Put all homeservers in the matrix-homeserver container network
This commit is contained in:
parent
1be90cf87d
commit
9488e3857a
@ -485,15 +485,6 @@ matrix_homeserver_container_federation_api_endpoint: |-
|
|||||||
}[matrix_homeserver_implementation]
|
}[matrix_homeserver_implementation]
|
||||||
}}
|
}}
|
||||||
|
|
||||||
matrix_homeserver_container_network: |-
|
|
||||||
{{
|
|
||||||
{
|
|
||||||
'synapse': (matrix_synapse_reverse_proxy_companion_container_network if matrix_synapse_reverse_proxy_companion_enabled else matrix_synapse_container_network),
|
|
||||||
'dendrite': matrix_dendrite_container_network,
|
|
||||||
'conduit': matrix_conduit_container_network,
|
|
||||||
}[matrix_homeserver_implementation]
|
|
||||||
}}
|
|
||||||
|
|
||||||
matrix_integration_manager_rest_url: "{{ matrix_dimension_integrations_rest_url if matrix_dimension_enabled else None }}"
|
matrix_integration_manager_rest_url: "{{ matrix_dimension_integrations_rest_url if matrix_dimension_enabled else None }}"
|
||||||
matrix_integration_manager_ui_url: "{{ matrix_dimension_integrations_ui_url if matrix_dimension_enabled else None }}"
|
matrix_integration_manager_ui_url: "{{ matrix_dimension_integrations_ui_url if matrix_dimension_enabled else None }}"
|
||||||
|
|
||||||
@ -3785,6 +3776,8 @@ matrix_synapse_container_metrics_api_host_bind_port: "{{ (matrix_playbook_servic
|
|||||||
# For exposing the Synapse Manhole port (plain HTTP) to the local host.
|
# For exposing the Synapse Manhole port (plain HTTP) to the local host.
|
||||||
matrix_synapse_container_manhole_api_host_bind_port: "{{ (matrix_playbook_service_host_bind_interface_prefix ~ '9000') if matrix_synapse_metrics_enabled and matrix_playbook_service_host_bind_interface_prefix else '' }}"
|
matrix_synapse_container_manhole_api_host_bind_port: "{{ (matrix_playbook_service_host_bind_interface_prefix ~ '9000') if matrix_synapse_metrics_enabled and matrix_playbook_service_host_bind_interface_prefix else '' }}"
|
||||||
|
|
||||||
|
matrix_synapse_container_network: "{{ matrix_homeserver_container_network }}"
|
||||||
|
|
||||||
matrix_synapse_container_additional_networks: |
|
matrix_synapse_container_additional_networks: |
|
||||||
{{
|
{{
|
||||||
(
|
(
|
||||||
@ -4414,16 +4407,20 @@ matrix_sliding_sync_database_password: "{{ '%s' | format(matrix_homeserver_gener
|
|||||||
|
|
||||||
matrix_dendrite_enabled: "{{ matrix_homeserver_implementation == 'dendrite' }}"
|
matrix_dendrite_enabled: "{{ matrix_homeserver_implementation == 'dendrite' }}"
|
||||||
|
|
||||||
# Normally, matrix-nginx-proxy is enabled and nginx can reach Dendrite over the container network.
|
matrix_dendrite_container_network: "{{ matrix_homeserver_container_network }}"
|
||||||
# If matrix-nginx-proxy is not enabled, or you otherwise have a need for it,
|
|
||||||
# you can expose Dendrite's ports to the host.
|
matrix_dendrite_container_additional_networks: |
|
||||||
#
|
{{
|
||||||
# For exposing Dendrite's plain HTTP server to the local host.
|
(
|
||||||
|
([devture_postgres_container_network] if (devture_postgres_enabled and devture_postgres_container_network != matrix_dendrite_container_network and matrix_dendrite_database_hostname == devture_postgres_connection_hostname) else [])
|
||||||
|
)
|
||||||
|
}}
|
||||||
|
|
||||||
matrix_dendrite_container_http_host_bind_address: "{{ (matrix_playbook_service_host_bind_interface_prefix ~ matrix_dendrite_http_bind_port | string) if matrix_playbook_service_host_bind_interface_prefix else '' }}"
|
matrix_dendrite_container_http_host_bind_address: "{{ (matrix_playbook_service_host_bind_interface_prefix ~ matrix_dendrite_http_bind_port | string) if matrix_playbook_service_host_bind_interface_prefix else '' }}"
|
||||||
#
|
|
||||||
# For exposing Dendrite's HTTPS server to the local host.
|
|
||||||
matrix_dendrite_container_https_host_bind_address: "{{ '' if not matrix_dendrite_https_bind_port or not matrix_playbook_service_host_bind_interface_prefix else (matrix_playbook_service_host_bind_interface_prefix + matrix_dendrite_https_bind_port | string) }}"
|
matrix_dendrite_container_https_host_bind_address: "{{ '' if not matrix_dendrite_https_bind_port or not matrix_playbook_service_host_bind_interface_prefix else (matrix_playbook_service_host_bind_interface_prefix + matrix_dendrite_https_bind_port | string) }}"
|
||||||
|
|
||||||
|
matrix_dendrite_container_extra_arguments_auto: "{{ matrix_homeserver_container_extra_arguments_auto }}"
|
||||||
|
|
||||||
matrix_dendrite_client_api_registration_shared_secret: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'dendrite.rss', rounds=655555) | to_uuid }}"
|
matrix_dendrite_client_api_registration_shared_secret: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'dendrite.rss', rounds=655555) | to_uuid }}"
|
||||||
|
|
||||||
matrix_dendrite_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
|
matrix_dendrite_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
|
||||||
@ -4452,11 +4449,9 @@ matrix_dendrite_self_check_validate_certificates: "{{ false if matrix_playbook_s
|
|||||||
|
|
||||||
matrix_dendrite_trusted_id_servers: "{{ [matrix_server_fqn_matrix] if matrix_ma1sd_enabled else ['matrix.org', 'vector.im'] }}"
|
matrix_dendrite_trusted_id_servers: "{{ [matrix_server_fqn_matrix] if matrix_ma1sd_enabled else ['matrix.org', 'vector.im'] }}"
|
||||||
|
|
||||||
matrix_dendrite_systemd_required_services_list: |
|
matrix_dendrite_systemd_required_services_list_auto: |
|
||||||
{{
|
{{
|
||||||
(['docker.service'])
|
([devture_postgres_identifier ~ '.service'] if (devture_postgres_enabled and matrix_dendrite_database_hostname == devture_postgres_connection_hostname) else [])
|
||||||
+
|
|
||||||
([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled else [])
|
|
||||||
+
|
+
|
||||||
(['matrix-goofys.service'] if matrix_s3_media_store_enabled else [])
|
(['matrix-goofys.service'] if matrix_s3_media_store_enabled else [])
|
||||||
}}
|
}}
|
||||||
@ -4466,7 +4461,6 @@ matrix_dendrite_systemd_wanted_services_list: |
|
|||||||
(['matrix-coturn.service'] if matrix_coturn_enabled else [])
|
(['matrix-coturn.service'] if matrix_coturn_enabled else [])
|
||||||
}}
|
}}
|
||||||
|
|
||||||
matrix_dendrite_container_extra_arguments_auto: "{{ matrix_homeserver_container_extra_arguments_auto }}"
|
|
||||||
matrix_dendrite_app_service_config_files_auto: "{{ matrix_homeserver_app_service_config_files_auto }}"
|
matrix_dendrite_app_service_config_files_auto: "{{ matrix_homeserver_app_service_config_files_auto }}"
|
||||||
|
|
||||||
######################################################################
|
######################################################################
|
||||||
@ -4475,6 +4469,7 @@ matrix_dendrite_app_service_config_files_auto: "{{ matrix_homeserver_app_service
|
|||||||
#
|
#
|
||||||
######################################################################
|
######################################################################
|
||||||
|
|
||||||
|
|
||||||
######################################################################
|
######################################################################
|
||||||
#
|
#
|
||||||
# matrix-conduit
|
# matrix-conduit
|
||||||
@ -4483,10 +4478,7 @@ matrix_dendrite_app_service_config_files_auto: "{{ matrix_homeserver_app_service
|
|||||||
|
|
||||||
matrix_conduit_enabled: "{{ matrix_homeserver_implementation == 'conduit' }}"
|
matrix_conduit_enabled: "{{ matrix_homeserver_implementation == 'conduit' }}"
|
||||||
|
|
||||||
matrix_conduit_systemd_required_services_list: |
|
matrix_conduit_container_network: "{{ matrix_homeserver_container_network }}"
|
||||||
{{
|
|
||||||
(['docker.service'])
|
|
||||||
}}
|
|
||||||
|
|
||||||
######################################################################
|
######################################################################
|
||||||
#
|
#
|
||||||
|
@ -142,7 +142,7 @@ matrix_host_command_openssl: "/usr/bin/env openssl"
|
|||||||
matrix_homeserver_url: "https://{{ matrix_server_fqn_matrix }}"
|
matrix_homeserver_url: "https://{{ matrix_server_fqn_matrix }}"
|
||||||
|
|
||||||
# Specifies on which container network the homeserver is.
|
# Specifies on which container network the homeserver is.
|
||||||
matrix_homeserver_container_network: ""
|
matrix_homeserver_container_network: "matrix-homeserver"
|
||||||
|
|
||||||
# Specifies which systemd services are responsible for the homeserver
|
# Specifies which systemd services are responsible for the homeserver
|
||||||
matrix_homeserver_systemd_services_list: []
|
matrix_homeserver_systemd_services_list: []
|
||||||
|
@ -19,13 +19,16 @@ matrix_conduit_port_number: 6167
|
|||||||
matrix_conduit_tmp_directory_size_mb: 500
|
matrix_conduit_tmp_directory_size_mb: 500
|
||||||
|
|
||||||
# List of systemd services that matrix-conduit.service depends on
|
# List of systemd services that matrix-conduit.service depends on
|
||||||
matrix_conduit_systemd_required_services_list: ["docker.service"]
|
matrix_conduit_systemd_required_services_list: "{{ matrix_conduit_systemd_required_services_list_default + matrix_conduit_systemd_required_services_list_auto + matrix_conduit_systemd_required_services_list_custom }}"
|
||||||
|
matrix_conduit_systemd_required_services_list_default: ["docker.service"]
|
||||||
|
matrix_conduit_systemd_required_services_list_auto: []
|
||||||
|
matrix_conduit_systemd_required_services_list_custom: []
|
||||||
|
|
||||||
# List of systemd services that matrix-conduit.service wants
|
# List of systemd services that matrix-conduit.service wants
|
||||||
matrix_conduit_systemd_wanted_services_list: []
|
matrix_conduit_systemd_wanted_services_list: []
|
||||||
|
|
||||||
# The base container network. It will be auto-created by this role if it doesn't exist already.
|
# The base container network. It will be auto-created by this role if it doesn't exist already.
|
||||||
matrix_conduit_container_network: "{{ matrix_docker_network }}"
|
matrix_conduit_container_network: ""
|
||||||
|
|
||||||
# A list of additional container networks that the container would be connected to.
|
# A list of additional container networks that the container would be connected to.
|
||||||
# The role does not create these networks, so make sure they already exist.
|
# The role does not create these networks, so make sure they already exist.
|
||||||
|
@ -6,6 +6,9 @@
|
|||||||
- install-all
|
- install-all
|
||||||
- install-conduit
|
- install-conduit
|
||||||
block:
|
block:
|
||||||
|
- when: matrix_conduit_enabled | bool
|
||||||
|
ansible.builtin.include_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||||
|
|
||||||
- when: matrix_conduit_enabled | bool
|
- when: matrix_conduit_enabled | bool
|
||||||
ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_install.yml"
|
ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_install.yml"
|
||||||
|
|
||||||
|
9
roles/custom/matrix-conduit/tasks/validate_config.yml
Normal file
9
roles/custom/matrix-conduit/tasks/validate_config.yml
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
- name: Fail if required Conduit settings not defined
|
||||||
|
ansible.builtin.fail:
|
||||||
|
msg: >-
|
||||||
|
You need to define a required configuration setting (`{{ item.name }}`).
|
||||||
|
when: "item.when | bool and vars[item.name] == ''"
|
||||||
|
with_items:
|
||||||
|
- {'name': 'matrix_conduit_container_network', when: true}
|
@ -41,7 +41,7 @@ matrix_dendrite_http_bind_address: "{{ (':' + matrix_dendrite_http_bind_port | s
|
|||||||
matrix_dendrite_https_bind_address: "{{ (':' + matrix_dendrite_https_bind_port | string) if matrix_dendrite_https_bind_port else '' }}"
|
matrix_dendrite_https_bind_address: "{{ (':' + matrix_dendrite_https_bind_port | string) if matrix_dendrite_https_bind_port else '' }}"
|
||||||
|
|
||||||
# The base container network. It will be auto-created by this role if it doesn't exist already.
|
# The base container network. It will be auto-created by this role if it doesn't exist already.
|
||||||
matrix_dendrite_container_network: "{{ matrix_docker_network }}"
|
matrix_dendrite_container_network: ""
|
||||||
|
|
||||||
# A list of additional container networks that the container would be connected to.
|
# A list of additional container networks that the container would be connected to.
|
||||||
# The role does not create these networks, so make sure they already exist.
|
# The role does not create these networks, so make sure they already exist.
|
||||||
@ -80,7 +80,10 @@ matrix_dendrite_container_arguments: "{{ matrix_dendrite_container_extra_argumen
|
|||||||
matrix_dendrite_process_extra_arguments: []
|
matrix_dendrite_process_extra_arguments: []
|
||||||
|
|
||||||
# List of systemd services that matrix-dendrite.service depends on
|
# List of systemd services that matrix-dendrite.service depends on
|
||||||
matrix_dendrite_systemd_required_services_list: ["docker.service"]
|
matrix_dendrite_systemd_required_services_list: "{{ matrix_dendrite_systemd_required_services_list_default + matrix_dendrite_systemd_required_services_list_auto + matrix_dendrite_systemd_required_services_list_custom }}"
|
||||||
|
matrix_dendrite_systemd_required_services_list_default: ["docker.service"]
|
||||||
|
matrix_dendrite_systemd_required_services_list_auto: []
|
||||||
|
matrix_dendrite_systemd_required_services_list_custom: []
|
||||||
|
|
||||||
# List of systemd services that matrix-dendrite.service wants
|
# List of systemd services that matrix-dendrite.service wants
|
||||||
matrix_dendrite_systemd_wanted_services_list: []
|
matrix_dendrite_systemd_wanted_services_list: []
|
||||||
|
@ -115,7 +115,7 @@ matrix_synapse_container_federation_api_tls_port: 8448
|
|||||||
matrix_synapse_container_federation_api_plain_port: 8048
|
matrix_synapse_container_federation_api_plain_port: 8048
|
||||||
|
|
||||||
# The base container network. It will be auto-created by this role if it doesn't exist already.
|
# The base container network. It will be auto-created by this role if it doesn't exist already.
|
||||||
matrix_synapse_container_network: "{{ matrix_docker_network }}"
|
matrix_synapse_container_network: ''
|
||||||
|
|
||||||
# A list of additional container networks that the container would be connected to.
|
# A list of additional container networks that the container would be connected to.
|
||||||
# The role does not create these networks, so make sure they already exist.
|
# The role does not create these networks, so make sure they already exist.
|
||||||
|
Loading…
Reference in New Issue
Block a user