Files @ 23a9ea4219dc
Branch filter:

Location: majic-ansible-roles/roles/xmpp_server/tasks/main.yml

23a9ea4219dc 2.6 KiB text/x-yaml Show Annotation Show as Raw Download as Raw
branko
MAR-113: Added option for specifying relay port to mail_forwarder:

- Introduced new option "smtp_relay_host_port".
- Updated the test playbook and tests to make sure new functionality works as
expected.
- Update role reference documentation.
- Updated usage instructions.
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
---

- name: Install Python apt bindings
  apt: name=python-apt

- name: Add Prosody repository apt key
  apt_key:
    data: "{{ lookup('file', 'prosody-debian-packages.gpg') }}"
    state: present

- name: Add Prosody repository
  apt_repository: repo="deb http://packages.prosody.im/debian jessie main" state=present

- name: Install Lua Sec library (needed for TLS)
  apt: name=lua-sec state=installed

- name: Install Lua LDAP library
  apt: name=lua-ldap state=installed

- name: Install Prosody
  apt: name=prosody state=installed

- name: Allow Prosody user to traverse the directory with TLS private keys
  user: name=prosody append=yes groups=ssl-cert

- name: Deploy XMPP TLS private key
  copy:
    dest: "/etc/ssl/private/{{ ansible_fqdn }}_xmpp.key"
    content: "{{ xmpp_tls_key }}"
    mode: 0640
    owner: root
    group: prosody
  notify:
    - Restart Prosody

- name: Deploy XMPP TLS certificate
  copy:
    dest: "/etc/ssl/certs/{{ ansible_fqdn }}_xmpp.pem"
    content: "{{ xmpp_tls_certificate }}"
    mode: 0644
    owner: root
    group: root
  notify:
    - Restart Prosody

- name: Deploy configuration file for checking certificate validity via cron
  copy: content="/etc/ssl/certs/{{ ansible_fqdn }}_xmpp.pem" dest="/etc/check_certificate/{{ ansible_fqdn }}_xmpp.conf"
        owner=root group=root mode=0644

- name: Set-up directory for storing additional Prosody modules
  file: path=/usr/local/lib/prosody/modules/ state=directory mode=0755 owner=root group=root

- name: Deploy the Prosody mod_auth_ldap module
  get_url: url=https://hg.prosody.im/prosody-modules/raw-file/tip/mod_auth_ldap/mod_auth_ldap.lua
           dest=/usr/local/lib/prosody/modules/mod_auth_ldap.lua

- name: Set-up file permissions for the Prosody mod_auth_ldap module
  file: dest=/usr/local/lib/prosody/modules/mod_auth_ldap.lua owner=root group=root mode=0644

- name: Deploy Prosody configuration file
  template:
    src: prosody.cfg.lua.j2
    dest: /etc/prosody/prosody.cfg.lua
    owner: root
    group: prosody
    mode: 0640
  notify:
    - Restart Prosody

- name: Enable Prosody service on boot (workaround for systemctl broken handling of SysV)
  command: rcconf -on prosody
  register: result
  changed_when: result.stderr == ""

- name: Enable and start Prosody service
  service: name=prosody state=started

- name: Deploy firewall configuration for XMPP server
  copy: src="ferm_xmpp.conf" dest="/etc/ferm/conf.d/30-xmpp.conf" owner=root group=root mode=0640
  notify:
    - Restart ferm

- name: Explicitly run all handlers
  include: ../handlers/main.yml
  when: "handlers | default(False) | bool() == True"
  tags:
    - handlers
This site is powered by Kallithea 0.7.0, which is © 2010–2024 by various authors & licensed under GPLv3.