Move roles/matrix* to roles/custom/matrix*
This paves the way for installing other roles into `roles/galaxy` using `ansible-galaxy`, similar to how it's done in: - https://github.com/spantaleev/gitea-docker-ansible-deploy - https://github.com/spantaleev/nextcloud-docker-ansible-deploy In the near future, we'll be removing a lot of the shared role code from here and using upstream roles for it. Some of the core `matrix-*` roles have already been extracted out into other reusable roles: - https://github.com/devture/com.devture.ansible.role.postgres - https://github.com/devture/com.devture.ansible.role.systemd_docker_base - https://github.com/devture/com.devture.ansible.role.timesync - https://github.com/devture/com.devture.ansible.role.vars_preserver - https://github.com/devture/com.devture.ansible.role.playbook_runtime_messages - https://github.com/devture/com.devture.ansible.role.playbook_help We just need to migrate to those.
This commit is contained in:
Slavi Pantaleev
22
roles/custom/matrix-user-creator/defaults/main.yml
Normal file
22
roles/custom/matrix-user-creator/defaults/main.yml
Normal file
@ -0,0 +1,22 @@
|
||||
---
|
||||
|
||||
# matrix-user-creator is a role that aims to automate initial Matrix user account creation.
|
||||
#
|
||||
# This role only supports initial user account creation and will not manage subsequent user-type changes
|
||||
# or password changes.
|
||||
#
|
||||
# The playbook registers various bot user accounts automatically using this role by injecting
|
||||
# user creation definitions into the `matrix_user_creator_users_auto` variable.
|
||||
#
|
||||
# To get started creating your own Matrix user accounts, use the `matrix_user_creator_users_additional` variable.
|
||||
|
||||
# matrix_user_creator_users_auto holds a list of users that should be created on the Matrix homeserver.
|
||||
# The playbook adds some user definitions here to have them end up in `matrix_user_creator_users` (see `vars/main.yml`) and get automatically created.
|
||||
# This value is influenced by the playbook and will be overwritten elsewhere (`group_vars/`, etc.)
|
||||
# To add your own user definitions, use the `matrix_user_creator_users_additional` variable.
|
||||
matrix_user_creator_users_auto: []
|
||||
|
||||
# matrix_user_creator_users_additional holds a list of users that should be created on the Matrix homeserver.
|
||||
# Add your own users here to have them end up in `matrix_user_creator_users` (see `vars/main.yml`) and get automatically created.
|
||||
# For example syntax for this variable, see the documentation for `matrix_user_creator_users` in `vars/main.yml`.
|
||||
matrix_user_creator_users_additional: []
|
||||
9
roles/custom/matrix-user-creator/tasks/main.yml
Normal file
9
roles/custom/matrix-user-creator/tasks/main.yml
Normal file
@ -0,0 +1,9 @@
|
||||
---
|
||||
|
||||
- when: matrix_user_creator_users | length > 0
|
||||
ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup.yml"
|
||||
tags:
|
||||
# This role intentionally doesn't do work on a `setup-all` tag.
|
||||
# If it did, the initial installation (`--tags=setup-all`) would also potentially polute the database with data,
|
||||
# which would make importing a database dump problematic.
|
||||
- ensure-matrix-users-created
|
||||
33
roles/custom/matrix-user-creator/tasks/setup.yml
Normal file
33
roles/custom/matrix-user-creator/tasks/setup.yml
Normal file
@ -0,0 +1,33 @@
|
||||
---
|
||||
|
||||
- name: Validate Matrix users to create
|
||||
ansible.builtin.include_tasks: "{{ role_path }}/tasks/util/validate_user.yml"
|
||||
with_items: "{{ matrix_user_creator_users }}"
|
||||
loop_control:
|
||||
loop_var: user
|
||||
# Suppress logging to avoid dumping the credentials to the shell
|
||||
no_log: true
|
||||
|
||||
- name: Ensure systemd is reloaded before starting the homeserver
|
||||
ansible.builtin.service:
|
||||
daemon_reload: true
|
||||
|
||||
- name: Ensure homeserver is started before creating Matrix users
|
||||
ansible.builtin.service:
|
||||
name: "matrix-{{ matrix_homeserver_implementation }}.service"
|
||||
state: started
|
||||
daemon_reload: true
|
||||
register: matrix_user_registrator_homeserver_start_result
|
||||
|
||||
- name: Wait a while, so that the homeserver can manage to start before creating Matrix users
|
||||
ansible.builtin.pause:
|
||||
seconds: 7
|
||||
when: matrix_user_registrator_homeserver_start_result.changed | bool
|
||||
|
||||
- name: Ensure Matrix users are created
|
||||
ansible.builtin.include_tasks: "{{ role_path }}/tasks/util/ensure_user_registered_{{ matrix_homeserver_implementation }}.yml"
|
||||
with_items: "{{ matrix_user_creator_users }}"
|
||||
loop_control:
|
||||
loop_var: user
|
||||
# Suppress logging to avoid dumping the credentials to the shell
|
||||
no_log: true
|
||||
@ -0,0 +1,5 @@
|
||||
---
|
||||
|
||||
- name: Ensure Conduit user registered - {{ user.username | quote }}
|
||||
ansible.builtin.debug:
|
||||
msg: "Not registering user. To register Conduit users, message the Conduit bot"
|
||||
@ -0,0 +1,17 @@
|
||||
---
|
||||
|
||||
- name: Ensure Dendrite user registered - {{ user.username | quote }}
|
||||
ansible.builtin.command:
|
||||
cmd: |-
|
||||
{{ matrix_host_command_docker }} exec matrix-dendrite
|
||||
create-account
|
||||
-config /data/dendrite.yaml
|
||||
-username {{ user.username | quote }}
|
||||
-password {{ user.initial_password | quote }}
|
||||
{% if user.initial_type == 'admin' %}
|
||||
-admin
|
||||
{% endif %}
|
||||
-url http://localhost:{{ matrix_dendrite_http_bind_port }}
|
||||
register: matrix_dendrite_register_user_result
|
||||
changed_when: matrix_dendrite_register_user_result.rc == 0 and 'Desired user ID is already taken' not in matrix_dendrite_register_user_result.stderr
|
||||
failed_when: matrix_dendrite_register_user_result.rc != 0 and 'Desired user ID is already taken' not in matrix_dendrite_register_user_result.stderr
|
||||
@ -0,0 +1,22 @@
|
||||
---
|
||||
|
||||
- name: Ensure Synapse user registered - {{ user.username | quote }}
|
||||
ansible.builtin.command:
|
||||
cmd: |-
|
||||
{{ matrix_host_command_docker }} exec matrix-synapse
|
||||
register_new_matrix_user
|
||||
-u {{ user.username | quote }}
|
||||
-p {{ user.initial_password | quote }}
|
||||
-c /data/homeserver.yaml
|
||||
{% if user.initial_type == 'admin' %}
|
||||
--admin
|
||||
{% else %}
|
||||
--no-admin
|
||||
{% if user.initial_type != 'user' %}
|
||||
--user_type={{ user.initial_type | quote }}
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
http://localhost:{{ matrix_synapse_container_client_api_port }}
|
||||
register: matrix_synapse_register_user_result
|
||||
changed_when: matrix_synapse_register_user_result.rc == 0 and 'User ID already taken' not in matrix_synapse_register_user_result.stdout
|
||||
failed_when: matrix_synapse_register_user_result.rc != 0 and 'User ID already taken' not in matrix_synapse_register_user_result.stdout
|
||||
@ -0,0 +1,16 @@
|
||||
---
|
||||
|
||||
- name: Fail if invalid username
|
||||
ansible.builtin.fail:
|
||||
msg: "Empty usernames values are not allowed ({{ user }})"
|
||||
when: not (user.username | default(''))
|
||||
|
||||
- name: Fail if invalid initial_password for user - {{ user.username }}
|
||||
ansible.builtin.fail:
|
||||
msg: "Empty initial_password values are not allowed"
|
||||
when: not (user.initial_password | default(''))
|
||||
|
||||
- name: Fail if invalid initial_type for user - {{ user.username }}
|
||||
ansible.builtin.fail:
|
||||
msg: "User initial_type `{{ user.initial_type | default('undefined') }}` is not supported"
|
||||
when: user.initial_type | default('undefined') not in ['admin', 'user', 'bot', 'support']
|
||||
34
roles/custom/matrix-user-creator/vars/main.yml
Normal file
34
roles/custom/matrix-user-creator/vars/main.yml
Normal file
@ -0,0 +1,34 @@
|
||||
---
|
||||
|
||||
# matrix_user_creator_users holds a list of users that should be created on the Matrix homeserver.
|
||||
#
|
||||
# Removing a user from this list will not automatically delete/disable the Matrix user on the homeserver.
|
||||
#
|
||||
# As the `initial_password` / `initial_type` field names indicate, these are just initial values.
|
||||
# Changing the password or type values subsequently will not update the already existing user's details.
|
||||
#
|
||||
# The known user types are: 'admin', 'user', 'bot', 'support'.
|
||||
# These are inspired by Synapse's user types.
|
||||
# 'admin' and 'user' types are generally recognized across homeservers.
|
||||
# Other homeservers may not support 'bot' and 'support'. Such homeservers will fall back to whatever types they do support.
|
||||
#
|
||||
# Example:
|
||||
# matrix_user_creator_users:
|
||||
# - username: root
|
||||
# initial_password: some-password
|
||||
# initial_type: admin
|
||||
#
|
||||
# - username: john
|
||||
# initial_password: some-password
|
||||
# initial_type: user
|
||||
#
|
||||
# - username: bot.matrix-reminder-bot
|
||||
# initial_password: some-password
|
||||
# initial_type: bot
|
||||
#
|
||||
# - username: bot.matrix-reminder-bot
|
||||
# initial_password: some-password
|
||||
# initial_type: support
|
||||
#
|
||||
# To create you own users, use the `matrix_user_creator_users_additional` variable.
|
||||
matrix_user_creator_users: "{{ matrix_user_creator_users_auto + matrix_user_creator_users_additional }}"
|
||||
Reference in New Issue
Block a user