konfiguration unifi controller vorbereitet

97958e9c · void · e278589f · 97958e9c · 97958e9c
Commit 97958e9c authored 7 years ago by void
--- a/warpsrvint/docker_unifi/tasks/main.yml
+++ b/warpsrvint/docker_unifi/tasks/main.yml
+---
+# Einige Secrets sind auf dem Server lokal gespeichert und werden von dort gelesen 
+# Auslesen der Dateien vom Server, zwischengespeicert wird in der Variable gitlab_secrets 
+# Anschließend müssen die entsprechenden Einträge aus gitlab_secrets extrahiert werden  
+# Die Daten, die von Slurp gelesen werden sind Base64 codiert 
+# Zur Sicherheit werden Whitespace-Zeichen entfert, damit z.B. Zeilenumbrüche nicht übernommen werden 
+- name: get secrets from server 1
+  slurp: src={{ item }}
+  with_items:
+    - /srv/ldap/secret/ldap_admin_pass
+    - /srv/ldap/secret/ldap_readonly_pass
+  register: ldap_secrets
+- name: get secrets from server 2
+  set_fact: 
+    ldap_admin_pass: "{{ ldap_secrets.results | selectattr('item', 'equalto', '/srv/ldap/secret/ldap_admin_pass') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
+    ldap_readonly_pass: "{{ ldap_secrets.results | selectattr('item', 'equalto', '/srv/ldap/secret/ldap_readonly_pass') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
+- name: create folder struct for ldap
+  file: 
+    path: "/srv/ldap" 
+    state: "directory"
+- name: create folder struct for ldap
+  file: 
+    path: "/srv/ldap/database" 
+    state: "directory"
+- name: create folder struct for ldap
+  file: 
+    path: "/srv/ldap/config" 
+    state: "directory"
+- name: start ldap docker
+  docker_container: 
+    name: ldap-service
+    image: osixia/openldap:1.1.6
+    hostname: ldap-service
+    state: started
+    restart_policy: always
+    volumes:
+      - /srv/ldap/database:/var/lib/ldap
+      - /srv/ldap/config:/etc/ldap/slapd.d
+    env:
+      LDAP_ORGANISATION: Warpzone
+      LDAP_DOMAIN: warpzone.ms
+      LDAP_ADMIN_PASSWORD: "{{ ldap_admin_pass }}" 
+      LDAP_READONLY_USER: true
+      LDAP_READONLY_USER_USERNAME: readonly
+      LDAP_READONLY_USER_PASSWORD: "{{ ldap_readonly_pass }}"
+- name: start unifi docker
+  docker_container: 
+    name: unifi-app
+    image: osixia/phpldapadmin:0.6.11
+    state: started
+    restart_policy: always
+    ports:
+      - 8080:8080 
+      - 8443:8443 
+      - 8081:8081 
+      - 8843:8843 
+      - 8880:8880 
+      - 3478:3478 
+    volumes:
+      - /srv/unifi/data:/var/lib/unifi 
+      - /srv/unifi/log:/var/log/unifi 
+      - /var/run/unifi:/var/run/unifi 
+      - /usr/lib/unifi/data:/usr/lib/unifi/data 
+ docker run --restart=always \
+        -p 8080:8080 \
+        -p 8443:8443 \
+        -p 8081:8081 \
+        -p 8843:8843 \
+        -p 8880:8880 \
+        -p 3478:3478 \
+        -v /var/lib/unifi:/var/lib/unifi \
+        -v /var/log/unifi:/var/log/unifi \
+        -v /var/run/unifi:/var/run/unifi \
+        -v /usr/lib/unifi/data:/usr/lib/unifi/data \
+        --name warp-control \
+        -d \
+        warp-control \
+         /run.sh
--- a/warpsrvint/docker_unifi/templates/Dockerfile
+++ b/warpsrvint/docker_unifi/templates/Dockerfile
+FROM debian:testing
+RUN apt-get -y update && apt-get -y upgrade
+#UBNT Source 5.X Controller Stream add to Source.list
+#https://help.ubnt.com/hc/en-us/articles/220066768
+RUN echo "deb http://www.ubnt.com/downloads/unifi/debian unifi5 ubiquiti">> /etc/apt/sources.list
+#needed Dependencys for Controller Instalation
+RUN echo "deb http://httpredir.debian.org/debian testing main contrib non-free" >> /etc/apt/sources.list
+#Add Key for Ubnt Source
+RUN apt-get -y install gnupg
+RUN apt-key adv --keyserver keyserver.ubuntu.com --recv C0A52C50
+RUN apt-get -y update
+#Installation of unifi 5.X Controller
+RUN apt-get  -y install unifi
+ADD run.sh /run.sh
+RUN chmod 755 /run.sh
+VOLUME ["/var/lib/unifi", "/var/log/unifi", "/var/run/unifi", "/usr/lib/unifi/data"]
+CMD ["/bin/bash"]