finallycoffee/matrix-docker-ansible-deploy
5
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Move matrix-ma1sd to its own container network and add native Traefik support

Browse Source
This commit is contained in:
Slavi Pantaleev
2024-01-09 15:27:13 +02:00
parent 81f1c4683b
commit aea66442a1
12 changed files with 227 additions and 134 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
roles/custom/matrix-ma1sd/tasks/main.yml
View File

@ -20,6 +20,7 @@
- tags:
- self-check
- self-check-ma1sd
block:
- when: matrix_ma1sd_enabled | bool
ansible.builtin.include_tasks: "{{ role_path }}/tasks/self_check.yml"

9
roles/custom/matrix-ma1sd/tasks/self_check.yml
View File

@ -1,11 +1,8 @@
---
- ansible.builtin.set_fact:
ma1sd_url_endpoint_public: "https://{{ matrix_server_fqn_matrix }}/_matrix/identity/api/v1"
- name: Check ma1sd Identity Service
ansible.builtin.uri:
url: "{{ ma1sd_url_endpoint_public }}"
url: "{{ matrix_ma1sd_self_check_endpoint_url }}"
follow_redirects: none
validate_certs: "{{ matrix_ma1sd_self_check_validate_certificates }}"
check_mode: false
@ -16,9 +13,9 @@
- name: Fail if ma1sd Identity Service not working
ansible.builtin.fail:
msg: "Failed checking ma1sd is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ ma1sd_url_endpoint_public }}`). Is ma1sd running? Is port 443 open in your firewall? Full error: {{ result_ma1sd }}"
msg: "Failed checking ma1sd is up at `{{ matrix_ma1sd_hostname }}` (checked endpoint: `{{ matrix_ma1sd_self_check_endpoint_url }}`). Is ma1sd running? Is port 443 open in your firewall? Full error: {{ result_ma1sd }}"
when: "result_ma1sd.failed or 'json' not in result_ma1sd"
- name: Report working ma1sd Identity Service
ansible.builtin.debug:
msg: "ma1sd at `{{ matrix_server_fqn_matrix }}` is working (checked endpoint: `{{ ma1sd_url_endpoint_public }}`)"
msg: "ma1sd at `{{ matrix_ma1sd_hostname }}` is working (checked endpoint: `{{ matrix_ma1sd_self_check_endpoint_url }}`)"

15
roles/custom/matrix-ma1sd/tasks/setup_install.yml
View File

@ -122,6 +122,21 @@
- {value: "{{ matrix_ma1sd_threepid_medium_email_custom_matrixid_template }}", location: 'mxid-template.eml'}
when: "matrix_ma1sd_threepid_medium_email_custom_templates_enabled | bool and item.value"
- name: Ensure ma1sd support files installed
ansible.builtin.template:
src: "{{ role_path }}/templates/{{ item }}.j2"
dest: "{{ matrix_ma1sd_base_path }}/{{ item }}"
mode: 0640
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- labels
- name: Ensure ma1sd container network is created
community.general.docker_network:
name: "{{ matrix_ma1sd_container_network }}"
driver: bridge
- name: Ensure matrix-ma1sd.service installed
ansible.builtin.template:
src: "{{ role_path }}/templates/systemd/matrix-ma1sd.service.j2"

6
roles/custom/matrix-ma1sd/tasks/validate_config.yml
View File

@ -45,9 +45,15 @@
You need to define a required configuration setting (`{{ item.name }}`).
when: "item.when | bool and vars[item.name] == ''"
with_items:
- {'name': 'matrix_ma1sd_hostname', when: true}
- {'name': 'matrix_ma1sd_threepid_medium_email_connectors_smtp_host', when: true}
- {'name': 'matrix_ma1sd_dns_overwrite_homeserver_client_value', when: true}
- {'name': 'matrix_ma1sd_database_hostname', when: "{{ matrix_ma1sd_database_engine == 'postgres' }}"}
- {'name': 'matrix_ma1sd_container_network', when: true}
- {'name': 'matrix_ma1sd_container_labels_matrix_identity_hostname', when: "{{ matrix_ma1sd_container_labels_matrix_identity_enabled }}"}
- {'name': 'matrix_ma1sd_container_labels_matrix_identity_path_prefix', when: "{{ matrix_ma1sd_container_labels_matrix_identity_enabled }}"}
- {'name': 'matrix_ma1sd_container_labels_matrix_client_user_directory_search_hostname', when: "{{ matrix_ma1sd_container_labels_matrix_client_user_directory_search_enabled }}"}
- {'name': 'matrix_ma1sd_container_labels_matrix_client_user_directory_search_path', when: "{{ matrix_ma1sd_container_labels_matrix_client_user_directory_search_enabled }}"}
- name: (Deprecation) Catch and report renamed ma1sd variables
ansible.builtin.fail: