7d3adc4512
We do use some `:latest` images by default for the following services: - matrix-dimension - Goofys (in the matrix-synapse role) - matrix-bridge-appservice-irc - matrix-bridge-appservice-discord - matrix-bridge-mautrix-facebook - matrix-bridge-mautrix-whatsapp It's terribly unfortunate that those software projects don't release anything other than `:latest`, but that's how it is for now. Updating that software requires that users manually do `docker pull` on the server. The playbook didn't force-repull images that it already had. With this patch, it starts doing so. Any image tagged `:latest` will be force re-pulled by the playbook every time it's executed. It should be noted that even though we ask the `docker_image` module to force-pull, it only reports "changed" when it actually pulls something new. This is nice, because it lets people know exactly when something gets updated, as opposed to giving the indication that it's always updating the images (even though it isn't).
136 lines
5.3 KiB
YAML
136 lines
5.3 KiB
YAML
---
|
|
|
|
#
|
|
# Generic tasks, no matter what kind of server we're using (internal/external)
|
|
#
|
|
|
|
- import_tasks: "{{ role_path }}/tasks/migrate_postgres_data_directory.yml"
|
|
when: matrix_postgres_enabled|bool
|
|
|
|
- import_tasks: "{{ role_path }}/tasks/util/detect_existing_postgres_version.yml"
|
|
when: matrix_postgres_enabled|bool
|
|
|
|
# If we have found an existing version (installed from before), we use its corresponding Docker image.
|
|
# If not, we install using the latest Postgres.
|
|
#
|
|
# Upgrading is supposed to be performed separately and explicitly (see `upgrade_postgres.yml`).
|
|
- set_fact:
|
|
matrix_postgres_docker_image_to_use: "{{ matrix_postgres_docker_image_latest if matrix_postgres_detected_version_corresponding_docker_image == '' else matrix_postgres_detected_version_corresponding_docker_image }}"
|
|
when: matrix_postgres_enabled|bool
|
|
|
|
- name: Warn if on an old version of Postgres
|
|
debug:
|
|
msg: "NOTE: Your setup is on an old Postgres version ({{ matrix_postgres_docker_image_to_use }}), while {{ matrix_postgres_docker_image_latest }} is supported. You can upgrade using --tags=upgrade-postgres"
|
|
when: "matrix_postgres_enabled|bool and matrix_postgres_docker_image_to_use != matrix_postgres_docker_image_latest"
|
|
|
|
# Even if we don't run the internal server, we still need this for running the CLI
|
|
- name: Ensure postgres Docker image is pulled
|
|
docker_image:
|
|
name: "{{ matrix_postgres_docker_image_to_use }}"
|
|
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
|
force_source: "{{ matrix_postgres_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
|
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_postgres_docker_image_force_pull }}"
|
|
when: matrix_postgres_enabled|bool
|
|
|
|
# We always create these directories, even if an external Postgres is used,
|
|
# because we store environment variable files there.
|
|
- name: Ensure Postgres paths exist
|
|
file:
|
|
path: "{{ item }}"
|
|
state: directory
|
|
mode: 0700
|
|
owner: "{{ matrix_user_username }}"
|
|
group: "{{ matrix_user_username }}"
|
|
with_items:
|
|
- "{{ matrix_postgres_base_path }}"
|
|
- "{{ matrix_postgres_data_path }}"
|
|
when: matrix_postgres_enabled|bool
|
|
|
|
- name: Ensure Postgres environment variables file created
|
|
template:
|
|
src: "{{ role_path }}/templates/{{ item }}.j2"
|
|
dest: "{{ matrix_postgres_base_path }}/{{ item }}"
|
|
mode: 0640
|
|
with_items:
|
|
- "env-postgres-psql"
|
|
- "env-postgres-server"
|
|
when: matrix_postgres_enabled|bool
|
|
|
|
- name: Ensure matrix-postgres-cli script created
|
|
template:
|
|
src: "{{ role_path }}/templates/usr-local-bin/matrix-postgres-cli.j2"
|
|
dest: "/usr/local/bin/matrix-postgres-cli"
|
|
mode: 0750
|
|
when: matrix_postgres_enabled|bool
|
|
|
|
- name: Ensure matrix-make-user-admin script created
|
|
template:
|
|
src: "{{ role_path }}/templates/usr-local-bin/matrix-make-user-admin.j2"
|
|
dest: "/usr/local/bin/matrix-make-user-admin"
|
|
mode: 0750
|
|
when: matrix_postgres_enabled|bool
|
|
|
|
#
|
|
# Tasks related to setting up an internal postgres server
|
|
#
|
|
|
|
- name: Ensure matrix-postgres.service installed
|
|
template:
|
|
src: "{{ role_path }}/templates/systemd/matrix-postgres.service.j2"
|
|
dest: "/etc/systemd/system/matrix-postgres.service"
|
|
mode: 0644
|
|
register: matrix_postgres_systemd_service_result
|
|
when: matrix_postgres_enabled|bool
|
|
|
|
- name: Ensure systemd reloaded after matrix-postgres.service installation
|
|
service:
|
|
daemon_reload: yes
|
|
when: "matrix_postgres_enabled|bool and matrix_postgres_systemd_service_result.changed"
|
|
|
|
#
|
|
# Tasks related to getting rid of the internal postgres server (if it was previously enabled)
|
|
#
|
|
|
|
- name: Check existence of matrix-postgres service
|
|
stat:
|
|
path: "/etc/systemd/system/matrix-postgres.service"
|
|
register: matrix_postgres_service_stat
|
|
when: "not matrix_postgres_enabled|bool"
|
|
|
|
- name: Ensure matrix-postgres is stopped
|
|
service:
|
|
name: matrix-postgres
|
|
state: stopped
|
|
daemon_reload: yes
|
|
when: "not matrix_postgres_enabled|bool and matrix_postgres_service_stat.stat.exists"
|
|
|
|
- name: Ensure matrix-postgres.service doesn't exist
|
|
file:
|
|
path: "/etc/systemd/system/matrix-postgres.service"
|
|
state: absent
|
|
when: "not matrix_postgres_enabled|bool and matrix_postgres_service_stat.stat.exists"
|
|
|
|
- name: Ensure systemd reloaded after matrix-postgres.service removal
|
|
service:
|
|
daemon_reload: yes
|
|
when: "not matrix_postgres_enabled|bool and matrix_postgres_service_stat.stat.exists"
|
|
|
|
- name: Check existence of matrix-postgres local data path
|
|
stat:
|
|
path: "{{ matrix_postgres_data_path }}"
|
|
register: matrix_postgres_data_path_stat
|
|
when: "not matrix_postgres_enabled|bool"
|
|
|
|
# We just want to notify the user. Deleting data is too destructive.
|
|
- name: Notify if matrix-postgres local data remains
|
|
debug:
|
|
msg: "Note: You are not using a local PostgreSQL database, but some old data remains from before in `{{ matrix_postgres_data_path }}`. Feel free to delete it."
|
|
when: "not matrix_postgres_enabled|bool and matrix_postgres_data_path_stat.stat.exists"
|
|
|
|
- name: Ensure matrix-postgres-update-user-password-hash script created
|
|
template:
|
|
src: "{{ role_path }}/templates/usr-local-bin/matrix-postgres-update-user-password-hash.j2"
|
|
dest: "/usr/local/bin/matrix-postgres-update-user-password-hash"
|
|
mode: 0750
|
|
when: matrix_postgres_enabled|bool
|