├── .gitignore ├── requirements.txt ├── tests ├── inventory └── test.yml ├── templates └── .custombuild.j2 ├── tasks ├── main.yml ├── prerequisites.yml ├── prerequisites-RedHat.yml ├── letsencrypt.yml ├── prerequisites-Debian.yml └── setup.yml ├── handlers └── main.yml ├── meta └── main.yml ├── .travis.yml ├── LICENSE ├── README.md └── defaults └── main.yml /.gitignore: -------------------------------------------------------------------------------- 1 | .idea -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | ansible -------------------------------------------------------------------------------- /tests/inventory: -------------------------------------------------------------------------------- 1 | localhost -------------------------------------------------------------------------------- /templates/.custombuild.j2: -------------------------------------------------------------------------------- 1 | {{ directadmin_custombuild_version }} -------------------------------------------------------------------------------- /tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - include: prerequisites.yml 3 | - include: setup.yml 4 | -------------------------------------------------------------------------------- /tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - ansible-directadmin -------------------------------------------------------------------------------- /handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart directadmin 3 | service: 4 | name: directadmin 5 | state: restarted 6 | -------------------------------------------------------------------------------- /meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | galaxy_info: 3 | author: Gerben Geijteman 4 | description: Deploy DirectAdmin with Ansible 5 | company: Hyperized Hosting 6 | license: MIT 7 | min_ansible_version: 2.5 8 | platforms: 9 | - name: EL 10 | versions: 11 | - all 12 | - name: Fedora 13 | versions: 14 | - all 15 | - name: Debian 16 | versions: 17 | - jessie 18 | - squeeze 19 | - wheezy 20 | - stretch 21 | galaxy_tags: 22 | - system 23 | - web 24 | - directadmin 25 | dependencies: [] -------------------------------------------------------------------------------- /tasks/prerequisites.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # Ensure all variables are present to start with: 3 | - name: verify all required variables are set 4 | fail: 5 | msg: "Variable: '{{ item }}' is not defined!" 6 | when: "{{ item }} is undefined or {{ item }} is none" 7 | with_items: 8 | - directadmin_client_id 9 | - directadmin_license_id 10 | - directadmin_hostname 11 | 12 | # Ensure prerequisites are installed for supported OS 13 | - include: prerequisites-Debian.yml 14 | when: ansible_os_family == 'Debian' 15 | 16 | - include: prerequisites-RedHat.yml 17 | when: ansible_os_family == 'RedHat' 18 | 19 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: python 3 | python: "2.7" 4 | 5 | # Use the new container infrastructure 6 | sudo: false 7 | 8 | # Install ansible 9 | addons: 10 | apt: 11 | packages: 12 | - python-pip 13 | 14 | install: 15 | # Install requirements 16 | - pip install -r requirements.txt -U 17 | 18 | # Check ansible version 19 | - ansible --version 20 | 21 | # Create ansible.cfg with correct roles_path 22 | - printf '[defaults]\nroles_path=../' >ansible.cfg 23 | 24 | script: 25 | # Basic role syntax check 26 | - ansible-playbook tests/test.yml -i tests/inventory --syntax-check 27 | 28 | notifications: 29 | webhooks: 30 | - https://galaxy.ansible.com/api/v1/notifications/ -------------------------------------------------------------------------------- /tasks/prerequisites-RedHat.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: install dependencies for RHEL, Fedora & CentOS 3 | yum: 4 | name: "{{ item }}" 5 | update_cache: yes 6 | state: present 7 | with_items: 8 | - "{{ directadmin_rhel_generic_packages }}" 9 | 10 | - name: install everywhere but on CentOS7 11 | yum: 12 | name: "{{ item }}" 13 | update_cache: yes 14 | state: present 15 | with_items: 16 | - "{{ directadmin_rhel_packages }}" 17 | when: 18 | - ansible_distribution not 'CentOS' 19 | - ansible_distribution_version is version(7, 'ne') 20 | 21 | - name: install CentOS 7 specific requirements 22 | yum: 23 | name: "{{ item }}" 24 | update_cache: yes 25 | state: present 26 | with_items: 27 | - "{{ directadmin_centos7_packages }}" 28 | when: 29 | - ansible_distribution is 'CentOS' 30 | - ansible_distribution_version is version(7, '=') 31 | -------------------------------------------------------------------------------- /tasks/letsencrypt.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: execute LetsEncrypt setup script 3 | command: letsencrypt.sh request_single {{ directadmin_hostname }} 4096 4 | args: 5 | chdir: /usr/local/directadmin/scripts/ 6 | register: directadmin_letsencrypt_output 7 | 8 | - debug: 9 | var: directadmin_letsencrypt_output.stdout_lines 10 | 11 | - name: enable SSL with LetsEncrypt for DirectAdmin 12 | lineinfile: 13 | path: directadmin_config_path 14 | regexp: item.regexp 15 | line: item.line 16 | with_items: 17 | - { regexp: '^SSL\=0' , line: 'SSL=1' } 18 | - { regexp: '^carootcert=' , line: 'carootcert=/usr/local/directadmin/conf/carootcert.pem' } 19 | - { regexp: '^force_hostname=' , line: "force_hostname={{ directadmin_hostname }}" } 20 | - { regexp: '^ssl_redirect_host=' , line: "ssl_redirect_host={{ directadmin_hostname }}" } 21 | - { regexp: '^letsencrypt=' , line: "letsencrypt=1" } 22 | notify: 23 | - restart directadmin -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2016 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /tasks/prerequisites-Debian.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install dependencies for Debian 6 Squeeze 3 | apt: 4 | name: "{{ item }}" 5 | update_cache: yes 6 | cache_valid_time: "{{ directadmin_cache_timeout }}" 7 | state: present 8 | with_items: 9 | - "{{ directadmin_debian6_packages }}" 10 | when: 11 | - ansible_distribution == 'Debian' 12 | - ansible_distribution_release == 'squeeze' 13 | 14 | - name: Install dependencies for Debian 7 Wheezy 15 | apt: 16 | name: "{{ item }}" 17 | update_cache: yes 18 | cache_valid_time: "{{ directadmin_cache_timeout }}" 19 | state: present 20 | with_items: 21 | - "{{ directadmin_debian7_packages }}" 22 | when: 23 | - ansible_distribution == 'Debian' 24 | - ansible_distribution_release == 'wheezy' 25 | 26 | - name: Install dependencies for Debian 8 Jessie 27 | apt: 28 | name: "{{ item }}" 29 | update_cache: yes 30 | cache_valid_time: "{{ directadmin_cache_timeout }}" 31 | state: present 32 | with_items: 33 | - "{{ directadmin_debian9_packages }}" 34 | when: 35 | - ansible_distribution == 'Debian' 36 | - ansible_distribution_release == 'jessie' 37 | 38 | - name: Install dependencies for Debian 9 Stretch 39 | apt: 40 | name: "{{ item }}" 41 | update_cache: yes 42 | cache_valid_time: "{{ directadmin_cache_timeout }}" 43 | state: present 44 | with_items: 45 | - "{{ directadmin_debian8_packages }}" 46 | when: 47 | - ansible_distribution == 'Debian' 48 | - ansible_distribution_release == 'jessie' 49 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | Ansible-directadmin 2 | ========= 3 | 4 | [![Build Status](https://travis-ci.org/hyperized/ansible-directadmin.svg?branch=master)](https://travis-ci.org/hyperized/ansible-directadmin) 5 | 6 | Deploy [DirectAdmin](https://directadmin.com/) with Ansible 7 | 8 | Requirements 9 | ------------ 10 | 11 | - A DirectAdmin license is required. 12 | - A clean machine is required. DirectAdmin will actively overwrite existing packages. 13 | - A publicly reachable IP is required. 14 | - Root access to the target machine is required. For details, read: [Step 3](https://www.directadmin.com/installguide.php) 15 | 16 | Ansible 2.1 is highly recommended. 17 | 18 | Role Variables 19 | -------------- 20 | 21 | Its recommended that you use either the `group_vars` / `host_vars` to set the required variables per server: 22 | 23 | directadmin_client_id: 24 | directadmin_license_id: 25 | directadmin_hostname: # Optional, will be obtained from server 26 | directadmin_ip_address: # Optional, will be obtained from server 27 | 28 | If you wish to use a custom custombuild configuration, please configure: 29 | 30 | directadmin_custombuild_options_conf: http://yourdomain.com/options.conf 31 | 32 | Dependencies 33 | ------------ 34 | 35 | As of present there are no dependent roles. (They may be added later) 36 | 37 | Recommended to have installed on your server are: 38 | 39 | - Firewall 40 | - SSH protection (Fail2Ban) 41 | - Kernel hardening 42 | 43 | FreeBSD support may be added later. 44 | 45 | Example Playbook 46 | ---------------- 47 | 48 | - hosts: servers 49 | become: yes 50 | roles: 51 | - { role: hyperized.directadmin } 52 | 53 | License 54 | ------- 55 | 56 | MIT 57 | 58 | Author Information 59 | ------------------ 60 | 61 | Gerben Geijteman 62 | -------------------------------------------------------------------------------- /tasks/setup.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: obtain setup.sh script 3 | get_url: 4 | url: "{{ directadmin_setup_url }}" 5 | dest: "{{ directadmin_setup_path }}/" 6 | 7 | - name: ensure proper permissions on setup.sh 8 | file: 9 | path: "{{ directadmin_setup_path }}/setup.sh" 10 | mode: 0755 11 | 12 | - name: ensure custombuild version is set 13 | template: 14 | src: .custombuild.j2 15 | dest: "{{ directadmin_setup_path }}/.custombuild" 16 | 17 | - name: check if DA is already present on host 18 | stat: 19 | path: "{{ directadmin_config_path }}" 20 | register: directadmin_present 21 | 22 | - name: toggle whether to install DA or not 23 | set_fact: 24 | directadmin_install: False 25 | when: directadmin_present.stat.exists == True 26 | 27 | - block: 28 | - name: ensure directadmin path if remote options file is used 29 | file: 30 | path: "{{ directadmin_custombuild_path }}" 31 | recurse: yes 32 | state: directory 33 | 34 | - name: try remote custombuild options file 35 | get_url: 36 | url: "{{ directadmin_custombuild_options_conf }}" 37 | dest: "{{ directadmin_custombuild_path }}/options.conf" 38 | 39 | when: directadmin_custombuild_options_conf is defined and directadmin_custombuild_options_conf is not none 40 | 41 | # https://youtu.be/b00j4WblrzA?t=238 42 | 43 | - debug: 44 | msg: "This is a good time for a coffee break - https://xkcd.com/303/" 45 | when: directadmin_install 46 | 47 | - name: run setup 48 | command: "{{ directadmin_setup_path }}/setup.sh {{ directadmin_client_id }} {{ directadmin_license_id }} {{ directadmin_hostname }} {{ directadmin_ethernet_device }} {{ directadmin_ip_address | default( hostvars[inventory_hostname]['ansible_' + directadmin_ethernet_device]['ipv4']['address'] ) }}" 49 | register: setup_output 50 | when: directadmin_install 51 | 52 | - debug: 53 | var: setup_output.stdout_lines 54 | when: directadmin_install 55 | 56 | - name: ensure Letsencrypt 57 | include: letsencrypt.yml 58 | when: directadmin_letsencrypt 59 | 60 | - debug: 61 | msg: "Directadmin is already installed and running, skipping.." 62 | when: not directadmin_install 63 | -------------------------------------------------------------------------------- /defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # Directadmin automated setup - http://help.directadmin.com/item.php?id=578 3 | directadmin_install: True 4 | directadmin_setup_url: http://www.directadmin.com/setup.sh 5 | directadmin_setup_path: /root 6 | # directadmin_client_id: 7 | # directadmin_license_id: 8 | # directadmin_hostname: # Optional, will be obtained from server 9 | # directadmin_ip_address: # Optional, will be obtained from server 10 | directadmin_ethernet_device: eth0 11 | directadmin_custombuild_options_conf: # like http://yourdomain.com/options.conf 12 | directadmin_custombuild_version: 2.0 13 | directadmin_path: /usr/local/directadmin/ 14 | directadmin_config_path: "{{ directadmin_path }}conf/directadmin.conf" 15 | directadmin_custombuild_path: "{{ directadmin_path }}custombuild" 16 | directadmin_cache_timeout: 3600 17 | directadmin_letsencrypt: True 18 | 19 | # Packages - http://help.directadmin.com/item.php?id=354 20 | directadmin_debian6_packages: 21 | - gcc 22 | - g++ 23 | - make 24 | - flex 25 | - bison 26 | - openssl 27 | - libssl-dev 28 | - perl 29 | - perl-base 30 | - perl-modules 31 | - libperl-dev 32 | - libaio1 33 | - libaio-dev 34 | - zlib1g 35 | - zlib1g-dev 36 | - libcap-dev 37 | - bzip2 38 | - automake 39 | - autoconf 40 | - libtool 41 | - cmake 42 | - pkg-config 43 | - python 44 | - libreadline-dev 45 | - libdb4.8-dev 46 | - libsasl2-dev 47 | - patch 48 | 49 | directadmin_debian7_packages: 50 | - gcc 51 | - g++ 52 | - make 53 | - flex 54 | - bison 55 | - openssl 56 | - libssl-dev 57 | - perl 58 | - perl-base 59 | - perl-modules 60 | - libperl-dev 61 | - libaio1 62 | - libaio-dev 63 | - zlib1g 64 | - zlib1g-dev 65 | - libcap-dev 66 | - bzip2 67 | - automake 68 | - autoconf 69 | - libtool 70 | - cmake 71 | - pkg-config 72 | - python 73 | - libdb-dev 74 | - libsasl2-dev 75 | - libncurses5-dev 76 | - patch 77 | 78 | directadmin_debian8_packages: 79 | - gcc 80 | - g++ 81 | - make 82 | - flex 83 | - bison 84 | - openssl 85 | - libssl-dev 86 | - perl 87 | - perl-base 88 | - perl-modules 89 | - libperl-dev 90 | - libaio1 91 | - libaio-dev 92 | - zlib1g 93 | - zlib1g-dev 94 | - libcap-dev 95 | - bzip2 96 | - automake 97 | - autoconf 98 | - libtool 99 | - cmake 100 | - pkg-config 101 | - python 102 | - libdb-dev 103 | - libsasl2-dev 104 | - libncurses5-dev 105 | - libsystemd-dev 106 | - bind9 107 | - quota 108 | - libsystemd-daemon0 109 | - patch 110 | - libjemalloc-dev 111 | 112 | directadmin_debian9_packages: 113 | - autoconf 114 | - automake 115 | - bind9 116 | - bison 117 | - bsd-mailx 118 | - bzip2 119 | - cmake 120 | - cron 121 | - dnsutils 122 | - flex 123 | - g++ 124 | - gcc 125 | - libaio-dev 126 | - libaio1 127 | - libc6-dev 128 | - libcap-dev 129 | - libcrypt-openssl-rsa-perl 130 | - libdb-dev 131 | - libexpat1-dev 132 | - libjemalloc-dev 133 | - libncurses5-dev 134 | - libnuma-dev 135 | - libnuma1 136 | - libperl-dev 137 | - libsasl2-dev 138 | - libssl-dev 139 | - libsystemd-dev 140 | - libtool 141 | - logrotate 142 | - make 143 | - openssl 144 | - patch 145 | - perl 146 | - perl-base 147 | - perl-modules 148 | - pkg-config 149 | - python 150 | - quota 151 | - rsyslog 152 | - zlib1g 153 | - zlib1g-dev 154 | 155 | directadmin_rhel_generic_packages: 156 | - gcc 157 | - gcc-c++ 158 | - flex 159 | - bison 160 | - make 161 | - bind 162 | - bind-libs 163 | - bind-utils 164 | - openssl 165 | - openssl-devel 166 | - perl 167 | - quota 168 | - libaio 169 | - libcom_err-devel 170 | - libcurl-devel 171 | - gd 172 | - zlib-devel 173 | - zip 174 | - unzip 175 | - libcap-devel 176 | - cronie 177 | - bzip2 178 | - cyrus-sasl-devel 179 | - perl-ExtUtils-Embed 180 | - autoconf 181 | - automake 182 | - libtool 183 | - which 184 | - patch 185 | - mailx 186 | - bzip2-devel 187 | - lsof 188 | 189 | directadmin_rhel_packages: 190 | - db4-devel 191 | 192 | directadmin_centos7_packages: 193 | - psmisc 194 | - net-tools 195 | - systemd-devel 196 | - libdb-devel 197 | - perl-DBI 198 | - xfsprogs 199 | --------------------------------------------------------------------------------