GoMatrixHosting v0.4.4 update
This commit is contained in:
parent
689dcea773
commit
a14bf6c2ed
42
roles/matrix-awx/surveys/access_export.json.j2
Normal file
42
roles/matrix-awx/surveys/access_export.json.j2
Normal file
@ -0,0 +1,42 @@
|
|||||||
|
{
|
||||||
|
"name": "Access Export",
|
||||||
|
"description": "Access the services export.",
|
||||||
|
"spec": [
|
||||||
|
{
|
||||||
|
"question_name": "SFTP Authorisation Method",
|
||||||
|
"question_description": "Set whether you want to disable SFTP, use a password to connect to SFTP or connect with a more secure SSH key.",
|
||||||
|
"required": true,
|
||||||
|
"min": null,
|
||||||
|
"max": null,
|
||||||
|
"default": "{{ sftp_auth_method | string }}",
|
||||||
|
"choices": "Disabled\nPassword\nSSH Key",
|
||||||
|
"new_question": true,
|
||||||
|
"variable": "sftp_auth_method",
|
||||||
|
"type": "multiplechoice"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"question_name": "SFTP Password",
|
||||||
|
"question_description": "Sets the password of the 'sftp' account, which allows you to upload a multi-file static website by SFTP, as well as export the latest copy of your Matrix service. Must be defined if 'Password' method is selected. WARNING: You must set a strong and unique password here.",
|
||||||
|
"required": false,
|
||||||
|
"min": 0,
|
||||||
|
"max": 64,
|
||||||
|
"default": "{{ sftp_password }}",
|
||||||
|
"choices": "",
|
||||||
|
"new_question": true,
|
||||||
|
"variable": "sftp_password",
|
||||||
|
"type": "password"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"question_name": "SFTP Public SSH Key (More Secure)",
|
||||||
|
"question_description": "Sets the public SSH key used to access the 'sftp' account, which allows you to upload a multi-file static website by SFTP, as well as export the latest copy of your Matrix service. Must be defined if 'SSH Key' method is selected.",
|
||||||
|
"required": false,
|
||||||
|
"min": 0,
|
||||||
|
"max": 16384,
|
||||||
|
"default": "{{ sftp_public_key }}",
|
||||||
|
"choices": "",
|
||||||
|
"new_question": true,
|
||||||
|
"variable": "sftp_public_key",
|
||||||
|
"type": "text"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "Backup Server",
|
"name": "Backup Server",
|
||||||
"description": "",
|
"description": "Performs a backup of the entire service to a remote location.",
|
||||||
"spec": [
|
"spec": [
|
||||||
{
|
{
|
||||||
"question_name": "Enable Backup",
|
"question_name": "Enable Backup",
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "Configure Matrix Corporal",
|
"name": "Configure Matrix Corporal",
|
||||||
"description": "",
|
"description": "Configure Matrix Corporal, a tool that manages your Matrix server according to a configuration policy.",
|
||||||
"spec": [
|
"spec": [
|
||||||
{
|
{
|
||||||
"question_name": "Enable Corporal",
|
"question_name": "Enable Corporal",
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "Configure Dimension",
|
"name": "Configure Dimension",
|
||||||
"description": "",
|
"description": "Configure Dimension, the self-hosted integrations server.",
|
||||||
"spec": [
|
"spec": [
|
||||||
{
|
{
|
||||||
"question_name": "Enable Dimension",
|
"question_name": "Enable Dimension",
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "",
|
"name": "Configure Element",
|
||||||
"description": "",
|
"description": "Configure Element web client, Element is the most developed Matrix client software.",
|
||||||
"spec": [
|
"spec": [
|
||||||
{
|
{
|
||||||
"question_name": "Enable Element-Web",
|
"question_name": "Enable Element-Web",
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "",
|
"name": "Configure Jitsi",
|
||||||
"description": "",
|
"description": "Configure Jitsi conferencing settings.",
|
||||||
"spec": [
|
"spec": [
|
||||||
{
|
{
|
||||||
"question_name": "Enable Jitsi",
|
"question_name": "Enable Jitsi",
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "",
|
"name": "Configure ma1sd",
|
||||||
"description": "",
|
"description": "Configure ma1sd settings, ma1sd is a self-hosted identity server for Matrix.",
|
||||||
"spec": [
|
"spec": [
|
||||||
{
|
{
|
||||||
"question_name": "Enable ma1sd",
|
"question_name": "Enable ma1sd",
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "Configure Synapse",
|
"name": "Configure Synapse",
|
||||||
"description": "",
|
"description": "Configure Synapse settings. Synapse is the homeserver software that powers your Matrix instance.",
|
||||||
"spec": [
|
"spec": [
|
||||||
{
|
{
|
||||||
"question_name": "Enable Public Registration",
|
"question_name": "Enable Public Registration",
|
||||||
|
@ -8,7 +8,7 @@
|
|||||||
insertafter: '# Base Domain Settings Start'
|
insertafter: '# Base Domain Settings Start'
|
||||||
with_dict:
|
with_dict:
|
||||||
'matrix_nginx_proxy_base_domain_homepage_enabled': 'true'
|
'matrix_nginx_proxy_base_domain_homepage_enabled': 'true'
|
||||||
when: customise_base_domain_website|bool == false
|
when: (customise_base_domain_website is defined) and not customise_base_domain_website|bool
|
||||||
|
|
||||||
- name: Disable index.html creation to allow multi-file site if user does wish to customise base domain
|
- name: Disable index.html creation to allow multi-file site if user does wish to customise base domain
|
||||||
delegate_to: 127.0.0.1
|
delegate_to: 127.0.0.1
|
||||||
@ -19,7 +19,19 @@
|
|||||||
insertafter: '# Base Domain Settings Start'
|
insertafter: '# Base Domain Settings Start'
|
||||||
with_dict:
|
with_dict:
|
||||||
'matrix_nginx_proxy_base_domain_homepage_enabled': 'false'
|
'matrix_nginx_proxy_base_domain_homepage_enabled': 'false'
|
||||||
when: customise_base_domain_website|bool == true
|
when: (customise_base_domain_website is defined) and customise_base_domain_website|bool
|
||||||
|
|
||||||
|
- name: Record custom 'Customise Website + Access Export' variables locally on AWX
|
||||||
|
delegate_to: 127.0.0.1
|
||||||
|
lineinfile:
|
||||||
|
path: '{{ awx_cached_matrix_vars }}'
|
||||||
|
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
||||||
|
line: "{{ item.key }}: {{ item.value }}"
|
||||||
|
insertafter: '# Custom Settings Start'
|
||||||
|
with_dict:
|
||||||
|
'sftp_auth_method': '"{{ sftp_auth_method }}"'
|
||||||
|
'sftp_password': '"{{ sftp_password }}"'
|
||||||
|
'sftp_public_key': '"{{ sftp_public_key }}"'
|
||||||
|
|
||||||
- name: Record custom 'Customise Website + Access Export' variables locally on AWX
|
- name: Record custom 'Customise Website + Access Export' variables locally on AWX
|
||||||
delegate_to: 127.0.0.1
|
delegate_to: 127.0.0.1
|
||||||
@ -30,28 +42,40 @@
|
|||||||
insertafter: '# Custom Settings Start'
|
insertafter: '# Custom Settings Start'
|
||||||
with_dict:
|
with_dict:
|
||||||
'customise_base_domain_website': '{{ customise_base_domain_website }}'
|
'customise_base_domain_website': '{{ customise_base_domain_website }}'
|
||||||
'sftp_auth_method': '"{{ sftp_auth_method }}"'
|
when: customise_base_domain_website is defined
|
||||||
'sftp_password': '"{{ sftp_password }}"'
|
|
||||||
'sftp_public_key': '"{{ sftp_public_key }}"'
|
|
||||||
|
|
||||||
- name: Reload vars in matrix_vars.yml
|
- name: Reload vars in matrix_vars.yml
|
||||||
include_vars:
|
include_vars:
|
||||||
file: '{{ awx_cached_matrix_vars }}'
|
file: '{{ awx_cached_matrix_vars }}'
|
||||||
no_log: True
|
no_log: True
|
||||||
|
|
||||||
# ^ Is this even needed?
|
|
||||||
|
|
||||||
- name: Save new 'Customise Website + Access Export' survey.json to the AWX tower, template
|
- name: Save new 'Customise Website + Access Export' survey.json to the AWX tower, template
|
||||||
delegate_to: 127.0.0.1
|
delegate_to: 127.0.0.1
|
||||||
template:
|
template:
|
||||||
src: './roles/matrix-awx/surveys/configure_website_access_export.json.j2'
|
src: './roles/matrix-awx/surveys/configure_website_access_export.json.j2'
|
||||||
dest: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_website_access_export.json'
|
dest: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_website_access_export.json'
|
||||||
|
when: customise_base_domain_website is defined
|
||||||
|
|
||||||
- name: Copy new 'Customise Website + Access Export' survey.json to target machine
|
- name: Copy new 'Customise Website + Access Export' survey.json to target machine
|
||||||
copy:
|
copy:
|
||||||
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_website_access_export.json'
|
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_website_access_export.json'
|
||||||
dest: '/matrix/awx/configure_website_access_export.json'
|
dest: '/matrix/awx/configure_website_access_export.json'
|
||||||
mode: '0660'
|
mode: '0660'
|
||||||
|
when: customise_base_domain_website is defined
|
||||||
|
|
||||||
|
- name: Save new 'Customise Website + Access Export' survey.json to the AWX tower, template
|
||||||
|
delegate_to: 127.0.0.1
|
||||||
|
template:
|
||||||
|
src: './roles/matrix-awx/surveys/access_export.json.j2'
|
||||||
|
dest: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/access_export.json'
|
||||||
|
when: customise_base_domain_website is undefined
|
||||||
|
|
||||||
|
- name: Copy new 'Customise Website + Access Export' survey.json to target machine
|
||||||
|
copy:
|
||||||
|
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/access_export.json'
|
||||||
|
dest: '/matrix/awx/access_export.json'
|
||||||
|
mode: '0660'
|
||||||
|
when: customise_base_domain_website is undefined
|
||||||
|
|
||||||
- name: Collect AWX admin token the hard way!
|
- name: Collect AWX admin token the hard way!
|
||||||
delegate_to: 127.0.0.1
|
delegate_to: 127.0.0.1
|
||||||
@ -60,7 +84,7 @@
|
|||||||
register: tower_token
|
register: tower_token
|
||||||
no_log: True
|
no_log: True
|
||||||
|
|
||||||
- name: Recreate 'Customise Base Domain Export' job template
|
- name: Recreate 'Configure Website + Access Export' job template
|
||||||
delegate_to: 127.0.0.1
|
delegate_to: 127.0.0.1
|
||||||
awx.awx.tower_job_template:
|
awx.awx.tower_job_template:
|
||||||
name: "{{ matrix_domain }} - 1 - Configure Website + Access Export"
|
name: "{{ matrix_domain }} - 1 - Configure Website + Access Export"
|
||||||
@ -80,6 +104,29 @@
|
|||||||
tower_host: "https://{{ tower_host }}"
|
tower_host: "https://{{ tower_host }}"
|
||||||
tower_oauthtoken: "{{ tower_token.stdout }}"
|
tower_oauthtoken: "{{ tower_token.stdout }}"
|
||||||
validate_certs: yes
|
validate_certs: yes
|
||||||
|
when: customise_base_domain_website is defined
|
||||||
|
|
||||||
|
- name: Recreate 'Access Export' job template
|
||||||
|
delegate_to: 127.0.0.1
|
||||||
|
awx.awx.tower_job_template:
|
||||||
|
name: "{{ matrix_domain }} - 1 - Access Export"
|
||||||
|
description: "Access the services export."
|
||||||
|
extra_vars: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/extra_vars.json') }}"
|
||||||
|
job_type: run
|
||||||
|
job_tags: "start,setup-nginx-proxy"
|
||||||
|
inventory: "{{ member_id }}"
|
||||||
|
project: "{{ member_id }} - Matrix Docker Ansible Deploy"
|
||||||
|
playbook: setup.yml
|
||||||
|
credential: "{{ member_id }} - AWX SSH Key"
|
||||||
|
survey_enabled: true
|
||||||
|
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/access_export.json') }}"
|
||||||
|
become_enabled: yes
|
||||||
|
state: present
|
||||||
|
verbosity: 1
|
||||||
|
tower_host: "https://{{ tower_host }}"
|
||||||
|
tower_oauthtoken: "{{ tower_token.stdout }}"
|
||||||
|
validate_certs: yes
|
||||||
|
when: customise_base_domain_website is undefined
|
||||||
|
|
||||||
- name: Ensure group "sftp" exists
|
- name: Ensure group "sftp" exists
|
||||||
group:
|
group:
|
||||||
@ -113,6 +160,7 @@
|
|||||||
name: sftp
|
name: sftp
|
||||||
groups: matrix
|
groups: matrix
|
||||||
append: yes
|
append: yes
|
||||||
|
when: customise_base_domain_website is defined
|
||||||
|
|
||||||
- name: Create the ro /chroot directory with sticky bit if it doesn't exist. (/chroot/website has matrix:matrix permissions and is mounted to nginx container)
|
- name: Create the ro /chroot directory with sticky bit if it doesn't exist. (/chroot/website has matrix:matrix permissions and is mounted to nginx container)
|
||||||
file:
|
file:
|
||||||
@ -129,6 +177,7 @@
|
|||||||
owner: matrix
|
owner: matrix
|
||||||
group: matrix
|
group: matrix
|
||||||
mode: '0574'
|
mode: '0574'
|
||||||
|
when: customise_base_domain_website is defined
|
||||||
|
|
||||||
- name: Ensure /chroot/export location exists
|
- name: Ensure /chroot/export location exists
|
||||||
file:
|
file:
|
||||||
|
@ -16,8 +16,3 @@
|
|||||||
- name: Ensure correct ownership of /matrix/synapse
|
- name: Ensure correct ownership of /matrix/synapse
|
||||||
shell: chown -R matrix:matrix /matrix/synapse
|
shell: chown -R matrix:matrix /matrix/synapse
|
||||||
|
|
||||||
- name: Fetch matrix_vars.yml file to AWX
|
|
||||||
fetch:
|
|
||||||
src: /matrix/awx/matrix_vars.yml
|
|
||||||
dest: /var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/
|
|
||||||
flat: yes
|
|
||||||
|
@ -4,9 +4,11 @@
|
|||||||
file: '{{ awx_cached_matrix_vars }}'
|
file: '{{ awx_cached_matrix_vars }}'
|
||||||
no_log: True
|
no_log: True
|
||||||
|
|
||||||
- name: Install jq on remote machine
|
- name: Install jq and curl on remote machine
|
||||||
apt:
|
apt:
|
||||||
name: jq
|
name:
|
||||||
|
- jq
|
||||||
|
- curl
|
||||||
state: present
|
state: present
|
||||||
|
|
||||||
- name: Collect access token of Dimension user
|
- name: Collect access token of Dimension user
|
||||||
|
@ -35,3 +35,18 @@
|
|||||||
with_dict:
|
with_dict:
|
||||||
'matrix_awx_dimension_user_created': 'true'
|
'matrix_awx_dimension_user_created': 'true'
|
||||||
when: not matrix_awx_dimension_user_created|bool
|
when: not matrix_awx_dimension_user_created|bool
|
||||||
|
|
||||||
|
- name: Ensure /chroot/website location has correct permissions
|
||||||
|
file:
|
||||||
|
path: /chroot/website
|
||||||
|
state: directory
|
||||||
|
owner: matrix
|
||||||
|
group: matrix
|
||||||
|
mode: '0574'
|
||||||
|
when: customise_base_domain_website is defined
|
||||||
|
|
||||||
|
- name: Ensure erroneous /chroot/website/matrix-domain location doesn't exist
|
||||||
|
file:
|
||||||
|
path: /chroot/website/matrix-domain
|
||||||
|
state: absent
|
||||||
|
when: customise_base_domain_website is defined
|
||||||
|
Loading…
Reference in New Issue
Block a user