Refactor radicale setup

2025-04-06 09:34:33 +02:00 · 2025-04-06 09:34:33 +02:00 · 634bd0433f
commit 634bd0433f
parent a5e6468cb4
19 changed files with 214 additions and 564 deletions
--- a/tasks/radicale.yml
+++ b/tasks/radicale.yml
@ -1,118 +1,110 @@
-# TODO: use docker setup
-# TODO: update collection path, see https://radicale.org/3.0.html#tutorials/running-as-a-service
-
- name: add radicale user
+- name: Stop previous radicale service
  become: true
-  user:
+  ansible.builtin.systemd:
    name: radicale
-    system: true
-    create_home: false
-    shell: '/sbin/nologin'
-    home: '/'
-    append: true
+    state: stopped
+    enabled: false
+  register: radicale_disable
+  failed_when: >
+    radicale_disable.stderr is defined and
+    "'Unit radicale.service not loaded' not in radicale_disable.stderr"

- name: add radicale sudo entry
-  include_role:
-    name: common
-    tasks_from: 'sudoers.yml'
-  loop:
-    - { src: 'templates/radicale/sudoers.j2', dest: '/etc/sudoers.d/10-radicale' }
-
- name: create radicale virtualenv directory
+- name: Remove previous radicale user
  become: true
-  file:
+  ansible.builtin.user:
+    name: radicale
+    state: absent
+
+- name: Remove radicale sudo entry
+  become: true
+  ansible.builtin.file:
+    path: /etc/sudoers.d/10-radicale
+    state: absent
+
+- name: Remove radicale virtualenv directory
+  become: true
+  ansible.builtin.file:
    path: '/usr/local/lib/radicale'
-    state: directory
-    owner: 'radicale'
-    group: 'radicale'
+    state: absent

- name: install radicale
+- name: Remove Radicale files
  become: true
-  become_user: 'radicale'
-  pip:
-    name: radicale
-    state: present
-    version: '{{ radicale_version }}'
-    virtualenv: '/usr/local/lib/radicale/env'
-  notify: restart radicale service
+  ansible.builtin.file:
+    path: '{{ item }}'
+    state: absent
+  loop:
+    - /etc/nginx/radicale
+    - /etc/ssl/localcerts/radicale
+    - /etc/radicale/
+    - /etc/systemd/system/radicale.service

- name: create radicale directories
+- name: Create Radicale directories
  become: true
-  file:
+  ansible.builtin.file:
    path: '{{ item.path }}'
+    owner: '{{ item.owner }}'
+    group: '{{ item.group }}'
+    mode: '0755'
    state: directory
-    owner: '{{ item.owner }}'
-    group: '{{ item.group }}'
  loop:
-    - { path: '/etc/nginx/radicale', owner: 'root', group: 'root' }
-    - { path: '/etc/ssl/localcerts/radicale', owner: 'radicale', group: 'radicale' }
+    - path: '{{ radicale_app_dir }}'
+      owner: root
+      group: root
+    - path: '{{ radicale_collection_dir }}'
+      owner: sonny
+      group: sonny
+    - path: '{{ radicale_app_dir }}/nginx.conf.d'
+      owner: sonny
+      group: sonny

- name: copy radicale credentials
+- name: Copy Radicale docker file
  become: true
-  copy:
-    src: '{{ item.src }}'
-    dest: '{{ item.dest }}'
-    owner: '{{ item.owner }}'
-    group: '{{ item.group }}'
-    mode: '{{ item.mode }}'
-  loop:
-    - {
-        src: 'files/radicale/radicale_htpasswd',
-        dest: '/etc/nginx/radicale/htpasswd',
-        owner: 'root',
-        group: 'root',
-        mode: '0644',
-      }
-    - {
-        src: 'files/radicale/radicale_users',
-        dest: '/etc/radicale/users',
-        owner: 'radicale',
-        group: 'radicale',
-        mode: '0640',
-      }
-    - {
-        src: 'files/radicale/server_cert.pem',
-        dest: '{{ radicale_certificate_path }}',
-        owner: 'radicale',
-        group: 'radicale',
-        mode: '0644',
-      }
-    - {
-        src: 'files/radicale/server_key.pem',
-        dest: '{{ radicale_key_path }}',
-        owner: 'radicale',
-        group: 'radicale',
-        mode: '0600',
-      }
-    - {
-        src: 'files/radicale/client_cert.pem',
-        dest: '{{ radicale_certificate_authority_path }}',
-        owner: 'radicale',
-        group: 'radicale',
-        mode: '0644',
-      }
+  ansible.builtin.template:
+    src: 'templates/radicale/dockerfile.j2'
+    dest: '{{ radicale_app_dir }}/Dockerfile'
+    owner: sonny
+    group: sonny
+    mode: '0755'

- name: copy radicale configuration files
+- name: Copy docker compose
  become: true
-  template:
-    src: '{{ item.src }}'
-    dest: '{{ item.dest }}'
-    owner: radicale
-    group: radicale
-    mode: '{{ item.mode }}'
-  loop:
-    - {
-        src: 'templates/radicale/conf.j2',
-        dest: '/etc/radicale/config',
-        mode: '0600',
-        owner: 'radicale',
-        group: 'radicale',
-      }
-    - {
-        src: 'templates/radicale/service.j2',
-        dest: '/etc/systemd/system/radicale.service',
-        mode: '0644',
-        owner: 'root',
-        group: 'root',
-      }
-  notify: restart radicale service
+  ansible.builtin.template:
+    src: 'templates/radicale/docker-compose.j2'
+    dest: '{{ radicale_app_dir }}/docker-compose.yml'
+    owner: sonny
+    group: sonny
+    mode: '0755'
+
+- name: Copy Radicale configuration
+  become: true
+  ansible.builtin.template:
+    src: 'templates/radicale/conf.j2'
+    dest: '{{ radicale_app_dir }}/config'
+    owner: sonny
+    group: sonny
+    mode: '0755'
+
+- name: Copy Radicale user file
+  become: true
+  ansible.builtin.copy:
+    src: 'files/radicale/radicale_users'
+    dest: '{{ radicale_app_dir }}/radicale_users'
+    owner: sonny
+    group: sonny
+    mode: '0750'
+
+- name: Copy NGINX configuration
+  become: true
+  ansible.builtin.template:
+    src: 'templates/radicale/nginx.j2'
+    dest: '{{ radicale_app_dir }}/nginx.conf.d/default.conf'
+    owner: sonny
+    group: sonny
+    mode: '0755'
+
+- name: Start container
+  community.docker.docker_compose_v2:
+    project_src: '{{ radicale_app_dir }}'
+    remove_orphans: true
+    state: present
+    build: always