Add an RSS reader.

README.textile

@@ -31,6 +31,7 @@ What do you get if you point this thing at a VPS? All kinds of good stuff!
 * "SMTP":https://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol over SSL via Postfix, including a nice set of "DNSBLs":https://en.wikipedia.org/wiki/DNSBL to discard spam before it ever hits your filters.
 * Webmail via "Roundcube":http://www.roundcube.net/.
 * Jabber/"XMPP":http://xmpp.org/ instant messaging via "Prosody":http://prosody.im/.
+* An RSS Reader via "Selfoss":http://selfoss.aditu.de/
 * Virtual domains for your email, backed by "MySQL":https://www.mysql.com/.
 * Secure on-disk storage for email and more via "EncFS":http://www.arg0.net/encfs.
 * Spam fighting via "DSPAM":http://dspam.sourceforge.net/ and "Postgrey":http://postgrey.schweikert.ch/.

roles/news/tasks/main.yml

@@ -0,0 +1 @@
+- include: selfoss.yml tags=selfoss

roles/news/tasks/selfoss.yml

@@ -0,0 +1,38 @@
+- name: Clone Selfoss
+  git: repo=https://github.com/SSilence/selfoss.git
+       dest=/var/www/selfoss
+
+- name: Set selfoss permissions
+  action: file owner=www-data group=www-data path=/var/www/selfoss recurse=yes state=directory
+
+- name: Create database user for selfoss
+  mysql_user: user={{ selfoss_mysql_username }} password={{ selfoss_mysql_password }} state=present priv="selfoss.*:ALL"
+
+- name: Create database for selfoss
+  mysql_db: name={{ selfoss_mysql_database }} state=present
+
+- name: Install selfoss config.ini
+  template: src=var_www_selfoss_config.ini.j2 dest=/var/www/selfoss/config.ini group=www-data owner=www-data
+
+- name: Enable Apache rewrite module
+  command: a2enmod rewrite creates=/etc/apache2/mods-enabled/rewrite.load
+  notify: restart apache
+
+- name: Enable Apache headers module
+  command: a2enmod headers creates=/etc/apache2/mods-enabled/headers.load
+  notify: restart apache
+
+- name: Enable Apache expires module
+  command: a2enmod expires creates=/etc/apache2/mods-enabled/expires.load
+  notify: restart apache
+
+- name: Configure the Apache HTTP server for selfoss
+  template: src=etc_apache2_sites-available_selfoss.j2 dest=/etc/apache2/sites-available/selfoss group=www-data owner=www-data
+  notify: restart apache
+
+- name: Enable the selfoss site
+  command: a2ensite selfoss creates=/etc/apache2/sites-enabled/selfoss
+  notify: restart apache
+
+- name: Install selfoss cronjob
+  cron: name="ownCloud" user="www-data" minute="*/5" job="curl -k 'https://{{ selfoss_domain }}/update'"

roles/news/templates/etc_apache2_sites-available_selfoss.j2

@@ -0,0 +1,31 @@
+<VirtualHost *:80>
+    ServerName {{ selfoss_domain }}
+
+    Redirect permanent / https://{{ selfoss_domain }}/
+</VirtualHost>
+
+<VirtualHost *:443>
+    ServerName {{ selfoss_domain }}
+
+    SSLEngine on
+    SSLProtocol ALL -SSLv2
+    SSLHonorCipherOrder On
+    SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AES:RSA+3DES:!ADH:!AECDH:!MD5:!DSS
+    SSLCertificateFile      /etc/ssl/certs/wildcard_public_cert.crt
+    SSLCertificateKeyFile   /etc/ssl/private/wildcard_private.key
+    SSLCACertificateFile    /etc/ssl/certs/wildcard_ca.pem
+    Header add Strict-Transport-Security "max-age=15768000; includeSubdomains"
+
+    DocumentRoot            /var/www/selfoss
+    Options                 -Indexes
+
+    ErrorLog                /var/log/apache2/selfoss.info-error_log
+    CustomLog               /var/log/apache2/selfoss.info-access_log common
+
+    <Directory /var/www/selfoss>
+        AllowOverride All
+        Order allow,deny
+        allow from all
+        DirectoryIndex index.php
+    </Directory>
+</VirtualHost>

roles/news/templates/var_www_selfoss_config.ini.j2

@@ -0,0 +1,28 @@
+; see https://github.com/SSilence/selfoss/wiki/Configuration for more information about the configuration parameters
+[globals]
+db_type=mysql
+db_database={{selfoss_mysql_database}}
+db_username={{selfoss_mysql_username}}
+db_password={{selfoss_mysql_password}}
+db_port=3306
+db_prefix=
+logger_level=DEBUG
+items_perpage=50
+items_lifetime=30
+base_url=
+username={{selfoss_username}}
+password={{selfoss_password_hash}}
+salt=
+public=0
+rss_title=selfoss feed
+rss_max_items=1000
+rss_mark_as_read=0
+homepage=unread
+language=0
+auto_mark_as_read=1
+anonymizer=
+use_system_font=1
+readability=
+share=gtfprde
+allow_public_update_access=0
+unread_order=

site.yml

@@ -20,4 +20,4 @@
     - owncloud
     - vpn
     - tarsnap
-
+    - news

vars/defaults.yml

@@ -63,3 +63,9 @@ webmail_domain: "mail.{{ domain }}"
 prosody_admin: "{{ admin_email }}"
 prosody_virtual_domain: "{{ domain }}"
 # prosody_accounts: (required)
+
+# news
+selfoss_domain: "news.{{ domain }}"
+selfoss_mysql_username: selfoss
+# selfoss_mysql_password: (required)
+selfoss_mysql_database: selfoss

vars/testing.yml

@@ -57,3 +57,10 @@ openvpn_clients:
 prosody_accounts:
   - name: "{{ main_user_name }}"
     password: foo
+
+# selfoss
+selfoss_mysql_password: testPassword
+selfoss_username: "{{ main_user_name }}"
+# this is the sha512 hash of the desired password
+selfoss_password_hash: "f7fbba6e0636f890e56fbbf3283e524c6fa3204ae298382d624741d0dc6638326e282c41be5e4254d8820772c5518a2c5a8c0c7f7eda19594a7eb539453e1ed7"
+# foo

vars/user.yml

@@ -63,3 +63,9 @@ prosody_virtual_domain: "{{ domain }}"
 prosody_accounts:
   - name: "{{ main_user_name }}"
     password: TODO
+
+# selfoss
+selfoss_mysql_password: "TODO"
+selfoss_username: "{{ main_user_name }}"
+# this is the sha512 hash of the desired password
+selfoss_password_hash: "TODO"