_js_client_secret": "REPLACE_ME", - "var_authelia_for_wiki_js_uuid": "REPLACE_ME", + "var_authelia_for_wiki_js_uuid": "REPLACE_ME" } diff --git a/roles/wiki_js/data.json b/roles/wiki_js/data.json deleted file mode 100644 index 1ffd054..0000000 --- a/roles/wiki_js/data.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "key": "{{var_wiki_js_authentication_data_uuid}}", - "isEnabled": true, - "config": "{\"clientId\":\"{{var_wiki_js_authentication_data_authelia_client_id}}\",\"clientSecret\":\"{{var_wiki_js_authentication_data_authelia_client_secret}}\",\"authorizationURL\":\"{{var_wiki_js_authentication_data_authelia_url_base}}/api/oidc/authorization\",\"tokenURL\":\"{{var_wiki_js_authentication_data_authelia_url_base}}/api/oidc/token\",\"userInfoURL\":\"{{var_wiki_js_authentication_data_authelia_url_base}}/api/oidc/userinfo\",\"userIdClaim\":\"id\",\"displayNameClaim\":\"name\",\"emailClaim\":\"email\",\"mapGroups\":false,\"groupsClaim\":\"groups\",\"logoutURL\":\"\",\"scope\":\"openid profile email\",\"useQueryStringForAccessToken\":false,\"enableCSRFProtection\":true}", - "selfRegistration": true, - "domainWhitelist": "{\"v\":[]}", - "autoEnrollGroups": "{\"v\":[]}", - "order": 1, - "strategyKey": "oauth2", - "displayName": "{{var_wiki_js_authentication_data_authelia_provider_name}}" -} diff --git a/roles/wiki_js/defaults/main.json b/roles/wiki_js/defaults/main.json index 88216bd..d26205a 100644 --- a/roles/wiki_js/defaults/main.json +++ b/roles/wiki_js/defaults/main.json @@ -1,6 +1,7 @@ { "var_wiki_js_port": 5632, "var_wiki_js_distributed": false, + "var_wiki_js_domain": "wiki-js.example.org", "var_wiki_js_user": "wiki_js", "var_wiki_js_directory": "/opt/wiki_js", "var_wiki_js_data_path": "/var/wiki_js/data", @@ -19,5 +20,12 @@ "var_wiki_js_authentication_data_authelia_client_id": "wiki_js", "var_wiki_js_authentication_data_authelia_client_secret": "REPLACE_ME", "var_wiki_js_authentication_data_authelia_url_base": "https://authelia.example.org", - "var_wiki_js_authentication_data_uuid": "REPLACE_ME", + "var_wiki_js_smtp_host": "smtp.example.org", + "var_wiki_js_smtp_port": 465, + "var_wiki_js_smtp_username": "REPLACE_ME", + "var_wiki_js_smtp_password": "REPLACE_ME", + "email_sending_sender_name": "Wiki.js", + "email_sending_sender_email_address": "wiki-js@example.org", + "var_wiki_js_admin_email_address": "wiki-js-admin@example.org", + "var_wiki_js_admin_password": "REPLACE_ME" } diff --git a/roles/wiki_js/files/cli.js b/roles/wiki_js/files/cli.js new file mode 100644 index 0000000..f488a2b --- /dev/null +++ b/roles/wiki_js/files/cli.js @@ -0,0 +1,951 @@ +#!/usr/bin/env node + + +var wiki_js; +wiki_js = (wiki_js || {}); +wiki_js.cli = (wiki_js.cli || {}); +wiki_js.cli.helpers = (wiki_js.cli.helpers || {}); +wiki_js.cli.helpers.string = (wiki_js.cli.helpers.string || {}); +(function (exports) { + + /** + */ + function coin( + template, + arguments_ + ) + { + let result = template; + Object.entries(arguments_).forEach( + ([key, value]) => { + result = result.replace(new RegExp("{{" + key + "}}", "g"), value); + } + ); + return result; + } + exports.coin = coin; + +}) (wiki_js.cli.helpers.string) + + +var wiki_js; +wiki_js = (wiki_js || {}); +wiki_js.cli = (wiki_js.cli || {}); +wiki_js.cli.helpers = (wiki_js.cli.helpers || {}); +wiki_js.cli.helpers.file = (wiki_js.cli.helpers.file || {}); +(function (exports) { + + /** + */ + function read( + path + ) + { + const nm_fs = require("fs"); + return ( + new Promise( + (resolve, reject) => { + nm_fs.readFile( + path, + { + }, + (err, data) => { + if (err) { + reject(err); + } + else { + resolve(data.toString()); + } + } + ); + } + ) + ); + } + exports.read = read; + +}) (wiki_js.cli.helpers.file) + + +var wiki_js; +wiki_js = (wiki_js || {}); +wiki_js.cli = (wiki_js.cli || {}); +wiki_js.cli.helpers = (wiki_js.cli.helpers || {}); +wiki_js.cli.helpers.http = (wiki_js.cli.helpers.http || {}); +(function (exports) { + + /** + */ + async function call( + http_request + ) + { + wiki_js.cli.helpers.log.write( + "debug", + "http_call_request", + http_request + ); + const fetch_request = new Request( + http_request.target, + { + "method": http_request.method, + "headers": http_request.headers, + "body": http_request.body, + } + ); + const fetch_response = await fetch(fetch_request); + const http_response = { + "status_code": fetch_response.status, + "headers": fetch_response.headers, + "body": await fetch_response.text(), + }; + wiki_js.cli.helpers.log.write( + "debug", + "http_call_response", + http_response + ); + return http_response; + } + exports.call = call; + +}) (wiki_js.cli.helpers.http) + + +var wiki_js; +wiki_js = (wiki_js || {}); +wiki_js.cli = (wiki_js.cli || {}); +wiki_js.cli.helpers.log = (wiki_js.cli.helpers.log || {}); +(function (exports) { + + /** + */ + const _level_order = [ + "debug", + "info", + "notice", + "warning", + "error", + ]; + + + /** + */ + var _threshold = "info"; + + + /** + */ + function setup( + threshold + ) + { + _threshold = threshold; + } + exports.setup = setup; + + + /** + */ + function write( + level, + incident, + details + ) + { + if (_level_order.indexOf(level) < _level_order.indexOf(_threshold)) { + // do nothing + } + else { + process.stderr.write( + wiki_js.cli.helpers.string.coin( + "\n<{{datetime}}> [{{level}}] {{incident}}\n{{details}}\n\n", + { + "datetime": (new Date()).toISOString(), + "level": level, + "incident": incident, + "details": JSON.stringify(details, undefined, "\t"), + } + ) + ); + } + } + exports.write = write; + +}) (wiki_js.cli.helpers.log); + + +var wiki_js; +wiki_js = (wiki_js || {}); +wiki_js.cli = (wiki_js.cli || {}); +wiki_js.cli.helpers.args = (wiki_js.cli.helpers.args || {}); +(function (exports) { + + /** + */ + function parse( + args_raw + ) + { + let result = { + "positional": [], + "volatile": {}, + }; + let state = "free"; + let key = null; + args_raw.forEach( + (arg_raw) => { + switch (state) { + case "free": { + if (arg_raw.startsWith("-")) { + key = arg_raw.slice(1); + state = "bound"; + } + else { + if (key === null) { + result.positional.push(arg_raw); + key = null; + state = "free"; + } + else { + wiki_js.cli.helpers.log.write( + "warning", + "arg_discarded", + { + "arg_raw": arg_raw, + } + ); + key = null; + state = "free"; + } + } + break; + } + case "bound": { + if (! (key in result["volatile"])) { + result["volatile"][key] = []; + } + else { + // do nothing + } + result["volatile"][key].push(arg_raw); + key = null; + state = "free"; + } + } + } + ); + return result; + } + exports.parse = parse; + +}) (wiki_js.cli.helpers.args); + + +var wiki_js; +wiki_js = (wiki_js || {}); +wiki_js.cli = (wiki_js.cli || {}); +wiki_js.cli.conf = (wiki_js.cli.conf || {}); +(function (exports) { + + /** + */ + var _data = null; + + + /** + */ + async function load( + path + ) + { + let data_raw; + if (path === null) { + data_raw = {}; + } + else { + const content = await wiki_js.cli.helpers.file.read(path); + data_raw = JSON.parse(content); + } + wiki_js.cli.helpers.log.write( + "debug", + "conf_raw", + data_raw + ); + _data = { + "api": { + "url_base": ( + data_raw?.api?.url_base + ?? + "http://localhost:3000" + ), + }, + "login": { + "username": ( + data_raw?.login?.username + ?? + "admin" + ), + "password": ( + data_raw?.login?.password + ?? + "admin" + ), + }, + "log": { + "threshold": ( + data_raw?.log?.threshold + ?? + "debug" + ), + } + }; + return Promise.resolve(undefined); + } + exports.load = load; + + + /** + */ + function set( + data + ) + { + _data = data; + } + exports.set = set; + + + /** + */ + function get( + ) + { + return _data; + } + exports.get = get; + +}) (wiki_js.cli.conf); + + +var wiki_js; +wiki_js = (wiki_js || {}); +wiki_js.cli = (wiki_js.cli || {}); +wiki_js.cli.api = (wiki_js.cli.api || {}); +(function (exports) { + + /** + */ + async function call_finalize( + admin_email, + admin_password, + site_url, + telemetry + ) + { + const http_request = { + "target": (wiki_js.cli.conf.get().api.url_base + "/finalize"), + "method": "POST", + "headers": { + "Content-Type": "application/json", + }, + "body": JSON.stringify( + { + "adminEmail": admin_email, + "adminPassword": admin_password, + "adminPasswordConfirm": admin_password, + "siteUrl": site_url, + "telemetry": telemetry, + } + ), + }; + http_response = await wiki_js.cli.helpers.http.call(http_request); + const data = JSON.parse(http_response.body); + return Promise.resolve(undefined); + } + exports.call_finalize = call_finalize; + + + /** + */ + async function call_generic_graphql( + graphql_query, + options + ) + { + options = Object.assign( + { + "login_token": null, + "variables": {}, + }, + options + ); + const http_request = { + "target": (wiki_js.cli.conf.get().api.url_base + "/graphql"), + "method": "POST", + "headers": Object.assign( + { + "Content-Type": "application/json", + }, + ( + (options.login_token === null) + ? + {} + : + {"Cookie": ("jwt=" + options.login_token)} + ) + ), + "body": JSON.stringify( + [ + { + "operationName": null, + "variables": options.variables, + "extensions": {}, + "query": graphql_query, + } + ] + ), + }; + http_response = await wiki_js.cli.helpers.http.call(http_request); + const data = JSON.parse(http_response.body); + return Promise.resolve(data[0]["data"]); + } + + + /** + * executes a local login and returns the JWT + */ + function call_login_local( + ) + { + wiki_js.cli.helpers.log.write( + "info", + "api_call_login_local", + { + } + ); + return ( + call_generic_graphql( + "mutation ($username: String!, $password: String!, $strategy: String!) {authentication {login(username: $username, password: $password, strategy: $strategy) {responseResult {succeeded errorCode slug message __typename} jwt mustChangePwd mustProvideTFA mustSetupTFA continuationToken redirect tfaQRImage __typename} __typename}}", + { + "variables": { + "strategy": "local", + "username": wiki_js.cli.conf.get().login.username, + "password": wiki_js.cli.conf.get().login.password, + } + } + ) + .then( + (data) => ( + data["authentication"]["login"]["responseResult"]["succeeded"] + ? + Promise.resolve(data["authentication"]["login"]["jwt"]) + : + Promise.reject(new Error("login failed")) + ) + ) + ); + } + exports.call_login_local = call_login_local; + + + /** + */ + function call_email_settings_set( + login_token, + settings + ) + { + wiki_js.cli.helpers.log.write( + "info", + "api_call_email_settings_set", + { + "settings": settings, + } + ); + return ( + call_generic_graphql( + "mutation ($senderName: String!, $senderEmail: String!, $host: String!, $port: Int!, $name: String!, $secure: Boolean!, $verifySSL: Boolean!, $user: String!, $pass: String!, $useDKIM: Boolean!, $dkimDomainName: String!, $dkimKeySelector: String!, $dkimPrivateKey: String!) {mail {updateConfig(senderName: $senderName, senderEmail: $senderEmail, host: $host, port: $port, name: $name, secure: $secure, verifySSL: $verifySSL, user: $user, pass: $pass, useDKIM: $useDKIM, dkimDomainName: $dkimDomainName, dkimKeySelector: $dkimKeySelector, dkimPrivateKey: $dkimPrivateKey) {responseResult {succeeded errorCode slug message __typename} __typename} __typename}}", + { + "login_token": login_token, + "variables": { + "senderName": settings.sender_name, + "senderEmail": settings.sender_email_address, + "host": settings.smtp_host, + "port": settings.smtp_port, + "name": settings.name, + "secure": settings.secure, + "verifySSL": settings.verify_ssl, + "user": settings.smtp_username, + "pass": settings.smtp_password, + "useDKIM": settings.use_dkim, + "dkimDomainName": settings.dkim_domain_name, + "dkimKeySelector": settings.dkim_key_selector, + "dkimPrivateKey": settings.dkim_private_key, + } + } + ) + ); + } + exports.call_email_settings_set = call_email_settings_set; + + + /** + */ + function call_authentication_strategy_list( + login_token + ) + { + wiki_js.cli.helpers.log.write( + "info", + "api_call_authentication_strategy_list", + { + } + ); + return ( + call_generic_graphql( + "{authentication {activeStrategies {key strategy {key title description useForm logo website __typename} config {key value __typename} order isEnabled displayName selfRegistration domainWhitelist autoEnrollGroups __typename} __typename}}", + { + "login_token": login_token, + } + ) + .then( + (data) => Promise.resolve(data["authentication"]["activeStrategies"]) + ) + ); + } + exports.call_authentication_strategy_list = call_authentication_strategy_list; + + + /** + */ + function call_authentication_strategy_set( + login_token, + strategies + ) + { + wiki_js.cli.helpers.log.write( + "info", + "api_call_authentication_strategy_set", + { + "strategies": strategies, + } + ); + return ( + call_generic_graphql( + "mutation ($strategies: [AuthenticationStrategyInput]!) {authentication {updateStrategies(strategies: $strategies) {responseResult {succeeded errorCode slug message __typename} __typename} __typename}}", + { + "login_token": login_token, + "variables": { + "strategies": strategies, + } + } + ) + ); + } + exports.call_authentication_strategy_set = call_authentication_strategy_set; + +}) (wiki_js.cli.api); + + +var wiki_js; +wiki_js = (wiki_js || {}); +wiki_js.cli = (wiki_js.cli || {}); +wiki_js.cli.logic = (wiki_js.cli.logic || {}); +(function (exports) { + + /** + */ + async function initialize( + admin_email_address, + admin_password, + options + ) + { + options = Object.assign( + { + "site_url": "http://localhost:3000", + "allow_telemetry": false, + }, + options + ); + const result = await wiki_js.cli.api.call_finalize( + admin_email_address, + admin_password, + options.site_url, + options.allow_telemetry + ); + return Promise.resolve(undefined); + } + exports.initialize = initialize; + + + /** + */ + async function email_settings_set( + smtp_host, + smtp_port, + smtp_username, + smtp_password, + sender_name, + sender_email_address, + options + ) + { + options = Object.assign( + { + }, + options + ); + const login_token = await wiki_js.cli.api.call_login_local( + ); + const result = await wiki_js.cli.api.call_email_settings_set( + login_token, + { + "sender_name": sender_name, + "sender_email_address": sender_email_address, + "smtp_host": smtp_host, + "smtp_port": smtp_port, + "secure": true, + "verify_ssl": true, + "smtp_username": smtp_username, + "smtp_password": smtp_password, + "name": "", + "use_dkim": false, + "dkim_domain_name": "", + "dkim_key_selector": "", + "dkim_private_key": "", + } + ); + return Promise.resolve(undefined); + } + exports.email_settings_set = email_settings_set; + + + /** + */ + async function authentication_strategy_list( + ) + { + const login_token = await wiki_js.cli.api.call_login_local( + ); + const result = await wiki_js.cli.api.call_authentication_strategy_list( + login_token + ); + return Promise.resolve(result); + } + exports.authentication_strategy_list = authentication_strategy_list; + + + /** + */ + async function authentication_strategy_add( + strategy + ) + { + const login_token = await wiki_js.cli.api.call_login_local( + ); + const current = await wiki_js.cli.api.call_authentication_strategy_list( + login_token + ); + const result = await wiki_js.cli.api.call_authentication_strategy_set( + login_token, + ( + ( + current + .map( + (entry) => ({ + "key": entry["key"], + "strategyKey": entry["strategy"]["key"], + "displayName": entry["displayName"], + "order": entry["order"], + "isEnabled": entry["isEnabled"], + "config": ( + entry["config"] + .map( + (item) => ({ + "key": item["key"], + "value": JSON.stringify({"v": JSON.parse(item["value"])["value"]}), + }) + ) + ), + "selfRegistration": entry["selfRegistration"], + "domainWhitelist": entry["domainWhitelist"], + "autoEnrollGroups": entry["autoEnrollGroups"], + }) + ) + ) + .concat( + [ + { + "key": strategy.key, + "strategyKey": "oauth2", + "displayName": strategy.name, + "order": ( + ( + current + .map(x => x["order"]) + .reduce((x,y) => (((x === null) || (x < y)) ? y : x), null) + ) + + + 1 + ), + "isEnabled": true, + "config": [ + { + "key": "clientId", + "value": JSON.stringify({"v": strategy.client_id}), + }, + { + "key": "clientSecret", + "value": JSON.stringify({"v": strategy.client_secret}), + }, + { + "key": "authorizationURL", + "value": JSON.stringify({"v": strategy.authorization_url}), + }, + { + "key": "tokenURL", + "value": JSON.stringify({"v": strategy.token_url}), + }, + { + "key": "userInfoURL", + "value": JSON.stringify({"v": strategy.user_info_url}), + }, + { + "key": "userIdClaim", + "value": JSON.stringify({"v": "id"}), + }, + { + "key": "displayNameClaim", + "value": JSON.stringify({"v": "name"}), + }, + { + "key": "emailClaim", + "value": JSON.stringify({"v": "email"}), + }, + { + "key": "mapGroups", + "value": JSON.stringify({"v": false}), + }, + { + "key": "groupsClaim", + "value": JSON.stringify({"v": "groups"}), + }, + { + "key": "logoutURL", + "value": JSON.stringify({"v": ""}), + }, + { + "key": "scope", + "value": JSON.stringify({"v": "openid profile email"}), + }, + { + "key": "useQueryStringForAccessToken", + "value": JSON.stringify({"v": false}), + }, + { + "key": "enableCSRFProtection", + "value": JSON.stringify({"v": true}), + } + ], + "selfRegistration": true, + "domainWhitelist": [], + "autoEnrollGroups": [] + }, + ] + ) + ) + ); + return Promise.resolve(undefined); + } + exports.authentication_strategy_add = authentication_strategy_add; + +}) (wiki_js.cli.logic); + + +var wiki_js; +wiki_js = (wiki_js || {}); +wiki_js.cli = (wiki_js.cli || {}); +(function (exports) { + + /** + */ + async function main( + args_raw + ) + { + // args + const args = wiki_js.cli.helpers.args.parse(args_raw); + const override_url_base = ( + ( + ("b" in args.volatile) + && + (args.volatile["b"].length >= 0) + ) + ? + args.volatile["b"][0] + : + null + ); + const override_username = ( + ( + ("u" in args.volatile) + && + (args.volatile["u"].length >= 0) + ) + ? + args.volatile["u"][0] + : + null + ); + const override_password = ( + ( + ("p" in args.volatile) + && + (args.volatile["p"].length >= 0) + ) + ? + args.volatile["p"][0] + : + null + ); + + // conf + const conf_path = ( + ( + ("c" in args.volatile) + && + (args.volatile["c"].length >= 0) + ) + ? + args.volatile["c"][0] + : + null + ); + await wiki_js.cli.conf.load(conf_path); + let conf_override = wiki_js.cli.conf.get(); + ((override_url_base !== null) && (conf_override.api.url_base = override_url_base)); + ((override_username !== null) && (conf_override.login.username = override_username)); + ((override_password !== null) && (conf_override.login.password = override_password)); + wiki_js.cli.conf.set(conf_override); + wiki_js.cli.helpers.log.write( + "debug", + "conf", + wiki_js.cli.conf.get() + ); + + // init + wiki_js.cli.helpers.log.setup(wiki_js.cli.conf.get().log.threshold); + + // exec + if (args.positional.length < 1) { + return Promise.reject("SYNTAX: [node] cli.js [-c ] [-b ] [-u ] [-p ] [ [ […]]]\n\n\t = init | email-settings-set | auth-strat-list | auth-strat-add-oauth2"); + } + else { + const action = args.positional[0]; + switch (action) { + default: { + return Promise.reject("invalid action: " + action); + break; + } + case "init": { + if (args.positional.length < 3) { + return Promise.reject("SYNTAX: … init [ []]"); + } + else { + await wiki_js.cli.logic.initialize( + args.positional[1], + args.positional[2], + { + "site_url": ( + (args.positional.length >= 4) + ? + args.positional[3] + : + undefined + ), + "allow_telemtry": ( + (args.positional.length >= 5) + ? + (args.positional[4] === "1") + : + undefined + ), + } + ); + return Promise.resolve(undefined); + } + break; + } + case "email-settings-set": { + if (args.positional.length < 7) { + return Promise.reject("SYNTAX: … email-settings-set "); + } + else { + await wiki_js.cli.logic.email_settings_set( + args.positional[1], + parseInt(args.positional[2]), + args.positional[3], + args.positional[4], + args.positional[5], + args.positional[6], + { + } + ); + return Promise.resolve(undefined); + } + } + case "auth-strat-list": { + const result = await wiki_js.cli.logic.authentication_strategy_list(); + process.stdout.write( + JSON.stringify( + result, + undefined, + "\t" + ) + + + "\n" + ); + return Promise.resolve(undefined); + break; + } + case "auth-strat-add-oauth2": { + if (args.positional.length < 8) { + return Promise.reject("SYNTAX: … auth-strat-add-oauth2 "); + } + else { + await wiki_js.cli.logic.authentication_strategy_add( + { + "key": args.positional[1], + "name": args.positional[2], + "client_id": args.positional[3], + "client_secret": args.positional[4], + "authorization_url": args.positional[5], + "token_url": args.positional[6], + "user_info_url": args.positional[7], + } + ); + return Promise.resolve(undefined); + } + break; + } + } + } + } + exports.main = main; + +}) (wiki_js.cli); + + +( + wiki_js.cli.main(process.argv.slice(2)) + .then( + () => { + } + ) + .catch( + (reason) => { + process.stderr.write("-- " + String(reason) + "\n"); + } + ) +); diff --git a/roles/wiki_js/info.md b/roles/wiki_js/info.md index 424f86a..9801213 100644 --- a/roles/wiki_js/info.md +++ b/roles/wiki_js/info.md @@ -7,3 +7,9 @@ - [Wiki.js-Dokumentation | Linux-Installation](https://docs.requarks.io/install/linux) - [Wiki.js-Dokumentation | Konfiguration](https://docs.requarks.io/install/config) + + +## ToDo + +- Admin-Account +- E-Mail diff --git a/roles/wiki_js/tasks/main.json b/roles/wiki_js/tasks/main.json index 2271dc3..7a62c22 100644 --- a/roles/wiki_js/tasks/main.json +++ b/roles/wiki_js/tasks/main.json @@ -22,7 +22,7 @@ "name": "directories", "become": true, "loop": [ - "{{var_wiki_js_data_path}}", + "{{var_wiki_js_data_path}}" ], "ansible.builtin.file": { "owner": "{{var_wiki_js_user}}", @@ -49,6 +49,16 @@ "dest": "{{var_wiki_js_directory}}" } }, + { + "name": "cli client", + "become": true, + "become_user": "{{var_wiki_js_user}}", + "ansible.builtin.copy": { + "src": "cli.js", + "dest": "{{var_wiki_js_directory}}/cli.js", + "mode": "0700" + } + }, { "name": "database | sqlite | dirctory", "when": "var_wiki_js_database_kind == 'sqlite'", @@ -69,6 +79,15 @@ "state": "touch" } }, + { + "name": "conf | base", + "become": true, + "become_user": "{{var_wiki_js_user}}", + "ansible.builtin.template": { + "src": "config.yml.j2", + "dest": "{{var_wiki_js_directory}}/config.yml" + } + }, { "name": "database | sqlite | setup", "when": "var_wiki_js_database_kind == 'sqlite'", @@ -80,17 +99,32 @@ } }, { - "name": "conf | base", + "name": "initialize", "become": true, "become_user": "{{var_wiki_js_user}}", - "ansible.builtin.template": { - "src": "config.yml.j2", - "dest": "{{var_wiki_js_directory}}/config.yml" + "ansible.builtin.command": { + "chdir": "{{var_wiki_js_directory}}", + "cmd": "node cli.js init {{var_wiki_js_admin_email_address}} {{var_wiki_js_admin_password}} https://{{var_wiki_js_domain}} 0" } }, { - "name": "conf | authentication | authelia", + "name": "email settings", + "become": true, + "become_user": "{{var_wiki_js_user}}", + "ansible.builtin.command": { + "chdir": "{{var_wiki_js_directory}}", + "cmd": "node cli.js email-settings-set {{var_wiki_js_smtp_host}} {{var_wiki_js_smtp_port}} {{var_wiki_js_smtp_username}} {{var_wiki_js_smtp_password}} {{email_sending_sender_name}} {{email_sending_sender_email_address}}" + } + }, + { + "name": "authentication | authelia", "when": "var_wiki_js_authentication_kind == 'authelia'", + "become": true, + "become_user": "{{var_wiki_js_user}}", + "ansible.builtin.command": { + "chdir": "{{var_wiki_js_directory}}", + "cmd": "node cli.js auth-strat-add-oauth2 {{var_wiki_js_authentication_data_authelia_provider_id}} {{var_wiki_js_authentication_data_authelia_provider_name}} {{var_wiki_js_authentication_data_authelia_client_id}} {{var_wiki_js_authentication_data_authelia_client_secret}} {{var_wiki_js_authentication_data_authelia_url_base}}/api/oidc/authorization {{var_wiki_js_authentication_data_authelia_url_base}}/api/oidc/token {{var_wiki_js_authentication_data_authelia_url_base}}/api/oidc/userinfo" + } }, { "name": "systemd-unit", diff --git a/roles/wiki_js/vardef.json b/roles/wiki_js/vardef.json index 61ecd9b..805c1f1 100644 --- a/roles/wiki_js/vardef.json +++ b/roles/wiki_js/vardef.json @@ -7,6 +7,10 @@ "mandatory": false, "type": "boolean" }, + "domain": { + "mandatory": false, + "type": "string" + }, "user": { "mandatory": false, "type": "string" @@ -99,8 +103,36 @@ "type": "string", "mandatory": false }, - "authentication_data_authelia_uuid": { - "type": "string", - "mandatory": false + "smtp_host": { + "mandatory": false, + "type": "string" }, + "smtp_port": { + "mandatory": false, + "type": "integer" + }, + "smtp_username": { + "mandatory": false, + "type": "string" + }, + "smtp_password": { + "mandatory": false, + "type": "string" + }, + "email_sending_sender_name": { + "mandatory": false, + "type": "string" + }, + "email_sending_sender_email_address": { + "mandatory": false, + "type": "string" + }, + "admin_email_address": { + "mandatory": false, + "type": "string" + }, + "admin_password": { + "mandatory": false, + "type": "string" + } }