Merge branch 'master' into make-etherpad-great-again

roles/custom/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml

@@ -24,8 +24,8 @@
         force_source: "{{ matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_apache_container_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
         force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_apache_container_force_pull }}"
       register: result
-      retries: "{{ matrix_container_retries_count }}"
-      delay: "{{ matrix_container_retries_delay }}"
+      retries: "{{ devture_playbook_help_container_retries_count }}"
+      delay: "{{ devture_playbook_help_container_retries_delay }}"
       until: result is not failed
 
     # We store the password in a file and make the `htpasswd` tool read it from there,
@@ -41,7 +41,7 @@
     - name: Generate matrix-metrics-htpasswd from username/password (protecting /metrics/* URIs)
       ansible.builtin.command:
         cmd: >-
-          {{ matrix_host_command_docker }} run
+          {{ devture_systemd_docker_base_host_command_docker }} run
           --rm
           --user={{ matrix_user_uid }}:{{ matrix_user_gid }}
           --cap-drop=ALL

roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml

@@ -207,14 +207,14 @@
     force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_nginx_proxy_docker_image_force_pull }}"
   when: matrix_nginx_proxy_enabled | bool
   register: result
-  retries: "{{ matrix_container_retries_count }}"
-  delay: "{{ matrix_container_retries_delay }}"
+  retries: "{{ devture_playbook_help_container_retries_count }}"
+  delay: "{{ devture_playbook_help_container_retries_delay }}"
   until: result is not failed
 
 - name: Ensure matrix-nginx-proxy.service installed
   ansible.builtin.template:
     src: "{{ role_path }}/templates/systemd/matrix-nginx-proxy.service.j2"
-    dest: "{{ matrix_systemd_path }}/matrix-nginx-proxy.service"
+    dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-nginx-proxy.service"
     mode: 0644
   register: matrix_nginx_proxy_systemd_service_result
   when: matrix_nginx_proxy_enabled | bool
@@ -231,7 +231,7 @@
 
 - name: Check existence of matrix-nginx-proxy service
   ansible.builtin.stat:
-    path: "{{ matrix_systemd_path }}/matrix-nginx-proxy.service"
+    path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-nginx-proxy.service"
   register: matrix_nginx_proxy_service_stat
   when: "not matrix_nginx_proxy_enabled | bool"
 
@@ -246,7 +246,7 @@
 
 - name: Ensure matrix-nginx-proxy.service doesn't exist
   ansible.builtin.file:
-    path: "{{ matrix_systemd_path }}/matrix-nginx-proxy.service"
+    path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-nginx-proxy.service"
     state: absent
   when: "not matrix_nginx_proxy_enabled | bool and matrix_nginx_proxy_service_stat.stat.exists"
 

roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml

@@ -43,7 +43,7 @@
     - name: Ensure SSL renewal systemd units installed
       ansible.builtin.template:
         src: "{{ role_path }}/templates/systemd/{{ item.name }}.j2"
-        dest: "{{ matrix_systemd_path }}/{{ item.name }}"
+        dest: "{{ devture_systemd_docker_base_systemd_path }}/{{ item.name }}"
         mode: 0644
       when: "item.applicable | bool"
       with_items: "{{ matrix_ssl_renewal_systemd_units_list }}"
@@ -56,7 +56,7 @@
   block:
     - name: Ensure matrix-ssl-lets-encrypt-renew cronjob removed
       ansible.builtin.file:
-        path: "{{ matrix_systemd_path }}/{{ item.name }}"
+        path: "{{ devture_systemd_docker_base_systemd_path }}/{{ item.name }}"
         state: absent
       when: "not item.applicable | bool"
       with_items: "{{ matrix_ssl_renewal_systemd_units_list }}"

roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml

@@ -30,7 +30,7 @@
 # We suppress the error, as we'll try another method below.
 - name: Attempt initial SSL certificate retrieval with standalone authenticator (directly)
   ansible.builtin.shell: >-
-    {{ matrix_host_command_docker }} run
+    {{ devture_systemd_docker_base_host_command_docker }} run
     --rm
     --name=matrix-certbot
     --user={{ matrix_user_uid }}:{{ matrix_user_gid }}
@@ -59,7 +59,7 @@
 # and it's running now, it may be able to proxy requests to `matrix_ssl_lets_encrypt_certbot_standalone_http_port`.
 - name: Attempt initial SSL certificate retrieval with standalone authenticator (via proxy)
   ansible.builtin.shell: >-
-    {{ matrix_host_command_docker }} run
+    {{ devture_systemd_docker_base_host_command_docker }} run
     --rm
     --name=matrix-certbot
     --user={{ matrix_user_uid }}:{{ matrix_user_gid }}

roles/custom/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2

@@ -12,11 +12,11 @@ DefaultDependencies=no
 
 [Service]
 Type=simple
-Environment="HOME={{ matrix_systemd_unit_home_path }}"
-ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-nginx-proxy 2>/dev/null || true'
-ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-nginx-proxy 2>/dev/null || true'
+Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}"
+ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-nginx-proxy 2>/dev/null || true'
+ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-nginx-proxy 2>/dev/null || true'
 
-ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-nginx-proxy \
+ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-nginx-proxy \
 			--log-driver=none \
 			--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
 			--cap-drop=ALL \
@@ -51,12 +51,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-nginx-proxy \
 			{{ matrix_nginx_proxy_docker_image }}
 
 {% for network in matrix_nginx_proxy_container_additional_networks %}
-ExecStartPost={{ matrix_host_command_sh }} -c 'attempt=0; while [ $attempt -le 29 ]; do attempt=$(( $attempt + 1 )); if [ "`docker inspect -f {{ '{{.State.Running}}' }} matrix-nginx-proxy 2> /dev/null`" = "true" ]; then break; fi; sleep 1; done; {{ matrix_host_command_docker }} network connect {{ network }} matrix-nginx-proxy'
+ExecStartPost={{ devture_systemd_docker_base_host_command_sh }} -c 'attempt=0; while [ $attempt -le 29 ]; do attempt=$(( $attempt + 1 )); if [ "`docker inspect -f {{ '{{.State.Running}}' }} matrix-nginx-proxy 2> /dev/null`" = "true" ]; then break; fi; sleep 1; done; {{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-nginx-proxy'
 {% endfor %}
 
-ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-nginx-proxy 2>/dev/null || true'
-ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-nginx-proxy 2>/dev/null || true'
-ExecReload={{ matrix_host_command_docker }} exec matrix-nginx-proxy /usr/sbin/nginx -s reload
+ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-nginx-proxy 2>/dev/null || true'
+ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-nginx-proxy 2>/dev/null || true'
+ExecReload={{ devture_systemd_docker_base_host_command_docker }} exec matrix-nginx-proxy /usr/sbin/nginx -s reload
 Restart=always
 RestartSec=30
 SyslogIdentifier=matrix-nginx-proxy

roles/custom/matrix-nginx-proxy/templates/systemd/matrix-ssl-lets-encrypt-certificates-renew.service.j2

@@ -3,5 +3,5 @@ Description=Renews Let's Encrypt SSL certificates
 
 [Service]
 Type=oneshot
-Environment="HOME={{ matrix_systemd_unit_home_path }}"
+Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}"
 ExecStart={{ matrix_local_bin_path }}/matrix-ssl-lets-encrypt-certificates-renew

roles/custom/matrix-nginx-proxy/templates/systemd/matrix-ssl-nginx-proxy-reload.service.j2

@@ -3,4 +3,4 @@ Description=Reloads matrix-nginx-proxy so that new SSL certificates can kick in
 
 [Service]
 Type=oneshot
-ExecStart={{ matrix_host_command_systemctl }} reload matrix-nginx-proxy.service
+ExecStart={{ devture_systemd_docker_base_host_command_systemctl }} reload matrix-nginx-proxy.service