Compare commits

..

74 Commits

Author SHA1 Message Date
f3553dd154
feat: add automatic creation of reverse-proxy routing 2022-02-24 09:21:18 +01:00
1755867a2d
meta: move inventory structure to be more usable 2022-02-24 09:21:17 +01:00
3854c3ab86
meta: add own inventory, add vault-unlock with GPG 2022-02-24 09:21:17 +01:00
Slavi Pantaleev
87c9ea0dc6
Merge pull request #1651 from GoliathLabs/jitsi
Updated: jitsi to stable-6865
2022-02-23 14:44:37 +02:00
Slavi Pantaleev
d714ee624b
Merge pull request #1653 from PC-Admin/gomatrixhosting-testing
GoMatrixHosting v0.6.9
2022-02-23 14:30:13 +02:00
PC-Admin
c640799864 GoMatrixHosting v0.6.9 - stop re-writing of matrix_homeserver_generic_secret_key 2022-02-23 20:06:46 +08:00
Slavi Pantaleev
dae5240b0c
Merge pull request #1327 from altsalt/default_room_version_9
Update Synapse default room version (6 -> 9)
2022-02-23 08:08:08 +02:00
Wm Salt Hale
46f74c3ac0
Merge branch 'spantaleev:master' into default_room_version_9 2022-02-22 11:05:13 -08:00
Slavi Pantaleev
ef7acce94b Upgrade Synapse (1.52.0 -> 1.53.0) 2022-02-22 15:34:10 +02:00
Slavi Pantaleev
eca7c277b4
Merge pull request #1650 from GoliathLabs/synapse-admin
Updated: synapse-admin to 0.8.5
2022-02-22 14:57:32 +02:00
Slavi Pantaleev
0e6781fba1
Merge pull request #1649 from GoliathLabs/prometheus
Updated: prometheus to v2.33.3
2022-02-22 14:57:16 +02:00
Slavi Pantaleev
389f96b45b
Merge pull request #1648 from GoliathLabs/certbot
Updated: certbot to v1.23.0
2022-02-22 14:56:56 +02:00
Slavi Pantaleev
28df88643a
Merge pull request #1647 from GoliathLabs/grafana
Updated: grafana to 8.4.1
2022-02-22 14:56:34 +02:00
Slavi Pantaleev
22b82001d6
Merge pull request #1646 from GoliathLabs/ddclient
Updated: ddclient to v3.9.1-ls79
2022-02-22 14:56:00 +02:00
Slavi Pantaleev
8ca98582ef
Merge pull request #1645 from GoliathLabs/mautrix-telegram
Updated: mautrix-telegram to v0.11.2
2022-02-22 14:55:39 +02:00
Slavi Pantaleev
f22b6e6e95
Merge pull request #1644 from GoliathLabs/mautrix-signal
Updated: mautrix-signal to v0.2.3
2022-02-22 14:55:18 +02:00
GoliathLabs
b8f6f6a51a
Updated: jitsi to stable-6865 2022-02-22 13:08:28 +01:00
GoliathLabs
7f4d7444a3
Updated: synapse-admin to 0.8.5 2022-02-22 12:54:31 +01:00
GoliathLabs
728123b9ab
Updated: prometheus to v2.33.3 2022-02-22 12:52:00 +01:00
GoliathLabs
e53cc026d0
Updated: certbot to v1.23.0 2022-02-22 12:50:21 +01:00
GoliathLabs
0f251a2104
Updated: grafana to 8.4.1 2022-02-22 12:47:32 +01:00
GoliathLabs
5b96dd609b
Updated: ddclient to v3.9.1-ls79 2022-02-22 12:45:42 +01:00
GoliathLabs
a4ba2ba601
Updated: mautrix-telegram v0.11.2 2022-02-22 12:37:11 +01:00
GoliathLabs
906f192cf3
Updated: mautrix-signal to v0.2.3 2022-02-22 12:33:55 +01:00
Slavi Pantaleev
b711189e47
Merge pull request #1642 from JokerGermany/patch-2
fix typo
2022-02-20 13:26:48 +02:00
JokerGermany
31d3706166
fix typo 2022-02-20 11:56:03 +01:00
Slavi Pantaleev
6089c8b47b
Merge pull request #1640 from AnonyPla/patch-1
Update for changing the federation port into the documentation
2022-02-20 10:55:28 +02:00
AnonyPla
cb5a8e8736
Update for changing the federation port
This is a proposed add to the documentation to inform users how to change the federation port using the ansible playbook for eventual use with third party services such as CDNs.
2022-02-19 10:49:31 +00:00
Slavi Pantaleev
b9bc2c4eb7
Merge pull request #1639 from ChrisKar96/patch-1
Upgrade Element (1.10.3 -> 1.10.4)
2022-02-18 20:41:25 +02:00
Christos Karamolegkos
a6e766a06a
Upgrade Element (1.10.3 -> 1.10.4) 2022-02-18 19:56:22 +02:00
Slavi Pantaleev
2f722e8625
Merge pull request #1634 from pucilpet/master
Changed to: mautrix-whatsapp v0.2.4 tag
2022-02-16 21:07:30 +02:00
Petteri Pucilowski
fe389bd11a Changed to: mautrix-whatsapp v0.2.4 tag 2022-02-16 19:48:41 +02:00
Slavi Pantaleev
0d4d476cd8
Merge pull request #1631 from aaronraimist/postgres
Postgres Minor Updates (14.2, 13.6, 12.10, 11.15, 10.20)
2022-02-16 11:36:13 +02:00
Aaron Raimist
f0e30c76f3
Postgres Minor Updates (14.2, 13.6, 12.10, 11.15, 10.20) 2022-02-16 09:22:25 +00:00
Slavi Pantaleev
c7885e85aa
Merge pull request #1630 from iambeingtracked/patch-1
Update faq.md
2022-02-16 10:33:43 +02:00
iambeingtracked
6b4afd1051
Update faq.md
It had an extra dot, which resulted in a question mark and a dot after each other
2022-02-16 10:25:36 +02:00
Slavi Pantaleev
1ed46f0a86 Remove Jinja2 templating delimiters from when statement
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1629

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1505
2022-02-16 09:36:33 +02:00
Slavi Pantaleev
8b3fad45f9 Upgrade Element (1.10.1 -> 1.10.3)
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1627
2022-02-15 14:04:08 +02:00
Slavi Pantaleev
241e21c702 Fix typo 2022-02-15 07:04:45 +02:00
Slavi Pantaleev
f0ab2ec506 Add support for configuring allow_embedding for Grafana
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1626
2022-02-15 07:03:25 +02:00
Slavi Pantaleev
cfba9b2cf5 Update matrix_encryption_disabler (patch_power_levels feature)
Related to:

- https://github.com/digitalentity/matrix_encryption_disabler/pull/4
- https://github.com/digitalentity/matrix_encryption_disabler/issues/5
- https://github.com/digitalentity/matrix_encryption_disabler/pull/6
2022-02-14 10:39:14 +02:00
Slavi Pantaleev
5eeb0156b1 Bump matrix_encryption_disabler "version" 2022-02-12 09:55:59 +02:00
Slavi Pantaleev
fb4c6961e9 Announce matrix_encryption_disabler support
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1621
2022-02-12 09:38:53 +02:00
Slavi Pantaleev
f44ca0c7c2 Add support for matrix_encryption_disabler
Related to https://github.com/matrix-org/synapse/issues/4401

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1621
2022-02-12 09:25:24 +02:00
Slavi Pantaleev
c8d924147c
Merge pull request #1622 from FSG-Cat/patch-1
Update Hydrogen from v0.2.25 to v0.2.26
2022-02-12 08:54:48 +02:00
Catalan Lover
cc412dfffe
Update Hydrogen from v0.2.25 to v0.2.26 2022-02-12 00:37:40 +01:00
Slavi Pantaleev
85c66a944f Remove useless cast 2022-02-11 20:05:32 +02:00
Slavi Pantaleev
0ce68b1ca5
Merge pull request #1374 from spantaleev/shared-secret-auth-v2
Upgrade matrix-synapse-shared-secret-auth (1.0.2 -> 2.0)
2022-02-11 10:55:52 +02:00
Slavi Pantaleev
5a69c899a3 Upgrade matrix-synapse-shared-secret-auth (1.0.2 -> 2.0.2)
For now, we disable the new `com.devture.shared_secret_auth` login type
by default, because it causes problems with Element:
https://github.com/vector-im/element-web/issues/19605

This also becomes the first module to use the new Synapse module system
that got introduced in Synapse v1.46.0.

Despite these upgrades, things should remain functionally identical
as far as bridges, matrix-corporal or other consumers are concerned.
2022-02-11 10:23:50 +02:00
Slavi Pantaleev
fa9b69e213
Merge pull request #1614 from Wunderharke/master
add basic fedora support
2022-02-11 08:37:12 +02:00
Slavi Pantaleev
e2e5db3b89
Do not use misleading with_items for a single file 2022-02-11 08:36:05 +02:00
Slavi Pantaleev
6c47b447e3
Do not use misleading with_items for a single file 2022-02-11 08:35:39 +02:00
Slavi Pantaleev
b7df6ceebb
Merge pull request #1618 from ZzMzaw/feat/ssl-doc-update
Add missing endpoints for SSL certificates
2022-02-11 08:17:44 +02:00
ZzMzaw
6576d4596e Add missing endpoints for SSL certificates
Playbook is retrieving certificates for some endpoints which were
not listed in the doc
2022-02-11 06:56:37 +01:00
Wunderharke
a24f7626bd 7330992b20 fixed the major_version compare and made foedora deployments to use setup_redhat8.yml. This however broke the script on fedora as there is no EPEL package. This commit add very basic fedora support. 2022-02-09 16:56:14 +01:00
Slavi Pantaleev
7330992b20 Do not compare ansible_distribution_major_version as a string
Fedora 35 is:

- `ansible_os_family = 'RedHat'`
- `ansible_distribution_major_version = '35'`

Our RedHat checks against v7/v8 are really for RHEL derivatives (CentOS, Rockylinux,
AlmaLinux), but the same checks (by coincidence) apply for Fedora 35.

The problem is that `'35' > '7'` (comparing these as strings) is
`false`.

This patch makes sure that we always cast
`ansible_distribution_major_version` to an integer.

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1610
2022-02-09 16:20:09 +02:00
Slavi Pantaleev
e09694f5ef
Merge pull request #1613 from Marwel/master
some yamllint ignoring
2022-02-09 16:12:12 +02:00
Marko Weltzer
3ad454e06d
Merge branch 'spantaleev:master' into master 2022-02-09 15:04:10 +01:00
Marko Weltzer
43a7cd2efc fix: ignore generated file on yamllint 2022-02-09 15:03:39 +01:00
Slavi Pantaleev
e0df99a7de Fix typo 2022-02-09 14:03:06 +02:00
Marko Weltzer
f92e6ad7b9 fix: disable yamllint on ci line, "on" is not always truthy 2022-02-09 11:19:31 +01:00
Slavi Pantaleev
156a03d93d
Merge pull request #1606 from Marwel/master
yamllint all the things
2022-02-09 10:42:32 +02:00
Slavi Pantaleev
94c9780f7a
Fix matrix_synapse_encryption_enabled_by_default_for_room_type
The value of `off` was taken to be a boolean, but it shouldn't be.

Synapse expects a string (currently one of: `all`, `invite`, `off`).
2022-02-09 10:38:28 +02:00
Slavi Pantaleev
5addb889b1
Fix inconsistent spacing 2022-02-09 10:27:12 +02:00
Marko Weltzer
d27e623c71 fix: manually merge upstream 2022-02-09 09:01:56 +01:00
Marko Weltzer
8e8bf55e15 fix: missing spaces on closing } 2022-02-09 08:52:53 +01:00
Marko Weltzer
902b40fa1b Merge remote-tracking branch 'origin/master' 2022-02-06 11:30:45 +01:00
Marko Weltzer
de025425b5 fix: revert changes to .md files 2022-02-06 11:30:38 +01:00
Marko Weltzer
819574b8ba
Merge branch 'spantaleev:master' into master 2022-02-05 21:37:53 +01:00
Marko Weltzer
8de4e061e1 feat: add yamllint gh action 2022-02-05 21:36:11 +01:00
Marko Weltzer
7e5b88c3b7 fix: all praise the allmighty yamllinter 2022-02-05 21:32:54 +01:00
Wm Salt Hale
ad8d4740a7
Merge branch 'spantaleev:master' into default_room_version_9 2022-01-18 14:56:25 -08:00
Wm Salt Hale
3001b2d32d
Merge branch 'spantaleev:master' into default_room_version_9 2021-12-14 18:19:26 -08:00
Wm Salt Hale
a1cbd5459c
Update Synapse default room version (6 -> 9)
From the [Synapse 1.43.0 release highlights](https://matrix.org/blog/2021/09/21/synapse-1-43-0-released):
> Asks clients to prefer [room version 9](https://github.com/matrix-org/matrix-doc/pull/3375) when creating restricted rooms ([#10772](https://github.com/matrix-org/synapse/issues/10772)), via the API defined in [MSC3244: room version capabilities](https://github.com/matrix-org/matrix-doc/pull/3244).
2021-10-12 09:49:16 -07:00
378 changed files with 1862 additions and 1356 deletions

1
.github/FUNDING.yml vendored
View File

@ -1,3 +1,4 @@
---
# These are supported funding model platforms # These are supported funding model platforms
# https://liberapay.com/s.pantaleev/ # https://liberapay.com/s.pantaleev/

7
.github/dependabot.yaml vendored Normal file
View File

@ -0,0 +1,7 @@
---
version: 2
updates:
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: daily

16
.github/workflows/matrix.yml vendored Normal file
View File

@ -0,0 +1,16 @@
---
name: Matrix CI
on: # yamllint disable-line rule:truthy
push:
pull_request:
jobs:
yamllint:
name: 🧹 yamllint
runs-on: ubuntu-latest
steps:
- name: ⤵️ Check out configuration from GitHub
uses: actions/checkout@v2.4.0
- name: 🚀 Run yamllint
uses: frenck/action-yamllint@v1.1.2

8
.yamllint Normal file
View File

@ -0,0 +1,8 @@
---
extends: default
ignore: |
roles/matrix-synapse/vars/workers.yml
rules:
line-length: disable

View File

@ -1,3 +1,12 @@
# 2022-02-12
## matrix_encryption_disabler support
We now support installing the [matrix_encryption_disabler](https://github.com/digitalentity/matrix_encryption_disabler) Synapse module, which lets you prevent End-to-End-Encryption from being enabled by users on your homeserver. The popular opinion is that this is dangerous and shouldn't be done, but there are valid use cases for disabling encryption discussed [here](https://github.com/matrix-org/synapse/issues/4401).
To enable this module (and prevent encryption from being used on your homserver), add `matrix_synapse_ext_encryption_disabler_enabled: true` to your configuration. This module provides further customization. Check its other configuration settings (and defaults) in `roles/matrix-synapse/defaults/main.yml`.
# 2022-02-01 # 2022-02-01
## matrix-hookshot bridging support ## matrix-hookshot bridging support

View File

@ -47,3 +47,20 @@ matrix_synapse_federation_port_enabled: false
# This removes the `8448` virtual host from the matrix-nginx-proxy reverse-proxy server. # This removes the `8448` virtual host from the matrix-nginx-proxy reverse-proxy server.
matrix_nginx_proxy_proxy_matrix_federation_api_enabled: false matrix_nginx_proxy_proxy_matrix_federation_api_enabled: false
``` ```
## Changing the federation port from 8448 to a different port to use a CDN that only accepts 443/80 ports
Why? This change could be useful for people running small Synapse instances on small severs/VPSes to avoid being impacted by a simple DOS/DDOS when bandwidth, RAM, an CPU resources are limited and if your hosting provider does not provide a DOS/DDOS protection.
The following changes in the configuration file (`inventory/host_vars/matrix.<your-domain>/vars.yml`) will allow this and make it possible to proxy the federation through a CDN such as CloudFlare or any other:
```
matrix_synapse_http_listener_resource_names: ["client","federation"]
# Any port can be used but in this case we use 443
matrix_federation_public_port: 443
matrix_synapse_federation_port_enabled: false
# Note that the following change might not be "required per se" but probably will be due to the proxying of the traffic through the CDN proxy servers (CloudFlare for instance). The security impact of doing this should be minimal as your CDN itself will encrypt the traffic no matter what on their proxy servers. You could however first try and see if federation works while setting the following to true.
matrix_synapse_tls_federation_listener_enabled: false
```
**Use this at you own risk as all the possible side-effects of doing this are not fully known. However, it has been tested and works fine and passes all the tests on <https://federationtester.matrix.org/> without issues.**

View File

@ -67,8 +67,13 @@ By default, it obtains certificates for:
- `matrix.<your-domain>` (`matrix_server_fqn_matrix`) - `matrix.<your-domain>` (`matrix_server_fqn_matrix`)
- possibly for `element.<your-domain>`, unless you have disabled the [Element client component](configuring-playbook-client-element.md) using `matrix_client_element_enabled: false` - possibly for `element.<your-domain>`, unless you have disabled the [Element client component](configuring-playbook-client-element.md) using `matrix_client_element_enabled: false`
- possibly for `riot.<your-domain>`, if you have explicitly enabled Riot to Element redirection (for background compatibility) using `matrix_nginx_proxy_proxy_riot_compat_redirect_enabled: true` - possibly for `riot.<your-domain>`, if you have explicitly enabled Riot to Element redirection (for background compatibility) using `matrix_nginx_proxy_proxy_riot_compat_redirect_enabled: true`
- possibly for `hydrogen.<your-domain>`, if you have explicitly [set up Hydrogen client](configuring-playbook-client-hydrogen.md).
- possibly for `cinny.<your-domain>`, if you have explicitly [set up Cinny client](configuring-playbook-client-cinny.md).
- possibly for `dimension.<your-domain>`, if you have explicitly [set up Dimension](configuring-playbook-dimension.md). - possibly for `dimension.<your-domain>`, if you have explicitly [set up Dimension](configuring-playbook-dimension.md).
- possibly for `goneb.<your-domain>`, if you have explicitly [set up Go-NEB bot](configuring-playbook-bot-go-neb.md).
- possibly for `jitsi.<your-domain>`, if you have explicitly [set up Jitsi](configuring-playbook-jitsi.md). - possibly for `jitsi.<your-domain>`, if you have explicitly [set up Jitsi](configuring-playbook-jitsi.md).
- possibly for `stats.<your-domain>`, if you have explicitly [set up Grafana](configuring-playbook-prometheus-grafana.md).
- possibly for `sygnal.<your-domain>`, if you have explicitly [set up Sygnal](configuring-playbook-sygnal.md).
- possibly for your base domain (`<your-domain>`), if you have explicitly configured [Serving the base domain](configuring-playbook-base-domain-serving.md) - possibly for your base domain (`<your-domain>`), if you have explicitly configured [Serving the base domain](configuring-playbook-base-domain-serving.md)
If you are hosting other domains on the Matrix machine, you can make the playbook obtain and renew certificates for those other domains too. If you are hosting other domains on the Matrix machine, you can make the playbook obtain and renew certificates for those other domains too.

View File

@ -226,7 +226,7 @@ Using a separate domain name is easier to manage (although it's a little hard to
We allow `matrix.DOMAIN` to be the Matrix server handling Matrix stuff for `DOMAIN` by [Server Delegation](howto-server-delegation.md). During the installation procedure, we recommend that you set up server delegation using the [.well-known](configuring-well-known.md) method. We allow `matrix.DOMAIN` to be the Matrix server handling Matrix stuff for `DOMAIN` by [Server Delegation](howto-server-delegation.md). During the installation procedure, we recommend that you set up server delegation using the [.well-known](configuring-well-known.md) method.
If you'd really like to install Matrix services directly on the base domain, see [How do I install on matrix.DOMAIN without involving the base DOMAIN?](#how-do-i-install-on-matrixdomain-without-involving-the-base-domain). If you'd really like to install Matrix services directly on the base domain, see [How do I install on matrix.DOMAIN without involving the base DOMAIN?](#how-do-i-install-on-matrixdomain-without-involving-the-base-domain)
### I don't control anything on the base domain and can't set up delegation to matrix.DOMAIN. What do I do? ### I don't control anything on the base domain and can't set up delegation to matrix.DOMAIN. What do I do?

View File

@ -1,3 +1,4 @@
---
version: '3' version: '3'
services: services:
nginx: nginx:

View File

@ -1,3 +1,4 @@
---
# The bare domain name which represents your Matrix identity. # The bare domain name which represents your Matrix identity.
# Matrix user ids for your server will be of the form (`@user:<matrix-domain>`). # Matrix user ids for your server will be of the form (`@user:<matrix-domain>`).
# #

View File

@ -1128,8 +1128,6 @@ matrix_corporal_matrix_registration_shared_secret: "{{ matrix_synapse_registrati
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-coturn # matrix-coturn
@ -1164,8 +1162,6 @@ matrix_coturn_container_additional_volumes: |
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-dimension # matrix-dimension
@ -1243,8 +1239,6 @@ matrix_dynamic_dns_enabled: false
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-email2matrix # matrix-email2matrix
@ -1261,8 +1255,6 @@ matrix_email2matrix_container_image_self_build: "{{ matrix_architecture not in [
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-jitsi # matrix-jitsi
@ -1307,8 +1299,6 @@ matrix_jitsi_etherpad_base: "{{ matrix_etherpad_base_url if matrix_etherpad_enab
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-mailer # matrix-mailer
@ -1328,8 +1318,6 @@ matrix_mailer_container_image_self_build: "{{ matrix_architecture not in ['amd64
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-ma1sd # matrix-ma1sd
@ -1393,8 +1381,6 @@ matrix_ma1sd_database_password: "{{ '%s' | format(matrix_homeserver_generic_secr
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-nginx-proxy # matrix-nginx-proxy
@ -1570,8 +1556,6 @@ matrix_ssl_pre_obtaining_required_service_name: "{{ 'matrix-dynamic-dns' if matr
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-postgres # matrix-postgres
@ -1820,8 +1804,6 @@ matrix_postgres_import_databases_to_ignore: |
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-sygnal # matrix-sygnal
@ -1842,8 +1824,6 @@ matrix_sygnal_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_enable
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-redis # matrix-redis
@ -1858,8 +1838,6 @@ matrix_redis_enabled: "{{ matrix_synapse_workers_enabled }}"
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-client-element # matrix-client-element
@ -1907,8 +1885,6 @@ matrix_client_element_jitsi_preferredDomain: "{{ matrix_server_fqn_jitsi if matr
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-client-hydrogen # matrix-client-hydrogen
@ -1932,8 +1908,6 @@ matrix_client_hydrogen_self_check_validate_certificates: "{{ false if matrix_ssl
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-client-cinny # matrix-client-cinny
@ -1959,8 +1933,6 @@ matrix_client_cinny_self_check_validate_certificates: "{{ false if matrix_ssl_re
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-synapse # matrix-synapse
@ -2071,8 +2043,6 @@ matrix_synapse_redis_password: "{{ matrix_redis_connection_password if matrix_re
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-synapse-admin # matrix-synapse-admin
@ -2094,8 +2064,6 @@ matrix_synapse_admin_container_image_self_build: "{{ matrix_architecture != 'amd
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-prometheus-node-exporter # matrix-prometheus-node-exporter
@ -2110,8 +2078,6 @@ matrix_prometheus_node_exporter_enabled: false
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-prometheus # matrix-prometheus
@ -2145,7 +2111,6 @@ matrix_prometheus_scraper_hookshot_targets: "{{ [matrix_hookshot_container_url|s
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-prometheus-postgres-exporter # matrix-prometheus-postgres-exporter
@ -2201,8 +2166,6 @@ matrix_grafana_systemd_wanted_services_list: |
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-registration # matrix-registration

View File

@ -1,3 +1,5 @@
---
- import_tasks: "{{ role_path }}/tasks/setup.yml" - import_tasks: "{{ role_path }}/tasks/setup.yml"
when: run_stop|bool when: run_stop|bool
tags: tags:

View File

@ -1,3 +1,5 @@
---
matrix_awx_enabled: true matrix_awx_enabled: true
# Defaults for 'Customise Website + Access Export' template # Defaults for 'Customise Website + Access Export' template

View File

@ -1,3 +1,4 @@
---
- name: Record Backup Server variables locally on AWX - name: Record Backup Server variables locally on AWX
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
@ -38,18 +39,18 @@
credential: "{{ member_id }} - AWX SSH Key" credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/backup_server.json') }}" survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/backup_server.json') }}"
become_enabled: yes become_enabled: true
state: present state: present
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true
tags: use-survey tags: use-survey
- name: Include vars in matrix_vars.yml - name: Include vars in matrix_vars.yml
include_vars: include_vars:
file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml' file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
no_log: True no_log: true
- name: Copy new 'matrix_vars.yml' to target machine - name: Copy new 'matrix_vars.yml' to target machine
copy: copy:

View File

@ -1,3 +1,4 @@
---
- name: Record Bridge Discord AppService variables locally on AWX - name: Record Bridge Discord AppService variables locally on AWX
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
@ -54,4 +55,4 @@
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true

View File

@ -1,3 +1,4 @@
---
- name: Collect current datetime - name: Collect current datetime
set_fact: set_fact:

View File

@ -1,3 +1,4 @@
---
- name: Create a AWX session token for executing modules - name: Create a AWX session token for executing modules
awx.awx.tower_token: awx.awx.tower_token:
@ -7,4 +8,4 @@
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_master_token }}" tower_oauthtoken: "{{ awx_master_token }}"
register: awx_session_token register: awx_session_token
no_log: True no_log: true

View File

@ -1,3 +1,4 @@
---
# #
# Create user and define if they are admin # Create user and define if they are admin
# #

View File

@ -48,7 +48,7 @@
- name: Reload vars in matrix_vars.yml - name: Reload vars in matrix_vars.yml
include_vars: include_vars:
file: '{{ awx_cached_matrix_vars }}' file: '{{ awx_cached_matrix_vars }}'
no_log: True no_log: true
- name: Save new 'Customise Website + Access Export' survey.json to the AWX tower, template - name: Save new 'Customise Website + Access Export' survey.json to the AWX tower, template
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
@ -92,12 +92,12 @@
credential: "{{ member_id }} - AWX SSH Key" credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_website_access_export.json') }}" survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_website_access_export.json') }}"
become_enabled: yes become_enabled: true
state: present state: present
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true
when: awx_customise_base_domain_website is defined when: awx_customise_base_domain_website is defined
- name: Recreate 'Access Export' job template - name: Recreate 'Access Export' job template
@ -114,12 +114,12 @@
credential: "{{ member_id }} - AWX SSH Key" credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/access_export.json') }}" survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/access_export.json') }}"
become_enabled: yes become_enabled: true
state: present state: present
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true
when: awx_customise_base_domain_website is undefined when: awx_customise_base_domain_website is undefined
- name: If user doesn't define a awx_sftp_password, create a disabled 'sftp' account - name: If user doesn't define a awx_sftp_password, create a disabled 'sftp' account
@ -153,7 +153,7 @@
user: user:
name: sftp name: sftp
groups: sftp groups: sftp
append: yes append: true
when: awx_customise_base_domain_website is defined when: awx_customise_base_domain_website is defined
- name: Create the ro /chroot directory with sticky bit if it doesn't exist. (/chroot/website has matrix:matrix permissions and is mounted to nginx container) - name: Create the ro /chroot directory with sticky bit if it doesn't exist. (/chroot/website has matrix:matrix permissions and is mounted to nginx container)

View File

@ -23,7 +23,7 @@
command: rm /chroot/export/matrix* command: rm /chroot/export/matrix*
count: 1 count: 1
units: days units: days
unique: yes unique: true
- name: Delete the AWX session token for executing modules - name: Delete the AWX session token for executing modules
awx.awx.tower_token: awx.awx.tower_token:

View File

@ -3,14 +3,14 @@
- name: Include vars in organisation.yml - name: Include vars in organisation.yml
include_vars: include_vars:
file: '/var/lib/awx/projects/clients/{{ member_id }}/organisation.yml' file: '/var/lib/awx/projects/clients/{{ member_id }}/organisation.yml'
no_log: True no_log: true
- name: Include vars in hosting_vars.yml - name: Include vars in hosting_vars.yml
include_vars: include_vars:
file: '/var/lib/awx/projects/hosting/hosting_vars.yml' file: '/var/lib/awx/projects/hosting/hosting_vars.yml'
no_log: True no_log: true
- name: Include AWX master token from awx_tokens.yml - name: Include AWX master token from awx_tokens.yml
include_vars: include_vars:
file: /var/lib/awx/projects/hosting/awx_tokens.yml file: /var/lib/awx/projects/hosting/awx_tokens.yml
no_log: True no_log: true

View File

@ -3,7 +3,7 @@
- name: Include new vars in matrix_vars.yml - name: Include new vars in matrix_vars.yml
include_vars: include_vars:
file: '{{ awx_cached_matrix_vars }}' file: '{{ awx_cached_matrix_vars }}'
no_log: True no_log: true
- name: If include_vars succeeds overwrite the old matrix_vars.yml - name: If include_vars succeeds overwrite the old matrix_vars.yml
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1

View File

@ -1,4 +1,4 @@
---
# Load initial hosting and organisation variables from AWX volume # Load initial hosting and organisation variables from AWX volume
- include_tasks: - include_tasks:
file: "load_hosting_and_org_variables.yml" file: "load_hosting_and_org_variables.yml"

View File

@ -9,7 +9,7 @@
- name: Include vars in matrix_vars.yml - name: Include vars in matrix_vars.yml
include_vars: include_vars:
file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml' file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
no_log: True no_log: true
- name: Ensure curl and jq intalled on target machine - name: Ensure curl and jq intalled on target machine
apt: apt:
@ -22,7 +22,7 @@
shell: du -sh /matrix/postgres/data shell: du -sh /matrix/postgres/data
register: awx_db_size_before_stat register: awx_db_size_before_stat
when: (awx_purge_mode.find("Perform final shrink") != -1) when: (awx_purge_mode.find("Perform final shrink") != -1)
no_log: True no_log: true
- name: Collect the internal IP of the matrix-synapse container - name: Collect the internal IP of the matrix-synapse container
shell: "/usr/bin/docker inspect --format '{''{range.NetworkSettings.Networks}''}{''{.IPAddress}''}{''{end}''}' matrix-synapse" shell: "/usr/bin/docker inspect --format '{''{range.NetworkSettings.Networks}''}{''{.IPAddress}''}{''{end}''}' matrix-synapse"
@ -34,7 +34,7 @@
curl -X POST -d '{"type":"m.login.password", "user":"admin-janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_matrix/client/r0/login" | jq '.access_token' curl -X POST -d '{"type":"m.login.password", "user":"admin-janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_matrix/client/r0/login" | jq '.access_token'
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
register: awx_janitors_token register: awx_janitors_token
no_log: True no_log: true
- name: Copy build_room_list.py script to target machine - name: Copy build_room_list.py script to target machine
copy: copy:
@ -55,7 +55,7 @@
fetch: fetch:
src: /tmp/room_list_complete.json src: /tmp/room_list_complete.json
dest: "/tmp/{{ subscription_id }}_room_list_complete.json" dest: "/tmp/{{ subscription_id }}_room_list_complete.json"
flat: yes flat: true
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
- name: Remove complete room list from target machine - name: Remove complete room list from target machine
@ -80,7 +80,7 @@
- name: Setting host fact awx_room_list_no_local_users - name: Setting host fact awx_room_list_no_local_users
set_fact: set_fact:
awx_room_list_no_local_users: "{{ lookup('file', '/tmp/{{ subscription_id }}_room_list_no_local_users.txt') }}" awx_room_list_no_local_users: "{{ lookup('file', '/tmp/{{ subscription_id }}_room_list_no_local_users.txt') }}"
no_log: True no_log: true
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
- name: Purge all rooms with no local users - name: Purge all rooms with no local users
@ -113,7 +113,7 @@
set_fact: set_fact:
awx_room_list_joined_members: "{{ lookup('file', '/tmp/{{ subscription_id }}_room_list_joined_members.txt') }}" awx_room_list_joined_members: "{{ lookup('file', '/tmp/{{ subscription_id }}_room_list_joined_members.txt') }}"
when: awx_purge_mode.find("Number of users [slower]") != -1 when: awx_purge_mode.find("Number of users [slower]") != -1
no_log: True no_log: true
- name: Purge all rooms with more then N users - name: Purge all rooms with more then N users
include_tasks: purge_database_users.yml include_tasks: purge_database_users.yml
@ -138,7 +138,7 @@
set_fact: set_fact:
awx_room_list_state_events: "{{ lookup('file', '/tmp/{{ subscription_id }}_room_list_state_events.txt') }}" awx_room_list_state_events: "{{ lookup('file', '/tmp/{{ subscription_id }}_room_list_state_events.txt') }}"
when: awx_purge_mode.find("Number of events [slower]") != -1 when: awx_purge_mode.find("Number of events [slower]") != -1
no_log: True no_log: true
- name: Purge all rooms with more then N events - name: Purge all rooms with more then N events
include_tasks: purge_database_events.yml include_tasks: purge_database_events.yml
@ -161,17 +161,17 @@
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1) when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1)
- name: Execute rust-synapse-compress-state job template - name: Execute rust-synapse-compress-state job template
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
awx.awx.tower_job_launch: awx.awx.tower_job_launch:
job_template: "{{ matrix_domain }} - 0 - Deploy/Update a Server" job_template: "{{ matrix_domain }} - 0 - Deploy/Update a Server"
wait: yes wait: true
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1) when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1)
- name: Revert 'Deploy/Update a Server' job template - name: Revert 'Deploy/Update a Server' job template
@ -190,14 +190,14 @@
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1) when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1)
- name: Ensure matrix-synapse is stopped - name: Ensure matrix-synapse is stopped
service: service:
name: matrix-synapse name: matrix-synapse
state: stopped state: stopped
daemon_reload: yes daemon_reload: true
when: (awx_purge_mode.find("Perform final shrink") != -1) when: (awx_purge_mode.find("Perform final shrink") != -1)
- name: Re-index Synapse database - name: Re-index Synapse database
@ -208,7 +208,7 @@
service: service:
name: matrix-synapse name: matrix-synapse
state: started state: started
daemon_reload: yes daemon_reload: true
when: (awx_purge_mode.find("Perform final shrink") != -1) when: (awx_purge_mode.find("Perform final shrink") != -1)
- name: Adjust 'Deploy/Update a Server' job template - name: Adjust 'Deploy/Update a Server' job template
@ -227,17 +227,17 @@
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true
when: (awx_purge_mode.find("Perform final shrink") != -1) when: (awx_purge_mode.find("Perform final shrink") != -1)
- name: Execute run-postgres-vacuum job template - name: Execute run-postgres-vacuum job template
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
awx.awx.tower_job_launch: awx.awx.tower_job_launch:
job_template: "{{ matrix_domain }} - 0 - Deploy/Update a Server" job_template: "{{ matrix_domain }} - 0 - Deploy/Update a Server"
wait: yes wait: true
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true
when: (awx_purge_mode.find("Perform final shrink") != -1) when: (awx_purge_mode.find("Perform final shrink") != -1)
- name: Revert 'Deploy/Update a Server' job template - name: Revert 'Deploy/Update a Server' job template
@ -256,7 +256,7 @@
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true
when: (awx_purge_mode.find("Perform final shrink") != -1) when: (awx_purge_mode.find("Perform final shrink") != -1)
- name: Cleanup room_list files - name: Cleanup room_list files
@ -264,13 +264,13 @@
shell: | shell: |
rm /tmp/{{ subscription_id }}_room_list* rm /tmp/{{ subscription_id }}_room_list*
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
ignore_errors: yes ignore_errors: true
- name: Collect after shrink size of Synapse database - name: Collect after shrink size of Synapse database
shell: du -sh /matrix/postgres/data shell: du -sh /matrix/postgres/data
register: awx_db_size_after_stat register: awx_db_size_after_stat
when: (awx_purge_mode.find("Perform final shrink") != -1) when: (awx_purge_mode.find("Perform final shrink") != -1)
no_log: True no_log: true
- name: Print total number of rooms processed - name: Print total number of rooms processed
debug: debug:

View File

@ -1,3 +1,4 @@
---
- name: Ensure dateutils is installed in AWX - name: Ensure dateutils is installed in AWX
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
@ -8,7 +9,7 @@
- name: Include vars in matrix_vars.yml - name: Include vars in matrix_vars.yml
include_vars: include_vars:
file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml' file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
no_log: True no_log: true
- name: Ensure curl and jq intalled on target machine - name: Ensure curl and jq intalled on target machine
apt: apt:
@ -25,7 +26,7 @@
shell: | shell: |
curl -XPOST -d '{"type":"m.login.password", "user":"admin-janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_matrix/client/r0/login" | jq '.access_token' curl -XPOST -d '{"type":"m.login.password", "user":"admin-janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_matrix/client/r0/login" | jq '.access_token'
register: awx_janitors_token register: awx_janitors_token
no_log: True no_log: true
- name: Generate list of dates to purge to - name: Generate list of dates to purge to
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
@ -37,16 +38,16 @@
register: awx_local_media_size_before register: awx_local_media_size_before
when: awx_purge_media_type == "Local Media" when: awx_purge_media_type == "Local Media"
async: 600 async: 600
ignore_errors: yes ignore_errors: true
no_log: True no_log: true
- name: Calculate initial size of remote media repository - name: Calculate initial size of remote media repository
shell: du -sh /matrix/synapse/storage/media-store/remote* shell: du -sh /matrix/synapse/storage/media-store/remote*
register: awx_remote_media_size_before register: awx_remote_media_size_before
when: awx_purge_media_type == "Remote Media" when: awx_purge_media_type == "Remote Media"
async: 600 async: 600
ignore_errors: yes ignore_errors: true
no_log: True no_log: true
- name: Purge local media with loop - name: Purge local media with loop
include_tasks: purge_media_local.yml include_tasks: purge_media_local.yml
@ -62,15 +63,15 @@
shell: du -sh /matrix/synapse/storage/media-store/local* shell: du -sh /matrix/synapse/storage/media-store/local*
register: awx_local_media_size_after register: awx_local_media_size_after
when: awx_purge_media_type == "Local Media" when: awx_purge_media_type == "Local Media"
ignore_errors: yes ignore_errors: true
no_log: True no_log: true
- name: Calculate final size of remote media repository - name: Calculate final size of remote media repository
shell: du -sh /matrix/synapse/storage/media-store/remote* shell: du -sh /matrix/synapse/storage/media-store/remote*
register: awx_remote_media_size_after register: awx_remote_media_size_after
when: awx_purge_media_type == "Remote Media" when: awx_purge_media_type == "Remote Media"
ignore_errors: yes ignore_errors: true
no_log: True no_log: true
- name: Print size of local media repository before purge - name: Print size of local media repository before purge
debug: debug:

View File

@ -4,7 +4,7 @@
authorized_key: authorized_key:
user: root user: root
state: present state: present
exclusive: yes exclusive: true
key: "{{ lookup('file', '/var/lib/awx/projects/hosting/client_public.key') }}" key: "{{ lookup('file', '/var/lib/awx/projects/hosting/client_public.key') }}"
- name: Delete the AWX session token for executing modules - name: Delete the AWX session token for executing modules

View File

@ -25,47 +25,47 @@
shell: | shell: |
curl -s localhost:9000 | grep "^synapse_admin_mau_current " curl -s localhost:9000 | grep "^synapse_admin_mau_current "
register: awx_mau_stat register: awx_mau_stat
no_log: True no_log: true
- name: Calculate CPU usage statistics - name: Calculate CPU usage statistics
shell: iostat -c shell: iostat -c
register: awx_cpu_usage_stat register: awx_cpu_usage_stat
no_log: True no_log: true
- name: Calculate RAM usage statistics - name: Calculate RAM usage statistics
shell: free -mh shell: free -mh
register: awx_ram_usage_stat register: awx_ram_usage_stat
no_log: True no_log: true
- name: Calculate free disk space - name: Calculate free disk space
shell: df -h shell: df -h
register: awx_disk_space_stat register: awx_disk_space_stat
no_log: True no_log: true
- name: Calculate size of Synapse database - name: Calculate size of Synapse database
shell: du -sh /matrix/postgres/data shell: du -sh /matrix/postgres/data
register: awx_db_size_stat register: awx_db_size_stat
no_log: True no_log: true
- name: Calculate size of local media repository - name: Calculate size of local media repository
shell: du -sh /matrix/synapse/storage/media-store/local* shell: du -sh /matrix/synapse/storage/media-store/local*
register: awx_local_media_size_stat register: awx_local_media_size_stat
async: 600 async: 600
ignore_errors: yes ignore_errors: true
no_log: True no_log: true
- name: Calculate size of remote media repository - name: Calculate size of remote media repository
shell: du -sh /matrix/synapse/storage/media-store/remote* shell: du -sh /matrix/synapse/storage/media-store/remote*
register: awx_remote_media_size_stat register: awx_remote_media_size_stat
async: 600 async: 600
ignore_errors: yes ignore_errors: true
no_log: True no_log: true
- name: Calculate docker container statistics - name: Calculate docker container statistics
shell: docker stats --all --no-stream shell: docker stats --all --no-stream
register: awx_docker_stats register: awx_docker_stats
ignore_errors: yes ignore_errors: true
no_log: True no_log: true
- name: Print size of remote media repository - name: Print size of remote media repository
debug: debug:

View File

@ -235,9 +235,9 @@
credential: "{{ member_id }} - AWX SSH Key" credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_corporal.json') }}" survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_corporal.json') }}"
become_enabled: yes become_enabled: true
state: present state: present
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true

View File

@ -3,7 +3,7 @@
- name: Include vars in matrix_vars.yml - name: Include vars in matrix_vars.yml
include_vars: include_vars:
file: '{{ awx_cached_matrix_vars }}' file: '{{ awx_cached_matrix_vars }}'
no_log: True no_log: true
- name: Install jq and curl on remote machine - name: Install jq and curl on remote machine
apt: apt:
@ -14,7 +14,7 @@
- name: Collect access token of @admin-dimension user - name: Collect access token of @admin-dimension user
shell: | shell: |
curl -X POST --header 'Content-Type: application/json' -d '{ "identifier": { "type": "m.id.user","user": "admin-dimension" }, "password": "{{ awx_dimension_user_password }}", "type": "m.login.password"}' 'https://matrix.{{ matrix_domain }}/_matrix/client/r0/login' | jq -c '. | {access_token}' | sed 's/.*\":\"//' | sed 's/\"}//' curl -X POST --header 'Content-Type: application/json' -d '{"identifier": {"type": "m.id.user","user": "admin-dimension"}, "password": "{{ awx_dimension_user_password }}", "type": "m.login.password"}' 'https://matrix.{{ matrix_domain }}/_matrix/client/r0/login' | jq -c '. | {access_token}' | sed 's/.*\":\"//' | sed 's/\"}//'
register: awx_dimension_user_access_token register: awx_dimension_user_access_token
- name: Record Synapse variables locally on AWX - name: Record Synapse variables locally on AWX
@ -97,9 +97,9 @@
credential: "{{ member_id }} - AWX SSH Key" credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_dimension.json') }}" survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_dimension.json') }}"
become_enabled: yes become_enabled: true
state: present state: present
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true

View File

@ -172,9 +172,9 @@
credential: "{{ member_id }} - AWX SSH Key" credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_element.json') }}" survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_element.json') }}"
become_enabled: yes become_enabled: true
state: present state: present
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true

View File

@ -40,4 +40,4 @@
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true

View File

@ -37,9 +37,9 @@
credential: "{{ member_id }} - AWX SSH Key" credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_jitsi.json') }}" survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_jitsi.json') }}"
become_enabled: yes become_enabled: true
state: present state: present
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true

View File

@ -66,7 +66,7 @@
with_dict: with_dict:
'awx_matrix_ma1sd_auth_store': '{{ awx_matrix_ma1sd_auth_store }}' 'awx_matrix_ma1sd_auth_store': '{{ awx_matrix_ma1sd_auth_store }}'
'awx_matrix_ma1sd_configuration_extension_yaml': '{{ awx_matrix_ma1sd_configuration_extension_yaml.splitlines() | to_json }}' 'awx_matrix_ma1sd_configuration_extension_yaml': '{{ awx_matrix_ma1sd_configuration_extension_yaml.splitlines() | to_json }}'
no_log: True no_log: true
- name: Save new 'Configure ma1sd' survey.json to the AWX tower, template - name: Save new 'Configure ma1sd' survey.json to the AWX tower, template
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
@ -94,10 +94,9 @@
credential: "{{ member_id }} - AWX SSH Key" credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_ma1sd.json') }}" survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_ma1sd.json') }}"
become_enabled: yes become_enabled: true
state: present state: present
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true

View File

@ -36,9 +36,9 @@
credential: "{{ member_id }} - AWX SSH Key" credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_email_relay.json') }}" survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_email_relay.json') }}"
become_enabled: yes become_enabled: true
state: present state: present
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true

View File

@ -1,3 +1,4 @@
---
- name: Limit max upload size to 200MB part 1 - name: Limit max upload size to 200MB part 1
set_fact: set_fact:
@ -214,9 +215,9 @@
credential: "{{ member_id }} - AWX SSH Key" credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse.json') }}" survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse.json') }}"
become_enabled: yes become_enabled: true
state: present state: present
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true

View File

@ -36,9 +36,9 @@
credential: "{{ member_id }} - AWX SSH Key" credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse_admin.json') }}" survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse_admin.json') }}"
become_enabled: yes become_enabled: true
state: present state: present
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true

View File

@ -7,15 +7,21 @@
regexp: 'matrix_synapse_use_presence' regexp: 'matrix_synapse_use_presence'
replace: 'matrix_synapse_presence_enabled' replace: 'matrix_synapse_presence_enabled'
- name: Generate matrix_homeserver_generic_secret_key variable - name: Search for matrix_homeserver_generic_secret_key variable in matrix_vars.yml
delegate_to: 127.0.0.1
register: presence
shell: "grep -i 'matrix_homeserver_generic_secret_key' /var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml"
no_log: true
- name: Generate matrix_homeserver_generic_secret_key variable if not present
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
command: | command: |
openssl rand -hex 16 openssl rand -hex 16
register: generic_secret register: generic_secret
no_log: True no_log: true
when: ( matrix_homeserver_generic_secret_key is undefined ) or ( matrix_homeserver_generic_secret_key | length == 0 ) when: presence is not changed
- name: Add new matrix_homeserver_generic_secret_key variable - name: Add new matrix_homeserver_generic_secret_key variable if not present
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
lineinfile: lineinfile:
path: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml' path: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
@ -23,4 +29,4 @@
insertbefore: '# Basic Settings End' insertbefore: '# Basic Settings End'
mode: '0600' mode: '0600'
state: present state: present
when: ( matrix_homeserver_generic_secret_key is undefined ) or ( matrix_homeserver_generic_secret_key | length == 0 ) when: presence is not changed

View File

@ -1,3 +1,4 @@
---
# The bare domain name which represents your Matrix identity. # The bare domain name which represents your Matrix identity.
# Matrix user ids for your server will be of the form (`@user:<matrix-domain>`). # Matrix user ids for your server will be of the form (`@user:<matrix-domain>`).
# #
@ -98,8 +99,8 @@ matrix_host_command_openssl: "/usr/bin/env openssl"
matrix_host_command_systemctl: "/usr/bin/env systemctl" matrix_host_command_systemctl: "/usr/bin/env systemctl"
matrix_host_command_sh: "/usr/bin/env sh" matrix_host_command_sh: "/usr/bin/env sh"
matrix_ntpd_package: "{{ 'systemd-timesyncd' if (ansible_os_family == 'RedHat' and ansible_distribution_major_version > '7') or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version > '18') else ( 'systemd' if ansible_os_family == 'Suse' else 'ntp' ) }}" matrix_ntpd_package: "{{ 'systemd-timesyncd' if (ansible_os_family == 'RedHat' and ansible_distribution_major_version|int > 7) or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version|int > 18) else ( 'systemd' if ansible_os_family == 'Suse' else 'ntp' ) }}"
matrix_ntpd_service: "{{ 'systemd-timesyncd' if (ansible_os_family == 'RedHat' and ansible_distribution_major_version > '7') or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version > '18') or ansible_distribution == 'Archlinux' or ansible_os_family == 'Suse' else ('ntpd' if ansible_os_family == 'RedHat' else 'ntp') }}" matrix_ntpd_service: "{{ 'systemd-timesyncd' if (ansible_os_family == 'RedHat' and ansible_distribution_major_version|int > 7) or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version|int > 18) or ansible_distribution == 'Archlinux' or ansible_os_family == 'Suse' else ('ntpd' if ansible_os_family == 'RedHat' else 'ntp') }}"
matrix_homeserver_url: "https://{{ matrix_server_fqn_matrix }}" matrix_homeserver_url: "https://{{ matrix_server_fqn_matrix }}"

View File

@ -0,0 +1,62 @@
[docker-ce-stable]
name=Docker CE Stable - $basearch
baseurl=https://download.docker.com/linux/fedora/$releasever/$basearch/stable
enabled=1
gpgcheck=1
gpgkey=https://download.docker.com/linux/fedora/gpg
[docker-ce-stable-debuginfo]
name=Docker CE Stable - Debuginfo $basearch
baseurl=https://download.docker.com/linux/fedora/$releasever/debug-$basearch/stable
enabled=0
gpgcheck=1
gpgkey=https://download.docker.com/linux/fedora/gpg
[docker-ce-stable-source]
name=Docker CE Stable - Sources
baseurl=https://download.docker.com/linux/fedora/$releasever/source/stable
enabled=0
gpgcheck=1
gpgkey=https://download.docker.com/linux/fedora/gpg
[docker-ce-test]
name=Docker CE Test - $basearch
baseurl=https://download.docker.com/linux/fedora/$releasever/$basearch/test
enabled=0
gpgcheck=1
gpgkey=https://download.docker.com/linux/fedora/gpg
[docker-ce-test-debuginfo]
name=Docker CE Test - Debuginfo $basearch
baseurl=https://download.docker.com/linux/fedora/$releasever/debug-$basearch/test
enabled=0
gpgcheck=1
gpgkey=https://download.docker.com/linux/fedora/gpg
[docker-ce-test-source]
name=Docker CE Test - Sources
baseurl=https://download.docker.com/linux/fedora/$releasever/source/test
enabled=0
gpgcheck=1
gpgkey=https://download.docker.com/linux/fedora/gpg
[docker-ce-nightly]
name=Docker CE Nightly - $basearch
baseurl=https://download.docker.com/linux/fedora/$releasever/$basearch/nightly
enabled=0
gpgcheck=1
gpgkey=https://download.docker.com/linux/fedora/gpg
[docker-ce-nightly-debuginfo]
name=Docker CE Nightly - Debuginfo $basearch
baseurl=https://download.docker.com/linux/fedora/$releasever/debug-$basearch/nightly
enabled=0
gpgcheck=1
gpgkey=https://download.docker.com/linux/fedora/gpg
[docker-ce-nightly-source]
name=Docker CE Nightly - Sources
baseurl=https://download.docker.com/linux/fedora/$releasever/source/nightly
enabled=0
gpgcheck=1
gpgkey=https://download.docker.com/linux/fedora/gpg

View File

@ -1,3 +1,5 @@
---
- import_tasks: "{{ role_path }}/tasks/sanity_check.yml" - import_tasks: "{{ role_path }}/tasks/sanity_check.yml"
tags: tags:
- always - always

View File

@ -1,10 +1,13 @@
--- ---
- include_tasks: "{{ role_path }}/tasks/server_base/setup_redhat.yml" - include_tasks: "{{ role_path }}/tasks/server_base/setup_redhat.yml"
when: ansible_os_family == 'RedHat' and ansible_distribution_major_version < '8' when: ansible_os_family == 'RedHat' and ansible_distribution_major_version|int < 8
- include_tasks: "{{ role_path }}/tasks/server_base/setup_redhat8.yml" - include_tasks: "{{ role_path }}/tasks/server_base/setup_redhat8.yml"
when: ansible_os_family == 'RedHat' and ansible_distribution_major_version > '7' when: ansible_os_family == 'RedHat' and ansible_distribution_major_version|int > 7 and ansible_distribution_major_version|int < 30
- include_tasks: "{{ role_path }}/tasks/server_base/setup_fedora.yml"
when: ansible_os_family == 'RedHat' and ansible_distribution_major_version|int > 30
- block: - block:
# ansible_lsb is only available if lsb-release is installed. # ansible_lsb is only available if lsb-release is installed.
@ -13,7 +16,7 @@
name: name:
- lsb-release - lsb-release
state: present state: present
update_cache: yes update_cache: true
register: lsb_release_installation_result register: lsb_release_installation_result
- name: Reread ansible_lsb facts if lsb-release got installed - name: Reread ansible_lsb facts if lsb-release got installed
@ -34,10 +37,10 @@
service: service:
name: docker name: docker
state: started state: started
enabled: yes enabled: true
- name: "Ensure {{ matrix_ntpd_service }} is started and autoruns" - name: "Ensure {{ matrix_ntpd_service }} is started and autoruns"
service: service:
name: "{{ matrix_ntpd_service }}" name: "{{ matrix_ntpd_service }}"
state: started state: started
enabled: yes enabled: true

View File

@ -6,7 +6,7 @@
- python-docker - python-docker
- python-dnspython - python-dnspython
state: latest state: latest
update_cache: yes update_cache: true
- name: Ensure Docker is installed - name: Ensure Docker is installed
pacman: pacman:

View File

@ -7,7 +7,7 @@
- ca-certificates - ca-certificates
- gnupg - gnupg
state: present state: present
update_cache: yes update_cache: true
- name: Ensure Docker's APT key is trusted - name: Ensure Docker's APT key is trusted
apt_key: apt_key:
@ -22,7 +22,7 @@
apt_repository: apt_repository:
repo: "deb [arch={{ matrix_debian_arch }}] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} stable" repo: "deb [arch={{ matrix_debian_arch }}] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} stable"
state: present state: present
update_cache: yes update_cache: true
when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce' when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce'
- name: Ensure APT packages are installed - name: Ensure APT packages are installed
@ -30,7 +30,7 @@
name: name:
- "{{ matrix_ntpd_package }}" - "{{ matrix_ntpd_package }}"
state: latest state: latest
update_cache: yes update_cache: true
- name: Ensure Docker is installed - name: Ensure Docker is installed
apt: apt:

View File

@ -0,0 +1,39 @@
---
- name: Ensure Docker repository is enabled
template:
src: "{{ role_path }}/files/yum.repos.d/{{ item }}"
dest: "/etc/yum.repos.d/docker-ce.repo"
owner: "root"
group: "root"
mode: 0644
with_items:
- docker-ce-fedora.repo
when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce'
- name: Ensure Docker's RPM key is trusted
rpm_key:
state: present
key: https://download.docker.com/linux/fedora/gpg
when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce'
- name: Ensure yum packages are installed
yum:
name:
- "{{ matrix_ntpd_package }}"
state: latest
update_cache: true
- name: Ensure Docker is installed
yum:
name:
- "{{ matrix_docker_package_name }}"
- python3-pip
state: latest
when: matrix_docker_installation_enabled|bool
- name: Ensure Docker-Py is installed
pip:
name: docker-py
state: latest
when: matrix_docker_installation_enabled|bool

View File

@ -7,7 +7,7 @@
- ca-certificates - ca-certificates
- gnupg - gnupg
state: present state: present
update_cache: yes update_cache: true
- name: Ensure Docker's APT key is trusted - name: Ensure Docker's APT key is trusted
apt_key: apt_key:
@ -22,7 +22,7 @@
apt_repository: apt_repository:
repo: "deb [arch={{ matrix_debian_arch }}] https://download.docker.com/linux/raspbian {{ ansible_distribution_release }} stable" repo: "deb [arch={{ matrix_debian_arch }}] https://download.docker.com/linux/raspbian {{ ansible_distribution_release }} stable"
state: present state: present
update_cache: yes update_cache: true
when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce' when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce'
- name: Ensure APT packages are installed - name: Ensure APT packages are installed
@ -30,7 +30,7 @@
name: name:
- "{{ matrix_ntpd_package }}" - "{{ matrix_ntpd_package }}"
state: latest state: latest
update_cache: yes update_cache: true
- name: Ensure Docker is installed - name: Ensure Docker is installed
apt: apt:

View File

@ -2,13 +2,11 @@
- name: Ensure Docker repository is enabled - name: Ensure Docker repository is enabled
template: template:
src: "{{ role_path }}/files/yum.repos.d/{{ item }}" src: "{{ role_path }}/files/yum.repos.d/docker-ce-centos.repo"
dest: "/etc/yum.repos.d/{{ item }}" dest: "/etc/yum.repos.d/docker-ce.repo"
owner: "root" owner: "root"
group: "root" group: "root"
mode: 0644 mode: 0644
with_items:
- docker-ce.repo
when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce' when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce'
- name: Ensure Docker's RPM key is trusted - name: Ensure Docker's RPM key is trusted
@ -22,7 +20,7 @@
name: name:
- "{{ matrix_ntpd_package }}" - "{{ matrix_ntpd_package }}"
state: latest state: latest
update_cache: yes update_cache: true
- name: Ensure Docker is installed - name: Ensure Docker is installed
yum: yum:

View File

@ -2,13 +2,11 @@
- name: Ensure Docker repository is enabled - name: Ensure Docker repository is enabled
template: template:
src: "{{ role_path }}/files/yum.repos.d/{{ item }}" src: "{{ role_path }}/files/yum.repos.d/docker-ce-centos.repo"
dest: "/etc/yum.repos.d/{{ item }}" dest: "/etc/yum.repos.d/docker-ce.repo"
owner: "root" owner: "root"
group: "root" group: "root"
mode: 0644 mode: 0644
with_items:
- docker-ce.repo
when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce' when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce'
- name: Ensure Docker's RPM key is trusted - name: Ensure Docker's RPM key is trusted
@ -22,14 +20,14 @@
name: name:
- epel-release - epel-release
state: latest state: latest
update_cache: yes update_cache: true
- name: Ensure yum packages are installed - name: Ensure yum packages are installed
yum: yum:
name: name:
- "{{ matrix_ntpd_package }}" - "{{ matrix_ntpd_package }}"
state: latest state: latest
update_cache: yes update_cache: true
- name: Ensure Docker is installed - name: Ensure Docker is installed
yum: yum:

View File

@ -18,8 +18,8 @@
state: present state: present
group: "{{ matrix_user_groupname }}" group: "{{ matrix_user_groupname }}"
home: "{{ matrix_base_data_path }}" home: "{{ matrix_base_data_path }}"
create_home: no create_home: false
system: yes system: true
register: matrix_user register: matrix_user
- name: Set Matrix Group UID Variable - name: Set Matrix Group UID Variable

View File

@ -1,3 +1,4 @@
---
# We need others to be able to read these directories too, # We need others to be able to read these directories too,
# so that matrix-nginx-proxy's nginx user can access the files. # so that matrix-nginx-proxy's nginx user can access the files.
# #

View File

@ -1,4 +1,4 @@
---
# This is for both RedHat 7 and 8 # This is for both RedHat 7 and 8
- name: Ensure fuse installed (RedHat) - name: Ensure fuse installed (RedHat)
yum: yum:

View File

@ -1,4 +1,4 @@
---
# This is for both RedHat 7 and 8 # This is for both RedHat 7 and 8
- name: Ensure openssl installed (RedHat) - name: Ensure openssl installed (RedHat)
yum: yum:

View File

@ -1,3 +1,4 @@
---
# This will contain a list of enabled services that the playbook is managing. # This will contain a list of enabled services that the playbook is managing.
# Each component is expected to append its service name to this list. # Each component is expected to append its service name to this list.
matrix_systemd_services_list: [] matrix_systemd_services_list: []

View File

@ -1,3 +1,4 @@
---
# Go-NEB is a Matrix bot written in Go. It is the successor to Matrix-NEB, the original Matrix bot written in Python. # Go-NEB is a Matrix bot written in Go. It is the successor to Matrix-NEB, the original Matrix bot written in Python.
# See: https://github.com/matrix-org/go-neb # See: https://github.com/matrix-org/go-neb
@ -203,8 +204,8 @@ matrix_bot_go_neb_services: []
# # Each room will get the notification with the alert rendered with the given template # # Each room will get the notification with the alert rendered with the given template
# rooms: # rooms:
# "!someroomid:domain.tld": # "!someroomid:domain.tld":
# text_template: "{% raw %}{{range .Alerts -}} [{{ .Status }}] {{index .Labels \"alertname\" }}: {{index .Annotations \"description\"}} {{ end -}}{% endraw %}" # text_template: "{% raw %}{{range .Alerts -}} [{{ .Status }}] {{index .Labels \"alertname\"}}: {{index .Annotations \"description\"}} {{ end -}}{% endraw %}"
# html_template: "{% raw %}{{range .Alerts -}} {{ $severity := index .Labels \"severity\" }} {{ if eq .Status \"firing\" }} {{ if eq $severity \"critical\"}} <font color='red'><b>[FIRING - CRITICAL]</b></font> {{ else if eq $severity \"warning\"}} <font color='orange'><b>[FIRING - WARNING]</b></font> {{ else }} <b>[FIRING - {{ $severity }}]</b> {{ end }} {{ else }} <font color='green'><b>[RESOLVED]</b></font> {{ end }} {{ index .Labels \"alertname\"}} : {{ index .Annotations \"description\"}} <a href=\"{{ .GeneratorURL }}\">source</a><br/>{{end -}}{% endraw %}" # html_template: "{% raw %}{{range .Alerts -}} {{ $severity := index .Labels \"severity\"}} {{ if eq .Status \"firing\"}} {{ if eq $severity \"critical\"}} <font color='red'><b>[FIRING - CRITICAL]</b></font> {{ else if eq $severity \"warning\"}} <font color='orange'><b>[FIRING - WARNING]</b></font> {{ else }} <b>[FIRING - {{ $severity }}]</b> {{ end }} {{ else }} <font color='green'><b>[RESOLVED]</b></font> {{ end }} {{ index .Labels \"alertname\"}} : {{ index .Annotations \"description\"}} <a href=\"{{ .GeneratorURL }}\">source</a><br/>{{end -}}{% endraw %}"
# msg_type: "m.text" # Must be either `m.text` or `m.notice` # msg_type: "m.text" # Must be either `m.text` or `m.notice`
# Default configuration template which covers the generic use case. # Default configuration template which covers the generic use case.
@ -228,4 +229,3 @@ matrix_bot_go_neb_configuration_extension: "{{ matrix_bot_go_neb_configuration_e
# Holds the final configuration (a combination of the default and its extension). # Holds the final configuration (a combination of the default and its extension).
# You most likely don't need to touch this variable. Instead, see `matrix_bot_go_neb_configuration_yaml`. # You most likely don't need to touch this variable. Instead, see `matrix_bot_go_neb_configuration_yaml`.
matrix_bot_go_neb_configuration: "{{ matrix_bot_go_neb_configuration_yaml|from_yaml|combine(matrix_bot_go_neb_configuration_extension, recursive=True) }}" matrix_bot_go_neb_configuration: "{{ matrix_bot_go_neb_configuration_yaml|from_yaml|combine(matrix_bot_go_neb_configuration_extension, recursive=True) }}"

View File

@ -1,3 +1,5 @@
---
- set_fact: - set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-go-neb.service'] }}" matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-go-neb.service'] }}"
when: matrix_bot_go_neb_enabled|bool when: matrix_bot_go_neb_enabled|bool

View File

@ -1,3 +1,5 @@
---
- import_tasks: "{{ role_path }}/tasks/init.yml" - import_tasks: "{{ role_path }}/tasks/init.yml"
tags: tags:
- always - always

View File

@ -11,9 +11,9 @@
owner: "{{ matrix_user_username }}" owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}" group: "{{ matrix_user_groupname }}"
with_items: with_items:
- { path: "{{ matrix_bot_go_neb_config_path }}", when: true } - {path: "{{ matrix_bot_go_neb_config_path }}", when: true}
- { path: "{{ matrix_bot_go_neb_data_path }}", when: true } - {path: "{{ matrix_bot_go_neb_data_path }}", when: true}
- { path: "{{ matrix_bot_go_neb_data_store_path }}", when: true } - {path: "{{ matrix_bot_go_neb_data_store_path }}", when: true}
when: "item.when|bool" when: "item.when|bool"
- name: Ensure go-neb image is pulled - name: Ensure go-neb image is pulled
@ -40,7 +40,7 @@
- name: Ensure systemd reloaded after matrix-bot-go-neb.service installation - name: Ensure systemd reloaded after matrix-bot-go-neb.service installation
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_bot_go_neb_systemd_service_result.changed|bool" when: "matrix_bot_go_neb_systemd_service_result.changed|bool"
- name: Ensure matrix-bot-go-neb.service restarted, if necessary - name: Ensure matrix-bot-go-neb.service restarted, if necessary

View File

@ -9,8 +9,8 @@
service: service:
name: matrix-bot-go-neb name: matrix-bot-go-neb
state: stopped state: stopped
enabled: no enabled: false
daemon_reload: yes daemon_reload: true
register: stopping_result register: stopping_result
when: "matrix_bot_go_neb_service_stat.stat.exists|bool" when: "matrix_bot_go_neb_service_stat.stat.exists|bool"
@ -22,7 +22,7 @@
- name: Ensure systemd reloaded after matrix-bot-go-neb.service removal - name: Ensure systemd reloaded after matrix-bot-go-neb.service removal
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_bot_go_neb_service_stat.stat.exists|bool" when: "matrix_bot_go_neb_service_stat.stat.exists|bool"
- name: Ensure Matrix go-neb paths don't exist - name: Ensure Matrix go-neb paths don't exist

View File

@ -1,3 +1,4 @@
---
# honoroit is a helpdesk bot # honoroit is a helpdesk bot
# See: https://gitlab.com/etke.cc/honoroit # See: https://gitlab.com/etke.cc/honoroit

View File

@ -1,3 +1,5 @@
---
- set_fact: - set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-honoroit.service'] }}" matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-honoroit.service'] }}"
when: matrix_bot_honoroit_enabled|bool when: matrix_bot_honoroit_enabled|bool

View File

@ -1,3 +1,5 @@
---
- import_tasks: "{{ role_path }}/tasks/init.yml" - import_tasks: "{{ role_path }}/tasks/init.yml"
tags: tags:
- always - always

View File

@ -33,10 +33,10 @@
owner: "{{ matrix_user_username }}" owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}" group: "{{ matrix_user_groupname }}"
with_items: with_items:
- { path: "{{ matrix_bot_honoroit_config_path }}", when: true } - {path: "{{ matrix_bot_honoroit_config_path }}", when: true}
- { path: "{{ matrix_bot_honoroit_data_path }}", when: true } - {path: "{{ matrix_bot_honoroit_data_path }}", when: true}
- { path: "{{ matrix_bot_honoroit_data_store_path }}", when: true } - {path: "{{ matrix_bot_honoroit_data_store_path }}", when: true}
- { path: "{{ matrix_bot_honoroit_docker_src_files_path }}", when: true} - {path: "{{ matrix_bot_honoroit_docker_src_files_path }}", when: true}
when: "item.when|bool" when: "item.when|bool"
- name: Ensure honoroit environment variables file created - name: Ensure honoroit environment variables file created
@ -70,7 +70,7 @@
build: build:
dockerfile: Dockerfile dockerfile: Dockerfile
path: "{{ matrix_bot_honoroit_docker_src_files_path }}" path: "{{ matrix_bot_honoroit_docker_src_files_path }}"
pull: yes pull: true
when: "matrix_bot_honoroit_container_image_self_build|bool" when: "matrix_bot_honoroit_container_image_self_build|bool"
- name: Ensure matrix-bot-honoroit.service installed - name: Ensure matrix-bot-honoroit.service installed
@ -82,7 +82,7 @@
- name: Ensure systemd reloaded after matrix-bot-honoroit.service installation - name: Ensure systemd reloaded after matrix-bot-honoroit.service installation
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_bot_honoroit_systemd_service_result.changed|bool" when: "matrix_bot_honoroit_systemd_service_result.changed|bool"
- name: Ensure matrix-bot-honoroit.service restarted, if necessary - name: Ensure matrix-bot-honoroit.service restarted, if necessary

View File

@ -9,8 +9,8 @@
service: service:
name: matrix-bot-honoroit name: matrix-bot-honoroit
state: stopped state: stopped
enabled: no enabled: false
daemon_reload: yes daemon_reload: true
register: stopping_result register: stopping_result
when: "matrix_bot_honoroit_service_stat.stat.exists|bool" when: "matrix_bot_honoroit_service_stat.stat.exists|bool"
@ -22,7 +22,7 @@
- name: Ensure systemd reloaded after matrix-bot-honoroit.service removal - name: Ensure systemd reloaded after matrix-bot-honoroit.service removal
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_bot_honoroit_service_stat.stat.exists|bool" when: "matrix_bot_honoroit_service_stat.stat.exists|bool"
- name: Ensure Matrix honoroit paths don't exist - name: Ensure Matrix honoroit paths don't exist

View File

@ -1,3 +1,4 @@
---
# matrix-reminder-bot is a bot for one-off and recurring reminders # matrix-reminder-bot is a bot for one-off and recurring reminders
# See: https://github.com/anoadragon453/matrix-reminder-bot # See: https://github.com/anoadragon453/matrix-reminder-bot

View File

@ -1,3 +1,5 @@
---
- set_fact: - set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-matrix-reminder-bot.service'] }}" matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-matrix-reminder-bot.service'] }}"
when: matrix_bot_matrix_reminder_bot_enabled|bool when: matrix_bot_matrix_reminder_bot_enabled|bool

View File

@ -1,3 +1,5 @@
---
- import_tasks: "{{ role_path }}/tasks/init.yml" - import_tasks: "{{ role_path }}/tasks/init.yml"
tags: tags:
- always - always

View File

@ -34,10 +34,10 @@
owner: "{{ matrix_user_username }}" owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}" group: "{{ matrix_user_groupname }}"
with_items: with_items:
- { path: "{{ matrix_bot_matrix_reminder_bot_config_path }}", when: true } - {path: "{{ matrix_bot_matrix_reminder_bot_config_path }}", when: true}
- { path: "{{ matrix_bot_matrix_reminder_bot_data_path }}", when: true } - {path: "{{ matrix_bot_matrix_reminder_bot_data_path }}", when: true}
- { path: "{{ matrix_bot_matrix_reminder_bot_data_store_path }}", when: true } - {path: "{{ matrix_bot_matrix_reminder_bot_data_store_path }}", when: true}
- { path: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}", when: true} - {path: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}", when: true}
when: "item.when|bool" when: "item.when|bool"
- name: Ensure matrix-reminder-bot image is pulled - name: Ensure matrix-reminder-bot image is pulled
@ -65,7 +65,7 @@
build: build:
dockerfile: docker/Dockerfile dockerfile: docker/Dockerfile
path: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}" path: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}"
pull: yes pull: true
when: "matrix_bot_matrix_reminder_bot_container_image_self_build|bool" when: "matrix_bot_matrix_reminder_bot_container_image_self_build|bool"
- name: Ensure matrix-reminder-bot config installed - name: Ensure matrix-reminder-bot config installed
@ -85,7 +85,7 @@
- name: Ensure systemd reloaded after matrix-bot-matrix-reminder-bot.service installation - name: Ensure systemd reloaded after matrix-bot-matrix-reminder-bot.service installation
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_bot_matrix_reminder_bot_systemd_service_result.changed|bool" when: "matrix_bot_matrix_reminder_bot_systemd_service_result.changed|bool"
- name: Ensure matrix-bot-matrix-reminder-bot.service restarted, if necessary - name: Ensure matrix-bot-matrix-reminder-bot.service restarted, if necessary

View File

@ -9,8 +9,8 @@
service: service:
name: matrix-bot-matrix-reminder-bot name: matrix-bot-matrix-reminder-bot
state: stopped state: stopped
enabled: no enabled: false
daemon_reload: yes daemon_reload: true
register: stopping_result register: stopping_result
when: "matrix_bot_matrix_reminder_bot_service_stat.stat.exists|bool" when: "matrix_bot_matrix_reminder_bot_service_stat.stat.exists|bool"
@ -22,7 +22,7 @@
- name: Ensure systemd reloaded after matrix-bot-matrix-reminder-bot.service removal - name: Ensure systemd reloaded after matrix-bot-matrix-reminder-bot.service removal
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_bot_matrix_reminder_bot_service_stat.stat.exists|bool" when: "matrix_bot_matrix_reminder_bot_service_stat.stat.exists|bool"
- name: Ensure Matrix matrix-reminder-bot paths don't exist - name: Ensure Matrix matrix-reminder-bot paths don't exist

View File

@ -1,3 +1,4 @@
---
# A moderation tool for Matrix # A moderation tool for Matrix
# See: https://github.com/matrix-org/mjolnir # See: https://github.com/matrix-org/mjolnir
@ -56,4 +57,3 @@ matrix_bot_mjolnir_configuration_extension: "{{ matrix_bot_mjolnir_configuration
# Holds the final configuration (a combination of the default and its extension). # Holds the final configuration (a combination of the default and its extension).
# You most likely don't need to touch this variable. Instead, see `matrix_bot_mjolnir_configuration_yaml`. # You most likely don't need to touch this variable. Instead, see `matrix_bot_mjolnir_configuration_yaml`.
matrix_bot_mjolnir_configuration: "{{ matrix_bot_mjolnir_configuration_yaml|from_yaml|combine(matrix_bot_mjolnir_configuration_extension, recursive=True) }}" matrix_bot_mjolnir_configuration: "{{ matrix_bot_mjolnir_configuration_yaml|from_yaml|combine(matrix_bot_mjolnir_configuration_extension, recursive=True) }}"

View File

@ -1,3 +1,4 @@
---
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070 # See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
- name: Fail if trying to self-build on Ansible < 2.8 - name: Fail if trying to self-build on Ansible < 2.8

View File

@ -1,3 +1,5 @@
---
- import_tasks: "{{ role_path }}/tasks/init.yml" - import_tasks: "{{ role_path }}/tasks/init.yml"
tags: tags:
- always - always

View File

@ -11,10 +11,10 @@
owner: "{{ matrix_user_username }}" owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}" group: "{{ matrix_user_groupname }}"
with_items: with_items:
- { path: "{{ matrix_bot_mjolnir_base_path }}", when: true } - {path: "{{ matrix_bot_mjolnir_base_path }}", when: true}
- { path: "{{ matrix_bot_mjolnir_config_path }}", when: true } - {path: "{{ matrix_bot_mjolnir_config_path }}", when: true}
- { path: "{{ matrix_bot_mjolnir_data_path }}", when: true } - {path: "{{ matrix_bot_mjolnir_data_path }}", when: true}
- { path: "{{ matrix_bot_mjolnir_docker_src_files_path }}", when: "{{ matrix_bot_mjolnir_container_image_self_build }}" } - {path: "{{ matrix_bot_mjolnir_docker_src_files_path }}", when: "{{ matrix_bot_mjolnir_container_image_self_build }}"}
when: "item.when|bool" when: "item.when|bool"
- name: Ensure mjolnir Docker image is pulled - name: Ensure mjolnir Docker image is pulled
@ -42,7 +42,7 @@
build: build:
dockerfile: Dockerfile dockerfile: Dockerfile
path: "{{ matrix_bot_mjolnir_docker_src_files_path }}" path: "{{ matrix_bot_mjolnir_docker_src_files_path }}"
pull: yes pull: true
when: "matrix_bot_mjolnir_container_image_self_build|bool" when: "matrix_bot_mjolnir_container_image_self_build|bool"
- name: Ensure matrix-bot-mjolnir config installed - name: Ensure matrix-bot-mjolnir config installed
@ -62,7 +62,7 @@
- name: Ensure systemd reloaded after matrix-bot-mjolnir.service installation - name: Ensure systemd reloaded after matrix-bot-mjolnir.service installation
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_bot_mjolnir_systemd_service_result.changed|bool" when: "matrix_bot_mjolnir_systemd_service_result.changed|bool"
- name: Ensure matrix-bot-mjolnir.service restarted, if necessary - name: Ensure matrix-bot-mjolnir.service restarted, if necessary

View File

@ -9,8 +9,8 @@
service: service:
name: matrix-bot-mjolnir name: matrix-bot-mjolnir
state: stopped state: stopped
enabled: no enabled: false
daemon_reload: yes daemon_reload: true
register: stopping_result register: stopping_result
when: "matrix_bot_mjolnir_service_stat.stat.exists|bool" when: "matrix_bot_mjolnir_service_stat.stat.exists|bool"
@ -22,7 +22,7 @@
- name: Ensure systemd reloaded after matrix-bot-mjolnir.service removal - name: Ensure systemd reloaded after matrix-bot-mjolnir.service removal
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_bot_mjolnir_service_stat.stat.exists|bool" when: "matrix_bot_mjolnir_service_stat.stat.exists|bool"
- name: Ensure matrix-bot-mjolnir paths don't exist - name: Ensure matrix-bot-mjolnir paths don't exist

View File

@ -1,3 +1,4 @@
---
# matrix-appservice-discord is a Matrix <-> Discord bridge # matrix-appservice-discord is a Matrix <-> Discord bridge
# See: https://github.com/Half-Shot/matrix-appservice-discord # See: https://github.com/Half-Shot/matrix-appservice-discord

View File

@ -1,3 +1,4 @@
---
# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist. # If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
# We don't want to fail in such cases. # We don't want to fail in such cases.
- name: Fail if matrix-synapse role already executed - name: Fail if matrix-synapse role already executed

View File

@ -1,3 +1,5 @@
---
- import_tasks: "{{ role_path }}/tasks/init.yml" - import_tasks: "{{ role_path }}/tasks/init.yml"
tags: tags:
- always - always

View File

@ -54,8 +54,8 @@
service: service:
name: matrix-appservice-discord name: matrix-appservice-discord
state: stopped state: stopped
enabled: no enabled: false
daemon_reload: yes daemon_reload: true
failed_when: false failed_when: false
when: "matrix_appservice_discord_stat_db.stat.exists" when: "matrix_appservice_discord_stat_db.stat.exists"
@ -105,7 +105,7 @@
- name: Ensure systemd reloaded after matrix-appservice-discord.service installation - name: Ensure systemd reloaded after matrix-appservice-discord.service installation
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_appservice_discord_systemd_service_result.changed" when: "matrix_appservice_discord_systemd_service_result.changed"
- name: Ensure matrix-appservice-discord.service restarted, if necessary - name: Ensure matrix-appservice-discord.service restarted, if necessary

View File

@ -9,8 +9,8 @@
service: service:
name: matrix-appservice-discord name: matrix-appservice-discord
state: stopped state: stopped
enabled: no enabled: false
daemon_reload: yes daemon_reload: true
when: "matrix_appservice_discord_service_stat.stat.exists" when: "matrix_appservice_discord_service_stat.stat.exists"
- name: Ensure matrix-appservice-discord.service doesn't exist - name: Ensure matrix-appservice-discord.service doesn't exist
@ -21,5 +21,5 @@
- name: Ensure systemd reloaded after matrix-appservice-discord.service removal - name: Ensure systemd reloaded after matrix-appservice-discord.service removal
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_appservice_discord_service_stat.stat.exists" when: "matrix_appservice_discord_service_stat.stat.exists"

View File

@ -1,3 +1,4 @@
---
# Matrix Appservice IRC is a Matrix <-> IRC bridge # Matrix Appservice IRC is a Matrix <-> IRC bridge
# See: https://github.com/matrix-org/matrix-appservice-irc # See: https://github.com/matrix-org/matrix-appservice-irc

View File

@ -1,3 +1,4 @@
---
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070 # See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
- name: Fail if trying to self-build on Ansible < 2.8 - name: Fail if trying to self-build on Ansible < 2.8

View File

@ -1,3 +1,5 @@
---
- import_tasks: "{{ role_path }}/tasks/init.yml" - import_tasks: "{{ role_path }}/tasks/init.yml"
tags: tags:
- always - always

View File

@ -1,3 +1,5 @@
---
- name: Fail if Postgres not enabled - name: Fail if Postgres not enabled
fail: fail:
msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot migrate." msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot migrate."
@ -16,7 +18,7 @@
service: service:
name: matrix-postgres name: matrix-postgres
state: started state: started
daemon_reload: yes daemon_reload: true
register: matrix_postgres_service_start_result register: matrix_postgres_service_start_result
- name: Wait a bit, so that Postgres can start - name: Wait a bit, so that Postgres can start

View File

@ -10,10 +10,10 @@
owner: "{{ matrix_user_username }}" owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}" group: "{{ matrix_user_groupname }}"
with_items: with_items:
- { path: "{{ matrix_appservice_irc_base_path }}", when: true } - {path: "{{ matrix_appservice_irc_base_path }}", when: true}
- { path: "{{ matrix_appservice_irc_config_path }}", when: true } - {path: "{{ matrix_appservice_irc_config_path }}", when: true}
- { path: "{{ matrix_appservice_irc_data_path }}", when: true } - {path: "{{ matrix_appservice_irc_data_path }}", when: true}
- { path: "{{ matrix_appservice_irc_docker_src_files_path }}", when: "{{ matrix_appservice_irc_container_image_self_build }}" } - {path: "{{ matrix_appservice_irc_docker_src_files_path }}", when: "{{ matrix_appservice_irc_container_image_self_build }}"}
when: item.when|bool when: item.when|bool
- name: Check if an old passkey file already exists - name: Check if an old passkey file already exists
@ -26,7 +26,7 @@
service: service:
name: matrix-appservice-irc name: matrix-appservice-irc
state: stopped state: stopped
daemon_reload: yes daemon_reload: true
failed_when: false failed_when: false
- name: (Data relocation) Move AppService IRC passkey.pem file to ./data directory - name: (Data relocation) Move AppService IRC passkey.pem file to ./data directory
@ -82,7 +82,7 @@
build: build:
dockerfile: Dockerfile dockerfile: Dockerfile
path: "{{ matrix_appservice_irc_docker_src_files_path }}" path: "{{ matrix_appservice_irc_docker_src_files_path }}"
pull: yes pull: true
when: "matrix_appservice_irc_enabled|bool and matrix_appservice_irc_container_image_self_build|bool and matrix_appservice_irc_git_pull_results.changed" when: "matrix_appservice_irc_enabled|bool and matrix_appservice_irc_container_image_self_build|bool and matrix_appservice_irc_git_pull_results.changed"
- name: Ensure Matrix Appservice IRC config installed - name: Ensure Matrix Appservice IRC config installed
@ -186,7 +186,7 @@
- name: Ensure systemd reloaded after matrix-appservice-irc.service installation - name: Ensure systemd reloaded after matrix-appservice-irc.service installation
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_appservice_irc_systemd_service_result.changed" when: "matrix_appservice_irc_systemd_service_result.changed"
- name: Ensure matrix-appservice-irc.service restarted, if necessary - name: Ensure matrix-appservice-irc.service restarted, if necessary

View File

@ -9,8 +9,8 @@
service: service:
name: matrix-appservice-irc name: matrix-appservice-irc
state: stopped state: stopped
enabled: no enabled: false
daemon_reload: yes daemon_reload: true
when: "matrix_appservice_irc_service_stat.stat.exists" when: "matrix_appservice_irc_service_stat.stat.exists"
- name: Ensure matrix-appservice-irc.service doesn't exist - name: Ensure matrix-appservice-irc.service doesn't exist
@ -21,5 +21,5 @@
- name: Ensure systemd reloaded after matrix-appservice-irc.service removal - name: Ensure systemd reloaded after matrix-appservice-irc.service removal
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_appservice_irc_service_stat.stat.exists" when: "matrix_appservice_irc_service_stat.stat.exists"

View File

@ -1,3 +1,4 @@
---
# matrix-appservice-slack is a Matrix <-> Slack bridge # matrix-appservice-slack is a Matrix <-> Slack bridge
# See: https://github.com/matrix-org/matrix-appservice-slack # See: https://github.com/matrix-org/matrix-appservice-slack

View File

@ -1,3 +1,4 @@
---
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070 # See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
- name: Fail if trying to self-build on Ansible < 2.8 - name: Fail if trying to self-build on Ansible < 2.8

View File

@ -1,3 +1,5 @@
---
- import_tasks: "{{ role_path }}/tasks/init.yml" - import_tasks: "{{ role_path }}/tasks/init.yml"
tags: tags:
- always - always

View File

@ -1,3 +1,5 @@
---
- name: Fail if Postgres not enabled - name: Fail if Postgres not enabled
fail: fail:
msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot migrate." msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot migrate."
@ -16,7 +18,7 @@
service: service:
name: matrix-postgres name: matrix-postgres
state: started state: started
daemon_reload: yes daemon_reload: true
register: matrix_postgres_service_start_result register: matrix_postgres_service_start_result
- name: Wait a bit, so that Postgres can start - name: Wait a bit, so that Postgres can start

View File

@ -8,10 +8,10 @@
owner: "{{ matrix_user_username }}" owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}" group: "{{ matrix_user_groupname }}"
with_items: with_items:
- { path: "{{ matrix_appservice_slack_base_path }}", when: true } - {path: "{{ matrix_appservice_slack_base_path }}", when: true}
- { path: "{{ matrix_appservice_slack_config_path }}", when: true } - {path: "{{ matrix_appservice_slack_config_path }}", when: true}
- { path: "{{ matrix_appservice_slack_data_path }}", when: true } - {path: "{{ matrix_appservice_slack_data_path }}", when: true}
- { path: "{{ matrix_appservice_slack_docker_src_files_path }}", when: "{{ matrix_appservice_slack_container_image_self_build }}" } - {path: "{{ matrix_appservice_slack_docker_src_files_path }}", when: "{{ matrix_appservice_slack_container_image_self_build }}"}
when: item.when|bool when: item.when|bool
- set_fact: - set_fact:
@ -56,7 +56,7 @@
build: build:
dockerfile: Dockerfile dockerfile: Dockerfile
path: "{{ matrix_appservice_slack_docker_src_files_path }}" path: "{{ matrix_appservice_slack_docker_src_files_path }}"
pull: yes pull: true
when: "matrix_appservice_slack_container_image_self_build|bool and matrix_appservice_slack_git_pull_results.changed" when: "matrix_appservice_slack_container_image_self_build|bool and matrix_appservice_slack_git_pull_results.changed"
- name: Ensure Matrix Appservice Slack config installed - name: Ensure Matrix Appservice Slack config installed
@ -84,7 +84,7 @@
- name: Ensure systemd reloaded after matrix-appservice-slack.service installation - name: Ensure systemd reloaded after matrix-appservice-slack.service installation
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_appservice_slack_systemd_service_result.changed" when: "matrix_appservice_slack_systemd_service_result.changed"
- name: Ensure matrix-appservice-slack.service restarted, if necessary - name: Ensure matrix-appservice-slack.service restarted, if necessary

View File

@ -9,8 +9,8 @@
service: service:
name: matrix-appservice-slack name: matrix-appservice-slack
state: stopped state: stopped
enabled: no enabled: false
daemon_reload: yes daemon_reload: true
when: "matrix_appservice_slack_service_stat.stat.exists" when: "matrix_appservice_slack_service_stat.stat.exists"
- name: Ensure matrix-appservice-slack.service doesn't exist - name: Ensure matrix-appservice-slack.service doesn't exist
@ -21,5 +21,5 @@
- name: Ensure systemd reloaded after matrix-appservice-slack.service removal - name: Ensure systemd reloaded after matrix-appservice-slack.service removal
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_appservice_slack_service_stat.stat.exists" when: "matrix_appservice_slack_service_stat.stat.exists"

View File

@ -1,3 +1,4 @@
---
# matrix-appservice-webhooks is a Matrix <-> webhook bridge # matrix-appservice-webhooks is a Matrix <-> webhook bridge
# See: https://github.com/redoonetworks/matrix-appservice-webhooks # See: https://github.com/redoonetworks/matrix-appservice-webhooks

View File

@ -1,3 +1,4 @@
---
# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist. # If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
# We don't want to fail in such cases. # We don't want to fail in such cases.
- name: Fail if matrix-synapse role already executed - name: Fail if matrix-synapse role already executed

View File

@ -1,3 +1,5 @@
---
- import_tasks: "{{ role_path }}/tasks/init.yml" - import_tasks: "{{ role_path }}/tasks/init.yml"
tags: tags:
- always - always

View File

@ -8,10 +8,10 @@
owner: "{{ matrix_user_username }}" owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}" group: "{{ matrix_user_groupname }}"
with_items: with_items:
- { path: "{{ matrix_appservice_webhooks_base_path }}", when: true } - {path: "{{ matrix_appservice_webhooks_base_path }}", when: true}
- { path: "{{ matrix_appservice_webhooks_config_path }}", when: true } - {path: "{{ matrix_appservice_webhooks_config_path }}", when: true}
- { path: "{{ matrix_appservice_webhooks_data_path }}", when: true } - {path: "{{ matrix_appservice_webhooks_data_path }}", when: true}
- { path: "{{ matrix_appservice_webhooks_docker_src_files_path }}", when: "{{ matrix_appservice_webhooks_container_image_self_build }}"} - {path: "{{ matrix_appservice_webhooks_docker_src_files_path }}", when: "{{ matrix_appservice_webhooks_container_image_self_build }}"}
when: "item.when|bool" when: "item.when|bool"
- name: Ensure Appservice webhooks image is pulled - name: Ensure Appservice webhooks image is pulled
@ -40,7 +40,7 @@
build: build:
dockerfile: "{{ matrix_appservice_webhooks_container_image_self_build_repo_dockerfile_path }}" dockerfile: "{{ matrix_appservice_webhooks_container_image_self_build_repo_dockerfile_path }}"
path: "{{ matrix_appservice_webhooks_docker_src_files_path }}" path: "{{ matrix_appservice_webhooks_docker_src_files_path }}"
pull: yes pull: true
when: "matrix_appservice_webhooks_container_image_self_build|bool" when: "matrix_appservice_webhooks_container_image_self_build|bool"
- name: Ensure Matrix Appservice webhooks config is installed - name: Ensure Matrix Appservice webhooks config is installed
@ -84,5 +84,5 @@
- name: Ensure systemd reloaded after matrix-appservice-webhooks.service installation - name: Ensure systemd reloaded after matrix-appservice-webhooks.service installation
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_appservice_webhooks_systemd_service_result.changed" when: "matrix_appservice_webhooks_systemd_service_result.changed"

View File

@ -9,8 +9,8 @@
service: service:
name: matrix-appservice-webhooks name: matrix-appservice-webhooks
state: stopped state: stopped
enabled: no enabled: false
daemon_reload: yes daemon_reload: true
when: "matrix_appservice_webhooks_service_stat.stat.exists" when: "matrix_appservice_webhooks_service_stat.stat.exists"
- name: Ensure matrix-appservice-webhooks.service doesn't exist - name: Ensure matrix-appservice-webhooks.service doesn't exist
@ -21,5 +21,5 @@
- name: Ensure systemd reloaded after matrix-appservice-webhooks.service removal - name: Ensure systemd reloaded after matrix-appservice-webhooks.service removal
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_appservice_webhooks_service_stat.stat.exists" when: "matrix_appservice_webhooks_service_stat.stat.exists"

View File

@ -1,3 +1,4 @@
---
# beeper-linkedin is a Matrix <-> LinkedIn bridge # beeper-linkedin is a Matrix <-> LinkedIn bridge
# See: https://gitlab.com/beeper/linkedin # See: https://gitlab.com/beeper/linkedin

View File

@ -1,3 +1,5 @@
---
- set_fact: - set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-beeper-linkedin.service'] }}" matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-beeper-linkedin.service'] }}"
when: matrix_beeper_linkedin_enabled|bool when: matrix_beeper_linkedin_enabled|bool

View File

@ -1,3 +1,5 @@
---
- import_tasks: "{{ role_path }}/tasks/init.yml" - import_tasks: "{{ role_path }}/tasks/init.yml"
tags: tags:
- always - always

View File

@ -15,10 +15,10 @@
owner: "{{ matrix_user_username }}" owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}" group: "{{ matrix_user_groupname }}"
with_items: with_items:
- { path: "{{ matrix_beeper_linkedin_base_path }}", when: true } - {path: "{{ matrix_beeper_linkedin_base_path }}", when: true}
- { path: "{{ matrix_beeper_linkedin_config_path }}", when: true } - {path: "{{ matrix_beeper_linkedin_config_path }}", when: true}
- { path: "{{ matrix_beeper_linkedin_data_path }}", when: true } - {path: "{{ matrix_beeper_linkedin_data_path }}", when: true}
- { path: "{{ matrix_beeper_linkedin_docker_src_files_path }}", when: "{{ matrix_beeper_linkedin_container_image_self_build }}" } - {path: "{{ matrix_beeper_linkedin_docker_src_files_path }}", when: "{{ matrix_beeper_linkedin_container_image_self_build }}"}
when: "item.when|bool" when: "item.when|bool"
@ -60,7 +60,7 @@
build: build:
dockerfile: Dockerfile dockerfile: Dockerfile
path: "{{ matrix_beeper_linkedin_docker_src_files_path }}" path: "{{ matrix_beeper_linkedin_docker_src_files_path }}"
pull: yes pull: true
args: args:
TARGETARCH: "{{ matrix_architecture }}" TARGETARCH: "{{ matrix_architecture }}"
when: "matrix_beeper_linkedin_container_image_self_build|bool" when: "matrix_beeper_linkedin_container_image_self_build|bool"
@ -90,5 +90,5 @@
- name: Ensure systemd reloaded after matrix-beeper-linkedin.service installation - name: Ensure systemd reloaded after matrix-beeper-linkedin.service installation
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_beeper_linkedin_systemd_service_result.changed" when: "matrix_beeper_linkedin_systemd_service_result.changed"

View File

@ -9,8 +9,8 @@
service: service:
name: matrix-beeper-linkedin name: matrix-beeper-linkedin
state: stopped state: stopped
enabled: no enabled: false
daemon_reload: yes daemon_reload: true
when: "matrix_beeper_linkedin_service_stat.stat.exists" when: "matrix_beeper_linkedin_service_stat.stat.exists"
- name: Ensure matrix-beeper-linkedin.service doesn't exist - name: Ensure matrix-beeper-linkedin.service doesn't exist
@ -21,5 +21,5 @@
- name: Ensure systemd reloaded after matrix-beeper-linkedin.service removal - name: Ensure systemd reloaded after matrix-beeper-linkedin.service removal
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_beeper_linkedin_service_stat.stat.exists" when: "matrix_beeper_linkedin_service_stat.stat.exists"

Some files were not shown because too many files have changed in this diff Show More