feat(conduwuit): add ansible role

README.md

@@ -10,8 +10,8 @@ Roles for deploying matrix infrastructure using ansible.
 
 ## Roles
 
-- [`alertmanager_receiver`](roles/alertmanager_receiver/README.md): a matrix-based receiver for alertmanager
 - [`cinny`](roles/cinny/README.md): [Cinny](https://cinny.in/) Web Client
+- [`conduwuit`](roles/conduwuit/README.md): [conduwuit](https://conduwuit.puppyirl.gay/), a uwu fork of conduit
 - [`element`](roles/element/README.md): [Element](https://element.io/) Web Client
 - [`hydrogen`](roles/hydrogen/README.md): [Hydrogen](https://matrix.org/ecosystem/clients/hydrogen/) lightweight web client
 - [`synapse`](roles/synapse/README.md): [Synapse](https://github.com/element-hq/synapse/),

galaxy.yml

@@ -1,13 +1,12 @@
 namespace: finallycoffee
 name: matrix
-version: "0.1.9"
+version: "0.1.7"
 readme: README.md
 authors:
 - transcaffeine <transcaffeine@finally.coffee>
 description: Various matrix-related ansible roles
 dependencies:
-  "community.docker": "^4.4.0"
+  "community.docker": "^3.4.0"
-  "community.general": "^10.0.0"
 license_file: LICENSE.md
 build_ignore:
 - '*.tar.gz'
@@ -20,4 +19,4 @@ tags:
   - element
   - hydrogen
   - cinny
-  - matrix_alertmanager_receiver
+  - conduwuit

playbooks/alertmanager_receiver.yml

@@ -1,7 +0,0 @@
----
-- name: Deploy matrix-alertmanager-receiver
-  hosts: "{{ matrix_alertmanager_receiver_hosts | default('matrix_alertmanager_receiver') }}"
-  become: "{{ matrix_alertmanager_receiver_become | default(false) }}"
-  gather_facts: "{{ matrix_alertmanager_receiver_gather_facts | default(false) }}"
-  roles:
-    - role: finallycoffee.matrix.alertmanager_receiver

roles/alertmanager_receiver/README.md

@@ -1,17 +0,0 @@
-# `finallycoffee.matrix.alertmanager_receiver` ansible role
-
-This ansible role deploys and configures
-[`matrix-alertmanager-receiver`](https://github.com/metio/matrix-alertmanager-receiver),
-a fork of [https://git.sr.ht/~fnux/matrix-alertmanager-receiver] with more features.
-For futher information, see [the project's `README`](https://github.com/metio/matrix-alertmanager-receiver?tab=readme-ov-file#matrix-alertmanager-receiver-).
-
-## Configuration
-
-### Required configuration
-
-The following variables *must* be populated or else the role will be unable to
-set up the service successfully:
-
-- `alertmanager_receiver_config_matrix_homeserver_url` - matrix homeserver URL
-- `alertmanager_receiver_config_matrix_user_id` - full userid (`@user:instance.tld`)
-- `alertmanager_receiver_config_matrix_access_token` - access token for that user

roles/alertmanager_receiver/defaults/main/config.yml

@@ -1,52 +0,0 @@
----
-alertmanager_receiver_config_log_level: "info"
-alertmanager_receiver_config_http_address: 127.0.0.1
-alertmanager_receiver_config_http_port: 12345
-alertmanager_receiver_config_http_alerts_path_prefix: "/alerts"
-alertmanager_receiver_config_http_metrics_path: "/metrics"
-alertmanager_receiver_config_http_metric_enabled: true
-alertmanager_receiver_config_http_basic_username: "alertmanager"
-alertmanager_receiver_config_http_basic_password: ~
-alertmanager_receiver_config_http:
-  address: "{{ alertmanager_receiver_config_http_address }}"
-  port: "{{ alertmanager_receiver_config_http_port }}"
-  "alerts-path-prefix": "{{ alertmanager_receiver_config_http_alerts_path_prefix }}"
-  "metrics-path": "{{ alertmanager_receiver_config_http_metrics_path }}"
-  "metrics-enabled": "{{ alertmanager_receiver_config_http_metric_enabled }}"
-  "basic-username": "{{ alertmanager_receiver_config_http_basic_username }}"
-  "basic-password": "{{ alertmanager_receiver_config_http_basic_password }}"
-alertmanager_receiver_config_matrix_homeserver_url: ~
-alertmanager_receiver_config_matrix_user_id: ~
-alertmanager_receiver_config_matrix_access_token: ~
-alertmanager_receiver_config_matrix_proxy: ""
-alertmanager_receiver_config_matrix_room_mapping: {}
-alertmanager_receiver_config_matrix:
-  "homeserver-url": "{{ alertmanager_receiver_config_matrix_homeserver_url }}"
-  "user-id": "{{ alertmanager_receiver_config_matrix_user_id }}"
-  "access-token": "{{ alertmanager_receiver_config_matrix_access_token }}"
-  proxy: "{{ alertmanager_receiver_config_matrix_proxy }}"
-  "room-mapping": "{{ alertmanager_receiver_config_matrix_room_mapping }}"
-alertmanager_receiver_config_templating_external_url_mapping: {}
-alertmanager_receiver_config_templating_generator_url_mapping: {}
-alertmanager_receiver_config_templating_computed_values: >-2
-  {{ alertmanager_receiver_config_templating_computed_values_default }}
-alertmanager_receiver_config_templating_firing_template: >-2
-  {{ alertmanager_receiver_config_templating_firing_template_default }}
-alertmanager_receiver_config_templating_resolved_template: >-2
-  {{ alertmanager_receiver_config_templating_resolved_template_default }}
-alertmanager_receiver_config_templating:
-  "external-url-mapping": >-2
-    {{ alertmanager_receiver_config_templating_external_url_mapping }}
-  "generator-url-mapping": >-2
-    {{ alertmanager_receiver_config_templating_generator_url_mapping }}
-  "computed-values": "{{ alertmanager_receiver_config_templating_computed_values }}"
-  "firing-template": "{{ alertmanager_receiver_config_templating_firing_template }}"
-  "resolved-template": "{{ alertmanager_receiver_config_templating_resolved_template }}"
-alertmanager_receiver_default_config:
-  http: "{{ alertmanager_receiver_config_http }}"
-  matrix: "{{ alertmanager_receiver_config_matrix }}"
-  templating: "{{ alertmanager_receiver_config_templating }}"
-alertmanager_receiver_config: {}
-alertmanager_receiver_merged_config: >-2
-  {{ (alertmanager_receiver_default_config | default({}))
-    | combine(alertmanager_receiver_config | default({}), recursive=True) }}

roles/alertmanager_receiver/defaults/main/container.yml

@@ -1,54 +0,0 @@
----
-alertmanager_receiver_container_image_registry: "docker.io"
-alertmanager_receiver_container_image_namespace: "metio"
-alertmanager_receiver_container_image_repository: "matrix-alertmanager-receiver"
-alertmanager_receiver_container_image_name: >-2
-  {{ [
-    alertmanager_receiver_container_image_registry | default([]),
-    alertmanager_receiver_container_image_namespace | default([]),
-    alertmanager_receiver_container_image_repository
-  ] | flatten | join('/') }}
-alertmanager_receiver_container_image_tag: ~
-alertmanager_receiver_container_image: >-2
-  {{ [
-    alertmanager_receiver_container_image_name,
-    (alertmanager_receiver_container_image_tag | default(
-        alertmanager_receiver_version, true
-    ))
-  ] | join(':') }}
-alertmanager_receiver_container_image_source: "pull"
-alertmanager_receiver_container_image_force_source: >-2
-  {{ alertmanager_receiver_container_image_tag | default(false, true) | bool }}
-
-alertmanager_receiver_container_config_file_path: >-2
-  {{ alertmanager_receiver_config_file_path }}
-
-alertmanager_receiver_container_name: "matrix-alertmanager-receiver"
-alertmanager_receiver_container_env: ~
-alertmanager_receiver_container_user: >-2
-  {{ alertmanager_receiver_user_uid }}:{{ alertmanager_receiver_user_gid }}
-alertmanager_receiver_container_ports: ~
-alertmanager_receiver_container_labels: ~
-alertmanager_receiver_container_command:
-#  - "/matrix-alertmanager-receiver"
-  - "--config-path"
-  - "{{ alertmanager_receiver_container_config_file_path }}"
-  - "--log-level"
-  - "{{ alertmanager_receiver_config_log_level }}"
-alertmanager_receiver_container_volumes: []
-alertmanager_receiver_container_base_volumes:
-  - >-2
-    {{ [
-      alertmanager_receiver_config_file_path,
-      alertmanager_receiver_container_config_file_path,
-      'ro'
-    ] | join(':') }}
-alertmanager_receiver_container_merged_volumes: >-2
-  {{ (alertmanager_receiver_container_base_volumes | default([], true))
-    + (alertmanager_receiver_container_volumes | default([], true)) }}
-alertmanager_receiver_container_networks: ~
-alertmanager_receiver_container_etc_hosts: ~
-alertmanager_receiver_container_dns_servers: ~
-alertmanager_receiver_container_restart_policy: "on-failure"
-alertmanager_receiver_container_state: >-2
-  {{ (alertmanager_receiver_state == 'present') | ternary('started', 'absent') }}

roles/alertmanager_receiver/defaults/main/main.yml

@@ -1,9 +0,0 @@
----
-alertmanager_receiver_user: "matrix-alertmanager-receiver"
-alertmanager_receiver_version: "2025.8.6"
-alertmanager_receiver_config_file_path: "/etc/matrix-alertmanager-receiver/config.yaml"
-alertmanager_receiver_config_path: >-2
-  {{ alertmanager_receiver_config_file_path | dirname }}
-
-alertmanager_receiver_state: present
-alertmanager_receiver_deployment_method: docker

roles/alertmanager_receiver/defaults/main/templates.yml

@@ -1,51 +0,0 @@
----
-alertmanager_receiver_config_templating_computed_values_default:
-  - values: # always set 'color' to 'yellow'
-      color: yellow
-  - values: # set 'color' to 'orange' when alert label 'severity' is 'warning'
-      color: orange
-    when-matching-labels:
-      severity: warning
-  - values: # set 'color' to 'red' when alert label 'severity' is 'critical'
-      color: red
-    when-matching-labels:
-      severity: critical
-  - values: # set 'color' to 'green' when alert status is 'resolved'
-      color: green
-    when-matching-status: resolved
-
-alertmanager_receiver_config_templating_firing_template_default: |+2
-  {% raw -%}
-  <p>
-    <strong><font color="{{ .ComputedValues.color }}">{{ .Alert.Status | ToUpper }}</font></strong>
-    {{ if .Alert.Labels.name }}
-      {{ .Alert.Labels.name }}
-    {{ else if .Alert.Labels.alertname }}
-      {{ .Alert.Labels.alertname }}
-    {{ end }}
-    >>
-    {{ if .Alert.Labels.severity }}
-      {{ .Alert.Labels.severity | ToUpper }}: 
-    {{ end }}
-    {{ if .Alert.Annotations.description }}
-      {{ .Alert.Annotations.description }}
-    {{ else if .Alert.Annotations.summary }}
-      {{ .Alert.Annotations.summary }}
-    {{ end }}
-    >>
-    {{ if .Alert.Annotations.runbook }}
-      <a href="{{ .Alert.Annotations.runbook }}">Runbook</a> | 
-    {{ end }}
-    {{ if .Alert.Annotations.dashboard }}
-      <a href="{{ .Alert.Annotations.dashboard }}">Dashboard</a> | 
-    {{ end }}
-    <a href="{{ .SilenceURL }}">Silence</a>
-  </p>
-  {%- endraw %}
-
-alertmanager_receiver_config_templating_resolved_template_default: |+2
-  {% raw -%}
-  <strong>
-    <font color="{{ .ComputedValues.color }}">{{ .Alert.Status | ToUpper }}</font>
-  </strong>{{ .Alert.Labels.name }}
-  {%- endraw %}

roles/alertmanager_receiver/defaults/main/user.yml

@@ -1,11 +0,0 @@
----
-alertmanager_receiver_user_create_home: false
-alertmanager_receiver_user_system: true
-alertmanager_receiver_user_groups: []
-alertmanager_receiver_user_append: >-2
-  {{ alertmanager_receiver_user_groups | length > 0 }}
-
-alertmanager_receiver_user_uid: >-2
-  {{ alertmanager_receiver_user_info.uid | default(alertmanager_receiver_user) }}
-alertmanager_receiver_user_gid: >-2
-  {{ alertmanager_receiver_user_info.group | default(alertmanager_receiver_user) }}

roles/alertmanager_receiver/meta/main.yml

@@ -1,14 +0,0 @@
----
-allow_duplicates: true
-dependencies: []
-galaxy_info:
-  role_name: alertmanager_receiver
-  description: >-2
-    `matrix-alertmanager-receiver` is a receiver for alerts generated by alertmanager.
-    This role supports both `docker` and `podman` based deployments.
-  galaxy_tags:
-    - matrix
-    - alertmanager
-    - metio
-    - docker
-    - podman

roles/alertmanager_receiver/tasks/check.yml

@@ -1,28 +0,0 @@
----
-- name: Ensure valid alertmanager_receiver_state
-  ansible.builtin.fail:
-    msg: >-2
-      Unsupported value '{{ alertmanager_receiver_state }}' for
-      alertmanager_receiver_state. Supported values are
-      {{ alertmanager_receiver_states | map(quote) | join(', ')
-  when: alertmanager_receiver_state not in alertmanager_receiver_states
-
-- name: Ensure valid alertmanager_receiver_deployment_method
-  ansible.builtin.fail:
-    msg: >-2
-      Unsupported value '{{ alertmanager_receiver_deployment_method }}' for
-      alertmanager_receiver_deployment_method. Supported values are
-      {{ alertmanager_receiver_deployment_methods | map(quote) | join(', ')
-  when: alertmanager_receiver_deployment_method not in alertmanager_receiver_deployment_methods
-
-- name: Ensure role fails when required configuration is missing
-  ansible.builtin.fail:
-    msg: >-2
-      Required configuration key '{{ _config_key }}' is undefined
-  when: hostvars[inventory_hostname][_config_key] is undefined
-  loop:
-    - "alertmanager_receiver_config_matrix_homeserver_url"
-    - "alertmanager_receiver_config_matrix_user_id"
-    - "alertmanager_receiver_config_matrix_access_token"
-  loop_control:
-    loop_var: "_config_key"

roles/alertmanager_receiver/tasks/configure.yml

@@ -1,12 +0,0 @@
----
-- name: Ensure configuration folder '{{ alertmanager_receiver_config_path }}' is {{ alertmanager_receiver_state }}
-  ansible.builtin.file:
-    path: "{{ alertmanager_receiver_config_path }}"
-    state: >-2
-      {{ (alertmanager_receiver_state == 'present') | ternary('directory', 'absent') }}
-
-- name: Ensure configuration file '{{ alertmanager_receiver_config_file_path }}' is written
-  ansible.builtin.copy:
-    dest: "{{ alertmanager_receiver_config_file_path }}"
-    content: "{{ alertmanager_receiver_merged_config | to_nice_yaml(indent=2, width=200) }}"
-  when: alertmanager_receiver_state == 'present'

roles/alertmanager_receiver/tasks/deploy-docker.yml

@@ -1,23 +0,0 @@
----
-- name: Ensure container image '{{ alertmanager_receiver_container_image }}' is {{ alertmanager_receiver_state }}
-  community.docker.docker_image:
-    name: "{{ alertmanager_receiver_container_image }}"
-    state: "{{ alertmanager_receiver_state }}"
-    source: "{{ alertmanager_receiver_container_image_source }}"
-    force_source: "{{ alertmanager_receiver_container_image_force_source }}"
-
-- name: Ensure container '{{ alertmanager_receiver_container_name }}' is {{ alertmanager_receiver_container_state }}
-  community.docker.docker_container:
-    name: "{{ alertmanager_receiver_container_name }}"
-    image: "{{ alertmanager_receiver_container_image }}"
-    env: "{{ alertmanager_receiver_container_env | default(omit, true) }}"
-    user: "{{ alertmanager_receiver_container_user | default(omit, true) }}"
-    ports: "{{ alertmanager_receiver_container_ports }}"
-    labels: "{{ alertmanager_receiver_container_labels }}"
-    command: "{{ alertmanager_receiver_container_command | default(omit, true) }}"
-    volumes: "{{ alertmanager_receiver_container_merged_volumes }}"
-    networks: "{{ alertmanager_receiver_container_networks | default(omit, true) }}"
-    etc_hosts: "{{ alertmanager_receiver_container_etc_hosts }}"
-    dns_servers: "{{ alertmanager_receiver_container_dns_servers }}"
-    restart_policy: "{{ alertmanager_receiver_container_restart_policy }}"
-    state: "{{ alertmanager_receiver_container_state }}"

roles/alertmanager_receiver/tasks/deploy-podman.yml

@@ -1,23 +0,0 @@
----
-- name: Ensure container image '{{ alertmanager_receiver_container_image }}' is {{ alertmanager_receiver_state }}
-  containers.podman.podman_image:
-    name: "{{ alertmanager_receiver_container_image }}"
-    state: "{{ alertmanager_receiver_state }}"
-    pull: "{{ alertmanager_receiver_container_image_source == 'pull' }}"
-    force: "{{ alertmanager_receiver_container_image_force_source }}"
-
-- name: Ensure container '{{ alertmanager_receiver_container_name }}' is {{ alertmanager_receiver_container_state }}
-  containers.podman.podman_container:
-    name: "{{ alertmanager_receiver_container_name }}"
-    image: "{{ alertmanager_receiver_container_image }}"
-    env: "{{ alertmanager_receiver_container_env | default(omit, true) }}"
-    user: "{{ alertmanager_receiver_container_user | default(omit, true) }}"
-    ports: "{{ alertmanager_receiver_container_ports }}"
-    labels: "{{ alertmanager_receiver_container_labels }}"
-    command: "{{ alertmanager_receiver_container_command | default(omit, true) }}"
-    volumes: "{{ alertmanager_receiver_container_merged_volumes }}"
-    network: "{{ alertmanager_receiver_container_networks | default(omit, true) }}"
-    etc_hosts: "{{ alertmanager_receiver_container_etc_hosts }}"
-    dns_servers: "{{ alertmanager_receiver_container_dns_servers }}"
-    restart_policy: "{{ alertmanager_receiver_container_restart_policy }}"
-    state: "{{ alertmanager_receiver_container_state }}"

roles/alertmanager_receiver/tasks/main.yml

@@ -1,22 +0,0 @@
----
-- name: Ensure preconditions are met
-  ansible.builtin.include_tasks:
-    file: "check.yml"
-
-- name: Ensure user '{{ alertmanager_receiver_user }}' is {{ alertmanager_receiver_state }}
-  ansible.builtin.user:
-    name: "{{ alertmanager_receiver_user }}"
-    state: "{{ alertmanager_receiver_state }}"
-    system: "{{ alertmanager_receiver_user_system }}"
-    create_home: "{{ alertmanager_receiver_user_create_home }}"
-    groups: "{{ alertmanager_receiver_user_groups | default(omit, true) }}"
-    append: "{{ alertmanager_receiver_user_append | default(omit) }}"
-  register: alertmanager_receiver_user_info
-
-- name: Ensure configuration is up to date
-  ansible.builtin.include_tasks:
-    file: "configure.yml"
-
-- name: Deploy using {{ alertmanager_receiver_deployment_method }}
-  ansible.builtin.include_tasks:
-    file: "deploy-{{ alertmanager_receiver_deployment_method }}.yml"

roles/alertmanager_receiver/vars/main.yml

@@ -1,7 +0,0 @@
----
-alertmanager_receiver_states:
-  - "present"
-  - "absent"
-alertmanager_receiver_deployment_methods:
-  - "docker"
-  - "podman"

roles/cinny/defaults/main/main.yml

@@ -1,7 +1,7 @@
 ---
 cinny_user: cinny
 cinny_state: "present"
-cinny_version: "4.8.1"
+cinny_version: "4.6.0"
 cinny_deployment_method: "docker"
 
 cinny_base_path: "/opt/cinny"

roles/conduwuit/README.md

@@ -0,0 +1,12 @@
+# `finallycoffee.matrix.conduwuit` ansible role
+
+Deploy [conduwuit](https://conduwuit.puppyirl.gay/), a fork of
+conduit, written in rust and using rocksdb.
+
+Please note that conduwuit is still under development.
+
+## Required configuation
+
+- `conduwuit_server_name` - domain the matrix server should be authoritative for.
+  Note that this can not be changed later!
+- `conduwuit_config_registration_token` - when `conduwuit_config_allow_registration` is `true`

roles/conduwuit/defaults/main/config.yml

@@ -0,0 +1,26 @@
+---
+conduwuit_config_server_name: "{{ conduwuit_server_name }}"
+conduwuit_config_address: ~
+conduwuit_config_port: 8008
+conduwuit_config_unix_socket_path: "/run/conduwuit/conduwuit.sock"
+conduwuit_config_unix_socket_perms: "0660"
+conduwuit_config_database_path: "{{ conduwuit_data_path }}"
+
+conduwuit_config_allow_registration: false
+conduwuit_config_registration_token: ~
+conduwuit_config_registration_token_file: ~
+
+conduwuit_config: {}
+conduwuit_default_config:
+  server_name: "{{ conduwuit_config_server_name }}"
+  address: "{{ conduwuit_config_address }}"
+  port: "{{ conduwuit_config_port }}"
+  unix_socket_path: "{{ conduwuit_config_unix_socket_path }}"
+  unix_socket_perms: "{{ conduwuit_config_unix_socket_perms }}"
+  database_path: "{{ conduwuit_config_database_path }}"
+  allow_registration: "{{ conduwuit_config_allow_registration }}"
+  registration_token: "{{ conduwuit_config_registration_token }}"
+  registration_token_file: "{{ conduwuit_config_registration_token_file }}"
+conduwuit_merged_config: >-2
+  {{ conduwuit_default_config | default({}, true)
+     | combine(conduwuit_config | default({}, true, recursive=True) }}

roles/conduwuit/defaults/main/container.yml

@@ -0,0 +1,44 @@
+---
+conduwuit_container_name: "conduwuit"
+conduwuit_container_image: >-2
+  {{
+    [
+      conduwuit_container_image_repository,
+      conduwuit_container_image_tag | default(conduwuit_version, true)
+    ]
+  }}
+conduwuit_container_image_registry: ghcr.io
+conduwuit_container_image_namespace: girlbossceo
+conduwuit_container_image_name: conduwuit
+conduwuit_container_image_repository: >-2
+  {{ conduwuit_container_image_registry
+  + (('/' + conduwuit_container_image_namespace)
+      if conduwuit_container_image_namespace else '')
+  + conduwuit_container_image_name }}
+conduwuit_container_image_source: pull
+conduwuit_container_image_force_source: >-2
+  {{ conduwuit_container_image_tag | bool }}
+conduwuit_container_image_tag: ~
+conduwuit_container_env:
+  CONDUWUIT_CONFIG: "{{ conduwuit_config_file }}"
+conduwuit_container_user: "{{ conduwuit_run_uid }}:{{ conduwuit_run_gid }}"
+conduwuit_container_ports: ~
+conduwuit_container_labels: ~
+conduwuit_container_ulimits: ~
+conduwuit_container_networks: ~
+conduwuit_container_dns_servers: ~
+conduwuit_container_etc_hosts: ~
+conduwuit_container_memory: ~
+conduwuit_container_memory_reversation: ~
+conduwuit_container_memory_swap: ~
+conduwuit_container_state: >-2
+  {{ (conduwuit_state == 'present') | ternary('started', 'absent') }}
+conduwuit_container_restart_policy: "on-failure"
+
+conduwuit_container_default_volumes:
+  - "{{ conduwuit_config_file }}:{{ conduwuit_config_file }}:ro"
+  - "{{ conduwuit_data_path }}:{{ conduwuit_data_path }}:z"
+conduwuit_container_volumes: ~
+conduwuit_container_all_volumes: >-2
+  {{ conduwuit_container_default_volumes | default([], true)
+    + conduwuit_container_volumes | default([], true) }}

roles/conduwuit/defaults/main/main.yml

@@ -0,0 +1,10 @@
+---
+conduwuit_user: conduwuit
+conduwuit_version: "0.4.6"
+
+conduwuit_server_name: ~
+conduwuit_config_file: "/etc/conduwuit/conduwuit.toml"
+conduwuit_data_path: "/var/lib/conduwuit"
+
+conduwuit_state: present
+conduwuit_deployment_method: docker

roles/conduwuit/defaults/main/user.yml

@@ -0,0 +1,6 @@
+---
+conduwuit_user_system: true
+conduwuit_user_create_home: false
+
+conduwuit_run_uid: "{{ conduwuit_user_info.uid | default(conduwuit_user) }}"
+conduwuit_run_gid: "{{ conduwuit_user_info.gid | default(conduwuit_user) }}"

roles/conduwuit/tasks/check.yml

@@ -0,0 +1,34 @@
+---
+- name: Ensure 'conduwuit_state' is valid
+  ansible.builtin.fail:
+    msg: >-2
+      State '{{ conduwuit_state }}' is not known,
+      supported states are {{ conduwuit_states | join(', ') }}
+  when: conduwuit_state not in conduwuit_states
+
+- name: Ensure 'conduwuit_deployment_method' is supported
+  ansible.builtin.fail:
+    msg: >-2
+      Deployment method '{{ conduwuit_deployment_method }}'
+      is unknown! Supported methods are:
+      {{ conduwuit_deployment_methods | join(', ') }}
+  when: conduwuit_deployment_method not in conduwuit_deployment_methods
+
+- name: Ensure required variables are given
+  ansible.builtin.fail:
+    msg: "Required variable '{{ item }}' is undefined!"
+  loop: "{{ conduwuit_required_variables }}"
+  when: >-2
+    item not in hostvars[inventory_hostname]
+    or hostvars[inventory_hostname][item] | length == 0
+
+- name: Ensure conditionally required variables are given
+  ansible.builtin.fail:
+    msg: "Required variable '{{ item.name }}' is undefined!"
+  loop: "{{ conduwuit_conditionally_required_variables }}"
+  loop_control:
+    label: "{{ item.name }}"
+  when: >-2
+    item.when
+    and (item.name not in hostvars[inventory_hostname]
+        or hostvars[inventory_hostname][item.name] | length == 0)

roles/conduwuit/tasks/deploy-docker.yml

@@ -0,0 +1,26 @@
+---
+- name: Ensure container image '{{ conduwuit_container_image }}' is {{ conduwuit_state }}
+  community.docker.docker_image:
+    name: "{{ conduwuit_container_image }}"
+    state: "{{ conduwuit_state }}"
+    source: "{{ conduwuit_container_image_source }}"
+    force_source: "{{ conduwuit_container_image_force_source }}"
+
+- name: Ensure container '{{ conduwuit_container_name }}' is {{ conduwuit_container_state }}
+  community.docker.docker_container:
+    name: "{{ conduwuit_container_name }}"
+    image: "{{ conduwuit_container_image }}"
+    env: "{{ conduwuit_container_env | default(omit) }}"
+    user: "{{ conduwuit_container_user }}"
+    ports: "{{ conduwuit_container_ports | default(omit, true) }}"
+    labels: "{{ conduwuit_container_labels | default(omit, true) }}"
+    volumes: "{{ conduwuit_container_all_volumes }}"
+    ulimits: "{{ conduwuit_container_ulimits | default(omit, true) }}"
+    networks: "{{ conduwuit_container_networks | default(omit, true) }}"
+    dns_servers: "{{ conduwuit_container_dns_servers | default(omit, true) }}"
+    etc_hosts: "{{ conduwuit_container_etc_hosts | default(omit, true) }}"
+    memory: "{{ conduwuit_container_memory | default(omit, true) }}"
+    memory_reservation: "{{ conduwuit_container_memory_reversation | default(omit, true) }}"
+    memory_swap: "{{ conduwuit_container_memory_swap | default(omit, true) }}"
+    restart_policy: "{{ conduwuit_container_restart_policy }}"
+    state: "{{ conduwuit_container_state }}"

roles/conduwuit/tasks/main.yml

@@ -0,0 +1,41 @@
+---
+- name: Check preconditions
+  ansible.builtin.include_tasks:
+    file: check.yml
+
+- name: Ensure conduwuit user '{{ conduwuit_user }}' is {{ conduwuit_state }}
+  ansible.builtin.user:
+    name: "{{ conduwuit_user }}"
+    state: "{{ conduwuit_state }}"
+    system: "{{ conduwuit_user_system | default(true) }}"
+    create_home: "{{ conduwuit_user_create_home | default(false) }}"
+  register: conduwuit_user_info
+
+- name: Ensure config directory exists
+  ansible.builtin.file:
+    path: "{{ conduwuit_config_file | dirname }}"
+    state: "{{ (conduwuit_state == 'present') | state('directory', 'absent') }}"
+    owner: "{{ conduwuit_run_uid }}"
+    group: "{{ conduwuit_run_gid }}"
+    mode: "0750"
+
+- name: Template config file '{{ conduwuit_config_file }}'
+  ansible.builtin.template:
+    src: "conduwuit.toml.j2"
+    dest: "{{ conduwuit_config_file }}"
+    owner: "{{ conduwuit_run_uid }}"
+    group: "{{ conduwuit_run_gid }}"
+    mode: "0640"
+  when: conduwuit_state == 'present'
+
+- name: Ensure data directory '{{ conduwuit_data_path }}' is {{ conduwuit_state }}
+  ansible.builtin.file:
+    path: "{{ conduwuit_data_path }}"
+    state: "{{ (conduwuit_state == 'present') | ternary('directory', 'absent') }}"
+    owner: "{{ conduwuit_run_uid }}"
+    group: "{{ conduwuit_run_gid }}"
+    mode: "0750"
+
+- name: Ensure deployment using {{ conduwuit_deployment_method }} runs
+  ansible.builtin.include_tasks:
+    file: "deploy-{{ conduwuit_deployment_method }}"

roles/conduwuit/templates/conduwuit.toml.j2

@@ -0,0 +1,4 @@
+[global]
+{% for item in conduwuit_merged_config.global | dict2items %}
+{{ item.key }}={{ item.value }}
+{% endfor %}

roles/conduwuit/vars/main.yml

@@ -0,0 +1,15 @@
+---
+conduwuit_states:
+  - "present"
+  - "absent"
+conduwuit_deployment_methods:
+  - "docker"
+
+conduwuit_required_variables:
+  - "conduwuit_server_name"
+
+conduwuit_conditionally_required_variables:
+  - name: "conduwuit_config_registration_token"
+    when: >-2
+      {{ conduwuit_config_allow_registration and
+        not (conduwuit_config_registration_token_file | str | length > 0) }}

roles/element/defaults/main/main.yml

@@ -1,7 +1,7 @@
 ---
 element_user: element
 element_state: "present"
-element_version: "1.11.108"
+element_version: "1.11.97"
 element_deployment_method: "docker"
 
 element_base_path: "/opt/element"

roles/synapse/defaults/main/main.yml

@@ -1,7 +1,7 @@
 ---
 synapse_user: synapse
 synapse_group: synapse
-synapse_version: "1.135.0"
+synapse_version: "1.128.0"
 synapse_state: "present"
 synapse_deployment_method: "docker"