diff --git a/roles/thinlinc-server/handlers/main.yml b/roles/thinlinc-server/handlers/main.yml new file mode 100644 index 0000000..7b45b87 --- /dev/null +++ b/roles/thinlinc-server/handlers/main.yml @@ -0,0 +1,10 @@ +--- +- name: restart tlwebaccess + service: + name: tlwebaccess + state: restarted + +- name: restart vsmagent + service: + name: vsmagent + state: restarted diff --git a/roles/thinlinc-server/tasks/main.yml b/roles/thinlinc-server/tasks/main.yml index 62c3940..090d58d 100644 --- a/roles/thinlinc-server/tasks/main.yml +++ b/roles/thinlinc-server/tasks/main.yml @@ -52,12 +52,55 @@ regexp: "^show_intro=.*" line: show_intro=false +- name: configure vsmagent hostname + lineinfile: + path: /opt/thinlinc/etc/conf.d/vsmagent.hconf + regexp: "^agent_hostname=.*" + line: "agent_hostname={{ inventory_hostname }}" + notify: restart vsmagent + +- name: copy private key + copy: + dest: /opt/thinlinc/etc/tlwebaccess/server.key + src: "/srv/ca/private/{{ inventory_hostname }}.key" + mode: 0600 + owner: root + group: "{{ ansible_wheel }}" + tags: certificates + notify: restart tlwebaccess + +- name: copy certificate + copy: + dest: /opt/thinlinc/etc/tlwebaccess/server.crt + src: "/srv/ca/certs/{{ inventory_hostname }}.crt" + mode: 0644 + owner: root + group: "{{ ansible_wheel }}" + validate: /usr/bin/openssl x509 -in %s -noout + tags: certificates + notify: restart tlwebaccess + +- name: configure webaccess port + lineinfile: + path: /opt/thinlinc/etc/conf.d/webaccess.hconf + regexp: "^listen_port=.*" + line: "listen_port=443" + notify: restart tlwebaccess + +- name: configure webaccess url + lineinfile: + path: /opt/thinlinc/etc/conf.d/webaccess.hconf + regexp: "^login_page=.*" + line: "login_page=https://{{ inventory_hostname }}/" + notify: restart tlwebaccess + - name: start thinlinc services service: name: "{{ item }}" state: started enabled: true with_items: + - tlwebaccess - tlwebadm.service - vsmagent - vsmserver