Move matrix-bot-buscarron to its own container network

This commit is contained in:
Slavi Pantaleev 2024-01-07 08:58:21 +02:00
parent 14d57bb7a6
commit d8b867b6fb
2 changed files with 26 additions and 28 deletions

View File

@ -1930,39 +1930,27 @@ matrix_bot_honoroit_container_labels_traefik_tls_certResolver: "{{ devture_traef
# We don't enable bots by default.
matrix_bot_buscarron_enabled: false
matrix_bot_buscarron_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}"
matrix_bot_buscarron_systemd_required_services_list: |
{{
['docker.service']
+
([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled else [])
+
(['matrix-synapse.service'] if matrix_synapse_enabled else [])
+
(['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else [])
}}
# Postgres is the default, except if not using internal Postgres server
matrix_bot_buscarron_database_engine: "{{ 'postgres' if devture_postgres_enabled else 'sqlite' }}"
matrix_bot_buscarron_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
matrix_bot_buscarron_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'buscarron.bot.db', rounds=655555) | to_uuid }}"
matrix_bot_buscarron_hostname: "{{ matrix_server_fqn_buscarron }}"
matrix_bot_buscarron_container_network: "{{ matrix_docker_network if matrix_playbook_reverse_proxy_type == 'playbook-managed-nginx' else 'matrix-bot-buscarron' }}"
matrix_bot_buscarron_systemd_required_services_list_auto: |
{{
matrix_addons_homeserver_systemd_services_list
+
([devture_postgres_identifier ~ '.service'] if (devture_postgres_enabled and matrix_bot_buscarron_database_hostname == devture_postgres_connection_hostname) else [])
}}
# For now, we attach this to the matrix-nginx-proxy network (unless that's the same network as the main one for us),
# because that's where the homeserver is expected to be accessed from.
# In the future, this will need to be redone.
matrix_bot_buscarron_container_additional_networks: |
matrix_bot_buscarron_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}"
matrix_bot_buscarron_container_network: "{{ matrix_addons_container_network }}"
matrix_bot_buscarron_container_additional_networks_auto: |-
{{
(
([matrix_playbook_reverse_proxyable_services_additional_network] if matrix_playbook_reverse_proxyable_services_additional_network else [])
([] if matrix_addons_homeserver_container_network == '' else [matrix_addons_homeserver_container_network])
+
([matrix_nginx_proxy_container_network] if matrix_nginx_proxy_enabled and matrix_bot_buscarron_container_network != matrix_nginx_proxy_container_network else [])
([devture_postgres_container_network] if (devture_postgres_enabled and matrix_bot_buscarron_database_hostname == devture_postgres_connection_hostname and matrix_bot_buscarron_container_network != devture_postgres_container_network) else [])
+
([devture_postgres_container_network] if devture_postgres_enabled and devture_postgres_container_network != matrix_bot_buscarron_container_network else [])
([matrix_playbook_reverse_proxyable_services_additional_network] if matrix_playbook_reverse_proxyable_services_additional_network and matrix_bot_buscarron_container_labels_traefik_enabled else [])
) | unique
}}
@ -1971,6 +1959,11 @@ matrix_bot_buscarron_container_labels_traefik_docker_network: "{{ matrix_playboo
matrix_bot_buscarron_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}"
matrix_bot_buscarron_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}"
# Postgres is the default, except if not using internal Postgres server
matrix_bot_buscarron_database_engine: "{{ 'postgres' if devture_postgres_enabled else 'sqlite' }}"
matrix_bot_buscarron_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
matrix_bot_buscarron_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'buscarron.bot.db', rounds=655555) | to_uuid }}"
######################################################################
#
# /matrix-bot-buscarron

View File

@ -39,7 +39,9 @@ matrix_bot_buscarron_container_network: matrix-bot-buscarron
# A list of additional container networks that the container would be connected to.
# The role does not create these networks, so make sure they already exist.
# Use this to expose this container to another reverse proxy, which runs in a different container network.
matrix_bot_buscarron_container_additional_networks: []
matrix_bot_buscarron_container_additional_networks: "{{ matrix_bot_buscarron_container_additional_networks_auto + matrix_bot_buscarron_container_additional_networks_custom }}"
matrix_bot_buscarron_container_additional_networks_auto: []
matrix_bot_buscarron_container_additional_networks_custom: []
# /metrics login
matrix_bot_buscarron_metrics_login: ''
@ -85,7 +87,10 @@ matrix_bot_buscarron_container_labels_additional_labels: ''
matrix_bot_buscarron_container_extra_arguments: []
# List of systemd services that matrix-bot-buscarron.service depends on
matrix_bot_buscarron_systemd_required_services_list: ['docker.service']
matrix_bot_buscarron_systemd_required_services_list: "{{ matrix_bot_buscarron_systemd_required_services_list_default + matrix_bot_buscarron_systemd_required_services_list_auto + matrix_bot_buscarron_systemd_required_services_list_custom }}"
matrix_bot_buscarron_systemd_required_services_list_default: ['docker.service']
matrix_bot_buscarron_systemd_required_services_list_auto: []
matrix_bot_buscarron_systemd_required_services_list_custom: []
# List of systemd services that matrix-bot-buscarron.service wants
matrix_bot_buscarron_systemd_wanted_services_list: []