Added soju role.

6 files changed, 126 insertions, 0 deletions

diff --git a/soju/defaults/main.yaml b/soju/defaults/main.yaml
new file mode 100644
index 0000000..f7146e5
--- /dev/null
+++ b/soju/defaults/main.yaml
@@ -0,0 +1,6 @@
+---
+
+soju_user: "soju"
+soju_port: "6697"
+soju_local_port: "16667"
+soju_data_dir: "/var/lib/soju"
diff --git a/soju/handlers/main.yaml b/soju/handlers/main.yaml
new file mode 100644
index 0000000..0f554c6
--- /dev/null
+++ b/soju/handlers/main.yaml
@@ -0,0 +1,9 @@
+---
+
+- name: restart soju
+  become: yes
+  systemd: name="soju.service" state="restarted"
+
+- name: reload nginx
+  become: yes
+  systemd: name="nginx.service" state="reloaded"
diff --git a/soju/tasks/main.yaml b/soju/tasks/main.yaml
new file mode 100644
index 0000000..846b3e3
--- /dev/null
+++ b/soju/tasks/main.yaml
@@ -0,0 +1,94 @@
+---
+
+- name: install soju
+  become: yes
+  apt: name="soju"
+  notify: restart soju
+
+- name: install soju db schema file
+  become: yes
+  template:
+    src: "setup_db.psql.j2"
+    dest: "/tmp/setup_db_soju.psql"
+    owner: "postgres"
+    group: "postgres"
+    mode: "0600"
+
+- name: setup soju db
+  become: yes
+  become_user: "postgres"
+  command: "psql -f /tmp/setup_db_soju.psql"
+  changed_when: false
+
+- name: create soju data dir
+  become: yes
+  file:
+    path: "{{soju_data_dir}}"
+    state: "directory"
+    owner: "{{soju_user}}"
+    group: "{{soju_user}}"
+    mode: "0755"
+
+- name: configure soju
+  become: yes
+  template:
+    src: "config.j2"
+    dest: "/etc/soju/config"
+    mode: "0644"
+  notify: restart soju
+
+- name: enable soju service
+  become: yes
+  systemd: name="soju.service" enabled="yes" state="started"
+
+- name: flush handlers to ensure soju is restarted with latest config
+  meta: flush_handlers
+
+- name: create soju admin user
+  become: yes
+  become_user: "{{soju_user}}"
+  shell: "echo '{{soju_admin_password}}' | sojudb -config /etc/soju/config create-user {{soju_admin_user}} -admin"
+  register: soju_create_user
+  changed_when: soju_create_user.rc == 0
+  failed_when: soju_create_user.rc != 0 and 'duplicate key' not in soju_create_user.stderr
+  no_log: true
+
+- name: create soju networks
+  become: yes
+  become_user: "{{soju_user}}"
+  command: >
+    sojuctl -config /etc/soju/config user run {{soju_admin_user}}
+    network create
+    -addr {{item.addr}}
+    -name {{item.name}}
+    -nick {{item.nick}}
+  loop: "{{soju_networks}}"
+  register: soju_network_create
+  changed_when: soju_network_create.rc == 0
+  failed_when: soju_network_create.rc != 0 and 'already exists' not in soju_network_create.stderr
+  no_log: true
+
+- name: configure soju network sasl
+  become: yes
+  become_user: "{{soju_user}}"
+  command: >
+    sojuctl -config /etc/soju/config user run {{soju_admin_user}}
+    sasl set-plain -network {{item.name}} {{item.sasl_username}} {{item.sasl_password}}
+  loop: "{{soju_networks}}"
+  when: item.sasl_username is defined
+  no_log: true
+
+- name: install nginx stream config
+  become: yes
+  template:
+    src: "nginx-stream.conf.j2"
+    dest: "/etc/nginx/streams-available/soju.conf"
+  notify: reload nginx
+
+- name: enable nginx stream config
+  become: yes
+  file:
+    src: "/etc/nginx/streams-available/soju.conf"
+    dest: "/etc/nginx/streams-enabled/soju.conf"
+    state: "link"
+  notify: reload nginx
diff --git a/soju/templates/config.j2 b/soju/templates/config.j2
new file mode 100644
index 0000000..cc5a858
--- /dev/null
+++ b/soju/templates/config.j2
@@ -0,0 +1,5 @@
+listen irc+insecure://127.0.0.1:{{soju_local_port}}
+listen unix+admin:///run/soju/admin
+hostname {{soju_hostname}}
+db postgres "host=/var/run/postgresql dbname=soju"
+message-store db
diff --git a/soju/templates/nginx-stream.conf.j2 b/soju/templates/nginx-stream.conf.j2
new file mode 100644
index 0000000..2b76f5f
--- /dev/null
+++ b/soju/templates/nginx-stream.conf.j2
@@ -0,0 +1,10 @@
+server {
+    listen {{soju_port}} ssl;
+    listen [::]:{{soju_port}} ssl;
+
+    ssl_certificate {{soju_ssl_cert}};
+    ssl_certificate_key {{soju_ssl_privkey}};
+    ssl_protocols TLSv1.2 TLSv1.3;
+
+    proxy_pass 127.0.0.1:{{soju_local_port}};
+}
diff --git a/soju/templates/setup_db.psql.j2 b/soju/templates/setup_db.psql.j2
new file mode 100644
index 0000000..df75100
--- /dev/null
+++ b/soju/templates/setup_db.psql.j2
@@ -0,0 +1,2 @@
+CREATE USER soju;
+CREATE DATABASE soju WITH OWNER soju;