Remove hardcoded command paths in playbook shell usage
This commit is contained in:
parent
6334f6c1ea
commit
6e3b877dc2
@ -36,6 +36,7 @@ matrix_host_command_docker: "/usr/bin/env docker"
|
|||||||
matrix_host_command_sleep: "/usr/bin/env sleep"
|
matrix_host_command_sleep: "/usr/bin/env sleep"
|
||||||
matrix_host_command_chown: "/usr/bin/env chown"
|
matrix_host_command_chown: "/usr/bin/env chown"
|
||||||
matrix_host_command_fusermount: "/usr/bin/env fusermount"
|
matrix_host_command_fusermount: "/usr/bin/env fusermount"
|
||||||
|
matrix_host_command_openssl: "/usr/bin/env openssl"
|
||||||
|
|
||||||
matrix_ntpd_package: "ntp"
|
matrix_ntpd_package: "ntp"
|
||||||
matrix_ntpd_service: "{{ 'ntpd' if ansible_os_family == 'RedHat' or ansible_distribution == 'Archlinux' else 'ntp' }}"
|
matrix_ntpd_service: "{{ 'ntpd' if ansible_os_family == 'RedHat' or ansible_distribution == 'Archlinux' else 'ntp' }}"
|
||||||
|
@ -60,7 +60,7 @@
|
|||||||
# We intentionally suppress Ansible changes.
|
# We intentionally suppress Ansible changes.
|
||||||
- name: Generate AppService Discord invite link
|
- name: Generate AppService Discord invite link
|
||||||
shell: >-
|
shell: >-
|
||||||
/usr/bin/docker run --rm --name matrix-appservice-discord-link-gen
|
{{ matrix_host_command_docker }} run --rm --name matrix-appservice-discord-link-gen
|
||||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
|
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
|
||||||
--cap-drop=ALL
|
--cap-drop=ALL
|
||||||
-v {{ matrix_appservice_discord_config_path }}:/cfg
|
-v {{ matrix_appservice_discord_config_path }}:/cfg
|
||||||
|
@ -58,7 +58,7 @@
|
|||||||
register: irc_passkey_file
|
register: irc_passkey_file
|
||||||
|
|
||||||
- name: Generate Appservice IRC passkey if it doesn't exist
|
- name: Generate Appservice IRC passkey if it doesn't exist
|
||||||
shell: /usr/bin/openssl genpkey -out {{ matrix_appservice_irc_data_path }}/passkey.pem -outform PEM -algorithm RSA -pkeyopt rsa_keygen_bits:2048
|
shell: "{{ matrix_host_command_openssl }} genpkey -out {{ matrix_appservice_irc_data_path }}/passkey.pem -outform PEM -algorithm RSA -pkeyopt rsa_keygen_bits:2048"
|
||||||
become: true
|
become: true
|
||||||
become_user: "{{ matrix_user_username }}"
|
become_user: "{{ matrix_user_username }}"
|
||||||
when: "not irc_passkey_file.stat.exists"
|
when: "not irc_passkey_file.stat.exists"
|
||||||
@ -93,7 +93,7 @@
|
|||||||
# to produce a final registration.yaml file, as we desire.
|
# to produce a final registration.yaml file, as we desire.
|
||||||
- name: Generate Appservice IRC registration-template.yaml
|
- name: Generate Appservice IRC registration-template.yaml
|
||||||
shell: >-
|
shell: >-
|
||||||
/usr/bin/docker run --rm --name matrix-appservice-irc-gen
|
{{ matrix_host_command_docker }} run --rm --name matrix-appservice-irc-gen
|
||||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
|
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
|
||||||
--cap-drop=ALL
|
--cap-drop=ALL
|
||||||
-v {{ matrix_appservice_irc_config_path }}:/config:z
|
-v {{ matrix_appservice_irc_config_path }}:/config:z
|
||||||
|
@ -16,7 +16,7 @@
|
|||||||
# We suppress the error, as we'll try another method below.
|
# We suppress the error, as we'll try another method below.
|
||||||
- name: Attempt initial SSL certificate retrieval with standalone authenticator (directly)
|
- name: Attempt initial SSL certificate retrieval with standalone authenticator (directly)
|
||||||
shell: >-
|
shell: >-
|
||||||
/usr/bin/docker run
|
{{ matrix_host_command_docker }} run
|
||||||
--rm
|
--rm
|
||||||
--name=matrix-certbot
|
--name=matrix-certbot
|
||||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
|
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
|
||||||
@ -43,7 +43,7 @@
|
|||||||
# and it's running now, it may be able to proxy requests to `matrix_ssl_lets_encrypt_certbot_standalone_http_port`.
|
# and it's running now, it may be able to proxy requests to `matrix_ssl_lets_encrypt_certbot_standalone_http_port`.
|
||||||
- name: Attempt initial SSL certificate retrieval with standalone authenticator (via proxy)
|
- name: Attempt initial SSL certificate retrieval with standalone authenticator (via proxy)
|
||||||
shell: >-
|
shell: >-
|
||||||
/usr/bin/docker run
|
{{ matrix_host_command_docker }} run
|
||||||
--rm
|
--rm
|
||||||
--name=matrix-certbot
|
--name=matrix-certbot
|
||||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
|
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
|
||||||
|
@ -63,7 +63,7 @@
|
|||||||
- name: Generate Postgres database import command
|
- name: Generate Postgres database import command
|
||||||
set_fact:
|
set_fact:
|
||||||
matrix_postgres_import_command: >-
|
matrix_postgres_import_command: >-
|
||||||
/usr/bin/docker run --rm --name matrix-postgres-import
|
{{ matrix_host_command_docker }} run --rm --name matrix-postgres-import
|
||||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
|
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
|
||||||
--cap-drop=ALL
|
--cap-drop=ALL
|
||||||
--network={{ matrix_docker_network }}
|
--network={{ matrix_docker_network }}
|
||||||
|
@ -66,7 +66,7 @@
|
|||||||
- name: Generate Postgres database synapse-janitor command
|
- name: Generate Postgres database synapse-janitor command
|
||||||
set_fact:
|
set_fact:
|
||||||
matrix_postgres_synapse_janitor_command: >-
|
matrix_postgres_synapse_janitor_command: >-
|
||||||
/usr/bin/docker run --rm --name matrix-postgres-synapse-janitor
|
{{ matrix_host_command_docker }} run --rm --name matrix-postgres-synapse-janitor
|
||||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
|
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
|
||||||
--cap-drop=ALL
|
--cap-drop=ALL
|
||||||
--network={{ matrix_docker_network }}
|
--network={{ matrix_docker_network }}
|
||||||
|
@ -45,7 +45,7 @@
|
|||||||
- name: Generate Postgres database vacuum command
|
- name: Generate Postgres database vacuum command
|
||||||
set_fact:
|
set_fact:
|
||||||
matrix_postgres_vacuum_command: >-
|
matrix_postgres_vacuum_command: >-
|
||||||
/usr/bin/docker run --rm --name matrix-postgres-synapse-vacuum
|
{{ matrix_host_command_docker }} run --rm --name matrix-postgres-synapse-vacuum
|
||||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
|
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
|
||||||
--cap-drop=ALL
|
--cap-drop=ALL
|
||||||
--network={{ matrix_docker_network }}
|
--network={{ matrix_docker_network }}
|
||||||
|
@ -79,7 +79,7 @@
|
|||||||
# we need to remove these from the dump, or we'll get errors saying these already exist.
|
# we need to remove these from the dump, or we'll get errors saying these already exist.
|
||||||
- name: Perform Postgres database dump
|
- name: Perform Postgres database dump
|
||||||
command: >-
|
command: >-
|
||||||
/usr/bin/docker run --rm --name matrix-postgres-dump
|
{{ matrix_host_command_docker }} run --rm --name matrix-postgres-dump
|
||||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
|
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
|
||||||
--network={{ matrix_docker_network }}
|
--network={{ matrix_docker_network }}
|
||||||
--env-file={{ matrix_postgres_base_path }}/env-postgres-psql
|
--env-file={{ matrix_postgres_base_path }}/env-postgres-psql
|
||||||
@ -123,7 +123,7 @@
|
|||||||
- name: Generate Postgres database import command
|
- name: Generate Postgres database import command
|
||||||
set_fact:
|
set_fact:
|
||||||
matrix_postgres_import_command: >-
|
matrix_postgres_import_command: >-
|
||||||
/usr/bin/docker run --rm --name matrix-postgres-import
|
{{ matrix_host_command_docker }} run --rm --name matrix-postgres-import
|
||||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
|
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
|
||||||
--cap-drop=ALL
|
--cap-drop=ALL
|
||||||
--network={{ matrix_docker_network }}
|
--network={{ matrix_docker_network }}
|
||||||
|
@ -36,7 +36,7 @@
|
|||||||
when: "start_result.changed or postgres_start_result.changed"
|
when: "start_result.changed or postgres_start_result.changed"
|
||||||
|
|
||||||
- name: Generate password hash
|
- name: Generate password hash
|
||||||
shell: "/usr/bin/docker exec matrix-synapse /usr/local/bin/hash_password -c /data/homeserver.yaml -p {{ password|quote }}"
|
shell: "{{ matrix_host_command_docker }} exec matrix-synapse /usr/local/bin/hash_password -c /data/homeserver.yaml -p {{ password|quote }}"
|
||||||
register: password_hash
|
register: password_hash
|
||||||
|
|
||||||
- name: Update user password hash
|
- name: Update user password hash
|
||||||
|
Loading…
Reference in New Issue
Block a user