From 3f53d5e85297f75d9c998d5c95610eb7f1a6587c Mon Sep 17 00:00:00 2001
From: Paul Maruhn <paulmaruhn@posteo.de>
Date: Sat, 1 Jan 2022 17:10:40 +0100
Subject: [PATCH] add ffdyn to service role

---
 host_vars/srv02.yml                           |  1 +
 roles/services/files/ffdyndns/ffdyndns.toml   | 14 ++++++++++
 .../files/nginx/sites-available/ffdyndns      | 24 +++++++++++++++++
 .../files/nginx/snippets/proxy-params.conf    |  4 +++
 roles/services/tasks/base.yml                 |  5 ----
 roles/services/tasks/ffdyndns.yml             | 26 +++++++++++++++++++
 roles/services/tasks/main.yml                 | 10 ++++---
 7 files changed, 75 insertions(+), 9 deletions(-)
 create mode 100644 roles/services/files/ffdyndns/ffdyndns.toml
 create mode 100644 roles/services/files/nginx/sites-available/ffdyndns
 create mode 100644 roles/services/files/nginx/snippets/proxy-params.conf
 create mode 100644 roles/services/tasks/ffdyndns.yml

diff --git a/host_vars/srv02.yml b/host_vars/srv02.yml
index 56d017d..bcd1665 100644
--- a/host_vars/srv02.yml
+++ b/host_vars/srv02.yml
@@ -8,3 +8,4 @@ nginx:
     - hopglass-map
     - luebeck.freifunk.net
     - wiki
+    - ffdyndns
diff --git a/roles/services/files/ffdyndns/ffdyndns.toml b/roles/services/files/ffdyndns/ffdyndns.toml
new file mode 100644
index 0000000..c849d92
--- /dev/null
+++ b/roles/services/files/ffdyndns/ffdyndns.toml
@@ -0,0 +1,14 @@
+name = "FFdynDNS"
+description = "DynDNS Service"
+server_web_url = "ffdyn.net"
+database = "./db.rocks"
+dns_server = "10.130.0.104"
+bind_address = "0.0.0.0"
+bind_port = 8053
+
+
+[[domain]]
+name = "ffdyn.net."
+description = "Freifunk  Premium Domain"
+allowed_ips = ["0.0.0.0/0", "::/0"]
+validity = 1
diff --git a/roles/services/files/nginx/sites-available/ffdyndns b/roles/services/files/nginx/sites-available/ffdyndns
new file mode 100644
index 0000000..a86bb43
--- /dev/null
+++ b/roles/services/files/nginx/sites-available/ffdyndns
@@ -0,0 +1,24 @@
+server {
+	listen 80;
+	listen [::]:80;
+
+	#listen localhost:443 ssl http2;
+	#listen [::]:443 ssl http2;
+
+	server_name ffdyn.net;
+
+	include snippets/acme.conf;
+	include snippets/tls.conf;
+
+	#ssl_certificate /var/lib/acme/live/luebeck.freifunk.net/fullchain;
+	#ssl_certificate_key /var/lib/acme/live/luebeck.freifunk.net/privkey;
+
+	#if ($ssl_protocol = "") {
+	#	return 301 https://$host$request_uri;
+	#}
+
+	location / {
+		proxy_pass http://127.0.0.1:8053;
+		include snippets/proxy-params.conf;
+	}
+}
diff --git a/roles/services/files/nginx/snippets/proxy-params.conf b/roles/services/files/nginx/snippets/proxy-params.conf
new file mode 100644
index 0000000..df75bc5
--- /dev/null
+++ b/roles/services/files/nginx/snippets/proxy-params.conf
@@ -0,0 +1,4 @@
+proxy_set_header Host $http_host;
+proxy_set_header X-Real-IP $remote_addr;
+proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+proxy_set_header X-Forwarded-Proto $scheme;
diff --git a/roles/services/tasks/base.yml b/roles/services/tasks/base.yml
index 8a2fd75..009de02 100644
--- a/roles/services/tasks/base.yml
+++ b/roles/services/tasks/base.yml
@@ -38,8 +38,3 @@
   copy:
     src: etc/
     dest: /etc
-
-
-- name: install base tools
-  include: software.yml
-  tags: [base, apt, software]
diff --git a/roles/services/tasks/ffdyndns.yml b/roles/services/tasks/ffdyndns.yml
new file mode 100644
index 0000000..97c0b8d
--- /dev/null
+++ b/roles/services/tasks/ffdyndns.yml
@@ -0,0 +1,26 @@
+---
+
+- name: copy configs
+  copy:
+    src: ffdyndns/ffdyndns.toml
+    dest: /etc/
+
+
+
+# install ffdyndns
+- name: install ffdyndns
+  block:
+  - name: download ffdyndns
+    get_url:
+      url: https://freifunk-luebeck.pages.chaotikum.org/ffdyndns/ffdyndns.deb
+      dest: /tmp/ffdyndns.deb
+
+  - name: install ffdyndns
+    command: dpkg -i --force-confold /tmp/ffdyndns.deb
+
+  - name: enable ffdyndns
+    systemd:
+      daemon_reload: yes
+      state: restarted
+      enabled: yes
+      name: ffdyndns
diff --git a/roles/services/tasks/main.yml b/roles/services/tasks/main.yml
index cd2ed30..06164eb 100644
--- a/roles/services/tasks/main.yml
+++ b/roles/services/tasks/main.yml
@@ -1,11 +1,8 @@
 ---
 - name: base config
   tags: [base]
-  include_tasks:
+  import_tasks:
     file: base.yml
-    apply:
-      tags: [base]
-
 
 - name: install packages
   include: software.yml
@@ -18,3 +15,8 @@
 - name: setup nginx
   include: nginx.yml
   tags: [nginx]
+
+- name: ffdyndns
+  tags: [ffdyndns]
+  import_tasks:
+    file: ffdyndns.yml
-- 
GitLab