mirror of
https://github.com/spantaleev/matrix-docker-ansible-deploy.git
synced 2025-01-25 17:34:54 +01:00
commit
554da8338a
24
docs/alternative-architectures.md
Normal file
24
docs/alternative-architectures.md
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
# Alternative architectures
|
||||||
|
As stated in the [Prerequisites](prerequisites.md), currently only x86_64 is supported. However, it is possible to set the target architecture, and some tools can be built on the host or other measures can be used.
|
||||||
|
|
||||||
|
To that end add the following variable to your `vars.yaml` file:
|
||||||
|
```
|
||||||
|
matrix_architecture = <your-matrix-server-architecture>
|
||||||
|
```
|
||||||
|
Currently supported architectures are the following:
|
||||||
|
- `amd64` (the default)
|
||||||
|
- `arm64`
|
||||||
|
- `arm32`
|
||||||
|
|
||||||
|
so for the Raspberry Pi the following should be in your `vars.yaml` file:
|
||||||
|
```
|
||||||
|
matrix_architecture = "arm32"
|
||||||
|
```
|
||||||
|
|
||||||
|
## Implementation details
|
||||||
|
This subsection is used for a reminder, how the different roles implement architecture differenes. This is **not** aimed at the users, so one does not have to do anything based on this subsection.
|
||||||
|
|
||||||
|
On most roles [self-building](self-building.md) is used if the architecture is not `amd64`, however there are some special cases:
|
||||||
|
- matrix-bridge-mautrix-facebook: there is built docker image for arm64 as well,
|
||||||
|
- matrix-bridge-mautrix-hangouts: there is built docker image for arm64 as well,
|
||||||
|
- matrix-nginx-proxy: Certbot has docker image for both arm32 and arm64, however tagging is used, which requires special handling.
|
@ -1,6 +1,6 @@
|
|||||||
# Prerequisites
|
# Prerequisites
|
||||||
|
|
||||||
- An x86 server running **CentOS** (7 only for now; [8 is not yet supported](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/300)), **Debian** (9/Stretch+), **Ubuntu** (16.04+), or **Archlinux**. This playbook doesn't support running on ARM ([see](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/299)), however a minimal subset of the tools can be built on the host, which may result in a working configuration, even on a Raspberry pi (see [Self-Building](self-building.md)). We only strive to support released stable versions of distributions, not betas or pre-releases. This playbook can take over your whole server or co-exist with other services that you have there.
|
- An x86 server running **CentOS** (7 only for now; [8 is not yet supported](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/300)), **Debian** (9/Stretch+), **Ubuntu** (16.04+), or **Archlinux**. This playbook doesn't support running on ARM ([see](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/299)), however a minimal subset of the tools can be built on the host, which may result in a working configuration, even on a Raspberry pi (see [Alternative Architectures](alternative-architectures.md)). We only strive to support released stable versions of distributions, not betas or pre-releases. This playbook can take over your whole server or co-exist with other services that you have there.
|
||||||
|
|
||||||
- `root` access to your server (or a user capable of elevating to `root` via `sudo`).
|
- `root` access to your server (or a user capable of elevating to `root` via `sudo`).
|
||||||
|
|
||||||
|
@ -1,5 +1,7 @@
|
|||||||
# Self-building
|
# Self-building
|
||||||
|
|
||||||
|
**Caution: self-building does not have to be used on its own. See the [Alternative Architectures](alternative-architectures.md) page.**
|
||||||
|
|
||||||
The playbook supports the self-building of some of its components. This may be useful for architectures besides x86_64, which have no Docker images right now (e g. the armv7 for the Raspberry Pi). Some playbook roles have been updated, so they build the necessary image on the host. It needs more space, as some build tools need to be present (like Java, for ma1sd).
|
The playbook supports the self-building of some of its components. This may be useful for architectures besides x86_64, which have no Docker images right now (e g. the armv7 for the Raspberry Pi). Some playbook roles have been updated, so they build the necessary image on the host. It needs more space, as some build tools need to be present (like Java, for ma1sd).
|
||||||
|
|
||||||
To use these modification there is a variable that needs to be switched to enable this functionality. Add this to your `vars.yaml` file:
|
To use these modification there is a variable that needs to be switched to enable this functionality. Add this to your `vars.yaml` file:
|
||||||
|
@ -26,6 +26,20 @@ matrix_riot_jitsi_preferredDomain: "{{ matrix_server_fqn_jitsi if matrix_jitsi_e
|
|||||||
#
|
#
|
||||||
######################################################################
|
######################################################################
|
||||||
|
|
||||||
|
######################################################################
|
||||||
|
#
|
||||||
|
# matrix-architecture
|
||||||
|
#
|
||||||
|
######################################################################
|
||||||
|
|
||||||
|
matrix_architecture: "amd64"
|
||||||
|
|
||||||
|
######################################################################
|
||||||
|
#
|
||||||
|
# /matrix-architecture
|
||||||
|
#
|
||||||
|
######################################################################
|
||||||
|
|
||||||
|
|
||||||
######################################################################
|
######################################################################
|
||||||
#
|
#
|
||||||
@ -174,7 +188,7 @@ matrix_appservice_irc_homeserver_token: "{{ matrix_synapse_macaroon_secret_key |
|
|||||||
# We don't enable bridges by default.
|
# We don't enable bridges by default.
|
||||||
matrix_mautrix_facebook_enabled: false
|
matrix_mautrix_facebook_enabled: false
|
||||||
|
|
||||||
matrix_mautrix_facebook_container_image_self_build: "{{ matrix_container_images_self_build }}"
|
matrix_mautrix_facebook_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}"
|
||||||
|
|
||||||
matrix_mautrix_facebook_systemd_required_services_list: |
|
matrix_mautrix_facebook_systemd_required_services_list: |
|
||||||
{{
|
{{
|
||||||
@ -205,7 +219,7 @@ matrix_mautrix_facebook_login_shared_secret: "{{ matrix_synapse_ext_password_pro
|
|||||||
# We don't enable bridges by default.
|
# We don't enable bridges by default.
|
||||||
matrix_mautrix_hangouts_enabled: false
|
matrix_mautrix_hangouts_enabled: false
|
||||||
|
|
||||||
matrix_mautrix_hangouts_container_image_self_build: "{{ matrix_container_images_self_build }}"
|
matrix_mautrix_hangouts_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}"
|
||||||
|
|
||||||
matrix_mautrix_hangouts_systemd_required_services_list: |
|
matrix_mautrix_hangouts_systemd_required_services_list: |
|
||||||
{{
|
{{
|
||||||
@ -301,7 +315,7 @@ matrix_mautrix_whatsapp_login_shared_secret: "{{ matrix_synapse_ext_password_pro
|
|||||||
# We don't enable bridges by default.
|
# We don't enable bridges by default.
|
||||||
matrix_mx_puppet_skype_enabled: false
|
matrix_mx_puppet_skype_enabled: false
|
||||||
|
|
||||||
matrix_mx_puppet_skype_container_image_self_build: "{{ matrix_container_images_self_build }}"
|
matrix_mx_puppet_skype_container_image_self_build: "{{ matrix_architecture != 'amd64'}}"
|
||||||
|
|
||||||
matrix_mx_puppet_skype_systemd_required_services_list: |
|
matrix_mx_puppet_skype_systemd_required_services_list: |
|
||||||
{{
|
{{
|
||||||
@ -366,7 +380,7 @@ matrix_corporal_matrix_registration_shared_secret: "{{ matrix_synapse_registrati
|
|||||||
|
|
||||||
matrix_coturn_enabled: true
|
matrix_coturn_enabled: true
|
||||||
|
|
||||||
matrix_coturn_container_image_self_build: "{{ matrix_container_images_self_build }}"
|
matrix_coturn_container_image_self_build: "{{ matrix_architecture != 'amd64'}}"
|
||||||
|
|
||||||
matrix_coturn_turn_external_ip_address: "{{ ansible_host }}"
|
matrix_coturn_turn_external_ip_address: "{{ ansible_host }}"
|
||||||
|
|
||||||
@ -489,7 +503,7 @@ matrix_mailer_enabled: true
|
|||||||
# If you wish to use the public identity servers (matrix.org, vector.im) instead of your own you may wish to disable this.
|
# If you wish to use the public identity servers (matrix.org, vector.im) instead of your own you may wish to disable this.
|
||||||
matrix_ma1sd_enabled: true
|
matrix_ma1sd_enabled: true
|
||||||
|
|
||||||
matrix_ma1sd_container_image_self_build: "{{ matrix_container_images_self_build }}"
|
matrix_ma1sd_container_image_self_build: "{{ matrix_architecture != 'amd64'}}"
|
||||||
|
|
||||||
# Normally, matrix-nginx-proxy is enabled and nginx can reach ma1sd over the container network.
|
# Normally, matrix-nginx-proxy is enabled and nginx can reach ma1sd over the container network.
|
||||||
# If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose
|
# If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose
|
||||||
@ -599,6 +613,8 @@ matrix_ssl_domains_to_obtain_certificates_for: |
|
|||||||
([matrix_domain] if matrix_nginx_proxy_base_domain_serving_enabled else [])
|
([matrix_domain] if matrix_nginx_proxy_base_domain_serving_enabled else [])
|
||||||
}}
|
}}
|
||||||
|
|
||||||
|
matrix_ssl_architecture: "{{ matrix_architecture }}"
|
||||||
|
|
||||||
######################################################################
|
######################################################################
|
||||||
#
|
#
|
||||||
# /matrix-nginx-proxy
|
# /matrix-nginx-proxy
|
||||||
@ -638,7 +654,7 @@ matrix_postgres_db_name: "homeserver"
|
|||||||
# If you wish to connect to your Matrix server by other means, you may wish to disable this.
|
# If you wish to connect to your Matrix server by other means, you may wish to disable this.
|
||||||
matrix_riot_web_enabled: true
|
matrix_riot_web_enabled: true
|
||||||
|
|
||||||
matrix_riot_web_container_image_self_build: "{{ matrix_container_images_self_build }}"
|
matrix_riot_web_container_image_self_build: "{{ matrix_architecture != 'amd64'}}"
|
||||||
|
|
||||||
# Normally, matrix-nginx-proxy is enabled and nginx can reach riot-web over the container network.
|
# Normally, matrix-nginx-proxy is enabled and nginx can reach riot-web over the container network.
|
||||||
# If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose
|
# If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose
|
||||||
@ -683,7 +699,7 @@ matrix_riot_web_jitsi_preferredDomain: "{{ matrix_server_fqn_jitsi if matrix_jit
|
|||||||
#
|
#
|
||||||
######################################################################
|
######################################################################
|
||||||
|
|
||||||
matrix_synapse_container_image_self_build: "{{ matrix_container_images_self_build }}"
|
matrix_synapse_container_image_self_build: "{{ matrix_architecture != 'amd64'}}"
|
||||||
|
|
||||||
# When ma1sd is enabled, we can use it instead of the default public Identity servers.
|
# When ma1sd is enabled, we can use it instead of the default public Identity servers.
|
||||||
matrix_synapse_trusted_third_party_id_servers: "{{ [matrix_server_fqn_matrix] if matrix_ma1sd_enabled else matrix_synapse_id_servers_public }}"
|
matrix_synapse_trusted_third_party_id_servers: "{{ [matrix_server_fqn_matrix] if matrix_ma1sd_enabled else matrix_synapse_id_servers_public }}"
|
||||||
|
@ -213,12 +213,14 @@ matrix_nginx_proxy_self_check_well_known_matrix_client_follow_redirects: none
|
|||||||
# plain HTTP traffic only (usually, on the loopback interface only) and you'd be terminating SSL using another reverse-proxy.
|
# plain HTTP traffic only (usually, on the loopback interface only) and you'd be terminating SSL using another reverse-proxy.
|
||||||
matrix_ssl_retrieval_method: "lets-encrypt"
|
matrix_ssl_retrieval_method: "lets-encrypt"
|
||||||
|
|
||||||
|
matrix_ssl_architecture: "amd64"
|
||||||
|
|
||||||
# The list of domains that this role will obtain certificates for.
|
# The list of domains that this role will obtain certificates for.
|
||||||
matrix_ssl_domains_to_obtain_certificates_for: []
|
matrix_ssl_domains_to_obtain_certificates_for: []
|
||||||
|
|
||||||
# Controls whether to obtain production or staging certificates from Let's Encrypt.
|
# Controls whether to obtain production or staging certificates from Let's Encrypt.
|
||||||
matrix_ssl_lets_encrypt_staging: false
|
matrix_ssl_lets_encrypt_staging: false
|
||||||
matrix_ssl_lets_encrypt_certbot_docker_image: "certbot/certbot:v1.3.0"
|
matrix_ssl_lets_encrypt_certbot_docker_image: "certbot/certbot:{{ matrix_ssl_architecture }}-v1.3.0"
|
||||||
matrix_ssl_lets_encrypt_certbot_docker_image_force_pull: "{{ matrix_ssl_lets_encrypt_certbot_docker_image.endswith(':latest') }}"
|
matrix_ssl_lets_encrypt_certbot_docker_image_force_pull: "{{ matrix_ssl_lets_encrypt_certbot_docker_image.endswith(':latest') }}"
|
||||||
matrix_ssl_lets_encrypt_certbot_standalone_http_port: 2402
|
matrix_ssl_lets_encrypt_certbot_standalone_http_port: 2402
|
||||||
matrix_ssl_lets_encrypt_support_email: ~
|
matrix_ssl_lets_encrypt_support_email: ~
|
||||||
|
Loading…
x
Reference in New Issue
Block a user