From 701c42b32c7c1bb933e0f9eed2f3c0c49e862977 Mon Sep 17 00:00:00 2001
From: Timo Makinen <tmakinen@foo.sh>
Date: Fri, 11 Mar 2022 18:18:30 +0000
Subject: [PATCH] websockify: Initial version of role

---
 roles/websockify/files/rc.websockify          | 12 +++++
 roles/websockify/handlers/main.yml            |  5 +++
 roles/websockify/tasks/main.yml               | 44 +++++++++++++++++++
 roles/websockify/templates/websockify.conf.j2 |  3 ++
 4 files changed, 64 insertions(+)
 create mode 100644 roles/websockify/files/rc.websockify
 create mode 100644 roles/websockify/handlers/main.yml
 create mode 100644 roles/websockify/tasks/main.yml
 create mode 100644 roles/websockify/templates/websockify.conf.j2

diff --git a/roles/websockify/files/rc.websockify b/roles/websockify/files/rc.websockify
new file mode 100644
index 0000000..a26afcf
--- /dev/null
+++ b/roles/websockify/files/rc.websockify
@@ -0,0 +1,12 @@
+#!/bin/ksh
+
+daemon="/usr/local/bin/websockify"
+daemon_user="websock"
+daemon_flags="-D --syslog=/dev/log --token-plugin=TokenFile --token-source=/etc/websockify.conf 127.0.0.1:6000"
+
+. /etc/rc.d/rc.subr
+
+pexp="$(readlink -f /usr/local/bin/python3) ${daemon}${daemon_flags:+ ${daemon_flags}}"
+rc_reload=NO
+
+rc_cmd $1
diff --git a/roles/websockify/handlers/main.yml b/roles/websockify/handlers/main.yml
new file mode 100644
index 0000000..fabde90
--- /dev/null
+++ b/roles/websockify/handlers/main.yml
@@ -0,0 +1,5 @@
+---
+- name: restart websockify
+  ansible.builtin.service:
+    name: websockify
+    state: restarted
diff --git a/roles/websockify/tasks/main.yml b/roles/websockify/tasks/main.yml
new file mode 100644
index 0000000..cb1f195
--- /dev/null
+++ b/roles/websockify/tasks/main.yml
@@ -0,0 +1,44 @@
+---
+- name: install packages
+  ansible.builtin.package:
+    name: websockify
+    state: installed
+
+- name: create websock group
+  ansible.builtin.group:
+    name: websock
+    system: true
+
+- name: create websock user
+  ansible.builtin.user:
+    name: websock
+    comment: Service Websock
+    createhome: false
+    group: websock
+    home: /var/empty
+    shell: /sbin/nologin
+    system: true
+
+- name: create configuration file
+  ansible.builtin.template:
+    dest: /etc/websockify.conf
+    src: websockify.conf.j2
+    mode: 0640
+    owner: root
+    group: websock
+  notify: restart websockify
+
+- name: create startup script
+  ansible.builtin.copy:
+    dest: /etc/rc.d/websockify
+    src: rc.websockify
+    mode: 0555
+    owner: root
+    group: "{{ ansible_wheel }}"
+  notify: restart websockify
+
+- name: enable service
+  ansible.builtin.service:
+    name: websockify
+    state: started
+    enabled: true
diff --git a/roles/websockify/templates/websockify.conf.j2 b/roles/websockify/templates/websockify.conf.j2
new file mode 100644
index 0000000..0f44b71
--- /dev/null
+++ b/roles/websockify/templates/websockify.conf.j2
@@ -0,0 +1,3 @@
+{% for host in ssh_proxy_hosts %}
+{{ host | hash('sha1') }}: {{ host }}:22
+{% endfor %}