blob: a320041c88b5170d8e9aa4397f97dd4db44b6e93 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
|
# more or less as per http://wiki.znc.in/Running_ZNC_as_a_system_daemon
- name: Install znc (jessie-backports)
when: (ansible_distribution == "Debian" and ansible_distribution_major_version == "8")
apt: name=znc state=present repo=jessie-backports
- name: Install znc (non-jessie)
when: not (ansible_distribution == "Debian" and ansible_distribution_major_version == "8")
apt: name=znc state=present
- name: Create znc group
group: name=znc state=present
- name: Create znc user
user: name=znc state=present home=/usr/lib/znc system=yes group=znc shell=/usr/sbin/nologin
- name: Ensure pid directory exists
file: state=directory path=/var/run/znc group=znc owner=znc
- name: Ensure configuration folders exist
file: state=directory path=/usr/lib/znc/{{ item }} group=znc owner=znc
with_items:
- moddata
- modules
- users
- name: Copy znc service file into place
copy: src=etc_systemd_system_znc.service dest=/etc/systemd/system/znc.service mode=0644
- name: Create a combined version of the SSL private key and full certificate chain
shell: cat /etc/letsencrypt/live/{{ domain }}/privkey.pem
/etc/letsencrypt/live/{{ domain }}/fullchain.pem >
/usr/lib/znc/znc.pem
creates=/usr/lib/znc/znc.pem
notify: restart znc
- name: Update post-certificate-renewal task
template:
src: etc_letsencrypt_postrenew_znc.sh.j2
dest: /etc/cron.weekly/znc-letsencrypt-postrenew.sh
owner: root
group: root
mode: 0755
- name: Ensure znc user and group can read cert
file: path=/usr/lib/znc/znc.pem group=znc owner=znc mode=0640
notify: restart znc
- name: Check for existing config file
command: cat /usr/lib/znc/configs/znc.conf
register: znc_config
ignore_errors: True
changed_when: False # never report as "changed"
- name: Create znc config directory
file: state=directory path=/usr/lib/znc/configs group=znc owner=znc
- name: Copy znc configuration file into place
template: src=usr_lib_znc_configs_znc.conf.j2 dest=/usr/lib/znc/configs/znc.conf owner=znc group=znc
when: znc_config.rc != 0
notify: restart znc
- name: Ensure znc is a system service
service: name=znc state=restarted enabled=true
|
