mirror of
https://github.com/spantaleev/matrix-docker-ansible-deploy.git
synced 2025-01-26 09:54:56 +01:00
70487061f4
This doesn't replace all usage of `-v`, but it's a start. People sometimes troubleshoot by deleting files (especially bridge config files). Restarting Synapse with a missing registration.yaml file for a given bridge, causes the `-v /something/registration.yaml:/something/registration.yaml:ro` option to force-create `/something/registration.yaml` as a directory. When a path that's provided to the `-v` option is missing, Docker auto-creates that path as a directory. This causes more breakage and confusion later on. We'd rather fail, instead of magically creating directories. Using `--mount`, instead of `-v` is the solution to this. From Docker's documentation: > When you use --mount with type=bind, the host-path must refer to an existing path on the host. > The path will not be created for you and the service will fail with an error if the path does not exist.
136 lines
5.5 KiB
YAML
136 lines
5.5 KiB
YAML
---
|
|
|
|
# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
|
|
# We don't want to fail in such cases.
|
|
- name: Fail if matrix-synapse role already executed
|
|
fail:
|
|
msg: >-
|
|
The matrix-bridge-mautrix-telegram role needs to execute before the matrix-synapse role.
|
|
when: "matrix_synapse_role_executed|default(False)"
|
|
|
|
- name: Ensure Mautrix Telegram image is pulled
|
|
docker_image:
|
|
name: "{{ matrix_mautrix_telegram_docker_image }}"
|
|
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
|
|
|
- name: Ensure Mautrix Telegram base directory exists
|
|
file:
|
|
path: "{{ matrix_mautrix_telegram_base_path }}"
|
|
state: directory
|
|
mode: 0750
|
|
owner: "{{ matrix_user_username }}"
|
|
group: "{{ matrix_user_username }}"
|
|
|
|
- name: Check if a mautrix-telegram configuration file exists
|
|
stat:
|
|
path: "{{ matrix_mautrix_telegram_base_path }}/config.yaml"
|
|
register: mautrix_telegram_config_file_stat
|
|
|
|
- name: Ensure Matrix Mautrix telegram config installed
|
|
template:
|
|
src: "{{ role_path }}/templates/config.yaml.j2"
|
|
dest: "{{ matrix_mautrix_telegram_base_path }}/config.yaml"
|
|
mode: 0644
|
|
owner: "{{ matrix_user_username }}"
|
|
group: "{{ matrix_user_username }}"
|
|
when: "not mautrix_telegram_config_file_stat.stat.exists"
|
|
|
|
- name: (Migration) Fix up old configuration
|
|
lineinfile:
|
|
path: "{{ matrix_mautrix_telegram_base_path }}/config.yaml"
|
|
regexp: "{{ item.regexp }}"
|
|
line: "{{ item.line }}"
|
|
backrefs: yes
|
|
with_items:
|
|
- {'regexp': '^(\s+)filename: \./mautrix-telegram.log', 'line': '\1filename: /data/mautrix-telegram.log'}
|
|
- {'regexp': '^(\s+)database:', 'line': '\1database: sqlite:////data/mautrix-telegram.db'}
|
|
when: "mautrix_telegram_config_file_stat.stat.exists"
|
|
|
|
- name: Ensure matrix-mautrix-telegram.service installed
|
|
template:
|
|
src: "{{ role_path }}/templates/systemd/matrix-mautrix-telegram.service.j2"
|
|
dest: "/etc/systemd/system/matrix-mautrix-telegram.service"
|
|
mode: 0644
|
|
register: matrix_mautrix_telegram_systemd_service_result
|
|
|
|
- name: Ensure systemd reloaded after matrix-mautrix-telegram.service installation
|
|
service:
|
|
daemon_reload: yes
|
|
when: "matrix_mautrix_telegram_systemd_service_result.changed"
|
|
|
|
- name: Check if a mautrix-telegram registration file exists
|
|
stat:
|
|
path: "{{ matrix_mautrix_telegram_base_path }}/registration.yaml"
|
|
register: mautrix_telegram_registration_file_stat
|
|
|
|
- name: Generate matrix-mautrix-telegram registration.yaml if it doesn't exist
|
|
shell:
|
|
cmd: >-
|
|
/usr/bin/docker run
|
|
--rm
|
|
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
|
|
--cap-drop=ALL
|
|
--name matrix-mautrix-telegram-gen
|
|
-v {{ matrix_mautrix_telegram_base_path }}:/data:z
|
|
{{ matrix_mautrix_telegram_docker_image }}
|
|
python3 -m mautrix_telegram -g -c /data/config.yaml -r /data/registration.yaml
|
|
when: "not mautrix_telegram_registration_file_stat.stat.exists"
|
|
|
|
# If the matrix-synapse role is not used, these variables may not exist.
|
|
- set_fact:
|
|
matrix_synapse_container_extra_arguments: >
|
|
{{ matrix_synapse_container_extra_arguments|default([]) }}
|
|
+
|
|
{{ ["--mount type=bind,src={{ matrix_mautrix_telegram_base_path }}/registration.yaml,dst=/matrix-mautrix-telegram-registration.yaml,ro"] }}
|
|
|
|
matrix_synapse_app_service_config_files: >
|
|
{{ matrix_synapse_app_service_config_files|default([]) }}
|
|
+
|
|
{{ ["/matrix-mautrix-telegram-registration.yaml"] }}
|
|
|
|
- block:
|
|
- name: Fail if matrix-nginx-proxy role already executed
|
|
fail:
|
|
msg: >-
|
|
Trying to append Mautrix Telegram's reverse-proxying configuration to matrix-nginx-proxy,
|
|
but it's pointless since the matrix-nginx-proxy role had already executed.
|
|
To fix this, please change the order of roles in your plabook,
|
|
so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-telegram role.
|
|
when: matrix_nginx_proxy_role_executed|default(False)|bool
|
|
|
|
- name: Generate Mautrix Telegram proxying configuration for matrix-nginx-proxy
|
|
set_fact:
|
|
matrix_mautrix_telegram_matrix_nginx_proxy_configuration: |
|
|
location {{ matrix_mautrix_telegram_public_endpoint }} {
|
|
{% if matrix_nginx_proxy_enabled|default(False) %}
|
|
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
|
resolver 127.0.0.11 valid=5s;
|
|
set $backend "matrix-mautrix-telegram:8080";
|
|
proxy_pass http://$backend;
|
|
{% else %}
|
|
{# Generic configuration for use outside of our container setup #}
|
|
proxy_pass http://127.0.0.1:9006;
|
|
{% endif %}
|
|
}
|
|
|
|
- name: Register Mautrix Telegram proxying configuration with matrix-nginx-proxy
|
|
set_fact:
|
|
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
|
|
{{
|
|
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
|
|
+
|
|
[matrix_mautrix_telegram_matrix_nginx_proxy_configuration]
|
|
}}
|
|
tags:
|
|
- always
|
|
|
|
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
|
debug:
|
|
msg: >-
|
|
NOTE: You've enabled the Mautrix Telegram bridge but are not using the matrix-nginx-proxy
|
|
reverse proxy.
|
|
Please make sure that you're proxying the `{{ matrix_mautrix_telegram_public_endpoint }}`
|
|
URL endpoint to the matrix-mautrix-telegram container.
|
|
You can expose the container's port using the `matrix_mautrix_telegram_container_http_host_bind_port` variable.
|
|
when: "matrix_nginx_proxy_enabled is not defined"
|