diff --git a/docs/self-building.md b/docs/self-building.md index 3fe826da1..affe23860 100644 --- a/docs/self-building.md +++ b/docs/self-building.md @@ -21,7 +21,7 @@ Possibly outdated list of roles where self-building the Docker image is currentl - `matrix-corporal` - `matrix-dimension` - `matrix-ma1sd` -- `matrix-mailer` +- `exim-relay` - `matrix-bridge-hookshot` - `matrix-bridge-appservice-irc` - `matrix-bridge-appservice-slack` diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 7a6f01fed..8ba2c309f 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -2739,8 +2739,6 @@ exim_relay_base_path: "{{ matrix_base_data_path }}/exim-relay" exim_relay_uid: "{{ matrix_user_uid }}" exim_relay_gid: "{{ matrix_user_gid }}" -exim_relay_container_network: "{{ matrix_docker_network }}" - exim_relay_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm32', 'arm64'] }}" exim_relay_hostname: "{{ matrix_server_fqn_matrix }}" @@ -2778,6 +2776,12 @@ matrix_ma1sd_container_image_self_build: "{{ matrix_architecture != 'amd64' }}" # ma1sd's web-server port. matrix_ma1sd_container_http_host_bind_port: "{{ (matrix_playbook_service_host_bind_interface_prefix ~ '' ~ matrix_ma1sd_container_port | string) if matrix_playbook_service_host_bind_interface_prefix else '' }}" +matrix_ma1sd_container_additional_networks: | + {{ + ( + ([exim_relay_container_network] if (exim_relay_enabled and matrix_ma1sd_threepid_medium_email_connectors_smtp_host == exim_relay_identifier and matrix_ma1sd_container_network != exim_relay_container_network) else []) + ) | unique + }} # We enable Synapse integration via its Postgres database by default. # When using another Identity store, you might wish to disable this and define @@ -2792,26 +2796,24 @@ matrix_ma1sd_dns_overwrite_homeserver_client_name: "{{ matrix_server_fqn_matrix # but may be inaccurate if matrix-corporal is enabled. matrix_ma1sd_dns_overwrite_homeserver_client_value: "{{ matrix_homeserver_container_url }}" -# By default, we send mail through the `matrix-mailer` service. +# By default, we send mail through the exim relay service. matrix_ma1sd_threepid_medium_email_identity_from: "{{ exim_relay_sender_address }}" -matrix_ma1sd_threepid_medium_email_connectors_smtp_host: "matrix-mailer" +matrix_ma1sd_threepid_medium_email_connectors_smtp_host: "{{ exim_relay_identifier }}" matrix_ma1sd_threepid_medium_email_connectors_smtp_port: 8025 matrix_ma1sd_threepid_medium_email_connectors_smtp_tls: 0 matrix_ma1sd_self_check_validate_certificates: "{{ false if matrix_playbook_ssl_retrieval_method == 'self-signed' else true }}" -matrix_ma1sd_systemd_required_services_list: | +matrix_ma1sd_systemd_required_services_list_auto: | {{ - ([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled else []) + ([devture_postgres_identifier ~ '.service'] if (devture_postgres_enabled and matrix_ma1sd_database_hostname == devture_postgres_connection_hostname) else []) }} -matrix_ma1sd_systemd_wanted_services_list: | +matrix_ma1sd_systemd_wanted_services_list_auto: | {{ (['matrix-corporal.service'] if matrix_corporal_enabled else ['matrix-' + matrix_homeserver_implementation + '.service']) + - ([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled else []) - + - ([exim_relay_identifier ~ '.service'] if exim_relay_enabled else []) + ([exim_relay_identifier ~ '.service'] if (exim_relay_enabled and matrix_ma1sd_threepid_medium_email_connectors_smtp_host == exim_relay_identifier) else []) }} # Postgres is the default, except if not using internal Postgres server @@ -3800,7 +3802,9 @@ matrix_synapse_container_additional_networks: | ([devture_postgres_container_network] if (devture_postgres_enabled and devture_postgres_container_network != matrix_synapse_container_network and matrix_synapse_database_host == devture_postgres_connection_hostname) else []) + ([redis_container_network] if matrix_synapse_redis_enabled and matrix_synapse_redis_host == redis_identifier else []) - ) + + + ([exim_relay_container_network] if (exim_relay_enabled and matrix_synapse_email_enabled and matrix_synapse_email_smtp_host == exim_relay_identifier and matrix_synapse_container_network != exim_relay_container_network) else []) + ) | unique }} matrix_synapse_container_labels_traefik_enabled: "{{ matrix_playbook_reverse_proxy_type in ['playbook-managed-traefik', 'other-traefik-container'] and not matrix_synapse_workers_enabled }}" diff --git a/requirements.yml b/requirements.yml index 4ff9f8350..76518b5c3 100644 --- a/requirements.yml +++ b/requirements.yml @@ -19,7 +19,7 @@ version: v1.9.6-0 name: etherpad - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-exim-relay.git - version: v4.97-r0-0-0 + version: v4.97-r0-0-1 name: exim_relay - src: git+https://gitlab.com/etke.cc/roles/grafana.git version: v10.2.3-0 diff --git a/roles/custom/matrix-ma1sd/defaults/main.yml b/roles/custom/matrix-ma1sd/defaults/main.yml index cbea37c43..2c692aa76 100644 --- a/roles/custom/matrix-ma1sd/defaults/main.yml +++ b/roles/custom/matrix-ma1sd/defaults/main.yml @@ -31,10 +31,19 @@ matrix_ma1sd_container_http_host_bind_port: '' matrix_ma1sd_container_extra_arguments: [] # List of systemd services that matrix-ma1sd.service depends on -matrix_ma1sd_systemd_required_services_list: ['docker.service'] +matrix_ma1sd_systemd_required_services_list: "{{ matrix_ma1sd_systemd_required_services_list_default + matrix_ma1sd_systemd_required_services_list_auto + matrix_ma1sd_systemd_required_services_list_custom }}" +matrix_ma1sd_systemd_required_services_list_default: ['docker.service'] +matrix_ma1sd_systemd_required_services_list_auto: [] +matrix_ma1sd_systemd_required_services_list_custom: [] # List of systemd services that matrix-ma1sd.service wants -matrix_ma1sd_systemd_wanted_services_list: [] +matrix_ma1sd_systemd_wanted_services_list: "{{ matrix_ma1sd_systemd_wanted_services_list_default + matrix_ma1sd_systemd_wanted_services_list_auto + matrix_ma1sd_systemd_wanted_services_list_custom }}" +matrix_ma1sd_systemd_wanted_services_list_default: [] +matrix_ma1sd_systemd_wanted_services_list_auto: [] +matrix_ma1sd_systemd_wanted_services_list_custom: [] + +# The base container network. It will be auto-created by this role if it doesn't exist already. +matrix_ma1sd_container_network: "{{ matrix_docker_network }}" # A list of additional container networks that matrix-ma1sd would be connected to. # The playbook does not create these networks, so make sure they already exist. diff --git a/roles/custom/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 b/roles/custom/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 index 26e326e72..b5b381f89 100644 --- a/roles/custom/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 +++ b/roles/custom/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 @@ -26,7 +26,7 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \ --cap-drop=ALL \ --read-only \ --tmpfs=/tmp:rw,exec,nosuid,size=10m \ - --network={{ matrix_docker_network }} \ + --network={{ matrix_ma1sd_container_network }} \ {% if matrix_ma1sd_container_http_host_bind_port %} -p {{ matrix_ma1sd_container_http_host_bind_port }}:{{ matrix_ma1sd_container_port }} \ {% endif %}