mirror of
https://github.com/spantaleev/matrix-docker-ansible-deploy.git
synced 2025-01-26 09:54:56 +01:00
Move exim-relay service to its own network and connect Synapse & ma1sd to it automatically
This commit is contained in:
parent
0bb40d1337
commit
d116d863e6
@ -21,7 +21,7 @@ Possibly outdated list of roles where self-building the Docker image is currentl
|
||||
- `matrix-corporal`
|
||||
- `matrix-dimension`
|
||||
- `matrix-ma1sd`
|
||||
- `matrix-mailer`
|
||||
- `exim-relay`
|
||||
- `matrix-bridge-hookshot`
|
||||
- `matrix-bridge-appservice-irc`
|
||||
- `matrix-bridge-appservice-slack`
|
||||
|
@ -2623,8 +2623,6 @@ exim_relay_base_path: "{{ matrix_base_data_path }}/exim-relay"
|
||||
exim_relay_uid: "{{ matrix_user_uid }}"
|
||||
exim_relay_gid: "{{ matrix_user_gid }}"
|
||||
|
||||
exim_relay_container_network: "{{ matrix_docker_network }}"
|
||||
|
||||
exim_relay_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm32', 'arm64'] }}"
|
||||
|
||||
exim_relay_hostname: "{{ matrix_server_fqn_matrix }}"
|
||||
@ -2662,6 +2660,12 @@ matrix_ma1sd_container_image_self_build: "{{ matrix_architecture != 'amd64' }}"
|
||||
# ma1sd's web-server port.
|
||||
matrix_ma1sd_container_http_host_bind_port: "{{ (matrix_playbook_service_host_bind_interface_prefix ~ '' ~ matrix_ma1sd_container_port | string) if matrix_playbook_service_host_bind_interface_prefix else '' }}"
|
||||
|
||||
matrix_ma1sd_container_additional_networks: |
|
||||
{{
|
||||
(
|
||||
([exim_relay_container_network] if (exim_relay_enabled and matrix_ma1sd_threepid_medium_email_connectors_smtp_host == exim_relay_identifier and matrix_ma1sd_container_network != exim_relay_container_network) else [])
|
||||
) | unique
|
||||
}}
|
||||
|
||||
# We enable Synapse integration via its Postgres database by default.
|
||||
# When using another Identity store, you might wish to disable this and define
|
||||
@ -2684,18 +2688,16 @@ matrix_ma1sd_threepid_medium_email_connectors_smtp_tls: 0
|
||||
|
||||
matrix_ma1sd_self_check_validate_certificates: "{{ false if matrix_playbook_ssl_retrieval_method == 'self-signed' else true }}"
|
||||
|
||||
matrix_ma1sd_systemd_required_services_list: |
|
||||
matrix_ma1sd_systemd_required_services_list_auto: |
|
||||
{{
|
||||
([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled else [])
|
||||
([devture_postgres_identifier ~ '.service'] if (devture_postgres_enabled and matrix_ma1sd_database_hostname == devture_postgres_connection_hostname) else [])
|
||||
}}
|
||||
|
||||
matrix_ma1sd_systemd_wanted_services_list: |
|
||||
matrix_ma1sd_systemd_wanted_services_list_auto: |
|
||||
{{
|
||||
(['matrix-corporal.service'] if matrix_corporal_enabled else ['matrix-' + matrix_homeserver_implementation + '.service'])
|
||||
+
|
||||
([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled else [])
|
||||
+
|
||||
([exim_relay_identifier ~ '.service'] if exim_relay_enabled else [])
|
||||
([exim_relay_identifier ~ '.service'] if (exim_relay_enabled and matrix_ma1sd_threepid_medium_email_connectors_smtp_host == exim_relay_identifier) else [])
|
||||
}}
|
||||
|
||||
# Postgres is the default, except if not using internal Postgres server
|
||||
@ -3625,7 +3627,11 @@ matrix_synapse_container_manhole_api_host_bind_port: "{{ (matrix_playbook_servic
|
||||
|
||||
matrix_synapse_container_additional_networks: |
|
||||
{{
|
||||
([redis_container_network] if matrix_synapse_redis_enabled and matrix_synapse_redis_host == redis_identifier else [])
|
||||
(
|
||||
([redis_container_network] if matrix_synapse_redis_enabled and matrix_synapse_redis_host == redis_identifier else [])
|
||||
+
|
||||
([exim_relay_container_network] if (exim_relay_enabled and matrix_synapse_email_enabled and matrix_synapse_email_smtp_host == exim_relay_identifier and matrix_synapse_container_network != exim_relay_container_network) else [])
|
||||
) | unique
|
||||
}}
|
||||
|
||||
# For exposing the Synapse worker (and metrics) ports to the local host.
|
||||
|
@ -19,7 +19,7 @@
|
||||
version: v1.9.6-0
|
||||
name: etherpad
|
||||
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-exim-relay.git
|
||||
version: v4.97-r0-0-0
|
||||
version: v4.97-r0-0-1
|
||||
name: exim_relay
|
||||
- src: git+https://gitlab.com/etke.cc/roles/grafana.git
|
||||
version: v10.2.3-0
|
||||
|
@ -31,10 +31,19 @@ matrix_ma1sd_container_http_host_bind_port: ''
|
||||
matrix_ma1sd_container_extra_arguments: []
|
||||
|
||||
# List of systemd services that matrix-ma1sd.service depends on
|
||||
matrix_ma1sd_systemd_required_services_list: ['docker.service']
|
||||
matrix_ma1sd_systemd_required_services_list: "{{ matrix_ma1sd_systemd_required_services_list_default + matrix_ma1sd_systemd_required_services_list_auto + matrix_ma1sd_systemd_required_services_list_custom }}"
|
||||
matrix_ma1sd_systemd_required_services_list_default: ['docker.service']
|
||||
matrix_ma1sd_systemd_required_services_list_auto: []
|
||||
matrix_ma1sd_systemd_required_services_list_custom: []
|
||||
|
||||
# List of systemd services that matrix-ma1sd.service wants
|
||||
matrix_ma1sd_systemd_wanted_services_list: []
|
||||
matrix_ma1sd_systemd_wanted_services_list: "{{ matrix_ma1sd_systemd_wanted_services_list_default + matrix_ma1sd_systemd_wanted_services_list_auto + matrix_ma1sd_systemd_wanted_services_list_custom }}"
|
||||
matrix_ma1sd_systemd_wanted_services_list_default: []
|
||||
matrix_ma1sd_systemd_wanted_services_list_auto: []
|
||||
matrix_ma1sd_systemd_wanted_services_list_custom: []
|
||||
|
||||
# The base container network. It will be auto-created by this role if it doesn't exist already.
|
||||
matrix_ma1sd_container_network: "{{ matrix_docker_network }}"
|
||||
|
||||
# A list of additional container networks that matrix-ma1sd would be connected to.
|
||||
# The playbook does not create these networks, so make sure they already exist.
|
||||
|
@ -26,7 +26,7 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
|
||||
--cap-drop=ALL \
|
||||
--read-only \
|
||||
--tmpfs=/tmp:rw,exec,nosuid,size=10m \
|
||||
--network={{ matrix_docker_network }} \
|
||||
--network={{ matrix_ma1sd_container_network }} \
|
||||
{% if matrix_ma1sd_container_http_host_bind_port %}
|
||||
-p {{ matrix_ma1sd_container_http_host_bind_port }}:{{ matrix_ma1sd_container_port }} \
|
||||
{% endif %}
|
||||
|
Loading…
x
Reference in New Issue
Block a user