infrastructure/playbooks/02-xmpp-server.yaml

- name: Configuration of jabber server
  hosts: chatservers

  tasks:
    - name: Use variables
      ansible.builtin.include_vars: vars.yml

    - name: Configure ejabber apt sources
      ansible.builtin.blockinfile:
        path: /etc/apt/sources.list.d/process-one-stable.sources
        create: true
        block: |
          Enabled: yes
          Types: deb
          URIs: https://repo.process-one.net/deb
          Suites: stable
          Components: main
          Architectures: amd64
          Signed-By: /etc/apt/keyrings/ejabberd.gpg
        owner: "{{ root.user }}"
        group: "{{ root.group }}"
        mode: "755"

    - name: Create keyrings folder
      ansible.builtin.file:
        path: /etc/apt/keyrings
        state: directory
        owner: "{{ root.user }}"
        group: "{{ root.group }}"
        mode: "755"

    - name: Adding process-one (ejabberd) gpg key to apt keyring
      ansible.builtin.get_url:
        url: https://repo.process-one.net/ejabberd.gpg
        dest: /etc/apt/keyrings/ejabberd.gpg
        owner: "{{ root.user }}"
        group: "{{ root.group }}"
        mode: "755"

    - name: Installing required packages
      ansible.builtin.package:
        name:
          - composer
          - php-fpm
          - php-curl
          - php-mbstring
          - php-imagick
          - php-gd
          - php-pgsql
          - php-xml
          - postgresql
          - nginx
          - ejabberd
          - git
          - python3-certbot-nginx
          - python3-psycopg2
        state: present

    - name: Installing Movim App
      block:
        - name: Cloning
          ansible.builtin.git:
            repo: https://github.com/movim/movim.git
            dest: "{{ movim.path }}"
            version: "{{ movim.version }}"
      rescue:
        - name: Fetching
          ansible.builtin.command:
            argv:
              - git
              - fetch
            chdir: "{{ movim.path }}"
          become: true
          become_user: "{{ www.user }}"
        - name: Checking Out
          ansible.builtin.command:
            argv:
              - git
              - checkout
              - "{{ movim.version }}"
            chdir: "{{ movim.path }}"
          become: true
          become_user: "{{ www.user }}"
      always:
        - name: Setting Mode and Ownershp
          ansible.builtin.file:
            path: "{{ movim.path }}"
            state: directory
            owner: "{{ www.user }}"
            group: "{{ www.group }}"
            recurse: true
            mode: "755"

    - name: Installing Movim dependanciens
      community.general.composer:
        working_dir: "{{ movim.path }}"
        command: install
      become: true
      become_user: "{{ www.user }}"

    - name: Create Database User
      community.postgresql.postgresql_user:
        user: movim
        password: movim
        state: present
      become_user: "{{ postgres.user }}"
      become: true

    - name: Create Database
      community.postgresql.postgresql_db:
        name: movim
        owner: movim
        state: present
      become_user: "{{ postgres.user }}"
      become: true

    - name: Setting-Up Movim execution environment
      ansible.builtin.blockinfile:
        path: "{{ movim.path }}/.env"
        block: |
          # Database configuration
          DB_DRIVER=pgsql
          DB_HOST=127.0.0.1
          DB_PORT=5432
          DB_DATABASE=movim
          DB_USERNAME=movim
          DB_PASSWORD=movim

          # Daemon configuration
          DAEMON_URL=https://chat.trans13nrv.eu.org/ # Public URL of your Movim instance
          DAEMON_PORT=8080 # Port on which the daemon will listen
          DAEMON_INTERFACE=127.0.0.1 # Interface on which the daemon will listen, must be an IP
          DAEMON_DEBUG=false
          DAEMON_VERBOSE=false

        owner: "{{ www.user }}"
        group: "{{ www.group }}"
        create: true
        mode: "600"

    - name: Migrating Database
      community.general.composer:
        command: "movim:migrate"
        working_dir: "{{ movim.path }}"
      become: true
      become_user: "{{ www.user }}"

    - name: Setting-Up Movim demon service
      ansible.builtin.blockinfile:
        path: /etc/systemd/system/movim.service
        block: |
          [Unit]
          Description=Movim daemon
          After=nginx.service network.target local-fs.target

          [Service]
          User=www-data
          Type=simple
          Environment=PUBLIC_URL=https://chat.trans13nrv.eu.org/
          Environment=WS_PORT=8080
          EnvironmentFile=-/etc/default/movim
          ExecStart=/usr/bin/php daemon.php start
          WorkingDirectory={{ movim.path }}
          StandardOutput=syslog
          SyslogIdentifier=movim
          PIDFile=/run/movim.pid
          Restart=on-failure
          RestartSec=10

          [Install]
          WantedBy=multi-user.target
        owner: "{{ root.user }}"
        group: "{{ root.group }}"
        mode: "644"
        create: true

    - name: Reload SystemD daemon
      ansible.builtin.command:
        argv:
          - systemctl
          - daemon-reload

    - name: Enable and start Movim Damon Service
      ansible.builtin.systemd_service:
        service: movim.service
        enabled: true
        state: started