66 lines
1.7 KiB
YAML
66 lines
1.7 KiB
YAML
---
|
|
# tasks file for MicroJoe.prosody
|
|
|
|
- name: Install debian dependencies
|
|
apt:
|
|
name: apt-transport-https
|
|
state: present
|
|
|
|
- name: Install official prosody repository's key
|
|
apt_key:
|
|
url: https://prosody.im/files/prosody-debian-packages.key
|
|
state: present
|
|
|
|
- name: Install official prosody repository
|
|
apt_repository:
|
|
repo: deb https://packages.prosody.im/debian stretch main
|
|
state: present
|
|
|
|
- name: Install prosody package
|
|
apt:
|
|
name: prosody
|
|
state: latest
|
|
update_cache: yes
|
|
|
|
- name: Configure prosody
|
|
template:
|
|
src: prosody.cfg.lua.j2
|
|
dest: /etc/prosody/prosody.cfg.lua
|
|
group: root
|
|
owner: root
|
|
mode: 0755
|
|
validate: "luac -p %s"
|
|
notify: reload prosody config
|
|
|
|
- name: Copy TLS cert to /etc/prosody/certs/
|
|
command: /bin/cp "{{ prosody_ssl_cert_source }}" "{{ prosody_ssl_cert_dest }}"
|
|
notify: reload prosody config
|
|
|
|
- name: Copy TLS key to /etc/prosody/certs/
|
|
command: /bin/cp "{{ prosody_ssl_key_source }}" "{{ prosody_ssl_key_dest }}"
|
|
notify: reload prosody config
|
|
|
|
- name: Set good access to certs
|
|
file:
|
|
path: "{{ item }}"
|
|
owner: root
|
|
group: prosody
|
|
mode: 0640
|
|
with_items:
|
|
- "{{ prosody_ssl_key_dest }}"
|
|
- "{{ prosody_ssl_cert_dest }}"
|
|
|
|
# Everyday at 4 AM
|
|
|
|
- name: Install crontab for periodic copy of LetsEncypt certs
|
|
cron:
|
|
name: Copy LetsEncrypt certificates and restart
|
|
hour: 4
|
|
minute: 0
|
|
job: "cp {{ prosody_ssl_cert_source }} {{ prosody_ssl_cert_dest }} &&
|
|
cp {{ prosody_ssl_key_source }} {{ prosody_ssl_key_dest }} &&
|
|
systemctl restart prosody"
|
|
|
|
- name: Enable and restart prosody service
|
|
service: name=prosody enabled=yes state=restarted
|