added nginx to trigger scanning

playbooks/srv-print.yml

@@ -1,35 +1,64 @@
 - hosts: srv-print
   become: yes
   tasks:
-    - name: create admin user
-      ansible.builtin.user:
-        user: admin
-        state: present
-        shell: /bin/bash
-        groups: sudo
 
-    - name: add admin ssh-key
-      ansible.posix.authorized_key:
-        user: admin
-        state: present
-        key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsLI18nShd47L6o4dL2sIbhJAlWdXXc7BBSqhslTBMVziY6OBazW2jxxU0eN+Wi3RYEuOUd3xt6f56m6NgB96MxvRbfhD06FCetrEzEX/k7yWRVlvyMOSX0RjTr2UWPqOpXmLvbpOvTX4m4+rhpXlXJ1FB/jiZGNYvQEXot8PFTkMBdP0rHsdXiHhJvJy8Y/jDoErrCrK+Yger9ziCeskr3t/KET1nD6e/g4lQwVr7YftMw9s/0RiSVU4VQnUHjMiyXMpg8SD54YkmaQ8TJ14dQ3LVvMjXNGhg3fmmmxQMWot64oLe5HvNJigmKDfYxUzQuX8Ba2zAcnvHkLp/RpVB krumel@YatagarasuDrive"
+    - name: user setup
+      block:
+      - name: create admin user
+        ansible.builtin.user:
+          user: admin
+          state: present
+          shell: /bin/bash
+          groups: sudo
 
-    - name: install cups
+      - name: add admin ssh-key
+        ansible.posix.authorized_key:
+          user: admin
+          state: present
+          key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsLI18nShd47L6o4dL2sIbhJAlWdXXc7BBSqhslTBMVziY6OBazW2jxxU0eN+Wi3RYEuOUd3xt6f56m6NgB96MxvRbfhD06FCetrEzEX/k7yWRVlvyMOSX0RjTr2UWPqOpXmLvbpOvTX4m4+rhpXlXJ1FB/jiZGNYvQEXot8PFTkMBdP0rHsdXiHhJvJy8Y/jDoErrCrK+Yger9ziCeskr3t/KET1nD6e/g4lQwVr7YftMw9s/0RiSVU4VQnUHjMiyXMpg8SD54YkmaQ8TJ14dQ3LVvMjXNGhg3fmmmxQMWot64oLe5HvNJigmKDfYxUzQuX8Ba2zAcnvHkLp/RpVB krumel@YatagarasuDrive"
+
+    - name: install cups and some other required packages
       apt:
         pkg:
           - cups
           - printer-driver-splix
+          - nginx
         state: present
         update_cache: yes
 
-    - name: allow access to cups from network
-      replace:
-        path: /etc/cups/cupsd.conf
-        regexp: 'Listen localhost:631'
-        replace: 'Listen 0.0.0.0:631'
+    - name: cups setup
+      block:
+      - name: allow access to cups from network
+        replace:
+          path: /etc/cups/cupsd.conf
+          regexp: 'Listen localhost:631'
+          replace: 'Listen 0.0.0.0:631'
 
-    - name: configure cups for remote access
-      shell: cupsctl --remote-admin --remote-any --share-printers
+      - name: configure cups for remote access
+        shell: cupsctl --remote-admin --remote-any --share-printers
+
+    - name: configure nginx to scan images on request
+      block:
+      - name: copy config to sites-available
+        copy:
+          src: templates/scan_image.conf
+          dest: /etc/nginx/sites-available/
+
+      - name: link to sites-enabled
+        file:
+          src: /etc/nginx/sites-available/scan_image.conf
+          dest: /etc/nginx/sites-enabled/scan_image.conf
+          state: link
+      
+      - name: ensure no default site is sites-enabled
+        file:
+          path: /etc/nginx/sites-enabled/default
+          state: absent
+
+      - name: copy htpasswd
+        file: 
+          src: templates/htpasswd_scan
+          dest: /etc/nginx/htpasswd/
 
     - name: 
       service:

playbooks/templates/htpasswd_scan

@@ -0,0 +1 @@
+scan:$2y$05$vibHqJBvSjz1YSdV2dV2Dut7p9bLiXAGQ/wcgSkmVQ7wlKeinWTLO

playbooks/templates/scan_image.conf

@@ -0,0 +1,19 @@
+server {
+    listen 80 http2;
+    listen [::]:80 http2;
+
+    auth_basic "";
+    auth_basic_user_file /etc/nginx/htpasswd/htpasswd_scan;
+
+    location /scan {
+        content_by_lua_block {
+            os.execute("scanimage >/tmp/image.jpg")
+            ngx.redirect("/scan/image")
+        }
+    }
+    
+    location /scan/image {
+        try_files /tmp/image.jpg;
+    }
+    
+}