From f0014926374390038fa04884a4216a6896dd6d40 Mon Sep 17 00:00:00 2001
From: Lars Wirzenius <liw@liw.fi>
Date: Wed, 21 Nov 2018 12:02:04 +0200
Subject: Add: effireg web UI to effi.yml

---
 effi.yml                          | 25 ++++++++++++++++++-
 roles/effi-reg/files/effiapi.json |  1 +
 roles/effi-reg/files/effireg.json |  9 +++++++
 roles/effi-reg/tasks/main.yml     | 52 ++++++++++++++++++++++++++-------------
 roles/muck/tasks/main.yml         |  1 +
 5 files changed, 70 insertions(+), 18 deletions(-)
 create mode 100644 roles/effi-reg/files/effireg.json

diff --git a/effi.yml b/effi.yml
index 14fc545..e4a4054 100644
--- a/effi.yml
+++ b/effi.yml
@@ -5,10 +5,12 @@
     - role: sane_debian_system
     - role: unix_users
     - role: haproxy
+      tags: haproxy
     - role: qvisqve
     - role: muck
+      tags: muck
     - role: effi-reg
-      tags: update
+      tags: effi-reg
   vars:
     hostname: effi-reg
 
@@ -33,12 +35,33 @@
         path: /clients
         backends: ["127.0.0.1:{{ qvisqve_port }}"]
 
+      - name: qvisqve3
+        path: /auth
+        backends: ["127.0.0.1:{{ qvisqve_port }}"]
+
       - name: effiapi1
         path: /status
         backends: ["127.0.0.1:{{ effiapi_port }}"]
 
+      - name: effiapi2
+        path: /mem
+        backends: ["127.0.0.1:{{ effiapi_port }}"]
+
+      - name: effiapi3
+        path: /search
+        backends: ["127.0.0.1:{{ effiapi_port }}"]
+
+      - name: effireg1
+        path: /
+        backends: ["127.0.0.1:{{ effireg_port }}"]
+
+      - name: effireg2
+        path: /callback
+        backends: ["127.0.0.1:{{ effireg_port }}"]
+
     muck_port: 12765
     effiapi_port: 8080
+    effireg_port: 8181
 
     qvisqve_port: 10000
     qvisqve_domain: "{{ reg_domain }}"
diff --git a/roles/effi-reg/files/effiapi.json b/roles/effi-reg/files/effiapi.json
index 21a05d5..e7ec16c 100644
--- a/roles/effi-reg/files/effiapi.json
+++ b/roles/effi-reg/files/effiapi.json
@@ -1,4 +1,5 @@
 {
+    "muck-url": "http://127.0.0.1:12765",
     "log": "/var/log/effiapi/effiapi.log",
     "signing-key-filename": "/etc/effiapi.pub"
 }
diff --git a/roles/effi-reg/files/effireg.json b/roles/effi-reg/files/effireg.json
new file mode 100644
index 0000000..20c90d0
--- /dev/null
+++ b/roles/effi-reg/files/effireg.json
@@ -0,0 +1,9 @@
+{
+    "client-id": "effireg",
+    "client-secret": "hunter2",
+    "our-url": "https://effi-reg.vm.liw.fi",
+    "api-url": "https://effi-reg.vm.liw.fi",
+    "log": "/dev/null",
+    "pid": "/dev/null",
+    "templates": "/srv/effireg/templates"
+}
diff --git a/roles/effi-reg/tasks/main.yml b/roles/effi-reg/tasks/main.yml
index 787e360..4553a39 100644
--- a/roles/effi-reg/tasks/main.yml
+++ b/roles/effi-reg/tasks/main.yml
@@ -1,32 +1,41 @@
-- name: "create _effiapi group"
+- name: "create groups"
   group:
-    name: _effiapi
+    name: "{{ item }}"
+  with_items:
+    - _effiapi
+    - _effireg
 
-- name: "create _effiapi user"
+- name: "create users"
   user:
-    name: _effiapi
+    name: "{{ item }}"
     groups:
-      - _effiapi
+      - "{{ item }}"
     shell: /bin/false
+  with_items:
+    - _effiapi
+    - _effireg
 
 - name: "create directory for effi-reg source"
   file:
     state: directory
     path: "/srv/effireg"
 
-- name: "create log directory for effi-reg"
+- name: "create log directories"
   file:
     state: directory
-    path: "/var/log/effiapi"
-    owner: _effiapi
-    group: _effiapi
+    path: "/var/log/{{ item }}"
+    owner: "_{{ item }}"
+    group: "_{{ item }}"
     mode: 0755
+  with_items:
+    - effiapi
+    - effireg
 
 - name: "install git"
   apt:
     name: git
 
-- name: "deploy effi-reg from git"
+- name: "deploy from git"
   git:
     repo: "git://git.liw.fi/effi-reg"
     dest: "/srv/effireg"
@@ -36,20 +45,29 @@
     content: "{{ qvisqve_token_public_key }}"
     dest: "/etc/effiapi.pub"
 
-- name: "install effi-reg configuration"
+- name: "install configuration files"
   copy:
-    src: effiapi.json
-    dest: /etc/effiapi.json
+    src: "{{ item }}.json"
+    dest: "/etc/{{ item }}.json"
+  with_items:
+    - effiapi
+    - effireg
 
-- name: "install effiapi.service file"
+- name: "install .service files"
   copy:
     remote_src: yes
-    src: /srv/effireg/effiapi.service
+    src: "/srv/effireg/{{ item }}.service"
     dest: /lib/systemd/system
+  with_items:
+    - effiapi
+    - effireg
 
-- name: "start effiapi"
+- name: "(re)start services"
   systemd:
-    name: effiapi
+    name: "{{ item }}"
     enabled: yes
     state: restarted
     daemon_reload: yes
+  with_items:
+    - effiapi
+    - effireg
diff --git a/roles/muck/tasks/main.yml b/roles/muck/tasks/main.yml
index 09a5ee2..816fc6c 100644
--- a/roles/muck/tasks/main.yml
+++ b/roles/muck/tasks/main.yml
@@ -14,6 +14,7 @@
   copy:
     content: |
       {
+          "muck-url": "https://localhost:{{ muck_port }}",
           "log": "/var/log/muck/muck.log",
           "store": "/var/lib/muck/store",
           "signing-key-filename": "/etc/muck.pub"
-- 
cgit v1.2.1