diff --git a/roles/xmpp_server/tasks/main.yml b/roles/xmpp_server/tasks/main.yml index 6f344d9686dd1c5a062a5e845cd6eb85d11796ab..9eb00c7bdccdbdd96c02f1d7c0adb504ff73867c 100644 --- a/roles/xmpp_server/tasks/main.yml +++ b/roles/xmpp_server/tasks/main.yml @@ -4,7 +4,7 @@ # =================== - name: Set-up the Debian backports repository - template: + ansible.builtin.template: src: backports.list.j2 dest: /etc/apt/sources.list.d/backports.list owner: root @@ -18,12 +18,12 @@ # change when changing distro version etc), we have to use # template instead, but this also means we need to trigger the apt # cache reload by hand. - apt: + ansible.builtin.apt: update_cache: true when: backports_repository_configuration.changed - name: Install additional Prosody dependencies - apt: + ansible.builtin.apt: name: - lua-ldap - prosody-modules @@ -32,20 +32,20 @@ - Restart Prosody - name: Install Prosody - apt: + ansible.builtin.apt: name: prosody state: present notify: - Restart Prosody - name: Allow Prosody user to traverse the directory with TLS private keys - user: + ansible.builtin.user: name: prosody append: true groups: ssl-cert - name: Deploy XMPP TLS private key - copy: + ansible.builtin.copy: dest: "/etc/ssl/private/{{ ansible_fqdn }}_xmpp.key" content: "{{ xmpp_tls_key }}" owner: root @@ -55,7 +55,7 @@ - Restart Prosody - name: Deploy XMPP TLS certificate - copy: + ansible.builtin.copy: dest: "/etc/ssl/certs/{{ ansible_fqdn }}_xmpp.pem" content: "{{ xmpp_tls_certificate }}" owner: root @@ -65,7 +65,7 @@ - Restart Prosody - name: Generate the XMPP server Diffie-Hellman parameter - openssl_dhparam: + community.crypto.openssl_dhparam: owner: root group: prosody mode: "0640" @@ -75,7 +75,7 @@ - Restart Prosody - name: Deploy configuration file for checking certificate validity via cron - copy: + ansible.builtin.copy: content: "/etc/ssl/certs/{{ ansible_fqdn }}_xmpp.pem" dest: "/etc/check_certificate/{{ ansible_fqdn }}_xmpp.conf" owner: root @@ -83,7 +83,7 @@ mode: "0644" - name: Deploy script for validating Prosody certificate - copy: + ansible.builtin.copy: src: "check_prosody_certificate.sh" dest: "/usr/local/bin/check_prosody_certificate.sh" owner: root @@ -91,7 +91,7 @@ mode: "0755" - name: Set-up crontab task that runs the Prosody certificate checker script once a day - copy: + ansible.builtin.copy: src: "cron_check_prosody_certificate" dest: "/etc/cron.d/check_prosody_certificate" owner: root @@ -99,7 +99,7 @@ mode: "0644" - name: Deploy LDAP client configuration (for validating LDAP server certificate) - copy: + ansible.builtin.copy: src: prosody_ldaprc dest: "/var/lib/prosody/.ldaprc" owner: root @@ -109,7 +109,7 @@ - Restart Prosody - name: Deploy Prosody configuration file - template: + ansible.builtin.template: src: "prosody.cfg.lua.j2" dest: "/etc/prosody/prosody.cfg.lua" owner: root @@ -119,13 +119,13 @@ - Restart Prosody - name: Enable and start Prosody service - service: + ansible.builtin.service: name: prosody state: started enabled: true - name: Deploy firewall configuration for XMPP server - copy: + ansible.builtin.copy: src: "ferm_xmpp.conf" dest: "/etc/ferm/conf.d/30-xmpp.conf" owner: root @@ -135,7 +135,7 @@ - Restart ferm - name: Explicitly run all handlers - include_tasks: ../handlers/main.yml + ansible.builtin.include_tasks: ../handlers/main.yml when: "run_handlers | default(False) | bool()" tags: - handlers