diff --git a/bitlair.yaml b/bitlair.yaml index b463ff7..f4ece91 100644 --- a/bitlair.yaml +++ b/bitlair.yaml @@ -47,7 +47,6 @@ - hosts: music roles: - { role: "acme", tags: ["acme"] } - - { role: "go", tags: ["go"] } - { role: "music", tags: ["music"] } - hosts: pad @@ -58,6 +57,7 @@ - hosts: services roles: + - { role: "deb_forgejo", tags: [ "deb_forgejo" ] } - { role: "services", tags: ["services"] } - hosts: wiki diff --git a/group_vars/all.yaml b/group_vars/all.yaml index 39de4c0..0169ce1 100644 --- a/group_vars/all.yaml +++ b/group_vars/all.yaml @@ -37,5 +37,7 @@ debian_repourl: "http://deb.debian.org/debian/" debian_securityurl: "http://security.debian.org/debian-security" deb_forgejo_repos: + - host: git.bitlair.nl + owner: bitlair - host: git.polyfloyd.net owner: polyfloyd diff --git a/group_vars/music.yaml b/group_vars/music.yaml index 8f0cc7c..457597a 100644 --- a/group_vars/music.yaml +++ b/group_vars/music.yaml @@ -11,6 +11,10 @@ root_access: - polyfloyd nginx_client_max_body_size: 512M +nginx_sites: + - server_name: "music.bitlair.nl" + snippets: + - "music-nginx.j2" music_domain: music.bitlair.nl acme_san_domains: diff --git a/music.yaml b/music.yaml index 17666f3..cc04425 100644 --- a/music.yaml +++ b/music.yaml @@ -5,6 +5,5 @@ - { role: "common", tags: [ "common" ] } - { role: "acme", tags: [ "acme" ] } - { role: "deb_forgejo", tags: [ "deb_forgejo" ] } - - { role: "go", tags: [ "go" ] } -# - { role: "nginx", tags: [ "nginx" ] } + - { role: "nginx", tags: [ "nginx" ] } - { role: "music", tags: [ "music" ] } diff --git a/roles/bank/defaults/main.yaml b/roles/bank/defaults/main.yaml index b0fea92..d0a5ca6 100644 --- a/roles/bank/defaults/main.yaml +++ b/roles/bank/defaults/main.yaml @@ -1,3 +1,3 @@ bank_user: bank -bank_revbank_git: https://git.bitlair.nl/bitlair/revbank.git bank_local_tty: no +bank_revbank_version: "10.3.0" diff --git a/roles/bank/tasks/login.yaml b/roles/bank/tasks/login.yaml index 7ed568e..f54bbfd 100644 --- a/roles/bank/tasks/login.yaml +++ b/roles/bank/tasks/login.yaml @@ -4,7 +4,7 @@ name: bank password: $6$idklol$QrOE/21LDR0vhZBAXwgA7AvnmR6Ju4ZqzAzgeazC08i2yw9kyQjgwu.uuV692iL/cyE7AteDYUxCpcorONXom. # "bank" home: /home/{{ bank_user }} - shell: /home/{{ bank_user }}/revbank.git/revbank + shell: /usr/local/share/revbank/revbank update_password: always - name: Allow password auth for bank user @@ -13,7 +13,7 @@ insertafter: EOF validate: "/usr/sbin/sshd -t -f %s" block: |- - Match User bank + Match User {{ bank_user }} PasswordAuthentication yes notify: reload sshd diff --git a/roles/bank/tasks/revbank.yaml b/roles/bank/tasks/revbank.yaml index ec283d1..3b2ec65 100644 --- a/roles/bank/tasks/revbank.yaml +++ b/roles/bank/tasks/revbank.yaml @@ -1,50 +1,22 @@ --- - name: Install dependencies ansible.builtin.apt: - name: [ git, libterm-readline-gnu-perl, libcurses-ui-perl, qrencode ] + name: [ git, libterm-readline-gnu-perl, libcurses-ui-perl ] state: present - name: Clone revbank source ansible.builtin.git: - repo: "{{ bank_revbank_git }}" - version: master - dest: /home/{{ bank_user }}/revbank.git + repo: https://github.com/revspace/revbank.git + version: "v{{ bank_revbank_version }}" + dest: /usr/local/share/revbank accept_hostkey: yes -- name: Create data files - ansible.builtin.command: cp /home/{{ bank_user }}/revbank.git/{{ item }} /home/{{ bank_user }}/{{ item }} - args: - creates: /home/{{ bank_user }}/{{ item }} - with_items: - - revbank.accounts - - revbank.market - - revbank.products - -- name: Ensure data file permissions - ansible.builtin.file: - path: /home/{{ bank_user }}/{{ item }} - state: touch - owner: "{{ bank_user }}" - group: "{{ bank_user }}" - mode: 0644 - with_items: - - revbank.accounts - - revbank.market - - revbank.products - -- name: Link plugins - ansible.builtin.file: - state: link - path: /home/{{ bank_user }}/{{ item }} - src: /home/{{ bank_user }}/revbank.git/{{ item }} - with_items: - - plugins - - revbank.plugins - -- name: Create git data dir - ansible.builtin.file: - path: /home/{{ bank_user }}/data.git - state: directory +- name: Clone revbank-plugin source + ansible.builtin.git: + repo: https://git.bitlair.nl/bitlair/revbank-plugins.git + version: main + dest: /usr/local/share/revbank-plugins + accept_hostkey: yes - name: Install git cronjob ansible.builtin.template: diff --git a/roles/bank/templates/git.cron b/roles/bank/templates/git.cron index b334260..32308cf 100644 --- a/roles/bank/templates/git.cron +++ b/roles/bank/templates/git.cron @@ -1,4 +1,4 @@ SHELL=/bin/bash #m h dom mon dow user command - */10 * * * * {{ bank_user }} (cd /home/{{ bank_user }}/data.git && git pull -r && git push && git gc --auto && cp revbank.products ../revbank.products) + */10 * * * * {{ bank_user }} git -C ~/.revbank pull -r && git -C ~/.revbank push diff --git a/roles/music/defaults/main.yaml b/roles/music/defaults/main.yaml index fa95b47..d08ae0b 100644 --- a/roles/music/defaults/main.yaml +++ b/roles/music/defaults/main.yaml @@ -1,2 +1,8 @@ music_audio_user: audio +music_audio_group: audio +music_librespot_user: librespot +music_trollibox_user: trollibox + +music_pulse_server: /tmp/pipewire-pulse-socket + music_mqtt_mpd_volume: bitlair/music/space/volume diff --git a/roles/music/handlers/main.yaml b/roles/music/handlers/main.yaml index 2d77dbb..d4465ab 100644 --- a/roles/music/handlers/main.yaml +++ b/roles/music/handlers/main.yaml @@ -2,19 +2,25 @@ - ansible.builtin.import_tasks: file: ../../common/handlers/main.yaml -- name: Restart trollibox +- name: restart mpd + ansible.builtin.systemd: + name: mpd + state: restarted + daemon_reload: true + +- name: restart trollibox ansible.builtin.systemd: name: trollibox state: restarted daemon_reload: true -- name: Rebuild librespot +- name: rebuild librespot ansible.builtin.command: - cmd: /root/.cargo/bin/cargo build --release --features jackaudio-backend + cmd: /root/.cargo/bin/cargo build --release --features pulseaudio-backend args: chdir: /opt/librespot -- name: Restart librespot +- name: restart librespot ansible.builtin.systemd: name: librespot state: restarted diff --git a/roles/music/tasks/base.yaml b/roles/music/tasks/base.yaml new file mode 100644 index 0000000..7961b70 --- /dev/null +++ b/roles/music/tasks/base.yaml @@ -0,0 +1,43 @@ +--- +- name: Install pipewire + apt: + name: + - pipewire + - pipewire-jack + - pipewire-pulse + - pulseaudio-utils + - pulsemixer + - wireplumber + state: present + +- name: Add audio group + group: + name: audio + system: true + +- name: Set PULSE_SERVER env var for all shells + copy: + dest: /etc/profile.d/pulse-server.sh + content: |+ + # Ansible managed + export PULSE_SERVER={{ music_pulse_server }} + +- name: Create pipewire-pulse config dir + file: + path: /etc/pipewire/pipewire-pulse.conf.d/ + state: directory + +- name: Configure system socket + ansible.builtin.copy: + dest: /etc/pipewire/pipewire-pulse.conf.d/system-socket.conf + content: |+ + # Ansible managed + context.exec = [ + { path = "/bin/chgrp" args = "{{ music_audio_group }} {{ music_pulse_server }}" } + { path = "/bin/chmod" args = "g+rwx,o-rwx {{ music_pulse_server }}" } + ] + pulse.properties = { + server.address = [ + "unix:{{ music_pulse_server }}" + ] + } diff --git a/roles/music/tasks/librespot.yaml b/roles/music/tasks/librespot.yaml index 2a8d19b..9d062ce 100644 --- a/roles/music/tasks/librespot.yaml +++ b/roles/music/tasks/librespot.yaml @@ -1,8 +1,11 @@ --- -- name: Install dependencies - ansible.builtin.apt: - name: libjack-jackd2-dev - state: present +- name: Create librespot user + user: + name: "{{ music_librespot_user }}" + system: true + home: /var/lib/librespot + groups: + - "{{ music_audio_group }}" - name: Clone librespot source ansible.builtin.git: @@ -11,8 +14,8 @@ dest: /opt/librespot accept_hostkey: yes notify: - - Rebuild librespot - - Restart librespot + - rebuild librespot + - restart librespot - name: Install service file ansible.builtin.template: @@ -21,7 +24,7 @@ owner: root group: root mode: 0644 - notify: Restart librespot + notify: restart librespot - name: Enable Librespot ansible.builtin.systemd: @@ -29,3 +32,5 @@ state: started enabled: true daemon_reload: true + +- meta: flush_handlers diff --git a/roles/music/tasks/main.yaml b/roles/music/tasks/main.yaml index e8a751c..e8105ee 100644 --- a/roles/music/tasks/main.yaml +++ b/roles/music/tasks/main.yaml @@ -1,4 +1,9 @@ --- +- name: Import base + ansible.builtin.import_tasks: + file: base.yaml + tags: + - music_base - name: Import mpd ansible.builtin.import_tasks: @@ -23,12 +28,3 @@ file: soundboard.yaml tags: - music_soundboard - -- name: Install nginx config - ansible.builtin.template: - src: nginx-site.conf - dest: /etc/nginx/sites-enabled/trollibox - owner: root - group: root - mode: 0644 - notify: Reload nginx diff --git a/roles/music/tasks/mpd.yaml b/roles/music/tasks/mpd.yaml index eb88133..ebf2406 100644 --- a/roles/music/tasks/mpd.yaml +++ b/roles/music/tasks/mpd.yaml @@ -1,14 +1,32 @@ --- - - name: Install MPD ansible.builtin.apt: - name: - - jackd - - mpd - - python3-mpd - - python3-serial + name: mpd state: present +- name: Add mpd user to the {{ music_audio_group }} group + user: + name: mpd + groups: + - "{{ music_audio_group }}" + notify: restart mpd + +- name: Install mpd file + ansible.builtin.template: + src: "{{ item.src }}" + dest: "{{ item.dest }}" + owner: root + group: root + mode: 0644 + notify: restart mpd + with_items: + - src: mpd.conf + dest: /etc/mpd.conf + - src: mpd.service + dest: /etc/systemd/system/mpd.service + - src: mpd_state + dest: /var/lib/mpd/state.default + - name: Install mpd-volume-to-mqtt script ansible.builtin.template: src: mpd-volume-to-mqtt.sh @@ -33,27 +51,3 @@ state: started enabled: true daemon_reload: true - -- name: Clone skipbutton source - ansible.builtin.git: - repo: https://github.com/bitlair/skipbutton.git - version: master - dest: /opt/skipbutton - accept_hostkey: yes - notify: Restart skipbutton - -- name: Install skipbutton service - ansible.builtin.template: - src: skipbutton.service - dest: /etc/systemd/system/skipbutton.service - owner: root - group: root - mode: 0644 - notify: Restart skipbutton - -- name: Enable skipbutton - ansible.builtin.systemd: - name: skipbutton - state: started - enabled: true - daemon_reload: true diff --git a/roles/music/tasks/trollibox.yaml b/roles/music/tasks/trollibox.yaml index 0b20b4a..34b3df2 100644 --- a/roles/music/tasks/trollibox.yaml +++ b/roles/music/tasks/trollibox.yaml @@ -1,4 +1,10 @@ --- +- name: Create trollibox user + user: + name: "{{ music_trollibox_user }}" + system: true + home: /var/lib/trollibox + - name: Install Trollibox config ansible.builtin.template: src: trollibox.yaml @@ -6,27 +12,29 @@ owner: root group: root mode: "0644" - notify: Restart trollibox + notify: restart trollibox - name: Get latest Trollibox version from Github API - ansible.builtin.get_url: + uri: url: "https://api.github.com/repos/polyfloyd/trollibox/releases/latest" - dest: "/tmp/_ansible_trollibox_latest_release.json" + return_content: true + register: response + changed_when: false + check_mode: false + failed_when: "response is failed or 'json' not in response" -- name: Get download url - ansible.builtin.shell: - cmd: cat /tmp/_ansible_trollibox_latest_release.json | jq .assets[] | select(.name - | contains("linux-amd64")) | .browser_download_url -r - register: "trollibox_download_url" +- name: Format trollibox latest version + set_fact: + trollibox_version: "{{ response['json']['tag_name'] | trim('v') }}" - name: Download Trollibox ansible.builtin.unarchive: - src: "{{ trollibox_download_url.stdout }}" + src: "https://github.com/polyfloyd/trollibox/releases/download/v{{ trollibox_version }}/trollibox-x86_64-unknown-linux-gnu.tar.gz" remote_src: yes dest: /usr/local/bin include: [ trollibox ] mode: "0755" - notify: Restart trollibox + notify: restart trollibox - name: Install service file ansible.builtin.template: @@ -35,7 +43,7 @@ owner: root group: root mode: "0644" - notify: Restart trollibox + notify: restart trollibox - name: Enable Trollibox ansible.builtin.systemd: diff --git a/roles/music/templates/librespot.service b/roles/music/templates/librespot.service index 8d3b683..e90c3cb 100644 --- a/roles/music/templates/librespot.service +++ b/roles/music/templates/librespot.service @@ -3,16 +3,14 @@ [Unit] Description=Spotify through Librespot After=network.target -Requires=jackd.service [Service] Type=simple Restart=always RestartSec=2s -ExecStart=/opt/librespot/target/release/librespot --name Trollibox --backend jackaudio -User={{ music_audio_user }} -Group={{ music_audio_user }} -AmbientCapabilities=CAP_IPC_LOCK,CAP_SYS_NICE +ExecStart=/opt/librespot/target/release/librespot --name Trollibox --backend pulseaudio --volume-ctrl linear +Environment="PULSE_SERVER={{ music_pulse_server }}" +User={{ music_librespot_user }} [Install] WantedBy=multi-user.target diff --git a/roles/music/templates/mpd-volume-to-mqtt.sh b/roles/music/templates/mpd-volume-to-mqtt.sh index ac3230b..5f89374 100644 --- a/roles/music/templates/mpd-volume-to-mqtt.sh +++ b/roles/music/templates/mpd-volume-to-mqtt.sh @@ -14,7 +14,7 @@ prev_volume=x if [ $event = "mixer" ]; then volume=`mpc volume | sed -nr 's/^volume: ([0-9]+)%$/\1/p'` if [ "$prev_volume" != "$volume" ]; then - mqtt-simple -h {{ mqtt_internal_host }} -p '{{ music_mqtt_mpd_volume }} -r' -m "$volume" + mqtt-simple -h {{ mqtt_internal_host }} -p '{{ music_mqtt_mpd_volume }}' -r -m "$volume" fi prev_volume=$volume fi diff --git a/roles/music/templates/mpd.conf b/roles/music/templates/mpd.conf new file mode 100644 index 0000000..6906e54 --- /dev/null +++ b/roles/music/templates/mpd.conf @@ -0,0 +1,40 @@ +# {{ ansible_managed }} + +user "mpd" +group "{{ music_audio_group }}" + +bind_to_address "any" +port "6600" +max_connections "20" + +zeroconf_enabled "yes" +zeroconf_name "MPD @ %h" + +music_directory "/srv/media/music" +auto_update "yes" +filesystem_charset "UTF-8" + +playlist_directory "/var/lib/mpd/playlists" +db_file "/var/lib/mpd/tag_cache" +state_file "/var/lib/mpd/state" +sticker_file "/var/lib/mpd/sticker.sql" + +input { + plugin "curl" # Required for web streams. +} + +decoder { + plugin "hybrid_dsd" + enabled "no" +} + +decoder { + plugin "wildmidi" + enabled "no" +} + +audio_output { + type "pulse" + name "Pulse" + server "{{ music_pulse_server }}" +} diff --git a/roles/music/templates/mpd.service b/roles/music/templates/mpd.service new file mode 100644 index 0000000..fb9808d --- /dev/null +++ b/roles/music/templates/mpd.service @@ -0,0 +1,21 @@ +# {{ ansible_managed }} + +[Unit] +Description=Music Player Daemon +After=network.target + +[Service] +Type=simple +ExecStartPre=/bin/mkdir -p /run/mpd +ExecStartPre=/bin/chown -R mpd:nogroup /run/mpd +ExecStartPre=/bin/touch /var/log/mpd.log +ExecStartPre=/bin/chown mpd:nogroup /var/log/mpd.log +ExecStartPre=/usr/bin/cp /var/lib/mpd/state.default /var/lib/mpd/state +ExecStart=/usr/bin/mpd --no-daemon /etc/mpd.conf +# MDP will fork itself to the user defined in its config +User=root +LimitMEMLOCK=infinity +LimitRTPRIO=99 + +[Install] +WantedBy=multi-user.target diff --git a/roles/music/templates/mpd_state b/roles/music/templates/mpd_state new file mode 100644 index 0000000..27b059b --- /dev/null +++ b/roles/music/templates/mpd_state @@ -0,0 +1,17 @@ +sw_volume: 20 +audio_device_state:1:Pulse +state: play +current: 0 +time: 0 +random: 0 +repeat: 0 +single: 0 +consume: 0 +crossfade: 0 +mixrampdb: 0.000000 +mixrampdelay: -1.000000 +playlist_begin +song_begin: http://ice4.somafm.com/groovesalad-256-mp3 +Name: SomaFM Groove Salad +song_end +playlist_end diff --git a/roles/music/templates/nginx-site.conf b/roles/music/templates/nginx-site.conf deleted file mode 100644 index 185d689..0000000 --- a/roles/music/templates/nginx-site.conf +++ /dev/null @@ -1,70 +0,0 @@ -# {{ ansible_managed }} - -server { - listen 80 default_server; - listen [::]:80 default_server; - listen 443 ssl default_server; - listen [::]:443 ssl default_server; - - server_name {{ music_domain }}; - - {% if acme_bootstrap_certs %} - include "snippets/snakeoil.conf"; - {% else %} - ssl_certificate "/var/lib/dehydrated/certs/{{ music_domain }}/fullchain.pem"; - ssl_certificate_key "/var/lib/dehydrated/certs/{{ music_domain }}/privkey.pem"; - {% endif %} - - {% for range in trusted_ranges %} - allow {{ range.cidr }}; - {% endfor %} - deny all; - - location / { - rewrite ^/(.*) https://{{ music_domain }}/trollibox/player/space?; - } - - location /trollibox/ { - proxy_pass http://[::1]:3000/; - client_max_body_size 512M; - include proxy_params; - } - - location ~ ^/trollibox/(.+/events)$ { - proxy_pass http://[::1]:3000/$1; - include proxy_params; - proxy_http_version 1.1; - chunked_transfer_encoding off; - add_header X-Test "123"; - proxy_set_header Connection ''; - proxy_buffering off; - proxy_read_timeout 7d; - } - - location ~ ^/trollibox/(.+/listen)$ { - proxy_pass http://[::1]:3000/$1; - include proxy_params; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_read_timeout 7d; - } - - location /bobdsp/ { - proxy_pass http://[::1]:8081/; - include proxy_params; - } - - location /vis/ { - allow all; - proxy_pass http://[::1]:13378/; - include proxy_params; - } - - location = /vis/ { - rewrite ^(.*)$ /vis/index.html; - include proxy_params; - } - - include "snippets/acme.conf"; -} diff --git a/roles/music/templates/skipbutton.service b/roles/music/templates/skipbutton.service deleted file mode 100644 index f2a5d6f..0000000 --- a/roles/music/templates/skipbutton.service +++ /dev/null @@ -1,17 +0,0 @@ -# {{ ansible_managed }} - -[Unit] -Description=MPD Skipbutton -After=network.target -Requires=mpd.service - -[Service] -Type=simple -Restart=always -RestartSec=10s -ExecStart=/opt/skipbutton/skipbutton.py /dev/ttyS0 -DynamicUser=true -Group=dialout - -[Install] -WantedBy=multi-user.target diff --git a/roles/music/templates/trollibox.service b/roles/music/templates/trollibox.service index ddddd2f..66d581d 100644 --- a/roles/music/templates/trollibox.service +++ b/roles/music/templates/trollibox.service @@ -10,8 +10,7 @@ Type=simple Restart=always RestartSec=2s ExecStart=/usr/local/bin/trollibox -conf /etc/trollibox.yaml -User={{ music_audio_user }} -Group={{ music_audio_user }} +User={{ music_trollibox_user }} [Install] WantedBy=multi-user.target diff --git a/roles/services/tasks/discord_bot.yaml b/roles/services/tasks/discord_bot.yaml index 19a659f..3ce4308 100644 --- a/roles/services/tasks/discord_bot.yaml +++ b/roles/services/tasks/discord_bot.yaml @@ -3,30 +3,36 @@ - name: Install dependencies ansible.builtin.apt: name: - - python3-paho-mqtt - - python3-tz + - openscad - virtualenv - name: Create virtualenv ansible.builtin.command: - cmd: virtualenv /opt/miflora_exporter/.venv + cmd: virtualenv /var/lib/discord-bot/.venv args: creates: /var/lib/discord-bot/.venv -- name: Install Python dependencies - ansible.builtin.shell: - cmd: . .venv/bin/activate && pip install -r requirements.txt - args: - chdir: /var/lib/discord-bot +- name: Clone bottleclip source + ansible.builtin.git: + repo: https://git.bitlair.nl/bitlair/bottle-clip.git + version: main + dest: /var/lib/bottle-clip + accept_hostkey: yes + notify: Restart discord-bot -- name: Clone source +- name: Clone discord-bot source ansible.builtin.git: repo: https://git.bitlair.nl/bitlair/discord-bot.git version: main dest: /var/lib/discord-bot accept_hostkey: yes notify: Restart discord-bot - ignore_errors: true + +- name: Install Python dependencies + ansible.builtin.shell: + cmd: . .venv/bin/activate && pip install -r requirements.txt + args: + chdir: /var/lib/discord-bot - name: Install service file ansible.builtin.template: diff --git a/roles/services/tasks/siahsd.yaml b/roles/services/tasks/siahsd.yaml index c7c3b0b..fc7fef5 100644 --- a/roles/services/tasks/siahsd.yaml +++ b/roles/services/tasks/siahsd.yaml @@ -1,16 +1,15 @@ --- -# TODO: Install and build +- name: Install siahsd + apt: + name: siahsd - name: Create directories ansible.builtin.file: - path: "{{ item }}" + path: /var/log/siahsd state: directory owner: siahsd group: nogroup mode: "0750" - with_items: - - /var/log/siahsd - - /var/lib/siahsd - name: Install config file ansible.builtin.template: @@ -21,19 +20,9 @@ mode: "0644" notify: Restart siahsd -- name: Install service file - ansible.builtin.template: - src: siahsd.service - dest: /etc/systemd/system/siahsd.service - owner: root - group: root - mode: "0644" - notify: Restart siahsd - - name: Start siahsd ansible.builtin.systemd: name: siahsd state: started enabled: true daemon_reload: true - diff --git a/roles/services/templates/discord-bot.service b/roles/services/templates/discord-bot.service index 2c73d05..7522fd9 100644 --- a/roles/services/templates/discord-bot.service +++ b/roles/services/templates/discord-bot.service @@ -1,4 +1,4 @@ -# Managed by Ansible +# {{ ansible_managed }} [Unit] Description=HobbyBot @@ -13,6 +13,7 @@ DynamicUser=true Environment="MQTT_HOST={{ mqtt_internal_host }}" Environment="DISCORD_WEBHOOK_URL={{ lookup('passwordstore', 'services/discord', subkey='webhook_url') }}" Environment="DISCORD_TOKEN={{ lookup('passwordstore', 'services/discord', subkey='token') }}" +Environment="BOTTLECLIP_RESOURCES=/var/lib/bottle-clip" [Install] WantedBy=multi-user.target diff --git a/roles/services/templates/siahsd.conf b/roles/services/templates/siahsd.conf index 5d8e94f..ee18220 100644 --- a/roles/services/templates/siahsd.conf +++ b/roles/services/templates/siahsd.conf @@ -1,3 +1,5 @@ +# {{ ansible_managed }} + [siahsd] pid file = /var/lib/siahsd/siahsd.pid log file = /var/log/siahsd/siahsd.log @@ -5,13 +7,6 @@ log level = 3 foreground = 0 event handlers = script -#[database] -#driver = mysql -#host = localhost -#name = siahsd -#username = siahsd -#password = MysbJxAaawmwKPqD - [siahs] port = 4000 @@ -19,21 +14,5 @@ port = 4000 port = 9000 rsa key file = something.sexp -#[jsonbot] -#address = 192.168.88.15 -#port = 5500 -#aes key = blablablablablaz -#password = mekker -#privmsg to = #bitlair - -#[spacestate] -#driver = mysql -#host = localhost -#name = bitwifi -#username = bitwifi -#password = aGWERQpLEQPUaXJV -#open script = /opt/alarm/disarmed.sh -#close script = /opt/alarm/armed.sh - [script] path = /opt/alarm/siahsd_handler.sh diff --git a/roles/services/templates/siahsd.service b/roles/services/templates/siahsd.service deleted file mode 100644 index 479324c..0000000 --- a/roles/services/templates/siahsd.service +++ /dev/null @@ -1,17 +0,0 @@ -# Managed by Ansible - -[Unit] -Description=Siahsd -After=network.target - -[Service] -Type=forking -PIDFile=/var/lib/siahsd/siahsd.pid -Restart=always -RestartSec=10s -ExecStartPre=-/bin/rm /var/lib/siahsd/siahsd.pid -ExecStart=/usr/local/src/siahsd/build/siahsd -User=siahsd - -[Install] -WantedBy=multi-user.target diff --git a/services.yaml b/services.yaml index e66fc11..52103e0 100644 --- a/services.yaml +++ b/services.yaml @@ -3,4 +3,5 @@ - hosts: services roles: - { role: "common", tags: [ "common" ] } + - { role: "deb_forgejo", tags: [ "deb_forgejo" ] } - { role: "services", tags: [ "services" ] } diff --git a/snippets/music-nginx.j2 b/snippets/music-nginx.j2 new file mode 100644 index 0000000..d179b23 --- /dev/null +++ b/snippets/music-nginx.j2 @@ -0,0 +1,49 @@ +{% for range in trusted_ranges %} +allow {{ range.cidr }}; +{% endfor %} +deny all; + +location / { + rewrite ^/(.*) https://{{ music_domain }}/trollibox/player/space?; +} + +location /trollibox/ { + proxy_pass http://[::1]:3000/; + include proxy_params; +} + +location ~ ^/trollibox/(.+/events)$ { + proxy_pass http://[::1]:3000/$1; + include proxy_params; + proxy_http_version 1.1; + chunked_transfer_encoding off; + add_header X-Test "123"; + proxy_set_header Connection ''; + proxy_buffering off; + proxy_read_timeout 7d; +} + +location ~ ^/trollibox/(.+/listen)$ { + proxy_pass http://[::1]:3000/$1; + include proxy_params; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_read_timeout 7d; +} + +location /bobdsp/ { + proxy_pass http://[::1]:8081/; + include proxy_params; +} + +location /vis/ { + allow all; + proxy_pass http://[::1]:13378/; + include proxy_params; +} + +location = /vis/ { + rewrite ^(.*)$ /vis/index.html; + include proxy_params; +}