1 files changed, 68 insertions, 16 deletions

diff --git a/nms/ansible/roles/nmsfront/tasks/main.yml b/nms/ansible/roles/nmsfront/tasks/main.yml
index 4e9d7b2..d4e8d00 100644
--- a/nms/ansible/roles/nmsfront/tasks/main.yml
+++ b/nms/ansible/roles/nmsfront/tasks/main.yml
@@ -1,24 +1,76 @@
+- name: Basic packages
+  apt: name={{ item }} state=present
+  with_items:
+  - python-demjson
+  - python-passlib
+  - libcapture-tiny-perl
+  - libcommon-sense-perl
+  - libdata-dumper-simple-perl
+  - libdbd-pg-perl
+  - libdbi-perl
+  - libdigest-perl
+  - libjson-perl
+  - libjson-xs-perl
+  - libnetaddr-ip-perl
+  - libnet-cidr-perl
+  - libnet-ip-perl
+  - libnet-openssh-perl
+  - libnet-oping-perl
+  - libnet-rawip-perl
+  - libsnmp-perl
+  - libsocket6-perl
+  - libsocket-perl
+  - libswitch-perl
+  - libtimedate-perl
+  - perl
+  - perl-base
+  - perl-modules
+  - varnish
+  - libfreezethaw-perl		
+  - apache2
 
-  - name: Enable CGI
-    apache2_module: state=present name=cgid
+- name: Enable CGI
+  apache2_module: state=present name=cgid
+  notify:
+      - restart apache
 
-  - name: Remove default apache site
-    file: path=/etc/apache2/sites-enabled/000-default.conf  state=absent
+- name: Remove default apache site
+  file: path=/etc/apache2/sites-enabled/000-default.conf  state=absent
+  notify:
+      - restart apache
 
-  - name: Add NMS site config
-    file: src=/srv/tgmanage/web/etc/apache2/nms.tg16.gathering.org.conf dest=/etc/apache2/sites-enabled/nms.tg16.gathering.org.conf state=link
+- name: Add NMS site config
+  file: src=/srv/tgmanage/web/etc/apache2/nms.tg16.gathering.org.conf dest=/etc/apache2/sites-enabled/nms.tg16.gathering.org.conf state=link
+  notify:
+      - restart apache
 
-  - name: "Apache: Don't listen on 80"
-    lineinfile: line="Listen 80" state=absent dest=/etc/apache2/ports.conf
+- name: "Apache: Don't listen on 80"
+  lineinfile: line="Listen 80" state=absent dest=/etc/apache2/ports.conf
+  notify:
+      - restart apache
 
-  - name: "Apache: DO listen on 8080"
-    lineinfile: line="Listen 8080" state=present dest=/etc/apache2/ports.conf
+- name: "Apache: DO listen on 8080"
+  lineinfile: line="Listen 8080" state=present dest=/etc/apache2/ports.conf
+  notify:
+      - restart apache
 
-  - name: "Varnish: Set up VCL"
-    file: path=/etc/varnish/default.vcl src=/srv/tgmanage/web/etc/varnish/nms.vcl state=link force=true
+- name: "Varnish: Set up VCL"
+  file: path=/etc/varnish/default.vcl src=/srv/tgmanage/web/etc/varnish/nms.vcl state=link force=true
+  notify:
+      - restart varnish
 
-  - name: "Varnish: Remove default systemd config"
-    lineinfile: line="ExecStart=/usr/sbin/varnishd -a :6081 -T localhost:6082 -f /etc/varnish/default.vcl -S /etc/varnish/secret -s malloc,256m" state=absent dest=/lib/systemd/system/varnish.service
+- name: "Varnish: Remove default systemd config"
+  lineinfile: line="ExecStart=/usr/sbin/varnishd -a :6081 -T localhost:6082 -f /etc/varnish/default.vcl -S /etc/varnish/secret -s malloc,256m" state=absent dest=/lib/systemd/system/varnish.service
+  notify:
+      - restart varnish
 
-  - name: "Varnish: Add sensible systemd config"
-    lineinfile: line="ExecStart=/usr/sbin/varnishd -f /etc/varnish/default.vcl -s malloc,256m" state=present dest=/lib/systemd/system/varnish.service insertafter="Service"
+- name: "Varnish: Add sensible systemd config"
+  lineinfile: line="ExecStart=/usr/sbin/varnishd -f /etc/varnish/default.vcl -s malloc,256m" state=present dest=/lib/systemd/system/varnish.service insertafter="Service"
+  notify:
+      - restart varnish
+
+- name: Setup basic auth for nms read-only
+  htpasswd: path=/srv/tgmanage/web/htpasswd-read name=tg password={{ htpasswd_tg }} owner=root group=www-data mode=0640
+
+- name: Setup basic auth for nms write-only
+  htpasswd: path=/srv/tgmanage/web/htpasswd-write name=tg password={{ htpasswd_tg }} owner=root group=www-data mode=0640