From 594e6d967997935ec8f7038986604e5c64376215 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 8 Jan 2024 18:10:16 +0200 Subject: [PATCH] Move matrix-sms-bridge to its own container network and add support for non-Synapse homeservers --- group_vars/matrix_servers | 18 ++++++++----- .../matrix-bridge-sms/defaults/main.yml | 13 ++++++++-- .../matrix-bridge-sms/tasks/setup_install.yml | 5 ++++ .../tasks/validate_config.yml | 4 ++- .../systemd/matrix-sms-bridge.service.j2 | 26 ++++++++++++------- 5 files changed, 48 insertions(+), 18 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 72e9f0bf2..4195d5d8f 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1595,18 +1595,24 @@ matrix_mautrix_whatsapp_database_password: "{{ '%s' | format(matrix_homeserver_g # We don't enable bridges by default. matrix_sms_bridge_enabled: false -matrix_sms_bridge_systemd_required_services_list: | +matrix_sms_bridge_systemd_required_services_list_auto: | {{ - ['docker.service'] + matrix_addons_homeserver_systemd_services_list + - ['matrix-' + matrix_homeserver_implementation + '.service'] - + - (['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else []) + ([devture_postgres_identifier ~ '.service'] if (devture_postgres_enabled and matrix_mautrix_facebook_database_hostname == devture_postgres_connection_hostname) else []) + }} + +matrix_sms_bridge_container_network: "{{ matrix_addons_container_network }}" + +matrix_sms_bridge_container_additional_networks_auto: |- + {{ + ([] if matrix_addons_homeserver_container_network == '' else [matrix_addons_homeserver_container_network]) }} matrix_sms_bridge_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'sms.as.token', rounds=655555) | to_uuid }}" -matrix_sms_bridge_homeserver_port: "{{ matrix_synapse_container_client_api_port }}" +matrix_sms_bridge_homeserver_hostname: "{{ (matrix_homeserver_container_client_api_endpoint | split(':'))[0] }}" +matrix_sms_bridge_homeserver_port: "{{ (matrix_homeserver_container_client_api_endpoint | split(':'))[1] }}" matrix_sms_bridge_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'sms.hs.token', rounds=655555) | to_uuid }}" ###################################################################### diff --git a/roles/custom/matrix-bridge-sms/defaults/main.yml b/roles/custom/matrix-bridge-sms/defaults/main.yml index 376a46504..b67bd5467 100644 --- a/roles/custom/matrix-bridge-sms/defaults/main.yml +++ b/roles/custom/matrix-bridge-sms/defaults/main.yml @@ -17,17 +17,26 @@ matrix_sms_bridge_homeserver_token: '' matrix_sms_bridge_container_http_host_bind_port: '' +matrix_sms_bridge_container_network: "" + +matrix_sms_bridge_container_additional_networks: "{{ matrix_sms_bridge_container_additional_networks_auto + matrix_sms_bridge_container_additional_networks_custom }}" +matrix_sms_bridge_container_additional_networks_auto: [] +matrix_sms_bridge_container_additional_networks_custom: [] + # A list of extra arguments to pass to the container matrix_sms_bridge_container_extra_arguments: [] # List of systemd services that service depends on. -matrix_sms_bridge_systemd_required_services_list: ['docker.service'] +matrix_sms_bridge_systemd_required_services_list: "{{ matrix_sms_bridge_systemd_required_services_list_default + matrix_sms_bridge_systemd_required_services_list_auto + matrix_sms_bridge_systemd_required_services_list_custom }}" +matrix_sms_bridge_systemd_required_services_list_default: ['docker.service'] +matrix_sms_bridge_systemd_required_services_list_auto: [] +matrix_sms_bridge_systemd_required_services_list_custom: [] # List of systemd services that service wants matrix_sms_bridge_systemd_wanted_services_list: [] matrix_sms_bridge_appservice_url: 'http://matrix-sms-bridge:8080' -matrix_sms_bridge_homeserver_hostname: 'matrix-synapse' +matrix_sms_bridge_homeserver_hostname: '' matrix_sms_bridge_homeserver_port: "" matrix_sms_bridge_homserver_domain: "{{ matrix_domain }}" diff --git a/roles/custom/matrix-bridge-sms/tasks/setup_install.yml b/roles/custom/matrix-bridge-sms/tasks/setup_install.yml index b3d78a342..95ea5b3d4 100644 --- a/roles/custom/matrix-bridge-sms/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-sms/tasks/setup_install.yml @@ -46,6 +46,11 @@ group: "{{ matrix_user_groupname }}" when: matrix_sms_bridge_provider_android_truststore_local_path != "" +- name: Ensure matrix-sms-bridge container network is created + community.general.docker_network: + name: "{{ matrix_sms_bridge_container_network }}" + driver: bridge + - name: Ensure matrix-sms-bridge.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-sms-bridge.service.j2" diff --git a/roles/custom/matrix-bridge-sms/tasks/validate_config.yml b/roles/custom/matrix-bridge-sms/tasks/validate_config.yml index fa7dcfbdd..474e2526c 100644 --- a/roles/custom/matrix-bridge-sms/tasks/validate_config.yml +++ b/roles/custom/matrix-bridge-sms/tasks/validate_config.yml @@ -1,12 +1,13 @@ --- -- name: Fail if required settings not defined +- name: Fail if required matrix-bridge-sms settings not defined ansible.builtin.fail: msg: >- You need to define a required configuration setting (`{{ item }}`). when: "vars[item] == ''" with_items: - "matrix_sms_bridge_appservice_token" + - "matrix_sms_bridge_homeserver_hostname" - "matrix_sms_bridge_homeserver_port" - "matrix_sms_bridge_homeserver_token" - "matrix_sms_bridge_default_region" @@ -14,3 +15,4 @@ - "matrix_sms_bridge_provider_android_baseurl" - "matrix_sms_bridge_provider_android_username" - "matrix_sms_bridge_provider_android_password" + - "matrix_sms_bridge_container_network" diff --git a/roles/custom/matrix-bridge-sms/templates/systemd/matrix-sms-bridge.service.j2 b/roles/custom/matrix-bridge-sms/templates/systemd/matrix-sms-bridge.service.j2 index 2645d39c1..a5c3f8c44 100644 --- a/roles/custom/matrix-bridge-sms/templates/systemd/matrix-sms-bridge.service.j2 +++ b/roles/custom/matrix-bridge-sms/templates/systemd/matrix-sms-bridge.service.j2 @@ -13,30 +13,38 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-/usr/bin/docker kill matrix-sms-bridge -ExecStartPre=-/usr/bin/docker rm matrix-sms-bridge +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-sms-bridge 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-sms-bridge 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. -ExecStartPre=/bin/sleep 5 +ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart=/usr/bin/docker run --rm --name matrix-sms-bridge \ +ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \ + --rm \ + --name=matrix-sms-bridge \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ - --network={{ matrix_docker_network }} \ + --network={{ matrix_sms_bridge_container_network }} \ {% if matrix_sms_bridge_container_http_host_bind_port %} -p {{ matrix_sms_bridge_container_http_host_bind_port }}:8080 \ {% endif %} - -v {{ matrix_sms_bridge_config_path }}:/config:z \ - -v {{ matrix_sms_bridge_data_path }}:/data:z \ + --mount type=bind,src={{ matrix_sms_bridge_config_path }},dst=/config \ + --mount type=bind,src={{ matrix_sms_bridge_data_path }},dst=/data \ --env SPRING_CONFIG_ADDITIONAL_LOCATION=/config/application.yml \ {% for arg in matrix_sms_bridge_container_extra_arguments %} {{ arg }} \ {% endfor %} {{ matrix_sms_bridge_docker_image }} -ExecStop=-/usr/bin/docker kill matrix-sms-bridge -ExecStop=-/usr/bin/docker rm matrix-sms-bridge +{% for network in matrix_sms_bridge_container_additional_networks %} +ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-sms-bridge +{% endfor %} + +ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-sms-bridge + +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-sms-bridge 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-sms-bridge 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-sms-bridge