install murmur instead of umurmur

inventories/group_vars/all/main.yml

@@ -25,4 +25,11 @@ users:
 - name: tierce
 - name: zefredz
 
-acme_email: it@pirateparty.be
+acme_account_email: it@pirateparty.be
+acme_config:
+  account:
+    private_key: "{{ acme_accounts_dir }}/acme_account.key"
+    email: "{{ acme_account_email }}"
+  directory_url: https://acme-v02.api.letsencrypt.org/directory
+  challenge_dir: /var/www/acme/.well-known/acme-challenge
+  domains: "{{ acme_domains }}"

inventories/group_vars/mumble/main.yml

@@ -1,29 +1,52 @@
-murmur_port: 64730
+mumble_domain: "{{ inventory_hostname }}"
+acme_enabled: yes
+acme_domains:
+  - name: "{{ mumble_domain }}"
+    alt_names: "{{ mumble_alt_domains }}"
+    hooks:
+      - systemctl reload nginx
+      - systemctl restart mumble-server
+      - systemctl restart umurmur
+mumble_nginx_domains: "{{ [mumble_domain] + mumble_alt_domains }}"
+
+murmur_enabled: yes
 murmur_superuser_password: "{{ vault_murmur_superuser_password }}"
-
+murmur_ice_secret_read: "{{ vault_murmur_ice_secret_read }}"
-umurmur_version: 0.2.17
+murmur_ice_secret_write: "{{ vault_murmur_ice_secret_write }}"
-umurmur_domain: mumble.parley.be
+murmur_welcome_text:
-
-umurmur_welcome_text:
   - Welcome to Parley Talk!
   - You can talk to the people in the room you joined.
   - You start in the Welcome room, to join another channel double click on the room name.
-umurmur_admin_password: "{{ vault_umurmur_admin_password }}"
+murmur_max_users: 100
-umurmur_max_users: 100
+murmur_channels:
-
-umurmur_channels:
   - name: Parley
     description: Main Parley Talk channel. No entry.
-  noenter: yes
+    groups:
+      admin:
+        inherit: yes
+        inheritable: yes
+    permissions:
+      - group: all
+        deny:
+          - Enter
+        recursive: no
+        enabled: yes
+      - group: all
+        allow:
+          - RegisterSelf
+          - MakeTempChannel
+      - group: admin
+        allow:
+          - MuteDeafen
+          - Move
+          - Kick
+          - Ban
+          - Register
   - name: Welcome
     parent: Parley
     description: Welcome channel
     position: 0
-- name: Silent
+    isdefault: yes
-  parent: Parley
-  description: Silent channel
-  silent: yes
-  position: 1
   - name: Mary Read's territory
     description: The channel dedicated to Mary Read. She was a Caribbean pirate. Dressed as a man, Mary went to sea and later joined the British army, fighting in the War Of The Spanish Succession. She married and settled down as a woman, but dressed back as a man following the death of her husband, later boarding a ship bound for the West Indies.
     parent: Welcome
@@ -42,8 +65,20 @@ umurmur_channels:
   - name: Ching Shih
     description: She was a Chinese pirate from the 19th century. She is considered to be the pirate with the largest crew ever assembled (between 20.000 and 40.000 pirates) and died peacefully as a free woman
     parent: Welcome
+  - name: Silent
+    parent: Parley
+    description: Silent channel
+    position: 1
+    permissions:
+      - group: all
+        deny:
+          - Speak
+          - MakeTempChannel
+      - group: admin
+        allow:
+          - MakeTempChannel
+murmur_default_channel: Welcome
 
-umurmur_default_channel: Welcome
+mumble_web_enabled: yes
-
-mumble_web_domain: talk.parley.be
 mumble_web_version: master
+mumble_web_nginx_generate_dhparam: no

inventories/group_vars/mumble/vault.yml

@@ -1,13 +1,21 @@
 $ANSIBLE_VAULT;1.1;AES256
-39653565313333643836363062656363333232313166303331656135633830323633366236313438
+34366265373235346635666537616638376532326239636234613934623363643630656337366336
-6663616535626237326566636331356564373936356465310a323638646333623731366530316630
+6266653039336639646566393239643335616261356431360a653366336238383137353530366232
-30653662666239336465366466663162303466613139636138316538643862383962393734323665
+37353032353737653238313634313333323339373663376435373234316534363763306161643036
-6135633264336530650a653234353636643630643566323638386138633035396232666136333531
+6633306461636162370a393964383732623162316438383562656132333735656265633463663665
-66353062333661393462353535383964333262336235643237383632633135346165326635633730
+33373837653232343335396131366235333437316136633466353838323436323835383062353332
-65356161363266393834353964626164356364353061646638366232643132373965646466373734
+30373232626534616430333066663035353738643132656233336531633162346233313366313262
-34346238313666363466633934333737313761643965313130313465623038393638343564393064
+64303331656137643235333663313063356366306530646330303965656238323735623237613739
-31373132643762373161396236646366326666306536643566383638623133666333663430356431
+62396662646335383362373539313939343231356332623362316661653466386363636135333932
-65356166326339373666643365623837326461316437616361346531383533646435323331363131
+31383936323064633235643533643632363665613262306532336131393831306462633233613764
-30373838306631393066323766316638303233303231616266323562653332306631393334353361
+65326630376633386465653763643964643466346133393433313266373138393635616332393661
-30353130333164643333663262356437386564356432343533336163383735343830656132396332
+66353331373632623133366261363765653762373664303564633635366161363365363866633737
-61313334396638636333
+31303936643430646430353031376237393961333934326463323864336337663137383230653362
+36666339646134663464396337373130643337623835636231656565343234323565383833343238
+65643831386536656332393265636135316662626164316337313134613231316234643366643838
+32356332393238626539303436336634383664653366366166343831353463663631386364653631
+65323832383436373833313238313965646638646664333036333165386438366433303035363435
+66656132363238633434323735353330373061613762353535643561323462313230306462336130
+39386635666535653235623564303930383339633537313839393237653334383837353363333965
+39373465306566623534326661303738333862643536356437343639386335646635363139363334
+63363063636436383737

inventories/host_vars/talk.parley.be/main.yml

@@ -0,0 +1,2 @@
+mumble_alt_domains:
+  - mumble.parley.be

playbooks/mumble.yml

@@ -1,9 +1,5 @@
 - hosts: mumble
   become: yes
 
-  vars:
-    acme_domains:
-    - "{{ umurmur_domain }}"
-    - "{{ mumble_web_domain }}"
   roles:
   - ppbe.mumble

requirements.yml

@@ -1,8 +1,10 @@
 - name: ppbe.acme
   src: https://dev.parley.be/PPBe/ansible-role-acme.git
   scm: git
-  version: master
+  version: 5-trigger-hooks-after-certificate-renewal 
 - name: ppbe.mumble
   src: https://dev.parley.be/PPBe/ansible-role-mumble.git
   scm: git
   version: master
+- name: cloudalchemy.alertmanager
+- name: cloudalchemy.prometheus

roles/common/tasks/nginx.yml

@@ -35,10 +35,11 @@
     size: "{{ nginx_dhparam_size }}"
     owner: root
     group: www-data
+    mode: "640"
   async: 3600
   poll: 0
   changed_when: no
-  register: nginx_dh
+  register: _nginx_dhparam
 
 - name: Use snakoil cert key as Nginx's default private key
   file:
@@ -86,11 +87,12 @@
 
 - name: Waiting for Diffie-Hellman task to complete…
   async_status:
-    jid: "{{ nginx_dh.ansible_job_id }}"
+    jid: "{{ _nginx_dhparam.ansible_job_id }}"
-  register: nginx_dh_job
+  register: _nginx_dhparam_job
   retries: 60
   delay: 30 # will retry every 30s for 30min (60 retries)
-  until: nginx_dh_job.finished
+  until: _nginx_dhparam_job.finished
+  notify: reload nginx
 
 - name: Start Nginx server
   service: