ansible-homelab/roles/debian-archive/tasks/main.yml
2023-06-10 16:55:21 -05:00

162 lines
4.5 KiB
YAML

---
# tasks file for debian-mail
- name: Install vimrc
ansible.builtin.import_role:
name: vimrc
vars:
user: "debian"
- name: Fetch bridge_pubkey.gpg
ansible.builtin.get_url:
url: https://proton.me/download/bridge/bridge_pubkey.gpg
dest: /tmp/bridge_pubkey.gpg
- name: Sign bridge_pubkey.gpg
ansible.builtin.shell:
cmd: rm -f debsig.gpg && gpg --dearmor --output debsig.gpg bridge_pubkey.gpg
chdir: /tmp
- name: Create keyring directory
ansible.builtin.file:
path: /usr/share/debsig/keyrings/E2C75D68E6234B07
state: directory
recurse: true
- name: Move debsig.gpg to keyring directory
ansible.builtin.copy:
src: /tmp/debsig.gpg
dest: /usr/share/debsig/keyrings/E2C75D68E6234B07
remote_src: true
- name: Create policy directory
ansible.builtin.file:
path: /etc/debsig/policies/E2C75D68E6234B07
state: directory
recurse: true
- name: Fetch and install the policy file
ansible.builtin.get_url:
url: https://proton.me/download/bridge/bridge.pol
dest: /etc/debsig/policies/E2C75D68E6234B07//bridge.pol
- name: Fetch protonmail-bridge DEB package
ansible.builtin.get_url:
url: https://proton.me/download/bridge/protonmail-bridge_3.2.0-1_amd64.deb
dest: /tmp/protonmail-bridge_3.2.0-1_amd64.deb
- name: Verify the signature on the protonmail-bridge package file
ansible.builtin.shell:
cmd: debsig-verify protonmail-bridge_3.2.0-1_amd64.deb
chdir: /tmp
register: debsig_output
failed_when: '"Verified package" not in debsig_output.stdout or debsig_output.rc != 0'
- name: Install protonmail-bridge_3.2.0-1_amd64.deb
ansible.builtin.apt:
deb: /tmp/protonmail-bridge_3.2.0-1_amd64.deb
- name: Copy systemd unit files for offlineimap
ansible.builtin.copy:
src: /usr/share/doc/offlineimap3/examples/systemd/offlineimap-oneshot.service
dest: /etc/systemd/system/offlineimap-oneshot.service
remote_src: true
- name: Change running user and group to debian for offlineimap-oneshot.service
ansible.builtin.blockinfile:
path: /etc/systemd/system/offlineimap-oneshot.service
insertafter: "Type=oneshot"
block: |
User=debian
Group=debian
- name: Create offlineimap-oneshot.timer
ansible.builtin.blockinfile:
path: /etc/systemd/system/offlineimap-oneshot.timer
create: true
block: |
[Unit]
Description=Offlineimap Query Timer
[Timer]
OnCalendar=daily
[Install]
WantedBy=default.target
- name: Create pm-bridge-tty.service
ansible.builtin.blockinfile:
path: /etc/systemd/system/pm-bridge-tty.service
create: true
block: |
[Unit]
Description=faketty service for protonmail-bridge
[Service]
Type=simple
User=debian
Group=debian
ExecStart=/usr/local/bin/pm-bridge-tty
[Install]
WantedBy=multi-user.target
- name: Copy offlineimaprc for debian
ansible.builtin.copy:
src: files/offlineimaprc
dest: /home/debian/.offlineimaprc
owner: debian
group: debian
- name: Copy protonmail-bridge faketty script
ansible.builtin.copy:
src: files/pm-bridge-tty
dest: /usr/local/bin/pm-bridge-tty
owner: root
group: root
mode: u=rwx,g=rx,o=rx
- name: Enable offlineimap systemd timer
ansible.builtin.systemd:
name: offlineimap-oneshot.timer
enabled: true
- name: Create archivebox.service
ansible.builtin.blockinfile:
path: /etc/systemd/system/archivebox.service
create: true
block: |
[Unit]
Description=Archivebox server
After=network.target network-online.target
Requires=network-online.target
[Service]
Type=simple
User=debian
Group=debian
ExecStart=/usr/local/bin/archivebox server 0.0.0.0:8000
WorkingDirectory=/home/debian/data
[Install]
WantedBy=multi-user.target
- name: Install Archivebox
ansible.builtin.shell:
cmd: sudo pip install archivebox --break-system-packages
- name: Message to Ansible user
ansible.builtin.debug:
msg:
- "Run 'pm-bridge-tty init' to initialize the bridge."
- "Login to Proton Mail with your user credentials."
- "Wait for the sync to finish."
- "Copy SMTP password and add it to /home/debian/.offlineimaprc"
- "Run 'notmuch setup'"
- "sudo systemctl enable --now pm-bridge-tty.service"
- "sudo systemctl start offlineimap-oneshot.service"
- "sudo systemctl enable offlineimap-oneshot.timer"
- "mkdir /home/debian/data"
- "cd /home/debian/data"
- "archivebox init"