From 97958e9c94fbe17b01b7b544830759d4d455c6d1 Mon Sep 17 00:00:00 2001
From: Christian Elberfeld <elberfeld@web.de>
Date: Tue, 25 Jul 2017 19:41:35 +0200
Subject: [PATCH] konfiguration unifi controller vorbereitet
---
warpsrvint/docker_unifi/tasks/main.yml | 92 ++++++++++++++++++++
warpsrvint/docker_unifi/templates/Dockerfile | 25 ++++++
2 files changed, 117 insertions(+)
create mode 100644 warpsrvint/docker_unifi/tasks/main.yml
create mode 100644 warpsrvint/docker_unifi/templates/Dockerfile
diff --git a/warpsrvint/docker_unifi/tasks/main.yml b/warpsrvint/docker_unifi/tasks/main.yml
new file mode 100644
index 00000000..732c69d0
--- /dev/null
+++ b/warpsrvint/docker_unifi/tasks/main.yml
@@ -0,0 +1,92 @@
+
+---
+# Einige Secrets sind auf dem Server lokal gespeichert und werden von dort gelesen
+# Auslesen der Dateien vom Server, zwischengespeicert wird in der Variable gitlab_secrets
+# Anschließend müssen die entsprechenden Einträge aus gitlab_secrets extrahiert werden
+# Die Daten, die von Slurp gelesen werden sind Base64 codiert
+# Zur Sicherheit werden Whitespace-Zeichen entfert, damit z.B. Zeilenumbrüche nicht übernommen werden
+
+- name: get secrets from server 1
+ slurp: src={{ item }}
+ with_items:
+ - /srv/ldap/secret/ldap_admin_pass
+ - /srv/ldap/secret/ldap_readonly_pass
+ register: ldap_secrets
+
+- name: get secrets from server 2
+ set_fact:
+ ldap_admin_pass: "{{ ldap_secrets.results | selectattr('item', 'equalto', '/srv/ldap/secret/ldap_admin_pass') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}"
+ ldap_readonly_pass: "{{ ldap_secrets.results | selectattr('item', 'equalto', '/srv/ldap/secret/ldap_readonly_pass') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}"
+
+- name: create folder struct for ldap
+ file:
+ path: "/srv/ldap"
+ state: "directory"
+
+- name: create folder struct for ldap
+ file:
+ path: "/srv/ldap/database"
+ state: "directory"
+
+- name: create folder struct for ldap
+ file:
+ path: "/srv/ldap/config"
+ state: "directory"
+
+- name: start ldap docker
+ docker_container:
+ name: ldap-service
+ image: osixia/openldap:1.1.6
+ hostname: ldap-service
+ state: started
+ restart_policy: always
+ volumes:
+ - /srv/ldap/database:/var/lib/ldap
+ - /srv/ldap/config:/etc/ldap/slapd.d
+ env:
+ LDAP_ORGANISATION: Warpzone
+ LDAP_DOMAIN: warpzone.ms
+ LDAP_ADMIN_PASSWORD: "{{ ldap_admin_pass }}"
+ LDAP_READONLY_USER: true
+ LDAP_READONLY_USER_USERNAME: readonly
+ LDAP_READONLY_USER_PASSWORD: "{{ ldap_readonly_pass }}"
+
+- name: start unifi docker
+ docker_container:
+ name: unifi-app
+ image: osixia/phpldapadmin:0.6.11
+ state: started
+ restart_policy: always
+ ports:
+ - 8080:8080
+ - 8443:8443
+ - 8081:8081
+ - 8843:8843
+ - 8880:8880
+ - 3478:3478
+ volumes:
+ - /srv/unifi/data:/var/lib/unifi
+ - /srv/unifi/log:/var/log/unifi
+ - /var/run/unifi:/var/run/unifi
+ - /usr/lib/unifi/data:/usr/lib/unifi/data
+
+
+
+
+
+ docker run --restart=always \
+ -p 8080:8080 \
+ -p 8443:8443 \
+ -p 8081:8081 \
+ -p 8843:8843 \
+ -p 8880:8880 \
+ -p 3478:3478 \
+ -v /var/lib/unifi:/var/lib/unifi \
+ -v /var/log/unifi:/var/log/unifi \
+ -v /var/run/unifi:/var/run/unifi \
+ -v /usr/lib/unifi/data:/usr/lib/unifi/data \
+ --name warp-control \
+ -d \
+ warp-control \
+ /run.sh
+
diff --git a/warpsrvint/docker_unifi/templates/Dockerfile b/warpsrvint/docker_unifi/templates/Dockerfile
new file mode 100644
index 00000000..e5c5c452
--- /dev/null
+++ b/warpsrvint/docker_unifi/templates/Dockerfile
@@ -0,0 +1,25 @@
+FROM debian:testing
+
+RUN apt-get -y update && apt-get -y upgrade
+
+#UBNT Source 5.X Controller Stream add to Source.list
+#https://help.ubnt.com/hc/en-us/articles/220066768
+RUN echo "deb http://www.ubnt.com/downloads/unifi/debian unifi5 ubiquiti">> /etc/apt/sources.list
+
+#needed Dependencys for Controller Instalation
+RUN echo "deb http://httpredir.debian.org/debian testing main contrib non-free" >> /etc/apt/sources.list
+
+#Add Key for Ubnt Source
+RUN apt-get -y install gnupg
+RUN apt-key adv --keyserver keyserver.ubuntu.com --recv C0A52C50
+RUN apt-get -y update
+
+#Installation of unifi 5.X Controller
+RUN apt-get -y install unifi
+
+ADD run.sh /run.sh
+RUN chmod 755 /run.sh
+
+VOLUME ["/var/lib/unifi", "/var/log/unifi", "/var/run/unifi", "/usr/lib/unifi/data"]
+
+CMD ["/bin/bash"]
--
GitLab