Merge branch 'master' of github.com:al3x/sovereign

# Conflicts:
#	roles/common/tasks/users.yml

roles/common/tasks/encfs.yml

 - name: Create encrypted directory
   file: state=directory path=/encrypted
 
-- name: Create decrypted directory
-  file: state=directory path=/decrypted
-
 - name: Add mail user to fuse group
   user: name=mail append=yes groups=fuse
 
+- name: Add main user to fuse group
+  user: name={{ main_user_name }} append=yes groups=fuse
+
 # Check if the /encrypted directory is empty
 - name: Check for existing encfs
   shell: ls /encrypted/*

roles/common/tasks/main.yml

 ---
 # Defines tasks applicable across all machines in the infrastructure.
+- name: Set up closest mirror autoselect (ubuntu-only)
+  template: src=apt_sources.list.j2 dest=/etc/apt/sources.list
+  when: ansible_distribution == 'Ubuntu'
 
 - name: Update apt cache
   apt: update_cache=yes
   notify: restart apache
   when: ansible_distribution_release == 'trusty'
 
+- name: Create decrypted directory (even if encfs isn't used)
+  file: state=directory path=/decrypted
+
+- name: Set decrypted directory permissions
+  file: state=directory path=/decrypted group=mail mode=775
+
 - include: encfs.yml tags=encfs
 - include: users.yml tags=users
 - include: ssl.yml tags=ssl

roles/common/tasks/users.yml

 - name: Create main user account
-  user: name={{ main_user_name }} state=present shell={{ main_user_shell }} groups=sudo,fuse
+  user: name={{ main_user_name }} state=present shell={{ main_user_shell }} groups=sudo
 
 - name: Give main user account sudo power
   template: src=roles/common/templates/sudoers.j2 dest=/etc/sudoers.d/sudoers owner=root group=root mode=0440 validate='visudo -cf %s'

roles/common/templates/apt_sources.list.j2

+# This file is generated by Sovereign
+deb mirror://mirrors.ubuntu.com/mirrors.txt {{ ansible_distribution_release }} main restricted universe multiverse
+deb mirror://mirrors.ubuntu.com/mirrors.txt {{ ansible_distribution_release }}-updates main restricted universe multiverse
+deb mirror://mirrors.ubuntu.com/mirrors.txt {{ ansible_distribution_release }}-backports main restricted universe multiverse
+deb mirror://mirrors.ubuntu.com/mirrors.txt {{ ansible_distribution_release }}-security main restricted universe multiverse

roles/news/templates/var_www_selfoss_config.ini.j2

 anonymizer=
 use_system_font=1
 readability=
-share=gtfprde
+share=gtfprdew
+wallabag=https://read.{{domain}}
 allow_public_update_access=0
 unread_order=

roles/owncloud/tasks/owncloud.yml

 ---
 # Installs the ownCloud personal cloud software
 # as per http://www.debiantutorials.com/how-to-install-owncloud-on-wheezy/
+- name: Install dependencies
+  apt: pkg={{ item }} state=present
+  with_items:
+    - libapache2-mod-php5
+    - php-apc
+    - python-psycopg2
+    - postgresql-9.3
+
+- name: Set postgres password
+  command: sudo -u {{ db_admin_username }} psql -d {{ db_admin_username }} -c "ALTER USER postgres with  password '{{ db_admin_password }}';"
 
 - name: Create database user for ownCloud
   postgresql_user: login_host=localhost login_user={{ db_admin_username }} login_password="{{ db_admin_password }}" name={{ owncloud_db_username }} password="{{ owncloud_db_password }}" state=present
 - name: Install ownCloud (possibly from OpenSuSE repository)
   apt: pkg=owncloud update_cache=yes
 
-- name: Install PHP dependencies
-  apt: pkg={{ item }} state=present
-  with_items:
-    - libapache2-mod-php5
-    - php-apc
-
 - name: Owncloud www directory
   file: state=directory path=/var/www/owncloud
 

roles/webmail/tasks/roundcube.yml

 - name: Configure the Apache HTTP server for roundcube
   template: src=etc_apache2_sites-available_roundcube.j2 dest=/etc/apache2/sites-available/roundcube.conf group=root owner=root force=yes
 
+- name: Enable php5-mcrypt
+  file: src=/etc/php5/mods-available/mcrypt.ini dest=/etc/php5/apache2/conf.d/20-mcrypt.ini owner=root group=root state=link
+
 - name: Configure roundcube
   copy: src={{ item.src }} dest={{ item.dest }} group=www-data owner=root mode=640 force=yes
   with_items: