From c53cfeda1223f6adc978be4f1bd0f381a0cc5b81 Mon Sep 17 00:00:00 2001 From: Antoine Ouvrard Date: Fri, 30 Apr 2021 19:46:14 +0200 Subject: [PATCH] lint --- playbook_staging.yml | 4 ++-- roles/bbb-disable-test-echo/handlers/main.yml | 3 +++ roles/bbb-disable-test-echo/tasks/main.yml | 9 +++----- roles/bbb-enable-ldap-LE/handlers/main.yml | 3 +++ roles/bbb-enable-ldap-LE/tasks/main.yml | 7 ++----- roles/bbb-enable-metrics/handlers/main.yml | 1 - roles/bbb-enable-metrics/tasks/main.yml | 10 ++++----- roles/bbb-enable-sip/handlers/main.yml | 2 ++ roles/bbb-enable-sip/tasks/main.yml | 21 +++++++++---------- roles/bbb-pre-install/tasks/main.yml | 3 ++- roles/bbb-set-hostname/handlers/main.yml | 2 +- roles/bbb-set-hostname/tasks/main.yml | 13 ++++++------ .../tasks/install-chromedriver.yml | 3 ++- .../tasks/install-googlechrome.yml | 2 ++ roles/jibri-install/tasks/install-jibri.yml | 7 ++++--- .../handlers/main.yml | 2 +- .../tasks/main.yml | 8 +++---- roles/jitsi-enable-jibri/handlers/main.yml | 2 +- roles/jitsi-enable-jibri/tasks/main.yml | 12 ++++++++--- roles/jitsi-enable-metrics/handlers/main.yml | 1 - roles/jitsi-enable-metrics/tasks/main.yml | 4 ++-- .../jitsi-enable-multidomain/tasks/jitsi.yml | 2 +- roles/jitsi-enable-multidomain/tasks/main.yml | 2 +- .../jitsi-enable-multidomain/tasks/nginx.yml | 5 +++-- roles/jitsi-enable-multidomain/tasks/ssl.yml | 8 +++---- .../handlers/main.yml | 2 +- .../jitsi-enable-specific-imio/tasks/main.yml | 7 ++++--- .../tasks/main.yml | 2 +- roles/jitsi-install/tasks/main.yml | 5 +++-- roles/jitsi-pre-install/tasks/main.yml | 20 +++++++++--------- 30 files changed, 92 insertions(+), 80 deletions(-) create mode 100644 roles/bbb-disable-test-echo/handlers/main.yml create mode 100644 roles/bbb-enable-ldap-LE/handlers/main.yml diff --git a/playbook_staging.yml b/playbook_staging.yml index 9fcb467..b182aca 100644 --- a/playbook_staging.yml +++ b/playbook_staging.yml @@ -1,4 +1,4 @@ -#Roles possible: cf dossier roles +# Roles possible: cf dossier roles --- - hosts: jitsi2.komuniki.fr roles: @@ -16,4 +16,4 @@ roles: - role: jibri-install tags: - - jibri2 \ No newline at end of file + - jibri2 diff --git a/roles/bbb-disable-test-echo/handlers/main.yml b/roles/bbb-disable-test-echo/handlers/main.yml new file mode 100644 index 0000000..e70d140 --- /dev/null +++ b/roles/bbb-disable-test-echo/handlers/main.yml @@ -0,0 +1,3 @@ +--- +- name: restart bbb + command: bbb-conf --restart diff --git a/roles/bbb-disable-test-echo/tasks/main.yml b/roles/bbb-disable-test-echo/tasks/main.yml index 12ba9f4..ccd31ac 100644 --- a/roles/bbb-disable-test-echo/tasks/main.yml +++ b/roles/bbb-disable-test-echo/tasks/main.yml @@ -1,11 +1,8 @@ --- -- name: Désactivation du test d'écho effectué lors de l'accès à la room +- name: Désactivation du test d'écho effectué lors de l'accès à la room lineinfile: path: /usr/share/meteor/bundle/programs/server/assets/app/config/settings.yml regexp: ' skipCheck: false' line: ' skipCheck: true' - register: result - -- name: On redémarre bbb que si le fichier ci dessus a été modifié - shell: "bbb-conf --restart" - when: result is changed \ No newline at end of file + notify: + - restart bbb diff --git a/roles/bbb-enable-ldap-LE/handlers/main.yml b/roles/bbb-enable-ldap-LE/handlers/main.yml new file mode 100644 index 0000000..53c613a --- /dev/null +++ b/roles/bbb-enable-ldap-LE/handlers/main.yml @@ -0,0 +1,3 @@ +--- +- name: restart greenlight + shell: "cd /root/greenlight; docker-compose down; docker-compose up -d" diff --git a/roles/bbb-enable-ldap-LE/tasks/main.yml b/roles/bbb-enable-ldap-LE/tasks/main.yml index 85e251a..b4a2ea3 100644 --- a/roles/bbb-enable-ldap-LE/tasks/main.yml +++ b/roles/bbb-enable-ldap-LE/tasks/main.yml @@ -30,8 +30,5 @@ path: "/root/greenlight/.env" regexp: "LDAP_BASE=" line: "LDAP_BASE=o=libre-entreprise" - register: result - -- name: redémarrage de greenlight - shell: "cd /root/greenlight; docker-compose down; docker-compose up -d" - when: result is changed \ No newline at end of file + notify: + - restart greenlight diff --git a/roles/bbb-enable-metrics/handlers/main.yml b/roles/bbb-enable-metrics/handlers/main.yml index 389c440..68b513a 100644 --- a/roles/bbb-enable-metrics/handlers/main.yml +++ b/roles/bbb-enable-metrics/handlers/main.yml @@ -5,4 +5,3 @@ state: restarted daemon_reload: true enabled: true - diff --git a/roles/bbb-enable-metrics/tasks/main.yml b/roles/bbb-enable-metrics/tasks/main.yml index b747d3b..5a59ff7 100644 --- a/roles/bbb-enable-metrics/tasks/main.yml +++ b/roles/bbb-enable-metrics/tasks/main.yml @@ -16,7 +16,7 @@ - name: Application de la conf général de Telegraf template: - src: ../templates/telegraf-general.conf.j2 + src: telegraf-general.conf.j2 dest: /etc/telegraf/telegraf.conf mode: u=rw,g=r,o=r notify: @@ -24,14 +24,14 @@ ## Instalation des metrics BBB - name: Ajout du script python qui met en forme les metrics BBB - template: - src: ../files/bbb-telegraf.py + file: + src: bbb-telegraf.py dest: /opt/ mode: u=rwx,g=rx,o=rx - name: Application de la conf BBB pour Telegraf - template: - src: ../files/telegraf-input-bbb.conf + file: + src: telegraf-input-bbb.conf dest: /etc/telegraf/telegraf.d/jitsi.conf mode: u=rw,g=r,o=r notify: diff --git a/roles/bbb-enable-sip/handlers/main.yml b/roles/bbb-enable-sip/handlers/main.yml index 254cf59..4ccb1d0 100644 --- a/roles/bbb-enable-sip/handlers/main.yml +++ b/roles/bbb-enable-sip/handlers/main.yml @@ -6,3 +6,5 @@ daemon_reload: true enabled: true +- name: restart bigbluebutton + command: bbb-conf --restart diff --git a/roles/bbb-enable-sip/tasks/main.yml b/roles/bbb-enable-sip/tasks/main.yml index 9ddecd4..d7788e0 100644 --- a/roles/bbb-enable-sip/tasks/main.yml +++ b/roles/bbb-enable-sip/tasks/main.yml @@ -1,7 +1,7 @@ --- - name: Application de la conf général SIP template: - src: ../templates/sip-profiles.xml.j2 + src: sip-profiles.xml.j2 dest: /opt/freeswitch/conf/sip_profiles/external/sip.xml mode: u=rw,g=r,o=r owner: freeswitch @@ -10,8 +10,8 @@ - restart freeswitch - name: Application de la conf SIP - template: - src: ../files/bbb_sip_ovh.xml + file: + src: bbb_sip_ovh.xml dest: /opt/freeswitch/conf/dialplan/public/bbb_sip_ovh.xml mode: u=rw,g=r,o=r owner: freeswitch @@ -29,12 +29,11 @@ lineinfile: path: /usr/share/bbb-web/WEB-INF/classes/bigbluebutton.properties regexp: "defaultWelcomeMessageFooter=" - line: "defaultWelcomeMessageFooter=Pour rejoindre la conférence par téléphone, appeler au numéro :
%%DIALNUM%%
puis saisir le code :
%%CONFNUM%%" - register: welcomeMessage - -- name: On redémarre bbb que si le fichier ci dessus a été modifié - shell: "bbb-conf --restart" - when: welcomeMessage is changed + line: + "defaultWelcomeMessageFooter=Pour rejoindre la conférence par téléphone, + appeler au numéro :
%%DIALNUM%%
puis saisir le code :
%%CONFNUM%%" + notify: + - restart bigbluebutton - name: Changement du message d'accueil audio copy: @@ -43,9 +42,9 @@ owner: freeswitch group: daemon mode: u=rw,g=r,o=r - backup: yes + backup: true loop: - 8000 - 16000 - 32000 - - 48000 \ No newline at end of file + - 48000 diff --git a/roles/bbb-pre-install/tasks/main.yml b/roles/bbb-pre-install/tasks/main.yml index e6e865a..5916535 100644 --- a/roles/bbb-pre-install/tasks/main.yml +++ b/roles/bbb-pre-install/tasks/main.yml @@ -1,5 +1,6 @@ --- - name: Ajoute un script qui permet d'importer la conf d'un autre BBB copy: - src: ../files/import-conf-bbb.sh + src: import-conf-bbb.sh dest: /root/ + mode: 0700 diff --git a/roles/bbb-set-hostname/handlers/main.yml b/roles/bbb-set-hostname/handlers/main.yml index a7e57e5..4e0a6ca 100644 --- a/roles/bbb-set-hostname/handlers/main.yml +++ b/roles/bbb-set-hostname/handlers/main.yml @@ -2,4 +2,4 @@ - name: reload nginx systemd: name: nginx - state: reloaded \ No newline at end of file + state: reloaded diff --git a/roles/bbb-set-hostname/tasks/main.yml b/roles/bbb-set-hostname/tasks/main.yml index b0a7872..4cdef9d 100644 --- a/roles/bbb-set-hostname/tasks/main.yml +++ b/roles/bbb-set-hostname/tasks/main.yml @@ -1,12 +1,11 @@ --- # Set du hostname BBB # Prérequis : le DNS doit être positionné sur le nouveau nom de domaine - - name: vérification de la présence du hostname dans les variables fail: msg: | la variable `bbbHostname` est obligatoire pour - utiliser le role bbb-set-hostname. + utiliser le role bbb-set-hostname. Veuillez la rajouter dans l'inventaire when: - bbbHostname is not defined @@ -16,10 +15,10 @@ fetch: src: /usr/share/bbb-web/WEB-INF/classes/bigbluebutton.properties dest: /tmp/ - flat: yes + flat: true -- name : Récup du hostname actuellement configuré - set_fact: +- name: Récup du hostname actuellement configuré + set_fact: oldHostname: "{{ lookup('ini', 'bigbluebutton.web.serverURL type=properties file=/tmp/bigbluebutton.properties') | urlsplit('hostname') }}" - name: execution de la commande bigbluebutton qui set le nouveau nom de domaine @@ -45,7 +44,7 @@ - name: Active la conf nginx nécessaire pour créer un certificat Let's Encrypt template: - src: ../templates/nginxSSLcheck.conf + src: nginxSSLcheck.conf dest: /etc/nginx/sites-enabled/ mode: '0644' when: not ssl_file.stat.exists @@ -71,4 +70,4 @@ path: /etc/nginx/sites-enabled/bigbluebutton regexp: '(.*){{ oldHostname }}(.*)' replace: '\1{{ bbbHostname }}\2' - notify: reload nginx \ No newline at end of file + notify: reload nginx diff --git a/roles/jibri-install/tasks/install-chromedriver.yml b/roles/jibri-install/tasks/install-chromedriver.yml index 80c80ea..eb47cde 100644 --- a/roles/jibri-install/tasks/install-chromedriver.yml +++ b/roles/jibri-install/tasks/install-chromedriver.yml @@ -17,9 +17,10 @@ file: state: directory path: /usr/local/bin/ + mode: 0644 - name: "télécharge de chromedriver pour la version {{ _latest_release.content }}" unarchive: src: "http://chromedriver.storage.googleapis.com/{{ _latest_release.content }}/chromedriver_linux64.zip" dest: /usr/local/bin mode: "755" - remote_src: true \ No newline at end of file + remote_src: true diff --git a/roles/jibri-install/tasks/install-googlechrome.yml b/roles/jibri-install/tasks/install-googlechrome.yml index c2be7c6..5893d24 100644 --- a/roles/jibri-install/tasks/install-googlechrome.yml +++ b/roles/jibri-install/tasks/install-googlechrome.yml @@ -22,8 +22,10 @@ file: state: directory path: /etc/opt/chrome/policies/managed + mode: 0644 - name: CommandLineFlagSecurityWarningsEnabled copy: dest: /etc/opt/chrome/policies/managed/managed_policies.json + mode: 0755 content: | { "CommandLineFlagSecurityWarningsEnabled": false } diff --git a/roles/jibri-install/tasks/install-jibri.yml b/roles/jibri-install/tasks/install-jibri.yml index c4e4925..1a9b591 100644 --- a/roles/jibri-install/tasks/install-jibri.yml +++ b/roles/jibri-install/tasks/install-jibri.yml @@ -28,8 +28,9 @@ - name: configure jibri template: - src: ../templates/jibri.conf + src: jibri.conf dest: /etc/jitsi/jibri/jibri.conf + mode: 0755 notify: restart jibri - name: configure xorg @@ -43,7 +44,7 @@ - name: configure les cookies (fichier) copy: - src: ../files/chrome-extension-cookie + src: chrome-extension-cookie dest: /opt/ mode: '644' directory_mode: '755' @@ -53,7 +54,7 @@ - name: configure les cookies (template) template: - src: ../templates/chrome-extension-background.js.j2 + src: chrome-extension-background.js.j2 dest: /opt/chrome-extension-cookie/background.js mode: '644' when: diff --git a/roles/jitsi-enable-external-coturn/handlers/main.yml b/roles/jitsi-enable-external-coturn/handlers/main.yml index 8c25b12..a51e425 100644 --- a/roles/jitsi-enable-external-coturn/handlers/main.yml +++ b/roles/jitsi-enable-external-coturn/handlers/main.yml @@ -4,4 +4,4 @@ name: prosody state: restarted daemon_reload: true - enabled: true \ No newline at end of file + enabled: true diff --git a/roles/jitsi-enable-external-coturn/tasks/main.yml b/roles/jitsi-enable-external-coturn/tasks/main.yml index 2ea64b2..4997a72 100644 --- a/roles/jitsi-enable-external-coturn/tasks/main.yml +++ b/roles/jitsi-enable-external-coturn/tasks/main.yml @@ -16,11 +16,11 @@ regexp: '{{ item[0] }}' replace: '{{ item[1] }}' loop: - - ['host = "{{ inventory_hostname }}"','host = "{{ coturn_hostname }}"'] - - ['-- https_ports = { };','https_ports = { };'] + - ['host = "{{ inventory_hostname }}"', 'host = "{{ coturn_hostname }}"'] + - ['-- https_ports = { };', 'https_ports = { };'] - ['^external_service_secret =', '-- external_service_secret ='] - - ['port = 3478','port = 443'] - - ['port = 5349','port = 443'] + - ['port = 3478', 'port = 443'] + - ['port = 5349', 'port = 443'] notify: restart prosody - name: indique a jitsi les règles d'échange des credentials pour le coturn externe diff --git a/roles/jitsi-enable-jibri/handlers/main.yml b/roles/jitsi-enable-jibri/handlers/main.yml index 015a20f..915298c 100644 --- a/roles/jitsi-enable-jibri/handlers/main.yml +++ b/roles/jitsi-enable-jibri/handlers/main.yml @@ -15,4 +15,4 @@ systemd: name: jicofo state: restarted - enabled: true \ No newline at end of file + enabled: true diff --git a/roles/jitsi-enable-jibri/tasks/main.yml b/roles/jitsi-enable-jibri/tasks/main.yml index 529aaf2..3d0ff9a 100644 --- a/roles/jitsi-enable-jibri/tasks/main.yml +++ b/roles/jitsi-enable-jibri/tasks/main.yml @@ -21,10 +21,16 @@ - name: utilisateur jibri pour prosody (auth) command: prosodyctl register {{ item.user }} auth.{{ inventory_hostname }} {{ item.password }} + args: + # Prosody remplace les points par des '%2e' dans le chemin du fichier + creates: /var/lib/prosody/{{ 'auth%2e'+inventory_hostname | replace('.', '%2e') }}/accounts/{{ item.user }}.dat loop: "{{ jibri_users }}" - name: utilisateur jibri pour prosody (recorder) command: prosodyctl register {{ item.user }}-record recorder.{{ inventory_hostname }} {{ item.password }} + args: + # Prosody remplace les points par des '%2e' dans le chemin du fichier + creates: /var/lib/prosody/{{ 'auth%2e'+inventory_hostname | replace('.', '%2e') }}/accounts/{{ item.user }}.dat loop: "{{ jibri_users }}" - name: authentification jicofo @@ -39,14 +45,14 @@ - restart jitsi-videobridge2 - restart jicofo -- name: livestreaming +- name: livestreaming lineinfile: path: /etc/jitsi/meet/{{ inventory_hostname }}-config.js insertafter: "[^?]// liveStreamingEnabled:" line: "liveStreamingEnabled: true," -- name: hidden domain +- name: hidden domain lineinfile: path: /etc/jitsi/meet/{{ inventory_hostname }}-config.js insertbefore: "[^?]// List of undocumented" - line: "hiddenDomain: 'recorder.{{ inventory_hostname}}'," \ No newline at end of file + line: "hiddenDomain: 'recorder.{{ inventory_hostname }}'," diff --git a/roles/jitsi-enable-metrics/handlers/main.yml b/roles/jitsi-enable-metrics/handlers/main.yml index 389c440..68b513a 100644 --- a/roles/jitsi-enable-metrics/handlers/main.yml +++ b/roles/jitsi-enable-metrics/handlers/main.yml @@ -5,4 +5,3 @@ state: restarted daemon_reload: true enabled: true - diff --git a/roles/jitsi-enable-metrics/tasks/main.yml b/roles/jitsi-enable-metrics/tasks/main.yml index 521b3e2..ed49c97 100644 --- a/roles/jitsi-enable-metrics/tasks/main.yml +++ b/roles/jitsi-enable-metrics/tasks/main.yml @@ -40,7 +40,7 @@ - name: Application de la conf Jitsi pour Telegraf template: - src: ../templates/telegraf-input-jitsi.conf + src: telegraf-input-jitsi.conf dest: /etc/telegraf/telegraf.d/jitsi.conf mode: u=rw,g=r,o=r notify: @@ -48,7 +48,7 @@ - name: Application de la conf Telegraf template: - src: ../templates/telegraf-general.conf.j2 + src: telegraf-general.conf.j2 dest: /etc/telegraf/telegraf.conf mode: u=rw,g=r,o=r notify: diff --git a/roles/jitsi-enable-multidomain/tasks/jitsi.yml b/roles/jitsi-enable-multidomain/tasks/jitsi.yml index 2646dcd..a3279aa 100644 --- a/roles/jitsi-enable-multidomain/tasks/jitsi.yml +++ b/roles/jitsi-enable-multidomain/tasks/jitsi.yml @@ -6,4 +6,4 @@ replace: '/http-bind' notify: - restart jitsi-videobridge2 - - restart nginx \ No newline at end of file + - restart nginx diff --git a/roles/jitsi-enable-multidomain/tasks/main.yml b/roles/jitsi-enable-multidomain/tasks/main.yml index c873437..5bbebdd 100644 --- a/roles/jitsi-enable-multidomain/tasks/main.yml +++ b/roles/jitsi-enable-multidomain/tasks/main.yml @@ -4,4 +4,4 @@ loop_control: loop_var: hostname - include_tasks: ssl.yml -- include_tasks: jitsi.yml \ No newline at end of file +- include_tasks: jitsi.yml diff --git a/roles/jitsi-enable-multidomain/tasks/nginx.yml b/roles/jitsi-enable-multidomain/tasks/nginx.yml index 8a3b6b9..f3fd694 100644 --- a/roles/jitsi-enable-multidomain/tasks/nginx.yml +++ b/roles/jitsi-enable-multidomain/tasks/nginx.yml @@ -8,7 +8,8 @@ copy: src: /etc/nginx/sites-available/{{ inventory_hostname }}.conf dest: /etc/nginx/sites-available/{{ hostname }}.conf - remote_src: yes + remote_src: true + mode: 0644 when: not nginx_file.stat.exists - name: Conf Jitsi MultiDomain - Change le ServerName des conf nginx @@ -36,4 +37,4 @@ state: link notify: - restart jitsi-videobridge2 - - restart nginx \ No newline at end of file + - restart nginx diff --git a/roles/jitsi-enable-multidomain/tasks/ssl.yml b/roles/jitsi-enable-multidomain/tasks/ssl.yml index f9b8d28..09a8711 100644 --- a/roles/jitsi-enable-multidomain/tasks/ssl.yml +++ b/roles/jitsi-enable-multidomain/tasks/ssl.yml @@ -9,7 +9,7 @@ src: /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh dest: /usr/share/jitsi-meet/scripts/install-letsencrypt-cert-with-param.sh mode: u+x - remote_src: yes + remote_src: true when: not ssl_file.stat.exists - name: Conf SSL MultiDomain - rend le nom de domaine paramétrable dans le script certbot de jitsi @@ -19,9 +19,9 @@ replace: "DOMAIN=$1" - name: Conf SSL MultiDomain - Exécution du script lets encrypt - shell: - cmd: "/usr/share/jitsi-meet/scripts/install-letsencrypt-cert-with-param.sh {{ item }}" - creates: /etc/letsencrypt/live/{{ item }}/fullchain.pem # Execute le script que si ce fichier n'existe pas + command: "/usr/share/jitsi-meet/scripts/install-letsencrypt-cert-with-param.sh {{ item }}" + args: + creates: /etc/letsencrypt/live/{{ item }}/fullchain.pem # Execute le script que si ce fichier n'existe pas loop: "{{ jitsi_multidomain_domain }}" - name: Conf Jitsi MultiDomain - Change le ServerName des conf nginx diff --git a/roles/jitsi-enable-specific-imio/handlers/main.yml b/roles/jitsi-enable-specific-imio/handlers/main.yml index a7e57e5..4e0a6ca 100644 --- a/roles/jitsi-enable-specific-imio/handlers/main.yml +++ b/roles/jitsi-enable-specific-imio/handlers/main.yml @@ -2,4 +2,4 @@ - name: reload nginx systemd: name: nginx - state: reloaded \ No newline at end of file + state: reloaded diff --git a/roles/jitsi-enable-specific-imio/tasks/main.yml b/roles/jitsi-enable-specific-imio/tasks/main.yml index 981a477..5866eeb 100644 --- a/roles/jitsi-enable-specific-imio/tasks/main.yml +++ b/roles/jitsi-enable-specific-imio/tasks/main.yml @@ -3,6 +3,7 @@ file: path: /usr/share/jitsi-meet/static-imio state: directory + mode: 0644 - name: personnalise la config nginx de l'accès jitsi principal blockinfile: @@ -73,7 +74,7 @@ group: root mode: '0644' loop: - - [ 'visio.imio.be.svg' , 'images/' ] + - ['visio.imio.be.svg', 'images/'] - name: Adaptation du js lineinfile: @@ -81,5 +82,5 @@ regexp: '{{ item[0] }}' line: '{{ item[1] }}' loop: - - [ 'DEFAULT_LOGO_URL: ' , " DEFAULT_LOGO_URL: 'images/visio.imio.be.svg'," ] - - [ 'JITSI_WATERMARK_LINK: ' , " JITSI_WATERMARK_LINK: 'https://imio.be'," ] + - ['DEFAULT_LOGO_URL: ', " DEFAULT_LOGO_URL: 'images/visio.imio.be.svg',"] + - ['JITSI_WATERMARK_LINK: ', " JITSI_WATERMARK_LINK: 'https://imio.be',"] diff --git a/roles/jitsi-enable-video-optimisation/tasks/main.yml b/roles/jitsi-enable-video-optimisation/tasks/main.yml index b86867d..ff4fa0f 100644 --- a/roles/jitsi-enable-video-optimisation/tasks/main.yml +++ b/roles/jitsi-enable-video-optimisation/tasks/main.yml @@ -1,5 +1,5 @@ --- -- name: Conf Jitsi - webcam en qualité medium par defaut +- name: Conf Jitsi - webcam en qualité medium par defaut lineinfile: path: /etc/jitsi/meet/{{ inventory_hostname }}-config.js marker: "// {mark} ANSIBLE MANAGED BLOCK" diff --git a/roles/jitsi-install/tasks/main.yml b/roles/jitsi-install/tasks/main.yml index ddc9b15..f022e53 100644 --- a/roles/jitsi-install/tasks/main.yml +++ b/roles/jitsi-install/tasks/main.yml @@ -14,12 +14,13 @@ - name: Exécution du script lets encrypt shell: cmd: /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh >> jitsi-le.log - creates: /etc/letsencrypt/live/{{ inventory_hostname }}/fullchain.pem # Execute le script que si ce fichier n'existe pas + creates: /etc/letsencrypt/live/{{ inventory_hostname }}/fullchain.pem # Execute le script que si ce fichier n'existe pas - name: Ajout d'un memo pour suprimer manuellement Jitsi copy: dest: /root/purgeJitsi.sh + mode: 0700 content: | systemctl stop jitsi-videobridge2 prosody jicofo nginx coturn apt purge jitsi-meet && apt --purge autoremove - rm -rf /etc/jitsi/ /usr/share/jitsi-* /etc/letsencrypt \ No newline at end of file + rm -rf /etc/jitsi/ /usr/share/jitsi-* /etc/letsencrypt diff --git a/roles/jitsi-pre-install/tasks/main.yml b/roles/jitsi-pre-install/tasks/main.yml index ba333b5..6b83210 100644 --- a/roles/jitsi-pre-install/tasks/main.yml +++ b/roles/jitsi-pre-install/tasks/main.yml @@ -10,23 +10,23 @@ state: present - name: Mise en place des règle firewall tcp et udp - #source : https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-quickstart#setup-and-configure-your-firewall + # source : https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-quickstart#setup-and-configure-your-firewall ufw: state: enabled rule: allow port: '{{ item[0] }}' proto: '{{ item[1] }}' loop: - - ['80','tcp'] - - ['443','tcp'] - - ['4443','tcp'] - - ['22','tcp'] - - ['10000','udp'] - - ['3478','udp'] - - ['5349','tcp'] - - ['5222','tcp'] # XMPP port for recorder + - ['80', 'tcp'] + - ['443', 'tcp'] + - ['4443', 'tcp'] + - ['22', 'tcp'] + - ['10000', 'udp'] + - ['3478', 'udp'] + - ['5349', 'tcp'] + - ['5222', 'tcp'] # XMPP port for recorder -- name: Import de la clé GPG #source: https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-quickstart#add-the-jitsi-package-repository +- name: Import de la clé GPG # source: https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-quickstart#add-the-jitsi-package-repository apt_key: id: FFD65A0DA2BEBDEB73D44C8BB4D2D216F1FD7806 url: https://download.jitsi.org/jitsi-key.gpg.key