1
0
Fork 0

Import znc role

This commit is contained in:
Daniele Tricoli 2021-05-31 19:38:56 +02:00
parent e0d81f814b
commit 70aaa24f47
5 changed files with 145 additions and 0 deletions

View File

@ -0,0 +1,14 @@
---
# Needed to make znc create the TLS certificate as znc user.
ansible_shell_allow_world_readable_temp: true
znc_become: true
znc_become_user: root
znc_port: 12345
znc_ipv4: "true"
znc_ipv6: "false"
znc_ssl: "true"
znc_admin_username: admin
znc_admin_password: password
znc_salt: abcdefghijklmnopqrst

View File

@ -0,0 +1,13 @@
---
- name: systemctl daemon-reload
systemd:
daemon_reload: true
become: "{{ znc_become }}"
become_user: "{{ znc_become_user }}"
- name: systemctl start znc
systemd:
name: znc.service
state: started
become: "{{ znc_become }}"
become_user: "{{ znc_become_user }}"

76
roles/znc/tasks/main.yml Normal file
View File

@ -0,0 +1,76 @@
---
- block:
- name: install znc
apt:
name: znc
state: present
update_cache: true
cache_valid_time: 3600
- name: add znc group
group:
name: znc
- name: add znc user
user:
name: znc
group: znc
create_home: true
- name: restrict znc home only to znc user and group
file:
path: /home/znc
state: directory
owner: znc
group: znc
mode: 0750
recurse: true
- name: ensure that the znc config directory exists
file:
path: /home/znc/.znc/configs
state: directory
owner: znc
group: znc
mode: "0750"
- name: check if the znf configuration exists
stat:
path: "/home/znc/.znc/configs/znc.conf"
register: znc_config
- name: set the znc config file
template:
src: templates/znc.conf.j2
dest: "/home/znc/.znc/configs/znc.conf"
owner: znc
group: znc
mode: 0640
when: not znc_config.stat.exists
- name: create the ssl certificate
ansible.builtin.shell:
cmd: znc --makepem
when:
- znc_ssl == "true"
- not znc_config.stat.exists
become_user: znc
- name: install znc systemd unit file
template:
src: etc/systemd/system/znc.service.j2
dest: /etc/systemd/system/znc.service
- name: systemctl daemon-reload
systemd:
daemon_reload: true
- name: ensure znc is running
systemd:
name: znc.service
state: started
enabled: true
become: "{{ znc_become }}"
become_user: "{{ znc_become_user }}"

View File

@ -0,0 +1,15 @@
# {{ ansible_managed }}
[Unit]
Description=znc
After=network-online.target
Wants=network-online.target
[Service]
WorkingDirectory=/home/znc
ExecStart=/usr/bin/znc -f
User=znc
Group=znc
Restart=on-failure
[Install]
WantedBy=multi-user.target

View File

@ -0,0 +1,27 @@
// WARNING
//
// Do NOT edit this file while ZNC is running!
// Use webadmin or *controlpanel instead.
//
// Altering this file by hand will forfeit all support.
//
// But if you feel risky, you might want to read help on /znc saveconfig and /znc rehash.
// Also check https://wiki.znc.in/Configuration
Version = 1.7.2
<Listener l>
Port = {{ znc_port }}
IPv4 = {{ znc_ipv4 }}
IPv6 = {{ znc_ipv6 }}
SSL = {{ znc_ssl }}
</Listener>
<User {{ znc_admin_username }}>
Pass = sha256#{{ [znc_admin_password, znc_salt] | join() | hash('sha256') }}#{{ znc_salt }}#
Admin = true
Nick = {{ znc_admin_username }}
AltNick = {{ znc_admin_username }}_
Ident = {{ znc_admin_username }}
LoadModule = chansaver
LoadModule = controlpanel
</User>