Compare commits
41 Commits
6c1459f846
...
e539cdc83a
Author | SHA1 | Date | |
---|---|---|---|
e539cdc83a | |||
87aefc5216 | |||
06c389e404 | |||
f2c651833c | |||
171ab8f884 | |||
d13ace1f2a | |||
|
de671ad58a | ||
|
5d5642abc5 | ||
|
1ea1597020 | ||
|
0ab5371ebd | ||
|
d159408feb | ||
|
8e448aed0f | ||
|
0499692661 | ||
|
f623cf3550 | ||
|
3f4bedb31e | ||
|
6c928d87ca | ||
|
14af09e4f3 | ||
|
a69613a2e7 | ||
|
590e409a60 | ||
|
dd8106790e | ||
|
484536b039 | ||
|
29e3bcea67 | ||
|
b77907f2d4 | ||
|
fa108e087d | ||
|
fc56288f5b | ||
|
ea85cedcb5 | ||
|
59adb8d028 | ||
|
8059c0ac54 | ||
|
202f54f327 | ||
|
bcb6679e31 | ||
|
7654e64846 | ||
|
6d29048ed9 | ||
|
8717447dc5 | ||
|
48eb905c26 | ||
|
c6f9a42f40 | ||
|
916df397d9 | ||
|
946e079732 | ||
|
63423e614f | ||
|
18836e910f | ||
|
0811692a09 | ||
|
139be48706 |
@ -9,5 +9,8 @@ skip_list:
|
||||
- schema
|
||||
- command-instead-of-shell
|
||||
- role-name
|
||||
# We frequently load configuration from a template (into a variable), then merge that with another variable (configuration extension)
|
||||
# before finally dumping it to a file.
|
||||
- template-instead-of-copy
|
||||
|
||||
offline: false
|
||||
|
4
.gitignore
vendored
4
.gitignore
vendored
@ -1,7 +1,3 @@
|
||||
/inventory/*
|
||||
!/inventory/.gitkeep
|
||||
!/inventory/host_vars/.gitkeep
|
||||
!/inventory/scripts
|
||||
/roles/*/files/scratchpad
|
||||
.DS_Store
|
||||
.python-version
|
||||
|
@ -1,6 +1,11 @@
|
||||
[defaults]
|
||||
|
||||
vault_password_file = gpg/open_vault.sh
|
||||
|
||||
retry_files_enabled = False
|
||||
stdout_callback = yaml
|
||||
|
||||
inventory = inventory/hosts
|
||||
|
||||
[connection]
|
||||
pipelining = True
|
||||
|
@ -54,4 +54,5 @@ Choose a strong password for the bot. You can generate a good password with a co
|
||||
|
||||
## Obtaining an admin access token
|
||||
|
||||
This can be done via `mbc auth` (see the [maubot documentation](https://docs.mau.fi/maubot/usage/cli/auth.html)). Alternatively, use Element or curl to [obtain an access token](obtaining-access-tokens.md).
|
||||
This can be done via `mbc login` then `mbc auth` (see the [maubot documentation](https://docs.mau.fi/maubot/usage/cli/auth.html)). To run these commands you'll need to open the bot docker container with `docker exec -it matrix-bot-maubot sh`
|
||||
Alternatively, use Element or curl to [obtain an access token](obtaining-access-tokens.md). However these two methods won't allow the bot to work in encrypted rooms.
|
||||
|
@ -71,7 +71,8 @@ Steps needed for specific matrix apps:
|
||||
3. verify `Settings` -> `Notifications` -> `UnifiedPush: Notification targets` as described below in the "Troubleshooting" section.
|
||||
|
||||
* Element-android v1.4.26+:
|
||||
- [not yet documented; should auto-detect and use it?]
|
||||
1. choose `Settings` -> `Notifications` -> `Notification method` -> `ntfy`
|
||||
2. verify `Settings` -> `Troubleshoot` -> `Troubleshoot notification settings`
|
||||
|
||||
If the matrix app asks, "Choose a distributor: FCM Fallback or ntfy", then choose "ntfy".
|
||||
|
||||
|
5
gpg/open_vault.sh
Executable file
5
gpg/open_vault.sh
Executable file
@ -0,0 +1,5 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -e -u
|
||||
|
||||
gpg2 --batch --use-agent --decrypt $(dirname $0)/vault_passphrase.gpg 2>/dev/null
|
18
gpg/vault_passphrase.gpg
Normal file
18
gpg/vault_passphrase.gpg
Normal file
@ -0,0 +1,18 @@
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQIMAxEs7W/4x4lxARAAssinIzR2rGs+Qkm0Q2tRdSXSXRx3OhH+2T5p0Rz3YkqU
|
||||
iyiUtyT/Ll7RMUAlAEDZITvirXe4ZZImDcxQegEzFgO7BowQYJDRdhaRmLKZpiuQ
|
||||
foRnJAAR12sf49arjJjaBQb91ViOp5MkxAtXiiqWyXwSSII+cV88flMq143cFmfC
|
||||
C5OdIQd3SqrbFhGRTjUzoIMqnJH8xksjwph9GS811dY14rQv5X1Ybt5zehMJ7/m/
|
||||
luLNg2zgQgYOUxcovddCVMI54ThXyDubDox/5xLvVjyVOFHgwC/VLn+QXHuPY/r5
|
||||
+rVzz/30eq0uOLKD3LnDBQskCWRVWGC2ulKaZtlylBq6KRzIM6c6+VPSHCjoFyES
|
||||
RRpRHeIXGLs31eLkr8dc+VNbPKpMsjm/E/4ZVE2JBpy7S/kh1XYVQxT6ahDKT1tD
|
||||
4YN9O0JyNXzjiyNaTTLwNGh5+ICEd3ZCfa4O/og2LySGPOw6mX8ukgP029LHVp6+
|
||||
0tRwSWiIM3US/NIVGA+o9e9I/I5Bp/cnzJgd7faUIlzcVPP+euCbo4GsYWpX3Nca
|
||||
eRcr7AVY3wwuZtl7/s8KbQKk0ulLxS4Lo2XmdpQl8CPGwASdbMf/H8B256+xiUQ3
|
||||
ml400ZaCC7Loeduwl1ez1H/dFFzmpUziaxxtWW4aFtOUYhGeSCTu6ZIgxVq3eBnS
|
||||
jAGv8bt+0Xnrpih3mZWM92cw2VKfzYD9WG+dCB4DtZMKhl1ub2bkeTC/B9F+QuP6
|
||||
anlonYHs2wmPXzjcx8ajonbYrYXanoNRHDId6OqVAbjYqbua6TG6H9LUFweIj1RV
|
||||
yhUPejzhA8xEB0nUcKJZKLvuqvwPbr06GODnAKY5TQ4yILMAnBx0pNzfQNzo
|
||||
=Cecg
|
||||
-----END PGP MESSAGE-----
|
@ -2477,13 +2477,24 @@ matrix_grafana_enabled: false
|
||||
# Grafana's HTTP port to the local host.
|
||||
matrix_grafana_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:3000' }}"
|
||||
|
||||
matrix_grafana_dashboard_download_urls_all: |
|
||||
matrix_grafana_dashboard_download_urls: |
|
||||
{{
|
||||
matrix_grafana_dashboard_download_urls
|
||||
(matrix_synapse_grafana_dashboard_urls if matrix_homeserver_implementation == 'synapse' and matrix_synapse_metrics_enabled else [])
|
||||
+
|
||||
(matrix_prometheus_node_exporter_dashboard_urls if matrix_prometheus_node_exporter_enabled else [])
|
||||
+
|
||||
(matrix_prometheus_postgres_exporter_dashboard_urls if matrix_prometheus_postgres_exporter_enabled else [])
|
||||
}}
|
||||
|
||||
matrix_grafana_default_home_dashboard_path: |-
|
||||
{{
|
||||
{
|
||||
'synapse': ('/etc/grafana/dashboards/synapse.json' if matrix_synapse_metrics_enabled else '/etc/grafana/dashboards/node-exporter-full.json'),
|
||||
'dendrite': '/etc/grafana/dashboards/node-exporter-full.json',
|
||||
'conduit': '/etc/grafana/dashboards/node-exporter-full.json',
|
||||
}[matrix_homeserver_implementation]
|
||||
}}
|
||||
|
||||
matrix_grafana_systemd_wanted_services_list: |
|
||||
{{
|
||||
[]
|
||||
|
379
inventory/host_vars/matrix.finallycoffee.eu/vars.yml
Normal file
379
inventory/host_vars/matrix.finallycoffee.eu/vars.yml
Normal file
@ -0,0 +1,379 @@
|
||||
#
|
||||
# General config
|
||||
# Domain of the matrix server and SSL config
|
||||
#
|
||||
matrix_domain: finallycoffee.eu
|
||||
|
||||
matrix_ssl_retrieval_method: none
|
||||
matrix_nginx_proxy_enabled: true
|
||||
matrix_nginx_proxy_https_enabled: false
|
||||
matrix_nginx_proxy_container_http_host_bind_port: "127.0.10.1:8080"
|
||||
matrix_nginx_proxy_container_federation_host_bind_port: "127.0.10.1:8448"
|
||||
matrix_nginx_proxy_trust_forwarded_proto: true
|
||||
matrix_nginx_proxy_x_forwarded_for: '$proxy_add_x_forwarded_for'
|
||||
|
||||
#matrix_nginx_proxy_proxy_synapse_metrics: true
|
||||
matrix_nginx_proxy_proxy_matrix_metrics_enabled: true
|
||||
matrix_synapse_metrics_enabled: true
|
||||
matrix_synapse_metrics_proxying_enabled: true
|
||||
|
||||
matrix_base_data_path: "{{ vault_matrix_base_data_path }}"
|
||||
matrix_server_fqn_element: "chat.{{ matrix_domain }}"
|
||||
matrix_docker_installation_enabled: false
|
||||
|
||||
#matrix_client_element_version: v1.8.4
|
||||
#matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:v1.7.21"
|
||||
#matrix_synapse_docker_image: "{{ matrix_synapse_docker_image_name_prefix }}matrixdotorg/synapse:v1.37.1"
|
||||
#matrix_mautrix_telegram_version: v0.10.0
|
||||
|
||||
web_user: "web"
|
||||
revproxy_autoload_dir: "/vault/services/web/sites.d"
|
||||
postgres_dump_dir: /vault/temp
|
||||
|
||||
|
||||
#
|
||||
# General Synapse config
|
||||
#
|
||||
matrix_postgres_connection_password: "{{ vault_matrix_postgres_connection_password }}"
|
||||
# A secret used to protect access keys issued by the server.
|
||||
matrix_homeserver_generic_secret_key: "{{ vault_homeserver_generic_secret_key }}"
|
||||
# Make synapse accept larger media aswell
|
||||
matrix_synapse_max_upload_size_mb: 200
|
||||
# Enable metrics at (default) :9100/_synapse/metrics
|
||||
matrix_synapse_metrics_enabled: true
|
||||
matrix_synapse_turn_shared_secret: "{{ vault_matrix_coturn_turn_static_auth_secret }}"
|
||||
matrix_synapse_turn_uris:
|
||||
- "turn:voip.matrix.finallycoffee.eu?transport=udp"
|
||||
- "turn:voip.matrix.finallycoffee.eu?transport=tcp"
|
||||
# Auto-join all users into those rooms
|
||||
matrix_synapse_auto_join_rooms:
|
||||
- "#welcome:finallycoffee.eu"
|
||||
- "#announcements:finallycoffee.eu"
|
||||
|
||||
## Synapse rate limits
|
||||
matrix_synapse_rc_federation:
|
||||
window_size: 1000
|
||||
sleep_limit: 25
|
||||
sleep_delay: 500
|
||||
reject_limit: 50
|
||||
concurrent: 5
|
||||
matrix_synapse_rc_message:
|
||||
per_second: 0.5
|
||||
burst_count: 25
|
||||
|
||||
## Synapse cache tuning
|
||||
matrix_synapse_caches_global_factor: 1.5
|
||||
matrix_synapse_event_cache_size: "300K"
|
||||
|
||||
## Synapse workers
|
||||
matrix_synapse_workers_enabled: true
|
||||
matrix_synapse_workers_preset: "little-federation-helper"
|
||||
matrix_synapse_workers_generic_workers_count: 1
|
||||
matrix_synapse_workers_media_repository_workers_count: 2
|
||||
matrix_synapse_workers_federation_sender_workers_count: 1
|
||||
matrix_synapse_workers_pusher_workers_count: 1
|
||||
|
||||
# Static secret auth for matrix-synapse-shared-secret-auth
|
||||
matrix_synapse_ext_password_provider_shared_secret_auth_enabled: true
|
||||
matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret: "{{ vault_matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret }}"
|
||||
matrix_synapse_ext_password_provider_rest_auth_enabled: true
|
||||
matrix_synapse_ext_password_provider_rest_auth_endpoint: "http://matrix-ma1sd:8090"
|
||||
matrix_synapse_ext_password_provider_rest_auth_registration_enforce_lowercase: false
|
||||
matrix_synapse_ext_password_provider_rest_auth_registration_profile_name_autofill: true
|
||||
matrix_synapse_ext_password_provider_rest_auth_login_profile_name_autofill: false
|
||||
|
||||
# Enable experimental spaces support
|
||||
matrix_synapse_configuration_extension_yaml: |
|
||||
database:
|
||||
args:
|
||||
cp_max: 20
|
||||
experimental_features:
|
||||
spaces_enabled: true
|
||||
caches:
|
||||
per_cache_factors:
|
||||
device_id_exists: 3
|
||||
get_users_in_room: 4
|
||||
_get_joined_users_from_context: 4
|
||||
_get_joined_profile_from_event_id: 3
|
||||
"*stateGroupMembersCache*": 2
|
||||
_matches_user_in_member_list: 3
|
||||
get_users_who_share_room_with_user: 3
|
||||
is_interested_in_room: 2
|
||||
get_user_by_id: 1.5
|
||||
room_push_rule_cache: 1.5
|
||||
expire_caches: true
|
||||
cache_entry_ttl: 45m
|
||||
sync_response_cache_duration: 2m
|
||||
|
||||
|
||||
#
|
||||
# synapse-admin tool
|
||||
#
|
||||
matrix_synapse_admin_enabled: true
|
||||
matrix_synapse_admin_container_http_host_bind_port: 8985
|
||||
|
||||
|
||||
#
|
||||
# VoIP / CoTURN config
|
||||
#
|
||||
# A shared secret (between Synapse and Coturn) used for authentication.
|
||||
matrix_coturn_turn_static_auth_secret: "{{ vault_matrix_coturn_turn_static_auth_secret }}"
|
||||
# Disable coturn, as we use own instance
|
||||
matrix_coturn_enabled: false
|
||||
|
||||
|
||||
#
|
||||
# dimension (integration manager) config
|
||||
#
|
||||
matrix_dimension_enabled: true
|
||||
matrix_dimension_admins: "{{ vault_matrix_dimension_admins }}"
|
||||
matrix_server_fqn_dimension: "dimension.matrix.{{ matrix_domain }}"
|
||||
matrix_dimension_access_token: "{{ vault_matrix_dimension_access_token }}"
|
||||
matrix_dimension_configuration_extension_yaml: |
|
||||
telegram:
|
||||
botToken: "{{ vault_matrix_dimension_configuration_telegram_bot_token }}"
|
||||
|
||||
|
||||
#
|
||||
# mautrix-whatsapp config
|
||||
#
|
||||
matrix_mautrix_whatsapp_enabled: true
|
||||
matrix_mautrix_whatsapp_bridge_personal_filtering_spaces: true
|
||||
matrix_mautrix_whatsapp_bridge_mute_bridging: true
|
||||
matrix_mautrix_whatsapp_bridge_enable_status_broadcast: false
|
||||
matrix_mautrix_whatsapp_bridge_allow_user_invite: true
|
||||
matrix_mautrix_whatsapp_container_http_monitoring_host_bind_port: 9402
|
||||
matrix_mautrix_whatsapp_container_extra_arguments:
|
||||
- "-p 127.0.0.1:{{ matrix_mautrix_whatsapp_container_http_monitoring_host_bind_port }}:{{ matrix_mautrix_whatsapp_container_http_monitoring_host_bind_port }}"
|
||||
matrix_mautrix_whatsapp_configuration_extension_yaml: |
|
||||
bridge:
|
||||
displayname_template: "{% raw %}{{.Name}} ({{if .Notify}}{{.Notify}}{{else}}{{.Jid}}{{end}}) (via WhatsApp){% endraw %}"
|
||||
max_connection_attempts: 5
|
||||
connection_timeout: 30
|
||||
contact_wait_delay: 5
|
||||
private_chat_portal_meta: true
|
||||
login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret }}"
|
||||
logging:
|
||||
print_level: info
|
||||
metrics:
|
||||
enabled: true
|
||||
listen: 0.0.0.0:{{ matrix_mautrix_whatsapp_container_http_monitoring_host_bind_port }}
|
||||
whatsapp:
|
||||
os_name: Linux mautrix-whatsapp
|
||||
browser_name: Chrome
|
||||
|
||||
|
||||
#
|
||||
# mautrix-telegram config
|
||||
#
|
||||
matrix_mautrix_telegram_enabled: true
|
||||
matrix_mautrix_telegram_api_id: "{{ vault_matrix_mautrix_telegram_api_id }}"
|
||||
matrix_mautrix_telegram_api_hash: "{{ vault_matrix_mautrix_telegram_api_hash }}"
|
||||
matrix_mautrix_telegram_public_endpoint: '/bridge/telegram'
|
||||
matrix_mautrix_telegram_container_http_monitoring_host_bind_port: 9401
|
||||
matrix_mautrix_telegram_container_http_host_bind_port_public: 8980
|
||||
matrix_mautrix_telegram_container_extra_arguments:
|
||||
- "-p 127.0.0.1:{{ matrix_mautrix_telegram_container_http_monitoring_host_bind_port }}:{{ matrix_mautrix_telegram_container_http_monitoring_host_bind_port }}"
|
||||
- "-p 127.0.0.1:{{ matrix_mautrix_telegram_container_http_host_bind_port_public }}:80"
|
||||
matrix_mautrix_telegram_configuration_extension_yaml: |
|
||||
bridge:
|
||||
displayname_template: "{displayname} (via Telegram)"
|
||||
parallel_file_transfer: false
|
||||
inline_images: false
|
||||
image_as_file_size: 20
|
||||
delivery_receipts: true
|
||||
login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret }}"
|
||||
animated_sticker:
|
||||
target: webm
|
||||
encryption:
|
||||
allow: true
|
||||
default: true
|
||||
permissions:
|
||||
"@transcaffeine:finallycoffee.eu": "admin"
|
||||
"gruenhage.xyz": "full"
|
||||
"boobies.software": "full"
|
||||
logging:
|
||||
root:
|
||||
level: INFO
|
||||
metrics:
|
||||
enabled: true
|
||||
listen_port: {{ matrix_mautrix_telegram_container_http_monitoring_host_bind_port }}
|
||||
# permissions: "{{ vault_matrix_mautrix_telegram_permission_map | from_yaml }}"
|
||||
|
||||
|
||||
#
|
||||
# mautrix-signal config
|
||||
#
|
||||
matrix_mautrix_signal_enabled: true
|
||||
matrix_mautrix_signal_container_http_monitoring_host_bind_port: 9408
|
||||
matrix_mautrix_signal_container_extra_arguments:
|
||||
- "-p 127.0.0.1:{{ matrix_mautrix_signal_container_http_monitoring_host_bind_port }}:{{ matrix_mautrix_signal_container_http_monitoring_host_bind_port }}"
|
||||
matrix_mautrix_signal_configuration_extension_yaml: |
|
||||
bridge:
|
||||
displayname_template: "{displayname} (via Signal)"
|
||||
community_id: "+signal:finallycoffee.eu"
|
||||
encryption:
|
||||
allow: true
|
||||
default: true
|
||||
key_sharing:
|
||||
allow: true
|
||||
require_verification: false
|
||||
delivery_receipts: true
|
||||
permissions:
|
||||
"@ilosai:fairydust.space": "user"
|
||||
logging:
|
||||
root:
|
||||
level: INFO
|
||||
metrics:
|
||||
enabled: true
|
||||
listen_port: {{ matrix_mautrix_signal_container_http_monitoring_host_bind_port }}
|
||||
|
||||
|
||||
#
|
||||
# mx-puppet-instagram configuration
|
||||
#
|
||||
matrix_mx_puppet_instagram_enabled: true
|
||||
matrix_mx_puppet_instagram_container_http_monitoring_host_bind_port: 9403
|
||||
matrix_mx_puppet_instagram_container_extra_arguments:
|
||||
- "-p 127.0.0.1:{{ matrix_mx_puppet_instagram_container_http_monitoring_host_bind_port }}:{{ matrix_mx_puppet_instagram_container_http_monitoring_host_bind_port }}"
|
||||
matrix_mx_puppet_instagram_configuration_extension_yaml: |
|
||||
bridge:
|
||||
enableGroupSync: true
|
||||
avatarUrl: mxc://finallycoffee.eu/acmiSAinuHDOULofFFeolTvr
|
||||
metrics:
|
||||
enabled: true
|
||||
port: {{ matrix_mx_puppet_instagram_container_http_monitoring_host_bind_port }}
|
||||
path: /metrics
|
||||
presence:
|
||||
enabled: true
|
||||
interval: 3000
|
||||
|
||||
|
||||
#
|
||||
# mx-puppet-skype configuration
|
||||
#
|
||||
#matrix_mx_puppet_skype_enabled: false
|
||||
matrix_mx_puppet_skype_container_http_monitoring_host_bind_port: 9405
|
||||
# matrix_mx_puppet_skype_container_extra_arguments:
|
||||
# - "-p 127.0.0.1:{{ matrix_mx_puppet_skype_container_http_monitoring_host_bind_port }}:{{ matrix_mx_puppet_skype_container_http_monitoring_host_bind_port }}"
|
||||
# matrix_mx_puppet_skype_configuration_extension_yaml: |
|
||||
# bridge:
|
||||
# enableGroupSync: true
|
||||
# avatarUrl: mxc://finallycoffee.eu/jjXDuFqtpFOBOnywoHgzTuYt
|
||||
# metrics:
|
||||
# enabled: true
|
||||
# port: {{ matrix_mx_puppet_skype_container_http_monitoring_host_bind_port }}
|
||||
# path: /metrics
|
||||
|
||||
|
||||
#
|
||||
# mx-puppet-discord configuration
|
||||
#
|
||||
matrix_mx_puppet_discord_enabled: true
|
||||
matrix_mx_puppet_discord_client_id: "{{ vault_matrix_mx_puppet_discord_client_id }}"
|
||||
matrix_mx_puppet_discord_client_secret: "{{ vault_matrix_mx_puppet_discord_client_secret }}"
|
||||
matrix_mx_puppet_discord_container_http_monitoring_host_bind_port: 9404
|
||||
matrix_mx_puppet_discord_container_extra_arguments:
|
||||
- "-p 127.0.0.1:{{ matrix_mx_puppet_discord_container_http_monitoring_host_bind_port }}:{{ matrix_mx_puppet_discord_container_http_monitoring_host_bind_port }}"
|
||||
matrix_mx_puppet_discord_configuration_extension_yaml: |
|
||||
bridge:
|
||||
enableGroupSync: true
|
||||
avatarUrl: mxc://finallycoffee.eu/BxcAAhjXmglMbtthStEHtCzd
|
||||
metrics:
|
||||
enabled: true
|
||||
port: {{ matrix_mx_puppet_discord_container_http_monitoring_host_bind_port }}
|
||||
path: /metrics
|
||||
limits:
|
||||
maxAutojoinUsers: 500
|
||||
roomUserAutojoinDelay: 50
|
||||
presence:
|
||||
enabled: true
|
||||
interval: 3000
|
||||
|
||||
|
||||
#
|
||||
# mx-puppet-slack configuration
|
||||
#
|
||||
matrix_mx_puppet_slack_enabled: true
|
||||
matrix_mx_puppet_slack_client_id: "{{ vault_matrix_mx_puppet_slack_client_id }}"
|
||||
matrix_mx_puppet_slack_client_secret: "{{ vault_matrix_mx_puppet_slack_client_secret }}"
|
||||
matrix_mx_puppet_slack_redirect_path: '/bridge/slack/oauth'
|
||||
matrix_mx_puppet_slack_container_http_auth_host_bind_port: 8981
|
||||
matrix_mx_puppet_slack_container_http_monitoring_host_bind_port: 9406
|
||||
matrix_mx_puppet_slack_container_extra_arguments:
|
||||
- "-p 127.0.0.1:{{ matrix_mx_puppet_slack_container_http_monitoring_host_bind_port }}:{{ matrix_mx_puppet_slack_container_http_monitoring_host_bind_port }}"
|
||||
- "-p 127.0.0.1:{{ matrix_mx_puppet_slack_container_http_auth_host_bind_port }}:8008"
|
||||
matrix_mx_puppet_slack_configuration_extension_yaml: |
|
||||
bridge:
|
||||
enableGroupSync: true
|
||||
metrics:
|
||||
enabled: true
|
||||
port: {{ matrix_mx_puppet_slack_container_http_monitoring_host_bind_port }}
|
||||
path: /metrics
|
||||
limits:
|
||||
maxAutojoinUsers: 500
|
||||
roomUserAutojoinDelay: 50
|
||||
presence:
|
||||
enabled: true
|
||||
interval: 3000
|
||||
|
||||
|
||||
#
|
||||
# Element web configuration
|
||||
#
|
||||
# Branding config
|
||||
matrix_client_element_brand: "Chat"
|
||||
matrix_client_element_default_theme: "dark"
|
||||
matrix_client_element_themes_enabled: true
|
||||
matrix_client_element_welcome_headline: "Welcome to chat.finallycoffee.eu"
|
||||
matrix_client_element_welcome_text: |
|
||||
Decentralised, encrypted chat & collaboration,<br />
|
||||
hosted on finallycoffee.eu, powered by element.io &
|
||||
<a href="https://matrix.org" target="_blank" rel="noreferrer noopener">
|
||||
<img width="79" height="34" alt="[matrix]" style="padding-left: 1px;vertical-align: middle" src="welcome/images/matrix.svg" />
|
||||
</a>
|
||||
matrix_client_element_welcome_logo: "welcome/images/logo.png"
|
||||
matrix_client_element_welcome_logo_link: "https://{{ matrix_domain }}"
|
||||
matrix_client_element_branding_authHeaderLogoUrl: "welcome/images/logo.png"
|
||||
matrix_client_element_branding_welcomeBackgroundUrl: "welcome/images/background.jpg"
|
||||
matrix_client_element_container_extra_arguments:
|
||||
- "-v {{ matrix_client_element_data_path }}/background.jpg:/app/{{ matrix_client_element_branding_welcomeBackgroundUrl }}:ro"
|
||||
- "-v {{ matrix_client_element_data_path }}/logo.png:/app/{{ matrix_client_element_branding_authHeaderLogoUrl }}:ro"
|
||||
# Integration and capabilites config
|
||||
matrix_client_element_integrations_ui_url: "https://{{ matrix_server_fqn_dimension }}/element"
|
||||
matrix_client_element_integrations_rest_url: "https://{{ matrix_server_fqn_dimension }}/api/v1/scalar"
|
||||
matrix_client_element_integrations_widgets_urls:
|
||||
- "https://{{ matrix_server_fqn_dimension }}/widgets"
|
||||
- "https://scalar.vector.im/api"
|
||||
matrix_client_element_integrations_jitsi_widget_url: "https://{{ matrix_server_fqn_dimension }}/widgets/jitsi"
|
||||
matrix_client_element_disable_custom_urls: false
|
||||
matrix_client_element_roomdir_servers:
|
||||
- "matrix.org"
|
||||
- "finallycoffee.eu"
|
||||
- "entropia.de"
|
||||
matrix_client_element_enable_presence_by_hs_url:
|
||||
https://matrix.org: false
|
||||
|
||||
|
||||
# Matrix ma1sd extended configuration
|
||||
matrix_ma1sd_configuration_extension_yaml: |
|
||||
hashing:
|
||||
enabled: true
|
||||
pepperLength: 20
|
||||
rotationPolicy: per_requests
|
||||
requests: 10
|
||||
hashStorageType: sql
|
||||
algorithms:
|
||||
- none
|
||||
- sha256
|
||||
|
||||
|
||||
# Matrix mail notification relay setup
|
||||
matrix_mailer_enabled: true
|
||||
matrix_mailer_sender_address: "Matrix on finallycoffee.eu <system-matrix@{{ matrix_domain }}>"
|
||||
matrix_mailer_relay_use: true
|
||||
matrix_mailer_relay_host_name: "{{ vault_matrix_mailer_relay_host_name }}"
|
||||
matrix_mailer_relay_host_port: 587
|
||||
matrix_mailer_relay_auth: true
|
||||
matrix_mailer_relay_auth_username: "{{ vault_matrix_mailer_relay_auth_username }}"
|
||||
matrix_mailer_relay_auth_password: "{{ vault_matrix_mailer_relay_auth_password }}"
|
100
inventory/host_vars/matrix.finallycoffee.eu/vault.yml
Normal file
100
inventory/host_vars/matrix.finallycoffee.eu/vault.yml
Normal file
@ -0,0 +1,100 @@
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
39366364363633336238333130353832663162393038633665396333343732353964333363666539
|
||||
6562346632343235623835643735386434316666393234360a383634616537393134613631383836
|
||||
61333835363666623033306166376232303930306433343366373463653234623736643633383734
|
||||
3330333665383539650a383132353032386230393031626361343764323034386230363066306331
|
||||
34646236336262623435633566363033613737373064616266336237343233663066396163373034
|
||||
62303765353066653737366539626461636531636438323932333134363136363134646164646531
|
||||
63656638666233313437663261396665653736373164323433306435323336633938313164646264
|
||||
33653661633965363833393031616463633761356234633630643562306366653133366637346166
|
||||
38636433343736343461613731623538633361363934343764326466313261353633646230353065
|
||||
37366134303164356433333961346663313963626165323966656536313532376162326565383539
|
||||
65363333633964323838663461373666353665643236623839646664653661613838353239613137
|
||||
39353061323131306365656261343630313665356165623064616436653566373663343733316237
|
||||
34393666383465323463313838393465643830373632373938633763666636346539666233303265
|
||||
38353337633833373331356663633936326334366337393135653030333531613565643666633038
|
||||
64393862303765366632393137313432376563353335353231323464633637343334346634306534
|
||||
35613330373336633031376263306466306437656635396133613335386130346163663438386136
|
||||
61646437343938663431343736363564376238316666373531616231366132643864346538363866
|
||||
35396433366137356162313963666134383134306462313336613735386639363936326131383939
|
||||
66623833643433663039623837623133303336666233623935313438366136353332313165333936
|
||||
31386632336535383533646639636164313331346630633366383739623261366465656632393062
|
||||
63373332623738303364623437666531396331646666336230353333366261653438363861656466
|
||||
39333762633037383336393164616563396564383232636533363864636230616664303330323932
|
||||
66666234633362346132303932643464366466323535303835363430333737666661373534333934
|
||||
61393362616438626636383564613335363634626231663234616438343464383461303632363033
|
||||
39336362396339316661323662393665383031643931626333646335643335353661653939363538
|
||||
38666561313539613566386132336630643237333432656236356132616230663561343665353938
|
||||
33366663353834356434366335373265373439363430636533303933656264366338623232613435
|
||||
35356662383232386137313064313363303861326635333435393737643663336534363234623430
|
||||
32376432353330613666396337303935376366613564353039396164383361616337656535346166
|
||||
34396635356266326461613135303639643935363261396363636338636564643838313262326266
|
||||
31663139343336376233303637373864363835313839326433656235616332333134306139623239
|
||||
37636639356263646437373362333931613262363363313462666534643765313139386461623731
|
||||
33376635653133353033333733613464396632636634313063326363313030376632643863336237
|
||||
61636638353237313764313435626463633964643665313536326235343639663137373436303564
|
||||
30636232626137376339303238653664346538356430306238633037366332316263623666373062
|
||||
63646533646131303466653637346463613237323161313265613834383634626237323563653733
|
||||
38656435303264346663663465333966376631666530333833353233376263336436613065366362
|
||||
36366263343438393132326661623031316663663231663464383732343064383234616636306530
|
||||
66613634626362316533303034393063666632343262613431613635663866636433623535363238
|
||||
30643933613731363236346234336662613633323831633437613435326465383530653765616262
|
||||
63373538396364316563343365303134373466663639386137663564356532353531343636613135
|
||||
63316463353264316164306566326462333732316431643939626161346530636638636662303037
|
||||
34346461313961613063336332333934383363373335616636363661396362613661383762663866
|
||||
64303834636264376461396266663763336665356561376161333136336638646363313133353161
|
||||
31643061623833623239373432633537663664636334623534326639616633616361333834366131
|
||||
30376361656238353332656666316637643133623433333861653265636266376639666135383638
|
||||
37363337326231656530363536393737383565666266306532626361633633353539363866376534
|
||||
61303737326632303762626666306134343837376566343035386663613336626332383035383035
|
||||
37633462373066373062313862323766316362393832666466396637363562353865303366323062
|
||||
39346332383966313437646138623364656234663066663639663138626163656433363038323166
|
||||
65613862386665643438323061323763306635666162303366323131363436633335356332393366
|
||||
63373966383132303434633835333438333337303664346335643066623839343835643364306561
|
||||
34643336346564363462396330643263653931376664386335313433376332653832323437376135
|
||||
35383231386133363236653334393433306638303131323064343931623538323130343666653061
|
||||
36353536383632333964343730346265626433303131346531303133663832363036333261386237
|
||||
30363361356265356139323761623563396565336137333733656431636531333234323061343862
|
||||
33623935346663333735613661363234646234356331323636386637343661373363363261646231
|
||||
33643233343235323230393933616664623166666266333862323631653835666135303233653635
|
||||
63373061656163353762636531613632366638383366303864343132376162643963366564363563
|
||||
61336338613935613532636165383463633866633036393533313433643562313737383431353163
|
||||
37623165373933376236393931363939633963666636303136373065376635623761346537643530
|
||||
35363464313630376233633863306238616138666464316534363332333937343362343233346431
|
||||
34643032323934353939666364323239653932363735373061633434653062326336353239633261
|
||||
38306237336266663038656534393664646138343038323335633064616431386666613739326630
|
||||
34383963666534313530376331366238343836303036306336343533666332386163643033643138
|
||||
33336333333338353733383165306139623964303035653439623131633566356136386431613135
|
||||
63616462386639303230343866346631346532353531373132613433363239646330653666633532
|
||||
65393766333238383531313132633537633833363335303630376239396565373730646331313633
|
||||
30383861303739343265623934643635633361623262356433323035393062353630346430646262
|
||||
63303434353038646361353661616339313937323336303566303536366163623362356332383862
|
||||
37326333393761633732653264646333653439363039323238383361336233323232613336303464
|
||||
34393635633131313135313665363161306466643364393734346264633030373234306466653862
|
||||
32336163666435636162343465386633653863363533616339636531306130383331376563393533
|
||||
65366136626662343065383164646665613035393636373565346235656439303933343563366339
|
||||
36643838393033353033396535613331303031646162316361613564323163633434633861356135
|
||||
62343461616335323565636633383962316531316362396165366533346166336163623232366261
|
||||
39376230376562626135346333326437373733373266393236383435343562653034313133376236
|
||||
61666138346562613330633630373837653465393233613261353937336666646231366666393335
|
||||
35393463333936323664323831396639333462626238613164616435363664643438653763623431
|
||||
32663237363134353061373563396535653565636431366565386337653863316333343738343432
|
||||
62303132636338303462313439376535363063333833363632613832303436353834376561333330
|
||||
66633632383135646263626333643230343630326539663762633934316261633062663732373932
|
||||
30306438386263626335373838343236643562326135663366353638353163346365396261313133
|
||||
36333634306133353235316237343738623263333732343063356238333162323931346664346539
|
||||
66323733643061386334306130633537353630663336313966663538373963313435666564316539
|
||||
63613030366332363432303036396232306537663765653938353736376135316539613135623632
|
||||
66356639623635663365323635646635383638346539323438336261393332373935383536333831
|
||||
61306639343061333639336162366536366438356166396266666132303932333037613632623666
|
||||
63616662343830303664353931306632323630316162643432653835313962633735626163366332
|
||||
34373637633066333432383533316363613031393963373963386161663430623533383165653561
|
||||
38343439633066366663643138326264653539336530393932386236366533663935353664343966
|
||||
39323161646231353234633961633732613065323039663062313661386565366534623430356632
|
||||
64343732336238393262363338363734643639353830646163343361653761633134303163616562
|
||||
35633436393832393137383534613031303963613339333566343065336530623964636662353065
|
||||
32366630353538383339346465376661323666333234373665613164633866363364613066643034
|
||||
37616630366232353166366535633936366536626462353831643335306337353564316461653564
|
||||
66663133373466333431336366346435623436656230376232613665633466333463636263373464
|
||||
30386434336538303061666566383033616563303564666362346432663130306531613063363537
|
||||
646635613236636563666161666630653836
|
22
inventory/hosts
Normal file
22
inventory/hosts
Normal file
@ -0,0 +1,22 @@
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
31336566376336626265653165306635633033376662656164383037383834653239656136333734
|
||||
3833666339393037323035343565343235396163636166370a643933333933386133366564396465
|
||||
30393637613164356564393337633361653432333232383664303739363736633435363764343530
|
||||
3532313739363963660a343434356534316230623133636366386334323465376139363162616238
|
||||
39396638366262313531653635326361616537396338363533303961623165343931373939306239
|
||||
31336632643166633662653765333231393461643933306464303165633037343061323636313034
|
||||
34376631656563646665373566633431366638383863666130323264316337663237343135306236
|
||||
66323536346164663239343139623430303230333466633437643337343930363530653964626163
|
||||
38336363633730393136333637383631636266396636646533356262376630646139303636666538
|
||||
32366437353163663865623234643061313639646162643965393535353938313133326237313265
|
||||
66646163333535396539646461356334633532313530653834623263386265383765356130333466
|
||||
30373531306137393935363030313739666536363138363962646565306439393239303030643162
|
||||
33333166663430393866666439653532623034396130313066383035396535646633366237303264
|
||||
36356665366461323664373038366364623937386233313039323837666333653764616462333365
|
||||
31326264633236373937313537633961633164323138356135633765663639323537656263633766
|
||||
38653836323263386333376131333330326237393666363064326463663961633839393039323835
|
||||
61306265333232623037356465393133323733363634646364336261326333366239346565366338
|
||||
61646132333033373866623739343830336164316461646366666237313565626639323537623732
|
||||
38323830656136323137323530343764666433633432366136643538323832653130376363653135
|
||||
64376261386635636533353961613335663962306337353866616464613636303735336230623962
|
||||
3336
|
@ -1,6 +1,7 @@
|
||||
---
|
||||
|
||||
- block:
|
||||
- when: matrix_backup_borg_postgresql_enabled | bool and matrix_backup_borg_version == ''
|
||||
block:
|
||||
- name: Fail with matrix_backup_borg_version advice if Postgres not enabled
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
@ -20,7 +21,6 @@
|
||||
- name: Set the correct borg backup version to use
|
||||
ansible.builtin.set_fact:
|
||||
matrix_backup_borg_version: "{{ matrix_postgres_detected_version }}"
|
||||
when: matrix_backup_borg_postgresql_enabled | bool and matrix_backup_borg_version == ''
|
||||
|
||||
- name: Ensure borg paths exist
|
||||
ansible.builtin.file:
|
||||
|
@ -9,7 +9,8 @@
|
||||
- ansible.builtin.include_tasks: "{{ role_path }}/tasks/server_base/setup_fedora.yml"
|
||||
when: ansible_os_family == 'RedHat' and ansible_distribution_major_version | int > 30
|
||||
|
||||
- block:
|
||||
- when: ansible_os_family == 'Debian'
|
||||
block:
|
||||
# ansible_lsb is only available if lsb-release is installed.
|
||||
- name: Ensure lsb-release installed
|
||||
ansible.builtin.apt:
|
||||
@ -28,7 +29,6 @@
|
||||
|
||||
- ansible.builtin.include_tasks: "{{ role_path }}/tasks/server_base/setup_raspbian.yml"
|
||||
when: (ansible_os_family == 'Debian') and (ansible_lsb.id == 'Raspbian')
|
||||
when: ansible_os_family == 'Debian'
|
||||
|
||||
- ansible.builtin.include_tasks: "{{ role_path }}/tasks/server_base/setup_archlinux.yml"
|
||||
when: ansible_distribution == 'Archlinux'
|
||||
@ -39,7 +39,7 @@
|
||||
state: started
|
||||
enabled: true
|
||||
|
||||
- name: "Ensure {{ matrix_ntpd_service }} is started and autoruns"
|
||||
- name: "Ensure ntpd is started and autoruns"
|
||||
ansible.builtin.service:
|
||||
name: "{{ matrix_ntpd_service }}"
|
||||
state: started
|
||||
|
@ -18,6 +18,7 @@
|
||||
when: matrix_docker_installation_enabled | bool and matrix_docker_package_name == 'docker-ce'
|
||||
|
||||
- name: Ensure yum packages are installed
|
||||
when: false
|
||||
ansible.builtin.yum:
|
||||
name:
|
||||
- "{{ matrix_ntpd_package }}"
|
||||
|
@ -28,4 +28,5 @@
|
||||
- "{{ matrix_docker_package_name }}"
|
||||
- docker-python
|
||||
state: present
|
||||
when: matrix_docker_installation_enabled | bool
|
||||
when: matrix_docker_installation_enabled | bool and false
|
||||
|
||||
|
@ -2,13 +2,15 @@
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_bot_buscarron_requires_restart: false
|
||||
|
||||
- block:
|
||||
- when: "matrix_bot_buscarron_database_engine == 'postgres'"
|
||||
block:
|
||||
- name: Check if an SQLite database already exists
|
||||
ansible.builtin.stat:
|
||||
path: "{{ matrix_bot_buscarron_sqlite_database_path_local }}"
|
||||
register: matrix_bot_buscarron_sqlite_database_path_local_stat_result
|
||||
|
||||
- block:
|
||||
- when: "matrix_bot_buscarron_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
block:
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_postgres_db_migration_request:
|
||||
src: "{{ matrix_bot_buscarron_sqlite_database_path_local }}"
|
||||
@ -24,8 +26,6 @@
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_bot_buscarron_requires_restart: true
|
||||
when: "matrix_bot_buscarron_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
when: "matrix_bot_buscarron_database_engine == 'postgres'"
|
||||
|
||||
- name: Ensure buscarron paths exist
|
||||
ansible.builtin.file:
|
||||
|
@ -9,7 +9,7 @@ matrix_bot_honoroit_docker_repo: "https://gitlab.com/etke.cc/honoroit.git"
|
||||
matrix_bot_honoroit_docker_repo_version: "{{ matrix_bot_honoroit_version }}"
|
||||
matrix_bot_honoroit_docker_src_files_path: "{{ matrix_base_data_path }}/honoroit/docker-src"
|
||||
|
||||
matrix_bot_honoroit_version: v0.9.14
|
||||
matrix_bot_honoroit_version: v0.9.15
|
||||
matrix_bot_honoroit_docker_image: "{{ matrix_bot_honoroit_docker_image_name_prefix }}honoroit:{{ matrix_bot_honoroit_version }}"
|
||||
matrix_bot_honoroit_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_honoroit_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}"
|
||||
matrix_bot_honoroit_docker_image_force_pull: "{{ matrix_bot_honoroit_docker_image.endswith(':latest') }}"
|
||||
|
@ -2,13 +2,15 @@
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_bot_honoroit_requires_restart: false
|
||||
|
||||
- block:
|
||||
- when: "matrix_bot_honoroit_database_engine == 'postgres'"
|
||||
block:
|
||||
- name: Check if an SQLite database already exists
|
||||
ansible.builtin.stat:
|
||||
path: "{{ matrix_bot_honoroit_sqlite_database_path_local }}"
|
||||
register: matrix_bot_honoroit_sqlite_database_path_local_stat_result
|
||||
|
||||
- block:
|
||||
- when: "matrix_bot_honoroit_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
block:
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_postgres_db_migration_request:
|
||||
src: "{{ matrix_bot_honoroit_sqlite_database_path_local }}"
|
||||
@ -24,8 +26,6 @@
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_bot_honoroit_requires_restart: true
|
||||
when: "matrix_bot_honoroit_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
when: "matrix_bot_honoroit_database_engine == 'postgres'"
|
||||
|
||||
- name: Ensure honoroit paths exist
|
||||
ansible.builtin.file:
|
||||
|
@ -3,13 +3,15 @@
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_bot_matrix_reminder_bot_requires_restart: false
|
||||
|
||||
- block:
|
||||
- when: "matrix_bot_matrix_reminder_bot_database_engine == 'postgres'"
|
||||
block:
|
||||
- name: Check if an SQLite database already exists
|
||||
ansible.builtin.stat:
|
||||
path: "{{ matrix_bot_matrix_reminder_bot_sqlite_database_path_local }}"
|
||||
register: matrix_bot_matrix_reminder_bot_sqlite_database_path_local_stat_result
|
||||
|
||||
- block:
|
||||
- when: "matrix_bot_matrix_reminder_bot_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
block:
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_postgres_db_migration_request:
|
||||
src: "{{ matrix_bot_matrix_reminder_bot_sqlite_database_path_local }}"
|
||||
@ -25,8 +27,6 @@
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_bot_matrix_reminder_bot_requires_restart: true
|
||||
when: "matrix_bot_matrix_reminder_bot_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
when: "matrix_bot_matrix_reminder_bot_database_engine == 'postgres'"
|
||||
|
||||
- name: Ensure matrix-reminder-bot paths exist
|
||||
ansible.builtin.file:
|
||||
|
@ -9,7 +9,7 @@ matrix_bot_postmoogle_docker_repo: "https://gitlab.com/etke.cc/postmoogle.git"
|
||||
matrix_bot_postmoogle_docker_repo_version: "{{ 'main' if matrix_bot_postmoogle_version == 'latest' else matrix_bot_postmoogle_version }}"
|
||||
matrix_bot_postmoogle_docker_src_files_path: "{{ matrix_base_data_path }}/postmoogle/docker-src"
|
||||
|
||||
matrix_bot_postmoogle_version: v0.9.2
|
||||
matrix_bot_postmoogle_version: v0.9.4
|
||||
matrix_bot_postmoogle_docker_image: "{{ matrix_bot_postmoogle_docker_image_name_prefix }}postmoogle:{{ matrix_bot_postmoogle_version }}"
|
||||
matrix_bot_postmoogle_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_postmoogle_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}"
|
||||
matrix_bot_postmoogle_docker_image_force_pull: "{{ matrix_bot_postmoogle_docker_image.endswith(':latest') }}"
|
||||
|
@ -1,11 +1,13 @@
|
||||
---
|
||||
- block:
|
||||
- when: "matrix_bot_postmoogle_database_engine == 'postgres'"
|
||||
block:
|
||||
- name: Check if an SQLite database already exists
|
||||
ansible.builtin.stat:
|
||||
path: "{{ matrix_bot_postmoogle_sqlite_database_path_local }}"
|
||||
register: matrix_bot_postmoogle_sqlite_database_path_local_stat_result
|
||||
|
||||
- block:
|
||||
- when: "matrix_bot_postmoogle_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
block:
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_postgres_db_migration_request:
|
||||
src: "{{ matrix_bot_postmoogle_sqlite_database_path_local }}"
|
||||
@ -21,8 +23,6 @@
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_bot_postmoogle_requires_restart: true
|
||||
when: "matrix_bot_postmoogle_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
when: "matrix_bot_postmoogle_database_engine == 'postgres'"
|
||||
|
||||
- name: Ensure postmoogle paths exist
|
||||
ansible.builtin.file:
|
||||
@ -91,9 +91,3 @@
|
||||
ansible.builtin.service:
|
||||
daemon_reload: true
|
||||
when: "matrix_bot_postmoogle_systemd_service_result.changed | bool"
|
||||
|
||||
- name: Ensure matrix-bot-postmoogle.service restarted, if necessary
|
||||
ansible.builtin.service:
|
||||
name: "matrix-bot-postmoogle.service"
|
||||
state: restarted
|
||||
when: "matrix_bot_postmoogle_systemd_service_result.changed | bool"
|
||||
|
@ -3,13 +3,15 @@
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_appservice_discord_requires_restart: false
|
||||
|
||||
- block:
|
||||
- when: "matrix_appservice_discord_database_engine == 'postgres'"
|
||||
block:
|
||||
- name: Check if an SQLite database already exists
|
||||
ansible.builtin.stat:
|
||||
path: "{{ matrix_appservice_discord_sqlite_database_path_local }}"
|
||||
register: matrix_appservice_discord_sqlite_database_path_local_stat_result
|
||||
|
||||
- block:
|
||||
- when: "matrix_appservice_discord_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
block:
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_postgres_db_migration_request:
|
||||
src: "{{ matrix_appservice_discord_sqlite_database_path_local }}"
|
||||
@ -25,8 +27,6 @@
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_appservice_discord_requires_restart: true
|
||||
when: "matrix_appservice_discord_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
when: "matrix_appservice_discord_database_engine == 'postgres'"
|
||||
|
||||
- name: Ensure Appservice Discord image is pulled
|
||||
docker_image:
|
||||
|
@ -11,7 +11,7 @@ matrix_appservice_irc_docker_src_files_path: "{{ matrix_base_data_path }}/appser
|
||||
|
||||
# matrix_appservice_irc_version used to contain the full Docker image tag (e.g. `release-X.X.X`).
|
||||
# It's a bare version number now. We try to somewhat retain compatibility below.
|
||||
matrix_appservice_irc_version: 0.35.0
|
||||
matrix_appservice_irc_version: 0.35.1
|
||||
matrix_appservice_irc_docker_image: "{{ matrix_container_global_registry_prefix }}matrixdotorg/matrix-appservice-irc:{{ matrix_appservice_irc_docker_image_tag }}"
|
||||
matrix_appservice_irc_docker_image_tag: "{{ 'latest' if matrix_appservice_irc_version == 'latest' else ('release-' + matrix_appservice_irc_version) }}"
|
||||
matrix_appservice_irc_docker_image_force_pull: "{{ matrix_appservice_irc_docker_image.endswith(':latest') }}"
|
||||
|
@ -21,7 +21,8 @@
|
||||
path: "{{ matrix_appservice_irc_base_path }}/passkey.pem"
|
||||
register: matrix_appservice_irc_stat_passkey
|
||||
|
||||
- block:
|
||||
- when: "matrix_appservice_irc_stat_passkey.stat.exists"
|
||||
block:
|
||||
- name: (Data relocation) Ensure matrix-appservice-irc.service is stopped
|
||||
ansible.builtin.service:
|
||||
name: matrix-appservice-irc
|
||||
@ -44,24 +45,23 @@
|
||||
- rooms.db
|
||||
- users.db
|
||||
failed_when: false
|
||||
when: "matrix_appservice_irc_stat_passkey.stat.exists"
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_appservice_irc_requires_restart: false
|
||||
|
||||
- block:
|
||||
- when: "matrix_appservice_irc_database_engine == 'postgres'"
|
||||
block:
|
||||
- name: Check if a nedb database already exists
|
||||
ansible.builtin.stat:
|
||||
path: "{{ matrix_appservice_irc_data_path }}/users.db"
|
||||
register: matrix_appservice_irc_nedb_database_path_local_stat_result
|
||||
|
||||
- block:
|
||||
- when: "matrix_appservice_irc_nedb_database_path_local_stat_result.stat.exists | bool"
|
||||
block:
|
||||
- ansible.builtin.import_tasks: "{{ role_path }}/tasks/migrate_nedb_to_postgres.yml"
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_appservice_irc_requires_restart: true
|
||||
when: "matrix_appservice_irc_nedb_database_path_local_stat_result.stat.exists | bool"
|
||||
when: "matrix_appservice_irc_database_engine == 'postgres'"
|
||||
|
||||
- name: Ensure Appservice IRC image is pulled
|
||||
docker_image:
|
||||
|
@ -43,7 +43,10 @@
|
||||
The matrix-bridge-appservice-slack role needs to execute before the matrix-synapse role.
|
||||
when: "matrix_synapse_role_executed | default(False)"
|
||||
|
||||
- block:
|
||||
- when: matrix_appservice_slack_enabled | bool
|
||||
tags:
|
||||
- always
|
||||
block:
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
@ -76,9 +79,6 @@
|
||||
+
|
||||
[matrix_appservice_slack_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
tags:
|
||||
- always
|
||||
when: matrix_appservice_slack_enabled | bool
|
||||
|
||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||
ansible.builtin.debug:
|
||||
|
@ -17,19 +17,19 @@
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_appservice_slack_requires_restart: false
|
||||
|
||||
- block:
|
||||
- when: "matrix_appservice_slack_database_engine == 'postgres'"
|
||||
block:
|
||||
- name: Check if a nedb database already exists
|
||||
ansible.builtin.stat:
|
||||
path: "{{ matrix_appservice_slack_data_path }}/teams.db"
|
||||
register: matrix_appservice_slack_nedb_database_path_local_stat_result
|
||||
|
||||
- block:
|
||||
- when: "matrix_appservice_slack_nedb_database_path_local_stat_result.stat.exists | bool"
|
||||
block:
|
||||
- ansible.builtin.import_tasks: "{{ role_path }}/tasks/migrate_nedb_to_postgres.yml"
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_appservice_slack_requires_restart: true
|
||||
when: "matrix_appservice_slack_nedb_database_path_local_stat_result.stat.exists | bool"
|
||||
when: "matrix_appservice_slack_database_engine == 'postgres'"
|
||||
|
||||
- name: Ensure Appservice Slack image is pulled
|
||||
docker_image:
|
||||
|
@ -36,7 +36,10 @@
|
||||
The matrix-bridge-appservice-webhooks role needs to execute before the matrix-synapse role.
|
||||
when: "matrix_synapse_role_executed | default(False)"
|
||||
|
||||
- block:
|
||||
- when: matrix_appservice_webhooks_enabled | bool
|
||||
tags:
|
||||
- always
|
||||
block:
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
@ -71,9 +74,6 @@
|
||||
+
|
||||
[matrix_appservice_webhooks_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
tags:
|
||||
- always
|
||||
when: matrix_appservice_webhooks_enabled | bool
|
||||
|
||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||
ansible.builtin.debug:
|
||||
|
@ -26,7 +26,8 @@
|
||||
delay: "{{ matrix_container_retries_delay }}"
|
||||
until: result is not failed
|
||||
|
||||
- block:
|
||||
- when: "matrix_appservice_webhooks_container_image_self_build | bool"
|
||||
block:
|
||||
- name: Ensure Appservice webhooks repository is present on self-build
|
||||
ansible.builtin.git:
|
||||
repo: "{{ matrix_appservice_webhooks_container_image_self_build_repo }}"
|
||||
@ -47,7 +48,6 @@
|
||||
dockerfile: "{{ matrix_appservice_webhooks_container_image_self_build_repo_dockerfile_path }}"
|
||||
path: "{{ matrix_appservice_webhooks_docker_src_files_path }}"
|
||||
pull: true
|
||||
when: "matrix_appservice_webhooks_container_image_self_build | bool"
|
||||
|
||||
- name: Ensure Matrix Appservice webhooks config is installed
|
||||
ansible.builtin.copy:
|
||||
|
@ -34,7 +34,8 @@
|
||||
delay: "{{ matrix_container_retries_delay }}"
|
||||
until: result is not failed
|
||||
|
||||
- block:
|
||||
- when: "matrix_beeper_linkedin_container_image_self_build | bool"
|
||||
block:
|
||||
- name: Ensure Beeper LinkedIn repository is present on self-build
|
||||
ansible.builtin.git:
|
||||
repo: "{{ matrix_beeper_linkedin_container_image_self_build_repo }}"
|
||||
@ -72,7 +73,6 @@
|
||||
pull: true
|
||||
args:
|
||||
TARGETARCH: "{{ matrix_architecture }}"
|
||||
when: "matrix_beeper_linkedin_container_image_self_build | bool"
|
||||
|
||||
- name: Ensure beeper-linkedin config.yaml installed
|
||||
ansible.builtin.copy:
|
||||
|
@ -11,13 +11,15 @@
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_go_skype_bridge_requires_restart: false
|
||||
|
||||
- block:
|
||||
- when: "matrix_go_skype_bridge_database_engine == 'postgres'"
|
||||
block:
|
||||
- name: Check if an SQLite database already exists
|
||||
ansible.builtin.stat:
|
||||
path: "{{ matrix_go_skype_bridge_sqlite_database_path_local }}"
|
||||
register: matrix_go_skype_bridge_sqlite_database_path_local_stat_result
|
||||
|
||||
- block:
|
||||
- when: "matrix_go_skype_bridge_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
block:
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_postgres_db_migration_request:
|
||||
src: "{{ matrix_go_skype_bridge_sqlite_database_path_local }}"
|
||||
@ -34,9 +36,6 @@
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_go_skype_bridge_requires_restart: true
|
||||
when: "matrix_go_skype_bridge_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
when: "matrix_go_skype_bridge_database_engine == 'postgres'"
|
||||
|
||||
|
||||
- name: Ensure Go Skype Bridge paths exists
|
||||
ansible.builtin.file:
|
||||
|
@ -28,7 +28,8 @@
|
||||
}}
|
||||
when: matrix_hookshot_enabled | bool
|
||||
|
||||
- block:
|
||||
- when: matrix_hookshot_enabled | bool
|
||||
block:
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
@ -128,7 +129,6 @@
|
||||
[matrix_hookshot_matrix_nginx_proxy_metrics_configuration_matrix_domain]
|
||||
}}
|
||||
when: matrix_hookshot_metrics_enabled | bool and matrix_hookshot_metrics_proxying_enabled | bool
|
||||
when: matrix_hookshot_enabled | bool
|
||||
|
||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||
ansible.builtin.debug:
|
||||
|
@ -11,13 +11,15 @@
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_mautrix_discord_requires_restart: false
|
||||
|
||||
- block:
|
||||
- when: "matrix_mautrix_discord_database_engine == 'postgres'"
|
||||
block:
|
||||
- name: Check if an SQLite database already exists
|
||||
ansible.builtin.stat:
|
||||
path: "{{ matrix_mautrix_discord_sqlite_database_path_local }}"
|
||||
register: matrix_mautrix_discord_sqlite_database_path_local_stat_result
|
||||
|
||||
- block:
|
||||
- when: "matrix_mautrix_discord_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
block:
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_postgres_db_migration_request:
|
||||
src: "{{ matrix_mautrix_discord_sqlite_database_path_local }}"
|
||||
@ -34,9 +36,6 @@
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_mautrix_discord_requires_restart: true
|
||||
when: "matrix_mautrix_discord_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
when: "matrix_mautrix_discord_database_engine == 'postgres'"
|
||||
|
||||
|
||||
- name: Ensure Mautrix Discord paths exists
|
||||
ansible.builtin.file:
|
||||
|
@ -27,7 +27,10 @@
|
||||
}}
|
||||
when: matrix_mautrix_facebook_enabled | bool
|
||||
|
||||
- block:
|
||||
- when: matrix_mautrix_facebook_enabled | bool and matrix_mautrix_facebook_appservice_public_enabled | bool
|
||||
tags:
|
||||
- always
|
||||
block:
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
@ -70,7 +73,3 @@
|
||||
URL endpoint to the matrix-mautrix-facebook container.
|
||||
You can expose the container's port using the `matrix_mautrix_facebook_container_http_host_bind_port` variable.
|
||||
when: "not matrix_nginx_proxy_enabled | default(False) | bool"
|
||||
|
||||
tags:
|
||||
- always
|
||||
when: matrix_mautrix_facebook_enabled | bool and matrix_mautrix_facebook_appservice_public_enabled | bool
|
||||
|
@ -11,13 +11,15 @@
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_mautrix_facebook_requires_restart: false
|
||||
|
||||
- block:
|
||||
- when: "matrix_mautrix_facebook_database_engine == 'postgres'"
|
||||
block:
|
||||
- name: Check if an SQLite database already exists
|
||||
ansible.builtin.stat:
|
||||
path: "{{ matrix_mautrix_facebook_sqlite_database_path_local }}"
|
||||
register: matrix_mautrix_facebook_sqlite_database_path_local_stat_result
|
||||
|
||||
- block:
|
||||
- when: "matrix_mautrix_facebook_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
block:
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_postgres_db_migration_request:
|
||||
src: "{{ matrix_mautrix_facebook_sqlite_database_path_local }}"
|
||||
@ -33,8 +35,6 @@
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_mautrix_facebook_requires_restart: true
|
||||
when: "matrix_mautrix_facebook_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
when: "matrix_mautrix_facebook_database_engine == 'postgres'"
|
||||
|
||||
- name: Ensure Mautrix Facebook image is pulled
|
||||
docker_image:
|
||||
|
@ -10,7 +10,8 @@
|
||||
- "matrix_mautrix_facebook_appservice_token"
|
||||
- "matrix_mautrix_facebook_homeserver_token"
|
||||
|
||||
- block:
|
||||
- when: "matrix_mautrix_facebook_database_engine == 'sqlite' and matrix_mautrix_facebook_docker_image.endswith(':da1b4ec596e334325a1589e70829dea46e73064b')"
|
||||
block:
|
||||
- name: Inject warning if on an old SQLite-supporting version
|
||||
ansible.builtin.set_fact:
|
||||
matrix_playbook_runtime_results: |
|
||||
@ -21,4 +22,3 @@
|
||||
"NOTE: Your mautrix-facebook bridge is still on SQLite and on the last version that supported it, before support was dropped. Support has been subsequently re-added in v0.3.2, so we advise you to upgrade (by removing your `matrix_mautrix_facebook_docker_image` definition from vars.yml)"
|
||||
]
|
||||
}}
|
||||
when: "matrix_mautrix_facebook_database_engine == 'sqlite' and matrix_mautrix_facebook_docker_image.endswith(':da1b4ec596e334325a1589e70829dea46e73064b')"
|
||||
|
@ -27,7 +27,10 @@
|
||||
}}
|
||||
when: matrix_mautrix_googlechat_enabled | bool
|
||||
|
||||
- block:
|
||||
- when: matrix_mautrix_googlechat_enabled | bool
|
||||
tags:
|
||||
- always
|
||||
block:
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
@ -59,9 +62,6 @@
|
||||
+
|
||||
[matrix_mautrix_googlechat_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
tags:
|
||||
- always
|
||||
when: matrix_mautrix_googlechat_enabled | bool
|
||||
|
||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||
ansible.builtin.debug:
|
||||
|
@ -11,13 +11,15 @@
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_mautrix_googlechat_requires_restart: false
|
||||
|
||||
- block:
|
||||
- when: "matrix_mautrix_googlechat_database_engine == 'postgres'"
|
||||
block:
|
||||
- name: Check if an SQLite database already exists
|
||||
ansible.builtin.stat:
|
||||
path: "{{ matrix_mautrix_googlechat_sqlite_database_path_local }}"
|
||||
register: matrix_mautrix_googlechat_sqlite_database_path_local_stat_result
|
||||
|
||||
- block:
|
||||
- when: "matrix_mautrix_googlechat_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
block:
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_postgres_db_migration_request:
|
||||
src: "{{ matrix_mautrix_googlechat_sqlite_database_path_local }}"
|
||||
@ -33,8 +35,6 @@
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_mautrix_googlechat_requires_restart: true
|
||||
when: "matrix_mautrix_googlechat_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
when: "matrix_mautrix_googlechat_database_engine == 'postgres'"
|
||||
|
||||
- name: Ensure Mautrix googlechat image is pulled
|
||||
docker_image:
|
||||
|
@ -27,7 +27,10 @@
|
||||
}}
|
||||
when: matrix_mautrix_hangouts_enabled | bool
|
||||
|
||||
- block:
|
||||
- when: matrix_mautrix_hangouts_enabled | bool
|
||||
tags:
|
||||
- always
|
||||
block:
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
@ -59,9 +62,6 @@
|
||||
+
|
||||
[matrix_mautrix_hangouts_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
tags:
|
||||
- always
|
||||
when: matrix_mautrix_hangouts_enabled | bool
|
||||
|
||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||
ansible.builtin.debug:
|
||||
|
@ -11,13 +11,15 @@
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_mautrix_hangouts_requires_restart: false
|
||||
|
||||
- block:
|
||||
- when: "matrix_mautrix_hangouts_database_engine == 'postgres'"
|
||||
block:
|
||||
- name: Check if an SQLite database already exists
|
||||
ansible.builtin.stat:
|
||||
path: "{{ matrix_mautrix_hangouts_sqlite_database_path_local }}"
|
||||
register: matrix_mautrix_hangouts_sqlite_database_path_local_stat_result
|
||||
|
||||
- block:
|
||||
- when: "matrix_mautrix_hangouts_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
block:
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_postgres_db_migration_request:
|
||||
src: "{{ matrix_mautrix_hangouts_sqlite_database_path_local }}"
|
||||
@ -33,8 +35,6 @@
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_mautrix_hangouts_requires_restart: true
|
||||
when: "matrix_mautrix_hangouts_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
when: "matrix_mautrix_hangouts_database_engine == 'postgres'"
|
||||
|
||||
- name: Ensure Mautrix Hangouts image is pulled
|
||||
docker_image:
|
||||
|
@ -8,7 +8,7 @@ matrix_mautrix_instagram_container_image_self_build: false
|
||||
matrix_mautrix_instagram_container_image_self_build_repo: "https://github.com/mautrix/instagram.git"
|
||||
matrix_mautrix_instagram_container_image_self_build_repo_version: "{{ 'master' if matrix_mautrix_instagram_version == 'latest' else matrix_mautrix_instagram_version }}"
|
||||
|
||||
matrix_mautrix_instagram_version: v0.2.0
|
||||
matrix_mautrix_instagram_version: v0.2.1
|
||||
# See: https://mau.dev/tulir/mautrix-instagram/container_registry
|
||||
matrix_mautrix_instagram_docker_image: "{{ matrix_mautrix_instagram_docker_image_name_prefix }}mautrix/instagram:{{ matrix_mautrix_instagram_version }}"
|
||||
matrix_mautrix_instagram_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_instagram_container_image_self_build else 'dock.mau.dev/' }}"
|
||||
|
@ -9,14 +9,14 @@ matrix_telegram_lottieconverter_container_image_self_build_mask_arch: false
|
||||
matrix_telegram_lottieconverter_docker_repo: "https://mau.dev/tulir/lottieconverter.git"
|
||||
matrix_telegram_lottieconverter_docker_repo_version: "master"
|
||||
matrix_telegram_lottieconverter_docker_src_files_path: "{{ matrix_base_data_path }}/lotticonverter/docker-src"
|
||||
matrix_telegram_lottieconverter_docker_image: "dock.mau.dev/tulir/lottieconverter:alpine-3.15" # needs to be ajusted according to FROM clause of Dockerfile of mautrix-telegram
|
||||
matrix_telegram_lottieconverter_docker_image: "dock.mau.dev/tulir/lottieconverter:alpine-3.16" # needs to be adjusted according to the FROM clause of Dockerfile of mautrix-telegram
|
||||
|
||||
matrix_mautrix_telegram_container_image_self_build: false
|
||||
matrix_mautrix_telegram_docker_repo: "https://mau.dev/mautrix/telegram.git"
|
||||
matrix_mautrix_telegram_docker_repo_version: "{{ 'master' if matrix_mautrix_telegram_version == 'latest' else matrix_mautrix_telegram_version }}"
|
||||
matrix_mautrix_telegram_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-telegram/docker-src"
|
||||
|
||||
matrix_mautrix_telegram_version: v0.12.0
|
||||
matrix_mautrix_telegram_version: v0.12.1
|
||||
# See: https://mau.dev/mautrix/telegram/container_registry
|
||||
matrix_mautrix_telegram_docker_image: "dock.mau.dev/mautrix/telegram:{{ matrix_mautrix_telegram_version }}"
|
||||
matrix_mautrix_telegram_docker_image_force_pull: "{{ matrix_mautrix_telegram_docker_image.endswith(':latest') }}"
|
||||
@ -131,6 +131,8 @@ matrix_mautrix_telegram_configuration_extension: "{{ matrix_mautrix_telegram_con
|
||||
# You most likely don't need to touch this variable. Instead, see `matrix_mautrix_telegram_configuration_yaml`.
|
||||
matrix_mautrix_telegram_configuration: "{{ matrix_mautrix_telegram_configuration_yaml | from_yaml | combine(matrix_mautrix_telegram_configuration_extension, recursive=True) }}"
|
||||
|
||||
matrix_mautrix_telegram_sender_localpart: "telegrambot"
|
||||
|
||||
matrix_mautrix_telegram_registration_yaml: |
|
||||
id: telegram
|
||||
as_token: "{{ matrix_mautrix_telegram_appservice_token }}"
|
||||
@ -149,6 +151,7 @@ matrix_mautrix_telegram_registration_yaml: |
|
||||
url: {{ matrix_mautrix_telegram_appservice_address }}
|
||||
rate_limited: false
|
||||
de.sorunome.msc2409.push_ephemeral: true
|
||||
# sender_localpart: "bridges_{{ matrix_mautrix_telegram_sender_localpart }}"
|
||||
|
||||
matrix_mautrix_telegram_registration: "{{ matrix_mautrix_telegram_registration_yaml | from_yaml }}"
|
||||
|
||||
|
@ -27,7 +27,10 @@
|
||||
}}
|
||||
when: matrix_mautrix_telegram_enabled | bool
|
||||
|
||||
- block:
|
||||
- when: matrix_mautrix_telegram_enabled | bool and matrix_mautrix_telegram_appservice_public_enabled | bool
|
||||
tags:
|
||||
- always
|
||||
block:
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
@ -69,7 +72,3 @@
|
||||
URL endpoint to the matrix-mautrix-telegram container.
|
||||
You can expose the container's port using the `matrix_mautrix_telegram_container_http_host_bind_port` variable.
|
||||
when: "not matrix_nginx_proxy_enabled | default(False) | bool"
|
||||
|
||||
tags:
|
||||
- always
|
||||
when: matrix_mautrix_telegram_enabled | bool and matrix_mautrix_telegram_appservice_public_enabled | bool
|
||||
|
@ -11,13 +11,15 @@
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_mautrix_telegram_requires_restart: false
|
||||
|
||||
- block:
|
||||
- when: "matrix_mautrix_telegram_database_engine == 'postgres'"
|
||||
block:
|
||||
- name: Check if an SQLite database already exists
|
||||
ansible.builtin.stat:
|
||||
path: "{{ matrix_mautrix_telegram_sqlite_database_path_local }}"
|
||||
register: matrix_mautrix_telegram_sqlite_database_path_local_stat_result
|
||||
|
||||
- block:
|
||||
- when: "matrix_mautrix_telegram_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
block:
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_postgres_db_migration_request:
|
||||
src: "{{ matrix_mautrix_telegram_sqlite_database_path_local }}"
|
||||
@ -33,8 +35,6 @@
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_mautrix_telegram_requires_restart: true
|
||||
when: "matrix_mautrix_telegram_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
when: "matrix_mautrix_telegram_database_engine == 'postgres'"
|
||||
|
||||
- name: Ensure Mautrix Telegram paths exist
|
||||
ansible.builtin.file:
|
||||
|
@ -11,13 +11,15 @@
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_mautrix_whatsapp_requires_restart: false
|
||||
|
||||
- block:
|
||||
- when: "matrix_mautrix_whatsapp_database_engine == 'postgres'"
|
||||
block:
|
||||
- name: Check if an SQLite database already exists
|
||||
ansible.builtin.stat:
|
||||
path: "{{ matrix_mautrix_whatsapp_sqlite_database_path_local }}"
|
||||
register: matrix_mautrix_whatsapp_sqlite_database_path_local_stat_result
|
||||
|
||||
- block:
|
||||
- when: "matrix_mautrix_whatsapp_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
block:
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_postgres_db_migration_request:
|
||||
src: "{{ matrix_mautrix_whatsapp_sqlite_database_path_local }}"
|
||||
@ -34,9 +36,6 @@
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_mautrix_whatsapp_requires_restart: true
|
||||
when: "matrix_mautrix_whatsapp_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
when: "matrix_mautrix_whatsapp_database_engine == 'postgres'"
|
||||
|
||||
|
||||
- name: Ensure Mautrix Whatsapp paths exists
|
||||
ansible.builtin.file:
|
||||
|
@ -55,7 +55,7 @@ appservice:
|
||||
# Whether or not to receive ephemeral events via appservice transactions.
|
||||
# Requires MSC2409 support (i.e. Synapse 1.22+).
|
||||
# You should disable bridge -> sync_with_custom_puppets when this is enabled.
|
||||
ephemeral_events: true
|
||||
ephemeral_events: false
|
||||
|
||||
# Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
|
||||
as_token: "{{ matrix_mautrix_whatsapp_appservice_token }}"
|
||||
@ -191,7 +191,7 @@ bridge:
|
||||
# Should Matrix users leaving groups be bridged to WhatsApp?
|
||||
bridge_matrix_leave: true
|
||||
# Should the bridge sync with double puppeting to receive EDUs that aren't normally sent to appservices.
|
||||
sync_with_custom_puppets: false
|
||||
sync_with_custom_puppets: true
|
||||
# Should the bridge update the m.direct account data event when double puppeting is enabled.
|
||||
# Note that updating the m.direct event is not atomic (except with mautrix-asmux)
|
||||
# and is therefore prone to race conditions.
|
||||
|
@ -27,7 +27,8 @@
|
||||
path: "{{ matrix_mx_puppet_discord_base_path }}/database.db"
|
||||
register: matrix_mx_puppet_discord_stat_database
|
||||
|
||||
- block:
|
||||
- when: "matrix_mx_puppet_discord_stat_database.stat.exists"
|
||||
block:
|
||||
- name: (Data relocation) Ensure matrix-mx-puppet-discord.service is stopped
|
||||
ansible.builtin.service:
|
||||
name: matrix-mx-puppet-discord
|
||||
@ -40,18 +41,19 @@
|
||||
cmd: "mv {{ matrix_mx_puppet_discord_base_path }}/database.db {{ matrix_mx_puppet_discord_data_path }}/database.db"
|
||||
register: matrix_mx_puppet_discord_relocate_database_result
|
||||
changed_when: matrix_mx_puppet_discord_relocate_database_result.rc == 0
|
||||
when: "matrix_mx_puppet_discord_stat_database.stat.exists"
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_mx_puppet_discord_requires_restart: false
|
||||
|
||||
- block:
|
||||
- when: "matrix_mx_puppet_discord_database_engine == 'postgres'"
|
||||
block:
|
||||
- name: Check if an SQLite database already exists
|
||||
ansible.builtin.stat:
|
||||
path: "{{ matrix_mx_puppet_discord_sqlite_database_path_local }}"
|
||||
register: matrix_mx_puppet_discord_sqlite_database_path_local_stat_result
|
||||
|
||||
- block:
|
||||
- when: "matrix_mx_puppet_discord_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
block:
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_postgres_db_migration_request:
|
||||
src: "{{ matrix_mx_puppet_discord_sqlite_database_path_local }}"
|
||||
@ -67,8 +69,6 @@
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_mx_puppet_discord_requires_restart: true
|
||||
when: "matrix_mx_puppet_discord_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
when: "matrix_mx_puppet_discord_database_engine == 'postgres'"
|
||||
|
||||
- name: Ensure MX Puppet Discord image is pulled
|
||||
docker_image:
|
||||
|
@ -70,7 +70,7 @@ namePatterns:
|
||||
#
|
||||
# name: username of the user
|
||||
# discriminator: hashtag of the user (ex. #1234)
|
||||
user: :name
|
||||
user: ":name (#:discriminator) (via Discord)"
|
||||
|
||||
# A user's guild-specific displayname - if they've set a custom nick in
|
||||
# a guild
|
||||
@ -82,7 +82,7 @@ namePatterns:
|
||||
# displayname: the user's custom group-specific nick
|
||||
# channel: the name of the channel
|
||||
# guild: the name of the guild
|
||||
userOverride: :name
|
||||
userOverride: ":displayname (:name#:discriminator) (via Discord)"
|
||||
|
||||
# Room names for bridged Discord channels
|
||||
#
|
||||
@ -90,7 +90,7 @@ namePatterns:
|
||||
#
|
||||
# name: name of the channel
|
||||
# guild: name of the guild
|
||||
room: :name
|
||||
room: "#:name (:guild on Discord)"
|
||||
|
||||
# Group names for bridged Discord servers
|
||||
#
|
||||
|
@ -43,13 +43,15 @@
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_mx_puppet_groupme_requires_restart: false
|
||||
|
||||
- block:
|
||||
- when: "matrix_mx_puppet_groupme_database_engine == 'postgres'"
|
||||
block:
|
||||
- name: Check if an SQLite database already exists
|
||||
ansible.builtin.stat:
|
||||
path: "{{ matrix_mx_puppet_groupme_sqlite_database_path_local }}"
|
||||
register: matrix_mx_puppet_groupme_sqlite_database_path_local_stat_result
|
||||
|
||||
- block:
|
||||
- when: "matrix_mx_puppet_groupme_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
block:
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_postgres_db_migration_request:
|
||||
src: "{{ matrix_mx_puppet_groupme_sqlite_database_path_local }}"
|
||||
@ -65,8 +67,6 @@
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_mx_puppet_groupme_requires_restart: true
|
||||
when: "matrix_mx_puppet_groupme_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
when: "matrix_mx_puppet_groupme_database_engine == 'postgres'"
|
||||
|
||||
- name: Ensure MX Puppet Groupme image is pulled
|
||||
docker_image:
|
||||
|
@ -12,13 +12,15 @@
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_mx_puppet_instagram_requires_restart: false
|
||||
|
||||
- block:
|
||||
- when: "matrix_mx_puppet_instagram_database_engine == 'postgres'"
|
||||
block:
|
||||
- name: Check if an SQLite database already exists
|
||||
ansible.builtin.stat:
|
||||
path: "{{ matrix_mx_puppet_instagram_sqlite_database_path_local }}"
|
||||
register: matrix_mx_puppet_instagram_sqlite_database_path_local_stat_result
|
||||
|
||||
- block:
|
||||
- when: "matrix_mx_puppet_instagram_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
block:
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_postgres_db_migration_request:
|
||||
src: "{{ matrix_mx_puppet_instagram_sqlite_database_path_local }}"
|
||||
@ -34,8 +36,6 @@
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_mx_puppet_instagram_requires_restart: true
|
||||
when: "matrix_mx_puppet_instagram_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
when: "matrix_mx_puppet_instagram_database_engine == 'postgres'"
|
||||
|
||||
- name: Ensure mx-puppet-instagram image is pulled
|
||||
docker_image:
|
||||
|
@ -27,7 +27,10 @@
|
||||
}}
|
||||
when: matrix_mx_puppet_slack_enabled | bool
|
||||
|
||||
- block:
|
||||
- when: matrix_mx_puppet_slack_enabled | bool
|
||||
tags:
|
||||
- always
|
||||
block:
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
@ -60,9 +63,6 @@
|
||||
+
|
||||
[matrix_mx_puppet_slack_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
tags:
|
||||
- always
|
||||
when: matrix_mx_puppet_slack_enabled | bool
|
||||
|
||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||
ansible.builtin.debug:
|
||||
|
@ -39,13 +39,15 @@
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_mx_puppet_slack_requires_restart: false
|
||||
|
||||
- block:
|
||||
- when: "matrix_mx_puppet_slack_database_engine == 'postgres'"
|
||||
block:
|
||||
- name: Check if an SQLite database already exists
|
||||
ansible.builtin.stat:
|
||||
path: "{{ matrix_mx_puppet_slack_sqlite_database_path_local }}"
|
||||
register: matrix_mx_puppet_slack_sqlite_database_path_local_stat_result
|
||||
|
||||
- block:
|
||||
- when: "matrix_mx_puppet_slack_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
block:
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_postgres_db_migration_request:
|
||||
src: "{{ matrix_mx_puppet_slack_sqlite_database_path_local }}"
|
||||
@ -61,8 +63,6 @@
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_mx_puppet_slack_requires_restart: true
|
||||
when: "matrix_mx_puppet_slack_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
when: "matrix_mx_puppet_slack_database_engine == 'postgres'"
|
||||
|
||||
- name: Ensure MX Puppet Slack image is pulled
|
||||
docker_image:
|
||||
|
@ -43,13 +43,15 @@
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_mx_puppet_steam_requires_restart: false
|
||||
|
||||
- block:
|
||||
- when: "matrix_mx_puppet_steam_database_engine == 'postgres'"
|
||||
block:
|
||||
- name: Check if an SQLite database already exists
|
||||
ansible.builtin.stat:
|
||||
path: "{{ matrix_mx_puppet_steam_sqlite_database_path_local }}"
|
||||
register: matrix_mx_puppet_steam_sqlite_database_path_local_stat_result
|
||||
|
||||
- block:
|
||||
- when: "matrix_mx_puppet_steam_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
block:
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_postgres_db_migration_request:
|
||||
src: "{{ matrix_mx_puppet_steam_sqlite_database_path_local }}"
|
||||
@ -65,8 +67,6 @@
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_mx_puppet_steam_requires_restart: true
|
||||
when: "matrix_mx_puppet_steam_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
when: "matrix_mx_puppet_steam_database_engine == 'postgres'"
|
||||
|
||||
- name: Ensure MX Puppet Steam image is pulled
|
||||
docker_image:
|
||||
|
@ -27,7 +27,10 @@
|
||||
}}
|
||||
when: matrix_mx_puppet_twitter_enabled | bool
|
||||
|
||||
- block:
|
||||
- when: matrix_mx_puppet_twitter_enabled | bool
|
||||
tags:
|
||||
- always
|
||||
block:
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
@ -60,9 +63,6 @@
|
||||
+
|
||||
[matrix_mx_puppet_twitter_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
tags:
|
||||
- always
|
||||
when: matrix_mx_puppet_twitter_enabled | bool
|
||||
|
||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||
ansible.builtin.debug:
|
||||
|
@ -43,13 +43,15 @@
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_mx_puppet_twitter_requires_restart: false
|
||||
|
||||
- block:
|
||||
- when: "matrix_mx_puppet_twitter_database_engine == 'postgres'"
|
||||
block:
|
||||
- name: Check if an SQLite database already exists
|
||||
ansible.builtin.stat:
|
||||
path: "{{ matrix_mx_puppet_twitter_sqlite_database_path_local }}"
|
||||
register: matrix_mx_puppet_twitter_sqlite_database_path_local_stat_result
|
||||
|
||||
- block:
|
||||
- when: "matrix_mx_puppet_twitter_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
block:
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_postgres_db_migration_request:
|
||||
src: "{{ matrix_mx_puppet_twitter_sqlite_database_path_local }}"
|
||||
@ -65,8 +67,6 @@
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_mx_puppet_twitter_requires_restart: true
|
||||
when: "matrix_mx_puppet_twitter_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
when: "matrix_mx_puppet_twitter_database_engine == 'postgres'"
|
||||
|
||||
- name: Ensure MX Puppet Twitter image is pulled
|
||||
docker_image:
|
||||
|
@ -21,7 +21,10 @@
|
||||
}}
|
||||
when: matrix_cactus_comments_enabled | bool
|
||||
|
||||
- block:
|
||||
- when: matrix_cactus_comments_enabled | bool and matrix_cactus_comments_serve_client_enabled | bool
|
||||
tags:
|
||||
- always
|
||||
block:
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
@ -63,7 +66,3 @@
|
||||
reverse proxy.
|
||||
Please make sure that you're proxying client files in {{ matrix_cactus_comments_client_path }} correctly
|
||||
when: "not matrix_nginx_proxy_enabled | default(False) | bool"
|
||||
|
||||
tags:
|
||||
- always
|
||||
when: matrix_cactus_comments_enabled | bool and matrix_cactus_comments_serve_client_enabled | bool
|
||||
|
@ -65,7 +65,8 @@
|
||||
pull: true
|
||||
when: "matrix_cactus_comments_container_image_self_build | bool"
|
||||
|
||||
- block:
|
||||
- when: matrix_cactus_comments_client_local_dir | length == 0
|
||||
block:
|
||||
- name: Download client binary to local folder
|
||||
ansible.builtin.get_url:
|
||||
url: "https://gitlab.com/cactus-comments/cactus-client/-/archive/v{{ matrix_cactus_comments_client_version }}/cactus-client-v{{ matrix_cactus_comments_client_version }}.tar.gz"
|
||||
@ -101,9 +102,9 @@
|
||||
mode: "{{ matrix_cactus_comments_client_file_permissions }}"
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
when: matrix_cactus_comments_client_local_dir | length == 0
|
||||
|
||||
- block:
|
||||
- when: matrix_cactus_comments_client_local_dir | length > 0
|
||||
block:
|
||||
- name: Propagate locally distributed client javascreipt
|
||||
ansible.builtin.copy:
|
||||
src: "{{ matrix_cactus_comments_client_local_dir }}/src/cactus.js"
|
||||
@ -118,7 +119,6 @@
|
||||
mode: "{{ matrix_cactus_comments_client_file_permissions }}"
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
when: matrix_cactus_comments_client_local_dir | length > 0
|
||||
|
||||
- name: Ensure matrix-cactus-comments.service installed
|
||||
ansible.builtin.template:
|
||||
|
BIN
roles/matrix-client-element/files/antifa_coffee_cups.png
Normal file
BIN
roles/matrix-client-element/files/antifa_coffee_cups.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 188 KiB |
BIN
roles/matrix-client-element/files/background.jpg
Normal file
BIN
roles/matrix-client-element/files/background.jpg
Normal file
Binary file not shown.
After Width: | Height: | Size: 2.1 MiB |
BIN
roles/matrix-client-element/files/background_small.jpg
Normal file
BIN
roles/matrix-client-element/files/background_small.jpg
Normal file
Binary file not shown.
After Width: | Height: | Size: 747 KiB |
@ -4,7 +4,11 @@
|
||||
# Tasks related to setting up Element themes
|
||||
#
|
||||
|
||||
- block:
|
||||
- when: matrix_client_element_themes_enabled | bool
|
||||
run_once: true
|
||||
delegate_to: 127.0.0.1
|
||||
become: false
|
||||
block:
|
||||
- name: Ensure Element themes repository is pulled
|
||||
ansible.builtin.git:
|
||||
repo: "{{ matrix_client_element_themes_repository_url }}"
|
||||
@ -29,12 +33,6 @@
|
||||
matrix_client_element_settingDefaults_custom_themes: "{{ matrix_client_element_settingDefaults_custom_themes + [item['content'] | b64decode | from_json] }}" # noqa var-naming
|
||||
with_items: "{{ matrix_client_element_theme_file_contents.results }}"
|
||||
|
||||
run_once: true
|
||||
delegate_to: 127.0.0.1
|
||||
become: false
|
||||
when: matrix_client_element_themes_enabled | bool
|
||||
|
||||
|
||||
#
|
||||
# Tasks related to getting rid of Element themes (if it was previously enabled)
|
||||
#
|
||||
|
@ -82,6 +82,18 @@
|
||||
- {src: "{{ matrix_client_element_embedded_pages_home_path }}", name: "home.html"}
|
||||
when: "item.src is not none"
|
||||
|
||||
- name: Copy Element costum files
|
||||
copy:
|
||||
src: "{{ item.src }}"
|
||||
dest: "{{ matrix_client_element_data_path }}/{{ item.name }}"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- {src: "{{ role_path }}/files/background.jpg", name: "background.jpg"}
|
||||
- {src: "{{ role_path }}/files/antifa_coffee_cups.png", name: "logo.png"}
|
||||
when: "matrix_client_element_enabled|bool and item.src is not none"
|
||||
|
||||
- name: Ensure Element config files removed
|
||||
ansible.builtin.file:
|
||||
path: "{{ matrix_client_element_data_path }}/{{ item.name }}"
|
||||
|
@ -33,7 +33,7 @@ h1::after {
|
||||
}
|
||||
|
||||
.mx_Logo {
|
||||
height: 54px;
|
||||
height: 92px;
|
||||
margin-top: 2px;
|
||||
}
|
||||
|
||||
|
@ -34,7 +34,8 @@
|
||||
delegate_to: 127.0.0.1
|
||||
become: false
|
||||
|
||||
- block:
|
||||
- when: "ansible_distribution != 'Archlinux'"
|
||||
block:
|
||||
- name: Populate service facts
|
||||
ansible.builtin.service_facts:
|
||||
|
||||
@ -50,9 +51,9 @@
|
||||
with_items: "{{ matrix_systemd_services_list }}"
|
||||
when:
|
||||
- "item.endswith('.service') and (ansible_facts.services[item] | default(none) is none or ansible_facts.services[item].state != 'running')"
|
||||
when: "ansible_distribution != 'Archlinux'"
|
||||
|
||||
- block:
|
||||
- when: "ansible_distribution == 'Archlinux'"
|
||||
block:
|
||||
# Currently there is a bug in ansible that renders is incompatible with systemd.
|
||||
# service_facts is not collecting the data successfully.
|
||||
# Therefore iterating here manually
|
||||
@ -70,4 +71,3 @@
|
||||
Try running `systemctl status {{ item.item }}` and `journalctl -fu {{ item.item }}` on the server to investigate.
|
||||
with_items: "{{ systemdstatus.results }}"
|
||||
when: "item.status['ActiveState'] != 'active'"
|
||||
when: "ansible_distribution == 'Archlinux'"
|
||||
|
@ -29,7 +29,8 @@
|
||||
delay: "{{ matrix_container_retries_delay }}"
|
||||
until: result is not failed
|
||||
|
||||
- block:
|
||||
- when: "matrix_coturn_container_image_self_build | bool"
|
||||
block:
|
||||
- name: Ensure Coturn repository is present on self-build
|
||||
ansible.builtin.git:
|
||||
repo: "{{ matrix_coturn_container_image_self_build_repo }}"
|
||||
@ -50,7 +51,6 @@
|
||||
dockerfile: "{{ matrix_coturn_container_image_self_build_repo_dockerfile_path }}"
|
||||
path: "{{ matrix_coturn_docker_src_files_path }}"
|
||||
pull: true
|
||||
when: "matrix_coturn_container_image_self_build | bool"
|
||||
|
||||
- name: Ensure Coturn configuration path exists
|
||||
ansible.builtin.file:
|
||||
|
@ -6,7 +6,7 @@ matrix_dendrite_enabled: true
|
||||
|
||||
matrix_dendrite_docker_image: "{{ matrix_dendrite_docker_image_name_prefix }}matrixdotorg/dendrite-monolith:{{ matrix_dendrite_docker_image_tag }}"
|
||||
matrix_dendrite_docker_image_name_prefix: "docker.io/"
|
||||
matrix_dendrite_docker_image_tag: "v0.9.8"
|
||||
matrix_dendrite_docker_image_tag: "v0.9.9"
|
||||
matrix_dendrite_docker_image_force_pull: "{{ matrix_dendrite_docker_image.endswith(':latest') }}"
|
||||
|
||||
matrix_dendrite_base_path: "{{ matrix_base_data_path }}/dendrite"
|
||||
|
@ -3,13 +3,15 @@
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_dimension_requires_restart: false
|
||||
|
||||
- block:
|
||||
- when: "matrix_dimension_database_engine == 'postgres'"
|
||||
block:
|
||||
- name: Check if an SQLite database already exists
|
||||
ansible.builtin.stat:
|
||||
path: "{{ matrix_dimension_sqlite_database_path_local }}"
|
||||
register: matrix_dimension_sqlite_database_path_local_stat_result
|
||||
|
||||
- block:
|
||||
- when: "matrix_dimension_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
block:
|
||||
# pgloader makes a few columns `smallint`, instead of `boolean`.
|
||||
# We need to fix them up.
|
||||
- ansible.builtin.set_fact:
|
||||
@ -67,8 +69,6 @@
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_dimension_requires_restart: true
|
||||
when: "matrix_dimension_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
when: "matrix_dimension_database_engine == 'postgres'"
|
||||
|
||||
- name: Ensure Dimension base path exists
|
||||
ansible.builtin.file:
|
||||
|
@ -7,7 +7,7 @@ matrix_dynamic_dns_enabled: true
|
||||
# The dynamic dns daemon interval
|
||||
matrix_dynamic_dns_daemon_interval: '300'
|
||||
|
||||
matrix_dynamic_dns_version: v3.9.1-ls98
|
||||
matrix_dynamic_dns_version: v3.9.1-ls100
|
||||
|
||||
# The docker container to use when in mode
|
||||
matrix_dynamic_dns_docker_image: "{{ matrix_dynamic_dns_docker_image_name_prefix }}linuxserver/ddclient:{{ matrix_dynamic_dns_version }}"
|
||||
|
@ -4,7 +4,10 @@
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-etherpad.service'] }}"
|
||||
when: matrix_etherpad_enabled | bool
|
||||
|
||||
- block:
|
||||
- when: matrix_etherpad_enabled | bool
|
||||
tags:
|
||||
- always
|
||||
block:
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
@ -49,9 +52,6 @@
|
||||
+
|
||||
[matrix_etherpad_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
tags:
|
||||
- always
|
||||
when: matrix_etherpad_enabled | bool
|
||||
|
||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||
ansible.builtin.debug:
|
||||
|
@ -3,18 +3,14 @@
|
||||
# See: https://github.com/matrix-org/synapse/blob/master/docs/metrics-howto.md
|
||||
# Project source code URL: https://github.com/grafana/grafana
|
||||
|
||||
matrix_grafana_enabled: false
|
||||
matrix_grafana_enabled: true
|
||||
|
||||
matrix_grafana_version: 9.1.5
|
||||
matrix_grafana_version: 9.1.6
|
||||
matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}"
|
||||
matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}"
|
||||
|
||||
# Not conditional, because when someone disables metrics
|
||||
# they might still want to look at the old existing data.
|
||||
# So it would be silly to delete the dashboard in such case.
|
||||
matrix_grafana_dashboard_download_urls:
|
||||
- "https://raw.githubusercontent.com/matrix-org/synapse/master/contrib/grafana/synapse.json"
|
||||
- "https://raw.githubusercontent.com/rfrail3/grafana-dashboards/master/prometheus/node-exporter-full.json"
|
||||
# matrix_grafana_dashboard_download_urls holds a list of URLs of dashboards to download
|
||||
matrix_grafana_dashboard_download_urls: []
|
||||
|
||||
matrix_grafana_base_path: "{{ matrix_base_data_path }}/grafana"
|
||||
matrix_grafana_config_path: "{{ matrix_grafana_base_path }}/config"
|
||||
@ -50,6 +46,10 @@ matrix_grafana_content_security_policy: true
|
||||
matrix_grafana_content_security_policy_customized: false
|
||||
matrix_grafana_content_security_policy_template: "script-src 'self' 'unsafe-eval' 'unsafe-inline' http: https: 'strict-dynamic' $NONCE;object-src 'none';font-src 'self';style-src 'self' 'unsafe-inline' blob:;img-src * data:;base-uri 'self';connect-src 'self' grafana.com ws://$ROOT_PATH wss://$ROOT_PATH;manifest-src 'self';media-src 'none';form-action 'self';"
|
||||
|
||||
# matrix_grafana_default_home_dashboard_path influences the `default_home_dashboard_path` grafana.ini setting,
|
||||
# which is an in-container path for the default dashboard.
|
||||
matrix_grafana_default_home_dashboard_path: /etc/grafana/dashboards/node-exporter-full.json
|
||||
|
||||
# A list of extra arguments to pass to the container
|
||||
matrix_grafana_container_extra_arguments: []
|
||||
|
||||
|
@ -68,7 +68,7 @@
|
||||
mode: 0440
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items: "{{ matrix_grafana_dashboard_download_urls_all }}"
|
||||
with_items: "{{ matrix_grafana_dashboard_download_urls }}"
|
||||
when: matrix_grafana_enabled | bool
|
||||
register: result
|
||||
retries: "{{ matrix_geturl_retries_count }}"
|
||||
|
@ -5,3 +5,12 @@
|
||||
msg: >
|
||||
You need to enable `matrix_prometheus_enabled` to use Prometheus as data source for Grafana.
|
||||
when: "not matrix_prometheus_enabled"
|
||||
|
||||
- name: (Deprecation) Catch and report renamed settings
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
Your configuration contains a variable, which now has a different name.
|
||||
Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`).
|
||||
when: "item.old in vars"
|
||||
with_items:
|
||||
- {'old': 'matrix_grafana_dashboard_download_urls_all', 'new': 'matrix_grafana_dashboard_download_urls'}
|
||||
|
@ -26,8 +26,4 @@ enabled = {{ matrix_grafana_anonymous_access }}
|
||||
org_name = "{{ matrix_grafana_anonymous_access_org_name }}"
|
||||
|
||||
[dashboards]
|
||||
{% if matrix_synapse_metrics_enabled %}
|
||||
default_home_dashboard_path = /etc/grafana/dashboards/synapse.json
|
||||
{% else %}
|
||||
default_home_dashboard_path = /etc/grafana/dashboards/node-exporter-full.json
|
||||
{% endif %}
|
||||
default_home_dashboard_path = {{ matrix_grafana_default_home_dashboard_path }}
|
||||
|
@ -42,7 +42,8 @@
|
||||
|
||||
# We use shell commands for the migration, because the Ansible copy module cannot
|
||||
# recursively copy remote directories (like `/matrix/mxisd/data/sign.key`) in older versions of Ansible.
|
||||
- block:
|
||||
- when: "ma1sd_migrate_mxisd_data_dir_stat.stat.exists"
|
||||
block:
|
||||
- name: Copy mxisd data files to ma1sd folder
|
||||
ansible.builtin.command:
|
||||
cmd: "cp -ar {{ matrix_base_data_path }}/mxisd/data {{ matrix_ma1sd_base_path }}"
|
||||
@ -66,7 +67,6 @@
|
||||
cmd: "mv {{ matrix_base_data_path }}/mxisd {{ matrix_base_data_path }}/mxisd.migrated"
|
||||
register: matrix_ma1sd_migrate_mxisd_move_directory_result
|
||||
changed_when: matrix_ma1sd_migrate_mxisd_move_directory_result.rc == 0
|
||||
when: "ma1sd_migrate_mxisd_data_dir_stat.stat.exists"
|
||||
|
||||
- name: Ensure outdated matrix-mxisd.service doesn't exist
|
||||
ansible.builtin.file:
|
||||
|
@ -21,13 +21,15 @@
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_ma1sd_requires_restart: false
|
||||
|
||||
- block:
|
||||
- when: "matrix_ma1sd_database_engine == 'postgres'"
|
||||
block:
|
||||
- name: Check if an SQLite database already exists
|
||||
ansible.builtin.stat:
|
||||
path: "{{ matrix_ma1sd_sqlite_database_path_local }}"
|
||||
register: matrix_ma1sd_sqlite_database_path_local_stat_result
|
||||
|
||||
- block:
|
||||
- when: "matrix_ma1sd_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
block:
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_postgres_db_migration_request:
|
||||
src: "{{ matrix_ma1sd_sqlite_database_path_local }}"
|
||||
@ -44,8 +46,6 @@
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_ma1sd_requires_restart: true
|
||||
when: "matrix_ma1sd_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
when: "matrix_ma1sd_database_engine == 'postgres'"
|
||||
|
||||
- name: Ensure ma1sd image is pulled
|
||||
docker_image:
|
||||
@ -59,7 +59,8 @@
|
||||
delay: "{{ matrix_container_retries_delay }}"
|
||||
until: result is not failed
|
||||
|
||||
- block:
|
||||
- when: "matrix_ma1sd_container_image_self_build | bool"
|
||||
block:
|
||||
- name: Ensure gradle is installed for self-building (Debian)
|
||||
ansible.builtin.apt:
|
||||
name:
|
||||
@ -111,7 +112,6 @@
|
||||
repository: "{{ matrix_ma1sd_docker_image }}"
|
||||
force_tag: true
|
||||
source: local
|
||||
when: "matrix_ma1sd_container_image_self_build | bool"
|
||||
|
||||
- name: Ensure ma1sd config installed
|
||||
ansible.builtin.copy:
|
||||
|
@ -15,7 +15,8 @@
|
||||
# See: https://docs.ansible.com/ansible/2.3/htpasswd_module.html#requirements-on-host-that-executes-module
|
||||
# We support various distros, with various versions of Python. Installing additional Python modules can be a hassle.
|
||||
# As a workaround, we run `htpasswd` from an Apache container image.
|
||||
- block:
|
||||
- when: matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_username != ''
|
||||
block:
|
||||
- name: Ensure Apache Docker image is pulled for generating matrix-metrics-htpasswd from username/password (protecting /metrics/* URIs)
|
||||
docker_image:
|
||||
name: "{{ matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_apache_container_image }}"
|
||||
@ -57,4 +58,3 @@
|
||||
ansible.builtin.file:
|
||||
path: /tmp/matrix-nginx-proxy-metrics-password
|
||||
state: absent
|
||||
when: matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_username != ''
|
||||
|
@ -9,7 +9,8 @@
|
||||
follow_redirects: "{{ matrix_nginx_proxy_self_check_well_known_matrix_client_follow_redirects }}"
|
||||
validate_certs: "{{ matrix_nginx_proxy_self_check_validate_certificates }}"
|
||||
|
||||
- block:
|
||||
- when: matrix_well_known_matrix_server_enabled | bool
|
||||
block:
|
||||
- ansible.builtin.set_fact:
|
||||
well_known_file_check_matrix_server:
|
||||
path: /.well-known/matrix/server
|
||||
@ -21,7 +22,6 @@
|
||||
- name: Determine domains that we require certificates for (ma1sd)
|
||||
ansible.builtin.set_fact:
|
||||
well_known_file_checks: "{{ well_known_file_checks + [well_known_file_check_matrix_server] }}"
|
||||
when: matrix_well_known_matrix_server_enabled | bool
|
||||
|
||||
- name: Perform well-known checks
|
||||
ansible.builtin.include_tasks: "{{ role_path }}/tasks/self_check_well_known_file.yml"
|
||||
|
@ -16,7 +16,8 @@
|
||||
# Tasks related to setting up Let's Encrypt's management of certificates
|
||||
#
|
||||
|
||||
- block:
|
||||
- when: "matrix_ssl_retrieval_method == 'lets-encrypt'"
|
||||
block:
|
||||
- name: Ensure certbot Docker image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_ssl_lets_encrypt_certbot_docker_image }}"
|
||||
@ -43,13 +44,13 @@
|
||||
mode: 0644
|
||||
when: "item.applicable | bool"
|
||||
with_items: "{{ matrix_ssl_renewal_systemd_units_list }}"
|
||||
when: "matrix_ssl_retrieval_method == 'lets-encrypt'"
|
||||
|
||||
#
|
||||
# Tasks related to getting rid of Let's Encrypt's management of certificates
|
||||
#
|
||||
|
||||
- block:
|
||||
- when: "matrix_ssl_retrieval_method != 'lets-encrypt'"
|
||||
block:
|
||||
- name: Ensure matrix-ssl-lets-encrypt-renew cronjob removed
|
||||
ansible.builtin.file:
|
||||
path: "{{ matrix_systemd_path }}/{{ item.name }}"
|
||||
@ -61,4 +62,3 @@
|
||||
ansible.builtin.file:
|
||||
path: "{{ matrix_local_bin_path }}/matrix-ssl-lets-encrypt-certificates-renew"
|
||||
state: absent
|
||||
when: "matrix_ssl_retrieval_method != 'lets-encrypt'"
|
||||
|
@ -13,7 +13,8 @@
|
||||
- ansible.builtin.set_fact:
|
||||
domain_name_needs_cert: "{{ not domain_name_certificate_path_stat.stat.exists }}"
|
||||
|
||||
- block:
|
||||
- when: "domain_name_needs_cert | bool and matrix_ssl_pre_obtaining_required_service_name != ''"
|
||||
block:
|
||||
- name: Ensure required service for obtaining is started
|
||||
ansible.builtin.service:
|
||||
name: "{{ matrix_ssl_pre_obtaining_required_service_name }}"
|
||||
@ -24,7 +25,6 @@
|
||||
ansible.builtin.wait_for:
|
||||
timeout: "{{ matrix_ssl_pre_obtaining_required_service_start_wait_time_seconds }}"
|
||||
when: "matrix_ssl_pre_obtaining_required_service_start_result.changed | bool"
|
||||
when: "domain_name_needs_cert | bool and matrix_ssl_pre_obtaining_required_service_name != ''"
|
||||
|
||||
# This will fail if there is something running on port 80 (like matrix-nginx-proxy).
|
||||
# We suppress the error, as we'll try another method below.
|
||||
|
@ -35,7 +35,8 @@
|
||||
- or raw htpasswd content (provided in `matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_raw_content`)
|
||||
when: "matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_enabled | bool and (matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_raw_content == '' and (matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_username == '' or matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_password == ''))"
|
||||
|
||||
- block:
|
||||
- when: "matrix_ssl_retrieval_method == 'lets-encrypt'"
|
||||
block:
|
||||
- name: (Deprecation) Catch and report renamed settings
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
@ -57,7 +58,6 @@
|
||||
- "matrix_nginx_proxy_proxy_synapse_client_api_addr_with_container"
|
||||
- "matrix_nginx_proxy_proxy_synapse_client_api_addr_sans_container"
|
||||
when: "vars[item] == '' or vars[item] is none"
|
||||
when: "matrix_ssl_retrieval_method == 'lets-encrypt'"
|
||||
|
||||
- name: (Deprecation) Catch and report old metrics usage
|
||||
ansible.builtin.fail:
|
||||
|
@ -78,7 +78,7 @@ matrix_postgres_import_roles_to_ignore: [matrix_postgres_connection_username]
|
||||
# which is unsupported by default by newer Postgres versions (v14+).
|
||||
# When users are created and passwords are set by the playbook, they end up hashed as `scram-sha-256` on Postgres v14+.
|
||||
# If an md5-hashed password is restored on top, Postgres v14+ will refuse to authenticate users with it by default.
|
||||
matrix_postgres_import_roles_ignore_regex: "^(CREATE|ALTER) ROLE ({{ matrix_postgres_import_roles_to_ignore | join('|') }})(;| WITH)" # noqa var-spacing
|
||||
matrix_postgres_import_roles_ignore_regex: "^(CREATE|ALTER) ROLE ({{ matrix_postgres_import_roles_to_ignore | join('|') }})(;| WITH)" # noqa jinja[spacing]
|
||||
|
||||
# A list of databases to avoid creating when importing (or upgrading) the database.
|
||||
# If a dump file contains the databases and they've also been created beforehand (see `matrix_postgres_additional_databases`),
|
||||
@ -86,7 +86,7 @@ matrix_postgres_import_roles_ignore_regex: "^(CREATE|ALTER) ROLE ({{ matrix_post
|
||||
# We either need to not create them or to ignore the `CREATE DATABASE` statements in the dump.
|
||||
matrix_postgres_import_databases_to_ignore: [matrix_postgres_db_name]
|
||||
|
||||
matrix_postgres_import_databases_ignore_regex: "^CREATE DATABASE ({{ matrix_postgres_import_databases_to_ignore | join('|') }})\\s" # noqa var-spacing
|
||||
matrix_postgres_import_databases_ignore_regex: "^CREATE DATABASE ({{ matrix_postgres_import_databases_to_ignore | join('|') }})\\s" # noqa jinja[spacing]
|
||||
|
||||
# The number of seconds to wait after starting `matrix-postgres.service`
|
||||
# and before trying to run queries for creating additional databases/users against it.
|
||||
|
@ -25,7 +25,8 @@
|
||||
# We either expect `postgres_db_connection_string` specifying a full Postgres database connection string,
|
||||
# or `postgres_connection_string_variable_name`, specifying a name of a variable, which contains a valid connection string.
|
||||
|
||||
- block:
|
||||
- when: 'postgres_connection_string_variable_name is defined'
|
||||
block:
|
||||
- name: Fail if postgres_connection_string_variable_name points to an undefined variable
|
||||
ansible.builtin.fail: msg="postgres_connection_string_variable_name is defined, but there is no variable with the name `{{ postgres_connection_string_variable_name }}`"
|
||||
when: "postgres_connection_string_variable_name not in vars"
|
||||
@ -33,7 +34,6 @@
|
||||
- name: Get Postgres connection string from variable
|
||||
ansible.builtin.set_fact:
|
||||
postgres_db_connection_string: "{{ lookup('vars', postgres_connection_string_variable_name) }}"
|
||||
when: 'postgres_connection_string_variable_name is defined'
|
||||
|
||||
- name: Fail if playbook called incorrectly
|
||||
ansible.builtin.fail:
|
||||
|
@ -31,7 +31,8 @@
|
||||
msg: "File cannot be found on the server at {{ matrix_postgres_db_migration_request.src }}"
|
||||
when: "not matrix_postgres_db_migration_request_src_stat_result.stat.exists"
|
||||
|
||||
- block:
|
||||
- when: "matrix_postgres_pgloader_container_image_self_build | bool"
|
||||
block:
|
||||
- name: Ensure pgloader repository is present on self-build
|
||||
ansible.builtin.git:
|
||||
repo: "{{ matrix_postgres_pgloader_container_image_self_build_repo }}"
|
||||
@ -69,7 +70,6 @@
|
||||
dockerfile: Dockerfile
|
||||
path: "{{ matrix_postgres_pgloader_container_image_self_build_src_path }}"
|
||||
pull: true
|
||||
when: "matrix_postgres_pgloader_container_image_self_build | bool"
|
||||
|
||||
- name: Ensure pgloader Docker image is pulled
|
||||
docker_image:
|
||||
@ -134,7 +134,8 @@
|
||||
register: matrix_postgres_migrate_db_to_postgres_import_result
|
||||
changed_when: matrix_postgres_migrate_db_to_postgres_import_result.rc == 0
|
||||
|
||||
- block:
|
||||
- when: "matrix_postgres_db_migration_request.additional_psql_statements_list | default([]) | length > 0"
|
||||
block:
|
||||
- ansible.builtin.import_role:
|
||||
name: matrix-postgres
|
||||
tasks_from: detect_existing_postgres_version
|
||||
@ -157,8 +158,6 @@
|
||||
register: matrix_postgres_migrate_db_to_postgres_additional_queries_result
|
||||
changed_when: matrix_postgres_migrate_db_to_postgres_additional_queries_result.rc == 0
|
||||
|
||||
when: "matrix_postgres_db_migration_request.additional_psql_statements_list | default([]) | length > 0"
|
||||
|
||||
- name: Archive {{ matrix_postgres_db_migration_request.engine_old }} database ({{ matrix_postgres_db_migration_request.src }} -> {{ matrix_postgres_db_migration_request.src }}.backup)
|
||||
ansible.builtin.command:
|
||||
cmd: "mv {{ matrix_postgres_db_migration_request.src }} {{ matrix_postgres_db_migration_request.src }}.backup"
|
||||
|
@ -52,14 +52,14 @@
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
when: "result_pg_old_data_dir_stat.stat.exists"
|
||||
|
||||
- block:
|
||||
- when: "result_pg_old_data_dir_stat.stat.exists"
|
||||
block:
|
||||
- name: Relocate Postgres data files from old directory to new
|
||||
ansible.builtin.command:
|
||||
cmd: "mv {{ item.path }} {{ matrix_postgres_data_path }}/{{ item.path | basename }}"
|
||||
with_items: "{{ result_pg_old_data_dir_find.files }}"
|
||||
register: matrix_postgres_migrate_postgres_data_directory_move_result
|
||||
changed_when: matrix_postgres_migrate_postgres_data_directory_move_result.rc == 0
|
||||
when: "result_pg_old_data_dir_stat.stat.exists"
|
||||
|
||||
# Intentionally not starting matrix-postgres here.
|
||||
# It likely needs to be updated to point to the new directory.
|
||||
|
@ -5,7 +5,7 @@
|
||||
|
||||
matrix_prometheus_node_exporter_enabled: false
|
||||
|
||||
matrix_prometheus_node_exporter_version: v1.3.1
|
||||
matrix_prometheus_node_exporter_version: v1.4.0
|
||||
matrix_prometheus_node_exporter_docker_image: "{{ matrix_container_global_registry_prefix }}prom/node-exporter:{{ matrix_prometheus_node_exporter_version }}"
|
||||
matrix_prometheus_node_exporter_docker_image_force_pull: "{{ matrix_prometheus_node_exporter_docker_image.endswith(':latest') }}"
|
||||
|
||||
@ -60,3 +60,8 @@ matrix_prometheus_node_exporter_container_http_host_bind_port: ''
|
||||
# If matrix_prometheus_node_exporter_container_http_host_bind_port is set to an IP that is not 0.0.0.0 and a port, that "<ip>:<port>" value will be used
|
||||
# Otherwise this value will be empty and you will have to manually configure your NGINX config file. (If you are using the config files generated by this playbook, you will have to edit matrix-domain.conf)
|
||||
matrix_prometheus_node_exporter_matrix_nginx_proxy_not_enabled_proxy_pass_host: "{{ '127.0.0.1' + matrix_prometheus_node_exporter_container_http_host_bind_port_number_raw if not ':' in matrix_prometheus_node_exporter_container_http_host_bind_port else (matrix_prometheus_node_exporter_container_http_host_bind_port if matrix_prometheus_node_exporter_container_http_host_bind_port.split(':')[0] != '0.0.0.0' else '') }}"
|
||||
|
||||
# matrix_prometheus_node_exporter_dashboard_urls contains a list of URLs with Grafana dashboard definitions.
|
||||
# If the Grafana role is enabled, these dashboards will be downloaded.
|
||||
matrix_prometheus_node_exporter_dashboard_urls:
|
||||
- https://raw.githubusercontent.com/rfrail3/grafana-dashboards/master/prometheus/node-exporter-full.json
|
||||
|
@ -4,7 +4,8 @@
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-prometheus-node-exporter.service'] }}"
|
||||
when: matrix_prometheus_node_exporter_enabled | bool
|
||||
|
||||
- block:
|
||||
- when: matrix_prometheus_node_exporter_enabled | bool and matrix_prometheus_node_exporter_metrics_proxying_enabled | bool
|
||||
block:
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
@ -38,4 +39,3 @@
|
||||
+
|
||||
[matrix_prometheus_node_exporter_nginx_metrics_configuration_block]
|
||||
}}
|
||||
when: matrix_prometheus_node_exporter_enabled | bool and matrix_prometheus_node_exporter_metrics_proxying_enabled | bool
|
||||
|
@ -58,5 +58,7 @@ matrix_prometheus_postgres_exporter_container_http_host_bind_port: ''
|
||||
# Otherwise this value will be empty and you will have to manually configure your NGINX config file. (If you are using the config files generated by this playbook, you will have to edit matrix-domain.conf)
|
||||
matrix_prometheus_postgres_exporter_matrix_nginx_proxy_not_enabled_proxy_pass_host: "{{ '127.0.0.1' + matrix_prometheus_postgres_exporter_container_http_host_bind_port_number_raw if not ':' in matrix_prometheus_postgres_exporter_container_http_host_bind_port else (matrix_prometheus_postgres_exporter_container_http_host_bind_port if matrix_prometheus_postgres_exporter_container_http_host_bind_port.split(':')[0] != '0.0.0.0' else '') }}"
|
||||
|
||||
# matrix_prometheus_postgres_exporter_dashboard_urls contains a list of URLs with Grafana dashboard definitions.
|
||||
# If the Grafana role is enabled, these dashboards will be downloaded.
|
||||
matrix_prometheus_postgres_exporter_dashboard_urls:
|
||||
- "https://grafana.com/api/dashboards/9628/revisions/7/download"
|
||||
|
@ -4,7 +4,8 @@
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-prometheus-postgres-exporter.service'] }}"
|
||||
when: matrix_prometheus_postgres_exporter_enabled | bool
|
||||
|
||||
- block:
|
||||
- when: matrix_prometheus_node_exporter_enabled | bool and matrix_prometheus_node_exporter_metrics_proxying_enabled | bool
|
||||
block:
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
@ -38,4 +39,3 @@
|
||||
+
|
||||
[matrix_prometheus_postgres_exporter_nginx_metrics_configuration_block]
|
||||
}}
|
||||
when: matrix_prometheus_node_exporter_enabled | bool and matrix_prometheus_node_exporter_metrics_proxying_enabled | bool
|
||||
|
@ -10,7 +10,10 @@
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-registration.service'] }}"
|
||||
when: matrix_registration_enabled | bool
|
||||
|
||||
- block:
|
||||
- when: matrix_registration_enabled | bool
|
||||
tags:
|
||||
- always
|
||||
block:
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
@ -54,9 +57,6 @@
|
||||
+
|
||||
[matrix_registration_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
tags:
|
||||
- always
|
||||
when: matrix_registration_enabled | bool
|
||||
|
||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||
ansible.builtin.debug:
|
||||
|
@ -3,13 +3,15 @@
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_registration_requires_restart: false
|
||||
|
||||
- block:
|
||||
- when: "matrix_registration_database_engine == 'postgres'"
|
||||
block:
|
||||
- name: Check if an SQLite database already exists
|
||||
ansible.builtin.stat:
|
||||
path: "{{ matrix_registration_sqlite_database_path_local }}"
|
||||
register: matrix_registration_sqlite_database_path_local_stat_result
|
||||
|
||||
- block:
|
||||
- when: "matrix_registration_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
block:
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_postgres_db_migration_request:
|
||||
src: "{{ matrix_registration_sqlite_database_path_local }}"
|
||||
@ -30,8 +32,6 @@
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_registration_requires_restart: true
|
||||
when: "matrix_registration_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
when: "matrix_registration_database_engine == 'postgres'"
|
||||
|
||||
- name: Ensure matrix-registration paths exist
|
||||
ansible.builtin.file:
|
||||
|
BIN
roles/matrix-riot-web/files/antifa_coffee_cups.png
Normal file
BIN
roles/matrix-riot-web/files/antifa_coffee_cups.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 188 KiB |
BIN
roles/matrix-riot-web/files/background.jpg
Normal file
BIN
roles/matrix-riot-web/files/background.jpg
Normal file
Binary file not shown.
After Width: | Height: | Size: 2.1 MiB |
@ -10,7 +10,10 @@
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-synapse-admin.service'] }}"
|
||||
when: matrix_synapse_admin_enabled | bool
|
||||
|
||||
- block:
|
||||
- when: matrix_synapse_admin_enabled | bool
|
||||
tags:
|
||||
- always
|
||||
block:
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
@ -45,9 +48,6 @@
|
||||
+
|
||||
[matrix_synapse_admin_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
tags:
|
||||
- always
|
||||
when: matrix_synapse_admin_enabled | bool
|
||||
|
||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||
ansible.builtin.debug:
|
||||
|
@ -9,7 +9,7 @@ matrix_synapse_container_image_self_build_repo: "https://github.com/matrix-org/s
|
||||
|
||||
matrix_synapse_docker_image: "{{ matrix_synapse_docker_image_name_prefix }}matrixdotorg/synapse:{{ matrix_synapse_docker_image_tag }}"
|
||||
matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_container_image_self_build else matrix_container_global_registry_prefix }}"
|
||||
matrix_synapse_version: v1.67.0
|
||||
matrix_synapse_version: v1.68.0
|
||||
matrix_synapse_docker_image_tag: "{{ matrix_synapse_version }}"
|
||||
matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}"
|
||||
|
||||
@ -148,22 +148,22 @@ matrix_synapse_rc_admin_redaction:
|
||||
matrix_synapse_rc_joins:
|
||||
local:
|
||||
per_second: 0.1
|
||||
burst_count: 3
|
||||
burst_count: 10
|
||||
remote:
|
||||
per_second: 0.01
|
||||
burst_count: 3
|
||||
burst_count: 10
|
||||
|
||||
|
||||
matrix_synapse_rc_invites:
|
||||
per_room:
|
||||
per_second: 0.5
|
||||
burst_count: 5
|
||||
per_second: 0.3
|
||||
burst_count: 10
|
||||
per_user:
|
||||
per_second: 0.004
|
||||
burst_count: 3
|
||||
per_issuer:
|
||||
per_second: 0.5
|
||||
per_second: 0.003
|
||||
burst_count: 5
|
||||
per_issuer:
|
||||
per_second: 0.3
|
||||
burst_count: 10
|
||||
|
||||
|
||||
matrix_synapse_rc_federation:
|
||||
@ -365,6 +365,11 @@ matrix_url_preview_accept_language: ['en-US', 'en']
|
||||
matrix_synapse_metrics_enabled: false
|
||||
matrix_synapse_metrics_port: 9100
|
||||
|
||||
# matrix_synapse_grafana_dashboard_urls contains a list of URLs with Grafana dashboard definitions.
|
||||
# If the Grafana role is enabled, these dashboards will be downloaded.
|
||||
matrix_synapse_grafana_dashboard_urls:
|
||||
- https://raw.githubusercontent.com/matrix-org/synapse/master/contrib/grafana/synapse.json
|
||||
|
||||
# Controls whether Synapse metrics should be proxied (exposed) on:
|
||||
# - `matrix.DOMAIN/metrics/synapse/main-process` for the main process
|
||||
# - `matrix.DOMAIN/metrics/synapse/worker/{type}-{id}` for each worker process
|
||||
|
@ -26,7 +26,8 @@
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-goofys.service'] }}"
|
||||
when: matrix_s3_media_store_enabled | bool
|
||||
|
||||
- block:
|
||||
- when: matrix_synapse_enabled | bool and matrix_synapse_metrics_proxying_enabled | bool
|
||||
block:
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
@ -84,4 +85,3 @@
|
||||
[matrix_synapse_worker_nginx_metrics_configuration_block]
|
||||
}}
|
||||
when: matrix_synapse_workers_enabled_list | length > 0
|
||||
when: matrix_synapse_enabled | bool and matrix_synapse_metrics_proxying_enabled | bool
|
||||
|
@ -85,16 +85,17 @@
|
||||
#
|
||||
# Row 3 contains a space when there's no result.
|
||||
|
||||
- block:
|
||||
- when: "matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.failed or matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.stdout_lines | length != 4"
|
||||
block:
|
||||
- ansible.builtin.debug: var="matrix_synapse_rust_synapse_compress_state_find_rooms_command_result"
|
||||
|
||||
- name: Fail if room find result is not what we expect
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
Expecting 4 lines in the "find rooms" result.
|
||||
when: "matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.failed or matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.stdout_lines | length != 4"
|
||||
|
||||
- block:
|
||||
- when: "matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.stdout_lines[2] != ' '"
|
||||
block:
|
||||
# matrix_synapse_rust_synapse_compress_state_eligible_rooms is a list
|
||||
# of dictionaries like this: {'room_id': '!some-id', 'count': 2461329}
|
||||
- ansible.builtin.set_fact:
|
||||
@ -113,7 +114,6 @@
|
||||
with_items: "{{ matrix_synapse_rust_synapse_compress_state_eligible_rooms }}"
|
||||
loop_control:
|
||||
loop_var: room_details
|
||||
when: "matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.stdout_lines[2] != ' '"
|
||||
|
||||
- name: Show notice about lack of rooms to compress
|
||||
ansible.builtin.debug:
|
||||
|
@ -18,7 +18,8 @@
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
when: "not local_path_media_store_stat.failed and not local_path_media_store_stat.stat.exists"
|
||||
|
||||
- block:
|
||||
- when: "matrix_synapse_container_image_self_build | bool"
|
||||
block:
|
||||
- name: Ensure Synapse repository is present on self-build
|
||||
ansible.builtin.git:
|
||||
repo: "{{ matrix_synapse_container_image_self_build_repo }}"
|
||||
@ -48,7 +49,6 @@
|
||||
environment:
|
||||
DOCKER_BUILDKIT: 1
|
||||
when: "matrix_synapse_git_pull_results.changed | bool or matrix_synapse_docker_image_check_result.stdout == ''"
|
||||
when: "matrix_synapse_container_image_self_build | bool"
|
||||
|
||||
- name: Ensure Synapse Docker image is pulled
|
||||
docker_image:
|
||||
|
@ -37,7 +37,8 @@
|
||||
msg: "Unrecognized Synapse worker `app`: `{{ matrix_synapse_worker_details.app }}`. Supported types are: {{ matrix_synapse_workers_avail_list | join(', ') }}"
|
||||
when: "matrix_synapse_worker_details.app not in matrix_synapse_workers_avail_list"
|
||||
|
||||
- block:
|
||||
- when: "matrix_synapse_worker_details.type == 'stream_writer'"
|
||||
block:
|
||||
- name: Fail if stream_writer_stream not defined for stream_writer worker
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
@ -50,7 +51,6 @@
|
||||
ansible.builtin.fail:
|
||||
msg: "Synapse background workers of type stream_writer (such as {{ item }}) need to define a valid `replication_port` property"
|
||||
when: "'replication_port' not in matrix_synapse_worker_details"
|
||||
when: "matrix_synapse_worker_details.type == 'stream_writer'"
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + [matrix_synapse_worker_details.name + '.service'] }}"
|
||||
|
@ -2849,16 +2849,16 @@ send_federation: {{ matrix_synapse_send_federation | to_json }}
|
||||
# started, to ensure that all instances are running with the same config (otherwise
|
||||
# events may be dropped).
|
||||
#
|
||||
#federation_sender_instances:
|
||||
# - federation_sender1
|
||||
{% if matrix_synapse_federation_sender_instances | length > 0 %}
|
||||
federation_sender_instances: {{ matrix_synapse_federation_sender_instances | to_json }}
|
||||
{% endif %}
|
||||
|
||||
{% if matrix_synapse_federation_pusher_instances | length > 0 %}
|
||||
pusher_instances: {{ matrix_synapse_federation_pusher_instances | to_json }}
|
||||
{% endif %}
|
||||
start_pushers: {{ matrix_synapse_start_pushers | to_json }}
|
||||
{% if matrix_synapse_workers_federation_sender_workers_count != 0%}
|
||||
federation_sender_instances:
|
||||
{% for i in range(0, matrix_synapse_workers_federation_sender_workers_count|int)|list %}
|
||||
- federation_sender:{{ i | int }}
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
|
||||
# When using workers this should be a map from `worker_name` to the
|
||||
# HTTP replication listener of the worker, if configured.
|
||||
|
@ -34,7 +34,7 @@ matrix_synapse_workers_generic_worker_client_server_endpoints: "{{ matrix_synaps
|
||||
matrix_synapse_workers_generic_worker_federation_endpoints: "{{ matrix_synapse_workers_generic_worker_endpoints | default([]) | map('regex_search', matrix_synapse_workers_generic_worker_federation_endpoints_regex) | list | difference([none]) }}"
|
||||
|
||||
# matrix_synapse_workers_generic_worker_federation_endpoints_regex contains the regex used in matrix_synapse_workers_generic_worker_federation_endpoints.
|
||||
# It's intentionally put in a separate variable, to avoid tripping ansible-lint's var-spacing rule.
|
||||
# It's intentionally put in a separate variable, to avoid tripping ansible-lint's jinja[spacing] rule.
|
||||
matrix_synapse_workers_generic_worker_federation_endpoints_regex: '.*(/_matrix/federation|/_matrix/key).*'
|
||||
|
||||
# matrix_synapse_workers_stream_writer_typing_stream_worker_client_server_endpoints contains the endpoints serviced by the `typing` stream writer.
|
||||
|
35
setup.yml
35
setup.yml
@ -7,9 +7,10 @@
|
||||
- roles/matrix-synapse/vars/workers.yml
|
||||
|
||||
roles:
|
||||
# - matrix-awx
|
||||
- matrix-base
|
||||
- matrix-dynamic-dns
|
||||
- matrix-mailer
|
||||
# - matrix-dynamic-dns
|
||||
# - matrix-mailer
|
||||
- matrix-postgres
|
||||
- matrix-redis
|
||||
- matrix-corporal
|
||||
@ -72,3 +73,33 @@
|
||||
- matrix-postgres-backup
|
||||
- matrix-backup-borg
|
||||
- matrix-common-after
|
||||
|
||||
tasks:
|
||||
- name: Ensure web-user is present
|
||||
user:
|
||||
name: "{{ web_user }}"
|
||||
state: present
|
||||
system: yes
|
||||
register: web_user_res
|
||||
tags: [ setup-caddy, setup-all, start ]
|
||||
- name: Ensure directory for revproxy config is present
|
||||
file:
|
||||
path: "{{ revproxy_autoload_dir }}/matrix"
|
||||
state: directory
|
||||
owner: "{{ web_user_res.uid }}"
|
||||
group: "{{ web_user_res.group }}"
|
||||
mode: 0750
|
||||
tags: [ setup-caddy, setup-all, start ]
|
||||
- name: Template reverse proxy configuration
|
||||
template:
|
||||
src: Caddyfile.j2
|
||||
dest: "{{ revproxy_autoload_dir }}/matrix/Caddyfile"
|
||||
owner: "{{ web_user_res.uid }}"
|
||||
group: "{{ web_user_res.group }}"
|
||||
mode: 0640
|
||||
tags: [ setup-caddy, setup-all, start ]
|
||||
- name: Restart reverse proxy
|
||||
docker_container:
|
||||
name: web
|
||||
state: started
|
||||
restart: yes
|
||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
x
Reference in New Issue
Block a user