This role allows you to install the current version of SQL-Ledger on Debian Trixie.
The code from this branch installs SQL-Ledger version 4. If your playbook was made for version 3, refer to the list below to update the variables.
To install an older version, switch to the branch
version3.
Changing variable sl_git_branch to full or dws will fail because
of the different configuration file formats.
The machine from which the playbook is run needs a recent Ansible version. In Debian and most other Linux distributions, Ansible is available through the official package repository.
The target machine needs SSH access, Python and sudo. Standard Debian comes with Python, sudo and SSH server are optional. For sudo, install Debian without root password. The SSH server has to be activated during «Software selection». Deselect all the rest.
After the basic installation, log in to the server with SSH to test the connection.
The following variables can be passed to this role:
| Variable Name | Default Value | Description |
|---|---|---|
| sl_lx_locales | ['en_US'] | list of the available UTF-8 locales |
| sl_lx_default_locale | en_US | default UTF-8 locale |
| sl_lx_timezone | UTC | time zone for server |
| sl_texlive_languages | ['english'] | list of the TeX Live languages |
| Variable Name | Default Value | Description |
|---|---|---|
| sl_admin_pwd | undefined | password for admin.pl |
| sl_gpg_path | /var/www/gnupg | home directory for gpg |
| sl_git_branch | main | branch that will be checked out |
| sl_git_source | https://github.com/Tekki/sql-ledger.git | URL of the Git repository |
| sl_helpful_login | false | helpful error messages on login screen |
| sl_httpd_config | /etc/apache2 | path to the webserver config |
| sl_httpd_path | /var/www/sql-ledger | local path of the installation |
| sl_httpd_url | sql-ledger | browser URL on the server |
| sl_httpd_whitelist | undefined | list of allowed IP addresses |
| sl_latex | true | install and use LaTeX |
| sl_latex_dvipdf | false | use dvipdf instead of pdflatex |
| sl_latex_pdftk | true | use pdftk to combine PDFs |
| sl_latex_xelatex | true | use XeLaTeX instead of pdflatex |
| sl_login_language | language of the login screen | |
| sl_postgres_user | sql-ledger | user name to connect to PostgreSQL |
| sl_protect_admin | false | protect admin interface |
| sl_protect_password | undefined | .htaccess password for protected admin interface |
| sl_protect_username | undefined | .htaccess username for protected admin interface |
| sl_sendmail | '| /usr/sbin/sendmail -f <%from%> -t' | pipe to sendmail |
| sl_totp_admin | false | TOTP for admin activated |
Always activate all locales you anticipate needing on the first run.
If other packages or Perl modules from CPAN have to be installed, add
them to the variables debian_additional_packages or
debian_perl_additional_cpan.
Please notice that this role doesn't install a mail transport agent or a printing system.
Assuming that your server has the name 'sl_server', create a directory and file structure that looks like this:
./
├── group_vars/
│ └── sl_server/
│ ├── sl_server_vars.yml
│ └── vault_vars.yml
├── roles/
│ └── sql-ledger/
├── hosts
└── sl_server.yml
Start with adding the IP address or URL of the SQL-Ledger server to
hosts:
[sl_server]
$IP_OR_URL
Next test the Ansible connection.
ansible sl_server -m pingCreate the playbook sl_server.yml:
- hosts: sl_server
roles:
- name: sql-ledger
tags: [sl]Clone the code of this repository to the roles directory:
git clone https://github.com/Tekki/ansible-sql-ledger roles/sql-ledgerTo install a server with
- Central European Time (Zurich)
- languages German/Switzerland, French/Switzerland, Italian/Switzerland
- German (chd_utf) as system default and language of the login screen
set the parameters in sl_server_vars.yml to
sl_lx_locales:
- de_CH
- fr_CH
- it_CH
sl_lx_default_locale: de_CH
SL_lx_timezone: Europe/Zurich
sl_texlive_languages:
- german
- french
- italian
sl_login_language: chd_utfNever type cleartext passwords into the config file. Always use the vault to protect them.
ansible_become: true
ansible_become_pass: "{{ vault_sudo_pwd }}"
sl_admin_pwd: "{{ vault_sl_admin_pwd }}"If the sudo password is 'Abc9876' and the password for admin.pl
should be set to '12345678' (both not a good idea), open
vault_vars.yml
ansible-vault edit group_vars/sl_server/vault_vars.ymland add the passwords:
vauls_sudo_pwd: Abc9876
vault_sl_admin_pwd: 12345678If variable sl_admin_pwd is set, password changes made in the user
interface will be overwritten with the next execution of Ansible.
Now start the installation with
ansible-playbook sl_server.ymlThe available tags are, listed in the order they are executed:
sl-basicsinstalls the basic packagessl-databaseconfigures the access to the databasesl-latexinstalls LaTeX, if sl_latex is truesl-programdownloads SQL-Ledger from GitHubsl-configupdates sql-ledger configsl-webserverconfigures the webserver, including password protection
Run the playbook again to update the installation. If you only want to
upgrade the code to a newer version, restrict execution to the
sl-program task:
ansible-playbook sql-ledger.yml -t sl-program© 2016-2026 Tekki (Rolf Stöckli)