5eed874199
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/716 This patch makes us use more fully-qualified container image names (either prefixed with docker.io/ or with localhost/). The latter happens when self-building is enabled. We've recently had issues where if an image was removed manually and the service was restarted (making `docker run` fetch it from Docker Hub, etc.), we'd end up with a pulled image, even though we're aiming for a self-built one. Re-running the playbook would then not do a rebuild, because: - the image with that name already exists (even though it's something else) - we sometimes had conditional logic where we'd build only if the git repo changed By explicitly changing the name of the images (prefixing with localhost/), we avoid such confusion and the possibility that we'd automatically pul something which is not what we expect. Also, I've removed that condition where building would happen on git changes only. We now always build (unless an image with that name already exists). We just force-build when the git repo changes.
109 lines
4.2 KiB
YAML
109 lines
4.2 KiB
YAML
---
|
|
|
|
# This will throw a Permission Denied error if already mounted using fuse
|
|
- name: Check Synapse media store path
|
|
stat:
|
|
path: "{{ matrix_synapse_media_store_path }}"
|
|
register: local_path_media_store_stat
|
|
ignore_errors: yes
|
|
|
|
# This is separate and conditional, to ensure we don't execute it
|
|
# if the path already exists or we failed to check, because it's mounted using fuse.
|
|
- name: Ensure Synapse media store path exists
|
|
file:
|
|
path: "{{ matrix_synapse_media_store_path }}"
|
|
state: directory
|
|
mode: 0750
|
|
owner: "{{ matrix_user_username }}"
|
|
group: "{{ matrix_user_groupname }}"
|
|
when: "not local_path_media_store_stat.failed and not local_path_media_store_stat.stat.exists"
|
|
|
|
- name: Ensure Synapse repository is present on self-build
|
|
git:
|
|
repo: https://github.com/matrix-org/synapse.git
|
|
dest: "{{ matrix_synapse_docker_src_files_path }}"
|
|
version: "{{ matrix_synapse_docker_image.split(':')[1] }}"
|
|
force: "yes"
|
|
register: matrix_synapse_git_pull_results
|
|
when: "matrix_synapse_container_image_self_build|bool"
|
|
|
|
- name: Ensure Synapse Docker image is built
|
|
docker_image:
|
|
name: "{{ matrix_synapse_docker_image }}"
|
|
source: build
|
|
force_source: "{{ matrix_synapse_git_pull_results.changed }}"
|
|
build:
|
|
dockerfile: docker/Dockerfile
|
|
path: "{{ matrix_synapse_docker_src_files_path }}"
|
|
pull: yes
|
|
when: "matrix_synapse_container_image_self_build|bool"
|
|
|
|
- name: Ensure Synapse Docker image is pulled
|
|
docker_image:
|
|
name: "{{ matrix_synapse_docker_image }}"
|
|
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
|
force_source: "{{ matrix_synapse_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
|
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_synapse_docker_image_force_pull }}"
|
|
when: "not matrix_synapse_container_image_self_build"
|
|
|
|
- name: Check if a Synapse signing key exists
|
|
stat:
|
|
path: "{{ matrix_synapse_config_dir_path }}/{{ matrix_server_fqn_matrix }}.signing.key"
|
|
register: matrix_synapse_signing_key_stat
|
|
|
|
# We do this so that the signing key would get generated.
|
|
#
|
|
# This will also generate a default homeserver.yaml configuration file and a log configuration file.
|
|
# We don't care about those configuraiton files, as we replace them with our own anyway (see below).
|
|
#
|
|
# We don't use the `docker_container` module, because using it with `cap_drop` requires
|
|
# a very recent version, which is not available for a lot of people yet.
|
|
- name: Generate initial Synapse config and signing key
|
|
command: |
|
|
docker run
|
|
--rm
|
|
--name=matrix-config
|
|
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
|
|
--cap-drop=ALL
|
|
-v {{ matrix_synapse_config_dir_path }}:/data
|
|
-e UID={{ matrix_user_uid }}
|
|
-e GID={{ matrix_user_gid }}
|
|
-e SYNAPSE_CONFIG_PATH=/data/homeserver.yaml
|
|
-e SYNAPSE_SERVER_NAME={{ matrix_server_fqn_matrix }}
|
|
-e SYNAPSE_REPORT_STATS=no
|
|
{{ matrix_synapse_docker_image }}
|
|
generate
|
|
when: "not matrix_synapse_signing_key_stat.stat.exists"
|
|
|
|
- name: Ensure Synapse homeserver config installed
|
|
copy:
|
|
content: "{{ matrix_synapse_configuration|to_nice_yaml }}"
|
|
dest: "{{ matrix_synapse_config_dir_path }}/homeserver.yaml"
|
|
mode: 0644
|
|
owner: "{{ matrix_user_username }}"
|
|
group: "{{ matrix_user_groupname }}"
|
|
|
|
- name: Ensure Synapse log config installed
|
|
template:
|
|
src: "{{ matrix_synapse_template_synapse_log }}"
|
|
dest: "{{ matrix_synapse_config_dir_path }}/{{ matrix_server_fqn_matrix }}.log.config"
|
|
mode: 0644
|
|
|
|
- name: Ensure matrix-synapse.service installed
|
|
template:
|
|
src: "{{ role_path }}/templates/synapse/systemd/matrix-synapse.service.j2"
|
|
dest: "{{ matrix_systemd_path }}/matrix-synapse.service"
|
|
mode: 0644
|
|
register: matrix_synapse_systemd_service_result
|
|
|
|
- name: Ensure systemd reloaded after matrix-synapse.service installation
|
|
service:
|
|
daemon_reload: yes
|
|
when: "matrix_synapse_systemd_service_result.changed"
|
|
|
|
- name: Ensure matrix-synapse-register-user script created
|
|
template:
|
|
src: "{{ role_path }}/templates/synapse/usr-local-bin/matrix-synapse-register-user.j2"
|
|
dest: "{{ matrix_local_bin_path }}/matrix-synapse-register-user"
|
|
mode: 0750
|