thomas
/
sovereign


			
				
					
						
						
							1234567891011121314151617181920212223242526272829303132333435363738394041
							- name: Ensure repository key for Prosody is in place
  apt_key: url=https://prosody.im/files/prosody-debian-packages.key state=present
  tags:
    - dependencies

- name: Add Prosody repository
  apt_repository: repo="deb http://packages.prosody.im/debian {{ ansible_distribution_release }} main"
  tags:
    - dependencies

- name: Install Prosody and dependencies from official repository
  apt: pkg={{ item }} update_cache=yes
  with_items:
    - prosody
    - lua-sec
  tags:
    - dependencies

- name: Add prosody user to ssl-cert group
  user: name=prosody group=ssl-cert

- name: Add cert postrenew task
  copy: src=etc_letsencrypt_postrenew_prosody.sh dest=/etc/letsencrypt/postrenew/prosody.sh mode=0755

- name: Create Prosody data directory
  file: state=directory path=/decrypted/prosody owner=prosody group=prosody

- name: Configure Prosody
  template: src=prosody.cfg.lua.j2 dest=/etc/prosody/prosody.cfg.lua group=root owner=root
  notify: restart prosody

- name: Create Prosody accounts
  command: prosodyctl register {{ item.name }} {{ prosody_virtual_domain }} "{{ item.password }}"
  with_items: "{{ prosody_accounts }}"

- name: Set firewall rules for Prosody
  ufw: rule=allow port={{ item }} proto=tcp
  with_items:
    - 5222  # xmpp c2s
    - 5269  # xmpp s2s
  tags: ufw