From dd12bd0a9b8ad925ddb4e20ebc7185fe533baedd Mon Sep 17 00:00:00 2001
From: Antoine Ouvrard <antoine.ouvrard@nereide.fr>
Date: Wed, 9 Dec 2020 18:14:26 +0100
Subject: [PATCH] ajout du role pour changer le hostname d'un BBB

---
 inventory_prod                                |  3 +-
 playbook_prod.yml                             |  6 ++
 roles/bbb-set-hostname/handlers/main.yml      |  5 ++
 roles/bbb-set-hostname/tasks/main.yml         | 74 +++++++++++++++++++
 .../templates/nginxSSLcheck.conf              |  6 ++
 5 files changed, 93 insertions(+), 1 deletion(-)
 create mode 100644 roles/bbb-set-hostname/handlers/main.yml
 create mode 100644 roles/bbb-set-hostname/tasks/main.yml
 create mode 100644 roles/bbb-set-hostname/templates/nginxSSLcheck.conf

diff --git a/inventory_prod b/inventory_prod
index 8fb07c1..16da929 100644
--- a/inventory_prod
+++ b/inventory_prod
@@ -1,4 +1,5 @@
 jitsi.komuniki.fr ansible_user=debian ansible_become=true
 visio.imio.be ansible_user=debian ansible_become=true
 jitsi.entrouvert.com ansible_user=root
-bbb.komuniki.fr ansible_user=root
\ No newline at end of file
+bbb.komuniki.fr ansible_user=root
+imio.bbb.komuniki.fr ansible_user=root bbbHostname=imio.bbb.komuniki.fr
\ No newline at end of file
diff --git a/playbook_prod.yml b/playbook_prod.yml
index a9cbd9c..627a966 100644
--- a/playbook_prod.yml
+++ b/playbook_prod.yml
@@ -48,3 +48,9 @@
     - role: bbb-enable-metrics
   tags:
     - bbb
+
+- hosts: imio.bbb.komuniki.fr
+  roles:
+    - role: bbb-set-hostname
+  tags:
+    - imio.bbb
diff --git a/roles/bbb-set-hostname/handlers/main.yml b/roles/bbb-set-hostname/handlers/main.yml
new file mode 100644
index 0000000..a7e57e5
--- /dev/null
+++ b/roles/bbb-set-hostname/handlers/main.yml
@@ -0,0 +1,5 @@
+---
+- name: reload nginx
+  systemd:
+    name: nginx
+    state: reloaded
\ No newline at end of file
diff --git a/roles/bbb-set-hostname/tasks/main.yml b/roles/bbb-set-hostname/tasks/main.yml
new file mode 100644
index 0000000..b0a7872
--- /dev/null
+++ b/roles/bbb-set-hostname/tasks/main.yml
@@ -0,0 +1,74 @@
+---
+# Set du hostname BBB
+# Prérequis : le DNS doit être positionné sur le nouveau nom de domaine
+
+- name: vérification de la présence du hostname dans les variables
+  fail:
+    msg: |
+      la variable `bbbHostname` est obligatoire pour
+      utiliser le role bbb-set-hostname. 
+      Veuillez la rajouter dans l'inventaire
+  when:
+    - bbbHostname is not defined
+
+# Config BBB
+- name: Récup du hostname actuellement configuré
+  fetch:
+    src: /usr/share/bbb-web/WEB-INF/classes/bigbluebutton.properties
+    dest: /tmp/
+    flat: yes
+
+- name : Récup du hostname actuellement configuré
+  set_fact: 
+    oldHostname: "{{ lookup('ini', 'bigbluebutton.web.serverURL type=properties file=/tmp/bigbluebutton.properties') | urlsplit('hostname') }}"
+
+- name: execution de la commande bigbluebutton qui set le nouveau nom de domaine
+  command: "bbb-conf --setip {{ bbbHostname }}"
+  when: oldHostname != bbbHostname
+
+# Config Greenlight
+- name: Maj du server name greenlight de la conf bigbluebutton
+  replace:
+    path: /root/greenlight/.env
+    regexp: '(.*){{ oldHostname }}(.*)'
+    replace: '\1{{ bbbHostname }}\2'
+
+- name: redémarrage de greenlight
+  shell: "cd /root/greenlight; docker-compose down; docker-compose up -d"
+  when: oldHostname != bbbHostname
+
+# Config Let's encrypt
+- name: Check si le certificat SSL est présent
+  stat:
+    path: /etc/letsencrypt/live/{{ bbbHostname }}/fullchain.pem
+  register: ssl_file
+
+- name: Active la conf nginx nécessaire pour créer un certificat Let's Encrypt
+  template:
+    src: ../templates/nginxSSLcheck.conf
+    dest: /etc/nginx/sites-enabled/
+    mode: '0644'
+  when: not ssl_file.stat.exists
+
+- name: Force le redémarrage de Nginx pour prendre en compte la nouvelle conf
+  systemd:
+    state: restarted
+    name: nginx
+  when: not ssl_file.stat.exists
+
+- name: Certif LE
+  command: certbot --webroot -w /var/www/bigbluebutton-default/ -d {{ bbbHostname }} certonly
+  when: not ssl_file.stat.exists
+
+- name: Suppression de la conf temporaire LE
+  file:
+    path: /etc/nginx/sites-enabled/nginxSSLcheck.conf
+    state: absent
+  notify: reload nginx
+
+- name: Maj du server name nginx de la conf bigbluebutton
+  replace:
+    path: /etc/nginx/sites-enabled/bigbluebutton
+    regexp: '(.*){{ oldHostname }}(.*)'
+    replace: '\1{{ bbbHostname }}\2'
+  notify: reload nginx
\ No newline at end of file
diff --git a/roles/bbb-set-hostname/templates/nginxSSLcheck.conf b/roles/bbb-set-hostname/templates/nginxSSLcheck.conf
new file mode 100644
index 0000000..8432419
--- /dev/null
+++ b/roles/bbb-set-hostname/templates/nginxSSLcheck.conf
@@ -0,0 +1,6 @@
+server {
+	listen 80;
+	listen [::]:80;
+	server_name {{ bbbHostname }};
+	root /var/www/bigbluebutton-default/;
+}
\ No newline at end of file