Add continuwuity support (#4267)

* continuwuity support * continuwuity support * use main instead of commit tag * fix docker image link * migration from conduwuit * fix yaml lint * backup directories and linter fixes * linter fixes
2025-04-26 08:12:53 +02:00
parent 6383b1b37a
commit bd405c410a
28 changed files with 2652 additions and 4 deletions
--- a/roles/custom/matrix-continuwuity/tasks/install.yml
+++ b/roles/custom/matrix-continuwuity/tasks/install.yml
@ -0,0 +1,64 @@
+# SPDX-FileCopyrightText: 2025 Slavi Pantaleev
+#
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
+---
+
+- name: Ensure continuwuity config path exists
+  ansible.builtin.file:
+    path: "{{ matrix_continuwuity_config_path }}"
+    state: directory
+    mode: 0750
+    owner: "{{ matrix_user_username }}"
+    group: "{{ matrix_user_groupname }}"
+
+- name: Ensure continuwuity data path exists
+  ansible.builtin.file:
+    path: "{{ matrix_continuwuity_data_path }}"
+    state: directory
+    mode: 0770
+    owner: "{{ matrix_user_username }}"
+    group: "{{ matrix_user_groupname }}"
+
+- name: Ensure continuwuity configuration installed
+  ansible.builtin.template:
+    src: "{{ matrix_continuwuity_template_continuwuity_config }}"
+    dest: "{{ matrix_continuwuity_config_path }}/continuwuity.toml"
+    mode: 0644
+    owner: "{{ matrix_user_username }}"
+    group: "{{ matrix_user_groupname }}"
+
+- name: Ensure continuwuity support files installed
+  ansible.builtin.template:
+    src: "{{ role_path }}/templates/{{ item }}.j2"
+    dest: "{{ matrix_continuwuity_base_path }}/{{ item }}"
+    mode: 0640
+    owner: "{{ matrix_user_username }}"
+    group: "{{ matrix_user_groupname }}"
+  with_items:
+    - labels
+    - env
+
+- name: Ensure continuwuity container network is created
+  community.general.docker_network:
+    enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
+    name: "{{ matrix_continuwuity_container_network }}"
+    driver: bridge
+    driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
+
+- name: Ensure continuwuity container image is pulled
+  community.docker.docker_image:
+    name: "{{ matrix_continuwuity_docker_image }}"
+    source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
+    force_source: "{{ matrix_continuwuity_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
+    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_continuwuity_docker_image_force_pull }}"
+  register: result
+  retries: "{{ devture_playbook_help_container_retries_count }}"
+  delay: "{{ devture_playbook_help_container_retries_delay }}"
+  until: result is not failed
+
+- name: Ensure matrix-continuwuity.service installed
+  ansible.builtin.template:
+    src: "{{ role_path }}/templates/systemd/matrix-continuwuity.service.j2"
+    dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-continuwuity.service"
+    mode: 0644
--- a/roles/custom/matrix-continuwuity/tasks/main.yml
+++ b/roles/custom/matrix-continuwuity/tasks/main.yml
@ -0,0 +1,40 @@
+# SPDX-FileCopyrightText: 2025 MDAD project contributors
+# SPDX-FileCopyrightText: 2025 Slavi Pantaleev
+#
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
+---
+
+- tags:
+    - setup-all
+    - setup-continuwuity
+    - install-all
+    - install-continuwuity
+  block:
+    - when: matrix_continuwuity_enabled | bool
+      ansible.builtin.include_tasks: "{{ role_path }}/tasks/validate_config.yml"
+
+    - when: matrix_continuwuity_enabled | bool
+      ansible.builtin.include_tasks: "{{ role_path }}/tasks/install.yml"
+
+- tags:
+    - setup-all
+    - setup-continuwuity
+  block:
+    - when: not matrix_continuwuity_enabled | bool
+      ansible.builtin.include_tasks: "{{ role_path }}/tasks/uninstall.yml"
+
+- tags:
+    - self-check
+  block:
+    - when: matrix_continuwuity_enabled | bool
+      ansible.builtin.include_tasks: "{{ role_path }}/tasks/self_check_client_api.yml"
+
+    - when: matrix_continuwuity_enabled | bool
+      ansible.builtin.include_tasks: "{{ role_path }}/tasks/self_check_federation_api.yml"
+
+- tags:
+    - migrate-conduwuit
+  block:
+    - when: matrix_continuwuity_enabled | bool
+      ansible.builtin.include_tasks: "{{ role_path }}/tasks/migrate_from_conduwuit.yml"
--- a/roles/custom/matrix-continuwuity/tasks/migrate_from_conduwuit.yml
+++ b/roles/custom/matrix-continuwuity/tasks/migrate_from_conduwuit.yml
@ -0,0 +1,65 @@
+# SPDX-FileCopyrightText: 2025 Slavi Pantaleev
+#
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
+---
+
+# This migrates the conduwuit server implementation (`/matrix/conduwuit`) to continuwuity (`/matrix/continuwuity`),
+#
+# Here, we merely backup the fresh continuwuity folder, relocate conduwuit directory to continuwuity (`/matrix/conduwuit`)
+#
+# and restore continuwuity labels.
+
+- name: Check existence of conduwuit directory
+  ansible.builtin.stat:
+    path: "{{ matrix_base_data_path }}/conduwuit"
+  register: matrix_conduwuit_directory_stat
+
+- name: Check existence of continuwuity directory
+  ansible.builtin.stat:
+    path: "{{ matrix_base_data_path }}/continuwuity"
+  register: matrix_continuwuity_directory_stat
+
+- when: >
+        matrix_conduwuit_directory_stat.stat.exists | bool and
+        matrix_continuwuity_directory_stat.stat.exists | bool
+  block:
+    - name: Ensure matrix-continuwuity.service systemd service is stopped
+      ansible.builtin.systemd:
+        name: matrix-continuwuity
+        state: stopped
+        enabled: false
+        daemon_reload: true
+
+    - name: Ensure continuwuity directory is backed up
+      ansible.builtin.command:
+        cmd: "mv {{ matrix_base_data_path }}/continuwuity {{ matrix_base_data_path }}/continuwuity_old"
+        creates: "{{ matrix_base_data_path }}/continuwuity_old"
+        removes: "{{ matrix_base_data_path }}/continuwuity"
+
+    - name: Ensure conduwuit directory contents are copied to continuwuity
+      ansible.builtin.copy:
+        src: "{{ matrix_base_data_path }}/conduwuit/"
+        dest: "{{ matrix_base_data_path }}/continuwuity"
+        remote_src: true
+        mode: preserve
+
+    - name: Ensure conduwuit.toml file is renamed
+      ansible.builtin.command:
+        cmd: "mv {{ matrix_base_data_path }}/continuwuity/config/conduwuit.toml {{ matrix_base_data_path }}/continuwuity/config/continuwuity.toml"
+        removes: "{{ matrix_base_data_path }}/continuwuity/config/conduwuit.toml"
+
+    - name: Ensure continuwuity labels are restored
+      ansible.builtin.copy:
+        src: "{{ matrix_base_data_path }}/continuwuity_old/labels"
+        dest: "{{ matrix_base_data_path }}/continuwuity/labels"
+        remote_src: true
+        force: true
+        mode: preserve
+
+    - name: Ensure matrix-continuwuity.service systemd service is started
+      ansible.builtin.systemd:
+        name: matrix-continuwuity
+        state: started
+        enabled: true
+        daemon_reload: true
--- a/roles/custom/matrix-continuwuity/tasks/self_check_client_api.yml
+++ b/roles/custom/matrix-continuwuity/tasks/self_check_client_api.yml
@ -0,0 +1,28 @@
+# SPDX-FileCopyrightText: 2025 Slavi Pantaleev
+# SPDX-FileCopyrightText: 2025 Suguru Hirahara
+#
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
+---
+
+- name: Check Matrix Client API
+  ansible.builtin.uri:
+    url: "{{ matrix_continuwuity_client_api_url_endpoint_public }}"
+    follow_redirects: none
+    validate_certs: "{{ matrix_continuwuity_self_check_validate_certificates }}"
+  register: result_matrix_continuwuity_client_api
+  ignore_errors: true
+  check_mode: false
+  when: matrix_continuwuity_enabled | bool
+  delegate_to: 127.0.0.1
+  become: false
+
+- name: Fail if Matrix Client API not working
+  ansible.builtin.fail:
+    msg: "Failed checking Matrix Client API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_continuwuity_client_api_url_endpoint_public }}`). Is continuwuity running? Is port 443 open in your firewall? Full error: {{ result_matrix_continuwuity_client_api }}"
+  when: "matrix_continuwuity_enabled | bool and (result_matrix_continuwuity_client_api.failed or 'json' not in result_matrix_continuwuity_client_api)"
+
+- name: Report working Matrix Client API
+  ansible.builtin.debug:
+    msg: "The Matrix Client API at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_continuwuity_client_api_url_endpoint_public }}`) is working"
+  when: matrix_continuwuity_enabled | bool
--- a/roles/custom/matrix-continuwuity/tasks/self_check_federation_api.yml
+++ b/roles/custom/matrix-continuwuity/tasks/self_check_federation_api.yml
@ -0,0 +1,32 @@
+# SPDX-FileCopyrightText: 2025 Slavi Pantaleev
+#
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
+---
+
+- name: Check Matrix Federation API
+  ansible.builtin.uri:
+    url: "{{ matrix_synapse_federation_api_url_endpoint_public }}"
+    follow_redirects: none
+    validate_certs: "{{ matrix_synapse_self_check_validate_certificates }}"
+  register: result_matrix_synapse_federation_api
+  ignore_errors: true
+  check_mode: false
+  when: matrix_synapse_enabled | bool
+  delegate_to: 127.0.0.1
+  become: false
+
+- name: Fail if Matrix Federation API not working
+  ansible.builtin.fail:
+    msg: "Failed checking Matrix Federation API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`). Is Synapse running? Is port {{ matrix_federation_public_port }} open in your firewall? Full error: {{ result_matrix_synapse_federation_api }}"
+  when: "matrix_synapse_enabled | bool and matrix_synapse_federation_enabled | bool and (result_matrix_synapse_federation_api.failed or 'json' not in result_matrix_synapse_federation_api)"
+
+- name: Fail if Matrix Federation API unexpectedly enabled
+  ansible.builtin.fail:
+    msg: "Matrix Federation API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`) despite being disabled."
+  when: "matrix_synapse_enabled | bool and not matrix_synapse_federation_enabled | bool and not result_matrix_synapse_federation_api.failed"
+
+- name: Report working Matrix Federation API
+  ansible.builtin.debug:
+    msg: "The Matrix Federation API at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`) is working"
+  when: "matrix_synapse_enabled | bool and matrix_synapse_federation_enabled | bool"
--- a/roles/custom/matrix-continuwuity/tasks/setup_install.yml
+++ b/roles/custom/matrix-continuwuity/tasks/setup_install.yml
@ -0,0 +1,63 @@
+# SPDX-FileCopyrightText: 2025 MDAD project contributors
+#
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
+---
+
+- name: Ensure continuwuity config path exists
+  ansible.builtin.file:
+    path: "{{ matrix_continuwuity_config_path }}"
+    state: directory
+    mode: 0750
+    owner: "{{ matrix_user_username }}"
+    group: "{{ matrix_user_groupname }}"
+
+- name: Ensure continuwuity data path exists
+  ansible.builtin.file:
+    path: "{{ matrix_continuwuity_data_path }}"
+    state: directory
+    mode: 0770
+    owner: "{{ matrix_user_username }}"
+    group: "{{ matrix_user_groupname }}"
+
+- name: Ensure continuwuity configuration installed
+  ansible.builtin.template:
+    src: "{{ matrix_continuwuity_template_continuwuity_config }}"
+    dest: "{{ matrix_continuwuity_config_path }}/continuwuity.toml"
+    mode: 0644
+    owner: "{{ matrix_user_username }}"
+    group: "{{ matrix_user_groupname }}"
+
+- name: Ensure continuwuity support files installed
+  ansible.builtin.template:
+    src: "{{ role_path }}/templates/{{ item }}.j2"
+    dest: "{{ matrix_continuwuity_base_path }}/{{ item }}"
+    mode: 0640
+    owner: "{{ matrix_user_username }}"
+    group: "{{ matrix_user_groupname }}"
+  with_items:
+    - labels
+
+- name: Ensure continuwuity container network is created
+  community.general.docker_network:
+    enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
+    name: "{{ matrix_continuwuity_container_network }}"
+    driver: bridge
+    driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
+
+- name: Ensure continuwuity container image is pulled
+  community.docker.docker_image:
+    name: "{{ matrix_continuwuity_docker_image }}"
+    source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
+    force_source: "{{ matrix_continuwuity_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
+    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_continuwuity_docker_image_force_pull }}"
+  register: result
+  retries: "{{ devture_playbook_help_container_retries_count }}"
+  delay: "{{ devture_playbook_help_container_retries_delay }}"
+  until: result is not failed
+
+- name: Ensure matrix-continuwuity.service installed
+  ansible.builtin.template:
+    src: "{{ role_path }}/templates/systemd/matrix-continuwuity.service.j2"
+    dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-continuwuity.service"
+    mode: 0644
--- a/roles/custom/matrix-continuwuity/tasks/setup_uninstall.yml
+++ b/roles/custom/matrix-continuwuity/tasks/setup_uninstall.yml
@ -0,0 +1,23 @@
+# SPDX-FileCopyrightText: 2025 MDAD project contributors
+#
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
+---
+
+- name: Check existence of matrix-continuwuity service
+  ansible.builtin.stat:
+    path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-continuwuity.service"
+  register: matrix_continuwuity_service_stat
+
+- when: matrix_continuwuity_service_stat.stat.exists | bool
+  block:
+    - name: Ensure matrix-continuwuity is stopped
+      ansible.builtin.systemd:
+        name: matrix-continuwuity
+        state: stopped
+        daemon_reload: true
+
+    - name: Ensure matrix-continuwuity.service doesn't exist
+      ansible.builtin.file:
+        path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-continuwuity.service"
+        state: absent
--- a/roles/custom/matrix-continuwuity/tasks/uninstall.yml
+++ b/roles/custom/matrix-continuwuity/tasks/uninstall.yml
@ -0,0 +1,23 @@
+# SPDX-FileCopyrightText: 2025 Slavi Pantaleev
+#
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
+---
+
+- name: Check existence of matrix-continuwuity service
+  ansible.builtin.stat:
+    path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-continuwuity.service"
+  register: matrix_continuwuity_service_stat
+
+- when: matrix_continuwuity_service_stat.stat.exists | bool
+  block:
+    - name: Ensure matrix-continuwuity is stopped
+      ansible.builtin.systemd:
+        name: matrix-continuwuity
+        state: stopped
+        daemon_reload: true
+
+    - name: Ensure matrix-continuwuity.service doesn't exist
+      ansible.builtin.file:
+        path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-continuwuity.service"
+        state: absent
--- a/roles/custom/matrix-continuwuity/tasks/validate_config.yml
+++ b/roles/custom/matrix-continuwuity/tasks/validate_config.yml
@ -0,0 +1,15 @@
+# SPDX-FileCopyrightText: 2025 MDAD project contributors
+#
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
+---
+
+- name: Fail if required continuwuity settings not defined
+  ansible.builtin.fail:
+    msg: >-
+      You need to define a required configuration setting (`{{ item.name }}`).
+  when: "item.when | bool and vars[item.name] == ''"
+  with_items:
+    - {'name': 'matrix_continuwuity_hostname', when: true}
+    - {'name': 'matrix_continuwuity_container_network', when: true}
+    - {'name': 'matrix_continuwuity_container_labels_internal_client_api_traefik_entrypoints', when: "{{ matrix_continuwuity_container_labels_internal_client_api_enabled }}"}