sync with previous repo

roles/matrix-client-element/templates/config.json.j2

@@ -0,0 +1,45 @@
+{
+	"default_server_config": {
+		"m.homeserver": {
+			"base_url": {{ matrix_client_element_default_hs_url|string|to_json }},
+			"server_name": {{ matrix_client_element_default_server_name|string|to_json }}
+		},
+		"m.identity_server": {
+			"base_url": {{ matrix_client_element_default_is_url|string|to_json }}
+		}
+	},
+	"settingDefaults": {
+		"custom_themes": {{ matrix_client_element_settingDefaults_custom_themes|to_json }}
+	},
+	"default_theme": {{ matrix_client_element_default_theme|string|to_json }},
+	"permalinkPrefix": {{ matrix_client_element_permalinkPrefix|string|to_json }},
+	"disable_custom_urls": {{ matrix_client_element_disable_custom_urls|to_json }},
+	"disable_guests": {{ matrix_client_element_disable_guests|to_json }},
+	"brand": {{ matrix_client_element_brand|to_json }},
+	"integrations_ui_url": {{ matrix_client_element_integrations_ui_url|string|to_json }},
+	"integrations_rest_url": {{ matrix_client_element_integrations_rest_url|string|to_json }},
+	"integrations_widgets_urls": {{ matrix_client_element_integrations_widgets_urls|to_json }},
+	"integrations_jitsi_widget_url": {{ matrix_client_element_integrations_jitsi_widget_url|string|to_json }},
+	"bug_report_endpoint_url": {{ matrix_client_element_bug_report_endpoint_url|to_json }},
+	"showLabsSettings": {{ matrix_client_element_showLabsSettings|to_json }},
+	"roomDirectory": {
+		"servers": {{ matrix_client_element_roomdir_servers|to_json }}
+	},
+	"welcomeUserId": {{ matrix_client_element_welcome_user_id|to_json }},
+	{% if matrix_client_element_enable_presence_by_hs_url is not none %}
+		"enable_presence_by_hs_url": {{ matrix_client_element_enable_presence_by_hs_url|to_json }},
+	{% endif %}
+	"embeddedPages": {
+		"homeUrl": {{ matrix_client_element_embedded_pages_home_url|string|to_json }}
+	},
+	{% if matrix_client_element_jitsi_preferredDomain %}
+	"jitsi": {
+        "preferredDomain": {{ matrix_client_element_jitsi_preferredDomain|to_json }}
+    },
+	{% endif %}
+	"branding": {
+		"authFooterLinks": {{ matrix_client_element_branding_authFooterLinks|to_json }},
+		"authHeaderLogoUrl": {{ matrix_client_element_branding_authHeaderLogoUrl|to_json }},
+		"welcomeBackgroundUrl": {{ matrix_client_element_branding_welcomeBackgroundUrl|to_json }}
+	}
+}

roles/matrix-client-element/templates/nginx.conf.j2

@@ -0,0 +1,66 @@
+#jinja2: lstrip_blocks: "True"
+# This is a custom nginx configuration file that we use in the container (instead of the default one),
+# because it allows us to run nginx with a non-root user.
+#
+# For this to work, the default vhost file (`/etc/nginx/conf.d/default.conf`) also needs to be removed.
+# (mounting `/dev/null` over `/etc/nginx/conf.d/default.conf` works well)
+#
+# The following changes have been done compared to a default nginx configuration file:
+# - default server port is changed (80 -> 8080), so that a non-root user can bind it
+# - various temp paths are changed to `/tmp`, so that a non-root user can write to them
+# - the `user` directive was removed, as we don't want nginx to switch users
+
+worker_processes 1;
+
+error_log /var/log/nginx/error.log warn;
+pid /tmp/nginx.pid;
+
+
+events {
+	worker_connections 1024;
+}
+
+
+http {
+	proxy_temp_path /tmp/proxy_temp;
+	client_body_temp_path /tmp/client_temp;
+	fastcgi_temp_path /tmp/fastcgi_temp;
+	uwsgi_temp_path /tmp/uwsgi_temp;
+	scgi_temp_path /tmp/scgi_temp;
+
+	include /etc/nginx/mime.types;
+	default_type application/octet-stream;
+
+	log_format main '$remote_addr - $remote_user [$time_local] "$request" '
+					'$status $body_bytes_sent "$http_referer" '
+					'"$http_user_agent" "$http_x_forwarded_for"';
+
+	access_log /var/log/nginx/access.log main;
+
+	sendfile on;
+	#tcp_nopush on;
+
+	keepalive_timeout 65;
+
+	#gzip on;
+
+	server {
+		listen 8080;
+		server_name localhost;
+
+		root /usr/share/nginx/html;
+
+		location / {
+			index index.html index.htm;
+		}
+
+		location ~* ^/(config(.+)?\.json$|(.+)\.html$|i18n) {
+			expires -1;
+		}
+
+		error_page 500 502 503 504 /50x.html;
+		location = /50x.html {
+			root /usr/share/nginx/html;
+		}
+	}
+}

roles/matrix-client-element/templates/systemd/matrix-client-element.service.j2

@@ -0,0 +1,45 @@
+#jinja2: lstrip_blocks: "True"
+[Unit]
+Description=Matrix Element server
+{% for service in matrix_client_element_systemd_required_services_list %}
+Requires={{ service }}
+After={{ service }}
+{% endfor %}
+DefaultDependencies=no
+
+[Service]
+Type=simple
+Environment="HOME={{ matrix_systemd_unit_home_path }}"
+ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-client-element 2>/dev/null'
+ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-client-element 2>/dev/null'
+
+ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-client-element \
+			--log-driver=none \
+			--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
+			--cap-drop=ALL \
+			--read-only \
+			--network={{ matrix_docker_network }} \
+			{% if matrix_client_element_container_http_host_bind_port %}
+			-p {{ matrix_client_element_container_http_host_bind_port }}:8080 \
+			{% endif %}
+			--tmpfs=/tmp:rw,noexec,nosuid,size=10m \
+			--mount type=bind,src={{ matrix_client_element_data_path }}/nginx.conf,dst=/etc/nginx/nginx.conf,ro \
+			--mount type=bind,src={{ matrix_client_element_data_path }}/config.json,dst=/app/config.json,ro \
+			--mount type=bind,src={{ matrix_client_element_data_path }}/config.json,dst=/app/config.{{ matrix_server_fqn_element }}.json,ro \
+			{% if matrix_client_element_embedded_pages_home_path is not none %}
+			--mount type=bind,src={{ matrix_client_element_data_path }}/home.html,dst=/app/home.html,ro \
+			{% endif %}
+			--mount type=bind,src={{ matrix_client_element_data_path }}/welcome.html,dst=/app/welcome.html,ro \
+			{% for arg in matrix_client_element_container_extra_arguments %}
+			{{ arg }} \
+			{% endfor %}
+			{{ matrix_client_element_docker_image }}
+
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-client-element 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-client-element 2>/dev/null'
+Restart=always
+RestartSec=30
+SyslogIdentifier=matrix-client-element
+
+[Install]
+WantedBy=multi-user.target

roles/matrix-client-element/templates/welcome.html.j2

@@ -0,0 +1,205 @@
+#jinja2: lstrip_blocks: "True"
+<style type="text/css">
+
+/* we deliberately inline style here to avoid flash-of-CSS problems, and to avoid
+ * voodoo where we have to set display: none by default
+ */
+
+h1::after {
+    content: "!";
+}
+
+.mx_Parent {
+    display: -webkit-box;
+    display: -webkit-flex;
+    display: -ms-flexbox;
+    display: flex;
+    -webkit-box-orient: vertical;
+    -webkit-box-direction: normal;
+    -webkit-flex-direction: column;
+    -ms-flex-direction: column;
+    flex-direction: column;
+    -webkit-box-pack: center;
+    -webkit-justify-content: center;
+    -ms-flex-pack: center;
+    justify-content: center;
+    -webkit-box-align: center;
+    -webkit-align-items: center;
+    -ms-flex-align: center;
+    align-items: center;
+    text-align: center;
+    padding: 25px 35px;
+    color: #2e2f32;
+}
+
+.mx_Logo {
+    height: 54px;
+    margin-top: 2px;
+}
+
+.mx_ButtonGroup {
+    margin-top: 10px;
+}
+
+.mx_ButtonRow {
+    display: -webkit-box;
+    display: -webkit-flex;
+    display: -ms-flexbox;
+    display: flex;
+    -webkit-justify-content: space-around;
+    -ms-flex-pack: distribute;
+    justify-content: space-around;
+    -webkit-box-align: center;
+    -webkit-align-items: center;
+    -ms-flex-align: center;
+    align-items: center;
+    justify-content: space-between;
+    box-sizing: border-box;
+    margin: 12px 0 0;
+}
+
+.mx_ButtonRow > * {
+    margin: 0 10px;
+}
+
+.mx_ButtonRow > *:first-child {
+    margin-left: 0;
+}
+
+.mx_ButtonRow > *:last-child {
+    margin-right: 0;
+}
+
+.mx_ButtonParent {
+    display: -webkit-box;
+    display: -webkit-flex;
+    display: -ms-flexbox;
+    display: flex;
+    padding: 10px 20px;
+    -webkit-box-orient: horizontal;
+    -webkit-box-direction: normal;
+    -webkit-flex-direction: row;
+    -ms-flex-direction: row;
+    flex-direction: row;
+    -webkit-box-pack: center;
+    -webkit-justify-content: center;
+    -ms-flex-pack: center;
+    justify-content: center;
+    -webkit-box-align: center;
+    -webkit-align-items: center;
+    -ms-flex-align: center;
+    align-items: center;
+    border-radius: 4px;
+    width: 150px;
+    background-repeat: no-repeat;
+    background-position: 10px center;
+    text-decoration: none;
+    color: #2e2f32 !important;
+}
+
+.mx_ButtonLabel {
+    margin-left: 20px;
+}
+
+.mx_Header_title {
+    font-size: 24px;
+    font-weight: 600;
+    margin: 20px 0 0;
+}
+
+.mx_Header_subtitle {
+    font-size: 12px;
+    font-weight: normal;
+    margin: 8px 0 0;
+}
+
+.mx_ButtonSignIn {
+    background-color: #368BD6;
+    color: white !important;
+}
+
+.mx_ButtonCreateAccount {
+    background-color: #0DBD8B;
+    color: white !important;
+}
+
+.mx_SecondaryButton {
+    background-color: #FFFFFF;
+    color: #2E2F32;
+}
+
+.mx_Button_iconSignIn {
+    background-image: url('welcome/images/icon-sign-in.svg');
+}
+.mx_Button_iconCreateAccount {
+    background-image: url('welcome/images/icon-create-account.svg');
+}
+.mx_Button_iconHelp {
+    background-image: url('welcome/images/icon-help.svg');
+}
+.mx_Button_iconRoomDirectory {
+    background-image: url('welcome/images/icon-room-directory.svg');
+}
+
+/*
+.mx_WelcomePage_loggedIn is applied by EmbeddedPage from the Welcome component
+If it is set on the page, we should show the buttons. Otherwise, we have to assume
+we don't have an account and should hide them. No account == no guest account either.
+ */
+.mx_WelcomePage:not(.mx_WelcomePage_loggedIn) .mx_WelcomePage_guestFunctions {
+    display: none;
+}
+
+.mx_ButtonRow.mx_WelcomePage_guestFunctions {
+    margin-top: 20px;
+}
+.mx_ButtonRow.mx_WelcomePage_guestFunctions > div {
+    margin: 0 auto;
+}
+
+@media only screen and (max-width: 480px) {
+    .mx_ButtonRow {
+        flex-direction: column;
+    }
+
+    .mx_ButtonRow > * {
+        margin: 0 0 10px 0;
+    }
+}
+
+</style>
+
+<div class="mx_Parent">
+    <a href="{{ matrix_client_element_welcome_logo_link }}" target="_blank" rel="noopener">
+        <img src="{{ matrix_client_element_welcome_logo }}" alt="" class="mx_Logo"/>
+    </a>
+    <h1 class="mx_Header_title">{{ matrix_client_element_welcome_headline }}</h1>
+    <h4 class="mx_Header_subtitle">{{ matrix_client_element_welcome_text }}</h4>
+    <div class="mx_ButtonGroup">
+        <div class="mx_ButtonRow">
+            <a href="#/login" class="mx_ButtonParent mx_ButtonSignIn mx_Button_iconSignIn">
+                <div class="mx_ButtonLabel">_t("Sign In")</div>
+            </a>
+{% if matrix_client_element_registration_enabled %}
+            <a href="#/register" class="mx_ButtonParent mx_ButtonCreateAccount mx_Button_iconCreateAccount">
+                <div class="mx_ButtonLabel">_t("Create Account")</div>
+            </a>
+{% endif %}
+        </div>
+{% if matrix_client_element_disable_guests != true %}
+        <!-- The comments below are meant to be used by Ansible as a quick way
+             to strip out the marked content when desired.
+             See https://github.com/vector-im/riot-web/issues/8622.
+             TODO: Convert to config option if possible. -->
+        <!-- BEGIN Ansible: Remove these lines when guest access is disabled -->
+        <div class="mx_ButtonRow mx_WelcomePage_guestFunctions">
+            <div>
+                <a href="#/directory" class="mx_ButtonParent mx_SecondaryButton mx_Button_iconRoomDirectory">
+                    <div class="mx_ButtonLabel">_t("Explore rooms")</div>
+                </a>
+            </div>
+        </div>
+        <!-- END Ansible: Remove these lines when guest access is disabled -->
+{% endif %}
+    </div>
+</div>