GoMatrixHosting v0.4.9 update

This commit is contained in:
Michael-GMH 2021-06-04 13:10:45 +08:00
parent 10c68a8cf4
commit 122a92fa1c
7 changed files with 113 additions and 38 deletions

View File

@ -31,9 +31,9 @@ Updates to this section are trailed here:
## Does I need an AWX setup to use this? How do I configure it?
Yes, you'll need to configure an AWX instance, the [Create AWX System](https://gitlab.com/GoMatrixHosting/create-awx-system) repository makes it easy to do. Just follow the steps listed in ['/docs/Installation.md' of that repository](https://gitlab.com/GoMatrixHosting/create-awx-system/-/blob/master/docs/Installation.md).
Yes, you'll need to configure an AWX instance, the [Create AWX System](https://gitlab.com/GoMatrixHosting/create-awx-system) repository makes it easy to do. Just follow the steps listed in ['/docs/Installation_AWX.md' of that repository](https://gitlab.com/GoMatrixHosting/create-awx-system/-/blob/master/docs/Installation_AWX.md).
For simpler installation steps you can use to get started with this system, check out our minimal installation guide at ['/doc/Installation_Minimal.md of that repository'](https://gitlab.com/GoMatrixHosting/create-awx-system/-/blob/master/docs/Installation_Minimal.md).
For simpler installation steps you can use to get started with this system, check out our minimal installation guide at ['/doc/Installation_Minimal_AWX.md of that repository'](https://gitlab.com/GoMatrixHosting/create-awx-system/-/blob/master/docs/Installation_Minimal_AWX.md).
## Does I need a front-end WordPress site? And a DigitalOcean account?

View File

@ -0,0 +1,19 @@
{
"name": "Configure Email Relay",
"description": "Enable MailGun relay to increase verification email reliability.",
"spec": [
{
"question_name": "Enable Email Relay",
"question_description": "Enables the MailGun email relay server, enabling this will increase the reliability of your email verification.",
"required": false,
"min": null,
"max": null,
"default": "{{ matrix_mailer_relay_use | string | lower }}",
"choices": "true\nfalse",
"new_question": true,
"variable": "matrix_mailer_relay_use",
"type": "multiplechoice"
}
]
}

View File

@ -98,6 +98,15 @@
tags:
- setup-client-element
# Additional playbook to set the variable file during Mailer configuration
- include_tasks:
file: "set_variables_mailer.yml"
apply:
tags: setup-mailer
when: run_setup|bool and matrix_awx_enabled|bool
tags:
- setup-mailer
# Additional playbook to set the variable file during Element configuration
- include_tasks:
file: "set_variables_element_subdomain.yml"

View File

@ -0,0 +1,50 @@
- name: Record Mailer variables locally on AWX
delegate_to: 127.0.0.1
lineinfile:
path: '{{ awx_cached_matrix_vars }}'
regexp: "^#? *{{ item.key | regex_escape() }}:"
line: "{{ item.key }}: {{ item.value }}"
insertafter: '# Email Settings Start'
with_dict:
'matrix_mailer_relay_use': '{{ matrix_mailer_relay_use }}'
- name: Save new 'Configure Email Relay' survey.json to the AWX tower, template
delegate_to: 127.0.0.1
template:
src: 'roles/matrix-awx/surveys/configure_email_relay.json.j2'
dest: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_email_relay.json'
- name: Copy new 'Configure Email Relay' survey.json to target machine
copy:
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_email_relay.json'
dest: '/matrix/awx/configure_email_relay.json'
mode: '0660'
- name: Collect AWX admin token the hard way!
delegate_to: 127.0.0.1
shell: |
curl -sku {{ tower_username }}:{{ tower_password }} -H "Content-Type: application/json" -X POST -d '{"description":"Tower CLI", "application":null, "scope":"write"}' https://{{ tower_host }}/api/v2/users/1/personal_tokens/ | jq '.token' | sed -r 's/\"//g'
register: tower_token
no_log: True
- name: Recreate 'Configure Email Relay' job template
delegate_to: 127.0.0.1
awx.awx.tower_job_template:
name: "{{ matrix_domain }} - 1 - Configure Email Relay"
description: "Enable MailGun relay to increase verification email reliability."
extra_vars: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/extra_vars.json') }}"
job_type: run
job_tags: "start,setup-mailer"
inventory: "{{ member_id }}"
project: "{{ member_id }} - Matrix Docker Ansible Deploy"
playbook: setup.yml
credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_email_relay.json') }}"
become_enabled: yes
state: present
verbosity: 1
tower_host: "https://{{ tower_host }}"
tower_oauthtoken: "{{ tower_token.stdout }}"
validate_certs: yes

View File

@ -5,7 +5,7 @@ matrix_client_hydrogen_enabled: true
matrix_client_hydrogen_container_image_self_build: true
matrix_client_hydrogen_container_image_self_build_repo: "https://github.com/vector-im/hydrogen-web.git"
matrix_client_hydrogen_version: v0.1.53
matrix_client_hydrogen_version: v0.1.56
matrix_client_hydrogen_docker_image: "{{ matrix_client_hydrogen_docker_image_name_prefix }}vectorim/hydrogen-web:{{ matrix_client_hydrogen_version }}"
matrix_client_hydrogen_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_hydrogen_container_image_self_build }}"
matrix_client_hydrogen_docker_image_force_pull: "{{ matrix_client_hydrogen_docker_image.endswith(':latest') }}"

View File

@ -15,8 +15,8 @@ matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_cont
# amd64 gets released first.
# arm32 relies on self-building, so the same version can be built immediately.
# arm64 users need to wait for a prebuilt image to become available.
matrix_synapse_version: v1.34.0
matrix_synapse_version_arm64: v1.34.0
matrix_synapse_version: v1.35.1
matrix_synapse_version_arm64: v1.35.1
matrix_synapse_docker_image_tag: "{{ matrix_synapse_version if matrix_architecture in ['arm32', 'amd64'] else matrix_synapse_version_arm64 }}"
matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}"

View File

@ -705,33 +705,6 @@ acme:
#
#account_key_file: /data/acme_account.key
# List of allowed TLS fingerprints for this server to publish along
# with the signing keys for this server. Other matrix servers that
# make HTTPS requests to this server will check that the TLS
# certificates returned by this server match one of the fingerprints.
#
# Synapse automatically adds the fingerprint of its own certificate
# to the list. So if federation traffic is handled directly by synapse
# then no modification to the list is required.
#
# If synapse is run behind a load balancer that handles the TLS then it
# will be necessary to add the fingerprints of the certificates used by
# the loadbalancers to this list if they are different to the one
# synapse is using.
#
# Homeservers are permitted to cache the list of TLS fingerprints
# returned in the key responses up to the "valid_until_ts" returned in
# key. It may be necessary to publish the fingerprints of a new
# certificate and wait until the "valid_until_ts" of the previous key
# responses have passed before deploying it.
#
# You can calculate a fingerprint from a given TLS listener via:
# openssl s_client -connect $host:$port < /dev/null 2> /dev/null |
# openssl x509 -outform DER | openssl sha256 -binary | base64 | tr -d '='
# or by checking matrix.org/federationtester/api/report?server_name=$host
#
#tls_fingerprints: [{"sha256": "<base64_encoded_sha256_fingerprint>"}]
## Federation ##
@ -2904,7 +2877,8 @@ opentracing:
#enabled: true
# The list of homeservers we wish to send and receive span contexts and span baggage.
# See docs/opentracing.rst
# See docs/opentracing.rst.
#
# This is a list of regexes which are matched against the server_name of the
# homeserver.
#
@ -2913,19 +2887,26 @@ opentracing:
#homeserver_whitelist:
# - ".*"
# A list of the matrix IDs of users whose requests will always be traced,
# even if the tracing system would otherwise drop the traces due to
# probabilistic sampling.
#
# By default, the list is empty.
#
#force_tracing_for_users:
# - "@user1:server_name"
# - "@user2:server_name"
# Jaeger can be configured to sample traces at different rates.
# All configuration options provided by Jaeger can be set here.
# Jaeger's configuration mostly related to trace sampling which
# Jaeger's configuration is mostly related to trace sampling which
# is documented here:
# https://www.jaegertracing.io/docs/1.13/sampling/.
# https://www.jaegertracing.io/docs/latest/sampling/.
#
#jaeger_config:
# sampler:
# type: const
# param: 1
# Logging whether spans were started and reported
#
# logging:
# false
@ -2995,4 +2976,20 @@ redis:
#
password: {{ matrix_synapse_redis_password }}
# Enable experimental features in Synapse.
#
# Experimental features might break or be removed without a deprecation
# period.
#
experimental_features:
# Support for Spaces (MSC1772), it enables the following:
#
# * The Spaces Summary API (MSC2946).
# * Restricting room membership based on space membership (MSC3083).
#
# Uncomment to disable support for Spaces.
#spaces_enabled: false
# vim:ft=yaml