made the bridge use the default postgres db

This commit is contained in:
Sabine Laszakovits 2021-01-02 00:39:11 +01:00
parent a06c58c753
commit ffb837d4bc
7 changed files with 39 additions and 88 deletions

View File

@ -262,6 +262,7 @@ matrix_mautrix_hangouts_database_password: "{{ matrix_synapse_macaroon_secret_ke
# #
###################################################################### ######################################################################
# We don't enable bridges by default.
matrix_mautrix_signal_enabled: false matrix_mautrix_signal_enabled: false
# TODO: unclear whether to put this into the role or keep it here # TODO: unclear whether to put this into the role or keep it here
@ -271,7 +272,9 @@ matrix_mautrix_signal_systemd_required_services_list: |
+ +
(['matrix-synapse.service'] if matrix_synapse_enabled else []) (['matrix-synapse.service'] if matrix_synapse_enabled else [])
+ +
['matrix-mautrix-signal-daemon.service', 'matrix-mautrix-signal-db.service'] (['matrix-postgres.service'] if matrix_postgres_enabled else [])
+
['matrix-mautrix-signal-daemon.service']
}} }}
matrix_mautrix_signal_homeserver_domain: '{{ matrix_domain }}' matrix_mautrix_signal_homeserver_domain: '{{ matrix_domain }}'
@ -284,9 +287,9 @@ matrix_mautrix_signal_appservice_token: "{{ matrix_synapse_macaroon_secret_key |
matrix_mautrix_signal_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}" matrix_mautrix_signal_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
matrix_mautrix_signal_db_user: 'signal-db-user' matrix_mautrix_signal_database_engine: 'postgres'
matrix_mautrix_signal_db_password: 'signal-db-password' matrix_mautrix_signal_database_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'mau.signal.db') | to_uuid }}"
matrix_mautrix_signal_db_database: 'signal-db'
###################################################################### ######################################################################
# #
@ -1069,6 +1072,12 @@ matrix_postgres_additional_databases: |
'password': matrix_mautrix_hangouts_database_password, 'password': matrix_mautrix_hangouts_database_password,
}] if (matrix_mautrix_hangouts_enabled and matrix_mautrix_hangouts_database_engine == 'postgres' and matrix_mautrix_hangouts_database_hostname == 'matrix-postgres') else []) }] if (matrix_mautrix_hangouts_enabled and matrix_mautrix_hangouts_database_engine == 'postgres' and matrix_mautrix_hangouts_database_hostname == 'matrix-postgres') else [])
+ +
([{
'name': matrix_mautrix_signal_database_name,
'username': matrix_mautrix_signal_database_username,
'password': matrix_mautrix_signal_database_password,
}] if (matrix_mautrix_signal_enabled and matrix_mautrix_signal_database_engine == 'postgres' and matrix_mautrix_signal_database_hostname == 'matrix-postgres') else [])
+
([{ ([{
'name': matrix_mautrix_telegram_database_name, 'name': matrix_mautrix_telegram_database_name,
'username': matrix_mautrix_telegram_database_username, 'username': matrix_mautrix_telegram_database_username,

View File

@ -30,9 +30,7 @@ matrix_mautrix_signal_container_extra_arguments: []
# TODO: unclear whether to put this into group_vars or keep it here # TODO: unclear whether to put this into group_vars or keep it here
matrix_mautrix_signal_systemd_required_services_list: matrix_mautrix_signal_systemd_required_services_list:
- 'docker.service' - 'docker.service'
- "{{ 'matrix-synapse.service' if matrix_synapse_enabled else [] }}"
- 'matrix-mautrix-signal-daemon.service' - 'matrix-mautrix-signal-daemon.service'
- 'matrix-mautrix-signal-db.service'
# List of systemd services that matrix-mautrix-signal.service wants # List of systemd services that matrix-mautrix-signal.service wants
matrix_mautrix_signal_systemd_wanted_services_list: [] matrix_mautrix_signal_systemd_wanted_services_list: []
@ -40,17 +38,25 @@ matrix_mautrix_signal_systemd_wanted_services_list: []
matrix_mautrix_signal_appservice_token: '' matrix_mautrix_signal_appservice_token: ''
matrix_mautrix_signal_homeserver_token: '' matrix_mautrix_signal_homeserver_token: ''
matrix_mautrix_signal_db_docker_image: "postgres:13.0-alpine" # Database-related configuration fields
matrix_mautrix_signal_db_docker_image_force_pull: "{{ matrix_mautrix_signal_db_docker_image.endswith(':latest') }}" #
matrix_mautrix_signal_db_storage_path: "{{ matrix_mautrix_signal_base_path }}/database" # This bridge only supports postgres.
#
matrix_mautrix_signal_database_engine: 'postgres'
matrix_mautrix_signal_db_user: '' matrix_mautrix_signal_database_username: 'matrix_mautrix_signal'
matrix_mautrix_signal_db_password: '' matrix_mautrix_signal_database_password: 'some-password'
matrix_mautrix_signal_db_host: 'matrix-mautrix-signal-db' matrix_mautrix_signal_database_hostname: 'matrix-postgres'
matrix_mautrix_signal_db_port: '5432' matrix_mautrix_signal_database_port: 5432
matrix_mautrix_signal_db_database: '' matrix_mautrix_signal_database_name: 'matrix_mautrix_signal'
matrix_mautrix_signal_db_url: "postgres://{{ matrix_mautrix_signal_db_user }}:{{ matrix_mautrix_signal_db_password }}@{{ matrix_mautrix_signal_db_host }}:{{ matrix_mautrix_signal_db_port }}/{{ matrix_mautrix_signal_db_database }}" matrix_mautrix_signal_database_connection_string: 'postgres://{{ matrix_mautrix_signal_database_username }}:{{ matrix_mautrix_signal_database_password }}@{{ matrix_mautrix_signal_database_hostname }}:{{ matrix_mautrix_signal_database_port }}/{{ matrix_mautrix_signal_database_name }}'
matrix_mautrix_signal_appservice_database: "{{
{
'postgres': matrix_mautrix_facebook_database_connection_string,
}[matrix_mautrix_signal_database_engine]
}}"
# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth). # Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth).
matrix_mautrix_signal_login_shared_secret: '' matrix_mautrix_signal_login_shared_secret: ''

View File

@ -22,13 +22,6 @@
force_source: "{{ matrix_mautrix_signal_daemon_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force_source: "{{ matrix_mautrix_signal_daemon_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_signal_docker_image_force_pull }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_signal_docker_image_force_pull }}"
- name: Ensure Mautrix Signal database image is pulled
docker_image:
name: "{{ matrix_mautrix_signal_db_docker_image }}"
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
force_source: "{{ matrix_mautrix_signal_db_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_signal_docker_image_force_pull }}"
- name: Ensure Mautrix Signal paths exist - name: Ensure Mautrix Signal paths exist
file: file:
path: "{{ item }}" path: "{{ item }}"
@ -40,7 +33,6 @@
- "{{ matrix_mautrix_signal_base_path }}" - "{{ matrix_mautrix_signal_base_path }}"
- "{{ matrix_mautrix_signal_config_path }}" - "{{ matrix_mautrix_signal_config_path }}"
- "{{ matrix_mautrix_signal_daemon_path }}" - "{{ matrix_mautrix_signal_daemon_path }}"
- "{{ matrix_mautrix_signal_db_storage_path }}"
- name: Ensure mautrix-signal config.yaml installed - name: Ensure mautrix-signal config.yaml installed
copy: copy:
@ -65,13 +57,6 @@
mode: 0644 mode: 0644
register: matrix_mautrix_signal_daemon_systemd_service_result register: matrix_mautrix_signal_daemon_systemd_service_result
- name: Ensure matrix-mautrix-signal-db.service installed
template:
src: "{{ role_path }}/templates/systemd/matrix-mautrix-signal-db.service.j2"
dest: "{{ matrix_systemd_path }}/matrix-mautrix-signal-db.service"
mode: 0644
register: matrix_mautrix_signal_db_systemd_service_result
- name: Ensure matrix-mautrix-signal.service installed - name: Ensure matrix-mautrix-signal.service installed
template: template:
src: "{{ role_path }}/templates/systemd/matrix-mautrix-signal.service.j2" src: "{{ role_path }}/templates/systemd/matrix-mautrix-signal.service.j2"
@ -82,4 +67,4 @@
- name: Ensure systemd reloaded after matrix-mautrix-signal.service installation - name: Ensure systemd reloaded after matrix-mautrix-signal.service installation
service: service:
daemon_reload: yes daemon_reload: yes
when: "matrix_mautrix_signal_systemd_service_result.changed or matrix_mautrix_signal_daemon_systemd_service_result.changed or matrix_mautrix_signal_db_systemd_service_result.changed" when: "matrix_mautrix_signal_systemd_service_result.changed or matrix_mautrix_signal_daemon_systemd_service_result.changed"

View File

@ -1,24 +1,5 @@
--- ---
# Signal database service
- name: Check existence of matrix-mautrix-signal-db service
stat:
path: "{{ matrix_systemd_path }}/matrix-mautrix-signal-db.service"
register: matrix_mautrix_signal_db_service_stat
- name: Ensure matrix-mautrix-signal-db is stopped
service:
name: matrix-mautrix-signal-db
state: stopped
daemon_reload: yes
when: "matrix_mautrix_signal_db_service_stat.stat.exists"
- name: Ensure matrix-mautrix-signal-db.service doesn't exist
file:
path: "{{ matrix_systemd_path }}/matrix-mautrix-signal-db.service"
state: absent
when: "matrix_mautrix_signal_db_service_stat.stat.exists"
# Signal daemon service # Signal daemon service
- name: Check existence of matrix-mautrix-signal-daemon service - name: Check existence of matrix-mautrix-signal-daemon service
stat: stat:
@ -61,4 +42,4 @@
- name: Ensure systemd reloaded after matrix-mautrix-signal_X.service removal - name: Ensure systemd reloaded after matrix-mautrix-signal_X.service removal
service: service:
daemon_reload: yes daemon_reload: yes
when: "matrix_mautrix_signal_service_stat.stat.exists or matrix_mautrix_signal_daemon_service_stat.stat.exists or matrix_mautrix_signal_db_service_stat.stat.exists" when: "matrix_mautrix_signal_service_stat.stat.exists or matrix_mautrix_signal_daemon_service_stat.stat.exists"

View File

@ -10,9 +10,6 @@
- "matrix_mautrix_signal_homeserver_address" - "matrix_mautrix_signal_homeserver_address"
- "matrix_mautrix_signal_homeserver_token" - "matrix_mautrix_signal_homeserver_token"
- "matrix_mautrix_signal_appservice_token" - "matrix_mautrix_signal_appservice_token"
- "matrix_mautrix_signal_db_user"
- "matrix_mautrix_signal_db_password"
- "matrix_mautrix_signal_db_database"
- name: (Deprecation) Catch and report renamed Signal variables - name: (Deprecation) Catch and report renamed Signal variables
fail: fail:
@ -22,3 +19,9 @@
when: "item.old in vars" when: "item.old in vars"
with_items: with_items:
- {'old': 'matrix_mautrix_signal_container_exposed_port_number', 'new': '<superseded by matrix_mautrix_signal_container_http_host_bind_port>'} - {'old': 'matrix_mautrix_signal_container_exposed_port_number', 'new': '<superseded by matrix_mautrix_signal_container_http_host_bind_port>'}
- {'old': 'matrix_mautrix_signal_db_user', 'new': 'matrix_mautrix_signal_database_username'}
- {'old': 'matrix_mautrix_signal_db_password', 'new': 'matrix_mautrix_signal_database_password'}
- {'old': 'matrix_mautrix_signal_db_database', 'new': 'matrix_mautrix_signal_database_name'}
- {'old': 'matrix_mautrix_signal_db_host', 'new': 'matrix_mautrix_signal_database_hostname'}
- {'old': 'matrix_mautrix_signal_db_port', 'new': 'matrix_mautrix_signal_database_port'}
- {'old': 'matrix_mautrix_signal_db_url', 'new': 'matrix_mautrix_signal_database_connection_string'}

View File

@ -27,7 +27,7 @@ appservice:
max_body_size: 1 max_body_size: 1
# The full URI to the database. Only Postgres is currently supported. # The full URI to the database. Only Postgres is currently supported.
database: {{ matrix_mautrix_signal_db_url }} database: {{ matrix_mautrix_signal_database_connection_string }}
# Provisioning API part of the web server for automated portal creation and fetching information. # Provisioning API part of the web server for automated portal creation and fetching information.
# Used by things like mautrix-manager (https://github.com/tulir/mautrix-manager). # Used by things like mautrix-manager (https://github.com/tulir/mautrix-manager).

View File

@ -1,33 +0,0 @@
#jinja2: lstrip_blocks: "True"
[Unit]
Description=Matrix Mautrix Signal database server
[Service]
Type=simple
ExecStartPre=-{{ matrix_host_command_docker }} kill {{ matrix_mautrix_signal_db_host }}
ExecStartPre=-{{ matrix_host_command_docker }} rm {{ matrix_mautrix_signal_db_host }}
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
ExecStartPre={{ matrix_host_command_sleep }} 5
ExecStart={{ matrix_host_command_docker }} run --rm --name {{ matrix_mautrix_signal_db_host }} \
--log-driver=none \
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
--network={{ matrix_docker_network }} \
--env POSTGRES_USER={{ matrix_mautrix_signal_db_user }} \
--env POSTGRES_PASSWORD={{ matrix_mautrix_signal_db_password }} \
--env POSTGRES_DB={{ matrix_mautrix_signal_db_database }} \
-v {{ matrix_mautrix_signal_db_storage_path }}:/var/lib/postgresql/data:z \
-v /etc/passwd:/etc/passwd:ro \
{{ matrix_mautrix_signal_db_docker_image }}
ExecStop=-{{ matrix_host_command_docker }} kill {{ matrix_mautrix_signal_db_host }}
ExecStop=-{{ matrix_host_command_docker }} rm {{ matrix_mautrix_signal_db_host }}
Restart=always
RestartSec=30
SyslogIdentifier=matrix-mautrix-signal-db
[Install]
WantedBy=multi-user.target