Add www role

roles/www/tasks/calendar.yaml

@@ -0,0 +1,24 @@
+---
+- name: Install dependencies
+  apt:
+    name: [ python3-requests, python3-icalendar ]
+
+- name: Clone source
+  git:
+    repo: https://github.com/bitlair/calendar-parser.git
+    version: main
+    dest: /usr/local/src/bitlair-calendar
+    accept_hostkey: yes
+
+- name: Create user
+  user:
+    name: bitlair-calendar
+    home: /var/lib/bitlair-calendar
+
+- name: Install cronjob
+  template:
+    src: calendar.cron
+    dest: /etc/cron.d/bitlair-calendar
+    owner: root
+    group: root
+    mode: 0644

roles/www/tasks/main.yaml

@@ -0,0 +1,12 @@
+---
+- tags: www_calendar
+  import_tasks: calendar.yaml
+
+- tags: www_mediawiki
+  include_tasks: mediawiki.yaml
+
+- tags: www_mqtt
+  include_tasks: mqtt.yaml
+
+- tags: www_spaceapi
+  include_tasks: spaceapi.yaml

roles/www/tasks/mediawiki.yaml

@@ -0,0 +1,21 @@
+---
+- name: Install dependencies
+  apt:
+    name:
+      - php-fpm
+
+- name: Allow HTTP/HTTPS
+  iptables:
+    chain: INPUT
+    protocol: tcp
+    destination_port: "{{ item.port }}"
+    ctstate: NEW
+    jump: ACCEPT
+    ip_version: "{{ item.ip }}"
+    action: insert
+  with_items:
+    - { ip: ipv4, port: 80 }
+    - { ip: ipv4, port: 443 }
+    - { ip: ipv6, port: 80 }
+    - { ip: ipv6, port: 443 }
+  notify: persist iptables

roles/www/tasks/mqtt.yaml

@@ -0,0 +1,45 @@
+---
+- name: Install Mosquitto
+  apt:
+    name: mosquitto
+
+- name: Allow MQTT
+  iptables:
+    chain: INPUT
+    protocol: tcp
+    destination_port: "{{ item.port }}"
+    ctstate: NEW
+    jump: ACCEPT
+    ip_version: "{{ item.ip }}"
+    action: insert
+  with_items:
+    - { ip: ipv4, port: 1883 }
+    - { ip: ipv6, port: 1883 }
+  notify: persist iptables
+
+- name: Install mqtt-simple
+  command: cpan Net::MQTT::Simple
+
+- name: Clone mqtt2web source
+  git:
+    repo: https://github.com/bitlair/mqtt2web.git
+    version: master
+    dest: /opt/mqtt2web
+    accept_hostkey: yes
+  notify: restart mqtt2web
+
+- name: Install mqtt2web service file
+  template:
+    src: mqtt2web.service
+    dest: /etc/systemd/system/mqtt2web.service
+    owner: root
+    group: root
+    mode: 0644
+  notify: restart mqtt2web
+
+- name: Enable mqtt2web
+  systemd:
+    name: mqtt2web
+    state: started
+    enabled: true
+    daemon_reload: true

roles/www/tasks/spaceapi.yaml

@@ -0,0 +1,24 @@
+---
+- name: Clone spaceapi source
+  git:
+    repo: https://github.com/bitlair/spaceapi.git
+    version: master
+    dest: /opt/spaceapi
+    accept_hostkey: yes
+  notify: restart spaceapi
+
+- name: Install spaceapi service file
+  template:
+    src: spaceapi.service
+    dest: /etc/systemd/system/spaceapi.service
+    owner: root
+    group: root
+    mode: 0644
+  notify: restart spaceapi
+
+- name: Enable spaceapi
+  systemd:
+    name: spaceapi
+    state: started
+    enabled: true
+    daemon_reload: true