Merge pull request #187 from danbob/fix-ansible-deprecations

Fix ansible deprecations
This commit is contained in:
Slavi Pantaleev 2019-05-23 08:44:54 +09:00 committed by GitHub
commit 45c67db0bf
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
69 changed files with 248 additions and 235 deletions

View File

@ -7,5 +7,5 @@
# For improved Ansible performance, SSH pipelining is enabled by default (`ansible_ssh_pipelining=yes`).
# If this causes SSH connection troubles, feel free to disable it.
[matrix-servers]
[matrix_servers]
matrix.<your-domain> ansible_host=<your-server's external IP address> ansible_ssh_user=root ansible_ssh_pipelining=yes

View File

@ -3,22 +3,22 @@
- always
- import_tasks: "{{ role_path }}/tasks/clean_up_old_files.yml"
when: run_setup
when: run_setup|bool
tags:
- setup-all
- import_tasks: "{{ role_path }}/tasks/setup_server_base.yml"
when: run_setup
when: run_setup|bool
tags:
- setup-all
- import_tasks: "{{ role_path }}/tasks/setup_matrix_base.yml"
when: run_setup
when: run_setup|bool
tags:
- setup-all
- import_tasks: "{{ role_path }}/tasks/setup_well_known.yml"
when: run_setup
when: run_setup|bool
tags:
- setup-all
- setup-mxisd
@ -28,6 +28,6 @@
- import_tasks: "{{ role_path }}/tasks/self_check_dns.yml"
delegate_to: 127.0.0.1
become: false
when: run_self_check
when: run_self_check|bool
tags:
- self-check

View File

@ -19,7 +19,7 @@
- name: Determine domains that we require certificates for (mxisd)
set_fact:
dns_srv_record_checks: "{{ dns_srv_record_checks + [dns_srv_record_check_mxisd] }}"
when: "matrix_mxisd_enabled"
when: matrix_mxisd_enabled|bool
- name: Perform DNS SRV checks
include_tasks: "{{ role_path }}/tasks/self_check_dns_srv.yml"

View File

@ -27,10 +27,10 @@
mode: 0644
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_username }}"
when: matrix_well_known_matrix_server_enabled
when: matrix_well_known_matrix_server_enabled|bool
- name: Ensure Matrix /.well-known/matrix/server file deleted
file:
path: "{{ matrix_static_files_base_path }}/.well-known/matrix/server"
state: absent
when: "not matrix_well_known_matrix_server_enabled"
when: "not matrix_well_known_matrix_server_enabled|bool"

View File

@ -1,3 +1,3 @@
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-appservice-discord'] }}"
when: matrix_appservice_discord_enabled
when: matrix_appservice_discord_enabled|bool

View File

@ -3,19 +3,19 @@
- always
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
when: "run_setup and matrix_appservice_discord_enabled"
when: "run_setup|bool and matrix_appservice_discord_enabled|bool"
tags:
- setup-all
- setup-appservice-discord
- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
when: "run_setup and matrix_appservice_discord_enabled"
when: "run_setup|bool and matrix_appservice_discord_enabled|bool"
tags:
- setup-all
- setup-appservice-discord
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
when: "run_setup and not matrix_appservice_discord_enabled"
when: "run_setup|bool and not matrix_appservice_discord_enabled|bool"
tags:
- setup-all
- setup-appservice-discord

View File

@ -11,6 +11,7 @@
- name: Ensure Appservice Discord image is pulled
docker_image:
name: "{{ matrix_appservice_discord_docker_image }}"
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
- name: Ensure Appservice Discord base directory exists
file:
@ -90,4 +91,3 @@
{{ matrix_synapse_app_service_config_files|default([]) }}
+
{{ ["{{ matrix_synapse_app_service_config_file_appservice_discord }}"] | to_nice_json }}

View File

@ -1,3 +1,3 @@
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-appservice-irc'] }}"
when: matrix_appservice_irc_enabled
when: matrix_appservice_irc_enabled|bool

View File

@ -3,19 +3,19 @@
- always
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
when: "run_setup and matrix_appservice_irc_enabled"
when: "run_setup|bool and matrix_appservice_irc_enabled|bool"
tags:
- setup-all
- setup-appservice-irc
- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
when: "run_setup and matrix_appservice_irc_enabled"
when: "run_setup|bool and matrix_appservice_irc_enabled|bool"
tags:
- setup-all
- setup-appservice-irc
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
when: "run_setup and not matrix_appservice_irc_enabled"
when: "run_setup|bool and not matrix_appservice_irc_enabled|bool"
tags:
- setup-all
- setup-appservice-irc

View File

@ -11,6 +11,7 @@
- name: Ensure Appservice IRC image is pulled
docker_image:
name: "{{ matrix_appservice_irc_docker_image }}"
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
- name: Ensure Appservice IRC base directory exists
file:

View File

@ -1,3 +1,3 @@
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-facebook'] }}"
when: "matrix_mautrix_facebook_enabled"
when: matrix_mautrix_facebook_enabled|bool

View File

@ -3,19 +3,19 @@
- always
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
when: "run_setup and matrix_mautrix_facebook_enabled"
when: "run_setup|bool and matrix_mautrix_facebook_enabled|bool"
tags:
- setup-all
- setup-mautrix-facebook
- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
when: "run_setup and matrix_mautrix_facebook_enabled"
when: "run_setup|bool and matrix_mautrix_facebook_enabled|bool"
tags:
- setup-all
- setup-mautrix-facebook
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
when: "run_setup and not matrix_mautrix_facebook_enabled"
when: "run_setup|bool and not matrix_mautrix_facebook_enabled|bool"
tags:
- setup-all
- setup-mautrix-facebook

View File

@ -11,6 +11,7 @@
- name: Ensure Mautrix Facebook image is pulled
docker_image:
name: "{{ matrix_mautrix_facebook_docker_image }}"
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
- name: Ensure Mautrix Facebook base directory exists
file:

View File

@ -1,3 +1,3 @@
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-telegram'] }}"
when: "matrix_mautrix_telegram_enabled"
when: matrix_mautrix_telegram_enabled|bool

View File

@ -3,19 +3,19 @@
- always
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
when: "run_setup and matrix_mautrix_telegram_enabled"
when: "run_setup|bool and matrix_mautrix_telegram_enabled|bool"
tags:
- setup-all
- setup-mautrix-telegram
- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
when: "run_setup and matrix_mautrix_telegram_enabled"
when: "run_setup|bool and matrix_mautrix_telegram_enabled|bool"
tags:
- setup-all
- setup-mautrix-telegram
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
when: "run_setup and not matrix_mautrix_telegram_enabled"
when: "run_setup|bool and not matrix_mautrix_telegram_enabled|bool"
tags:
- setup-all
- setup-mautrix-telegram

View File

@ -11,6 +11,7 @@
- name: Ensure Mautrix Telegram image is pulled
docker_image:
name: "{{ matrix_mautrix_telegram_docker_image }}"
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
- name: Ensure Mautrix Telegram base directory exists
file:
@ -98,7 +99,7 @@
but it's pointless since the matrix-nginx-proxy role had already executed.
To fix this, please change the order of roles in your plabook,
so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-telegram role.
when: "matrix_nginx_proxy_role_executed"
when: matrix_nginx_proxy_role_executed|bool
- name: Generate Mautrix Telegram proxying configuration for matrix-nginx-proxy
set_fact:

View File

@ -1,3 +1,3 @@
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-whatsapp'] }}"
when: "matrix_mautrix_whatsapp_enabled"
when: matrix_mautrix_whatsapp_enabled|bool

View File

@ -11,6 +11,7 @@
- name: Ensure Mautrix Whatsapp image is pulled
docker_image:
name: "{{ matrix_mautrix_whatsapp_docker_image }}"
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
- name: Ensure Mautrix Whatsapp base directory exists
file:

View File

@ -1,9 +1,9 @@
- import_tasks: "{{ role_path }}/tasks/start.yml"
when: run_start
when: run_start|bool
tags:
- start
- import_tasks: "{{ role_path }}/tasks/stop.yml"
when: run_stop
when: run_stop|bool
tags:
- stop

View File

@ -1,3 +1,3 @@
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-corporal'] }}"
when: "matrix_corporal_enabled"
when: matrix_corporal_enabled|bool

View File

@ -3,13 +3,13 @@
- always
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
when: "run_setup and matrix_corporal_enabled"
when: "run_setup|bool and matrix_corporal_enabled|bool"
tags:
- setup-all
- setup-corporal
- import_tasks: "{{ role_path }}/tasks/setup_corporal.yml"
when: run_setup
when: run_setup|bool
tags:
- setup-all
- setup-corporal
@ -17,6 +17,6 @@
- import_tasks: "{{ role_path }}/tasks/self_check_corporal.yml"
delegate_to: 127.0.0.1
become: false
when: "run_self_check and matrix_corporal_enabled"
when: "run_self_check|bool and matrix_corporal_enabled|bool"
tags:
- self-check
- self-check

View File

@ -15,19 +15,20 @@
- "{{ matrix_corporal_config_dir_path }}"
- "{{ matrix_corporal_cache_dir_path }}"
- "{{ matrix_corporal_var_dir_path }}"
when: "matrix_corporal_enabled"
when: matrix_corporal_enabled|bool
- name: Ensure Matrix Corporal Docker image is pulled
docker_image:
name: "{{ matrix_corporal_docker_image }}"
when: "matrix_corporal_enabled"
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
when: matrix_corporal_enabled|bool
- name: Ensure Matrix Corporal config installed
template:
src: "{{ role_path }}/templates/config.json.j2"
dest: "{{ matrix_corporal_config_dir_path }}/config.json"
mode: 0644
when: "matrix_corporal_enabled"
when: matrix_corporal_enabled|bool
- name: Ensure matrix-corporal.service installed
template:
@ -35,12 +36,12 @@
dest: "/etc/systemd/system/matrix-corporal.service"
mode: 0644
register: matrix_corporal_systemd_service_result
when: "matrix_corporal_enabled"
when: matrix_corporal_enabled|bool
- name: Ensure systemd reloaded after matrix-corporal.service installation
service:
daemon_reload: yes
when: "matrix_corporal_enabled and matrix_corporal_systemd_service_result.changed"
when: "matrix_corporal_enabled|bool and matrix_corporal_systemd_service_result.changed"
#
@ -51,7 +52,7 @@
stat:
path: "/etc/systemd/system/matrix-corporal.service"
register: matrix_corporal_service_stat
when: "not matrix_corporal_enabled"
when: "not matrix_corporal_enabled|bool"
- name: Ensure matrix-corporal is stopped
service:
@ -59,18 +60,18 @@
state: stopped
daemon_reload: yes
register: stopping_result
when: "not matrix_corporal_enabled and matrix_corporal_service_stat.stat.exists"
when: "not matrix_corporal_enabled|bool and matrix_corporal_service_stat.stat.exists"
- name: Ensure matrix-corporal.service doesn't exist
file:
path: "/etc/systemd/system/matrix-corporal.service"
state: absent
when: "not matrix_corporal_enabled and matrix_corporal_service_stat.stat.exists"
when: "not matrix_corporal_enabled|bool and matrix_corporal_service_stat.stat.exists"
- name: Ensure systemd reloaded after matrix-corporal.service removal
service:
daemon_reload: yes
when: "not matrix_corporal_enabled and matrix_corporal_service_stat.stat.exists"
when: "not matrix_corporal_enabled|bool and matrix_corporal_service_stat.stat.exists"
- name: Ensure matrix-corporal files don't exist
file:
@ -79,10 +80,10 @@
with_items:
- /etc/systemd/system/matrix-corporal.service
- "{{ matrix_corporal_config_dir_path }}/config.json"
when: "not matrix_corporal_enabled"
when: "not matrix_corporal_enabled|bool"
- name: Ensure Matrix Corporal Docker image doesn't exist
docker_image:
name: "{{ matrix_corporal_docker_image }}"
state: absent
when: "not matrix_corporal_enabled"
when: "not matrix_corporal_enabled|bool"

View File

@ -14,4 +14,4 @@
- name: Fail if HTTP API enabled, but no token set
fail:
msg: "The Matrix Corporal HTTP API is enabled (`matrix_corporal_http_api_enabled`), but no auth token has been set in `matrix_corporal_http_api_auth_token`"
when: "matrix_corporal_http_api_enabled and matrix_corporal_http_api_auth_token == ''"
when: "matrix_corporal_http_api_enabled|bool and matrix_corporal_http_api_auth_token == ''"

View File

@ -1,3 +1,3 @@
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-coturn'] }}"
when: "matrix_coturn_enabled"
when: matrix_coturn_enabled|bool

View File

@ -3,13 +3,13 @@
- always
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
when: "run_setup and matrix_coturn_enabled"
when: "run_setup|bool and matrix_coturn_enabled|bool"
tags:
- setup-all
- setup-coturn
- import_tasks: "{{ role_path }}/tasks/setup_coturn.yml"
when: run_setup
when: run_setup|bool
tags:
- setup-all
- setup-coturn
- setup-coturn

View File

@ -7,7 +7,8 @@
- name: Ensure Coturn image is pulled
docker_image:
name: "{{ matrix_coturn_docker_image }}"
when: matrix_coturn_enabled
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
when: matrix_coturn_enabled|bool
- name: Ensure Coturn configuration path exists
file:
@ -16,14 +17,14 @@
mode: 0750
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_username }}"
when: matrix_coturn_enabled
when: matrix_coturn_enabled|bool
- name: Ensure turnserver.conf installed
template:
src: "{{ role_path }}/templates/turnserver.conf.j2"
dest: "{{ matrix_coturn_config_path }}"
mode: 0644
when: matrix_coturn_enabled
when: matrix_coturn_enabled|bool
# `docker_network` doesn't work as expected when the given network
# is a substring of a network that already exists.
@ -34,12 +35,12 @@
cmd: "docker network ls -q --filter='name=^{{ matrix_coturn_docker_network }}$'"
register: matrix_coturn_result_docker_network
changed_when: false
when: matrix_coturn_enabled
when: matrix_coturn_enabled|bool
- name: Create Coturn network in Docker
shell:
cmd: "docker network create --driver=bridge {{ matrix_coturn_docker_network }}"
when: "matrix_coturn_enabled and matrix_coturn_result_docker_network.stdout == ''"
when: "matrix_coturn_enabled|bool and matrix_coturn_result_docker_network.stdout == ''"
- name: Ensure matrix-coturn.service installed
template:
@ -47,12 +48,12 @@
dest: "/etc/systemd/system/matrix-coturn.service"
mode: 0644
register: matrix_coturn_systemd_service_result
when: matrix_coturn_enabled
when: matrix_coturn_enabled|bool
- name: Ensure systemd reloaded after matrix-coturn.service installation
service:
daemon_reload: yes
when: "matrix_coturn_enabled and matrix_coturn_systemd_service_result.changed"
when: "matrix_coturn_enabled|bool and matrix_coturn_systemd_service_result.changed"
# This may be unnecessary when more long-lived certificates are used.
# We optimize for the common use-case though (short-lived Let's Encrypt certificates).
@ -63,11 +64,11 @@
cron_file: matrix-coturn-ssl-reload
name: matrix-coturn-ssl-reload
state: present
hour: 4
minute: 20
hour: "4"
minute: "20"
day: "*/5"
job: /bin/systemctl reload matrix-coturn.service
when: matrix_coturn_enabled and matrix_coturn_tls_enabled
when: "matrix_coturn_enabled|bool and matrix_coturn_tls_enabled|bool"
#
@ -79,13 +80,13 @@
user: root
cron_file: matrix-coturn-ssl-reload
state: absent
when: "not matrix_coturn_enabled or not matrix_coturn_tls_enabled"
when: "not matrix_coturn_enabled|bool or not matrix_coturn_tls_enabled|bool"
- name: Check existence of matrix-coturn service
stat:
path: "/etc/systemd/system/matrix-coturn.service"
register: matrix_coturn_service_stat
when: "not matrix_coturn_enabled"
when: "not matrix_coturn_enabled|bool"
- name: Ensure matrix-coturn is stopped
service:
@ -93,27 +94,27 @@
state: stopped
daemon_reload: yes
register: stopping_result
when: "not matrix_coturn_enabled and matrix_coturn_service_stat.stat.exists"
when: "not matrix_coturn_enabled|bool and matrix_coturn_service_stat.stat.exists"
- name: Ensure matrix-coturn.service doesn't exist
file:
path: "/etc/systemd/system/matrix-coturn.service"
state: absent
when: "not matrix_coturn_enabled and matrix_coturn_service_stat.stat.exists"
when: "not matrix_coturn_enabled|bool and matrix_coturn_service_stat.stat.exists"
- name: Ensure systemd reloaded after matrix-coturn.service removal
service:
daemon_reload: yes
when: "not matrix_coturn_enabled and matrix_coturn_service_stat.stat.exists"
when: "not matrix_coturn_enabled|bool and matrix_coturn_service_stat.stat.exists"
- name: Ensure Matrix coturn paths don't exist
file:
path: "{{ matrix_coturn_base_path }}"
state: absent
when: "not matrix_coturn_enabled"
when: "not matrix_coturn_enabled|bool"
- name: Ensure coturn Docker image doesn't exist
docker_image:
name: "{{ matrix_coturn_docker_image }}"
state: absent
when: "not matrix_coturn_enabled"
when: "not matrix_coturn_enabled|bool"

View File

@ -1,3 +1,3 @@
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-dimension'] }}"
when: "matrix_dimension_enabled"
when: matrix_dimension_enabled|bool

View File

@ -3,13 +3,13 @@
- always
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
when: run_setup
when: run_setup|bool
tags:
- setup-all
- setup-dimension
- import_tasks: "{{ role_path }}/tasks/setup_dimension.yml"
when: run_setup
when: run_setup|bool
tags:
- setup-all
- setup-dimension
- setup-dimension

View File

@ -11,7 +11,7 @@
mode: 0770
owner: "{{ matrix_user_username }}"
group: "{{ matrix_dimension_user_gid }}"
when: matrix_dimension_enabled
when: matrix_dimension_enabled|bool
- name: Ensure Dimension config installed
copy:
@ -20,12 +20,13 @@
mode: 0640
owner: "{{ matrix_user_username }}"
group: "{{ matrix_dimension_user_gid }}"
when: matrix_dimension_enabled
when: matrix_dimension_enabled|bool
- name: Ensure Dimension image is pulled
docker_image:
name: "{{ matrix_dimension_docker_image }}"
when: matrix_dimension_enabled
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
when: matrix_dimension_enabled|bool
- name: Ensure matrix-dimension.service installed
template:
@ -33,12 +34,12 @@
dest: "/etc/systemd/system/matrix-dimension.service"
mode: 0644
register: matrix_dimension_systemd_service_result
when: matrix_dimension_enabled
when: matrix_dimension_enabled|bool
- name: Ensure systemd reloaded after matrix-dimension.service installation
service:
daemon_reload: yes
when: "matrix_dimension_enabled and matrix_dimension_systemd_service_result.changed"
when: "matrix_dimension_enabled|bool and matrix_dimension_systemd_service_result.changed"
#
# Tasks related to getting rid of the dimension (if it was previously enabled)
@ -48,7 +49,7 @@
stat:
path: "/etc/systemd/system/matrix-dimension.service"
register: matrix_dimension_service_stat
when: not matrix_dimension_enabled
when: "not matrix_dimension_enabled|bool"
- name: Ensure matrix-dimension is stopped
service:
@ -56,27 +57,27 @@
state: stopped
daemon_reload: yes
register: stopping_result
when: "not matrix_dimension_enabled and matrix_dimension_service_stat.stat.exists"
when: "not matrix_dimension_enabled|bool and matrix_dimension_service_stat.stat.exists"
- name: Ensure matrix-dimension.service doesn't exist
file:
path: "/etc/systemd/system/matrix-dimension.service"
state: absent
when: "not matrix_dimension_enabled and matrix_dimension_service_stat.stat.exists"
when: "not matrix_dimension_enabled|bool and matrix_dimension_service_stat.stat.exists"
- name: Ensure systemd reloaded after matrix-dimension.service removal
service:
daemon_reload: yes
when: "not matrix_dimension_enabled and matrix_dimension_service_stat.stat.exists"
when: "not matrix_dimension_enabled|bool and matrix_dimension_service_stat.stat.exists"
- name: Ensure Dimension environment variables path doesn't exist
file:
path: "{{ matrix_dimension_base_path }}"
state: absent
when: "not matrix_dimension_enabled"
when: "not matrix_dimension_enabled|bool"
- name: Ensure Dimension Docker image doesn't exist
docker_image:
name: "{{ matrix_dimension_docker_image }}"
state: absent
when: "not matrix_dimension_enabled"
when: "not matrix_dimension_enabled|bool"

View File

@ -12,4 +12,4 @@
You need to enable Matrix Federation to use Dimension. Set `{{ item }}` to 'true'.
with_items:
- "matrix_synapse_federation_enabled"
when: "matrix_dimension_enabled and matrix_synapse_federation_enabled == false"
when: "matrix_dimension_enabled|bool and not matrix_synapse_federation_enabled|bool"

View File

@ -1,3 +1,3 @@
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mailer'] }}"
when: "matrix_mailer_enabled"
when: matrix_mailer_enabled|bool

View File

@ -3,7 +3,7 @@
- always
- import_tasks: "{{ role_path }}/tasks/setup_mailer.yml"
when: run_setup
when: run_setup|bool
tags:
- setup-all
- setup-mailer
- setup-mailer

View File

@ -11,19 +11,20 @@
mode: 0750
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_username }}"
when: matrix_mailer_enabled
when: matrix_mailer_enabled|bool
- name: Ensure mailer environment variables file created
template:
src: "{{ role_path }}/templates/env-mailer.j2"
dest: "{{ matrix_mailer_base_path }}/env-mailer"
mode: 0640
when: matrix_mailer_enabled
when: matrix_mailer_enabled|bool
- name: Ensure mailer image is pulled
docker_image:
name: "{{ matrix_mailer_docker_image }}"
when: matrix_mailer_enabled
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
when: matrix_mailer_enabled|bool
- name: Ensure matrix-mailer.service installed
template:
@ -31,12 +32,12 @@
dest: "/etc/systemd/system/matrix-mailer.service"
mode: 0644
register: matrix_mailer_systemd_service_result
when: matrix_mailer_enabled
when: matrix_mailer_enabled|bool
- name: Ensure systemd reloaded after matrix-mailer.service installation
service:
daemon_reload: yes
when: "matrix_mailer_enabled and matrix_mailer_systemd_service_result.changed"
when: "matrix_mailer_enabled|bool and matrix_mailer_systemd_service_result.changed"
#
# Tasks related to getting rid of the mailer (if it was previously enabled)
@ -46,7 +47,7 @@
stat:
path: "/etc/systemd/system/matrix-mailer.service"
register: matrix_mailer_service_stat
when: "not matrix_mailer_enabled"
when: "not matrix_mailer_enabled|bool"
- name: Ensure matrix-mailer is stopped
service:
@ -54,27 +55,27 @@
state: stopped
daemon_reload: yes
register: stopping_result
when: "not matrix_mailer_enabled and matrix_mailer_service_stat.stat.exists"
when: "not matrix_mailer_enabled|bool and matrix_mailer_service_stat.stat.exists"
- name: Ensure matrix-mailer.service doesn't exist
file:
path: "/etc/systemd/system/matrix-mailer.service"
state: absent
when: "not matrix_mailer_enabled and matrix_mailer_service_stat.stat.exists"
when: "not matrix_mailer_enabled|bool and matrix_mailer_service_stat.stat.exists"
- name: Ensure systemd reloaded after matrix-mailer.service removal
service:
daemon_reload: yes
when: "not matrix_mailer_enabled and matrix_mailer_service_stat.stat.exists"
when: "not matrix_mailer_enabled|bool and matrix_mailer_service_stat.stat.exists"
- name: Ensure Matrix mailer environment variables path doesn't exist
file:
path: "{{ matrix_mailer_base_path }}"
state: absent
when: "not matrix_mailer_enabled"
when: "not matrix_mailer_enabled|bool"
- name: Ensure mailer Docker image doesn't exist
docker_image:
name: "{{ matrix_mailer_docker_image }}"
state: absent
when: "not matrix_mailer_enabled"
when: "not matrix_mailer_enabled|bool"

View File

@ -1,3 +1,3 @@
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mxisd'] }}"
when: "matrix_mxisd_enabled"
when: matrix_mxisd_enabled|bool

View File

@ -3,7 +3,7 @@
- always
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
when: "run_setup and matrix_mxisd_enabled"
when: "run_setup|bool and matrix_mxisd_enabled|bool"
tags:
- setup-all
- setup-mxisd
@ -16,6 +16,6 @@
- import_tasks: "{{ role_path }}/tasks/self_check_mxisd.yml"
delegate_to: 127.0.0.1
become: false
when: "run_self_check and matrix_mxisd_enabled"
when: "run_self_check|bool and matrix_mxisd_enabled|bool"
tags:
- self-check

View File

@ -14,12 +14,13 @@
with_items:
- "{{ matrix_mxisd_config_path }}"
- "{{ matrix_mxisd_data_path }}"
when: matrix_mxisd_enabled
when: matrix_mxisd_enabled|bool
- name: Ensure mxisd image is pulled
docker_image:
name: "{{ matrix_mxisd_docker_image }}"
when: matrix_mxisd_enabled
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
when: matrix_mxisd_enabled|bool
- name: Ensure mxisd config installed
copy:
@ -28,7 +29,7 @@
mode: 0644
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_username }}"
when: matrix_mxisd_enabled
when: matrix_mxisd_enabled|bool
- name: Ensure custom templates are installed if any
copy:
@ -42,7 +43,7 @@
- {value: "{{ matrix_mxisd_threepid_medium_email_custom_session_validation_template }}", location: 'validate-template.eml'}
- {value: "{{ matrix_mxisd_threepid_medium_email_custom_unbind_fraudulent_template }}", location: 'unbind-fraudulent.eml'}
- {value: "{{ matrix_mxisd_threepid_medium_email_custom_matrixid_template }}", location: 'mxid-template.eml'}
when: matrix_mxisd_enabled and matrix_mxisd_threepid_medium_email_custom_templates_enabled and item.value
when: "matrix_mxisd_enabled|bool and matrix_mxisd_threepid_medium_email_custom_templates_enabled|bool and item.value"
- name: Ensure matrix-mxisd.service installed
template:
@ -50,12 +51,12 @@
dest: "/etc/systemd/system/matrix-mxisd.service"
mode: 0644
register: matrix_mxisd_systemd_service_result
when: matrix_mxisd_enabled
when: matrix_mxisd_enabled|bool
- name: Ensure systemd reloaded after matrix-mxisd.service installation
service:
daemon_reload: yes
when: "matrix_mxisd_enabled and matrix_mxisd_systemd_service_result.changed"
when: "matrix_mxisd_enabled|bool and matrix_mxisd_systemd_service_result.changed"
#
# Tasks related to getting rid of mxisd (if it was previously enabled)
@ -72,27 +73,27 @@
state: stopped
daemon_reload: yes
register: stopping_result
when: "not matrix_mxisd_enabled and matrix_mxisd_service_stat.stat.exists"
when: "not matrix_mxisd_enabled|bool and matrix_mxisd_service_stat.stat.exists"
- name: Ensure matrix-mxisd.service doesn't exist
file:
path: "/etc/systemd/system/matrix-mxisd.service"
state: absent
when: "not matrix_mxisd_enabled and matrix_mxisd_service_stat.stat.exists"
when: "not matrix_mxisd_enabled|bool and matrix_mxisd_service_stat.stat.exists"
- name: Ensure systemd reloaded after matrix-mxisd.service removal
service:
daemon_reload: yes
when: "not matrix_mxisd_enabled and matrix_mxisd_service_stat.stat.exists"
when: "not matrix_mxisd_enabled|bool and matrix_mxisd_service_stat.stat.exists"
- name: Ensure Matrix mxisd paths don't exist
file:
path: "{{ matrix_mxisd_base_path }}"
state: absent
when: "not matrix_mxisd_enabled"
when: "not matrix_mxisd_enabled|bool"
- name: Ensure mxisd Docker image doesn't exist
docker_image:
name: "{{ matrix_mxisd_docker_image }}"
state: absent
when: "not matrix_mxisd_enabled"
when: "not matrix_mxisd_enabled|bool"

View File

@ -1,3 +1,3 @@
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-nginx-proxy'] }}"
when: "matrix_nginx_proxy_enabled"
when: matrix_nginx_proxy_enabled|bool

View File

@ -6,20 +6,20 @@
# This role performs actions even if the role is disabled, so we need
# to ensure there's a valid configuration in any case.
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
when: run_setup
when: run_setup|bool
tags:
- setup-all
- setup-nginx-proxy
- import_tasks: "{{ role_path }}/tasks/ssl/main.yml"
when: run_setup
when: run_setup|bool
tags:
- setup-all
- setup-nginx-proxy
- setup-ssl
- import_tasks: "{{ role_path }}/tasks/setup_nginx_proxy.yml"
when: run_setup
when: run_setup|bool
tags:
- setup-all
- setup-nginx-proxy
@ -27,7 +27,7 @@
- import_tasks: "{{ role_path }}/tasks/self_check_well_known.yml"
delegate_to: 127.0.0.1
become: false
when: run_self_check
when: run_self_check|bool
tags:
- self-check

View File

@ -21,7 +21,7 @@
- name: Determine domains that we require certificates for (mxisd)
set_fact:
well_known_file_checks: "{{ well_known_file_checks + [well_known_file_check_matrix_server] }}"
when: "matrix_well_known_matrix_server_enabled"
when: matrix_well_known_matrix_server_enabled|bool
- name: Perform well-known checks
include_tasks: "{{ role_path }}/tasks/self_check_well_known_file.yml"

View File

@ -27,7 +27,7 @@
src: "{{ role_path }}/templates/nginx/nginx.conf.j2"
dest: "{{ matrix_nginx_proxy_base_path }}/nginx.conf"
mode: 0644
when: "matrix_nginx_proxy_enabled"
when: matrix_nginx_proxy_enabled|bool
- name: Ensure matrix-synapse-metrics-htpasswd is present (protecting /_synapse/metrics URI)
template:
@ -36,35 +36,35 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_username }}"
mode: 0400
when: "matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_enabled and matrix_nginx_proxy_proxy_synapse_metrics"
when: "matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_enabled|bool and matrix_nginx_proxy_proxy_synapse_metrics|bool"
- name: Ensure Matrix nginx-proxy configured (generic)
template:
src: "{{ role_path }}/templates/nginx/conf.d/nginx-http.conf.j2"
dest: "{{ matrix_nginx_proxy_confd_path }}/nginx-http.conf"
mode: 0644
when: "matrix_nginx_proxy_enabled"
when: matrix_nginx_proxy_enabled|bool
- name: Ensure Matrix nginx-proxy configuration for matrix domain exists
template:
src: "{{ role_path }}/templates/nginx/conf.d/matrix-synapse.conf.j2"
dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-synapse.conf"
mode: 0644
when: "matrix_nginx_proxy_proxy_matrix_enabled"
when: matrix_nginx_proxy_proxy_matrix_enabled|bool
- name: Ensure Matrix nginx-proxy configuration for riot domain exists
template:
src: "{{ role_path }}/templates/nginx/conf.d/matrix-riot-web.conf.j2"
dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-riot-web.conf"
mode: 0644
when: "matrix_nginx_proxy_proxy_riot_enabled"
when: matrix_nginx_proxy_proxy_riot_enabled|bool
- name: Ensure Matrix nginx-proxy configuration for dimension domain exists
template:
src: "{{ role_path }}/templates/nginx/conf.d/matrix-dimension.conf.j2"
dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-dimension.conf"
mode: 0644
when: "matrix_nginx_proxy_proxy_dimension_enabled"
when: matrix_nginx_proxy_proxy_dimension_enabled|bool
- name: Ensure Matrix nginx-proxy data directory for base domain exists
file:
@ -73,7 +73,7 @@
mode: 0750
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_username }}"
when: "matrix_nginx_proxy_base_domain_serving_enabled"
when: matrix_nginx_proxy_base_domain_serving_enabled|bool
- name: Ensure Matrix nginx-proxy homepage for base domain exists
copy:
@ -82,14 +82,14 @@
mode: 0644
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_username }}"
when: "matrix_nginx_proxy_base_domain_serving_enabled"
when: matrix_nginx_proxy_base_domain_serving_enabled|bool
- name: Ensure Matrix nginx-proxy configuration for base domain exists
template:
src: "{{ role_path }}/templates/nginx/conf.d/matrix-domain.conf.j2"
dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-domain.conf"
mode: 0644
when: "matrix_nginx_proxy_base_domain_serving_enabled"
when: matrix_nginx_proxy_base_domain_serving_enabled|bool
#
# Tasks related to setting up matrix-nginx-proxy
@ -97,7 +97,8 @@
- name: Ensure nginx Docker image is pulled
docker_image:
name: "{{ matrix_nginx_proxy_docker_image }}"
when: matrix_nginx_proxy_enabled
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
when: matrix_nginx_proxy_enabled|bool
- name: Ensure matrix-nginx-proxy.service installed
template:
@ -105,7 +106,7 @@
dest: "/etc/systemd/system/matrix-nginx-proxy.service"
mode: 0644
register: matrix_nginx_proxy_systemd_service_result
when: matrix_nginx_proxy_enabled
when: matrix_nginx_proxy_enabled|bool
- name: Ensure systemd reloaded after matrix-nginx-proxy.service installation
service:
@ -121,7 +122,7 @@
stat:
path: "/etc/systemd/system/matrix-nginx-proxy.service"
register: matrix_nginx_proxy_service_stat
when: "not matrix_nginx_proxy_enabled"
when: "not matrix_nginx_proxy_enabled|bool"
- name: Ensure matrix-nginx-proxy is stopped
service:
@ -129,57 +130,57 @@
state: stopped
daemon_reload: yes
register: stopping_result
when: "not matrix_nginx_proxy_enabled and matrix_nginx_proxy_service_stat.stat.exists"
when: "not matrix_nginx_proxy_enabled|bool and matrix_nginx_proxy_service_stat.stat.exists"
- name: Ensure matrix-nginx-proxy.service doesn't exist
file:
path: "/etc/systemd/system/matrix-nginx-proxy.service"
state: absent
when: "not matrix_nginx_proxy_enabled and matrix_nginx_proxy_service_stat.stat.exists"
when: "not matrix_nginx_proxy_enabled|bool and matrix_nginx_proxy_service_stat.stat.exists"
- name: Ensure systemd reloaded after matrix-nginx-proxy.service removal
service:
daemon_reload: yes
when: "not matrix_nginx_proxy_enabled and matrix_nginx_proxy_service_stat.stat.exists"
when: "not matrix_nginx_proxy_enabled|bool and matrix_nginx_proxy_service_stat.stat.exists"
- name: Ensure Matrix nginx-proxy configuration for matrix domain deleted
file:
path: "{{ matrix_nginx_proxy_confd_path }}/matrix-synapse.conf"
state: absent
when: "not matrix_nginx_proxy_proxy_matrix_enabled"
when: "not matrix_nginx_proxy_proxy_matrix_enabled|bool"
- name: Ensure Matrix nginx-proxy configuration for riot domain deleted
file:
path: "{{ matrix_nginx_proxy_confd_path }}/matrix-riot-web.conf"
state: absent
when: "not matrix_nginx_proxy_proxy_riot_enabled"
when: "not matrix_nginx_proxy_proxy_riot_enabled|bool"
- name: Ensure Matrix nginx-proxy configuration for dimension domain deleted
file:
path: "{{ matrix_nginx_proxy_confd_path }}/matrix-dimension.conf"
state: absent
when: "not matrix_nginx_proxy_proxy_dimension_enabled"
when: "not matrix_nginx_proxy_proxy_dimension_enabled|bool"
- name: Ensure Matrix nginx-proxy homepage for base domain deleted
file:
path: "{{ matrix_nginx_proxy_data_path }}/matrix-domain/index.html"
state: absent
when: "not matrix_nginx_proxy_base_domain_serving_enabled"
when: "not matrix_nginx_proxy_base_domain_serving_enabled|bool"
- name: Ensure Matrix nginx-proxy configuration for base domain deleted
file:
path: "{{ matrix_nginx_proxy_confd_path }}/matrix-domain.conf"
state: absent
when: "not matrix_nginx_proxy_base_domain_serving_enabled"
when: "not matrix_nginx_proxy_base_domain_serving_enabled|bool"
- name: Ensure Matrix nginx-proxy configuration for main config override deleted
file:
path: "{{ matrix_nginx_proxy_base_path }}/nginx.conf"
state: absent
when: "not matrix_nginx_proxy_enabled"
when: "not matrix_nginx_proxy_enabled|bool"
- name: Ensure Matrix nginx-proxy htpasswd is deleted (protecting /_synapse/metrics URI)
file:
path: "{{ matrix_nginx_proxy_data_path }}/matrix-synapse-metrics-htpasswd"
state: absent
when: "not matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_enabled or not matrix_nginx_proxy_proxy_synapse_metrics"
when: "not matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_enabled|bool or not matrix_nginx_proxy_proxy_synapse_metrics|bool"

View File

@ -36,6 +36,7 @@
- name: Ensure certbot Docker image is pulled
docker_image:
name: "{{ matrix_ssl_lets_encrypt_certbot_docker_image }}"
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
when: "matrix_ssl_retrieval_method == 'lets-encrypt'"
- name: Obtain Let's Encrypt certificates
@ -67,8 +68,8 @@
cron_file: matrix-ssl-lets-encrypt
name: matrix-ssl-lets-encrypt-certificates-renew
state: present
hour: 4
minute: 15
hour: "4"
minute: "15"
day: "*"
job: /usr/local/bin/matrix-ssl-lets-encrypt-certificates-renew
@ -78,11 +79,11 @@
cron_file: matrix-ssl-lets-encrypt
name: matrix-nginx-proxy-reload
state: present
hour: 5
minute: 20
hour: "5"
minute: "20"
day: "*"
job: /bin/systemctl reload matrix-nginx-proxy.service
when: matrix_nginx_proxy_enabled
when: matrix_nginx_proxy_enabled|bool
when: "matrix_ssl_retrieval_method == 'lets-encrypt'"
@ -98,7 +99,7 @@
cron_file: matrix-ssl-lets-encrypt
name: matrix-nginx-proxy-reload
state: absent
when: "not matrix_nginx_proxy_enabled"
when: "not matrix_nginx_proxy_enabled|bool"
# When Let's Encrypt is not used at all, remove all cronjobs in that cron file.
- name: Ensure matrix-ssl-lets-encrypt-renew cronjob removed

View File

@ -35,7 +35,7 @@
--agree-tos
--email={{ matrix_ssl_lets_encrypt_support_email }}
-d {{ domain_name }}
when: "domain_name_needs_cert"
when: domain_name_needs_cert|bool
register: result_certbot_direct
ignore_errors: true

View File

@ -5,7 +5,7 @@
- name: Fail if Postgres not enabled
fail:
msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot import."
when: "not matrix_postgres_enabled"
when: "not matrix_postgres_enabled|bool"
- name: Fail if playbook called incorrectly
fail:
@ -20,7 +20,7 @@
- name: Fail if provided Postgres dump file doesn't exists
fail:
msg: "File cannot be found on the server at {{ server_path_postgres_dump }}"
when: not result_server_path_postgres_dump_stat.stat.exists
when: "not result_server_path_postgres_dump_stat.stat.exists"
# Defaults
@ -54,7 +54,7 @@
- name: Abort, if no existing Postgres version detected
fail:
msg: "Could not find existing Postgres installation"
when: "not matrix_postgres_detected_existing"
when: "not matrix_postgres_detected_existing|bool"
- name: Generate Postgres database import command
set_fact:

View File

@ -5,7 +5,7 @@
- name: Fail if Postgres not enabled
fail:
msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot import."
when: "not matrix_postgres_enabled"
when: "not matrix_postgres_enabled|bool"
- name: Fail if playbook called incorrectly
fail:
@ -20,7 +20,7 @@
- name: Fail if provided SQLite homeserver.db file doesn't exist
fail:
msg: "File cannot be found on the server at {{ server_path_homeserver_db }}"
when: not result_server_path_homeserver_db_stat.stat.exists
when: "not result_server_path_homeserver_db_stat.stat.exists"
# Defaults

View File

@ -1,3 +1,3 @@
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-postgres'] }}"
when: matrix_postgres_enabled
when: matrix_postgres_enabled|bool

View File

@ -3,28 +3,28 @@
- always
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
when: "run_setup and matrix_postgres_enabled"
when: "run_setup|bool and matrix_postgres_enabled|bool"
tags:
- setup-all
- setup-postgres
- import_tasks: "{{ role_path }}/tasks/setup_postgres.yml"
when: run_setup
when: run_setup|bool
tags:
- setup-all
- setup-postgres
- import_tasks: "{{ role_path }}/tasks/import_postgres.yml"
when: run_import_postgres
when: run_import_postgres|bool
tags:
- import-postgres
- import_tasks: "{{ role_path }}/tasks/import_sqlite_db.yml"
when: run_import_sqlite_db
when: run_import_sqlite_db|bool
tags:
- import-sqlite-db
- import_tasks: "{{ role_path }}/tasks/upgrade_postgres.yml"
when: run_upgrade_postgres
when: run_upgrade_postgres|bool
tags:
- upgrade-postgres

View File

@ -5,10 +5,10 @@
#
- import_tasks: "{{ role_path }}/tasks/migrate_postgres_data_directory.yml"
when: matrix_postgres_enabled
when: matrix_postgres_enabled|bool
- import_tasks: "{{ role_path }}/tasks/util/detect_existing_postgres_version.yml"
when: matrix_postgres_enabled
when: matrix_postgres_enabled|bool
# If we have found an existing version (installed from before), we use its corresponding Docker image.
# If not, we install using the latest Postgres.
@ -16,18 +16,19 @@
# Upgrading is supposed to be performed separately and explicitly (see `upgrade_postgres.yml`).
- set_fact:
matrix_postgres_docker_image_to_use: "{{ matrix_postgres_docker_image_latest if matrix_postgres_detected_version_corresponding_docker_image == '' else matrix_postgres_detected_version_corresponding_docker_image }}"
when: matrix_postgres_enabled
when: matrix_postgres_enabled|bool
- name: Warn if on an old version of Postgres
debug:
msg: "NOTE: Your setup is on an old Postgres version ({{ matrix_postgres_docker_image_to_use }}), while {{ matrix_postgres_docker_image_latest }} is supported. You can upgrade using --tags=upgrade-postgres"
when: "matrix_postgres_enabled and matrix_postgres_docker_image_to_use != matrix_postgres_docker_image_latest"
when: "matrix_postgres_enabled|bool and matrix_postgres_docker_image_to_use != matrix_postgres_docker_image_latest"
# Even if we don't run the internal server, we still need this for running the CLI
- name: Ensure postgres Docker image is pulled
docker_image:
name: "{{ matrix_postgres_docker_image_to_use }}"
when: matrix_postgres_enabled
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
when: matrix_postgres_enabled|bool
# We always create these directories, even if an external Postgres is used,
# because we store environment variable files there.
@ -41,7 +42,7 @@
with_items:
- "{{ matrix_postgres_base_path }}"
- "{{ matrix_postgres_data_path }}"
when: matrix_postgres_enabled
when: matrix_postgres_enabled|bool
- name: Ensure Postgres environment variables file created
template:
@ -51,21 +52,21 @@
with_items:
- "env-postgres-psql"
- "env-postgres-server"
when: matrix_postgres_enabled
when: matrix_postgres_enabled|bool
- name: Ensure matrix-postgres-cli script created
template:
src: "{{ role_path }}/templates/usr-local-bin/matrix-postgres-cli.j2"
dest: "/usr/local/bin/matrix-postgres-cli"
mode: 0750
when: matrix_postgres_enabled
when: matrix_postgres_enabled|bool
- name: Ensure matrix-make-user-admin script created
template:
src: "{{ role_path }}/templates/usr-local-bin/matrix-make-user-admin.j2"
dest: "/usr/local/bin/matrix-make-user-admin"
mode: 0750
when: matrix_postgres_enabled
when: matrix_postgres_enabled|bool
#
# Tasks related to setting up an internal postgres server
@ -77,12 +78,12 @@
dest: "/etc/systemd/system/matrix-postgres.service"
mode: 0644
register: matrix_postgres_systemd_service_result
when: matrix_postgres_enabled
when: matrix_postgres_enabled|bool
- name: Ensure systemd reloaded after matrix-postgres.service installation
service:
daemon_reload: yes
when: "matrix_postgres_enabled and matrix_postgres_systemd_service_result.changed"
when: "matrix_postgres_enabled|bool and matrix_postgres_systemd_service_result.changed"
#
# Tasks related to getting rid of the internal postgres server (if it was previously enabled)
@ -92,41 +93,41 @@
stat:
path: "/etc/systemd/system/matrix-postgres.service"
register: matrix_postgres_service_stat
when: "not matrix_postgres_enabled"
when: "not matrix_postgres_enabled|bool"
- name: Ensure matrix-postgres is stopped
service:
name: matrix-postgres
state: stopped
daemon_reload: yes
when: "not matrix_postgres_enabled and matrix_postgres_service_stat.stat.exists"
when: "not matrix_postgres_enabled|bool and matrix_postgres_service_stat.stat.exists"
- name: Ensure matrix-postgres.service doesn't exist
file:
path: "/etc/systemd/system/matrix-postgres.service"
state: absent
when: "not matrix_postgres_enabled and matrix_postgres_service_stat.stat.exists"
when: "not matrix_postgres_enabled|bool and matrix_postgres_service_stat.stat.exists"
- name: Ensure systemd reloaded after matrix-postgres.service removal
service:
daemon_reload: yes
when: "not matrix_postgres_enabled and matrix_postgres_service_stat.stat.exists"
when: "not matrix_postgres_enabled|bool and matrix_postgres_service_stat.stat.exists"
- name: Check existence of matrix-postgres local data path
stat:
path: "{{ matrix_postgres_data_path }}"
register: matrix_postgres_data_path_stat
when: "not matrix_postgres_enabled"
when: "not matrix_postgres_enabled|bool"
# We just want to notify the user. Deleting data is too destructive.
- name: Notify if matrix-postgres local data remains
debug:
msg: "Note: You are not using a local PostgreSQL database, but some old data remains from before in `{{ matrix_postgres_data_path }}`. Feel free to delete it."
when: "not matrix_postgres_enabled and matrix_postgres_data_path_stat.stat.exists"
when: "not matrix_postgres_enabled|bool and matrix_postgres_data_path_stat.stat.exists"
- name: Ensure matrix-postgres-update-user-password-hash script created
template:
src: "{{ role_path }}/templates/usr-local-bin/matrix-postgres-update-user-password-hash.j2"
dest: "/usr/local/bin/matrix-postgres-update-user-password-hash"
mode: 0750
when: matrix_postgres_enabled
when: matrix_postgres_enabled|bool

View File

@ -23,7 +23,7 @@
- name: Fail, if trying to upgrade external Postgres database
fail:
msg: "Your configuration indicates that you're not using Postgres from this role. There is nothing to upgrade."
when: "not matrix_postgres_enabled"
when: "not matrix_postgres_enabled|bool"
- name: Check Postgres auto-upgrade backup data directory
stat:
@ -40,7 +40,7 @@
- name: Abort, if no existing Postgres version detected
fail:
msg: "Could not find existing Postgres installation"
when: "not matrix_postgres_detected_existing"
when: "not matrix_postgres_detected_existing|bool"
- name: Abort, if already at latest Postgres version
fail:

View File

@ -23,12 +23,12 @@
slurp:
src: "{{ matrix_postgres_detection_pg_version_path }}"
register: result_pg_version
when: "matrix_postgres_detected_existing"
when: matrix_postgres_detected_existing|bool
- name: Determine existing Postgres version (make sense of PG_VERSION file)
set_fact:
matrix_postgres_detected_version: "{{ result_pg_version['content']|b64decode|replace('\n', '') }}"
when: "matrix_postgres_detected_existing"
when: matrix_postgres_detected_existing|bool
- name: Determine corresponding Docker image to detected version (assume default of latest)
set_fact:
@ -43,4 +43,4 @@
- name: Determine corresponding Docker image to detected version (use 10.x, if detected)
set_fact:
matrix_postgres_detected_version_corresponding_docker_image: "{{ matrix_postgres_docker_image_v10 }}"
when: "matrix_postgres_detected_version == '10' or matrix_postgres_detected_version.startswith('10.')"
when: "matrix_postgres_detected_version == '10' or matrix_postgres_detected_version.startswith('10.')"

View File

@ -1,3 +1,3 @@
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-riot-web'] }}"
when: matrix_riot_web_enabled
when: matrix_riot_web_enabled|bool

View File

@ -3,13 +3,13 @@
- always
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
when: "run_setup and matrix_riot_web_enabled"
when: "run_setup|bool and matrix_riot_web_enabled|bool"
tags:
- setup-all
- setup-riot-web
- import_tasks: "{{ role_path }}/tasks/setup_riot_web.yml"
when: run_setup
when: run_setup|bool
tags:
- setup-all
- setup-riot-web
@ -17,6 +17,6 @@
- import_tasks: "{{ role_path }}/tasks/self_check_riot_web.yml"
delegate_to: 127.0.0.1
become: false
when: "run_self_check and matrix_riot_web_enabled"
when: "run_self_check|bool and matrix_riot_web_enabled|bool"
tags:
- self-check
- self-check

View File

@ -11,12 +11,13 @@
mode: 0750
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_username }}"
when: matrix_riot_web_enabled
when: matrix_riot_web_enabled|bool
- name: Ensure riot-web Docker image is pulled
docker_image:
name: "{{ matrix_riot_web_docker_image }}"
when: matrix_riot_web_enabled
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
when: matrix_riot_web_enabled|bool
- name: Ensure Matrix riot-web config files installed
template:
@ -30,7 +31,7 @@
- {src: "{{ role_path }}/templates/nginx.conf.j2", name: "nginx.conf"}
- {src: "{{ role_path }}/templates/welcome.html.j2", name: "welcome.html"}
- {src: "{{ matrix_riot_web_embedded_pages_home_path }}", name: "home.html"}
when: "matrix_riot_web_enabled and item.src is not none"
when: "matrix_riot_web_enabled|bool and item.src is not none"
- name: Ensure Matrix riot-web config files removed
file:
@ -38,7 +39,7 @@
state: absent
with_items:
- {src: "{{ matrix_riot_web_embedded_pages_home_path }}", name: "home.html"}
when: "matrix_riot_web_enabled and item.src is none"
when: "matrix_riot_web_enabled|bool and item.src is none"
- name: Ensure matrix-riot-web.service installed
template:
@ -46,7 +47,7 @@
dest: "/etc/systemd/system/matrix-riot-web.service"
mode: 0644
register: matrix_riot_web_systemd_service_result
when: matrix_riot_web_enabled
when: matrix_riot_web_enabled|bool
- name: Ensure systemd reloaded after matrix-riot-web.service installation
service:
@ -61,7 +62,7 @@
stat:
path: "/etc/systemd/system/matrix-riot-web.service"
register: matrix_riot_web_service_stat
when: "not matrix_riot_web_enabled"
when: "not matrix_riot_web_enabled|bool"
- name: Ensure matrix-riot-web is stopped
service:
@ -69,27 +70,27 @@
state: stopped
daemon_reload: yes
register: stopping_result
when: "not matrix_riot_web_enabled and matrix_riot_web_service_stat.stat.exists"
when: "not matrix_riot_web_enabled|bool and matrix_riot_web_service_stat.stat.exists"
- name: Ensure matrix-riot-web.service doesn't exist
file:
path: "/etc/systemd/system/matrix-riot-web.service"
state: absent
when: "not matrix_riot_web_enabled and matrix_riot_web_service_stat.stat.exists"
when: "not matrix_riot_web_enabled|bool and matrix_riot_web_service_stat.stat.exists"
- name: Ensure systemd reloaded after matrix-riot-web.service removal
service:
daemon_reload: yes
when: "not matrix_riot_web_enabled and matrix_riot_web_service_stat.stat.exists"
when: "not matrix_riot_web_enabled|bool and matrix_riot_web_service_stat.stat.exists"
- name: Ensure Matrix riot-web paths doesn't exist
file:
path: "{{ matrix_riot_web_data_path }}"
state: absent
when: "not matrix_riot_web_enabled"
when: "not matrix_riot_web_enabled|bool"
- name: Ensure riot-web Docker image doesn't exist
docker_image:
name: "{{ matrix_riot_web_docker_image }}"
state: absent
when: "not matrix_riot_web_enabled"
when: "not matrix_riot_web_enabled|bool"

View File

@ -1,11 +1,10 @@
- set_fact:
matrix_synapse_password_providers_enabled: true
when: "matrix_synapse_ext_password_provider_ldap_enabled"
when: matrix_synapse_ext_password_provider_ldap_enabled|bool
- set_fact:
matrix_synapse_additional_loggers: >
{{ matrix_synapse_additional_loggers }}
+
{{ [{'name': 'ldap_auth_provider', 'level': 'INFO'}] }}
when: "matrix_synapse_ext_password_provider_ldap_enabled"
when: matrix_synapse_ext_password_provider_ldap_enabled|bool

View File

@ -1,7 +1,7 @@
---
- import_tasks: "{{ role_path }}/tasks/ext/rest-auth/setup_install.yml"
when: matrix_synapse_ext_password_provider_rest_auth_enabled
when: matrix_synapse_ext_password_provider_rest_auth_enabled|bool
- import_tasks: "{{ role_path }}/tasks/ext/rest-auth/setup_uninstall.yml"
when: "not matrix_synapse_ext_password_provider_rest_auth_enabled"
when: "not matrix_synapse_ext_password_provider_rest_auth_enabled|bool"

View File

@ -1,7 +1,7 @@
---
- import_tasks: "{{ role_path }}/tasks/ext/shared-secret-auth/setup_install.yml"
when: matrix_synapse_ext_password_provider_shared_secret_auth_enabled
when: matrix_synapse_ext_password_provider_shared_secret_auth_enabled|bool
- import_tasks: "{{ role_path }}/tasks/ext/shared-secret-auth/setup_uninstall.yml"
when: "not matrix_synapse_ext_password_provider_shared_secret_auth_enabled"
when: "not matrix_synapse_ext_password_provider_shared_secret_auth_enabled|bool"

View File

@ -1,7 +1,7 @@
---
- import_tasks: "{{ role_path }}/tasks/goofys/setup_install.yml"
when: matrix_s3_media_store_enabled
when: matrix_s3_media_store_enabled|bool
- import_tasks: "{{ role_path }}/tasks/goofys/setup_uninstall.yml"
when: "not matrix_s3_media_store_enabled"
when: "not matrix_s3_media_store_enabled|bool"

View File

@ -1,6 +1,7 @@
- name: Ensure Goofys Docker image is pulled
docker_image:
name: "{{ matrix_s3_goofys_docker_image }}"
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
# This will throw a Permission Denied error if already mounted
- name: Check Matrix Goofys external storage mountpoint path

View File

@ -10,7 +10,7 @@
- name: Fail if media store is on Amazon S3
fail:
msg: "Your media store is on Amazon S3. Due to technical limitations, restoring is not supported."
when: "matrix_s3_media_store_enabled"
when: matrix_s3_media_store_enabled|bool
- name: Check if the provided media store directory exists
stat:
@ -68,7 +68,7 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_username }}"
recurse: yes
when: "not matrix_s3_media_store_enabled"
when: "not matrix_s3_media_store_enabled|bool"
# We don't chown for Goofys, because due to the way it's mounted,
# all files become owned by whoever needs to own them.
@ -78,6 +78,6 @@
name: "{{ item }}"
state: started
daemon_reload: yes
when: stopping_result.changed
when: "stopping_result.changed"
with_items:
- matrix-synapse

View File

@ -1,7 +1,7 @@
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-synapse'] }}"
when: matrix_synapse_enabled
when: matrix_synapse_enabled|bool
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-goofys'] }}"
when: matrix_s3_media_store_enabled
when: matrix_s3_media_store_enabled|bool

View File

@ -3,43 +3,43 @@
- always
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
when: run_setup
when: run_setup|bool
tags:
- setup-all
- setup-synapse
- import_tasks: "{{ role_path }}/tasks/setup_synapse.yml"
when: run_setup
when: run_setup|bool
tags:
- setup-all
- setup-synapse
- import_tasks: "{{ role_path }}/tasks/import_media_store.yml"
when: run_import_media_store
when: run_import_media_store|bool
tags:
- import-media-store
- import_tasks: "{{ role_path }}/tasks/register_user.yml"
when: run_register_user
when: run_register_user|bool
tags:
- register-user
- import_tasks: "{{ role_path }}/tasks/self_check_client_api.yml"
delegate_to: 127.0.0.1
become: false
when: run_self_check
when: run_self_check|bool
tags:
- self-check
- import_tasks: "{{ role_path }}/tasks/self_check_federation_api.yml"
delegate_to: 127.0.0.1
become: false
when: run_self_check
when: run_self_check|bool
tags:
- self-check
- import_tasks: "{{ role_path }}/tasks/update_user_password.yml"
when: run_update_user_password
when: run_update_user_password|bool
tags:
- update-user-password

View File

@ -25,7 +25,7 @@
- name: Wait a while, so that Synapse can manage to start
pause:
seconds: 7
when: start_result.changed
when: "start_result.changed"
- name: Register user
shell: "/usr/local/bin/matrix-synapse-register-user {{ username }} {{ password }} {{ '1' if admin == 'yes' else '0' }}"

View File

@ -7,14 +7,14 @@
validate_certs: "{{ matrix_synapse_self_check_validate_certificates }}"
register: result_matrix_synapse_client_api
ignore_errors: true
when: matrix_synapse_enabled
when: matrix_synapse_enabled|bool
- name: Fail if Matrix Client API not working
fail:
msg: "Failed checking Matrix Client API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_client_api_url_endpoint_public }}`). Is Synapse running? Is port 443 open in your firewall? Full error: {{ result_matrix_synapse_client_api }}"
when: "matrix_synapse_enabled and (result_matrix_synapse_client_api.failed or 'json' not in result_matrix_synapse_client_api)"
when: "matrix_synapse_enabled|bool and (result_matrix_synapse_client_api.failed or 'json' not in result_matrix_synapse_client_api)"
- name: Report working Matrix Client API
debug:
msg: "The Matrix Client API at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_client_api_url_endpoint_public }}`) is working"
when: matrix_synapse_enabled
when: matrix_synapse_enabled|bool

View File

@ -7,19 +7,19 @@
validate_certs: "{{ matrix_synapse_self_check_validate_certificates }}"
register: result_matrix_synapse_federation_api
ignore_errors: true
when: matrix_synapse_enabled
when: matrix_synapse_enabled|bool
- name: Fail if Matrix Federation API not working
fail:
msg: "Failed checking Matrix Federation API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`). Is Synapse running? Is port 8448 open in your firewall? Full error: {{ result_matrix_synapse_federation_api }}"
when: "matrix_synapse_enabled and matrix_synapse_federation_enabled and (result_matrix_synapse_federation_api.failed or 'json' not in result_matrix_synapse_federation_api)"
when: "matrix_synapse_enabled|bool and matrix_synapse_federation_enabled|bool and (result_matrix_synapse_federation_api.failed or 'json' not in result_matrix_synapse_federation_api)"
- name: Fail if Matrix Federation API unexpectedly enabled
fail:
msg: "Matrix Federation API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`) despite being disabled."
when: "matrix_synapse_enabled and not matrix_synapse_federation_enabled and not result_matrix_synapse_federation_api.failed"
when: "matrix_synapse_enabled|bool and not matrix_synapse_federation_enabled|bool and not result_matrix_synapse_federation_api.failed"
- name: Report working Matrix Federation API
debug:
msg: "The Matrix Federation API at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`) is working"
when: "matrix_synapse_enabled and matrix_synapse_federation_enabled"
when: "matrix_synapse_enabled|bool and matrix_synapse_federation_enabled|bool"

View File

@ -18,7 +18,7 @@
# We handle matrix_synapse_media_store_path elsewhere (in ./synapse/setup_install.yml),
# because if it's using Goofys and it's already mounted (from before),
# trying to chown/chmod it here will cause trouble.
when: "matrix_synapse_enabled or matrix_s3_media_store_enabled"
when: "matrix_synapse_enabled|bool or matrix_s3_media_store_enabled|bool"
- import_tasks: "{{ role_path }}/tasks/ext/setup.yml"

View File

@ -1,7 +1,7 @@
---
- import_tasks: "{{ role_path }}/tasks/synapse/setup_install.yml"
when: matrix_synapse_enabled
when: matrix_synapse_enabled|bool
- import_tasks: "{{ role_path }}/tasks/synapse/setup_uninstall.yml"
when: "not matrix_synapse_enabled"
when: "not matrix_synapse_enabled|bool"

View File

@ -21,6 +21,7 @@
- name: Ensure Synapse Docker image is pulled
docker_image:
name: "{{ matrix_synapse_docker_image }}"
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
- name: Check if a Synapse signing key exists
stat:
@ -71,11 +72,10 @@
- name: Ensure systemd reloaded after matrix-synapse.service installation
service:
daemon_reload: yes
when: matrix_synapse_systemd_service_result.changed
when: "matrix_synapse_systemd_service_result.changed"
- name: Ensure matrix-synapse-register-user script created
template:
src: "{{ role_path }}/templates/synapse/usr-local-bin/matrix-synapse-register-user.j2"
dest: "/usr/local/bin/matrix-synapse-register-user"
mode: 0750

View File

@ -13,7 +13,7 @@
- name: Fail if not using matrix-postgres container
fail:
msg: "This command is working only when matrix-postgres container is being used"
when: "not matrix_postgres_enabled"
when: "not matrix_postgres_enabled|bool"
- name: Ensure matrix-synapse is started
service:
@ -33,12 +33,12 @@
- name: Wait a while, so that Matrix Synapse can manage to start
pause:
seconds: 7
when: start_result.changed
when: "start_result.changed"
- name: Wait a while, so that Matrix Postgres can manage to start
pause:
seconds: 7
when: postgres_start_result.changed
when: "postgres_start_result.changed"
- name: Generate password hash
shell: "/usr/bin/docker exec matrix-synapse /usr/local/bin/hash_password -c /data/homeserver.yaml -p {{ password }}"

View File

@ -1,6 +1,6 @@
---
- name: "Set up a Matrix server"
hosts: "{{ target if target is defined else 'matrix-servers' }}"
hosts: "{{ target if target is defined else 'matrix_servers' }}"
become: true
roles: