mirror of
https://github.com/spantaleev/matrix-docker-ansible-deploy.git
synced 2025-10-31 15:27:56 +01:00
Merge pull request #187 from danbob/fix-ansible-deprecations
Fix ansible deprecations
This commit is contained in:
Slavi Pantaleev
GitHub
@@ -7,5 +7,5 @@
|
||||
# For improved Ansible performance, SSH pipelining is enabled by default (`ansible_ssh_pipelining=yes`).
|
||||
# If this causes SSH connection troubles, feel free to disable it.
|
||||
|
||||
[matrix-servers]
|
||||
[matrix_servers]
|
||||
matrix.<your-domain> ansible_host=<your-server's external IP address> ansible_ssh_user=root ansible_ssh_pipelining=yes
|
||||
|
||||
@@ -3,22 +3,22 @@
|
||||
- always
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/clean_up_old_files.yml"
|
||||
when: run_setup
|
||||
when: run_setup|bool
|
||||
tags:
|
||||
- setup-all
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_server_base.yml"
|
||||
when: run_setup
|
||||
when: run_setup|bool
|
||||
tags:
|
||||
- setup-all
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_matrix_base.yml"
|
||||
when: run_setup
|
||||
when: run_setup|bool
|
||||
tags:
|
||||
- setup-all
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_well_known.yml"
|
||||
when: run_setup
|
||||
when: run_setup|bool
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mxisd
|
||||
@@ -28,6 +28,6 @@
|
||||
- import_tasks: "{{ role_path }}/tasks/self_check_dns.yml"
|
||||
delegate_to: 127.0.0.1
|
||||
become: false
|
||||
when: run_self_check
|
||||
when: run_self_check|bool
|
||||
tags:
|
||||
- self-check
|
||||
|
||||
@@ -19,7 +19,7 @@
|
||||
- name: Determine domains that we require certificates for (mxisd)
|
||||
set_fact:
|
||||
dns_srv_record_checks: "{{ dns_srv_record_checks + [dns_srv_record_check_mxisd] }}"
|
||||
when: "matrix_mxisd_enabled"
|
||||
when: matrix_mxisd_enabled|bool
|
||||
|
||||
- name: Perform DNS SRV checks
|
||||
include_tasks: "{{ role_path }}/tasks/self_check_dns_srv.yml"
|
||||
|
||||
@@ -27,10 +27,10 @@
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
when: matrix_well_known_matrix_server_enabled
|
||||
when: matrix_well_known_matrix_server_enabled|bool
|
||||
|
||||
- name: Ensure Matrix /.well-known/matrix/server file deleted
|
||||
file:
|
||||
path: "{{ matrix_static_files_base_path }}/.well-known/matrix/server"
|
||||
state: absent
|
||||
when: "not matrix_well_known_matrix_server_enabled"
|
||||
when: "not matrix_well_known_matrix_server_enabled|bool"
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
- set_fact:
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-appservice-discord'] }}"
|
||||
when: matrix_appservice_discord_enabled
|
||||
when: matrix_appservice_discord_enabled|bool
|
||||
|
||||
@@ -3,19 +3,19 @@
|
||||
- always
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup and matrix_appservice_discord_enabled"
|
||||
when: "run_setup|bool and matrix_appservice_discord_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-appservice-discord
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
|
||||
when: "run_setup and matrix_appservice_discord_enabled"
|
||||
when: "run_setup|bool and matrix_appservice_discord_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-appservice-discord
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
|
||||
when: "run_setup and not matrix_appservice_discord_enabled"
|
||||
when: "run_setup|bool and not matrix_appservice_discord_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-appservice-discord
|
||||
|
||||
@@ -11,6 +11,7 @@
|
||||
- name: Ensure Appservice Discord image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_appservice_discord_docker_image }}"
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
|
||||
- name: Ensure Appservice Discord base directory exists
|
||||
file:
|
||||
@@ -90,4 +91,3 @@
|
||||
{{ matrix_synapse_app_service_config_files|default([]) }}
|
||||
+
|
||||
{{ ["{{ matrix_synapse_app_service_config_file_appservice_discord }}"] | to_nice_json }}
|
||||
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
- set_fact:
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-appservice-irc'] }}"
|
||||
when: matrix_appservice_irc_enabled
|
||||
when: matrix_appservice_irc_enabled|bool
|
||||
|
||||
@@ -3,19 +3,19 @@
|
||||
- always
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup and matrix_appservice_irc_enabled"
|
||||
when: "run_setup|bool and matrix_appservice_irc_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-appservice-irc
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
|
||||
when: "run_setup and matrix_appservice_irc_enabled"
|
||||
when: "run_setup|bool and matrix_appservice_irc_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-appservice-irc
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
|
||||
when: "run_setup and not matrix_appservice_irc_enabled"
|
||||
when: "run_setup|bool and not matrix_appservice_irc_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-appservice-irc
|
||||
|
||||
@@ -11,6 +11,7 @@
|
||||
- name: Ensure Appservice IRC image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_appservice_irc_docker_image }}"
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
|
||||
- name: Ensure Appservice IRC base directory exists
|
||||
file:
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
- set_fact:
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-facebook'] }}"
|
||||
when: "matrix_mautrix_facebook_enabled"
|
||||
when: matrix_mautrix_facebook_enabled|bool
|
||||
|
||||
@@ -3,19 +3,19 @@
|
||||
- always
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup and matrix_mautrix_facebook_enabled"
|
||||
when: "run_setup|bool and matrix_mautrix_facebook_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mautrix-facebook
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
|
||||
when: "run_setup and matrix_mautrix_facebook_enabled"
|
||||
when: "run_setup|bool and matrix_mautrix_facebook_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mautrix-facebook
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
|
||||
when: "run_setup and not matrix_mautrix_facebook_enabled"
|
||||
when: "run_setup|bool and not matrix_mautrix_facebook_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mautrix-facebook
|
||||
|
||||
@@ -11,6 +11,7 @@
|
||||
- name: Ensure Mautrix Facebook image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_mautrix_facebook_docker_image }}"
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
|
||||
- name: Ensure Mautrix Facebook base directory exists
|
||||
file:
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
- set_fact:
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-telegram'] }}"
|
||||
when: "matrix_mautrix_telegram_enabled"
|
||||
when: matrix_mautrix_telegram_enabled|bool
|
||||
|
||||
@@ -3,19 +3,19 @@
|
||||
- always
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup and matrix_mautrix_telegram_enabled"
|
||||
when: "run_setup|bool and matrix_mautrix_telegram_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mautrix-telegram
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
|
||||
when: "run_setup and matrix_mautrix_telegram_enabled"
|
||||
when: "run_setup|bool and matrix_mautrix_telegram_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mautrix-telegram
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
|
||||
when: "run_setup and not matrix_mautrix_telegram_enabled"
|
||||
when: "run_setup|bool and not matrix_mautrix_telegram_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mautrix-telegram
|
||||
|
||||
@@ -11,6 +11,7 @@
|
||||
- name: Ensure Mautrix Telegram image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_mautrix_telegram_docker_image }}"
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
|
||||
- name: Ensure Mautrix Telegram base directory exists
|
||||
file:
|
||||
@@ -98,7 +99,7 @@
|
||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
||||
To fix this, please change the order of roles in your plabook,
|
||||
so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-telegram role.
|
||||
when: "matrix_nginx_proxy_role_executed"
|
||||
when: matrix_nginx_proxy_role_executed|bool
|
||||
|
||||
- name: Generate Mautrix Telegram proxying configuration for matrix-nginx-proxy
|
||||
set_fact:
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
- set_fact:
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-whatsapp'] }}"
|
||||
when: "matrix_mautrix_whatsapp_enabled"
|
||||
when: matrix_mautrix_whatsapp_enabled|bool
|
||||
|
||||
@@ -11,6 +11,7 @@
|
||||
- name: Ensure Mautrix Whatsapp image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_mautrix_whatsapp_docker_image }}"
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
|
||||
- name: Ensure Mautrix Whatsapp base directory exists
|
||||
file:
|
||||
|
||||
@@ -1,9 +1,9 @@
|
||||
- import_tasks: "{{ role_path }}/tasks/start.yml"
|
||||
when: run_start
|
||||
when: run_start|bool
|
||||
tags:
|
||||
- start
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/stop.yml"
|
||||
when: run_stop
|
||||
when: run_stop|bool
|
||||
tags:
|
||||
- stop
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
- set_fact:
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-corporal'] }}"
|
||||
when: "matrix_corporal_enabled"
|
||||
when: matrix_corporal_enabled|bool
|
||||
|
||||
@@ -3,13 +3,13 @@
|
||||
- always
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup and matrix_corporal_enabled"
|
||||
when: "run_setup|bool and matrix_corporal_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-corporal
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_corporal.yml"
|
||||
when: run_setup
|
||||
when: run_setup|bool
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-corporal
|
||||
@@ -17,6 +17,6 @@
|
||||
- import_tasks: "{{ role_path }}/tasks/self_check_corporal.yml"
|
||||
delegate_to: 127.0.0.1
|
||||
become: false
|
||||
when: "run_self_check and matrix_corporal_enabled"
|
||||
when: "run_self_check|bool and matrix_corporal_enabled|bool"
|
||||
tags:
|
||||
- self-check
|
||||
- self-check
|
||||
|
||||
@@ -15,19 +15,20 @@
|
||||
- "{{ matrix_corporal_config_dir_path }}"
|
||||
- "{{ matrix_corporal_cache_dir_path }}"
|
||||
- "{{ matrix_corporal_var_dir_path }}"
|
||||
when: "matrix_corporal_enabled"
|
||||
when: matrix_corporal_enabled|bool
|
||||
|
||||
- name: Ensure Matrix Corporal Docker image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_corporal_docker_image }}"
|
||||
when: "matrix_corporal_enabled"
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
when: matrix_corporal_enabled|bool
|
||||
|
||||
- name: Ensure Matrix Corporal config installed
|
||||
template:
|
||||
src: "{{ role_path }}/templates/config.json.j2"
|
||||
dest: "{{ matrix_corporal_config_dir_path }}/config.json"
|
||||
mode: 0644
|
||||
when: "matrix_corporal_enabled"
|
||||
when: matrix_corporal_enabled|bool
|
||||
|
||||
- name: Ensure matrix-corporal.service installed
|
||||
template:
|
||||
@@ -35,12 +36,12 @@
|
||||
dest: "/etc/systemd/system/matrix-corporal.service"
|
||||
mode: 0644
|
||||
register: matrix_corporal_systemd_service_result
|
||||
when: "matrix_corporal_enabled"
|
||||
when: matrix_corporal_enabled|bool
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-corporal.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_corporal_enabled and matrix_corporal_systemd_service_result.changed"
|
||||
when: "matrix_corporal_enabled|bool and matrix_corporal_systemd_service_result.changed"
|
||||
|
||||
|
||||
#
|
||||
@@ -51,7 +52,7 @@
|
||||
stat:
|
||||
path: "/etc/systemd/system/matrix-corporal.service"
|
||||
register: matrix_corporal_service_stat
|
||||
when: "not matrix_corporal_enabled"
|
||||
when: "not matrix_corporal_enabled|bool"
|
||||
|
||||
- name: Ensure matrix-corporal is stopped
|
||||
service:
|
||||
@@ -59,18 +60,18 @@
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
register: stopping_result
|
||||
when: "not matrix_corporal_enabled and matrix_corporal_service_stat.stat.exists"
|
||||
when: "not matrix_corporal_enabled|bool and matrix_corporal_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure matrix-corporal.service doesn't exist
|
||||
file:
|
||||
path: "/etc/systemd/system/matrix-corporal.service"
|
||||
state: absent
|
||||
when: "not matrix_corporal_enabled and matrix_corporal_service_stat.stat.exists"
|
||||
when: "not matrix_corporal_enabled|bool and matrix_corporal_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-corporal.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "not matrix_corporal_enabled and matrix_corporal_service_stat.stat.exists"
|
||||
when: "not matrix_corporal_enabled|bool and matrix_corporal_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure matrix-corporal files don't exist
|
||||
file:
|
||||
@@ -79,10 +80,10 @@
|
||||
with_items:
|
||||
- /etc/systemd/system/matrix-corporal.service
|
||||
- "{{ matrix_corporal_config_dir_path }}/config.json"
|
||||
when: "not matrix_corporal_enabled"
|
||||
when: "not matrix_corporal_enabled|bool"
|
||||
|
||||
- name: Ensure Matrix Corporal Docker image doesn't exist
|
||||
docker_image:
|
||||
name: "{{ matrix_corporal_docker_image }}"
|
||||
state: absent
|
||||
when: "not matrix_corporal_enabled"
|
||||
when: "not matrix_corporal_enabled|bool"
|
||||
|
||||
@@ -14,4 +14,4 @@
|
||||
- name: Fail if HTTP API enabled, but no token set
|
||||
fail:
|
||||
msg: "The Matrix Corporal HTTP API is enabled (`matrix_corporal_http_api_enabled`), but no auth token has been set in `matrix_corporal_http_api_auth_token`"
|
||||
when: "matrix_corporal_http_api_enabled and matrix_corporal_http_api_auth_token == ''"
|
||||
when: "matrix_corporal_http_api_enabled|bool and matrix_corporal_http_api_auth_token == ''"
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
- set_fact:
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-coturn'] }}"
|
||||
when: "matrix_coturn_enabled"
|
||||
when: matrix_coturn_enabled|bool
|
||||
|
||||
@@ -3,13 +3,13 @@
|
||||
- always
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup and matrix_coturn_enabled"
|
||||
when: "run_setup|bool and matrix_coturn_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-coturn
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_coturn.yml"
|
||||
when: run_setup
|
||||
when: run_setup|bool
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-coturn
|
||||
- setup-coturn
|
||||
|
||||
@@ -7,7 +7,8 @@
|
||||
- name: Ensure Coturn image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_coturn_docker_image }}"
|
||||
when: matrix_coturn_enabled
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
when: matrix_coturn_enabled|bool
|
||||
|
||||
- name: Ensure Coturn configuration path exists
|
||||
file:
|
||||
@@ -16,14 +17,14 @@
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
when: matrix_coturn_enabled
|
||||
when: matrix_coturn_enabled|bool
|
||||
|
||||
- name: Ensure turnserver.conf installed
|
||||
template:
|
||||
src: "{{ role_path }}/templates/turnserver.conf.j2"
|
||||
dest: "{{ matrix_coturn_config_path }}"
|
||||
mode: 0644
|
||||
when: matrix_coturn_enabled
|
||||
when: matrix_coturn_enabled|bool
|
||||
|
||||
# `docker_network` doesn't work as expected when the given network
|
||||
# is a substring of a network that already exists.
|
||||
@@ -34,12 +35,12 @@
|
||||
cmd: "docker network ls -q --filter='name=^{{ matrix_coturn_docker_network }}$'"
|
||||
register: matrix_coturn_result_docker_network
|
||||
changed_when: false
|
||||
when: matrix_coturn_enabled
|
||||
when: matrix_coturn_enabled|bool
|
||||
|
||||
- name: Create Coturn network in Docker
|
||||
shell:
|
||||
cmd: "docker network create --driver=bridge {{ matrix_coturn_docker_network }}"
|
||||
when: "matrix_coturn_enabled and matrix_coturn_result_docker_network.stdout == ''"
|
||||
when: "matrix_coturn_enabled|bool and matrix_coturn_result_docker_network.stdout == ''"
|
||||
|
||||
- name: Ensure matrix-coturn.service installed
|
||||
template:
|
||||
@@ -47,12 +48,12 @@
|
||||
dest: "/etc/systemd/system/matrix-coturn.service"
|
||||
mode: 0644
|
||||
register: matrix_coturn_systemd_service_result
|
||||
when: matrix_coturn_enabled
|
||||
when: matrix_coturn_enabled|bool
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-coturn.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_coturn_enabled and matrix_coturn_systemd_service_result.changed"
|
||||
when: "matrix_coturn_enabled|bool and matrix_coturn_systemd_service_result.changed"
|
||||
|
||||
# This may be unnecessary when more long-lived certificates are used.
|
||||
# We optimize for the common use-case though (short-lived Let's Encrypt certificates).
|
||||
@@ -63,11 +64,11 @@
|
||||
cron_file: matrix-coturn-ssl-reload
|
||||
name: matrix-coturn-ssl-reload
|
||||
state: present
|
||||
hour: 4
|
||||
minute: 20
|
||||
hour: "4"
|
||||
minute: "20"
|
||||
day: "*/5"
|
||||
job: /bin/systemctl reload matrix-coturn.service
|
||||
when: matrix_coturn_enabled and matrix_coturn_tls_enabled
|
||||
when: "matrix_coturn_enabled|bool and matrix_coturn_tls_enabled|bool"
|
||||
|
||||
|
||||
#
|
||||
@@ -79,13 +80,13 @@
|
||||
user: root
|
||||
cron_file: matrix-coturn-ssl-reload
|
||||
state: absent
|
||||
when: "not matrix_coturn_enabled or not matrix_coturn_tls_enabled"
|
||||
when: "not matrix_coturn_enabled|bool or not matrix_coturn_tls_enabled|bool"
|
||||
|
||||
- name: Check existence of matrix-coturn service
|
||||
stat:
|
||||
path: "/etc/systemd/system/matrix-coturn.service"
|
||||
register: matrix_coturn_service_stat
|
||||
when: "not matrix_coturn_enabled"
|
||||
when: "not matrix_coturn_enabled|bool"
|
||||
|
||||
- name: Ensure matrix-coturn is stopped
|
||||
service:
|
||||
@@ -93,27 +94,27 @@
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
register: stopping_result
|
||||
when: "not matrix_coturn_enabled and matrix_coturn_service_stat.stat.exists"
|
||||
when: "not matrix_coturn_enabled|bool and matrix_coturn_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure matrix-coturn.service doesn't exist
|
||||
file:
|
||||
path: "/etc/systemd/system/matrix-coturn.service"
|
||||
state: absent
|
||||
when: "not matrix_coturn_enabled and matrix_coturn_service_stat.stat.exists"
|
||||
when: "not matrix_coturn_enabled|bool and matrix_coturn_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-coturn.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "not matrix_coturn_enabled and matrix_coturn_service_stat.stat.exists"
|
||||
when: "not matrix_coturn_enabled|bool and matrix_coturn_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure Matrix coturn paths don't exist
|
||||
file:
|
||||
path: "{{ matrix_coturn_base_path }}"
|
||||
state: absent
|
||||
when: "not matrix_coturn_enabled"
|
||||
when: "not matrix_coturn_enabled|bool"
|
||||
|
||||
- name: Ensure coturn Docker image doesn't exist
|
||||
docker_image:
|
||||
name: "{{ matrix_coturn_docker_image }}"
|
||||
state: absent
|
||||
when: "not matrix_coturn_enabled"
|
||||
when: "not matrix_coturn_enabled|bool"
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
- set_fact:
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-dimension'] }}"
|
||||
when: "matrix_dimension_enabled"
|
||||
when: matrix_dimension_enabled|bool
|
||||
|
||||
@@ -3,13 +3,13 @@
|
||||
- always
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: run_setup
|
||||
when: run_setup|bool
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-dimension
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_dimension.yml"
|
||||
when: run_setup
|
||||
when: run_setup|bool
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-dimension
|
||||
- setup-dimension
|
||||
|
||||
@@ -11,7 +11,7 @@
|
||||
mode: 0770
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_dimension_user_gid }}"
|
||||
when: matrix_dimension_enabled
|
||||
when: matrix_dimension_enabled|bool
|
||||
|
||||
- name: Ensure Dimension config installed
|
||||
copy:
|
||||
@@ -20,12 +20,13 @@
|
||||
mode: 0640
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_dimension_user_gid }}"
|
||||
when: matrix_dimension_enabled
|
||||
when: matrix_dimension_enabled|bool
|
||||
|
||||
- name: Ensure Dimension image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_dimension_docker_image }}"
|
||||
when: matrix_dimension_enabled
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
when: matrix_dimension_enabled|bool
|
||||
|
||||
- name: Ensure matrix-dimension.service installed
|
||||
template:
|
||||
@@ -33,12 +34,12 @@
|
||||
dest: "/etc/systemd/system/matrix-dimension.service"
|
||||
mode: 0644
|
||||
register: matrix_dimension_systemd_service_result
|
||||
when: matrix_dimension_enabled
|
||||
when: matrix_dimension_enabled|bool
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-dimension.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_dimension_enabled and matrix_dimension_systemd_service_result.changed"
|
||||
when: "matrix_dimension_enabled|bool and matrix_dimension_systemd_service_result.changed"
|
||||
|
||||
#
|
||||
# Tasks related to getting rid of the dimension (if it was previously enabled)
|
||||
@@ -48,7 +49,7 @@
|
||||
stat:
|
||||
path: "/etc/systemd/system/matrix-dimension.service"
|
||||
register: matrix_dimension_service_stat
|
||||
when: not matrix_dimension_enabled
|
||||
when: "not matrix_dimension_enabled|bool"
|
||||
|
||||
- name: Ensure matrix-dimension is stopped
|
||||
service:
|
||||
@@ -56,27 +57,27 @@
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
register: stopping_result
|
||||
when: "not matrix_dimension_enabled and matrix_dimension_service_stat.stat.exists"
|
||||
when: "not matrix_dimension_enabled|bool and matrix_dimension_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure matrix-dimension.service doesn't exist
|
||||
file:
|
||||
path: "/etc/systemd/system/matrix-dimension.service"
|
||||
state: absent
|
||||
when: "not matrix_dimension_enabled and matrix_dimension_service_stat.stat.exists"
|
||||
when: "not matrix_dimension_enabled|bool and matrix_dimension_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-dimension.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "not matrix_dimension_enabled and matrix_dimension_service_stat.stat.exists"
|
||||
when: "not matrix_dimension_enabled|bool and matrix_dimension_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure Dimension environment variables path doesn't exist
|
||||
file:
|
||||
path: "{{ matrix_dimension_base_path }}"
|
||||
state: absent
|
||||
when: "not matrix_dimension_enabled"
|
||||
when: "not matrix_dimension_enabled|bool"
|
||||
|
||||
- name: Ensure Dimension Docker image doesn't exist
|
||||
docker_image:
|
||||
name: "{{ matrix_dimension_docker_image }}"
|
||||
state: absent
|
||||
when: "not matrix_dimension_enabled"
|
||||
when: "not matrix_dimension_enabled|bool"
|
||||
|
||||
@@ -12,4 +12,4 @@
|
||||
You need to enable Matrix Federation to use Dimension. Set `{{ item }}` to 'true'.
|
||||
with_items:
|
||||
- "matrix_synapse_federation_enabled"
|
||||
when: "matrix_dimension_enabled and matrix_synapse_federation_enabled == false"
|
||||
when: "matrix_dimension_enabled|bool and not matrix_synapse_federation_enabled|bool"
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
- set_fact:
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mailer'] }}"
|
||||
when: "matrix_mailer_enabled"
|
||||
when: matrix_mailer_enabled|bool
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
- always
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_mailer.yml"
|
||||
when: run_setup
|
||||
when: run_setup|bool
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mailer
|
||||
- setup-mailer
|
||||
|
||||
@@ -11,19 +11,20 @@
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
when: matrix_mailer_enabled
|
||||
when: matrix_mailer_enabled|bool
|
||||
|
||||
- name: Ensure mailer environment variables file created
|
||||
template:
|
||||
src: "{{ role_path }}/templates/env-mailer.j2"
|
||||
dest: "{{ matrix_mailer_base_path }}/env-mailer"
|
||||
mode: 0640
|
||||
when: matrix_mailer_enabled
|
||||
when: matrix_mailer_enabled|bool
|
||||
|
||||
- name: Ensure mailer image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_mailer_docker_image }}"
|
||||
when: matrix_mailer_enabled
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
when: matrix_mailer_enabled|bool
|
||||
|
||||
- name: Ensure matrix-mailer.service installed
|
||||
template:
|
||||
@@ -31,12 +32,12 @@
|
||||
dest: "/etc/systemd/system/matrix-mailer.service"
|
||||
mode: 0644
|
||||
register: matrix_mailer_systemd_service_result
|
||||
when: matrix_mailer_enabled
|
||||
when: matrix_mailer_enabled|bool
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-mailer.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_mailer_enabled and matrix_mailer_systemd_service_result.changed"
|
||||
when: "matrix_mailer_enabled|bool and matrix_mailer_systemd_service_result.changed"
|
||||
|
||||
#
|
||||
# Tasks related to getting rid of the mailer (if it was previously enabled)
|
||||
@@ -46,7 +47,7 @@
|
||||
stat:
|
||||
path: "/etc/systemd/system/matrix-mailer.service"
|
||||
register: matrix_mailer_service_stat
|
||||
when: "not matrix_mailer_enabled"
|
||||
when: "not matrix_mailer_enabled|bool"
|
||||
|
||||
- name: Ensure matrix-mailer is stopped
|
||||
service:
|
||||
@@ -54,27 +55,27 @@
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
register: stopping_result
|
||||
when: "not matrix_mailer_enabled and matrix_mailer_service_stat.stat.exists"
|
||||
when: "not matrix_mailer_enabled|bool and matrix_mailer_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure matrix-mailer.service doesn't exist
|
||||
file:
|
||||
path: "/etc/systemd/system/matrix-mailer.service"
|
||||
state: absent
|
||||
when: "not matrix_mailer_enabled and matrix_mailer_service_stat.stat.exists"
|
||||
when: "not matrix_mailer_enabled|bool and matrix_mailer_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-mailer.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "not matrix_mailer_enabled and matrix_mailer_service_stat.stat.exists"
|
||||
when: "not matrix_mailer_enabled|bool and matrix_mailer_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure Matrix mailer environment variables path doesn't exist
|
||||
file:
|
||||
path: "{{ matrix_mailer_base_path }}"
|
||||
state: absent
|
||||
when: "not matrix_mailer_enabled"
|
||||
when: "not matrix_mailer_enabled|bool"
|
||||
|
||||
- name: Ensure mailer Docker image doesn't exist
|
||||
docker_image:
|
||||
name: "{{ matrix_mailer_docker_image }}"
|
||||
state: absent
|
||||
when: "not matrix_mailer_enabled"
|
||||
when: "not matrix_mailer_enabled|bool"
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
- set_fact:
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mxisd'] }}"
|
||||
when: "matrix_mxisd_enabled"
|
||||
when: matrix_mxisd_enabled|bool
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
- always
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup and matrix_mxisd_enabled"
|
||||
when: "run_setup|bool and matrix_mxisd_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mxisd
|
||||
@@ -16,6 +16,6 @@
|
||||
- import_tasks: "{{ role_path }}/tasks/self_check_mxisd.yml"
|
||||
delegate_to: 127.0.0.1
|
||||
become: false
|
||||
when: "run_self_check and matrix_mxisd_enabled"
|
||||
when: "run_self_check|bool and matrix_mxisd_enabled|bool"
|
||||
tags:
|
||||
- self-check
|
||||
|
||||
@@ -14,12 +14,13 @@
|
||||
with_items:
|
||||
- "{{ matrix_mxisd_config_path }}"
|
||||
- "{{ matrix_mxisd_data_path }}"
|
||||
when: matrix_mxisd_enabled
|
||||
when: matrix_mxisd_enabled|bool
|
||||
|
||||
- name: Ensure mxisd image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_mxisd_docker_image }}"
|
||||
when: matrix_mxisd_enabled
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
when: matrix_mxisd_enabled|bool
|
||||
|
||||
- name: Ensure mxisd config installed
|
||||
copy:
|
||||
@@ -28,7 +29,7 @@
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
when: matrix_mxisd_enabled
|
||||
when: matrix_mxisd_enabled|bool
|
||||
|
||||
- name: Ensure custom templates are installed if any
|
||||
copy:
|
||||
@@ -42,7 +43,7 @@
|
||||
- {value: "{{ matrix_mxisd_threepid_medium_email_custom_session_validation_template }}", location: 'validate-template.eml'}
|
||||
- {value: "{{ matrix_mxisd_threepid_medium_email_custom_unbind_fraudulent_template }}", location: 'unbind-fraudulent.eml'}
|
||||
- {value: "{{ matrix_mxisd_threepid_medium_email_custom_matrixid_template }}", location: 'mxid-template.eml'}
|
||||
when: matrix_mxisd_enabled and matrix_mxisd_threepid_medium_email_custom_templates_enabled and item.value
|
||||
when: "matrix_mxisd_enabled|bool and matrix_mxisd_threepid_medium_email_custom_templates_enabled|bool and item.value"
|
||||
|
||||
- name: Ensure matrix-mxisd.service installed
|
||||
template:
|
||||
@@ -50,12 +51,12 @@
|
||||
dest: "/etc/systemd/system/matrix-mxisd.service"
|
||||
mode: 0644
|
||||
register: matrix_mxisd_systemd_service_result
|
||||
when: matrix_mxisd_enabled
|
||||
when: matrix_mxisd_enabled|bool
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-mxisd.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_mxisd_enabled and matrix_mxisd_systemd_service_result.changed"
|
||||
when: "matrix_mxisd_enabled|bool and matrix_mxisd_systemd_service_result.changed"
|
||||
|
||||
#
|
||||
# Tasks related to getting rid of mxisd (if it was previously enabled)
|
||||
@@ -72,27 +73,27 @@
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
register: stopping_result
|
||||
when: "not matrix_mxisd_enabled and matrix_mxisd_service_stat.stat.exists"
|
||||
when: "not matrix_mxisd_enabled|bool and matrix_mxisd_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure matrix-mxisd.service doesn't exist
|
||||
file:
|
||||
path: "/etc/systemd/system/matrix-mxisd.service"
|
||||
state: absent
|
||||
when: "not matrix_mxisd_enabled and matrix_mxisd_service_stat.stat.exists"
|
||||
when: "not matrix_mxisd_enabled|bool and matrix_mxisd_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-mxisd.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "not matrix_mxisd_enabled and matrix_mxisd_service_stat.stat.exists"
|
||||
when: "not matrix_mxisd_enabled|bool and matrix_mxisd_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure Matrix mxisd paths don't exist
|
||||
file:
|
||||
path: "{{ matrix_mxisd_base_path }}"
|
||||
state: absent
|
||||
when: "not matrix_mxisd_enabled"
|
||||
when: "not matrix_mxisd_enabled|bool"
|
||||
|
||||
- name: Ensure mxisd Docker image doesn't exist
|
||||
docker_image:
|
||||
name: "{{ matrix_mxisd_docker_image }}"
|
||||
state: absent
|
||||
when: "not matrix_mxisd_enabled"
|
||||
when: "not matrix_mxisd_enabled|bool"
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
- set_fact:
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-nginx-proxy'] }}"
|
||||
when: "matrix_nginx_proxy_enabled"
|
||||
when: matrix_nginx_proxy_enabled|bool
|
||||
|
||||
@@ -6,20 +6,20 @@
|
||||
# This role performs actions even if the role is disabled, so we need
|
||||
# to ensure there's a valid configuration in any case.
|
||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: run_setup
|
||||
when: run_setup|bool
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-nginx-proxy
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/ssl/main.yml"
|
||||
when: run_setup
|
||||
when: run_setup|bool
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-nginx-proxy
|
||||
- setup-ssl
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_nginx_proxy.yml"
|
||||
when: run_setup
|
||||
when: run_setup|bool
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-nginx-proxy
|
||||
@@ -27,7 +27,7 @@
|
||||
- import_tasks: "{{ role_path }}/tasks/self_check_well_known.yml"
|
||||
delegate_to: 127.0.0.1
|
||||
become: false
|
||||
when: run_self_check
|
||||
when: run_self_check|bool
|
||||
tags:
|
||||
- self-check
|
||||
|
||||
|
||||
@@ -21,7 +21,7 @@
|
||||
- name: Determine domains that we require certificates for (mxisd)
|
||||
set_fact:
|
||||
well_known_file_checks: "{{ well_known_file_checks + [well_known_file_check_matrix_server] }}"
|
||||
when: "matrix_well_known_matrix_server_enabled"
|
||||
when: matrix_well_known_matrix_server_enabled|bool
|
||||
|
||||
- name: Perform well-known checks
|
||||
include_tasks: "{{ role_path }}/tasks/self_check_well_known_file.yml"
|
||||
|
||||
@@ -27,7 +27,7 @@
|
||||
src: "{{ role_path }}/templates/nginx/nginx.conf.j2"
|
||||
dest: "{{ matrix_nginx_proxy_base_path }}/nginx.conf"
|
||||
mode: 0644
|
||||
when: "matrix_nginx_proxy_enabled"
|
||||
when: matrix_nginx_proxy_enabled|bool
|
||||
|
||||
- name: Ensure matrix-synapse-metrics-htpasswd is present (protecting /_synapse/metrics URI)
|
||||
template:
|
||||
@@ -36,35 +36,35 @@
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
mode: 0400
|
||||
when: "matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_enabled and matrix_nginx_proxy_proxy_synapse_metrics"
|
||||
when: "matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_enabled|bool and matrix_nginx_proxy_proxy_synapse_metrics|bool"
|
||||
|
||||
- name: Ensure Matrix nginx-proxy configured (generic)
|
||||
template:
|
||||
src: "{{ role_path }}/templates/nginx/conf.d/nginx-http.conf.j2"
|
||||
dest: "{{ matrix_nginx_proxy_confd_path }}/nginx-http.conf"
|
||||
mode: 0644
|
||||
when: "matrix_nginx_proxy_enabled"
|
||||
when: matrix_nginx_proxy_enabled|bool
|
||||
|
||||
- name: Ensure Matrix nginx-proxy configuration for matrix domain exists
|
||||
template:
|
||||
src: "{{ role_path }}/templates/nginx/conf.d/matrix-synapse.conf.j2"
|
||||
dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-synapse.conf"
|
||||
mode: 0644
|
||||
when: "matrix_nginx_proxy_proxy_matrix_enabled"
|
||||
when: matrix_nginx_proxy_proxy_matrix_enabled|bool
|
||||
|
||||
- name: Ensure Matrix nginx-proxy configuration for riot domain exists
|
||||
template:
|
||||
src: "{{ role_path }}/templates/nginx/conf.d/matrix-riot-web.conf.j2"
|
||||
dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-riot-web.conf"
|
||||
mode: 0644
|
||||
when: "matrix_nginx_proxy_proxy_riot_enabled"
|
||||
when: matrix_nginx_proxy_proxy_riot_enabled|bool
|
||||
|
||||
- name: Ensure Matrix nginx-proxy configuration for dimension domain exists
|
||||
template:
|
||||
src: "{{ role_path }}/templates/nginx/conf.d/matrix-dimension.conf.j2"
|
||||
dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-dimension.conf"
|
||||
mode: 0644
|
||||
when: "matrix_nginx_proxy_proxy_dimension_enabled"
|
||||
when: matrix_nginx_proxy_proxy_dimension_enabled|bool
|
||||
|
||||
- name: Ensure Matrix nginx-proxy data directory for base domain exists
|
||||
file:
|
||||
@@ -73,7 +73,7 @@
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
when: "matrix_nginx_proxy_base_domain_serving_enabled"
|
||||
when: matrix_nginx_proxy_base_domain_serving_enabled|bool
|
||||
|
||||
- name: Ensure Matrix nginx-proxy homepage for base domain exists
|
||||
copy:
|
||||
@@ -82,14 +82,14 @@
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
when: "matrix_nginx_proxy_base_domain_serving_enabled"
|
||||
when: matrix_nginx_proxy_base_domain_serving_enabled|bool
|
||||
|
||||
- name: Ensure Matrix nginx-proxy configuration for base domain exists
|
||||
template:
|
||||
src: "{{ role_path }}/templates/nginx/conf.d/matrix-domain.conf.j2"
|
||||
dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-domain.conf"
|
||||
mode: 0644
|
||||
when: "matrix_nginx_proxy_base_domain_serving_enabled"
|
||||
when: matrix_nginx_proxy_base_domain_serving_enabled|bool
|
||||
|
||||
#
|
||||
# Tasks related to setting up matrix-nginx-proxy
|
||||
@@ -97,7 +97,8 @@
|
||||
- name: Ensure nginx Docker image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_nginx_proxy_docker_image }}"
|
||||
when: matrix_nginx_proxy_enabled
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
when: matrix_nginx_proxy_enabled|bool
|
||||
|
||||
- name: Ensure matrix-nginx-proxy.service installed
|
||||
template:
|
||||
@@ -105,7 +106,7 @@
|
||||
dest: "/etc/systemd/system/matrix-nginx-proxy.service"
|
||||
mode: 0644
|
||||
register: matrix_nginx_proxy_systemd_service_result
|
||||
when: matrix_nginx_proxy_enabled
|
||||
when: matrix_nginx_proxy_enabled|bool
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-nginx-proxy.service installation
|
||||
service:
|
||||
@@ -121,7 +122,7 @@
|
||||
stat:
|
||||
path: "/etc/systemd/system/matrix-nginx-proxy.service"
|
||||
register: matrix_nginx_proxy_service_stat
|
||||
when: "not matrix_nginx_proxy_enabled"
|
||||
when: "not matrix_nginx_proxy_enabled|bool"
|
||||
|
||||
- name: Ensure matrix-nginx-proxy is stopped
|
||||
service:
|
||||
@@ -129,57 +130,57 @@
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
register: stopping_result
|
||||
when: "not matrix_nginx_proxy_enabled and matrix_nginx_proxy_service_stat.stat.exists"
|
||||
when: "not matrix_nginx_proxy_enabled|bool and matrix_nginx_proxy_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure matrix-nginx-proxy.service doesn't exist
|
||||
file:
|
||||
path: "/etc/systemd/system/matrix-nginx-proxy.service"
|
||||
state: absent
|
||||
when: "not matrix_nginx_proxy_enabled and matrix_nginx_proxy_service_stat.stat.exists"
|
||||
when: "not matrix_nginx_proxy_enabled|bool and matrix_nginx_proxy_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-nginx-proxy.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "not matrix_nginx_proxy_enabled and matrix_nginx_proxy_service_stat.stat.exists"
|
||||
when: "not matrix_nginx_proxy_enabled|bool and matrix_nginx_proxy_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure Matrix nginx-proxy configuration for matrix domain deleted
|
||||
file:
|
||||
path: "{{ matrix_nginx_proxy_confd_path }}/matrix-synapse.conf"
|
||||
state: absent
|
||||
when: "not matrix_nginx_proxy_proxy_matrix_enabled"
|
||||
when: "not matrix_nginx_proxy_proxy_matrix_enabled|bool"
|
||||
|
||||
- name: Ensure Matrix nginx-proxy configuration for riot domain deleted
|
||||
file:
|
||||
path: "{{ matrix_nginx_proxy_confd_path }}/matrix-riot-web.conf"
|
||||
state: absent
|
||||
when: "not matrix_nginx_proxy_proxy_riot_enabled"
|
||||
when: "not matrix_nginx_proxy_proxy_riot_enabled|bool"
|
||||
|
||||
- name: Ensure Matrix nginx-proxy configuration for dimension domain deleted
|
||||
file:
|
||||
path: "{{ matrix_nginx_proxy_confd_path }}/matrix-dimension.conf"
|
||||
state: absent
|
||||
when: "not matrix_nginx_proxy_proxy_dimension_enabled"
|
||||
when: "not matrix_nginx_proxy_proxy_dimension_enabled|bool"
|
||||
|
||||
- name: Ensure Matrix nginx-proxy homepage for base domain deleted
|
||||
file:
|
||||
path: "{{ matrix_nginx_proxy_data_path }}/matrix-domain/index.html"
|
||||
state: absent
|
||||
when: "not matrix_nginx_proxy_base_domain_serving_enabled"
|
||||
when: "not matrix_nginx_proxy_base_domain_serving_enabled|bool"
|
||||
|
||||
- name: Ensure Matrix nginx-proxy configuration for base domain deleted
|
||||
file:
|
||||
path: "{{ matrix_nginx_proxy_confd_path }}/matrix-domain.conf"
|
||||
state: absent
|
||||
when: "not matrix_nginx_proxy_base_domain_serving_enabled"
|
||||
when: "not matrix_nginx_proxy_base_domain_serving_enabled|bool"
|
||||
|
||||
- name: Ensure Matrix nginx-proxy configuration for main config override deleted
|
||||
file:
|
||||
path: "{{ matrix_nginx_proxy_base_path }}/nginx.conf"
|
||||
state: absent
|
||||
when: "not matrix_nginx_proxy_enabled"
|
||||
when: "not matrix_nginx_proxy_enabled|bool"
|
||||
|
||||
- name: Ensure Matrix nginx-proxy htpasswd is deleted (protecting /_synapse/metrics URI)
|
||||
file:
|
||||
path: "{{ matrix_nginx_proxy_data_path }}/matrix-synapse-metrics-htpasswd"
|
||||
state: absent
|
||||
when: "not matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_enabled or not matrix_nginx_proxy_proxy_synapse_metrics"
|
||||
when: "not matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_enabled|bool or not matrix_nginx_proxy_proxy_synapse_metrics|bool"
|
||||
|
||||
@@ -36,6 +36,7 @@
|
||||
- name: Ensure certbot Docker image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_ssl_lets_encrypt_certbot_docker_image }}"
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
when: "matrix_ssl_retrieval_method == 'lets-encrypt'"
|
||||
|
||||
- name: Obtain Let's Encrypt certificates
|
||||
@@ -67,8 +68,8 @@
|
||||
cron_file: matrix-ssl-lets-encrypt
|
||||
name: matrix-ssl-lets-encrypt-certificates-renew
|
||||
state: present
|
||||
hour: 4
|
||||
minute: 15
|
||||
hour: "4"
|
||||
minute: "15"
|
||||
day: "*"
|
||||
job: /usr/local/bin/matrix-ssl-lets-encrypt-certificates-renew
|
||||
|
||||
@@ -78,11 +79,11 @@
|
||||
cron_file: matrix-ssl-lets-encrypt
|
||||
name: matrix-nginx-proxy-reload
|
||||
state: present
|
||||
hour: 5
|
||||
minute: 20
|
||||
hour: "5"
|
||||
minute: "20"
|
||||
day: "*"
|
||||
job: /bin/systemctl reload matrix-nginx-proxy.service
|
||||
when: matrix_nginx_proxy_enabled
|
||||
when: matrix_nginx_proxy_enabled|bool
|
||||
when: "matrix_ssl_retrieval_method == 'lets-encrypt'"
|
||||
|
||||
|
||||
@@ -98,7 +99,7 @@
|
||||
cron_file: matrix-ssl-lets-encrypt
|
||||
name: matrix-nginx-proxy-reload
|
||||
state: absent
|
||||
when: "not matrix_nginx_proxy_enabled"
|
||||
when: "not matrix_nginx_proxy_enabled|bool"
|
||||
|
||||
# When Let's Encrypt is not used at all, remove all cronjobs in that cron file.
|
||||
- name: Ensure matrix-ssl-lets-encrypt-renew cronjob removed
|
||||
|
||||
@@ -35,7 +35,7 @@
|
||||
--agree-tos
|
||||
--email={{ matrix_ssl_lets_encrypt_support_email }}
|
||||
-d {{ domain_name }}
|
||||
when: "domain_name_needs_cert"
|
||||
when: domain_name_needs_cert|bool
|
||||
register: result_certbot_direct
|
||||
ignore_errors: true
|
||||
|
||||
|
||||
@@ -5,7 +5,7 @@
|
||||
- name: Fail if Postgres not enabled
|
||||
fail:
|
||||
msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot import."
|
||||
when: "not matrix_postgres_enabled"
|
||||
when: "not matrix_postgres_enabled|bool"
|
||||
|
||||
- name: Fail if playbook called incorrectly
|
||||
fail:
|
||||
@@ -20,7 +20,7 @@
|
||||
- name: Fail if provided Postgres dump file doesn't exists
|
||||
fail:
|
||||
msg: "File cannot be found on the server at {{ server_path_postgres_dump }}"
|
||||
when: not result_server_path_postgres_dump_stat.stat.exists
|
||||
when: "not result_server_path_postgres_dump_stat.stat.exists"
|
||||
|
||||
|
||||
# Defaults
|
||||
@@ -54,7 +54,7 @@
|
||||
- name: Abort, if no existing Postgres version detected
|
||||
fail:
|
||||
msg: "Could not find existing Postgres installation"
|
||||
when: "not matrix_postgres_detected_existing"
|
||||
when: "not matrix_postgres_detected_existing|bool"
|
||||
|
||||
- name: Generate Postgres database import command
|
||||
set_fact:
|
||||
|
||||
@@ -5,7 +5,7 @@
|
||||
- name: Fail if Postgres not enabled
|
||||
fail:
|
||||
msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot import."
|
||||
when: "not matrix_postgres_enabled"
|
||||
when: "not matrix_postgres_enabled|bool"
|
||||
|
||||
- name: Fail if playbook called incorrectly
|
||||
fail:
|
||||
@@ -20,7 +20,7 @@
|
||||
- name: Fail if provided SQLite homeserver.db file doesn't exist
|
||||
fail:
|
||||
msg: "File cannot be found on the server at {{ server_path_homeserver_db }}"
|
||||
when: not result_server_path_homeserver_db_stat.stat.exists
|
||||
when: "not result_server_path_homeserver_db_stat.stat.exists"
|
||||
|
||||
|
||||
# Defaults
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
- set_fact:
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-postgres'] }}"
|
||||
when: matrix_postgres_enabled
|
||||
when: matrix_postgres_enabled|bool
|
||||
|
||||
@@ -3,28 +3,28 @@
|
||||
- always
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup and matrix_postgres_enabled"
|
||||
when: "run_setup|bool and matrix_postgres_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-postgres
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_postgres.yml"
|
||||
when: run_setup
|
||||
when: run_setup|bool
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-postgres
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/import_postgres.yml"
|
||||
when: run_import_postgres
|
||||
when: run_import_postgres|bool
|
||||
tags:
|
||||
- import-postgres
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/import_sqlite_db.yml"
|
||||
when: run_import_sqlite_db
|
||||
when: run_import_sqlite_db|bool
|
||||
tags:
|
||||
- import-sqlite-db
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/upgrade_postgres.yml"
|
||||
when: run_upgrade_postgres
|
||||
when: run_upgrade_postgres|bool
|
||||
tags:
|
||||
- upgrade-postgres
|
||||
|
||||
@@ -5,10 +5,10 @@
|
||||
#
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/migrate_postgres_data_directory.yml"
|
||||
when: matrix_postgres_enabled
|
||||
when: matrix_postgres_enabled|bool
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/util/detect_existing_postgres_version.yml"
|
||||
when: matrix_postgres_enabled
|
||||
when: matrix_postgres_enabled|bool
|
||||
|
||||
# If we have found an existing version (installed from before), we use its corresponding Docker image.
|
||||
# If not, we install using the latest Postgres.
|
||||
@@ -16,18 +16,19 @@
|
||||
# Upgrading is supposed to be performed separately and explicitly (see `upgrade_postgres.yml`).
|
||||
- set_fact:
|
||||
matrix_postgres_docker_image_to_use: "{{ matrix_postgres_docker_image_latest if matrix_postgres_detected_version_corresponding_docker_image == '' else matrix_postgres_detected_version_corresponding_docker_image }}"
|
||||
when: matrix_postgres_enabled
|
||||
when: matrix_postgres_enabled|bool
|
||||
|
||||
- name: Warn if on an old version of Postgres
|
||||
debug:
|
||||
msg: "NOTE: Your setup is on an old Postgres version ({{ matrix_postgres_docker_image_to_use }}), while {{ matrix_postgres_docker_image_latest }} is supported. You can upgrade using --tags=upgrade-postgres"
|
||||
when: "matrix_postgres_enabled and matrix_postgres_docker_image_to_use != matrix_postgres_docker_image_latest"
|
||||
when: "matrix_postgres_enabled|bool and matrix_postgres_docker_image_to_use != matrix_postgres_docker_image_latest"
|
||||
|
||||
# Even if we don't run the internal server, we still need this for running the CLI
|
||||
- name: Ensure postgres Docker image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_postgres_docker_image_to_use }}"
|
||||
when: matrix_postgres_enabled
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
when: matrix_postgres_enabled|bool
|
||||
|
||||
# We always create these directories, even if an external Postgres is used,
|
||||
# because we store environment variable files there.
|
||||
@@ -41,7 +42,7 @@
|
||||
with_items:
|
||||
- "{{ matrix_postgres_base_path }}"
|
||||
- "{{ matrix_postgres_data_path }}"
|
||||
when: matrix_postgres_enabled
|
||||
when: matrix_postgres_enabled|bool
|
||||
|
||||
- name: Ensure Postgres environment variables file created
|
||||
template:
|
||||
@@ -51,21 +52,21 @@
|
||||
with_items:
|
||||
- "env-postgres-psql"
|
||||
- "env-postgres-server"
|
||||
when: matrix_postgres_enabled
|
||||
when: matrix_postgres_enabled|bool
|
||||
|
||||
- name: Ensure matrix-postgres-cli script created
|
||||
template:
|
||||
src: "{{ role_path }}/templates/usr-local-bin/matrix-postgres-cli.j2"
|
||||
dest: "/usr/local/bin/matrix-postgres-cli"
|
||||
mode: 0750
|
||||
when: matrix_postgres_enabled
|
||||
when: matrix_postgres_enabled|bool
|
||||
|
||||
- name: Ensure matrix-make-user-admin script created
|
||||
template:
|
||||
src: "{{ role_path }}/templates/usr-local-bin/matrix-make-user-admin.j2"
|
||||
dest: "/usr/local/bin/matrix-make-user-admin"
|
||||
mode: 0750
|
||||
when: matrix_postgres_enabled
|
||||
when: matrix_postgres_enabled|bool
|
||||
|
||||
#
|
||||
# Tasks related to setting up an internal postgres server
|
||||
@@ -77,12 +78,12 @@
|
||||
dest: "/etc/systemd/system/matrix-postgres.service"
|
||||
mode: 0644
|
||||
register: matrix_postgres_systemd_service_result
|
||||
when: matrix_postgres_enabled
|
||||
when: matrix_postgres_enabled|bool
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-postgres.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_postgres_enabled and matrix_postgres_systemd_service_result.changed"
|
||||
when: "matrix_postgres_enabled|bool and matrix_postgres_systemd_service_result.changed"
|
||||
|
||||
#
|
||||
# Tasks related to getting rid of the internal postgres server (if it was previously enabled)
|
||||
@@ -92,41 +93,41 @@
|
||||
stat:
|
||||
path: "/etc/systemd/system/matrix-postgres.service"
|
||||
register: matrix_postgres_service_stat
|
||||
when: "not matrix_postgres_enabled"
|
||||
when: "not matrix_postgres_enabled|bool"
|
||||
|
||||
- name: Ensure matrix-postgres is stopped
|
||||
service:
|
||||
name: matrix-postgres
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
when: "not matrix_postgres_enabled and matrix_postgres_service_stat.stat.exists"
|
||||
when: "not matrix_postgres_enabled|bool and matrix_postgres_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure matrix-postgres.service doesn't exist
|
||||
file:
|
||||
path: "/etc/systemd/system/matrix-postgres.service"
|
||||
state: absent
|
||||
when: "not matrix_postgres_enabled and matrix_postgres_service_stat.stat.exists"
|
||||
when: "not matrix_postgres_enabled|bool and matrix_postgres_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-postgres.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "not matrix_postgres_enabled and matrix_postgres_service_stat.stat.exists"
|
||||
when: "not matrix_postgres_enabled|bool and matrix_postgres_service_stat.stat.exists"
|
||||
|
||||
- name: Check existence of matrix-postgres local data path
|
||||
stat:
|
||||
path: "{{ matrix_postgres_data_path }}"
|
||||
register: matrix_postgres_data_path_stat
|
||||
when: "not matrix_postgres_enabled"
|
||||
when: "not matrix_postgres_enabled|bool"
|
||||
|
||||
# We just want to notify the user. Deleting data is too destructive.
|
||||
- name: Notify if matrix-postgres local data remains
|
||||
debug:
|
||||
msg: "Note: You are not using a local PostgreSQL database, but some old data remains from before in `{{ matrix_postgres_data_path }}`. Feel free to delete it."
|
||||
when: "not matrix_postgres_enabled and matrix_postgres_data_path_stat.stat.exists"
|
||||
when: "not matrix_postgres_enabled|bool and matrix_postgres_data_path_stat.stat.exists"
|
||||
|
||||
- name: Ensure matrix-postgres-update-user-password-hash script created
|
||||
template:
|
||||
src: "{{ role_path }}/templates/usr-local-bin/matrix-postgres-update-user-password-hash.j2"
|
||||
dest: "/usr/local/bin/matrix-postgres-update-user-password-hash"
|
||||
mode: 0750
|
||||
when: matrix_postgres_enabled
|
||||
when: matrix_postgres_enabled|bool
|
||||
|
||||
@@ -23,7 +23,7 @@
|
||||
- name: Fail, if trying to upgrade external Postgres database
|
||||
fail:
|
||||
msg: "Your configuration indicates that you're not using Postgres from this role. There is nothing to upgrade."
|
||||
when: "not matrix_postgres_enabled"
|
||||
when: "not matrix_postgres_enabled|bool"
|
||||
|
||||
- name: Check Postgres auto-upgrade backup data directory
|
||||
stat:
|
||||
@@ -40,7 +40,7 @@
|
||||
- name: Abort, if no existing Postgres version detected
|
||||
fail:
|
||||
msg: "Could not find existing Postgres installation"
|
||||
when: "not matrix_postgres_detected_existing"
|
||||
when: "not matrix_postgres_detected_existing|bool"
|
||||
|
||||
- name: Abort, if already at latest Postgres version
|
||||
fail:
|
||||
|
||||
@@ -23,12 +23,12 @@
|
||||
slurp:
|
||||
src: "{{ matrix_postgres_detection_pg_version_path }}"
|
||||
register: result_pg_version
|
||||
when: "matrix_postgres_detected_existing"
|
||||
when: matrix_postgres_detected_existing|bool
|
||||
|
||||
- name: Determine existing Postgres version (make sense of PG_VERSION file)
|
||||
set_fact:
|
||||
matrix_postgres_detected_version: "{{ result_pg_version['content']|b64decode|replace('\n', '') }}"
|
||||
when: "matrix_postgres_detected_existing"
|
||||
when: matrix_postgres_detected_existing|bool
|
||||
|
||||
- name: Determine corresponding Docker image to detected version (assume default of latest)
|
||||
set_fact:
|
||||
@@ -43,4 +43,4 @@
|
||||
- name: Determine corresponding Docker image to detected version (use 10.x, if detected)
|
||||
set_fact:
|
||||
matrix_postgres_detected_version_corresponding_docker_image: "{{ matrix_postgres_docker_image_v10 }}"
|
||||
when: "matrix_postgres_detected_version == '10' or matrix_postgres_detected_version.startswith('10.')"
|
||||
when: "matrix_postgres_detected_version == '10' or matrix_postgres_detected_version.startswith('10.')"
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
- set_fact:
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-riot-web'] }}"
|
||||
when: matrix_riot_web_enabled
|
||||
when: matrix_riot_web_enabled|bool
|
||||
|
||||
@@ -3,13 +3,13 @@
|
||||
- always
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup and matrix_riot_web_enabled"
|
||||
when: "run_setup|bool and matrix_riot_web_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-riot-web
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_riot_web.yml"
|
||||
when: run_setup
|
||||
when: run_setup|bool
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-riot-web
|
||||
@@ -17,6 +17,6 @@
|
||||
- import_tasks: "{{ role_path }}/tasks/self_check_riot_web.yml"
|
||||
delegate_to: 127.0.0.1
|
||||
become: false
|
||||
when: "run_self_check and matrix_riot_web_enabled"
|
||||
when: "run_self_check|bool and matrix_riot_web_enabled|bool"
|
||||
tags:
|
||||
- self-check
|
||||
- self-check
|
||||
|
||||
@@ -11,12 +11,13 @@
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
when: matrix_riot_web_enabled
|
||||
when: matrix_riot_web_enabled|bool
|
||||
|
||||
- name: Ensure riot-web Docker image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_riot_web_docker_image }}"
|
||||
when: matrix_riot_web_enabled
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
when: matrix_riot_web_enabled|bool
|
||||
|
||||
- name: Ensure Matrix riot-web config files installed
|
||||
template:
|
||||
@@ -30,7 +31,7 @@
|
||||
- {src: "{{ role_path }}/templates/nginx.conf.j2", name: "nginx.conf"}
|
||||
- {src: "{{ role_path }}/templates/welcome.html.j2", name: "welcome.html"}
|
||||
- {src: "{{ matrix_riot_web_embedded_pages_home_path }}", name: "home.html"}
|
||||
when: "matrix_riot_web_enabled and item.src is not none"
|
||||
when: "matrix_riot_web_enabled|bool and item.src is not none"
|
||||
|
||||
- name: Ensure Matrix riot-web config files removed
|
||||
file:
|
||||
@@ -38,7 +39,7 @@
|
||||
state: absent
|
||||
with_items:
|
||||
- {src: "{{ matrix_riot_web_embedded_pages_home_path }}", name: "home.html"}
|
||||
when: "matrix_riot_web_enabled and item.src is none"
|
||||
when: "matrix_riot_web_enabled|bool and item.src is none"
|
||||
|
||||
- name: Ensure matrix-riot-web.service installed
|
||||
template:
|
||||
@@ -46,7 +47,7 @@
|
||||
dest: "/etc/systemd/system/matrix-riot-web.service"
|
||||
mode: 0644
|
||||
register: matrix_riot_web_systemd_service_result
|
||||
when: matrix_riot_web_enabled
|
||||
when: matrix_riot_web_enabled|bool
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-riot-web.service installation
|
||||
service:
|
||||
@@ -61,7 +62,7 @@
|
||||
stat:
|
||||
path: "/etc/systemd/system/matrix-riot-web.service"
|
||||
register: matrix_riot_web_service_stat
|
||||
when: "not matrix_riot_web_enabled"
|
||||
when: "not matrix_riot_web_enabled|bool"
|
||||
|
||||
- name: Ensure matrix-riot-web is stopped
|
||||
service:
|
||||
@@ -69,27 +70,27 @@
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
register: stopping_result
|
||||
when: "not matrix_riot_web_enabled and matrix_riot_web_service_stat.stat.exists"
|
||||
when: "not matrix_riot_web_enabled|bool and matrix_riot_web_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure matrix-riot-web.service doesn't exist
|
||||
file:
|
||||
path: "/etc/systemd/system/matrix-riot-web.service"
|
||||
state: absent
|
||||
when: "not matrix_riot_web_enabled and matrix_riot_web_service_stat.stat.exists"
|
||||
when: "not matrix_riot_web_enabled|bool and matrix_riot_web_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-riot-web.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "not matrix_riot_web_enabled and matrix_riot_web_service_stat.stat.exists"
|
||||
when: "not matrix_riot_web_enabled|bool and matrix_riot_web_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure Matrix riot-web paths doesn't exist
|
||||
file:
|
||||
path: "{{ matrix_riot_web_data_path }}"
|
||||
state: absent
|
||||
when: "not matrix_riot_web_enabled"
|
||||
when: "not matrix_riot_web_enabled|bool"
|
||||
|
||||
- name: Ensure riot-web Docker image doesn't exist
|
||||
docker_image:
|
||||
name: "{{ matrix_riot_web_docker_image }}"
|
||||
state: absent
|
||||
when: "not matrix_riot_web_enabled"
|
||||
when: "not matrix_riot_web_enabled|bool"
|
||||
|
||||
@@ -1,11 +1,10 @@
|
||||
- set_fact:
|
||||
matrix_synapse_password_providers_enabled: true
|
||||
when: "matrix_synapse_ext_password_provider_ldap_enabled"
|
||||
when: matrix_synapse_ext_password_provider_ldap_enabled|bool
|
||||
|
||||
- set_fact:
|
||||
matrix_synapse_additional_loggers: >
|
||||
{{ matrix_synapse_additional_loggers }}
|
||||
+
|
||||
{{ [{'name': 'ldap_auth_provider', 'level': 'INFO'}] }}
|
||||
when: "matrix_synapse_ext_password_provider_ldap_enabled"
|
||||
|
||||
when: matrix_synapse_ext_password_provider_ldap_enabled|bool
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
---
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/ext/rest-auth/setup_install.yml"
|
||||
when: matrix_synapse_ext_password_provider_rest_auth_enabled
|
||||
when: matrix_synapse_ext_password_provider_rest_auth_enabled|bool
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/ext/rest-auth/setup_uninstall.yml"
|
||||
when: "not matrix_synapse_ext_password_provider_rest_auth_enabled"
|
||||
when: "not matrix_synapse_ext_password_provider_rest_auth_enabled|bool"
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
---
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/ext/shared-secret-auth/setup_install.yml"
|
||||
when: matrix_synapse_ext_password_provider_shared_secret_auth_enabled
|
||||
when: matrix_synapse_ext_password_provider_shared_secret_auth_enabled|bool
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/ext/shared-secret-auth/setup_uninstall.yml"
|
||||
when: "not matrix_synapse_ext_password_provider_shared_secret_auth_enabled"
|
||||
when: "not matrix_synapse_ext_password_provider_shared_secret_auth_enabled|bool"
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
---
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/goofys/setup_install.yml"
|
||||
when: matrix_s3_media_store_enabled
|
||||
when: matrix_s3_media_store_enabled|bool
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/goofys/setup_uninstall.yml"
|
||||
when: "not matrix_s3_media_store_enabled"
|
||||
when: "not matrix_s3_media_store_enabled|bool"
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
- name: Ensure Goofys Docker image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_s3_goofys_docker_image }}"
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
|
||||
# This will throw a Permission Denied error if already mounted
|
||||
- name: Check Matrix Goofys external storage mountpoint path
|
||||
|
||||
@@ -10,7 +10,7 @@
|
||||
- name: Fail if media store is on Amazon S3
|
||||
fail:
|
||||
msg: "Your media store is on Amazon S3. Due to technical limitations, restoring is not supported."
|
||||
when: "matrix_s3_media_store_enabled"
|
||||
when: matrix_s3_media_store_enabled|bool
|
||||
|
||||
- name: Check if the provided media store directory exists
|
||||
stat:
|
||||
@@ -68,7 +68,7 @@
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
recurse: yes
|
||||
when: "not matrix_s3_media_store_enabled"
|
||||
when: "not matrix_s3_media_store_enabled|bool"
|
||||
|
||||
# We don't chown for Goofys, because due to the way it's mounted,
|
||||
# all files become owned by whoever needs to own them.
|
||||
@@ -78,6 +78,6 @@
|
||||
name: "{{ item }}"
|
||||
state: started
|
||||
daemon_reload: yes
|
||||
when: stopping_result.changed
|
||||
when: "stopping_result.changed"
|
||||
with_items:
|
||||
- matrix-synapse
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
- set_fact:
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-synapse'] }}"
|
||||
when: matrix_synapse_enabled
|
||||
when: matrix_synapse_enabled|bool
|
||||
|
||||
- set_fact:
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-goofys'] }}"
|
||||
when: matrix_s3_media_store_enabled
|
||||
when: matrix_s3_media_store_enabled|bool
|
||||
|
||||
@@ -3,43 +3,43 @@
|
||||
- always
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: run_setup
|
||||
when: run_setup|bool
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-synapse
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_synapse.yml"
|
||||
when: run_setup
|
||||
when: run_setup|bool
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-synapse
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/import_media_store.yml"
|
||||
when: run_import_media_store
|
||||
when: run_import_media_store|bool
|
||||
tags:
|
||||
- import-media-store
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/register_user.yml"
|
||||
when: run_register_user
|
||||
when: run_register_user|bool
|
||||
tags:
|
||||
- register-user
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/self_check_client_api.yml"
|
||||
delegate_to: 127.0.0.1
|
||||
become: false
|
||||
when: run_self_check
|
||||
when: run_self_check|bool
|
||||
tags:
|
||||
- self-check
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/self_check_federation_api.yml"
|
||||
delegate_to: 127.0.0.1
|
||||
become: false
|
||||
when: run_self_check
|
||||
when: run_self_check|bool
|
||||
tags:
|
||||
- self-check
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/update_user_password.yml"
|
||||
when: run_update_user_password
|
||||
when: run_update_user_password|bool
|
||||
tags:
|
||||
- update-user-password
|
||||
|
||||
|
||||
@@ -25,7 +25,7 @@
|
||||
- name: Wait a while, so that Synapse can manage to start
|
||||
pause:
|
||||
seconds: 7
|
||||
when: start_result.changed
|
||||
when: "start_result.changed"
|
||||
|
||||
- name: Register user
|
||||
shell: "/usr/local/bin/matrix-synapse-register-user {{ username }} {{ password }} {{ '1' if admin == 'yes' else '0' }}"
|
||||
|
||||
@@ -7,14 +7,14 @@
|
||||
validate_certs: "{{ matrix_synapse_self_check_validate_certificates }}"
|
||||
register: result_matrix_synapse_client_api
|
||||
ignore_errors: true
|
||||
when: matrix_synapse_enabled
|
||||
when: matrix_synapse_enabled|bool
|
||||
|
||||
- name: Fail if Matrix Client API not working
|
||||
fail:
|
||||
msg: "Failed checking Matrix Client API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_client_api_url_endpoint_public }}`). Is Synapse running? Is port 443 open in your firewall? Full error: {{ result_matrix_synapse_client_api }}"
|
||||
when: "matrix_synapse_enabled and (result_matrix_synapse_client_api.failed or 'json' not in result_matrix_synapse_client_api)"
|
||||
when: "matrix_synapse_enabled|bool and (result_matrix_synapse_client_api.failed or 'json' not in result_matrix_synapse_client_api)"
|
||||
|
||||
- name: Report working Matrix Client API
|
||||
debug:
|
||||
msg: "The Matrix Client API at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_client_api_url_endpoint_public }}`) is working"
|
||||
when: matrix_synapse_enabled
|
||||
when: matrix_synapse_enabled|bool
|
||||
|
||||
@@ -7,19 +7,19 @@
|
||||
validate_certs: "{{ matrix_synapse_self_check_validate_certificates }}"
|
||||
register: result_matrix_synapse_federation_api
|
||||
ignore_errors: true
|
||||
when: matrix_synapse_enabled
|
||||
when: matrix_synapse_enabled|bool
|
||||
|
||||
- name: Fail if Matrix Federation API not working
|
||||
fail:
|
||||
msg: "Failed checking Matrix Federation API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`). Is Synapse running? Is port 8448 open in your firewall? Full error: {{ result_matrix_synapse_federation_api }}"
|
||||
when: "matrix_synapse_enabled and matrix_synapse_federation_enabled and (result_matrix_synapse_federation_api.failed or 'json' not in result_matrix_synapse_federation_api)"
|
||||
when: "matrix_synapse_enabled|bool and matrix_synapse_federation_enabled|bool and (result_matrix_synapse_federation_api.failed or 'json' not in result_matrix_synapse_federation_api)"
|
||||
|
||||
- name: Fail if Matrix Federation API unexpectedly enabled
|
||||
fail:
|
||||
msg: "Matrix Federation API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`) despite being disabled."
|
||||
when: "matrix_synapse_enabled and not matrix_synapse_federation_enabled and not result_matrix_synapse_federation_api.failed"
|
||||
when: "matrix_synapse_enabled|bool and not matrix_synapse_federation_enabled|bool and not result_matrix_synapse_federation_api.failed"
|
||||
|
||||
- name: Report working Matrix Federation API
|
||||
debug:
|
||||
msg: "The Matrix Federation API at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`) is working"
|
||||
when: "matrix_synapse_enabled and matrix_synapse_federation_enabled"
|
||||
when: "matrix_synapse_enabled|bool and matrix_synapse_federation_enabled|bool"
|
||||
|
||||
@@ -18,7 +18,7 @@
|
||||
# We handle matrix_synapse_media_store_path elsewhere (in ./synapse/setup_install.yml),
|
||||
# because if it's using Goofys and it's already mounted (from before),
|
||||
# trying to chown/chmod it here will cause trouble.
|
||||
when: "matrix_synapse_enabled or matrix_s3_media_store_enabled"
|
||||
when: "matrix_synapse_enabled|bool or matrix_s3_media_store_enabled|bool"
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/ext/setup.yml"
|
||||
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
---
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/synapse/setup_install.yml"
|
||||
when: matrix_synapse_enabled
|
||||
when: matrix_synapse_enabled|bool
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/synapse/setup_uninstall.yml"
|
||||
when: "not matrix_synapse_enabled"
|
||||
when: "not matrix_synapse_enabled|bool"
|
||||
|
||||
@@ -21,6 +21,7 @@
|
||||
- name: Ensure Synapse Docker image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_synapse_docker_image }}"
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
|
||||
- name: Check if a Synapse signing key exists
|
||||
stat:
|
||||
@@ -71,11 +72,10 @@
|
||||
- name: Ensure systemd reloaded after matrix-synapse.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: matrix_synapse_systemd_service_result.changed
|
||||
when: "matrix_synapse_systemd_service_result.changed"
|
||||
|
||||
- name: Ensure matrix-synapse-register-user script created
|
||||
template:
|
||||
src: "{{ role_path }}/templates/synapse/usr-local-bin/matrix-synapse-register-user.j2"
|
||||
dest: "/usr/local/bin/matrix-synapse-register-user"
|
||||
mode: 0750
|
||||
|
||||
|
||||
@@ -13,7 +13,7 @@
|
||||
- name: Fail if not using matrix-postgres container
|
||||
fail:
|
||||
msg: "This command is working only when matrix-postgres container is being used"
|
||||
when: "not matrix_postgres_enabled"
|
||||
when: "not matrix_postgres_enabled|bool"
|
||||
|
||||
- name: Ensure matrix-synapse is started
|
||||
service:
|
||||
@@ -33,12 +33,12 @@
|
||||
- name: Wait a while, so that Matrix Synapse can manage to start
|
||||
pause:
|
||||
seconds: 7
|
||||
when: start_result.changed
|
||||
when: "start_result.changed"
|
||||
|
||||
- name: Wait a while, so that Matrix Postgres can manage to start
|
||||
pause:
|
||||
seconds: 7
|
||||
when: postgres_start_result.changed
|
||||
when: "postgres_start_result.changed"
|
||||
|
||||
- name: Generate password hash
|
||||
shell: "/usr/bin/docker exec matrix-synapse /usr/local/bin/hash_password -c /data/homeserver.yaml -p {{ password }}"
|
||||
|
||||
Reference in New Issue
Block a user