Add Ansible role and update README.md

README.md

@@ -18,6 +18,17 @@ Lightweight web chat client for XMPP server.
 ![Screenshot desktop](/docs/screenshot-desktop-main.png)
 ![Screenshot mobile home](/docs/screenshot-mobile-main.png) ![Screenshot mobile chat](/docs/screenshot-mobile-chat.png)
 
+## Installation
+
+XMPP Web can be installed:
+-   With provided [Ansible role](/docs/ansible/xmpp-web/README.md),
+-   From archive:
+    -   download [latest release](https://github.com/nioc/xmpp-web/releases/latest),
+    -   unarchive,
+    -   create [Apache virtual host](/docs/apache.conf),
+    -   configure [`local.js`](public/local.js))
+-   From source (`git clone`, `npm build`, etc...)
+
 ## Credits
 
 -   **[Nioc](https://github.com/nioc/)** - _Initial work_

docs/ansible/xmpp-web/README.md

@@ -0,0 +1,56 @@
+Ansible Role: XMPP Web
+======================
+
+Install XMPP Web:
+- install apache (optional if you already use a webserver),
+- download archive,
+- setup apache virtual host,
+- configure local.js.
+
+Requirements
+------------
+
+Ansible >= 2.9.
+
+Role Variables
+--------------
+
+These variables should be checked/updated before use:
+- `xmppweb_install_apache`: Does Apache should be installed, set `false` if already present (but check required modules), default : `true`,
+- `xmppweb_version`: version to install (see [latest](https://github.com/nioc/xmpp-web/releases/latest)),
+- `domain`: your domain name (not a role variable but **must be set** in your playbook/host), no default,
+- `xmppweb_domain`: subdomain used for your instance, default: `chat.{{domain}}`,
+- `use_web_proxy`: Using or not a proxy web like HAProxy (not a role variable but **must be set** in your playbook/host), no default,
+- `xmppweb_port`: Apache listening port (only if apache is behind a proxy with `use_web_proxy = true`), default: `8080`,
+- `xmppweb_rootpath`: Apache virtual host root path (where code will be unarchived), default: `/var/www`,
+- `xmppweb_webuser`: Linux user running Apache, default: `www-data`.
+
+These variables should not be updated:
+- `xmppweb_download_url`: url for downloading archive.
+
+Dependencies
+------------
+
+None.
+
+Example Playbook
+----------------
+
+    - hosts: servers
+      vars:
+        domain: mydomain.ltd
+        use_web_proxy: false
+      roles:
+      - name: xmpp-web
+        xmppweb_domain: chat.mydomain.ltd
+        xmppweb_port: 8081
+
+License
+-------
+
+AGPL-3.0-or-later
+
+Author Information
+------------------
+
+This role was created in 2019 by [Nioc](https://github.com/nioc).

docs/ansible/xmpp-web/defaults/main.yml

@@ -0,0 +1,12 @@
+---
+xmppweb_install_apache: true
+xmppweb_version: 0.4.1
+xmppweb_download_url: https://github.com/nioc/xmpp-web/releases/download/{{xmppweb_version}}/xmpp-web-{{xmppweb_version}}.tar.xz
+xmppweb_domain: chat.{{domain}}
+xmppweb_xmpp_server: '{{domain}}'
+xmppweb_xmpp_port: 5280
+xmppweb_xmpp_ws_url: xmpp-websocket
+xmppweb_xmpp_bosh_url: http-bind
+xmppweb_port: 8080
+xmppweb_rootpath: /var/www
+xmppweb_webuser: www-data

docs/ansible/xmpp-web/handlers/main.yml

@@ -0,0 +1,12 @@
+---
+- name: reload apache
+  become: yes
+  systemd:
+    name: apache2
+    state: reloaded
+
+- name: restart apache
+  become: yes
+  systemd:
+    name: apache2
+    state: restarted

docs/ansible/xmpp-web/meta/main.yml

@@ -0,0 +1,9 @@
+galaxy_info:
+  author: Nioc
+  description: Install XMPP web
+  issue_tracker_url: https://github.com/nioc/xmpp-web/issues
+  license: license (AGPL-3.0-or-later)
+  min_ansible_version: 2.9
+  galaxy_tags: []
+
+dependencies: []

docs/ansible/xmpp-web/tasks/apache.yml

@@ -0,0 +1,22 @@
+---
+- name: Install and configure Apache
+  become: yes
+  apt:
+    name: ['apache2']
+    state: present
+    cache_valid_time: 3600
+
+- name: Enable Apache modules
+  become: yes
+  apache2_module:
+    name: '{{item}}'
+    state: present
+  with_items: ['proxy_wstunnel', 'proxy', 'proxy_http', 'rewrite', 'headers', 'ssl']
+  notify: restart apache
+
+- name: Make sure Apache is started and enabled to start on boot
+  become: yes
+  systemd:
+    name: apache2
+    state: started
+    enabled: yes

docs/ansible/xmpp-web/tasks/main.yml

@@ -0,0 +1,67 @@
+---
+- name: Install and configure Apache
+  include_tasks: apache.yml
+  when: xmppweb_install_apache
+
+- name: Creates XMPP Web folder
+  become: yes
+  file:
+    path: '{{xmppweb_rootpath}}/xmpp-web'
+    state: directory
+    owner: '{{xmppweb_webuser}}'
+    group: '{{xmppweb_webuser}}'
+
+- name: Download and unarchive XMPP Web code
+  become: yes
+  unarchive:
+    src: '{{xmppweb_download_url}}'
+    dest: '{{xmppweb_rootpath}}'
+    owner: '{{xmppweb_webuser}}'
+    group: '{{xmppweb_webuser}}'
+    remote_src: yes
+
+- name: Replace hostname in local.js file
+  become: yes
+  replace:
+    path: '{{xmppweb_rootpath}}/xmpp-web/local.js'
+    regexp: '{{item.regexp}}'
+    replace: '{{item.replace}}'
+  with_items:
+  - regexp: domain-xmpp.ltd
+    replace: '{{xmppweb_xmpp_server}}'
+  - regexp: chat.domain-web.ltd
+    replace: '{{xmppweb_domain}}'
+
+- name: Create XMPP Web Apache virtual host (using web proxy)
+  when: use_web_proxy
+  block:
+  - name: Create XMPP Web Apache virtual hosts
+    become: yes
+    template:
+      src: '024-chat-proxy.conf.j2'
+      dest: /etc/apache2/sites-available/024-chat.conf
+
+  - name: Enable XMPP Web Apache virtual host
+    become: yes
+    command: a2ensite 024-chat
+    notify: reload apache
+
+- name: Create XMPP Web Apache virtual host
+  when: not use_web_proxy
+  block:
+  - name: Create XMPP Web Apache virtual hosts
+    become: yes
+    template:
+      src: '{{item}}.conf.j2'
+      dest: /etc/apache2/sites-available/{{item}}.conf
+    with_items:
+    - 024-chat
+    - 024-chat-ssl
+
+  - name: Enable XMPP Web Apache virtual host
+    become: yes
+    command: a2ensite {{item}}
+    with_items:
+    - 024-chat
+    - 024-chat-ssl
+    notify: reload apache

docs/ansible/xmpp-web/templates/024-chat-proxy.conf.j2

@@ -0,0 +1,45 @@
+# {{ ansible_managed }}
+<VirtualHost *:{{xmppweb_port}}>
+	ServerName   {{xmppweb_domain}}
+	ServerAlias  {{xmppweb_domain}}
+	ServerAdmin  webmaster@{{domain}}
+
+	DocumentRoot {{xmppweb_rootpath}}/xmpp-web
+
+	# websocket proxy
+	<IfModule mod_proxy_wstunnel.c>
+		<Location "/xmpp-websocket">
+			#ProxyPreserveHost On
+			ProxyPass "ws://{{xmppweb_xmpp_server}}:{{xmppweb_xmpp_port}}/{{xmppweb_xmpp_ws_url}}"
+		</Location>
+	</IfModule>
+
+	# bosh proxy
+	<IfModule mod_proxy.c>
+		<Location "/http-bind">
+			Header set Access-Control-Allow-Origin "*"
+			Header set Access-Control-Allow-Headers "*"
+			ProxyPass         "http://{{xmppweb_xmpp_server}}:{{xmppweb_xmpp_port}}/{{xmppweb_xmpp_bosh_url}}"
+			ProxyPassReverse  "http://{{xmppweb_xmpp_server}}:{{xmppweb_xmpp_port}}/{{xmppweb_xmpp_bosh_url}}"
+		</Location>
+	</IfModule>
+
+	# front files
+	<Directory {{xmppweb_rootpath}}/xmpp-web>
+		Options -Indexes +FollowSymLinks +MultiViews
+		AllowOverride None
+		Require all granted
+		<IfModule mod_rewrite.c>
+			RewriteEngine On
+			RewriteBase   /
+			RewriteRule   ^index\.html$ - [L]
+			RewriteCond   %{REQUEST_FILENAME} !-f
+			RewriteCond   %{REQUEST_FILENAME} !-d
+			RewriteRule   . /index.html [L]
+		</IfModule>
+	</Directory>
+
+	ErrorLog  ${APACHE_LOG_DIR}/chat_error.log
+	LogLevel  warn
+	CustomLog ${APACHE_LOG_DIR}/chat_access.log vhost_combined
+</VirtualHost>

docs/ansible/xmpp-web/templates/024-chat-ssl.conf.j2

@@ -0,0 +1,53 @@
+# {{ ansible_managed }}
+<VirtualHost *:443>
+	ServerName   {{xmppweb_domain}}
+	ServerAlias  {{xmppweb_domain}}
+	ServerAdmin  webmaster@{{domain}}
+
+	DocumentRoot {{xmppweb_rootpath}}/xmpp-web
+
+	# websocket proxy
+	<IfModule mod_proxy_wstunnel.c>
+		<Location "/xmpp-websocket">
+			#ProxyPreserveHost On
+			ProxyPass "ws://{{xmppweb_xmpp_server}}:{{xmppweb_xmpp_port}}/{{xmppweb_xmpp_ws_url}}"
+		</Location>
+	</IfModule>
+
+	# bosh proxy
+	<IfModule mod_proxy.c>
+		<Location "/http-bind">
+			Header set Access-Control-Allow-Origin "*"
+			Header set Access-Control-Allow-Headers "*"
+			ProxyPass         "http://{{xmppweb_xmpp_server}}:{{xmppweb_xmpp_port}}/{{xmppweb_xmpp_bosh_url}}"
+			ProxyPassReverse  "http://{{xmppweb_xmpp_server}}:{{xmppweb_xmpp_port}}/{{xmppweb_xmpp_bosh_url}}"
+		</Location>
+	</IfModule>
+
+	# front files
+	<Directory {{xmppweb_rootpath}}/xmpp-web>
+		Options -Indexes +FollowSymLinks +MultiViews
+		AllowOverride None
+		Require all granted
+		<IfModule mod_rewrite.c>
+			RewriteEngine On
+			RewriteBase   /
+			RewriteRule   ^index\.html$ - [L]
+			RewriteCond   %{REQUEST_FILENAME} !-f
+			RewriteCond   %{REQUEST_FILENAME} !-d
+			RewriteRule   . /index.html [L]
+		</IfModule>
+	</Directory>
+
+	ErrorLog  ${APACHE_LOG_DIR}/chat_error.log
+	LogLevel  warn
+	CustomLog ${APACHE_LOG_DIR}/chat_access.log vhost_combined
+
+	Protocols h2 http/1.1
+	SSLEngine               on
+	SSLStrictSNIVHostCheck  on 
+	Header                  always set Strict-Transport-Security "max-age=15768000"
+
+	SSLCertificateFile      /etc/letsencrypt/live/{{domain}}/fullchain.pem
+	SSLCertificateKeyFile   /etc/letsencrypt/live/{{domain}}/privkey.pem
+</VirtualHost>

docs/ansible/xmpp-web/templates/024-chat.conf.j2

@@ -0,0 +1,11 @@
+# {{ ansible_managed }}
+<VirtualHost *:80>
+	ServerName   {{xmppweb_domain}}
+	ServerAlias  {{xmppweb_domain}}
+	ServerAdmin  webmaster@{{domain}}
+	Redirect permanent / https://{{xmppweb_domain}}/
+
+	ErrorLog  ${APACHE_LOG_DIR}/chat_error.log
+	LogLevel  warn
+	CustomLog ${APACHE_LOG_DIR}/chat_access.log vhost_combined
+</VirtualHost>