feat: ansible role to download and install mcaptcha

This commit is contained in:
Aravinth Manivannan 2023-12-09 02:55:18 +05:30
parent eb586633ec
commit c8a34a6e7b
Signed by: realaravinth
GPG key ID: F8F50389936984FF
3 changed files with 150 additions and 0 deletions

View file

@ -0,0 +1,7 @@
- name: restart mcaptcha
listen: restart mcaptcha
become: true
ansible.builtin.service:
name: mcaptcha
enabled: true
state: restarted

View file

@ -0,0 +1,82 @@
# SPDX-FileCopyrightText: 2023 Aravinth Manivannan <realaravinth@batsense.net>
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- name: Create mCaptcha systemd user
become: true
ansible.builtin.user:
name: mcaptcha
state: present
system: true
comment: mCaptcha systemd user
- name: Create download dir
ansible.builtin.file:
path: /tmp/mcaptcha-dl
state: directory
mode: "0755"
- name: Download binary
ansible.builtin.get_url:
url: https://dl.mcaptcha.org/mcaptcha/mCaptcha/master/mcaptcha-master-linux-amd64.tar.gz
dest: /tmp/mcaptcha-dl
checksum: sha256:https://dl.mcaptcha.org/mcaptcha/mCaptcha/master/mcaptcha-master-linux-amd64.tar.gz.sha256
- name: Extract mcaptcha-master-linux-amd64.tar.gz into /var/lib/foo
ansible.builtin.unarchive:
src: /tmp/mcaptcha-dl/mcaptcha-master-linux-amd64.tar.gz
remote_src: true
dest: /tmp/mcaptcha-dl/
- name: Install binary
become: true
notify: restart mcaptcha
ansible.builtin.copy:
src: /tmp/mcaptcha-dl/mcaptcha-master-linux-amd64/mcaptcha
remote_src: true
dest: /usr/local/bin/mcaptcha
owner: root
group: root
force: true
mode: "0755"
- name: Copy mCaptcha systemd servicefile
become: true
ansible.builtin.copy:
src: ./artifacts/mcaptcha/mcaptcha.service
dest: /etc/systemd/system/
owner: root
group: root
force: true
mode: "0777"
- name: Create mCaptcha config dir
become: true
ansible.builtin.file:
path: /etc/mcaptcha
state: directory
mode: "0755"
- name: Copy mCaptcha systemd servicefile
become: true
notify: restart mcaptcha
ansible.builtin.template:
src: ./templates/mcaptcha/config.toml.j2
dest: /etc/mcaptcha/config.toml
owner: root
group: root
force: true
mode: "0644"
- name: Run mCaptcha as a systemd service
become: true
ansible.builtin.systemd_service:
name: mcaptcha
daemon_reload: true
state: started
enabled: true
- name: Delete download dir
ansible.builtin.file:
path: /tmp/mcaptcha-dl
state: absent

View file

@ -0,0 +1,61 @@
mcaptcha_debug: false
# mcaptcha_source_code: 'https://github.com/mCaptcha/mCaptcha'
mcaptcha_commercial: false
mcaptcha_allow_demo: false
mcaptcha_allow_registration: false
# Please set a unique value, your mCaptcha instance's security depends on this being
# unique
mcaptcha_server_cookie_secret: "{{ lookup('ansible.builtin.password', 'credentials/mcaptcha_server_cookie_secret', chars=['ascii_leters', 'digits'], length=32) }}"
mcaptcha_server_port: 7000
mcaptcha_server_bind: "127.0.0.1"
mcaptcha_server_hostname: "mcaptcha.local"
# Set true if you have setup TLS with a reverse proxy like Nginx.
# Does HTTPS redirect and sends additional headers that can only be used if
# HTTPS available to improve security
#mcaptcha_proxy_has_tls: false
# Please set a unique value, your mCaptcha instance's security depends on this being
# unique
mcaptcha_captcha_salt: "{{ lookup('ansible.builtin.password', 'credentials/mcaptcha_captha_salt', chars=['ascii_leters', 'digits'], length=32) }}"
# garbage collection period to manage mCaptcha system
# leave untouched if you don't know what you are doing
# mcaptcha_captcha_gc: 30
# mcaptcha_captcha_runners: 4
# mcaptcha_captcha_queue_length: 2000
mcaptcha_captcha_enable_stats: true
#mcaptcha_captcha_default_difficulty_strategy_avg_traffic_difficulty: 50000 # almost instant solution
#mcaptcha_captcha_default_difficulty_strategy_peak_sustainable_traffic_difficulty: 3000000 # roughly 1.5s
#mcaptcha_captcha_default_difficulty_strategy_broke_my_site_traffic_difficulty: 5000000 # greater than 3.5s
# cooldown period in seconds
mcaptcha_captcha_default_difficulty_strategy_avg_duration: 30
#{% if database_type == 'postgres' %}
# {% set mcaptcha_database_url = "postgres://{{ database_owner }}:{{ database_password }}@localhost:5432/{{ database_name }}" %}
#{% else %}
# {% set mcaptcha_database_url = "mysql://{{ database_owner }}:{{ database_password }}@localhost/{{ database_name }}" %}
#{% endif %}
#mcaptcha_database_url: "mysql://{{ database_owner }}:{{ database_password }}@localhost/{{ database_name }}"
#mcaptcha_database_url: "postgres://{{ database_owner }}:{{ database_password }}@localhost:5432/{{ database_name }}"
# mysql://mcaptcha:password@localhost/mcaptcha"
mcaptcha_database_pool: 4
#mcaptcha_database_url: "{{ mcaptcha_database_url }}"
mcaptcha_redis_url: "redis://127.0.0.1"
mcaptcha_redis_pool: 4
mcaptcha_redis_url: "redis://127.0.0.1"
mcaptcha_redis_pool: 4
mcaptcha_smtp_from: "admin@localhost"
mcaptcha_smtp_reply: "admin@localhost"
mcaptcha_smtp_url: "127.0.0.1"
mcaptcha_smtp_port: 10025
mcaptcha_smtp_username: "admin"
mcaptcha_smtp_password: "password"
#[survey]
#nodes = ["http://localhost:7001"]
#rate_limit = 10 # upload every hour
#instance_root_url = "http://localhost:7000"