mantis

2024-06-25 05:00:15 +00:00 · 2021-01-20 17:55:13 -07:00 · 2021-01-20 17:55:13 -07:00 · a283fd378f
commit a283fd378f
parent 992f4cddd9
4 changed files with 121 additions and 10 deletions
--- a/ansible/playbooks/tasks/mantis.yml
+++ b/ansible/playbooks/tasks/mantis.yml
@ -14,15 +14,35 @@
  yum:
    name: "{{ mantis_pkg }}"
    state: present
-  vars:
-    mantis_pkg:
-      - php
-      - php-ldap
-      - httpd
-      - mod_ssl
-      - php-pgsql
-      - php-mbstring
-      - php-curl
-      - openldap
  tags:
    - packages
+
+- name: Download the bugtracker
+  get_url:
+    url: "http://downloads.sourceforge.net/mantisbt/mantisbt-{{ mantis_version }}.tar.gz"
+    dest: "/tmp/mantisbt-{{ mantis_version }}.tar.gz"
+    checksum: "{{ mantis_checksum }}"
+
+- name: Extract mantis
+  unarchive:
+    src: "/tmp/mantisbt-{{ mantis_version }}.tar.gz"
+    dest: "/var/www"
+    owner: apache
+    group: apache
+    remote_src: true
+
+- name: Configure mantis
+  template:
+    src: "var/www/mantis/config/config_inc.php.j2"
+    dest: "/var/www/mantisbt-{{ mantis_version }}/config/config_inc.php"
+    owner: apache
+    group: apache
+    mode: '0640'
+
+- name: Configure httpd
+  template:
+    src: "etc/httpd/conf.d/mantis.conf.j2"
+    dest: "/etc/httpd/conf.d/mantis.conf"
+    owner: root
+    group: root
+    mode: '0644'
--- a/ansible/playbooks/templates/etc/httpd/conf.d/mantis.conf.j2
+++ b/ansible/playbooks/templates/etc/httpd/conf.d/mantis.conf.j2
@ -0,0 +1,33 @@
+<VirtualHost *:80>
+  ServerAdmin infrastructure@rockylinux.org
+  DocumentRoot "/var/www/mantisbt-{{ mantis_version }}"
+  ServerName bugs.rockylinux.org
+  TransferLog /var/log/httpd/mantis_access.log
+  ErrorLog /var/log/httpd/mantis_error.log
+  <Directory "/var/www/mantisbt-{{ mantis_version }}/">
+    Options MultiViews FollowSymlinks
+    AllowOverride All
+    Order allow,deny
+    Allow from all
+  </Directory>
+</VirtualHost>
+
+<VirtualHost *:443>
+  SSLEngine on
+  SSLHonorCipherOrder on
+  SSLCipherSuite PROFILE=SYSTEM
+  SSLProxyCipherSuite PROFILE=SYSTEM
+  SSLCertificateFile /etc/pki/tls/certs/bugs.rockylinux.org.crt
+  SSLCertificateKeyFile /etc/pki/tls/private/bugs.rockylinux.org.key
+  ServerAdmin infrastructure@rockylinux.org
+  DocumentRoot "/var/www/mantisbt-{{ mantis_version }}"
+  ServerName bugs.rockylinux.org
+  TransferLog /var/log/httpd/mantis_access.log
+  ErrorLog /var/log/httpd/mantis_error.log
+  <Directory "/var/www/mantisbt-{{ mantis_version }}/">
+    Options MultiViews FollowSymlinks
+    AllowOverride All
+    Order allow,deny
+    Allow from all
+  </Directory>
+</VirtualHost>
--- a/ansible/playbooks/templates/var/www/mantis/config/config_inc.php.j2
+++ b/ansible/playbooks/templates/var/www/mantis/config/config_inc.php.j2
@ -0,0 +1,40 @@
+<?php
+$g_hostname               = 'build-a-box.labs.angelsofclockwork.net';
+$g_db_type                = 'pgsql';
+$g_database_name          = '{{ mantis_db_name }}';
+$g_db_username            = '{{ mantis_db_user }}';
+$g_db_password            = '{{ mantis_db_pass }}';
+
+$g_default_timezone       = 'UTC';
+
+$g_crypto_master_salt     = 'DDQF2sdgdPycpzfWNSOt4KelQlz7h0kb9HHxaUFpYXk=';
+
+# Added
+$g_login_method          = 'LDAP';
+$g_ldap_server           = '{{ rocky_ipaserver_lb }}';
+$g_ldap_root_dn          = '{{ rocky_ldap_user_basedn }}';
+$g_ldap_organization     = '(objectClass=posixAccount)';
+$g_ldap_protocol_version = 3;
+$g_ldap_network_timeout  = 30;
+$g_ldap_follow_referrals = ON;
+$g_ldap_bind_dn          = '{{ mantis_binder_user }}';
+$g_ldap_bind_passwd      = '{{ mantis_binder_pass }}';
+$g_ldap_uid_field        = 'uid';
+$g_ldap_realname_field   = 'cn';
+$g_use_ldap_realname     = ON;
+$g_use_ldap_email        = ON;
+
+$g_webmaster_email       = 'infrastructure@rockylinux.org';
+$g_from_email            = 'noreply@rockylinux.org';
+$g_return_path_email     = 'noreply@rockylinux.org';
+$g_from_name             = 'Rocky Linux Bugzilla';
+$g_allow_file_upload     = ON;
+$g_file_upload_method    = DATABASE; # or DISK
+$g_dropzone_enabled      = ON;
+$g_show_realname         = ON;
+$g_allowed_files         = 'log,patch,txt';
+$g_disallowed_files      = 'exe,tar,tgz,tar.gz,pl,sh';
+$g_window_title          = 'Rocky Bugzilla';
+$g_allow_signup          = OFF;
+$g_allow_anonymous_login = ON;
+$g_anonymous_account     = 'anonymous';
--- a/ansible/playbooks/vars/mantis.yml
+++ b/ansible/playbooks/vars/mantis.yml
@ -0,0 +1,18 @@
+---
+# mantis vars
+mantis_version: 2.24.2
+mantis_checksum: "sha256:c1b483c8395a0fb1249bcc50ada203db584d819f4f6f606b1d1eec42c5205cb8"
+mantis_pkg:
+  - php
+  - php-ldap
+  - httpd
+  - mod_ssl
+  - php-pgsql
+  - php-mbstring
+  - php-curl
+  - openldap
+mantis_db_name: mantis
+mantis_db_user: mantis
+#mantis_db_pass: ThisIsNotThePassword!
+mantis_binder_user: "uid=mantis_binder,cn=sysaccounts,cn=etc,dc=rockylinux,dc=org"
+#mantis_binder_pass: ThisIsNotThePassword!