From 571486451d4cff5c748e5c5d9ec2a14f36a6e4de Mon Sep 17 00:00:00 2001
From: Benjamin Graillot <graillot@crans.org>
Date: Sat, 26 Dec 2020 15:59:55 +0100
Subject: [PATCH 1/6] [dns] rename template path

---
 roles/dns/templates/{firewall => dns}/re2o-config.ini.j2 | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename roles/dns/templates/{firewall => dns}/re2o-config.ini.j2 (100%)

diff --git a/roles/dns/templates/firewall/re2o-config.ini.j2 b/roles/dns/templates/dns/re2o-config.ini.j2
similarity index 100%
rename from roles/dns/templates/firewall/re2o-config.ini.j2
rename to roles/dns/templates/dns/re2o-config.ini.j2
-- 
GitLab


From 5ad43338670aee5fe1c43dfcf532cf0d9f44436e Mon Sep 17 00:00:00 2001
From: Benjamin Graillot <graillot@crans.org>
Date: Sat, 26 Dec 2020 16:01:09 +0100
Subject: [PATCH 2/6] [dns] rename template path

---
 roles/dns/templates/cron.d/{firewall.j2 => dns.j2} | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename roles/dns/templates/cron.d/{firewall.j2 => dns.j2} (100%)

diff --git a/roles/dns/templates/cron.d/firewall.j2 b/roles/dns/templates/cron.d/dns.j2
similarity index 100%
rename from roles/dns/templates/cron.d/firewall.j2
rename to roles/dns/templates/cron.d/dns.j2
-- 
GitLab


From 30ae977365d6b8ab1c309f5f18589b803f82a45f Mon Sep 17 00:00:00 2001
From: Benjamin Graillot <graillot@crans.org>
Date: Sat, 26 Dec 2020 16:02:45 +0100
Subject: [PATCH 3/6] [home] add role to deploy home creation script

---
 roles/home/tasks/main.yml              | 46 ++++++++++++++++++++++++++
 roles/home/templates/cron.d/home.j2    |  2 ++
 roles/home/templates/home/config.py.j2 | 10 ++++++
 3 files changed, 58 insertions(+)
 create mode 100644 roles/home/tasks/main.yml
 create mode 100644 roles/home/templates/cron.d/home.j2
 create mode 100644 roles/home/templates/home/config.py.j2

diff --git a/roles/home/tasks/main.yml b/roles/home/tasks/main.yml
new file mode 100644
index 00000000..019fb9e0
--- /dev/null
+++ b/roles/home/tasks/main.yml
@@ -0,0 +1,46 @@
+---
+- name: Install home dependencies
+  apt:
+    update_cache: true
+    install_recommends: false
+    name:
+      - python3-ldap
+  register: apt_result
+  retries: 3
+  until: apt_result is succeeded
+
+- name: Create dns directory
+  file:
+    path: /var/local/home
+    state: directory
+    mode: '2775'
+    owner: root
+    group: nounou
+
+- name: Set ACL for dns directory
+  acl:
+    path: /var/local/home
+    default: true
+    entity: nounou
+    etype: group
+    permissions: rwx
+    state: query
+
+- name: Clone dns repository
+  git:
+    repo: 'http://gitlab.adm.crans.org/nounous/home.git'
+    dest: /var/local/home
+    umask: '002'
+
+- name: Deploy re2o config
+  template:
+    src: dns/config.py.j2
+    dest: /var/local/home/config.py
+    mode: 0600
+    owner: root
+    group: root
+
+- name: Deploy cron for dns
+  template:
+    src: cron.d/home.j2
+    dest: /etc/cron.d/home
diff --git a/roles/home/templates/cron.d/home.j2 b/roles/home/templates/cron.d/home.j2
new file mode 100644
index 00000000..f26e2e46
--- /dev/null
+++ b/roles/home/templates/cron.d/home.j2
@@ -0,0 +1,2 @@
+{{ ansible_header | comment }}
+* * * * * root /usr/bin/python3 /var/local/home/main.py
diff --git a/roles/home/templates/home/config.py.j2 b/roles/home/templates/home/config.py.j2
new file mode 100644
index 00000000..457b0293
--- /dev/null
+++ b/roles/home/templates/home/config.py.j2
@@ -0,0 +1,10 @@
+{{ ansible_header | comment }}
+
+ldap_server = 'ldap://re2o-ldap.adm.crans.org'
+binddn = 'cn=home,ou=service-users,dc=crans,dc=org'
+password = '{{ home.ldap_password }}'
+rootdn = 'cn=Utilisateurs,dc=crans,dc=org'
+home_dir = '/pool/home'
+mail_dir = '/pool/mail'
+home_quota = 'zfs set userquota@{user}=30G pool/home'
+mail_quota = 'zfs set userquota@{user}=10G pool/mail'
-- 
GitLab


From c48b1d565c4bb07d9fcb9dad4e249a3a235d4e8e Mon Sep 17 00:00:00 2001
From: Benjamin Graillot <graillot@crans.org>
Date: Sun, 27 Dec 2020 10:24:41 +0100
Subject: [PATCH 4/6] [home] add playbook to deploy home creation script

---
 plays/home.yml                         | 11 +++++++++++
 roles/home/templates/home/config.py.j2 |  6 +++---
 2 files changed, 14 insertions(+), 3 deletions(-)
 create mode 100755 plays/home.yml

diff --git a/plays/home.yml b/plays/home.yml
new file mode 100755
index 00000000..aa47fa4c
--- /dev/null
+++ b/plays/home.yml
@@ -0,0 +1,11 @@
+#!/usr/bin/env ansible-playbook
+---
+- hosts: cameron.adm.crans.org
+  vars:
+    home:
+      ldap_server: ldap://re2o-ldap.adm.crans.org
+      ldap_password: "{{ vault_ldap_home_password }}"
+      binddn: cn=home,ou=service-users,dc=crans,dc=org
+      rootdn: cn=Utilisateurs,dc=crans,dc=org
+  roles:
+    - home
diff --git a/roles/home/templates/home/config.py.j2 b/roles/home/templates/home/config.py.j2
index 457b0293..e7f29b91 100644
--- a/roles/home/templates/home/config.py.j2
+++ b/roles/home/templates/home/config.py.j2
@@ -1,9 +1,9 @@
 {{ ansible_header | comment }}
 
-ldap_server = 'ldap://re2o-ldap.adm.crans.org'
-binddn = 'cn=home,ou=service-users,dc=crans,dc=org'
+ldap_server = '{{ home.ldap_server }}'
+binddn = '{{ home.binddn }}'
 password = '{{ home.ldap_password }}'
-rootdn = 'cn=Utilisateurs,dc=crans,dc=org'
+rootdn = '{{ home.rootdn }}'
 home_dir = '/pool/home'
 mail_dir = '/pool/mail'
 home_quota = 'zfs set userquota@{user}=30G pool/home'
-- 
GitLab


From 0bee05104535eae679f43f66ba315539506e201f Mon Sep 17 00:00:00 2001
From: Benjamin Graillot <graillot@crans.org>
Date: Sun, 27 Dec 2020 10:34:41 +0100
Subject: [PATCH 5/6] [home] fix names

---
 roles/home/tasks/main.yml | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/roles/home/tasks/main.yml b/roles/home/tasks/main.yml
index 019fb9e0..44f49a39 100644
--- a/roles/home/tasks/main.yml
+++ b/roles/home/tasks/main.yml
@@ -9,7 +9,7 @@
   retries: 3
   until: apt_result is succeeded
 
-- name: Create dns directory
+- name: Create home directory
   file:
     path: /var/local/home
     state: directory
@@ -17,7 +17,7 @@
     owner: root
     group: nounou
 
-- name: Set ACL for dns directory
+- name: Set ACL for home directory
   acl:
     path: /var/local/home
     default: true
@@ -26,7 +26,7 @@
     permissions: rwx
     state: query
 
-- name: Clone dns repository
+- name: Clone home repository
   git:
     repo: 'http://gitlab.adm.crans.org/nounous/home.git'
     dest: /var/local/home
@@ -34,13 +34,13 @@
 
 - name: Deploy re2o config
   template:
-    src: dns/config.py.j2
+    src: home/config.py.j2
     dest: /var/local/home/config.py
     mode: 0600
     owner: root
     group: root
 
-- name: Deploy cron for dns
+- name: Deploy cron for home
   template:
     src: cron.d/home.j2
     dest: /etc/cron.d/home
-- 
GitLab


From 891921115cf9c0c2361e45e0fa035fba594c2fcd Mon Sep 17 00:00:00 2001
From: Benjamin Graillot <graillot@crans.org>
Date: Sun, 27 Dec 2020 10:35:18 +0100
Subject: [PATCH 6/6] [home] fix names

---
 roles/home/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/home/tasks/main.yml b/roles/home/tasks/main.yml
index 44f49a39..10b1ebc5 100644
--- a/roles/home/tasks/main.yml
+++ b/roles/home/tasks/main.yml
@@ -32,7 +32,7 @@
     dest: /var/local/home
     umask: '002'
 
-- name: Deploy re2o config
+- name: Deploy home config
   template:
     src: home/config.py.j2
     dest: /var/local/home/config.py
-- 
GitLab