diff --git a/roles/custom/matrix-bot-honoroit/defaults/main.yml b/roles/custom/matrix-bot-honoroit/defaults/main.yml index 670e8499b..630c90dbd 100644 --- a/roles/custom/matrix-bot-honoroit/defaults/main.yml +++ b/roles/custom/matrix-bot-honoroit/defaults/main.yml @@ -21,7 +21,7 @@ matrix_bot_honoroit_docker_repo_version: "{{ matrix_bot_honoroit_version }}" matrix_bot_honoroit_docker_src_files_path: "{{ matrix_base_data_path }}/honoroit/docker-src" # renovate: datasource=docker depName=registry.gitlab.com/etke.cc/honoroit -matrix_bot_honoroit_version: v0.9.21 +matrix_bot_honoroit_version: v0.9.22 matrix_bot_honoroit_docker_image: "{{ matrix_bot_honoroit_docker_image_name_prefix }}etke.cc/honoroit:{{ matrix_bot_honoroit_version }}" matrix_bot_honoroit_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_honoroit_container_image_self_build else 'registry.gitlab.com/' }}" matrix_bot_honoroit_docker_image_force_pull: "{{ matrix_bot_honoroit_docker_image.endswith(':latest') }}" @@ -39,15 +39,6 @@ matrix_bot_honoroit_container_network: "" # Use this to expose this container to another reverse proxy, which runs in a different container network. matrix_bot_honoroit_container_additional_networks: [] -# enable basic auth for metrics -matrix_bot_honoroit_basicauth_enabled: false -# temporary file name on the host that runs ansible -matrix_bot_honoroit_basicauth_file: "/tmp/matrix_bot_honoroit_htpasswd" -# username -matrix_bot_honoroit_basicauth_user: '' -# password -matrix_bot_honoroit_basicauth_password: '' - # matrix_bot_honoroit_container_labels_traefik_enabled controls whether labels to assist a Traefik reverse-proxy will be attached to the container. # See `../templates/labels.j2` for details. # @@ -149,8 +140,26 @@ matrix_bot_honoroit_sentry: '' # Log level matrix_bot_honoroit_loglevel: '' -# Disable encryption -matrix_bot_honoroit_noencryption: false +# /metrics basic auth login +matrix_bot_honoroit_auth_metrics_login: '' +# /metrics basic auth password +matrix_bot_honoroit_auth_metrics_password: '' +# /metrics basic auth allowed IPs +matrix_bot_honoroit_auth_metrics_ips: [] + +# Optional healthchecks.io integration +matrix_bot_honoroit_healthchecks_url: 'https://hc-ping.com' +matrix_bot_honoroit_healthchecks_uuid: '' +matrix_bot_honoroit_healthchecks_duration: 60 # in seconds + +# Optional Redmine integration +matrix_bot_honoroit_redmine_host: '' # e.g. https://redmine.example.com +matrix_bot_honoroit_redmine_apikey: '' +matrix_bot_honoroit_redmine_project: '' # project identifier (e.g. 'myproject') +matrix_bot_honoroit_redmine_tracker_id: '' # tracker id (e.g. 1) +matrix_bot_honoroit_redmine_new_status_id: '' # new status id (e.g. 1) +matrix_bot_honoroit_redmine_in_progress_status_id: '' # in progress status id (e.g. 2) +matrix_bot_honoroit_redmine_done_status_id: '' # done status id (e.g. 3) # A list of whitelisted users allowed to use/invite honoroit # If not defined, everyone is allowed. diff --git a/roles/custom/matrix-bot-honoroit/tasks/setup_install.yml b/roles/custom/matrix-bot-honoroit/tasks/setup_install.yml index 93e219e89..438612eb7 100644 --- a/roles/custom/matrix-bot-honoroit/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-honoroit/tasks/setup_install.yml @@ -40,21 +40,6 @@ - {path: "{{ matrix_bot_honoroit_docker_src_files_path }}", when: true} when: "item.when | bool" -- name: Determine basicauth filename - ansible.builtin.set_fact: - matrix_bot_honoroit_basicauth_file_tmp: "{{ matrix_bot_honoroit_basicauth_file }}_{{ inventory_hostname }}" - when: matrix_bot_honoroit_basicauth_enabled | bool - -- name: Generate basic auth file - community.general.htpasswd: - path: "{{ matrix_bot_honoroit_basicauth_file }}" - name: "{{ matrix_bot_honoroit_basicauth_user }}" - password: "{{ matrix_bot_honoroit_basicauth_password }}" - mode: 0640 - become: false - delegate_to: 127.0.0.1 - when: matrix_bot_honoroit_basicauth_enabled | bool - - name: Ensure honoroit support files installed ansible.builtin.template: src: "{{ role_path }}/templates/{{ item }}.j2" @@ -66,14 +51,6 @@ - env - labels -- name: Ensure temporary basic auth file is removed - ansible.builtin.file: - path: "{{ matrix_bot_honoroit_basicauth_file }}" - state: absent - become: false - delegate_to: 127.0.0.1 - when: matrix_bot_honoroit_basicauth_enabled | bool - - name: Ensure honoroit image is pulled community.docker.docker_image: name: "{{ matrix_bot_honoroit_docker_image }}" diff --git a/roles/custom/matrix-bot-honoroit/templates/env.j2 b/roles/custom/matrix-bot-honoroit/templates/env.j2 index 0cfd88c1d..e061a3687 100644 --- a/roles/custom/matrix-bot-honoroit/templates/env.j2 +++ b/roles/custom/matrix-bot-honoroit/templates/env.j2 @@ -5,10 +5,22 @@ HONOROIT_ROOMID={{ matrix_bot_honoroit_roomid }} HONOROIT_DB_DSN={{ matrix_bot_honoroit_database_connection_string }} HONOROIT_DB_DIALECT={{ matrix_bot_honoroit_database_dialect }} HONOROIT_PREFIX={{ matrix_bot_honoroit_prefix }} -HONOROIT_SENTRY={{ matrix_bot_honoroit_sentry }} +HONOROIT_AUTH_METRICS_LOGIN={{ matrix_bot_honoroit_auth_metrics_login }} +HONOROIT_AUTH_METRICS_PASSWORD={{ matrix_bot_honoroit_auth_metrics_password }} +HONOROIT_AUTH_METRICS_IPS={{ matrix_bot_honoroit_auth_metrics_ips | default([]) | join(' ') }} +HONOROIT_REDMINE_HOST={{ matrix_bot_honoroit_redmine_host }} +HONOROIT_REDMINE_APIKEY={{ matrix_bot_honoroit_redmine_apikey }} +HONOROIT_REDMINE_PROJECT={{ matrix_bot_honoroit_redmine_project }} +HONOROIT_REDMINE_TRACKERID={{ matrix_bot_honoroit_redmine_tracker_id }} +HONOROIT_REDMINE_NEWSTATUSID={{ matrix_bot_honoroit_redmine_new_status_id }} +HONOROIT_REDMINE_INPROGRESSSTATUSID={{ matrix_bot_honoroit_redmine_in_progress_status_id }} +HONOROIT_REDMINE_DONESTATUSID={{ matrix_bot_honoroit_redmine_done_status_id }} +HONOROIT_MONITORING_SENTRY_DSN={{ matrix_bot_honoroit_sentry }} +HONOROIT_MONITORING_HEALTHCHECKS_URL={{ matrix_bot_honoroit_healthchecks_url }} +HONOROIT_MONITORING_HEALTHCHECKS_UUID={{ matrix_bot_honoroit_healthchecks_uuid }} +HONOROIT_MONITORING_HEALTHCHECKS_DURATION={{ matrix_bot_honoroit_healthchecks_duration }} HONOROIT_LOGLEVEL={{ matrix_bot_honoroit_loglevel }} HONOROIT_CACHESIZE={{ matrix_bot_honoroit_cachesize }} -HONOROIT_NOENCRYPTION={{ matrix_bot_honoroit_noencryption }} HONOROIT_IGNORENOTHREAD={{ matrix_bot_honoroit_ignorenothread }} HONOROIT_IGNOREDROOMS={{ matrix_bot_honoroit_ignoredrooms | join(' ') }} HONOROIT_ALLOWEDUSERS={{ matrix_bot_honoroit_allowedusers | join(' ') }} diff --git a/roles/custom/matrix-bot-honoroit/templates/labels.j2 b/roles/custom/matrix-bot-honoroit/templates/labels.j2 index ef210c49d..74e357914 100644 --- a/roles/custom/matrix-bot-honoroit/templates/labels.j2 +++ b/roles/custom/matrix-bot-honoroit/templates/labels.j2 @@ -28,11 +28,6 @@ traefik.http.middlewares.matrix-bot-honoroit-add-headers.headers.customresponseh {% set middlewares = middlewares + ['matrix-bot-honoroit-add-headers'] %} {% endif %} -{% if matrix_bot_honoroit_basicauth_enabled %} -traefik.http.middlewares.matrix-bot-honoroit-auth.basicauth.users={{ lookup('ansible.builtin.file', matrix_bot_honoroit_basicauth_file) }} -{% set middlewares_metrics = middlewares + ['matrix-bot-honoroit-auth'] %} -{% endif %} - {% if middlewares_metrics | length > 0 %} traefik.http.routers.matrix-bot-honoroit-metrics.rule={{ matrix_bot_honoroit_container_labels_traefik_metrics_rule }} {% if matrix_bot_honoroit_container_labels_traefik_priority | int > 0 %}