Lots of changes to get a working mapserver

host_vars/mapserver/host.yml

@@ -38,4 +38,49 @@ supernode_interfaces:
     - key: netmask
       value: "{{supernode_local_ip|ipaddr('netmask')}}"
     - key: broadcast
-      value: "{{supernode_local_ip|ipaddr('broadcast')}}"
+      value: "{{supernode_local_ip|ipaddr('broadcast')}}"
+
+mapserver_use_pregenerated_dh_params: true
+mapserver_dh_params: |
+  -----BEGIN DH PARAMETERS-----
+  MIIBCAKCAQEAmWF6Vbj7fCywCna6iHb8WykMo7df73WrNmcdzpxBX+x29YMhU9zX
+  DATZ6cqLjOV0uDMqL6I0estB9TxwIEXUgOoc1KTUc91AE9YzQpH86jdE6nkw4Jjz
+  ec2TkyHJmLgods8NPw/uHvrpw84HWm/QxUT3ZOYdzTuNuGxWyJ43vCTsNrq59jOx
+  pbMETJRsP2YRNHMYwwF3V40EgN5y1X0xENstyWdPvk2aspxz10O+gD6+buSYA+xb
+  rvPG5bn/sVhi7pYBKPUMhrF8AoqGltNINkpP4dW3aQDJeIcwQ1aoE8IYp8eyv935
+  bHWReVmyfpXHEWtSHjwNbuqey40XN31qYwIBAg==
+  -----END DH PARAMETERS-----
+
+mapserver_ssl_private_key: |
+    -----BEGIN RSA PRIVATE KEY-----
+    MIICXQIBAAKBgQDFUvdXLyZGjceI3Z4UjqNrbL1Jn2F/CmCjs4a8x1FqMKaH3G/4
+    se/+soMUC140RqOnb8JrOCxpB0OdepVLDW191X2d4oiOb1fCO2uMBFJ8a1ZEHq/j
+    qLn8RY7OrJGUCMmLsLqmEU6rjAEBvkD2RPTJ8fcUaMXjlIdA05QFgUlAKQIDAQAB
+    AoGBAKSwbDNd7MoyBvlaTlfF/Orp5MoPteW8GZBHhAsHKBJC7Jq0BthAWpfvEaun
+    GUb0Nh7HDjNCvP4jy/EhoHz1hg1pFOkRUlz602qLj5h2aEqB8yW4DfUbrfq3CHpd
+    0rZXWlrIn9Ww0rr/ZGQvNywOuyIVsaDmBWsudQhv+4CSpa/JAkEA+HJCRuAFExHK
+    Lftr/8bSVajOFPmdf+vhERLuAB8r7FH2pl7H67CETKN8BdVLCOurhjSA4Iq/RRaS
+    3qSkXgD9PwJBAMtSzkXfRBPxZl7iCGHsGenOfIdLONm4/LaSBJtsqv3YgAMhMdrO
+    idwU293nKktTONUV61gzbFSbLATiuLH0IJcCQG1TojScCb+deXGIjLrOG+qT0LPM
+    L/GFs9GWmeK11Nc2LiqB1MmzMFSlMENE27L+Oclhu0CT7Z0SVOjiXG39U3MCQQCS
+    6kuIK3KqomShLNx3vT1gN0a+D/mNQODCHzJbCCNp9xVQrZyziUgOEbhpWE60TPck
+    6Yi7m7SsUc913EkutMMTAkBup3dbKPkDgl3Ujm9q/mvyJdE5ZF1QvbSSuFFPinP6
+    pQtvUENWV3NmlAuBOg4gzJ+ZSyKy93KvJ91MHNwfKMok
+    -----END RSA PRIVATE KEY-----
+
+mapserver_ssl_server_cert: |
+    -----BEGIN CERTIFICATE-----
+    MIICazCCAdQCCQDGN/3zHbvn2zANBgkqhkiG9w0BAQsFADB6MQswCQYDVQQGEwJE
+    RTEMMAoGA1UECAwDTlJXMREwDwYDVQQHDAhEb3J0bXVuZDERMA8GA1UECgwIRnJl
+    aWZ1bmsxEjAQBgNVBAsMCW1hcHNlcnZlcjEjMCEGA1UEAwwabWFwc2VydmVyLmZy
+    ZWlmdW5rLmV4YW1wbGUwHhcNMTUwODAyMTIzMjUyWhcNMTYwODAxMTIzMjUyWjB6
+    MQswCQYDVQQGEwJERTEMMAoGA1UECAwDTlJXMREwDwYDVQQHDAhEb3J0bXVuZDER
+    MA8GA1UECgwIRnJlaWZ1bmsxEjAQBgNVBAsMCW1hcHNlcnZlcjEjMCEGA1UEAwwa
+    bWFwc2VydmVyLmZyZWlmdW5rLmV4YW1wbGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0A
+    MIGJAoGBAMVS91cvJkaNx4jdnhSOo2tsvUmfYX8KYKOzhrzHUWowpofcb/ix7/6y
+    gxQLXjRGo6dvwms4LGkHQ516lUsNbX3VfZ3iiI5vV8I7a4wEUnxrVkQer+OoufxF
+    js6skZQIyYuwuqYRTquMAQG+QPZE9Mnx9xRoxeOUh0DTlAWBSUApAgMBAAEwDQYJ
+    KoZIhvcNAQELBQADgYEAXjdHDXdzIrlKfk1NN9PdZVap9QrXdxko48r2fxw56EIm
+    86gQheAMJX/kVKPAXnAsvr0Deoj6iM9MhHztDyZUJ4FMSyIteGFOddEVmQ8JCJIo
+    RnAOI4YIB9+CxjXNatDlmGSHGx5i4A2dUUIU/IGPXTe17+4DznGujze/hB04r34=
+    -----END CERTIFICATE-----

host_vars/node01/supernode

@@ -23,8 +23,8 @@ supernode_mesh_backbones:
     local_ip: "{{supernode_local_ip|ipaddr('address')}}"
     interface: "{{supernode_public_interface}}"
 
-supernode_other_nameserver: "{{supernode_mesh_backbones|map(attribute='mesh_ip')|map('ipaddr','address')|join(' ')}}"
-supernode_other_ntp_server: "{{supernode_mesh_backbones|map(attribute='mesh_ip')|map('ipaddr','address')|join(' ')}}"
+supernode_other_nameserver: "{{supernode_mesh_backbones|map(attribute='mesh_ip')|map('ipaddr','address')|join(', ')}}"
+supernode_other_ntp_server: "{{supernode_mesh_backbones|map(attribute='mesh_ip')|map('ipaddr','address')|join(', ')}}"
 
 supernode_uplinks:
   - name: "{{uplinks[0].name}}"

host_vars/node02/supernode

@@ -23,8 +23,8 @@ supernode_mesh_backbones:
     local_ip: "{{supernode_local_ip|ipaddr('address')}}"
     interface: "{{supernode_public_interface}}"
 
-supernode_other_nameserver: "{{supernode_mesh_backbones|map(attribute='mesh_ip')|map('ipaddr','address')|join(' ')}}"
-supernode_other_ntp_server: "{{supernode_mesh_backbones|map(attribute='mesh_ip')|map('ipaddr','address')|join(' ')}}"
+supernode_other_nameserver: "{{supernode_mesh_backbones|map(attribute='mesh_ip')|map('ipaddr','address')|join(', ')}}"
+supernode_other_ntp_server: "{{supernode_mesh_backbones|map(attribute='mesh_ip')|map('ipaddr','address')|join(', ')}}"
 
 supernode_interfaces:
   - name: eth0

roles/ff-supernode/defaults/main.yml

@@ -1,4 +1,5 @@
 ---
 # defaults file for ff-supernode
 supernode_local_ip: ansible_default_ipv4.address
-supernode_mesh_net_ip:
+supernode_freifunk_tools_repo: https://github.com/ffrl/ff-tools.git
+supernode_freifunk_tools_dir: /src/ff-tools

roles/ff-supernode/tasks/debian.yml

@@ -12,6 +12,12 @@
   - supervisor
   - ntp
 
+- name: Install dependencies for ffrl tools
+  apt: name={{item}}
+  with_items:
+  - python3
+  - python3-pip
+
 - name: Install backport kernel for Debian wheezy
   apt: name=linux-image-amd64 default_release=wheezy-backports state=latest
   when: ansible_distribution_release == 'wheezy'

roles/ff-supernode/tasks/main.yml

@@ -22,4 +22,10 @@
   notify: Restart supervisor
 
 - name: Install ntp.conf
-  template: src=ntp.conf.j2 dest=/etc/ntp.conf
+  template: src=ntp.conf.j2 dest=/etc/ntp.conf
+
+- name: Create install dir for ffrl tools
+  file: dest={{supernode_freifunk_tools_dir}} state=directory
+
+- name: Install ffrl tools
+  git: repo={{supernode_freifunk_tools_repo}} dest={{supernode_freifunk_tools_dir}}

roles/ffmap-backend/README.md

@@ -0,0 +1,38 @@
+Role Name
+=========
+
+A brief description of the role goes here.
+
+Requirements
+------------
+
+Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
+
+Role Variables
+--------------
+
+A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
+
+Dependencies
+------------
+
+A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
+
+Example Playbook
+----------------
+
+Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
+
+    - hosts: servers
+      roles:
+         - { role: username.rolename, x: 42 }
+
+License
+-------
+
+BSD
+
+Author Information
+------------------
+
+An optional section for the role authors to include contact information, or a website (HTML is not allowed).

roles/ffmap-backend/defaults/main.yml

@@ -0,0 +1,7 @@
+---
+# defaults file for ffmap-backend
+ffmap_backend_repo_url: https://github.com/ffnord/ffmap-backend.git
+ffmap_backend_version: v2
+ffmap_backend_install_dir: /opt/ffmap-backend
+ffmap_backend_data_dir: /srv/ffmap-data
+ffmap_backend_prune_days: 14

roles/ffmap-backend/handlers/main.yml

@@ -0,0 +1,2 @@
+---
+# handlers file for ffmap-backend

roles/ffmap-backend/meta/main.yml

@@ -0,0 +1,17 @@
+---
+galaxy_info:
+  author: Till Klocke
+  description: Installs ffmap-backend
+  company: Freifunk Dortmund
+  license: MIT
+  min_ansible_version: 1.2
+  platforms:
+  - name: Debian
+    versions:
+    - all
+  categories:
+  - monitoring
+  - networking
+dependencies:
+- alfred
+- alfred-json

roles/ffmap-backend/tasks/main.yml

@@ -0,0 +1,17 @@
+---
+# tasks file for ffmap-backend
+
+- include_vars: "{{ ansible_os_family }}.yml"
+
+- name: Install ffmap-backend dependencies
+  apt: name={{item}} state=present
+  with_items: "{{ffmap_backend_dependencies}}"
+
+- name: Create install directory for ffmap-backend
+  file: dest={{ffmap_backend_install_dir}} state=directory
+
+- name: Clone ffmap-backend sources
+  git: repo={{ffmap_backend_repo_url}} version={{ffmap_backend_version}} dest={{ffmap_backend_install_dir}}
+
+- name: Add ffmap-backend cron entry
+  cron: name=ffmap-backend state=present user=root job="{{ffmap_backend_install_dir}}/backend.py -d {{ffmap_backend_data_dir}} -p {{ffmap_backend_prune_days}}"

roles/ffmap-backend/vars/Debian.yml

@@ -0,0 +1,4 @@
+ffmap_backend_dependencies:
+- python3
+- python3-networkx
+- rrdtool

roles/ffmap-backend/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for ffmap-backend

roles/map-server/defaults/main.yml

@@ -1,2 +1,7 @@
 ---
 # defaults file for map-server
+supervisor_services:
+  - name: alfred
+    command: /usr/local/sbin/alfred -i alfred0
+  - name: batadv-vis
+    command: /usr/local/sbin/batadv-vis -s

roles/map-server/handlers/main.yml

@@ -1,2 +1,5 @@
 ---
 # handlers file for map-server
+
+- name: Restart supervisor
+  service: name=supervisor state=restarted

roles/map-server/meta/main.yml

@@ -19,6 +19,35 @@ galaxy_info:
   - web
 dependencies:
 - batman
-- alfred
-- alfred-json
+- mapserver-certificates
+- role: jdauphant.nginx
+  nginx_sites:
+    default:
+    - listen 80 default_server
+    - "listen [::]:80 default_server"
+    - server_name _
+    - listen 443 ssl
+    - "listen [::]:443 ssl"
+    - "ssl_certificate /etc/nginx/ssl/wiki.ffdo.de.crt"
+    - "ssl_certificate_key /etc/nginx/ssl/wiki.ffdo.de.key"
+    - "ssl_dhparam /etc/nginx/dhparams.pem"
+    - "root /var/www"
+    - index index.html
+    - "location = / { return 302 /meshviewer/; }"
+    - location /meshviewer {
+                alias {{meshviewer_install_directory}};
+                try_files $uri $uri/ =404;
+                gzip on;
+                gzip_comp_level 2;
+                gzip_types application/json application/javascript text/css;
+                gzip_vary on;
+        }
+    - location /data {
+                alias {{ffmap_backend_data_dir}};
+                gzip on;
+                gzip_comp_level 2;
+                gzip_types application/json;
+                gzip_vary on;
+        }
+- meshviewer
 - supernode-interfaces

roles/map-server/tasks/main.yml

@@ -1,2 +1,15 @@
 ---
 # tasks file for map-server
+- include_vars: "{{ ansible_os_family }}.yml"
+
+- name: Install necessary packages
+  apt: name={{item}} state=present
+  with_items: "{{mapserver_packages}}"
+
+- name: Create supervisor services
+  template: src=supervisor.service.j2 dest=/etc/supervisor/conf.d/{{item.name}}.conf
+  with_items: "{{supervisor_services}}"
+  notify: Restart supervisor
+
+- name: Ensure supervisor is started and enabled
+  service: name=supervisor state=started enabled=yes

roles/map-server/templates/supervisor.service.j2

@@ -0,0 +1,3 @@
+[program:{{item.name}}]
+command={{item.command}}
+stdout_logfile=NONE

roles/map-server/vars/Debian.yml

@@ -0,0 +1,2 @@
+mapserver_packages:
+- supervisor

roles/mapserver-certificates/README.md

@@ -0,0 +1,38 @@
+Role Name
+=========
+
+A brief description of the role goes here.
+
+Requirements
+------------
+
+Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
+
+Role Variables
+--------------
+
+A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
+
+Dependencies
+------------
+
+A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
+
+Example Playbook
+----------------
+
+Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
+
+    - hosts: servers
+      roles:
+         - { role: username.rolename, x: 42 }
+
+License
+-------
+
+BSD
+
+Author Information
+------------------
+
+An optional section for the role authors to include contact information, or a website (HTML is not allowed).

roles/mapserver-certificates/defaults/main.yml

@@ -0,0 +1,3 @@
+---
+# defaults file for mapserver-certificates
+mapserver_use_pregenerated_dh_params: false

roles/mapserver-certificates/handlers/main.yml

@@ -0,0 +1,2 @@
+---
+# handlers file for mapserver-certificates

roles/mapserver-certificates/meta/main.yml

@@ -0,0 +1,139 @@
+---
+galaxy_info:
+  author: your name
+  description: 
+  company: your company (optional)
+  # If the issue tracker for your role is not on github, uncomment the
+  # next line and provide a value
+  # issue_tracker_url: http://example.com/issue/tracker
+  # Some suggested licenses:
+  # - BSD (default)
+  # - MIT
+  # - GPLv2
+  # - GPLv3
+  # - Apache
+  # - CC-BY
+  license: license (GPLv2, CC-BY, etc)
+  min_ansible_version: 1.2
+  #
+  # Below are all platforms currently available. Just uncomment
+  # the ones that apply to your role. If you don't see your 
+  # platform on this list, let us know and we'll get it added!
+  #
+  #platforms:
+  #- name: EL
+  #  versions:
+  #  - all
+  #  - 5
+  #  - 6
+  #  - 7
+  #- name: GenericUNIX
+  #  versions:
+  #  - all
+  #  - any
+  #- name: Fedora
+  #  versions:
+  #  - all
+  #  - 16
+  #  - 17
+  #  - 18
+  #  - 19
+  #  - 20
+  #  - 21
+  #  - 22
+  #- name: Windows
+  #  versions:
+  #  - all
+  #  - 2012R2
+  #- name: SmartOS
+  #  versions:
+  #  - all
+  #  - any
+  #- name: opensuse
+  #  versions:
+  #  - all
+  #  - 12.1
+  #  - 12.2
+  #  - 12.3
+  #  - 13.1
+  #  - 13.2
+  #- name: Amazon
+  #  versions:
+  #  - all
+  #  - 2013.03
+  #  - 2013.09
+  #- name: GenericBSD
+  #  versions:
+  #  - all
+  #  - any
+  #- name: FreeBSD
+  #  versions:
+  #  - all
+  #  - 8.0
+  #  - 8.1
+  #  - 8.2
+  #  - 8.3
+  #  - 8.4
+  #  - 9.0
+  #  - 9.1
+  #  - 9.1
+  #  - 9.2
+  #- name: Ubuntu
+  #  versions:
+  #  - all
+  #  - lucid
+  #  - maverick
+  #  - natty
+  #  - oneiric
+  #  - precise
+  #  - quantal
+  #  - raring
+  #  - saucy
+  #  - trusty
+  #  - utopic
+  #  - vivid
+  #- name: SLES
+  #  versions:
+  #  - all
+  #  - 10SP3
+  #  - 10SP4
+  #  - 11
+  #  - 11SP1
+  #  - 11SP2
+  #  - 11SP3
+  #- name: GenericLinux
+  #  versions:
+  #  - all
+  #  - any
+  #- name: Debian
+  #  versions:
+  #  - all
+  #  - etch
+  #  - jessie
+  #  - lenny
+  #  - squeeze
+  #  - wheezy
+  #
+  # Below are all categories currently available. Just as with
+  # the platforms above, uncomment those that apply to your role.
+  #
+  #categories:
+  #- cloud
+  #- cloud:ec2
+  #- cloud:gce
+  #- cloud:rax
+  #- clustering
+  #- database
+  #- database:nosql
+  #- database:sql
+  #- development
+  #- monitoring
+  #- networking
+  #- packaging
+  #- system
+  #- web
+dependencies: []
+  # List your role dependencies here, one per line.
+  # Be sure to remove the '[]' above if you add dependencies
+  # to this list.
+  

roles/mapserver-certificates/tasks/main.yml

@@ -0,0 +1,22 @@
+---
+# tasks file for mapserver-certificates
+
+- name: Install openssl to generate DH params
+  apt: name=openssl state=present
+
+- name: Ensure nginx ssl directory exists
+  file: dest=/etc/nginx/ssl/ state=directory
+
+- name: Create private ssl key from secret var
+  copy: content="{{ mapserver_ssl_private_key }}" dest=/etc/nginx/ssl/wiki.ffdo.de.key
+
+- name: Create nginx server certificate from secret var
+  copy: content="{{ mapserver_ssl_server_cert }}" dest=/etc/nginx/ssl/wiki.ffdo.de.crt
+
+- name: Deploy pregenerated DH params
+  when: mapserver_use_pregenerated_dh_params
+  copy: content="{{mapserver_dh_params}}" dest=/etc/nginx/dhparams.pem
+
+- name: Generate strong dhparams
+  when: not mapserver_use_pregenerated_dh_params
+  shell: openssl dhparam -out /etc/nginx/dhparams.pem 4096 creates=/etc/nginx/dhparams.pem

roles/mapserver-certificates/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for mapserver-certificates

roles/meshviewer/README.md

@@ -0,0 +1,38 @@
+Role Name
+=========
+
+A brief description of the role goes here.
+
+Requirements
+------------
+
+Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
+
+Role Variables
+--------------
+
+A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
+
+Dependencies
+------------
+
+A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
+
+Example Playbook
+----------------
+
+Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
+
+    - hosts: servers
+      roles:
+         - { role: username.rolename, x: 42 }
+
+License
+-------
+
+BSD
+
+Author Information
+------------------
+
+An optional section for the role authors to include contact information, or a website (HTML is not allowed).

roles/meshviewer/defaults/main.yml

@@ -0,0 +1,11 @@
+---
+# defaults file for meshviewer
+
+meshviewer_version: v3
+meshviewer_archive_name: "meshviewer-{{meshviewer_version}}.tar.gz"
+meshviewer_download_url: "http://draic.info/meshviewer/{{meshviewer_archive_name}}"
+meshviewer_install_directory: /srv/meshviewer
+meshviewer_build_directory: /usr/src/meshviewer
+meshviewer_map_sigma_scale: 0.5
+meshviewer_show_contacts: false
+meshviewer_max_age: 14

roles/meshviewer/handlers/main.yml

@@ -0,0 +1,2 @@
+---
+# handlers file for meshviewer

roles/meshviewer/meta/main.yml

@@ -0,0 +1,53 @@
+---
+galaxy_info:
+  author: Till Klocke
+  description: Downloads and installs meshviewer
+  company: Freifunk Dortmund
+  license: MIT
+  min_ansible_version: 1.2
+  platforms:
+  - name: EL
+    versions:
+    - all
+  - name: GenericUNIX
+    versions:
+    - all
+    - any
+  - name: Fedora
+    versions:
+    - all
+  - name: SmartOS
+    versions:
+    - all
+    - any
+  - name: opensuse
+    versions:
+    - all
+  - name: Amazon
+    versions:
+    - all
+  - name: GenericBSD
+    versions:
+    - all
+    - any
+  - name: FreeBSD
+    versions:
+    - all
+  - name: Ubuntu
+    versions:
+    - all
+  - name: SLES
+    versions:
+    - all
+  - name: GenericLinux
+    versions:
+    - all
+    - any
+  - name: Debian
+    versions:
+    - all
+  categories:
+  - monitoring
+  - web
+dependencies:
+- ffmap-backend

roles/meshviewer/tasks/main.yml

@@ -0,0 +1,46 @@
+---
+# tasks file for meshviewer
+
+- include_vars: "{{ ansible_os_family}}.yml"
+
+- name: Install build dependencies
+  apt: name={{item}} state=present
+  with_items: "{{meshviewer_build_dependencies}}"
+
+- name: Create meshviewer install directory
+  file: name={{meshviewer_install_directory}} state=directory
+
+- name: Create meshviewer build directory
+  file: name={{meshviewer_build_directory}} state=directory
+
+- name: Download meshviewer
+  get_url: url={{meshviewer_download_url}} dest=/tmp/
+
+- name: Extract meshviewer source archive
+  unarchive: copy=false src=/tmp/{{meshviewer_archive_name}} dest={{meshviewer_build_directory}}
+
+- name: Install npm build dependencies
+  command: npm install
+  register: meshviewer_npm_installed
+  args:
+    chdir: "{{meshviewer_build_directory}}/meshviewer-{{meshviewer_version}}"
+    creates: "{{meshviewer_build_directory}}/meshviewer-{{meshviewer_version}}/node_modules"
+
+- name: Install bower and grunt
+  when: meshviewer_npm_installed|changed
+  command: npm install bower grunt-cli
+
+- name: Install frontend dependencies
+  command: node_modules/.bin/bower --allow-root --config.interactive=false install
+  args:
+    chdir: "{{meshviewer_build_directory}}/meshviewer-{{meshviewer_version}}"
+    creates: "{{meshviewer_build_directory}}/meshviewer-{{meshviewer_version}}/bower_components"
+
+- name: Install build config
+  template: src=config.js.j2 dest="{{meshviewer_build_directory}}/meshviewer-{{meshviewer_version}}/config.js"
+
+- name: Build meshviewer
+  command:
+  args:
+    chdir: "{{meshviewer_build_directory}}/meshviewer-{{meshviewer_version}}"
+    creates: "{{meshviewer_build_directory}}/meshviewer-{{meshviewer_version}}/build"

roles/meshviewer/templates/config.js.j2

@@ -0,0 +1,7 @@
+define({
+  "dataPath": "{{meshviewer_data_url}}",
+  "siteName": "{{meshviewer_site_name}}",
+  "mapSigmaScale": {{meshviewer_map_sigma_scale}},
+  "showContact": {{meshviewer_show_contacts}},
+  "maxAge": {{meshviewer_max_age}}
+})

roles/meshviewer/vars/Debian.yml

@@ -0,0 +1,3 @@
+meshviewer_build_dependencies:
+- npm
+- ruby-sass

roles/meshviewer/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for meshviewer

test/application/mapserver_pkg_vars.yml

@@ -67,4 +67,55 @@ supernode_interfaces:
     - key: netmask
       value: "{{supernode_local_ip|ipaddr('netmask')}}"
     - key: broadcast
-      value: "{{supernode_local_ip|ipaddr('broadcast')}}"
+      value: "{{supernode_local_ip|ipaddr('broadcast')}}"
+
+meshviewer_data_url: "http://{{ansible_default_ipv4.address}}/data"
+meshviewer_site_name: Test Kitchen
+meshviewer_map_sigma_scale: 0.5
+meshviewer_show_contacts: true
+meshviewer_max_age: 14
+
+mapserver_use_pregenerated_dh_params: true
+mapserver_dh_params: |
+  -----BEGIN DH PARAMETERS-----
+  MIIBCAKCAQEAmWF6Vbj7fCywCna6iHb8WykMo7df73WrNmcdzpxBX+x29YMhU9zX
+  DATZ6cqLjOV0uDMqL6I0estB9TxwIEXUgOoc1KTUc91AE9YzQpH86jdE6nkw4Jjz
+  ec2TkyHJmLgods8NPw/uHvrpw84HWm/QxUT3ZOYdzTuNuGxWyJ43vCTsNrq59jOx
+  pbMETJRsP2YRNHMYwwF3V40EgN5y1X0xENstyWdPvk2aspxz10O+gD6+buSYA+xb
+  rvPG5bn/sVhi7pYBKPUMhrF8AoqGltNINkpP4dW3aQDJeIcwQ1aoE8IYp8eyv935
+  bHWReVmyfpXHEWtSHjwNbuqey40XN31qYwIBAg==
+  -----END DH PARAMETERS-----
+
+mapserver_ssl_private_key: |
+    -----BEGIN RSA PRIVATE KEY-----
+    MIICXQIBAAKBgQDFUvdXLyZGjceI3Z4UjqNrbL1Jn2F/CmCjs4a8x1FqMKaH3G/4
+    se/+soMUC140RqOnb8JrOCxpB0OdepVLDW191X2d4oiOb1fCO2uMBFJ8a1ZEHq/j
+    qLn8RY7OrJGUCMmLsLqmEU6rjAEBvkD2RPTJ8fcUaMXjlIdA05QFgUlAKQIDAQAB
+    AoGBAKSwbDNd7MoyBvlaTlfF/Orp5MoPteW8GZBHhAsHKBJC7Jq0BthAWpfvEaun
+    GUb0Nh7HDjNCvP4jy/EhoHz1hg1pFOkRUlz602qLj5h2aEqB8yW4DfUbrfq3CHpd
+    0rZXWlrIn9Ww0rr/ZGQvNywOuyIVsaDmBWsudQhv+4CSpa/JAkEA+HJCRuAFExHK
+    Lftr/8bSVajOFPmdf+vhERLuAB8r7FH2pl7H67CETKN8BdVLCOurhjSA4Iq/RRaS
+    3qSkXgD9PwJBAMtSzkXfRBPxZl7iCGHsGenOfIdLONm4/LaSBJtsqv3YgAMhMdrO
+    idwU293nKktTONUV61gzbFSbLATiuLH0IJcCQG1TojScCb+deXGIjLrOG+qT0LPM
+    L/GFs9GWmeK11Nc2LiqB1MmzMFSlMENE27L+Oclhu0CT7Z0SVOjiXG39U3MCQQCS
+    6kuIK3KqomShLNx3vT1gN0a+D/mNQODCHzJbCCNp9xVQrZyziUgOEbhpWE60TPck
+    6Yi7m7SsUc913EkutMMTAkBup3dbKPkDgl3Ujm9q/mvyJdE5ZF1QvbSSuFFPinP6
+    pQtvUENWV3NmlAuBOg4gzJ+ZSyKy93KvJ91MHNwfKMok
+    -----END RSA PRIVATE KEY-----
+
+mapserver_ssl_server_cert: |
+    -----BEGIN CERTIFICATE-----
+    MIICazCCAdQCCQDGN/3zHbvn2zANBgkqhkiG9w0BAQsFADB6MQswCQYDVQQGEwJE
+    RTEMMAoGA1UECAwDTlJXMREwDwYDVQQHDAhEb3J0bXVuZDERMA8GA1UECgwIRnJl
+    aWZ1bmsxEjAQBgNVBAsMCW1hcHNlcnZlcjEjMCEGA1UEAwwabWFwc2VydmVyLmZy
+    ZWlmdW5rLmV4YW1wbGUwHhcNMTUwODAyMTIzMjUyWhcNMTYwODAxMTIzMjUyWjB6
+    MQswCQYDVQQGEwJERTEMMAoGA1UECAwDTlJXMREwDwYDVQQHDAhEb3J0bXVuZDER
+    MA8GA1UECgwIRnJlaWZ1bmsxEjAQBgNVBAsMCW1hcHNlcnZlcjEjMCEGA1UEAwwa
+    bWFwc2VydmVyLmZyZWlmdW5rLmV4YW1wbGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0A
+    MIGJAoGBAMVS91cvJkaNx4jdnhSOo2tsvUmfYX8KYKOzhrzHUWowpofcb/ix7/6y
+    gxQLXjRGo6dvwms4LGkHQ516lUsNbX3VfZ3iiI5vV8I7a4wEUnxrVkQer+OoufxF
+    js6skZQIyYuwuqYRTquMAQG+QPZE9Mnx9xRoxeOUh0DTlAWBSUApAgMBAAEwDQYJ
+    KoZIhvcNAQELBQADgYEAXjdHDXdzIrlKfk1NN9PdZVap9QrXdxko48r2fxw56EIm
+    86gQheAMJX/kVKPAXnAsvr0Deoj6iM9MhHztDyZUJ4FMSyIteGFOddEVmQ8JCJIo
+    RnAOI4YIB9+CxjXNatDlmGSHGx5i4A2dUUIU/IGPXTe17+4DznGujze/hB04r34=
+    -----END CERTIFICATE-----

test/integration/mapserver/serverspec/network_spec.rb

@@ -14,4 +14,22 @@ end
 
 describe interface('eth0') do
   it { should exist }
+end
+
+describe package('bird') do
+  it { should be_installed }
+end
+
+# At least on Ubuntu doesn't open a port. Is this a problem?
+describe port(179) do 
+  it { should be_listening.with('tcp') }
+  it { should be_listening.with('tcp6') }
+end
+
+describe process('bird') do
+  it { should be_running }
+end
+
+describe process('bird6') do
+  it { should be_running }
 end

test/integration/mapserver/serverspec/test_spec.rb

@@ -6,4 +6,16 @@ set :backend, :exec
 describe file('/usr/local/bin/alfred-json') do
   it { should exist }
   it { should be_executable }
+end
+
+describe cron do {
+  it { should should have_entry '* * * * * /srv/ffmap-backend/backend.py -d /srv/ffmap-data -p 14' }
+}
+
+describe port(80) do
+  it { should be_listening.with('tcp6') }
+end
+
+describe port(443) do
+  it { should be_listeing.with('tcp6') }
 end