webarch-kimai/tasks/install.yml

---
- name: Install Kimai
  block:

    - name: Private directory present
      ansible.builtin.file:
        path: "{{ kimai_private }}"
        state: directory
        owner: "{{ kimai_user }}"
        group: "{{ kimai_group | default(kimai_user) }}"
        mode: "0700"

    - name: GitHub GPG key present
      ansible.builtin.copy:
        src: files/github.asc
        dest: "{{ kimai_private }}/github.asc"
        mode: "0600"
      become: true
      become_user: "{{ kimai_user }}"

    - name: GitHub GPG public key imported
      ansible.builtin.command: "gpg --import {{ kimai_private }}/github.asc"
      register: kimai_gpg_import
      changed_when: '"not changed" not in kimai_gpg_import.stderr'
      check_mode: false
      become: true
      become_user: "{{ kimai_user }}"

    - name: Add Kimai console to PATH in ~/.bashrc
      ansible.builtin.lineinfile:
        path: "{{ kimai_home }}/.bashrc"
        line: 'export PATH="{{ kimai_docroot | dirname }}/bin:${HOME}/bin:${PATH}"'
        regexp: '^export PATH='
        create: true
        owner: "{{ kimai_user }}"
        group: "{{ kimai_group | default(kimai_user) }}"
        mode: "0600"

    - name: DocumentRoot public directory absent
      ansible.builtin.file:
        path: "{{ kimai_docroot }}"
        state: absent

    - name: Kimai git repo present
      ansible.builtin.git:
        repo: https://github.com/kimai/kimai.git
        dest: "{{ kimai_docroot | dirname }}"
        version: "{{ kimai_version }}"
        depth: 1
        clone: true
        update: true
        force: true
        verify_commit: true
      become: true
      become_user: "{{ kimai_user }}"

    - name: Composer install
      community.general.composer:
        command: install
        working_dir: "{{ kimai_docroot | dirname }}"
        optimize_autoloader: true
        no_dev: true
      become: true
      become_user: "{{ kimai_user }}"

    - name: Kimai app secret present
      ansible.builtin.shell: "pwgen -n 75 1 > {{ kimai_docroot | dirname }}/app_secret.txt"
      args:
        creates: "{{ kimai_docroot | dirname }}/app_secret.txt"
      become: true
      become_user: "{{ kimai_user }}"

    - name: Slurp a base64 encoded version of the app secret
      ansible.builtin.slurp:
        src: "{{ kimai_docroot | dirname }}/app_secret.txt"
      register: kimai_app_secret_b64encoded

    - name: Decode and set a fact based on the app secret file contents
      ansible.builtin.set_fact:
        kimai_app_secret: "{{ kimai_app_secret_b64encoded['content'] | b64decode | trim }}"

    - name: The .env file is present
      ansible.builtin.template:
        src: templates/env.j2
        dest: "{{ kimai_docroot | dirname }}/.env"
        owner: "{{ kimai_user }}"
        group: "{{ kimai_group | default(kimai_user) }}"
        mode: "0640"

    - name: The local.yaml file is present
      ansible.builtin.template:
        src: local.yaml.j2
        dest: "{{ kimai_docroot | dirname }}/config/packages/local.yaml"
        owner: "{{ kimai_user }}"
        group: "{{ kimai_group | default(kimai_user) }}"
        mode: "0640"

    - name: Install Kimai
      ansible.builtin.command: bin/console --no-ansi -n kimai:install
      args:
        chdir: "{{ kimai_docroot | dirname }}"
      become: true
      become_user: "{{ kimai_user }}"
      changed_when: true
      register: kimai_install

    - name: Create the admin super user
      block:

        - name: "Random password generated for {{ kimai_admin_user }}"
          ansible.builtin.command: pwgen -n 20 1
          check_mode: false
          changed_when: false
          register: kimai_admin_pwgen

        - name: Set a fact for kimai_admin_password
          ansible.builtin.set_fact:
            kimai_admin_password: "{{ kimai_admin_pwgen.stdout | trim | quote }}"

        - name: Create admin user account
          ansible.builtin.command: "bin/console --no-ansi -n kimai:user:create {{ kimai_admin_user | quote }} {{ kimai_admin_email | quote }} ROLE_SUPER_ADMIN {{ kimai_admin_password }}"
          args:
            chdir: "{{ kimai_docroot | dirname }}"
          changed_when: true
          register: kimai_create_user

        - name: "Password notification email sent to {{ kimai_admin_email }}"
          community.general.mail:
            from: "{{ kimai_notify_from | default('Webarchitects') }} <root@{{ inventory_hostname }}>"
            to: "{{ kimai_admin_email }}"
            subject: "[{{ kimai_notify_subject_tag | default('webarchitects') }}] Kimai admin login for {{ kimai_url }}"
            headers: "{{ kimai_notify_headers }}"
            charset: us-ascii
            body: "{{ lookup('template', 'templates/install_email.j2') }}"
            host: localhost
            port: 25
            secure: never
          when: ( kimai_notify is not defined ) or ( kimai_notify )

      when: ( kimai_admin_user is defined ) and ( kimai_admin_email is defined )
      tags:
        - kimai

    - name: Update the kimai_installed variable
      ansible.builtin.include_tasks: version.yml

  tags:
    - kimai
...