Added: ejabberd config (WIP)

2024-05-23 19:13:11 +02:00 · 2024-05-23 19:13:11 +02:00 · 1229621854
commit 1229621854
parent 74f6493694
11 changed files with 420 additions and 60 deletions
--- a/playbooks/tasks/chat/x509.yml
+++ b/playbooks/tasks/chat/x509.yml
@ -0,0 +1,55 @@
+---
+- name: Disable movim website
+  ansible.builtin.file:
+    path: "{{ nginx.paths.sites_enabled }}/{{ movim.domain }}"
+    state: absent
+
+- name: Disable auto redirect to TLS
+  ansible.builtin.file:
+    path: "{{ nginx.paths.sites_enabled }}/redirect_to_https"
+    state: absent
+
+- name: Enable default website
+  ansible.builtin.file:
+    dest: "{{ nginx.paths.sites_enabled }}/default"
+    src: "{{ nginx.paths.sites_available }}/default"
+    state: link
+
+- name: Install X509 certificates for movim
+  ansible.builtin.command:
+    argv:
+      - certbot
+      - certonly
+      - --agree-tos
+      - -m
+      - psotmaster@trans13nrv.eu.org
+      - --nginx
+      - -d
+      - "{{ movim.domain }}"
+    creates: "/etc/letsencrypt/live/{{ movim.domain }}*/privkey.pem"
+
+- name: Install X509 certificates for ejabberd hosts
+  ansible.builtin.command:
+    argv:
+      - certbot
+      - certonly
+      - --agree-tos
+      - -m
+      - psotmaster@trans13nrv.eu.org
+      - --nginx
+      - -d
+      - trans13nrv.eu.org
+      - -d
+      - xmpp.trans13nrv.eu.org
+      - -d
+      - muc.trans13nrv.eu.org
+      - -d
+      - "pubsub.trans13nrv.eu.org"
+      - -d
+      - upload.trans13nrv.eu.org
+    creates: "/etc/letsencrypt/live/trans13nrv.eu.org/privkey.pem"
+
+- name: Disable default website
+  ansible.builtin.file:
+    path: "{{ nginx.paths.sites_enabled }}/default"
+    state: absent