From 81d3c7ce4cc0364c76303d74c1ff445a75b3bd1c Mon Sep 17 00:00:00 2001
From: Julien Palard <julien@palard.fr>
Date: Tue, 3 Jan 2023 12:59:16 +0100
Subject: [PATCH] certificate-watcher: Use XMPP instead of email.

---
 cert_watch.yml                           | 10 +++-
 group_vars/all/vault.yml                 | 16 ++---
 roles/certificate_watcher/tasks/main.yml | 74 ++++++++++++++----------
 3 files changed, 59 insertions(+), 41 deletions(-)

diff --git a/cert_watch.yml b/cert_watch.yml
index bd77e09..8904ce7 100644
--- a/cert_watch.yml
+++ b/cert_watch.yml
@@ -9,15 +9,15 @@
       tags: always
       vars:
         owner: certificate-watcher
-        dest: 'irc://irc.libera.chat/#mdk'
-        prefix: "mdk:"
+        dest: 'mdk@chapril.org'
         domains: |
           # AFPy
           afpy.org
           bbb.afpy.org
+          discuss.afpy.org
           dl.afpy.org
           logs.afpy.org
-          discuss.afpy.org
+          photos.afpy.org
 
           fr.pycon.org
           pycon.org
@@ -27,11 +27,13 @@
           2012.pycon.fr
           2016.pycon.fr
           autoconfig.pycon.fr
+          cfp-2023.pycon.fr
           paullaroid.pycon.fr
           pycon.fr
           videos-2015.pycon.fr
           www.pycon.fr
 
+
           # Python
           bugs.python.org
           mail.python.org
@@ -69,6 +71,8 @@
           protonmail.com
           makina-corpus.com
           fr.wikipedia.org
+          latest.glowing-bear.org
+          lilo.org
           mamot.fr
           framagenda.org
           framapad.org
diff --git a/group_vars/all/vault.yml b/group_vars/all/vault.yml
index 9e4eb4f..ba3922b 100644
--- a/group_vars/all/vault.yml
+++ b/group_vars/all/vault.yml
@@ -1,8 +1,10 @@
 $ANSIBLE_VAULT;1.1;AES256
-61333239366432343130623339303039336432376630396530656333646231346230383066646137
-6137386633646634653864366235613435633033653961330a616130353838333863346536653565
-31666161386231353038343066633533323866326532343832666135366537393966366461653763
-3864646630653463610a373063346431393464383739643336663239623533626530653332623631
-64396532656633363236633461323361313833373538373261386530653339313235633562336638
-62643237623933663732366533363635616339646265633961333037393438373231613364623939
-636464383531656363306435643365313765
+34336133353038653538313163313464363635306265343938376236623833343365386237306564
+3262333664306534306139633466303961356430663738640a353936326262623261313038306465
+62653239613636353537626562343163636234353432633664316130376561353035666635373931
+3837643533646466620a656363373061323030313361613033613337366362373335626434366237
+62303937316532333763396435633864363831346537613864616431396639326462316163623561
+39306166316361663466626239663835623031383134663561646530623539623563653331346634
+30366463343334393066396338316636356365653634386333643237343634356636633630383637
+32633537653034383739303335383630646130646462326565343665646332623662373830356365
+6566
diff --git a/roles/certificate_watcher/tasks/main.yml b/roles/certificate_watcher/tasks/main.yml
index 14f3900..38d354c 100644
--- a/roles/certificate_watcher/tasks/main.yml
+++ b/roles/certificate_watcher/tasks/main.yml
@@ -1,37 +1,49 @@
 ---
 
-- block:
-  - name: Create certificate watcher user
-    user:
-      system: true
-      name: "{{ owner }}"
+- name: Install go-sendxmpp
+  package: name=go-sendxmpp state=present
 
-  - name: Install certificate watcher
-    pip:
-      name: certificate_watcher>=0.0.5
-      virtualenv_command: "/usr/bin/python3 -m venv"
-      virtualenv: "$HOME/.venv/"
-    become: true
-    become_user: "{{ owner }}"
+- name: Create certificate watcher user
+  user:
+    system: true
+    name: "{{ owner }}"
 
-  - name: Setup certificates to watch
-    copy:
-      content: "{{ domains }}"
-      dest: $HOME/certificates
-    become: true
-    become_user: "{{ owner }}"
+- name: Install certificate watcher
+  pip:
+    name: certificate_watcher>=0.0.5
+    virtualenv_command: "/usr/bin/python3 -m venv"
+    virtualenv: "$HOME/.venv/"
+  become: true
+  become_user: "{{ owner }}"
 
-  - name: Ensure crontab sends email to me
-    community.general.cronvar:
-      user: "{{ owner }}"
-      name: MAILTO
-      value: julien+certificate-watcher@palard.fr
+- name: Setup certificates to watch
+  copy:
+    content: "{{ domains }}"
+    dest: $HOME/certificates
+  become: true
+  become_user: "{{ owner }}"
 
-  - name: Setup certificate watcher cron
-    cron:
-      user: "{{ owner }}"
-      name: Watch certificates
-      minute: "57"
-      hour: "7-23"
-      job: '$HOME/.venv/bin/certificate_watcher -f ~/certificates'
-  tags: [certificate_watcher]
+- name: Ensure crontab sends email to me
+  community.general.cronvar:
+    user: "{{ owner }}"
+    name: MAILTO
+    value: julien+certificate-watcher@palard.fr
+
+- name: Setup go-sendxmpp
+  become: true
+  become_user: "{{ owner }}"
+  copy:
+    mode: 0600
+    dest: "$HOME/.sendxmpprc"
+    content: |
+      username: mdk.fr
+      jserver: chapril.org
+      password: {{ vault_xmpp_password }}
+
+- name: Setup certificate watcher cron
+  cron:
+    user: "{{ owner }}"
+    name: Watch certificates
+    minute: "57"
+    hour: "7-23"
+    job: '$HOME/.venv/bin/certificate_watcher -f ~/certificates | go-sendxmpp "{{ dest }}"'