|
|
|
@ -1,10 +1,10 @@ |
|
|
|
|
--- |
|
|
|
|
- hosts: 127.0.0.1 |
|
|
|
|
connection: local |
|
|
|
|
vars: |
|
|
|
|
ruby_version: 2.7.0 |
|
|
|
|
gem: gem2.7 |
|
|
|
|
bundle: "/opt/greenlight/.gem/ruby/{{ ruby_version }}/bin/bundle" |
|
|
|
|
#vars: |
|
|
|
|
# ruby_version: 2.7.0 |
|
|
|
|
# gem: gem2.7 |
|
|
|
|
# bundle: "/opt/greenlight/.gem/ruby/{{ ruby_version }}/bin/bundle" |
|
|
|
|
tasks: |
|
|
|
|
- name: install prerequisites |
|
|
|
|
apt: |
|
|
|
@ -50,16 +50,16 @@ |
|
|
|
|
apt_repository: |
|
|
|
|
repo: deb https://ubuntu.bigbluebutton.org/bionic-23/ bigbluebutton-bionic main |
|
|
|
|
filename: bigbluebutton |
|
|
|
|
- name: add repo for Brightbox ruby-ng |
|
|
|
|
apt_repository: |
|
|
|
|
repo: ppa:brightbox/ruby-ng |
|
|
|
|
- name: add GPG key for CSC |
|
|
|
|
apt_key: |
|
|
|
|
url: http://debian.csclub.uwaterloo.ca/csclub.asc |
|
|
|
|
- name: add CSC Debian repo |
|
|
|
|
apt_repository: |
|
|
|
|
repo: deb http://debian.csclub.uwaterloo.ca bionic main |
|
|
|
|
filename: csclub |
|
|
|
|
#- name: add repo for Brightbox ruby-ng |
|
|
|
|
# apt_repository: |
|
|
|
|
# repo: ppa:brightbox/ruby-ng |
|
|
|
|
#- name: add GPG key for CSC |
|
|
|
|
# apt_key: |
|
|
|
|
# url: http://debian.csclub.uwaterloo.ca/csclub.asc |
|
|
|
|
#- name: add CSC Debian repo |
|
|
|
|
# apt_repository: |
|
|
|
|
# repo: deb http://debian.csclub.uwaterloo.ca bionic main |
|
|
|
|
# filename: csclub |
|
|
|
|
- name: update apt cache |
|
|
|
|
apt: |
|
|
|
|
update_cache: true |
|
|
|
@ -70,7 +70,7 @@ |
|
|
|
|
- nodejs |
|
|
|
|
- bigbluebutton |
|
|
|
|
- bbb-html5 |
|
|
|
|
- greenlight |
|
|
|
|
#- greenlight |
|
|
|
|
- name: set BBB hostname |
|
|
|
|
# We should only need to do this once. Make sure to remove |
|
|
|
|
# /tmp/bbb-setip-done if the FQDN changes for whatever reason. |
|
|
|
@ -211,67 +211,67 @@ |
|
|
|
|
loop: |
|
|
|
|
- 'rtp' |
|
|
|
|
- 'sip' |
|
|
|
|
- name: install bundler for greenlight |
|
|
|
|
become: yes |
|
|
|
|
become_user: greenlight |
|
|
|
|
command: '{{ gem }} install --user-install bundler' |
|
|
|
|
args: |
|
|
|
|
creates: '{{ bundle }}' |
|
|
|
|
#- name: install bundler for greenlight |
|
|
|
|
# become: yes |
|
|
|
|
# become_user: greenlight |
|
|
|
|
# command: '{{ gem }} install --user-install bundler' |
|
|
|
|
# args: |
|
|
|
|
# creates: '{{ bundle }}' |
|
|
|
|
- name: configure NGINX to route to Greenlight |
|
|
|
|
copy: |
|
|
|
|
src: /opt/greenlight/greenlight.nginx |
|
|
|
|
src: ./greenlight.nginx |
|
|
|
|
dest: /etc/bigbluebutton/nginx/greenlight.nginx |
|
|
|
|
- name: create secret key for Rails |
|
|
|
|
become: yes |
|
|
|
|
become_user: greenlight |
|
|
|
|
shell: '{{ bundle }} exec rake secret | tee /opt/greenlight/rake_secret' |
|
|
|
|
args: |
|
|
|
|
creates: /opt/greenlight/rake_secret |
|
|
|
|
- name: assert rake secret was created |
|
|
|
|
assert: |
|
|
|
|
that: |
|
|
|
|
- lookup('file', '/opt/greenlight/rake_secret') != '' |
|
|
|
|
- name: obtain BBB API secret |
|
|
|
|
shell: "bbb-conf --secret | grep -oP 'Secret: \\K[[:alnum:]]+'" |
|
|
|
|
register: api_secret |
|
|
|
|
- name: create .env file for greenlight |
|
|
|
|
copy: |
|
|
|
|
src: /opt/greenlight/sample.env |
|
|
|
|
dest: /opt/greenlight/.env |
|
|
|
|
force: no |
|
|
|
|
owner: greenlight |
|
|
|
|
group: greenlight |
|
|
|
|
- name: update .env file for greenlight |
|
|
|
|
replace: |
|
|
|
|
path: /opt/greenlight/.env |
|
|
|
|
regexp: '^{{ item.key }}=.*$' |
|
|
|
|
replace: '{{ item.key }}={{ item.value }}' |
|
|
|
|
with_dict: |
|
|
|
|
SECRET_KEY_BASE: "{{ lookup('file', '/opt/greenlight/rake_secret') }}" |
|
|
|
|
BIGBLUEBUTTON_ENDPOINT: 'https://{{ ansible_fqdn }}/bigbluebutton/' |
|
|
|
|
BIGBLUEBUTTON_SECRET: '{{ api_secret.stdout }}' |
|
|
|
|
SAFE_HOSTS: '{{ ansible_fqdn }}' |
|
|
|
|
LDAP_SERVER: auth1.csclub.uwaterloo.ca |
|
|
|
|
LDAP_PORT: '636' |
|
|
|
|
LDAP_METHOD: 'ssl' |
|
|
|
|
LDAP_UID: 'uid' |
|
|
|
|
LDAP_BASE: 'dc=csclub,dc=uwaterloo,dc=ca' |
|
|
|
|
LDAP_AUTH: 'user' |
|
|
|
|
# make sure to create a role in Greenlight called "sysadmin" |
|
|
|
|
LDAP_ROLE_FIELD: 'position' |
|
|
|
|
ALLOW_GREENLIGHT_ACCOUNTS: 'false' |
|
|
|
|
DEFAULT_REGISTRATION: open |
|
|
|
|
ROOM_FEATURES: 'mute-on-join,require-moderator-approval' |
|
|
|
|
DB_ADAPTER: postgresql |
|
|
|
|
DB_HOST: coffee.csclub.uwaterloo.ca |
|
|
|
|
DB_PORT: 5432 |
|
|
|
|
DB_NAME: greenlight |
|
|
|
|
DB_USERNAME: greenlight |
|
|
|
|
- name: reminder for DB credentials |
|
|
|
|
debug: |
|
|
|
|
msg: >- |
|
|
|
|
Make sure to create a database and user for greenlight and |
|
|
|
|
update /opt/greenlight/.env with the Postgres credentials. |
|
|
|
|
#- name: create secret key for Rails |
|
|
|
|
# become: yes |
|
|
|
|
# become_user: greenlight |
|
|
|
|
# shell: '{{ bundle }} exec rake secret | tee /opt/greenlight/rake_secret' |
|
|
|
|
# args: |
|
|
|
|
# creates: /opt/greenlight/rake_secret |
|
|
|
|
#- name: assert rake secret was created |
|
|
|
|
# assert: |
|
|
|
|
# that: |
|
|
|
|
# - lookup('file', '/opt/greenlight/rake_secret') != '' |
|
|
|
|
#- name: obtain BBB API secret |
|
|
|
|
# shell: "bbb-conf --secret | grep -oP 'Secret: \\K[[:alnum:]]+'" |
|
|
|
|
# register: api_secret |
|
|
|
|
#- name: create .env file for greenlight |
|
|
|
|
# copy: |
|
|
|
|
# src: /opt/greenlight/sample.env |
|
|
|
|
# dest: /opt/greenlight/.env |
|
|
|
|
# force: no |
|
|
|
|
# owner: greenlight |
|
|
|
|
# group: greenlight |
|
|
|
|
#- name: update .env file for greenlight |
|
|
|
|
# replace: |
|
|
|
|
# path: /opt/greenlight/.env |
|
|
|
|
# regexp: '^{{ item.key }}=.*$' |
|
|
|
|
# replace: '{{ item.key }}={{ item.value }}' |
|
|
|
|
# with_dict: |
|
|
|
|
# SECRET_KEY_BASE: "{{ lookup('file', '/opt/greenlight/rake_secret') }}" |
|
|
|
|
# BIGBLUEBUTTON_ENDPOINT: 'https://{{ ansible_fqdn }}/bigbluebutton/' |
|
|
|
|
# BIGBLUEBUTTON_SECRET: '{{ api_secret.stdout }}' |
|
|
|
|
# SAFE_HOSTS: '{{ ansible_fqdn }}' |
|
|
|
|
# LDAP_SERVER: auth1.csclub.uwaterloo.ca |
|
|
|
|
# LDAP_PORT: '636' |
|
|
|
|
# LDAP_METHOD: 'ssl' |
|
|
|
|
# LDAP_UID: 'uid' |
|
|
|
|
# LDAP_BASE: 'dc=csclub,dc=uwaterloo,dc=ca' |
|
|
|
|
# LDAP_AUTH: 'user' |
|
|
|
|
# # make sure to create a role in Greenlight called "sysadmin" |
|
|
|
|
# LDAP_ROLE_FIELD: 'position' |
|
|
|
|
# ALLOW_GREENLIGHT_ACCOUNTS: 'false' |
|
|
|
|
# DEFAULT_REGISTRATION: open |
|
|
|
|
# ROOM_FEATURES: 'mute-on-join,require-moderator-approval' |
|
|
|
|
# DB_ADAPTER: postgresql |
|
|
|
|
# DB_HOST: coffee.csclub.uwaterloo.ca |
|
|
|
|
# DB_PORT: 5432 |
|
|
|
|
# DB_NAME: greenlight |
|
|
|
|
# DB_USERNAME: greenlight |
|
|
|
|
#- name: reminder for DB credentials |
|
|
|
|
# debug: |
|
|
|
|
# msg: >- |
|
|
|
|
# Make sure to create a database and user for greenlight and |
|
|
|
|
# update /opt/greenlight/.env with the Postgres credentials. |
|
|
|
|
|
|
|
|
|
handlers: |
|
|
|
|
- name: reload systemd |
|
|
|
|