ctucx.git: ansible-configs

roles/mumble: init

diff --git a/roles/mumble/files/nftables-rule.nft b/roles/mumble/files/nftables-rule.nft
@@ -0,0 +1,11 @@
+#!/usr/sbin/nft -f
+#
+# !!! This file is managed by Ansible !!!
+#
+
+table inet firewall {
+    chain inbound {
+        tcp dport 64738 accept comment "mumble"
+        udp dport 64738 accept comment "mumble"
+    }
+}

diff --git a/roles/mumble/meta/main.yml b/roles/mumble/meta/main.yml
@@ -0,0 +1,4 @@
+---
+
+dependencies:
+  - role: nftables-handler

diff --git a/roles/mumble/tasks/firewall.yml b/roles/mumble/tasks/firewall.yml
@@ -0,0 +1,9 @@
+---
+
+- name: "[nftables] Create rule for: mumble"
+  copy:
+    src: nftables-rule.nft
+    dest: /etc/nftables.d/mumble.nft
+  when:
+    - network.nftables.enable is true
+  notify: Restart nftables

diff --git a/roles/mumble/tasks/install.yml b/roles/mumble/tasks/install.yml
@@ -0,0 +1,15 @@
+---
+
+- name: "[Alpine] Install package: murmur"
+  apk:
+    name: murmur
+    state: present
+  when:
+    - ansible_distribution == "Alpine" 
+
+- name: "[Archlinux] Install package: murmur" 
+  pacman:
+    name: murmur
+    state: present
+  when:
+    - ansible_distribution == "Archlinux" 

diff --git a/roles/mumble/tasks/main.yml b/roles/mumble/tasks/main.yml
@@ -0,0 +1,24 @@
+---
+
+- import_tasks: install.yml
+  when:
+    - services.mumble.enable is defined
+    - services.mumble.enable is true
+
+- import_tasks: firewall.yml
+  when:
+    - services.mumble.enable is defined
+    - services.mumble.enable is true
+    - network.nftables.enable is true
+
+- import_tasks: start.yml
+  when:
+    - services.mumble.enable is defined
+    - services.mumble.enable is true
+
+- import_tasks: remove.yml
+  when:
+    - services.mumble.enable is defined
+    - services.mumble.enable is false
+
+- meta: flush_handlers

diff --git a/roles/mumble/tasks/remove.yml b/roles/mumble/tasks/remove.yml
@@ -0,0 +1,42 @@
+---
+
+- name: "[OpenRC] Disable and stop service: murmur"
+  service:
+    name: murmur
+    enabled: no
+    state: stopped
+  when:
+    - ansible_service_mgr == "openrc"
+
+- name: "[systemd] Disable and stop service: murmur"
+  systemd:
+    name: murmur
+    enabled: no
+    state: stopped
+  when:
+    - ansible_service_mgr == "systemd"
+
+- name: "[Alpine] Remove package: murmur" 
+  apk:
+    name: murmur
+    state: absent
+  when: 
+    - ansible_distribution == "Alpine" 
+
+- name: "[Archlinux] Remove package: murmur"
+  pacman:
+    name: murmur
+    state: absent
+  when: 
+    - ansible_distribution == "Archlinux" 
+
+- name: "[nftables] Delete rule for: mumble"
+  file:
+    path: /etc/nftables.d/mumble.nft
+    state: absent
+  notify: "Restart nftables"
+
+- name: "Remove file: /etc/murmur.ini"
+  file:
+    path: /etc/murmur.ini
+    state: absent

diff --git a/roles/mumble/tasks/start.yml b/roles/mumble/tasks/start.yml
@@ -0,0 +1,17 @@
+---
+
+- name: "[OpenRC] Start and enable service: murmur"
+  service:
+    name: murmur
+    enabled: yes
+    state: started
+  when: 
+    - ansible_service_mgr == "openrc"
+
+- name: "[systemd] Start and enable service: murmur"
+  systemd:
+    name: murmur
+    enabled: yes
+    state: started
+  when: 
+    - ansible_service_mgr == "systemd"