Updated Traccar to run as non-root

This commit is contained in:
Scott Wallace 2019-05-28 22:46:03 +01:00
parent c4817f0dd7
commit 7acd34e0bd
3 changed files with 61 additions and 41 deletions

View file

@ -1,10 +1,14 @@
server_packages: server_packages:
- curl
- git - git
- haproxy - haproxy
- letsencrypt - letsencrypt
- lsof - lsof
- net-tools - net-tools
- psmisc - psmisc
- python-simplejson
- python-pip
- python3-pip
- rsync - rsync
- screen - screen
- telnet - telnet

View file

@ -1,47 +1,63 @@
- name: 'Traccar: Check installed' - name: 'Traccar'
tags: tags:
- install - install
- traccar - traccar
stat: block:
path: "/opt/traccar/traccar.run" - name: 'Traccar: Check installed'
register: traccar_app stat:
path: "/opt/traccar/traccar.run"
register: traccar_app
- name: 'Traccar: Install' - name: 'Traccar: Install'
tags: include_tasks:
- install file: install.yaml
- traccar apply:
include_tasks: tags:
file: install.yaml - always
apply: when: not traccar_app.stat.exists
tags:
- always
when: not traccar_app.stat.exists
- name: 'Traccar: Fix perms' - name: 'Traccar: Tidy installer'
tags: file:
- install path: "{{ traccar_tmppath }}"
- traccar state: absent
file: become: yes
path: "/opt/traccar"
owner: "{{ traccar_owner }}"
group: "{{ traccar_owner }}"
recurse: yes
become: yes
- name: 'Traccar: Tidy installer' - name: 'Traccar: Add group'
tags: group:
- install name: "{{ traccar_owner }}"
- traccar become: yes
file:
path: "{{ traccar_tmppath }}"
state: absent
become: yes
- name: 'Traccar: Service running' - name: 'Traccar: Add user'
tags: user:
- traccar name: "{{ traccar_owner }}"
systemd: group: "{{ traccar_owner }}"
name: traccar become: yes
state: started
enabled: yes - name: 'Traccar: Fix perms'
become: yes file:
path: '/opt/traccar'
owner: "{{ traccar_owner }}"
group: "{{ traccar_owner }}"
recurse: yes
become: yes
- name: 'Traccar: systemd override'
block:
- name: 'Traccar: systemd override directory'
file:
path: '/etc/systemd/system/traccar.service.d'
state: directory
force: yes
- name: 'Traccar: systemd override file'
copy:
dest: '/etc/systemd/system/traccar.service.d/override.conf'
content: "[Service]\nUser={{ traccar_owner }}\nGroup={{ traccar_owner }}\n"
become: yes
- name: 'Traccar: Service running'
systemd:
name: traccar
state: started
daemon_reload: yes
enabled: yes
become: yes

View file

@ -1,2 +1,2 @@
traccar_tmppath: '/srv/tmp/traccar' traccar_tmppath: '/srv/tmp/traccar'
traccar_owner: 'scott' traccar_owner: 'traccar'