system-config/playbooks/roles/etherpad/tasks/main.yaml

- name: Ensure docker-compose directory exists
  file:
    state: directory
    path: /etc/etherpad-docker

- name: Write settings file
  template:
    src: docker-compose.yaml.j2
    dest: /etc/etherpad-docker/docker-compose.yaml

- name: Ensure database volume exists
  file:
    state: directory
    path: /var/etherpad/db

- name: Ensure config directory exists
  file:
    state: directory
    path: /etc/etherpad

- name: Ensure db config directory exists
  file:
    state: directory
    path: /etc/etherpad/mysql

- name: Install database config settings
  copy:
    src: my.cnf
    dest: /etc/etherpad/mysql/my.cnf

- name: Make directory for robots.txt
  file:
    path: /var/etherpad/www
    state: directory

- name: Install robots.txt
  copy:
    src: robots.txt
    dest: /var/etherpad/www/robots.txt

- name: Install apache2
  apt:
    name:
      - apache2
      - apache2-utils
    state: present

- name: Apache modules
  apache2_module:
    state: present
    name: "{{ item }}"
  loop:
    - rewrite
    - proxy
    - proxy_http
    - ssl
    - headers
    - proxy_wstunnel

- name: Copy apache tuning
  copy:
    src: apache-connection-tuning
    dest: /etc/apache2/conf-enabled/connection-tuning.conf
    owner: root
    group: root
    mode: 0644
  notify: etherpad Reload apache2

- name: Copy apache config
  template:
    src: etherpad.vhost.j2
    dest: /etc/apache2/sites-enabled/000-default.conf
    owner: root
    group: root
    mode: 0644
  notify: etherpad Reload apache2

- name: Copy redirect config
  template:
    src: redirect.vhost.j2
    dest: "/etc/apache2/sites-enabled/010-{{ etherpad_redirect_vhost }}.conf"
    owner: root
    group: root
    mode: 0644
  when: etherpad_redirect_vhost is defined
  notify: etherpad Reload apache2

- name: Write settings file
  template:
    src: settings.json.j2
    dest: /etc/etherpad/settings.json

- name: Clean up from old ep_headings hack
  file:
    path: /etc/etherpad/node_modules
    state: absent

- name: Remove npm
  package:
    name:
      - npm
    state: absent

- name: Run docker-compose pull
  shell:
    cmd: docker-compose pull
    chdir: /etc/etherpad-docker/

- name: Run docker-compose up
  shell:
    cmd: docker-compose up -d
    chdir: /etc/etherpad-docker/

- name: Run docker prune to cleanup unneeded images
  shell:
    cmd: docker image prune -f

- name: Create db backup dest
  file:
    state: directory
    path: /var/backups/etherpad-mariadb
    mode: 0700
    owner: root
    group: root

- name: Set up cron job for local database backup
  cron:
    name: etherpad-db-backup
    state: present
    user: root
    job: >
      /usr/local/bin/docker-compose -f /etc/etherpad-docker/docker-compose.yaml exec -T mariadb
      bash -c '/usr/bin/mysqldump --opt --databases etherpad-lite --single-transaction -uroot -p"$MYSQL_ROOT_PASSWORD"' |
      gzip -9 > /var/backups/etherpad-mariadb/etherpad-mariadb.sql.gz      
    minute: 42
    hour: 4

- name: Rotate db backups
  include_role:
    name: logrotate
  vars:
    logrotate_rotate: 2
    logrotate_file_name: /var/backups/etherpad-mariadb/etherpad-mariadb.sql.gz
    logrotate_compress: false

- name: Setup db backup streaming job
  block:
    - name: Create backup streaming config dir
      file:
        path: /etc/borg-streams
        state: directory

    - name: Create db streaming file
      copy:
        content: >-
          /usr/local/bin/docker-compose -f /etc/etherpad-docker/docker-compose.yaml exec -T mariadb
          bash -c '/usr/bin/mysqldump --skip-extended-insert --databases etherpad-lite --single-transaction -uroot -p"$MYSQL_ROOT_PASSWORD"'          
        dest: /etc/borg-streams/mysql