s3lph/ansible-collection-irc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

chore: migrate to forgejo actions, major ansible-lint refactor

Browse source
This commit is contained in:
s3lph 2025-02-16 05:18:24 +01:00
parent 99fcd29637
commit d2a0a01088
Signed by: s3lph
GPG key ID: 0AA29A52FB33CFB5
22 changed files with 850 additions and 77 deletions

6
.ansible-lint Normal file
View file

@ -0,0 +1,6 @@
---
skip_list:
- galaxy[no-changelog]
- galaxy[version-incorrect]
- var-naming[no-role-prefix]

29
.forgejo/workflows/ansible-galaxy.yml Normal file
View file

@ -0,0 +1,29 @@
---
name: Ansible Galaxy
on: # noqa yaml[truthy]
push:
tags:
- 'v*'
jobs:
deploy:
runs-on: docker
steps:
- uses: actions/checkout@v4
- name: Set version in galaxy.yml
run: |
VERSION=${GITHUB_REF#refs/tags/v}
sed -re "s/^version:.*$/version: ${VERSION}/" -i galaxy.yml
- name: Upload collection to Ansible Galaxy
env:
GALAXY_API_KEY: ${{ secrets.GALAXY_API_KEY }}
run: |
apt update; apt install --yes python3-pip
pip3 install --break-system-packages ansible
ansible-galaxy collection build
ansible-galaxy collection publish --api-key=${GALAXY_API_KEY} s3lph-irc*tar.gz

17
.forgejo/workflows/ansible-lint.yml Normal file
View file

@ -0,0 +1,17 @@
---
name: Ansible Lint
on: [push, pull_request] # noqa yaml[truthy]
jobs:
build:
runs-on: docker
steps:
- uses: actions/checkout@v4
- run: |
apt update; apt install --yes python3-pip
pip3 install --break-system-packages ansible-lint
ansible-lint

1
.gitignore vendored Normal file
View file

@ -0,0 +1 @@
.ansible/

19
galaxy.yml
View file

@ -8,7 +8,7 @@ namespace: s3lph
name: irc
# The version of the collection. Must be compatible with semantic versioning
version: 0.1.0
version: 0.2.0
# The path to the Markdown (.md) readme file. This path is relative to the root of the collection
readme: README.md
@ -16,7 +16,7 @@ readme: README.md
# A list of the collection's content authors. Can be just the name or in the format 'Full Name <email> (url)
# @nicks:irc/im.site#channel'
authors:
- s3lph <account-gitlab-ideynizv@kernelpanic.lol>
- s3lph <s3lph@kabelsalat.ch>
### OPTIONAL but strongly recommended
@ -26,16 +26,18 @@ description: InspIRCd server setup
# Either a single license or a list of licenses for content inside of a collection. Ansible Galaxy currently only
# accepts L(SPDX,https://spdx.org/licenses/) licenses. This key is mutually exclusive with 'license_file'
license:
- MIT
- MIT
# The path to the license file for the collection. This path is relative to the root of the collection. This key is
# mutually exclusive with 'license'
#license_file: ''
# license_file: ''
# A list of tags you want to associate with the collection for indexing/searching. A tag name has the same character
# requirements as 'namespace' and 'name'
tags:
- application
- inspircd
- anope
- irc
- ircd
@ -46,20 +48,19 @@ tags:
dependencies: {}
# The URL of the originating SCM repository
repository: https://gitlab.com/s3lph/ansible-collection-irc
repository: https://git.kabelsalat.ch/s3lph/ansible-collection-irc
# The URL to any online docs
documentation: https://gitlab.com/s3lph/ansible-collection-irc
documentation: https://git.kabelsalat.ch/s3lph/ansible-collection-irc
# The URL to the homepage of the collection/project
homepage: https://gitlab.com/s3lph/ansible-collection-irc
homepage: https://git.kabelsalat.ch/s3lph/ansible-collection-irc
# The URL to the collection issue tracker
issues: https://gitlab.com/s3lph/ansible-collection-irc/-/issues
issues: https://git.kabelsalat.ch/s3lph/ansible-collection-irc/issues
# A list of file glob-like patterns used to filter any files or directories that should not be included in the build
# artifact. A pattern is matched from the relative path of the file or directory of the collection directory. This
# uses 'fnmatch' to match the files or directories. Some directories and files like 'galaxy.yml', '*.pyc', '*.retry',
# and '.git' are always filtered
build_ignore: []

52
meta/runtime.yml Normal file
View file

@ -0,0 +1,52 @@
---
# Collections must specify a minimum required ansible version to upload
# to galaxy
requires_ansible: '>=2.15.0'
# Content that Ansible needs to load from another location or that has
# been deprecated/removed
# plugin_routing:
# action:
# redirected_plugin_name:
# redirect: ns.col.new_location
# deprecated_plugin_name:
# deprecation:
# removal_version: "4.0.0"
# warning_text: |
# See the porting guide on how to update your playbook to
# use ns.col.another_plugin instead.
# removed_plugin_name:
# tombstone:
# removal_version: "2.0.0"
# warning_text: |
# See the porting guide on how to update your playbook to
# use ns.col.another_plugin instead.
# become:
# cache:
# callback:
# cliconf:
# connection:
# doc_fragments:
# filter:
# httpapi:
# inventory:
# lookup:
# module_utils:
# modules:
# netconf:
# shell:
# strategy:
# terminal:
# test:
# vars:
# Python import statements that Ansible needs to load from another location
# import_redirection:
# ansible_collections.ns.col.plugins.module_utils.old_location:
# redirect: ansible_collections.ns.col.plugins.module_utils.new_location
# Groups of actions/modules that take a common set of options
# action_groups:
# group_name:
# - module1
# - module2

5
roles/anope/README.md Normal file
View file

@ -0,0 +1,5 @@
# Role s3lph.irc.anope
Documentation in `meta/argument_specs.yml`.
A usage example can be found in the `docs` folder of the collection.

14
roles/anope/defaults/main/anope.yml
View file

@ -48,8 +48,8 @@ anope_options_readtimeout: 5s
anope_options_warningtimeout: 4h
anope_options_timeoutcheck: 3s
anope_options_retrywait: 60s
anope_options_hideprivilegedcommands: yes
anope_options_hideregisteredcommands: yes
anope_options_hideprivilegedcommands: true
anope_options_hideregisteredcommands: true
anope_options_languages:
- ca_ES.UTF-8
- de_DE.UTF-8
@ -95,8 +95,8 @@ anope_log:
- mode
other:
- "*"
rawio: no
debug: no
rawio: false
debug: false
- targets:
- globops
admin:
@ -123,7 +123,7 @@ anope_log:
- "expire/*"
- "bados"
- "akill/*"
anope_opertypes:
NetAdmin:
commands: ["*"]
@ -133,8 +133,8 @@ anope_opers: {}
anope_database_flatfile_filename: anope.db
anope_database_flatfile_keepbackups: 3
anope_database_flatfile_nobackupok: no
anope_database_flatfile_fork: no
anope_database_flatfile_nobackupok: false
anope_database_flatfile_fork: false
anope_password_hash: bcrypt

8
roles/anope/defaults/main/chanserv.yml
View file

@ -16,8 +16,8 @@ anope_chanserv_module_maxregistered: 20
anope_chanserv_module_expire: 14d
anope_chanserv_module_accessmax: 1024
anope_chanserv_module_inhabit: 15s
anope_chanserv_module_reasonmax: 200
anope_chanserv_module_reasonmax: 200
anope_chanserv_module_signkickformat: "%m (%n)"
anope_chanserv_module_disallow_hostmask_access: no
anope_chanserv_module_disallow_channel_access: no
anope_chanserv_module_always_lower_ts: no
anope_chanserv_module_disallow_hostmask_access: false
anope_chanserv_module_disallow_channel_access: false
anope_chanserv_module_always_lower_ts: false

12
roles/anope/defaults/main/nickserv.yml
View file

@ -6,8 +6,8 @@ anope_nickserv_service_host: services.host
anope_nickserv_service_gecos: Nickname Registration Service
anope_nickserv_module_client: NickServ
anope_nickserv_module_forceemail: yes
anope_nickserv_module_confirmemailchanges: no
anope_nickserv_module_forceemail: true
anope_nickserv_module_confirmemailchanges: false
anope_nickserv_module_defaults:
- ns_secure
- ns_private
@ -18,14 +18,14 @@ anope_nickserv_module_defaults:
- autoop
anope_nickserv_module_regdelay: 30s
anope_nickserv_module_expire: 21d
anope_nickserv_module_secureadmins: yes
anope_nickserv_module_modeonid: yes
anope_nickserv_module_hidenetsplitquit: no
anope_nickserv_module_secureadmins: true
anope_nickserv_module_modeonid: true
anope_nickserv_module_hidenetsplitquit: false
anope_nickserv_module_killquick: 20s
anope_nickserv_module_kill: 60s
anope_nickserv_module_enforceruser: enforcer
anope_nickserv_module_enforcerhost: services.host
anope_nickserv_module_releasetimeout: 1m
anope_nickserv_module_guestnickprefix: Guest
anope_nickserv_module_nonicknameownership: no
anope_nickserv_module_nonicknameownership: false
anope_nickserv_module_passlen: 32

8
roles/anope/handlers/main.yml
View file

@ -1,11 +1,11 @@
---
- name: restart anope
service:
- name: Restart anope
ansible.builtin.service:
name: anope
state: restarted
- name: reload anope
service:
- name: Reload anope
ansible.builtin.service:
name: anope
state: reloaded

478
roles/anope/meta/argument_specs.yml Normal file
View file

@ -0,0 +1,478 @@
---
argument_specs:
main:
version_added: "0.0.1"
short_description: Install and configure Anope.
description:
- "Install and configure the L(Anope,https://www.anope.org/) IRC services daemon."
- "Execution of this role can be limited using the following tags:"
- "C(role::anope:install): Install Anope from distribution packages."
- "C(role::anope:config): Render the Anope configuration."
- "C(role::anope): Apply all of the above."
author: s3lph
options:
anope_services_botserv_enabled:
description:
- If C(true), enable BotServ.
- If C(true), enable BotServ.
type: bool
default: false
anope_services_chanserv_enabled:
description:
- If C(true), enable ChanServ.
- If C(true), enable ChanServ.
type: bool
default: true
anope_services_global_enabled:
description:
- If C(true), enable Global.
- If C(true), enable Global.
type: bool
default: true
anope_services_hostserv_enabled:
description:
- If C(true), enable HostServ.
- If C(true), enable HostServ.
type: bool
default: false
anope_services_memoserv_enabled:
description:
- If C(true), enable MemoServ.
- If C(true), enable MemoServ.
type: bool
default: false
anope_services_nickserv_enabled:
description:
- If C(true), enable NickServ.
- If C(true), enable NickServ.
type: bool
default: true
anope_services_operserv_enabled:
description:
- If C(true), enable OperServ.
- If C(true), enable OperServ.
type: bool
default: true
anope_empty_modules:
description:
- List of configuration-less modules to enable.
type: list
elements: str
default: [help, m_sasl]
anope_services_host:
description:
- >-
The services.host define is used in multiple different locations throughout the configuration for services
clients hostnames.
type: str
default: services.localhost.localdomain
anope_uplink_host:
description:
- The IP or hostname of the IRC server you wish to connect Services to.
type: str
default: localhost
anope_uplink_ipv6:
description:
- Enable if Services should connect using IPv6.
type: bool
default: true
anope_uplink_ssl:
description:
- Enable if Services should connect using SSL.
- You must have an SSL module loaded for this to work.
type: bool
default: false
anope_uplink_port:
description:
- The port to connect to.
- The IRCd MUST be configured to listen on this port, and to accept server connections.
type: int
default: 7000
anope_serverinfo_name:
description:
- The hostname that Services will be seen as.
- it must have no conflicts with any other server names on the rest of your IRC network.
type: str
default: services.localhost.localdomain
anope_serverinfo_description:
description:
- "The text which should appear as the server's information in /WHOIS and similar queries."
type: str
default: Services for IRC Networks
anope_serverinfo_pid:
description:
- The filename containing the Services process ID.
type: str
default: /var/run/anope/anope.pid
anope_serverinfo_motd:
description:
- The filename containing the Message of the Day.
type: str
default: /etc/anope/services.motd
anope_protocol_module_name:
description:
- This directive tells Anope which IRCd Protocol to speak when connecting.
type: str
default: inspircd3
anope_protocol_module_use_server_side_mlock:
description:
- Some protocol modules can enforce mode locks server-side.
- This reduces the spam caused by services immediately reversing mode changes for locked modes.
type: bool
default: true
anope_protocol_module_use_server_side_topiclock:
description:
- Some protocol modules can enforce topic locks server-side.
- This reduces the spam caused by services immediately reversing topic changes.
type: bool
default: true
anope_networkinfo_networkname:
description:
- This is the name of the network that Services will be running on.
type: str
default: LocalNet
anope_networkinfo_nicklen:
description:
- Set this to the maximum allowed nick length on your network.
type: int
default: 31
anope_networkinfo_userlen:
description:
- Set this to the maximum allowed ident length on your network.
type: int
default: 10
anope_networkinfo_hostlen:
description:
- Set this to the maximum allowed hostname length on your network.
type: int
default: 64
anope_networkinfo_chanlen:
description:
- Set this to the maximum allowed channel length on your network.
type: int
default: 32
anope_networkinfo_modelistsize:
description:
- The maximum number of list modes settable on a channel (such as C(b), C(e), C(I)).
type: int
default: 100
anope_networkinfo_vhost_chars:
description:
- The characters allowed in hostnames.
type: str
default: "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-"
anope_networkinfo_allow_undotted_vhosts:
description:
- If set to true, allows vHosts to not contain dots.
type: bool
default: false
anope_networkinfo_disallow_start_or_end:
description:
- The characters that are not allowed to be at the very beginning or very ending of a vHost.
type: str
default: ".-"
anope_options_casemap:
description:
- The case mapping used by services.
type: str
default: ascii
anope_options_strictpasswords:
description:
- If set, Services will perform more stringent checks on passwords.
type: bool
default: true
anope_options_badpasslimit:
description:
- Sets the number of invalid password tries before Services removes a user from the network.
type: int
default: 5
anope_options_badpasstimeout:
description:
- Sets the time after which invalid passwords are forgotten about.
type: str
default: 1h
anope_options_updatetimeout:
description:
- Sets the delay between automatic database updates.
type: str
default: 5m
anope_options_expiretimeout:
description:
- Sets the delay between checks for expired nicknames and channels.
type: str
default: 30m
anope_options_readtimeout:
description:
- Sets the timeout period for reading from the uplink.
type: str
default: 5s
anope_options_warningtimeout:
description:
- Sets the interval between sending warning messages for program errors via WALLOPS/GLOBOPS.
type: str
default: 4h
anope_options_timeoutcheck:
description:
- Sets the (maximum) frequency at which the timeout list is checked.
type: str
default: 3s
anope_options_retrywait:
description:
- How long to wait between connection retries with the uplink(s).
type: str
default: 60s
anope_options_hideprivilegedcommands:
description:
- "If set, Services will hide commands that users don't have the privilege to execute from HELP output."
type: bool
default: true
anope_options_hideregisteredcommands:
description:
- "If set, Services will hide commands that users can't execute because they are not logged in from HELP output."
type: bool
default: true
anope_options_languages:
description:
- A list of languages to load on startup that will be available in /NICKSERV SET LANGUAGE.
type: list
anope_options_defaultlanguage:
description:
- Default language that non- and newly-registered nicks will receive messages in.
type: str
default: en_US.UTF-8
anope_log:
description:
- This section is used for configuring what is logged and where it is logged to.
type: list
anope_opertypes:
description:
- This section is used to set up staff access to restricted oper only commands.
type: dict
anope_opers:
description:
- List of operators and their access levels.
type: dict
default: {}
anope_database_flatfile_filename:
description:
- The database name db_flatfile should use.
type: str
default: anope.db
anope_database_flatfile_keepbackups:
description:
- Sets the number of days backups of databases are kept.
type: int
default: 3
anope_database_flatfile_nobackupok:
description:
- >-
Allows Services to continue file write operations (i.e. database saving) even if the original file cannot
be backed up.
type: bool
default: false
anope_database_flatfile_fork:
description:
- If enabled, services will fork a child process to save databases.
type: bool
default: false
anope_password_hash:
description:
- Name of the primary password hashing module without the C(enc_) prefix.
type: str
default: bcrypt
anope_additional_config:
description:
- Wilcard option to append arbitrary additional configuration.
type: str
default: ""
anope_nickserv_service_nick:
description:
- The name of the NickServ client.
type: str
default: NickServ
anope_nickserv_servie_user:
description:
- The username of the NickServ client.
type: str
default: services
anope_nickserv_service_host:
description:
- The hostname of the NickServ client.
type: str
default: services.host
anope_nickserv_service_gecos:
description:
- The realname of the NickServ client.
type: str
default: Nickname Registration Service
anope_nickserv_module_client:
description:
- The name of the client that should be NickServ.
type: str
default: NickServ
anope_nickserv_module_forceemail:
description:
- Force users to give an e-mail address when they register a nick.
type: bool
default: true
anope_nickserv_module_confirmemailchanges:
description:
- Require users who change their email address to confirm they own their new email.
type: bool
default: false
anope_nickserv_module_defaults:
description:
- The default options for newly registered nicks.
type: list
default: [killprotect, ns_secure, ns_private, hide_email, hide_mask, memo_signon, memo_receive, autoop]
anope_nickserv_module_regdelay:
description:
- "The minimum length of time between consecutive uses of NickServ's REGISTER command."
type: str
default: 30s
anope_nickserv_module_expire:
description:
- "The length of time before a nick's registration expires."
type: str
default: 21d
anope_nickserv_module_secureadmins:
description:
- >-
Prevents the use of the ACCESS and CERT DROP, FORBID, SUSPEND, GETPASS and SET PASSWORD commands by services
operators on other services operators.
type: bool
default: true
anope_nickserv_module_modeonid:
description:
- >-
If set, Services will set the channel modes a user has access to upon identifying, assuming they are not
already set.
type: bool
default: true
anope_nickserv_module_hidenetsplitquit:
description:
- "If set, Services will not show netsplits in the last quit message field of NickServ's INFO command."
type: bool
default: false
anope_nickserv_module_killquick:
description:
- "Length of time NickServ's killquick option waits before forcing users off of protected nicknames."
type: str
default: 20s
anope_nickserv_module_kill:
description:
- "Length of time NickServ's kill option waits before forcing users off of protected nicknames."
type: str
default: 60s
anope_nickserv_module_enforceruser:
description:
- The username used for fake users created when Services needs to hold a nickname.
type: str
default: enforcer
anope_nickserv_module_enforcerhost:
description:
- The hostname used for fake users created when Services needs to hold a nickname.
type: str
default: services.host
anope_nickserv_module_releasetimeout:
description:
- The length of time Services hold nicknames.
type: str
default: 1m
anope_nickserv_module_guestnickprefix:
description:
- "When a users nick is forcibly changed to enforce a nick kill, their new nick will start with this value."
type: str
default: Guest
anope_nickserv_module_nonicknameownership:
description:
- If set, Services do not allow ownership of nick names, only ownership of accounts.
type: bool
default: false
anope_nickserv_module_passlen:
description:
- The maximum length of passwords.
type: int
default: 32
anope_chanserv_service_nick:
description:
- The name of the ChanServ client.
type: str
default: ChanServ
anope_chanserv_servie_user:
description:
- The username of the ChanServ client.
type: str
default: services
anope_chanserv_service_host:
description:
- The hostname of the ChanServ client.
type: str
default: services.host
anope_chanserv_service_gecos:
description:
- The realname of the ChanServ client.
type: str
default: Channel Registration Service
anope_chanserv_module_client:
description:
- The name of the client that should be ChanServ.
type: str
default: ChanServ
anope_chanserv_module_defaults:
description:
- The default options for newly registered channels.
type: list
elements: str
default: [keeptopic, peace, cs_secure, securefounder, signkick]
anope_chanserv_module_maxregistered:
description:
- The maximum number of channels which may be registered to a single nickname.
type: int
default: 20
anope_chanserv_module_expire:
description:
- The length of time before a channel registration expires.
type: str
default: 14d
anope_chanserv_module_accessmax:
description:
- "The maximum number of entries on a channel's access list."
type: int
default: 1024
anope_chanserv_module_inhabit:
description:
- >-
The length of time ChanServ stays in a channel after kicking a user from a channel they are not permitted
to be in.
type: str
default: 15s
anope_chanserv_module_reasonmax:
description:
- The maximum length of the reason field for user commands such as chanserv/kick and chanserv/ban.
type: int
default: 200
anope_chanserv_module_signkickformat:
description:
- The message formatting to use for signed kick messages.
- "%n is the nick of the kicker."
- "%m is the message specified."
type: str
default: "%m (%n)"
anope_chanserv_module_disallow_hostmask_access:
description:
- If set, prevents channel access entries from containing hostmasks.
type: bool
default: false
anope_chanserv_module_disallow_channel_access:
description:
- If set, prevents channels from being on access lists.
type: bool
default: false
anope_chanserv_module_always_lower_ts:
description:
- If set, ChanServ will always lower the timestamp of registered channels to their registration date.
type: bool
default: false

22
roles/anope/tasks/config.yml
View file

@ -1,29 +1,29 @@
---
- name: render anope config files
template:
- name: Render anope config files
ansible.builtin.template:
src: etc/anope/{{ item }}.conf.j2
dest: /etc/anope/{{ item }}.conf
owner: root
group: irc
mode: 0640
mode: "0640"
loop:
- services
- nickserv
- chanserv
notify: restart anope
notify: Restart anope
- name: render /etc/default/anope
template:
- name: Render /etc/default/anope
ansible.builtin.template:
src: etc/default/anope.j2
dest: /etc/default/anope
owner: root
group: root
mode: 0644
notify: restart anope
mode: "0644"
notify: Restart anope
- name: start and enable anope
service:
- name: Start and enable anope
ansible.builtin.service:
name: anope
state: started
enabled: yes
enabled: true

6
roles/anope/tasks/install.yml
View file

@ -1,7 +1,7 @@
---
- name: install anope
apt:
- name: Install anope
ansible.builtin.apt:
name: anope
# anope recommends default-mta, which resolves to exim
install_recommends : no
install_recommends: false

6
roles/anope/tasks/main.yml
View file

@ -1,11 +1,13 @@
---
- import_tasks: install.yml
- name: Install Anope
ansible.builtin.import_tasks: install.yml
tags:
- "role::anope"
- "role::anope:install"
- import_tasks: config.yml
- name: Configure Anope
ansible.builtin.import_tasks: config.yml
tags:
- "role::anope"
- "role::anope:config"

5
roles/inspircd/README.md Normal file
View file

@ -0,0 +1,5 @@
# Role s3lph.irc.inspircd
Documentation in `meta/argument_specs.yml`.
A usage example can be found in the `docs` folder of the collection.

2
roles/inspircd/defaults/main.yml
View file

@ -72,7 +72,7 @@ inspircd_autoconnect: []
inspircd_links: {}
inspircd_ulines: []
inspircd_sasl_requiressl: yes
inspircd_sasl_requiressl: true
inspircd_oper_classes:
Shutdown:

8
roles/inspircd/handlers/main.yml
View file

@ -1,11 +1,11 @@
---
- name: restart inspircd
service:
- name: Restart inspircd
ansible.builtin.service:
name: inspircd
state: restarted
- name: reload inspircd
service:
- name: Reload inspircd
ansible.builtin.service:
name: inspircd
state: reloaded

183
roles/inspircd/meta/argument_specs.yml Normal file
View file

@ -0,0 +1,183 @@
---
argument_specs:
main:
version_added: "0.0.1"
short_description: Install and configure InspIRCd.
description:
- "Install and configure the L(InspIRCd,https://www.inspircd.org/) IRC daemon."
- "Execution of this role can be limited using the following tags:"
- "C(role::inspircd:install): Install InspIRCd from distribution packages."
- "C(role::inspircd:config): Render the InspIRCd configuration."
- "C(role::inspircd): Apply all of the above."
author: s3lph
options:
inspircd_modules:
description:
- Modules to load.
type: list
elements: str
default:
- argon2
- bcrypt
- botmode
- cap
- connflood
- ircv3
- ircv3_batch
- ircv3_capnotify
- ircv3_ctctags
- ircv3_labeledresponse
- ircv3_msgid
- ircv3_servertime
- messageflood
- password_hash
- pbkdf2
- sha256
- showfile
- sslmodes
- sslrehashsignal
- ssl_gnutls
- spanningtree
- userip
- watch
inspircd_modules_additional:
description:
- Additional modules to load.
type: list
elements: str
default: []
inspircd_server_hostname:
description:
- The hostname of the local server.
type: str
default: "{{ inventory_hostname }}"
inspircd_server_description:
description:
- A description of the local server.
type: str
default: "{{ inventory_hostname }}"
inspircd_server_network:
description:
- The name of the IRC network the local server is attached to.
type: str
default: "{{ inventory_hostname }}"
inspircd_options_casemapping:
description:
- The casemapping to use when comparing channel and nicknames insensitively.
type: str
default: ascii
inspircd_admin_nick:
description:
- The nickname of the server operator.
type: str
default: admin
inspircd_admin_email:
description:
- The email address of the server operator.
type: str
default: noreply@example.com
inspircd_motd:
description:
- Message of the day, ie. shown to users when they connect or use the /MOTD command.
type: str
default: |2
CCCC H H A N N GGGG EEEEE M M EEEEE
C H H A A NN N G E MM MM E
C HHHHH A A N N N G GG EEE M M M EEE
C H H AAAAA N NN G G E M M E
CCCC H H A A N N GGGG EEEEE M M EEEEE
inspircd_log_method:
description:
- The method to use for storing logs.
type: str
default: file
inspircd_log_types:
description:
- List of types of message to log.
type: list
elements: str
default:
- CHANNELS
- COMMAND
- MODE
- MODULE
- SOCKET
- STARTUP
- core_channel
- core_oper
- core_reloadmodule
- m_sasl
- m_spanningtree
- m_ssl_gnutls
- m_sslinfo
- m_topiclock
inspircd_log_level:
description:
- The level of messages to log.
type: str
default: default
inspircd_log_target:
description:
- The location to write the log to.
type: str
default: inspircd.log
inspircd_log_flush:
description:
- After how many lines to flush the log to disk.
type: int
default: 20
inspircd_gnutls_profiles:
description:
- This MUST be set to the name of a GnuTLS TLS (SSL) profile to listen for secure connections with GnuTLS.
type: dict
default: {}
inspircd_bind:
description:
- Endpoints to listen for connections on.
type: list
elements: dict
default:
- address: "::1"
port: 6667
inspircd_autoconnect:
description:
- One or more servers to attempt to connect to.
type: list
elements: dict
default: []
inspircd_links:
description:
- Defines servers to link with.
type: dict
default: {}
inspircd_ulines:
description:
- Defines one or more services servers.
type: list
elements: dict
default: []
inspircd_sasl_requiressl:
description:
- Whether TLS (SSL) is required to use SASL.
type: bool
default: true
inspircd_oper_classes:
description:
- If defined then a connect class to assign users who log into this server operator account to.
type: dict
inspircd_oper_types:
description:
- Types of server operators.
type: dict
inspircd_opers:
description:
- Server operator accounts.
type: dict
default: {}
inspircd_additional_config:
description:
- Wildcard option to append arbitrary additional configuration.
type: str
default: ""

22
roles/inspircd/tasks/config.yml
View file

@ -1,25 +1,25 @@
---
- name: render /etc/inspircd/motd.txt
copy:
- name: Render /etc/inspircd/motd.txt
ansible.builtin.copy:
content: "{{ inspircd_motd }}"
dest: /etc/inspircd/motd.txt
owner: root
group: root
mode: 0644
notify: reload inspircd
mode: "0644"
notify: Reload inspircd
- name: render /etc/inspircd/inspircd.conf
template:
- name: Render /etc/inspircd/inspircd.conf
ansible.builtin.template:
src: etc/inspircd/inspircd.conf.j2
dest: /etc/inspircd/inspircd.conf
owner: root
group: root
mode: 0644
notify: reload inspircd
mode: "0644"
notify: Reload inspircd
- name: start and enable inspircd
service:
- name: Start and enable inspircd
ansible.builtin.service:
name: inspircd
state: started
enabled: yes
enabled: true

18
roles/inspircd/tasks/install.yml
View file

@ -1,21 +1,13 @@
---
- name: add s3lphrepo key
apt_key:
url: https://kernelpanic.lol/repo/repo.gpg
- name: add s3lphrepo
apt_repository:
repo: deb https://kernelpanic.lol/repo stable main
- name: install inspircd
package:
- name: Install InspIRCd
ansible.builtin.apt:
name: inspircd
- name: install inspircd acme deploy hook
template:
- name: Install InspIRCd ACME deploy hook
ansible.builtin.template:
src: usr/local/bin/acme-deploy-inspircd.j2
dest: /usr/local/bin/acme-deploy-inspircd
owner: root
group: root
mode: 0755
mode: "0755"

6
roles/inspircd/tasks/main.yml
View file

@ -1,11 +1,13 @@
---
- import_tasks: install.yml
- name: Install InspIRCd
ansible.builtin.import_tasks: install.yml
tags:
- "role::inspircd"
- "role::inspircd:install"
- import_tasks: config.yml
- name: Configure InspIRCd
ansible.builtin.import_tasks: config.yml
tags:
- "role::inspircd"
- "role::inspircd:config"