From 2858f2825c04c98a160cb59a7648c80e11e5f5a2 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@realraum.at>
Date: Sun, 7 Jul 2019 02:32:46 +0200
Subject: [PATCH] status.realraum.at works now

---
 ansible/host_vars/vex2/main.yml               |    4 ++
 ansible/roles/web/r3status/tasks/main.yml     |   67 +++++++------------------
 ansible/roles/web/r3status/tasks/nginx.yml    |   46 +++++++++++++++++
 ansible/roles/web/r3status/templates/nginx.j2 |    6 ++-
 4 files changed, 74 insertions(+), 49 deletions(-)
 create mode 100644 ansible/roles/web/r3status/tasks/nginx.yml

diff --git a/ansible/host_vars/vex2/main.yml b/ansible/host_vars/vex2/main.yml
index aca1996..cfa8fa3 100644
--- a/ansible/host_vars/vex2/main.yml
+++ b/ansible/host_vars/vex2/main.yml
@@ -3,3 +3,7 @@ sshd_allowusers_host:
   - spaceapi
 
 r3status_spaceapi_update_user_ssh_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDcwqg/oohCV3sTFHODBPUViOaGsoKL2Vp5suNAdLFJz4pdhfH7n4eXzI/3Ork6mDrDZ8XNmDq9g6jERweWQmS37THL33N2RmyDFfpwyQog/pzvEB6U0BGE6VN2zmgmrmvVZNdhKh/E74dM/22abAt32I6xSJi8C2CfVshHaFzNAV8N4lmGMGi0QXNMkAZDaYG0iptRuZOoZarCkfRybyh8pFkHt4Hl/tWocMOihI1KsWtbIgRUdTTpGMXmxMd0k2t9am+NxiUlBIRE8aEc4nTqcZTqullddEAGoksuUCLc0yYbFCzpTkZ1lrU5+oQhZyPWgnJ7s2yK7M2luBSAle8T realraum@smsgw.realraum.at
+
+r3status_www_content:
+  url: 'https://github.com/realraum/infokiosk/archive/2855b0b4ca9a982ceb01593c42223f1381afcc10.tar.gz'
+  sha256: '8e8797c948e7cd62b50023163de2ff3f344761a0c3eb3e0e4b9ad16b19c06202'
diff --git a/ansible/roles/web/r3status/tasks/main.yml b/ansible/roles/web/r3status/tasks/main.yml
index 0e717e2..af225ed 100644
--- a/ansible/roles/web/r3status/tasks/main.yml
+++ b/ansible/roles/web/r3status/tasks/main.yml
@@ -35,51 +35,22 @@
     path: /srv/r3status/www
     state: directory
 
-# TODO: install tar.gz from https://github.com/realraum/infokiosk/tree/master/htdocs
-
-
-- name: install nginx vhost config
-  template:
-    src: nginx.j2
-    dest: /etc/nginx/sites-available/status.realraum.at
-  notify: reload nginx
-
-- name: check if acme certs already exists
-  stat:
-    path: /var/lib/acme/live/status.realraum.at
-  register: r3status_acme_cert
-
-- name: link nonexistent hostname to self-signed interim cert
-  when: r3status_acme_cert.stat.exists == false
-  block:
-    - name: get id of existing selfsigned interim certificate
-      command: cat /var/lib/acme/.selfsigned-interim-cert
-      changed_when: false
-      check_mode: false
-      register: selfsigned_interim_cert_id
-
-    - name: set selfsigned_interim_cert_id variable
-      set_fact:
-        selfsigned_interim_cert_id: "{{ selfsigned_interim_cert_id.stdout }}"
-
-    - name: link to snakeoil cert for nonexistent hostnames
-      file:
-        src: "../certs/{{ selfsigned_interim_cert_id }}"
-        dest: /var/lib/acme/live/status.realraum.at
-        state: link
-
-- name: enable nginx vhost config
-  file:
-    src: ../sites-available/status.realraum.at
-    dest: /etc/nginx/sites-enabled/status.realraum.at
-    state: link
-  notify: reload nginx
-
-- name: make sure nginx config has been loaded
-  meta: flush_handlers
-
-- name: get certificate using acmetool
-  import_role:
-    name: acmetool/cert
-  vars:
-    acmetool_cert_name: status.realraum.at
+- name: download status web content
+  get_url:
+    url: "{{ r3status_www_content.url }}"
+    dest: /srv/r3status/www.tar.gz
+    checksum: "sha256:{{ r3status_www_content.sha256 }}"
+  register: dokuwiki_plugins_downloaded
+
+## TODO: fix update!!!
+- name: extract status web content
+  unarchive:
+    remote_src: yes
+    src: /srv/r3status/www.tar.gz
+    dest: /srv/r3status/www/
+    extra_opts:
+      - '--strip-components=2'
+      - '--wildcards'
+      - '*/htdocs'
+
+- import_tasks: nginx.yml
diff --git a/ansible/roles/web/r3status/tasks/nginx.yml b/ansible/roles/web/r3status/tasks/nginx.yml
new file mode 100644
index 0000000..dc0d3c1
--- /dev/null
+++ b/ansible/roles/web/r3status/tasks/nginx.yml
@@ -0,0 +1,46 @@
+---
+- name: install nginx vhost config
+  template:
+    src: nginx.j2
+    dest: /etc/nginx/sites-available/status.realraum.at
+  notify: reload nginx
+
+- name: check if acme certs already exists
+  stat:
+    path: /var/lib/acme/live/status.realraum.at
+  register: r3status_acme_cert
+
+- name: link nonexistent hostname to self-signed interim cert
+  when: r3status_acme_cert.stat.exists == false
+  block:
+    - name: get id of existing selfsigned interim certificate
+      command: cat /var/lib/acme/.selfsigned-interim-cert
+      changed_when: false
+      check_mode: false
+      register: selfsigned_interim_cert_id
+
+    - name: set selfsigned_interim_cert_id variable
+      set_fact:
+        selfsigned_interim_cert_id: "{{ selfsigned_interim_cert_id.stdout }}"
+
+    - name: link to snakeoil cert for nonexistent hostnames
+      file:
+        src: "../certs/{{ selfsigned_interim_cert_id }}"
+        dest: /var/lib/acme/live/status.realraum.at
+        state: link
+
+- name: enable nginx vhost config
+  file:
+    src: ../sites-available/status.realraum.at
+    dest: /etc/nginx/sites-enabled/status.realraum.at
+    state: link
+  notify: reload nginx
+
+- name: make sure nginx config has been loaded
+  meta: flush_handlers
+
+- name: get certificate using acmetool
+  import_role:
+    name: acmetool/cert
+  vars:
+    acmetool_cert_name: status.realraum.at
diff --git a/ansible/roles/web/r3status/templates/nginx.j2 b/ansible/roles/web/r3status/templates/nginx.j2
index c0d6fb7..698b5b1 100644
--- a/ansible/roles/web/r3status/templates/nginx.j2
+++ b/ansible/roles/web/r3status/templates/nginx.j2
@@ -12,9 +12,13 @@ server {
 
     include snippets/security-headers.conf;
 
-    root /srv/r3status;
+    root /srv/r3status/www;
 
     location = /spaceapi.json {
         alias {{ r3status_spaceapi_path }}/spaceapi.json;
     }
+
+    location /js/ {
+        alias /usr/share/javascript/;
+    }
 }
-- 
1.7.10.4