finallycoffee/matrix-docker-ansible-deploy
5
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Use fully-qualified module names for builtin Ansible modules

Browse Source 
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1939
This commit is contained in:
Slavi Pantaleev
2022-07-18 10:39:08 +03:00
parent 78b5be4a26
commit 34cdaade08
297 changed files with 1420 additions and 1420 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
roles/matrix-postgres/tasks/import_generic_sqlite_db.yml
View File

@ -3,12 +3,12 @@
# Pre-checks
- name: Fail if Postgres not enabled
fail:
ansible.builtin.fail:
msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot import."
when: "not matrix_postgres_enabled|bool"
- name: Fail if playbook called incorrectly
fail:
ansible.builtin.fail:
msg: "The `sqlite_database_path` variable needs to be provided to this playbook, via --extra-vars"
when: "sqlite_database_path is not defined or sqlite_database_path.startswith('<')"
@ -18,7 +18,7 @@
register: sqlite_database_path_stat_result
- name: Fail if provided SQLite database file doesn't exist
fail:
ansible.builtin.fail:
msg: "File cannot be found on the server at {{ sqlite_database_path }}"
when: "not sqlite_database_path_stat_result.stat.exists"
@ -27,16 +27,16 @@
- block:
- name: Fail if postgres_connection_string_variable_name points to an undefined variable
fail: msg="postgres_connection_string_variable_name is defined, but there is no variable with the name `{{ postgres_connection_string_variable_name }}`"
ansible.builtin.fail: msg="postgres_connection_string_variable_name is defined, but there is no variable with the name `{{ postgres_connection_string_variable_name }}`"
when: "postgres_connection_string_variable_name not in vars"
- name: Get Postgres connection string from variable
set_fact:
ansible.builtin.set_fact:
postgres_db_connection_string: "{{ lookup('vars', postgres_connection_string_variable_name) }}"
when: 'postgres_connection_string_variable_name is defined'
- name: Fail if playbook called incorrectly
fail:
ansible.builtin.fail:
msg: >-
Either a `postgres_db_connection_string` variable or a `postgres_connection_string_variable_name` needs to be provided to this playbook, via `--extra-vars`.
Example: `--extra-vars="postgres_db_connection_string=postgresql://username:password@localhost:<port>/database_name"` or `--extra-vars="postgres_connection_string_variable_name=matrix_appservice_discord_database_connString"`
@ -46,7 +46,7 @@
# Defaults
- name: Set postgres_start_wait_time, if not provided
set_fact:
ansible.builtin.set_fact:
postgres_start_wait_time: 15
when: "postgres_start_wait_time|default('') == ''"
@ -54,7 +54,7 @@
# Actual import work
- name: Ensure matrix-postgres is started
service:
ansible.builtin.service:
name: matrix-postgres
state: started
daemon_reload: true
@ -68,7 +68,7 @@
when: "matrix_postgres_service_start_result.changed|bool"
- name: Import SQLite database from {{ sqlite_database_path }} into Postgres
command:
ansible.builtin.command:
cmd: >-
{{ matrix_host_command_docker }} run
--rm
@ -82,11 +82,11 @@
'pgloader /in.db {{ postgres_db_connection_string }}'
- name: Archive SQLite database ({{ sqlite_database_path }} -> {{ sqlite_database_path }}.backup)
command:
ansible.builtin.command:
cmd: "mv {{ sqlite_database_path }} {{ sqlite_database_path }}.backup"
- name: Inject result
set_fact:
ansible.builtin.set_fact:
matrix_playbook_runtime_results: |
{{
matrix_playbook_runtime_results|default([])

22
roles/matrix-postgres/tasks/import_postgres.yml
View File

@ -3,12 +3,12 @@
# Pre-checks
- name: Fail if Postgres not enabled
fail:
ansible.builtin.fail:
msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot import."
when: "not matrix_postgres_enabled|bool"
- name: Fail if playbook called incorrectly
fail:
ansible.builtin.fail:
msg: "The `server_path_postgres_dump` variable needs to be provided to this playbook, via --extra-vars"
when: "server_path_postgres_dump is not defined or server_path_postgres_dump.startswith('<')"
@ -18,7 +18,7 @@
register: result_server_path_postgres_dump_stat
- name: Fail if provided Postgres dump file doesn't exists
fail:
ansible.builtin.fail:
msg: "File cannot be found on the server at {{ server_path_postgres_dump }}"
when: "not result_server_path_postgres_dump_stat.stat.exists"
@ -26,26 +26,26 @@
# Defaults
- name: Set postgres_start_wait_time, if not provided
set_fact:
ansible.builtin.set_fact:
postgres_start_wait_time: 15
when: "postgres_start_wait_time|default('') == ''"
- name: Set postgres_import_wait_time, if not provided
set_fact:
ansible.builtin.set_fact:
postgres_import_wait_time: "{{ 7 * 86400 }}"
when: "postgres_import_wait_time|default('') == ''"
# By default, we connect and import into the main (`matrix`) database.
# Single-database dumps for Synapse may wish to import into `synapse` instead.
- name: Set postgres_default_import_database, if not provided
set_fact:
ansible.builtin.set_fact:
postgres_default_import_database: "{{ matrix_postgres_db_name }}"
when: "postgres_default_import_database|default('') == ''"
# Actual import work
- name: Ensure matrix-postgres is started
service:
ansible.builtin.service:
name: matrix-postgres
state: started
daemon_reload: true
@ -59,7 +59,7 @@
- import_tasks: tasks/util/detect_existing_postgres_version.yml
- name: Abort, if no existing Postgres version detected
fail:
ansible.builtin.fail:
msg: "Could not find existing Postgres installation"
when: "not matrix_postgres_detected_existing|bool"
@ -68,7 +68,7 @@
# The dump most likely contains those same entries and would try to re-create them, leading to errors.
# We need to skip over those lines.
- name: Generate Postgres database import command
set_fact:
ansible.builtin.set_fact:
matrix_postgres_import_command: >-
{{ matrix_host_command_docker }} run --rm --name matrix-postgres-import
--log-driver=none
@ -91,7 +91,7 @@
# We want to run `debug: msg=".."`, but that dumps it as JSON and escapes double quotes within it,
# which ruins the command (`matrix_postgres_import_command`)
- name: Note about Postgres importing alternative
set_fact:
ansible.builtin.set_fact:
dummy: true
with_items:
- >-
@ -101,6 +101,6 @@
and manually run the above import command directly on the server.
- name: Perform Postgres database import
command: "{{ matrix_postgres_import_command }}"
ansible.builtin.command: "{{ matrix_postgres_import_command }}"
async: "{{ postgres_import_wait_time }}"
poll: 10

18
roles/matrix-postgres/tasks/import_synapse_sqlite_db.yml
View File

@ -3,12 +3,12 @@
# Pre-checks
- name: Fail if Postgres not enabled
fail:
ansible.builtin.fail:
msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot import."
when: "not matrix_postgres_enabled|bool"
- name: Fail if playbook called incorrectly
fail:
ansible.builtin.fail:
msg: "The `server_path_homeserver_db` variable needs to be provided to this playbook, via --extra-vars"
when: "server_path_homeserver_db is not defined or server_path_homeserver_db.startswith('<')"
@ -18,7 +18,7 @@
register: result_server_path_homeserver_db_stat
- name: Fail if provided SQLite homeserver.db file doesn't exist
fail:
ansible.builtin.fail:
msg: "File cannot be found on the server at {{ server_path_homeserver_db }}"
when: "not result_server_path_homeserver_db_stat.stat.exists"
@ -26,7 +26,7 @@
# Defaults
- name: Set postgres_start_wait_time, if not provided
set_fact:
ansible.builtin.set_fact:
postgres_start_wait_time: 15
when: "postgres_start_wait_time|default('') == ''"
@ -34,18 +34,18 @@
# Actual import work
- name: Ensure matrix-postgres is stopped
service:
ansible.builtin.service:
name: matrix-postgres
state: stopped
daemon_reload: true
- name: Ensure postgres data is wiped out
file:
ansible.builtin.file:
path: "{{ matrix_postgres_data_path }}"
state: absent
- name: Ensure postgres data path exists
file:
ansible.builtin.file:
path: "{{ matrix_postgres_data_path }}"
state: directory
mode: 0700
@ -53,7 +53,7 @@
group: "{{ matrix_user_groupname }}"
- name: Ensure matrix-postgres is started
service:
ansible.builtin.service:
name: matrix-postgres
state: restarted
daemon_reload: true
@ -70,7 +70,7 @@
# Also, some old `docker_container` versions were buggy and would leave containers behind
# on failure, which we had to work around to allow retries (by re-running the playbook).
- name: Import SQLite database into Postgres
command: |
ansible.builtin.command: |
docker run
--rm
--name=matrix-synapse-migrate

2
roles/matrix-postgres/tasks/init.yml
View File

@ -1,5 +1,5 @@
---
- set_fact:
- ansible.builtin.set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-postgres.service'] }}"
when: matrix_postgres_enabled|bool

12
roles/matrix-postgres/tasks/migrate_postgres_data_directory.yml
View File

@ -16,7 +16,7 @@
register: result_pg_old_data_dir_stat
- name: Warn if old Postgres data directory detected
debug:
ansible.builtin.debug:
msg: >
Found that you have Postgres data in `{{ matrix_postgres_base_path }}`.
From now on, Postgres data is supposed to be stored in `{{ matrix_postgres_data_path }}` instead.
@ -26,7 +26,7 @@
# We should stop Postgres first, before building a list of files,
# as to ignore any `postmaster.pid` files, etc.
- name: Ensure matrix-postgres is stopped
service:
ansible.builtin.service:
name: matrix-postgres
state: stopped
daemon_reload: true
@ -41,7 +41,7 @@
when: "result_pg_old_data_dir_stat.stat.exists"
- name: Ensure new Postgres data path exists
file:
ansible.builtin.file:
path: "{{ matrix_postgres_data_path }}"
state: directory
mode: 0700
@ -51,7 +51,7 @@
- block:
- name: Relocate Postgres data files from old directory to new
command: "mv {{ item.path }} {{ matrix_postgres_data_path }}/{{ item.path|basename }}"
ansible.builtin.command: "mv {{ item.path }} {{ matrix_postgres_data_path }}/{{ item.path|basename }}"
with_items: "{{ result_pg_old_data_dir_find.files }}"
when: "result_pg_old_data_dir_stat.stat.exists"
@ -61,12 +61,12 @@
# and have it initialize a new database.
- name: Ensure outdated matrix-postgres.service doesn't exist
file:
ansible.builtin.file:
path: "{{ matrix_systemd_path }}/matrix-postgres.service"
state: absent
when: "result_pg_old_data_dir_stat.stat.exists"
- name: Ensure systemd reloaded after getting rid of outdated matrix-postgres.service
service:
ansible.builtin.service:
daemon_reload: true
when: "result_pg_old_data_dir_stat.stat.exists"

26
roles/matrix-postgres/tasks/run_vacuum.yml
View File

@ -3,7 +3,7 @@
# Pre-checks
- name: Fail if Postgres not enabled
fail:
ansible.builtin.fail:
msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot run vacuum."
when: "not matrix_postgres_enabled|bool"
@ -11,12 +11,12 @@
# Defaults
- name: Set postgres_start_wait_time, if not provided
set_fact:
ansible.builtin.set_fact:
postgres_start_wait_time: 15
when: "postgres_start_wait_time|default('') == ''"
- name: Set postgres_vacuum_wait_time, if not provided
set_fact:
ansible.builtin.set_fact:
postgres_vacuum_wait_time: "{{ 7 * 86400 }}"
when: "postgres_vacuum_wait_time|default('') == ''"
@ -24,7 +24,7 @@
# Actual vacuuming work
- name: Ensure matrix-postgres is started
service:
ansible.builtin.service:
name: matrix-postgres
state: started
daemon_reload: true
@ -38,12 +38,12 @@
- import_tasks: tasks/util/detect_existing_postgres_version.yml
- name: Abort, if no existing Postgres version detected
fail:
ansible.builtin.fail:
msg: "Could not find existing Postgres installation"
when: "not matrix_postgres_detected_existing|bool"
- name: Generate Postgres database vacuum command
set_fact:
ansible.builtin.set_fact:
matrix_postgres_vacuum_command: >-
{{ matrix_host_command_docker }} run --rm --name matrix-postgres-synapse-vacuum
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
@ -54,9 +54,9 @@
psql -v ON_ERROR_STOP=1 -h matrix-postgres {{ matrix_synapse_database_database }} -c 'VACUUM FULL VERBOSE'
- name: Note about Postgres vacuum alternative
debug:
ansible.builtin.debug:
msg: >-
Running vacuum with the following Postgres command: `{{ matrix_postgres_vacuum_command }}`.
Running vacuum with the following Postgres ansible.builtin.command: `{{ matrix_postgres_vacuum_command }}`.
If this crashes, you can stop all processes (`systemctl stop matrix-*`),
start Postgres only (`systemctl start matrix-postgres`)
and manually run the above command directly on the server.
@ -64,26 +64,26 @@
- name: Populate service facts
service_facts:
- set_fact:
- ansible.builtin.set_fact:
matrix_postgres_synapse_was_running: "{{ ansible_facts.services['matrix-synapse.service']|default(none) is not none and ansible_facts.services['matrix-synapse.service'].state == 'running' }}"
- name: Ensure matrix-synapse is stopped
service:
ansible.builtin.service:
name: matrix-synapse
state: stopped
daemon_reload: true
- name: Run Postgres vacuum command
command: "{{ matrix_postgres_vacuum_command }}"
ansible.builtin.command: "{{ matrix_postgres_vacuum_command }}"
async: "{{ postgres_vacuum_wait_time }}"
poll: 10
register: matrix_postgres_synapse_vacuum_result
# Intentionally show the results
- debug: var="matrix_postgres_synapse_vacuum_result"
- ansible.builtin.debug: var="matrix_postgres_synapse_vacuum_result"
- name: Ensure matrix-synapse is started, if it previously was
service:
ansible.builtin.service:
name: matrix-synapse
state: started
daemon_reload: true

40
roles/matrix-postgres/tasks/setup_postgres.yml
View File

@ -14,17 +14,17 @@
# If not, we install using the latest Postgres.
#
# Upgrading is supposed to be performed separately and explicitly (see `upgrade_postgres.yml`).
- set_fact:
- ansible.builtin.set_fact:
matrix_postgres_docker_image_to_use: "{{ matrix_postgres_docker_image_latest if matrix_postgres_detected_version_corresponding_docker_image == '' else matrix_postgres_detected_version_corresponding_docker_image }}"
when: matrix_postgres_enabled|bool
- name: Abort if on an unsupported Postgres version
fail:
ansible.builtin.fail:
msg: "You're on Postgres {{ matrix_postgres_detected_version }}, which is no longer supported. To upgrade, see docs/maintenance-postgres.md"
when: "matrix_postgres_enabled|bool and matrix_postgres_detected_version.startswith('9.')"
- name: Inject warning if on an old version of Postgres
set_fact:
ansible.builtin.set_fact:
matrix_playbook_runtime_results: |
{{
matrix_playbook_runtime_results|default([])
@ -49,7 +49,7 @@
until: result is not failed
- name: Ensure Postgres paths exist
file:
ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: 0700
@ -64,7 +64,7 @@
# - we'd like to do it for the data path only, not for the base path (which contains root-owned environment variable files we'd like to leave as-is)
# - we need to do it without `mode`, or we risk making certain `.conf` and other files's executable bit to flip to true
- name: Ensure Postgres data path ownership is correct
file:
ansible.builtin.file:
path: "{{ matrix_postgres_data_path }}"
state: directory
owner: "{{ matrix_user_username }}"
@ -73,7 +73,7 @@
when: matrix_postgres_enabled|bool
- name: Ensure Postgres environment variables file created
template:
ansible.builtin.template:
src: "{{ role_path }}/templates/{{ item }}.j2"
dest: "{{ matrix_postgres_base_path }}/{{ item }}"
owner: "{{ matrix_user_username }}"
@ -85,41 +85,41 @@
when: matrix_postgres_enabled|bool
- name: Ensure matrix-postgres-cli script created
template:
ansible.builtin.template:
src: "{{ role_path }}/templates/usr-local-bin/matrix-postgres-cli.j2"
dest: "{{ matrix_local_bin_path }}/matrix-postgres-cli"
mode: 0755
when: matrix_postgres_enabled|bool
- name: Ensure matrix-postgres-cli-non-interactive script created
template:
ansible.builtin.template:
src: "{{ role_path }}/templates/usr-local-bin/matrix-postgres-cli-non-interactive.j2"
dest: "{{ matrix_local_bin_path }}/matrix-postgres-cli-non-interactive"
mode: 0755
when: matrix_postgres_enabled|bool
- name: Ensure matrix-change-user-admin-status script created
template:
ansible.builtin.template:
src: "{{ role_path }}/templates/usr-local-bin/matrix-change-user-admin-status.j2"
dest: "{{ matrix_local_bin_path }}/matrix-change-user-admin-status"
mode: 0755
when: matrix_postgres_enabled|bool
- name: (Migration) Ensure old matrix-make-user-admin script deleted
file:
ansible.builtin.file:
path: "{{ matrix_local_bin_path }}/matrix-make-user-admin"
state: absent
when: matrix_postgres_enabled|bool
- name: Ensure matrix-postgres-update-user-password-hash script created
template:
ansible.builtin.template:
src: "{{ role_path }}/templates/usr-local-bin/matrix-postgres-update-user-password-hash.j2"
dest: "{{ matrix_local_bin_path }}/matrix-postgres-update-user-password-hash"
mode: 0755
when: matrix_postgres_enabled|bool
- name: Ensure matrix-postgres.service installed
template:
ansible.builtin.template:
src: "{{ role_path }}/templates/systemd/matrix-postgres.service.j2"
dest: "{{ matrix_systemd_path }}/matrix-postgres.service"
mode: 0644
@ -127,12 +127,12 @@
when: matrix_postgres_enabled|bool
- name: Ensure systemd reloaded after matrix-postgres.service installation
service:
ansible.builtin.service:
daemon_reload: true
when: "matrix_postgres_enabled|bool and matrix_postgres_systemd_service_result.changed"
- include_tasks:
file: "{{ role_path }}/tasks/util/create_additional_databases.yml"
ansible.builtin.file: "{{ role_path }}/tasks/util/create_additional_databases.yml"
apply:
tags:
- always
@ -145,7 +145,7 @@
when: "matrix_postgres_enabled|bool"
- name: Inject warning if backup data remains
set_fact:
ansible.builtin.set_fact:
matrix_playbook_runtime_results: |
{{
matrix_playbook_runtime_results|default([])
@ -168,20 +168,20 @@
when: "not matrix_postgres_enabled|bool"
- name: Ensure matrix-postgres is stopped
service:
ansible.builtin.service:
name: matrix-postgres
state: stopped
daemon_reload: true
when: "not matrix_postgres_enabled|bool and matrix_postgres_service_stat.stat.exists"
- name: Ensure matrix-postgres.service doesn't exist
file:
ansible.builtin.file:
path: "{{ matrix_systemd_path }}/matrix-postgres.service"
state: absent
when: "not matrix_postgres_enabled|bool and matrix_postgres_service_stat.stat.exists"
- name: Ensure systemd reloaded after matrix-postgres.service removal
service:
ansible.builtin.service:
daemon_reload: true
when: "not matrix_postgres_enabled|bool and matrix_postgres_service_stat.stat.exists"
@ -193,7 +193,7 @@
# We just want to notify the user. Deleting data is too destructive.
- name: Inject warning if matrix-postgres local data remains
set_fact:
ansible.builtin.set_fact:
matrix_playbook_runtime_results: |
{{
matrix_playbook_runtime_results|default([])
@ -205,7 +205,7 @@
when: "not matrix_postgres_enabled|bool and matrix_postgres_data_path_stat.stat.exists"
- name: Remove Postgres scripts
file:
ansible.builtin.file:
path: "{{ matrix_local_bin_path }}/{{ item }}"
state: absent
with_items:

46
roles/matrix-postgres/tasks/upgrade_postgres.yml
View File

@ -1,32 +1,32 @@
---
- name: Set default postgres_dump_dir, if not provided
set_fact:
ansible.builtin.set_fact:
postgres_dump_dir: "/tmp"
when: "postgres_dump_dir|default('') == ''"
- name: Set postgres_dump_name, if not provided
set_fact:
ansible.builtin.set_fact:
postgres_dump_name: "matrix-postgres-dump.sql.gz"
when: "postgres_dump_name|default('') == ''"
- name: Set postgres_auto_upgrade_backup_data_path, if not provided
set_fact:
ansible.builtin.set_fact:
postgres_auto_upgrade_backup_data_path: "{{ matrix_postgres_data_path }}-auto-upgrade-backup"
when: "postgres_auto_upgrade_backup_data_path|default('') == ''"
- name: Set postgres_start_wait_time, if not provided
set_fact:
ansible.builtin.set_fact:
postgres_start_wait_time: 15
when: "postgres_start_wait_time|default('') == ''"
- name: Set postgres_force_upgrade, if not provided
set_fact:
ansible.builtin.set_fact:
postgres_force_upgrade: false
when: "postgres_force_upgrade|default('') == ''"
- name: Fail, if trying to upgrade external Postgres database
fail:
ansible.builtin.fail:
msg: "Your configuration indicates that you're not using Postgres from this role. There is nothing to upgrade."
when: "not matrix_postgres_enabled|bool"
@ -36,32 +36,32 @@
register: result_auto_upgrade_path
- name: Abort, if existing Postgres auto-upgrade data path detected
fail:
ansible.builtin.fail:
msg: "Detected that a left-over {{ postgres_auto_upgrade_backup_data_path }} exists. You should rename it to {{ matrix_postgres_data_path }} if the previous upgrade went wrong, or delete it if it went well."
when: "result_auto_upgrade_path.stat.exists"
- import_tasks: tasks/util/detect_existing_postgres_version.yml
- name: Abort, if no existing Postgres version detected
fail:
ansible.builtin.fail:
msg: "Could not find existing Postgres installation"
when: "not matrix_postgres_detected_existing|bool"
- name: Abort, if already at latest Postgres version
fail:
ansible.builtin.fail:
msg: "You are already running the latest Postgres version supported ({{ matrix_postgres_docker_image_latest }}). Nothing to do"
when: "matrix_postgres_detected_version_corresponding_docker_image == matrix_postgres_docker_image_latest and not postgres_force_upgrade"
- debug:
- ansible.builtin.debug:
msg: "Upgrading database from {{ matrix_postgres_detected_version_corresponding_docker_image }} to {{ matrix_postgres_docker_image_latest }}"
- name: Ensure matrix-synapse is stopped
service:
ansible.builtin.service:
name: matrix-synapse
state: stopped
- name: Ensure matrix-postgres is started
service:
ansible.builtin.service:
name: matrix-postgres
state: started
daemon_reload: true
@ -78,7 +78,7 @@
# role (`matrix_postgres_connection_username`) and database (`matrix_postgres_db_name`) by itself on startup,
# we need to remove these from the dump, or we'll get errors saying these already exist.
- name: Perform Postgres database dump
command: >-
ansible.builtin.command: >-
{{ matrix_host_command_docker }} run --rm --name matrix-postgres-dump
--log-driver=none
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
@ -92,20 +92,20 @@
> /out/{{ postgres_dump_name }}"
- name: Ensure matrix-postgres is stopped
service:
ansible.builtin.service:
name: matrix-postgres
state: stopped
- name: Rename existing Postgres data directory
command: "mv {{ matrix_postgres_data_path }} {{ postgres_auto_upgrade_backup_data_path }}"
ansible.builtin.command: "mv {{ matrix_postgres_data_path }} {{ postgres_auto_upgrade_backup_data_path }}"
- debug:
- ansible.builtin.debug:
msg: "NOTE: Your Postgres data directory has been moved from `{{ matrix_postgres_data_path }}` to `{{ postgres_auto_upgrade_backup_data_path }}`. In the event of failure, you can move it back and run the playbook with --tags=setup-postgres to restore operation."
- import_tasks: tasks/setup_postgres.yml
- name: Ensure matrix-postgres autoruns and is restarted
service:
ansible.builtin.service:
name: matrix-postgres
enabled: true
state: restarted
@ -122,7 +122,7 @@
# The dump most likely contains those same entries and would try to re-create them, leading to errors.
# We need to skip over those lines.
- name: Generate Postgres database import command
set_fact:
ansible.builtin.set_fact:
matrix_postgres_import_command: >-
{{ matrix_host_command_docker }} run --rm --name matrix-postgres-import
--log-driver=none
@ -145,7 +145,7 @@
# We want to run `debug: msg=".."`, but that dumps it as JSON and escapes double quotes within it,
# which ruins the command (`matrix_postgres_import_command`)
- name: Note about Postgres importing
set_fact:
ansible.builtin.set_fact:
dummy: true
with_items:
- >-
@ -155,18 +155,18 @@
and restore the automatically-made backup (`mv {{ postgres_auto_upgrade_backup_data_path }} {{ matrix_postgres_data_path }}`).
- name: Perform Postgres database import
command: "{{ matrix_postgres_import_command }}"
ansible.builtin.command: "{{ matrix_postgres_import_command }}"
- name: Delete Postgres database dump file
file:
ansible.builtin.file:
path: "{{ postgres_dump_dir }}/{{ postgres_dump_name }}"
state: absent
- name: Ensure matrix-synapse is started
service:
ansible.builtin.service:
name: matrix-synapse
state: started
daemon_reload: true
- debug:
- ansible.builtin.debug:
msg: "NOTE: Your old Postgres data directory is preserved at `{{ postgres_auto_upgrade_backup_data_path }}`. You might want to get rid of it once you've confirmed that all is well."

8
roles/matrix-postgres/tasks/util/create_additional_database.yml
View File

@ -3,7 +3,7 @@
# It'd be better if this is belonged to `validate_config.yml`, but it would have to be some loop-within-a-loop there,
# and that's ugly. We also don't expect this to catch errors often. It's more of a defensive last-minute check.
- name: Fail if additional database data appears invalid
fail:
ansible.builtin.fail:
msg: "Additional database definition ({{ additional_db }} lacks a required key: {{ item }}"
when: "item not in additional_db"
with_items: "{{ ['name', 'username', 'password'] }}"
@ -12,7 +12,7 @@
# This file will be mounted into the container and fed to Postgres.
# This way, we avoid passing sensitive data around in CLI commands that other users on the system can see.
- name: Create additional database initialization SQL file for {{ additional_db.name }}
template:
ansible.builtin.template:
src: "{{ role_path }}/templates/sql/init-additional-db-user-and-role.sql.j2"
dest: "/tmp/matrix-postgres-init-additional-db-user-and-role.sql"
mode: 0600
@ -20,7 +20,7 @@
group: "{{ matrix_user_gid }}"
- name: Execute Postgres additional database initialization SQL file for {{ additional_db.name }}
command:
ansible.builtin.command:
cmd: >-
{{ matrix_host_command_docker }} run
--rm
@ -35,6 +35,6 @@
'psql -h {{ matrix_postgres_connection_hostname }} --file=/matrix-postgres-init-additional-db-user-and-role.sql'
- name: Delete additional database initialization SQL file for {{ additional_db.name }}
file:
ansible.builtin.file:
path: /tmp/matrix-postgres-init-additional-db-user-and-role.sql
state: absent

2
roles/matrix-postgres/tasks/util/create_additional_databases.yml
View File

@ -1,7 +1,7 @@
---
- name: Ensure matrix-postgres is started
service:
ansible.builtin.service:
name: matrix-postgres
state: started
daemon_reload: true

20
roles/matrix-postgres/tasks/util/detect_existing_postgres_version.yml
View File

@ -4,7 +4,7 @@
# If there is, it also tries to detect the Docker image that corresponds to that version.
- name: Initialize Postgres version determination variables (default to empty)
set_fact:
ansible.builtin.set_fact:
matrix_postgres_detection_pg_version_path: "{{ matrix_postgres_data_path }}/PG_VERSION"
matrix_postgres_detected_existing: false
matrix_postgres_detected_version: ""
@ -15,47 +15,47 @@
path: "{{ matrix_postgres_detection_pg_version_path }}"
register: result_pg_version_stat
- set_fact:
- ansible.builtin.set_fact:
matrix_postgres_detected_existing: true
when: "result_pg_version_stat.stat.exists"
- name: Determine existing Postgres version (read PG_VERSION file)
slurp:
ansible.builtin.slurp:
src: "{{ matrix_postgres_detection_pg_version_path }}"
register: result_pg_version
when: matrix_postgres_detected_existing|bool
- name: Determine existing Postgres version (make sense of PG_VERSION file)
set_fact:
ansible.builtin.set_fact:
matrix_postgres_detected_version: "{{ result_pg_version['content']|b64decode|replace('\n', '') }}"
when: matrix_postgres_detected_existing|bool
- name: Determine corresponding Docker image to detected version (assume default of latest)
set_fact:
ansible.builtin.set_fact:
matrix_postgres_detected_version_corresponding_docker_image: "{{ matrix_postgres_docker_image_latest }}"
when: "matrix_postgres_detected_version != ''"
- name: Determine corresponding Docker image to detected version (use 9.x, if detected)
set_fact:
ansible.builtin.set_fact:
matrix_postgres_detected_version_corresponding_docker_image: "{{ matrix_postgres_docker_image_v9 }}"
when: "matrix_postgres_detected_version.startswith('9.')"
- name: Determine corresponding Docker image to detected version (use 10.x, if detected)
set_fact:
ansible.builtin.set_fact:
matrix_postgres_detected_version_corresponding_docker_image: "{{ matrix_postgres_docker_image_v10 }}"
when: "matrix_postgres_detected_version == '10' or matrix_postgres_detected_version.startswith('10.')"
- name: Determine corresponding Docker image to detected version (use 11.x, if detected)
set_fact:
ansible.builtin.set_fact:
matrix_postgres_detected_version_corresponding_docker_image: "{{ matrix_postgres_docker_image_v11 }}"
when: "matrix_postgres_detected_version == '11' or matrix_postgres_detected_version.startswith('11.')"
- name: Determine corresponding Docker image to detected version (use 12.x, if detected)
set_fact:
ansible.builtin.set_fact:
matrix_postgres_detected_version_corresponding_docker_image: "{{ matrix_postgres_docker_image_v12 }}"
when: "matrix_postgres_detected_version == '12' or matrix_postgres_detected_version.startswith('12.')"
- name: Determine corresponding Docker image to detected version (use 13.x, if detected)
set_fact:
ansible.builtin.set_fact:
matrix_postgres_detected_version_corresponding_docker_image: "{{ matrix_postgres_docker_image_v13 }}"
when: "matrix_postgres_detected_version == '13' or matrix_postgres_detected_version.startswith('13.')"

28
roles/matrix-postgres/tasks/util/migrate_db_to_postgres.yml
View File

@ -1,17 +1,17 @@
---
- name: Fail if Postgres not enabled
fail:
ansible.builtin.fail:
msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot migrate."
when: "not matrix_postgres_enabled|bool"
- name: Fail if util called incorrectly (missing matrix_postgres_db_migration_request)
fail:
ansible.builtin.fail:
msg: "The `matrix_postgres_db_migration_request` variable needs to be provided to this util."
when: "matrix_postgres_db_migration_request is not defined"
- name: Fail if util called incorrectly (invalid matrix_postgres_db_migration_request)
fail:
ansible.builtin.fail:
msg: "The `matrix_postgres_db_migration_request` variable needs to contain `{{ item }}`."
with_items:
- src
@ -27,13 +27,13 @@
register: matrix_postgres_db_migration_request_src_stat_result
- name: Fail if provided source database file doesn't exist
fail:
ansible.builtin.fail:
msg: "File cannot be found on the server at {{ matrix_postgres_db_migration_request.src }}"
when: "not matrix_postgres_db_migration_request_src_stat_result.stat.exists"
- block:
- name: Ensure pgloader repository is present on self-build
git:
ansible.builtin.git:
repo: "{{ matrix_postgres_pgloader_container_image_self_build_repo }}"
dest: "{{ matrix_postgres_pgloader_container_image_self_build_src_path }}"
version: "{{ matrix_postgres_pgloader_container_image_self_build_repo_branch }}"
@ -49,7 +49,7 @@
#
# Although we're not using the dimitri/pgloader image, the one we're using suffers from the same problem.
- name: Switch pgloader base image from Debian stable (likely 10.x/Buster) to Bullseye
lineinfile:
ansible.builtin.lineinfile:
path: "{{ matrix_postgres_pgloader_container_image_self_build_src_path }}/Dockerfile"
regexp: "{{ item.match }}"
line: "{{ item.replace }}"
@ -82,7 +82,7 @@
# Defaults
- name: Set postgres_start_wait_time, if not provided
set_fact:
ansible.builtin.set_fact:
postgres_start_wait_time: 15
when: "postgres_start_wait_time|default('') == ''"
@ -90,7 +90,7 @@
# matrix-postgres is most likely started already
- name: Ensure matrix-postgres is started
service:
ansible.builtin.service:
name: matrix-postgres
state: started
daemon_reload: true
@ -112,14 +112,14 @@
# However, we don't do it, because it's simpler having it here, and it also gets to happen only if we'll be doing an import.
# If we bailed out (somewhere above), nothing would have gotten stopped. It's nice to leave this running in such cases.
- name: Ensure systemd services blocking the database import are stopped
service:
ansible.builtin.service:
name: "{{ item }}"
state: stopped
failed_when: false
with_items: "{{ matrix_postgres_db_migration_request.systemd_services_to_stop }}"
- name: Import {{ matrix_postgres_db_migration_request.engine_old }} database from {{ matrix_postgres_db_migration_request.src }} into Postgres
command:
ansible.builtin.command:
cmd: >-
{{ matrix_host_command_docker }} run
--rm
@ -137,11 +137,11 @@
# because it refers to the role that included this util, and not to the role this file belongs to.
- import_tasks: "{{ role_path }}/../matrix-postgres/tasks/util/detect_existing_postgres_version.yml"
- set_fact:
- ansible.builtin.set_fact:
matrix_postgres_docker_image_to_use: "{{ matrix_postgres_docker_image_latest if matrix_postgres_detected_version_corresponding_docker_image == '' else matrix_postgres_detected_version_corresponding_docker_image }}"
- name: Execute additional Postgres SQL migration statements
command:
ansible.builtin.command:
cmd: >-
{{ matrix_host_command_docker }} run
--rm
@ -156,11 +156,11 @@
when: "matrix_postgres_db_migration_request.additional_psql_statements_list|default([])|length > 0"
- name: Archive {{ matrix_postgres_db_migration_request.engine_old }} database ({{ matrix_postgres_db_migration_request.src }} -> {{ matrix_postgres_db_migration_request.src }}.backup)
command:
ansible.builtin.command:
cmd: "mv {{ matrix_postgres_db_migration_request.src }} {{ matrix_postgres_db_migration_request.src }}.backup"
- name: Inject result
set_fact:
ansible.builtin.set_fact:
matrix_playbook_runtime_results: |
{{
matrix_playbook_runtime_results|default([])

8
roles/matrix-postgres/tasks/validate_config.yml
View File

@ -1,7 +1,7 @@
---
- name: (Deprecation) Warn about matrix_postgres_use_external usage
fail:
ansible.builtin.fail:
msg: >
The `matrix_postgres_use_external` variable defined in your configuration is not used by this playbook anymore!
You'll need to adapt to the new way of using an external Postgres server.
@ -13,7 +13,7 @@
# This is separate (from the other required variables below),
# because we'd like to have a friendlier message for our existing users.
- name: Fail if matrix_postgres_connection_password not defined
fail:
ansible.builtin.fail:
msg: >-
The playbook no longer has a default Postgres password defined in the `matrix_postgres_connection_password` variable, among lots of other Postgres changes.
You need to perform multiple manual steps to resolve this.
@ -22,7 +22,7 @@
when: "matrix_postgres_connection_password == ''"
- name: Fail if required Postgres settings not defined
fail:
ansible.builtin.fail:
msg: >-
You need to define a required configuration setting (`{{ item }}`).
when: "vars[item] == ''"
@ -34,6 +34,6 @@
- "matrix_postgres_db_name"
- name: Fail if Postgres password length exceeded
fail:
ansible.builtin.fail:
msg: "The maximum `matrix_postgres_connection_password` length is 99 characters"
when: "matrix_postgres_connection_password|length > 99"