mirror of
https://github.com/spantaleev/matrix-docker-ansible-deploy.git
synced 2024-12-25 02:18:31 +01:00
Merge branch 'master' into bye-bye-nginx-proxy
This commit is contained in:
commit
377fce5855
18
CHANGELOG.md
18
CHANGELOG.md
@ -1,3 +1,21 @@
|
|||||||
|
# 2024-01-05
|
||||||
|
|
||||||
|
## matrix-mailer has been replaced by the exim-relay external role
|
||||||
|
|
||||||
|
We're continuing our effort to make [the playbook use external roles for some things](#the-playbook-now-uses-external-roles-for-some-things), so as to avoid doing everything ourselves and to facilitate code re-use.
|
||||||
|
|
||||||
|
The `matrix-mailer` role has been moved to its own repository ([ansible-role-exim-relay](https://github.com/mother-of-all-self-hosting/ansible-role-exim-relay)) that this playbook now includes.
|
||||||
|
|
||||||
|
To migrate:
|
||||||
|
|
||||||
|
- pull the playbook changes, as usual
|
||||||
|
- update your roles (run `just roles` or `make roles`)
|
||||||
|
- update your `vars.yml`, renaming `matrix_mailer`-prefixed variables to `exim_relay`-prefixed ones (e.g. `matrix_mailer_sender_address` -> `exim_relay_sender_address`). If you find none, it means you're using the default configuration and your migraiton job is even simpler.
|
||||||
|
- re-run the playbook (`install-all` or `setup-all`)
|
||||||
|
|
||||||
|
The playbook will take care of stopping the old `matrix-mailer` systemd service, relocating its directory and restarting it under the new name (`matrix-exim-relay.service`).
|
||||||
|
|
||||||
|
|
||||||
# 2024-01-02
|
# 2024-01-02
|
||||||
|
|
||||||
## mautrix-signal now powered by the new Go-based bridge
|
## mautrix-signal now powered by the new Go-based bridge
|
||||||
|
@ -5,9 +5,9 @@ By default, this playbook sets up an [Exim](https://www.exim.org/) email server
|
|||||||
The email server would attempt to deliver emails directly to their final destination.
|
The email server would attempt to deliver emails directly to their final destination.
|
||||||
This may or may not work, depending on your domain configuration (SPF settings, etc.)
|
This may or may not work, depending on your domain configuration (SPF settings, etc.)
|
||||||
|
|
||||||
By default, emails are sent from `matrix@<your-domain-name>` (as specified by the `matrix_mailer_sender_address` playbook variable).
|
By default, emails are sent from `matrix@<your-domain-name>` (as specified by the `exim_relay_sender_address` playbook variable).
|
||||||
|
|
||||||
**Note**: If you are using a Google Cloud instance, [port 25 is always blocked](https://cloud.google.com/compute/docs/tutorials/sending-mail/), so you need to relay email through another SMTP server as described below.
|
**Note**: If you are using a Google Cloud instance, [port 25 is always blocked](https://cloud.google.com/compute/docs/tutorials/sending-mail/), so you need to relay email through another SMTP server as described below.
|
||||||
|
|
||||||
|
|
||||||
## Firewall settings
|
## Firewall settings
|
||||||
@ -21,35 +21,35 @@ If you'd like to relay email through another SMTP server, feel free to redefine
|
|||||||
Example:
|
Example:
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
matrix_mailer_sender_address: "another.sender@example.com"
|
exim_relay_sender_address: "another.sender@example.com"
|
||||||
matrix_mailer_relay_use: true
|
exim_relay_relay_use: true
|
||||||
matrix_mailer_relay_host_name: "mail.example.com"
|
exim_relay_relay_host_name: "mail.example.com"
|
||||||
matrix_mailer_relay_host_port: 587
|
exim_relay_relay_host_port: 587
|
||||||
matrix_mailer_relay_auth: true
|
exim_relay_relay_auth: true
|
||||||
matrix_mailer_relay_auth_username: "another.sender@example.com"
|
exim_relay_relay_auth_username: "another.sender@example.com"
|
||||||
matrix_mailer_relay_auth_password: "some-password"
|
exim_relay_relay_auth_password: "some-password"
|
||||||
```
|
```
|
||||||
|
|
||||||
**Note**: only the secure submission protocol (using `STARTTLS`, usually on port `587`) is supported. **SMTPS** (encrypted SMTP, usually on port `465`) **is not supported**.
|
**Note**: only the secure submission protocol (using `STARTTLS`, usually on port `587`) is supported. **SMTPS** (encrypted SMTP, usually on port `465`) **is not supported**.
|
||||||
|
|
||||||
|
|
||||||
### Configuations for sending emails using Sendgrid
|
### Configuations for sending emails using Sendgrid
|
||||||
An easy and free SMTP service to set up is [Sendgrid](https://sendgrid.com/), the free tier allows for up to 100 emails per day to be sent. In the settings below you can provide any email for `matrix_mailer_sender_address`.
|
An easy and free SMTP service to set up is [Sendgrid](https://sendgrid.com/), the free tier allows for up to 100 emails per day to be sent. In the settings below you can provide any email for `exim_relay_sender_address`.
|
||||||
|
|
||||||
The only other thing you need to change is the `matrix_mailer_relay_auth_password`, which you can generate at https://app.sendgrid.com/settings/api_keys. The API key password looks something like `SG.955oW1mLSfwds7i9Yd6IA5Q.q8GTaB8q9kGDzasegdG6u95fQ-6zkdwrPP8bOeuI`.
|
The only other thing you need to change is the `exim_relay_relay_auth_password`, which you can generate at https://app.sendgrid.com/settings/api_keys. The API key password looks something like `SG.955oW1mLSfwds7i9Yd6IA5Q.q8GTaB8q9kGDzasegdG6u95fQ-6zkdwrPP8bOeuI`.
|
||||||
|
|
||||||
Note that the `matrix_mailer_relay_auth_username` is literally the string `apikey`, it's always the same for Sendgrid.
|
Note that the `exim_relay_relay_auth_username` is literally the string `apikey`, it's always the same for Sendgrid.
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
matrix_mailer_sender_address: "arbitrary@email.com"
|
exim_relay_sender_address: "arbitrary@email.com"
|
||||||
matrix_mailer_relay_use: true
|
exim_relay_relay_use: true
|
||||||
matrix_mailer_relay_host_name: "smtp.sendgrid.net"
|
exim_relay_relay_host_name: "smtp.sendgrid.net"
|
||||||
matrix_mailer_relay_host_port: 587
|
exim_relay_relay_host_port: 587
|
||||||
matrix_mailer_relay_auth: true
|
exim_relay_relay_auth: true
|
||||||
matrix_mailer_relay_auth_username: "apikey"
|
exim_relay_relay_auth_username: "apikey"
|
||||||
matrix_mailer_relay_auth_password: "<your api key password>"
|
exim_relay_relay_auth_password: "<your api key password>"
|
||||||
```
|
```
|
||||||
|
|
||||||
## Troubleshooting
|
## Troubleshooting
|
||||||
|
|
||||||
If you're having trouble with email not being delivered, it may be useful to inspect the mailer logs: `journalctl -f -u matrix-mailer`.
|
If you're having trouble with email not being delivered, it may be useful to inspect the mailer logs: `journalctl -f -u matrix-exim-relay`.
|
||||||
|
@ -285,7 +285,7 @@ You can disable some not-so-important services to save on memory.
|
|||||||
matrix_ma1sd_enabled: false
|
matrix_ma1sd_enabled: false
|
||||||
|
|
||||||
# Disabling this will prevent email-notifications and other such things from working.
|
# Disabling this will prevent email-notifications and other such things from working.
|
||||||
matrix_mailer_enabled: false
|
exim_relay_enabled: false
|
||||||
|
|
||||||
# You can also disable this to save more RAM,
|
# You can also disable this to save more RAM,
|
||||||
# at the expense of audio/video calls being unreliable.
|
# at the expense of audio/video calls being unreliable.
|
||||||
|
@ -353,7 +353,7 @@ devture_systemd_service_manager_services_list_auto: |
|
|||||||
+
|
+
|
||||||
([{'name': (matrix_media_repo_identifier + '.service'), 'priority': 4000, 'groups': ['matrix', 'matrix-media-repo']}] if matrix_media_repo_enabled else [])
|
([{'name': (matrix_media_repo_identifier + '.service'), 'priority': 4000, 'groups': ['matrix', 'matrix-media-repo']}] if matrix_media_repo_enabled else [])
|
||||||
+
|
+
|
||||||
([{'name': 'matrix-mailer.service', 'priority': 2000, 'groups': ['matrix', 'mailer']}] if matrix_mailer_enabled else [])
|
([{'name': (exim_relay_identifier ~ '.service'), 'priority': 2000, 'groups': ['matrix', 'mailer', 'exim-relay']}] if exim_relay_enabled else [])
|
||||||
+
|
+
|
||||||
([{'name': 'matrix-nginx-proxy.service', 'priority': 3000, 'groups': ['matrix', 'nginx', 'nginx-proxy', 'reverse-proxies']}] if matrix_nginx_proxy_enabled else [])
|
([{'name': 'matrix-nginx-proxy.service', 'priority': 3000, 'groups': ['matrix', 'nginx', 'nginx-proxy', 'reverse-proxies']}] if matrix_nginx_proxy_enabled else [])
|
||||||
+
|
+
|
||||||
@ -2721,24 +2721,38 @@ matrix_ldap_registration_proxy_enabled: false
|
|||||||
#
|
#
|
||||||
######################################################################
|
######################################################################
|
||||||
|
|
||||||
######################################################################
|
|
||||||
#
|
|
||||||
# matrix-mailer
|
|
||||||
#
|
|
||||||
######################################################################
|
|
||||||
|
|
||||||
# By default, this playbook sets up an exim mailer server (running in a container).
|
########################################################################
|
||||||
# This is so that Synapse can send email reminders for unread messages.
|
# #
|
||||||
# Other services (like ma1sd), also use the mailer.
|
# exim-relay #
|
||||||
matrix_mailer_enabled: true
|
# #
|
||||||
|
########################################################################
|
||||||
|
|
||||||
matrix_mailer_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm32', 'arm64'] }}"
|
# We set up an Exim email relay by default.
|
||||||
|
# This is so that the homeserver and various other services can send emails through it.
|
||||||
|
# To completely disable this service, use: `exim_relay_enabled: false`
|
||||||
|
|
||||||
|
exim_relay_identifier: "matrix-exim-relay"
|
||||||
|
|
||||||
|
exim_relay_base_path: "{{ matrix_base_data_path }}/exim-relay"
|
||||||
|
|
||||||
|
exim_relay_uid: "{{ matrix_user_uid }}"
|
||||||
|
exim_relay_gid: "{{ matrix_user_gid }}"
|
||||||
|
|
||||||
|
exim_relay_container_network: "{{ matrix_docker_network }}"
|
||||||
|
|
||||||
|
exim_relay_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm32', 'arm64'] }}"
|
||||||
|
|
||||||
|
exim_relay_hostname: "{{ matrix_server_fqn_matrix }}"
|
||||||
|
|
||||||
|
exim_relay_sender_address: "matrix@{{ matrix_domain }}"
|
||||||
|
|
||||||
|
########################################################################
|
||||||
|
# #
|
||||||
|
# /exim-relay #
|
||||||
|
# #
|
||||||
|
########################################################################
|
||||||
|
|
||||||
######################################################################
|
|
||||||
#
|
|
||||||
# /matrix-mailer
|
|
||||||
#
|
|
||||||
######################################################################
|
|
||||||
|
|
||||||
######################################################################
|
######################################################################
|
||||||
#
|
#
|
||||||
@ -2779,7 +2793,7 @@ matrix_ma1sd_dns_overwrite_homeserver_client_name: "{{ matrix_server_fqn_matrix
|
|||||||
matrix_ma1sd_dns_overwrite_homeserver_client_value: "{{ matrix_homeserver_container_url }}"
|
matrix_ma1sd_dns_overwrite_homeserver_client_value: "{{ matrix_homeserver_container_url }}"
|
||||||
|
|
||||||
# By default, we send mail through the `matrix-mailer` service.
|
# By default, we send mail through the `matrix-mailer` service.
|
||||||
matrix_ma1sd_threepid_medium_email_identity_from: "{{ matrix_mailer_sender_address }}"
|
matrix_ma1sd_threepid_medium_email_identity_from: "{{ exim_relay_sender_address }}"
|
||||||
matrix_ma1sd_threepid_medium_email_connectors_smtp_host: "matrix-mailer"
|
matrix_ma1sd_threepid_medium_email_connectors_smtp_host: "matrix-mailer"
|
||||||
matrix_ma1sd_threepid_medium_email_connectors_smtp_port: 8025
|
matrix_ma1sd_threepid_medium_email_connectors_smtp_port: 8025
|
||||||
matrix_ma1sd_threepid_medium_email_connectors_smtp_tls: 0
|
matrix_ma1sd_threepid_medium_email_connectors_smtp_tls: 0
|
||||||
@ -2797,7 +2811,7 @@ matrix_ma1sd_systemd_wanted_services_list: |
|
|||||||
+
|
+
|
||||||
([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled else [])
|
([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled else [])
|
||||||
+
|
+
|
||||||
(['matrix-mailer.service'] if matrix_mailer_enabled else [])
|
([exim_relay_identifier ~ '.service'] if exim_relay_enabled else [])
|
||||||
}}
|
}}
|
||||||
|
|
||||||
# Postgres is the default, except if not using internal Postgres server
|
# Postgres is the default, except if not using internal Postgres server
|
||||||
@ -3818,11 +3832,11 @@ matrix_synapse_federation_port_openid_resource_required: "{{ not matrix_synapse_
|
|||||||
# If someone instals Prometheus via the playbook, they most likely wish to monitor Synapse.
|
# If someone instals Prometheus via the playbook, they most likely wish to monitor Synapse.
|
||||||
matrix_synapse_metrics_enabled: "{{ prometheus_enabled }}"
|
matrix_synapse_metrics_enabled: "{{ prometheus_enabled }}"
|
||||||
|
|
||||||
matrix_synapse_email_enabled: "{{ matrix_mailer_enabled }}"
|
matrix_synapse_email_enabled: "{{ exim_relay_enabled }}"
|
||||||
matrix_synapse_email_smtp_host: "matrix-mailer"
|
matrix_synapse_email_smtp_host: "{{ exim_relay_identifier }}"
|
||||||
matrix_synapse_email_smtp_port: 8025
|
matrix_synapse_email_smtp_port: 8025
|
||||||
matrix_synapse_email_smtp_require_transport_security: false
|
matrix_synapse_email_smtp_require_transport_security: false
|
||||||
matrix_synapse_email_notif_from: "Matrix <{{ matrix_mailer_sender_address }}>"
|
matrix_synapse_email_notif_from: "Matrix <{{ exim_relay_sender_address }}>"
|
||||||
|
|
||||||
# Even if TURN doesn't support TLS (it does by default),
|
# Even if TURN doesn't support TLS (it does by default),
|
||||||
# it doesn't hurt to try a secure connection anyway.
|
# it doesn't hurt to try a secure connection anyway.
|
||||||
@ -3862,7 +3876,7 @@ matrix_synapse_systemd_wanted_services_list_auto: |
|
|||||||
{{
|
{{
|
||||||
(['matrix-coturn.service'] if matrix_coturn_enabled else [])
|
(['matrix-coturn.service'] if matrix_coturn_enabled else [])
|
||||||
+
|
+
|
||||||
(['matrix-mailer.service'] if matrix_mailer_enabled else [])
|
([exim_relay_identifier ~ '.service'] if exim_relay_enabled else [])
|
||||||
}}
|
}}
|
||||||
|
|
||||||
# Synapse workers (used for parallel load-scaling) need Redis for IPC.
|
# Synapse workers (used for parallel load-scaling) need Redis for IPC.
|
||||||
|
@ -4,7 +4,7 @@
|
|||||||
version: v1.0.0-3
|
version: v1.0.0-3
|
||||||
name: auxiliary
|
name: auxiliary
|
||||||
- src: git+https://gitlab.com/etke.cc/roles/backup_borg.git
|
- src: git+https://gitlab.com/etke.cc/roles/backup_borg.git
|
||||||
version: v1.2.7-1.8.5-2
|
version: v1.2.7-1.8.6-0
|
||||||
name: backup_borg
|
name: backup_borg
|
||||||
- src: git+https://github.com/devture/com.devture.ansible.role.container_socket_proxy.git
|
- src: git+https://github.com/devture/com.devture.ansible.role.container_socket_proxy.git
|
||||||
version: v0.1.1-3
|
version: v0.1.1-3
|
||||||
@ -18,6 +18,9 @@
|
|||||||
- src: git+https://gitlab.com/etke.cc/roles/etherpad.git
|
- src: git+https://gitlab.com/etke.cc/roles/etherpad.git
|
||||||
version: v1.9.6-0
|
version: v1.9.6-0
|
||||||
name: etherpad
|
name: etherpad
|
||||||
|
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-exim-relay.git
|
||||||
|
version: v4.97-r0-0-0
|
||||||
|
name: exim_relay
|
||||||
- src: git+https://gitlab.com/etke.cc/roles/grafana.git
|
- src: git+https://gitlab.com/etke.cc/roles/grafana.git
|
||||||
version: v10.2.3-0
|
version: v10.2.3-0
|
||||||
name: grafana
|
name: grafana
|
||||||
|
@ -79,7 +79,7 @@
|
|||||||
name: "{{ matrix_bot_buscarron_docker_image }}"
|
name: "{{ matrix_bot_buscarron_docker_image }}"
|
||||||
source: build
|
source: build
|
||||||
force_source: "{{ matrix_bot_buscarron_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
force_source: "{{ matrix_bot_buscarron_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
||||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mailer_git_pull_results.changed }}"
|
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_buscarron_git_pull_results.changed }}"
|
||||||
build:
|
build:
|
||||||
dockerfile: Dockerfile
|
dockerfile: Dockerfile
|
||||||
path: "{{ matrix_bot_buscarron_docker_src_files_path }}"
|
path: "{{ matrix_bot_buscarron_docker_src_files_path }}"
|
||||||
|
@ -50,7 +50,7 @@
|
|||||||
name: "{{ matrix_bot_chatgpt_container_image }}"
|
name: "{{ matrix_bot_chatgpt_container_image }}"
|
||||||
source: build
|
source: build
|
||||||
force_source: "{{ matrix_bot_chatgpt_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
force_source: "{{ matrix_bot_chatgpt_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
||||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mailer_git_pull_results.changed }}"
|
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_chatgpt_git_pull_results.changed }}"
|
||||||
build:
|
build:
|
||||||
dockerfile: Dockerfile
|
dockerfile: Dockerfile
|
||||||
path: "{{ matrix_bot_chatgpt_container_src_path }}"
|
path: "{{ matrix_bot_chatgpt_container_src_path }}"
|
||||||
|
@ -102,7 +102,7 @@
|
|||||||
name: "{{ matrix_bot_honoroit_docker_image }}"
|
name: "{{ matrix_bot_honoroit_docker_image }}"
|
||||||
source: build
|
source: build
|
||||||
force_source: "{{ matrix_bot_honoroit_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
force_source: "{{ matrix_bot_honoroit_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
||||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mailer_git_pull_results.changed }}"
|
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_honoroit_container_image_self_build.changed }}"
|
||||||
build:
|
build:
|
||||||
dockerfile: Dockerfile
|
dockerfile: Dockerfile
|
||||||
path: "{{ matrix_bot_honoroit_docker_src_files_path }}"
|
path: "{{ matrix_bot_honoroit_docker_src_files_path }}"
|
||||||
|
@ -49,7 +49,7 @@
|
|||||||
name: "{{ matrix_bot_matrix_registration_bot_docker_image }}"
|
name: "{{ matrix_bot_matrix_registration_bot_docker_image }}"
|
||||||
source: build
|
source: build
|
||||||
force_source: "{{ matrix_bot_matrix_registration_bot_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
force_source: "{{ matrix_bot_matrix_registration_bot_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
||||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mailer_git_pull_results.changed }}"
|
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_matrix_registration_bot_git_pull_results.changed }}"
|
||||||
build:
|
build:
|
||||||
dockerfile: Dockerfile
|
dockerfile: Dockerfile
|
||||||
path: "{{ matrix_bot_matrix_registration_bot_docker_src_files_path }}"
|
path: "{{ matrix_bot_matrix_registration_bot_docker_src_files_path }}"
|
||||||
|
@ -69,7 +69,7 @@
|
|||||||
name: "{{ matrix_bot_matrix_reminder_bot_docker_image }}"
|
name: "{{ matrix_bot_matrix_reminder_bot_docker_image }}"
|
||||||
source: build
|
source: build
|
||||||
force_source: "{{ matrix_bot_matrix_reminder_bot_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
force_source: "{{ matrix_bot_matrix_reminder_bot_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
||||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mailer_git_pull_results.changed }}"
|
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_matrix_reminder_bot_git_pull_results.changed }}"
|
||||||
build:
|
build:
|
||||||
dockerfile: docker/Dockerfile
|
dockerfile: docker/Dockerfile
|
||||||
path: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}"
|
path: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}"
|
||||||
|
@ -72,7 +72,7 @@
|
|||||||
name: "{{ matrix_bot_postmoogle_docker_image }}"
|
name: "{{ matrix_bot_postmoogle_docker_image }}"
|
||||||
source: build
|
source: build
|
||||||
force_source: "{{ matrix_bot_postmoogle_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
force_source: "{{ matrix_bot_postmoogle_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
||||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mailer_git_pull_results.changed }}"
|
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_postmoogle_git_pull_results.changed }}"
|
||||||
build:
|
build:
|
||||||
dockerfile: Dockerfile
|
dockerfile: Dockerfile
|
||||||
path: "{{ matrix_bot_postmoogle_docker_src_files_path }}"
|
path: "{{ matrix_bot_postmoogle_docker_src_files_path }}"
|
||||||
|
@ -160,6 +160,8 @@ matrix_mautrix_signal_bridge_encryption_allow: "{{ matrix_bridges_encryption_ena
|
|||||||
matrix_mautrix_signal_bridge_encryption_default: "{{ matrix_mautrix_signal_bridge_encryption_allow }}"
|
matrix_mautrix_signal_bridge_encryption_default: "{{ matrix_mautrix_signal_bridge_encryption_allow }}"
|
||||||
matrix_mautrix_signal_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_signal_bridge_encryption_allow }}"
|
matrix_mautrix_signal_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_signal_bridge_encryption_allow }}"
|
||||||
|
|
||||||
|
matrix_mautrix_signal_bridge_personal_filtering_spaces: true
|
||||||
|
|
||||||
# On conduit versions before 0.5.0 this option prevented users from joining spaces created by the bridge.
|
# On conduit versions before 0.5.0 this option prevented users from joining spaces created by the bridge.
|
||||||
# Setting this to false fixed the issue.
|
# Setting this to false fixed the issue.
|
||||||
matrix_mautrix_signal_bridge_restricted_rooms: true
|
matrix_mautrix_signal_bridge_restricted_rooms: true
|
||||||
|
@ -111,7 +111,7 @@ bridge:
|
|||||||
|
|
||||||
# Should the bridge create a space for each logged-in user and add bridged rooms to it?
|
# Should the bridge create a space for each logged-in user and add bridged rooms to it?
|
||||||
# Users who logged in before turning this on should run `!signal sync-space` to create and fill the space for the first time.
|
# Users who logged in before turning this on should run `!signal sync-space` to create and fill the space for the first time.
|
||||||
personal_filtering_spaces: false
|
personal_filtering_spaces: {{ matrix_mautrix_signal_bridge_personal_filtering_spaces | to_json }}
|
||||||
# Should the bridge send a read receipt from the bridge bot when a message has been sent to Signal?
|
# Should the bridge send a read receipt from the bridge bot when a message has been sent to Signal?
|
||||||
delivery_receipts: false
|
delivery_receipts: false
|
||||||
# Whether the bridge should send the message status as a custom com.beeper.message_send_status event.
|
# Whether the bridge should send the message status as a custom com.beeper.message_send_status event.
|
||||||
|
@ -58,7 +58,7 @@
|
|||||||
name: "{{ matrix_cactus_comments_docker_image }}"
|
name: "{{ matrix_cactus_comments_docker_image }}"
|
||||||
source: build
|
source: build
|
||||||
force_source: "{{ matrix_cactus_comments_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
force_source: "{{ matrix_cactus_comments_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
||||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mailer_git_pull_results.changed }}"
|
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_cactus_comments_git_pull_results.changed }}"
|
||||||
build:
|
build:
|
||||||
dockerfile: Dockerfile
|
dockerfile: Dockerfile
|
||||||
path: "{{ matrix_cactus_comments_docker_src_files_path }}"
|
path: "{{ matrix_cactus_comments_docker_src_files_path }}"
|
||||||
|
@ -1,35 +0,0 @@
|
|||||||
---
|
|
||||||
# Project source code URL: https://github.com/devture/exim-relay
|
|
||||||
|
|
||||||
matrix_mailer_enabled: true
|
|
||||||
|
|
||||||
matrix_mailer_base_path: "{{ matrix_base_data_path }}/mailer"
|
|
||||||
|
|
||||||
matrix_mailer_container_image_self_build: false
|
|
||||||
matrix_mailer_container_image_self_build_repository_url: "https://github.com/devture/exim-relay"
|
|
||||||
matrix_mailer_container_image_self_build_src_files_path: "{{ matrix_mailer_base_path }}/docker-src"
|
|
||||||
matrix_mailer_container_image_self_build_version: "{{ matrix_mailer_docker_image.split(':')[1] }}"
|
|
||||||
|
|
||||||
# renovate: datasource=docker depName=devture/exim-relay versioning=semver
|
|
||||||
matrix_mailer_version: 4.97-r0-0
|
|
||||||
matrix_mailer_docker_image: "{{ matrix_mailer_docker_image_name_prefix }}devture/exim-relay:{{ matrix_mailer_version }}"
|
|
||||||
matrix_mailer_docker_image_name_prefix: "{{ 'localhost/' if matrix_mailer_container_image_self_build else matrix_container_global_registry_prefix }}"
|
|
||||||
matrix_mailer_docker_image_force_pull: "{{ matrix_mailer_docker_image.endswith(':latest') }}"
|
|
||||||
|
|
||||||
# The user/group that the container runs with.
|
|
||||||
# These match the `exim` user/group within the container image.
|
|
||||||
matrix_mailer_container_user_uid: 100
|
|
||||||
matrix_mailer_container_user_gid: 101
|
|
||||||
|
|
||||||
# A list of extra arguments to pass to the container
|
|
||||||
matrix_mailer_container_extra_arguments: []
|
|
||||||
|
|
||||||
matrix_mailer_hostname: "{{ matrix_server_fqn_matrix }}"
|
|
||||||
|
|
||||||
matrix_mailer_sender_address: "matrix@{{ matrix_domain }}"
|
|
||||||
matrix_mailer_relay_use: false
|
|
||||||
matrix_mailer_relay_host_name: "mail.example.com"
|
|
||||||
matrix_mailer_relay_host_port: 587
|
|
||||||
matrix_mailer_relay_auth: false
|
|
||||||
matrix_mailer_relay_auth_username: ""
|
|
||||||
matrix_mailer_relay_auth_password: ""
|
|
@ -1,17 +0,0 @@
|
|||||||
---
|
|
||||||
|
|
||||||
- tags:
|
|
||||||
- setup-all
|
|
||||||
- setup-mailer
|
|
||||||
- install-all
|
|
||||||
- install-mailer
|
|
||||||
block:
|
|
||||||
- when: matrix_mailer_enabled | bool
|
|
||||||
ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_install.yml"
|
|
||||||
|
|
||||||
- tags:
|
|
||||||
- setup-all
|
|
||||||
- setup-mailer
|
|
||||||
block:
|
|
||||||
- when: not matrix_mailer_enabled | bool
|
|
||||||
ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
|
|
@ -1,60 +0,0 @@
|
|||||||
---
|
|
||||||
|
|
||||||
- name: Ensure mailer base path exists
|
|
||||||
ansible.builtin.file:
|
|
||||||
path: "{{ item.path }}"
|
|
||||||
state: directory
|
|
||||||
mode: 0750
|
|
||||||
owner: "{{ matrix_user_username }}"
|
|
||||||
group: "{{ matrix_user_groupname }}"
|
|
||||||
with_items:
|
|
||||||
- {path: "{{ matrix_mailer_base_path }}", when: true}
|
|
||||||
- {path: "{{ matrix_mailer_container_image_self_build_src_files_path }}", when: "{{ matrix_mailer_container_image_self_build }}"}
|
|
||||||
when: item.when | bool
|
|
||||||
|
|
||||||
- name: Ensure mailer environment variables file created
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: "{{ role_path }}/templates/env-mailer.j2"
|
|
||||||
dest: "{{ matrix_mailer_base_path }}/env-mailer"
|
|
||||||
mode: 0640
|
|
||||||
|
|
||||||
- name: Ensure exim-relay repository is present on self-build
|
|
||||||
ansible.builtin.git:
|
|
||||||
repo: "{{ matrix_mailer_container_image_self_build_repository_url }}"
|
|
||||||
dest: "{{ matrix_mailer_container_image_self_build_src_files_path }}"
|
|
||||||
version: "{{ matrix_mailer_container_image_self_build_version }}"
|
|
||||||
force: "yes"
|
|
||||||
become: true
|
|
||||||
become_user: "{{ matrix_user_username }}"
|
|
||||||
register: matrix_mailer_git_pull_results
|
|
||||||
when: matrix_mailer_container_image_self_build | bool
|
|
||||||
|
|
||||||
- name: Ensure exim-relay Docker image is built
|
|
||||||
community.docker.docker_image:
|
|
||||||
name: "{{ matrix_mailer_docker_image }}"
|
|
||||||
source: build
|
|
||||||
force_source: "{{ matrix_mailer_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
|
||||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mailer_git_pull_results.changed }}"
|
|
||||||
build:
|
|
||||||
dockerfile: Dockerfile
|
|
||||||
path: "{{ matrix_mailer_container_image_self_build_src_files_path }}"
|
|
||||||
pull: true
|
|
||||||
when: matrix_mailer_container_image_self_build | bool
|
|
||||||
|
|
||||||
- name: Ensure exim-relay image is pulled
|
|
||||||
community.docker.docker_image:
|
|
||||||
name: "{{ matrix_mailer_docker_image }}"
|
|
||||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
|
||||||
force_source: "{{ matrix_mailer_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
|
||||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mailer_docker_image_force_pull }}"
|
|
||||||
when: "not matrix_mailer_container_image_self_build | bool"
|
|
||||||
register: result
|
|
||||||
retries: "{{ devture_playbook_help_container_retries_count }}"
|
|
||||||
delay: "{{ devture_playbook_help_container_retries_delay }}"
|
|
||||||
until: result is not failed
|
|
||||||
|
|
||||||
- name: Ensure matrix-mailer.service installed
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: "{{ role_path }}/templates/systemd/matrix-mailer.service.j2"
|
|
||||||
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mailer.service"
|
|
||||||
mode: 0644
|
|
@ -1,25 +0,0 @@
|
|||||||
---
|
|
||||||
|
|
||||||
- name: Check existence of matrix-mailer service
|
|
||||||
ansible.builtin.stat:
|
|
||||||
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mailer.service"
|
|
||||||
register: matrix_mailer_service_stat
|
|
||||||
|
|
||||||
- when: matrix_mailer_service_stat.stat.exists | bool
|
|
||||||
block:
|
|
||||||
- name: Ensure matrix-mailer is stopped
|
|
||||||
ansible.builtin.service:
|
|
||||||
name: matrix-mailer
|
|
||||||
state: stopped
|
|
||||||
enabled: false
|
|
||||||
daemon_reload: true
|
|
||||||
|
|
||||||
- name: Ensure matrix-mailer.service doesn't exist
|
|
||||||
ansible.builtin.file:
|
|
||||||
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mailer.service"
|
|
||||||
state: absent
|
|
||||||
|
|
||||||
- name: Ensure Matrix mailer path doesn't exist
|
|
||||||
ansible.builtin.file:
|
|
||||||
path: "{{ matrix_mailer_base_path }}"
|
|
||||||
state: absent
|
|
@ -1,9 +0,0 @@
|
|||||||
#jinja2: lstrip_blocks: "True"
|
|
||||||
{% if matrix_mailer_relay_use %}
|
|
||||||
SMARTHOST={{ matrix_mailer_relay_host_name }}::{{ matrix_mailer_relay_host_port }}
|
|
||||||
{% endif %}
|
|
||||||
{% if matrix_mailer_relay_auth %}
|
|
||||||
SMTP_USERNAME={{ matrix_mailer_relay_auth_username }}
|
|
||||||
SMTP_PASSWORD={{ matrix_mailer_relay_auth_password }}
|
|
||||||
{% endif %}
|
|
||||||
HOSTNAME={{ matrix_mailer_hostname }}
|
|
@ -1,37 +0,0 @@
|
|||||||
#jinja2: lstrip_blocks: "True"
|
|
||||||
[Unit]
|
|
||||||
Description=Matrix mailer
|
|
||||||
After=docker.service
|
|
||||||
Requires=docker.service
|
|
||||||
DefaultDependencies=no
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
Type=simple
|
|
||||||
Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}"
|
|
||||||
ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-mailer 2>/dev/null || true'
|
|
||||||
ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mailer 2>/dev/null || true'
|
|
||||||
|
|
||||||
# --hostname gives us a friendlier hostname than the default.
|
|
||||||
# The real hostname is passed via a `HOSTNAME` environment variable though.
|
|
||||||
ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mailer \
|
|
||||||
--log-driver=none \
|
|
||||||
--user={{ matrix_mailer_container_user_uid }}:{{ matrix_mailer_container_user_gid }} \
|
|
||||||
--cap-drop=ALL \
|
|
||||||
--read-only \
|
|
||||||
--tmpfs=/var/spool/exim:rw,noexec,nosuid,size=100m \
|
|
||||||
--network={{ matrix_docker_network }} \
|
|
||||||
--env-file={{ matrix_mailer_base_path }}/env-mailer \
|
|
||||||
--hostname=matrix-mailer \
|
|
||||||
{% for arg in matrix_mailer_container_extra_arguments %}
|
|
||||||
{{ arg }} \
|
|
||||||
{% endfor %}
|
|
||||||
{{ matrix_mailer_docker_image }}
|
|
||||||
|
|
||||||
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-mailer 2>/dev/null || true'
|
|
||||||
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mailer 2>/dev/null || true'
|
|
||||||
Restart=always
|
|
||||||
RestartSec=30
|
|
||||||
SyslogIdentifier=matrix-mailer
|
|
||||||
|
|
||||||
[Install]
|
|
||||||
WantedBy=multi-user.target
|
|
@ -7,7 +7,7 @@
|
|||||||
# The Traefik role itself (running later) will then ensure this data is up-to-date and will set up the new systemd service.
|
# The Traefik role itself (running later) will then ensure this data is up-to-date and will set up the new systemd service.
|
||||||
|
|
||||||
# It only makes sense to migrate if the identifier or path are different than the default (what we were using before).
|
# It only makes sense to migrate if the identifier or path are different than the default (what we were using before).
|
||||||
- when: "devture_traefik_identifier != 'devture-postgres' or devture_traefik_base_path != '/devture-traefik'"
|
- when: "devture_traefik_identifier != 'devture-traefik' or devture_traefik_base_path != '/devture-traefik'"
|
||||||
block:
|
block:
|
||||||
- name: Check existence of devture-traefik.service systemd service
|
- name: Check existence of devture-traefik.service systemd service
|
||||||
ansible.builtin.stat:
|
ansible.builtin.stat:
|
||||||
|
@ -27,6 +27,12 @@
|
|||||||
block:
|
block:
|
||||||
- ansible.builtin.include_tasks: "{{ role_path }}/tasks/cleanup_matrix_static_files_well_known.yml"
|
- ansible.builtin.include_tasks: "{{ role_path }}/tasks/cleanup_matrix_static_files_well_known.yml"
|
||||||
|
|
||||||
|
- tags:
|
||||||
|
- setup-all
|
||||||
|
- install-all
|
||||||
|
block:
|
||||||
|
- ansible.builtin.include_tasks: "{{ role_path }}/tasks/cleanup_matrix_static_files_well_known.yml"
|
||||||
|
|
||||||
- when: devture_traefik_enabled | bool
|
- when: devture_traefik_enabled | bool
|
||||||
tags:
|
tags:
|
||||||
- setup-all
|
- setup-all
|
||||||
|
@ -0,0 +1,39 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
# This migrates the mailer from the old path (`/matrix/mailer`) to the new path (`/matrix/exim-relay`, controlled by `exim_relay_base_path`),
|
||||||
|
# and from the old hardcoded systemd service name (`matrix-mailer.service`) to the new one (`matrix-exim-relay.service`, controlled by `exim_relay_identifier`).
|
||||||
|
#
|
||||||
|
# Here, we merely disable (and stop) the old systemd service and relocate the base directory path (`/matrix/mailer`).
|
||||||
|
# The exim-relay role itself (running later) will then ensure this data is up-to-date and will set up the new systemd service.
|
||||||
|
|
||||||
|
# It only makes sense to migrate if the identifier or path are different than the default (what we were using before).
|
||||||
|
- name: Check existence of matrix-mailer.service systemd service
|
||||||
|
ansible.builtin.stat:
|
||||||
|
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mailer.service"
|
||||||
|
register: matrix_mailer_service_stat
|
||||||
|
|
||||||
|
- when: matrix_mailer_service_stat.stat.exists | bool
|
||||||
|
block:
|
||||||
|
- name: Ensure matrix-mailer.service systemd service is stopped
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
name: matrix-mailer
|
||||||
|
state: stopped
|
||||||
|
enabled: false
|
||||||
|
daemon_reload: true
|
||||||
|
|
||||||
|
- name: Ensure matrix-mailer directory relocated
|
||||||
|
ansible.builtin.command:
|
||||||
|
cmd: "mv {{ matrix_base_data_path }}/mailer {{ exim_relay_base_path }}"
|
||||||
|
creates: "{{ exim_relay_base_path }}"
|
||||||
|
removes: "{{ matrix_base_data_path }}"
|
||||||
|
|
||||||
|
# Remove legacy env-mailer file (named `env` in the new role)
|
||||||
|
- name: Ensure old exim-relay environment variables file is deleted
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: "{{ exim_relay_base_path }}/env-mailer"
|
||||||
|
state: absent
|
||||||
|
|
||||||
|
- name: Ensure matrix-mailer.service systemd service doesn't exist
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mailer.service"
|
||||||
|
state: absent
|
@ -59,6 +59,9 @@
|
|||||||
- {'old': 'matrix_prosody_jitsi_max_participants', 'new': 'jitsi_prosody_max_participants'}
|
- {'old': 'matrix_prosody_jitsi_max_participants', 'new': 'jitsi_prosody_max_participants'}
|
||||||
- {'old': 'jitsi_require_well_known', 'new': 'jitsi_web_well_known_element_jitsi_enabled'}
|
- {'old': 'jitsi_require_well_known', 'new': 'jitsi_web_well_known_element_jitsi_enabled'}
|
||||||
- {'old': 'jitsi_wellknown_element_jitsi_json', 'new': 'jitsi_web_well_known_element_jitsi_json'}
|
- {'old': 'jitsi_wellknown_element_jitsi_json', 'new': 'jitsi_web_well_known_element_jitsi_json'}
|
||||||
|
- {'old': 'exim_relay_docker_image', 'new': 'exim_relay_container_image'}
|
||||||
|
- {'old': 'exim_relay_docker_image_name_prefix', 'new': 'exim_relay_container_image_name_prefix'}
|
||||||
|
- {'old': 'exim_relay_docker_image_force_pull', 'new': 'exim_relay_container_image_force_pull'}
|
||||||
|
|
||||||
- {'old': 'matrix_nginx_proxy_proxy_matrix_metrics_enabled', 'new': 'matrix_metrics_exposure_enabled'}
|
- {'old': 'matrix_nginx_proxy_proxy_matrix_metrics_enabled', 'new': 'matrix_metrics_exposure_enabled'}
|
||||||
- {'old': 'matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_enabled', 'new': 'matrix_metrics_exposure_http_basic_auth_enabled'}
|
- {'old': 'matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_enabled', 'new': 'matrix_metrics_exposure_http_basic_auth_enabled'}
|
||||||
@ -106,6 +109,17 @@
|
|||||||
The following variables in your configuration need to be renamed: {{ vars | dict2items | selectattr('key', 'match', 'matrix_postgres_.*') | map (attribute='key') | join(', ') }}
|
The following variables in your configuration need to be renamed: {{ vars | dict2items | selectattr('key', 'match', 'matrix_postgres_.*') | map (attribute='key') | join(', ') }}
|
||||||
when: "vars | dict2items | selectattr('key', 'match', 'matrix_postgres_.*') | list | items2dict"
|
when: "vars | dict2items | selectattr('key', 'match', 'matrix_postgres_.*') | list | items2dict"
|
||||||
|
|
||||||
|
- name: (Deprecation) Catch and report matrix_mailer_ variables
|
||||||
|
ansible.builtin.fail:
|
||||||
|
msg: |-
|
||||||
|
The matrix-mailer role in the playbook has been replaced with the exim-relay role (https://github.com/mother-of-all-self-hosting/ansible-role-exim-relay).
|
||||||
|
The new role is pretty much the same, but uses differently named variables.
|
||||||
|
|
||||||
|
Please change your configuration (vars.yml) to rename all `matrix_mailer`-prefixed variables (`matrix_mailer_*` -> `exim_relay_*`).
|
||||||
|
|
||||||
|
The following variables in your configuration need to be renamed: {{ vars | dict2items | selectattr('key', 'match', 'matrix_mailer_.*') | map (attribute='key') | join(', ') }}
|
||||||
|
when: "vars | dict2items | selectattr('key', 'match', 'matrix_mailer_.*') | list | items2dict"
|
||||||
|
|
||||||
- when: matrix_playbook_migration_matrix_prometheus_node_exporter_migration_validation_enabled | bool
|
- when: matrix_playbook_migration_matrix_prometheus_node_exporter_migration_validation_enabled | bool
|
||||||
block:
|
block:
|
||||||
- ansible.builtin.set_fact:
|
- ansible.builtin.set_fact:
|
||||||
|
Loading…
Reference in New Issue
Block a user