finallycoffee/matrix-docker-ansible-deploy
5
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

fix: all praise the allmighty yamllinter

Browse Source
This commit is contained in:
Marko Weltzer
2022-02-05 21:32:54 +01:00
parent d3983a0f04
commit 7e5b88c3b7
373 changed files with 1565 additions and 1296 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
roles/matrix-awx/defaults/main.yml
View File

@ -1,3 +1,5 @@
---
matrix_awx_enabled: true
# Defaults for 'Customise Website + Access Export' template

11
roles/matrix-awx/tasks/backup_server.yml
View File

@ -1,3 +1,4 @@
---
- name: Record Backup Server variables locally on AWX
delegate_to: 127.0.0.1
@ -38,18 +39,18 @@
credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/backup_server.json') }}"
become_enabled: yes
become_enabled: true
state: present
verbosity: 1
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes
validate_certs: true
tags: use-survey
- name: Include vars in matrix_vars.yml
include_vars:
file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
no_log: True
no_log: true
- name: Copy new 'matrix_vars.yml' to target machine
copy:
@ -58,8 +59,8 @@
mode: '0660'
tags: use-survey
- name: Run initial backup of /matrix/ and snapshot the database simultaneously
command: "{{ item }}"
- name: Run initial backup of /matrix/ and snapshot the database simultaneously
command: "{{ item }}"
with_items:
- borgmatic -c /root/.config/borgmatic/config_1.yaml
- /bin/sh /usr/local/bin/awx-export-service.sh 1 0

5
roles/matrix-awx/tasks/bridge_discord_appservice.yml
View File

@ -1,3 +1,4 @@
---
- name: Record Bridge Discord AppService variables locally on AWX
delegate_to: 127.0.0.1
@ -33,7 +34,7 @@
- name: Copy new 'Bridge Discord Appservice' survey.json to target machine
copy:
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/bridge_discord_appservice.json'
dest: '/matrix/awx/bridge_discord_appservice.json'
dest: '/matrix/awx/bridge_discord_appservice.json'
mode: '0660'
- name: Recreate 'Bridge Discord Appservice' job template
@ -54,4 +55,4 @@
verbosity: 1
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes
validate_certs: true

1
roles/matrix-awx/tasks/cache_matrix_variables.yml
View File

@ -1,3 +1,4 @@
---
- name: Collect current datetime
set_fact:

3
roles/matrix-awx/tasks/create_session_token.yml
View File

@ -1,3 +1,4 @@
---
- name: Create a AWX session token for executing modules
awx.awx.tower_token:
@ -7,4 +8,4 @@
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_master_token }}"
register: awx_session_token
no_log: True
no_log: true

1
roles/matrix-awx/tasks/create_user.yml
View File

@ -1,3 +1,4 @@
---
#
# Create user and define if they are admin
#

18
roles/matrix-awx/tasks/customise_website_access_export.yml
View File

@ -48,7 +48,7 @@
- name: Reload vars in matrix_vars.yml
include_vars:
file: '{{ awx_cached_matrix_vars }}'
no_log: True
no_log: true
- name: Save new 'Customise Website + Access Export' survey.json to the AWX tower, template
delegate_to: 127.0.0.1
@ -60,7 +60,7 @@
- name: Copy new 'Customise Website + Access Export' survey.json to target machine
copy:
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_website_access_export.json'
dest: '/matrix/awx/configure_website_access_export.json'
dest: '/matrix/awx/configure_website_access_export.json'
mode: '0660'
when: awx_customise_base_domain_website is defined
@ -74,7 +74,7 @@
- name: Copy new 'Customise Website + Access Export' survey.json to target machine
copy:
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/access_export.json'
dest: '/matrix/awx/access_export.json'
dest: '/matrix/awx/access_export.json'
mode: '0660'
when: awx_customise_base_domain_website is undefined
@ -92,12 +92,12 @@
credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_website_access_export.json') }}"
become_enabled: yes
become_enabled: true
state: present
verbosity: 1
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes
validate_certs: true
when: awx_customise_base_domain_website is defined
- name: Recreate 'Access Export' job template
@ -114,12 +114,12 @@
credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/access_export.json') }}"
become_enabled: yes
become_enabled: true
state: present
verbosity: 1
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes
validate_certs: true
when: awx_customise_base_domain_website is undefined
- name: If user doesn't define a awx_sftp_password, create a disabled 'sftp' account
@ -153,7 +153,7 @@
user:
name: sftp
groups: sftp
append: yes
append: true
when: awx_customise_base_domain_website is defined
- name: Create the ro /chroot directory with sticky bit if it doesn't exist. (/chroot/website has matrix:matrix permissions and is mounted to nginx container)
@ -208,7 +208,7 @@
group: sftp
mode: '0644'
when: (awx_sftp_public_key | length > 0) and (awx_sftp_auth_method == "SSH Key")
- name: Remove any existing Subsystem lines
lineinfile:
path: /etc/ssh/sshd_config

6
roles/matrix-awx/tasks/export_server.yml
View File

@ -1,7 +1,7 @@
---
- name: Run export of /matrix/ and snapshot the database simultaneously
command: "{{ item }}"
- name: Run export of /matrix/ and snapshot the database simultaneously
command: "{{ item }}"
with_items:
- /bin/sh /usr/local/bin/awx-export-service.sh 1 0
- /bin/sh /usr/local/bin/awx-export-service.sh 0 1
@ -23,7 +23,7 @@
command: rm /chroot/export/matrix*
count: 1
units: days
unique: yes
unique: true
- name: Delete the AWX session token for executing modules
awx.awx.tower_token:

6
roles/matrix-awx/tasks/load_hosting_and_org_variables.yml
View File

@ -3,14 +3,14 @@
- name: Include vars in organisation.yml
include_vars:
file: '/var/lib/awx/projects/clients/{{ member_id }}/organisation.yml'
no_log: True
no_log: true
- name: Include vars in hosting_vars.yml
include_vars:
file: '/var/lib/awx/projects/hosting/hosting_vars.yml'
no_log: True
no_log: true
- name: Include AWX master token from awx_tokens.yml
include_vars:
file: /var/lib/awx/projects/hosting/awx_tokens.yml
no_log: True
no_log: true

4
roles/matrix-awx/tasks/load_matrix_variables.yml
View File

@ -3,9 +3,9 @@
- name: Include new vars in matrix_vars.yml
include_vars:
file: '{{ awx_cached_matrix_vars }}'
no_log: True
no_log: true
- name: If include_vars succeeds overwrite the old matrix_vars.yml
- name: If include_vars succeeds overwrite the old matrix_vars.yml
delegate_to: 127.0.0.1
shell: "cp {{ awx_cached_matrix_vars }} /var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml && rm {{ awx_cached_matrix_vars }}"

54
roles/matrix-awx/tasks/main.yml
View File

@ -1,6 +1,6 @@
---
# Load initial hosting and organisation variables from AWX volume
- include_tasks:
- include_tasks:
file: "load_hosting_and_org_variables.yml"
apply:
tags: always
@ -9,7 +9,7 @@
- always
# Renames or updates the vars.yml if needed
- include_tasks:
- include_tasks:
file: "update_variables.yml"
apply:
tags: always
@ -18,7 +18,7 @@
- always
# Create AWX session token
- include_tasks:
- include_tasks:
file: "create_session_token.yml"
apply:
tags: always
@ -27,7 +27,7 @@
- always
# Perform a backup of the server
- include_tasks:
- include_tasks:
file: "backup_server.yml"
apply:
tags: backup-server
@ -36,7 +36,7 @@
- backup-server
# Perform a export of the server
- include_tasks:
- include_tasks:
file: "export_server.yml"
apply:
tags: export-server
@ -45,7 +45,7 @@
- export-server
# Create a user account if called
- include_tasks:
- include_tasks:
file: "create_user.yml"
apply:
tags: create-user
@ -54,7 +54,7 @@
- create-user
# Purge local/remote media if called
- include_tasks:
- include_tasks:
file: "purge_media_main.yml"
apply:
tags: purge-media
@ -63,7 +63,7 @@
- purge-media
# Purge Synapse database if called
- include_tasks:
- include_tasks:
file: "purge_database_main.yml"
apply:
tags: purge-database
@ -72,7 +72,7 @@
- purge-database
# Rotate SSH key if called
- include_tasks:
- include_tasks:
file: "rotate_ssh.yml"
apply:
tags: rotate-ssh
@ -81,16 +81,16 @@
- rotate-ssh
# Import configs, media repo from /chroot/backup import
- include_tasks:
- include_tasks:
file: "import_awx.yml"
apply:
tags: import-awx
when: run_setup|bool and matrix_awx_enabled|bool
tags:
- import-awx
# Perform extra self-check functions
- include_tasks:
- include_tasks:
file: "self_check.yml"
apply:
tags: self-check
@ -99,7 +99,7 @@
- self-check
# Create cached matrix_vars.yml file
- include_tasks:
- include_tasks:
file: "cache_matrix_variables.yml"
apply:
tags: always
@ -108,7 +108,7 @@
- always
# Configure SFTP so user can upload a static website or access the servers export
- include_tasks:
- include_tasks:
file: "customise_website_access_export.yml"
apply:
tags: setup-nginx-proxy
@ -117,7 +117,7 @@
- setup-nginx-proxy
# Additional playbook to set the variable file during Element configuration
- include_tasks:
- include_tasks:
file: "set_variables_element.yml"
apply:
tags: setup-client-element
@ -126,7 +126,7 @@
- setup-client-element
# Additional playbook to set the variable file during Mailer configuration
- include_tasks:
- include_tasks:
file: "set_variables_mailer.yml"
apply:
tags: setup-mailer
@ -135,7 +135,7 @@
- setup-mailer
# Additional playbook to set the variable file during Element configuration
- include_tasks:
- include_tasks:
file: "set_variables_element_subdomain.yml"
apply:
tags: setup-client-element-subdomain
@ -144,7 +144,7 @@
- setup-client-element-subdomain
# Additional playbook to set the variable file during Synapse configuration
- include_tasks:
- include_tasks:
file: "set_variables_synapse.yml"
apply:
tags: setup-synapse
@ -153,7 +153,7 @@
- setup-synapse
# Additional playbook to set the variable file during Jitsi configuration
- include_tasks:
- include_tasks:
file: "set_variables_jitsi.yml"
apply:
tags: setup-jitsi
@ -162,7 +162,7 @@
- setup-jitsi
# Additional playbook to set the variable file during Ma1sd configuration
- include_tasks:
- include_tasks:
file: "set_variables_ma1sd.yml"
apply:
tags: setup-ma1sd
@ -171,7 +171,7 @@
- setup-ma1sd
# Additional playbook to set the variable file during Corporal configuration
- include_tasks:
- include_tasks:
file: "set_variables_corporal.yml"
apply:
tags: setup-corporal
@ -180,7 +180,7 @@
- setup-corporal
# Additional playbook to set the variable file during Dimension configuration
- include_tasks:
- include_tasks:
file: "set_variables_dimension.yml"
apply:
tags: setup-dimension
@ -189,7 +189,7 @@
- setup-dimension
# Additional playbook to set the variable file during Synapse Admin configuration
- include_tasks:
- include_tasks:
file: "set_variables_synapse_admin.yml"
apply:
tags: setup-synapse-admin
@ -198,7 +198,7 @@
- setup-synapse-admin
# Additional playbook to set the variable file during Discord Appservice Bridge configuration
- include_tasks:
- include_tasks:
file: "bridge_discord_appservice.yml"
apply:
tags: bridge-discord-appservice
@ -207,7 +207,7 @@
- bridge-discord-appservice
# Delete AWX session token
- include_tasks:
- include_tasks:
file: "delete_session_token.yml"
apply:
tags: always
@ -216,7 +216,7 @@
- always
# Load newly formed matrix variables from AWX volume
- include_tasks:
- include_tasks:
file: "load_matrix_variables.yml"
apply:
tags: always

42
roles/matrix-awx/tasks/purge_database_main.yml
View File

@ -9,20 +9,20 @@
- name: Include vars in matrix_vars.yml
include_vars:
file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
no_log: True
no_log: true
- name: Ensure curl and jq intalled on target machine
apt:
pkg:
- curl
- jq
- curl
- jq
state: present
- name: Collect before shrink size of Synapse database
shell: du -sh /matrix/postgres/data
register: awx_db_size_before_stat
when: (awx_purge_mode.find("Perform final shrink") != -1)
no_log: True
no_log: true
- name: Collect the internal IP of the matrix-synapse container
shell: "/usr/bin/docker inspect --format '{''{range.NetworkSettings.Networks}''}{''{.IPAddress}''}{''{end}''}' matrix-synapse"
@ -34,7 +34,7 @@
curl -X POST -d '{"type":"m.login.password", "user":"admin-janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_matrix/client/r0/login" | jq '.access_token'
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
register: awx_janitors_token
no_log: True
no_log: true
- name: Copy build_room_list.py script to target machine
copy:
@ -55,7 +55,7 @@
fetch:
src: /tmp/room_list_complete.json
dest: "/tmp/{{ subscription_id }}_room_list_complete.json"
flat: yes
flat: true
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
- name: Remove complete room list from target machine
@ -80,7 +80,7 @@
- name: Setting host fact awx_room_list_no_local_users
set_fact:
awx_room_list_no_local_users: "{{ lookup('file', '/tmp/{{ subscription_id }}_room_list_no_local_users.txt') }}"
no_log: True
no_log: true
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
- name: Purge all rooms with no local users
@ -113,7 +113,7 @@
set_fact:
awx_room_list_joined_members: "{{ lookup('file', '/tmp/{{ subscription_id }}_room_list_joined_members.txt') }}"
when: awx_purge_mode.find("Number of users [slower]") != -1
no_log: True
no_log: true
- name: Purge all rooms with more then N users
include_tasks: purge_database_users.yml
@ -138,7 +138,7 @@
set_fact:
awx_room_list_state_events: "{{ lookup('file', '/tmp/{{ subscription_id }}_room_list_state_events.txt') }}"
when: awx_purge_mode.find("Number of events [slower]") != -1
no_log: True
no_log: true
- name: Purge all rooms with more then N events
include_tasks: purge_database_events.yml
@ -161,17 +161,17 @@
verbosity: 1
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes
validate_certs: true
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1)
- name: Execute rust-synapse-compress-state job template
delegate_to: 127.0.0.1
awx.awx.tower_job_launch:
job_template: "{{ matrix_domain }} - 0 - Deploy/Update a Server"
wait: yes
wait: true
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes
validate_certs: true
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1)
- name: Revert 'Deploy/Update a Server' job template
@ -190,14 +190,14 @@
verbosity: 1
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes
validate_certs: true
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1)
- name: Ensure matrix-synapse is stopped
service:
name: matrix-synapse
state: stopped
daemon_reload: yes
daemon_reload: true
when: (awx_purge_mode.find("Perform final shrink") != -1)
- name: Re-index Synapse database
@ -208,7 +208,7 @@
service:
name: matrix-synapse
state: started
daemon_reload: yes
daemon_reload: true
when: (awx_purge_mode.find("Perform final shrink") != -1)
- name: Adjust 'Deploy/Update a Server' job template
@ -227,17 +227,17 @@
verbosity: 1
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes
validate_certs: true
when: (awx_purge_mode.find("Perform final shrink") != -1)
- name: Execute run-postgres-vacuum job template
delegate_to: 127.0.0.1
awx.awx.tower_job_launch:
job_template: "{{ matrix_domain }} - 0 - Deploy/Update a Server"
wait: yes
wait: true
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes
validate_certs: true
when: (awx_purge_mode.find("Perform final shrink") != -1)
- name: Revert 'Deploy/Update a Server' job template
@ -256,7 +256,7 @@
verbosity: 1
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes
validate_certs: true
when: (awx_purge_mode.find("Perform final shrink") != -1)
- name: Cleanup room_list files
@ -264,13 +264,13 @@
shell: |
rm /tmp/{{ subscription_id }}_room_list*
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
ignore_errors: yes
ignore_errors: true
- name: Collect after shrink size of Synapse database
shell: du -sh /matrix/postgres/data
register: awx_db_size_after_stat
when: (awx_purge_mode.find("Perform final shrink") != -1)
no_log: True
no_log: true
- name: Print total number of rooms processed
debug:

27
roles/matrix-awx/tasks/purge_media_main.yml
View File

@ -1,3 +1,4 @@
---
- name: Ensure dateutils is installed in AWX
delegate_to: 127.0.0.1
@ -8,13 +9,13 @@
- name: Include vars in matrix_vars.yml
include_vars:
file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
no_log: True
no_log: true
- name: Ensure curl and jq intalled on target machine
apt:
pkg:
- curl
- jq
- curl
- jq
state: present
- name: Collect the internal IP of the matrix-synapse container
@ -25,7 +26,7 @@
shell: |
curl -XPOST -d '{"type":"m.login.password", "user":"admin-janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_matrix/client/r0/login" | jq '.access_token'
register: awx_janitors_token
no_log: True
no_log: true
- name: Generate list of dates to purge to
delegate_to: 127.0.0.1
@ -37,16 +38,16 @@
register: awx_local_media_size_before
when: awx_purge_media_type == "Local Media"
async: 600
ignore_errors: yes
no_log: True
ignore_errors: true
no_log: true
- name: Calculate initial size of remote media repository
shell: du -sh /matrix/synapse/storage/media-store/remote*
register: awx_remote_media_size_before
when: awx_purge_media_type == "Remote Media"
async: 600
ignore_errors: yes
no_log: True
async: 600
ignore_errors: true
no_log: true
- name: Purge local media with loop
include_tasks: purge_media_local.yml
@ -62,15 +63,15 @@
shell: du -sh /matrix/synapse/storage/media-store/local*
register: awx_local_media_size_after
when: awx_purge_media_type == "Local Media"
ignore_errors: yes
no_log: True
ignore_errors: true
no_log: true
- name: Calculate final size of remote media repository
shell: du -sh /matrix/synapse/storage/media-store/remote*
register: awx_remote_media_size_after
when: awx_purge_media_type == "Remote Media"
ignore_errors: yes
no_log: True
ignore_errors: true
no_log: true
- name: Print size of local media repository before purge
debug:

2
roles/matrix-awx/tasks/rotate_ssh.yml
View File

@ -4,7 +4,7 @@
authorized_key:
user: root
state: present
exclusive: yes
exclusive: true
key: "{{ lookup('file', '/var/lib/awx/projects/hosting/client_public.key') }}"
- name: Delete the AWX session token for executing modules

24
roles/matrix-awx/tasks/self_check.yml
View File

@ -25,53 +25,53 @@
shell: |
curl -s localhost:9000 | grep "^synapse_admin_mau_current "
register: awx_mau_stat
no_log: True
no_log: true
- name: Calculate CPU usage statistics
shell: iostat -c
register: awx_cpu_usage_stat
no_log: True
no_log: true
- name: Calculate RAM usage statistics
shell: free -mh
register: awx_ram_usage_stat
no_log: True
no_log: true
- name: Calculate free disk space
shell: df -h
register: awx_disk_space_stat
no_log: True
no_log: true
- name: Calculate size of Synapse database
shell: du -sh /matrix/postgres/data
register: awx_db_size_stat
no_log: True
no_log: true
- name: Calculate size of local media repository
shell: du -sh /matrix/synapse/storage/media-store/local*
register: awx_local_media_size_stat
async: 600
ignore_errors: yes
no_log: True
ignore_errors: true
no_log: true
- name: Calculate size of remote media repository
shell: du -sh /matrix/synapse/storage/media-store/remote*
register: awx_remote_media_size_stat
async: 600
ignore_errors: yes
no_log: True
ignore_errors: true
no_log: true
- name: Calculate docker container statistics
shell: docker stats --all --no-stream
register: awx_docker_stats
ignore_errors: yes
no_log: True
ignore_errors: true
no_log: true
- name: Print size of remote media repository
debug:
msg: "{{ awx_remote_media_size_stat.stdout.split('\n') }}"
when: awx_remote_media_size_stat is defined
- name: Print size of local media repository
debug:
msg: "{{ awx_local_media_size_stat.stdout.split('\n') }}"

4
roles/matrix-awx/tasks/set_variables_corporal.yml
View File

@ -235,9 +235,9 @@
credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_corporal.json') }}"
become_enabled: yes
become_enabled: true
state: present
verbosity: 1
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes
validate_certs: true

14
roles/matrix-awx/tasks/set_variables_dimension.yml
View File

@ -3,18 +3,18 @@
- name: Include vars in matrix_vars.yml
include_vars:
file: '{{ awx_cached_matrix_vars }}'
no_log: True
no_log: true
- name: Install jq and curl on remote machine
apt:
name:
name:
- jq
- curl
state: present
- name: Collect access token of @admin-dimension user
shell: |
curl -X POST --header 'Content-Type: application/json' -d '{ "identifier": { "type": "m.id.user","user": "admin-dimension" }, "password": "{{ awx_dimension_user_password }}", "type": "m.login.password"}' 'https://matrix.{{ matrix_domain }}/_matrix/client/r0/login' | jq -c '. | {access_token}' | sed 's/.*\":\"//' | sed 's/\"}//'
curl -X POST --header 'Content-Type: application/json' -d '{ "identifier": { "type": "m.id.user","user": "admin-dimension"}, "password": "{{ awx_dimension_user_password }}", "type": "m.login.password"}' 'https://matrix.{{ matrix_domain }}/_matrix/client/r0/login' | jq -c '. | {access_token}' | sed 's/.*\":\"//' | sed 's/\"}//'
register: awx_dimension_user_access_token
- name: Record Synapse variables locally on AWX
@ -27,7 +27,7 @@
with_dict:
'matrix_dimension_enabled': '{{ matrix_dimension_enabled }}'
'matrix_dimension_access_token': '"{{ awx_dimension_user_access_token.stdout }}"'
- name: Set final users list if users are defined
set_fact:
awx_dimension_users_final: "{{ awx_dimension_users }}"
@ -80,7 +80,7 @@
- name: Copy new 'Configure Dimension' survey.json to target machine
copy:
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_dimension.json'
dest: '/matrix/awx/configure_dimension.json'
dest: '/matrix/awx/configure_dimension.json'
mode: '0660'
- name: Recreate 'Configure Dimension' job template
@ -97,9 +97,9 @@
credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_dimension.json') }}"
become_enabled: yes
become_enabled: true
state: present
verbosity: 1
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes
validate_certs: true

4
roles/matrix-awx/tasks/set_variables_element.yml
View File

@ -172,9 +172,9 @@
credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_element.json') }}"
become_enabled: yes
become_enabled: true
state: present
verbosity: 1
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes
validate_certs: true

4
roles/matrix-awx/tasks/set_variables_element_subdomain.yml
View File

@ -9,7 +9,7 @@
insertafter: '# Element Settings Start'
with_dict:
'matrix_server_fqn_element': "{{ awx_element_subdomain | trim }}.{{ matrix_domain }}"
- name: Save new 'Configure Element Subdomain' survey.json to the AWX tower, template
delegate_to: 127.0.0.1
template:
@ -40,4 +40,4 @@
verbosity: 1
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes
validate_certs: true

6
roles/matrix-awx/tasks/set_variables_jitsi.yml
View File

@ -20,7 +20,7 @@
- name: Copy new 'Configure Jitsi' survey.json to target machine
copy:
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_jitsi.json'
dest: '/matrix/awx/configure_jitsi.json'
dest: '/matrix/awx/configure_jitsi.json'
mode: '0660'
- name: Recreate 'Configure Jitsi' job template
@ -37,9 +37,9 @@
credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_jitsi.json') }}"
become_enabled: yes
become_enabled: true
state: present
verbosity: 1
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes
validate_certs: true

9
roles/matrix-awx/tasks/set_variables_ma1sd.yml
View File

@ -66,7 +66,7 @@
with_dict:
'awx_matrix_ma1sd_auth_store': '{{ awx_matrix_ma1sd_auth_store }}'
'awx_matrix_ma1sd_configuration_extension_yaml': '{{ awx_matrix_ma1sd_configuration_extension_yaml.splitlines() | to_json }}'
no_log: True
no_log: true
- name: Save new 'Configure ma1sd' survey.json to the AWX tower, template
delegate_to: 127.0.0.1
@ -77,7 +77,7 @@
- name: Copy new 'Configure ma1sd' survey.json to target machine
copy:
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_ma1sd.json'
dest: '/matrix/awx/configure_ma1sd.json'
dest: '/matrix/awx/configure_ma1sd.json'
mode: '0660'
- name: Recreate 'Configure ma1sd (Advanced)' job template
@ -94,10 +94,9 @@
credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_ma1sd.json') }}"
become_enabled: yes
become_enabled: true
state: present
verbosity: 1
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes
validate_certs: true

4
roles/matrix-awx/tasks/set_variables_mailer.yml
View File

@ -36,9 +36,9 @@
credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_email_relay.json') }}"
become_enabled: yes
become_enabled: true
state: present
verbosity: 1
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes
validate_certs: true

7
roles/matrix-awx/tasks/set_variables_synapse.yml
View File

@ -1,3 +1,4 @@
---
- name: Limit max upload size to 200MB part 1
set_fact:
@ -197,7 +198,7 @@
- name: Copy new 'Configure Synapse' survey.json to target machine
copy:
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse.json'
dest: '/matrix/awx/configure_synapse.json'
dest: '/matrix/awx/configure_synapse.json'
mode: '0660'
- name: Recreate 'Configure Synapse' job template
@ -214,9 +215,9 @@
credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse.json') }}"
become_enabled: yes
become_enabled: true
state: present
verbosity: 1
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes
validate_certs: true

6
roles/matrix-awx/tasks/set_variables_synapse_admin.yml
View File

@ -19,7 +19,7 @@
- name: Copy new 'Configure Synapse Admin' survey.json to target machine
copy:
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse_admin.json'
dest: '/matrix/awx/configure_synapse_admin.json'
dest: '/matrix/awx/configure_synapse_admin.json'
mode: '0660'
- name: Recreate 'Configure Synapse Admin' job template
@ -36,9 +36,9 @@
credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse_admin.json') }}"
become_enabled: yes
become_enabled: true
state: present
verbosity: 1
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes
validate_certs: true

4
roles/matrix-awx/tasks/update_variables.yml
View File

@ -12,7 +12,7 @@
command: |
openssl rand -hex 16
register: generic_secret
no_log: True
no_log: true
when: ( matrix_homeserver_generic_secret_key is undefined ) or ( matrix_homeserver_generic_secret_key | length == 0 )
- name: Add new matrix_homeserver_generic_secret_key variable
@ -22,5 +22,5 @@
line: "matrix_homeserver_generic_secret_key: {{ generic_secret.stdout }}"
insertbefore: '# Basic Settings End'
mode: '0600'
state: present
state: present
when: ( matrix_homeserver_generic_secret_key is undefined ) or ( matrix_homeserver_generic_secret_key | length == 0 )