From 80fa45eb998e15375bc946c9d34392867bb9621a Mon Sep 17 00:00:00 2001
From: theonlydoo <arnaud.bawol@nuxit.com>
Date: Sun, 18 Jan 2015 10:21:56 +0100
Subject: [PATCH] IRC bouncer corrected

---
 README.md                      | 14 +++++++-------
 host_vars/localhost.example    | 13 +++++++------
 ircbouncer.yml                 | 11 +++++++++++
 roles/ircbouncer/tasks/znc.yml | 11 +++++------
 4 files changed, 30 insertions(+), 19 deletions(-)
 create mode 100644 ircbouncer.yml

diff --git a/README.md b/README.md
index ee2f837..41bd514 100644
--- a/README.md
+++ b/README.md
@@ -24,7 +24,6 @@ roles
 * IRCBouncer
  * Provides a ZNC Config
  * Imported with <3 from https://github.com/al3x/sovereign/
- * **Not yet READY**
 * Mail
  * provides a complete **mail** server for a given domain name and the vdomain capability for other domains.
  * **Note** : This role starts in order : common, mariadb, and mail. If you don't want one of them, please comment out.
@@ -75,12 +74,13 @@ mysql_host: localhost
 
 # ircbouncer
 znc_version: 1.4
- irc_nick: (required)
- irc_ident: (required)
- irc_realname: (required)
- irc_quitmsg: (required)
- irc_password_hash: (required)
- irc_password_salt: (required)
+irc_nick: (required)
+irc_ident: (required)
+irc_realname: (required)
+irc_quitmsg: (required)
+irc_password_hash: (required) # http://wiki.znc.in/Configuration#Pass
+irc_password_salt: (required) # http://wiki.znc.in/Configuration#Pass
+irc_timezone: "Europe/Paris" #Example: "Europe/Paris"
 
 # xmpp
 prosody_admin: "admin@test.net"
diff --git a/host_vars/localhost.example b/host_vars/localhost.example
index 6daeebb..4e5bbbc 100644
--- a/host_vars/localhost.example
+++ b/host_vars/localhost.example
@@ -22,12 +22,13 @@ mysql_host: localhost
 
 # ircbouncer
 znc_version: 1.4
- irc_nick: (required)
- irc_ident: (required)
- irc_realname: (required)
- irc_quitmsg: (required)
- irc_password_hash: (required)
- irc_password_salt: (required)
+irc_nick: (required)
+irc_ident: (required)
+irc_realname: (required)
+irc_quitmsg: (required)
+irc_password_hash: (required) # http://wiki.znc.in/Configuration#Pass
+irc_password_salt: (required) # http://wiki.znc.in/Configuration#Pass
+irc_timezone: "Europe/Paris" #Example: "Europe/Paris"
 
 # xmpp
 prosody_admin: admin@test.net
diff --git a/ircbouncer.yml b/ircbouncer.yml
new file mode 100644
index 0000000..5c11ee1
--- /dev/null
+++ b/ircbouncer.yml
@@ -0,0 +1,11 @@
+---
+
+- name: Deployer et configurer ZNC
+  hosts: all
+  user: root
+  gather_facts: yes
+
+  roles:
+    - ircbouncer
+
+# vim: set textwidth=0 ft=yaml ts=2 sw=2 expandtab:
diff --git a/roles/ircbouncer/tasks/znc.yml b/roles/ircbouncer/tasks/znc.yml
index d44dfd2..7483cb1 100644
--- a/roles/ircbouncer/tasks/znc.yml
+++ b/roles/ircbouncer/tasks/znc.yml
@@ -35,11 +35,13 @@
 - name: Copy znc init file into place
   copy: src=etc_init.d_znc dest=/etc/init.d/znc mode=0755
 
-- name: Create a combined version of the private key with public cert and intermediate + root CAs
-  shell: cat /etc/ssl/private/wildcard_private.key /etc/ssl/certs/wildcard_combined.pem >
-    /var/lib/znc/znc.pem creates=/var/lib/znc/znc.pem
+- name: create self-signed SSL cert
+  command: openssl req -new -nodes -x509 -subj "/C=FR/ST=SomeWhere/L=OverTheRainBow/O=znc/CN=znc.{{ domain }}" -days 3650 -keyout /root/znc.key -out /root/znc.crt -extensions v3_ca creates=/root/znc.crt
   notify: restart znc
 
+- name: create self-signed SSL cert-2
+  shell: cat /root/znc.crt > /var/lib/znc/znc.pem && cat /root/znc.crt >> /root/znc.key
+
 - name: Ensure znc user and group can read cert
   file: path=/var/lib/znc/znc.pem group=znc owner=znc mode=640
   notify: restart znc
@@ -58,8 +60,5 @@
   when: znc_config.rc != 0
   notify: restart znc
 
-- name: Set firewall rule for znc
-  ufw: rule=allow port=6697 proto=tcp
-
 - name: Ensure znc is a system service
   service: name=znc state=started enabled=true