add experimental(?) architecture support for arm32 and arm64
the changes are necessary because certbot images are tagged, so docker does not recognize the necessary architecture
This commit is contained in:
parent
203a319881
commit
bd61598faf
16
docs/alternative-architectures.md
Normal file
16
docs/alternative-architectures.md
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
# Alternative architectures
|
||||||
|
As stated in the [Prerequisites](prerequisites.md), currently only x86_64 is supported. However, it is possible to set the target architecture, and some tools can be built on the host or other measures can be used.
|
||||||
|
|
||||||
|
To that end add the following variable to your `vars.yaml` file:
|
||||||
|
```
|
||||||
|
matrix_architecture = <your-matrix-server-architecture>
|
||||||
|
```
|
||||||
|
Currently supported architectures are the following:
|
||||||
|
- `amd64` (the default)
|
||||||
|
- `arm64`
|
||||||
|
- `arm32`
|
||||||
|
|
||||||
|
On most roles self-building is used if the architecture is not `amd64`. Special cases:
|
||||||
|
- matrix-bridge-mautrix-facebook: there is built docker image for arm64 as well,
|
||||||
|
- matrix-bridge-mautrix-hangouts: there is built docker image for arm64 as well,
|
||||||
|
- matrix-nginx-proxy: Certbot has docker image for both arm32 and arm64, however tagging is used, which requires special handling.
|
@ -26,6 +26,20 @@ matrix_riot_jitsi_preferredDomain: "{{ matrix_server_fqn_jitsi if matrix_jitsi_e
|
|||||||
#
|
#
|
||||||
######################################################################
|
######################################################################
|
||||||
|
|
||||||
|
######################################################################
|
||||||
|
#
|
||||||
|
# matrix-architecture
|
||||||
|
#
|
||||||
|
######################################################################
|
||||||
|
|
||||||
|
matrix_architecture: "amd64"
|
||||||
|
|
||||||
|
######################################################################
|
||||||
|
#
|
||||||
|
# /matrix-architecture
|
||||||
|
#
|
||||||
|
######################################################################
|
||||||
|
|
||||||
|
|
||||||
######################################################################
|
######################################################################
|
||||||
#
|
#
|
||||||
@ -174,7 +188,7 @@ matrix_appservice_irc_homeserver_token: "{{ matrix_synapse_macaroon_secret_key |
|
|||||||
# We don't enable bridges by default.
|
# We don't enable bridges by default.
|
||||||
matrix_mautrix_facebook_enabled: false
|
matrix_mautrix_facebook_enabled: false
|
||||||
|
|
||||||
matrix_mautrix_facebook_container_image_self_build: "{{ matrix_container_images_self_build }}"
|
matrix_mautrix_facebook_container_image_self_build: "{{ (matrix_architecture != 'amd64') and (matrix_architecture != 'arm64') }}"
|
||||||
|
|
||||||
matrix_mautrix_facebook_systemd_required_services_list: |
|
matrix_mautrix_facebook_systemd_required_services_list: |
|
||||||
{{
|
{{
|
||||||
@ -205,7 +219,7 @@ matrix_mautrix_facebook_login_shared_secret: "{{ matrix_synapse_ext_password_pro
|
|||||||
# We don't enable bridges by default.
|
# We don't enable bridges by default.
|
||||||
matrix_mautrix_hangouts_enabled: false
|
matrix_mautrix_hangouts_enabled: false
|
||||||
|
|
||||||
matrix_mautrix_hangouts_container_image_self_build: "{{ matrix_container_images_self_build }}"
|
matrix_mautrix_hangouts_container_image_self_build: "{{ (matrix_architecture != 'amd64') and (matrix_architecture != 'arm64') }}"
|
||||||
|
|
||||||
matrix_mautrix_hangouts_systemd_required_services_list: |
|
matrix_mautrix_hangouts_systemd_required_services_list: |
|
||||||
{{
|
{{
|
||||||
@ -301,7 +315,7 @@ matrix_mautrix_whatsapp_login_shared_secret: "{{ matrix_synapse_ext_password_pro
|
|||||||
# We don't enable bridges by default.
|
# We don't enable bridges by default.
|
||||||
matrix_mx_puppet_skype_enabled: false
|
matrix_mx_puppet_skype_enabled: false
|
||||||
|
|
||||||
matrix_mx_puppet_skype_container_image_self_build: "{{ matrix_container_images_self_build }}"
|
matrix_mx_puppet_skype_container_image_self_build: "{{ matrix_architecture != 'amd64'}}"
|
||||||
|
|
||||||
matrix_mx_puppet_skype_systemd_required_services_list: |
|
matrix_mx_puppet_skype_systemd_required_services_list: |
|
||||||
{{
|
{{
|
||||||
@ -366,7 +380,7 @@ matrix_corporal_matrix_registration_shared_secret: "{{ matrix_synapse_registrati
|
|||||||
|
|
||||||
matrix_coturn_enabled: true
|
matrix_coturn_enabled: true
|
||||||
|
|
||||||
matrix_coturn_container_image_self_build: "{{ matrix_container_images_self_build }}"
|
matrix_coturn_container_image_self_build: "{{ matrix_architecture != 'amd64'}}"
|
||||||
|
|
||||||
matrix_coturn_turn_external_ip_address: "{{ ansible_host }}"
|
matrix_coturn_turn_external_ip_address: "{{ ansible_host }}"
|
||||||
|
|
||||||
@ -489,7 +503,7 @@ matrix_mailer_enabled: true
|
|||||||
# If you wish to use the public identity servers (matrix.org, vector.im) instead of your own you may wish to disable this.
|
# If you wish to use the public identity servers (matrix.org, vector.im) instead of your own you may wish to disable this.
|
||||||
matrix_ma1sd_enabled: true
|
matrix_ma1sd_enabled: true
|
||||||
|
|
||||||
matrix_ma1sd_container_image_self_build: "{{ matrix_container_images_self_build }}"
|
matrix_ma1sd_container_image_self_build: "{{ matrix_architecture != 'amd64'}}"
|
||||||
|
|
||||||
# Normally, matrix-nginx-proxy is enabled and nginx can reach ma1sd over the container network.
|
# Normally, matrix-nginx-proxy is enabled and nginx can reach ma1sd over the container network.
|
||||||
# If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose
|
# If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose
|
||||||
@ -599,6 +613,8 @@ matrix_ssl_domains_to_obtain_certificates_for: |
|
|||||||
([matrix_domain] if matrix_nginx_proxy_base_domain_serving_enabled else [])
|
([matrix_domain] if matrix_nginx_proxy_base_domain_serving_enabled else [])
|
||||||
}}
|
}}
|
||||||
|
|
||||||
|
matrix_ssl_architecture: "{{ matrix_architecture }}"
|
||||||
|
|
||||||
######################################################################
|
######################################################################
|
||||||
#
|
#
|
||||||
# /matrix-nginx-proxy
|
# /matrix-nginx-proxy
|
||||||
@ -638,7 +654,7 @@ matrix_postgres_db_name: "homeserver"
|
|||||||
# If you wish to connect to your Matrix server by other means, you may wish to disable this.
|
# If you wish to connect to your Matrix server by other means, you may wish to disable this.
|
||||||
matrix_riot_web_enabled: true
|
matrix_riot_web_enabled: true
|
||||||
|
|
||||||
matrix_riot_web_container_image_self_build: "{{ matrix_container_images_self_build }}"
|
matrix_riot_web_container_image_self_build: "{{ matrix_architecture != 'amd64'}}"
|
||||||
|
|
||||||
# Normally, matrix-nginx-proxy is enabled and nginx can reach riot-web over the container network.
|
# Normally, matrix-nginx-proxy is enabled and nginx can reach riot-web over the container network.
|
||||||
# If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose
|
# If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose
|
||||||
@ -683,7 +699,7 @@ matrix_riot_web_jitsi_preferredDomain: "{{ matrix_server_fqn_jitsi if matrix_jit
|
|||||||
#
|
#
|
||||||
######################################################################
|
######################################################################
|
||||||
|
|
||||||
matrix_synapse_container_image_self_build: "{{ matrix_container_images_self_build }}"
|
matrix_synapse_container_image_self_build: "{{ matrix_architecture != 'amd64'}}"
|
||||||
|
|
||||||
# When ma1sd is enabled, we can use it instead of the default public Identity servers.
|
# When ma1sd is enabled, we can use it instead of the default public Identity servers.
|
||||||
matrix_synapse_trusted_third_party_id_servers: "{{ [matrix_server_fqn_matrix] if matrix_ma1sd_enabled else matrix_synapse_id_servers_public }}"
|
matrix_synapse_trusted_third_party_id_servers: "{{ [matrix_server_fqn_matrix] if matrix_ma1sd_enabled else matrix_synapse_id_servers_public }}"
|
||||||
|
@ -213,12 +213,14 @@ matrix_nginx_proxy_self_check_well_known_matrix_client_follow_redirects: none
|
|||||||
# plain HTTP traffic only (usually, on the loopback interface only) and you'd be terminating SSL using another reverse-proxy.
|
# plain HTTP traffic only (usually, on the loopback interface only) and you'd be terminating SSL using another reverse-proxy.
|
||||||
matrix_ssl_retrieval_method: "lets-encrypt"
|
matrix_ssl_retrieval_method: "lets-encrypt"
|
||||||
|
|
||||||
|
matrix_ssl_architecture: "amd64"
|
||||||
|
|
||||||
# The list of domains that this role will obtain certificates for.
|
# The list of domains that this role will obtain certificates for.
|
||||||
matrix_ssl_domains_to_obtain_certificates_for: []
|
matrix_ssl_domains_to_obtain_certificates_for: []
|
||||||
|
|
||||||
# Controls whether to obtain production or staging certificates from Let's Encrypt.
|
# Controls whether to obtain production or staging certificates from Let's Encrypt.
|
||||||
matrix_ssl_lets_encrypt_staging: false
|
matrix_ssl_lets_encrypt_staging: false
|
||||||
matrix_ssl_lets_encrypt_certbot_docker_image: "certbot/certbot:v1.3.0"
|
matrix_ssl_lets_encrypt_certbot_docker_image: "certbot/certbot:{{ matrix_ssl_architecture }}-v1.3.0"
|
||||||
matrix_ssl_lets_encrypt_certbot_docker_image_force_pull: "{{ matrix_ssl_lets_encrypt_certbot_docker_image.endswith(':latest') }}"
|
matrix_ssl_lets_encrypt_certbot_docker_image_force_pull: "{{ matrix_ssl_lets_encrypt_certbot_docker_image.endswith(':latest') }}"
|
||||||
matrix_ssl_lets_encrypt_certbot_standalone_http_port: 2402
|
matrix_ssl_lets_encrypt_certbot_standalone_http_port: 2402
|
||||||
matrix_ssl_lets_encrypt_support_email: ~
|
matrix_ssl_lets_encrypt_support_email: ~
|
||||||
|
Loading…
Reference in New Issue
Block a user