106 lines
3 KiB
YAML
106 lines
3 KiB
YAML
---
|
|
- name: install dependencies
|
|
become: true
|
|
ansible.builtin.apt:
|
|
update_cache: true
|
|
force_apt_get: true
|
|
state: present
|
|
cache_valid_time: 3600
|
|
pkg:
|
|
- build-essential
|
|
- git
|
|
- libffi-dev
|
|
- libssl-dev
|
|
- libxslt-dev
|
|
- pkgconf
|
|
- python3-babel
|
|
- python3-dev
|
|
- python3-virtualenv
|
|
- python3-yaml
|
|
- zlib1g-dev
|
|
- name: gather facts
|
|
ansible.builtin.include_tasks: gather_facts.yml
|
|
- name: create service group
|
|
become: true
|
|
ansible.builtin.group:
|
|
name: '{{ searxng_group }}'
|
|
system: true
|
|
state: present
|
|
- name: create service user
|
|
become: true
|
|
ansible.builtin.user:
|
|
name: '{{ searxng_user }}'
|
|
group: '{{ searxng_group }}'
|
|
shell: '/usr/bin/bash'
|
|
home: '{{ searxng_install_dir }}'
|
|
create_home: true
|
|
system: true
|
|
state: present
|
|
- name: mark git repository as safe
|
|
become: true
|
|
ansible.builtin.shell: >
|
|
git config --global --get safe.directory {{ searxng_git_dir }} ||
|
|
git config --global --add safe.directory {{ searxng_git_dir }}
|
|
- name: clone repository
|
|
become: true
|
|
ansible.builtin.git:
|
|
repo: '{{ searxng_git_repository }}'
|
|
dest: '{{ searxng_git_dir }}'
|
|
single_branch: true
|
|
version: '{{ searxng_git_version }}'
|
|
- name: setup virtualenv
|
|
become: true
|
|
ansible.builtin.pip:
|
|
requirements: '{{ searxng_git_dir }}/requirements.txt'
|
|
virtualenv: '{{ searxng_install_dir }}/.venv'
|
|
virtualenv_site_packages: true
|
|
extra_args: '--use-pep517 --no-build-isolation -e {{ searxng_git_dir }}'
|
|
- name: set ownership
|
|
become: true
|
|
ansible.builtin.file:
|
|
path: '{{ searxng_install_dir }}'
|
|
owner: '{{ searxng_user }}'
|
|
group: '{{ searxng_group }}'
|
|
mode: 'u=rwX,g=rX,o='
|
|
recurse: yes
|
|
follow: false
|
|
- name: setup shell environment
|
|
become: true
|
|
ansible.builtin.lineinfile:
|
|
path: '{{ searxng_install_dir }}/.profile'
|
|
line: 'source {{ searxng_install_dir }}/.venv/bin/activate'
|
|
search_string: 'source {{ searxng_install_dir }}/.venv/bin/activate'
|
|
create: true
|
|
mode: '0640'
|
|
owner: '{{ searxng_user }}'
|
|
group: '{{ searxng_group }}'
|
|
state: present
|
|
- name: setup configuration file
|
|
become: true
|
|
ansible.builtin.template:
|
|
src: '../templates/settings.yml.j2'
|
|
dest: '{{ searxng_install_dir }}/settings.yml'
|
|
owner: '{{ searxng_user }}'
|
|
group: '{{ searxng_group }}'
|
|
mode: 'u=rw,g=r,o='
|
|
- name: setup limiter configuration
|
|
become: true
|
|
when: (searxng_conf_server_limiter | default(True, True)) is truthy
|
|
ansible.builtin.template:
|
|
src: '../templates/limiter.toml.j2'
|
|
dest: '{{ searxng_install_dir }}/limiter.toml'
|
|
owner: '{{ searxng_user }}'
|
|
group: '{{ searxng_group }}'
|
|
mode: 'u=rw,g=r,o='
|
|
- name: setup backend
|
|
ansible.builtin.include_tasks: 'backend_{{ searxng_backend }}_setup.yml'
|
|
- name: fix permissions
|
|
become: true
|
|
ansible.builtin.file:
|
|
path: '{{ searxng_git_dir }}'
|
|
owner: '{{ searxng_user }}'
|
|
group: '{{ searxng_group }}'
|
|
recurse: true
|
|
state: directory
|
|
- name: flush handlers
|
|
ansible.builtin.meta: flush_handlers
|