From 741064a178b8bd675673235d7021132458f0956d Mon Sep 17 00:00:00 2001 From: Chris van Dijk Date: Fri, 1 May 2020 19:11:55 +0200 Subject: [PATCH 1/3] Fix group ownership of Dimension base path and config Ansible will migrate the ownership of the base path and config path, but manual intervention will be required in order to migrate the ownership of files in those directories (i.e. dimension.db). Stop the services: (local)$ ansible-playbook -i inventory/hosts setup.yml --tags=stop Fix the permissions on the server: (server)# chown -Rv "{{ matrix_user_username }}:{{ matrix_user_username }}" "{{ matrix_dimension_base_path }}" which would typically look like: (server)# chown -Rv matrix:matrix /matrix/dimension/ Reconfigure Dimension and start the services: (local)$ ansible-playbook -i inventory/hosts setup.yml --tags=setup-dimension,start --- roles/matrix-dimension/tasks/setup_dimension.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-dimension/tasks/setup_dimension.yml b/roles/matrix-dimension/tasks/setup_dimension.yml index 2437a5472..929521467 100644 --- a/roles/matrix-dimension/tasks/setup_dimension.yml +++ b/roles/matrix-dimension/tasks/setup_dimension.yml @@ -10,7 +10,7 @@ state: directory mode: 0770 owner: "{{ matrix_user_username }}" - group: "{{ matrix_dimension_user_gid }}" + group: "{{ matrix_user_username }}" when: matrix_dimension_enabled|bool - name: Ensure Dimension config installed @@ -19,7 +19,7 @@ dest: "{{ matrix_dimension_base_path }}/config.yaml" mode: 0640 owner: "{{ matrix_user_username }}" - group: "{{ matrix_dimension_user_gid }}" + group: "{{ matrix_user_username }}" when: matrix_dimension_enabled|bool - name: Ensure Dimension image is pulled From cf0e56e92b697d793da6d71258c4e9daa8ab57cc Mon Sep 17 00:00:00 2001 From: Chris van Dijk Date: Fri, 1 May 2020 19:39:17 +0200 Subject: [PATCH 2/3] Consistent usage of matrix username and groupname, not uid and gid This should be a no-op, no migration necessary. --- roles/matrix-synapse/tasks/goofys/setup_install.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-synapse/tasks/goofys/setup_install.yml b/roles/matrix-synapse/tasks/goofys/setup_install.yml index efd9d46cf..f8c4b013a 100644 --- a/roles/matrix-synapse/tasks/goofys/setup_install.yml +++ b/roles/matrix-synapse/tasks/goofys/setup_install.yml @@ -17,8 +17,8 @@ path: "{{ matrix_synapse_media_store_path }}" state: directory mode: 0750 - owner: "{{ matrix_user_uid }}" - group: "{{ matrix_user_gid }}" + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_username }}" when: "not local_path_matrix_synapse_media_store_path_stat.failed and not local_path_matrix_synapse_media_store_path_stat.stat.exists" - name: Ensure goofys environment variables file created From 7585bcc4ac50d08392cf304599a6f80033d0d339 Mon Sep 17 00:00:00 2001 From: Chris van Dijk Date: Fri, 1 May 2020 19:59:32 +0200 Subject: [PATCH 3/3] Allow the matrix user username and groupname to be configured separately No migration steps should be required. --- roles/matrix-base/defaults/main.yml | 1 + roles/matrix-base/tasks/setup_matrix_base.yml | 6 +++--- roles/matrix-base/tasks/setup_well_known.yml | 6 +++--- .../tasks/setup_install.yml | 6 +++--- .../tasks/setup_install.yml | 8 ++++---- .../tasks/setup_install.yml | 6 +++--- .../tasks/setup_install.yml | 10 +++++----- .../tasks/setup_install.yml | 6 +++--- .../tasks/setup_install.yml | 6 +++--- .../tasks/setup_install.yml | 6 +++--- .../tasks/setup_install.yml | 6 +++--- .../tasks/setup_install.yml | 6 +++--- .../tasks/setup_install.yml | 6 +++--- roles/matrix-corporal/tasks/setup_corporal.yml | 4 ++-- roles/matrix-coturn/tasks/setup_coturn.yml | 4 ++-- roles/matrix-dimension/tasks/setup_dimension.yml | 4 ++-- roles/matrix-email2matrix/tasks/setup_email2matrix.yml | 4 ++-- roles/matrix-jitsi/tasks/setup_jitsi_base.yml | 2 +- roles/matrix-jitsi/tasks/setup_jitsi_jicofo.yml | 2 +- roles/matrix-jitsi/tasks/setup_jitsi_jvb.yml | 2 +- roles/matrix-jitsi/tasks/setup_jitsi_prosody.yml | 2 +- roles/matrix-jitsi/tasks/setup_jitsi_web.yml | 2 +- roles/matrix-ma1sd/tasks/setup_ma1sd.yml | 6 +++--- roles/matrix-mailer/tasks/setup_mailer.yml | 2 +- roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml | 8 ++++---- roles/matrix-nginx-proxy/tasks/setup_well_known.yml | 4 ++-- roles/matrix-nginx-proxy/tasks/ssl/main.yml | 2 +- .../ssl/setup_ssl_self_signed_obtain_for_domain.yml | 2 +- roles/matrix-postgres/tasks/import_sqlite_db.yml | 2 +- .../tasks/migrate_postgres_data_directory.yml | 2 +- roles/matrix-postgres/tasks/run_synapse_janitor.yml | 2 +- roles/matrix-postgres/tasks/setup_postgres.yml | 4 ++-- roles/matrix-riot-web/tasks/setup_riot_web.yml | 6 +++--- .../tasks/ext/rest-auth/setup_install.yml | 2 +- .../tasks/ext/shared-secret-auth/setup_install.yml | 2 +- roles/matrix-synapse/tasks/goofys/setup_install.yml | 2 +- roles/matrix-synapse/tasks/import_media_store.yml | 2 +- roles/matrix-synapse/tasks/setup_synapse.yml | 2 +- roles/matrix-synapse/tasks/synapse/setup_install.yml | 4 ++-- 39 files changed, 80 insertions(+), 79 deletions(-) diff --git a/roles/matrix-base/defaults/main.yml b/roles/matrix-base/defaults/main.yml index 7f4c6ace7..0885f3d84 100644 --- a/roles/matrix-base/defaults/main.yml +++ b/roles/matrix-base/defaults/main.yml @@ -22,6 +22,7 @@ matrix_server_fqn_dimension: "dimension.{{ matrix_domain }}" matrix_server_fqn_jitsi: "jitsi.{{ matrix_domain }}" matrix_user_username: "matrix" +matrix_user_groupname: "matrix" matrix_user_uid: 991 matrix_user_gid: 991 diff --git a/roles/matrix-base/tasks/setup_matrix_base.yml b/roles/matrix-base/tasks/setup_matrix_base.yml index 24217883d..9afda508f 100644 --- a/roles/matrix-base/tasks/setup_matrix_base.yml +++ b/roles/matrix-base/tasks/setup_matrix_base.yml @@ -2,7 +2,7 @@ - name: Ensure Matrix group is created group: - name: "{{ matrix_user_username }}" + name: "{{ matrix_user_groupname }}" gid: "{{ matrix_user_gid }}" state: present @@ -11,7 +11,7 @@ name: "{{ matrix_user_username }}" uid: "{{ matrix_user_uid }}" state: present - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" - name: Ensure Matrix base path exists file: @@ -19,7 +19,7 @@ state: directory mode: "{{ matrix_base_data_path_mode }}" owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" with_items: - "{{ matrix_base_data_path }}" diff --git a/roles/matrix-base/tasks/setup_well_known.yml b/roles/matrix-base/tasks/setup_well_known.yml index 36706df47..3b81ce1e3 100644 --- a/roles/matrix-base/tasks/setup_well_known.yml +++ b/roles/matrix-base/tasks/setup_well_known.yml @@ -8,7 +8,7 @@ state: directory mode: 0755 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" with_items: - "{{ matrix_static_files_base_path }}/.well-known/matrix" @@ -18,7 +18,7 @@ dest: "{{ matrix_static_files_base_path }}/.well-known/matrix/client" mode: 0644 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" - name: Ensure Matrix /.well-known/matrix/server file configured template: @@ -26,7 +26,7 @@ dest: "{{ matrix_static_files_base_path }}/.well-known/matrix/server" mode: 0644 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" when: matrix_well_known_matrix_server_enabled|bool - name: Ensure Matrix /.well-known/matrix/server file deleted diff --git a/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml b/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml index e2144f6ae..d736fa7c7 100644 --- a/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml +++ b/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml @@ -13,7 +13,7 @@ state: directory mode: 0750 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" with_items: - "{{ matrix_appservice_discord_base_path }}" - "{{ matrix_appservice_discord_config_path }}" @@ -46,7 +46,7 @@ dest: "{{ matrix_appservice_discord_config_path }}/config.yaml" mode: 0644 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" - name: Ensure AppService Discord registration.yaml installed copy: @@ -54,7 +54,7 @@ dest: "{{ matrix_appservice_discord_config_path }}/registration.yaml" mode: 0644 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" # If `matrix_appservice_discord_client_id` hasn't changed, the same invite link would be generated. # We intentionally suppress Ansible changes. diff --git a/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml b/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml index 1c69b2a82..7206d25e9 100644 --- a/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml +++ b/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml @@ -13,7 +13,7 @@ state: directory mode: 0750 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" with_items: - "{{ matrix_appservice_irc_base_path }}" - "{{ matrix_appservice_irc_config_path }}" @@ -50,7 +50,7 @@ dest: "{{ matrix_appservice_irc_config_path }}/config.yaml" mode: 0644 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" - name: Check if Appservice IRC passkey exists stat: @@ -70,7 +70,7 @@ path: "{{ matrix_appservice_irc_data_path }}/passkey.pem" mode: 0644 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" # Ideally, we'd like to generate the final registration.yaml file by ourselves. # @@ -134,7 +134,7 @@ dest: "{{ matrix_appservice_irc_config_path }}/registration.yaml" mode: 0644 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" - name: Ensure matrix-appservice-irc.service installed template: diff --git a/roles/matrix-bridge-appservice-slack/tasks/setup_install.yml b/roles/matrix-bridge-appservice-slack/tasks/setup_install.yml index b4132e966..94e0fedf9 100644 --- a/roles/matrix-bridge-appservice-slack/tasks/setup_install.yml +++ b/roles/matrix-bridge-appservice-slack/tasks/setup_install.yml @@ -13,7 +13,7 @@ state: directory mode: 0750 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" with_items: - "{{ matrix_appservice_slack_base_path }}" - "{{ matrix_appservice_slack_config_path }}" @@ -25,7 +25,7 @@ dest: "{{ matrix_appservice_slack_config_path }}/config.yaml" mode: 0644 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" - name: Ensure appservice-slack registration.yaml installed copy: @@ -33,7 +33,7 @@ dest: "{{ matrix_appservice_slack_config_path }}/slack-registration.yaml" mode: 0644 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" - name: Ensure matrix-appservice-slack.service installed template: diff --git a/roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml b/roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml index 5d167dc0b..9ddc121a1 100644 --- a/roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml +++ b/roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml @@ -13,7 +13,7 @@ state: directory mode: 0750 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" with_items: - "{{ matrix_appservice_webhooks_base_path }}" - "{{ matrix_appservice_webhooks_config_path }}" @@ -25,7 +25,7 @@ dest: "{{ matrix_appservice_webhooks_config_path }}/config.yaml" mode: 0644 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" - name: Ensure Matrix Appservice webhooks schema.yml template exists template: @@ -33,7 +33,7 @@ dest: "{{ matrix_appservice_webhooks_config_path }}/schema.yml" mode: 0644 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" - name: Ensure Matrix Appservice webhooks database.json template exists template: @@ -41,7 +41,7 @@ dest: "{{ matrix_appservice_webhooks_data_path }}/database.json" mode: 0644 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" - name: Ensure appservice-webhooks registration.yaml installed copy: @@ -49,7 +49,7 @@ dest: "{{ matrix_appservice_webhooks_config_path }}/webhooks-registration.yaml" mode: 0644 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" - name: Ensure matrix-appservice-webhooks.service installed template: diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml index 82b55cea1..a1131d8ea 100644 --- a/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml @@ -22,7 +22,7 @@ state: directory mode: 0750 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" with_items: - { path: "{{ matrix_mautrix_facebook_base_path }}", when: true } - { path: "{{ matrix_mautrix_facebook_config_path }}", when: true } @@ -73,7 +73,7 @@ dest: "{{ matrix_mautrix_facebook_config_path }}/config.yaml" mode: 0644 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" - name: Ensure mautrix-facebook registration.yaml installed copy: @@ -81,7 +81,7 @@ dest: "{{ matrix_mautrix_facebook_config_path }}/registration.yaml" mode: 0644 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" - name: Ensure matrix-mautrix-facebook.service installed template: diff --git a/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml index ae962d34c..97893be7c 100644 --- a/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml @@ -22,7 +22,7 @@ state: directory mode: 0750 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" with_items: - { path: "{{ matrix_mautrix_hangouts_base_path }}", when: true } - { path: "{{ matrix_mautrix_hangouts_config_path }}", when: true } @@ -72,7 +72,7 @@ dest: "{{ matrix_mautrix_hangouts_config_path }}/config.yaml" mode: 0644 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" - name: Ensure mautrix-hangouts registration.yaml installed copy: @@ -80,7 +80,7 @@ dest: "{{ matrix_mautrix_hangouts_config_path }}/registration.yaml" mode: 0644 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" - name: Ensure matrix-mautrix-hangouts.service installed template: diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml index 1c8b063d8..9dc38ec2c 100644 --- a/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml @@ -21,7 +21,7 @@ state: directory mode: 0750 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" with_items: - "{{ matrix_mautrix_telegram_base_path }}" - "{{ matrix_mautrix_telegram_config_path }}" @@ -50,7 +50,7 @@ dest: "{{ matrix_mautrix_telegram_config_path }}/config.yaml" mode: 0644 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" - name: Ensure mautrix-telegram registration.yaml installed copy: @@ -58,7 +58,7 @@ dest: "{{ matrix_mautrix_telegram_config_path }}/registration.yaml" mode: 0644 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" - name: Ensure matrix-mautrix-telegram.service installed template: diff --git a/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml index a818afb18..6bd87bbe2 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml @@ -21,7 +21,7 @@ state: directory mode: 0750 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" with_items: - "{{ matrix_mautrix_whatsapp_base_path }}" - "{{ matrix_mautrix_whatsapp_config_path }}" @@ -59,7 +59,7 @@ dest: "{{ matrix_mautrix_whatsapp_config_path }}/config.yaml" mode: 0644 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" - name: Ensure mautrix-whatsapp registration.yaml installed copy: @@ -67,7 +67,7 @@ dest: "{{ matrix_mautrix_whatsapp_config_path }}/registration.yaml" mode: 0644 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" - name: Ensure matrix-mautrix-whatsapp.service installed template: diff --git a/roles/matrix-bridge-mx-puppet-skype/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-skype/tasks/setup_install.yml index 6857c6c93..e88fd7783 100644 --- a/roles/matrix-bridge-mx-puppet-skype/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-skype/tasks/setup_install.yml @@ -22,7 +22,7 @@ state: directory mode: 0750 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" with_items: - { path: "{{ matrix_mx_puppet_skype_base_path }}", when: true } - { path: "{{ matrix_mx_puppet_skype_config_path }}", when: true } @@ -71,7 +71,7 @@ dest: "{{ matrix_mx_puppet_skype_config_path }}/config.yaml" mode: 0644 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" - name: Ensure mx-puppet-skype skype-registration.yaml installed copy: @@ -79,7 +79,7 @@ dest: "{{ matrix_mx_puppet_skype_config_path }}/registration.yaml" mode: 0644 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" - name: Ensure matrix-mx-puppet-skype.service installed template: diff --git a/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml index f4c9fc8ec..ddaede728 100644 --- a/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml @@ -22,7 +22,7 @@ state: directory mode: 0750 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" with_items: - { path: "{{ matrix_mx_puppet_slack_base_path }}", when: true } - { path: "{{ matrix_mx_puppet_slack_config_path }}", when: true } @@ -70,7 +70,7 @@ dest: "{{ matrix_mx_puppet_slack_config_path }}/config.yaml" mode: 0644 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" - name: Ensure mx-puppet-slack slack-registration.yaml installed copy: @@ -78,7 +78,7 @@ dest: "{{ matrix_mx_puppet_slack_config_path }}/registration.yaml" mode: 0644 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" - name: Ensure matrix-mx-puppet-slack.service installed template: diff --git a/roles/matrix-corporal/tasks/setup_corporal.yml b/roles/matrix-corporal/tasks/setup_corporal.yml index 2e09f013b..72b6a5b26 100644 --- a/roles/matrix-corporal/tasks/setup_corporal.yml +++ b/roles/matrix-corporal/tasks/setup_corporal.yml @@ -10,7 +10,7 @@ state: directory mode: 0750 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" with_items: - "{{ matrix_corporal_config_dir_path }}" - "{{ matrix_corporal_cache_dir_path }}" @@ -31,7 +31,7 @@ dest: "{{ matrix_corporal_config_dir_path }}/config.json" mode: 0644 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" when: matrix_corporal_enabled|bool - name: Ensure matrix-corporal.service installed diff --git a/roles/matrix-coturn/tasks/setup_coturn.yml b/roles/matrix-coturn/tasks/setup_coturn.yml index 8a2ad3bdd..52db0e3e0 100644 --- a/roles/matrix-coturn/tasks/setup_coturn.yml +++ b/roles/matrix-coturn/tasks/setup_coturn.yml @@ -10,7 +10,7 @@ state: directory mode: 0750 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" with_items: - { path: "{{ matrix_coturn_docker_src_files_path }}", when: "{{ matrix_coturn_container_image_self_build }}"} when: matrix_riot_web_enabled|bool and item.when @@ -47,7 +47,7 @@ state: directory mode: 0750 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" when: matrix_coturn_enabled|bool - name: Ensure turnserver.conf installed diff --git a/roles/matrix-dimension/tasks/setup_dimension.yml b/roles/matrix-dimension/tasks/setup_dimension.yml index 929521467..1681a548b 100644 --- a/roles/matrix-dimension/tasks/setup_dimension.yml +++ b/roles/matrix-dimension/tasks/setup_dimension.yml @@ -10,7 +10,7 @@ state: directory mode: 0770 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" when: matrix_dimension_enabled|bool - name: Ensure Dimension config installed @@ -19,7 +19,7 @@ dest: "{{ matrix_dimension_base_path }}/config.yaml" mode: 0640 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" when: matrix_dimension_enabled|bool - name: Ensure Dimension image is pulled diff --git a/roles/matrix-email2matrix/tasks/setup_email2matrix.yml b/roles/matrix-email2matrix/tasks/setup_email2matrix.yml index 1e64627af..d5fa73a51 100644 --- a/roles/matrix-email2matrix/tasks/setup_email2matrix.yml +++ b/roles/matrix-email2matrix/tasks/setup_email2matrix.yml @@ -10,7 +10,7 @@ state: directory mode: 0750 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" with_items: - "{{ matrix_email2matrix_base_path }}" - "{{ matrix_email2matrix_config_dir_path }}" @@ -21,7 +21,7 @@ src: "{{ role_path }}/templates/config.json.j2" dest: "{{ matrix_email2matrix_config_dir_path }}/config.json" owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" mode: 0640 when: matrix_email2matrix_enabled|bool diff --git a/roles/matrix-jitsi/tasks/setup_jitsi_base.yml b/roles/matrix-jitsi/tasks/setup_jitsi_base.yml index fcfbb8f65..408027ee0 100644 --- a/roles/matrix-jitsi/tasks/setup_jitsi_base.yml +++ b/roles/matrix-jitsi/tasks/setup_jitsi_base.yml @@ -10,7 +10,7 @@ state: directory mode: 0750 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" with_items: - { path: "{{ matrix_jitsi_base_path }}", when: true } when: matrix_jitsi_enabled|bool and item.when diff --git a/roles/matrix-jitsi/tasks/setup_jitsi_jicofo.yml b/roles/matrix-jitsi/tasks/setup_jitsi_jicofo.yml index b7ff409a0..63da7fcfa 100644 --- a/roles/matrix-jitsi/tasks/setup_jitsi_jicofo.yml +++ b/roles/matrix-jitsi/tasks/setup_jitsi_jicofo.yml @@ -10,7 +10,7 @@ state: directory mode: 0777 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" with_items: - { path: "{{ matrix_jitsi_jicofo_base_path }}", when: true } - { path: "{{ matrix_jitsi_jicofo_config_path }}", when: true } diff --git a/roles/matrix-jitsi/tasks/setup_jitsi_jvb.yml b/roles/matrix-jitsi/tasks/setup_jitsi_jvb.yml index f442fc6e7..09055b59e 100644 --- a/roles/matrix-jitsi/tasks/setup_jitsi_jvb.yml +++ b/roles/matrix-jitsi/tasks/setup_jitsi_jvb.yml @@ -10,7 +10,7 @@ state: directory mode: 0777 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" with_items: - { path: "{{ matrix_jitsi_jvb_base_path }}", when: true } - { path: "{{ matrix_jitsi_jvb_config_path }}", when: true } diff --git a/roles/matrix-jitsi/tasks/setup_jitsi_prosody.yml b/roles/matrix-jitsi/tasks/setup_jitsi_prosody.yml index e783aad90..4159362da 100644 --- a/roles/matrix-jitsi/tasks/setup_jitsi_prosody.yml +++ b/roles/matrix-jitsi/tasks/setup_jitsi_prosody.yml @@ -10,7 +10,7 @@ state: directory mode: 0777 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" with_items: - { path: "{{ matrix_jitsi_prosody_base_path }}", when: true } - { path: "{{ matrix_jitsi_prosody_config_path }}", when: true } diff --git a/roles/matrix-jitsi/tasks/setup_jitsi_web.yml b/roles/matrix-jitsi/tasks/setup_jitsi_web.yml index 3610a084d..6e5d20b06 100644 --- a/roles/matrix-jitsi/tasks/setup_jitsi_web.yml +++ b/roles/matrix-jitsi/tasks/setup_jitsi_web.yml @@ -10,7 +10,7 @@ state: directory mode: 0777 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" with_items: - { path: "{{ matrix_jitsi_web_base_path }}", when: true } - { path: "{{ matrix_jitsi_web_config_path }}", when: true } diff --git a/roles/matrix-ma1sd/tasks/setup_ma1sd.yml b/roles/matrix-ma1sd/tasks/setup_ma1sd.yml index 57fc019a8..ee055afd7 100644 --- a/roles/matrix-ma1sd/tasks/setup_ma1sd.yml +++ b/roles/matrix-ma1sd/tasks/setup_ma1sd.yml @@ -10,7 +10,7 @@ state: directory mode: 0750 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" with_items: - { path: "{{ matrix_ma1sd_config_path }}", when: true } - { path: "{{ matrix_ma1sd_data_path }}", when: true } @@ -69,7 +69,7 @@ dest: "{{ matrix_ma1sd_config_path }}/ma1sd.yaml" mode: 0644 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" when: matrix_ma1sd_enabled|bool - name: Ensure custom templates are installed if any @@ -78,7 +78,7 @@ dest: "{{ matrix_ma1sd_data_path }}/{{ item.location }}" mode: 0644 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" with_items: - {value: "{{ matrix_ma1sd_threepid_medium_email_custom_invite_template }}", location: 'invite-template.eml'} - {value: "{{ matrix_ma1sd_threepid_medium_email_custom_session_validation_template }}", location: 'validate-template.eml'} diff --git a/roles/matrix-mailer/tasks/setup_mailer.yml b/roles/matrix-mailer/tasks/setup_mailer.yml index e216915fa..6104edfe6 100644 --- a/roles/matrix-mailer/tasks/setup_mailer.yml +++ b/roles/matrix-mailer/tasks/setup_mailer.yml @@ -10,7 +10,7 @@ state: directory mode: 0750 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" when: matrix_mailer_enabled|bool - name: Ensure mailer environment variables file created diff --git a/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml b/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml index 6db5d9785..69ac36f20 100644 --- a/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml +++ b/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml @@ -16,7 +16,7 @@ state: directory mode: 0750 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" with_items: - "{{ matrix_nginx_proxy_base_path }}" - "{{ matrix_nginx_proxy_data_path }}" @@ -34,7 +34,7 @@ src: "{{ role_path }}/templates/nginx/matrix-synapse-metrics-htpasswd.j2" dest: "{{ matrix_nginx_proxy_data_path }}/matrix-synapse-metrics-htpasswd" owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" mode: 0400 when: "matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_enabled|bool and matrix_nginx_proxy_proxy_synapse_metrics|bool" @@ -79,7 +79,7 @@ state: directory mode: 0750 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" when: matrix_nginx_proxy_base_domain_serving_enabled|bool - name: Ensure Matrix nginx-proxy homepage for base domain exists @@ -88,7 +88,7 @@ dest: "{{ matrix_nginx_proxy_data_path }}/matrix-domain/index.html" mode: 0644 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" when: matrix_nginx_proxy_base_domain_serving_enabled|bool and matrix_nginx_proxy_base_domain_homepage_enabled|bool - name: Ensure Matrix nginx-proxy configuration for base domain exists diff --git a/roles/matrix-nginx-proxy/tasks/setup_well_known.yml b/roles/matrix-nginx-proxy/tasks/setup_well_known.yml index 5cd54cc8e..3e43a8c60 100644 --- a/roles/matrix-nginx-proxy/tasks/setup_well_known.yml +++ b/roles/matrix-nginx-proxy/tasks/setup_well_known.yml @@ -11,7 +11,7 @@ state: directory mode: 0755 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" with_items: - "{{ matrix_static_files_base_path }}/.well-known/matrix" @@ -21,4 +21,4 @@ dest: "{{ matrix_static_files_base_path }}/.well-known/matrix" mode: 0644 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" \ No newline at end of file + group: "{{ matrix_user_groupname }}" \ No newline at end of file diff --git a/roles/matrix-nginx-proxy/tasks/ssl/main.yml b/roles/matrix-nginx-proxy/tasks/ssl/main.yml index 5402468c6..6c0608186 100644 --- a/roles/matrix-nginx-proxy/tasks/ssl/main.yml +++ b/roles/matrix-nginx-proxy/tasks/ssl/main.yml @@ -14,7 +14,7 @@ state: directory mode: 0770 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" recurse: true with_items: - "{{ matrix_ssl_log_dir_path }}" diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed_obtain_for_domain.yml b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed_obtain_for_domain.yml index 80838fa67..aea17cc02 100644 --- a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed_obtain_for_domain.yml +++ b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed_obtain_for_domain.yml @@ -17,7 +17,7 @@ state: directory mode: 0750 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" when: "not matrix_ssl_certificate_cert_path_stat_result.stat.exists" # The proper way to do this is by using a sequence of diff --git a/roles/matrix-postgres/tasks/import_sqlite_db.yml b/roles/matrix-postgres/tasks/import_sqlite_db.yml index 5953557b2..eab4e8924 100644 --- a/roles/matrix-postgres/tasks/import_sqlite_db.yml +++ b/roles/matrix-postgres/tasks/import_sqlite_db.yml @@ -50,7 +50,7 @@ state: directory mode: 0700 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" - name: Ensure matrix-postgres is started service: diff --git a/roles/matrix-postgres/tasks/migrate_postgres_data_directory.yml b/roles/matrix-postgres/tasks/migrate_postgres_data_directory.yml index 599d45b5f..ef5fbf47d 100644 --- a/roles/matrix-postgres/tasks/migrate_postgres_data_directory.yml +++ b/roles/matrix-postgres/tasks/migrate_postgres_data_directory.yml @@ -46,7 +46,7 @@ state: directory mode: 0700 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" when: "result_pg_old_data_dir_stat.stat.exists" - block: diff --git a/roles/matrix-postgres/tasks/run_synapse_janitor.yml b/roles/matrix-postgres/tasks/run_synapse_janitor.yml index 4562b8ba1..41484d79c 100644 --- a/roles/matrix-postgres/tasks/run_synapse_janitor.yml +++ b/roles/matrix-postgres/tasks/run_synapse_janitor.yml @@ -42,7 +42,7 @@ force: true mode: 0550 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" - name: Ensure matrix-postgres is started service: diff --git a/roles/matrix-postgres/tasks/setup_postgres.yml b/roles/matrix-postgres/tasks/setup_postgres.yml index 355898b60..e4d443928 100644 --- a/roles/matrix-postgres/tasks/setup_postgres.yml +++ b/roles/matrix-postgres/tasks/setup_postgres.yml @@ -38,7 +38,7 @@ state: directory mode: 0700 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" with_items: - "{{ matrix_postgres_base_path }}" - "{{ matrix_postgres_data_path }}" @@ -52,7 +52,7 @@ path: "{{ matrix_postgres_data_path }}" state: directory owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" recurse: yes when: matrix_postgres_enabled|bool diff --git a/roles/matrix-riot-web/tasks/setup_riot_web.yml b/roles/matrix-riot-web/tasks/setup_riot_web.yml index a1d25fc60..f21834a8d 100644 --- a/roles/matrix-riot-web/tasks/setup_riot_web.yml +++ b/roles/matrix-riot-web/tasks/setup_riot_web.yml @@ -10,7 +10,7 @@ state: directory mode: 0750 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" with_items: - { path: "{{ matrix_riot_web_data_path }}", when: true } - { path: "{{ matrix_riot_web_docker_src_files_path }}", when: "{{ matrix_riot_web_container_image_self_build }}" } @@ -48,7 +48,7 @@ dest: "{{ matrix_riot_web_data_path }}/config.json" mode: 0644 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" when: matrix_riot_web_enabled|bool - name: Ensure Matrix riot-web config files installed @@ -57,7 +57,7 @@ dest: "{{ matrix_riot_web_data_path }}/{{ item.name }}" mode: 0644 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" with_items: - {src: "{{ role_path }}/templates/nginx.conf.j2", name: "nginx.conf"} - {src: "{{ role_path }}/templates/welcome.html.j2", name: "welcome.html"} diff --git a/roles/matrix-synapse/tasks/ext/rest-auth/setup_install.yml b/roles/matrix-synapse/tasks/ext/rest-auth/setup_install.yml index 9569d71e7..634b1ca5e 100644 --- a/roles/matrix-synapse/tasks/ext/rest-auth/setup_install.yml +++ b/roles/matrix-synapse/tasks/ext/rest-auth/setup_install.yml @@ -12,7 +12,7 @@ force: true mode: 0440 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" - set_fact: matrix_synapse_password_providers_enabled: true diff --git a/roles/matrix-synapse/tasks/ext/shared-secret-auth/setup_install.yml b/roles/matrix-synapse/tasks/ext/shared-secret-auth/setup_install.yml index 60e5ee0c2..af92041df 100644 --- a/roles/matrix-synapse/tasks/ext/shared-secret-auth/setup_install.yml +++ b/roles/matrix-synapse/tasks/ext/shared-secret-auth/setup_install.yml @@ -12,7 +12,7 @@ force: true mode: 0440 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" - set_fact: matrix_synapse_password_providers_enabled: true diff --git a/roles/matrix-synapse/tasks/goofys/setup_install.yml b/roles/matrix-synapse/tasks/goofys/setup_install.yml index f8c4b013a..932379861 100644 --- a/roles/matrix-synapse/tasks/goofys/setup_install.yml +++ b/roles/matrix-synapse/tasks/goofys/setup_install.yml @@ -18,7 +18,7 @@ state: directory mode: 0750 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" when: "not local_path_matrix_synapse_media_store_path_stat.failed and not local_path_matrix_synapse_media_store_path_stat.stat.exists" - name: Ensure goofys environment variables file created diff --git a/roles/matrix-synapse/tasks/import_media_store.yml b/roles/matrix-synapse/tasks/import_media_store.yml index db68f22d1..487bcb356 100644 --- a/roles/matrix-synapse/tasks/import_media_store.yml +++ b/roles/matrix-synapse/tasks/import_media_store.yml @@ -66,7 +66,7 @@ file: path: "{{ matrix_synapse_media_store_path }}" owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" recurse: yes when: "not matrix_s3_media_store_enabled|bool" diff --git a/roles/matrix-synapse/tasks/setup_synapse.yml b/roles/matrix-synapse/tasks/setup_synapse.yml index c40ae170b..4fb41b1ae 100644 --- a/roles/matrix-synapse/tasks/setup_synapse.yml +++ b/roles/matrix-synapse/tasks/setup_synapse.yml @@ -6,7 +6,7 @@ state: directory mode: 0750 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" with_items: - { path: "{{ matrix_synapse_config_dir_path }}", when: true } - { path: "{{ matrix_synapse_run_path }}", when: true } diff --git a/roles/matrix-synapse/tasks/synapse/setup_install.yml b/roles/matrix-synapse/tasks/synapse/setup_install.yml index f10614e74..58f4d31dc 100644 --- a/roles/matrix-synapse/tasks/synapse/setup_install.yml +++ b/roles/matrix-synapse/tasks/synapse/setup_install.yml @@ -15,7 +15,7 @@ state: directory mode: 0750 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" when: "not local_path_media_store_stat.failed and not local_path_media_store_stat.stat.exists" - name: Ensure Synapse repository is present on self-build @@ -79,7 +79,7 @@ dest: "{{ matrix_synapse_config_dir_path }}/homeserver.yaml" mode: 0644 owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" - name: Ensure Synapse log config installed template: