From 2be81b299be9cad0b03495f2ea038a01969c6cb2 Mon Sep 17 00:00:00 2001
From: Sacha Chua <sacha@sachachua.com>
Date: Tue, 1 Oct 2024 19:59:03 -0400
Subject: Update for new ansible version

---
 roles/stream/tasks/main.yml                 | 35 ++++++++++++++++++++---------
 roles/stream/templates/emacsconf.nginx.conf |  9 +++++++-
 roles/stream/templates/icecast.xml          |  2 +-
 3 files changed, 34 insertions(+), 12 deletions(-)

(limited to 'roles/stream')

diff --git a/roles/stream/tasks/main.yml b/roles/stream/tasks/main.yml
index d821d5e..eaf2fc8 100644
--- a/roles/stream/tasks/main.yml
+++ b/roles/stream/tasks/main.yml
@@ -8,40 +8,55 @@
   package:
     name: icecast2
     state: present
+- name: Install package for setting htpasswd
+  package:
+    name: python3-passlib
+  when: protect_stream_with_password
+- name: Create htpasswd entry
+  htpasswd:
+    create: yes
+    name: "{{ emacsconf_backstage_user }}"
+    password: "{{ emacsconf_backstage_password }}"
+    path: /etc/nginx/{{ emacsconf_id }}-htpasswd
+  when: protect_stream_with_password
 - name: Set up config
   become: true
   template:
     src: icecast.xml
-    dest: /etc/icecast2/icecast-emacsconf.xml
+    dest: /etc/icecast2/icecast-{{ emacsconf_id }}.xml
 - name: Create restream dir
   file:
     path: "{{ icecast_restream_dir }}"
     owner: "{{ icecast_user }}"
     state: directory
 - name: Set up track-specific things
-  include: track.yml
+  include_tasks: track.yml
   loop: "{{ emacsconf_tracks }}"
 - name: Set up init file
   become: true
   template:
     src: icecast-emacsconf.init.d
-    dest: /etc/init.d/emacsconf
+    dest: /etc/init.d/{{ emacsconf_id }}
     mode: 0755
 - name: Set up nginx config
   tags: stream-nginx
   become: true
   template:
     src: emacsconf.nginx.conf
-    dest: /etc/nginx/emacsconf.nginx.conf
+    dest: /etc/nginx/{{ emacsconf_id }}.nginx.conf
     mode: 0644
 - name: Include emacsconf in nginx config
   become: true
   lineinfile:
-    line: include /etc/nginx/emacsconf.nginx.conf;
-    regexp: '^\s*include /etc/nginx/emacsconf.nginx.conf;'
+    line: include /etc/nginx/{{ emacsconf_id }}.nginx.conf;
+    regexp: '^\s*include /etc/nginx/{{ emacsconf_id }}.nginx.conf;'
     insertafter: '.*tls/live0.conf.*'
     backup: yes
-    path: /etc/nginx/sites-available/live0.emacsconf.org
+    path: /etc/nginx/sites-available/live0.{{ emacsconf_id }}.org
+- name: Reload nginx config
+  service:
+    name: nginx
+    state: reloaded
 - name: Enable icecast
   become: true
   service:
@@ -57,7 +72,7 @@
   register: port_check
   ignore_errors: yes
 - name: Try to restart icecast if not started
-  service: name=emacsconf state=started enabled=yes
+  service: name={{ emacsconf_id }} state=started enabled=yes
   when: port_check.failed == true
 - name: Set up restream scripts
   tags: restream
@@ -67,7 +82,7 @@
     owner: orga
     mode: 0755
   loop: "{{ restreaming_platforms | subelements('streams') | list }}"
-  no_log: True
+  # no_log: True
 - name: Set up restream scripts
   tags: restream
   template:
@@ -76,7 +91,7 @@
     owner: orga
     mode: 0755
   loop: "{{ restreaming_platforms | subelements('streams') | list }}"
-  no_log: True
+  # no_log: True
 - name: Copy fallback files
   copy:
     src: sorry.webm
diff --git a/roles/stream/templates/emacsconf.nginx.conf b/roles/stream/templates/emacsconf.nginx.conf
index ac84ef5..cf5e2b8 100644
--- a/roles/stream/templates/emacsconf.nginx.conf
+++ b/roles/stream/templates/emacsconf.nginx.conf
@@ -11,6 +11,10 @@ location ~ ^/((gen|dev)(-480p|-fallback)?.webm)$ {
   proxy_set_header X-Forwarded-Host $host;
   proxy_set_header X-Forwarded-Server $host;
   proxy_set_header X-Real-IP $remote_addr;
+  {% if protect_stream_with_password %}
+	auth_basic {{ emacsconf_name }};
+	auth_basic_user_file /etc/nginx/{{ emacsconf_id }}-htpasswd;
+  {% endif %}
 }
 
 location ~ ^/emacsconf/(.*)$ {
@@ -26,5 +30,8 @@ location ~ ^/emacsconf/(.*)$ {
   proxy_set_header X-Forwarded-Host $host;
   proxy_set_header X-Forwarded-Server $host;
   proxy_set_header X-Real-IP $remote_addr;
+  {% if protect_stream_with_password %}
+	auth_basic {{ emacsconf_name }};
+	auth_basic_user_file /etc/nginx/{{ emacsconf_id }}-htpasswd;
+  {% endif %}
 }
-    
\ No newline at end of file
diff --git a/roles/stream/templates/icecast.xml b/roles/stream/templates/icecast.xml
index 06830d3..b01bc48 100644
--- a/roles/stream/templates/icecast.xml
+++ b/roles/stream/templates/icecast.xml
@@ -192,7 +192,6 @@
         <mount-name>/{{ track.id }}.webm</mount-name>
         <username>{{ icecast_emacsconf_user }}</username>
         <password>{{ icecast_emacsconf_password }}</password>
-	      {% if not test_mode %}<dump-file>/data/{{ emacsconf_id }}-{{ emacsconf_year }}-{{ track.id }}_%Y-%m-%d_%H-%M-%S.webm</dump-file>{% endif %}
         <stream-name>{{ emacsconf_name }} {{ emacsconf_year }} - {{ track.name }} track</stream-name>
         <stream-description>The livestream for the {{ track.name }} track of {{ emacsconf_name }} {{ emacsconf_year }}</stream-description>
 	      <stream-url>{{ track.watch }}</stream-url>
@@ -202,6 +201,7 @@
         <on-disconnect>/usr/local/bin/{{ emacsconf_id }}-lowres-{{ track.id }}-on-disconnect</on-disconnect>
         <fallback-mount>/{{ track.id }}-sorry.webm</fallback-mount>
         <fallback-override>1</fallback-override>
+	      {% if not test_mode %}<dump-file>/data/{{ emacsconf_id }}-{{ emacsconf_year }}-{{ track.id }}_%Y-%m-%d_%H-%M-%S.webm</dump-file>{% endif %}
     </mount>
     <mount type="normal">
         <mount-name>/{{ track.id }}-host.webm</mount-name>
-- 
cgit v1.2.3