2023-06-01 19:02:20 +02:00
|
|
|
---
|
|
|
|
# tasks file for debian-mail
|
|
|
|
|
2023-06-04 19:10:27 +02:00
|
|
|
- name: Install vimrc
|
|
|
|
ansible.builtin.import_role:
|
|
|
|
name: vimrc
|
|
|
|
vars:
|
|
|
|
user: "debian"
|
|
|
|
|
2023-06-01 19:02:20 +02:00
|
|
|
- name: Fetch bridge_pubkey.gpg
|
|
|
|
ansible.builtin.get_url:
|
|
|
|
url: https://proton.me/download/bridge/bridge_pubkey.gpg
|
|
|
|
dest: /tmp/bridge_pubkey.gpg
|
|
|
|
|
|
|
|
- name: Sign bridge_pubkey.gpg
|
|
|
|
ansible.builtin.shell:
|
|
|
|
cmd: rm -f debsig.gpg && gpg --dearmor --output debsig.gpg bridge_pubkey.gpg
|
|
|
|
chdir: /tmp
|
|
|
|
|
|
|
|
- name: Create keyring directory
|
|
|
|
ansible.builtin.file:
|
|
|
|
path: /usr/share/debsig/keyrings/E2C75D68E6234B07
|
|
|
|
state: directory
|
|
|
|
recurse: true
|
|
|
|
|
|
|
|
- name: Move debsig.gpg to keyring directory
|
|
|
|
ansible.builtin.copy:
|
|
|
|
src: /tmp/debsig.gpg
|
|
|
|
dest: /usr/share/debsig/keyrings/E2C75D68E6234B07
|
|
|
|
remote_src: true
|
|
|
|
|
|
|
|
- name: Create policy directory
|
|
|
|
ansible.builtin.file:
|
|
|
|
path: /etc/debsig/policies/E2C75D68E6234B07
|
|
|
|
state: directory
|
|
|
|
recurse: true
|
|
|
|
|
|
|
|
- name: Fetch and install the policy file
|
|
|
|
ansible.builtin.get_url:
|
|
|
|
url: https://proton.me/download/bridge/bridge.pol
|
|
|
|
dest: /etc/debsig/policies/E2C75D68E6234B07//bridge.pol
|
|
|
|
|
|
|
|
- name: Fetch protonmail-bridge DEB package
|
|
|
|
ansible.builtin.get_url:
|
|
|
|
url: https://proton.me/download/bridge/protonmail-bridge_3.2.0-1_amd64.deb
|
|
|
|
dest: /tmp/protonmail-bridge_3.2.0-1_amd64.deb
|
|
|
|
|
|
|
|
- name: Verify the signature on the protonmail-bridge package file
|
|
|
|
ansible.builtin.shell:
|
|
|
|
cmd: debsig-verify protonmail-bridge_3.2.0-1_amd64.deb
|
|
|
|
chdir: /tmp
|
|
|
|
register: debsig_output
|
|
|
|
failed_when: '"Verified package" not in debsig_output.stdout or debsig_output.rc != 0'
|
|
|
|
|
|
|
|
- name: Install protonmail-bridge_3.2.0-1_amd64.deb
|
|
|
|
ansible.builtin.apt:
|
|
|
|
deb: /tmp/protonmail-bridge_3.2.0-1_amd64.deb
|
|
|
|
|
|
|
|
- name: Copy systemd unit files for offlineimap
|
|
|
|
ansible.builtin.copy:
|
|
|
|
src: /usr/share/doc/offlineimap3/examples/systemd/offlineimap-oneshot.service
|
|
|
|
dest: /etc/systemd/system/offlineimap-oneshot.service
|
|
|
|
remote_src: true
|
|
|
|
|
|
|
|
- name: Change running user and group to debian for offlineimap-oneshot.service
|
|
|
|
ansible.builtin.blockinfile:
|
|
|
|
path: /etc/systemd/system/offlineimap-oneshot.service
|
|
|
|
insertafter: "Type=oneshot"
|
|
|
|
block: |
|
|
|
|
User=debian
|
|
|
|
Group=debian
|
|
|
|
|
|
|
|
- name: Create offlineimap-oneshot.timer
|
|
|
|
ansible.builtin.blockinfile:
|
|
|
|
path: /etc/systemd/system/offlineimap-oneshot.timer
|
|
|
|
create: true
|
|
|
|
block: |
|
|
|
|
[Unit]
|
|
|
|
Description=Offlineimap Query Timer
|
|
|
|
|
|
|
|
[Timer]
|
|
|
|
OnCalendar=daily
|
|
|
|
|
|
|
|
[Install]
|
|
|
|
WantedBy=default.target
|
|
|
|
|
|
|
|
- name: Create pm-bridge-tty.service
|
|
|
|
ansible.builtin.blockinfile:
|
|
|
|
path: /etc/systemd/system/pm-bridge-tty.service
|
|
|
|
create: true
|
|
|
|
block: |
|
|
|
|
[Unit]
|
|
|
|
Description=faketty service for protonmail-bridge
|
|
|
|
|
|
|
|
[Service]
|
|
|
|
Type=simple
|
|
|
|
User=debian
|
|
|
|
Group=debian
|
|
|
|
ExecStart=/usr/local/bin/pm-bridge-tty
|
|
|
|
|
|
|
|
[Install]
|
|
|
|
WantedBy=multi-user.target
|
|
|
|
|
|
|
|
- name: Copy offlineimaprc for debian
|
|
|
|
ansible.builtin.copy:
|
|
|
|
src: files/offlineimaprc
|
|
|
|
dest: /home/debian/.offlineimaprc
|
|
|
|
owner: debian
|
|
|
|
group: debian
|
|
|
|
|
|
|
|
- name: Copy protonmail-bridge faketty script
|
|
|
|
ansible.builtin.copy:
|
|
|
|
src: files/pm-bridge-tty
|
|
|
|
dest: /usr/local/bin/pm-bridge-tty
|
|
|
|
owner: root
|
|
|
|
group: root
|
|
|
|
mode: u=rwx,g=rx,o=rx
|
|
|
|
|
|
|
|
- name: Enable offlineimap systemd timer
|
|
|
|
ansible.builtin.systemd:
|
|
|
|
name: offlineimap-oneshot.timer
|
|
|
|
enabled: true
|
|
|
|
|
2023-06-10 23:52:27 +02:00
|
|
|
- name: Create archivebox.service
|
|
|
|
ansible.builtin.blockinfile:
|
|
|
|
path: /etc/systemd/system/archivebox.service
|
|
|
|
create: true
|
|
|
|
block: |
|
|
|
|
[Unit]
|
|
|
|
Description=Archivebox server
|
|
|
|
After=network.target network-online.target
|
|
|
|
Requires=network-online.target
|
|
|
|
|
|
|
|
[Service]
|
|
|
|
Type=simple
|
|
|
|
User=debian
|
|
|
|
Group=debian
|
|
|
|
ExecStart=/usr/local/bin/archivebox server 0.0.0.0:8000
|
|
|
|
WorkingDirectory=/home/debian/data
|
|
|
|
|
|
|
|
[Install]
|
|
|
|
WantedBy=multi-user.target
|
|
|
|
|
|
|
|
- name: Install Archivebox
|
|
|
|
ansible.builtin.shell:
|
|
|
|
cmd: sudo pip install archivebox --break-system-packages
|
|
|
|
|
2023-06-01 19:02:20 +02:00
|
|
|
- name: Message to Ansible user
|
|
|
|
ansible.builtin.debug:
|
|
|
|
msg:
|
|
|
|
- "Run 'pm-bridge-tty init' to initialize the bridge."
|
|
|
|
- "Login to Proton Mail with your user credentials."
|
|
|
|
- "Wait for the sync to finish."
|
|
|
|
- "Copy SMTP password and add it to /home/debian/.offlineimaprc"
|
|
|
|
- "Run 'notmuch setup'"
|
2023-06-10 23:52:27 +02:00
|
|
|
- "sudo systemctl enable --now pm-bridge-tty.service"
|
|
|
|
- "sudo systemctl start offlineimap-oneshot.service"
|
|
|
|
- "sudo systemctl enable offlineimap-oneshot.timer"
|
|
|
|
- "mkdir /home/debian/data"
|
|
|
|
- "cd /home/debian/data"
|
|
|
|
- "archivebox init"
|