infra/weechat.yml

---

- hosts: mdk
  vars:
    letsencrypt_email: julien@palard.fr
  tasks:
    - name: Setup weechat
      include_role: name=weechat
      tags: always
      vars:
        version: 2.7
        owner: weechat

    - name: Setup Glowing Bear
      tags: weechat
      unarchive:
        src: https://github.com/glowing-bear/glowing-bear/archive/0.7.2.tar.gz
        remote_src: yes
        dest: "/usr/local/src/"

    - name: Configure irc.mdk.fr
      tags: weechat
      notify: reload nginx
      copy:
        dest: /etc/nginx/conf.d/irc.mdk.fr.conf
        content: |
          # Set connection header based on upgrade header
          map $http_upgrade $connection_upgrade {
              default upgrade;
              '' close;
          }

          server
          {
              listen 443 ssl;
              include snippets/letsencrypt-irc.mdk.fr.conf;
              add_header Content-Security-Policy "default-src 'self'; img-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com; object-src 'none'; frame-src 'none'; font-src cdnjs.cloudflare.com;";
              add_header X-Frame-Options DENY;
              server_name irc.mdk.fr;

              location /
              {
                  root /usr/local/src/glowing-bear-0.7.2/;
                  index index.html;
              }

              location /weechat
              {
                  proxy_pass http://127.0.0.1:9000;
                  proxy_http_version 1.1;
                  proxy_set_header Upgrade $http_upgrade;
                  proxy_set_header Connection $connection_upgrade;
                  proxy_read_timeout 4h;
              }
          }