Bring role up to spec (2.5+, Debian 9) and introduce LetsEncrypt support (#5)

* Bring role up to spec (2.5+) and introduce LetsEncrypt support
* Add Debian 9 support and fix script args chdir
* Use correct schema for travis and use command instead of script
* Make use of requirements.txt for build and fix syntax
* Got better at reading the docs now
* Minor improvements

.travis.yml

@@ -12,8 +12,8 @@ addons:
     - python-pip
 
 install:
-# Install ansible
-- pip install ansible
+# Install requirements
+- pip install -r requirements.txt -U
 
 # Check ansible version
 - ansible --version
@@ -26,4 +26,5 @@ script:
 - ansible-playbook tests/test.yml -i tests/inventory --syntax-check
 
 notifications:
-  webhooks: https://galaxy.ansible.com/api/v1/notifications/
+  webhooks:
+    - https://galaxy.ansible.com/api/v1/notifications/

defaults/main.yml

@@ -10,8 +10,11 @@ directadmin_setup_path: /root
 directadmin_ethernet_device: eth0
 directadmin_custombuild_options_conf: # like http://yourdomain.com/options.conf
 directadmin_custombuild_version: 2.0
-directadmin_custombuild_path: /usr/local/directadmin/custombuild
+directadmin_path: /usr/local/directadmin/
+directadmin_config_path: "{{ directadmin_path }}conf/directadmin.conf"
+directadmin_custombuild_path: "{{ directadmin_path }}custombuild"
 directadmin_cache_timeout: 3600
+directadmin_letsencrypt: True
 
 # Packages - http://help.directadmin.com/item.php?id=354
 directadmin_debian6_packages:
@@ -106,6 +109,49 @@ directadmin_debian8_packages:
 - patch
 - libjemalloc-dev
 
+directadmin_debian9_packages:
+- autoconf
+- automake
+- bind9
+- bison
+- bsd-mailx
+- bzip2
+- cmake
+- cron
+- dnsutils
+- flex
+- g++
+- gcc
+- libaio-dev
+- libaio1
+- libc6-dev
+- libcap-dev
+- libcrypt-openssl-rsa-perl
+- libdb-dev
+- libexpat1-dev
+- libjemalloc-dev
+- libncurses5-dev
+- libnuma-dev
+- libnuma1
+- libperl-dev
+- libsasl2-dev
+- libssl-dev
+- libsystemd-dev
+- libtool
+- logrotate
+- make
+- openssl
+- patch
+- perl
+- perl-base
+- perl-modules
+- pkg-config
+- python
+- quota
+- rsyslog
+- zlib1g
+- zlib1g-dev
+
 directadmin_rhel_generic_packages:
 - gcc
 - gcc-c++

handlers/main.yml

@@ -0,0 +1,5 @@
+---
+- name: restart directadmin
+  service:
+    name: directadmin
+    state: restarted

meta/main.yml

@@ -4,7 +4,7 @@ galaxy_info:
   description: Deploy DirectAdmin with Ansible
   company: Hyperized Hosting
   license: MIT
-  min_ansible_version: 2.1
+  min_ansible_version: 2.5
   platforms:
   - name: EL
     versions:
@@ -17,6 +17,7 @@ galaxy_info:
     - jessie
     - squeeze
     - wheezy
+    - stretch
   galaxy_tags:
   - system
   - web

requirements.txt

@@ -0,0 +1 @@
+ansible

tasks/letsencrypt.yml

@@ -0,0 +1,23 @@
+---
+- name: execute LetsEncrypt setup script
+  command: letsencrypt.sh request_single {{ directadmin_hostname }} 4096
+  args:
+    chdir: /usr/local/directadmin/scripts/
+  register: directadmin_letsencrypt_output
+
+- debug:
+    var: directadmin_letsencrypt_output.stdout_lines
+
+- name: enable SSL with LetsEncrypt for DirectAdmin
+  lineinfile:
+    path: directadmin_config_path
+  regexp: item.regexp
+  line: item.line
+  with_items:
+  - { regexp: '^SSL\=0' , line: 'SSL=1' }
+  - { regexp: '^carootcert=' , line: 'carootcert=/usr/local/directadmin/conf/carootcert.pem' }
+  - { regexp: '^force_hostname=' , line: "force_hostname={{ directadmin_hostname }}" }
+  - { regexp: '^ssl_redirect_host=' , line: "ssl_redirect_host={{ directadmin_hostname }}" }
+  - { regexp: '^letsencrypt=' , line: "letsencrypt=1" }
+  notify:
+  - restart directadmin

tasks/prerequisites-Debian.yml

@@ -7,7 +7,9 @@
     state: present
   with_items:
   - "{{ directadmin_debian6_packages }}"
-  when: "ansible_distribution == 'Debian' and ansible_distribution_release == 'squeeze'"
+  when:
+  - ansible_distribution == 'Debian'
+  - ansible_distribution_release == 'squeeze'
 
 - name: Install dependencies for Debian 7 Wheezy
   apt:
@@ -17,7 +19,9 @@
     state: present
   with_items:
   - "{{ directadmin_debian7_packages }}"
-  when: "ansible_distribution == 'Debian' and ansible_distribution_release == 'wheezy'"
+  when:
+  - ansible_distribution == 'Debian'
+  - ansible_distribution_release == 'wheezy'
 
 - name: Install dependencies for Debian 8 Jessie
   apt:
@@ -26,5 +30,19 @@
     cache_valid_time: "{{ directadmin_cache_timeout }}"
     state: present
   with_items:
-  - "{{ directadmin_debian8_packages }}"
-  when: "ansible_distribution == 'Debian' and ansible_distribution_release == 'jessie'"
+  - "{{ directadmin_debian9_packages }}"
+  when:
+  - ansible_distribution == 'Debian'
+  - ansible_distribution_release == 'jessie'
+
+  - name: Install dependencies for Debian 9 Stretch
+    apt:
+      name: "{{ item }}"
+      update_cache: yes
+      cache_valid_time: "{{ directadmin_cache_timeout }}"
+      state: present
+    with_items:
+    - "{{ directadmin_debian8_packages }}"
+    when:
+    - ansible_distribution == 'Debian'
+    - ansible_distribution_release == 'jessie'

tasks/prerequisites-RedHat.yml

@@ -5,7 +5,7 @@
     update_cache: yes
     state: present
   with_items:
-  - "{{ directadmin_rhel_packages_generic }}"
+  - "{{ directadmin_rhel_generic_packages }}"
 
 - name: install everywhere but on CentOS7
   yum:
@@ -14,7 +14,9 @@
     state: present
   with_items:
   - "{{ directadmin_rhel_packages }}"
-  when: ansible_distribution not 'CentOS' and ansible_distribution_version|version_compare('ne', 7)
+  when:
+  - ansible_distribution not 'CentOS'
+  - ansible_distribution_version is version(7, 'ne')
 
 - name: install CentOS 7 specific requirements
   yum:
@@ -23,4 +25,6 @@
     state: present
   with_items:
   - "{{ directadmin_centos7_packages }}"
-  when: ansible_distribution == 'CentOS' and ansible_distribution_version|version_compare('=', 7)
+  when:
+  - ansible_distribution is 'CentOS'
+  - ansible_distribution_version is version(7, '=')

tasks/setup.yml

@@ -14,16 +14,15 @@
     src: .custombuild.j2
     dest: "{{ directadmin_setup_path }}/.custombuild"
 
-- name: check if DA is already running on host
-  uri:
-    url: http://localhost:2222
-    return_content: no
-  register: da_present
+- name: check if DA is already present on host
+  stat:
+    path: "{{ directadmin_config_path }}"
+  register: directadmin_present
 
 - name: toggle whether to install DA or not
   set_fact:
     directadmin_install: False
-  when: da_present.status == 200
+  when: directadmin_present.stat.exists == True
 
 - block:
   - name: ensure directadmin path if remote options file is used
@@ -54,6 +53,10 @@
     var: setup_output.stdout_lines
   when: directadmin_install
 
+- name: ensure Letsencrypt
+  include: letsencrypt.yml
+  when: directadmin_letsencrypt
+
 - debug:
     msg: "Directadmin is already installed and running, skipping.."
   when: not directadmin_install