initial PR

roles/matrix-awx/tasks/set_variables_ma1sd.yml

@@ -0,0 +1,130 @@
+
+- name: Record ma1sd variables locally on AWX
+  delegate_to: 127.0.0.1
+  lineinfile:
+    path: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
+    regexp: "^#? *{{ item.key | regex_escape() }}:"
+    line: "{{ item.key }}: {{ item.value }}"
+    insertafter: '# ma1sd Settings'
+  with_dict:
+    'matrix_ma1sd_enabled': '{{ matrix_ma1sd_enabled }}'
+
+- name: Disable REST auth (matrix-corporal/ma1sd) if using internal auth
+  delegate_to: 127.0.0.1
+  lineinfile:
+    path: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
+    regexp: "^#? *{{ item.key | regex_escape() }}:"
+    line: "{{ item.key }}: {{ item.value }}"
+    insertafter: '# Synapse Extension'
+  with_dict:
+    'matrix_synapse_ext_password_provider_rest_auth_enabled': 'false'
+  when: ext_matrix_ma1sd_auth_store == 'Synapse Internal'
+
+- name: Enable REST auth if using external LDAP/AD with ma1sd
+  delegate_to: 127.0.0.1
+  lineinfile:
+    path: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
+    regexp: "^#? *{{ item.key | regex_escape() }}:"
+    line: "{{ item.key }}: {{ item.value }}"
+    insertafter: '# Synapse Extension'
+  with_dict:
+    'matrix_synapse_ext_password_provider_rest_auth_enabled': 'true'
+    'matrix_synapse_ext_password_provider_rest_auth_endpoint': 'http://matrix-ma1sd:8090'
+  when: ext_matrix_ma1sd_auth_store == 'LDAP/AD'
+
+- name: Strip header from ma1sd configuration extension if using internal auth
+  set_fact:
+    ext_matrix_ma1sd_configuration_extension_yaml_parsed: "{{ ext_matrix_ma1sd_configuration_extension_yaml.splitlines() | reject('search', '^matrix_client_element_configuration_extension_json:') | list }}"
+  when: ext_matrix_ma1sd_auth_store == 'LDAP/AD'
+
+- name: Remove entire ma1sd configuration extension
+  delegate_to: 127.0.0.1
+  replace:
+    path: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
+    regexp: '^.*\n'
+    after: '# Start ma1sd Extension'
+    before: '# End ma1sd Extension'
+    
+- name: Replace conjoined ma1sd configuration extension limiters
+  delegate_to: 127.0.0.1
+  replace:
+    path: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
+    regexp: '^# Start ma1sd Extension# End ma1sd Extension'
+    replace: '# Start ma1sd Extension\n# End ma1sd Extension'
+  
+- name: Insert ma1sd configuration extension header if using external LDAP/AD with ma1sd
+  delegate_to: 127.0.0.1
+  lineinfile:
+    path: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
+    line: "matrix_ma1sd_configuration_extension_yaml: |"
+    insertafter: '# Start ma1sd Extension'
+  when: ext_matrix_ma1sd_auth_store == 'LDAP/AD'
+
+- name: Set ma1sd configuration extension if using external LDAP/AD with ma1sd
+  delegate_to: 127.0.0.1
+  lineinfile:
+    path: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
+    insertbefore: '# End ma1sd Extension'
+    line: '{{ item }}'
+  with_items: "{{ ext_matrix_ma1sd_configuration_extension_yaml_parsed }}"
+  when: ext_matrix_ma1sd_auth_store == 'LDAP/AD'
+
+- name: Record ma1sd Custom variables locally on AWX
+  delegate_to: 127.0.0.1
+  lineinfile:
+    path: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
+    regexp: "^#? *{{ item.key | regex_escape() }}:"
+    line: "{{ item.key }}: {{ item.value }}"
+    insertbefore: '# Custom Settings'
+  with_dict:
+    'ext_matrix_ma1sd_auth_store': '{{ ext_matrix_ma1sd_auth_store }}'
+    'ext_matrix_ma1sd_configuration_extension_yaml': '{{ ext_matrix_ma1sd_configuration_extension_yaml.splitlines() | to_json }}'
+
+- name: Copy new 'matrix_vars.yml' to target machine
+  copy:
+    src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
+    dest: '/matrix/awx/matrix_vars.yml'
+    mode: '0660'
+
+- name: Save new 'Configure ma1sd' survey.json to the AWX tower, template
+  delegate_to: 127.0.0.1
+  template:
+    src: 'roles/matrix-awx/surveys/configure_ma1sd.json.j2'
+    dest: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_ma1sd.json'
+
+- name: Copy new 'Configure ma1sd' survey.json to target machine
+  copy:
+    src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_ma1sd.json'
+    dest:  '/matrix/awx/configure_ma1sd.json'
+    mode: '0660'
+
+- name: Collect AWX admin token the hard way!
+  delegate_to: 127.0.0.1
+  shell: |
+      curl -sku {{ tower_username }}:{{ tower_password }} -H "Content-Type: application/json" -X POST -d '{"description":"Tower CLI", "application":null, "scope":"write"}' https://{{ tower_host }}/api/v2/users/1/personal_tokens/ | jq '.token' | sed -r 's/\"//g'
+  register: tower_token
+  no_log: True
+
+- name: Recreate 'Configure ma1sd (Advanced)' job template
+  delegate_to: 127.0.0.1
+  awx.awx.tower_job_template:
+    name: "{{ matrix_domain }} - 1 - Configure ma1sd (Advanced)"
+    description: "Configure Jitsi conferencing settings."
+    extra_vars: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/extra_vars.json') }}"
+    job_type: run
+    job_tags: "start,setup-ma1sd"
+    inventory: "{{ member_id }}"
+    project: "{{ member_id }} - Matrix Docker Ansible Deploy"
+    playbook: setup.yml
+    credential: "{{ member_id }} - AWX SSH Key"
+    survey_enabled: true
+    survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_ma1sd.json') }}"
+    become_enabled: yes
+    state: present
+    verbosity: 1
+    tower_host: "https://{{ tower_host }}"
+    tower_oauthtoken: "{{ tower_token.stdout }}"
+    validate_certs: yes
+    
+# ^ This playbook isn't executing so the survey isn't being updated! :P
+