roundcube: the available skins is now a variable. Configure enigma to support multihost as an option.

library/centos/playbooks/centos-update/main.yml

@@ -1,38 +0,0 @@
-# This playbook updates hosts without guests.
-#
-# requires -e "target=somehostname" -e "yumcommand=update"
-
-
-- name: update the system
-  hosts: "{{ target }}"
-  gather_facts: false
-  remote_user: root
- 
-  tasks: 
-#  - name: expire-caches
-#    command: yum clean expire-cache
-    
-#  - name: yum -y {{ yumcommand }}
-#    command: yum -y {{ yumcommand }}
-#    async: 7200
-#    poll: 30
-
-  - name: Update all the packages
-    yum: name=* state=latest update_cache=yes
-    async: 7200
-    poll: 30
-
-- name: run rkhunter if installed
-  hosts:  "{{ target }}"
-  remote_user: root
-
-  tasks:
-  - name: check for rkhunter
-    command: /usr/bin/test -f /usr/bin/rkhunter
-    register: rkhunter
-    ignore_errors: true
-  
-  - name: run rkhunter --propupd
-    command: /usr/bin/rkhunter --propupd
-    when: rkhunter|success
-

library/centos/playbooks/centos-update/main.yml

@@ -0,0 +1 @@
+centos-update.yml

library/roles/roundcube/defaults/main.yml

@@ -102,6 +102,11 @@ roundcube_optional_plugins:
   - managesieve
   - krb_authentication
 
+roundcube_default_skin: 'elastic'
+roundcube_available_skins: 
+  - 'elastic'
+  - 'larry'
+
 roundcube_install_enigma: True
 roundcube_enigma_plugin: enigma
 roundcube_enigma_data_dir: '{{ roundcube_data_dir }}/enigma'
@@ -110,6 +115,11 @@ roundcube_enigma_deps:
   - pinentry-curses
   - pinentry-tty
 
+roundcube_enigma_gpg_bin: /usr/bin/gpg
+roundcube_enigma_gpgconf_bin: /usr/bin/gpgconf
+roundcube_enigma_gpgagent_bin: /usr/bin/gpg-agent
+roundcube_enigma_multihost: 'false'
+
 roundcube_managesieve_config: True
 roundcube_managesieve_auth: 'plain'
 roundcube_managesieve_port: 4190

library/roles/roundcube/templates/config.inc.php.j2

@@ -83,7 +83,81 @@ $config['cipher_method'] = 'AES-256-CBC';
 $config['plugins'] = array({% for plug in roundcube_default_plugins %}'{{ plug }}', {% endfor %}{% for opt_plug in roundcube_optional_plugins %}'{{ opt_plug }}', {% endfor %}{% for add_plug in roundcube_additional_plugins %}'{{ add_plug }}', {% endfor %}{% if roundcube_install_enigma %}{{ roundcube_enigma_plugin }}{% endif %});
 
 {% if roundcube_install_enigma %}
+// Enigma Plugin options
+// --------------------
+
+// A driver to use for PGP. Default: "gnupg".
+$config['enigma_pgp_driver'] = 'gnupg';
+
+// A driver to use for S/MIME. Default: "phpssl".
+$config['enigma_smime_driver'] = 'phpssl';
+
+// Enables logging of enigma operations (including Crypt_GPG debug info)
+$config['enigma_debug'] = false;
+
+// REQUIRED! Keys directory for all users.
+// Must be writeable by PHP process, and not in the web server document root
 $config['enigma_pgp_homedir'] = '{{ roundcube_enigma_data_dir }}/';
+
+// Location of gpg binary. By default it will be auto-detected.
+// This is also a way to force gpg2 use if there are both 1.x and 2.x on the system.
+$config['enigma_pgp_binary'] = '{{ roundcube_enigma_gpg_bin }}';
+
+// Location of gpg-agent binary. By default it will be auto-detected.
+// It's used with GnuPG 2.x.
+$config['enigma_pgp_agent'] = '{{ roundcube_enigma_gpgagent_bin }}';
+
+// Location of gpgconf binary. By default it will be auto-detected.
+// It's used with GnuPG >= 2.1.
+$config['enigma_pgp_gpgconf'] = '{{ roundcube_enigma_gpgconf_bin }}';
+
+// Name of the PGP symmetric cipher algorithm.
+// Run gpg --version to see the list of supported algorithms
+$config['enigma_pgp_cipher_algo'] = null;
+
+// Name of the PGP digest (hash) algorithm.
+// Run gpg --version to see the list of supported algorithms
+$config['enigma_pgp_digest_algo'] = null;
+
+// Enables multi-host environments support.
+// Enable it if you have more than one HTTP server.
+// Make sure all servers run the same GnuPG version and have time in sync.
+// Keys will be stored in SQL database (make sure max_allowed_packet
+// is big enough).
+$config['enigma_multihost'] = {{ roundcube_enigma_multihost }};
+
+// Enables signatures verification feature.
+$config['enigma_signatures'] = true;
+
+// Enables messages decryption feature.
+$config['enigma_decryption'] = true;
+
+// Enables messages encryption and signing feature.
+$config['enigma_encryption'] = true;
+
+// Enable signing all messages by default
+$config['enigma_sign_all'] = false;
+
+// Enable encrypting all messages by default
+$config['enigma_encrypt_all'] = false;
+
+// Enable attaching a public key to all messages by default
+$config['enigma_attach_pubkey'] = false;
+
+// Default for how long to store private key passwords (in minutes).
+// When set to 0 passwords will be stored for the whole session.
+$config['enigma_password_time'] = 5;
+
+// With this option you can lock composing options
+// of the plugin forcing the user to use configured settings.
+// The array accepts: 'sign', 'encrypt', 'pubkey'.
+//
+// For example, to force your users to sign every email,
+// you should set:
+//     - enigma_sign_all     = true
+//     - enigma_options_lock = array('sign')
+//     - dont_override       = array('enigma_sign_all')
+$config['enigma_options_lock'] = array();
 {% endif %}
 
 {% if roundcube_use_memcache %}
@@ -132,10 +206,10 @@ $config['redis_max_allowed_packet'] = '2M';
 $config['enable_installer'] = false;
 
 // skin name: folder from skins/
-$config['skin'] = 'elastic';
+$config['skin'] = '{{ roundcube_default_skin }}';
 
 // limit skins available/shown in the settings section
-$config['skins_allowed'] = array('elastic');
+$config['skins_allowed'] = array({% for skin in roundcube_available_skins %}'{{ skin }}'{% if not loop.last %}, {% endif %} {% endfor %});
 
 // Logo image replacement. Specifies location of the image as:
 // - URL relative to the document root of this Roundcube installation