diff --git a/playbooks/srv-print.yml b/playbooks/srv-print.yml index 88f1c6d..ccbe4e3 100644 --- a/playbooks/srv-print.yml +++ b/playbooks/srv-print.yml @@ -1,35 +1,64 @@ - hosts: srv-print become: yes tasks: - - name: create admin user - ansible.builtin.user: - user: admin - state: present - shell: /bin/bash - groups: sudo - - name: add admin ssh-key - ansible.posix.authorized_key: - user: admin - state: present - key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsLI18nShd47L6o4dL2sIbhJAlWdXXc7BBSqhslTBMVziY6OBazW2jxxU0eN+Wi3RYEuOUd3xt6f56m6NgB96MxvRbfhD06FCetrEzEX/k7yWRVlvyMOSX0RjTr2UWPqOpXmLvbpOvTX4m4+rhpXlXJ1FB/jiZGNYvQEXot8PFTkMBdP0rHsdXiHhJvJy8Y/jDoErrCrK+Yger9ziCeskr3t/KET1nD6e/g4lQwVr7YftMw9s/0RiSVU4VQnUHjMiyXMpg8SD54YkmaQ8TJ14dQ3LVvMjXNGhg3fmmmxQMWot64oLe5HvNJigmKDfYxUzQuX8Ba2zAcnvHkLp/RpVB krumel@YatagarasuDrive" + - name: user setup + block: + - name: create admin user + ansible.builtin.user: + user: admin + state: present + shell: /bin/bash + groups: sudo - - name: install cups + - name: add admin ssh-key + ansible.posix.authorized_key: + user: admin + state: present + key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsLI18nShd47L6o4dL2sIbhJAlWdXXc7BBSqhslTBMVziY6OBazW2jxxU0eN+Wi3RYEuOUd3xt6f56m6NgB96MxvRbfhD06FCetrEzEX/k7yWRVlvyMOSX0RjTr2UWPqOpXmLvbpOvTX4m4+rhpXlXJ1FB/jiZGNYvQEXot8PFTkMBdP0rHsdXiHhJvJy8Y/jDoErrCrK+Yger9ziCeskr3t/KET1nD6e/g4lQwVr7YftMw9s/0RiSVU4VQnUHjMiyXMpg8SD54YkmaQ8TJ14dQ3LVvMjXNGhg3fmmmxQMWot64oLe5HvNJigmKDfYxUzQuX8Ba2zAcnvHkLp/RpVB krumel@YatagarasuDrive" + + - name: install cups and some other required packages apt: pkg: - cups - printer-driver-splix + - nginx state: present update_cache: yes - - name: allow access to cups from network - replace: - path: /etc/cups/cupsd.conf - regexp: 'Listen localhost:631' - replace: 'Listen 0.0.0.0:631' + - name: cups setup + block: + - name: allow access to cups from network + replace: + path: /etc/cups/cupsd.conf + regexp: 'Listen localhost:631' + replace: 'Listen 0.0.0.0:631' - - name: configure cups for remote access - shell: cupsctl --remote-admin --remote-any --share-printers + - name: configure cups for remote access + shell: cupsctl --remote-admin --remote-any --share-printers + + - name: configure nginx to scan images on request + block: + - name: copy config to sites-available + copy: + src: templates/scan_image.conf + dest: /etc/nginx/sites-available/ + + - name: link to sites-enabled + file: + src: /etc/nginx/sites-available/scan_image.conf + dest: /etc/nginx/sites-enabled/scan_image.conf + state: link + + - name: ensure no default site is sites-enabled + file: + path: /etc/nginx/sites-enabled/default + state: absent + + - name: copy htpasswd + file: + src: templates/htpasswd_scan + dest: /etc/nginx/htpasswd/ - name: service: diff --git a/playbooks/templates/htpasswd_scan b/playbooks/templates/htpasswd_scan new file mode 100644 index 0000000..035773c --- /dev/null +++ b/playbooks/templates/htpasswd_scan @@ -0,0 +1 @@ +scan:$2y$05$vibHqJBvSjz1YSdV2dV2Dut7p9bLiXAGQ/wcgSkmVQ7wlKeinWTLO diff --git a/playbooks/templates/scan_image.conf b/playbooks/templates/scan_image.conf new file mode 100644 index 0000000..4616775 --- /dev/null +++ b/playbooks/templates/scan_image.conf @@ -0,0 +1,19 @@ +server { + listen 80 http2; + listen [::]:80 http2; + + auth_basic ""; + auth_basic_user_file /etc/nginx/htpasswd/htpasswd_scan; + + location /scan { + content_by_lua_block { + os.execute("scanimage >/tmp/image.jpg") + ngx.redirect("/scan/image") + } + } + + location /scan/image { + try_files /tmp/image.jpg; + } + +} \ No newline at end of file