From 87c8c29c47c45b88c2b2386d7c78e7439604776a Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sun, 7 Jan 2024 09:33:37 +0200 Subject: [PATCH] Move matrix-bot-matrix-registration-bot to its own container network --- group_vars/matrix_servers | 18 ++++++++++-------- .../defaults/main.yml | 11 ++++++++++- ...trix-bot-matrix-registration-bot.service.j2 | 12 ++++++++++-- 3 files changed, 30 insertions(+), 11 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index eec17c2da..434c8d604 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1798,17 +1798,19 @@ matrix_bot_matrix_reminder_bot_matrix_homeserver_url: "{{ matrix_addons_homeserv # We don't enable bots by default. matrix_bot_matrix_registration_bot_enabled: false -matrix_bot_matrix_registration_bot_container_image_self_build: "{{ matrix_architecture not in ['amd64'] }}" - -matrix_bot_matrix_registration_bot_systemd_required_services_list: | +matrix_bot_matrix_registration_bot_systemd_required_services_list_auto: | {{ - ['docker.service'] - + - ['matrix-' + matrix_homeserver_implementation + '.service'] - + - (['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else []) + matrix_addons_homeserver_systemd_services_list }} +matrix_bot_matrix_registration_bot_container_image_self_build: "{{ matrix_architecture not in ['amd64'] }}" + +matrix_bot_matrix_registration_bot_container_network: "{{ matrix_addons_container_network }}" + +matrix_bot_matrix_registration_bot_container_additional_networks_auto: |- + {{ + ([] if matrix_addons_homeserver_container_network == '' else [matrix_addons_homeserver_container_network]) + }} ###################################################################### # diff --git a/roles/custom/matrix-bot-matrix-registration-bot/defaults/main.yml b/roles/custom/matrix-bot-matrix-registration-bot/defaults/main.yml index 512306e95..1e2864e7f 100644 --- a/roles/custom/matrix-bot-matrix-registration-bot/defaults/main.yml +++ b/roles/custom/matrix-bot-matrix-registration-bot/defaults/main.yml @@ -35,11 +35,20 @@ matrix_bot_matrix_registration_bot_device_id: "matrix-docker-ansible-deploy" matrix_bot_matrix_registration_bot_logging_level: info matrix_bot_matrix_registration_environment_variables_extension: '' +matrix_bot_matrix_registration_bot_container_network: "" + +matrix_bot_matrix_registration_bot_container_additional_networks: "{{ matrix_bot_matrix_registration_bot_container_additional_networks_auto + matrix_bot_matrix_registration_bot_container_additional_networks_custom }}" +matrix_bot_matrix_registration_bot_container_additional_networks_auto: [] +matrix_bot_matrix_registration_bot_container_additional_networks_custom: [] + # A list of extra arguments to pass to the container matrix_bot_matrix_registration_bot_container_extra_arguments: [] # List of systemd services that matrix-bot-matrix-registration-bot.service depends on -matrix_bot_matrix_registration_bot_systemd_required_services_list: ['docker.service'] +matrix_bot_matrix_registration_bot_systemd_required_services_list: "{{ matrix_bot_matrix_registration_bot_systemd_required_services_list_default + matrix_bot_matrix_registration_bot_systemd_required_services_list_auto + matrix_bot_matrix_registration_bot_systemd_required_services_list_custom }}" +matrix_bot_matrix_registration_bot_systemd_required_services_list_default: ['docker.service'] +matrix_bot_matrix_registration_bot_systemd_required_services_list_auto: [] +matrix_bot_matrix_registration_bot_systemd_required_services_list_custom: [] # List of systemd services that matrix-bot-matrix-registration-bot.service wants matrix_bot_matrix_registration_bot_systemd_wanted_services_list: [] diff --git a/roles/custom/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 b/roles/custom/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 index b23595169..a48c4f045 100644 --- a/roles/custom/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 +++ b/roles/custom/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 @@ -16,7 +16,9 @@ Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-bot-matrix-registration-bot 2>/dev/null || true' ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-matrix-registration-bot 2>/dev/null || true' -ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-bot-matrix-registration-bot \ +ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \ + --rm \ + --name=matrix-bot-matrix-registration-bot \ --log-driver=none \ --cap-drop=ALL \ -e "CONFIG_PATH=/config/config.yml" \ @@ -24,9 +26,15 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name --read-only \ --mount type=bind,src={{ matrix_bot_matrix_registration_bot_config_path }},dst=/config,ro \ --mount type=bind,src={{ matrix_bot_matrix_registration_bot_data_path }},dst=/data \ - --network={{ matrix_docker_network }} \ + --network={{ matrix_bot_matrix_registration_bot_container_network }} \ {{ matrix_bot_matrix_registration_bot_docker_image }} +{% for network in matrix_bot_matrix_registration_bot_container_additional_networks %} +ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-bot-matrix-registration-bot +{% endfor %} + +ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-bot-matrix-registration-bot + ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-bot-matrix-registration-bot 2>/dev/null || true' ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-matrix-registration-bot 2>/dev/null || true' Restart=always