191 lines
4.6 KiB
YAML
191 lines
4.6 KiB
YAML
---
|
|
|
|
- name: "Install Lua 5.2"
|
|
apt:
|
|
name: lua5.2
|
|
state: present
|
|
install_recommends: no
|
|
- name: "Add Prosody package signing key"
|
|
apt_key:
|
|
url: "https://packages.prosody.im/debian/pubkey.asc"
|
|
- name: "Add Prosody package repo"
|
|
apt_repository:
|
|
filename: prosody
|
|
repo: "deb https://packages.prosody.im/debian buster main"
|
|
- name: "Detect dpkg architecture name"
|
|
shell: dpkg --print-architecture
|
|
register: dpkg_arch
|
|
- name: "Install Prosody package"
|
|
apt:
|
|
deb: "https://packages.prosody.im/debian/pool/main/p/{{ prosody.package }}/{{ prosody.package }}_1nightly{{ prosody.build }}-1~buster_{{ dpkg_arch.stdout }}.deb"
|
|
state: present
|
|
install_recommends: yes
|
|
- name: "Deploy Prosody config"
|
|
copy:
|
|
src: ../files/prosody.cfg.lua
|
|
dest: /etc/prosody/prosody.cfg.lua
|
|
- name: "Create Prosody data directory"
|
|
file:
|
|
state: directory
|
|
path: /snikket/prosody
|
|
owner: prosody
|
|
group: prosody
|
|
mode: 0750
|
|
- name: "Create Prosody modules directory"
|
|
file:
|
|
state: directory
|
|
path: /etc/prosody/modules
|
|
- name: "Create web root directory"
|
|
file:
|
|
state: directory
|
|
path: /var/www
|
|
- name: "FIXME Workaround for Prosody package bug"
|
|
file:
|
|
path: /etc/prosody/certs
|
|
state: directory
|
|
owner: prosody
|
|
group: adm
|
|
mode: 0750
|
|
recurse: yes
|
|
- name: "Disable Prosody init script"
|
|
service:
|
|
name: prosody
|
|
enabled: no
|
|
- name: "Stop Prosody if running"
|
|
service:
|
|
name: prosody
|
|
state: stopped
|
|
- name: "Allow Prosody to bind service ports"
|
|
command: setcap 'cap_net_bind_service=+ep' /usr/bin/lua5.2
|
|
|
|
- name: Install Mercurial
|
|
apt:
|
|
name: mercurial
|
|
state: present
|
|
install_recommends: no
|
|
|
|
- name: Clone prosody-modules
|
|
hg:
|
|
repo: https://hg.prosody.im/prosody-modules
|
|
dest: /usr/local/lib/prosody-modules
|
|
revision: "{{ prosody_modules.revision }}"
|
|
purge: yes
|
|
update: yes
|
|
- name: Enable wanted modules (prosody-modules)
|
|
file:
|
|
state: link
|
|
src: "/usr/local/lib/prosody-modules/{{item}}"
|
|
dest: "/etc/prosody/modules/{{item}}"
|
|
loop:
|
|
- mod_smacks
|
|
- mod_cloud_notify
|
|
- mod_cloud_notify_extensions
|
|
- mod_cloud_notify_encrypted
|
|
- mod_cloud_notify_priority_tag
|
|
- mod_cloud_notify_filters
|
|
- mod_block_registrations
|
|
- mod_compact_resource
|
|
- mod_conversejs
|
|
- mod_migrate_http_upload
|
|
- mod_lastlog2
|
|
- mod_limit_auth
|
|
- mod_password_policy
|
|
- mod_roster_allinall
|
|
- mod_strict_https
|
|
- mod_vcard_muc
|
|
- mod_reload_modules
|
|
- mod_email
|
|
- mod_http_altconnect
|
|
- mod_bookmarks
|
|
- mod_default_bookmarks
|
|
- mod_firewall
|
|
- mod_turncredentials
|
|
- mod_admin_notify
|
|
- mod_http_oauth2
|
|
- mod_http_admin_api
|
|
- mod_rest
|
|
- mod_groups_migration
|
|
- mod_invites
|
|
- mod_invites_adhoc
|
|
- mod_invites_api
|
|
- mod_invites_groups
|
|
- mod_invites_page
|
|
- mod_invites_register
|
|
- mod_invites_register_api
|
|
- mod_invites_tracking
|
|
- mod_groups_internal
|
|
- mod_groups_muc_bookmarks
|
|
- mod_muc_defaults
|
|
- mod_muc_local_only
|
|
- mod_muc_offline_delivery
|
|
- mod_http_host_status_check
|
|
- mod_measure_process
|
|
- mod_prometheus
|
|
- mod_spam_reporting
|
|
- mod_watch_spam_reports
|
|
- mod_isolate_host
|
|
- mod_muc_auto_reserve_nicks
|
|
- mod_measure_active_users
|
|
|
|
- name: Enable wanted modules (snikket-modules)
|
|
file:
|
|
state: link
|
|
src: "/usr/local/lib/snikket-modules/{{item}}"
|
|
dest: "/etc/prosody/modules/{{item}}"
|
|
loop:
|
|
- mod_update_check
|
|
- mod_update_notify
|
|
- mod_invites_default_group
|
|
- mod_invites_bootstrap
|
|
- mod_snikket_client_id
|
|
- mod_snikket_ios_preserve_push
|
|
- mod_snikket_restricted_users
|
|
|
|
- name: "Install lua-ossl for encrypted push notifications"
|
|
apt:
|
|
name: lua-luaossl
|
|
state: present
|
|
install_recommends: no
|
|
|
|
- name: "Fetch luaunbound source"
|
|
get_url:
|
|
#url: https://code.zash.se/dl/luaunbound/luaunbound-0.5.tar.gz
|
|
url: https://matthewwild.co.uk/uploads/luaunbound-0.5.tar.gz
|
|
sha256sum: a6564ac1cca6bb350576eb2a5cfa03adb0aafd4f99d6cd491bd8028d046c62a7
|
|
dest: /tmp/luaunbound-0.5.tar.gz
|
|
|
|
- name: "Extract luaunbound"
|
|
unarchive:
|
|
src: /tmp/luaunbound-0.5.tar.gz
|
|
remote_src: yes
|
|
dest: /tmp
|
|
|
|
- name: "Install libunbound-dev"
|
|
apt:
|
|
name:
|
|
- libunbound8
|
|
- libunbound-dev
|
|
- liblua5.2-dev
|
|
state: present
|
|
|
|
- name: "Build luaunbound"
|
|
make:
|
|
chdir: /tmp/luaunbound-0.5
|
|
|
|
- name: "Install luaunbound"
|
|
make:
|
|
chdir: /tmp/luaunbound-0.5
|
|
target: install
|
|
|
|
- name: "Remove luaunbound source"
|
|
file:
|
|
path: /tmp/luaunbound-0.5
|
|
state: absent
|
|
|
|
- name: "Remove libunbound-dev"
|
|
apt:
|
|
name:
|
|
- libunbound-dev
|
|
- liblua5.2-dev
|
|
state: absent
|