mirror/matrix-docker-ansible-deploy
1
0
Fork 0
mirror of https://github.com/spantaleev/matrix-docker-ansible-deploy.git synced 2025-06-26 19:27:52 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' into feature/dendrite

Browse Source
This commit is contained in:
Slavi Pantaleev
2021-12-17 16:41:11 +02:00
parent 8f4685f055 60592fd6a8
commit be2118d099
170 changed files with 1291 additions and 663 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
roles/matrix-awx/scripts/matrix_build_room_list.py
View File

@ -5,10 +5,11 @@ import json
janitor_token = sys.argv[1]
synapse_container_ip = sys.argv[2]
synapse_container_port = sys.argv[3]
# collect total amount of rooms
rooms_raw_url = 'http://' + synapse_container_ip + ':8008/_synapse/admin/v1/rooms'
rooms_raw_url = 'http://' + synapse_container_ip + ':' + synapse_container_port + '/_synapse/admin/v1/rooms'
rooms_raw_header = {'Authorization': 'Bearer ' + janitor_token}
rooms_raw = requests.get(rooms_raw_url, headers=rooms_raw_header)
rooms_raw_python = json.loads(rooms_raw.text)
@ -19,7 +20,7 @@ total_rooms = rooms_raw_python["total_rooms"]
room_list_file = open("/tmp/room_list_complete.json", "w")
for i in range(0, total_rooms, 100):
rooms_inc_url = 'http://' + synapse_container_ip + ':8008/_synapse/admin/v1/rooms?from=' + str(i)
rooms_inc_url = 'http://' + synapse_container_ip + ':' + synapse_container_port + '/_synapse/admin/v1/rooms?from=' + str(i)
rooms_inc = requests.get(rooms_inc_url, headers=rooms_raw_header)
room_list_file.write(rooms_inc.text)

2
roles/matrix-awx/surveys/bridge_discord_appservice.json.j2
View File

@ -15,7 +15,7 @@
"type": "multiplechoice"
},
{
"question_name": "Discord Client ID",
"question_name": "Discord OAuth2 Client ID",
"question_description": "The OAuth2 'CLIENT ID' which can be found in the 'OAuth2' tab of your new discord application: https://discord.com/developers/applications",
"required": true,
"min": 0,

11
roles/matrix-awx/tasks/purge_database_build_list.yml
View File

@ -1,11 +0,0 @@
---
- name: Collect entire room list into stdout
shell: |
curl -X GET --header "Authorization: Bearer {{ janitors_token.stdout[1:-1] }}" '{{ synapse_container_ip.stdout }}:8008/_synapse/admin/v1/rooms?from={{ item }}'
register: awx_rooms_output
- name: Print stdout to file
delegate_to: 127.0.0.1
shell: |
echo '{{ awx_rooms_output.stdout }}' >> /tmp/{{ subscription_id }}_room_list_complete.json

4
roles/matrix-awx/tasks/purge_database_events.yml
View File

@ -2,11 +2,11 @@
- name: Purge all rooms with more then N events
shell: |
curl --header "Authorization: Bearer {{ awx_janitors_token.stdout[1:-1] }}" -X POST -H "Content-Type: application/json" -d '{ "delete_local_events": false, "purge_up_to_ts": {{ awx_purge_epoche_time.stdout }}000 }' "{{ awx_synapse_container_ip.stdout }}:8008/_synapse/admin/v1/purge_history/{{ item[1:-1] }}"
curl --header "Authorization: Bearer {{ awx_janitors_token.stdout[1:-1] }}" -X POST -H "Content-Type: application/json" -d '{ "delete_local_events": false, "purge_up_to_ts": {{ awx_purge_epoche_time.stdout }}000 }' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_synapse/admin/v1/purge_history/{{ item[1:-1] }}"
register: awx_purge_command
- name: Print output of purge command
debug:
debug:
msg: "{{ awx_purge_command.stdout }}"
- name: Pause for 5 seconds to let Synapse breathe

20
roles/matrix-awx/tasks/purge_database_main.yml
View File

@ -29,9 +29,9 @@
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
register: awx_synapse_container_ip
- name: Collect access token for janitor user
- name: Collect access token for @_janitor user
shell: |
curl -X POST -d '{"type":"m.login.password", "user":"janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:8008/_matrix/client/r0/login" | jq '.access_token'
curl -X POST -d '{"type":"m.login.password", "user":"_janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_matrix/client/r0/login" | jq '.access_token'
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
register: awx_janitors_token
no_log: True
@ -47,7 +47,7 @@
- name: Run build_room_list.py script
shell: |
runuser -u matrix -- python3 /usr/local/bin/matrix_build_room_list.py {{ awx_janitors_token.stdout[1:-1] }} {{ awx_synapse_container_ip.stdout }}
runuser -u matrix -- python3 /usr/local/bin/matrix_build_room_list.py {{ awx_janitors_token.stdout[1:-1] }} {{ awx_synapse_container_ip.stdout }} {{ matrix_synapse_container_client_api_port.stdout }}
register: awx_rooms_total
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
@ -69,7 +69,7 @@
shell: |
jq 'try .rooms[] | select(.joined_local_members == 0) | .room_id' < /tmp/{{ subscription_id }}_room_list_complete.json > /tmp/{{ subscription_id }}_room_list_no_local_users.txt
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
- name: Count number of rooms with no local users
delegate_to: 127.0.0.1
shell: |
@ -84,7 +84,7 @@
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
- name: Purge all rooms with no local users
include_tasks: purge_database_no_local.yml
include_tasks: purge_database_no_local.yml
loop: "{{ awx_room_list_no_local_users.splitlines() | flatten(levels=1) }}"
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
@ -116,7 +116,7 @@
no_log: True
- name: Purge all rooms with more then N users
include_tasks: purge_database_users.yml
include_tasks: purge_database_users.yml
loop: "{{ awx_room_list_joined_members.splitlines() | flatten(levels=1) }}"
when: awx_purge_mode.find("Number of users [slower]") != -1
@ -141,7 +141,7 @@
no_log: True
- name: Purge all rooms with more then N events
include_tasks: purge_database_events.yml
include_tasks: purge_database_events.yml
loop: "{{ awx_room_list_state_events.splitlines() | flatten(levels=1) }}"
when: awx_purge_mode.find("Number of events [slower]") != -1
@ -171,7 +171,7 @@
wait: yes
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes
validate_certs: yes
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1)
- name: Revert 'Deploy/Update a Server' job template
@ -237,7 +237,7 @@
wait: yes
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes
validate_certs: yes
when: (awx_purge_mode.find("Perform final shrink") != -1)
- name: Revert 'Deploy/Update a Server' job template
@ -272,7 +272,7 @@
when: (awx_purge_mode.find("Perform final shrink") != -1)
no_log: True
- name: Print total number of rooms processed
- name: Print total number of rooms processed
debug:
msg: '{{ awx_rooms_total.stdout }}'
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)

6
roles/matrix-awx/tasks/purge_database_no_local.yml
View File

@ -2,11 +2,11 @@
- name: Purge all rooms with no local users
shell: |
curl --header "Authorization: Bearer {{ awx_janitors_token.stdout[1:-1] }}" -X POST -H "Content-Type: application/json" -d '{ "room_id": {{ item }} }' '{{ awx_synapse_container_ip.stdout }}:8008/_synapse/admin/v1/purge_room'
curl --header "Authorization: Bearer {{ awx_janitors_token.stdout[1:-1] }}" -X POST -H "Content-Type: application/json" -d '{ "room_id": {{ item }} }' '{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_synapse/admin/v1/purge_room'
register: awx_purge_command
- name: Print output of purge command
debug:
debug:
msg: "{{ awx_purge_command.stdout }}"
- name: Pause for 5 seconds to let Synapse breathe

6
roles/matrix-awx/tasks/purge_database_users.yml
View File

@ -2,11 +2,11 @@
- name: Purge all rooms with more then N users
shell: |
curl --header "Authorization: Bearer {{ awx_janitors_token.stdout[1:-1] }}" -X POST -H "Content-Type: application/json" -d '{ "delete_local_events": false, "purge_up_to_ts": {{ awx_purge_epoche_time.stdout }}000 }' "{{ awx_synapse_container_ip.stdout }}:8008/_synapse/admin/v1/purge_history/{{ item[1:-1] }}"
curl --header "Authorization: Bearer {{ awx_janitors_token.stdout[1:-1] }}" -X POST -H "Content-Type: application/json" -d '{ "delete_local_events": false, "purge_up_to_ts": {{ awx_purge_epoche_time.stdout }}000 }' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_synapse/admin/v1/purge_history/{{ item[1:-1] }}"
register: awx_purge_command
- name: Print output of purge command
debug:
debug:
msg: "{{ awx_purge_command.stdout }}"
- name: Pause for 5 seconds to let Synapse breathe

6
roles/matrix-awx/tasks/purge_media_local.yml
View File

@ -7,11 +7,11 @@
- name: Purge local media to specific date
shell: |
curl -X POST --header "Authorization: Bearer {{ awx_janitors_token.stdout[1:-1] }}" '{{ awx_synapse_container_ip.stdout }}:8008/_synapse/admin/v1/media/matrix.{{ matrix_domain }}/delete?before_ts={{ awx_epoche_time.stdout }}000'
curl -X POST --header "Authorization: Bearer {{ awx_janitors_token.stdout[1:-1] }}" '{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_synapse/admin/v1/media/matrix.{{ matrix_domain }}/delete?before_ts={{ awx_epoche_time.stdout }}000'
register: awx_purge_command
- name: Print output of purge command
debug:
debug:
msg: "{{ awx_purge_command.stdout }}"
- name: Pause for 5 seconds to let Synapse breathe

16
roles/matrix-awx/tasks/purge_media_main.yml
View File

@ -9,7 +9,7 @@
include_vars:
file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
no_log: True
- name: Ensure curl and jq intalled on target machine
apt:
pkg:
@ -21,21 +21,22 @@
shell: "/usr/bin/docker inspect --format '{''{range.NetworkSettings.Networks}''}{''{.IPAddress}''}{''{end}''}' matrix-synapse"
register: awx_synapse_container_ip
- name: Collect access token for janitor user
- name: Collect access token for @_janitor user
shell: |
curl -XPOST -d '{"type":"m.login.password", "user":"janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:8008/_matrix/client/r0/login" | jq '.access_token'
curl -XPOST -d '{"type":"m.login.password", "user":"_janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_matrix/client/r0/login" | jq '.access_token'
register: awx_janitors_token
no_log: True
- name: Generate list of dates to purge to
delegate_to: 127.0.0.1
shell: "dateseq {{ matrix_purge_from_date }} {{ matrix_purge_to_date }}"
shell: "dateseq {{ awx_purge_from_date }} {{ awx_purge_to_date }}"
register: awx_purge_dates
- name: Calculate initial size of local media repository
shell: du -sh /matrix/synapse/storage/media-store/local*
register: awx_local_media_size_before
when: awx_purge_media_type == "Local Media"
async: 600
ignore_errors: yes
no_log: True
@ -43,16 +44,17 @@
shell: du -sh /matrix/synapse/storage/media-store/remote*
register: awx_remote_media_size_before
when: awx_purge_media_type == "Remote Media"
async: 600
ignore_errors: yes
no_log: True
- name: Purge local media with loop
include_tasks: purge_media_local.yml
include_tasks: purge_media_local.yml
loop: "{{ awx_purge_dates.stdout_lines | flatten(levels=1) }}"
when: awx_purge_media_type == "Local Media"
- name: Purge remote media with loop
include_tasks: purge_media_remote.yml
include_tasks: purge_media_remote.yml
loop: "{{ awx_purge_dates.stdout_lines | flatten(levels=1) }}"
when: awx_purge_media_type == "Remote Media"

6
roles/matrix-awx/tasks/purge_media_remote.yml
View File

@ -7,11 +7,11 @@
- name: Purge remote media to specific date
shell: |
curl -X POST --header "Authorization: Bearer {{ awx_janitors_token.stdout[1:-1] }}" '{{ awx_synapse_container_ip.stdout }}:8008/_synapse/admin/v1/purge_media_cache?before_ts={{ awx_epoche_time.stdout }}000'
curl -X POST --header "Authorization: Bearer {{ awx_janitors_token.stdout[1:-1] }}" '{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_synapse/admin/v1/purge_media_cache?before_ts={{ awx_epoche_time.stdout }}000'
register: awx_purge_command
- name: Print output of purge command
debug:
debug:
msg: "{{ awx_purge_command.stdout }}"
- name: Pause for 5 seconds to let Synapse breathe

4
roles/matrix-awx/tasks/set_variables_dimension.yml
View File

@ -12,9 +12,9 @@
- curl
state: present
- name: Collect access token of Dimension user
- name: Collect access token of @_dimension user
shell: |
curl -X POST --header 'Content-Type: application/json' -d '{ "identifier": { "type": "m.id.user","user": "dimension" }, "password": "{{ awx_dimension_user_password }}", "type": "m.login.password"}' 'https://matrix.{{ matrix_domain }}/_matrix/client/r0/login' | jq -c '. | {access_token}' | sed 's/.*\":\"//' | sed 's/\"}//'
curl -X POST --header 'Content-Type: application/json' -d '{ "identifier": { "type": "m.id.user","user": "_dimension" }, "password": "{{ awx_dimension_user_password }}", "type": "m.login.password"}' 'https://matrix.{{ matrix_domain }}/_matrix/client/r0/login' | jq -c '. | {access_token}' | sed 's/.*\":\"//' | sed 's/\"}//'
register: awx_dimension_user_access_token
- name: Record Synapse variables locally on AWX

2
roles/matrix-awx/tasks/set_variables_ma1sd.yml
View File

@ -30,7 +30,7 @@
insertafter: '# Synapse Extension Start'
with_dict:
'matrix_synapse_awx_password_provider_rest_auth_enabled': 'true'
'matrix_synapse_awx_password_provider_rest_auth_endpoint': '"http://matrix-ma1sd:8090"'
'matrix_synapse_awx_password_provider_rest_auth_endpoint': '"http://matrix-ma1sd:{{ matrix_ma1sd_container_port }}"'
when: awx_matrix_ma1sd_auth_store == 'LDAP/AD'
- name: Remove entire ma1sd configuration extension

68
roles/matrix-base/defaults/main.yml
View File

@ -91,7 +91,7 @@ matrix_homeserver_url: "https://{{ matrix_server_fqn_matrix }}"
# Specifies where the homeserver is on the container network.
# Where this is depends on whether there's a reverse-proxy in front of it, etc.
# This likely gets overriden elsewhere.
matrix_homeserver_container_url: "http://matrix-synapse:8008"
matrix_homeserver_container_url: ""
matrix_identity_server_url: ~
@ -118,6 +118,72 @@ matrix_client_element_e2ee_secure_backup_required: false
# See: https://github.com/vector-im/element-web/blob/develop/docs/e2ee.md
matrix_client_element_e2ee_secure_backup_setup_methods: []
# Default `/.well-known/matrix/client` configuration - it covers the generic use case.
# You can customize it by controlling the various variables inside the template file that it references.
#
# For a more advanced customization, you can extend the default (see `matrix_well_known_matrix_client_configuration_extension_json`)
# or completely replace this variable with your own template.
#
# The side-effect of this lookup is that Ansible would even parse the JSON for us, returning a dict.
# This is unlike what it does when looking up YAML template files (no automatic parsing there).
matrix_well_known_matrix_client_configuration_default: "{{ lookup('template', 'templates/static-files/well-known/matrix-client.j2') }}"
# Your custom JSON configuration for `/.well-known/matrix/client` should go to `matrix_well_known_matrix_client_configuration_extension_json`.
# This configuration extends the default starting configuration (`matrix_well_known_matrix_client_configuration_default`).
#
# You can override individual variables from the default configuration, or introduce new ones.
#
# If you need something more special, you can take full control by
# completely redefining `matrix_well_known_matrix_client_configuration`.
#
# Example configuration extension follows:
#
# matrix_well_known_matrix_client_configuration_extension_json: |
# {
# "io.element.call_behaviour": {
# "widget_build_url": "https://dimension.example.com/api/v1/dimension/bigbluebutton/widget_state"
# }
# }
matrix_well_known_matrix_client_configuration_extension_json: '{}'
matrix_well_known_matrix_client_configuration_extension: "{{ matrix_well_known_matrix_client_configuration_extension_json|from_json if matrix_well_known_matrix_client_configuration_extension_json|from_json is mapping else {} }}"
# Holds the final `/.well-known/matrix/client` configuration (a combination of the default and its extension).
# You most likely don't need to touch this variable. Instead, see `matrix_well_known_matrix_client_configuration_default` and `matrix_well_known_matrix_client_configuration_extension_json`.
matrix_well_known_matrix_client_configuration: "{{ matrix_well_known_matrix_client_configuration_default|combine(matrix_well_known_matrix_client_configuration_extension, recursive=True) }}"
# Default `/.well-known/matrix/server` configuration - it covers the generic use case.
# You can customize it by controlling the various variables inside the template file that it references.
#
# For a more advanced customization, you can extend the default (see `matrix_well_known_matrix_server_configuration_extension_json`)
# or completely replace this variable with your own template.
#
# The side-effect of this lookup is that Ansible would even parse the JSON for us, returning a dict.
# This is unlike what it does when looking up YAML template files (no automatic parsing there).
matrix_well_known_matrix_server_configuration_default: "{{ lookup('template', 'templates/static-files/well-known/matrix-server.j2') }}"
# Your custom JSON configuration for `/.well-known/matrix/server` should go to `matrix_well_known_matrix_server_configuration_extension_json`.
# This configuration extends the default starting configuration (`matrix_well_known_matrix_server_configuration_default`).
#
# You can override individual variables from the default configuration, or introduce new ones.
#
# If you need something more special, you can take full control by
# completely redefining `matrix_well_known_matrix_server_configuration`.
#
# Example configuration extension follows:
#
# matrix_well_known_matrix_server_configuration_extension_json: |
# {
# "something": "another"
# }
matrix_well_known_matrix_server_configuration_extension_json: '{}'
matrix_well_known_matrix_server_configuration_extension: "{{ matrix_well_known_matrix_server_configuration_extension_json|from_json if matrix_well_known_matrix_server_configuration_extension_json|from_json is mapping else {} }}"
# Holds the final `/.well-known/matrix/server` configuration (a combination of the default and its extension).
# You most likely don't need to touch this variable. Instead, see `matrix_well_known_matrix_server_configuration_default` and `matrix_well_known_matrix_server_configuration_extension_json`.
matrix_well_known_matrix_server_configuration: "{{ matrix_well_known_matrix_server_configuration_default|combine(matrix_well_known_matrix_server_configuration_extension, recursive=True) }}"
# The Docker network that all services would be put into
matrix_docker_network: "matrix"

8
roles/matrix-base/tasks/setup_well_known.yml
View File

@ -13,16 +13,16 @@
- "{{ matrix_static_files_base_path }}/.well-known/matrix"
- name: Ensure Matrix /.well-known/matrix/client file configured
template:
src: "{{ role_path }}/templates/static-files/well-known/matrix-client.j2"
copy:
content: "{{ matrix_well_known_matrix_client_configuration|to_nice_json }}"
dest: "{{ matrix_static_files_base_path }}/.well-known/matrix/client"
mode: 0644
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
- name: Ensure Matrix /.well-known/matrix/server file configured
template:
src: "{{ role_path }}/templates/static-files/well-known/matrix-server.j2"
copy:
content: "{{ matrix_well_known_matrix_server_configuration|to_nice_json }}"
dest: "{{ matrix_static_files_base_path }}/.well-known/matrix/server"
mode: 0644
owner: "{{ matrix_user_username }}"

9
roles/matrix-base/tasks/validate_config.yml Normal file
View File

@ -0,0 +1,9 @@
---
- name: Fail if required Matrix Base settings not defined
fail:
msg: >-
You need to define a required configuration setting (`{{ item }}`) for using this playbook.
when: "vars[item] == ''"
with_items:
- "matrix_homeserver_container_url"

1
roles/matrix-bot-go-neb/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-bot-go-neb
state: stopped
enabled: no
daemon_reload: yes
register: stopping_result
when: "matrix_bot_go_neb_service_stat.stat.exists|bool"

1
roles/matrix-bot-matrix-reminder-bot/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-bot-matrix-reminder-bot
state: stopped
enabled: no
daemon_reload: yes
register: stopping_result
when: "matrix_bot_matrix_reminder_bot_service_stat.stat.exists|bool"

3
roles/matrix-bot-mjolnir/defaults/main.yml
View File

@ -3,14 +3,13 @@
matrix_bot_mjolnir_enabled: true
matrix_bot_mjolnir_version: "v1.1.20"
matrix_bot_mjolnir_version: "v1.2.1"
matrix_bot_mjolnir_container_image_self_build: false
matrix_bot_mjolnir_container_image_self_build_repo: "https://github.com/matrix-org/mjolnir.git"
matrix_bot_mjolnir_docker_image: "{{ matrix_bot_mjolnir_docker_image_name_prefix }}matrixdotorg/mjolnir:{{ matrix_bot_mjolnir_version }}"
matrix_bot_mjolnir_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_mjolnir_container_image_self_build else matrix_container_global_registry_prefix }}"
matrix_bot_mjolnir_docker_image_force_pull: "{{ matrix_bot_mjolnir_docker_image.endswith(':latest') }}"
matrix_bot_mjolnir_base_path: "{{ matrix_base_data_path }}/mjolnir"

1
roles/matrix-bot-mjolnir/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-bot-mjolnir
state: stopped
enabled: no
daemon_reload: yes
register: stopping_result
when: "matrix_bot_mjolnir_service_stat.stat.exists|bool"

2
roles/matrix-bridge-appservice-discord/defaults/main.yml
View File

@ -48,7 +48,7 @@ matrix_appservice_discord_bridge_enableSelfServiceBridging: false
#
# To use Postgres:
# - change the engine (`matrix_appservice_discord_database_engine: 'postgres'`)
# - adjust your database credentials via the `matrix_appservice_discord_postgres_*` variables
# - adjust your database credentials via the `matrix_appservice_discord_database_*` variables
matrix_appservice_discord_database_engine: 'sqlite'
matrix_appservice_discord_sqlite_database_path_local: "{{ matrix_appservice_discord_data_path }}/discord.db"

1
roles/matrix-bridge-appservice-discord/tasks/setup_install.yml
View File

@ -54,6 +54,7 @@
service:
name: matrix-appservice-discord
state: stopped
enabled: no
daemon_reload: yes
failed_when: false
when: "matrix_appservice_discord_stat_db.stat.exists"

1
roles/matrix-bridge-appservice-discord/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-appservice-discord
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_appservice_discord_service_stat.stat.exists"

2
roles/matrix-bridge-appservice-irc/defaults/main.yml
View File

@ -7,7 +7,7 @@ matrix_appservice_irc_container_self_build: false
matrix_appservice_irc_docker_repo: "https://github.com/matrix-org/matrix-appservice-irc.git"
matrix_appservice_irc_docker_src_files_path: "{{ matrix_base_data_path }}/appservice-irc/docker-src"
matrix_appservice_irc_version: release-0.31.0
matrix_appservice_irc_version: release-0.32.1
matrix_appservice_irc_docker_image: "{{ matrix_container_global_registry_prefix }}matrixdotorg/matrix-appservice-irc:{{ matrix_appservice_irc_version }}"
matrix_appservice_irc_docker_image_force_pull: "{{ matrix_appservice_irc_docker_image.endswith(':latest') }}"

1
roles/matrix-bridge-appservice-irc/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-appservice-irc
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_appservice_irc_service_stat.stat.exists"

4
roles/matrix-bridge-appservice-slack/defaults/main.yml
View File

@ -33,7 +33,7 @@ matrix_appservice_slack_slack_port: 9003
matrix_appservice_slack_container_http_host_bind_port: ''
matrix_appservice_slack_homeserver_media_url: "{{ matrix_server_fqn_matrix }}"
matrix_appservice_slack_homeserver_url: "http://matrix-synapse:8008"
matrix_appservice_slack_homeserver_url: ""
matrix_appservice_slack_homeserver_domain: "{{ matrix_domain }}"
matrix_appservice_slack_appservice_url: 'http://matrix-appservice-slack'
@ -82,7 +82,7 @@ matrix_appservice_slack_configuration_extension_yaml: |
# Optional
#matrix_admin_room: "!aBcDeF:matrix.org"
#homeserver:
# url: http://localhost:8008
# url: http://localhost:{{ matrix_synapse_container_client_api_port }}
# server_name: my.server
# Optional
#tls:

1
roles/matrix-bridge-appservice-slack/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-appservice-slack
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_appservice_slack_service_stat.stat.exists"

1
roles/matrix-bridge-appservice-slack/tasks/validate_config.yml
View File

@ -8,5 +8,6 @@
with_items:
- "matrix_appservice_slack_control_room_id"
- "matrix_appservice_slack_appservice_token"
- "matrix_appservice_slack_homeserver_url"
- "matrix_appservice_slack_homeserver_token"
- "matrix_appservice_slack_id_token"

4
roles/matrix-bridge-appservice-webhooks/defaults/main.yml
View File

@ -22,8 +22,6 @@ matrix_appservice_webhooks_docker_src_files_path: "{{ matrix_appservice_webhooks
matrix_appservice_webhooks_public_endpoint: /appservice-webhooks
matrix_appservice_webhooks_inbound_uri_prefix: "{{ matrix_homeserver_url }}{{ matrix_appservice_webhooks_public_endpoint }}"
# Once you make a control room in Matrix, you can get its ID by typing any message and checking its source
matrix_appservice_webhooks_control_room_id: ''
matrix_appservice_webhooks_bot_name: 'webhookbot'
matrix_appservice_webhooks_user_prefix: '_webhook'
@ -36,7 +34,7 @@ matrix_appservice_webhooks_matrix_port: 6789
matrix_appservice_webhooks_container_http_host_bind_port: ''
matrix_appservice_webhooks_homeserver_media_url: "{{ matrix_server_fqn_matrix }}"
matrix_appservice_webhooks_homeserver_url: "http://matrix-synapse:8008"
matrix_appservice_webhooks_homeserver_url: ""
matrix_appservice_webhooks_homeserver_domain: "{{ matrix_domain }}"
matrix_appservice_webhooks_appservice_url: 'http://matrix-appservice-webhooks'

1
roles/matrix-bridge-appservice-webhooks/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-appservice-webhooks
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_appservice_webhooks_service_stat.stat.exists"

1
roles/matrix-bridge-appservice-webhooks/tasks/validate_config.yml
View File

@ -7,6 +7,7 @@
when: "vars[item] == ''"
with_items:
- "matrix_appservice_webhooks_appservice_token"
- "matrix_appservice_webhooks_homeserver_url"
- "matrix_appservice_webhooks_homeserver_token"
- "matrix_appservice_webhooks_id_token"
- "matrix_appservice_webhooks_api_secret"

1
roles/matrix-bridge-beeper-linkedin/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-beeper-linkedin
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_beeper_linkedin_service_stat.stat.exists"

2
roles/matrix-bridge-heisenbridge/defaults/main.yml
View File

@ -3,7 +3,7 @@
matrix_heisenbridge_enabled: true
matrix_heisenbridge_version: 1.3.0
matrix_heisenbridge_version: 1.7.1
matrix_heisenbridge_docker_image: "{{ matrix_container_global_registry_prefix }}hif1/heisenbridge:{{ matrix_heisenbridge_version }}"
matrix_heisenbridge_docker_image_force_pull: "{{ matrix_heisenbridge_docker_image.endswith(':latest') }}"

1
roles/matrix-bridge-heisenbridge/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-heisenbridge
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_heisenbridge_service_stat.stat.exists"

4
roles/matrix-bridge-mautrix-facebook/defaults/main.yml
View File

@ -6,7 +6,7 @@ matrix_mautrix_facebook_enabled: true
matrix_mautrix_facebook_container_image_self_build: false
matrix_mautrix_facebook_container_image_self_build_repo: "https://mau.dev/mautrix/facebook.git"
matrix_mautrix_facebook_version: v0.3.1
matrix_mautrix_facebook_version: v0.3.2
matrix_mautrix_facebook_docker_image: "{{ matrix_mautrix_facebook_docker_image_name_prefix }}mautrix/facebook:{{ matrix_mautrix_facebook_version }}"
matrix_mautrix_facebook_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_facebook_container_image_self_build else 'dock.mau.dev/' }}"
matrix_mautrix_facebook_docker_image_force_pull: "{{ matrix_mautrix_facebook_docker_image.endswith(':latest') }}"
@ -42,7 +42,7 @@ matrix_mautrix_facebook_homeserver_token: ''
# - plan your migration to Postgres, as this bridge does not support SQLite anymore (and neither will the playbook in the future).
#
# To use Postgres:
# - adjust your database credentials via the `matrix_mautrix_facebook_postgres_*` variables
# - adjust your database credentials via the `matrix_mautrix_facebook_database_*` variables
matrix_mautrix_facebook_database_engine: 'postgres'
matrix_mautrix_facebook_sqlite_database_path_local: "{{ matrix_mautrix_facebook_data_path }}/mautrix-facebook.db"

1
roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml
View File

@ -86,6 +86,7 @@
service:
name: matrix-mautrix-facebook
state: stopped
enabled: no
daemon_reload: yes
failed_when: false
when: "matrix_mautrix_facebook_stat_database.stat.exists"

1
roles/matrix-bridge-mautrix-facebook/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-mautrix-facebook
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_mautrix_facebook_service_stat.stat.exists"

14
roles/matrix-bridge-mautrix-facebook/tasks/validate_config.yml
View File

@ -10,22 +10,14 @@
- "matrix_mautrix_facebook_homeserver_token"
- block:
- name: Fail if on SQLite, unless on the last version supporting SQLite
fail:
msg: >-
You're trying to use the mautrix-facebook bridge with an SQLite database.
Going forward, this bridge only supports Postgres.
To learn more about this, see our changelog: https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/CHANGELOG.md#breaking-change-the-mautrix-facebook-bridge-now-requires-a-postgres-database
when: "not matrix_mautrix_facebook_docker_image.endswith(':da1b4ec596e334325a1589e70829dea46e73064b')"
- name: Inject warning if still on SQLite
- name: Inject warning if on an old SQLite-supporting version
set_fact:
matrix_playbook_runtime_results: |
{{
matrix_playbook_runtime_results|default([])
+
[
"NOTE: Your mautrix-facebook bridge setup is still on SQLite. Your bridge is not getting any updates and will likely stop working at some point. To learn more about this, see our changelog: https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/CHANGELOG.md#breaking-change-the-mautrix-facebook-bridge-now-requires-a-postgres-database"
"NOTE: Your mautrix-facebook bridge is still on SQLite and on the last version that supported it, before support was dropped. Support has been subsequently re-added in v0.3.2, so we advise you to upgrade (by removing your `matrix_mautrix_facebook_docker_image` definition from vars.yml)"
]
}}
when: "matrix_mautrix_facebook_database_engine == 'sqlite'"
when: "matrix_mautrix_facebook_database_engine == 'sqlite' and matrix_mautrix_facebook_docker_image.endswith(':da1b4ec596e334325a1589e70829dea46e73064b')"

2
roles/matrix-bridge-mautrix-googlechat/defaults/main.yml
View File

@ -47,7 +47,7 @@ matrix_mautrix_googlechat_homeserver_token: ''
#
# To use Postgres:
# - change the engine (`matrix_mautrix_googlechat_database_engine: 'postgres'`)
# - adjust your database credentials via the `matrix_mautrix_googlechat_postgres_*` variables
# - adjust your database credentials via the `matrix_mautrix_googlechat_database_*` variables
matrix_mautrix_googlechat_database_engine: 'sqlite'
matrix_mautrix_googlechat_sqlite_database_path_local: "{{ matrix_mautrix_googlechat_data_path }}/mautrix-googlechat.db"

1
roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml
View File

@ -85,6 +85,7 @@
service:
name: matrix-mautrix-googlechat
state: stopped
enabled: no
daemon_reload: yes
failed_when: false
when: "matrix_mautrix_googlechat_stat_database.stat.exists"

1
roles/matrix-bridge-mautrix-googlechat/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-mautrix-googlechat
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_mautrix_googlechat_service_stat.stat.exists"

2
roles/matrix-bridge-mautrix-hangouts/defaults/main.yml
View File

@ -47,7 +47,7 @@ matrix_mautrix_hangouts_homeserver_token: ''
#
# To use Postgres:
# - change the engine (`matrix_mautrix_hangouts_database_engine: 'postgres'`)
# - adjust your database credentials via the `matrix_mautrix_hangouts_postgres_*` variables
# - adjust your database credentials via the `matrix_mautrix_hangouts_database_*` variables
matrix_mautrix_hangouts_database_engine: 'sqlite'
matrix_mautrix_hangouts_sqlite_database_path_local: "{{ matrix_mautrix_hangouts_data_path }}/mautrix-hangouts.db"

1
roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml
View File

@ -85,6 +85,7 @@
service:
name: matrix-mautrix-hangouts
state: stopped
enabled: no
daemon_reload: yes
failed_when: false
when: "matrix_mautrix_hangouts_stat_database.stat.exists"

1
roles/matrix-bridge-mautrix-hangouts/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-mautrix-hangouts
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_mautrix_hangouts_service_stat.stat.exists"

2
roles/matrix-bridge-mautrix-instagram/defaults/main.yml
View File

@ -37,7 +37,7 @@ matrix_mautrix_instagram_homeserver_token: ''
# Database-related configuration fields.
#
# To use Postgres:
# - adjust your database credentials via the `matrix_mautrix_instagram_postgres_*` variables
# - adjust your database credentials via the `matrix_mautrix_instagram_database_*` variables
matrix_mautrix_instagram_database_engine: 'postgres'
matrix_mautrix_instagram_database_username: 'matrix_mautrix_instagram'

1
roles/matrix-bridge-mautrix-instagram/tasks/setup_uninstall.yml
View File

@ -8,6 +8,7 @@
service:
name: matrix-mautrix-instagram
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_mautrix_instagram_service_stat.stat.exists"

2
roles/matrix-bridge-mautrix-signal/defaults/main.yml
View File

@ -17,7 +17,7 @@ matrix_mautrix_signal_daemon_container_self_build: false
matrix_mautrix_signal_daemon_docker_repo: "https://mau.dev/maunium/signald.git"
matrix_mautrix_signal_daemon_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-signald/docker-src"
matrix_mautrix_signal_daemon_docker_image: "dock.mau.dev/maunium/signald:{{ matrix_mautrix_signal_daemon_version }}"
matrix_mautrix_signal_daemon_docker_image: "docker.io/signald/signald:{{ matrix_mautrix_signal_daemon_version }}"
matrix_mautrix_signal_daemon_docker_image_force_pull: "{{ matrix_mautrix_signal_daemon_docker_image.endswith(':latest') }}"
matrix_mautrix_signal_base_path: "{{ matrix_base_data_path }}/mautrix-signal"

2
roles/matrix-bridge-mautrix-signal/tasks/setup_uninstall.yml
View File

@ -10,6 +10,7 @@
service:
name: matrix-mautrix-signal-daemon
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_mautrix_signal_daemon_service_stat.stat.exists"
@ -29,6 +30,7 @@
service:
name: matrix-mautrix-signal
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_mautrix_signal_service_stat.stat.exists"

73
roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2
View File

@ -15,6 +15,8 @@ homeserver:
# If set, the bridge will make POST requests to this URL whenever a user's Signal connection state changes.
# The bridge will use the appservice as_token to authorize requests.
status_endpoint: null
# Endpoint for reporting per-message status.
message_send_checkpoint_endpoint: null
# Application service host/registration related details
# Changing these values requires regeneration of the registration.
@ -32,25 +34,19 @@ appservice:
# Usually 1 is enough, but on high-traffic bridges you might need to increase this to avoid 413s
max_body_size: 1
# The full URI to the database. Only Postgres is currently supported.
# The full URI to the database. SQLite and Postgres are supported.
# Format examples:
# SQLite: sqlite:///filename.db
# Postgres: postgres://username:password@hostname/dbname
database: {{ matrix_mautrix_signal_database_connection_string }}
# Additional arguments for asyncpg.create_pool()
# Additional arguments for asyncpg.create_pool() or sqlite3.connect()
# https://magicstack.github.io/asyncpg/current/api/index.html#asyncpg.pool.create_pool
# https://docs.python.org/3/library/sqlite3.html#sqlite3.connect
# For sqlite, min_size is used as the connection thread pool size and max_size is ignored.
database_opts:
min_size: 5
max_size: 10
# Provisioning API part of the web server for automated portal creation and fetching information.
# Used by things like mautrix-manager (https://github.com/tulir/mautrix-manager).
provisioning:
# Whether or not the provisioning API should be enabled.
enabled: true
# The prefix to use in the provisioning API endpoints.
prefix: /_matrix/provision/v1
# The shared secret to authorize users of the API.
# Set to "generate" to generate and save a new token.
shared_secret: generate
# The unique ID of this appservice.
id: signal
# Username of the appservice bot.
@ -66,7 +62,12 @@ appservice:
# Example: "+signal:example.com". Set to false to disable.
community_id: false
# Authentication tokens for AS <-> HS communication.
# Whether or not to receive ephemeral events via appservice transactions.
# Requires MSC2409 support (i.e. Synapse 1.22+).
# You should disable bridge -> sync_with_custom_puppets when this is enabled.
ephemeral_events: false
# Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
as_token: "{{ matrix_mautrix_signal_appservice_token }}"
hs_token: "{{ matrix_mautrix_signal_homeserver_token }}"
@ -75,6 +76,17 @@ metrics:
enabled: false
listen_port: 8000
# Manhole config.
manhole:
# Whether or not opening the manhole is allowed.
enabled: false
# The path for the unix socket.
path: /var/tmp/mautrix-signal.manhole
# The list of UIDs who can be added to the whitelist.
# If empty, any UIDs can be specified in the open-manhole command.
whitelist:
- 0
signal:
# Path to signald unix socket
socket_path: /signald/signald.sock
@ -91,6 +103,8 @@ signal:
delete_unknown_accounts_on_start: false
# Whether or not message attachments should be removed from disk after they're bridged.
remove_file_after_handling: true
# Whether or not users can register a primary device
registration_enabled: true
# Bridge config
bridge:
@ -102,6 +116,7 @@ bridge:
# available variable in displayname_preference. The variables in displayname_preference
# can also be used here directly.
displayname_template: "{displayname} (Signal)"
# Whether or not contact list displaynames should be used.
# Possible values: disallow, allow, prefer
#
# Multi-user instances are recommended to disallow contact list names, as otherwise there can
@ -140,7 +155,7 @@ bridge:
# If false, created portal rooms will never be federated.
federate_rooms: true
# End-to-bridge encryption support options. You must install the e2be optional dependency for
# this to work. See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html
# this to work. See https://github.com/tulir/mautrix-telegram/wiki/Endtobridge-encryption
encryption:
# Allow encryption, work in group chat rooms with e2ee enabled
allow: false
@ -173,12 +188,38 @@ bridge:
# This field will automatically be changed back to false after it,
# except if the config file is not writable.
resend_bridge_info: false
# Interval at which to resync contacts.
# Interval at which to resync contacts (in seconds).
periodic_sync: 0
# Provisioning API part of the web server for automated portal creation and fetching information.
# Used by things like mautrix-manager (https://github.com/tulir/mautrix-manager).
provisioning:
# Whether or not the provisioning API should be enabled.
enabled: true
# The prefix to use in the provisioning API endpoints.
prefix: /_matrix/provision/v1
# The shared secret to authorize users of the API.
# Set to "generate" to generate and save a new token.
shared_secret: generate
# The prefix for commands. Only required in non-management rooms.
command_prefix: "!signal"
# Messages sent upon joining a management room.
# Markdown is supported. The defaults are listed below.
management_room_text:
# Sent when joining a room.
welcome: "Hello, I'm a Signal bridge bot."
# Sent when joining a management room and the user is already logged in.
welcome_connected: "Use `help` for help."
# Sent when joining a management room and the user is not logged in.
welcome_unconnected: "Use `help` for help or `register` to log in."
# Optional extra text sent when joining a management room.
additional_help: ""
# Send each message separately (for readability in some clients)
management_room_multiple_messages: false
# Permissions for using the bridge.
# Permitted values:
# relay - Allowed to be relayed through the bridge, no access to commands.

4
roles/matrix-bridge-mautrix-telegram/defaults/main.yml
View File

@ -13,7 +13,7 @@ matrix_mautrix_telegram_container_self_build: false
matrix_mautrix_telegram_docker_repo: "https://mau.dev/mautrix/telegram.git"
matrix_mautrix_telegram_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-telegram/docker-src"
matrix_mautrix_telegram_version: v0.10.1
matrix_mautrix_telegram_version: v0.10.2
# See: https://mau.dev/mautrix/telegram/container_registry
matrix_mautrix_telegram_docker_image: "dock.mau.dev/mautrix/telegram:{{ matrix_mautrix_telegram_version }}"
matrix_mautrix_telegram_docker_image_force_pull: "{{ matrix_mautrix_telegram_docker_image.endswith(':latest') }}"
@ -63,7 +63,7 @@ matrix_mautrix_telegram_homeserver_token: ''
#
# To use Postgres:
# - change the engine (`matrix_mautrix_telegram_database_engine: 'postgres'`)
# - adjust your database credentials via the `matrix_mautrix_telegram_postgres_*` variables
# - adjust your database credentials via the `matrix_mautrix_telegram_database_*` variables
matrix_mautrix_telegram_database_engine: 'sqlite'
matrix_mautrix_telegram_sqlite_database_path_local: "{{ matrix_mautrix_telegram_data_path }}/mautrix-telegram.db"

1
roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml
View File

@ -107,6 +107,7 @@
service:
name: matrix-mautrix-telegram
state: stopped
enabled: no
daemon_reload: yes
failed_when: false
when: "matrix_mautrix_telegram_stat_database.stat.exists"

1
roles/matrix-bridge-mautrix-telegram/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-mautrix-telegram
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_mautrix_telegram_service_stat.stat.exists"

10
roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml
View File

@ -36,14 +36,13 @@ matrix_mautrix_whatsapp_homeserver_token: ''
matrix_mautrix_whatsapp_appservice_bot_username: whatsappbot
# Database-related configuration fields.
#
# To use SQLite, stick to these defaults.
#
# To use Postgres:
# - change the engine (`matrix_mautrix_whatsapp_database_engine: 'postgres'`)
# - adjust your database credentials via the `matrix_mautrix_whatsapp_postgres_*` variables
# - adjust your database credentials via the `matrix_mautrix_whatsapp_database_*` variables
matrix_mautrix_whatsapp_database_engine: 'sqlite'
matrix_mautrix_whatsapp_sqlite_database_path_local: "{{ matrix_mautrix_whatsapp_data_path }}/mautrix-whatsapp.db"
@ -71,9 +70,14 @@ matrix_mautrix_whatsapp_appservice_database_uri: "{{
}[matrix_mautrix_whatsapp_database_engine]
}}"
# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth).
matrix_mautrix_whatsapp_login_shared_secret: ''
matrix_mautrix_whatsapp_bridge_login_shared_secret_map:
"{{ {matrix_mautrix_whatsapp_homeserver_domain: matrix_mautrix_whatsapp_login_shared_secret} if matrix_mautrix_whatsapp_login_shared_secret else {} }}"
# Servers to always allow double puppeting from
matrix_mautrix_whatsapp_bridge_double_puppet_server_map:
"{{ matrix_mautrix_whatsapp_homeserver_domain : matrix_mautrix_whatsapp_homeserver_address }}"
# Default mautrix-whatsapp configuration template which covers the generic use case.
# You can customize it by controlling the various variables inside it.

1
roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml
View File

@ -93,6 +93,7 @@
service:
name: matrix-mautrix-whatsapp
state: stopped
enabled: no
daemon_reload: yes
failed_when: false
when: "matrix_mautrix_whatsapp_stat_database.stat.exists"

1
roles/matrix-bridge-mautrix-whatsapp/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-mautrix-whatsapp
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_mautrix_whatsapp_service_stat.stat.exists"

202
roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2
View File

@ -7,15 +7,17 @@ homeserver:
domain: {{ matrix_mautrix_whatsapp_homeserver_domain }}
# Application service host/registration related details.
# Changing these values requires regeneration of the registration.
# The URL to push real-time bridge status to.
# If set, the bridge will make POST requests to this URL whenever a user's whatsapp connection state changes.
# The bridge will use the appservice as_token to authorize requests.
status_endpoint: "null"
appservice:
# The address that the homeserver can use to connect to this appservice.
address: {{ matrix_mautrix_whatsapp_appservice_address }}
# The hostname and port where this appservice should listen.
hostname: 0.0.0.0
port: 8080
# Database config.
database:
# The database type. "sqlite3" and "postgres" are supported.
@ -27,10 +29,6 @@ appservice:
# Maximum number of connections. Mostly relevant for Postgres.
max_open_conns: 20
max_idle_conns: 2
# Path to the Matrix room state store.
state_store_path: ./mx-state.json
# The unique ID of this appservice.
id: whatsapp
# Appservice bot details.
@ -41,7 +39,6 @@ appservice:
# to leave display name/avatar as-is.
displayname: WhatsApp bridge bot
avatar: mxc://maunium.net/NeXNQarUbrlYBiPCpprYsRqr
# Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
as_token: "{{ matrix_mautrix_whatsapp_appservice_token }}"
hs_token: "{{ matrix_mautrix_whatsapp_homeserver_token }}"
@ -51,79 +48,137 @@ bridge:
# Localpart template of MXIDs for WhatsApp users.
# {{ '{{.}}' }} is replaced with the phone number of the WhatsApp user.
username_template: "{{ 'whatsapp_{{.}}' }}"
# Displayname template for WhatsApp users.
# {{ '{{.Notify'}}' }} - nickname set by the WhatsApp user
# {{ '{{.Jid}}' }} - phone number (international format)
# The following variables are also available, but will cause problems on multi-user instances:
# {{ '{{.Name}}' }} - display name from contact list
# {{ '{{.Short}}' }} - short display name from contact list
displayname_template: "{{ '{{if .Notify}}{{.Notify}}{{else}}{{.Jid}}{{end}} (WA)' }}"
# WhatsApp connection timeout in seconds.
connection_timeout: 20
# Maximum number of times to retry connecting on connection error.
max_connection_attempts: 3
# Number of seconds to wait between connection attempts.
# Negative numbers are exponential backoff: -connection_retry_delay + 1 + 2^attempts
connection_retry_delay: -1
# Whether or not the bridge should send a notice to the user's management room when it retries connecting.
# If false, it will only report when it stops retrying.
report_connection_retry: true
# Maximum number of seconds to wait for chats to be sent at startup.
# If this is too low and you have lots of chats, it could cause backfilling to fail.
chat_list_wait: 30
# Maximum number of seconds to wait to sync portals before force unlocking message processing.
# If this is too low and you have lots of chats, it could cause backfilling to fail.
portal_sync_wait: 600
# Whether or not to send call start/end notices to Matrix.
call_notices:
start: true
end: true
# Number of chats to sync for new users.
initial_chat_sync_count: 10
# Number of old messages to fill when creating new portal rooms.
initial_history_fill_count: 20
# Maximum number of chats to sync when recovering from downtime.
# Set to -1 to sync all new chats during downtime.
recovery_chat_sync_limit: -1
# Whether or not to sync history when recovering from downtime.
recovery_history_backfill: true
# Maximum number of seconds since last message in chat to skip
# syncing the chat in any case. This setting will take priority
# over both recovery_chat_sync_limit and initial_chat_sync_count.
# Default is 3 days = 259200 seconds
sync_max_chat_age: 259200
# Whether or not to sync with custom puppets to receive EDUs that
# are not normally sent to appservices.
displayname_template: "{{ '{{if .PushName}}{{.PushName}}{{else if .BusinessName}}{{.BusinessName}}{{else}}{{.JID}}{{end}} (WA)' }}"
# Should the bridge send a read receipt from the bridge bot when a message has been sent to WhatsApp?
delivery_receipts: false
# Should incoming calls send a message to the Matrix room?
call_start_notices: true
# Should another user's cryptographic identity changing send a message to Matrix?
identity_change_notices: false
# Should a "reactions not yet supported" warning be sent to the Matrix room when a user reacts to a message?
reaction_notices: true
portal_message_buffer: 128
# Settings for handling history sync payloads. These settings only apply right after login,
# because the phone only sends the history sync data once, and there's no way to re-request it
# (other than logging out and back in again).
history_sync:
# Should the bridge create portals for chats in the history sync payload?
create_portals: true
# Maximum age of chats in seconds to create portals for. Set to 0 to create portals for all chats in sync payload.
max_age: 604800
# Enable backfilling history sync payloads from WhatsApp using batch sending?
# This requires a server with MSC2716 support, which is currently an experimental feature in synapse.
# It can be enabled by setting experimental_features -> msc2716_enabled to true in homeserver.yaml.
# Note that as of Synapse 1.46, there are still some bugs with the implementation, especially if using event persistence workers.
backfill: false
# Use double puppets for backfilling?
# In order to use this, the double puppets must be in the appservice's user ID namespace
# (because the bridge can't use the double puppet access token with batch sending).
# This only affects double puppets on the local server, double puppets on other servers will never be used.
# Doesn't work out of box with this playbook
double_puppet_backfill: false
# Should the bridge request a full sync from the phone when logging in?
# This bumps the size of history syncs from 3 months to 1 year.
request_full_sync: false
user_avatar_sync: true
# Should Matrix users leaving groups be bridged to WhatsApp?
bridge_matrix_leave: true
# Should the bridge sync with double puppeting to receive EDUs that aren't normally sent to appservices.
sync_with_custom_puppets: true
# Shared secret for https://github.com/devture/matrix-synapse-shared-secret-auth
# Should the bridge update the m.direct account data event when double puppeting is enabled.
# Note that updating the m.direct event is not atomic (except with mautrix-asmux)
# and is therefore prone to race conditions.
sync_direct_chat_list: false
# When double puppeting is enabled, users can use `!wa toggle` to change whether
# presence and read receipts are bridged. These settings set the default values.
# Existing users won't be affected when these are changed.
default_bridge_receipts: true
default_bridge_presence: true
# Servers to always allow double puppeting from
double_puppet_server_map:
"{{ matrix_mautrix_whatsapp_homeserver_domain }}": {{ matrix_mautrix_whatsapp_homeserver_address }}
# Allow using double puppeting from any server with a valid client .well-known file.
double_puppet_allow_discovery: false
# Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth
#
# If set, custom puppets will be enabled automatically for local users
# If set, double puppeting will be enabled automatically for local users
# instead of users having to find an access token and run `login-matrix`
# manually.
login_shared_secret: {{ matrix_mautrix_whatsapp_login_shared_secret|to_json }}
# Whether or not to invite own WhatsApp user's Matrix puppet into private
# chat portals when backfilling if needed.
# This always uses the default puppet instead of custom puppets due to
# rate limits and timestamp massaging.
invite_own_puppet_for_backfilling: true
# Whether or not to explicitly set the avatar and room name for private
# chat portal rooms. This can be useful if the previous field works fine,
# but causes room avatar/name bugs.
login_shared_secret_map: {{ matrix_mautrix_whatsapp_bridge_login_shared_secret_map|to_json }}
# Should the bridge explicitly set the avatar and room name for private chat portal rooms?
private_chat_portal_meta: false
# Should Matrix m.notice-type messages be bridged?
bridge_notices: true
# Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run.
# This field will automatically be changed back to false after it, except if the config file is not writable.
resend_bridge_info: false
# When using double puppeting, should muted chats be muted in Matrix?
mute_bridging: false
# When using double puppeting, should archived chats be moved to a specific tag in Matrix?
# Note that WhatsApp unarchives chats when a message is received, which will also be mirrored to Matrix.
# This can be set to a tag (e.g. m.lowpriority), or null to disable.
archive_tag: null
# Same as above, but for pinned chats. The favorite tag is called m.favourite
pinned_tag: null
# Should mute status and tags only be bridged when the portal room is created?
tag_only_on_create: true
# Should WhatsApp status messages be bridged into a Matrix room?
# Disabling this won't affect already created status broadcast rooms.
enable_status_broadcast: true
# Should the status broadcast room be muted and moved into low priority by default?
# This is only applied when creating the room, the user can unmute/untag it later.
mute_status_broadcast: true
# Should the bridge use thumbnails from WhatsApp?
# They're disabled by default due to very low resolution.
whatsapp_thumbnail: false
# Allow invite permission for user. User can invite any bots to room with whatsapp
# users (private chat and groups)
allow_user_invite: false
# Whether or not created rooms should have federation enabled.
# If false, created portal rooms will never be federated.
federate_rooms: true
# The prefix for commands. Only required in non-management rooms.
command_prefix: "!wa"
# Messages sent upon joining a management room.
# Markdown is supported. The defaults are listed below.
management_room_text:
# Sent when joining a room.
welcome: "Hello, I'm a WhatsApp bridge bot."
# Sent when joining a management room and the user is already logged in.
welcome_connected: "Use `help` for help."
# Sent when joining a management room and the user is not logged in.
welcome_unconnected: "Use `help` for help or `login` to log in."
# Optional extra text sent when joining a management room.
additional_help: ""
# End-to-bridge encryption support options.
#
# See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info.
encryption:
# Allow encryption, work in group chat rooms with e2ee enabled
allow: false
# Default to encryption, force-enable encryption in all portals the bridge creates
# This will cause the bridge bot to be in private chats for the encryption to work properly.
# It is recommended to also set private_chat_portal_meta to true when using this.
default: false
# Options for automatic key sharing.
key_sharing:
# Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
# You must use a client that supports requesting keys from other users to use this feature.
allow: false
# Require the requesting device to have a valid cross-signing signature?
# This doesn't require that the bridge has verified the device, only that the user has verified it.
# Not yet implemented.
require_cross_signing: false
# Require devices to be verified by the bridge?
# Verification by the bridge is not yet implemented.
require_verification: true
# Permissions for using the bridge.
# Permitted values:
# relay - Talk through the relaybot (if enabled), no access otherwise
# user - Access to use the bridge to chat with a WhatsApp account.
# admin - User level and some additional administration tools
# Permitted keys:
@ -133,15 +188,13 @@ bridge:
permissions:
"{{ matrix_mautrix_whatsapp_homeserver_domain }}": user
relaybot:
# Whether or not relaybot support is enabled.
# Settings for relay mode
relay:
# Whether relay mode should be allowed. If allowed, `!wa set-relay` can be used to turn any
# authenticated user into a relaybot for that chat.
enabled: false
# The management room for the bot. This is where all status notifications are posted and
# in this room, you can use `!wa <command>` instead of `!wa relaybot <command>`. Omitting
# the command prefix completely like in user management rooms is not possible.
management: '!foo:example.com'
# List of users to invite to all created rooms that include the relaybot.
invites: []
# Should only admins be allowed to set themselves as relay users?
admin_only: true
# The formats to use when sending messages to WhatsApp via the relaybot.
message_formats:
m.text: "<b>{{ '{{ .Sender.Displayname }}' }}</b>: {{ '{{ .Message }}' }}"
@ -152,6 +205,7 @@ bridge:
m.audio: "<b>{{ '{{ .Sender.Displayname }}' }}</b>: sent an audio file"
m.video: "<b>{{ '{{ .Sender.Displayname }}' }}</b>: sent a video"
m.location: "<b>{{ '{{ .Sender.Displayname }}' }}</b>: sent a location"
# Logging config.
logging:
# The directory for log files. Will be created if not found.

2
roles/matrix-bridge-mx-puppet-discord/defaults/main.yml
View File

@ -27,6 +27,8 @@ matrix_mx_puppet_discord_homeserver_address: "{{ matrix_homeserver_container_url
matrix_mx_puppet_discord_homeserver_domain: '{{ matrix_domain }}'
matrix_mx_puppet_discord_appservice_address: 'http://matrix-mx-puppet-discord:{{ matrix_mx_puppet_discord_appservice_port }}'
matrix_mx_puppet_discord_bridge_mediaUrl: "https:/{{ matrix_server_fqn_matrix }}"
# "@user:server.com" to allow specific user
# "@.*:yourserver.com" to allow users on a specific homeserver
# "@.*" to allow anyone

1
roles/matrix-bridge-mx-puppet-discord/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-mx-puppet-discord
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_mx_puppet_discord_service_stat.stat.exists"

10
roles/matrix-bridge-mx-puppet-discord/templates/config.yaml.j2
View File

@ -9,17 +9,17 @@ bridge:
domain: {{ matrix_mx_puppet_discord_homeserver_domain }}
# Reachable URL of the Matrix homeserver
homeserverUrl: {{ matrix_mx_puppet_discord_homeserver_address }}
# Optionally specify a different media URL used for the media store
#
# This is where Discord will download user profile pictures and media
# from
mediaUrl: {{ matrix_mx_puppet_discord_bridge_mediaUrl }}
{% if matrix_mx_puppet_discord_login_shared_secret != '' %}
loginSharedSecretMap:
{{ matrix_domain }}: {{ matrix_mx_puppet_discord_login_shared_secret }}
{% endif %}
# Display name of the bridge bot
displayname: Discord Puppet Bridge
# Optionally specify a different media URL used for the media store
#
# This is where Discord will download user profile pictures and media
# from
#mediaUrl: https://external-url.org
presence:
# Bridge Discord online/offline status

1
roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml
View File

@ -31,6 +31,7 @@
service:
name: matrix-mx-puppet-groupme
state: stopped
enabled: no
daemon_reload: yes
failed_when: false
when: "matrix_mx_puppet_groupme_stat_database.stat.exists"

1
roles/matrix-bridge-mx-puppet-groupme/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-mx-puppet-groupme
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_mx_puppet_groupme_service_stat.stat.exists"

1
roles/matrix-bridge-mx-puppet-instagram/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-mx-puppet-instagram
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_mx_puppet_instagram_service_stat.stat.exists"

1
roles/matrix-bridge-mx-puppet-skype/tasks/setup_install.yml
View File

@ -31,6 +31,7 @@
service:
name: matrix-mx-puppet-skype
state: stopped
enabled: no
daemon_reload: yes
failed_when: false
when: "matrix_mx_puppet_skype_stat_database.stat.exists"

1
roles/matrix-bridge-mx-puppet-skype/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-mx-puppet-skype
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_mx_puppet_skype_service_stat.stat.exists"

1
roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml
View File

@ -31,6 +31,7 @@
service:
name: matrix-mx-puppet-slack
state: stopped
enabled: no
daemon_reload: yes
failed_when: false
when: "matrix_mx_puppet_slack_stat_database.stat.exists"

1
roles/matrix-bridge-mx-puppet-slack/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-mx-puppet-slack
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_mx_puppet_slack_service_stat.stat.exists"

1
roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml
View File

@ -31,6 +31,7 @@
service:
name: matrix-mx-puppet-steam
state: stopped
enabled: no
daemon_reload: yes
failed_when: false
when: "matrix_mx_puppet_steam_stat_database.stat.exists"

1
roles/matrix-bridge-mx-puppet-steam/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-mx-puppet-steam
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_mx_puppet_steam_service_stat.stat.exists"

1
roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml
View File

@ -31,6 +31,7 @@
service:
name: matrix-mx-puppet-twitter
state: stopped
enabled: no
daemon_reload: yes
failed_when: false
when: "matrix_mx_puppet_twitter_stat_database.stat.exists"

1
roles/matrix-bridge-mx-puppet-twitter/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-mx-puppet-twitter
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_mx_puppet_twitter_service_stat.stat.exists"

2
roles/matrix-bridge-sms/defaults/main.yml
View File

@ -26,7 +26,7 @@ matrix_sms_bridge_systemd_wanted_services_list: []
matrix_sms_bridge_appservice_url: 'http://matrix-sms-bridge:8080'
matrix_sms_bridge_homeserver_hostname: 'matrix-synapse'
matrix_sms_bridge_homeserver_port: '8008'
matrix_sms_bridge_homeserver_port: ""
matrix_sms_bridge_homserver_domain: "{{ matrix_domain }}"
matrix_sms_bridge_default_room: ''

3
roles/matrix-bridge-sms/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-sms-bridge
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_sms_bridge_service_stat.stat.exists"
@ -16,4 +17,4 @@
file:
path: "{{ matrix_systemd_path }}/matrix-sms-bridge.service"
state: absent
when: "matrix_sms_bridge_service_stat.stat.exists"
when: "matrix_sms_bridge_service_stat.stat.exists"

1
roles/matrix-bridge-sms/tasks/validate_config.yml
View File

@ -7,6 +7,7 @@
when: "vars[item] == ''"
with_items:
- "matrix_sms_bridge_appservice_token"
- "matrix_sms_bridge_homeserver_port"
- "matrix_sms_bridge_homeserver_token"
- "matrix_sms_bridge_default_region"
- "matrix_sms_bridge_default_timezone"

6
roles/matrix-client-element/defaults/main.yml
View File

@ -2,8 +2,12 @@ matrix_client_element_enabled: true
matrix_client_element_container_image_self_build: false
matrix_client_element_container_image_self_build_repo: "https://github.com/vector-im/riot-web.git"
# Controls whether to patch webpack.config.js when self-building, so that building can pass on low-memory systems (< 4 GB RAM):
# - https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1357
# - https://github.com/vector-im/element-web/issues/19544
matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}"
matrix_client_element_version: v1.9.3
matrix_client_element_version: v1.9.7
matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}"
matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}"
matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}"

10
roles/matrix-client-element/tasks/main.yml
View File

@ -20,8 +20,14 @@
- setup-all
- setup-client-element
- import_tasks: "{{ role_path }}/tasks/setup.yml"
when: run_setup|bool
- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
when: "run_setup|bool and matrix_client_element_enabled|bool"
tags:
- setup-all
- setup-client-element
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
when: "run_setup|bool and not matrix_client_element_enabled|bool"
tags:
- setup-all
- setup-client-element

1
roles/matrix-client-element/tasks/migrate_riot_web.yml
View File

@ -10,6 +10,7 @@
service:
name: matrix-riot-web
state: stopped
enabled: no
daemon_reload: yes
register: stopping_result
when: "matrix_client_element_enabled|bool and matrix_client_riot_web_service_stat.stat.exists"

75
roles/matrix-client-element/tasks/setup.yml → roles/matrix-client-element/tasks/setup_install.yml
View File

@ -1,9 +1,5 @@
---
#
# Tasks related to setting up Element
#
- name: Ensure Element paths exists
file:
path: "{{ item.path }}"
@ -14,7 +10,7 @@
with_items:
- { path: "{{ matrix_client_element_data_path }}", when: true }
- { path: "{{ matrix_client_element_docker_src_files_path }}", when: "{{ matrix_client_element_container_image_self_build }}" }
when: matrix_client_element_enabled|bool and item.when
when: "item.when|bool"
- name: Ensure Element Docker image is pulled
docker_image:
@ -22,7 +18,7 @@
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
force_source: "{{ matrix_client_element_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_client_element_docker_image_force_pull }}"
when: matrix_client_element_enabled|bool and not matrix_client_element_container_image_self_build
when: "not matrix_client_element_container_image_self_build|bool"
- name: Ensure Element repository is present on self-build
git:
@ -31,7 +27,21 @@
version: "{{ matrix_client_element_docker_image.split(':')[1] }}"
force: "yes"
register: matrix_client_element_git_pull_results
when: "matrix_client_element_enabled|bool and matrix_client_element_container_image_self_build|bool"
when: "matrix_client_element_container_image_self_build|bool"
# See:
# - https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1357
# - https://github.com/vector-im/element-web/issues/19544
- name: Patch webpack.config.js to support building on low-memory (<4G RAM) devices
lineinfile:
path: "{{ matrix_client_element_docker_src_files_path }}/webpack.config.js"
regexp: '(\s+)splitChunks: \{'
line: '\1splitChunks: { maxSize: 100000,'
backrefs: yes
owner: root
group: root
mode: '0644'
when: "matrix_client_element_container_image_self_build|bool and matrix_client_element_container_image_self_build_low_memory_system_patch_enabled|bool"
- name: Ensure Element Docker image is built
docker_image:
@ -43,7 +53,7 @@
dockerfile: Dockerfile
path: "{{ matrix_client_element_docker_src_files_path }}"
pull: yes
when: "matrix_client_element_enabled|bool and matrix_client_element_container_image_self_build|bool"
when: "matrix_client_element_container_image_self_build|bool"
- name: Ensure Element configuration installed
copy:
@ -52,7 +62,6 @@
mode: 0644
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
when: matrix_client_element_enabled|bool
- name: Ensure Element config files installed
template:
@ -65,7 +74,7 @@
- {src: "{{ role_path }}/templates/nginx.conf.j2", name: "nginx.conf"}
- {src: "{{ matrix_client_element_page_template_welcome_path }}", name: "welcome.html"}
- {src: "{{ matrix_client_element_embedded_pages_home_path }}", name: "home.html"}
when: "matrix_client_element_enabled|bool and item.src is not none"
when: "item.src is not none"
- name: Ensure Element config files removed
file:
@ -73,7 +82,7 @@
state: absent
with_items:
- {src: "{{ matrix_client_element_embedded_pages_home_path }}", name: "home.html"}
when: "matrix_client_element_enabled|bool and item.src is none"
when: "item.src is none"
- name: Ensure matrix-client-element.service installed
template:
@ -81,50 +90,8 @@
dest: "{{ matrix_systemd_path }}/matrix-client-element.service"
mode: 0644
register: matrix_client_element_systemd_service_result
when: matrix_client_element_enabled|bool
- name: Ensure systemd reloaded after matrix-client-element.service installation
service:
daemon_reload: yes
when: "matrix_client_element_enabled and matrix_client_element_systemd_service_result.changed"
#
# Tasks related to getting rid of Element (if it was previously enabled)
#
- name: Check existence of matrix-client-element.service
stat:
path: "{{ matrix_systemd_path }}/matrix-client-element.service"
register: matrix_client_element_service_stat
when: "not matrix_client_element_enabled|bool"
- name: Ensure matrix-client-element is stopped
service:
name: matrix-client-element
state: stopped
daemon_reload: yes
register: stopping_result
when: "not matrix_client_element_enabled|bool and matrix_client_element_service_stat.stat.exists"
- name: Ensure matrix-client-element.service doesn't exist
file:
path: "{{ matrix_systemd_path }}/matrix-client-element.service"
state: absent
when: "not matrix_client_element_enabled|bool and matrix_client_element_service_stat.stat.exists"
- name: Ensure systemd reloaded after matrix-client-element.service removal
service:
daemon_reload: yes
when: "not matrix_client_element_enabled|bool and matrix_client_element_service_stat.stat.exists"
- name: Ensure Element paths doesn't exist
file:
path: "{{ matrix_client_element_data_path }}"
state: absent
when: "not matrix_client_element_enabled|bool"
- name: Ensure Element Docker image doesn't exist
docker_image:
name: "{{ matrix_client_element_docker_image }}"
state: absent
when: "not matrix_client_element_enabled|bool"
when: "matrix_client_element_systemd_service_result.changed|bool"

36
roles/matrix-client-element/tasks/setup_uninstall.yml Normal file
View File

@ -0,0 +1,36 @@
---
- name: Check existence of matrix-client-element.service
stat:
path: "{{ matrix_systemd_path }}/matrix-client-element.service"
register: matrix_client_element_service_stat
- name: Ensure matrix-client-element is stopped
service:
name: matrix-client-element
state: stopped
enabled: no
daemon_reload: yes
register: stopping_result
when: "matrix_client_element_service_stat.stat.exists|bool"
- name: Ensure matrix-client-element.service doesn't exist
file:
path: "{{ matrix_systemd_path }}/matrix-client-element.service"
state: absent
when: "matrix_client_element_service_stat.stat.exists|bool"
- name: Ensure systemd reloaded after matrix-client-element.service removal
service:
daemon_reload: yes
when: "matrix_client_element_service_stat.stat.exists|bool"
- name: Ensure Element paths doesn't exist
file:
path: "{{ matrix_client_element_data_path }}"
state: absent
- name: Ensure Element Docker image doesn't exist
docker_image:
name: "{{ matrix_client_element_docker_image }}"
state: absent

2
roles/matrix-client-hydrogen/defaults/main.yml
View File

@ -5,7 +5,7 @@ matrix_client_hydrogen_enabled: true
matrix_client_hydrogen_container_image_self_build: true
matrix_client_hydrogen_container_image_self_build_repo: "https://github.com/vector-im/hydrogen-web.git"
matrix_client_hydrogen_version: v0.2.7
matrix_client_hydrogen_version: v0.2.19
matrix_client_hydrogen_docker_image: "{{ matrix_client_hydrogen_docker_image_name_prefix }}vectorim/hydrogen-web:{{ matrix_client_hydrogen_version }}"
matrix_client_hydrogen_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_hydrogen_container_image_self_build }}"
matrix_client_hydrogen_docker_image_force_pull: "{{ matrix_client_hydrogen_docker_image.endswith(':latest') }}"

10
roles/matrix-client-hydrogen/tasks/main.yml
View File

@ -8,8 +8,14 @@
- setup-all
- setup-client-hydrogen
- import_tasks: "{{ role_path }}/tasks/setup.yml"
when: run_setup|bool
- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
when: "run_setup|bool and matrix_client_hydrogen_enabled|bool"
tags:
- setup-all
- setup-client-hydrogen
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
when: "run_setup|bool and not matrix_client_hydrogen_enabled|bool"
tags:
- setup-all
- setup-client-hydrogen

60
roles/matrix-client-hydrogen/tasks/setup.yml → roles/matrix-client-hydrogen/tasks/setup_install.yml
View File

@ -1,9 +1,5 @@
---
#
# Tasks related to setting up Hydrogen
#
- name: Ensure Hydrogen paths exists
file:
path: "{{ item.path }}"
@ -14,7 +10,7 @@
with_items:
- { path: "{{ matrix_client_hydrogen_data_path }}", when: true }
- { path: "{{ matrix_client_hydrogen_docker_src_files_path }}", when: "{{ matrix_client_hydrogen_container_image_self_build }}" }
when: matrix_client_hydrogen_enabled|bool and item.when
when: "item.when|bool"
- name: Ensure Hydrogen Docker image is pulled
docker_image:
@ -22,7 +18,7 @@
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
force_source: "{{ matrix_client_hydrogen_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_client_hydrogen_docker_image_force_pull }}"
when: matrix_client_hydrogen_enabled|bool and not matrix_client_hydrogen_container_image_self_build
when: "not matrix_client_hydrogen_container_image_self_build|bool"
- name: Ensure Hydrogen repository is present on self-build
git:
@ -31,7 +27,7 @@
version: "{{ matrix_client_hydrogen_docker_image.split(':')[1] }}"
force: "yes"
register: matrix_client_hydrogen_git_pull_results
when: "matrix_client_hydrogen_enabled|bool and matrix_client_hydrogen_container_image_self_build|bool"
when: "matrix_client_hydrogen_container_image_self_build|bool"
- name: Ensure Hydrogen configuration installed
copy:
@ -40,7 +36,7 @@
mode: 0644
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
when: "matrix_client_hydrogen_enabled|bool and matrix_client_hydrogen_container_image_self_build|bool"
when: "matrix_client_hydrogen_container_image_self_build|bool"
- name: Ensure Hydrogen additional config files installed
template:
@ -51,7 +47,7 @@
group: "{{ matrix_user_groupname }}"
with_items:
- {src: "{{ role_path }}/templates/nginx.conf.j2", name: "nginx.conf"}
when: "matrix_client_hydrogen_enabled|bool and item.src is not none"
when: "item.src is not none"
# This step MUST come after the steps to install the configuration files because the config files
# are currently only read at build time, not at run time like most other components in the playbook
@ -64,7 +60,7 @@
dockerfile: Dockerfile
path: "{{ matrix_client_hydrogen_docker_src_files_path }}"
pull: yes
when: "matrix_client_hydrogen_enabled|bool and matrix_client_hydrogen_container_image_self_build|bool"
when: "matrix_client_hydrogen_container_image_self_build|bool"
- name: Ensure matrix-client-hydrogen.service installed
template:
@ -72,50 +68,8 @@
dest: "{{ matrix_systemd_path }}/matrix-client-hydrogen.service"
mode: 0644
register: matrix_client_hydrogen_systemd_service_result
when: matrix_client_hydrogen_enabled|bool
- name: Ensure systemd reloaded after matrix-client-hydrogen.service installation
service:
daemon_reload: yes
when: "matrix_client_hydrogen_enabled and matrix_client_hydrogen_systemd_service_result.changed"
#
# Tasks related to getting rid of Hydrogen (if it was previously enabled)
#
- name: Check existence of matrix-client-hydrogen.service
stat:
path: "{{ matrix_systemd_path }}/matrix-client-hydrogen.service"
register: matrix_client_hydrogen_service_stat
when: "not matrix_client_hydrogen_enabled|bool"
- name: Ensure matrix-client-hydrogen is stopped
service:
name: matrix-client-hydrogen
state: stopped
daemon_reload: yes
register: stopping_result
when: "not matrix_client_hydrogen_enabled|bool and matrix_client_hydrogen_service_stat.stat.exists"
- name: Ensure matrix-client-hydrogen.service doesn't exist
file:
path: "{{ matrix_systemd_path }}/matrix-client-hydrogen.service"
state: absent
when: "not matrix_client_hydrogen_enabled|bool and matrix_client_hydrogen_service_stat.stat.exists"
- name: Ensure systemd reloaded after matrix-client-hydrogen.service removal
service:
daemon_reload: yes
when: "not matrix_client_hydrogen_enabled|bool and matrix_client_hydrogen_service_stat.stat.exists"
- name: Ensure Hydrogen paths doesn't exist
file:
path: "{{ matrix_client_hydrogen_data_path }}"
state: absent
when: "not matrix_client_hydrogen_enabled|bool"
- name: Ensure Hydrogen Docker image doesn't exist
docker_image:
name: "{{ matrix_client_hydrogen_docker_image }}"
state: absent
when: "not matrix_client_hydrogen_enabled|bool"
when: "matrix_client_hydrogen_systemd_service_result.changed|bool"

36
roles/matrix-client-hydrogen/tasks/setup_uninstall.yml Normal file
View File

@ -0,0 +1,36 @@
---
- name: Check existence of matrix-client-hydrogen.service
stat:
path: "{{ matrix_systemd_path }}/matrix-client-hydrogen.service"
register: matrix_client_hydrogen_service_stat
- name: Ensure matrix-client-hydrogen is stopped
service:
name: matrix-client-hydrogen
state: stopped
enabled: no
daemon_reload: yes
register: stopping_result
when: "matrix_client_hydrogen_service_stat.stat.exists|bool"
- name: Ensure matrix-client-hydrogen.service doesn't exist
file:
path: "{{ matrix_systemd_path }}/matrix-client-hydrogen.service"
state: absent
when: "matrix_client_hydrogen_service_stat.stat.exists|bool"
- name: Ensure systemd reloaded after matrix-client-hydrogen.service removal
service:
daemon_reload: yes
when: "matrix_client_hydrogen_service_stat.stat.exists|bool"
- name: Ensure Hydrogen paths doesn't exist
file:
path: "{{ matrix_client_hydrogen_data_path }}"
state: absent
- name: Ensure Hydrogen Docker image doesn't exist
docker_image:
name: "{{ matrix_client_hydrogen_docker_image }}"
state: absent

12
roles/matrix-common-after/tasks/awx_post.yml
View File

@ -1,8 +1,8 @@
---
- name: Create user account @janitor
- name: Create user account @_janitor
command: |
/usr/local/bin/matrix-synapse-register-user janitor {{ awx_janitor_user_password | quote }} 1
/usr/local/bin/matrix-synapse-register-user _janitor {{ awx_janitor_user_password | quote }} 1
register: cmd
when: not awx_janitor_user_created|bool
no_log: True
@ -18,9 +18,9 @@
'awx_janitor_user_created': 'true'
when: not awx_janitor_user_created|bool
- name: Create user account @dimension
- name: Create user account @_dimension
command: |
/usr/local/bin/matrix-synapse-register-user dimension {{ awx_dimension_user_password | quote }} 0
/usr/local/bin/matrix-synapse-register-user _dimension {{ awx_dimension_user_password | quote }} 0
register: cmd
when: not awx_dimension_user_created|bool
no_log: True
@ -36,9 +36,9 @@
'awx_dimension_user_created': 'true'
when: not awx_dimension_user_created|bool
- name: Create user account @mjolnir
- name: Create user account @_mjolnir
command: |
/usr/local/bin/matrix-synapse-register-user mjolnir {{ awx_mjolnir_user_password | quote }} 0
/usr/local/bin/matrix-synapse-register-user _mjolnir {{ awx_mjolnir_user_password | quote }} 0
register: cmd
when: not awx_mjolnir_user_created|bool
no_log: True

4
roles/matrix-corporal/defaults/main.yml
View File

@ -22,7 +22,7 @@ matrix_corporal_container_extra_arguments: []
# List of systemd services that matrix-corporal.service depends on
matrix_corporal_systemd_required_services_list: ['docker.service']
matrix_corporal_version: 2.1.2
matrix_corporal_version: 2.2.2
matrix_corporal_docker_image: "{{ matrix_corporal_docker_image_name_prefix }}devture/matrix-corporal:{{ matrix_corporal_docker_image_tag }}"
matrix_corporal_docker_image_name_prefix: "{{ 'localhost/' if matrix_corporal_container_image_self_build else matrix_container_global_registry_prefix }}"
matrix_corporal_docker_image_tag: "{{ matrix_corporal_version }}" # for backward-compatibility
@ -36,7 +36,7 @@ matrix_corporal_var_dir_path: "{{ matrix_corporal_base_path }}/var"
matrix_corporal_matrix_homeserver_domain_name: "{{ matrix_domain }}"
# Controls where matrix-corporal can reach your Synapse server (e.g. "http://matrix-synapse:8008").
# Controls where matrix-corporal can reach your Synapse server (e.g. "http://matrix-synapse:{{ matrix_synapse_container_client_api_port }}").
# If Synapse runs on the same machine, you may need to add its service to `matrix_corporal_systemd_required_services_list`.
matrix_corporal_matrix_homeserver_api_endpoint: ""

1
roles/matrix-corporal/tasks/setup_corporal.yml
View File

@ -83,6 +83,7 @@
service:
name: matrix-corporal
state: stopped
enabled: no
daemon_reload: yes
register: stopping_result
when: "not matrix_corporal_enabled|bool and matrix_corporal_service_stat.stat.exists"

2
roles/matrix-coturn/defaults/main.yml
View File

@ -5,7 +5,7 @@ matrix_coturn_container_image_self_build_repo: "https://github.com/coturn/coturn
matrix_coturn_container_image_self_build_repo_version: "docker/{{ matrix_coturn_version }}"
matrix_coturn_container_image_self_build_repo_dockerfile_path: "docker/coturn/alpine/Dockerfile"
matrix_coturn_version: 4.5.2-r4
matrix_coturn_version: 4.5.2-r8
matrix_coturn_docker_image: "{{ matrix_coturn_docker_image_name_prefix }}coturn/coturn:{{ matrix_coturn_version }}-alpine"
matrix_coturn_docker_image_name_prefix: "{{ 'localhost/' if matrix_coturn_container_image_self_build else matrix_container_global_registry_prefix }}"
matrix_coturn_docker_image_force_pull: "{{ matrix_coturn_docker_image.endswith(':latest') }}"

2
roles/matrix-coturn/tasks/setup_uninstall.yml
View File

@ -10,6 +10,7 @@
service:
name: matrix-coturn
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_coturn_service_stat.stat.exists|bool"
@ -17,6 +18,7 @@
service:
name: matrix-coturn
state: stopped
enabled: no
daemon_reload: yes
failed_when: false
when: "matrix_coturn_service_stat.stat.exists|bool"

12
roles/matrix-dimension/defaults/main.yml
View File

@ -10,10 +10,16 @@ matrix_dimension_admins: []
# Whether to allow Dimension widgets serve websites with invalid or self signed SSL certificates
matrix_dimension_widgets_allow_self_signed_ssl_certificates: false
matrix_dimension_container_image_self_build: false
matrix_dimension_container_image_self_build_repo: "https://github.com/turt2live/matrix-dimension.git"
matrix_dimension_container_image_self_build_branch: master
matrix_dimension_base_path: "{{ matrix_base_data_path }}/dimension"
matrix_dimension_docker_src_files_path: "{{ matrix_base_data_path }}/docker-src/dimension"
matrix_dimension_version: latest
matrix_dimension_docker_image: "{{ matrix_container_global_registry_prefix }}turt2live/matrix-dimension:{{ matrix_dimension_version }}"
matrix_dimension_docker_image: "{{ matrix_dimension_docker_image_name_prefix }}turt2live/matrix-dimension:{{ matrix_dimension_version }}"
matrix_dimension_docker_image_name_prefix: "{{ 'localhost/' if matrix_dimension_container_image_self_build else matrix_container_global_registry_prefix }}"
matrix_dimension_docker_image_force_pull: "{{ matrix_dimension_docker_image.endswith(':latest') }}"
# List of systemd services that matrix-dimension.service depends on.
@ -39,7 +45,7 @@ matrix_dimension_integrations_rest_url: "https://{{ matrix_server_fqn_dimension
matrix_dimension_integrations_widgets_urls: ["https://{{ matrix_server_fqn_dimension }}/widgets"]
matrix_dimension_integrations_jitsi_widget_url: "https://{{ matrix_server_fqn_dimension }}/widgets/jitsi"
matrix_dimension_homeserver_federationUrl: "http://matrix-synapse:8048"
matrix_dimension_homeserver_federationUrl: ""
# Database-related configuration fields.
@ -48,7 +54,7 @@ matrix_dimension_homeserver_federationUrl: "http://matrix-synapse:8048"
#
# To use Postgres:
# - change the engine (`matrix_dimension_database_engine: 'postgres'`)
# - adjust your database credentials via the `matrix_dimension_postgres_*` variables
# - adjust your database credentials via the `matrix_dimension_database_*` variables
matrix_dimension_database_engine: 'sqlite'
matrix_dimension_sqlite_database_path_local: "{{ matrix_dimension_base_path }}/dimension.db"

23
roles/matrix-dimension/tasks/setup_install.yml
View File

@ -90,6 +90,29 @@
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
force_source: "{{ matrix_dimension_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_dimension_docker_image_force_pull }}"
when: "not matrix_dimension_container_image_self_build|bool"
register: matrix_dimension_pull_results
- name: Ensure dimension repository is present on self-build
git:
repo: "{{ matrix_dimension_container_image_self_build_repo }}"
dest: "{{ matrix_dimension_docker_src_files_path }}"
version: "{{ matrix_dimension_container_image_self_build_branch }}"
force: "yes"
when: "matrix_dimension_container_image_self_build|bool"
register: matrix_dimension_git_pull_results
- name: Ensure Dimension Docker image is built
docker_image:
name: "{{ matrix_dimension_docker_image }}"
source: build
force_source: "{{ matrix_dimension_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_dimension_git_pull_results.changed }}"
build:
dockerfile: Dockerfile
path: "{{ matrix_dimension_docker_src_files_path }}"
pull: yes
when: "matrix_dimension_container_image_self_build|bool"
- name: Ensure matrix-dimension.service installed
template:

1
roles/matrix-dimension/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-dimension
state: stopped
enabled: no
daemon_reload: yes
register: stopping_result
when: "matrix_dimension_service_stat.stat.exists|bool"

1
roles/matrix-dynamic-dns/tasks/uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-dynamic-dns
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_dynamic_dns_service_stat.stat.exists"

1
roles/matrix-email2matrix/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-email2matrix
state: stopped
enabled: no
daemon_reload: yes
register: stopping_result
when: "matrix_email2matrix_service_stat.stat.exists|bool"

1
roles/matrix-etherpad/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-etherpad
state: stopped
enabled: no
daemon_reload: yes
register: stopping_result
when: "matrix_etherpad_service_stat.stat.exists|bool"

2
roles/matrix-grafana/defaults/main.yml
View File

@ -3,7 +3,7 @@
matrix_grafana_enabled: false
matrix_grafana_version: 8.1.4
matrix_grafana_version: 8.3.3
matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}"
matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}"

1
roles/matrix-grafana/tasks/setup.yml
View File

@ -93,6 +93,7 @@
service:
name: matrix-grafana
state: stopped
enabled: no
daemon_reload: yes
register: stopping_result
when: "not matrix_grafana_enabled|bool and matrix_grafana_service_stat.stat.exists"

22
roles/matrix-jitsi/defaults/main.yml
View File

@ -8,11 +8,25 @@ matrix_jitsi_enable_recording: false
matrix_jitsi_enable_transcriptions: false
matrix_jitsi_enable_p2p: true
matrix_jitsi_enable_av_moderation: true
matrix_jitsi_enable_breakout_rooms: true
# Authentication type, must be one of internal, jwt or ldap. Currently only
# internal and ldap are supported by this playbook.
# Authentication type, must be one of internal, jwt or ldap.
# Currently only internal and ldap mechanisms are supported by this playbook.
matrix_jitsi_auth_type: internal
# A list of Jitsi (Prosody) accounts to create using the internal authentication mechanism.
#
# Accounts added here and subsquently removed will not be automatically removed
# from the Prosody server until user account cleaning is integrated into the playbook.
#
# Example:
# matrix_jitsi_prosody_auth_internal_accounts:
# - username: "jitsi-moderator"
# password: "secret-password"
# - username: "another-user"
# password: "another-password"
matrix_jitsi_prosody_auth_internal_accounts: []
# Configuration options for LDAP authentication. For details see upstream:
# https://github.com/jitsi/docker-jitsi-meet#authentication-using-ldap.
# Defaults are taken from:
@ -54,7 +68,7 @@ matrix_jitsi_jibri_recorder_password: ''
matrix_jitsi_enable_lobby: false
matrix_jitsi_version: stable-6173
matrix_jitsi_version: stable-6726-1
matrix_jitsi_container_image_tag: "{{ matrix_jitsi_version }}" # for backward-compatibility
matrix_jitsi_web_docker_image: "{{ matrix_container_global_registry_prefix }}jitsi/web:{{ matrix_jitsi_container_image_tag }}"
@ -63,6 +77,7 @@ matrix_jitsi_web_docker_image_force_pull: "{{ matrix_jitsi_web_docker_image.ends
matrix_jitsi_web_base_path: "{{ matrix_base_data_path }}/jitsi/web"
matrix_jitsi_web_config_path: "{{ matrix_jitsi_web_base_path }}/config"
matrix_jitsi_web_transcripts_path: "{{ matrix_jitsi_web_base_path }}/transcripts"
matrix_jitsi_web_crontabs_path: "{{ matrix_jitsi_web_base_path }}/crontabs"
matrix_jitsi_web_public_url: "https://{{ matrix_server_fqn_jitsi }}"
@ -205,7 +220,6 @@ matrix_jitsi_jicofo_component_secret: ''
matrix_jitsi_jicofo_auth_user: focus
matrix_jitsi_jicofo_auth_password: ''
matrix_jitsi_jvb_docker_image: "{{ matrix_container_global_registry_prefix }}jitsi/jvb:{{ matrix_jitsi_container_image_tag }}"
matrix_jitsi_jvb_docker_image_force_pull: "{{ matrix_jitsi_jvb_docker_image.endswith(':latest') }}"

1
roles/matrix-jitsi/tasks/setup_jitsi_jicofo.yml
View File

@ -68,6 +68,7 @@
service:
name: matrix-jitsi-jicofo
state: stopped
enabled: no
daemon_reload: yes
register: stopping_result
when: "not matrix_jitsi_enabled|bool and matrix_jitsi_jicofo_service_stat.stat.exists"

1
roles/matrix-jitsi/tasks/setup_jitsi_jvb.yml
View File

@ -68,6 +68,7 @@
service:
name: matrix-jitsi-jvb
state: stopped
enabled: no
daemon_reload: yes
register: stopping_result
when: "not matrix_jitsi_enabled|bool and matrix_jitsi_jvb_service_stat.stat.exists"

23
roles/matrix-jitsi/tasks/setup_jitsi_prosody.yml
View File

@ -4,7 +4,7 @@
# Tasks related to setting up jitsi-prosody
#
- name: Ensure Matrix jitsi-prosody path exists
- name: Ensure Matrix jitsi-prosody environment exists
file:
path: "{{ item.path }}"
state: directory
@ -25,14 +25,14 @@
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_jitsi_prosody_docker_image_force_pull }}"
when: matrix_jitsi_enabled|bool
- name: Ensure jitsi-prosody environment variables file created
- name: Ensure jitsi-prosody environment variables file is created
template:
src: "{{ role_path }}/templates/prosody/env.j2"
dest: "{{ matrix_jitsi_prosody_base_path }}/env"
mode: 0640
when: matrix_jitsi_enabled|bool
- name: Ensure matrix-jitsi-prosody.service installed
- name: Ensure matrix-jitsi-prosody.service file is installed
template:
src: "{{ role_path }}/templates/prosody/matrix-jitsi-prosody.service.j2"
dest: "{{ matrix_systemd_path }}/matrix-jitsi-prosody.service"
@ -40,16 +40,24 @@
register: matrix_jitsi_prosody_systemd_service_result
when: matrix_jitsi_enabled|bool
- name: Ensure systemd reloaded after matrix-jitsi-prosody.service installation
- name: Ensure systemd service is reloaded after matrix-jitsi-prosody.service installation
service:
daemon_reload: yes
when: "matrix_jitsi_enabled and matrix_jitsi_prosody_systemd_service_result.changed"
- name: Ensure authentication is properly configured
include_tasks:
file: "{{ role_path }}/tasks/util/setup_jitsi_auth.yml"
when:
- matrix_jitsi_enabled|bool
- matrix_jitsi_enable_auth|bool
#
# Tasks related to getting rid of jitsi-prosody (if it was previously enabled)
#
- name: Check existence of matrix-jitsi-prosody service
- name: Ensure matrix-jitsi-prosody.service file exists
stat:
path: "{{ matrix_systemd_path }}/matrix-jitsi-prosody.service"
register: matrix_jitsi_prosody_service_stat
@ -59,17 +67,18 @@
service:
name: matrix-jitsi-prosody
state: stopped
enabled: no
daemon_reload: yes
register: stopping_result
when: "not matrix_jitsi_enabled|bool and matrix_jitsi_prosody_service_stat.stat.exists"
- name: Ensure matrix-jitsi-prosody.service doesn't exist
- name: Ensure matrix-jitsi-prosody.service file doesn't exist
file:
path: "{{ matrix_systemd_path }}/matrix-jitsi-prosody.service"
state: absent
when: "not matrix_jitsi_enabled|bool and matrix_jitsi_prosody_service_stat.stat.exists"
- name: Ensure systemd reloaded after matrix-jitsi-prosody.service removal
- name: Ensure systemd is reloaded after matrix-jitsi-prosody.service removal
service:
daemon_reload: yes
when: "not matrix_jitsi_enabled|bool and matrix_jitsi_prosody_service_stat.stat.exists"

2
roles/matrix-jitsi/tasks/setup_jitsi_web.yml
View File

@ -15,6 +15,7 @@
- { path: "{{ matrix_jitsi_web_base_path }}", when: true }
- { path: "{{ matrix_jitsi_web_config_path }}", when: true }
- { path: "{{ matrix_jitsi_web_transcripts_path }}", when: true }
- { path: "{{ matrix_jitsi_web_crontabs_path }}", when: true }
when: matrix_jitsi_enabled|bool and item.when
- name: Ensure jitsi-web Docker image is pulled
@ -69,6 +70,7 @@
service:
name: matrix-jitsi-web
state: stopped
enabled: no
daemon_reload: yes
register: stopping_result
when: "not matrix_jitsi_enabled|bool and matrix_jitsi_web_service_stat.stat.exists"

43
roles/matrix-jitsi/tasks/util/setup_jitsi_auth.yml Normal file
View File

@ -0,0 +1,43 @@
---
#
# Start Necessary Services
#
- name: Ensure matrix-jitsi-prosody container is running
systemd:
state: started
name: matrix-jitsi-prosody
register: matrix_jitsi_prosody_start_result
#
# Tasks related to configuring Jitsi internal authentication
#
- name: Ensure Jitsi internal authentication users are configured
shell: "docker exec matrix-jitsi-prosody prosodyctl --config /config/prosody.cfg.lua register {{ item.username | quote }} meet.jitsi {{ item.password | quote }}"
with_items: "{{ matrix_jitsi_prosody_auth_internal_accounts }}"
when:
- matrix_jitsi_auth_type == "internal"
- matrix_jitsi_prosody_auth_internal_accounts|length > 0
#
# Tasks related to configuring other Jitsi authentication mechanisms
#
#
# Tasks related to cleaning after Jitsi authentication configuration
#
#
# Stop Necessary Services
#
- name: Ensure matrix-jitsi-prosody container is stopped if necessary
systemd:
state: stopped
name: matrix-jitsi-prosody
when: matrix_jitsi_prosody_start_result.changed|bool

Some files were not shown because too many files have changed in this diff Show More