Merge 4dee25d0e64ab9f40002318c69154308f85b26f0 into a9ceb57b4fc5ea6f125c0bb9371dbf7887699652

Use "alice" as placeholder username instead of "john"

.travis.yml

@@ -0,0 +1,9 @@
+---
+language: python
+services: docker
+
+install:
+  - pip install molecule docker
+
+script:
+  - cd roles/matrix-coturn && molecule test

CHANGELOG.md

@@ -1354,7 +1354,7 @@ Our [justfile](justfile) already defines some additional helpful **shortcut** co
 - `just run-tags install-mautrix-slack,start` - to run specific playbook tags
 - `just start-all` - (re-)starts all services
 - `just stop-group postgres` - to stop only the Postgres service
-- `just register-user john secret-password yes` - registers a `john` user with the `secret-password` password and admin access (admin = `yes`)
+- `just register-user alice secret-password yes` - registers an `alice` user with the `secret-password` password and admin access (admin = `yes`)
 
 Additional helpful commands and shortcuts may be defined in the future.
 

docs/installing.md

@@ -83,13 +83,13 @@ To create your user account (as an administrator of the server) via this Ansible
 
 **Notes**:
 - Make sure to adjust `YOUR_USERNAME_HERE` and `YOUR_PASSWORD_HERE`
-- For `YOUR_USERNAME_HERE`, use a plain username like `john`, not your full identifier (`@user:example.com`)
+- For `YOUR_USERNAME_HERE`, use a plain username like `alice`, not your full identifier (`@alice:example.com`)
 - Use `admin=yes` to make your user account an administrator of the Matrix server
 
 ```sh
 ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=YOUR_USERNAME_HERE password=YOUR_PASSWORD_HERE admin=yes' --tags=register-user
 
-# Example: ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=john password=secret-password admin=yes' --tags=register-user
+# Example: ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=alice password=secret-password admin=yes' --tags=register-user
 ```
 
 Feel free to create as many accounts (for friends, family, etc.) as you want. Still, perhaps you should grant full administrative access to your account only (with `admin=yes`), and others should be created with `admin=no`.

docs/just.md

@@ -10,18 +10,18 @@ For some recipes such as `just update`, our `justfile` recommends installing [`a
 
 Here are some examples of shortcuts:
 
-| Shortcut                                      | Result                                                                                                         |
-|-----------------------------------------------|----------------------------------------------------------------------------------------------------------------|
-| `just roles`                                  | Install the necessary Ansible roles pinned in [`requirements.yml`](../requirements.yml)                        |
-| `just update`                                 | Run `git pull` (to update the playbook) and install the Ansible roles                                          |
-| `just install-all`                            | Run `ansible-playbook -i inventory/hosts setup.yml --tags=install-all,ensure-matrix-users-created,start`       |
-| `just setup-all`                              | Run `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,ensure-matrix-users-created,start`         |
-| `just install-all --ask-vault-pass`           | Run commands with additional arguments (`--ask-vault-pass` will be appended to the above installation command) |
-| `just run-tags install-mautrix-slack,start`   | Run specific playbook tags (here `install-mautrix-slack` and `start`)                                          |
-| `just install-service mautrix-slack`          | Run `just run-tags install-mautrix-slack,start` with even less typing                                          |
-| `just start-all`                              | (Re-)starts all services                                                                                       |
-| `just stop-group postgres`                    | Stop only the Postgres service                                                                                 |
-| `just register-user john secret-password yes` | Registers a `john` user with the `secret-password` password and admin access (admin = `yes`)                   |
+| Shortcut                                       | Result                                                                                                         |
+|------------------------------------------------|----------------------------------------------------------------------------------------------------------------|
+| `just roles`                                   | Install the necessary Ansible roles pinned in [`requirements.yml`](../requirements.yml)                        |
+| `just update`                                  | Run `git pull` (to update the playbook) and install the Ansible roles                                          |
+| `just install-all`                             | Run `ansible-playbook -i inventory/hosts setup.yml --tags=install-all,ensure-matrix-users-created,start`       |
+| `just setup-all`                               | Run `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,ensure-matrix-users-created,start`         |
+| `just install-all --ask-vault-pass`            | Run commands with additional arguments (`--ask-vault-pass` will be appended to the above installation command) |
+| `just run-tags install-mautrix-slack,start`    | Run specific playbook tags (here `install-mautrix-slack` and `start`)                                          |
+| `just install-service mautrix-slack`           | Run `just run-tags install-mautrix-slack,start` with even less typing                                          |
+| `just start-all`                               | (Re-)starts all services                                                                                       |
+| `just stop-group postgres`                     | Stop only the Postgres service                                                                                 |
+| `just register-user alice secret-password yes` | Registers an `alice` user with the `secret-password` password and admin access (admin = `yes`)                 |
 
 While [our documentation on prerequisites](prerequisites.md) lists `just` as one of the requirements for installation, using `just` is optional. If you find it difficult to install it, do not find it useful, or want to prefer raw `ansible-playbook` commands for some reason, feel free to run all commands manually. For example, you can run `ansible-galaxy` directly to install the Ansible roles: `rm -rf roles/galaxy; ansible-galaxy install -r requirements.yml -p roles/galaxy/ --force`.
 

docs/quick-start.md

@@ -136,12 +136,12 @@ To create your user account (as an administrator of the server) via this Ansible
 
 **💡 Notes**:
 - Make sure to adjust `YOUR_USERNAME_HERE` and `YOUR_PASSWORD_HERE`
-- For `YOUR_USERNAME_HERE`, use a plain username like `john`, not your full identifier (`@user:example.com`)
+- For `YOUR_USERNAME_HERE`, use a plain username like `alice`, not your full identifier (`@alice:example.com`)
 
 ```sh
 ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=YOUR_USERNAME_HERE password=YOUR_PASSWORD_HERE admin=yes' --tags=register-user
 
-# Example: ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=john password=secret-password admin=yes' --tags=register-user
+# Example: ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=alice password=secret-password admin=yes' --tags=register-user
 ```
 
 <!--

docs/registering-users.md

@@ -16,7 +16,7 @@ Table of contents:
 
 **Notes**:
 - Make sure to adjust `USERNAME_HERE` and `PASSWORD_HERE`
-- For `USERNAME_HERE`, use a plain username like `john`, not a full identifier (`@user:example.com`)
+- For `USERNAME_HERE`, use a plain username like `alice`, not a full identifier (`@alice:example.com`)
 - Use `admin=yes` or `admin=no` depending on whether you wish to make the user an administrator of the Matrix server
 
 After registering a user (using one of the methods below), **you can log in with that user** via the [Element Web](configuring-playbook-client-element-web.md) service that this playbook has installed for you at a URL like this: `https://element.example.com/`.
@@ -30,7 +30,7 @@ To register a user via this Ansible playbook:
 ```sh
 just register-user USERNAME_HERE PASSWORD_HERE <admin access: yes or no>
 
-# Example: `just register-user john secret-password yes`
+# Example: `just register-user alice secret-password yes`
 ```
 
 **or** by invoking `ansible-playbook` manually:
@@ -38,7 +38,7 @@ just register-user USERNAME_HERE PASSWORD_HERE <admin access: yes or no>
 ```sh
 ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=USERNAME_HERE password=PASSWORD_HERE admin=<yes|no>' --tags=register-user
 
-# Example: ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=john password=secret-password admin=yes' --tags=register-user
+# Example: ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=alice password=secret-password admin=yes' --tags=register-user
 ```
 
 Feel free to register as many users (for friends, family, etc.) as you want. Still, perhaps you should grant full administrative access to your user account only (with `admin=yes`), and others should be created with `admin=no`.
@@ -52,7 +52,7 @@ If you're using the [Synapse](configuring-playbook-synapse.md) homeserver implem
 ```sh
 /matrix/synapse/bin/register-user USERNAME_HERE PASSWORD_HERE <admin access: 0 or 1>
 
-# Example: `/matrix/synapse/bin/register-user john secret-password 1`
+# Example: `/matrix/synapse/bin/register-user alice secret-password 1`
 ```
 
 ### Registering users manually for Dendrite
@@ -62,7 +62,7 @@ If you're using the [Dendrite](./configuring-playbook-dendrite.md) homeserver im
 ```sh
 /matrix/dendrite/bin/create-account USERNAME_HERE PASSWORD_HERE <admin access: 0 or 1>
 
-# Example: `/matrix/dendrite/bin/create-account john secret-password 1`
+# Example: `/matrix/dendrite/bin/create-account alice secret-password 1`
 ```
 
 ### Registering users manually for Matrix Authentication Service
@@ -72,7 +72,7 @@ If you're using the [Matrix Authentication Service](./configuring-playbook-matri
 ```sh
 /matrix/matrix-authentication-service/bin/register-user USERNAME_HERE PASSWORD_HERE <admin access: 0 or 1>
 
-# Example: `/matrix/matrix-authentication-service/bin/register-user john secret-password 1`
+# Example: `/matrix/matrix-authentication-service/bin/register-user alice secret-password 1`
 ```
 
 This `register-user` script actually invokes the `mas-cli manage register-user` command under the hood. If you'd like more control over the registration process, consider invoking the `mas-cli` command directly:

docs/updating-users-passwords.md

@@ -4,7 +4,7 @@
 
 **Notes**:
 - Make sure to adjust `USERNAME_HERE` and `PASSWORD_HERE`
-- For `USERNAME_HERE`, use a plain username like `john`, not a full identifier (`@user:example.com`)
+- For `USERNAME_HERE`, use a plain username like `alice`, not a full identifier (`@alice:example.com`)
 
 You can reset a user's password via the Ansible playbook:
 

roles/custom/matrix-user-creator/vars/main.yml

@@ -18,7 +18,7 @@
 #     initial_password: some-password
 #     initial_type: admin
 #
-#   - username: john
+#   - username: alice
 #     initial_password: some-password
 #     initial_type: user
 #

roles/matrix-coturn/.yamllint

@@ -0,0 +1,33 @@
+---
+# Based on ansible-lint config
+extends: default
+
+rules:
+  braces:
+    max-spaces-inside: 1
+    level: error
+  brackets:
+    max-spaces-inside: 1
+    level: error
+  colons:
+    max-spaces-after: -1
+    level: error
+  commas:
+    max-spaces-after: -1
+    level: error
+  comments: disable
+  comments-indentation: disable
+  document-start: disable
+  empty-lines:
+    max: 3
+    level: error
+  hyphens:
+    level: error
+  indentation: disable
+  key-duplicates: enable
+  line-length: disable
+  new-line-at-end-of-file: disable
+  new-lines:
+    type: unix
+  trailing-spaces: disable
+  truthy: disable

roles/matrix-coturn/molecule/default/INSTALL.rst

@@ -0,0 +1,22 @@
+*******
+Docker driver installation guide
+*******
+
+Requirements
+============
+
+* Docker Engine
+
+Install
+=======
+
+Please refer to the `Virtual environment`_ documentation for installation best
+practices. If not using a virtual environment, please consider passing the
+widely recommended `'--user' flag`_ when invoking ``pip``.
+
+.. _Virtual environment: https://virtualenv.pypa.io/en/latest/
+.. _'--user' flag: https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site
+
+.. code-block:: bash
+
+    $ python3 -m pip install 'molecule[docker]'

roles/matrix-coturn/molecule/default/converge.yml

@@ -0,0 +1,29 @@
+---
+- name: Converge
+  hosts: all
+  tasks:
+    - name: "Include matrix-base"
+      include_role:
+        name: "matrix-base"
+      vars:
+        matrix_domain: "example.org"
+        matrix_vars_yml_snapshotting_enabled: false
+        run_self_check: false
+    - name: "Include matrix-coturn"
+      include_role:
+        name: "matrix-coturn"
+      vars:
+        matrix_systemd_services_list: []
+        run_setup: true
+        matrix_base_data_path: "/matrix"
+        matrix_user_username: "root"
+        matrix_user_groupname: "root"
+        matrix_server_fqn_matrix: "example.org"
+        matrix_systemd_path: "/etc/systemd/system"
+        matrix_host_command_docker: "/usr/bin/env docker"
+        # matrix_user_uid: 0
+        # matrix_user_gid: 0
+        # maybe those should be added in role default/main.yml
+        matrix_coturn_enabled: true
+        matrix_coturn_turn_external_ip_address: 127.0.0.1
+        matrix_coturn_turn_static_auth_secret: "VeryFakeSecret"

roles/matrix-coturn/molecule/default/molecule.yml

@@ -0,0 +1,27 @@
+---
+dependency:
+  name: galaxy
+driver:
+  name: docker
+platforms:
+  - name: coturn-test
+    image: fanchthesystem/ubuntu18-with-systemd:latest #fanchthesystem/centos7-with-systemd:latest # docker.io/pycontribs/centos:7
+    override_command: false
+    privileged: true
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+#      - /var/run/docker.sock:/var/run/docker.sock
+#    network:
+#      - name: dind-network
+#    env:
+#      DOCKER_HOST: "tcp://dind:2375"
+#    https://blog.alekc.org/testing-ansible-roles-with-molecule-using-dind/
+# https://github.com/ansible/ansible/issues/71528
+provisioner:
+  name: ansible
+  log: true
+  config_options:
+    defaults:
+      timeout: 60
+verifier:
+  name: ansible

roles/matrix-coturn/molecule/default/verify.yml

@@ -0,0 +1,9 @@
+---
+# This is an example playbook to execute Ansible tests.
+
+- name: Verify
+  hosts: all
+  tasks:
+  - name: Example assertion
+    assert:
+      that: true