Add: effi-reg role

2 files changed, 59 insertions, 0 deletions

diff --git a/roles/effi-reg/files/effiapi.json b/roles/effi-reg/files/effiapi.json
new file mode 100644
index 0000000..21a05d5
--- /dev/null
+++ b/roles/effi-reg/files/effiapi.json
@@ -0,0 +1,4 @@
+{
+    "log": "/var/log/effiapi/effiapi.log",
+    "signing-key-filename": "/etc/effiapi.pub"
+}
diff --git a/roles/effi-reg/tasks/main.yml b/roles/effi-reg/tasks/main.yml
new file mode 100644
index 0000000..787e360
--- /dev/null
+++ b/roles/effi-reg/tasks/main.yml
@@ -0,0 +1,55 @@
+- name: "create _effiapi group"
+  group:
+    name: _effiapi
+
+- name: "create _effiapi user"
+  user:
+    name: _effiapi
+    groups:
+      - _effiapi
+    shell: /bin/false
+
+- name: "create directory for effi-reg source"
+  file:
+    state: directory
+    path: "/srv/effireg"
+
+- name: "create log directory for effi-reg"
+  file:
+    state: directory
+    path: "/var/log/effiapi"
+    owner: _effiapi
+    group: _effiapi
+    mode: 0755
+
+- name: "install git"
+  apt:
+    name: git
+
+- name: "deploy effi-reg from git"
+  git:
+    repo: "git://git.liw.fi/effi-reg"
+    dest: "/srv/effireg"
+
+- name: "install token signing public key"
+  copy:
+    content: "{{ qvisqve_token_public_key }}"
+    dest: "/etc/effiapi.pub"
+
+- name: "install effi-reg configuration"
+  copy:
+    src: effiapi.json
+    dest: /etc/effiapi.json
+
+- name: "install effiapi.service file"
+  copy:
+    remote_src: yes
+    src: /srv/effireg/effiapi.service
+    dest: /lib/systemd/system
+
+- name: "start effiapi"
+  systemd:
+    name: effiapi
+    enabled: yes
+    state: restarted
+    daemon_reload: yes