Merge branch 'master' into bye-bye-nginx-proxy

2024-01-05 17:55:49 +02:00
parent 9488e3857a ba0a4e864a
commit 377fce5855
25 changed files with 150 additions and 237 deletions
--- a/roles/custom/matrix-bot-buscarron/tasks/setup_install.yml
+++ b/roles/custom/matrix-bot-buscarron/tasks/setup_install.yml
@ -79,7 +79,7 @@
    name: "{{ matrix_bot_buscarron_docker_image }}"
    source: build
    force_source: "{{ matrix_bot_buscarron_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
-    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mailer_git_pull_results.changed }}"
+    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_buscarron_git_pull_results.changed }}"
    build:
      dockerfile: Dockerfile
      path: "{{ matrix_bot_buscarron_docker_src_files_path }}"
--- a/roles/custom/matrix-bot-chatgpt/tasks/install.yml
+++ b/roles/custom/matrix-bot-chatgpt/tasks/install.yml
@ -50,7 +50,7 @@
        name: "{{ matrix_bot_chatgpt_container_image }}"
        source: build
        force_source: "{{ matrix_bot_chatgpt_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
-        force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mailer_git_pull_results.changed }}"
+        force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_chatgpt_git_pull_results.changed }}"
        build:
          dockerfile: Dockerfile
          path: "{{ matrix_bot_chatgpt_container_src_path }}"
--- a/roles/custom/matrix-bot-honoroit/tasks/setup_install.yml
+++ b/roles/custom/matrix-bot-honoroit/tasks/setup_install.yml
@ -102,7 +102,7 @@
    name: "{{ matrix_bot_honoroit_docker_image }}"
    source: build
    force_source: "{{ matrix_bot_honoroit_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
-    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mailer_git_pull_results.changed }}"
+    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_honoroit_container_image_self_build.changed }}"
    build:
      dockerfile: Dockerfile
      path: "{{ matrix_bot_honoroit_docker_src_files_path }}"
--- a/roles/custom/matrix-bot-matrix-registration-bot/tasks/setup_install.yml
+++ b/roles/custom/matrix-bot-matrix-registration-bot/tasks/setup_install.yml
@ -49,7 +49,7 @@
    name: "{{ matrix_bot_matrix_registration_bot_docker_image }}"
    source: build
    force_source: "{{ matrix_bot_matrix_registration_bot_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
-    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mailer_git_pull_results.changed }}"
+    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_matrix_registration_bot_git_pull_results.changed }}"
    build:
      dockerfile: Dockerfile
      path: "{{ matrix_bot_matrix_registration_bot_docker_src_files_path }}"
--- a/roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml
+++ b/roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml
@ -69,7 +69,7 @@
    name: "{{ matrix_bot_matrix_reminder_bot_docker_image }}"
    source: build
    force_source: "{{ matrix_bot_matrix_reminder_bot_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
-    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mailer_git_pull_results.changed }}"
+    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_matrix_reminder_bot_git_pull_results.changed }}"
    build:
      dockerfile: docker/Dockerfile
      path: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}"
--- a/roles/custom/matrix-bot-postmoogle/tasks/setup_install.yml
+++ b/roles/custom/matrix-bot-postmoogle/tasks/setup_install.yml
@ -72,7 +72,7 @@
    name: "{{ matrix_bot_postmoogle_docker_image }}"
    source: build
    force_source: "{{ matrix_bot_postmoogle_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
-    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mailer_git_pull_results.changed }}"
+    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_postmoogle_git_pull_results.changed }}"
    build:
      dockerfile: Dockerfile
      path: "{{ matrix_bot_postmoogle_docker_src_files_path }}"
--- a/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml
+++ b/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml
@ -160,6 +160,8 @@ matrix_mautrix_signal_bridge_encryption_allow: "{{ matrix_bridges_encryption_ena
 matrix_mautrix_signal_bridge_encryption_default: "{{ matrix_mautrix_signal_bridge_encryption_allow }}"
 matrix_mautrix_signal_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_signal_bridge_encryption_allow }}"

+matrix_mautrix_signal_bridge_personal_filtering_spaces: true
+
 # On conduit versions before 0.5.0 this option prevented users from joining spaces created by the bridge.
 # Setting this to false fixed the issue.
 matrix_mautrix_signal_bridge_restricted_rooms: true
--- a/roles/custom/matrix-bridge-mautrix-signal/templates/config.yaml.j2
+++ b/roles/custom/matrix-bridge-mautrix-signal/templates/config.yaml.j2
@ -111,7 +111,7 @@ bridge:

    # Should the bridge create a space for each logged-in user and add bridged rooms to it?
    # Users who logged in before turning this on should run `!signal sync-space` to create and fill the space for the first time.
-    personal_filtering_spaces: false
+    personal_filtering_spaces: {{ matrix_mautrix_signal_bridge_personal_filtering_spaces | to_json }}
    # Should the bridge send a read receipt from the bridge bot when a message has been sent to Signal?
    delivery_receipts: false
    # Whether the bridge should send the message status as a custom com.beeper.message_send_status event.
--- a/roles/custom/matrix-cactus-comments/tasks/setup_install.yml
+++ b/roles/custom/matrix-cactus-comments/tasks/setup_install.yml
@ -58,7 +58,7 @@
    name: "{{ matrix_cactus_comments_docker_image }}"
    source: build
    force_source: "{{ matrix_cactus_comments_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
-    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mailer_git_pull_results.changed }}"
+    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_cactus_comments_git_pull_results.changed }}"
    build:
      dockerfile: Dockerfile
      path: "{{ matrix_cactus_comments_docker_src_files_path }}"
--- a/roles/custom/matrix-mailer/defaults/main.yml
+++ b/roles/custom/matrix-mailer/defaults/main.yml
@ -1,35 +0,0 @@
---
-# Project source code URL: https://github.com/devture/exim-relay
-
-matrix_mailer_enabled: true
-
-matrix_mailer_base_path: "{{ matrix_base_data_path }}/mailer"
-
-matrix_mailer_container_image_self_build: false
-matrix_mailer_container_image_self_build_repository_url: "https://github.com/devture/exim-relay"
-matrix_mailer_container_image_self_build_src_files_path: "{{ matrix_mailer_base_path }}/docker-src"
-matrix_mailer_container_image_self_build_version: "{{ matrix_mailer_docker_image.split(':')[1] }}"
-
-# renovate: datasource=docker depName=devture/exim-relay versioning=semver
-matrix_mailer_version: 4.97-r0-0
-matrix_mailer_docker_image: "{{ matrix_mailer_docker_image_name_prefix }}devture/exim-relay:{{ matrix_mailer_version }}"
-matrix_mailer_docker_image_name_prefix: "{{ 'localhost/' if matrix_mailer_container_image_self_build else matrix_container_global_registry_prefix }}"
-matrix_mailer_docker_image_force_pull: "{{ matrix_mailer_docker_image.endswith(':latest') }}"
-
-# The user/group that the container runs with.
-# These match the `exim` user/group within the container image.
-matrix_mailer_container_user_uid: 100
-matrix_mailer_container_user_gid: 101
-
-# A list of extra arguments to pass to the container
-matrix_mailer_container_extra_arguments: []
-
-matrix_mailer_hostname: "{{ matrix_server_fqn_matrix }}"
-
-matrix_mailer_sender_address: "matrix@{{ matrix_domain }}"
-matrix_mailer_relay_use: false
-matrix_mailer_relay_host_name: "mail.example.com"
-matrix_mailer_relay_host_port: 587
-matrix_mailer_relay_auth: false
-matrix_mailer_relay_auth_username: ""
-matrix_mailer_relay_auth_password: ""
--- a/roles/custom/matrix-mailer/tasks/main.yml
+++ b/roles/custom/matrix-mailer/tasks/main.yml
@ -1,17 +0,0 @@
---
-
- tags:
-    - setup-all
-    - setup-mailer
-    - install-all
-    - install-mailer
-  block:
-    - when: matrix_mailer_enabled | bool
-      ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_install.yml"
-
- tags:
-    - setup-all
-    - setup-mailer
-  block:
-    - when: not matrix_mailer_enabled | bool
-      ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
--- a/roles/custom/matrix-mailer/tasks/setup_install.yml
+++ b/roles/custom/matrix-mailer/tasks/setup_install.yml
@ -1,60 +0,0 @@
---
-
- name: Ensure mailer base path exists
-  ansible.builtin.file:
-    path: "{{ item.path }}"
-    state: directory
-    mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
-  with_items:
-    - {path: "{{ matrix_mailer_base_path }}", when: true}
-    - {path: "{{ matrix_mailer_container_image_self_build_src_files_path }}", when: "{{ matrix_mailer_container_image_self_build }}"}
-  when: item.when | bool
-
- name: Ensure mailer environment variables file created
-  ansible.builtin.template:
-    src: "{{ role_path }}/templates/env-mailer.j2"
-    dest: "{{ matrix_mailer_base_path }}/env-mailer"
-    mode: 0640
-
- name: Ensure exim-relay repository is present on self-build
-  ansible.builtin.git:
-    repo: "{{ matrix_mailer_container_image_self_build_repository_url }}"
-    dest: "{{ matrix_mailer_container_image_self_build_src_files_path }}"
-    version: "{{ matrix_mailer_container_image_self_build_version }}"
-    force: "yes"
-  become: true
-  become_user: "{{ matrix_user_username }}"
-  register: matrix_mailer_git_pull_results
-  when: matrix_mailer_container_image_self_build | bool
-
- name: Ensure exim-relay Docker image is built
-  community.docker.docker_image:
-    name: "{{ matrix_mailer_docker_image }}"
-    source: build
-    force_source: "{{ matrix_mailer_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
-    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mailer_git_pull_results.changed }}"
-    build:
-      dockerfile: Dockerfile
-      path: "{{ matrix_mailer_container_image_self_build_src_files_path }}"
-      pull: true
-  when: matrix_mailer_container_image_self_build | bool
-
- name: Ensure exim-relay image is pulled
-  community.docker.docker_image:
-    name: "{{ matrix_mailer_docker_image }}"
-    source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
-    force_source: "{{ matrix_mailer_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
-    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mailer_docker_image_force_pull }}"
-  when: "not matrix_mailer_container_image_self_build | bool"
-  register: result
-  retries: "{{ devture_playbook_help_container_retries_count }}"
-  delay: "{{ devture_playbook_help_container_retries_delay }}"
-  until: result is not failed
-
- name: Ensure matrix-mailer.service installed
-  ansible.builtin.template:
-    src: "{{ role_path }}/templates/systemd/matrix-mailer.service.j2"
-    dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mailer.service"
-    mode: 0644
--- a/roles/custom/matrix-mailer/tasks/setup_uninstall.yml
+++ b/roles/custom/matrix-mailer/tasks/setup_uninstall.yml
@ -1,25 +0,0 @@
---
-
- name: Check existence of matrix-mailer service
-  ansible.builtin.stat:
-    path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mailer.service"
-  register: matrix_mailer_service_stat
-
- when: matrix_mailer_service_stat.stat.exists | bool
-  block:
-    - name: Ensure matrix-mailer is stopped
-      ansible.builtin.service:
-        name: matrix-mailer
-        state: stopped
-        enabled: false
-        daemon_reload: true
-
-    - name: Ensure matrix-mailer.service doesn't exist
-      ansible.builtin.file:
-        path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mailer.service"
-        state: absent
-
-    - name: Ensure Matrix mailer path doesn't exist
-      ansible.builtin.file:
-        path: "{{ matrix_mailer_base_path }}"
-        state: absent
--- a/roles/custom/matrix-mailer/templates/env-mailer.j2
+++ b/roles/custom/matrix-mailer/templates/env-mailer.j2
@ -1,9 +0,0 @@
-#jinja2: lstrip_blocks: "True"
-{% if matrix_mailer_relay_use %}
-SMARTHOST={{ matrix_mailer_relay_host_name }}::{{ matrix_mailer_relay_host_port }}
-{% endif %}
-{% if matrix_mailer_relay_auth %}
-SMTP_USERNAME={{ matrix_mailer_relay_auth_username }}
-SMTP_PASSWORD={{ matrix_mailer_relay_auth_password }}
-{% endif %}
-HOSTNAME={{ matrix_mailer_hostname }}
--- a/roles/custom/matrix-mailer/templates/systemd/matrix-mailer.service.j2
+++ b/roles/custom/matrix-mailer/templates/systemd/matrix-mailer.service.j2
@ -1,37 +0,0 @@
-#jinja2: lstrip_blocks: "True"
-[Unit]
-Description=Matrix mailer
-After=docker.service
-Requires=docker.service
-DefaultDependencies=no
-
-[Service]
-Type=simple
-Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}"
-ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-mailer 2>/dev/null || true'
-ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mailer 2>/dev/null || true'
-
-# --hostname gives us a friendlier hostname than the default.
-# The real hostname is passed via a `HOSTNAME` environment variable though.
-ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mailer \
-			--log-driver=none \
-			--user={{ matrix_mailer_container_user_uid }}:{{ matrix_mailer_container_user_gid }} \
-			--cap-drop=ALL \
-			--read-only \
-			--tmpfs=/var/spool/exim:rw,noexec,nosuid,size=100m \
-			--network={{ matrix_docker_network }} \
-			--env-file={{ matrix_mailer_base_path }}/env-mailer \
-			--hostname=matrix-mailer \
-			{% for arg in matrix_mailer_container_extra_arguments %}
-			{{ arg }} \
-			{% endfor %}
-			{{ matrix_mailer_docker_image }}
-
-ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-mailer 2>/dev/null || true'
-ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mailer 2>/dev/null || true'
-Restart=always
-RestartSec=30
-SyslogIdentifier=matrix-mailer
-
-[Install]
-WantedBy=multi-user.target
--- a/roles/custom/matrix_playbook_migration/tasks/devture_traefik_to_matrix_traefik.yml
+++ b/roles/custom/matrix_playbook_migration/tasks/devture_traefik_to_matrix_traefik.yml
@ -7,7 +7,7 @@
 # The Traefik role itself (running later) will then ensure this data is up-to-date and will set up the new systemd service.

 # It only makes sense to migrate if the identifier or path are different than the default (what we were using before).
- when: "devture_traefik_identifier != 'devture-postgres' or devture_traefik_base_path != '/devture-traefik'"
+- when: "devture_traefik_identifier != 'devture-traefik' or devture_traefik_base_path != '/devture-traefik'"
  block:
    - name: Check existence of devture-traefik.service systemd service
      ansible.builtin.stat:
--- a/roles/custom/matrix_playbook_migration/tasks/main.yml
+++ b/roles/custom/matrix_playbook_migration/tasks/main.yml
@ -27,6 +27,12 @@
  block:
    - ansible.builtin.include_tasks: "{{ role_path }}/tasks/cleanup_matrix_static_files_well_known.yml"

+- tags:
+    - setup-all
+    - install-all
+  block:
+    - ansible.builtin.include_tasks: "{{ role_path }}/tasks/cleanup_matrix_static_files_well_known.yml"
+
 - when: devture_traefik_enabled | bool
  tags:
    - setup-all
--- a/roles/custom/matrix_playbook_migration/tasks/migrate_matrix_mailer.yml
+++ b/roles/custom/matrix_playbook_migration/tasks/migrate_matrix_mailer.yml
@ -0,0 +1,39 @@
+---
+
+# This migrates the mailer from the old path (`/matrix/mailer`) to the new path (`/matrix/exim-relay`, controlled by `exim_relay_base_path`),
+# and from the old hardcoded systemd service name (`matrix-mailer.service`) to the new one (`matrix-exim-relay.service`, controlled by `exim_relay_identifier`).
+#
+# Here, we merely disable (and stop) the old systemd service and relocate the base directory path (`/matrix/mailer`).
+# The exim-relay role itself (running later) will then ensure this data is up-to-date and will set up the new systemd service.
+
+# It only makes sense to migrate if the identifier or path are different than the default (what we were using before).
+- name: Check existence of matrix-mailer.service systemd service
+  ansible.builtin.stat:
+    path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mailer.service"
+  register: matrix_mailer_service_stat
+
+- when: matrix_mailer_service_stat.stat.exists | bool
+  block:
+    - name: Ensure matrix-mailer.service systemd service is stopped
+      ansible.builtin.systemd:
+        name: matrix-mailer
+        state: stopped
+        enabled: false
+        daemon_reload: true
+
+    - name: Ensure matrix-mailer directory relocated
+      ansible.builtin.command:
+        cmd: "mv {{ matrix_base_data_path }}/mailer {{ exim_relay_base_path }}"
+        creates: "{{ exim_relay_base_path }}"
+        removes: "{{ matrix_base_data_path }}"
+
+    # Remove legacy env-mailer file (named `env` in the new role)
+    - name: Ensure old exim-relay environment variables file is deleted
+      ansible.builtin.file:
+        path: "{{ exim_relay_base_path }}/env-mailer"
+        state: absent
+
+    - name: Ensure matrix-mailer.service systemd service doesn't exist
+      ansible.builtin.file:
+        path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mailer.service"
+        state: absent
--- a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml
+++ b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml
@ -59,6 +59,9 @@
    - {'old': 'matrix_prosody_jitsi_max_participants', 'new': 'jitsi_prosody_max_participants'}
    - {'old': 'jitsi_require_well_known', 'new': 'jitsi_web_well_known_element_jitsi_enabled'}
    - {'old': 'jitsi_wellknown_element_jitsi_json', 'new': 'jitsi_web_well_known_element_jitsi_json'}
+    - {'old': 'exim_relay_docker_image', 'new': 'exim_relay_container_image'}
+    - {'old': 'exim_relay_docker_image_name_prefix', 'new': 'exim_relay_container_image_name_prefix'}
+    - {'old': 'exim_relay_docker_image_force_pull', 'new': 'exim_relay_container_image_force_pull'}

    - {'old': 'matrix_nginx_proxy_proxy_matrix_metrics_enabled', 'new': 'matrix_metrics_exposure_enabled'}
    - {'old': 'matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_enabled', 'new': 'matrix_metrics_exposure_http_basic_auth_enabled'}
@ -106,6 +109,17 @@
      The following variables in your configuration need to be renamed: {{ vars | dict2items | selectattr('key', 'match', 'matrix_postgres_.*') | map (attribute='key') | join(', ') }}
  when: "vars | dict2items | selectattr('key', 'match', 'matrix_postgres_.*') | list | items2dict"

+- name: (Deprecation) Catch and report matrix_mailer_ variables
+  ansible.builtin.fail:
+    msg: |-
+      The matrix-mailer role in the playbook has been replaced with the exim-relay role (https://github.com/mother-of-all-self-hosting/ansible-role-exim-relay).
+      The new role is pretty much the same, but uses differently named variables.
+
+      Please change your configuration (vars.yml) to rename all `matrix_mailer`-prefixed variables (`matrix_mailer_*` -> `exim_relay_*`).
+
+      The following variables in your configuration need to be renamed: {{ vars | dict2items | selectattr('key', 'match', 'matrix_mailer_.*') | map (attribute='key') | join(', ') }}
+  when: "vars | dict2items | selectattr('key', 'match', 'matrix_mailer_.*') | list | items2dict"
+
 - when: matrix_playbook_migration_matrix_prometheus_node_exporter_migration_validation_enabled | bool
  block:
    - ansible.builtin.set_fact: