xmpp with support for multiple virtual domains and more sensible default config.

group_vars/sovereign

@@ -46,13 +46,6 @@ irc_ident: (required)
 irc_realname: (required)
 irc_quitmsg: (required)
 
-# xmpp
-prosody_admin: "{{ admin_email }}"
-prosody_virtual_domain: "{{ domain }}"
-prosody_accounts:
-  - name: "{{ main_user_name }}"
-    password: TODO
-
 # openvpn
 openvpn_clients:
   - laptop

roles/xmpp/defaults/main.yml

@@ -1,3 +1,9 @@
+secret_root: '{{ inventory_dir | realpath }}'
+secret_name: 'secret'
+secret: '{{ secret_root + "/" + secret_name }}'
+
 prosody_admin: "{{ admin_email }}"
-prosody_virtual_domain: "{{ domain }}"
-prosody_accounts: []
+prosody_accounts:
+  - name: "{{ main_user_name }}"
+    domain: "{{ domain }}"
+    password: "{{ lookup('password', secret + '/' + 'xmpp_main_user_password length=32') }}"

roles/xmpp/tasks/prosody.yml

@@ -9,8 +9,12 @@
     - dependencies
 
 - name: Install Prosody and dependencies from official repository
-  apt: pkg={{ item }} update_cache=yes
-  with_items:
+  apt:
+    name: "{{ packages }}"
+    state: present
+    update_cache: yes
+  vars:
+    packages:
     - prosody
     - lua-sec
   tags:
@@ -30,7 +34,7 @@
   notify: restart prosody
 
 - name: Create Prosody accounts
-  command: prosodyctl register {{ item.name }} {{ prosody_virtual_domain }} "{{ item.password }}"
+  command: prosodyctl register {{ item.name }} {{ item.domain }} "{{ item.password }}"
   with_items: "{{ prosody_accounts }}"
 
 - name: Set firewall rules for Prosody

roles/xmpp/templates/prosody.cfg.lua.j2

@@ -152,7 +152,9 @@ data_path = "/data/prosody"
 -- You need to add a VirtualHost entry for each domain you wish Prosody to serve.
 -- Settings under each VirtualHost entry apply *only* to that host.
 
-VirtualHost "{{ prosody_virtual_domain }}"
+{% for vd in virtual_domains %}
+VirtualHost "{{ vd.name }}"
+{% endfor %}
 
 ------ Components ------
 -- You can specify components to add hosts that provide special services,