Merge branch 'master' into bye-bye-nginx-proxy

2025-11-04 00:58:56 +01:00 · 2024-01-05 18:12:44 +02:00
parent 377fce5855 d116d863e6
commit b122c7092a
5 changed files with 29 additions and 16 deletions
--- a/docs/self-building.md
+++ b/docs/self-building.md
@@ -21,7 +21,7 @@ Possibly outdated list of roles where self-building the Docker image is currentl
 - `matrix-corporal`
 - `matrix-dimension`
 - `matrix-ma1sd`
- `matrix-mailer`
+- `exim-relay`
 - `matrix-bridge-hookshot`
 - `matrix-bridge-appservice-irc`
 - `matrix-bridge-appservice-slack`
--- a/group_vars/matrix_servers
+++ b/group_vars/matrix_servers
@@ -2739,8 +2739,6 @@ exim_relay_base_path: "{{ matrix_base_data_path }}/exim-relay"
 exim_relay_uid: "{{ matrix_user_uid }}"
 exim_relay_gid: "{{ matrix_user_gid }}"

-exim_relay_container_network: "{{ matrix_docker_network }}"
-
 exim_relay_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm32', 'arm64'] }}"

 exim_relay_hostname: "{{ matrix_server_fqn_matrix }}"
@@ -2778,6 +2776,12 @@ matrix_ma1sd_container_image_self_build: "{{ matrix_architecture != 'amd64' }}"
 # ma1sd's web-server port.
 matrix_ma1sd_container_http_host_bind_port: "{{ (matrix_playbook_service_host_bind_interface_prefix ~ '' ~ matrix_ma1sd_container_port | string) if matrix_playbook_service_host_bind_interface_prefix else '' }}"

+matrix_ma1sd_container_additional_networks: |
+ {{
+  (
+    ([exim_relay_container_network] if (exim_relay_enabled and matrix_ma1sd_threepid_medium_email_connectors_smtp_host == exim_relay_identifier and matrix_ma1sd_container_network != exim_relay_container_network) else [])
+  ) | unique
+ }}

 # We enable Synapse integration via its Postgres database by default.
 # When using another Identity store, you might wish to disable this and define
@@ -2792,26 +2796,24 @@ matrix_ma1sd_dns_overwrite_homeserver_client_name: "{{ matrix_server_fqn_matrix
 # but may be inaccurate if matrix-corporal is enabled.
 matrix_ma1sd_dns_overwrite_homeserver_client_value: "{{ matrix_homeserver_container_url }}"

-# By default, we send mail through the `matrix-mailer` service.
+# By default, we send mail through the exim relay service.
 matrix_ma1sd_threepid_medium_email_identity_from: "{{ exim_relay_sender_address }}"
-matrix_ma1sd_threepid_medium_email_connectors_smtp_host: "matrix-mailer"
+matrix_ma1sd_threepid_medium_email_connectors_smtp_host: "{{ exim_relay_identifier }}"
 matrix_ma1sd_threepid_medium_email_connectors_smtp_port: 8025
 matrix_ma1sd_threepid_medium_email_connectors_smtp_tls: 0

 matrix_ma1sd_self_check_validate_certificates: "{{ false if matrix_playbook_ssl_retrieval_method == 'self-signed' else true }}"

-matrix_ma1sd_systemd_required_services_list: |
+matrix_ma1sd_systemd_required_services_list_auto: |
  {{
-    ([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled else [])
+    ([devture_postgres_identifier ~ '.service'] if (devture_postgres_enabled and matrix_ma1sd_database_hostname == devture_postgres_connection_hostname) else [])
  }}

-matrix_ma1sd_systemd_wanted_services_list: |
+matrix_ma1sd_systemd_wanted_services_list_auto: |
  {{
    (['matrix-corporal.service'] if matrix_corporal_enabled else ['matrix-' + matrix_homeserver_implementation + '.service'])
    +
-    ([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled else [])
-    +
-    ([exim_relay_identifier ~ '.service'] if exim_relay_enabled else [])
+    ([exim_relay_identifier ~ '.service'] if (exim_relay_enabled and matrix_ma1sd_threepid_medium_email_connectors_smtp_host == exim_relay_identifier) else [])
  }}

 # Postgres is the default, except if not using internal Postgres server
@@ -3800,7 +3802,9 @@ matrix_synapse_container_additional_networks: |
      ([devture_postgres_container_network] if (devture_postgres_enabled and devture_postgres_container_network != matrix_synapse_container_network and matrix_synapse_database_host == devture_postgres_connection_hostname) else [])
      +
      ([redis_container_network] if matrix_synapse_redis_enabled and matrix_synapse_redis_host == redis_identifier else [])
-    )
+      +
+      ([exim_relay_container_network] if (exim_relay_enabled and matrix_synapse_email_enabled and matrix_synapse_email_smtp_host == exim_relay_identifier and matrix_synapse_container_network != exim_relay_container_network) else [])
+    ) | unique
  }}

 matrix_synapse_container_labels_traefik_enabled: "{{ matrix_playbook_reverse_proxy_type in ['playbook-managed-traefik', 'other-traefik-container'] and not matrix_synapse_workers_enabled }}"
--- a/requirements.yml
+++ b/requirements.yml
@@ -19,7 +19,7 @@
  version: v1.9.6-0
  name: etherpad
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-exim-relay.git
-  version: v4.97-r0-0-0
+  version: v4.97-r0-0-1
  name: exim_relay
 - src: git+https://gitlab.com/etke.cc/roles/grafana.git
  version: v10.2.3-0
--- a/roles/custom/matrix-ma1sd/defaults/main.yml
+++ b/roles/custom/matrix-ma1sd/defaults/main.yml
@@ -31,10 +31,19 @@ matrix_ma1sd_container_http_host_bind_port: ''
 matrix_ma1sd_container_extra_arguments: []

 # List of systemd services that matrix-ma1sd.service depends on
-matrix_ma1sd_systemd_required_services_list: ['docker.service']
+matrix_ma1sd_systemd_required_services_list: "{{ matrix_ma1sd_systemd_required_services_list_default + matrix_ma1sd_systemd_required_services_list_auto + matrix_ma1sd_systemd_required_services_list_custom }}"
+matrix_ma1sd_systemd_required_services_list_default: ['docker.service']
+matrix_ma1sd_systemd_required_services_list_auto: []
+matrix_ma1sd_systemd_required_services_list_custom: []

 # List of systemd services that matrix-ma1sd.service wants
-matrix_ma1sd_systemd_wanted_services_list: []
+matrix_ma1sd_systemd_wanted_services_list: "{{ matrix_ma1sd_systemd_wanted_services_list_default + matrix_ma1sd_systemd_wanted_services_list_auto + matrix_ma1sd_systemd_wanted_services_list_custom }}"
+matrix_ma1sd_systemd_wanted_services_list_default: []
+matrix_ma1sd_systemd_wanted_services_list_auto: []
+matrix_ma1sd_systemd_wanted_services_list_custom: []
+
+# The base container network. It will be auto-created by this role if it doesn't exist already.
+matrix_ma1sd_container_network: "{{ matrix_docker_network }}"

 # A list of additional container networks that matrix-ma1sd would be connected to.
 # The playbook does not create these networks, so make sure they already exist.
--- a/roles/custom/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2
+++ b/roles/custom/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2
@@ -26,7 +26,7 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			--cap-drop=ALL \
 			--read-only \
 			--tmpfs=/tmp:rw,exec,nosuid,size=10m \
-			--network={{ matrix_docker_network }} \
+			--network={{ matrix_ma1sd_container_network }} \
 			{% if matrix_ma1sd_container_http_host_bind_port %}
 			-p {{ matrix_ma1sd_container_http_host_bind_port }}:{{ matrix_ma1sd_container_port }} \
 			{% endif %}