Remove hardcoded command paths in playbook shell usage

This commit is contained in:
Chris van Dijk 2020-05-27 22:18:24 +02:00
parent 6334f6c1ea
commit 6e3b877dc2
9 changed files with 12 additions and 11 deletions

View File

@ -36,6 +36,7 @@ matrix_host_command_docker: "/usr/bin/env docker"
matrix_host_command_sleep: "/usr/bin/env sleep"
matrix_host_command_chown: "/usr/bin/env chown"
matrix_host_command_fusermount: "/usr/bin/env fusermount"
matrix_host_command_openssl: "/usr/bin/env openssl"
matrix_ntpd_package: "ntp"
matrix_ntpd_service: "{{ 'ntpd' if ansible_os_family == 'RedHat' or ansible_distribution == 'Archlinux' else 'ntp' }}"

View File

@ -60,7 +60,7 @@
# We intentionally suppress Ansible changes.
- name: Generate AppService Discord invite link
shell: >-
/usr/bin/docker run --rm --name matrix-appservice-discord-link-gen
{{ matrix_host_command_docker }} run --rm --name matrix-appservice-discord-link-gen
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
--cap-drop=ALL
-v {{ matrix_appservice_discord_config_path }}:/cfg

View File

@ -58,7 +58,7 @@
register: irc_passkey_file
- name: Generate Appservice IRC passkey if it doesn't exist
shell: /usr/bin/openssl genpkey -out {{ matrix_appservice_irc_data_path }}/passkey.pem -outform PEM -algorithm RSA -pkeyopt rsa_keygen_bits:2048
shell: "{{ matrix_host_command_openssl }} genpkey -out {{ matrix_appservice_irc_data_path }}/passkey.pem -outform PEM -algorithm RSA -pkeyopt rsa_keygen_bits:2048"
become: true
become_user: "{{ matrix_user_username }}"
when: "not irc_passkey_file.stat.exists"
@ -93,7 +93,7 @@
# to produce a final registration.yaml file, as we desire.
- name: Generate Appservice IRC registration-template.yaml
shell: >-
/usr/bin/docker run --rm --name matrix-appservice-irc-gen
{{ matrix_host_command_docker }} run --rm --name matrix-appservice-irc-gen
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
--cap-drop=ALL
-v {{ matrix_appservice_irc_config_path }}:/config:z

View File

@ -16,7 +16,7 @@
# We suppress the error, as we'll try another method below.
- name: Attempt initial SSL certificate retrieval with standalone authenticator (directly)
shell: >-
/usr/bin/docker run
{{ matrix_host_command_docker }} run
--rm
--name=matrix-certbot
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
@ -43,7 +43,7 @@
# and it's running now, it may be able to proxy requests to `matrix_ssl_lets_encrypt_certbot_standalone_http_port`.
- name: Attempt initial SSL certificate retrieval with standalone authenticator (via proxy)
shell: >-
/usr/bin/docker run
{{ matrix_host_command_docker }} run
--rm
--name=matrix-certbot
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}

View File

@ -63,7 +63,7 @@
- name: Generate Postgres database import command
set_fact:
matrix_postgres_import_command: >-
/usr/bin/docker run --rm --name matrix-postgres-import
{{ matrix_host_command_docker }} run --rm --name matrix-postgres-import
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
--cap-drop=ALL
--network={{ matrix_docker_network }}

View File

@ -66,7 +66,7 @@
- name: Generate Postgres database synapse-janitor command
set_fact:
matrix_postgres_synapse_janitor_command: >-
/usr/bin/docker run --rm --name matrix-postgres-synapse-janitor
{{ matrix_host_command_docker }} run --rm --name matrix-postgres-synapse-janitor
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
--cap-drop=ALL
--network={{ matrix_docker_network }}

View File

@ -45,7 +45,7 @@
- name: Generate Postgres database vacuum command
set_fact:
matrix_postgres_vacuum_command: >-
/usr/bin/docker run --rm --name matrix-postgres-synapse-vacuum
{{ matrix_host_command_docker }} run --rm --name matrix-postgres-synapse-vacuum
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
--cap-drop=ALL
--network={{ matrix_docker_network }}

View File

@ -79,7 +79,7 @@
# we need to remove these from the dump, or we'll get errors saying these already exist.
- name: Perform Postgres database dump
command: >-
/usr/bin/docker run --rm --name matrix-postgres-dump
{{ matrix_host_command_docker }} run --rm --name matrix-postgres-dump
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
--network={{ matrix_docker_network }}
--env-file={{ matrix_postgres_base_path }}/env-postgres-psql
@ -123,7 +123,7 @@
- name: Generate Postgres database import command
set_fact:
matrix_postgres_import_command: >-
/usr/bin/docker run --rm --name matrix-postgres-import
{{ matrix_host_command_docker }} run --rm --name matrix-postgres-import
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
--cap-drop=ALL
--network={{ matrix_docker_network }}

View File

@ -36,7 +36,7 @@
when: "start_result.changed or postgres_start_result.changed"
- name: Generate password hash
shell: "/usr/bin/docker exec matrix-synapse /usr/local/bin/hash_password -c /data/homeserver.yaml -p {{ password|quote }}"
shell: "{{ matrix_host_command_docker }} exec matrix-synapse /usr/local/bin/hash_password -c /data/homeserver.yaml -p {{ password|quote }}"
register: password_hash
- name: Update user password hash