Add various polish to Conduwuit

https://github.com/Virkkunen and I have been working on the same feature
simultaneously.

This patch adds my additional independent work on top of his changes.

Notable changes here compared to Virkkunen's original work:

- renaming config-related variables (`matrix_conduwuit_*` ->
  `matrix_conduwuit_config_*`). This is consistent with other roles (and
  better), but deviates from how the Conduit role was implemented.

- using a full configuration sample from https://conduwuit.puppyirl.gay/configuration.html
  instead of using the old Conduit config file template

- introducing configurability for more Conduwuit config settings, to support easy registration, etc.

- removing configuration settings that Conduwuit does not support
  anymore (e.g. `max_concurrent_requests`)

- cross-linking docs pages for Conduit and Conduwuit

- a Conduwuit docs page which is much improved compared to the old
  Conduit one

- REAMDE updates

roles/custom/matrix-conduwuit/tasks/install.yml

@@ -0,0 +1,60 @@
+---
+
+- name: Ensure conduwuit config path exists
+  ansible.builtin.file:
+    path: "{{ matrix_conduwuit_config_path }}"
+    state: directory
+    mode: 0750
+    owner: "{{ matrix_user_username }}"
+    group: "{{ matrix_user_groupname }}"
+
+- name: Ensure conduwuit data path exists
+  ansible.builtin.file:
+    path: "{{ matrix_conduwuit_data_path }}"
+    state: directory
+    mode: 0770
+    owner: "{{ matrix_user_username }}"
+    group: "{{ matrix_user_groupname }}"
+
+- name: Ensure conduwuit configuration installed
+  ansible.builtin.template:
+    src: "{{ matrix_conduwuit_template_conduwuit_config }}"
+    dest: "{{ matrix_conduwuit_config_path }}/conduwuit.toml"
+    mode: 0644
+    owner: "{{ matrix_user_username }}"
+    group: "{{ matrix_user_groupname }}"
+
+- name: Ensure conduwuit support files installed
+  ansible.builtin.template:
+    src: "{{ role_path }}/templates/{{ item }}.j2"
+    dest: "{{ matrix_conduwuit_base_path }}/{{ item }}"
+    mode: 0640
+    owner: "{{ matrix_user_username }}"
+    group: "{{ matrix_user_groupname }}"
+  with_items:
+    - labels
+    - env
+
+- name: Ensure conduwuit container network is created
+  community.general.docker_network:
+    enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
+    name: "{{ matrix_conduwuit_container_network }}"
+    driver: bridge
+    driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
+
+- name: Ensure conduwuit container image is pulled
+  community.docker.docker_image:
+    name: "{{ matrix_conduwuit_docker_image }}"
+    source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
+    force_source: "{{ matrix_conduwuit_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
+    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_conduwuit_docker_image_force_pull }}"
+  register: result
+  retries: "{{ devture_playbook_help_container_retries_count }}"
+  delay: "{{ devture_playbook_help_container_retries_delay }}"
+  until: result is not failed
+
+- name: Ensure matrix-conduwuit.service installed
+  ansible.builtin.template:
+    src: "{{ role_path }}/templates/systemd/matrix-conduwuit.service.j2"
+    dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-conduwuit.service"
+    mode: 0644

roles/custom/matrix-conduwuit/tasks/main.yml

@@ -10,11 +10,20 @@
       ansible.builtin.include_tasks: "{{ role_path }}/tasks/validate_config.yml"
 
     - when: matrix_conduwuit_enabled | bool
-      ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_install.yml"
+      ansible.builtin.include_tasks: "{{ role_path }}/tasks/install.yml"
 
 - tags:
     - setup-all
     - setup-conduwuit
   block:
     - when: not matrix_conduwuit_enabled | bool
-      ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
+      ansible.builtin.include_tasks: "{{ role_path }}/tasks/uninstall.yml"
+
+- tags:
+    - self-check
+  block:
+    - when: matrix_conduwuit_enabled | bool
+      ansible.builtin.include_tasks: "{{ role_path }}/tasks/self_check_client_api.yml"
+
+    - when: matrix_conduwuit_enabled | bool
+      ansible.builtin.include_tasks: "{{ role_path }}/tasks/self_check_federation_api.yml"

roles/custom/matrix-conduwuit/tasks/self_check_client_api.yml

@@ -0,0 +1,23 @@
+---
+
+- name: Check Matrix Client API
+  ansible.builtin.uri:
+    url: "{{ matrix_conduwuit_client_api_url_endpoint_public }}"
+    follow_redirects: none
+    validate_certs: "{{ matrix_conduwuit_self_check_validate_certificates }}"
+  register: result_matrix_conduwuit_client_api
+  ignore_errors: true
+  check_mode: false
+  when: matrix_conduwuit_enabled | bool
+  delegate_to: 127.0.0.1
+  become: false
+
+- name: Fail if Matrix Client API not working
+  ansible.builtin.fail:
+    msg: "Failed checking Matrix Client API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_conduwuit_client_api_url_endpoint_public }}`). Is Conduwuit running? Is port 443 open in your firewall? Full error: {{ result_matrix_conduwuit_client_api }}"
+  when: "matrix_conduwuit_enabled | bool and (result_matrix_conduwuit_client_api.failed or 'json' not in result_matrix_conduwuit_client_api)"
+
+- name: Report working Matrix Client API
+  ansible.builtin.debug:
+    msg: "The Matrix Client API at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_conduwuit_client_api_url_endpoint_public }}`) is working"
+  when: matrix_conduwuit_enabled | bool

roles/custom/matrix-conduwuit/tasks/self_check_federation_api.yml

@@ -0,0 +1,28 @@
+---
+
+- name: Check Matrix Federation API
+  ansible.builtin.uri:
+    url: "{{ matrix_synapse_federation_api_url_endpoint_public }}"
+    follow_redirects: none
+    validate_certs: "{{ matrix_synapse_self_check_validate_certificates }}"
+  register: result_matrix_synapse_federation_api
+  ignore_errors: true
+  check_mode: false
+  when: matrix_synapse_enabled | bool
+  delegate_to: 127.0.0.1
+  become: false
+
+- name: Fail if Matrix Federation API not working
+  ansible.builtin.fail:
+    msg: "Failed checking Matrix Federation API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`). Is Synapse running? Is port {{ matrix_federation_public_port }} open in your firewall? Full error: {{ result_matrix_synapse_federation_api }}"
+  when: "matrix_synapse_enabled | bool and matrix_synapse_federation_enabled | bool and (result_matrix_synapse_federation_api.failed or 'json' not in result_matrix_synapse_federation_api)"
+
+- name: Fail if Matrix Federation API unexpectedly enabled
+  ansible.builtin.fail:
+    msg: "Matrix Federation API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`) despite being disabled."
+  when: "matrix_synapse_enabled | bool and not matrix_synapse_federation_enabled | bool and not result_matrix_synapse_federation_api.failed"
+
+- name: Report working Matrix Federation API
+  ansible.builtin.debug:
+    msg: "The Matrix Federation API at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`) is working"
+  when: "matrix_synapse_enabled | bool and matrix_synapse_federation_enabled | bool"

roles/custom/matrix-conduwuit/tasks/uninstall.yml

@@ -0,0 +1,19 @@
+---
+
+- name: Check existence of matrix-conduwuit service
+  ansible.builtin.stat:
+    path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-conduwuit.service"
+  register: matrix_conduwuit_service_stat
+
+- when: matrix_conduwuit_service_stat.stat.exists | bool
+  block:
+    - name: Ensure matrix-conduwuit is stopped
+      ansible.builtin.systemd:
+        name: matrix-conduwuit
+        state: stopped
+        daemon_reload: true
+
+    - name: Ensure matrix-conduwuit.service doesn't exist
+      ansible.builtin.file:
+        path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-conduwuit.service"
+        state: absent