mirror of
https://github.com/spantaleev/matrix-docker-ansible-deploy.git
synced 2024-12-12 08:43:55 +02:00
Fix CONDITIONAL_BARE_VARS deprecation warning in ansible 2.8
This commit is contained in:
parent
affb99003c
commit
3982f114af
@ -3,22 +3,22 @@
|
|||||||
- always
|
- always
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/clean_up_old_files.yml"
|
- import_tasks: "{{ role_path }}/tasks/clean_up_old_files.yml"
|
||||||
when: run_setup
|
when: run_setup|bool
|
||||||
tags:
|
tags:
|
||||||
- setup-all
|
- setup-all
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/setup_server_base.yml"
|
- import_tasks: "{{ role_path }}/tasks/setup_server_base.yml"
|
||||||
when: run_setup
|
when: run_setup|bool
|
||||||
tags:
|
tags:
|
||||||
- setup-all
|
- setup-all
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/setup_matrix_base.yml"
|
- import_tasks: "{{ role_path }}/tasks/setup_matrix_base.yml"
|
||||||
when: run_setup
|
when: run_setup|bool
|
||||||
tags:
|
tags:
|
||||||
- setup-all
|
- setup-all
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/setup_well_known.yml"
|
- import_tasks: "{{ role_path }}/tasks/setup_well_known.yml"
|
||||||
when: run_setup
|
when: run_setup|bool
|
||||||
tags:
|
tags:
|
||||||
- setup-all
|
- setup-all
|
||||||
- setup-mxisd
|
- setup-mxisd
|
||||||
@ -28,6 +28,6 @@
|
|||||||
- import_tasks: "{{ role_path }}/tasks/self_check_dns.yml"
|
- import_tasks: "{{ role_path }}/tasks/self_check_dns.yml"
|
||||||
delegate_to: 127.0.0.1
|
delegate_to: 127.0.0.1
|
||||||
become: false
|
become: false
|
||||||
when: run_self_check
|
when: run_self_check|bool
|
||||||
tags:
|
tags:
|
||||||
- self-check
|
- self-check
|
||||||
|
@ -19,7 +19,7 @@
|
|||||||
- name: Determine domains that we require certificates for (mxisd)
|
- name: Determine domains that we require certificates for (mxisd)
|
||||||
set_fact:
|
set_fact:
|
||||||
dns_srv_record_checks: "{{ dns_srv_record_checks + [dns_srv_record_check_mxisd] }}"
|
dns_srv_record_checks: "{{ dns_srv_record_checks + [dns_srv_record_check_mxisd] }}"
|
||||||
when: "matrix_mxisd_enabled"
|
when: matrix_mxisd_enabled|bool
|
||||||
|
|
||||||
- name: Perform DNS SRV checks
|
- name: Perform DNS SRV checks
|
||||||
include_tasks: "{{ role_path }}/tasks/self_check_dns_srv.yml"
|
include_tasks: "{{ role_path }}/tasks/self_check_dns_srv.yml"
|
||||||
|
@ -27,10 +27,10 @@
|
|||||||
mode: 0644
|
mode: 0644
|
||||||
owner: "{{ matrix_user_username }}"
|
owner: "{{ matrix_user_username }}"
|
||||||
group: "{{ matrix_user_username }}"
|
group: "{{ matrix_user_username }}"
|
||||||
when: matrix_well_known_matrix_server_enabled
|
when: matrix_well_known_matrix_server_enabled|bool
|
||||||
|
|
||||||
- name: Ensure Matrix /.well-known/matrix/server file deleted
|
- name: Ensure Matrix /.well-known/matrix/server file deleted
|
||||||
file:
|
file:
|
||||||
path: "{{ matrix_static_files_base_path }}/.well-known/matrix/server"
|
path: "{{ matrix_static_files_base_path }}/.well-known/matrix/server"
|
||||||
state: absent
|
state: absent
|
||||||
when: "not matrix_well_known_matrix_server_enabled"
|
when: "not matrix_well_known_matrix_server_enabled|bool"
|
||||||
|
@ -1,3 +1,3 @@
|
|||||||
- set_fact:
|
- set_fact:
|
||||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-appservice-discord'] }}"
|
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-appservice-discord'] }}"
|
||||||
when: matrix_appservice_discord_enabled
|
when: matrix_appservice_discord_enabled|bool
|
||||||
|
@ -3,19 +3,19 @@
|
|||||||
- always
|
- always
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||||
when: "run_setup and matrix_appservice_discord_enabled"
|
when: "run_setup|bool and matrix_appservice_discord_enabled|bool"
|
||||||
tags:
|
tags:
|
||||||
- setup-all
|
- setup-all
|
||||||
- setup-appservice-discord
|
- setup-appservice-discord
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
|
- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
|
||||||
when: "run_setup and matrix_appservice_discord_enabled"
|
when: "run_setup|bool and matrix_appservice_discord_enabled|bool"
|
||||||
tags:
|
tags:
|
||||||
- setup-all
|
- setup-all
|
||||||
- setup-appservice-discord
|
- setup-appservice-discord
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
|
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
|
||||||
when: "run_setup and not matrix_appservice_discord_enabled"
|
when: "run_setup|bool and not matrix_appservice_discord_enabled|bool"
|
||||||
tags:
|
tags:
|
||||||
- setup-all
|
- setup-all
|
||||||
- setup-appservice-discord
|
- setup-appservice-discord
|
||||||
|
@ -1,3 +1,3 @@
|
|||||||
- set_fact:
|
- set_fact:
|
||||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-appservice-irc'] }}"
|
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-appservice-irc'] }}"
|
||||||
when: matrix_appservice_irc_enabled
|
when: matrix_appservice_irc_enabled|bool
|
||||||
|
@ -3,19 +3,19 @@
|
|||||||
- always
|
- always
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||||
when: "run_setup and matrix_appservice_irc_enabled"
|
when: "run_setup|bool and matrix_appservice_irc_enabled|bool"
|
||||||
tags:
|
tags:
|
||||||
- setup-all
|
- setup-all
|
||||||
- setup-appservice-irc
|
- setup-appservice-irc
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
|
- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
|
||||||
when: "run_setup and matrix_appservice_irc_enabled"
|
when: "run_setup|bool and matrix_appservice_irc_enabled|bool"
|
||||||
tags:
|
tags:
|
||||||
- setup-all
|
- setup-all
|
||||||
- setup-appservice-irc
|
- setup-appservice-irc
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
|
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
|
||||||
when: "run_setup and not matrix_appservice_irc_enabled"
|
when: "run_setup|bool and not matrix_appservice_irc_enabled|bool"
|
||||||
tags:
|
tags:
|
||||||
- setup-all
|
- setup-all
|
||||||
- setup-appservice-irc
|
- setup-appservice-irc
|
||||||
|
@ -1,3 +1,3 @@
|
|||||||
- set_fact:
|
- set_fact:
|
||||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-facebook'] }}"
|
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-facebook'] }}"
|
||||||
when: "matrix_mautrix_facebook_enabled"
|
when: matrix_mautrix_facebook_enabled|bool
|
||||||
|
@ -3,19 +3,19 @@
|
|||||||
- always
|
- always
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||||
when: "run_setup and matrix_mautrix_facebook_enabled"
|
when: "run_setup|bool and matrix_mautrix_facebook_enabled|bool"
|
||||||
tags:
|
tags:
|
||||||
- setup-all
|
- setup-all
|
||||||
- setup-mautrix-facebook
|
- setup-mautrix-facebook
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
|
- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
|
||||||
when: "run_setup and matrix_mautrix_facebook_enabled"
|
when: "run_setup|bool and matrix_mautrix_facebook_enabled|bool"
|
||||||
tags:
|
tags:
|
||||||
- setup-all
|
- setup-all
|
||||||
- setup-mautrix-facebook
|
- setup-mautrix-facebook
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
|
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
|
||||||
when: "run_setup and not matrix_mautrix_facebook_enabled"
|
when: "run_setup|bool and not matrix_mautrix_facebook_enabled|bool"
|
||||||
tags:
|
tags:
|
||||||
- setup-all
|
- setup-all
|
||||||
- setup-mautrix-facebook
|
- setup-mautrix-facebook
|
||||||
|
@ -1,3 +1,3 @@
|
|||||||
- set_fact:
|
- set_fact:
|
||||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-telegram'] }}"
|
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-telegram'] }}"
|
||||||
when: "matrix_mautrix_telegram_enabled"
|
when: matrix_mautrix_telegram_enabled|bool
|
||||||
|
@ -3,19 +3,19 @@
|
|||||||
- always
|
- always
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||||
when: "run_setup and matrix_mautrix_telegram_enabled"
|
when: "run_setup|bool and matrix_mautrix_telegram_enabled|bool"
|
||||||
tags:
|
tags:
|
||||||
- setup-all
|
- setup-all
|
||||||
- setup-mautrix-telegram
|
- setup-mautrix-telegram
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
|
- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
|
||||||
when: "run_setup and matrix_mautrix_telegram_enabled"
|
when: "run_setup|bool and matrix_mautrix_telegram_enabled|bool"
|
||||||
tags:
|
tags:
|
||||||
- setup-all
|
- setup-all
|
||||||
- setup-mautrix-telegram
|
- setup-mautrix-telegram
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
|
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
|
||||||
when: "run_setup and not matrix_mautrix_telegram_enabled"
|
when: "run_setup|bool and not matrix_mautrix_telegram_enabled|bool"
|
||||||
tags:
|
tags:
|
||||||
- setup-all
|
- setup-all
|
||||||
- setup-mautrix-telegram
|
- setup-mautrix-telegram
|
||||||
|
@ -98,7 +98,7 @@
|
|||||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
but it's pointless since the matrix-nginx-proxy role had already executed.
|
||||||
To fix this, please change the order of roles in your plabook,
|
To fix this, please change the order of roles in your plabook,
|
||||||
so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-telegram role.
|
so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-telegram role.
|
||||||
when: "matrix_nginx_proxy_role_executed"
|
when: matrix_nginx_proxy_role_executed|bool
|
||||||
|
|
||||||
- name: Generate Mautrix Telegram proxying configuration for matrix-nginx-proxy
|
- name: Generate Mautrix Telegram proxying configuration for matrix-nginx-proxy
|
||||||
set_fact:
|
set_fact:
|
||||||
|
@ -1,3 +1,3 @@
|
|||||||
- set_fact:
|
- set_fact:
|
||||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-whatsapp'] }}"
|
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-whatsapp'] }}"
|
||||||
when: "matrix_mautrix_whatsapp_enabled"
|
when: matrix_mautrix_whatsapp_enabled|bool
|
||||||
|
@ -1,9 +1,9 @@
|
|||||||
- import_tasks: "{{ role_path }}/tasks/start.yml"
|
- import_tasks: "{{ role_path }}/tasks/start.yml"
|
||||||
when: run_start
|
when: run_start|bool
|
||||||
tags:
|
tags:
|
||||||
- start
|
- start
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/stop.yml"
|
- import_tasks: "{{ role_path }}/tasks/stop.yml"
|
||||||
when: run_stop
|
when: run_stop|bool
|
||||||
tags:
|
tags:
|
||||||
- stop
|
- stop
|
||||||
|
@ -1,3 +1,3 @@
|
|||||||
- set_fact:
|
- set_fact:
|
||||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-corporal'] }}"
|
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-corporal'] }}"
|
||||||
when: "matrix_corporal_enabled"
|
when: matrix_corporal_enabled|bool
|
||||||
|
@ -3,13 +3,13 @@
|
|||||||
- always
|
- always
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||||
when: "run_setup and matrix_corporal_enabled"
|
when: "run_setup|bool and matrix_corporal_enabled|bool"
|
||||||
tags:
|
tags:
|
||||||
- setup-all
|
- setup-all
|
||||||
- setup-corporal
|
- setup-corporal
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/setup_corporal.yml"
|
- import_tasks: "{{ role_path }}/tasks/setup_corporal.yml"
|
||||||
when: run_setup
|
when: run_setup|bool
|
||||||
tags:
|
tags:
|
||||||
- setup-all
|
- setup-all
|
||||||
- setup-corporal
|
- setup-corporal
|
||||||
@ -17,6 +17,6 @@
|
|||||||
- import_tasks: "{{ role_path }}/tasks/self_check_corporal.yml"
|
- import_tasks: "{{ role_path }}/tasks/self_check_corporal.yml"
|
||||||
delegate_to: 127.0.0.1
|
delegate_to: 127.0.0.1
|
||||||
become: false
|
become: false
|
||||||
when: "run_self_check and matrix_corporal_enabled"
|
when: "run_self_check|bool and matrix_corporal_enabled|bool"
|
||||||
tags:
|
tags:
|
||||||
- self-check
|
- self-check
|
@ -15,19 +15,19 @@
|
|||||||
- "{{ matrix_corporal_config_dir_path }}"
|
- "{{ matrix_corporal_config_dir_path }}"
|
||||||
- "{{ matrix_corporal_cache_dir_path }}"
|
- "{{ matrix_corporal_cache_dir_path }}"
|
||||||
- "{{ matrix_corporal_var_dir_path }}"
|
- "{{ matrix_corporal_var_dir_path }}"
|
||||||
when: "matrix_corporal_enabled"
|
when: matrix_corporal_enabled|bool
|
||||||
|
|
||||||
- name: Ensure Matrix Corporal Docker image is pulled
|
- name: Ensure Matrix Corporal Docker image is pulled
|
||||||
docker_image:
|
docker_image:
|
||||||
name: "{{ matrix_corporal_docker_image }}"
|
name: "{{ matrix_corporal_docker_image }}"
|
||||||
when: "matrix_corporal_enabled"
|
when: matrix_corporal_enabled|bool
|
||||||
|
|
||||||
- name: Ensure Matrix Corporal config installed
|
- name: Ensure Matrix Corporal config installed
|
||||||
template:
|
template:
|
||||||
src: "{{ role_path }}/templates/config.json.j2"
|
src: "{{ role_path }}/templates/config.json.j2"
|
||||||
dest: "{{ matrix_corporal_config_dir_path }}/config.json"
|
dest: "{{ matrix_corporal_config_dir_path }}/config.json"
|
||||||
mode: 0644
|
mode: 0644
|
||||||
when: "matrix_corporal_enabled"
|
when: matrix_corporal_enabled|bool
|
||||||
|
|
||||||
- name: Ensure matrix-corporal.service installed
|
- name: Ensure matrix-corporal.service installed
|
||||||
template:
|
template:
|
||||||
@ -35,12 +35,12 @@
|
|||||||
dest: "/etc/systemd/system/matrix-corporal.service"
|
dest: "/etc/systemd/system/matrix-corporal.service"
|
||||||
mode: 0644
|
mode: 0644
|
||||||
register: matrix_corporal_systemd_service_result
|
register: matrix_corporal_systemd_service_result
|
||||||
when: "matrix_corporal_enabled"
|
when: matrix_corporal_enabled|bool
|
||||||
|
|
||||||
- name: Ensure systemd reloaded after matrix-corporal.service installation
|
- name: Ensure systemd reloaded after matrix-corporal.service installation
|
||||||
service:
|
service:
|
||||||
daemon_reload: yes
|
daemon_reload: yes
|
||||||
when: "matrix_corporal_enabled and matrix_corporal_systemd_service_result.changed"
|
when: "matrix_corporal_enabled|bool and matrix_corporal_systemd_service_result.changed"
|
||||||
|
|
||||||
|
|
||||||
#
|
#
|
||||||
@ -51,7 +51,7 @@
|
|||||||
stat:
|
stat:
|
||||||
path: "/etc/systemd/system/matrix-corporal.service"
|
path: "/etc/systemd/system/matrix-corporal.service"
|
||||||
register: matrix_corporal_service_stat
|
register: matrix_corporal_service_stat
|
||||||
when: "not matrix_corporal_enabled"
|
when: "not matrix_corporal_enabled|bool"
|
||||||
|
|
||||||
- name: Ensure matrix-corporal is stopped
|
- name: Ensure matrix-corporal is stopped
|
||||||
service:
|
service:
|
||||||
@ -59,18 +59,18 @@
|
|||||||
state: stopped
|
state: stopped
|
||||||
daemon_reload: yes
|
daemon_reload: yes
|
||||||
register: stopping_result
|
register: stopping_result
|
||||||
when: "not matrix_corporal_enabled and matrix_corporal_service_stat.stat.exists"
|
when: "not matrix_corporal_enabled|bool and matrix_corporal_service_stat.stat.exists"
|
||||||
|
|
||||||
- name: Ensure matrix-corporal.service doesn't exist
|
- name: Ensure matrix-corporal.service doesn't exist
|
||||||
file:
|
file:
|
||||||
path: "/etc/systemd/system/matrix-corporal.service"
|
path: "/etc/systemd/system/matrix-corporal.service"
|
||||||
state: absent
|
state: absent
|
||||||
when: "not matrix_corporal_enabled and matrix_corporal_service_stat.stat.exists"
|
when: "not matrix_corporal_enabled|bool and matrix_corporal_service_stat.stat.exists"
|
||||||
|
|
||||||
- name: Ensure systemd reloaded after matrix-corporal.service removal
|
- name: Ensure systemd reloaded after matrix-corporal.service removal
|
||||||
service:
|
service:
|
||||||
daemon_reload: yes
|
daemon_reload: yes
|
||||||
when: "not matrix_corporal_enabled and matrix_corporal_service_stat.stat.exists"
|
when: "not matrix_corporal_enabled|bool and matrix_corporal_service_stat.stat.exists"
|
||||||
|
|
||||||
- name: Ensure matrix-corporal files don't exist
|
- name: Ensure matrix-corporal files don't exist
|
||||||
file:
|
file:
|
||||||
@ -79,10 +79,10 @@
|
|||||||
with_items:
|
with_items:
|
||||||
- /etc/systemd/system/matrix-corporal.service
|
- /etc/systemd/system/matrix-corporal.service
|
||||||
- "{{ matrix_corporal_config_dir_path }}/config.json"
|
- "{{ matrix_corporal_config_dir_path }}/config.json"
|
||||||
when: "not matrix_corporal_enabled"
|
when: "not matrix_corporal_enabled|bool"
|
||||||
|
|
||||||
- name: Ensure Matrix Corporal Docker image doesn't exist
|
- name: Ensure Matrix Corporal Docker image doesn't exist
|
||||||
docker_image:
|
docker_image:
|
||||||
name: "{{ matrix_corporal_docker_image }}"
|
name: "{{ matrix_corporal_docker_image }}"
|
||||||
state: absent
|
state: absent
|
||||||
when: "not matrix_corporal_enabled"
|
when: "not matrix_corporal_enabled|bool"
|
||||||
|
@ -14,4 +14,4 @@
|
|||||||
- name: Fail if HTTP API enabled, but no token set
|
- name: Fail if HTTP API enabled, but no token set
|
||||||
fail:
|
fail:
|
||||||
msg: "The Matrix Corporal HTTP API is enabled (`matrix_corporal_http_api_enabled`), but no auth token has been set in `matrix_corporal_http_api_auth_token`"
|
msg: "The Matrix Corporal HTTP API is enabled (`matrix_corporal_http_api_enabled`), but no auth token has been set in `matrix_corporal_http_api_auth_token`"
|
||||||
when: "matrix_corporal_http_api_enabled and matrix_corporal_http_api_auth_token == ''"
|
when: "matrix_corporal_http_api_enabled|bool and matrix_corporal_http_api_auth_token == ''"
|
||||||
|
@ -1,3 +1,3 @@
|
|||||||
- set_fact:
|
- set_fact:
|
||||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-coturn'] }}"
|
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-coturn'] }}"
|
||||||
when: "matrix_coturn_enabled"
|
when: matrix_coturn_enabled|bool
|
||||||
|
@ -3,13 +3,13 @@
|
|||||||
- always
|
- always
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||||
when: "run_setup and matrix_coturn_enabled"
|
when: "run_setup|bool and matrix_coturn_enabled|bool"
|
||||||
tags:
|
tags:
|
||||||
- setup-all
|
- setup-all
|
||||||
- setup-coturn
|
- setup-coturn
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/setup_coturn.yml"
|
- import_tasks: "{{ role_path }}/tasks/setup_coturn.yml"
|
||||||
when: run_setup
|
when: run_setup|bool
|
||||||
tags:
|
tags:
|
||||||
- setup-all
|
- setup-all
|
||||||
- setup-coturn
|
- setup-coturn
|
@ -7,7 +7,7 @@
|
|||||||
- name: Ensure Coturn image is pulled
|
- name: Ensure Coturn image is pulled
|
||||||
docker_image:
|
docker_image:
|
||||||
name: "{{ matrix_coturn_docker_image }}"
|
name: "{{ matrix_coturn_docker_image }}"
|
||||||
when: matrix_coturn_enabled
|
when: matrix_coturn_enabled|bool
|
||||||
|
|
||||||
- name: Ensure Coturn configuration path exists
|
- name: Ensure Coturn configuration path exists
|
||||||
file:
|
file:
|
||||||
@ -16,14 +16,14 @@
|
|||||||
mode: 0750
|
mode: 0750
|
||||||
owner: "{{ matrix_user_username }}"
|
owner: "{{ matrix_user_username }}"
|
||||||
group: "{{ matrix_user_username }}"
|
group: "{{ matrix_user_username }}"
|
||||||
when: matrix_coturn_enabled
|
when: matrix_coturn_enabled|bool
|
||||||
|
|
||||||
- name: Ensure turnserver.conf installed
|
- name: Ensure turnserver.conf installed
|
||||||
template:
|
template:
|
||||||
src: "{{ role_path }}/templates/turnserver.conf.j2"
|
src: "{{ role_path }}/templates/turnserver.conf.j2"
|
||||||
dest: "{{ matrix_coturn_config_path }}"
|
dest: "{{ matrix_coturn_config_path }}"
|
||||||
mode: 0644
|
mode: 0644
|
||||||
when: matrix_coturn_enabled
|
when: matrix_coturn_enabled|bool
|
||||||
|
|
||||||
# `docker_network` doesn't work as expected when the given network
|
# `docker_network` doesn't work as expected when the given network
|
||||||
# is a substring of a network that already exists.
|
# is a substring of a network that already exists.
|
||||||
@ -34,12 +34,12 @@
|
|||||||
cmd: "docker network ls -q --filter='name=^{{ matrix_coturn_docker_network }}$'"
|
cmd: "docker network ls -q --filter='name=^{{ matrix_coturn_docker_network }}$'"
|
||||||
register: matrix_coturn_result_docker_network
|
register: matrix_coturn_result_docker_network
|
||||||
changed_when: false
|
changed_when: false
|
||||||
when: matrix_coturn_enabled
|
when: matrix_coturn_enabled|bool
|
||||||
|
|
||||||
- name: Create Coturn network in Docker
|
- name: Create Coturn network in Docker
|
||||||
shell:
|
shell:
|
||||||
cmd: "docker network create --driver=bridge {{ matrix_coturn_docker_network }}"
|
cmd: "docker network create --driver=bridge {{ matrix_coturn_docker_network }}"
|
||||||
when: "matrix_coturn_enabled and matrix_coturn_result_docker_network.stdout == ''"
|
when: "matrix_coturn_enabled|bool and matrix_coturn_result_docker_network.stdout == ''"
|
||||||
|
|
||||||
- name: Ensure matrix-coturn.service installed
|
- name: Ensure matrix-coturn.service installed
|
||||||
template:
|
template:
|
||||||
@ -47,12 +47,12 @@
|
|||||||
dest: "/etc/systemd/system/matrix-coturn.service"
|
dest: "/etc/systemd/system/matrix-coturn.service"
|
||||||
mode: 0644
|
mode: 0644
|
||||||
register: matrix_coturn_systemd_service_result
|
register: matrix_coturn_systemd_service_result
|
||||||
when: matrix_coturn_enabled
|
when: matrix_coturn_enabled|bool
|
||||||
|
|
||||||
- name: Ensure systemd reloaded after matrix-coturn.service installation
|
- name: Ensure systemd reloaded after matrix-coturn.service installation
|
||||||
service:
|
service:
|
||||||
daemon_reload: yes
|
daemon_reload: yes
|
||||||
when: "matrix_coturn_enabled and matrix_coturn_systemd_service_result.changed"
|
when: "matrix_coturn_enabled|bool and matrix_coturn_systemd_service_result.changed"
|
||||||
|
|
||||||
# This may be unnecessary when more long-lived certificates are used.
|
# This may be unnecessary when more long-lived certificates are used.
|
||||||
# We optimize for the common use-case though (short-lived Let's Encrypt certificates).
|
# We optimize for the common use-case though (short-lived Let's Encrypt certificates).
|
||||||
@ -67,7 +67,7 @@
|
|||||||
minute: 20
|
minute: 20
|
||||||
day: "*/5"
|
day: "*/5"
|
||||||
job: /bin/systemctl reload matrix-coturn.service
|
job: /bin/systemctl reload matrix-coturn.service
|
||||||
when: matrix_coturn_enabled and matrix_coturn_tls_enabled
|
when: "matrix_coturn_enabled|bool and matrix_coturn_tls_enabled|bool"
|
||||||
|
|
||||||
|
|
||||||
#
|
#
|
||||||
@ -79,13 +79,13 @@
|
|||||||
user: root
|
user: root
|
||||||
cron_file: matrix-coturn-ssl-reload
|
cron_file: matrix-coturn-ssl-reload
|
||||||
state: absent
|
state: absent
|
||||||
when: "not matrix_coturn_enabled or not matrix_coturn_tls_enabled"
|
when: "not matrix_coturn_enabled|bool or not matrix_coturn_tls_enabled|bool"
|
||||||
|
|
||||||
- name: Check existence of matrix-coturn service
|
- name: Check existence of matrix-coturn service
|
||||||
stat:
|
stat:
|
||||||
path: "/etc/systemd/system/matrix-coturn.service"
|
path: "/etc/systemd/system/matrix-coturn.service"
|
||||||
register: matrix_coturn_service_stat
|
register: matrix_coturn_service_stat
|
||||||
when: "not matrix_coturn_enabled"
|
when: "not matrix_coturn_enabled|bool"
|
||||||
|
|
||||||
- name: Ensure matrix-coturn is stopped
|
- name: Ensure matrix-coturn is stopped
|
||||||
service:
|
service:
|
||||||
@ -93,27 +93,27 @@
|
|||||||
state: stopped
|
state: stopped
|
||||||
daemon_reload: yes
|
daemon_reload: yes
|
||||||
register: stopping_result
|
register: stopping_result
|
||||||
when: "not matrix_coturn_enabled and matrix_coturn_service_stat.stat.exists"
|
when: "not matrix_coturn_enabled|bool and matrix_coturn_service_stat.stat.exists"
|
||||||
|
|
||||||
- name: Ensure matrix-coturn.service doesn't exist
|
- name: Ensure matrix-coturn.service doesn't exist
|
||||||
file:
|
file:
|
||||||
path: "/etc/systemd/system/matrix-coturn.service"
|
path: "/etc/systemd/system/matrix-coturn.service"
|
||||||
state: absent
|
state: absent
|
||||||
when: "not matrix_coturn_enabled and matrix_coturn_service_stat.stat.exists"
|
when: "not matrix_coturn_enabled|bool and matrix_coturn_service_stat.stat.exists"
|
||||||
|
|
||||||
- name: Ensure systemd reloaded after matrix-coturn.service removal
|
- name: Ensure systemd reloaded after matrix-coturn.service removal
|
||||||
service:
|
service:
|
||||||
daemon_reload: yes
|
daemon_reload: yes
|
||||||
when: "not matrix_coturn_enabled and matrix_coturn_service_stat.stat.exists"
|
when: "not matrix_coturn_enabled|bool and matrix_coturn_service_stat.stat.exists"
|
||||||
|
|
||||||
- name: Ensure Matrix coturn paths don't exist
|
- name: Ensure Matrix coturn paths don't exist
|
||||||
file:
|
file:
|
||||||
path: "{{ matrix_coturn_base_path }}"
|
path: "{{ matrix_coturn_base_path }}"
|
||||||
state: absent
|
state: absent
|
||||||
when: "not matrix_coturn_enabled"
|
when: "not matrix_coturn_enabled|bool"
|
||||||
|
|
||||||
- name: Ensure coturn Docker image doesn't exist
|
- name: Ensure coturn Docker image doesn't exist
|
||||||
docker_image:
|
docker_image:
|
||||||
name: "{{ matrix_coturn_docker_image }}"
|
name: "{{ matrix_coturn_docker_image }}"
|
||||||
state: absent
|
state: absent
|
||||||
when: "not matrix_coturn_enabled"
|
when: "not matrix_coturn_enabled|bool"
|
||||||
|
@ -1,3 +1,3 @@
|
|||||||
- set_fact:
|
- set_fact:
|
||||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-dimension'] }}"
|
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-dimension'] }}"
|
||||||
when: "matrix_dimension_enabled"
|
when: matrix_dimension_enabled|bool
|
||||||
|
@ -3,13 +3,13 @@
|
|||||||
- always
|
- always
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||||
when: run_setup
|
when: run_setup|bool
|
||||||
tags:
|
tags:
|
||||||
- setup-all
|
- setup-all
|
||||||
- setup-dimension
|
- setup-dimension
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/setup_dimension.yml"
|
- import_tasks: "{{ role_path }}/tasks/setup_dimension.yml"
|
||||||
when: run_setup
|
when: run_setup|bool
|
||||||
tags:
|
tags:
|
||||||
- setup-all
|
- setup-all
|
||||||
- setup-dimension
|
- setup-dimension
|
@ -11,7 +11,7 @@
|
|||||||
mode: 0770
|
mode: 0770
|
||||||
owner: "{{ matrix_user_username }}"
|
owner: "{{ matrix_user_username }}"
|
||||||
group: "{{ matrix_dimension_user_gid }}"
|
group: "{{ matrix_dimension_user_gid }}"
|
||||||
when: matrix_dimension_enabled
|
when: matrix_dimension_enabled|bool
|
||||||
|
|
||||||
- name: Ensure Dimension config installed
|
- name: Ensure Dimension config installed
|
||||||
copy:
|
copy:
|
||||||
@ -20,12 +20,12 @@
|
|||||||
mode: 0640
|
mode: 0640
|
||||||
owner: "{{ matrix_user_username }}"
|
owner: "{{ matrix_user_username }}"
|
||||||
group: "{{ matrix_dimension_user_gid }}"
|
group: "{{ matrix_dimension_user_gid }}"
|
||||||
when: matrix_dimension_enabled
|
when: matrix_dimension_enabled|bool
|
||||||
|
|
||||||
- name: Ensure Dimension image is pulled
|
- name: Ensure Dimension image is pulled
|
||||||
docker_image:
|
docker_image:
|
||||||
name: "{{ matrix_dimension_docker_image }}"
|
name: "{{ matrix_dimension_docker_image }}"
|
||||||
when: matrix_dimension_enabled
|
when: matrix_dimension_enabled|bool
|
||||||
|
|
||||||
- name: Ensure matrix-dimension.service installed
|
- name: Ensure matrix-dimension.service installed
|
||||||
template:
|
template:
|
||||||
@ -33,12 +33,12 @@
|
|||||||
dest: "/etc/systemd/system/matrix-dimension.service"
|
dest: "/etc/systemd/system/matrix-dimension.service"
|
||||||
mode: 0644
|
mode: 0644
|
||||||
register: matrix_dimension_systemd_service_result
|
register: matrix_dimension_systemd_service_result
|
||||||
when: matrix_dimension_enabled
|
when: matrix_dimension_enabled|bool
|
||||||
|
|
||||||
- name: Ensure systemd reloaded after matrix-dimension.service installation
|
- name: Ensure systemd reloaded after matrix-dimension.service installation
|
||||||
service:
|
service:
|
||||||
daemon_reload: yes
|
daemon_reload: yes
|
||||||
when: "matrix_dimension_enabled and matrix_dimension_systemd_service_result.changed"
|
when: "matrix_dimension_enabled|bool and matrix_dimension_systemd_service_result.changed"
|
||||||
|
|
||||||
#
|
#
|
||||||
# Tasks related to getting rid of the dimension (if it was previously enabled)
|
# Tasks related to getting rid of the dimension (if it was previously enabled)
|
||||||
@ -48,7 +48,7 @@
|
|||||||
stat:
|
stat:
|
||||||
path: "/etc/systemd/system/matrix-dimension.service"
|
path: "/etc/systemd/system/matrix-dimension.service"
|
||||||
register: matrix_dimension_service_stat
|
register: matrix_dimension_service_stat
|
||||||
when: not matrix_dimension_enabled
|
when: "not matrix_dimension_enabled|bool"
|
||||||
|
|
||||||
- name: Ensure matrix-dimension is stopped
|
- name: Ensure matrix-dimension is stopped
|
||||||
service:
|
service:
|
||||||
@ -56,27 +56,27 @@
|
|||||||
state: stopped
|
state: stopped
|
||||||
daemon_reload: yes
|
daemon_reload: yes
|
||||||
register: stopping_result
|
register: stopping_result
|
||||||
when: "not matrix_dimension_enabled and matrix_dimension_service_stat.stat.exists"
|
when: "not matrix_dimension_enabled|bool and matrix_dimension_service_stat.stat.exists"
|
||||||
|
|
||||||
- name: Ensure matrix-dimension.service doesn't exist
|
- name: Ensure matrix-dimension.service doesn't exist
|
||||||
file:
|
file:
|
||||||
path: "/etc/systemd/system/matrix-dimension.service"
|
path: "/etc/systemd/system/matrix-dimension.service"
|
||||||
state: absent
|
state: absent
|
||||||
when: "not matrix_dimension_enabled and matrix_dimension_service_stat.stat.exists"
|
when: "not matrix_dimension_enabled|bool and matrix_dimension_service_stat.stat.exists"
|
||||||
|
|
||||||
- name: Ensure systemd reloaded after matrix-dimension.service removal
|
- name: Ensure systemd reloaded after matrix-dimension.service removal
|
||||||
service:
|
service:
|
||||||
daemon_reload: yes
|
daemon_reload: yes
|
||||||
when: "not matrix_dimension_enabled and matrix_dimension_service_stat.stat.exists"
|
when: "not matrix_dimension_enabled|bool and matrix_dimension_service_stat.stat.exists"
|
||||||
|
|
||||||
- name: Ensure Dimension environment variables path doesn't exist
|
- name: Ensure Dimension environment variables path doesn't exist
|
||||||
file:
|
file:
|
||||||
path: "{{ matrix_dimension_base_path }}"
|
path: "{{ matrix_dimension_base_path }}"
|
||||||
state: absent
|
state: absent
|
||||||
when: "not matrix_dimension_enabled"
|
when: "not matrix_dimension_enabled|bool"
|
||||||
|
|
||||||
- name: Ensure Dimension Docker image doesn't exist
|
- name: Ensure Dimension Docker image doesn't exist
|
||||||
docker_image:
|
docker_image:
|
||||||
name: "{{ matrix_dimension_docker_image }}"
|
name: "{{ matrix_dimension_docker_image }}"
|
||||||
state: absent
|
state: absent
|
||||||
when: "not matrix_dimension_enabled"
|
when: "not matrix_dimension_enabled|bool"
|
||||||
|
@ -12,4 +12,4 @@
|
|||||||
You need to enable Matrix Federation to use Dimension. Set `{{ item }}` to 'true'.
|
You need to enable Matrix Federation to use Dimension. Set `{{ item }}` to 'true'.
|
||||||
with_items:
|
with_items:
|
||||||
- "matrix_synapse_federation_enabled"
|
- "matrix_synapse_federation_enabled"
|
||||||
when: "matrix_dimension_enabled and matrix_synapse_federation_enabled == false"
|
when: "matrix_dimension_enabled|bool and not matrix_synapse_federation_enabled|bool"
|
||||||
|
@ -1,3 +1,3 @@
|
|||||||
- set_fact:
|
- set_fact:
|
||||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mailer'] }}"
|
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mailer'] }}"
|
||||||
when: "matrix_mailer_enabled"
|
when: matrix_mailer_enabled|bool
|
||||||
|
@ -3,7 +3,7 @@
|
|||||||
- always
|
- always
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/setup_mailer.yml"
|
- import_tasks: "{{ role_path }}/tasks/setup_mailer.yml"
|
||||||
when: run_setup
|
when: run_setup|bool
|
||||||
tags:
|
tags:
|
||||||
- setup-all
|
- setup-all
|
||||||
- setup-mailer
|
- setup-mailer
|
@ -11,19 +11,19 @@
|
|||||||
mode: 0750
|
mode: 0750
|
||||||
owner: "{{ matrix_user_username }}"
|
owner: "{{ matrix_user_username }}"
|
||||||
group: "{{ matrix_user_username }}"
|
group: "{{ matrix_user_username }}"
|
||||||
when: matrix_mailer_enabled
|
when: matrix_mailer_enabled|bool
|
||||||
|
|
||||||
- name: Ensure mailer environment variables file created
|
- name: Ensure mailer environment variables file created
|
||||||
template:
|
template:
|
||||||
src: "{{ role_path }}/templates/env-mailer.j2"
|
src: "{{ role_path }}/templates/env-mailer.j2"
|
||||||
dest: "{{ matrix_mailer_base_path }}/env-mailer"
|
dest: "{{ matrix_mailer_base_path }}/env-mailer"
|
||||||
mode: 0640
|
mode: 0640
|
||||||
when: matrix_mailer_enabled
|
when: matrix_mailer_enabled|bool
|
||||||
|
|
||||||
- name: Ensure mailer image is pulled
|
- name: Ensure mailer image is pulled
|
||||||
docker_image:
|
docker_image:
|
||||||
name: "{{ matrix_mailer_docker_image }}"
|
name: "{{ matrix_mailer_docker_image }}"
|
||||||
when: matrix_mailer_enabled
|
when: matrix_mailer_enabled|bool
|
||||||
|
|
||||||
- name: Ensure matrix-mailer.service installed
|
- name: Ensure matrix-mailer.service installed
|
||||||
template:
|
template:
|
||||||
@ -31,12 +31,12 @@
|
|||||||
dest: "/etc/systemd/system/matrix-mailer.service"
|
dest: "/etc/systemd/system/matrix-mailer.service"
|
||||||
mode: 0644
|
mode: 0644
|
||||||
register: matrix_mailer_systemd_service_result
|
register: matrix_mailer_systemd_service_result
|
||||||
when: matrix_mailer_enabled
|
when: matrix_mailer_enabled|bool
|
||||||
|
|
||||||
- name: Ensure systemd reloaded after matrix-mailer.service installation
|
- name: Ensure systemd reloaded after matrix-mailer.service installation
|
||||||
service:
|
service:
|
||||||
daemon_reload: yes
|
daemon_reload: yes
|
||||||
when: "matrix_mailer_enabled and matrix_mailer_systemd_service_result.changed"
|
when: "matrix_mailer_enabled|bool and matrix_mailer_systemd_service_result.changed"
|
||||||
|
|
||||||
#
|
#
|
||||||
# Tasks related to getting rid of the mailer (if it was previously enabled)
|
# Tasks related to getting rid of the mailer (if it was previously enabled)
|
||||||
@ -46,7 +46,7 @@
|
|||||||
stat:
|
stat:
|
||||||
path: "/etc/systemd/system/matrix-mailer.service"
|
path: "/etc/systemd/system/matrix-mailer.service"
|
||||||
register: matrix_mailer_service_stat
|
register: matrix_mailer_service_stat
|
||||||
when: "not matrix_mailer_enabled"
|
when: "not matrix_mailer_enabled|bool"
|
||||||
|
|
||||||
- name: Ensure matrix-mailer is stopped
|
- name: Ensure matrix-mailer is stopped
|
||||||
service:
|
service:
|
||||||
@ -54,27 +54,27 @@
|
|||||||
state: stopped
|
state: stopped
|
||||||
daemon_reload: yes
|
daemon_reload: yes
|
||||||
register: stopping_result
|
register: stopping_result
|
||||||
when: "not matrix_mailer_enabled and matrix_mailer_service_stat.stat.exists"
|
when: "not matrix_mailer_enabled|bool and matrix_mailer_service_stat.stat.exists"
|
||||||
|
|
||||||
- name: Ensure matrix-mailer.service doesn't exist
|
- name: Ensure matrix-mailer.service doesn't exist
|
||||||
file:
|
file:
|
||||||
path: "/etc/systemd/system/matrix-mailer.service"
|
path: "/etc/systemd/system/matrix-mailer.service"
|
||||||
state: absent
|
state: absent
|
||||||
when: "not matrix_mailer_enabled and matrix_mailer_service_stat.stat.exists"
|
when: "not matrix_mailer_enabled|bool and matrix_mailer_service_stat.stat.exists"
|
||||||
|
|
||||||
- name: Ensure systemd reloaded after matrix-mailer.service removal
|
- name: Ensure systemd reloaded after matrix-mailer.service removal
|
||||||
service:
|
service:
|
||||||
daemon_reload: yes
|
daemon_reload: yes
|
||||||
when: "not matrix_mailer_enabled and matrix_mailer_service_stat.stat.exists"
|
when: "not matrix_mailer_enabled|bool and matrix_mailer_service_stat.stat.exists"
|
||||||
|
|
||||||
- name: Ensure Matrix mailer environment variables path doesn't exist
|
- name: Ensure Matrix mailer environment variables path doesn't exist
|
||||||
file:
|
file:
|
||||||
path: "{{ matrix_mailer_base_path }}"
|
path: "{{ matrix_mailer_base_path }}"
|
||||||
state: absent
|
state: absent
|
||||||
when: "not matrix_mailer_enabled"
|
when: "not matrix_mailer_enabled|bool"
|
||||||
|
|
||||||
- name: Ensure mailer Docker image doesn't exist
|
- name: Ensure mailer Docker image doesn't exist
|
||||||
docker_image:
|
docker_image:
|
||||||
name: "{{ matrix_mailer_docker_image }}"
|
name: "{{ matrix_mailer_docker_image }}"
|
||||||
state: absent
|
state: absent
|
||||||
when: "not matrix_mailer_enabled"
|
when: "not matrix_mailer_enabled|bool"
|
||||||
|
@ -1,3 +1,3 @@
|
|||||||
- set_fact:
|
- set_fact:
|
||||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mxisd'] }}"
|
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mxisd'] }}"
|
||||||
when: "matrix_mxisd_enabled"
|
when: matrix_mxisd_enabled|bool
|
||||||
|
@ -3,7 +3,7 @@
|
|||||||
- always
|
- always
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||||
when: "run_setup and matrix_mxisd_enabled"
|
when: "run_setup|bool and matrix_mxisd_enabled|bool"
|
||||||
tags:
|
tags:
|
||||||
- setup-all
|
- setup-all
|
||||||
- setup-mxisd
|
- setup-mxisd
|
||||||
@ -16,6 +16,6 @@
|
|||||||
- import_tasks: "{{ role_path }}/tasks/self_check_mxisd.yml"
|
- import_tasks: "{{ role_path }}/tasks/self_check_mxisd.yml"
|
||||||
delegate_to: 127.0.0.1
|
delegate_to: 127.0.0.1
|
||||||
become: false
|
become: false
|
||||||
when: "run_self_check and matrix_mxisd_enabled"
|
when: "run_self_check|bool and matrix_mxisd_enabled|bool"
|
||||||
tags:
|
tags:
|
||||||
- self-check
|
- self-check
|
||||||
|
@ -14,12 +14,12 @@
|
|||||||
with_items:
|
with_items:
|
||||||
- "{{ matrix_mxisd_config_path }}"
|
- "{{ matrix_mxisd_config_path }}"
|
||||||
- "{{ matrix_mxisd_data_path }}"
|
- "{{ matrix_mxisd_data_path }}"
|
||||||
when: matrix_mxisd_enabled
|
when: matrix_mxisd_enabled|bool
|
||||||
|
|
||||||
- name: Ensure mxisd image is pulled
|
- name: Ensure mxisd image is pulled
|
||||||
docker_image:
|
docker_image:
|
||||||
name: "{{ matrix_mxisd_docker_image }}"
|
name: "{{ matrix_mxisd_docker_image }}"
|
||||||
when: matrix_mxisd_enabled
|
when: matrix_mxisd_enabled|bool
|
||||||
|
|
||||||
- name: Ensure mxisd config installed
|
- name: Ensure mxisd config installed
|
||||||
copy:
|
copy:
|
||||||
@ -28,7 +28,7 @@
|
|||||||
mode: 0644
|
mode: 0644
|
||||||
owner: "{{ matrix_user_username }}"
|
owner: "{{ matrix_user_username }}"
|
||||||
group: "{{ matrix_user_username }}"
|
group: "{{ matrix_user_username }}"
|
||||||
when: matrix_mxisd_enabled
|
when: matrix_mxisd_enabled|bool
|
||||||
|
|
||||||
- name: Ensure custom templates are installed if any
|
- name: Ensure custom templates are installed if any
|
||||||
copy:
|
copy:
|
||||||
@ -42,7 +42,7 @@
|
|||||||
- {value: "{{ matrix_mxisd_threepid_medium_email_custom_session_validation_template }}", location: 'validate-template.eml'}
|
- {value: "{{ matrix_mxisd_threepid_medium_email_custom_session_validation_template }}", location: 'validate-template.eml'}
|
||||||
- {value: "{{ matrix_mxisd_threepid_medium_email_custom_unbind_fraudulent_template }}", location: 'unbind-fraudulent.eml'}
|
- {value: "{{ matrix_mxisd_threepid_medium_email_custom_unbind_fraudulent_template }}", location: 'unbind-fraudulent.eml'}
|
||||||
- {value: "{{ matrix_mxisd_threepid_medium_email_custom_matrixid_template }}", location: 'mxid-template.eml'}
|
- {value: "{{ matrix_mxisd_threepid_medium_email_custom_matrixid_template }}", location: 'mxid-template.eml'}
|
||||||
when: matrix_mxisd_enabled and matrix_mxisd_threepid_medium_email_custom_templates_enabled and item.value
|
when: "matrix_mxisd_enabled|bool and matrix_mxisd_threepid_medium_email_custom_templates_enabled|bool and item.value"
|
||||||
|
|
||||||
- name: Ensure matrix-mxisd.service installed
|
- name: Ensure matrix-mxisd.service installed
|
||||||
template:
|
template:
|
||||||
@ -50,12 +50,12 @@
|
|||||||
dest: "/etc/systemd/system/matrix-mxisd.service"
|
dest: "/etc/systemd/system/matrix-mxisd.service"
|
||||||
mode: 0644
|
mode: 0644
|
||||||
register: matrix_mxisd_systemd_service_result
|
register: matrix_mxisd_systemd_service_result
|
||||||
when: matrix_mxisd_enabled
|
when: matrix_mxisd_enabled|bool
|
||||||
|
|
||||||
- name: Ensure systemd reloaded after matrix-mxisd.service installation
|
- name: Ensure systemd reloaded after matrix-mxisd.service installation
|
||||||
service:
|
service:
|
||||||
daemon_reload: yes
|
daemon_reload: yes
|
||||||
when: "matrix_mxisd_enabled and matrix_mxisd_systemd_service_result.changed"
|
when: "matrix_mxisd_enabled|bool and matrix_mxisd_systemd_service_result.changed"
|
||||||
|
|
||||||
#
|
#
|
||||||
# Tasks related to getting rid of mxisd (if it was previously enabled)
|
# Tasks related to getting rid of mxisd (if it was previously enabled)
|
||||||
@ -72,27 +72,27 @@
|
|||||||
state: stopped
|
state: stopped
|
||||||
daemon_reload: yes
|
daemon_reload: yes
|
||||||
register: stopping_result
|
register: stopping_result
|
||||||
when: "not matrix_mxisd_enabled and matrix_mxisd_service_stat.stat.exists"
|
when: "not matrix_mxisd_enabled|bool and matrix_mxisd_service_stat.stat.exists"
|
||||||
|
|
||||||
- name: Ensure matrix-mxisd.service doesn't exist
|
- name: Ensure matrix-mxisd.service doesn't exist
|
||||||
file:
|
file:
|
||||||
path: "/etc/systemd/system/matrix-mxisd.service"
|
path: "/etc/systemd/system/matrix-mxisd.service"
|
||||||
state: absent
|
state: absent
|
||||||
when: "not matrix_mxisd_enabled and matrix_mxisd_service_stat.stat.exists"
|
when: "not matrix_mxisd_enabled|bool and matrix_mxisd_service_stat.stat.exists"
|
||||||
|
|
||||||
- name: Ensure systemd reloaded after matrix-mxisd.service removal
|
- name: Ensure systemd reloaded after matrix-mxisd.service removal
|
||||||
service:
|
service:
|
||||||
daemon_reload: yes
|
daemon_reload: yes
|
||||||
when: "not matrix_mxisd_enabled and matrix_mxisd_service_stat.stat.exists"
|
when: "not matrix_mxisd_enabled|bool and matrix_mxisd_service_stat.stat.exists"
|
||||||
|
|
||||||
- name: Ensure Matrix mxisd paths don't exist
|
- name: Ensure Matrix mxisd paths don't exist
|
||||||
file:
|
file:
|
||||||
path: "{{ matrix_mxisd_base_path }}"
|
path: "{{ matrix_mxisd_base_path }}"
|
||||||
state: absent
|
state: absent
|
||||||
when: "not matrix_mxisd_enabled"
|
when: "not matrix_mxisd_enabled|bool"
|
||||||
|
|
||||||
- name: Ensure mxisd Docker image doesn't exist
|
- name: Ensure mxisd Docker image doesn't exist
|
||||||
docker_image:
|
docker_image:
|
||||||
name: "{{ matrix_mxisd_docker_image }}"
|
name: "{{ matrix_mxisd_docker_image }}"
|
||||||
state: absent
|
state: absent
|
||||||
when: "not matrix_mxisd_enabled"
|
when: "not matrix_mxisd_enabled|bool"
|
||||||
|
@ -1,3 +1,3 @@
|
|||||||
- set_fact:
|
- set_fact:
|
||||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-nginx-proxy'] }}"
|
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-nginx-proxy'] }}"
|
||||||
when: "matrix_nginx_proxy_enabled"
|
when: matrix_nginx_proxy_enabled|bool
|
||||||
|
@ -6,20 +6,20 @@
|
|||||||
# This role performs actions even if the role is disabled, so we need
|
# This role performs actions even if the role is disabled, so we need
|
||||||
# to ensure there's a valid configuration in any case.
|
# to ensure there's a valid configuration in any case.
|
||||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||||
when: run_setup
|
when: run_setup|bool
|
||||||
tags:
|
tags:
|
||||||
- setup-all
|
- setup-all
|
||||||
- setup-nginx-proxy
|
- setup-nginx-proxy
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/ssl/main.yml"
|
- import_tasks: "{{ role_path }}/tasks/ssl/main.yml"
|
||||||
when: run_setup
|
when: run_setup|bool
|
||||||
tags:
|
tags:
|
||||||
- setup-all
|
- setup-all
|
||||||
- setup-nginx-proxy
|
- setup-nginx-proxy
|
||||||
- setup-ssl
|
- setup-ssl
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/setup_nginx_proxy.yml"
|
- import_tasks: "{{ role_path }}/tasks/setup_nginx_proxy.yml"
|
||||||
when: run_setup
|
when: run_setup|bool
|
||||||
tags:
|
tags:
|
||||||
- setup-all
|
- setup-all
|
||||||
- setup-nginx-proxy
|
- setup-nginx-proxy
|
||||||
@ -27,7 +27,7 @@
|
|||||||
- import_tasks: "{{ role_path }}/tasks/self_check_well_known.yml"
|
- import_tasks: "{{ role_path }}/tasks/self_check_well_known.yml"
|
||||||
delegate_to: 127.0.0.1
|
delegate_to: 127.0.0.1
|
||||||
become: false
|
become: false
|
||||||
when: run_self_check
|
when: run_self_check|bool
|
||||||
tags:
|
tags:
|
||||||
- self-check
|
- self-check
|
||||||
|
|
||||||
|
@ -21,7 +21,7 @@
|
|||||||
- name: Determine domains that we require certificates for (mxisd)
|
- name: Determine domains that we require certificates for (mxisd)
|
||||||
set_fact:
|
set_fact:
|
||||||
well_known_file_checks: "{{ well_known_file_checks + [well_known_file_check_matrix_server] }}"
|
well_known_file_checks: "{{ well_known_file_checks + [well_known_file_check_matrix_server] }}"
|
||||||
when: "matrix_well_known_matrix_server_enabled"
|
when: matrix_well_known_matrix_server_enabled|bool
|
||||||
|
|
||||||
- name: Perform well-known checks
|
- name: Perform well-known checks
|
||||||
include_tasks: "{{ role_path }}/tasks/self_check_well_known_file.yml"
|
include_tasks: "{{ role_path }}/tasks/self_check_well_known_file.yml"
|
||||||
|
@ -27,7 +27,7 @@
|
|||||||
src: "{{ role_path }}/templates/nginx/nginx.conf.j2"
|
src: "{{ role_path }}/templates/nginx/nginx.conf.j2"
|
||||||
dest: "{{ matrix_nginx_proxy_base_path }}/nginx.conf"
|
dest: "{{ matrix_nginx_proxy_base_path }}/nginx.conf"
|
||||||
mode: 0644
|
mode: 0644
|
||||||
when: "matrix_nginx_proxy_enabled"
|
when: matrix_nginx_proxy_enabled|bool
|
||||||
|
|
||||||
- name: Ensure matrix-synapse-metrics-htpasswd is present (protecting /_synapse/metrics URI)
|
- name: Ensure matrix-synapse-metrics-htpasswd is present (protecting /_synapse/metrics URI)
|
||||||
template:
|
template:
|
||||||
@ -36,35 +36,35 @@
|
|||||||
owner: "{{ matrix_user_username }}"
|
owner: "{{ matrix_user_username }}"
|
||||||
group: "{{ matrix_user_username }}"
|
group: "{{ matrix_user_username }}"
|
||||||
mode: 0400
|
mode: 0400
|
||||||
when: "matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_enabled and matrix_nginx_proxy_proxy_synapse_metrics"
|
when: "matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_enabled|bool and matrix_nginx_proxy_proxy_synapse_metrics|bool"
|
||||||
|
|
||||||
- name: Ensure Matrix nginx-proxy configured (generic)
|
- name: Ensure Matrix nginx-proxy configured (generic)
|
||||||
template:
|
template:
|
||||||
src: "{{ role_path }}/templates/nginx/conf.d/nginx-http.conf.j2"
|
src: "{{ role_path }}/templates/nginx/conf.d/nginx-http.conf.j2"
|
||||||
dest: "{{ matrix_nginx_proxy_confd_path }}/nginx-http.conf"
|
dest: "{{ matrix_nginx_proxy_confd_path }}/nginx-http.conf"
|
||||||
mode: 0644
|
mode: 0644
|
||||||
when: "matrix_nginx_proxy_enabled"
|
when: matrix_nginx_proxy_enabled|bool
|
||||||
|
|
||||||
- name: Ensure Matrix nginx-proxy configuration for matrix domain exists
|
- name: Ensure Matrix nginx-proxy configuration for matrix domain exists
|
||||||
template:
|
template:
|
||||||
src: "{{ role_path }}/templates/nginx/conf.d/matrix-synapse.conf.j2"
|
src: "{{ role_path }}/templates/nginx/conf.d/matrix-synapse.conf.j2"
|
||||||
dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-synapse.conf"
|
dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-synapse.conf"
|
||||||
mode: 0644
|
mode: 0644
|
||||||
when: "matrix_nginx_proxy_proxy_matrix_enabled"
|
when: matrix_nginx_proxy_proxy_matrix_enabled|bool
|
||||||
|
|
||||||
- name: Ensure Matrix nginx-proxy configuration for riot domain exists
|
- name: Ensure Matrix nginx-proxy configuration for riot domain exists
|
||||||
template:
|
template:
|
||||||
src: "{{ role_path }}/templates/nginx/conf.d/matrix-riot-web.conf.j2"
|
src: "{{ role_path }}/templates/nginx/conf.d/matrix-riot-web.conf.j2"
|
||||||
dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-riot-web.conf"
|
dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-riot-web.conf"
|
||||||
mode: 0644
|
mode: 0644
|
||||||
when: "matrix_nginx_proxy_proxy_riot_enabled"
|
when: matrix_nginx_proxy_proxy_riot_enabled|bool
|
||||||
|
|
||||||
- name: Ensure Matrix nginx-proxy configuration for dimension domain exists
|
- name: Ensure Matrix nginx-proxy configuration for dimension domain exists
|
||||||
template:
|
template:
|
||||||
src: "{{ role_path }}/templates/nginx/conf.d/matrix-dimension.conf.j2"
|
src: "{{ role_path }}/templates/nginx/conf.d/matrix-dimension.conf.j2"
|
||||||
dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-dimension.conf"
|
dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-dimension.conf"
|
||||||
mode: 0644
|
mode: 0644
|
||||||
when: "matrix_nginx_proxy_proxy_dimension_enabled"
|
when: matrix_nginx_proxy_proxy_dimension_enabled|bool
|
||||||
|
|
||||||
- name: Ensure Matrix nginx-proxy data directory for base domain exists
|
- name: Ensure Matrix nginx-proxy data directory for base domain exists
|
||||||
file:
|
file:
|
||||||
@ -73,7 +73,7 @@
|
|||||||
mode: 0750
|
mode: 0750
|
||||||
owner: "{{ matrix_user_username }}"
|
owner: "{{ matrix_user_username }}"
|
||||||
group: "{{ matrix_user_username }}"
|
group: "{{ matrix_user_username }}"
|
||||||
when: "matrix_nginx_proxy_base_domain_serving_enabled"
|
when: matrix_nginx_proxy_base_domain_serving_enabled|bool
|
||||||
|
|
||||||
- name: Ensure Matrix nginx-proxy homepage for base domain exists
|
- name: Ensure Matrix nginx-proxy homepage for base domain exists
|
||||||
copy:
|
copy:
|
||||||
@ -82,14 +82,14 @@
|
|||||||
mode: 0644
|
mode: 0644
|
||||||
owner: "{{ matrix_user_username }}"
|
owner: "{{ matrix_user_username }}"
|
||||||
group: "{{ matrix_user_username }}"
|
group: "{{ matrix_user_username }}"
|
||||||
when: "matrix_nginx_proxy_base_domain_serving_enabled"
|
when: matrix_nginx_proxy_base_domain_serving_enabled|bool
|
||||||
|
|
||||||
- name: Ensure Matrix nginx-proxy configuration for base domain exists
|
- name: Ensure Matrix nginx-proxy configuration for base domain exists
|
||||||
template:
|
template:
|
||||||
src: "{{ role_path }}/templates/nginx/conf.d/matrix-domain.conf.j2"
|
src: "{{ role_path }}/templates/nginx/conf.d/matrix-domain.conf.j2"
|
||||||
dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-domain.conf"
|
dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-domain.conf"
|
||||||
mode: 0644
|
mode: 0644
|
||||||
when: "matrix_nginx_proxy_base_domain_serving_enabled"
|
when: matrix_nginx_proxy_base_domain_serving_enabled|bool
|
||||||
|
|
||||||
#
|
#
|
||||||
# Tasks related to setting up matrix-nginx-proxy
|
# Tasks related to setting up matrix-nginx-proxy
|
||||||
@ -97,7 +97,7 @@
|
|||||||
- name: Ensure nginx Docker image is pulled
|
- name: Ensure nginx Docker image is pulled
|
||||||
docker_image:
|
docker_image:
|
||||||
name: "{{ matrix_nginx_proxy_docker_image }}"
|
name: "{{ matrix_nginx_proxy_docker_image }}"
|
||||||
when: matrix_nginx_proxy_enabled
|
when: matrix_nginx_proxy_enabled|bool
|
||||||
|
|
||||||
- name: Ensure matrix-nginx-proxy.service installed
|
- name: Ensure matrix-nginx-proxy.service installed
|
||||||
template:
|
template:
|
||||||
@ -105,7 +105,7 @@
|
|||||||
dest: "/etc/systemd/system/matrix-nginx-proxy.service"
|
dest: "/etc/systemd/system/matrix-nginx-proxy.service"
|
||||||
mode: 0644
|
mode: 0644
|
||||||
register: matrix_nginx_proxy_systemd_service_result
|
register: matrix_nginx_proxy_systemd_service_result
|
||||||
when: matrix_nginx_proxy_enabled
|
when: matrix_nginx_proxy_enabled|bool
|
||||||
|
|
||||||
- name: Ensure systemd reloaded after matrix-nginx-proxy.service installation
|
- name: Ensure systemd reloaded after matrix-nginx-proxy.service installation
|
||||||
service:
|
service:
|
||||||
@ -121,7 +121,7 @@
|
|||||||
stat:
|
stat:
|
||||||
path: "/etc/systemd/system/matrix-nginx-proxy.service"
|
path: "/etc/systemd/system/matrix-nginx-proxy.service"
|
||||||
register: matrix_nginx_proxy_service_stat
|
register: matrix_nginx_proxy_service_stat
|
||||||
when: "not matrix_nginx_proxy_enabled"
|
when: "not matrix_nginx_proxy_enabled|bool"
|
||||||
|
|
||||||
- name: Ensure matrix-nginx-proxy is stopped
|
- name: Ensure matrix-nginx-proxy is stopped
|
||||||
service:
|
service:
|
||||||
@ -129,57 +129,57 @@
|
|||||||
state: stopped
|
state: stopped
|
||||||
daemon_reload: yes
|
daemon_reload: yes
|
||||||
register: stopping_result
|
register: stopping_result
|
||||||
when: "not matrix_nginx_proxy_enabled and matrix_nginx_proxy_service_stat.stat.exists"
|
when: "not matrix_nginx_proxy_enabled|bool and matrix_nginx_proxy_service_stat.stat.exists"
|
||||||
|
|
||||||
- name: Ensure matrix-nginx-proxy.service doesn't exist
|
- name: Ensure matrix-nginx-proxy.service doesn't exist
|
||||||
file:
|
file:
|
||||||
path: "/etc/systemd/system/matrix-nginx-proxy.service"
|
path: "/etc/systemd/system/matrix-nginx-proxy.service"
|
||||||
state: absent
|
state: absent
|
||||||
when: "not matrix_nginx_proxy_enabled and matrix_nginx_proxy_service_stat.stat.exists"
|
when: "not matrix_nginx_proxy_enabled|bool and matrix_nginx_proxy_service_stat.stat.exists"
|
||||||
|
|
||||||
- name: Ensure systemd reloaded after matrix-nginx-proxy.service removal
|
- name: Ensure systemd reloaded after matrix-nginx-proxy.service removal
|
||||||
service:
|
service:
|
||||||
daemon_reload: yes
|
daemon_reload: yes
|
||||||
when: "not matrix_nginx_proxy_enabled and matrix_nginx_proxy_service_stat.stat.exists"
|
when: "not matrix_nginx_proxy_enabled|bool and matrix_nginx_proxy_service_stat.stat.exists"
|
||||||
|
|
||||||
- name: Ensure Matrix nginx-proxy configuration for matrix domain deleted
|
- name: Ensure Matrix nginx-proxy configuration for matrix domain deleted
|
||||||
file:
|
file:
|
||||||
path: "{{ matrix_nginx_proxy_confd_path }}/matrix-synapse.conf"
|
path: "{{ matrix_nginx_proxy_confd_path }}/matrix-synapse.conf"
|
||||||
state: absent
|
state: absent
|
||||||
when: "not matrix_nginx_proxy_proxy_matrix_enabled"
|
when: "not matrix_nginx_proxy_proxy_matrix_enabled|bool"
|
||||||
|
|
||||||
- name: Ensure Matrix nginx-proxy configuration for riot domain deleted
|
- name: Ensure Matrix nginx-proxy configuration for riot domain deleted
|
||||||
file:
|
file:
|
||||||
path: "{{ matrix_nginx_proxy_confd_path }}/matrix-riot-web.conf"
|
path: "{{ matrix_nginx_proxy_confd_path }}/matrix-riot-web.conf"
|
||||||
state: absent
|
state: absent
|
||||||
when: "not matrix_nginx_proxy_proxy_riot_enabled"
|
when: "not matrix_nginx_proxy_proxy_riot_enabled|bool"
|
||||||
|
|
||||||
- name: Ensure Matrix nginx-proxy configuration for dimension domain deleted
|
- name: Ensure Matrix nginx-proxy configuration for dimension domain deleted
|
||||||
file:
|
file:
|
||||||
path: "{{ matrix_nginx_proxy_confd_path }}/matrix-dimension.conf"
|
path: "{{ matrix_nginx_proxy_confd_path }}/matrix-dimension.conf"
|
||||||
state: absent
|
state: absent
|
||||||
when: "not matrix_nginx_proxy_proxy_dimension_enabled"
|
when: "not matrix_nginx_proxy_proxy_dimension_enabled|bool"
|
||||||
|
|
||||||
- name: Ensure Matrix nginx-proxy homepage for base domain deleted
|
- name: Ensure Matrix nginx-proxy homepage for base domain deleted
|
||||||
file:
|
file:
|
||||||
path: "{{ matrix_nginx_proxy_data_path }}/matrix-domain/index.html"
|
path: "{{ matrix_nginx_proxy_data_path }}/matrix-domain/index.html"
|
||||||
state: absent
|
state: absent
|
||||||
when: "not matrix_nginx_proxy_base_domain_serving_enabled"
|
when: "not matrix_nginx_proxy_base_domain_serving_enabled|bool"
|
||||||
|
|
||||||
- name: Ensure Matrix nginx-proxy configuration for base domain deleted
|
- name: Ensure Matrix nginx-proxy configuration for base domain deleted
|
||||||
file:
|
file:
|
||||||
path: "{{ matrix_nginx_proxy_confd_path }}/matrix-domain.conf"
|
path: "{{ matrix_nginx_proxy_confd_path }}/matrix-domain.conf"
|
||||||
state: absent
|
state: absent
|
||||||
when: "not matrix_nginx_proxy_base_domain_serving_enabled"
|
when: "not matrix_nginx_proxy_base_domain_serving_enabled|bool"
|
||||||
|
|
||||||
- name: Ensure Matrix nginx-proxy configuration for main config override deleted
|
- name: Ensure Matrix nginx-proxy configuration for main config override deleted
|
||||||
file:
|
file:
|
||||||
path: "{{ matrix_nginx_proxy_base_path }}/nginx.conf"
|
path: "{{ matrix_nginx_proxy_base_path }}/nginx.conf"
|
||||||
state: absent
|
state: absent
|
||||||
when: "not matrix_nginx_proxy_enabled"
|
when: "not matrix_nginx_proxy_enabled|bool"
|
||||||
|
|
||||||
- name: Ensure Matrix nginx-proxy htpasswd is deleted (protecting /_synapse/metrics URI)
|
- name: Ensure Matrix nginx-proxy htpasswd is deleted (protecting /_synapse/metrics URI)
|
||||||
file:
|
file:
|
||||||
path: "{{ matrix_nginx_proxy_data_path }}/matrix-synapse-metrics-htpasswd"
|
path: "{{ matrix_nginx_proxy_data_path }}/matrix-synapse-metrics-htpasswd"
|
||||||
state: absent
|
state: absent
|
||||||
when: "not matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_enabled or not matrix_nginx_proxy_proxy_synapse_metrics"
|
when: "not matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_enabled|bool or not matrix_nginx_proxy_proxy_synapse_metrics|bool"
|
||||||
|
@ -82,7 +82,7 @@
|
|||||||
minute: 20
|
minute: 20
|
||||||
day: "*"
|
day: "*"
|
||||||
job: /bin/systemctl reload matrix-nginx-proxy.service
|
job: /bin/systemctl reload matrix-nginx-proxy.service
|
||||||
when: matrix_nginx_proxy_enabled
|
when: matrix_nginx_proxy_enabled|bool
|
||||||
when: "matrix_ssl_retrieval_method == 'lets-encrypt'"
|
when: "matrix_ssl_retrieval_method == 'lets-encrypt'"
|
||||||
|
|
||||||
|
|
||||||
@ -98,7 +98,7 @@
|
|||||||
cron_file: matrix-ssl-lets-encrypt
|
cron_file: matrix-ssl-lets-encrypt
|
||||||
name: matrix-nginx-proxy-reload
|
name: matrix-nginx-proxy-reload
|
||||||
state: absent
|
state: absent
|
||||||
when: "not matrix_nginx_proxy_enabled"
|
when: "not matrix_nginx_proxy_enabled|bool"
|
||||||
|
|
||||||
# When Let's Encrypt is not used at all, remove all cronjobs in that cron file.
|
# When Let's Encrypt is not used at all, remove all cronjobs in that cron file.
|
||||||
- name: Ensure matrix-ssl-lets-encrypt-renew cronjob removed
|
- name: Ensure matrix-ssl-lets-encrypt-renew cronjob removed
|
||||||
|
@ -35,7 +35,7 @@
|
|||||||
--agree-tos
|
--agree-tos
|
||||||
--email={{ matrix_ssl_lets_encrypt_support_email }}
|
--email={{ matrix_ssl_lets_encrypt_support_email }}
|
||||||
-d {{ domain_name }}
|
-d {{ domain_name }}
|
||||||
when: "domain_name_needs_cert"
|
when: domain_name_needs_cert|bool
|
||||||
register: result_certbot_direct
|
register: result_certbot_direct
|
||||||
ignore_errors: true
|
ignore_errors: true
|
||||||
|
|
||||||
|
@ -5,7 +5,7 @@
|
|||||||
- name: Fail if Postgres not enabled
|
- name: Fail if Postgres not enabled
|
||||||
fail:
|
fail:
|
||||||
msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot import."
|
msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot import."
|
||||||
when: "not matrix_postgres_enabled"
|
when: "not matrix_postgres_enabled|bool"
|
||||||
|
|
||||||
- name: Fail if playbook called incorrectly
|
- name: Fail if playbook called incorrectly
|
||||||
fail:
|
fail:
|
||||||
@ -20,7 +20,7 @@
|
|||||||
- name: Fail if provided Postgres dump file doesn't exists
|
- name: Fail if provided Postgres dump file doesn't exists
|
||||||
fail:
|
fail:
|
||||||
msg: "File cannot be found on the server at {{ server_path_postgres_dump }}"
|
msg: "File cannot be found on the server at {{ server_path_postgres_dump }}"
|
||||||
when: not result_server_path_postgres_dump_stat.stat.exists
|
when: "not result_server_path_postgres_dump_stat.stat.exists"
|
||||||
|
|
||||||
|
|
||||||
# Defaults
|
# Defaults
|
||||||
@ -54,7 +54,7 @@
|
|||||||
- name: Abort, if no existing Postgres version detected
|
- name: Abort, if no existing Postgres version detected
|
||||||
fail:
|
fail:
|
||||||
msg: "Could not find existing Postgres installation"
|
msg: "Could not find existing Postgres installation"
|
||||||
when: "not matrix_postgres_detected_existing"
|
when: "not matrix_postgres_detected_existing|bool"
|
||||||
|
|
||||||
- name: Generate Postgres database import command
|
- name: Generate Postgres database import command
|
||||||
set_fact:
|
set_fact:
|
||||||
|
@ -5,7 +5,7 @@
|
|||||||
- name: Fail if Postgres not enabled
|
- name: Fail if Postgres not enabled
|
||||||
fail:
|
fail:
|
||||||
msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot import."
|
msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot import."
|
||||||
when: "not matrix_postgres_enabled"
|
when: "not matrix_postgres_enabled|bool"
|
||||||
|
|
||||||
- name: Fail if playbook called incorrectly
|
- name: Fail if playbook called incorrectly
|
||||||
fail:
|
fail:
|
||||||
@ -20,7 +20,7 @@
|
|||||||
- name: Fail if provided SQLite homeserver.db file doesn't exist
|
- name: Fail if provided SQLite homeserver.db file doesn't exist
|
||||||
fail:
|
fail:
|
||||||
msg: "File cannot be found on the server at {{ server_path_homeserver_db }}"
|
msg: "File cannot be found on the server at {{ server_path_homeserver_db }}"
|
||||||
when: not result_server_path_homeserver_db_stat.stat.exists
|
when: "not result_server_path_homeserver_db_stat.stat.exists"
|
||||||
|
|
||||||
|
|
||||||
# Defaults
|
# Defaults
|
||||||
|
@ -1,3 +1,3 @@
|
|||||||
- set_fact:
|
- set_fact:
|
||||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-postgres'] }}"
|
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-postgres'] }}"
|
||||||
when: matrix_postgres_enabled
|
when: matrix_postgres_enabled|bool
|
||||||
|
@ -3,28 +3,28 @@
|
|||||||
- always
|
- always
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||||
when: "run_setup and matrix_postgres_enabled"
|
when: "run_setup|bool and matrix_postgres_enabled|bool"
|
||||||
tags:
|
tags:
|
||||||
- setup-all
|
- setup-all
|
||||||
- setup-postgres
|
- setup-postgres
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/setup_postgres.yml"
|
- import_tasks: "{{ role_path }}/tasks/setup_postgres.yml"
|
||||||
when: run_setup
|
when: run_setup|bool
|
||||||
tags:
|
tags:
|
||||||
- setup-all
|
- setup-all
|
||||||
- setup-postgres
|
- setup-postgres
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/import_postgres.yml"
|
- import_tasks: "{{ role_path }}/tasks/import_postgres.yml"
|
||||||
when: run_import_postgres
|
when: run_import_postgres|bool
|
||||||
tags:
|
tags:
|
||||||
- import-postgres
|
- import-postgres
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/import_sqlite_db.yml"
|
- import_tasks: "{{ role_path }}/tasks/import_sqlite_db.yml"
|
||||||
when: run_import_sqlite_db
|
when: run_import_sqlite_db|bool
|
||||||
tags:
|
tags:
|
||||||
- import-sqlite-db
|
- import-sqlite-db
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/upgrade_postgres.yml"
|
- import_tasks: "{{ role_path }}/tasks/upgrade_postgres.yml"
|
||||||
when: run_upgrade_postgres
|
when: run_upgrade_postgres|bool
|
||||||
tags:
|
tags:
|
||||||
- upgrade-postgres
|
- upgrade-postgres
|
||||||
|
@ -5,10 +5,10 @@
|
|||||||
#
|
#
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/migrate_postgres_data_directory.yml"
|
- import_tasks: "{{ role_path }}/tasks/migrate_postgres_data_directory.yml"
|
||||||
when: matrix_postgres_enabled
|
when: matrix_postgres_enabled|bool
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/util/detect_existing_postgres_version.yml"
|
- import_tasks: "{{ role_path }}/tasks/util/detect_existing_postgres_version.yml"
|
||||||
when: matrix_postgres_enabled
|
when: matrix_postgres_enabled|bool
|
||||||
|
|
||||||
# If we have found an existing version (installed from before), we use its corresponding Docker image.
|
# If we have found an existing version (installed from before), we use its corresponding Docker image.
|
||||||
# If not, we install using the latest Postgres.
|
# If not, we install using the latest Postgres.
|
||||||
@ -16,18 +16,18 @@
|
|||||||
# Upgrading is supposed to be performed separately and explicitly (see `upgrade_postgres.yml`).
|
# Upgrading is supposed to be performed separately and explicitly (see `upgrade_postgres.yml`).
|
||||||
- set_fact:
|
- set_fact:
|
||||||
matrix_postgres_docker_image_to_use: "{{ matrix_postgres_docker_image_latest if matrix_postgres_detected_version_corresponding_docker_image == '' else matrix_postgres_detected_version_corresponding_docker_image }}"
|
matrix_postgres_docker_image_to_use: "{{ matrix_postgres_docker_image_latest if matrix_postgres_detected_version_corresponding_docker_image == '' else matrix_postgres_detected_version_corresponding_docker_image }}"
|
||||||
when: matrix_postgres_enabled
|
when: matrix_postgres_enabled|bool
|
||||||
|
|
||||||
- name: Warn if on an old version of Postgres
|
- name: Warn if on an old version of Postgres
|
||||||
debug:
|
debug:
|
||||||
msg: "NOTE: Your setup is on an old Postgres version ({{ matrix_postgres_docker_image_to_use }}), while {{ matrix_postgres_docker_image_latest }} is supported. You can upgrade using --tags=upgrade-postgres"
|
msg: "NOTE: Your setup is on an old Postgres version ({{ matrix_postgres_docker_image_to_use }}), while {{ matrix_postgres_docker_image_latest }} is supported. You can upgrade using --tags=upgrade-postgres"
|
||||||
when: "matrix_postgres_enabled and matrix_postgres_docker_image_to_use != matrix_postgres_docker_image_latest"
|
when: "matrix_postgres_enabled|bool and matrix_postgres_docker_image_to_use != matrix_postgres_docker_image_latest"
|
||||||
|
|
||||||
# Even if we don't run the internal server, we still need this for running the CLI
|
# Even if we don't run the internal server, we still need this for running the CLI
|
||||||
- name: Ensure postgres Docker image is pulled
|
- name: Ensure postgres Docker image is pulled
|
||||||
docker_image:
|
docker_image:
|
||||||
name: "{{ matrix_postgres_docker_image_to_use }}"
|
name: "{{ matrix_postgres_docker_image_to_use }}"
|
||||||
when: matrix_postgres_enabled
|
when: matrix_postgres_enabled|bool
|
||||||
|
|
||||||
# We always create these directories, even if an external Postgres is used,
|
# We always create these directories, even if an external Postgres is used,
|
||||||
# because we store environment variable files there.
|
# because we store environment variable files there.
|
||||||
@ -41,7 +41,7 @@
|
|||||||
with_items:
|
with_items:
|
||||||
- "{{ matrix_postgres_base_path }}"
|
- "{{ matrix_postgres_base_path }}"
|
||||||
- "{{ matrix_postgres_data_path }}"
|
- "{{ matrix_postgres_data_path }}"
|
||||||
when: matrix_postgres_enabled
|
when: matrix_postgres_enabled|bool
|
||||||
|
|
||||||
- name: Ensure Postgres environment variables file created
|
- name: Ensure Postgres environment variables file created
|
||||||
template:
|
template:
|
||||||
@ -51,21 +51,21 @@
|
|||||||
with_items:
|
with_items:
|
||||||
- "env-postgres-psql"
|
- "env-postgres-psql"
|
||||||
- "env-postgres-server"
|
- "env-postgres-server"
|
||||||
when: matrix_postgres_enabled
|
when: matrix_postgres_enabled|bool
|
||||||
|
|
||||||
- name: Ensure matrix-postgres-cli script created
|
- name: Ensure matrix-postgres-cli script created
|
||||||
template:
|
template:
|
||||||
src: "{{ role_path }}/templates/usr-local-bin/matrix-postgres-cli.j2"
|
src: "{{ role_path }}/templates/usr-local-bin/matrix-postgres-cli.j2"
|
||||||
dest: "/usr/local/bin/matrix-postgres-cli"
|
dest: "/usr/local/bin/matrix-postgres-cli"
|
||||||
mode: 0750
|
mode: 0750
|
||||||
when: matrix_postgres_enabled
|
when: matrix_postgres_enabled|bool
|
||||||
|
|
||||||
- name: Ensure matrix-make-user-admin script created
|
- name: Ensure matrix-make-user-admin script created
|
||||||
template:
|
template:
|
||||||
src: "{{ role_path }}/templates/usr-local-bin/matrix-make-user-admin.j2"
|
src: "{{ role_path }}/templates/usr-local-bin/matrix-make-user-admin.j2"
|
||||||
dest: "/usr/local/bin/matrix-make-user-admin"
|
dest: "/usr/local/bin/matrix-make-user-admin"
|
||||||
mode: 0750
|
mode: 0750
|
||||||
when: matrix_postgres_enabled
|
when: matrix_postgres_enabled|bool
|
||||||
|
|
||||||
#
|
#
|
||||||
# Tasks related to setting up an internal postgres server
|
# Tasks related to setting up an internal postgres server
|
||||||
@ -77,12 +77,12 @@
|
|||||||
dest: "/etc/systemd/system/matrix-postgres.service"
|
dest: "/etc/systemd/system/matrix-postgres.service"
|
||||||
mode: 0644
|
mode: 0644
|
||||||
register: matrix_postgres_systemd_service_result
|
register: matrix_postgres_systemd_service_result
|
||||||
when: matrix_postgres_enabled
|
when: matrix_postgres_enabled|bool
|
||||||
|
|
||||||
- name: Ensure systemd reloaded after matrix-postgres.service installation
|
- name: Ensure systemd reloaded after matrix-postgres.service installation
|
||||||
service:
|
service:
|
||||||
daemon_reload: yes
|
daemon_reload: yes
|
||||||
when: "matrix_postgres_enabled and matrix_postgres_systemd_service_result.changed"
|
when: "matrix_postgres_enabled|bool and matrix_postgres_systemd_service_result.changed"
|
||||||
|
|
||||||
#
|
#
|
||||||
# Tasks related to getting rid of the internal postgres server (if it was previously enabled)
|
# Tasks related to getting rid of the internal postgres server (if it was previously enabled)
|
||||||
@ -92,41 +92,41 @@
|
|||||||
stat:
|
stat:
|
||||||
path: "/etc/systemd/system/matrix-postgres.service"
|
path: "/etc/systemd/system/matrix-postgres.service"
|
||||||
register: matrix_postgres_service_stat
|
register: matrix_postgres_service_stat
|
||||||
when: "not matrix_postgres_enabled"
|
when: "not matrix_postgres_enabled|bool"
|
||||||
|
|
||||||
- name: Ensure matrix-postgres is stopped
|
- name: Ensure matrix-postgres is stopped
|
||||||
service:
|
service:
|
||||||
name: matrix-postgres
|
name: matrix-postgres
|
||||||
state: stopped
|
state: stopped
|
||||||
daemon_reload: yes
|
daemon_reload: yes
|
||||||
when: "not matrix_postgres_enabled and matrix_postgres_service_stat.stat.exists"
|
when: "not matrix_postgres_enabled|bool and matrix_postgres_service_stat.stat.exists"
|
||||||
|
|
||||||
- name: Ensure matrix-postgres.service doesn't exist
|
- name: Ensure matrix-postgres.service doesn't exist
|
||||||
file:
|
file:
|
||||||
path: "/etc/systemd/system/matrix-postgres.service"
|
path: "/etc/systemd/system/matrix-postgres.service"
|
||||||
state: absent
|
state: absent
|
||||||
when: "not matrix_postgres_enabled and matrix_postgres_service_stat.stat.exists"
|
when: "not matrix_postgres_enabled|bool and matrix_postgres_service_stat.stat.exists"
|
||||||
|
|
||||||
- name: Ensure systemd reloaded after matrix-postgres.service removal
|
- name: Ensure systemd reloaded after matrix-postgres.service removal
|
||||||
service:
|
service:
|
||||||
daemon_reload: yes
|
daemon_reload: yes
|
||||||
when: "not matrix_postgres_enabled and matrix_postgres_service_stat.stat.exists"
|
when: "not matrix_postgres_enabled|bool and matrix_postgres_service_stat.stat.exists"
|
||||||
|
|
||||||
- name: Check existence of matrix-postgres local data path
|
- name: Check existence of matrix-postgres local data path
|
||||||
stat:
|
stat:
|
||||||
path: "{{ matrix_postgres_data_path }}"
|
path: "{{ matrix_postgres_data_path }}"
|
||||||
register: matrix_postgres_data_path_stat
|
register: matrix_postgres_data_path_stat
|
||||||
when: "not matrix_postgres_enabled"
|
when: "not matrix_postgres_enabled|bool"
|
||||||
|
|
||||||
# We just want to notify the user. Deleting data is too destructive.
|
# We just want to notify the user. Deleting data is too destructive.
|
||||||
- name: Notify if matrix-postgres local data remains
|
- name: Notify if matrix-postgres local data remains
|
||||||
debug:
|
debug:
|
||||||
msg: "Note: You are not using a local PostgreSQL database, but some old data remains from before in `{{ matrix_postgres_data_path }}`. Feel free to delete it."
|
msg: "Note: You are not using a local PostgreSQL database, but some old data remains from before in `{{ matrix_postgres_data_path }}`. Feel free to delete it."
|
||||||
when: "not matrix_postgres_enabled and matrix_postgres_data_path_stat.stat.exists"
|
when: "not matrix_postgres_enabled|bool and matrix_postgres_data_path_stat.stat.exists"
|
||||||
|
|
||||||
- name: Ensure matrix-postgres-update-user-password-hash script created
|
- name: Ensure matrix-postgres-update-user-password-hash script created
|
||||||
template:
|
template:
|
||||||
src: "{{ role_path }}/templates/usr-local-bin/matrix-postgres-update-user-password-hash.j2"
|
src: "{{ role_path }}/templates/usr-local-bin/matrix-postgres-update-user-password-hash.j2"
|
||||||
dest: "/usr/local/bin/matrix-postgres-update-user-password-hash"
|
dest: "/usr/local/bin/matrix-postgres-update-user-password-hash"
|
||||||
mode: 0750
|
mode: 0750
|
||||||
when: matrix_postgres_enabled
|
when: matrix_postgres_enabled|bool
|
||||||
|
@ -23,7 +23,7 @@
|
|||||||
- name: Fail, if trying to upgrade external Postgres database
|
- name: Fail, if trying to upgrade external Postgres database
|
||||||
fail:
|
fail:
|
||||||
msg: "Your configuration indicates that you're not using Postgres from this role. There is nothing to upgrade."
|
msg: "Your configuration indicates that you're not using Postgres from this role. There is nothing to upgrade."
|
||||||
when: "not matrix_postgres_enabled"
|
when: "not matrix_postgres_enabled|bool"
|
||||||
|
|
||||||
- name: Check Postgres auto-upgrade backup data directory
|
- name: Check Postgres auto-upgrade backup data directory
|
||||||
stat:
|
stat:
|
||||||
@ -40,7 +40,7 @@
|
|||||||
- name: Abort, if no existing Postgres version detected
|
- name: Abort, if no existing Postgres version detected
|
||||||
fail:
|
fail:
|
||||||
msg: "Could not find existing Postgres installation"
|
msg: "Could not find existing Postgres installation"
|
||||||
when: "not matrix_postgres_detected_existing"
|
when: "not matrix_postgres_detected_existing|bool"
|
||||||
|
|
||||||
- name: Abort, if already at latest Postgres version
|
- name: Abort, if already at latest Postgres version
|
||||||
fail:
|
fail:
|
||||||
|
@ -23,12 +23,12 @@
|
|||||||
slurp:
|
slurp:
|
||||||
src: "{{ matrix_postgres_detection_pg_version_path }}"
|
src: "{{ matrix_postgres_detection_pg_version_path }}"
|
||||||
register: result_pg_version
|
register: result_pg_version
|
||||||
when: "matrix_postgres_detected_existing"
|
when: matrix_postgres_detected_existing|bool
|
||||||
|
|
||||||
- name: Determine existing Postgres version (make sense of PG_VERSION file)
|
- name: Determine existing Postgres version (make sense of PG_VERSION file)
|
||||||
set_fact:
|
set_fact:
|
||||||
matrix_postgres_detected_version: "{{ result_pg_version['content']|b64decode|replace('\n', '') }}"
|
matrix_postgres_detected_version: "{{ result_pg_version['content']|b64decode|replace('\n', '') }}"
|
||||||
when: "matrix_postgres_detected_existing"
|
when: matrix_postgres_detected_existing|bool
|
||||||
|
|
||||||
- name: Determine corresponding Docker image to detected version (assume default of latest)
|
- name: Determine corresponding Docker image to detected version (assume default of latest)
|
||||||
set_fact:
|
set_fact:
|
||||||
|
@ -1,3 +1,3 @@
|
|||||||
- set_fact:
|
- set_fact:
|
||||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-riot-web'] }}"
|
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-riot-web'] }}"
|
||||||
when: matrix_riot_web_enabled
|
when: matrix_riot_web_enabled|bool
|
||||||
|
@ -3,13 +3,13 @@
|
|||||||
- always
|
- always
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||||
when: "run_setup and matrix_riot_web_enabled"
|
when: "run_setup|bool and matrix_riot_web_enabled|bool"
|
||||||
tags:
|
tags:
|
||||||
- setup-all
|
- setup-all
|
||||||
- setup-riot-web
|
- setup-riot-web
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/setup_riot_web.yml"
|
- import_tasks: "{{ role_path }}/tasks/setup_riot_web.yml"
|
||||||
when: run_setup
|
when: run_setup|bool
|
||||||
tags:
|
tags:
|
||||||
- setup-all
|
- setup-all
|
||||||
- setup-riot-web
|
- setup-riot-web
|
||||||
@ -17,6 +17,6 @@
|
|||||||
- import_tasks: "{{ role_path }}/tasks/self_check_riot_web.yml"
|
- import_tasks: "{{ role_path }}/tasks/self_check_riot_web.yml"
|
||||||
delegate_to: 127.0.0.1
|
delegate_to: 127.0.0.1
|
||||||
become: false
|
become: false
|
||||||
when: "run_self_check and matrix_riot_web_enabled"
|
when: "run_self_check|bool and matrix_riot_web_enabled|bool"
|
||||||
tags:
|
tags:
|
||||||
- self-check
|
- self-check
|
@ -11,12 +11,12 @@
|
|||||||
mode: 0750
|
mode: 0750
|
||||||
owner: "{{ matrix_user_username }}"
|
owner: "{{ matrix_user_username }}"
|
||||||
group: "{{ matrix_user_username }}"
|
group: "{{ matrix_user_username }}"
|
||||||
when: matrix_riot_web_enabled
|
when: matrix_riot_web_enabled|bool
|
||||||
|
|
||||||
- name: Ensure riot-web Docker image is pulled
|
- name: Ensure riot-web Docker image is pulled
|
||||||
docker_image:
|
docker_image:
|
||||||
name: "{{ matrix_riot_web_docker_image }}"
|
name: "{{ matrix_riot_web_docker_image }}"
|
||||||
when: matrix_riot_web_enabled
|
when: matrix_riot_web_enabled|bool
|
||||||
|
|
||||||
- name: Ensure Matrix riot-web config files installed
|
- name: Ensure Matrix riot-web config files installed
|
||||||
template:
|
template:
|
||||||
@ -30,7 +30,7 @@
|
|||||||
- {src: "{{ role_path }}/templates/nginx.conf.j2", name: "nginx.conf"}
|
- {src: "{{ role_path }}/templates/nginx.conf.j2", name: "nginx.conf"}
|
||||||
- {src: "{{ role_path }}/templates/welcome.html.j2", name: "welcome.html"}
|
- {src: "{{ role_path }}/templates/welcome.html.j2", name: "welcome.html"}
|
||||||
- {src: "{{ matrix_riot_web_embedded_pages_home_path }}", name: "home.html"}
|
- {src: "{{ matrix_riot_web_embedded_pages_home_path }}", name: "home.html"}
|
||||||
when: "matrix_riot_web_enabled and item.src is not none"
|
when: "matrix_riot_web_enabled|bool and item.src is not none"
|
||||||
|
|
||||||
- name: Ensure Matrix riot-web config files removed
|
- name: Ensure Matrix riot-web config files removed
|
||||||
file:
|
file:
|
||||||
@ -38,7 +38,7 @@
|
|||||||
state: absent
|
state: absent
|
||||||
with_items:
|
with_items:
|
||||||
- {src: "{{ matrix_riot_web_embedded_pages_home_path }}", name: "home.html"}
|
- {src: "{{ matrix_riot_web_embedded_pages_home_path }}", name: "home.html"}
|
||||||
when: "matrix_riot_web_enabled and item.src is none"
|
when: "matrix_riot_web_enabled|bool and item.src is none"
|
||||||
|
|
||||||
- name: Ensure matrix-riot-web.service installed
|
- name: Ensure matrix-riot-web.service installed
|
||||||
template:
|
template:
|
||||||
@ -46,7 +46,7 @@
|
|||||||
dest: "/etc/systemd/system/matrix-riot-web.service"
|
dest: "/etc/systemd/system/matrix-riot-web.service"
|
||||||
mode: 0644
|
mode: 0644
|
||||||
register: matrix_riot_web_systemd_service_result
|
register: matrix_riot_web_systemd_service_result
|
||||||
when: matrix_riot_web_enabled
|
when: matrix_riot_web_enabled|bool
|
||||||
|
|
||||||
- name: Ensure systemd reloaded after matrix-riot-web.service installation
|
- name: Ensure systemd reloaded after matrix-riot-web.service installation
|
||||||
service:
|
service:
|
||||||
@ -61,7 +61,7 @@
|
|||||||
stat:
|
stat:
|
||||||
path: "/etc/systemd/system/matrix-riot-web.service"
|
path: "/etc/systemd/system/matrix-riot-web.service"
|
||||||
register: matrix_riot_web_service_stat
|
register: matrix_riot_web_service_stat
|
||||||
when: "not matrix_riot_web_enabled"
|
when: "not matrix_riot_web_enabled|bool"
|
||||||
|
|
||||||
- name: Ensure matrix-riot-web is stopped
|
- name: Ensure matrix-riot-web is stopped
|
||||||
service:
|
service:
|
||||||
@ -69,27 +69,27 @@
|
|||||||
state: stopped
|
state: stopped
|
||||||
daemon_reload: yes
|
daemon_reload: yes
|
||||||
register: stopping_result
|
register: stopping_result
|
||||||
when: "not matrix_riot_web_enabled and matrix_riot_web_service_stat.stat.exists"
|
when: "not matrix_riot_web_enabled|bool and matrix_riot_web_service_stat.stat.exists"
|
||||||
|
|
||||||
- name: Ensure matrix-riot-web.service doesn't exist
|
- name: Ensure matrix-riot-web.service doesn't exist
|
||||||
file:
|
file:
|
||||||
path: "/etc/systemd/system/matrix-riot-web.service"
|
path: "/etc/systemd/system/matrix-riot-web.service"
|
||||||
state: absent
|
state: absent
|
||||||
when: "not matrix_riot_web_enabled and matrix_riot_web_service_stat.stat.exists"
|
when: "not matrix_riot_web_enabled|bool and matrix_riot_web_service_stat.stat.exists"
|
||||||
|
|
||||||
- name: Ensure systemd reloaded after matrix-riot-web.service removal
|
- name: Ensure systemd reloaded after matrix-riot-web.service removal
|
||||||
service:
|
service:
|
||||||
daemon_reload: yes
|
daemon_reload: yes
|
||||||
when: "not matrix_riot_web_enabled and matrix_riot_web_service_stat.stat.exists"
|
when: "not matrix_riot_web_enabled|bool and matrix_riot_web_service_stat.stat.exists"
|
||||||
|
|
||||||
- name: Ensure Matrix riot-web paths doesn't exist
|
- name: Ensure Matrix riot-web paths doesn't exist
|
||||||
file:
|
file:
|
||||||
path: "{{ matrix_riot_web_data_path }}"
|
path: "{{ matrix_riot_web_data_path }}"
|
||||||
state: absent
|
state: absent
|
||||||
when: "not matrix_riot_web_enabled"
|
when: "not matrix_riot_web_enabled|bool"
|
||||||
|
|
||||||
- name: Ensure riot-web Docker image doesn't exist
|
- name: Ensure riot-web Docker image doesn't exist
|
||||||
docker_image:
|
docker_image:
|
||||||
name: "{{ matrix_riot_web_docker_image }}"
|
name: "{{ matrix_riot_web_docker_image }}"
|
||||||
state: absent
|
state: absent
|
||||||
when: "not matrix_riot_web_enabled"
|
when: "not matrix_riot_web_enabled|bool"
|
||||||
|
@ -1,11 +1,10 @@
|
|||||||
- set_fact:
|
- set_fact:
|
||||||
matrix_synapse_password_providers_enabled: true
|
matrix_synapse_password_providers_enabled: true
|
||||||
when: "matrix_synapse_ext_password_provider_ldap_enabled"
|
when: matrix_synapse_ext_password_provider_ldap_enabled|bool
|
||||||
|
|
||||||
- set_fact:
|
- set_fact:
|
||||||
matrix_synapse_additional_loggers: >
|
matrix_synapse_additional_loggers: >
|
||||||
{{ matrix_synapse_additional_loggers }}
|
{{ matrix_synapse_additional_loggers }}
|
||||||
+
|
+
|
||||||
{{ [{'name': 'ldap_auth_provider', 'level': 'INFO'}] }}
|
{{ [{'name': 'ldap_auth_provider', 'level': 'INFO'}] }}
|
||||||
when: "matrix_synapse_ext_password_provider_ldap_enabled"
|
when: matrix_synapse_ext_password_provider_ldap_enabled|bool
|
||||||
|
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
---
|
---
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/ext/rest-auth/setup_install.yml"
|
- import_tasks: "{{ role_path }}/tasks/ext/rest-auth/setup_install.yml"
|
||||||
when: matrix_synapse_ext_password_provider_rest_auth_enabled
|
when: matrix_synapse_ext_password_provider_rest_auth_enabled|bool
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/ext/rest-auth/setup_uninstall.yml"
|
- import_tasks: "{{ role_path }}/tasks/ext/rest-auth/setup_uninstall.yml"
|
||||||
when: "not matrix_synapse_ext_password_provider_rest_auth_enabled"
|
when: "not matrix_synapse_ext_password_provider_rest_auth_enabled|bool"
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
---
|
---
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/ext/shared-secret-auth/setup_install.yml"
|
- import_tasks: "{{ role_path }}/tasks/ext/shared-secret-auth/setup_install.yml"
|
||||||
when: matrix_synapse_ext_password_provider_shared_secret_auth_enabled
|
when: matrix_synapse_ext_password_provider_shared_secret_auth_enabled|bool
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/ext/shared-secret-auth/setup_uninstall.yml"
|
- import_tasks: "{{ role_path }}/tasks/ext/shared-secret-auth/setup_uninstall.yml"
|
||||||
when: "not matrix_synapse_ext_password_provider_shared_secret_auth_enabled"
|
when: "not matrix_synapse_ext_password_provider_shared_secret_auth_enabled|bool"
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
---
|
---
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/goofys/setup_install.yml"
|
- import_tasks: "{{ role_path }}/tasks/goofys/setup_install.yml"
|
||||||
when: matrix_s3_media_store_enabled
|
when: matrix_s3_media_store_enabled|bool
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/goofys/setup_uninstall.yml"
|
- import_tasks: "{{ role_path }}/tasks/goofys/setup_uninstall.yml"
|
||||||
when: "not matrix_s3_media_store_enabled"
|
when: "not matrix_s3_media_store_enabled|bool"
|
||||||
|
@ -10,7 +10,7 @@
|
|||||||
- name: Fail if media store is on Amazon S3
|
- name: Fail if media store is on Amazon S3
|
||||||
fail:
|
fail:
|
||||||
msg: "Your media store is on Amazon S3. Due to technical limitations, restoring is not supported."
|
msg: "Your media store is on Amazon S3. Due to technical limitations, restoring is not supported."
|
||||||
when: "matrix_s3_media_store_enabled"
|
when: matrix_s3_media_store_enabled|bool
|
||||||
|
|
||||||
- name: Check if the provided media store directory exists
|
- name: Check if the provided media store directory exists
|
||||||
stat:
|
stat:
|
||||||
@ -68,7 +68,7 @@
|
|||||||
owner: "{{ matrix_user_username }}"
|
owner: "{{ matrix_user_username }}"
|
||||||
group: "{{ matrix_user_username }}"
|
group: "{{ matrix_user_username }}"
|
||||||
recurse: yes
|
recurse: yes
|
||||||
when: "not matrix_s3_media_store_enabled"
|
when: "not matrix_s3_media_store_enabled|bool"
|
||||||
|
|
||||||
# We don't chown for Goofys, because due to the way it's mounted,
|
# We don't chown for Goofys, because due to the way it's mounted,
|
||||||
# all files become owned by whoever needs to own them.
|
# all files become owned by whoever needs to own them.
|
||||||
@ -78,6 +78,6 @@
|
|||||||
name: "{{ item }}"
|
name: "{{ item }}"
|
||||||
state: started
|
state: started
|
||||||
daemon_reload: yes
|
daemon_reload: yes
|
||||||
when: stopping_result.changed
|
when: "stopping_result.changed"
|
||||||
with_items:
|
with_items:
|
||||||
- matrix-synapse
|
- matrix-synapse
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
- set_fact:
|
- set_fact:
|
||||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-synapse'] }}"
|
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-synapse'] }}"
|
||||||
when: matrix_synapse_enabled
|
when: matrix_synapse_enabled|bool
|
||||||
|
|
||||||
- set_fact:
|
- set_fact:
|
||||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-goofys'] }}"
|
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-goofys'] }}"
|
||||||
when: matrix_s3_media_store_enabled
|
when: matrix_s3_media_store_enabled|bool
|
||||||
|
@ -3,43 +3,43 @@
|
|||||||
- always
|
- always
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||||
when: run_setup
|
when: run_setup|bool
|
||||||
tags:
|
tags:
|
||||||
- setup-all
|
- setup-all
|
||||||
- setup-synapse
|
- setup-synapse
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/setup_synapse.yml"
|
- import_tasks: "{{ role_path }}/tasks/setup_synapse.yml"
|
||||||
when: run_setup
|
when: run_setup|bool
|
||||||
tags:
|
tags:
|
||||||
- setup-all
|
- setup-all
|
||||||
- setup-synapse
|
- setup-synapse
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/import_media_store.yml"
|
- import_tasks: "{{ role_path }}/tasks/import_media_store.yml"
|
||||||
when: run_import_media_store
|
when: run_import_media_store|bool
|
||||||
tags:
|
tags:
|
||||||
- import-media-store
|
- import-media-store
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/register_user.yml"
|
- import_tasks: "{{ role_path }}/tasks/register_user.yml"
|
||||||
when: run_register_user
|
when: run_register_user|bool
|
||||||
tags:
|
tags:
|
||||||
- register-user
|
- register-user
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/self_check_client_api.yml"
|
- import_tasks: "{{ role_path }}/tasks/self_check_client_api.yml"
|
||||||
delegate_to: 127.0.0.1
|
delegate_to: 127.0.0.1
|
||||||
become: false
|
become: false
|
||||||
when: run_self_check
|
when: run_self_check|bool
|
||||||
tags:
|
tags:
|
||||||
- self-check
|
- self-check
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/self_check_federation_api.yml"
|
- import_tasks: "{{ role_path }}/tasks/self_check_federation_api.yml"
|
||||||
delegate_to: 127.0.0.1
|
delegate_to: 127.0.0.1
|
||||||
become: false
|
become: false
|
||||||
when: run_self_check
|
when: run_self_check|bool
|
||||||
tags:
|
tags:
|
||||||
- self-check
|
- self-check
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/update_user_password.yml"
|
- import_tasks: "{{ role_path }}/tasks/update_user_password.yml"
|
||||||
when: run_update_user_password
|
when: run_update_user_password|bool
|
||||||
tags:
|
tags:
|
||||||
- update-user-password
|
- update-user-password
|
||||||
|
|
||||||
|
@ -25,7 +25,7 @@
|
|||||||
- name: Wait a while, so that Synapse can manage to start
|
- name: Wait a while, so that Synapse can manage to start
|
||||||
pause:
|
pause:
|
||||||
seconds: 7
|
seconds: 7
|
||||||
when: start_result.changed
|
when: "start_result.changed"
|
||||||
|
|
||||||
- name: Register user
|
- name: Register user
|
||||||
shell: "/usr/local/bin/matrix-synapse-register-user {{ username }} {{ password }} {{ '1' if admin == 'yes' else '0' }}"
|
shell: "/usr/local/bin/matrix-synapse-register-user {{ username }} {{ password }} {{ '1' if admin == 'yes' else '0' }}"
|
||||||
|
@ -7,14 +7,14 @@
|
|||||||
validate_certs: "{{ matrix_synapse_self_check_validate_certificates }}"
|
validate_certs: "{{ matrix_synapse_self_check_validate_certificates }}"
|
||||||
register: result_matrix_synapse_client_api
|
register: result_matrix_synapse_client_api
|
||||||
ignore_errors: true
|
ignore_errors: true
|
||||||
when: matrix_synapse_enabled
|
when: matrix_synapse_enabled|bool
|
||||||
|
|
||||||
- name: Fail if Matrix Client API not working
|
- name: Fail if Matrix Client API not working
|
||||||
fail:
|
fail:
|
||||||
msg: "Failed checking Matrix Client API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_client_api_url_endpoint_public }}`). Is Synapse running? Is port 443 open in your firewall? Full error: {{ result_matrix_synapse_client_api }}"
|
msg: "Failed checking Matrix Client API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_client_api_url_endpoint_public }}`). Is Synapse running? Is port 443 open in your firewall? Full error: {{ result_matrix_synapse_client_api }}"
|
||||||
when: "matrix_synapse_enabled and (result_matrix_synapse_client_api.failed or 'json' not in result_matrix_synapse_client_api)"
|
when: "matrix_synapse_enabled|bool and (result_matrix_synapse_client_api.failed or 'json' not in result_matrix_synapse_client_api)"
|
||||||
|
|
||||||
- name: Report working Matrix Client API
|
- name: Report working Matrix Client API
|
||||||
debug:
|
debug:
|
||||||
msg: "The Matrix Client API at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_client_api_url_endpoint_public }}`) is working"
|
msg: "The Matrix Client API at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_client_api_url_endpoint_public }}`) is working"
|
||||||
when: matrix_synapse_enabled
|
when: matrix_synapse_enabled|bool
|
||||||
|
@ -7,19 +7,19 @@
|
|||||||
validate_certs: "{{ matrix_synapse_self_check_validate_certificates }}"
|
validate_certs: "{{ matrix_synapse_self_check_validate_certificates }}"
|
||||||
register: result_matrix_synapse_federation_api
|
register: result_matrix_synapse_federation_api
|
||||||
ignore_errors: true
|
ignore_errors: true
|
||||||
when: matrix_synapse_enabled
|
when: matrix_synapse_enabled|bool
|
||||||
|
|
||||||
- name: Fail if Matrix Federation API not working
|
- name: Fail if Matrix Federation API not working
|
||||||
fail:
|
fail:
|
||||||
msg: "Failed checking Matrix Federation API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`). Is Synapse running? Is port 8448 open in your firewall? Full error: {{ result_matrix_synapse_federation_api }}"
|
msg: "Failed checking Matrix Federation API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`). Is Synapse running? Is port 8448 open in your firewall? Full error: {{ result_matrix_synapse_federation_api }}"
|
||||||
when: "matrix_synapse_enabled and matrix_synapse_federation_enabled and (result_matrix_synapse_federation_api.failed or 'json' not in result_matrix_synapse_federation_api)"
|
when: "matrix_synapse_enabled|bool and matrix_synapse_federation_enabled|bool and (result_matrix_synapse_federation_api.failed or 'json' not in result_matrix_synapse_federation_api)"
|
||||||
|
|
||||||
- name: Fail if Matrix Federation API unexpectedly enabled
|
- name: Fail if Matrix Federation API unexpectedly enabled
|
||||||
fail:
|
fail:
|
||||||
msg: "Matrix Federation API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`) despite being disabled."
|
msg: "Matrix Federation API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`) despite being disabled."
|
||||||
when: "matrix_synapse_enabled and not matrix_synapse_federation_enabled and not result_matrix_synapse_federation_api.failed"
|
when: "matrix_synapse_enabled|bool and not matrix_synapse_federation_enabled|bool and not result_matrix_synapse_federation_api.failed"
|
||||||
|
|
||||||
- name: Report working Matrix Federation API
|
- name: Report working Matrix Federation API
|
||||||
debug:
|
debug:
|
||||||
msg: "The Matrix Federation API at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`) is working"
|
msg: "The Matrix Federation API at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`) is working"
|
||||||
when: "matrix_synapse_enabled and matrix_synapse_federation_enabled"
|
when: "matrix_synapse_enabled|bool and matrix_synapse_federation_enabled|bool"
|
||||||
|
@ -18,7 +18,7 @@
|
|||||||
# We handle matrix_synapse_media_store_path elsewhere (in ./synapse/setup_install.yml),
|
# We handle matrix_synapse_media_store_path elsewhere (in ./synapse/setup_install.yml),
|
||||||
# because if it's using Goofys and it's already mounted (from before),
|
# because if it's using Goofys and it's already mounted (from before),
|
||||||
# trying to chown/chmod it here will cause trouble.
|
# trying to chown/chmod it here will cause trouble.
|
||||||
when: "matrix_synapse_enabled or matrix_s3_media_store_enabled"
|
when: "matrix_synapse_enabled|bool or matrix_s3_media_store_enabled|bool"
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/ext/setup.yml"
|
- import_tasks: "{{ role_path }}/tasks/ext/setup.yml"
|
||||||
|
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
---
|
---
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/synapse/setup_install.yml"
|
- import_tasks: "{{ role_path }}/tasks/synapse/setup_install.yml"
|
||||||
when: matrix_synapse_enabled
|
when: matrix_synapse_enabled|bool
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/synapse/setup_uninstall.yml"
|
- import_tasks: "{{ role_path }}/tasks/synapse/setup_uninstall.yml"
|
||||||
when: "not matrix_synapse_enabled"
|
when: "not matrix_synapse_enabled|bool"
|
||||||
|
@ -71,11 +71,10 @@
|
|||||||
- name: Ensure systemd reloaded after matrix-synapse.service installation
|
- name: Ensure systemd reloaded after matrix-synapse.service installation
|
||||||
service:
|
service:
|
||||||
daemon_reload: yes
|
daemon_reload: yes
|
||||||
when: matrix_synapse_systemd_service_result.changed
|
when: "matrix_synapse_systemd_service_result.changed"
|
||||||
|
|
||||||
- name: Ensure matrix-synapse-register-user script created
|
- name: Ensure matrix-synapse-register-user script created
|
||||||
template:
|
template:
|
||||||
src: "{{ role_path }}/templates/synapse/usr-local-bin/matrix-synapse-register-user.j2"
|
src: "{{ role_path }}/templates/synapse/usr-local-bin/matrix-synapse-register-user.j2"
|
||||||
dest: "/usr/local/bin/matrix-synapse-register-user"
|
dest: "/usr/local/bin/matrix-synapse-register-user"
|
||||||
mode: 0750
|
mode: 0750
|
||||||
|
|
||||||
|
@ -13,7 +13,7 @@
|
|||||||
- name: Fail if not using matrix-postgres container
|
- name: Fail if not using matrix-postgres container
|
||||||
fail:
|
fail:
|
||||||
msg: "This command is working only when matrix-postgres container is being used"
|
msg: "This command is working only when matrix-postgres container is being used"
|
||||||
when: "not matrix_postgres_enabled"
|
when: "not matrix_postgres_enabled|bool"
|
||||||
|
|
||||||
- name: Ensure matrix-synapse is started
|
- name: Ensure matrix-synapse is started
|
||||||
service:
|
service:
|
||||||
@ -33,12 +33,12 @@
|
|||||||
- name: Wait a while, so that Matrix Synapse can manage to start
|
- name: Wait a while, so that Matrix Synapse can manage to start
|
||||||
pause:
|
pause:
|
||||||
seconds: 7
|
seconds: 7
|
||||||
when: start_result.changed
|
when: "start_result.changed"
|
||||||
|
|
||||||
- name: Wait a while, so that Matrix Postgres can manage to start
|
- name: Wait a while, so that Matrix Postgres can manage to start
|
||||||
pause:
|
pause:
|
||||||
seconds: 7
|
seconds: 7
|
||||||
when: postgres_start_result.changed
|
when: "postgres_start_result.changed"
|
||||||
|
|
||||||
- name: Generate password hash
|
- name: Generate password hash
|
||||||
shell: "/usr/bin/docker exec matrix-synapse /usr/local/bin/hash_password -c /data/homeserver.yaml -p {{ password }}"
|
shell: "/usr/bin/docker exec matrix-synapse /usr/local/bin/hash_password -c /data/homeserver.yaml -p {{ password }}"
|
||||||
|
Loading…
Reference in New Issue
Block a user