diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index d6afb580e..032669499 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1863,15 +1863,15 @@ matrix_hookshot_systemd_wanted_services_list: | {{ matrix_addons_homeserver_systemd_services_list + - ([(redis_identifier + '.service')] if redis_enabled and matrix_hookshot_queue_host == redis_identifier else []) + ([(redis_identifier + '.service')] if redis_enabled and matrix_hookshot_cache_redis_host == redis_identifier else []) + - ([(keydb_identifier + '.service')] if keydb_enabled and matrix_hookshot_queue_host == keydb_identifier else []) + ([(keydb_identifier + '.service')] if keydb_enabled and matrix_hookshot_cache_redis_host == keydb_identifier else []) }} # Hookshot's experimental encryption feature (and possibly others) may benefit from Redis, if available. # We only connect to Redis if encryption is enabled (not for everyone who has Redis enabled), # because connectivity is still potentially troublesome and is to be investigated. -matrix_hookshot_queue_host: "{{ redis_identifier if redis_enabled and matrix_hookshot_experimental_encryption_enabled else (keydb_identifier if keydb_enabled and matrix_hookshot_experimental_encryption_enabled else '') }}" +matrix_hookshot_cache_redis_host: "{{ redis_identifier if redis_enabled and matrix_hookshot_experimental_encryption_enabled else (keydb_identifier if keydb_enabled and matrix_hookshot_experimental_encryption_enabled else '') }}" matrix_hookshot_container_network: "{{ matrix_addons_container_network }}" @@ -1880,9 +1880,9 @@ matrix_hookshot_container_additional_networks_auto: | ( ([] if matrix_addons_homeserver_container_network == '' else [matrix_addons_homeserver_container_network]) + - ([redis_container_network] if redis_enabled and matrix_hookshot_queue_host == redis_identifier else []) + ([redis_container_network] if redis_enabled and matrix_hookshot_cache_redis_host == redis_identifier else []) + - ([keydb_container_network] if keydb_enabled and matrix_hookshot_queue_host == keydb_identifier else []) + ([keydb_container_network] if keydb_enabled and matrix_hookshot_cache_redis_host == keydb_identifier else []) + ([matrix_playbook_reverse_proxyable_services_additional_network] if matrix_playbook_reverse_proxyable_services_additional_network and matrix_hookshot_container_labels_traefik_enabled else []) ) | unique diff --git a/roles/custom/matrix-bridge-hookshot/defaults/main.yml b/roles/custom/matrix-bridge-hookshot/defaults/main.yml index 9f6738b3a..cb34f033e 100644 --- a/roles/custom/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/custom/matrix-bridge-hookshot/defaults/main.yml @@ -40,15 +40,17 @@ matrix_hookshot_appservice_port: 9993 matrix_hookshot_appservice_hostname: "{{ matrix_hookshot_public_hostname }}" matrix_hookshot_appservice_endpoint: "{{ matrix_hookshot_public_endpoint }}/_matrix/app" -# The variables below control the queue parameters and may optionally be pointed to a Redis instance. -# These are required when experimental encryption is enabled (`matrix_hookshot_experimental_encryption_enabled`). -matrix_hookshot_queue_host: '' -matrix_hookshot_queue_port: 6739 +# The variables below control the Redis cache parameters. +# Using caching is required when experimental encryption is enabled (`matrix_hookshot_experimental_encryption_enabled`) +# but may also speed up Hookshot startup, etc. +matrix_hookshot_cache_redis_host: '' +matrix_hookshot_cache_redis_port: 6739 +matrix_hookshot_cache_redisUri: "{{ ('redis://' + matrix_hookshot_cache_redis_host + ':' + matrix_hookshot_cache_redis_port) if matrix_hookshot_cache_redis_host else '' }}" # Controls whether the experimental end-to-bridge encryption support is enabled. # This requires that: # - support to also be enabled in the homeserver, see the documentation of Hookshot. -# - Hookshot to be pointed at a Redis instance via the `matrix_hookshot_queue_*` variables. +# - Hookshot to be pointed at a Redis instance via the `matrix_hookshot_cache_redis*` variables. matrix_hookshot_experimental_encryption_enabled: false # Controls whether metrics are enabled in the bridge configuration. diff --git a/roles/custom/matrix-bridge-hookshot/tasks/validate_config.yml b/roles/custom/matrix-bridge-hookshot/tasks/validate_config.yml index cb1fa3025..9a0f38353 100644 --- a/roles/custom/matrix-bridge-hookshot/tasks/validate_config.yml +++ b/roles/custom/matrix-bridge-hookshot/tasks/validate_config.yml @@ -29,6 +29,8 @@ - {'old': 'matrix_hookshot_jira_oauth_uri', 'new': 'matrix_hookshot_jira_oauth_client_secret'} - {'old': 'matrix_hookshot_gitlab_secret', 'new': 'matrix_hookshot_gitlab_webhook_secret'} - {'old': 'matrix_hookshot_ident', 'new': 'matrix_hookshot_identifier'} + - {'old': 'matrix_hookshot_queue_host', 'new': 'matrix_hookshot_cache_redis_host'} + - {'old': 'matrix_hookshot_queue_port', 'new': 'matrix_hookshot_cache_redis_port'} - name: Fail if required Hookshot settings not defined ansible.builtin.fail: @@ -93,8 +95,8 @@ - name: Fail if no Redis queue enabled when Hookshot encryption is enabled ansible.builtin.fail: msg: >- - You need to define a required configuration setting (`{{ item }}`) to enable Hookshot encryption. - when: "matrix_hookshot_experimental_encryption_enabled and matrix_hookshot_queue_host == ''" + You need to define a required configuration setting (`matrix_hookshot_cache_redis*`) to enable Hookshot encryption. + when: "matrix_hookshot_experimental_encryption_enabled and matrix_hookshot_cache_redisUri == ''" - name: (Deprecation) Catch and report old metrics usage ansible.builtin.fail: diff --git a/roles/custom/matrix-bridge-hookshot/templates/config.yml.j2 b/roles/custom/matrix-bridge-hookshot/templates/config.yml.j2 index 77036b52c..cf60803a8 100644 --- a/roles/custom/matrix-bridge-hookshot/templates/config.yml.j2 +++ b/roles/custom/matrix-bridge-hookshot/templates/config.yml.j2 @@ -107,11 +107,9 @@ metrics: # (Optional) Prometheus metrics support # enabled: {{ matrix_hookshot_metrics_enabled | to_json }} -{% if matrix_hookshot_queue_host != '' %} -queue: - monolithic: true - port: {{ matrix_hookshot_queue_port }} - host: {{ matrix_hookshot_queue_host | to_json }} +{% if matrix_hookshot_cache_redisUri %} +cache: + redisUri: {{ matrix_hookshot_cache_redisUri | to_json }} {% endif %} {% if matrix_hookshot_experimental_encryption_enabled %} experimentalEncryption: