sync with previous repo

roles/matrix-synapse/tasks/ext/ldap-auth/setup.yml

@@ -0,0 +1,8 @@
+- set_fact:
+    matrix_synapse_password_providers_enabled: true
+
+    matrix_synapse_additional_loggers: >
+      {{ matrix_synapse_additional_loggers }}
+      +
+      {{ [{'name': 'ldap_auth_provider', 'level': 'INFO'}] }}
+  when: matrix_synapse_ext_password_provider_ldap_enabled|bool

roles/matrix-synapse/tasks/ext/mjolnir-antispam/setup.yml

@@ -0,0 +1,7 @@
+---
+
+- import_tasks: "{{ role_path }}/tasks/ext/mjolnir-antispam/setup_install.yml"
+  when: matrix_synapse_ext_spam_checker_mjolnir_antispam_enabled|bool
+
+- import_tasks: "{{ role_path }}/tasks/ext/mjolnir-antispam/setup_uninstall.yml"
+  when: "not matrix_synapse_ext_spam_checker_mjolnir_antispam_enabled|bool"

roles/matrix-synapse/tasks/ext/mjolnir-antispam/setup_install.yml

@@ -0,0 +1,52 @@
+---
+
+- name: Ensure git installed (RedHat)
+  yum:
+    name:
+      - git
+    state: present
+    update_cache: no
+  when: "ansible_os_family == 'RedHat'"
+
+- name: Ensure git installed (Debian)
+  apt:
+    name:
+      - git
+    state: present
+    update_cache: no
+  when: "ansible_os_family == 'Debian'"
+
+- name: Ensure git installed (Archlinux)
+  pacman:
+    name:
+      - git
+    state: present
+    update_cache: no
+  when: "ansible_distribution == 'Archlinux'"
+
+- name: Clone mjolnir-antispam git repository
+  git:
+    repo: "{{ matrix_synapse_ext_spam_checker_mjolnir_antispam_git_repository_url }}"
+    version: "{{ matrix_synapse_ext_spam_checker_mjolnir_antispam_git_version }}"
+    dest: "{{ matrix_synapse_ext_path }}/mjolnir"
+  become: true
+  become_user: "{{ matrix_user_username }}"
+
+- set_fact:
+    matrix_synapse_spam_checker: >
+      {{ matrix_synapse_spam_checker }}
+      +
+      [{
+        "module": "mjolnir.AntiSpam",
+        "config": {
+          "block_invites": {{ matrix_synapse_ext_spam_checker_mjolnir_antispam_config_block_invites }},
+          "block_messages": {{ matrix_synapse_ext_spam_checker_mjolnir_antispam_config_block_messages }},
+          "block_usernames": {{ matrix_synapse_ext_spam_checker_mjolnir_antispam_config_block_usernames }},
+          "ban_lists": {{ matrix_synapse_ext_spam_checker_mjolnir_antispam_config_ban_lists }}
+        }
+      }]
+
+    matrix_synapse_container_extra_arguments: >
+      {{ matrix_synapse_container_extra_arguments|default([]) }}
+      +
+      ["--mount type=bind,src={{ matrix_synapse_ext_path }}/mjolnir/synapse_antispam/mjolnir,dst={{ matrix_synapse_in_container_python_packages_path }}/mjolnir,ro"]

roles/matrix-synapse/tasks/ext/mjolnir-antispam/setup_uninstall.yml

@@ -0,0 +1,6 @@
+---
+
+- name: Ensure mjolnir-antispam doesn't exist
+  file:
+    path: "{{ matrix_synapse_ext_path }}/mjolnir"
+    state: absent

roles/matrix-synapse/tasks/ext/rest-auth/setup.yml

@@ -0,0 +1,7 @@
+---
+
+- import_tasks: "{{ role_path }}/tasks/ext/rest-auth/setup_install.yml"
+  when: matrix_synapse_ext_password_provider_rest_auth_enabled|bool
+
+- import_tasks: "{{ role_path }}/tasks/ext/rest-auth/setup_uninstall.yml"
+  when: "not matrix_synapse_ext_password_provider_rest_auth_enabled|bool"

roles/matrix-synapse/tasks/ext/rest-auth/setup_install.yml

@@ -0,0 +1,28 @@
+---
+
+- name: Fail if REST Auth endpoint not configured
+  fail:
+    msg: "You have enabled the REST Auth password provider, but have not configured its endpoint in the `matrix_synapse_ext_password_provider_rest_auth_endpoint` variable. Consult the documentation."
+  when: "matrix_synapse_ext_password_provider_rest_auth_endpoint == ''"
+
+- name: Download matrix-synapse-rest-auth
+  get_url:
+    url: "{{ matrix_synapse_ext_password_provider_rest_auth_download_url }}"
+    dest: "{{ matrix_synapse_ext_path }}/rest_auth_provider.py"
+    force: true
+    mode: 0440
+    owner: "{{ matrix_user_username }}"
+    group: "{{ matrix_user_groupname }}"
+
+- set_fact:
+    matrix_synapse_password_providers_enabled: true
+
+    matrix_synapse_container_extra_arguments: >
+      {{ matrix_synapse_container_extra_arguments|default([]) }}
+      +
+      ["--mount type=bind,src={{ matrix_synapse_ext_path }}/rest_auth_provider.py,dst={{ matrix_synapse_in_container_python_packages_path }}/rest_auth_provider.py,ro"]
+
+    matrix_synapse_additional_loggers: >
+      {{ matrix_synapse_additional_loggers }}
+      +
+      {{ [{'name': 'rest_auth_provider', 'level': 'INFO'}] }}

roles/matrix-synapse/tasks/ext/rest-auth/setup_uninstall.yml

@@ -0,0 +1,6 @@
+---
+
+- name: Ensure matrix-synapse-rest-auth doesn't exist
+  file:
+    path: "{{ matrix_synapse_ext_path }}/rest_auth_provider.py"
+    state: absent

roles/matrix-synapse/tasks/ext/setup.yml

@@ -0,0 +1,11 @@
+---
+
+- import_tasks: "{{ role_path }}/tasks/ext/rest-auth/setup.yml"
+
+- import_tasks: "{{ role_path }}/tasks/ext/shared-secret-auth/setup.yml"
+
+- import_tasks: "{{ role_path }}/tasks/ext/ldap-auth/setup.yml"
+
+- import_tasks: "{{ role_path }}/tasks/ext/synapse-simple-antispam/setup.yml"
+
+- import_tasks: "{{ role_path }}/tasks/ext/mjolnir-antispam/setup.yml"

roles/matrix-synapse/tasks/ext/shared-secret-auth/setup.yml

@@ -0,0 +1,7 @@
+---
+
+- import_tasks: "{{ role_path }}/tasks/ext/shared-secret-auth/setup_install.yml"
+  when: matrix_synapse_ext_password_provider_shared_secret_auth_enabled|bool
+
+- import_tasks: "{{ role_path }}/tasks/ext/shared-secret-auth/setup_uninstall.yml"
+  when: "not matrix_synapse_ext_password_provider_shared_secret_auth_enabled|bool"

roles/matrix-synapse/tasks/ext/shared-secret-auth/setup_install.yml

@@ -0,0 +1,28 @@
+---
+
+- name: Fail if Shared Secret Auth secret not set
+  fail:
+    msg: "Shared Secret Auth is enabled, but no secret has been set in matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret"
+  when: "matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret == ''"
+
+- name: Download matrix-synapse-shared-secret-auth
+  get_url:
+    url: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_download_url }}"
+    dest: "{{ matrix_synapse_ext_path }}/shared_secret_authenticator.py"
+    force: true
+    mode: 0440
+    owner: "{{ matrix_user_username }}"
+    group: "{{ matrix_user_groupname }}"
+
+- set_fact:
+    matrix_synapse_password_providers_enabled: true
+
+    matrix_synapse_container_extra_arguments: >
+      {{ matrix_synapse_container_extra_arguments|default([]) }}
+      +
+      ["--mount type=bind,src={{ matrix_synapse_ext_path }}/shared_secret_authenticator.py,dst={{ matrix_synapse_in_container_python_packages_path }}/shared_secret_authenticator.py,ro"]
+
+    matrix_synapse_additional_loggers: >
+      {{ matrix_synapse_additional_loggers }}
+      +
+      {{ [{'name': 'shared_secret_authenticator', 'level': 'INFO'}] }}

roles/matrix-synapse/tasks/ext/shared-secret-auth/setup_uninstall.yml

@@ -0,0 +1,6 @@
+---
+
+- name: Ensure matrix-synapse-shared-secret-auth doesn't exist
+  file:
+    path: "{{ matrix_synapse_ext_path }}/shared_secret_authenticator.py"
+    state: absent

roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup.yml

@@ -0,0 +1,7 @@
+---
+
+- import_tasks: "{{ role_path }}/tasks/ext/synapse-simple-antispam/setup_install.yml"
+  when: matrix_synapse_ext_spam_checker_synapse_simple_antispam_enabled|bool
+
+- import_tasks: "{{ role_path }}/tasks/ext/synapse-simple-antispam/setup_uninstall.yml"
+  when: "not matrix_synapse_ext_spam_checker_synapse_simple_antispam_enabled|bool"

roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml

@@ -0,0 +1,54 @@
+---
+
+- name: Fail if Synapse Simple Antispam blocked homeservers is not set
+  fail:
+    msg: "Synapse Simple Antispam is enabled, but no blocked homeservers have been set in matrix_synapse_ext_spam_checker_synapse_simple_antispam_config_blocked_homeservers"
+  when: "matrix_synapse_ext_spam_checker_synapse_simple_antispam_config_blocked_homeservers|length == 0"
+
+- name: Ensure git installed (RedHat)
+  yum:
+    name:
+      - git
+    state: present
+    update_cache: no
+  when: "ansible_os_family == 'RedHat'"
+
+- name: Ensure git installed (Debian)
+  apt:
+    name:
+      - git
+    state: present
+    update_cache: no
+  when: "ansible_os_family == 'Debian'"
+
+- name: Ensure git installed (Archlinux)
+  pacman:
+    name:
+      - git
+    state: present
+    update_cache: no
+  when: "ansible_distribution == 'Archlinux'"
+
+- name: Clone synapse-simple-antispam git repository
+  git:
+    repo: "{{ matrix_synapse_ext_spam_checker_synapse_simple_antispam_git_repository_url }}"
+    version: "{{ matrix_synapse_ext_spam_checker_synapse_simple_antispam_git_version }}"
+    dest: "{{ matrix_synapse_ext_path }}/synapse-simple-antispam"
+  become: true
+  become_user: "{{ matrix_user_username }}"
+
+- set_fact:
+    matrix_synapse_spam_checker: >
+      {{ matrix_synapse_spam_checker }}
+      +
+      [{
+        "module": "synapse_simple_antispam.AntiSpamInvites",
+        "config": {
+          "blocked_homeservers": {{ matrix_synapse_ext_spam_checker_synapse_simple_antispam_config_blocked_homeservers }}
+        }
+      }]
+
+    matrix_synapse_container_extra_arguments: >
+      {{ matrix_synapse_container_extra_arguments|default([]) }}
+      +
+      ["--mount type=bind,src={{ matrix_synapse_ext_path }}/synapse-simple-antispam/synapse_simple_antispam,dst={{ matrix_synapse_in_container_python_packages_path }}/synapse_simple_antispam,ro"]

roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_uninstall.yml

@@ -0,0 +1,6 @@
+---
+
+- name: Ensure synapse-simple-antispam doesn't exist
+  file:
+    path: "{{ matrix_synapse_ext_path }}/synapse-simple-antispam"
+    state: absent