majic-ansible-roles File Diff

File diff 0f24d5b272f5 → e4a0f78340ef

roles/xmpp_server/tasks/main.yml

➞

Show inline comments

 ---
 - name: Install Python apt bindings
   apt: name=python-apt
   apt:
     name: python-apt
 - name: Add Prosody repository apt key
   apt_key:
@@ @@ -9,27 +10,38 @@ @@
     state: present
 - name: Add Prosody repository
   apt_repository: repo="deb http://packages.prosody.im/debian jessie main" state=present
   apt_repository:
     repo: "deb http://packages.prosody.im/debian jessie main"
     state: present
 - name: Install Lua Sec library (needed for TLS)
   apt: name=lua-sec state=installed
   apt:
     name: lua-sec
     state: installed
 - name: Install Lua LDAP library
   apt: name=lua-ldap state=installed
   apt:
     name: lua-ldap
     state: installed
 - name: Install Prosody
   apt: name=prosody state=installed
   apt:
     name: prosody
     state: installed
 - name: Allow Prosody user to traverse the directory with TLS private keys
   user: name=prosody append=yes groups=ssl-cert
   user:
     name: prosody
     append: yes
     groups: ssl-cert
 - name: Deploy XMPP TLS private key
   copy:
     dest: "/etc/ssl/private/{{ ansible_fqdn }}_xmpp.key"
     content: "{{ xmpp_tls_key }}"
     mode: 0640
     owner: root
     group: prosody
     mode: 0640
   notify:
     - Restart Prosody
@@ @@ -37,30 +49,44 @@ @@
   copy:
     dest: "/etc/ssl/certs/{{ ansible_fqdn }}_xmpp.pem"
     content: "{{ xmpp_tls_certificate }}"
     mode: 0644
     owner: root
     group: root
     mode: 0644
   notify:
     - Restart Prosody
 - name: Deploy configuration file for checking certificate validity via cron
   copy: content="/etc/ssl/certs/{{ ansible_fqdn }}_xmpp.pem" dest="/etc/check_certificate/{{ ansible_fqdn }}_xmpp.conf"
         owner=root group=root mode=0644
   copy:
     content: "/etc/ssl/certs/{{ ansible_fqdn }}_xmpp.pem"
     dest: "/etc/check_certificate/{{ ansible_fqdn }}_xmpp.conf"
     owner: root
     group: root
     mode: 0644
 - name: Set-up directory for storing additional Prosody modules
   file: path=/usr/local/lib/prosody/modules/ state=directory mode=0755 owner=root group=root
   file:
     path: "/usr/local/lib/prosody/modules/"
     state: directory
     owner: root
     group: root
     mode: 0755
 - name: Deploy the Prosody mod_auth_ldap module
   get_url: url=https://hg.prosody.im/prosody-modules/raw-file/tip/mod_auth_ldap/mod_auth_ldap.lua
            dest=/usr/local/lib/prosody/modules/mod_auth_ldap.lua
   get_url:
     url: "https://hg.prosody.im/prosody-modules/raw-file/tip/mod_auth_ldap/mod_auth_ldap.lua"
     dest: "/usr/local/lib/prosody/modules/mod_auth_ldap.lua"
 - name: Set-up file permissions for the Prosody mod_auth_ldap module
   file: dest=/usr/local/lib/prosody/modules/mod_auth_ldap.lua owner=root group=root mode=0644
   file:
     dest: "/usr/local/lib/prosody/modules/mod_auth_ldap.lua"
     owner: root
     group: root
     mode: 0644
 - name: Deploy Prosody configuration file
   template:
     src: prosody.cfg.lua.j2
     dest: /etc/prosody/prosody.cfg.lua
     src: "prosody.cfg.lua.j2"
     dest: "/etc/prosody/prosody.cfg.lua"
     owner: root
     group: prosody
     mode: 0640
@@ @@ -68,15 +94,22 @@ @@
     - Restart Prosody
 - name: Enable Prosody service on boot (workaround for systemctl broken handling of SysV)
   command: rcconf -on prosody
+  command: "rcconf -on prosody"
   register: result
   changed_when: result.stderr == ""
 - name: Enable and start Prosody service
   service: name=prosody state=started
   service:
     name: prosody
     state: started
 - name: Deploy firewall configuration for XMPP server
   copy: src="ferm_xmpp.conf" dest="/etc/ferm/conf.d/30-xmpp.conf" owner=root group=root mode=0640
   copy:
     src: "ferm_xmpp.conf"
     dest: "/etc/ferm/conf.d/30-xmpp.conf"
     owner: root
     group: root
     mode: 0640
   notify:
     - Restart ferm