update(synapse): bump version to 1.116.0

feat(synapse): add deployment method virtualenv
docs(synapse_signing_key): clarify package to be pip package
2024-10-01 21:43:11 +02:00 · 2024-09-28 22:13:33 +02:00 · 2024-09-28 21:54:51 +02:00
8 changed files with 39 additions and 16 deletions
--- a/plugins/modules/synapse_signing_key.md
+++ b/plugins/modules/synapse_signing_key.md
@ -8,7 +8,7 @@ Module to generate and manage synapse signing keys.
 ## Requirements

 - `python >= 3.9`
- `signed_json >= 1.1.4`
+- (pip) `signed_json >= 1.1.4`


 ## Usage examples
--- a/roles/synapse/defaults/main/homeserver.turn.yml
+++ b/roles/synapse/defaults/main/homeserver.turn.yml
@ -2,6 +2,7 @@
 # TURN / RTC configuration
 synapse_config_turn_uris: []
 synapse_config_turn_shared_secret: ~
+synapse_config_turn_shared_secret_path: ~
 synapse_config_turn_username: ~
 synapse_config_turn_password: ~
 synapse_config_turn_user_lifetime: "2h"
@ -16,6 +17,8 @@ synapse_turn_config: >-2
    synapse_turn_config_base
    | combine(({ turn_shared_secret: synapse_config_turn_shared_secret })
      if synapse_config_turn_shared_secret | default(false, true) else {})
+    | combine(({ turn_shared_secret_path: synapse_config_turn_shared_secret_path })
+      if synapse_config_turn_shared_secret_path | default(false, true) else {})
    | combine(({ turn_username: synapse_config_turn_username })
      if synapse_config_username | default(false, true) else {})
    | combine(({ turn_password: synapse_config_turn_password })
--- a/roles/synapse/defaults/main/main.yml
+++ b/roles/synapse/defaults/main/main.yml
@ -1,7 +1,7 @@
 ---
 synapse_user: synapse
 synapse_group: synapse
-synapse_version: "1.115.0"
+synapse_version: "1.116.0"
 synapse_state: "present"
 synapse_deployment_method: "docker"

--- a/roles/synapse/defaults/main/systemd.yml
+++ b/roles/synapse/defaults/main/systemd.yml
@ -1,12 +1,12 @@
 ---
-synapse_systemd_service_name: "synapse.service"
+synapse_systemd_name: "synapse.service"
 synapse_systemd_service_directory: /etc/systemd/system
 synapse_systemd_service_file: >-2
-  {{ synapse_systemd_service_directory }}/{{ synapse_systemd_service_name }}
+  {{ synapse_systemd_service_directory }}/{{ synapse_systemd_name }}

-synapse_systemd_service_state: >-2
+synapse_systemd_state: >-2
  {{ (synapse_state == 'present') | ternary('started', 'stopped') }}
-synapse_systemd_service_enabled: >-2
+synapse_systemd_enabled: >-2
  {{ (synapse_state == 'present') | bool }}

 synapse_systemd_unit_description: "Synapse matrix homeserver"
--- a/roles/synapse/handlers/main.yml
+++ b/roles/synapse/handlers/main.yml
@ -23,7 +23,7 @@
  when:
    - synapse_deployment_method == 'virtualenv'
    - ansible_facts['service_mgr'] == systemd
-    - synapse_state == 'started'
+    - synapse_systemd_state == 'started'

 - name: Ensure systemd units are reloaded
  listen: systemd-daemon-reload
--- a/roles/synapse/tasks/configure.yml
+++ b/roles/synapse/tasks/configure.yml
@ -71,3 +71,4 @@
        mode: "0640"
  notify:
    - synapse-restart
+  when: synapse_state != 'absent'
--- a/roles/synapse/tasks/deploy-virtualenv.yml
+++ b/roles/synapse/tasks/deploy-virtualenv.yml
@ -27,6 +27,13 @@
    virtualenv: "{{ synapse_venv_path }}"
  notify:
    - synapse-restart
+  when: synapse_state != 'absent'
+
+- name: Ensure synapse virtualenv is {{ synapse_state }}
+  ansible.builtin.file:
+    path: "{{ synapse_venv_path }}"
+    state: "{{ synapse_state }}"
+  when: synapse_state == 'absent'

 - name: Ensure systemd unit is {{ synapse_state }}
  ansible.builtin.template:
@ -34,15 +41,27 @@
    dest: "{{ synapse_systemd_service_file }}"
  notify:
    - systemd-daemon-reload
+  when: synapse_state != 'absent'

- meta: flush_handlers
+- name: Ensure systemd unit is {{ synapse_state }}
+  ansible.builtin.file:
+    path: "{{ synapse_systemd_service_file }}"
+    state: "{{ synapse_state }}"
+  when: synapse_state == 'absent'
+  notify:
+    - systemd-daemon-reload

- name: Ensure systemd service is {{ synapse_state }}
+- name: Ensure handlers are flushed for systemd daemon reload and synapse service state propagation
+  meta: flush_handlers
+
+- name: Ensure systemd service is {{ synapse_systemd_state }}
  ansible.builtin.systemd_service:
-    name: "{{ synapse_systemd_service_name }}"
-    state: "{{ synapse_systemd_service_state }}"
+    name: "{{ synapse_systemd_name }}"
+    state: "{{ synapse_systemd_state }}"
+  when: synapse_state != 'absent'

- name: Ensure systemd service is {{ synapse_systemd_service_enabled | ternary('enabled', 'disabled') }}
+- name: Ensure systemd service is {{ synapse_systemd_enabled | ternary('enabled', 'disabled') }}
  ansible.builtin.systemd_service:
-    name: "{{ synapse_systemd_service_name }}"
-    enabled: "{{ synapse_systemd_service_enabled }}"
+    name: "{{ synapse_systemd_name }}"
+    enabled: "{{ synapse_systemd_enabled }}"
+  when: synapse_state != 'absent'
--- a/roles/synapse/templates/synapse.service.j2
+++ b/roles/synapse/templates/synapse.service.j2
@ -1,5 +1,5 @@
 [Unit]
-Description="{{ synapse_systemd_unit_description }}"
+Description={{ synapse_systemd_unit_description }}

 {% if synapse_systemd_unit_after | default([]) | length > 0 %}
 After={{ synapse_systemd_unit_after | join(' ') }}
@ -38,7 +38,7 @@ RestrictAddressFamilies={{ synapse_systemd_service_restrict_address_families | j

 RemoveIPC={{ synapse_systemd_service_remove_ipc }}
 LockPersonality={{ synapse_systemd_service_lock_personality }}
-NoNewPersonalities={{ synapse_systemd_service_no_new_privileges }}
+NoNewPrivileges={{ synapse_systemd_service_no_new_privileges }}

 [Install]
 WantedBy={{ synapse_systemd_install_wanted_by }}
Author	SHA1	Message	Date
transcaffeine	6350b77ba9	update(synapse): bump version to 1.116.0	2024-10-01 21:43:11 +02:00
transcaffeine	7d7693a2c7	feat(synapse): add deployment method virtualenv	2024-09-28 22:13:33 +02:00
transcaffeine	03501ac444	docs(synapse_signing_key): clarify package to be pip package	2024-09-28 21:54:51 +02:00