roundcube: the available skins is now a variable. Configure enigma to support multihost as an option.

This commit is contained in:
Andrea Dell'Amico 2019-12-31 15:31:19 +01:00
parent 72810580ee
commit 9170706a03
3 changed files with 87 additions and 40 deletions

View File

@ -1,38 +0,0 @@
# This playbook updates hosts without guests.
#
# requires -e "target=somehostname" -e "yumcommand=update"
- name: update the system
hosts: "{{ target }}"
gather_facts: false
remote_user: root
tasks:
# - name: expire-caches
# command: yum clean expire-cache
# - name: yum -y {{ yumcommand }}
# command: yum -y {{ yumcommand }}
# async: 7200
# poll: 30
- name: Update all the packages
yum: name=* state=latest update_cache=yes
async: 7200
poll: 30
- name: run rkhunter if installed
hosts: "{{ target }}"
remote_user: root
tasks:
- name: check for rkhunter
command: /usr/bin/test -f /usr/bin/rkhunter
register: rkhunter
ignore_errors: true
- name: run rkhunter --propupd
command: /usr/bin/rkhunter --propupd
when: rkhunter|success

View File

@ -0,0 +1 @@
centos-update.yml

View File

@ -102,6 +102,11 @@ roundcube_optional_plugins:
- managesieve
- krb_authentication
roundcube_default_skin: 'elastic'
roundcube_available_skins:
- 'elastic'
- 'larry'
roundcube_install_enigma: True
roundcube_enigma_plugin: enigma
roundcube_enigma_data_dir: '{{ roundcube_data_dir }}/enigma'
@ -110,6 +115,11 @@ roundcube_enigma_deps:
- pinentry-curses
- pinentry-tty
roundcube_enigma_gpg_bin: /usr/bin/gpg
roundcube_enigma_gpgconf_bin: /usr/bin/gpgconf
roundcube_enigma_gpgagent_bin: /usr/bin/gpg-agent
roundcube_enigma_multihost: 'false'
roundcube_managesieve_config: True
roundcube_managesieve_auth: 'plain'
roundcube_managesieve_port: 4190

View File

@ -83,7 +83,81 @@ $config['cipher_method'] = 'AES-256-CBC';
$config['plugins'] = array({% for plug in roundcube_default_plugins %}'{{ plug }}', {% endfor %}{% for opt_plug in roundcube_optional_plugins %}'{{ opt_plug }}', {% endfor %}{% for add_plug in roundcube_additional_plugins %}'{{ add_plug }}', {% endfor %}{% if roundcube_install_enigma %}{{ roundcube_enigma_plugin }}{% endif %});
{% if roundcube_install_enigma %}
// Enigma Plugin options
// --------------------
// A driver to use for PGP. Default: "gnupg".
$config['enigma_pgp_driver'] = 'gnupg';
// A driver to use for S/MIME. Default: "phpssl".
$config['enigma_smime_driver'] = 'phpssl';
// Enables logging of enigma operations (including Crypt_GPG debug info)
$config['enigma_debug'] = false;
// REQUIRED! Keys directory for all users.
// Must be writeable by PHP process, and not in the web server document root
$config['enigma_pgp_homedir'] = '{{ roundcube_enigma_data_dir }}/';
// Location of gpg binary. By default it will be auto-detected.
// This is also a way to force gpg2 use if there are both 1.x and 2.x on the system.
$config['enigma_pgp_binary'] = '{{ roundcube_enigma_gpg_bin }}';
// Location of gpg-agent binary. By default it will be auto-detected.
// It's used with GnuPG 2.x.
$config['enigma_pgp_agent'] = '{{ roundcube_enigma_gpgagent_bin }}';
// Location of gpgconf binary. By default it will be auto-detected.
// It's used with GnuPG >= 2.1.
$config['enigma_pgp_gpgconf'] = '{{ roundcube_enigma_gpgconf_bin }}';
// Name of the PGP symmetric cipher algorithm.
// Run gpg --version to see the list of supported algorithms
$config['enigma_pgp_cipher_algo'] = null;
// Name of the PGP digest (hash) algorithm.
// Run gpg --version to see the list of supported algorithms
$config['enigma_pgp_digest_algo'] = null;
// Enables multi-host environments support.
// Enable it if you have more than one HTTP server.
// Make sure all servers run the same GnuPG version and have time in sync.
// Keys will be stored in SQL database (make sure max_allowed_packet
// is big enough).
$config['enigma_multihost'] = {{ roundcube_enigma_multihost }};
// Enables signatures verification feature.
$config['enigma_signatures'] = true;
// Enables messages decryption feature.
$config['enigma_decryption'] = true;
// Enables messages encryption and signing feature.
$config['enigma_encryption'] = true;
// Enable signing all messages by default
$config['enigma_sign_all'] = false;
// Enable encrypting all messages by default
$config['enigma_encrypt_all'] = false;
// Enable attaching a public key to all messages by default
$config['enigma_attach_pubkey'] = false;
// Default for how long to store private key passwords (in minutes).
// When set to 0 passwords will be stored for the whole session.
$config['enigma_password_time'] = 5;
// With this option you can lock composing options
// of the plugin forcing the user to use configured settings.
// The array accepts: 'sign', 'encrypt', 'pubkey'.
//
// For example, to force your users to sign every email,
// you should set:
// - enigma_sign_all = true
// - enigma_options_lock = array('sign')
// - dont_override = array('enigma_sign_all')
$config['enigma_options_lock'] = array();
{% endif %}
{% if roundcube_use_memcache %}
@ -132,10 +206,10 @@ $config['redis_max_allowed_packet'] = '2M';
$config['enable_installer'] = false;
// skin name: folder from skins/
$config['skin'] = 'elastic';
$config['skin'] = '{{ roundcube_default_skin }}';
// limit skins available/shown in the settings section
$config['skins_allowed'] = array('elastic');
$config['skins_allowed'] = array({% for skin in roundcube_available_skins %}'{{ skin }}'{% if not loop.last %}, {% endif %} {% endfor %});
// Logo image replacement. Specifies location of the image as:
// - URL relative to the document root of this Roundcube installation