bugzilla/ansible/roles/bugzilla/tasks/deploy-bugzilla.yml

---
-
    name: Include OS-specific variables
    include_vars: "{{ ansible_os_family }}.yml"

-
    name: Ensure install directory exists
    file:
        path: "{{ install_dir }}"
        state: directory
        mode: "0755"

-
    name: Install Bugzilla Perl dependencies
    apt:
        name: "{{ bugzilla_packages }}"
        state: present
        update_cache: yes

-
    name: Enable Apache modules for Bugzilla
    community.general.apache2_module:
        name: "{{ item }}"
        state: present
    loop:
        - cgid
        - expires
        - auth_openidc
    notify: reload apache

-
    name: Deploy docker-compose file
    template:
        src: docker-compose.yml.j2
        dest: "{{ install_dir }}/docker-compose.yml"

-
    name: Start bugzilla database
    include_role:
        name: docker
        tasks_from: start-compose
    vars:
        compose_project_dir: "{{ install_dir }}"

-
    name: Download Bugzilla
    unarchive:
        src: "{{ bugzilla_download_url }}"
        dest: "{{ install_dir }}"
        remote_src: yes
        creates: "{{ install_dir }}/bugzilla-{{ version }}"

-
    name: Symlink versioned directory to bugzilla_dir
    file:
        src: "{{ install_dir }}/bugzilla-{{ version }}"
        dest: "{{ bugzilla_dir }}"
        state: link
    when: bugzilla_dir != install_dir + '/bugzilla-' + version

-
    name: Deploy localconfig
    template:
        src: localconfig.j2
        dest: "{{ bugzilla_dir }}/localconfig"
        mode: "0640"
        group: www-data

-
    name: Deploy checksetup answers file
    template:
        src: checksetup-answers.j2
        dest: "{{ install_dir }}/checksetup-answers.pl"
        mode: "0600"

-
    name: Wait for PostgreSQL to be ready
    wait_for:
        host: 127.0.0.1
        port: "{{ db_port }}"
        delay: 2
        timeout: 30

-
    name: Run Bugzilla checksetup
    command:
        cmd: "perl checksetup.pl {{ install_dir }}/checksetup-answers.pl"
        chdir: "{{ bugzilla_dir }}"
    register: checksetup_result
    retries: 3
    delay: 5
    until: checksetup_result.rc == 0

-
    name: Run Bugzilla checksetup again to generate params.json
    command:
        cmd: "perl checksetup.pl {{ install_dir }}/checksetup-answers.pl"
        chdir: "{{ bugzilla_dir }}"
        creates: "{{ bugzilla_dir }}/data/params.json"

-
    name: Configure Bugzilla Env auth login class
    replace:
        path: "{{ bugzilla_dir }}/data/params.json"
        regexp: '"user_info_class"\s*:\s*"CGI"'
        replace: '"user_info_class" : "Env,CGI"'
    when: oauth_client_id is defined

-
    name: Configure Bugzilla Env auth email variable
    replace:
        path: "{{ bugzilla_dir }}/data/params.json"
        regexp: '"auth_env_email"\s*:\s*""'
        replace: '"auth_env_email" : "OIDC_CLAIM_email"'
    when: oauth_client_id is defined

-
    name: Configure Bugzilla Env auth realname variable
    replace:
        path: "{{ bugzilla_dir }}/data/params.json"
        regexp: '"auth_env_realname"\s*:\s*""'
        replace: '"auth_env_realname" : "OIDC_CLAIM_name"'
    when: oauth_client_id is defined

-
    name: Deploy OIDC login redirect page
    copy:
        src: oidc-login.html
        dest: "{{ bugzilla_dir }}/oidc-login.html"
        owner: www-data
        group: www-data
    when: oauth_client_id is defined

-
    name: Ensure custom template directory exists
    file:
        path: "{{ bugzilla_dir }}/template/en/custom/global"
        state: directory
        owner: www-data
        group: www-data
    when: oauth_client_id is defined

-
    name: Deploy custom templates
    template:
        src: custom-common-links.html.tmpl.j2
        dest: "{{ bugzilla_dir }}/template/en/custom/global/common-links.html.tmpl"
        owner: www-data
        group: www-data
    when: oauth_client_id is defined

-
    name: Set Bugzilla file ownership
    file:
        path: "{{ install_dir }}/bugzilla-{{ version }}"
        state: directory
        owner: www-data
        group: www-data
        recurse: yes

-
    name: Deploy bugzilla vhost
    template:
        src: bugzilla-vhost.conf.j2
        dest: "{{ apache_sites_available }}/bugzilla.conf"
    notify: reload apache

-
    name: Enable bugzilla site
    command: "{{ apache_enable_site_cmd }} bugzilla"
    args:
        creates: "{{ apache_sites_enabled }}/bugzilla.conf"
    notify: reload apache

-
    name: Deploy bugzilla backup script
    include_role:
        name: docker
        tasks_from: deploy-backup
    vars:
        backup_name: bugzilla
        backup_hook_dir: /etc/restic/pre-backup.d
        backup_volumes:
            - bugzilla_postgres_data
        backup_files:
            - "{{ install_dir }}/docker-compose.yml"
            - "{{ bugzilla_dir }}/localconfig"