--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/contrib/provision/roles/tram-im/defaults/main.yml Sat Mar 19 01:03:43 2016 +0800
+admin_jid: admin@{{ domain }}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/contrib/provision/roles/tram-im/tasks/appinstall.yml Sat Mar 19 01:03:43 2016 +0800
+- name: Make sure project directory exists
+ file: path={{ dir }} state=directory
+- name: Make sure vendor directory exists
+ file: path={{ dir }}/vendor state=directory
+- name: Clone Strophe.js
+ git: repo=https://github.com/strophe/strophejs.git dest={{ dir }}/vendor/strophejs
+- name: Clone Strophe.js plugins
+ git: repo=https://github.com/strophe/strophejs-plugins.git dest={{ dir }}/vendor/strophejs-plugins
+- name: Download WebRTC adapter
+ get_url: url=https://webrtc.github.io/adapter/adapter-1.0.4.js dest={{ dir }}/vendor/webrtc-adapter-1.0.4.js
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/contrib/provision/roles/tram-im/tasks/main.yml Sat Mar 19 01:03:43 2016 +0800
+ lineinfile: dest=/etc/hosts line='{{ ansible_all_ipv4_addresses[0] }} {{ domain }} muc.{{ domain }}'
+ when: ansible_virtualization_type == "virtualbox"
+- name: Install packages
+ apt: pkg={{ item }} state=present
+ - git # for 3rd-party libraries
+- include: appinstall.yml dir=/home/tram-im/tram-im/
+- name: Add Prosody VirtualHost
+ template: src=etc/prosody/conf.avail/tram-im.cfg.lua dest=/etc/prosody/conf.avail/{{ domain }}.cfg.lua
+- name: Enable Prosody VirtualHost
+ file: src=/etc/prosody/conf.avail/{{ domain }}.cfg.lua dest=/etc/prosody/conf.d/{{ domain }}.cfg.lua state=link
+- name: Add BOSH proxy Nginx site
+ template: src=etc/nginx/sites-available/tram-im dest=/etc/nginx/sites-available/{{ domain }}
+- name: Enable BOSH proxy Nginx site
+ file: src=/etc/nginx/sites-available/{{ domain }} dest=/etc/nginx/sites-enabled/50{{ domain }} state=link
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/contrib/provision/roles/tram-im/templates/etc/nginx/sites-available/tram-im Sat Mar 19 01:03:43 2016 +0800
+ text/coffeescript coffee;
+ server_name {{ domain }};
+ access_log /var/log/nginx/{{ domain }}.access.log;
+ error_log /var/log/nginx/{{ domain }}.error.log;
+ return 301 https://{{ domain }}$request_uri;
+ server_name {{ domain }};
+ listen [::]:443 ssl spdy;
+ ssl_certificate {{ ssl_cert }};
+ ssl_certificate_key {{ ssl_key }};
+ ssl_dhparam /etc/nginx/dh-2048.pem;
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ ssl_session_cache shared:SSL:1m;
+ ssl_session_timeout 10m;
+ resolver 8.8.8.8 [2001:4860:4860::8888] 8.8.4.4 [2001:4860:4860::8844];
+ # access from <frame | iframe | object>: DENY | SAMEORIGIN | ALLOW-FROM uri
+ add_header X-Frame-Options 'SAMEORIGIN';
+ # HSTS: 31536000 = 365 days (set to 0 to expire and allow plain HTTP)
+ add_header Strict-Transport-Security 'max-age=31536000';
+ add_header Cache-Control private;
+ access_log /var/log/nginx/{{ domain }}.access.log;
+ error_log /var/log/nginx/{{ domain }}.error.log;
+ client_max_body_size 1M;
+ root /home/tram-im/tram-im;
+ proxy_pass https://127.0.0.1:5281/http-bind;
+ proxy_set_header Host $host;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/contrib/provision/roles/tram-im/templates/etc/prosody/conf.avail/tram-im.cfg.lua Sat Mar 19 01:03:43 2016 +0800
+plugin_paths = { "/var/lib/prosody/extra-modules" }
+https_interfaces = { "127.0.0.1" }
+VirtualHost "{{ domain }}"
+admins = { "{{ admin_jid }}" }
+ key = "/etc/ssl/selfsigned/muc.{{ domain }}/clean.key";
+ certificate = "/etc/ssl/selfsigned/muc.{{ domain }}/selfsigned.pem";
+ dhparam = "/etc/prosody/dh-2048.pem";
+modules_enabled = { "register", "vcard", "bosh" }
+modules_disabled = { "s2s" }
+allow_registration = true
+authentication = "internal_hashed"
+Component "muc.{{ domain }}" "muc"
+ name = "Multi-user chat on {{ domain }}"
+ restrict_room_creation = "local"
+ --modules_enabled = { "mam_muc" } -- Currently alpha
+Component "proxy65.{{ domain }}" "proxy65"
+ proxy65_acl = { "{{ domain }}" }
+ modules_enabled = { "http_upload" }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/contrib/provision/roles/tram-im/vars/main.yml Sat Mar 19 01:03:43 2016 +0800
+ssl_cert: /etc/ssl/selfsigned/{{ domain }}/selfsigned.pem
+ssl_key: /etc/ssl/selfsigned/{{ domain }}/clean.key