--- - name: Ensure synapse group '{{ synapse_group }}' is {{ synapse_state }} ansible.builtin.group: name: "{{ synapse_group }}" system: "{{ synapse_group_system | default(true, true) }}" state: "{{ synapse_state }}" register: synapse_group_info - name: Ensure synapse user '{{ synapse_user }}' is {{ synapse_state }} ansible.builtin.user: name: "{{ synapse_user }}" state: "{{ synapse_state }}" system: "{{ synapse_user_system | default(true, true) }}" create_home: "{{ synapse_user_create_home | default(false, true) }}" groups: "{{ synapse_user_all_groups | default(omit, true) }}" append: "{{ synapse_user_groups_append | default(omit, true) }}" register: synapse_user_info - name: Ensure directories for synapse are {{ synapse_state }} ansible.builtin.file: path: "{{ item.path }}" state: "{{ (synapse_state == 'present') | ternary('directory', 'absent') }}" mode: "{{ item.mode | default('0750') }}" owner: "{{ item.owner | default(synapse_user_info.uid | default(synapse_user)) }}" group: "{{ item.group | default(synapse_user_info.group | default(synapse_user)) }}" loop: - path: "{{ synapse_base_path }}" mode: "0755" - path: "{{ synapse_config_path }}" mode: "0755" - path: "{{ synapse_data_path }}" mode: "0755" - path: "{{ synapse_media_store_path }}" mode: "0755" - path: "{{ synapse_log_path }}" mode: "0755" loop_control: label: "{{ item.path }}" - name: Ensure synapse signing key is generated finallycoffee.matrix.synapse_signing_key: path: "{{ synapse_signing_key_file }}" state: "{{ synapse_state }}" when: synapse_role_generate_signing_key notify: - synapse-restart - name: Ensure configuration files are templated ansible.builtin.copy: dest: "{{ config_file.path }}" content: "{{ config_file.content }}" mode: "{{ config_file.mode | default('0640') }}" owner: "{{ config_file.owner | default(synapse_user_info.uid | default(synapse_user)) }}" group: "{{ config_file.group | default(synapse_user_info.group | default(synapse_user)) }}" loop: >- {{ synapse_configs_to_write + (synapse_keys_to_write if not synapse_role_generate_signing_key else []) + synapse_configs | default([]) }} loop_control: loop_var: config_file label: "{{ config_file.path }}" vars: synapse_configs_to_write: - content: "{{ synapse_homeserver_config | to_nice_yaml(width=1000) }}" path: "{{ synapse_homeserver_config_file }}" - content: "{{ synapse_log_config | to_nice_yaml(width=1000) }}" path: "{{ synapse_logging_config_file }}" synapse_keys_to_write: - content: "{{ synapse_signing_key }}" path: "{{ synapse_signing_key_file }}" mode: "0640" notify: - synapse-restart when: synapse_state != 'absent'