thinlinc-server: Add web access configuration

Still lacks support for real certificates.

roles/thinlinc-server/handlers/main.yml

@@ -0,0 +1,10 @@
+---
+- name: restart tlwebaccess
+  service:
+    name: tlwebaccess
+    state: restarted
+
+- name: restart vsmagent
+  service:
+    name: vsmagent
+    state: restarted

roles/thinlinc-server/tasks/main.yml

@@ -52,12 +52,55 @@
     regexp: "^show_intro=.*"
     line: show_intro=false
 
+- name: configure vsmagent hostname
+  lineinfile:
+    path: /opt/thinlinc/etc/conf.d/vsmagent.hconf
+    regexp: "^agent_hostname=.*"
+    line: "agent_hostname={{ inventory_hostname }}"
+  notify: restart vsmagent
+
+- name: copy private key
+  copy:
+    dest: /opt/thinlinc/etc/tlwebaccess/server.key
+    src: "/srv/ca/private/{{ inventory_hostname }}.key"
+    mode: 0600
+    owner: root
+    group: "{{ ansible_wheel }}"
+  tags: certificates
+  notify: restart tlwebaccess
+
+- name: copy certificate
+  copy:
+    dest: /opt/thinlinc/etc/tlwebaccess/server.crt
+    src: "/srv/ca/certs/{{ inventory_hostname }}.crt"
+    mode: 0644
+    owner: root
+    group: "{{ ansible_wheel }}"
+    validate: /usr/bin/openssl x509 -in %s -noout
+  tags: certificates
+  notify: restart tlwebaccess
+
+- name: configure webaccess port
+  lineinfile:
+    path: /opt/thinlinc/etc/conf.d/webaccess.hconf
+    regexp: "^listen_port=.*"
+    line: "listen_port=443"
+  notify: restart tlwebaccess
+
+- name: configure webaccess url
+  lineinfile:
+    path: /opt/thinlinc/etc/conf.d/webaccess.hconf
+    regexp: "^login_page=.*"
+    line: "login_page=https://{{ inventory_hostname }}/"
+  notify: restart tlwebaccess
+
 - name: start thinlinc services
   service:
     name: "{{ item }}"
     state: started
     enabled: true
   with_items:
+    - tlwebaccess
     - tlwebadm.service
     - vsmagent
     - vsmserver