mv firewall scripts to roles.

2020-05-16 16:45:17 +02:00
parent 097f5bea85
commit 1c1a5fce41
14 changed files with 1055 additions and 1458 deletions
--- a/roles/modify-ipt-server/tasks/main.yml
+++ b/roles/modify-ipt-server/tasks/main.yml
@ -715,6 +715,71 @@
    - jitsi_dovecot_auth_ipv6_present is changed


+
+
+
+- name: Check if String 'jitsi_jibri_remote_auth=..' (IPv4) is present
+  shell: grep -q -E "^jitsi_jibri_remote_auth=" /etc/ipt-firewall/main_ipv4.conf
+  register: jitsi_jibri_remote_auth_ipv4_present
+  when: main_ipv4_exists.stat.exists
+  failed_when: "jitsi_jibri_remote_auth_ipv4_present.rc > 1"
+  changed_when: "jitsi_jibri_remote_auth_ipv4_present.rc > 0"
+
+- name: Adjust file '/etc/ipt-firewall/main_ipv4.conf' (jitsi dovecot auth)
+  blockinfile:
+    path: /etc/ipt-firewall/main_ipv4.conf
+    insertafter: '^#?\s*jitsi_dovecot_port'
+    block: |
+      # - Jibri extern Client Recording / Streamin
+      # -
+      jitsi_jibri_remote_auth=false
+      # - Remote Jibri servers
+      # -
+      # - blank separated list of ipv4 addresses
+      # -
+      jitsi_jibri_remote_ips=""
+      jitsi_jibri_remote_auth_port="$default_jibri_out_port"
+
+
+      # - Jibri Recording / Streaming Service
+      # -
+      # - blank separated list of ipv4 addresse
+      # -
+      jibri_server_ips=""
+      # - blank separated list of ipv4 addresse
+      # -
+      forward_jibri_server_ips=""
+      jibri_remote_jitsi_server=""
+      jibri_remote_auth_port="$default_jibri_out_port"
+    marker: "# Marker set by modify-ipt-server.yml (jitsi dovecot auth)"
+  when: 
+    - main_ipv4_exists.stat.exists
+    - jitsi_jibri_remote_auth_ipv4_present is changed
+
+- name: Check if String 'jitsi_jibri_remote_auth=..' (IPv6) is present
+  shell: grep -q -E "^jitsi_jibri_remote_auth=" /etc/ipt-firewall/main_ipv6.conf
+  register: jitsi_jibri_remote_auth_ipv6_present
+  when: main_ipv4_exists.stat.exists
+  failed_when: "jitsi_jibri_remote_auth_ipv6_present.rc > 1"
+  changed_when: "jitsi_jibri_remote_auth_ipv6_present.rc > 0"
+
+- name: Adjust file '/etc/ipt-firewall/main_ipv6.conf' (jitsi dovecot auth)
+  blockinfile:
+    path: /etc/ipt-firewall/main_ipv6.conf
+    insertafter: '^#?\s*jitsi_dovecot_port'
+    block: |
+      # - Jitsi Dovecot Authentication
+      # -
+      jitsi_dovecot_auth=false
+      jitsi_dovecot_host=""
+      jitsi_dovecot_port="$default_jitsi_dovecout_auth_port"
+    marker: "# Marker set by modify-ipt-server.yml (jitsi dovecot auth)"
+  when: 
+    - main_ipv6_exists.stat.exists
+    - jitsi_jibri_remote_auth_ipv6_present is changed
+
+
+
 # ---
 # TURN Server (Stun Server) (for Nextcloud 'talk' app)
 # ---