Slavi Pantaleev a9fae8e3b1 Revert "Use native OpenSSL module to generate passkey.pem"
This reverts commit 0dac5ea508a0ab0f65eb95c8db64e9ecb6332ed5.

Relying on pyOpenSSL is the Ansible way of doing things, but is
impractical and annoying for users.

`openssl` is easily available on most servers, even by default.
We'd better use that.
2019-01-31 20:45:14 +02:00

74 lines
2.9 KiB
YAML

---
- name: Ensure Appservice IRC image is pulled
docker_image:
name: "{{ matrix_appservice_irc_docker_image }}"
when: "matrix_appservice_irc_enabled"
- name: Ensure Appservice IRC configuration path exists
file:
path: "{{ matrix_appservice_irc_base_path }}"
state: directory
mode: 0750
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_username }}"
when: "matrix_appservice_irc_enabled"
- name: Ensure Matrix Appservice IRC config installed
copy:
content: "{{ matrix_appservice_irc_configuration|to_nice_yaml }}"
dest: "{{ matrix_appservice_irc_base_path }}/config.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_username }}"
when: "matrix_appservice_irc_enabled"
- stat:
path: "{{ matrix_appservice_irc_base_path }}/passkey.pem"
register: irc_passkey_file
- name: Generate matrix-appservice-irc passkey if it doesn't exist
shell: /usr/bin/openssl genpkey -out {{ matrix_appservice_irc_base_path }}/passkey.pem -outform PEM -algorithm RSA -pkeyopt rsa_keygen_bits:2048
when: "matrix_appservice_irc_enabled and irc_passkey_file.stat.exists == False"
- name: Ensure matrix-appservice-irc.service installed
template:
src: "{{ role_path }}/templates/ext/appservice-irc/systemd/matrix-appservice-irc.service.j2"
dest: "/etc/systemd/system/matrix-appservice-irc.service"
mode: 0644
when: "matrix_appservice_irc_enabled"
- stat:
path: "{{ matrix_appservice_irc_base_path }}/registration.yaml"
register: appservice_irc_registration_file
- name: Generate matrix-appservice-irc registration.yaml if it doesn't exist
shell: /usr/bin/docker run --rm --name matrix-appservice-irc-gen -v {{ matrix_appservice_irc_base_path }}:/data:z {{ matrix_appservice_irc_docker_image }} node app.js -r -f /data/registration.yaml -u "http://matrix-appservice-irc:9999" -c /data/config.yaml -l irc_bot
when: "matrix_appservice_irc_enabled and appservice_irc_registration_file.stat.exists == False"
- set_fact:
matrix_synapse_app_service_config_file_appservice_irc: '/app-registration/appservice-irc.yml'
- set_fact:
matrix_synapse_container_additional_volumes: >
{{ matrix_synapse_container_additional_volumes }}
+
{{ [{'src': '{{ matrix_appservice_irc_base_path }}/registration.yaml', 'dst': '{{ matrix_synapse_app_service_config_file_appservice_irc }}', 'options': 'ro'}] }}
when: "matrix_appservice_irc_enabled"
- set_fact:
matrix_synapse_app_service_config_files: >
{{ matrix_synapse_app_service_config_files }}
+
{{ ["{{ matrix_synapse_app_service_config_file_appservice_irc }}"] | to_nice_json }}
when: "matrix_appservice_irc_enabled"
#
# Tasks related to getting rid of matrix-appservice-irc (if it was previously enabled)
#
- name: Ensure matrix-appservice-irc.service doesn't exist
file:
path: "/etc/systemd/system/matrix-appservice-irc.service"
state: absent
when: "not matrix_appservice_irc_enabled"