From 6fe0f9221ee5b2b8b3be019aed32b5264111099f Mon Sep 17 00:00:00 2001
From: Sacha Chua <sacha@sachachua.com>
Date: Tue, 17 Oct 2023 11:58:03 -0400
Subject: add live role

---
 common-playbook.yml                          |  5 ++++
 roles/live/tasks/main.yml                    | 23 ++++++++++++++++
 roles/live/templates/live.emacsconf.org.conf | 41 ++++++++++++++++++++++++++++
 3 files changed, 69 insertions(+)
 create mode 100644 roles/live/tasks/main.yml
 create mode 100644 roles/live/templates/live.emacsconf.org.conf

diff --git a/common-playbook.yml b/common-playbook.yml
index 463c411..8426c74 100644
--- a/common-playbook.yml
+++ b/common-playbook.yml
@@ -61,3 +61,8 @@
   tags: obs
   roles:
     - obs
+- name: Set up live.emacsconf.org
+
+  tags: live
+  roles:
+    - live
diff --git a/roles/live/tasks/main.yml b/roles/live/tasks/main.yml
new file mode 100644
index 0000000..3e51765
--- /dev/null
+++ b/roles/live/tasks/main.yml
@@ -0,0 +1,23 @@
+- name: Create the directory for this year
+  file:
+    path: /var/www/live.emacsconf.org/{{ item }}
+    owner: "{{ emacsconf_user }}"
+    group: "{{ emacsconf_user }}"
+    state: directory
+  loop:
+    - "{{ emacsconf_year }}"
+    - "{{ emacsconf_year }}/watch"
+- name: Configure Nginx
+  template:
+    src: live.emacsconf.org.conf
+    dest: /etc/nginx/sites-available/live.emacsconf.org
+- name: Make sure main configuration is enabled
+  file:
+    src: /etc/nginx/sites-available/live.emacsconf.org
+    dest: /etc/nginx/sites-enabled/live.emacsconf.org
+    force: no
+    state: link
+- name: Reload configuration
+  service:
+    name: nginx
+    state: reloaded
diff --git a/roles/live/templates/live.emacsconf.org.conf b/roles/live/templates/live.emacsconf.org.conf
new file mode 100644
index 0000000..c73b202
--- /dev/null
+++ b/roles/live/templates/live.emacsconf.org.conf
@@ -0,0 +1,41 @@
+# {{ ansible_managed }}
+
+server {
+	listen 80;
+	listen [::]:80;
+	server_name live.emacsconf.org;
+
+	include snippets/well-known-acme-challenge.conf;
+
+	root /var/www/live.emacsconf.org;
+	add_header Cache-Control "no-store, no-cache, must-revalidate";
+	add_header Pragma "no-cache";
+	add_header Expires 0;
+}
+
+server {
+	listen 443 ssl http2;
+  listen [::]:443 ssl http2;
+	server_name live.emacsconf.org;
+
+	include /etc/nginx/tls/emacsconf.org.conf;
+  location ~ ^/$ {
+    return 307 https://live.emacsconf.org/{{ emacsconf_year }}/watch/index.html;
+  }
+
+	#auth_basic "Restricted";
+	#auth_basic_user_file "znc-htpasswd";
+
+	root /var/www/live.emacsconf.org;
+	add_header Cache-Control "no-store, no-cache, must-revalidate";
+	add_header Pragma "no-cache";
+	add_header Expires 0;
+}
+
+server {
+  listen 80;
+  listen [::]:80;
+  server_name live.emacsconf.com live.emacsconf.net;
+
+  return 302 $scheme://live.emacsconf.org$request_uri;
+}
-- 
cgit v1.2.3