mirror of
https://github.com/spantaleev/matrix-docker-ansible-deploy.git
synced 2024-12-25 10:28:29 +01:00
GoMatrixHosting v0.4.9 update
This commit is contained in:
parent
10c68a8cf4
commit
122a92fa1c
@ -31,9 +31,9 @@ Updates to this section are trailed here:
|
|||||||
|
|
||||||
## Does I need an AWX setup to use this? How do I configure it?
|
## Does I need an AWX setup to use this? How do I configure it?
|
||||||
|
|
||||||
Yes, you'll need to configure an AWX instance, the [Create AWX System](https://gitlab.com/GoMatrixHosting/create-awx-system) repository makes it easy to do. Just follow the steps listed in ['/docs/Installation.md' of that repository](https://gitlab.com/GoMatrixHosting/create-awx-system/-/blob/master/docs/Installation.md).
|
Yes, you'll need to configure an AWX instance, the [Create AWX System](https://gitlab.com/GoMatrixHosting/create-awx-system) repository makes it easy to do. Just follow the steps listed in ['/docs/Installation_AWX.md' of that repository](https://gitlab.com/GoMatrixHosting/create-awx-system/-/blob/master/docs/Installation_AWX.md).
|
||||||
|
|
||||||
For simpler installation steps you can use to get started with this system, check out our minimal installation guide at ['/doc/Installation_Minimal.md of that repository'](https://gitlab.com/GoMatrixHosting/create-awx-system/-/blob/master/docs/Installation_Minimal.md).
|
For simpler installation steps you can use to get started with this system, check out our minimal installation guide at ['/doc/Installation_Minimal_AWX.md of that repository'](https://gitlab.com/GoMatrixHosting/create-awx-system/-/blob/master/docs/Installation_Minimal_AWX.md).
|
||||||
|
|
||||||
|
|
||||||
## Does I need a front-end WordPress site? And a DigitalOcean account?
|
## Does I need a front-end WordPress site? And a DigitalOcean account?
|
||||||
|
19
roles/matrix-awx/surveys/configure_email_relay.json.j2
Normal file
19
roles/matrix-awx/surveys/configure_email_relay.json.j2
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
{
|
||||||
|
"name": "Configure Email Relay",
|
||||||
|
"description": "Enable MailGun relay to increase verification email reliability.",
|
||||||
|
"spec": [
|
||||||
|
{
|
||||||
|
"question_name": "Enable Email Relay",
|
||||||
|
"question_description": "Enables the MailGun email relay server, enabling this will increase the reliability of your email verification.",
|
||||||
|
"required": false,
|
||||||
|
"min": null,
|
||||||
|
"max": null,
|
||||||
|
"default": "{{ matrix_mailer_relay_use | string | lower }}",
|
||||||
|
"choices": "true\nfalse",
|
||||||
|
"new_question": true,
|
||||||
|
"variable": "matrix_mailer_relay_use",
|
||||||
|
"type": "multiplechoice"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
@ -98,6 +98,15 @@
|
|||||||
tags:
|
tags:
|
||||||
- setup-client-element
|
- setup-client-element
|
||||||
|
|
||||||
|
# Additional playbook to set the variable file during Mailer configuration
|
||||||
|
- include_tasks:
|
||||||
|
file: "set_variables_mailer.yml"
|
||||||
|
apply:
|
||||||
|
tags: setup-mailer
|
||||||
|
when: run_setup|bool and matrix_awx_enabled|bool
|
||||||
|
tags:
|
||||||
|
- setup-mailer
|
||||||
|
|
||||||
# Additional playbook to set the variable file during Element configuration
|
# Additional playbook to set the variable file during Element configuration
|
||||||
- include_tasks:
|
- include_tasks:
|
||||||
file: "set_variables_element_subdomain.yml"
|
file: "set_variables_element_subdomain.yml"
|
||||||
|
50
roles/matrix-awx/tasks/set_variables_mailer.yml
Normal file
50
roles/matrix-awx/tasks/set_variables_mailer.yml
Normal file
@ -0,0 +1,50 @@
|
|||||||
|
|
||||||
|
- name: Record Mailer variables locally on AWX
|
||||||
|
delegate_to: 127.0.0.1
|
||||||
|
lineinfile:
|
||||||
|
path: '{{ awx_cached_matrix_vars }}'
|
||||||
|
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
||||||
|
line: "{{ item.key }}: {{ item.value }}"
|
||||||
|
insertafter: '# Email Settings Start'
|
||||||
|
with_dict:
|
||||||
|
'matrix_mailer_relay_use': '{{ matrix_mailer_relay_use }}'
|
||||||
|
|
||||||
|
- name: Save new 'Configure Email Relay' survey.json to the AWX tower, template
|
||||||
|
delegate_to: 127.0.0.1
|
||||||
|
template:
|
||||||
|
src: 'roles/matrix-awx/surveys/configure_email_relay.json.j2'
|
||||||
|
dest: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_email_relay.json'
|
||||||
|
|
||||||
|
- name: Copy new 'Configure Email Relay' survey.json to target machine
|
||||||
|
copy:
|
||||||
|
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_email_relay.json'
|
||||||
|
dest: '/matrix/awx/configure_email_relay.json'
|
||||||
|
mode: '0660'
|
||||||
|
|
||||||
|
- name: Collect AWX admin token the hard way!
|
||||||
|
delegate_to: 127.0.0.1
|
||||||
|
shell: |
|
||||||
|
curl -sku {{ tower_username }}:{{ tower_password }} -H "Content-Type: application/json" -X POST -d '{"description":"Tower CLI", "application":null, "scope":"write"}' https://{{ tower_host }}/api/v2/users/1/personal_tokens/ | jq '.token' | sed -r 's/\"//g'
|
||||||
|
register: tower_token
|
||||||
|
no_log: True
|
||||||
|
|
||||||
|
- name: Recreate 'Configure Email Relay' job template
|
||||||
|
delegate_to: 127.0.0.1
|
||||||
|
awx.awx.tower_job_template:
|
||||||
|
name: "{{ matrix_domain }} - 1 - Configure Email Relay"
|
||||||
|
description: "Enable MailGun relay to increase verification email reliability."
|
||||||
|
extra_vars: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/extra_vars.json') }}"
|
||||||
|
job_type: run
|
||||||
|
job_tags: "start,setup-mailer"
|
||||||
|
inventory: "{{ member_id }}"
|
||||||
|
project: "{{ member_id }} - Matrix Docker Ansible Deploy"
|
||||||
|
playbook: setup.yml
|
||||||
|
credential: "{{ member_id }} - AWX SSH Key"
|
||||||
|
survey_enabled: true
|
||||||
|
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_email_relay.json') }}"
|
||||||
|
become_enabled: yes
|
||||||
|
state: present
|
||||||
|
verbosity: 1
|
||||||
|
tower_host: "https://{{ tower_host }}"
|
||||||
|
tower_oauthtoken: "{{ tower_token.stdout }}"
|
||||||
|
validate_certs: yes
|
@ -5,7 +5,7 @@ matrix_client_hydrogen_enabled: true
|
|||||||
matrix_client_hydrogen_container_image_self_build: true
|
matrix_client_hydrogen_container_image_self_build: true
|
||||||
matrix_client_hydrogen_container_image_self_build_repo: "https://github.com/vector-im/hydrogen-web.git"
|
matrix_client_hydrogen_container_image_self_build_repo: "https://github.com/vector-im/hydrogen-web.git"
|
||||||
|
|
||||||
matrix_client_hydrogen_version: v0.1.53
|
matrix_client_hydrogen_version: v0.1.56
|
||||||
matrix_client_hydrogen_docker_image: "{{ matrix_client_hydrogen_docker_image_name_prefix }}vectorim/hydrogen-web:{{ matrix_client_hydrogen_version }}"
|
matrix_client_hydrogen_docker_image: "{{ matrix_client_hydrogen_docker_image_name_prefix }}vectorim/hydrogen-web:{{ matrix_client_hydrogen_version }}"
|
||||||
matrix_client_hydrogen_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_hydrogen_container_image_self_build }}"
|
matrix_client_hydrogen_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_hydrogen_container_image_self_build }}"
|
||||||
matrix_client_hydrogen_docker_image_force_pull: "{{ matrix_client_hydrogen_docker_image.endswith(':latest') }}"
|
matrix_client_hydrogen_docker_image_force_pull: "{{ matrix_client_hydrogen_docker_image.endswith(':latest') }}"
|
||||||
|
@ -15,8 +15,8 @@ matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_cont
|
|||||||
# amd64 gets released first.
|
# amd64 gets released first.
|
||||||
# arm32 relies on self-building, so the same version can be built immediately.
|
# arm32 relies on self-building, so the same version can be built immediately.
|
||||||
# arm64 users need to wait for a prebuilt image to become available.
|
# arm64 users need to wait for a prebuilt image to become available.
|
||||||
matrix_synapse_version: v1.34.0
|
matrix_synapse_version: v1.35.1
|
||||||
matrix_synapse_version_arm64: v1.34.0
|
matrix_synapse_version_arm64: v1.35.1
|
||||||
matrix_synapse_docker_image_tag: "{{ matrix_synapse_version if matrix_architecture in ['arm32', 'amd64'] else matrix_synapse_version_arm64 }}"
|
matrix_synapse_docker_image_tag: "{{ matrix_synapse_version if matrix_architecture in ['arm32', 'amd64'] else matrix_synapse_version_arm64 }}"
|
||||||
matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}"
|
matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}"
|
||||||
|
|
||||||
|
@ -705,33 +705,6 @@ acme:
|
|||||||
#
|
#
|
||||||
#account_key_file: /data/acme_account.key
|
#account_key_file: /data/acme_account.key
|
||||||
|
|
||||||
# List of allowed TLS fingerprints for this server to publish along
|
|
||||||
# with the signing keys for this server. Other matrix servers that
|
|
||||||
# make HTTPS requests to this server will check that the TLS
|
|
||||||
# certificates returned by this server match one of the fingerprints.
|
|
||||||
#
|
|
||||||
# Synapse automatically adds the fingerprint of its own certificate
|
|
||||||
# to the list. So if federation traffic is handled directly by synapse
|
|
||||||
# then no modification to the list is required.
|
|
||||||
#
|
|
||||||
# If synapse is run behind a load balancer that handles the TLS then it
|
|
||||||
# will be necessary to add the fingerprints of the certificates used by
|
|
||||||
# the loadbalancers to this list if they are different to the one
|
|
||||||
# synapse is using.
|
|
||||||
#
|
|
||||||
# Homeservers are permitted to cache the list of TLS fingerprints
|
|
||||||
# returned in the key responses up to the "valid_until_ts" returned in
|
|
||||||
# key. It may be necessary to publish the fingerprints of a new
|
|
||||||
# certificate and wait until the "valid_until_ts" of the previous key
|
|
||||||
# responses have passed before deploying it.
|
|
||||||
#
|
|
||||||
# You can calculate a fingerprint from a given TLS listener via:
|
|
||||||
# openssl s_client -connect $host:$port < /dev/null 2> /dev/null |
|
|
||||||
# openssl x509 -outform DER | openssl sha256 -binary | base64 | tr -d '='
|
|
||||||
# or by checking matrix.org/federationtester/api/report?server_name=$host
|
|
||||||
#
|
|
||||||
#tls_fingerprints: [{"sha256": "<base64_encoded_sha256_fingerprint>"}]
|
|
||||||
|
|
||||||
|
|
||||||
## Federation ##
|
## Federation ##
|
||||||
|
|
||||||
@ -2904,7 +2877,8 @@ opentracing:
|
|||||||
#enabled: true
|
#enabled: true
|
||||||
|
|
||||||
# The list of homeservers we wish to send and receive span contexts and span baggage.
|
# The list of homeservers we wish to send and receive span contexts and span baggage.
|
||||||
# See docs/opentracing.rst
|
# See docs/opentracing.rst.
|
||||||
|
#
|
||||||
# This is a list of regexes which are matched against the server_name of the
|
# This is a list of regexes which are matched against the server_name of the
|
||||||
# homeserver.
|
# homeserver.
|
||||||
#
|
#
|
||||||
@ -2913,19 +2887,26 @@ opentracing:
|
|||||||
#homeserver_whitelist:
|
#homeserver_whitelist:
|
||||||
# - ".*"
|
# - ".*"
|
||||||
|
|
||||||
|
# A list of the matrix IDs of users whose requests will always be traced,
|
||||||
|
# even if the tracing system would otherwise drop the traces due to
|
||||||
|
# probabilistic sampling.
|
||||||
|
#
|
||||||
|
# By default, the list is empty.
|
||||||
|
#
|
||||||
|
#force_tracing_for_users:
|
||||||
|
# - "@user1:server_name"
|
||||||
|
# - "@user2:server_name"
|
||||||
|
|
||||||
# Jaeger can be configured to sample traces at different rates.
|
# Jaeger can be configured to sample traces at different rates.
|
||||||
# All configuration options provided by Jaeger can be set here.
|
# All configuration options provided by Jaeger can be set here.
|
||||||
# Jaeger's configuration mostly related to trace sampling which
|
# Jaeger's configuration is mostly related to trace sampling which
|
||||||
# is documented here:
|
# is documented here:
|
||||||
# https://www.jaegertracing.io/docs/1.13/sampling/.
|
# https://www.jaegertracing.io/docs/latest/sampling/.
|
||||||
#
|
#
|
||||||
#jaeger_config:
|
#jaeger_config:
|
||||||
# sampler:
|
# sampler:
|
||||||
# type: const
|
# type: const
|
||||||
# param: 1
|
# param: 1
|
||||||
|
|
||||||
# Logging whether spans were started and reported
|
|
||||||
#
|
|
||||||
# logging:
|
# logging:
|
||||||
# false
|
# false
|
||||||
|
|
||||||
@ -2995,4 +2976,20 @@ redis:
|
|||||||
#
|
#
|
||||||
password: {{ matrix_synapse_redis_password }}
|
password: {{ matrix_synapse_redis_password }}
|
||||||
|
|
||||||
|
|
||||||
|
# Enable experimental features in Synapse.
|
||||||
|
#
|
||||||
|
# Experimental features might break or be removed without a deprecation
|
||||||
|
# period.
|
||||||
|
#
|
||||||
|
experimental_features:
|
||||||
|
# Support for Spaces (MSC1772), it enables the following:
|
||||||
|
#
|
||||||
|
# * The Spaces Summary API (MSC2946).
|
||||||
|
# * Restricting room membership based on space membership (MSC3083).
|
||||||
|
#
|
||||||
|
# Uncomment to disable support for Spaces.
|
||||||
|
#spaces_enabled: false
|
||||||
|
|
||||||
|
|
||||||
# vim:ft=yaml
|
# vim:ft=yaml
|
||||||
|
Loading…
Reference in New Issue
Block a user