diff --git a/roles/xmpp_server/tasks/main.yml b/roles/xmpp_server/tasks/main.yml index 4642fdc36f209c9d9e0c38ff3ebf830f633d116d..4b6a9bd0ffe993c55f819ae84730e7aa7a0fd103 100644 --- a/roles/xmpp_server/tasks/main.yml +++ b/roles/xmpp_server/tasks/main.yml @@ -1,7 +1,8 @@ --- - name: Install Python apt bindings - apt: name=python-apt + apt: + name: python-apt - name: Add Prosody repository apt key apt_key: @@ -9,27 +10,38 @@ state: present - name: Add Prosody repository - apt_repository: repo="deb http://packages.prosody.im/debian jessie main" state=present + apt_repository: + repo: "deb http://packages.prosody.im/debian jessie main" + state: present - name: Install Lua Sec library (needed for TLS) - apt: name=lua-sec state=installed + apt: + name: lua-sec + state: installed - name: Install Lua LDAP library - apt: name=lua-ldap state=installed + apt: + name: lua-ldap + state: installed - name: Install Prosody - apt: name=prosody state=installed + apt: + name: prosody + state: installed - name: Allow Prosody user to traverse the directory with TLS private keys - user: name=prosody append=yes groups=ssl-cert + user: + name: prosody + append: yes + groups: ssl-cert - name: Deploy XMPP TLS private key copy: dest: "/etc/ssl/private/{{ ansible_fqdn }}_xmpp.key" content: "{{ xmpp_tls_key }}" - mode: 0640 owner: root group: prosody + mode: 0640 notify: - Restart Prosody @@ -37,30 +49,44 @@ copy: dest: "/etc/ssl/certs/{{ ansible_fqdn }}_xmpp.pem" content: "{{ xmpp_tls_certificate }}" - mode: 0644 owner: root group: root + mode: 0644 notify: - Restart Prosody - name: Deploy configuration file for checking certificate validity via cron - copy: content="/etc/ssl/certs/{{ ansible_fqdn }}_xmpp.pem" dest="/etc/check_certificate/{{ ansible_fqdn }}_xmpp.conf" - owner=root group=root mode=0644 + copy: + content: "/etc/ssl/certs/{{ ansible_fqdn }}_xmpp.pem" + dest: "/etc/check_certificate/{{ ansible_fqdn }}_xmpp.conf" + owner: root + group: root + mode: 0644 - name: Set-up directory for storing additional Prosody modules - file: path=/usr/local/lib/prosody/modules/ state=directory mode=0755 owner=root group=root + file: + path: "/usr/local/lib/prosody/modules/" + state: directory + owner: root + group: root + mode: 0755 - name: Deploy the Prosody mod_auth_ldap module - get_url: url=https://hg.prosody.im/prosody-modules/raw-file/tip/mod_auth_ldap/mod_auth_ldap.lua - dest=/usr/local/lib/prosody/modules/mod_auth_ldap.lua + get_url: + url: "https://hg.prosody.im/prosody-modules/raw-file/tip/mod_auth_ldap/mod_auth_ldap.lua" + dest: "/usr/local/lib/prosody/modules/mod_auth_ldap.lua" - name: Set-up file permissions for the Prosody mod_auth_ldap module - file: dest=/usr/local/lib/prosody/modules/mod_auth_ldap.lua owner=root group=root mode=0644 + file: + dest: "/usr/local/lib/prosody/modules/mod_auth_ldap.lua" + owner: root + group: root + mode: 0644 - name: Deploy Prosody configuration file template: - src: prosody.cfg.lua.j2 - dest: /etc/prosody/prosody.cfg.lua + src: "prosody.cfg.lua.j2" + dest: "/etc/prosody/prosody.cfg.lua" owner: root group: prosody mode: 0640 @@ -68,15 +94,22 @@ - Restart Prosody - name: Enable Prosody service on boot (workaround for systemctl broken handling of SysV) - command: rcconf -on prosody + command: "rcconf -on prosody" register: result changed_when: result.stderr == "" - name: Enable and start Prosody service - service: name=prosody state=started + service: + name: prosody + state: started - name: Deploy firewall configuration for XMPP server - copy: src="ferm_xmpp.conf" dest="/etc/ferm/conf.d/30-xmpp.conf" owner=root group=root mode=0640 + copy: + src: "ferm_xmpp.conf" + dest: "/etc/ferm/conf.d/30-xmpp.conf" + owner: root + group: root + mode: 0640 notify: - Restart ferm