Install and maintain Prosody from offical repo with Ansible. Per default, this role also installs munin-node to monitor Prosody. Tested with Molecule, Docker, Vagrant and TravisCI.
Debian 8,9,10. Other versions of Debian/Ubuntu might be supported as well, but aren't tested.
see defaults/main.yml
Download latest release with ansible-galaxy
ansible-galaxy install systemli.prosody
- hosts: servers
roles:
- systemli.prosody
vars:
prosody_virtual_hosts:
- name: example.net
key: |
-----BEGIN PRIVATE KEY-----
...
-----END PRIVATE KEY-----
cert: |
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
- name: x5tno6mwkncu4m2h.onion
admins: ["[email protected]"]
You would need a configured Tor onion service for this. Look at systemli.onion.
You can also combine it with systemli.letsencrypt to automatically configure certs.
- hosts: servers
roles:
- systemli.letsencrypt
- systemli.prosody
vars:
prosody_vhost: example.net
letsencrypt_cert:
name: example.net
domains:
- example.net
- conference.example.net
- proxy.example.net
- pubsub.example.net
challenge: dns
renew_hook: "/usr/bin/prosodyctl --root cert import /etc/letsencrypt/live/"
Run local tests with
molecule test
Requires Molecule, Vagrant and python-vagrant
to be installed.
GPL