diff options
| -rw-r--r-- | filter_plugins/znc.py | 32 | ||||
| -rw-r--r-- | group_vars/all/vars.yml | 2 | ||||
| -rw-r--r-- | roles/znc/templates/znc.conf.j2 | 14 |
3 files changed, 44 insertions, 4 deletions
diff --git a/filter_plugins/znc.py b/filter_plugins/znc.py new file mode 100644 index 0000000..243cdd5 --- /dev/null +++ b/filter_plugins/znc.py @@ -0,0 +1,32 @@ +# Copyright (c) 2018 Aaron LI <aly@aaronly.me> +# MIT License + +""" +Custom Ansible template filters for "znc" role. +""" + +import os +import base64 +import hashlib + + +def znc_makepass(p, method="sha256", saltlen=20): + """ + Generate the salted hashed password for ZNC configuration. + + Implement the "znc --makepass" command. + + ZNC password format: <method>#<hash>#<salt> + """ + salt = os.urandom(saltlen) + salt = base64.b64encode(salt)[:saltlen] + s = p + salt + h = getattr(hashlib, method)(s) + return "%s#%s#%s" % (method, h.hexdigest(), salt) + + +class FilterModule(object): + def filters(self): + return { + "znc_makepass": znc_makepass, + } diff --git a/group_vars/all/vars.yml b/group_vars/all/vars.yml index 05c3c3c..6998c98 100644 --- a/group_vars/all/vars.yml +++ b/group_vars/all/vars.yml @@ -118,7 +118,7 @@ vpn: znc: data_dir: /home/znc # Admin & client user, as well as IRC nickname - username: "{{ vault_znc_username }}" + username: aly realname: "{{ vault_znc_realname }}" password: "{{ vault_znc_password }}" port: 6697 # SSL/TLS diff --git a/roles/znc/templates/znc.conf.j2 b/roles/znc/templates/znc.conf.j2 index 71f3495..a45aa89 100644 --- a/roles/znc/templates/znc.conf.j2 +++ b/roles/znc/templates/znc.conf.j2 @@ -34,8 +34,16 @@ SSLCertFile = {{ znc.data_dir }}/znc.allinone.pem <Listener {{ listener }}> AllowIRC = true AllowWeb = false - IPv4 = {% if listener == "ipv4" %}true{% else %}false{% endif %} - IPv6 = {% if listener == "ipv6" %}true{% else %}false{% endif %} + IPv4 = {% if listener == "ipv4" -%} + true + {% else -%} + false + {% endif -%} + IPv6 = {% if listener == "ipv6" -%} + true + {% else -%} + false + {% endif -%} Port = {{ znc.port }} SSL = true </Listener> @@ -43,7 +51,7 @@ SSLCertFile = {{ znc.data_dir }}/znc.allinone.pem <User {{ znc.username }}> Admin = true - Pass = {{ znc.password }} + Pass = {{ znc.password | znc_makepass }} Nick = {{ znc.username }} AltNick = {{ znc.username }}_ Ident = {{ znc.username }} |