add SchildiChat client

roles/custom/matrix-client-schildichat/tasks/main.yml

@@ -0,0 +1,29 @@
+---
+
+- tags:
+    - setup-all
+    - setup-client-schildichat
+    - install-all
+    - install-client-schildichat
+  block:
+    - when: matrix_client_schildichat_enabled | bool
+      ansible.builtin.include_tasks: "{{ role_path }}/tasks/validate_config.yml"
+
+    - when: matrix_client_schildichat_enabled | bool
+      ansible.builtin.include_tasks: "{{ role_path }}/tasks/prepare_themes.yml"
+
+    - when: matrix_client_schildichat_enabled | bool
+      ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_install.yml"
+
+- tags:
+    - setup-all
+    - setup-client-schildichat
+  block:
+    - when: not matrix_client_schildichat_enabled | bool
+      ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
+
+- tags:
+    - self-check
+  block:
+    - when: matrix_client_schildichat_enabled | bool
+      ansible.builtin.include_tasks: "{{ role_path }}/tasks/self_check.yml"

roles/custom/matrix-client-schildichat/tasks/prepare_themes.yml

@@ -0,0 +1,47 @@
+---
+
+#
+# Tasks related to setting up schildichat themes
+#
+
+- when: matrix_client_schildichat_themes_enabled | bool
+  run_once: true
+  delegate_to: 127.0.0.1
+  become: false
+  block:
+    - name: Ensure schildichat themes repository is pulled
+      ansible.builtin.git:
+        repo: "{{ matrix_client_schildichat_themes_repository_url }}"
+        version: "{{ matrix_client_schildichat_themes_repository_version }}"
+        dest: "{{ role_path }}/files/scratchpad/themes"
+
+    - name: Find all schildichat theme files
+      ansible.builtin.find:
+        paths: "{{ role_path }}/files/scratchpad/themes"
+        patterns: "*.json"
+        recurse: true
+      register: matrix_client_schildichat_theme_file_list
+
+    - name: Read schildichat theme
+      ansible.builtin.slurp:
+        path: "{{ item.path }}"
+      register: "matrix_client_schildichat_theme_file_contents"
+      with_items: "{{ matrix_client_schildichat_theme_file_list.files }}"
+
+    - name: Load schildichat theme
+      ansible.builtin.set_fact:
+        matrix_client_schildichat_setting_defaults_custom_themes: "{{ matrix_client_schildichat_setting_defaults_custom_themes + [item['content'] | b64decode | from_json] }}"  # noqa var-naming
+      with_items: "{{ matrix_client_schildichat_theme_file_contents.results }}"
+
+#
+# Tasks related to getting rid of schildichat themes (if it was previously enabled)
+#
+
+- name: Ensure schildichat themes repository is removed
+  ansible.builtin.file:
+    path: "{{ role_path }}/files/scratchpad/themes"
+    state: absent
+  run_once: true
+  delegate_to: 127.0.0.1
+  become: false
+  when: "not matrix_client_schildichat_themes_enabled | bool"

roles/custom/matrix-client-schildichat/tasks/self_check.yml

@@ -0,0 +1,24 @@
+---
+
+- ansible.builtin.set_fact:
+    matrix_client_schildichat_url_endpoint_public: "https://{{ matrix_server_fqn_schildichat }}/config.json"
+
+- name: Check schildichat
+  ansible.builtin.uri:
+    url: "{{ matrix_client_schildichat_url_endpoint_public }}"
+    follow_redirects: none
+    validate_certs: "{{ matrix_client_schildichat_self_check_validate_certificates }}"
+  register: matrix_client_schildichat_self_check_result
+  check_mode: false
+  ignore_errors: true
+  delegate_to: 127.0.0.1
+  become: false
+
+- name: Fail if schildichat not working
+  ansible.builtin.fail:
+    msg: "Failed checking schildichat is up at `{{ matrix_server_fqn_schildichat }}` (checked endpoint: `{{ matrix_client_schildichat_url_endpoint_public }}`). Is schildichat running? Is port 443 open in your firewall? Full error: {{ matrix_client_schildichat_self_check_result }}"
+  when: "matrix_client_schildichat_self_check_result.failed or 'json' not in matrix_client_schildichat_self_check_result"
+
+- name: Report working schildichat
+  ansible.builtin.debug:
+    msg: "schildichat at `{{ matrix_server_fqn_schildichat }}` is working (checked endpoint: `{{ matrix_client_schildichat_url_endpoint_public }}`)"

roles/custom/matrix-client-schildichat/tasks/setup_install.yml

@@ -0,0 +1,109 @@
+---
+
+- name: Ensure schildichat paths exists
+  ansible.builtin.file:
+    path: "{{ item.path }}"
+    state: directory
+    mode: 0750
+    owner: "{{ matrix_user_username }}"
+    group: "{{ matrix_user_groupname }}"
+  with_items:
+    - {path: "{{ matrix_client_schildichat_data_path }}", when: true}
+    - {path: "{{ matrix_client_schildichat_docker_src_files_path }}", when: "{{ matrix_client_schildichat_container_image_self_build }}"}
+  when: "item.when | bool"
+
+- name: Ensure schildichat Docker image is pulled
+  community.docker.docker_image:
+    name: "{{ matrix_client_schildichat_docker_image }}"
+    source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
+    force_source: "{{ matrix_client_schildichat_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
+    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_client_schildichat_docker_image_force_pull }}"
+  when: "not matrix_client_schildichat_container_image_self_build | bool"
+  register: result
+  retries: "{{ devture_playbook_help_container_retries_count }}"
+  delay: "{{ devture_playbook_help_container_retries_delay }}"
+  until: result is not failed
+
+- name: Ensure schildichat repository is present on self-build
+  ansible.builtin.git:
+    repo: "{{ matrix_client_schildichat_container_image_self_build_repo }}"
+    dest: "{{ matrix_client_schildichat_docker_src_files_path }}"
+    version: "{{ matrix_client_schildichat_docker_image.split(':')[1] }}"
+    force: "yes"
+  become: true
+  become_user: "{{ matrix_user_username }}"
+  register: matrix_client_schildichat_git_pull_results
+  when: "matrix_client_schildichat_container_image_self_build | bool"
+
+# See:
+# - https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1357
+# - https://github.com/vector-im/schildichat-web/issues/19544
+- name: Patch webpack.config.js to support building on low-memory (<4G RAM) devices
+  ansible.builtin.lineinfile:
+    path: "{{ matrix_client_schildichat_docker_src_files_path }}/webpack.config.js"
+    regexp: '(\s+)splitChunks: \{'
+    line: '\1splitChunks: { maxSize: 100000,'
+    backrefs: true
+    owner: root
+    group: root
+    mode: '0644'
+  when: "matrix_client_schildichat_container_image_self_build | bool and matrix_client_schildichat_container_image_self_build_low_memory_system_patch_enabled | bool"
+
+- name: Ensure schildichat Docker image is built
+  ansible.builtin.command:
+    cmd: |-
+      {{ devture_systemd_docker_base_host_command_docker }} buildx build
+      --tag={{ matrix_client_schildichat_docker_image }}
+      --file={{ matrix_client_schildichat_docker_src_files_path }}/Dockerfile
+      {{ matrix_client_schildichat_docker_src_files_path }}
+  changed_when: true
+  when: matrix_client_schildichat_container_image_self_build | bool
+
+- name: Ensure schildichat configuration installed
+  ansible.builtin.copy:
+    content: "{{ matrix_client_schildichat_configuration | to_nice_json }}"
+    dest: "{{ matrix_client_schildichat_data_path }}/config.json"
+    mode: 0644
+    owner: "{{ matrix_user_username }}"
+    group: "{{ matrix_user_groupname }}"
+
+- name: Ensure schildichat location sharing map style installed
+  when: matrix_client_schildichat_location_sharing_enabled | bool
+  ansible.builtin.copy:
+    content: "{{ matrix_client_schildichat_location_sharing_map_style | to_nice_json }}"
+    dest: "{{ matrix_client_schildichat_data_path }}/map_style.json"
+    mode: 0644
+    owner: "{{ matrix_user_username }}"
+    group: "{{ matrix_user_groupname }}"
+
+- name: Ensure schildichat config files installed
+  ansible.builtin.template:
+    src: "{{ item.src }}"
+    dest: "{{ matrix_client_schildichat_data_path }}/{{ item.name }}"
+    mode: 0644
+    owner: "{{ matrix_user_username }}"
+    group: "{{ matrix_user_groupname }}"
+  with_items:
+    - {src: "{{ role_path }}/templates/labels.j2", name: "labels"}
+    - {src: "{{ matrix_client_schildichat_page_template_welcome_path }}", name: "welcome.html"}
+    - {src: "{{ matrix_client_schildichat_embedded_pages_home_path }}", name: "home.html"}
+  when: "item.src is not none"
+
+- name: Ensure schildichat config files removed
+  ansible.builtin.file:
+    path: "{{ matrix_client_schildichat_data_path }}/{{ item.name }}"
+    state: absent
+  with_items:
+    - {src: "{{ matrix_client_schildichat_embedded_pages_home_path }}", name: "home.html"}
+  when: "item.src is none"
+
+- name: Ensure schildichat container network is created
+  community.general.docker_network:
+    name: "{{ matrix_client_schildichat_container_network }}"
+    driver: bridge
+
+- name: Ensure matrix-client-schildichat.service installed
+  ansible.builtin.template:
+    src: "{{ role_path }}/templates/systemd/matrix-client-schildichat.service.j2"
+    dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-client-schildichat.service"
+    mode: 0644

roles/custom/matrix-client-schildichat/tasks/setup_uninstall.yml

@@ -0,0 +1,25 @@
+---
+
+- name: Check existence of matrix-client-schildichat.service
+  ansible.builtin.stat:
+    path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-client-schildichat.service"
+  register: matrix_client_schildichat_service_stat
+
+- when: matrix_client_schildichat_service_stat.stat.exists | bool
+  block:
+    - name: Ensure matrix-client-schildichat is stopped
+      ansible.builtin.service:
+        name: matrix-client-schildichat
+        state: stopped
+        enabled: false
+        daemon_reload: true
+
+    - name: Ensure matrix-client-schildichat.service doesn't exist
+      ansible.builtin.file:
+        path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-client-schildichat.service"
+        state: absent
+
+    - name: Ensure schildichat path doesn't exist
+      ansible.builtin.file:
+        path: "{{ matrix_client_schildichat_data_path }}"
+        state: absent

roles/custom/matrix-client-schildichat/tasks/validate_config.yml

@@ -0,0 +1,64 @@
+---
+
+- name: Fail if required schildichat settings not defined
+  ansible.builtin.fail:
+    msg: >
+      You need to define a required configuration setting (`{{ item }}`) for using schildichat.
+  when: "vars[item] == ''"
+  with_items:
+    - "matrix_client_schildichat_default_hs_url"
+
+- name: Fail if schildichat location sharing enabled, but no tile server defined
+  ansible.builtin.fail:
+    msg: >-
+      You need to define at least one map tile server in matrix_client_schildichat_location_sharing_map_style_content_sources_localsource_tiles list
+  when:
+    - matrix_client_schildichat_location_sharing_enabled | bool
+    - matrix_client_schildichat_location_sharing_map_style_content_sources_localsource_tiles | length == 0
+
+- name: (Deprecation) Catch and report riot-web variables
+  ansible.builtin.fail:
+    msg: >-
+      Riot has been renamed to schildichat (https://schildichat.io/blog/welcome-to-schildichat/).
+      The playbook will migrate your existing configuration and data automatically, but you need to adjust variable names.
+      Please change your configuration (vars.yml) to rename all riot-web variables (`{{ item.old }}` -> `{{ item.new }}`).
+      Also note that DNS configuration changes may be necessary.
+  when: "vars | dict2items | selectattr('key', 'match', item.old) | list | items2dict"
+  with_items:
+    - {'old': 'matrix_riot_web_.*', 'new': 'matrix_client_schildichat_.*'}
+
+- name: (Deprecation) Catch and report renamed schildichat-web settings
+  ansible.builtin.fail:
+    msg: >-
+      Your configuration contains a variable, which now has a different name.
+      Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`).
+  when: "item.old in vars"
+  with_items:
+    - {'old': 'matrix_client_schildichat_showLabsSettings', 'new': 'matrix_client_schildichat_show_lab_settings'}
+    - {'old': 'matrix_client_schildichat_permalinkPrefix', 'new': 'matrix_client_schildichat_permalink_prefix'}
+    - {'old': 'matrix_client_schildichat_roomdir_servers', 'new': 'matrix_client_schildichat_room_directory_servers'}
+    - {'old': 'matrix_client_schildichat_settingDefaults_custom_themes', 'new': 'matrix_client_schildichat_setting_defaults_custom_themes'}
+    - {'old': 'matrix_client_schildichat_branding_authFooterLinks', 'new': 'matrix_client_schildichat_branding_auth_footer_links'}
+    - {'old': 'matrix_client_schildichat_branding_authHeaderLogoUrl', 'new': 'matrix_client_schildichat_branding_auth_header_logo_url'}
+    - {'old': 'matrix_client_schildichat_branding_welcomeBackgroundUrl', 'new': 'matrix_client_schildichat_branding_welcome_background_url'}
+    - {'old': 'matrix_client_schildichat_jitsi_preferredDomain', 'new': 'matrix_client_schildichat_jitsi_preferred_domain'}
+
+- when: matrix_client_schildichat_container_labels_traefik_enabled | bool
+  block:
+    - name: Fail if required matrix-client-schildichat Traefik settings not defined
+      ansible.builtin.fail:
+        msg: >-
+          You need to define a required configuration setting (`{{ item }}`).
+      when: "vars[item] == ''"
+      with_items:
+        - matrix_client_schildichat_container_labels_traefik_hostname
+        - matrix_client_schildichat_container_labels_traefik_path_prefix
+
+    # We ensure it doesn't end with a slash, because we handle both (slash and no-slash).
+    # Knowing that `matrix_client_schildichat_container_labels_traefik_path_prefix` does not end with a slash
+    # ensures we know how to set these routes up without having to do "does it end with a slash" checks elsewhere.
+    - name: Fail if matrix_client_schildichat_container_labels_traefik_path_prefix ends with a slash
+      ansible.builtin.fail:
+        msg: >-
+          matrix_client_schildichat_container_labels_traefik_path_prefix (`{{ matrix_client_schildichat_container_labels_traefik_path_prefix }}`) must either be `/` or not end with a slash (e.g. `/schildichat`).
+      when: "matrix_client_schildichat_container_labels_traefik_path_prefix != '/' and matrix_client_schildichat_container_labels_traefik_path_prefix[-1] == '/'"