Move matrix-bridge-mx-puppet-slack to its own container network and add native Traefik support

roles/custom/matrix-bridge-mx-puppet-slack/templates/config.yaml.j2

@@ -17,22 +17,22 @@ bridge:
 
 # Slack OAuth settings. Create a slack app at https://api.slack.com/apps
 oauth:
-  enabled: true
+  enabled: {{ matrix_mx_puppet_slack_oauth_enabled | to_json }}
   # Slack app credentials.
   # N.B. This must be quoted so YAML does not parse it as a float.
   clientId: '{{ matrix_mx_puppet_slack_oauth_client_id }}'
   clientSecret: {{ matrix_mx_puppet_slack_oauth_client_secret|to_json }}
   # Path where to listen for OAuth redirect callbacks.
-  redirectPath: {{ matrix_mx_puppet_slack_redirect_path }}
+  redirectPath: {{ matrix_mx_puppet_slack_oauth_redirect_path | to_json }}
   # Set up proxying from https://your.domain/redirect_path to http://bindAddress:port/redirect_path,
   # then set this field and the Slack app redirect URI field to the former.
-  redirectUri: {{ matrix_mx_puppet_slack_redirect_uri }}
+  redirectUri: {{ matrix_mx_puppet_slack_oauth_redirect_uri | to_json }}
 
 presence:
   # Bridge Discord online/offline status
-  enabled: true
+  enabled: {{ matrix_mx_puppet_slack_presence_enabled | to_json }}
   # How often to send status to the homeserver in milliseconds
-  interval: 5000
+  interval: {{ matrix_mx_puppet_slack_presence_interval | to_json }}
 
 provisioning:
   # Regex of Matrix IDs allowed to use the puppet bridge

roles/custom/matrix-bridge-mx-puppet-slack/templates/labels.j2

@@ -0,0 +1,26 @@
+{% if matrix_mx_puppet_slack_container_labels_traefik_enabled %}
+traefik.enable=true
+
+{% if matrix_mx_puppet_slack_container_labels_traefik_docker_network %}
+traefik.docker.network={{ matrix_mx_puppet_slack_container_labels_traefik_docker_network }}
+{% endif %}
+
+{# Public endpoint #}
+{% if matrix_mx_puppet_slack_container_labels_public_endpoint_enabled %}
+traefik.http.routers.matrix-mx-puppet-slack-public.rule={{ matrix_mx_puppet_slack_container_labels_public_endpoint_traefik_rule }}
+{% if matrix_mx_puppet_slack_container_labels_public_endpoint_traefik_priority | int > 0 %}
+traefik.http.routers.matrix-mx-puppet-slack-public.priority={{ matrix_mx_puppet_slack_container_labels_public_endpoint_traefik_priority }}
+{% endif %}
+traefik.http.routers.matrix-mx-puppet-slack-public.service=matrix-mx-puppet-slack
+traefik.http.routers.matrix-mx-puppet-slack-public.entrypoints={{ matrix_mx_puppet_slack_container_labels_public_endpoint_traefik_entrypoints }}
+traefik.http.routers.matrix-mx-puppet-slack-public.tls={{ matrix_mx_puppet_slack_container_labels_public_endpoint_traefik_tls | to_json }}
+{% if matrix_mx_puppet_slack_container_labels_public_endpoint_traefik_tls %}
+traefik.http.routers.matrix-mx-puppet-slack-public.tls.certResolver={{ matrix_mx_puppet_slack_container_labels_public_endpoint_traefik_tls_certResolver }}
+{% endif %}
+traefik.http.services.matrix-mx-puppet-slack.loadbalancer.server.port={{ matrix_mx_puppet_slack_appservice_address }}
+{% endif %}
+
+
+{% endif %}
+
+{{ matrix_mx_puppet_slack_container_labels_additional_labels }}

roles/custom/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2

@@ -19,23 +19,32 @@ ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_s
 # Intentional delay, so that the homeserver (we likely depend on) can manage to start.
 ExecStartPre={{ matrix_host_command_sleep }} 5
 
-ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mx-puppet-slack \
+ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
+			--rm \
+			--name=matrix-mx-puppet-slack \
 			--log-driver=none \
 			--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
 			--cap-drop=ALL \
-			--network={{ matrix_docker_network }} \
+			--network={{ matrix_mx_puppet_slack_container_network }} \
 			{% if matrix_mx_puppet_slack_container_http_host_bind_port %}
 			-p {{ matrix_mx_puppet_slack_container_http_host_bind_port }}:{{ matrix_mx_puppet_slack_appservice_port }} \
 			{% endif %}
 			-e CONFIG_PATH=/config/config.yaml \
 			-e REGISTRATION_PATH=/config/registration.yaml \
-			-v {{ matrix_mx_puppet_slack_config_path }}:/config:z \
-			-v {{ matrix_mx_puppet_slack_data_path }}:/data:z \
+			--mount type=bind,src={{ matrix_mx_puppet_slack_config_path }},dst=/config \
+			--mount type=bind,src={{ matrix_mx_puppet_slack_data_path }},dst=/data \
+			--label-file={{ matrix_mx_puppet_slack_base_path }}/labels \
 			{% for arg in matrix_mx_puppet_slack_container_extra_arguments %}
 			{{ arg }} \
 			{% endfor %}
 			{{ matrix_mx_puppet_slack_docker_image }}
 
+{% for network in matrix_mx_puppet_slack_container_additional_networks %}
+ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-mx-puppet-slack
+{% endfor %}
+
+ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-mx-puppet-slack
+
 ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-mx-puppet-slack 2>/dev/null || true'
 ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-slack 2>/dev/null || true'
 Restart=always