finallycoffee/matrix
5
0
Fork 0
Code Issues 5 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

feat(synapse): add ansible role

Browse Source
This commit is contained in:
transcaffeine
2024-09-20 14:15:55 +02:00
parent 2517fe72db
commit 50ae4f63cc
29 changed files with 1109 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
roles/synapse/tasks/check.yml Normal file
View File

@ -0,0 +1,32 @@
---
- name: Ensure synapse_state is valid
ansible.builtin.fail:
msg: "State '{{ synapse_state }}' is not known, supported states are {{ synapse_states | join(', ') }}"
when: synapse_state not in synapse_states
- name: Ensure synapse deployment method is supported
ansible.builtin.fail:
msg: >-
Deployment method '{{ synapse_deployment_method }}'
is unknown! Supported methods are:
{{ synapse_deployment_methods | join(', ') }}
when: synapse_deployment_method not in synapse_deployment_methods
- name: Ensure required variables are given
ansible.builtin.fail:
msg: "Required variable '{{ item }}' is undefined!"
loop: "{{ synapse_required_variables }}"
when: >-2
item not in hostvars[ansible_host]
or hostvars[ansible_host][item] | length == 0
- name: Ensure conditionally required variables are given
ansible.builtin.fail:
msg: "Required variable '{{ item.name }}' is undefined!"
loop: "{{ synapse_conditionally_required_variables }}"
loop_control:
label: "{{ item.name }}"
when: >-2
item.when
and (item.name not in hostvars[ansible_host]
or hostvars[ansible_host][item.name] | length == 0)

66
roles/synapse/tasks/configure.yml Normal file
View File

@ -0,0 +1,66 @@
---
- name: Ensure synapse user '{{ synapse_user }}' is {{ synapse_state }}
ansible.builtin.user:
name: "{{ synapse_user }}"
state: "{{ synapse_state }}"
system: "{{ synapse_user_system | default(true, true) }}"
create_home: "{{ synapse_user_create_home | default(false, true) }}"
groups: "{{ synapse_user_groups | default(omit, true) }}"
append: "{{ (synapse_user_groups is defined) | ternary(true, omit) }}"
register: synapse_user_info
- name: Ensure directories for synapse are {{ synapse_state }}
ansible.builtin.file:
path: "{{ item.path }}"
state: "{{ (synapse_state == 'present') | ternary('directory', 'absent') }}"
mode: "{{ item.mode | default('0750') }}"
owner: "{{ item.owner | default(synapse_user_info.uid | default(synapse_user)) }}"
group: "{{ item.group | default(synapse_user_info.group | default(synapse_user)) }}"
loop:
- path: "{{ synapse_base_path }}"
mode: "0755"
- path: "{{ synapse_config_path }}"
mode: "0755"
- path: "{{ synapse_data_path }}"
mode: "0755"
- path: "{{ synapse_media_store_path }}"
mode: "0755"
- path: "{{ synapse_log_path }}"
mode: "0755"
loop_control:
label: "{{ item.path }}"
- name: Ensure synapse signing key is generated
finallycoffee.matrix.synapse_signing_key:
path: "{{ synapse_signing_key_file }}"
state: "{{ synapse_state }}"
when: synapse_role_generate_signing_key
notify:
- synapse-restart
- name: Ensure configuration files are templated
ansible.builtin.copy:
dest: "{{ config_file.path }}"
content: "{{ config_file.content }}"
mode: "{{ config_file.mode | default('0640') }}"
owner: "{{ config_file.owner | default(synapse_user_info.uid | default(synapse_user)) }}"
group: "{{ config_file.group | default(synapse_user_info.group | default(synapse_user)) }}"
loop: >-
{{ synapse_configs_to_write
+ (synapse_keys_to_write if not synapse_role_generate_signing_key else [])
+ synapse_configs | default([]) }}
loop_control:
loop_var: config_file
label: "{{ config_file.path }}"
vars:
synapse_configs_to_write:
- content: "{{ synapse_homeserver_config | to_nice_yaml(width=1000) }}"
path: "{{ synapse_homeserver_config_file }}"
- content: "{{ synapse_log_config | to_nice_yaml(width=1000) }}"
path: "{{ synapse_logging_config_file }}"
synapse_keys_to_write:
- content: "{{ synapse_signing_key }}"
path: "{{ synapse_signing_key_file }}"
mode: "0640"
notify:
- synapse-restart

32
roles/synapse/tasks/deploy-docker.yml Normal file
View File

@ -0,0 +1,32 @@
---
- name: Ensure container image '{{ synapse_container_image }}' is {{ synapse_state }} on host
community.docker.docker_image:
name: "{{ synapse_container_image }}"
state: "{{ synapse_state }}"
source: "{{ synapse_container_image_source }}"
force_source: "{{ synapse_container_image_tag | default(false, true) | bool }}"
register: synapse_container_image_info
until: synapse_container_image_info is success
retries: 4
delay: 2
- name: Ensure synapse container '{{ synapse_container_name }}' is {{ (synapse_state == 'present') | ternary('started', 'absent') }}
community.docker.docker_container:
name: "{{ synapse_container_name }}"
image: "{{ synapse_container_image }}"
env: "{{ synapse_container_env | default(omit, true) }}"
user: "{{ synapse_container_user | default(omit, true) }}"
groups: "{{ synapse_container_groups | default(omit, true) }}"
ports: "{{ synapse_container_ports | default(omit, true) }}"
labels: "{{ synapse_container_labels | default(omit, true) }}"
ulimits: "{{ synapse_container_ulimits | default(omit, true) }}"
volumes: "{{ synapse_container_all_volumes }}"
networks: "{{ synapse_container_networks | default(omit, true) }}"
purge_networks: "{{ synapse_container_purge_networks | default(omit, true) }}"
dns_servers: "{{ synapse_container_dns_servers | default(omit, true) }}"
etc_hosts: "{{ synapse_container_etc_hosts | default(omit, true) }}"
memory: "{{ synapse_container_memory | default(omit, true) }}"
memory_reservation: "{{ synapse_container_memory_reservation | default(omit, true) }}"
memory_swap: "{{ synapse_container_memory_swap | default(omit, true) }}"
restart_policy: "{{ synapse_container_restart_policy }}"
state: "{{ synapse_container_state }}"

13
roles/synapse/tasks/main.yml Normal file
View File

@ -0,0 +1,13 @@
---
- name: Ensure checks are passing
ansible.builtin.include_tasks:
file: "check.yml"
- name: Ensure base configuration is created
ansible.builtin.include_tasks:
file: "configure.yml"
- name: Deploy using {{ synapse_deployment_method }}
ansible.builtin.include_tasks:
file: "deploy-{{ synapse_deployment_method }}.yml"