matrix-docker-ansible-deploy/roles/custom/matrix_playbook_migration/defaults/main.yml

---

# Controls if (`matrix_prometheus_node_exporter` -> `prometheus_node_exporter`) validation will run.
matrix_playbook_migration_matrix_prometheus_node_exporter_migration_validation_enabled: true

# Controls if (`matrix_prometheus_postgres_exporter` -> `prometheus_postgres_exporter`) validation will run.
matrix_playbook_migration_matrix_prometheus_postgres_exporter_migration_validation_enabled: true

# Controls if (`matrix_backup_borg` -> `backup_borg`) validation will run.
matrix_playbook_migration_matrix_backup_borg_migration_validation_enabled: true

# Controls if (`matrix_grafana` -> `grafana`) validation will run.
matrix_playbook_migration_matrix_grafana_migration_validation_enabled: true

# Controls if (`matrix_ntfy` -> `ntfy`) validation will run.
matrix_playbook_migration_matrix_ntfy_migration_validation_enabled: true

# Controls if (`matrix_redis` -> `redis`) validation will run.
matrix_playbook_migration_matrix_redis_migration_validation_enabled: true

# Controls if (`matrix_etherpad` -> `etherpad`) validation will run.
matrix_playbook_migration_matrix_etherpad_migration_validation_enabled: true

# Controls if (`matrix_aux` -> `aux`) validation will run.
matrix_playbook_migration_matrix_aux_migration_validation_enabled: true

# Controls if (`matrix_jitsi` -> `jitsi`) validation will run.
matrix_playbook_migration_matrix_jitsi_migration_validation_enabled: true

# Controls if the old apt repository (likely without a `signed-by` option) on Debian-based systems will be removed.
#
# Older versions of the Docker role (5.x, 6.x) used to install a repository at a path like: `/etc/apt/sources.list.d/download_docker_com_linux_*`
# For 6.x, the repository included a `signed-by` option, but for earlier versions it did not.
#
# New versions of the Docker role (7.0+) install a new apt repository with `signed-by` option to a different path (`/etc/apt/sources.list.d/docker.list`),
# but if a non-signed-by repository exists at the old path, a conflict will arise.
#
# Our workaround is to just delete the old repository file. Later, when the Docker role runs, it will install a new one at the new path.
#
# See:
# - https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2999
# - https://github.com/geerlingguy/ansible-role-docker/pull/410
matrix_playbook_migration_debian_signedby_migration_enabled: true
matrix_playbook_migration_debian_signedby_migration_repository_path: "/etc/apt/sources.list.d/download_docker_com_linux_{{ ansible_distribution | lower }}.list"

# Controls if the old apt repository for Docker (`signed-by=/etc/apt/trusted.gpg.d/docker.asc`) will be removed,
# so that the Docker role (7.2.0+) can install a new non-conflicting one (`signed-by=/etc/apt/keyrings/docker.asc`).
#
# Without this migration, the role would choke at the "galaxy/docker : Add Docker repository." task when trying to add the repository again:
# > An exception occurred during task execution. To see the full traceback, use -vvv. The error was: apt_pkg.Error: E:Conflicting values set for option Signed-By regarding source https://download.docker.com/linux/ubuntu/ focal: /etc/apt/trusted.gpg.d/docker.asc != /etc/apt/keyrings/docker.asc, E:The list of sources could not be read.
#
# Related to: https://github.com/geerlingguy/ansible-role-docker/pull/436
matrix_playbook_migration_docker_trusted_gpg_d_migration_enabled: true
matrix_playbook_migration_docker_trusted_gpg_d_migration_repository_path: "/etc/apt/sources.list.d/docker.list"

# Controls if variable transition checks (related to the matrix-nginx-proxy elimination) will run.
# If you'd like to keep some `matrix_nginx_proxy` and other variables around and not be warned about them, disable this.
# Note: this is not just about `matrix_nginx_proxy_*` variables, but about various other variables that were removed
# during the matrix-nginx-proxy elimination.
matrix_playbook_migration_matrix_nginx_proxy_elimination_variable_transition_checks_enabled: true

# Controls if (`matrix_nginx_proxy`) leftover variable checks will run.
# If you'd like to keep some `matrix_nginx_proxy` variables around and not be warned about them, disable this.
matrix_playbook_migration_matrix_nginx_proxy_leftover_variable_validation_checks_enabled: true

# Controls if (`matrix_ssl_`) leftover variable checks will run.
matrix_playbook_migration_matrix_ssl_leftover_variable_checks_enabled: true

# Controls whether this role will delete old files left over from `matrix-nginx-proxy`.
# Regardless of this value, if discovered, a `matrix-nginx-proxy.service` systemd serivce will be stopped and removed.
matrix_playbook_migration_matrix_nginx_proxy_uninstallation_enabled: true

# Controls whether this role will try to detect and clean up the /matrix/ssl files.
matrix_playbook_migration_matrix_ssl_uninstallation_enabled: true
Switch from matrix-prometheus-node-exporter to an external prometheus_node_exporter role 2023-01-21 10:07:04 +01:00			`---`

			# Controls if (`matrix_prometheus_node_exporter` -> `prometheus_node_exporter`) validation will run.
			`matrix_playbook_migration_matrix_prometheus_node_exporter_migration_validation_enabled: true`
Switch from matrix-prometheus-postgres-exporter to an external prometheus_postgres_exporter role 2023-02-05 09:32:09 +01:00
			# Controls if (`matrix_prometheus_postgres_exporter` -> `prometheus_postgres_exporter`) validation will run.
			`matrix_playbook_migration_matrix_prometheus_postgres_exporter_migration_validation_enabled: true`
Replace matrix-backup-borg with an external role 2023-02-13 09:53:11 +01:00
			# Controls if (`matrix_backup_borg` -> `backup_borg`) validation will run.
			`matrix_playbook_migration_matrix_backup_borg_migration_validation_enabled: true`
Replace matrix-grafana with an external role 2023-02-15 09:30:58 +01:00
			# Controls if (`matrix_grafana` -> `grafana`) validation will run.
			`matrix_playbook_migration_matrix_grafana_migration_validation_enabled: true`
Switch to using an external Ntfy role The newly extracted role also has native Traefik support, so we no longer need to rely on `matrix-nginx-proxy` for reverse-proxying to Ntfy. The new role uses port `80` inside the container (not `8080`, like before), because that's the default assumption of the officially published container image. Using a custom port (like `8080`), means the default healthcheck command (which hardcodes port `80`) doesn't work. Instead of fiddling to override the healthcheck command, we've decided to stick to the default port instead. This only affects the inside-the-container port, not any external ports. The new role also supports adding the network ranges of the container's multiple additional networks as "exempt hosts". Previously, only one network's address range was added to "exempt hosts". 2023-02-17 08:54:33 +01:00
			# Controls if (`matrix_ntfy` -> `ntfy`) validation will run.
			`matrix_playbook_migration_matrix_ntfy_migration_validation_enabled: true`
Switch to using an external Redis role 2023-02-17 15:23:59 +01:00
			# Controls if (`matrix_redis` -> `redis`) validation will run.
			`matrix_playbook_migration_matrix_redis_migration_validation_enabled: true`
Add validation tasks for Etherpad migration (matrix_etherpad -> etherpad) 2023-03-03 09:37:51 +01:00
			# Controls if (`matrix_etherpad` -> `etherpad`) validation will run.
			`matrix_playbook_migration_matrix_etherpad_migration_validation_enabled: true`
Move matrix-aux outside of this playbook 2023-03-20 10:06:27 +01:00
			# Controls if (`matrix_aux` -> `aux`) validation will run.
			`matrix_playbook_migration_matrix_aux_migration_validation_enabled: true`
Switch to exported Jitsi role 2023-04-03 07:53:46 +02:00
			# Controls if (`matrix_jitsi` -> `jitsi`) validation will run.
			`matrix_playbook_migration_matrix_jitsi_migration_validation_enabled: true`
Fix potential Docker apt repository signed-by conflict on Debian-based systems Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2999 Related to https://github.com/geerlingguy/ansible-role-docker/pull/410 2023-11-21 14:40:32 +01:00
			# Controls if the old apt repository (likely without a `signed-by` option) on Debian-based systems will be removed.
			`#`
			# Older versions of the Docker role (5.x, 6.x) used to install a repository at a path like: `/etc/apt/sources.list.d/download_docker_com_linux_*`
			# For 6.x, the repository included a `signed-by` option, but for earlier versions it did not.
			`#`
			# New versions of the Docker role (7.0+) install a new apt repository with `signed-by` option to a different path (`/etc/apt/sources.list.d/docker.list`),
			`# but if a non-signed-by repository exists at the old path, a conflict will arise.`
			`#`
			`# Our workaround is to just delete the old repository file. Later, when the Docker role runs, it will install a new one at the new path.`
			`#`
			`# See:`
			`# - https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2999`
			`# - https://github.com/geerlingguy/ansible-role-docker/pull/410`
			`matrix_playbook_migration_debian_signedby_migration_enabled: true`
			`matrix_playbook_migration_debian_signedby_migration_repository_path: "/etc/apt/sources.list.d/download_docker_com_linux_{{ ansible_distribution \| lower }}.list"`
Remove all traces of matrix-nginx-proxy, add validation & uninstallation tasks 2024-01-14 17:42:14 +01:00
Add migration task for Debiant apt repositories for Docker referencing /etc/apt/keyrings/docker.asc key Related to: - https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3337 - https://github.com/geerlingguy/ansible-role-docker/pull/436 2024-05-28 09:38:45 +02:00			# Controls if the old apt repository for Docker (`signed-by=/etc/apt/trusted.gpg.d/docker.asc`) will be removed,
			# so that the Docker role (7.2.0+) can install a new non-conflicting one (`signed-by=/etc/apt/keyrings/docker.asc`).
			`#`
			`# Without this migration, the role would choke at the "galaxy/docker : Add Docker repository." task when trying to add the repository again:`
			`# > An exception occurred during task execution. To see the full traceback, use -vvv. The error was: apt_pkg.Error: E:Conflicting values set for option Signed-By regarding source https://download.docker.com/linux/ubuntu/ focal: /etc/apt/trusted.gpg.d/docker.asc != /etc/apt/keyrings/docker.asc, E:The list of sources could not be read.`
			`#`
			`# Related to: https://github.com/geerlingguy/ansible-role-docker/pull/436`
			`matrix_playbook_migration_docker_trusted_gpg_d_migration_enabled: true`
			`matrix_playbook_migration_docker_trusted_gpg_d_migration_repository_path: "/etc/apt/sources.list.d/docker.list"`

Remove all traces of matrix-nginx-proxy, add validation & uninstallation tasks 2024-01-14 17:42:14 +01:00			`# Controls if variable transition checks (related to the matrix-nginx-proxy elimination) will run.`
			# If you'd like to keep some `matrix_nginx_proxy` and other variables around and not be warned about them, disable this.
			# Note: this is not just about `matrix_nginx_proxy_*` variables, but about various other variables that were removed
			`# during the matrix-nginx-proxy elimination.`
			`matrix_playbook_migration_matrix_nginx_proxy_elimination_variable_transition_checks_enabled: true`

			# Controls if (`matrix_nginx_proxy`) leftover variable checks will run.
			# If you'd like to keep some `matrix_nginx_proxy` variables around and not be warned about them, disable this.
			`matrix_playbook_migration_matrix_nginx_proxy_leftover_variable_validation_checks_enabled: true`

			# Controls if (`matrix_ssl_`) leftover variable checks will run.
			`matrix_playbook_migration_matrix_ssl_leftover_variable_checks_enabled: true`

Always uninstall matrix-nginx-proxy, if discovered This changes the behavior of `matrix_playbook_migration_matrix_nginx_proxy_uninstallation_enabled` and is against what we initially described in the changelog entry, but I've discovered some problems when the `matrix-nginx-proxy` service and container remain running. They need to go. 2024-01-17 16:22:08 +01:00			# Controls whether this role will delete old files left over from `matrix-nginx-proxy`.
			# Regardless of this value, if discovered, a `matrix-nginx-proxy.service` systemd serivce will be stopped and removed.
Remove all traces of matrix-nginx-proxy, add validation & uninstallation tasks 2024-01-14 17:42:14 +01:00			`matrix_playbook_migration_matrix_nginx_proxy_uninstallation_enabled: true`

			`# Controls whether this role will try to detect and clean up the /matrix/ssl files.`
			`matrix_playbook_migration_matrix_ssl_uninstallation_enabled: true`