matrix-docker-ansible-deploy/roles/matrix-awx/tasks/set_variables_synapse.yml

- name: Limit max upload size to 200MB part 1
  set_fact:
    matrix_synapse_max_upload_size_mb: "200"
  when: awx_synapse_max_upload_size_mb | int >= 200

- name: Limit max upload size to 200MB part 2
  set_fact:
    matrix_synapse_max_upload_size_mb: "{{ awx_synapse_max_upload_size_mb }}"
  when: awx_synapse_max_upload_size_mb | int < 200

- name: Record Synapse variables locally on AWX
  delegate_to: 127.0.0.1
  lineinfile:
    path: '{{ awx_cached_matrix_vars }}'
    regexp: "^#? *{{ item.key | regex_escape() }}:"
    line: "{{ item.key }}: {{ item.value }}"
    insertafter: '# Synapse Settings Start'
  with_dict:
    'matrix_synapse_allow_public_rooms_over_federation': '{{ matrix_synapse_allow_public_rooms_over_federation }}'
    'matrix_synapse_enable_registration': '{{ matrix_synapse_enable_registration }}'
    'matrix_synapse_federation_enabled': '{{ matrix_synapse_federation_enabled }}'
    'matrix_synapse_enable_group_creation': '{{ matrix_synapse_enable_group_creation }}'
    'matrix_synapse_presence_enabled': '{{ matrix_synapse_presence_enabled }}'
    'matrix_synapse_max_upload_size_mb': '{{ matrix_synapse_max_upload_size_mb }}'
    'matrix_synapse_url_preview_enabled': '{{ matrix_synapse_url_preview_enabled }}'
    'matrix_synapse_allow_guest_access': '{{ matrix_synapse_allow_guest_access }}'

- name: Empty Synapse variable 'matrix_synapse_auto_join_rooms' locally on AWX, if raw inputs empty
  delegate_to: 127.0.0.1
  replace:
    path: '{{ awx_cached_matrix_vars }}'
    regexp: "^matrix_synapse_auto_join_rooms: .*$"
    replace: "matrix_synapse_auto_join_rooms: []"
  when: awx_synapse_auto_join_rooms | length == 0

- name: If the raw inputs is not empty start constructing parsed auto_join_rooms list
  set_fact:
    awx_synapse_auto_join_rooms_array: |-
      {{ awx_synapse_auto_join_rooms.splitlines() | to_json }}
  when: awx_synapse_auto_join_rooms | length > 0

- name: Record Synapse variable 'matrix_synapse_auto_join_rooms' locally on AWX, if it's not blank
  delegate_to: 127.0.0.1
  lineinfile:
    path: '{{ awx_cached_matrix_vars }}'
    regexp: "^#? *{{ item.key | regex_escape() }}:"
    line: "{{ item.key }}: {{ item.value }}"
    insertafter: '# Synapse Settings Start'
  with_dict:
    "matrix_synapse_auto_join_rooms": "{{ awx_synapse_auto_join_rooms_array }}"
  when: awx_synapse_auto_join_rooms | length > 0

- name: Record Synapse Shared Secret if it's defined
  delegate_to: 127.0.0.1
  lineinfile:
    path: '{{ awx_cached_matrix_vars }}'
    regexp: "^#? *{{ item.key | regex_escape() }}:"
    line: "{{ item.key }}: {{ item.value }}"
    insertafter: '# Synapse Settings Start'
  with_dict:
    'matrix_synapse_registration_shared_secret': '{{ awx_matrix_synapse_registration_shared_secret }}'
  when: awx_matrix_synapse_registration_shared_secret | length > 0

- name: Record registations_require_3pid extra variable if true
  delegate_to: 127.0.0.1
  lineinfile:
    path: '{{ awx_cached_matrix_vars }}'
    regexp: "{{ item }}"
    line: "{{ item }}"
    insertbefore: '# Synapse Extension End'
  with_items:
    - "  registrations_require_3pid:"
    - "    - email"
  when: awx_registrations_require_3pid | bool

- name: Remove registrations_require_3pid extra variable if false
  delegate_to: 127.0.0.1
  lineinfile:
    path: '{{ awx_cached_matrix_vars }}'
    regexp: "{{ item }}"
    line: "{{ item }}"
    insertbefore: '# Synapse Extension End'
    state: absent
  with_items:
    - "  registrations_require_3pid:"
    - "    - email"
  when: not awx_registrations_require_3pid | bool

- name: Remove URL Languages
  delegate_to: 127.0.0.1
  replace:
    path: '{{ awx_cached_matrix_vars }}'
    regexp: '^(?!.*\bemail\b)    - [a-zA-Z\-]{2,5}\n'
    after: '  url_preview_accept_language:'
    before: '# Synapse Extension End'

- name: Set URL languages default if raw inputs empty
  set_fact:
    awx_url_preview_accept_language_default: 'en'
  when: awx_url_preview_accept_language | length == 0

- name: Set URL languages default if raw inputs not empty
  set_fact:
    awx_url_preview_accept_language_default: "{{ awx_url_preview_accept_language }}"
  when: awx_url_preview_accept_language|length > 0

- name: Set URL languages if raw inputs empty
  delegate_to: 127.0.0.1
  lineinfile:
    path: '{{ awx_cached_matrix_vars }}'
    insertafter: '^  url_preview_accept_language:'
    line: "    - {{ awx_url_preview_accept_language_default }}"
  when: awx_url_preview_accept_language|length == 0

- name: Set URL languages if raw inputs not empty
  delegate_to: 127.0.0.1
  lineinfile:
    path: '{{ awx_cached_matrix_vars }}'
    insertafter: '^  url_preview_accept_language:'
    line: "    - {{ item }}"
  with_items: "{{ awx_url_preview_accept_language.splitlines() }}"
  when: awx_url_preview_accept_language | length > 0

- name: Remove Federation Whitelisting 1
  delegate_to: 127.0.0.1
  replace:
    path: '{{ awx_cached_matrix_vars }}'
    regexp: '^    - [a-z0-9]+\.[a-z0-9.]+\n'
    after: '  federation_domain_whitelist:'
    before: '# Synapse Extension End'

- name: Remove Federation Whitelisting 2
  delegate_to: 127.0.0.1
  lineinfile:
    path: '{{ awx_cached_matrix_vars }}'
    line: "  federation_domain_whitelist:"
    state: absent

- name: Set Federation Whitelisting 1
  delegate_to: 127.0.0.1
  lineinfile:
    path: '{{ awx_cached_matrix_vars }}'
    insertafter: '^matrix_synapse_configuration_extension_yaml: \|'
    line: "  federation_domain_whitelist:"
  when: awx_federation_whitelist | length > 0

- name: Set Federation Whitelisting 2
  delegate_to: 127.0.0.1
  lineinfile:
    path: '{{ awx_cached_matrix_vars }}'
    insertafter: '^  federation_domain_whitelist:'
    line: "    - {{ item }}"
  with_items: "{{ awx_federation_whitelist.splitlines() }}"
  when: awx_federation_whitelist | length > 0

- name: Set awx_recaptcha_public_key to a 'public-key' if undefined
  set_fact: awx_recaptcha_public_key="public-key"
  when: (awx_recaptcha_public_key is not defined) or (awx_recaptcha_public_key|length == 0)

- name: Set awx_recaptcha_private_key to a 'private-key' if undefined
  set_fact: awx_recaptcha_private_key="private-key"
  when: (awx_recaptcha_private_key is not defined) or (awx_recaptcha_private_key|length == 0)

- name: Record Synapse Extension variables locally on AWX
  delegate_to: 127.0.0.1
  lineinfile:
    path: '{{ awx_cached_matrix_vars }}'
    regexp: "^#? *{{ item.key | regex_escape() }}:"
    line: "{{ item.key }}: {{ item.value }}"
    insertbefore: '# Synapse Extension End'
  with_dict:
    '  enable_registration_captcha': '{{ awx_enable_registration_captcha }}'
    '  recaptcha_public_key': '{{ awx_recaptcha_public_key }}'
    '  recaptcha_private_key': '{{ awx_recaptcha_private_key }}'

- name: Record Synapse Custom variables locally on AWX
  delegate_to: 127.0.0.1
  lineinfile:
    path: '{{ awx_cached_matrix_vars }}'
    regexp: "^#? *{{ item.key | regex_escape() }}:"
    line: "{{ item.key }}: {{ item.value }}"
    insertbefore: '# Synapse Settings End'
  with_dict:
    'awx_federation_whitelist': '{{ awx_federation_whitelist.splitlines() | to_json }}'
    'awx_url_preview_accept_language_default': '{{ awx_url_preview_accept_language_default.splitlines() | to_json }}'
    'awx_enable_registration_captcha': '{{ awx_enable_registration_captcha }}'
    'awx_recaptcha_public_key': '"{{ awx_recaptcha_public_key }}"'
    'awx_recaptcha_private_key': '"{{ awx_recaptcha_private_key }}"'

- name: Save new 'Configure Synapse' survey.json to the AWX tower, template
  delegate_to: 127.0.0.1
  template:
    src: 'roles/matrix-awx/surveys/configure_synapse.json.j2'
    dest: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}//configure_synapse.json'

- name: Copy new 'Configure Synapse' survey.json to target machine
  copy:
    src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse.json'
    dest:  '/matrix/awx/configure_synapse.json'
    mode: '0660'

- name: Recreate 'Configure Synapse' job template
  delegate_to: 127.0.0.1
  awx.awx.tower_job_template:
    name: "{{ matrix_domain }} - 1 - Configure Synapse"
    description: "Configure Synapse (homeserver) settings."
    extra_vars: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/extra_vars.json') }}"
    job_type: run
    job_tags: "start,setup-synapse"
    inventory: "{{ member_id }}"
    project: "{{ member_id }} - Matrix Docker Ansible Deploy"
    playbook: setup.yml
    credential: "{{ member_id }} - AWX SSH Key"
    survey_enabled: true
    survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse.json') }}"
    become_enabled: yes
    state: present
    verbosity: 1
    tower_host: "https://{{ awx_host }}"
    tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
    validate_certs: yes