matrix-docker-ansible-deploy/docs/installing.md
Suguru Hirahara 27ede17d3a
Add description about keeping the playbook and services up-to-date
Also: move descriptions about difference between the playbook tags (setup-all and install-all) and about the just "recipe" from installing.md to maintenance-upgrading-services.md

Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>
2024-11-21 14:09:20 +09:00

8.4 KiB
Raw Blame History

Installing

Quick start | Prerequisites > Configuring your DNS settings > Getting the playbook > Configuring the playbook > Installing

If you've configured your DNS records and the playbook, you can start the installation procedure.

Update Ansible roles

Before installing, you need to update the Ansible roles in this playbook by running just roles.

just roles is a shortcut (a roles target defined in justfile and executed by the just utility) which ultimately runs agru or ansible-galaxy (depending on what is available in your system) to download Ansible roles. If you don't have just, you can also manually run the roles commands seen in the justfile.

There's another shortcut (just update) which updates the playbook (git pull) and updates roles (just roles) at the same time.

Install Matrix server and services

The Ansible playbook's tasks are tagged, so that certain parts of the Ansible playbook can be run without running all other tasks.

The general command syntax for installation (and also maintenance) is: ansible-playbook -i inventory/hosts setup.yml --tags=COMMA_SEPARATED_TAGS_GO_HERE. It is recommended to get yourself familiar with the playbook tags before proceeding.

If you don't use SSH keys for authentication, but rather a regular password, you may need to add --ask-pass to the all Ansible commands.

If you do use SSH keys for authentication, and use a non-root user to become root (sudo), you may need to add -K (--ask-become-pass) to all Ansible commands.

There 2 ways to start the installation process - depending on whether you're Installing a brand new server (without importing data) or Installing a server into which you'll import old data.

Note: if you are migrating from an old server to a new one, take a look at this guide instead. This is an easier and more straightforward way than installing a server and importing old data into it.

Installing a brand new server (without importing data)

If this is a brand new Matrix server and you won't be importing old data into it, run all these tags:

ansible-playbook -i inventory/hosts setup.yml --tags=install-all,ensure-matrix-users-created,start

This will do a full installation and start all Matrix services.

Note: if the command does not work as expected, make sure that you have properly installed and configured software required to run the playbook, as described on Prerequisites.

Installing a server into which you'll import old data

If you will be importing data into your newly created Matrix server, install it, but do not start its services just yet. Starting its services or messing with its database now will affect your data import later on.

To do the installation without starting services, run ansible-playbook with the install-all tag only:

ansible-playbook -i inventory/hosts setup.yml --tags=install-all

Note: do not run the just "recipe" just install-all instead, because it automatically starts services at the end of execution.

When this command completes, services won't be running yet.

You can now:

.. and then proceed to starting all services:

ansible-playbook -i inventory/hosts setup.yml --tags=ensure-matrix-users-created,start

Create your user account

You can skip this step if you have installed a server and imported old data to it.

As you have configured your brand new server and the client, you need to create your user account on your Matrix server.

After creating the user account, you can log in to it with Element Web that this playbook has installed for you at this URL: https://element.example.com/.

To register a user via this Ansible playbook, run the command below on your local computer.

Notes:

  • Before running it, make sure to edit YOUR_USERNAME_HERE and YOUR_PASSWORD_HERE
  • In the command below, YOUR_USERNAME_HERE is just a plain username (like john), not your full @user:example.com identifier
ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=YOUR_USERNAME_HERE password=YOUR_PASSWORD_HERE admin=<yes|no>' --tags=register-user

# Example: `ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=john password=secret-password admin=yes' --tags=register-user`

For more information, see the documentation for registering users.

Finalize the installation

Now you've configured Matrix services and your user account, you need to finalize the installation process by setting up Matrix delegation (redirection), so that your Matrix server (matrix.example.com) can present itself as the base domain (example.com) in the Matrix network.

This is required for federation to work! Without a proper configuration, your server will effectively not be part of the Matrix network.

If you need the base domain for anything else such as hosting a website, you have to configure it manually, following the procedure described on the linked documentation.

However, if you do not need the base domain for anything else, the easiest way of configuring it is to serve the base domain from the integrated web server. It will enable you to use a Matrix user identifier like @<username>:example.com while hosting services on a subdomain like matrix.example.com.

To configure server delegation in this way, add the following configuration to your inventory/host_vars/matrix.example.com/vars.yml file:

matrix_static_files_container_labels_base_domain_enabled: true

After configuring the playbook, run the installation command:

ansible-playbook -i inventory/hosts setup.yml --tags=install-all,start

Things to do next

After finilizing the installation, you can:

Maintaining your setup in the future

While this playbook helps you to set up Matrix services and maintain them, it will not automatically run the maintenance task for you. You will need to update the playbook and re-run it manually.

The upstream projects, which this playbook makes use of, occasionally if not often suffer from security vulnerabilities.

Since it is unsafe to keep outdated services running on the server connected to the internet, please consider to update the playbook and re-run it periodically, in order to keep the services up-to-date.

For more information about upgrading or maintaining services with the playbook, take at look at this page: Upgrading the Matrix services

Feel free to re-run the setup command any time you think something is off with the server configuration. Ansible will take your configuration and update your server to match.