mirror of
https://github.com/spantaleev/matrix-docker-ansible-deploy.git
synced 2024-12-12 08:43:55 +02:00
fix: all praise the allmighty yamllinter
This commit is contained in:
parent
d3983a0f04
commit
7e5b88c3b7
1
.github/FUNDING.yml
vendored
1
.github/FUNDING.yml
vendored
@ -1,3 +1,4 @@
|
|||||||
|
---
|
||||||
# These are supported funding model platforms
|
# These are supported funding model platforms
|
||||||
|
|
||||||
# https://liberapay.com/s.pantaleev/
|
# https://liberapay.com/s.pantaleev/
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
---
|
---
|
||||||
collections:
|
collections:
|
||||||
- name: community.general
|
- name: community.general
|
||||||
- name: community.docker
|
- name: community.docker
|
||||||
|
@ -28,7 +28,7 @@ If you use curl, you can get an access token like this:
|
|||||||
|
|
||||||
```
|
```
|
||||||
curl -X POST --header 'Content-Type: application/json' -d '{
|
curl -X POST --header 'Content-Type: application/json' -d '{
|
||||||
"identifier": { "type": "m.id.user", "user": "bot.go-neb" },
|
"identifier": { "type": "m.id.user", "user": "bot.go-neb"},
|
||||||
"password": "a strong password",
|
"password": "a strong password",
|
||||||
"type": "m.login.password"
|
"type": "m.login.password"
|
||||||
}' 'https://matrix.YOURDOMAIN/_matrix/client/r0/login'
|
}' 'https://matrix.YOURDOMAIN/_matrix/client/r0/login'
|
||||||
@ -198,8 +198,8 @@ matrix_bot_go_neb_services:
|
|||||||
# Each room will get the notification with the alert rendered with the given template
|
# Each room will get the notification with the alert rendered with the given template
|
||||||
rooms:
|
rooms:
|
||||||
"!someroomid:domain.tld":
|
"!someroomid:domain.tld":
|
||||||
text_template: "{% raw %}{{range .Alerts -}} [{{ .Status }}] {{index .Labels \"alertname\" }}: {{index .Annotations \"description\"}} {{ end -}}{% endraw %}"
|
text_template: "{% raw %}{{range .Alerts -}} [{{ .Status }}] {{index .Labels \"alertname\"}}: {{index .Annotations \"description\"}} {{ end -}}{% endraw %}"
|
||||||
html_template: "{% raw %}{{range .Alerts -}} {{ $severity := index .Labels \"severity\" }} {{ if eq .Status \"firing\" }} {{ if eq $severity \"critical\"}} <font color='red'><b>[FIRING - CRITICAL]</b></font> {{ else if eq $severity \"warning\"}} <font color='orange'><b>[FIRING - WARNING]</b></font> {{ else }} <b>[FIRING - {{ $severity }}]</b> {{ end }} {{ else }} <font color='green'><b>[RESOLVED]</b></font> {{ end }} {{ index .Labels \"alertname\"}} : {{ index .Annotations \"description\"}} <a href=\"{{ .GeneratorURL }}\">source</a><br/>{{end -}}{% endraw %}"
|
html_template: "{% raw %}{{range .Alerts -}} {{ $severity := index .Labels \"severity\"}} {{ if eq .Status \"firing\"}} {{ if eq $severity \"critical\"}} <font color='red'><b>[FIRING - CRITICAL]</b></font> {{ else if eq $severity \"warning\"}} <font color='orange'><b>[FIRING - WARNING]</b></font> {{ else }} <b>[FIRING - {{ $severity }}]</b> {{ end }} {{ else }} <font color='green'><b>[RESOLVED]</b></font> {{ end }} {{ index .Labels \"alertname\"}} : {{ index .Annotations \"description\"}} <a href=\"{{ .GeneratorURL }}\">source</a><br/>{{end -}}{% endraw %}"
|
||||||
msg_type: "m.text" # Must be either `m.text` or `m.notice`
|
msg_type: "m.text" # Must be either `m.text` or `m.notice`
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -28,7 +28,7 @@ If you use curl, you can get an access token like this:
|
|||||||
|
|
||||||
```
|
```
|
||||||
curl -X POST --header 'Content-Type: application/json' -d '{
|
curl -X POST --header 'Content-Type: application/json' -d '{
|
||||||
"identifier": { "type": "m.id.user", "user": "bot.mjolnir" },
|
"identifier": { "type": "m.id.user", "user": "bot.mjolnir"},
|
||||||
"password": "PASSWORD_FOR_THE_BOT",
|
"password": "PASSWORD_FOR_THE_BOT",
|
||||||
"type": "m.login.password"
|
"type": "m.login.password"
|
||||||
}' 'https://matrix.DOMAIN/_matrix/client/r0/login'
|
}' 'https://matrix.DOMAIN/_matrix/client/r0/login'
|
||||||
|
@ -50,7 +50,7 @@ When using this method, **each user** that wishes to enable Double Puppeting nee
|
|||||||
|
|
||||||
```
|
```
|
||||||
curl \
|
curl \
|
||||||
--data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME" }, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Facebook", "initial_device_display_name": "Mautrix-Facebook"}' \
|
--data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME"}, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Facebook", "initial_device_display_name": "Mautrix-Facebook"}' \
|
||||||
https://matrix.DOMAIN/_matrix/client/r0/login
|
https://matrix.DOMAIN/_matrix/client/r0/login
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -33,7 +33,7 @@ When using this method, **each user** that wishes to enable Double Puppeting nee
|
|||||||
|
|
||||||
```
|
```
|
||||||
curl \
|
curl \
|
||||||
--data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME" }, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-googlechat", "initial_device_display_name": "Mautrix-googlechat"}' \
|
--data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME"}, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-googlechat", "initial_device_display_name": "Mautrix-googlechat"}' \
|
||||||
https://matrix.DOMAIN/_matrix/client/r0/login
|
https://matrix.DOMAIN/_matrix/client/r0/login
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -35,7 +35,7 @@ When using this method, **each user** that wishes to enable Double Puppeting nee
|
|||||||
|
|
||||||
```
|
```
|
||||||
curl \
|
curl \
|
||||||
--data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME" }, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Hangouts", "initial_device_display_name": "Mautrix-Hangouts"}' \
|
--data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME"}, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Hangouts", "initial_device_display_name": "Mautrix-Hangouts"}' \
|
||||||
https://matrix.DOMAIN/_matrix/client/r0/login
|
https://matrix.DOMAIN/_matrix/client/r0/login
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -77,7 +77,7 @@ When using this method, **each user** that wishes to enable Double Puppeting nee
|
|||||||
|
|
||||||
```
|
```
|
||||||
curl \
|
curl \
|
||||||
--data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME" }, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Signal", "initial_device_display_name": "Mautrix-Signal"}' \
|
--data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME"}, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Signal", "initial_device_display_name": "Mautrix-Signal"}' \
|
||||||
https://matrix.DOMAIN/_matrix/client/r0/login
|
https://matrix.DOMAIN/_matrix/client/r0/login
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -32,7 +32,7 @@ When using this method, **each user** that wishes to enable Double Puppeting nee
|
|||||||
|
|
||||||
```
|
```
|
||||||
curl \
|
curl \
|
||||||
--data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME" }, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Telegram", "initial_device_display_name": "Mautrix-Telegram"}' \
|
--data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME"}, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Telegram", "initial_device_display_name": "Mautrix-Telegram"}' \
|
||||||
https://matrix.DOMAIN/_matrix/client/r0/login
|
https://matrix.DOMAIN/_matrix/client/r0/login
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -48,7 +48,7 @@ When using this method, **each user** that wishes to enable Double Puppeting nee
|
|||||||
|
|
||||||
```
|
```
|
||||||
curl \
|
curl \
|
||||||
--data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME" }, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Whatsapp", "initial_device_display_name": "Mautrix-Whatsapp"}' \
|
--data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME"}, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Whatsapp", "initial_device_display_name": "Mautrix-Whatsapp"}' \
|
||||||
https://matrix.DOMAIN/_matrix/client/r0/login
|
https://matrix.DOMAIN/_matrix/client/r0/login
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -53,7 +53,7 @@ To get an access token for the Dimension user, you can follow one of two options
|
|||||||
|
|
||||||
```
|
```
|
||||||
curl -X POST --header 'Content-Type: application/json' -d '{
|
curl -X POST --header 'Content-Type: application/json' -d '{
|
||||||
"identifier": { "type": "m.id.user", "user": "YourDimensionUsername" },
|
"identifier": { "type": "m.id.user", "user": "YourDimensionUsername"},
|
||||||
"password": "YourDimensionPassword",
|
"password": "YourDimensionPassword",
|
||||||
"type": "m.login.password"
|
"type": "m.login.password"
|
||||||
}' 'https://matrix.YOURDOMAIN/_matrix/client/r0/login'
|
}' 'https://matrix.YOURDOMAIN/_matrix/client/r0/login'
|
||||||
|
@ -40,7 +40,7 @@ To do this, you can execute a command like this:
|
|||||||
|
|
||||||
```
|
```
|
||||||
curl \
|
curl \
|
||||||
--data '{"identifier": {"type": "m.id.user", "user": "email2matrix" }, "password": "MATRIX_PASSWORD_FOR_THE_USER", "type": "m.login.password", "device_id": "Email2Matrix", "initial_device_display_name": "Email2Matrix"}' \
|
--data '{"identifier": {"type": "m.id.user", "user": "email2matrix"}, "password": "MATRIX_PASSWORD_FOR_THE_USER", "type": "m.login.password", "device_id": "Email2Matrix", "initial_device_display_name": "Email2Matrix"}' \
|
||||||
https://matrix.DOMAIN/_matrix/client/r0/login
|
https://matrix.DOMAIN/_matrix/client/r0/login
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -41,5 +41,5 @@ If you didn't make your account a server admin when you created it, you can use
|
|||||||
### Example:
|
### Example:
|
||||||
To set @user:domain.com's password to `correct_horse_battery_staple` you could use this curl command:
|
To set @user:domain.com's password to `correct_horse_battery_staple` you could use this curl command:
|
||||||
```
|
```
|
||||||
curl -XPOST -d '{ "new_password": "correct_horse_battery_staple" }' "https://matrix.<domain>/_matrix/client/r0/admin/reset_password/@user:domain.com?access_token=MDA...this_is_my_access_token
|
curl -XPOST -d '{ "new_password": "correct_horse_battery_staple"}' "https://matrix.<domain>/_matrix/client/r0/admin/reset_password/@user:domain.com?access_token=MDA...this_is_my_access_token
|
||||||
```
|
```
|
||||||
|
@ -1,7 +1,8 @@
|
|||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
nginx:
|
nginx:
|
||||||
image: local/nginx
|
image: local/nginx
|
||||||
ports:
|
ports:
|
||||||
- 40888:80
|
- 40888:80
|
||||||
volumes:
|
volumes:
|
||||||
|
@ -1,3 +1,4 @@
|
|||||||
|
---
|
||||||
# The bare domain name which represents your Matrix identity.
|
# The bare domain name which represents your Matrix identity.
|
||||||
# Matrix user ids for your server will be of the form (`@user:<matrix-domain>`).
|
# Matrix user ids for your server will be of the form (`@user:<matrix-domain>`).
|
||||||
#
|
#
|
||||||
|
@ -265,7 +265,7 @@ matrix_beeper_linkedin_homeserver_token: "{{ '%s' | format(matrix_homeserver_gen
|
|||||||
|
|
||||||
matrix_beeper_linkedin_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
|
matrix_beeper_linkedin_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
|
||||||
|
|
||||||
matrix_beeper_linkedin_bridge_presence: "{{ matrix_synapse_presence_enabled if matrix_synapse_enabled else true }}"
|
matrix_beeper_linkedin_bridge_presence: "{{ matrix_synapse_presence_enabled if matrix_synapse_enabled else true}}"
|
||||||
|
|
||||||
matrix_beeper_linkedin_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'maulinkedin.db') | to_uuid }}"
|
matrix_beeper_linkedin_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'maulinkedin.db') | to_uuid }}"
|
||||||
|
|
||||||
@ -303,7 +303,7 @@ matrix_mautrix_facebook_homeserver_token: "{{ '%s' | format(matrix_homeserver_ge
|
|||||||
|
|
||||||
matrix_mautrix_facebook_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
|
matrix_mautrix_facebook_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
|
||||||
|
|
||||||
matrix_mautrix_facebook_bridge_presence: "{{ matrix_synapse_presence_enabled if matrix_synapse_enabled else true }}"
|
matrix_mautrix_facebook_bridge_presence: "{{ matrix_synapse_presence_enabled if matrix_synapse_enabled else true}}"
|
||||||
|
|
||||||
# We'd like to force-set people with external Postgres to SQLite, so the bridge role can complain
|
# We'd like to force-set people with external Postgres to SQLite, so the bridge role can complain
|
||||||
# and point them to a migration path.
|
# and point them to a migration path.
|
||||||
@ -427,7 +427,7 @@ matrix_mautrix_instagram_homeserver_token: "{{ '%s' | format(matrix_homeserver_g
|
|||||||
|
|
||||||
matrix_mautrix_instagram_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
|
matrix_mautrix_instagram_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
|
||||||
|
|
||||||
matrix_mautrix_instagram_bridge_presence: "{{ matrix_synapse_presence_enabled if matrix_synapse_enabled else true }}"
|
matrix_mautrix_instagram_bridge_presence: "{{ matrix_synapse_presence_enabled if matrix_synapse_enabled else true}}"
|
||||||
|
|
||||||
# We'd like to force-set people with external Postgres to SQLite, so the bridge role can complain
|
# We'd like to force-set people with external Postgres to SQLite, so the bridge role can complain
|
||||||
# and point them to a migration path.
|
# and point them to a migration path.
|
||||||
@ -1367,7 +1367,7 @@ matrix_ma1sd_threepid_medium_email_connectors_smtp_host: "matrix-mailer"
|
|||||||
matrix_ma1sd_threepid_medium_email_connectors_smtp_port: 8025
|
matrix_ma1sd_threepid_medium_email_connectors_smtp_port: 8025
|
||||||
matrix_ma1sd_threepid_medium_email_connectors_smtp_tls: 0
|
matrix_ma1sd_threepid_medium_email_connectors_smtp_tls: 0
|
||||||
|
|
||||||
matrix_ma1sd_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true }}"
|
matrix_ma1sd_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true}}"
|
||||||
|
|
||||||
matrix_ma1sd_systemd_required_services_list: |
|
matrix_ma1sd_systemd_required_services_list: |
|
||||||
{{
|
{{
|
||||||
@ -1479,7 +1479,7 @@ matrix_nginx_proxy_proxy_matrix_user_directory_search_enabled: "{{ matrix_ma1sd_
|
|||||||
matrix_nginx_proxy_proxy_matrix_user_directory_search_addr_with_container: "{{ matrix_nginx_proxy_proxy_matrix_identity_api_addr_with_container }}"
|
matrix_nginx_proxy_proxy_matrix_user_directory_search_addr_with_container: "{{ matrix_nginx_proxy_proxy_matrix_identity_api_addr_with_container }}"
|
||||||
matrix_nginx_proxy_proxy_matrix_user_directory_search_addr_sans_container: "{{ matrix_nginx_proxy_proxy_matrix_identity_api_addr_sans_container }}"
|
matrix_nginx_proxy_proxy_matrix_user_directory_search_addr_sans_container: "{{ matrix_nginx_proxy_proxy_matrix_identity_api_addr_sans_container }}"
|
||||||
|
|
||||||
matrix_nginx_proxy_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true }}"
|
matrix_nginx_proxy_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true}}"
|
||||||
|
|
||||||
# OCSP stapling does not make sense when self-signed certificates are used.
|
# OCSP stapling does not make sense when self-signed certificates are used.
|
||||||
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1073
|
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1073
|
||||||
@ -1886,7 +1886,7 @@ matrix_client_element_integrations_rest_url: "{{ matrix_dimension_integrations_r
|
|||||||
matrix_client_element_integrations_widgets_urls: "{{ matrix_dimension_integrations_widgets_urls if matrix_dimension_enabled else ['https://scalar.vector.im/api'] }}"
|
matrix_client_element_integrations_widgets_urls: "{{ matrix_dimension_integrations_widgets_urls if matrix_dimension_enabled else ['https://scalar.vector.im/api'] }}"
|
||||||
matrix_client_element_integrations_jitsi_widget_url: "{{ matrix_dimension_integrations_jitsi_widget_url if matrix_dimension_enabled else 'https://scalar.vector.im/api/widgets/jitsi.html' }}"
|
matrix_client_element_integrations_jitsi_widget_url: "{{ matrix_dimension_integrations_jitsi_widget_url if matrix_dimension_enabled else 'https://scalar.vector.im/api/widgets/jitsi.html' }}"
|
||||||
|
|
||||||
matrix_client_element_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true }}"
|
matrix_client_element_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true}}"
|
||||||
|
|
||||||
matrix_client_element_registration_enabled: "{{ matrix_synapse_enable_registration }}"
|
matrix_client_element_registration_enabled: "{{ matrix_synapse_enable_registration }}"
|
||||||
|
|
||||||
@ -1924,7 +1924,7 @@ matrix_client_hydrogen_container_http_host_bind_port: "{{ '' if matrix_nginx_pro
|
|||||||
|
|
||||||
matrix_client_hydrogen_default_hs_url: "{{ matrix_homeserver_url }}"
|
matrix_client_hydrogen_default_hs_url: "{{ matrix_homeserver_url }}"
|
||||||
|
|
||||||
matrix_client_hydrogen_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true }}"
|
matrix_client_hydrogen_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true}}"
|
||||||
|
|
||||||
######################################################################
|
######################################################################
|
||||||
#
|
#
|
||||||
@ -1951,7 +1951,7 @@ matrix_client_cinny_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_
|
|||||||
|
|
||||||
matrix_client_cinny_default_hs_url: "{{ matrix_homeserver_url }}"
|
matrix_client_cinny_default_hs_url: "{{ matrix_homeserver_url }}"
|
||||||
|
|
||||||
matrix_client_cinny_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true }}"
|
matrix_client_cinny_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true}}"
|
||||||
|
|
||||||
######################################################################
|
######################################################################
|
||||||
#
|
#
|
||||||
@ -2042,7 +2042,7 @@ matrix_synapse_turn_uris: |
|
|||||||
|
|
||||||
matrix_synapse_turn_shared_secret: "{{ matrix_coturn_turn_static_auth_secret if matrix_coturn_enabled else '' }}"
|
matrix_synapse_turn_shared_secret: "{{ matrix_coturn_turn_static_auth_secret if matrix_coturn_enabled else '' }}"
|
||||||
|
|
||||||
matrix_synapse_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true }}"
|
matrix_synapse_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true}}"
|
||||||
|
|
||||||
matrix_synapse_systemd_required_services_list: |
|
matrix_synapse_systemd_required_services_list: |
|
||||||
{{
|
{{
|
||||||
@ -2228,7 +2228,7 @@ matrix_registration_shared_secret: |-
|
|||||||
|
|
||||||
matrix_registration_server_location: "{{ matrix_homeserver_container_url }}"
|
matrix_registration_server_location: "{{ matrix_homeserver_container_url }}"
|
||||||
|
|
||||||
matrix_registration_api_validate_certs: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true }}"
|
matrix_registration_api_validate_certs: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true}}"
|
||||||
|
|
||||||
matrix_registration_container_image_self_build: "{{ matrix_architecture != 'amd64' }}"
|
matrix_registration_container_image_self_build: "{{ matrix_architecture != 'amd64' }}"
|
||||||
|
|
||||||
@ -2320,7 +2320,7 @@ matrix_dendrite_turn_shared_secret: "{{ matrix_coturn_turn_static_auth_secret if
|
|||||||
|
|
||||||
matrix_dendrite_disable_tls_validation: "{{ true if matrix_ssl_retrieval_method == 'self-signed' else false }}"
|
matrix_dendrite_disable_tls_validation: "{{ true if matrix_ssl_retrieval_method == 'self-signed' else false }}"
|
||||||
|
|
||||||
matrix_dendrite_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true }}"
|
matrix_dendrite_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true}}"
|
||||||
|
|
||||||
matrix_dendrite_trusted_id_servers: "{{ [matrix_server_fqn_matrix] if matrix_ma1sd_enabled else ['matrix.org', 'vector.im'] }}"
|
matrix_dendrite_trusted_id_servers: "{{ [matrix_server_fqn_matrix] if matrix_ma1sd_enabled else ['matrix.org', 'vector.im'] }}"
|
||||||
|
|
||||||
|
@ -1,3 +1,5 @@
|
|||||||
|
---
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/setup.yml"
|
- import_tasks: "{{ role_path }}/tasks/setup.yml"
|
||||||
when: run_stop|bool
|
when: run_stop|bool
|
||||||
tags:
|
tags:
|
||||||
|
@ -1,3 +1,5 @@
|
|||||||
|
---
|
||||||
|
|
||||||
matrix_awx_enabled: true
|
matrix_awx_enabled: true
|
||||||
|
|
||||||
# Defaults for 'Customise Website + Access Export' template
|
# Defaults for 'Customise Website + Access Export' template
|
||||||
|
@ -1,3 +1,4 @@
|
|||||||
|
---
|
||||||
|
|
||||||
- name: Record Backup Server variables locally on AWX
|
- name: Record Backup Server variables locally on AWX
|
||||||
delegate_to: 127.0.0.1
|
delegate_to: 127.0.0.1
|
||||||
@ -38,18 +39,18 @@
|
|||||||
credential: "{{ member_id }} - AWX SSH Key"
|
credential: "{{ member_id }} - AWX SSH Key"
|
||||||
survey_enabled: true
|
survey_enabled: true
|
||||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/backup_server.json') }}"
|
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/backup_server.json') }}"
|
||||||
become_enabled: yes
|
become_enabled: true
|
||||||
state: present
|
state: present
|
||||||
verbosity: 1
|
verbosity: 1
|
||||||
tower_host: "https://{{ awx_host }}"
|
tower_host: "https://{{ awx_host }}"
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||||
validate_certs: yes
|
validate_certs: true
|
||||||
tags: use-survey
|
tags: use-survey
|
||||||
|
|
||||||
- name: Include vars in matrix_vars.yml
|
- name: Include vars in matrix_vars.yml
|
||||||
include_vars:
|
include_vars:
|
||||||
file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
|
file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
|
||||||
no_log: True
|
no_log: true
|
||||||
|
|
||||||
- name: Copy new 'matrix_vars.yml' to target machine
|
- name: Copy new 'matrix_vars.yml' to target machine
|
||||||
copy:
|
copy:
|
||||||
@ -58,8 +59,8 @@
|
|||||||
mode: '0660'
|
mode: '0660'
|
||||||
tags: use-survey
|
tags: use-survey
|
||||||
|
|
||||||
- name: Run initial backup of /matrix/ and snapshot the database simultaneously
|
- name: Run initial backup of /matrix/ and snapshot the database simultaneously
|
||||||
command: "{{ item }}"
|
command: "{{ item }}"
|
||||||
with_items:
|
with_items:
|
||||||
- borgmatic -c /root/.config/borgmatic/config_1.yaml
|
- borgmatic -c /root/.config/borgmatic/config_1.yaml
|
||||||
- /bin/sh /usr/local/bin/awx-export-service.sh 1 0
|
- /bin/sh /usr/local/bin/awx-export-service.sh 1 0
|
||||||
|
@ -1,3 +1,4 @@
|
|||||||
|
---
|
||||||
|
|
||||||
- name: Record Bridge Discord AppService variables locally on AWX
|
- name: Record Bridge Discord AppService variables locally on AWX
|
||||||
delegate_to: 127.0.0.1
|
delegate_to: 127.0.0.1
|
||||||
@ -33,7 +34,7 @@
|
|||||||
- name: Copy new 'Bridge Discord Appservice' survey.json to target machine
|
- name: Copy new 'Bridge Discord Appservice' survey.json to target machine
|
||||||
copy:
|
copy:
|
||||||
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/bridge_discord_appservice.json'
|
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/bridge_discord_appservice.json'
|
||||||
dest: '/matrix/awx/bridge_discord_appservice.json'
|
dest: '/matrix/awx/bridge_discord_appservice.json'
|
||||||
mode: '0660'
|
mode: '0660'
|
||||||
|
|
||||||
- name: Recreate 'Bridge Discord Appservice' job template
|
- name: Recreate 'Bridge Discord Appservice' job template
|
||||||
@ -54,4 +55,4 @@
|
|||||||
verbosity: 1
|
verbosity: 1
|
||||||
tower_host: "https://{{ awx_host }}"
|
tower_host: "https://{{ awx_host }}"
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||||
validate_certs: yes
|
validate_certs: true
|
||||||
|
@ -1,3 +1,4 @@
|
|||||||
|
---
|
||||||
|
|
||||||
- name: Collect current datetime
|
- name: Collect current datetime
|
||||||
set_fact:
|
set_fact:
|
||||||
|
@ -1,3 +1,4 @@
|
|||||||
|
---
|
||||||
|
|
||||||
- name: Create a AWX session token for executing modules
|
- name: Create a AWX session token for executing modules
|
||||||
awx.awx.tower_token:
|
awx.awx.tower_token:
|
||||||
@ -7,4 +8,4 @@
|
|||||||
tower_host: "https://{{ awx_host }}"
|
tower_host: "https://{{ awx_host }}"
|
||||||
tower_oauthtoken: "{{ awx_master_token }}"
|
tower_oauthtoken: "{{ awx_master_token }}"
|
||||||
register: awx_session_token
|
register: awx_session_token
|
||||||
no_log: True
|
no_log: true
|
||||||
|
@ -1,3 +1,4 @@
|
|||||||
|
---
|
||||||
#
|
#
|
||||||
# Create user and define if they are admin
|
# Create user and define if they are admin
|
||||||
#
|
#
|
||||||
|
@ -48,7 +48,7 @@
|
|||||||
- name: Reload vars in matrix_vars.yml
|
- name: Reload vars in matrix_vars.yml
|
||||||
include_vars:
|
include_vars:
|
||||||
file: '{{ awx_cached_matrix_vars }}'
|
file: '{{ awx_cached_matrix_vars }}'
|
||||||
no_log: True
|
no_log: true
|
||||||
|
|
||||||
- name: Save new 'Customise Website + Access Export' survey.json to the AWX tower, template
|
- name: Save new 'Customise Website + Access Export' survey.json to the AWX tower, template
|
||||||
delegate_to: 127.0.0.1
|
delegate_to: 127.0.0.1
|
||||||
@ -60,7 +60,7 @@
|
|||||||
- name: Copy new 'Customise Website + Access Export' survey.json to target machine
|
- name: Copy new 'Customise Website + Access Export' survey.json to target machine
|
||||||
copy:
|
copy:
|
||||||
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_website_access_export.json'
|
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_website_access_export.json'
|
||||||
dest: '/matrix/awx/configure_website_access_export.json'
|
dest: '/matrix/awx/configure_website_access_export.json'
|
||||||
mode: '0660'
|
mode: '0660'
|
||||||
when: awx_customise_base_domain_website is defined
|
when: awx_customise_base_domain_website is defined
|
||||||
|
|
||||||
@ -74,7 +74,7 @@
|
|||||||
- name: Copy new 'Customise Website + Access Export' survey.json to target machine
|
- name: Copy new 'Customise Website + Access Export' survey.json to target machine
|
||||||
copy:
|
copy:
|
||||||
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/access_export.json'
|
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/access_export.json'
|
||||||
dest: '/matrix/awx/access_export.json'
|
dest: '/matrix/awx/access_export.json'
|
||||||
mode: '0660'
|
mode: '0660'
|
||||||
when: awx_customise_base_domain_website is undefined
|
when: awx_customise_base_domain_website is undefined
|
||||||
|
|
||||||
@ -92,12 +92,12 @@
|
|||||||
credential: "{{ member_id }} - AWX SSH Key"
|
credential: "{{ member_id }} - AWX SSH Key"
|
||||||
survey_enabled: true
|
survey_enabled: true
|
||||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_website_access_export.json') }}"
|
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_website_access_export.json') }}"
|
||||||
become_enabled: yes
|
become_enabled: true
|
||||||
state: present
|
state: present
|
||||||
verbosity: 1
|
verbosity: 1
|
||||||
tower_host: "https://{{ awx_host }}"
|
tower_host: "https://{{ awx_host }}"
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||||
validate_certs: yes
|
validate_certs: true
|
||||||
when: awx_customise_base_domain_website is defined
|
when: awx_customise_base_domain_website is defined
|
||||||
|
|
||||||
- name: Recreate 'Access Export' job template
|
- name: Recreate 'Access Export' job template
|
||||||
@ -114,12 +114,12 @@
|
|||||||
credential: "{{ member_id }} - AWX SSH Key"
|
credential: "{{ member_id }} - AWX SSH Key"
|
||||||
survey_enabled: true
|
survey_enabled: true
|
||||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/access_export.json') }}"
|
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/access_export.json') }}"
|
||||||
become_enabled: yes
|
become_enabled: true
|
||||||
state: present
|
state: present
|
||||||
verbosity: 1
|
verbosity: 1
|
||||||
tower_host: "https://{{ awx_host }}"
|
tower_host: "https://{{ awx_host }}"
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||||
validate_certs: yes
|
validate_certs: true
|
||||||
when: awx_customise_base_domain_website is undefined
|
when: awx_customise_base_domain_website is undefined
|
||||||
|
|
||||||
- name: If user doesn't define a awx_sftp_password, create a disabled 'sftp' account
|
- name: If user doesn't define a awx_sftp_password, create a disabled 'sftp' account
|
||||||
@ -153,7 +153,7 @@
|
|||||||
user:
|
user:
|
||||||
name: sftp
|
name: sftp
|
||||||
groups: sftp
|
groups: sftp
|
||||||
append: yes
|
append: true
|
||||||
when: awx_customise_base_domain_website is defined
|
when: awx_customise_base_domain_website is defined
|
||||||
|
|
||||||
- name: Create the ro /chroot directory with sticky bit if it doesn't exist. (/chroot/website has matrix:matrix permissions and is mounted to nginx container)
|
- name: Create the ro /chroot directory with sticky bit if it doesn't exist. (/chroot/website has matrix:matrix permissions and is mounted to nginx container)
|
||||||
@ -208,7 +208,7 @@
|
|||||||
group: sftp
|
group: sftp
|
||||||
mode: '0644'
|
mode: '0644'
|
||||||
when: (awx_sftp_public_key | length > 0) and (awx_sftp_auth_method == "SSH Key")
|
when: (awx_sftp_public_key | length > 0) and (awx_sftp_auth_method == "SSH Key")
|
||||||
|
|
||||||
- name: Remove any existing Subsystem lines
|
- name: Remove any existing Subsystem lines
|
||||||
lineinfile:
|
lineinfile:
|
||||||
path: /etc/ssh/sshd_config
|
path: /etc/ssh/sshd_config
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
---
|
---
|
||||||
|
|
||||||
- name: Run export of /matrix/ and snapshot the database simultaneously
|
- name: Run export of /matrix/ and snapshot the database simultaneously
|
||||||
command: "{{ item }}"
|
command: "{{ item }}"
|
||||||
with_items:
|
with_items:
|
||||||
- /bin/sh /usr/local/bin/awx-export-service.sh 1 0
|
- /bin/sh /usr/local/bin/awx-export-service.sh 1 0
|
||||||
- /bin/sh /usr/local/bin/awx-export-service.sh 0 1
|
- /bin/sh /usr/local/bin/awx-export-service.sh 0 1
|
||||||
@ -23,7 +23,7 @@
|
|||||||
command: rm /chroot/export/matrix*
|
command: rm /chroot/export/matrix*
|
||||||
count: 1
|
count: 1
|
||||||
units: days
|
units: days
|
||||||
unique: yes
|
unique: true
|
||||||
|
|
||||||
- name: Delete the AWX session token for executing modules
|
- name: Delete the AWX session token for executing modules
|
||||||
awx.awx.tower_token:
|
awx.awx.tower_token:
|
||||||
|
@ -3,14 +3,14 @@
|
|||||||
- name: Include vars in organisation.yml
|
- name: Include vars in organisation.yml
|
||||||
include_vars:
|
include_vars:
|
||||||
file: '/var/lib/awx/projects/clients/{{ member_id }}/organisation.yml'
|
file: '/var/lib/awx/projects/clients/{{ member_id }}/organisation.yml'
|
||||||
no_log: True
|
no_log: true
|
||||||
|
|
||||||
- name: Include vars in hosting_vars.yml
|
- name: Include vars in hosting_vars.yml
|
||||||
include_vars:
|
include_vars:
|
||||||
file: '/var/lib/awx/projects/hosting/hosting_vars.yml'
|
file: '/var/lib/awx/projects/hosting/hosting_vars.yml'
|
||||||
no_log: True
|
no_log: true
|
||||||
|
|
||||||
- name: Include AWX master token from awx_tokens.yml
|
- name: Include AWX master token from awx_tokens.yml
|
||||||
include_vars:
|
include_vars:
|
||||||
file: /var/lib/awx/projects/hosting/awx_tokens.yml
|
file: /var/lib/awx/projects/hosting/awx_tokens.yml
|
||||||
no_log: True
|
no_log: true
|
||||||
|
@ -3,9 +3,9 @@
|
|||||||
- name: Include new vars in matrix_vars.yml
|
- name: Include new vars in matrix_vars.yml
|
||||||
include_vars:
|
include_vars:
|
||||||
file: '{{ awx_cached_matrix_vars }}'
|
file: '{{ awx_cached_matrix_vars }}'
|
||||||
no_log: True
|
no_log: true
|
||||||
|
|
||||||
- name: If include_vars succeeds overwrite the old matrix_vars.yml
|
- name: If include_vars succeeds overwrite the old matrix_vars.yml
|
||||||
delegate_to: 127.0.0.1
|
delegate_to: 127.0.0.1
|
||||||
shell: "cp {{ awx_cached_matrix_vars }} /var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml && rm {{ awx_cached_matrix_vars }}"
|
shell: "cp {{ awx_cached_matrix_vars }} /var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml && rm {{ awx_cached_matrix_vars }}"
|
||||||
|
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
|
---
|
||||||
# Load initial hosting and organisation variables from AWX volume
|
# Load initial hosting and organisation variables from AWX volume
|
||||||
- include_tasks:
|
- include_tasks:
|
||||||
file: "load_hosting_and_org_variables.yml"
|
file: "load_hosting_and_org_variables.yml"
|
||||||
apply:
|
apply:
|
||||||
tags: always
|
tags: always
|
||||||
@ -9,7 +9,7 @@
|
|||||||
- always
|
- always
|
||||||
|
|
||||||
# Renames or updates the vars.yml if needed
|
# Renames or updates the vars.yml if needed
|
||||||
- include_tasks:
|
- include_tasks:
|
||||||
file: "update_variables.yml"
|
file: "update_variables.yml"
|
||||||
apply:
|
apply:
|
||||||
tags: always
|
tags: always
|
||||||
@ -18,7 +18,7 @@
|
|||||||
- always
|
- always
|
||||||
|
|
||||||
# Create AWX session token
|
# Create AWX session token
|
||||||
- include_tasks:
|
- include_tasks:
|
||||||
file: "create_session_token.yml"
|
file: "create_session_token.yml"
|
||||||
apply:
|
apply:
|
||||||
tags: always
|
tags: always
|
||||||
@ -27,7 +27,7 @@
|
|||||||
- always
|
- always
|
||||||
|
|
||||||
# Perform a backup of the server
|
# Perform a backup of the server
|
||||||
- include_tasks:
|
- include_tasks:
|
||||||
file: "backup_server.yml"
|
file: "backup_server.yml"
|
||||||
apply:
|
apply:
|
||||||
tags: backup-server
|
tags: backup-server
|
||||||
@ -36,7 +36,7 @@
|
|||||||
- backup-server
|
- backup-server
|
||||||
|
|
||||||
# Perform a export of the server
|
# Perform a export of the server
|
||||||
- include_tasks:
|
- include_tasks:
|
||||||
file: "export_server.yml"
|
file: "export_server.yml"
|
||||||
apply:
|
apply:
|
||||||
tags: export-server
|
tags: export-server
|
||||||
@ -45,7 +45,7 @@
|
|||||||
- export-server
|
- export-server
|
||||||
|
|
||||||
# Create a user account if called
|
# Create a user account if called
|
||||||
- include_tasks:
|
- include_tasks:
|
||||||
file: "create_user.yml"
|
file: "create_user.yml"
|
||||||
apply:
|
apply:
|
||||||
tags: create-user
|
tags: create-user
|
||||||
@ -54,7 +54,7 @@
|
|||||||
- create-user
|
- create-user
|
||||||
|
|
||||||
# Purge local/remote media if called
|
# Purge local/remote media if called
|
||||||
- include_tasks:
|
- include_tasks:
|
||||||
file: "purge_media_main.yml"
|
file: "purge_media_main.yml"
|
||||||
apply:
|
apply:
|
||||||
tags: purge-media
|
tags: purge-media
|
||||||
@ -63,7 +63,7 @@
|
|||||||
- purge-media
|
- purge-media
|
||||||
|
|
||||||
# Purge Synapse database if called
|
# Purge Synapse database if called
|
||||||
- include_tasks:
|
- include_tasks:
|
||||||
file: "purge_database_main.yml"
|
file: "purge_database_main.yml"
|
||||||
apply:
|
apply:
|
||||||
tags: purge-database
|
tags: purge-database
|
||||||
@ -72,7 +72,7 @@
|
|||||||
- purge-database
|
- purge-database
|
||||||
|
|
||||||
# Rotate SSH key if called
|
# Rotate SSH key if called
|
||||||
- include_tasks:
|
- include_tasks:
|
||||||
file: "rotate_ssh.yml"
|
file: "rotate_ssh.yml"
|
||||||
apply:
|
apply:
|
||||||
tags: rotate-ssh
|
tags: rotate-ssh
|
||||||
@ -81,16 +81,16 @@
|
|||||||
- rotate-ssh
|
- rotate-ssh
|
||||||
|
|
||||||
# Import configs, media repo from /chroot/backup import
|
# Import configs, media repo from /chroot/backup import
|
||||||
- include_tasks:
|
- include_tasks:
|
||||||
file: "import_awx.yml"
|
file: "import_awx.yml"
|
||||||
apply:
|
apply:
|
||||||
tags: import-awx
|
tags: import-awx
|
||||||
when: run_setup|bool and matrix_awx_enabled|bool
|
when: run_setup|bool and matrix_awx_enabled|bool
|
||||||
tags:
|
tags:
|
||||||
- import-awx
|
- import-awx
|
||||||
|
|
||||||
# Perform extra self-check functions
|
# Perform extra self-check functions
|
||||||
- include_tasks:
|
- include_tasks:
|
||||||
file: "self_check.yml"
|
file: "self_check.yml"
|
||||||
apply:
|
apply:
|
||||||
tags: self-check
|
tags: self-check
|
||||||
@ -99,7 +99,7 @@
|
|||||||
- self-check
|
- self-check
|
||||||
|
|
||||||
# Create cached matrix_vars.yml file
|
# Create cached matrix_vars.yml file
|
||||||
- include_tasks:
|
- include_tasks:
|
||||||
file: "cache_matrix_variables.yml"
|
file: "cache_matrix_variables.yml"
|
||||||
apply:
|
apply:
|
||||||
tags: always
|
tags: always
|
||||||
@ -108,7 +108,7 @@
|
|||||||
- always
|
- always
|
||||||
|
|
||||||
# Configure SFTP so user can upload a static website or access the servers export
|
# Configure SFTP so user can upload a static website or access the servers export
|
||||||
- include_tasks:
|
- include_tasks:
|
||||||
file: "customise_website_access_export.yml"
|
file: "customise_website_access_export.yml"
|
||||||
apply:
|
apply:
|
||||||
tags: setup-nginx-proxy
|
tags: setup-nginx-proxy
|
||||||
@ -117,7 +117,7 @@
|
|||||||
- setup-nginx-proxy
|
- setup-nginx-proxy
|
||||||
|
|
||||||
# Additional playbook to set the variable file during Element configuration
|
# Additional playbook to set the variable file during Element configuration
|
||||||
- include_tasks:
|
- include_tasks:
|
||||||
file: "set_variables_element.yml"
|
file: "set_variables_element.yml"
|
||||||
apply:
|
apply:
|
||||||
tags: setup-client-element
|
tags: setup-client-element
|
||||||
@ -126,7 +126,7 @@
|
|||||||
- setup-client-element
|
- setup-client-element
|
||||||
|
|
||||||
# Additional playbook to set the variable file during Mailer configuration
|
# Additional playbook to set the variable file during Mailer configuration
|
||||||
- include_tasks:
|
- include_tasks:
|
||||||
file: "set_variables_mailer.yml"
|
file: "set_variables_mailer.yml"
|
||||||
apply:
|
apply:
|
||||||
tags: setup-mailer
|
tags: setup-mailer
|
||||||
@ -135,7 +135,7 @@
|
|||||||
- setup-mailer
|
- setup-mailer
|
||||||
|
|
||||||
# Additional playbook to set the variable file during Element configuration
|
# Additional playbook to set the variable file during Element configuration
|
||||||
- include_tasks:
|
- include_tasks:
|
||||||
file: "set_variables_element_subdomain.yml"
|
file: "set_variables_element_subdomain.yml"
|
||||||
apply:
|
apply:
|
||||||
tags: setup-client-element-subdomain
|
tags: setup-client-element-subdomain
|
||||||
@ -144,7 +144,7 @@
|
|||||||
- setup-client-element-subdomain
|
- setup-client-element-subdomain
|
||||||
|
|
||||||
# Additional playbook to set the variable file during Synapse configuration
|
# Additional playbook to set the variable file during Synapse configuration
|
||||||
- include_tasks:
|
- include_tasks:
|
||||||
file: "set_variables_synapse.yml"
|
file: "set_variables_synapse.yml"
|
||||||
apply:
|
apply:
|
||||||
tags: setup-synapse
|
tags: setup-synapse
|
||||||
@ -153,7 +153,7 @@
|
|||||||
- setup-synapse
|
- setup-synapse
|
||||||
|
|
||||||
# Additional playbook to set the variable file during Jitsi configuration
|
# Additional playbook to set the variable file during Jitsi configuration
|
||||||
- include_tasks:
|
- include_tasks:
|
||||||
file: "set_variables_jitsi.yml"
|
file: "set_variables_jitsi.yml"
|
||||||
apply:
|
apply:
|
||||||
tags: setup-jitsi
|
tags: setup-jitsi
|
||||||
@ -162,7 +162,7 @@
|
|||||||
- setup-jitsi
|
- setup-jitsi
|
||||||
|
|
||||||
# Additional playbook to set the variable file during Ma1sd configuration
|
# Additional playbook to set the variable file during Ma1sd configuration
|
||||||
- include_tasks:
|
- include_tasks:
|
||||||
file: "set_variables_ma1sd.yml"
|
file: "set_variables_ma1sd.yml"
|
||||||
apply:
|
apply:
|
||||||
tags: setup-ma1sd
|
tags: setup-ma1sd
|
||||||
@ -171,7 +171,7 @@
|
|||||||
- setup-ma1sd
|
- setup-ma1sd
|
||||||
|
|
||||||
# Additional playbook to set the variable file during Corporal configuration
|
# Additional playbook to set the variable file during Corporal configuration
|
||||||
- include_tasks:
|
- include_tasks:
|
||||||
file: "set_variables_corporal.yml"
|
file: "set_variables_corporal.yml"
|
||||||
apply:
|
apply:
|
||||||
tags: setup-corporal
|
tags: setup-corporal
|
||||||
@ -180,7 +180,7 @@
|
|||||||
- setup-corporal
|
- setup-corporal
|
||||||
|
|
||||||
# Additional playbook to set the variable file during Dimension configuration
|
# Additional playbook to set the variable file during Dimension configuration
|
||||||
- include_tasks:
|
- include_tasks:
|
||||||
file: "set_variables_dimension.yml"
|
file: "set_variables_dimension.yml"
|
||||||
apply:
|
apply:
|
||||||
tags: setup-dimension
|
tags: setup-dimension
|
||||||
@ -189,7 +189,7 @@
|
|||||||
- setup-dimension
|
- setup-dimension
|
||||||
|
|
||||||
# Additional playbook to set the variable file during Synapse Admin configuration
|
# Additional playbook to set the variable file during Synapse Admin configuration
|
||||||
- include_tasks:
|
- include_tasks:
|
||||||
file: "set_variables_synapse_admin.yml"
|
file: "set_variables_synapse_admin.yml"
|
||||||
apply:
|
apply:
|
||||||
tags: setup-synapse-admin
|
tags: setup-synapse-admin
|
||||||
@ -198,7 +198,7 @@
|
|||||||
- setup-synapse-admin
|
- setup-synapse-admin
|
||||||
|
|
||||||
# Additional playbook to set the variable file during Discord Appservice Bridge configuration
|
# Additional playbook to set the variable file during Discord Appservice Bridge configuration
|
||||||
- include_tasks:
|
- include_tasks:
|
||||||
file: "bridge_discord_appservice.yml"
|
file: "bridge_discord_appservice.yml"
|
||||||
apply:
|
apply:
|
||||||
tags: bridge-discord-appservice
|
tags: bridge-discord-appservice
|
||||||
@ -207,7 +207,7 @@
|
|||||||
- bridge-discord-appservice
|
- bridge-discord-appservice
|
||||||
|
|
||||||
# Delete AWX session token
|
# Delete AWX session token
|
||||||
- include_tasks:
|
- include_tasks:
|
||||||
file: "delete_session_token.yml"
|
file: "delete_session_token.yml"
|
||||||
apply:
|
apply:
|
||||||
tags: always
|
tags: always
|
||||||
@ -216,7 +216,7 @@
|
|||||||
- always
|
- always
|
||||||
|
|
||||||
# Load newly formed matrix variables from AWX volume
|
# Load newly formed matrix variables from AWX volume
|
||||||
- include_tasks:
|
- include_tasks:
|
||||||
file: "load_matrix_variables.yml"
|
file: "load_matrix_variables.yml"
|
||||||
apply:
|
apply:
|
||||||
tags: always
|
tags: always
|
||||||
|
@ -9,20 +9,20 @@
|
|||||||
- name: Include vars in matrix_vars.yml
|
- name: Include vars in matrix_vars.yml
|
||||||
include_vars:
|
include_vars:
|
||||||
file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
|
file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
|
||||||
no_log: True
|
no_log: true
|
||||||
|
|
||||||
- name: Ensure curl and jq intalled on target machine
|
- name: Ensure curl and jq intalled on target machine
|
||||||
apt:
|
apt:
|
||||||
pkg:
|
pkg:
|
||||||
- curl
|
- curl
|
||||||
- jq
|
- jq
|
||||||
state: present
|
state: present
|
||||||
|
|
||||||
- name: Collect before shrink size of Synapse database
|
- name: Collect before shrink size of Synapse database
|
||||||
shell: du -sh /matrix/postgres/data
|
shell: du -sh /matrix/postgres/data
|
||||||
register: awx_db_size_before_stat
|
register: awx_db_size_before_stat
|
||||||
when: (awx_purge_mode.find("Perform final shrink") != -1)
|
when: (awx_purge_mode.find("Perform final shrink") != -1)
|
||||||
no_log: True
|
no_log: true
|
||||||
|
|
||||||
- name: Collect the internal IP of the matrix-synapse container
|
- name: Collect the internal IP of the matrix-synapse container
|
||||||
shell: "/usr/bin/docker inspect --format '{''{range.NetworkSettings.Networks}''}{''{.IPAddress}''}{''{end}''}' matrix-synapse"
|
shell: "/usr/bin/docker inspect --format '{''{range.NetworkSettings.Networks}''}{''{.IPAddress}''}{''{end}''}' matrix-synapse"
|
||||||
@ -34,7 +34,7 @@
|
|||||||
curl -X POST -d '{"type":"m.login.password", "user":"admin-janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_matrix/client/r0/login" | jq '.access_token'
|
curl -X POST -d '{"type":"m.login.password", "user":"admin-janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_matrix/client/r0/login" | jq '.access_token'
|
||||||
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
|
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
|
||||||
register: awx_janitors_token
|
register: awx_janitors_token
|
||||||
no_log: True
|
no_log: true
|
||||||
|
|
||||||
- name: Copy build_room_list.py script to target machine
|
- name: Copy build_room_list.py script to target machine
|
||||||
copy:
|
copy:
|
||||||
@ -55,7 +55,7 @@
|
|||||||
fetch:
|
fetch:
|
||||||
src: /tmp/room_list_complete.json
|
src: /tmp/room_list_complete.json
|
||||||
dest: "/tmp/{{ subscription_id }}_room_list_complete.json"
|
dest: "/tmp/{{ subscription_id }}_room_list_complete.json"
|
||||||
flat: yes
|
flat: true
|
||||||
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
|
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
|
||||||
|
|
||||||
- name: Remove complete room list from target machine
|
- name: Remove complete room list from target machine
|
||||||
@ -80,7 +80,7 @@
|
|||||||
- name: Setting host fact awx_room_list_no_local_users
|
- name: Setting host fact awx_room_list_no_local_users
|
||||||
set_fact:
|
set_fact:
|
||||||
awx_room_list_no_local_users: "{{ lookup('file', '/tmp/{{ subscription_id }}_room_list_no_local_users.txt') }}"
|
awx_room_list_no_local_users: "{{ lookup('file', '/tmp/{{ subscription_id }}_room_list_no_local_users.txt') }}"
|
||||||
no_log: True
|
no_log: true
|
||||||
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
|
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
|
||||||
|
|
||||||
- name: Purge all rooms with no local users
|
- name: Purge all rooms with no local users
|
||||||
@ -113,7 +113,7 @@
|
|||||||
set_fact:
|
set_fact:
|
||||||
awx_room_list_joined_members: "{{ lookup('file', '/tmp/{{ subscription_id }}_room_list_joined_members.txt') }}"
|
awx_room_list_joined_members: "{{ lookup('file', '/tmp/{{ subscription_id }}_room_list_joined_members.txt') }}"
|
||||||
when: awx_purge_mode.find("Number of users [slower]") != -1
|
when: awx_purge_mode.find("Number of users [slower]") != -1
|
||||||
no_log: True
|
no_log: true
|
||||||
|
|
||||||
- name: Purge all rooms with more then N users
|
- name: Purge all rooms with more then N users
|
||||||
include_tasks: purge_database_users.yml
|
include_tasks: purge_database_users.yml
|
||||||
@ -138,7 +138,7 @@
|
|||||||
set_fact:
|
set_fact:
|
||||||
awx_room_list_state_events: "{{ lookup('file', '/tmp/{{ subscription_id }}_room_list_state_events.txt') }}"
|
awx_room_list_state_events: "{{ lookup('file', '/tmp/{{ subscription_id }}_room_list_state_events.txt') }}"
|
||||||
when: awx_purge_mode.find("Number of events [slower]") != -1
|
when: awx_purge_mode.find("Number of events [slower]") != -1
|
||||||
no_log: True
|
no_log: true
|
||||||
|
|
||||||
- name: Purge all rooms with more then N events
|
- name: Purge all rooms with more then N events
|
||||||
include_tasks: purge_database_events.yml
|
include_tasks: purge_database_events.yml
|
||||||
@ -161,17 +161,17 @@
|
|||||||
verbosity: 1
|
verbosity: 1
|
||||||
tower_host: "https://{{ awx_host }}"
|
tower_host: "https://{{ awx_host }}"
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||||
validate_certs: yes
|
validate_certs: true
|
||||||
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1)
|
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1)
|
||||||
|
|
||||||
- name: Execute rust-synapse-compress-state job template
|
- name: Execute rust-synapse-compress-state job template
|
||||||
delegate_to: 127.0.0.1
|
delegate_to: 127.0.0.1
|
||||||
awx.awx.tower_job_launch:
|
awx.awx.tower_job_launch:
|
||||||
job_template: "{{ matrix_domain }} - 0 - Deploy/Update a Server"
|
job_template: "{{ matrix_domain }} - 0 - Deploy/Update a Server"
|
||||||
wait: yes
|
wait: true
|
||||||
tower_host: "https://{{ awx_host }}"
|
tower_host: "https://{{ awx_host }}"
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||||
validate_certs: yes
|
validate_certs: true
|
||||||
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1)
|
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1)
|
||||||
|
|
||||||
- name: Revert 'Deploy/Update a Server' job template
|
- name: Revert 'Deploy/Update a Server' job template
|
||||||
@ -190,14 +190,14 @@
|
|||||||
verbosity: 1
|
verbosity: 1
|
||||||
tower_host: "https://{{ awx_host }}"
|
tower_host: "https://{{ awx_host }}"
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||||
validate_certs: yes
|
validate_certs: true
|
||||||
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1)
|
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1)
|
||||||
|
|
||||||
- name: Ensure matrix-synapse is stopped
|
- name: Ensure matrix-synapse is stopped
|
||||||
service:
|
service:
|
||||||
name: matrix-synapse
|
name: matrix-synapse
|
||||||
state: stopped
|
state: stopped
|
||||||
daemon_reload: yes
|
daemon_reload: true
|
||||||
when: (awx_purge_mode.find("Perform final shrink") != -1)
|
when: (awx_purge_mode.find("Perform final shrink") != -1)
|
||||||
|
|
||||||
- name: Re-index Synapse database
|
- name: Re-index Synapse database
|
||||||
@ -208,7 +208,7 @@
|
|||||||
service:
|
service:
|
||||||
name: matrix-synapse
|
name: matrix-synapse
|
||||||
state: started
|
state: started
|
||||||
daemon_reload: yes
|
daemon_reload: true
|
||||||
when: (awx_purge_mode.find("Perform final shrink") != -1)
|
when: (awx_purge_mode.find("Perform final shrink") != -1)
|
||||||
|
|
||||||
- name: Adjust 'Deploy/Update a Server' job template
|
- name: Adjust 'Deploy/Update a Server' job template
|
||||||
@ -227,17 +227,17 @@
|
|||||||
verbosity: 1
|
verbosity: 1
|
||||||
tower_host: "https://{{ awx_host }}"
|
tower_host: "https://{{ awx_host }}"
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||||
validate_certs: yes
|
validate_certs: true
|
||||||
when: (awx_purge_mode.find("Perform final shrink") != -1)
|
when: (awx_purge_mode.find("Perform final shrink") != -1)
|
||||||
|
|
||||||
- name: Execute run-postgres-vacuum job template
|
- name: Execute run-postgres-vacuum job template
|
||||||
delegate_to: 127.0.0.1
|
delegate_to: 127.0.0.1
|
||||||
awx.awx.tower_job_launch:
|
awx.awx.tower_job_launch:
|
||||||
job_template: "{{ matrix_domain }} - 0 - Deploy/Update a Server"
|
job_template: "{{ matrix_domain }} - 0 - Deploy/Update a Server"
|
||||||
wait: yes
|
wait: true
|
||||||
tower_host: "https://{{ awx_host }}"
|
tower_host: "https://{{ awx_host }}"
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||||
validate_certs: yes
|
validate_certs: true
|
||||||
when: (awx_purge_mode.find("Perform final shrink") != -1)
|
when: (awx_purge_mode.find("Perform final shrink") != -1)
|
||||||
|
|
||||||
- name: Revert 'Deploy/Update a Server' job template
|
- name: Revert 'Deploy/Update a Server' job template
|
||||||
@ -256,7 +256,7 @@
|
|||||||
verbosity: 1
|
verbosity: 1
|
||||||
tower_host: "https://{{ awx_host }}"
|
tower_host: "https://{{ awx_host }}"
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||||
validate_certs: yes
|
validate_certs: true
|
||||||
when: (awx_purge_mode.find("Perform final shrink") != -1)
|
when: (awx_purge_mode.find("Perform final shrink") != -1)
|
||||||
|
|
||||||
- name: Cleanup room_list files
|
- name: Cleanup room_list files
|
||||||
@ -264,13 +264,13 @@
|
|||||||
shell: |
|
shell: |
|
||||||
rm /tmp/{{ subscription_id }}_room_list*
|
rm /tmp/{{ subscription_id }}_room_list*
|
||||||
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
|
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
|
||||||
ignore_errors: yes
|
ignore_errors: true
|
||||||
|
|
||||||
- name: Collect after shrink size of Synapse database
|
- name: Collect after shrink size of Synapse database
|
||||||
shell: du -sh /matrix/postgres/data
|
shell: du -sh /matrix/postgres/data
|
||||||
register: awx_db_size_after_stat
|
register: awx_db_size_after_stat
|
||||||
when: (awx_purge_mode.find("Perform final shrink") != -1)
|
when: (awx_purge_mode.find("Perform final shrink") != -1)
|
||||||
no_log: True
|
no_log: true
|
||||||
|
|
||||||
- name: Print total number of rooms processed
|
- name: Print total number of rooms processed
|
||||||
debug:
|
debug:
|
||||||
|
@ -1,3 +1,4 @@
|
|||||||
|
---
|
||||||
|
|
||||||
- name: Ensure dateutils is installed in AWX
|
- name: Ensure dateutils is installed in AWX
|
||||||
delegate_to: 127.0.0.1
|
delegate_to: 127.0.0.1
|
||||||
@ -8,13 +9,13 @@
|
|||||||
- name: Include vars in matrix_vars.yml
|
- name: Include vars in matrix_vars.yml
|
||||||
include_vars:
|
include_vars:
|
||||||
file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
|
file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
|
||||||
no_log: True
|
no_log: true
|
||||||
|
|
||||||
- name: Ensure curl and jq intalled on target machine
|
- name: Ensure curl and jq intalled on target machine
|
||||||
apt:
|
apt:
|
||||||
pkg:
|
pkg:
|
||||||
- curl
|
- curl
|
||||||
- jq
|
- jq
|
||||||
state: present
|
state: present
|
||||||
|
|
||||||
- name: Collect the internal IP of the matrix-synapse container
|
- name: Collect the internal IP of the matrix-synapse container
|
||||||
@ -25,7 +26,7 @@
|
|||||||
shell: |
|
shell: |
|
||||||
curl -XPOST -d '{"type":"m.login.password", "user":"admin-janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_matrix/client/r0/login" | jq '.access_token'
|
curl -XPOST -d '{"type":"m.login.password", "user":"admin-janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_matrix/client/r0/login" | jq '.access_token'
|
||||||
register: awx_janitors_token
|
register: awx_janitors_token
|
||||||
no_log: True
|
no_log: true
|
||||||
|
|
||||||
- name: Generate list of dates to purge to
|
- name: Generate list of dates to purge to
|
||||||
delegate_to: 127.0.0.1
|
delegate_to: 127.0.0.1
|
||||||
@ -37,16 +38,16 @@
|
|||||||
register: awx_local_media_size_before
|
register: awx_local_media_size_before
|
||||||
when: awx_purge_media_type == "Local Media"
|
when: awx_purge_media_type == "Local Media"
|
||||||
async: 600
|
async: 600
|
||||||
ignore_errors: yes
|
ignore_errors: true
|
||||||
no_log: True
|
no_log: true
|
||||||
|
|
||||||
- name: Calculate initial size of remote media repository
|
- name: Calculate initial size of remote media repository
|
||||||
shell: du -sh /matrix/synapse/storage/media-store/remote*
|
shell: du -sh /matrix/synapse/storage/media-store/remote*
|
||||||
register: awx_remote_media_size_before
|
register: awx_remote_media_size_before
|
||||||
when: awx_purge_media_type == "Remote Media"
|
when: awx_purge_media_type == "Remote Media"
|
||||||
async: 600
|
async: 600
|
||||||
ignore_errors: yes
|
ignore_errors: true
|
||||||
no_log: True
|
no_log: true
|
||||||
|
|
||||||
- name: Purge local media with loop
|
- name: Purge local media with loop
|
||||||
include_tasks: purge_media_local.yml
|
include_tasks: purge_media_local.yml
|
||||||
@ -62,15 +63,15 @@
|
|||||||
shell: du -sh /matrix/synapse/storage/media-store/local*
|
shell: du -sh /matrix/synapse/storage/media-store/local*
|
||||||
register: awx_local_media_size_after
|
register: awx_local_media_size_after
|
||||||
when: awx_purge_media_type == "Local Media"
|
when: awx_purge_media_type == "Local Media"
|
||||||
ignore_errors: yes
|
ignore_errors: true
|
||||||
no_log: True
|
no_log: true
|
||||||
|
|
||||||
- name: Calculate final size of remote media repository
|
- name: Calculate final size of remote media repository
|
||||||
shell: du -sh /matrix/synapse/storage/media-store/remote*
|
shell: du -sh /matrix/synapse/storage/media-store/remote*
|
||||||
register: awx_remote_media_size_after
|
register: awx_remote_media_size_after
|
||||||
when: awx_purge_media_type == "Remote Media"
|
when: awx_purge_media_type == "Remote Media"
|
||||||
ignore_errors: yes
|
ignore_errors: true
|
||||||
no_log: True
|
no_log: true
|
||||||
|
|
||||||
- name: Print size of local media repository before purge
|
- name: Print size of local media repository before purge
|
||||||
debug:
|
debug:
|
||||||
|
@ -4,7 +4,7 @@
|
|||||||
authorized_key:
|
authorized_key:
|
||||||
user: root
|
user: root
|
||||||
state: present
|
state: present
|
||||||
exclusive: yes
|
exclusive: true
|
||||||
key: "{{ lookup('file', '/var/lib/awx/projects/hosting/client_public.key') }}"
|
key: "{{ lookup('file', '/var/lib/awx/projects/hosting/client_public.key') }}"
|
||||||
|
|
||||||
- name: Delete the AWX session token for executing modules
|
- name: Delete the AWX session token for executing modules
|
||||||
|
@ -25,53 +25,53 @@
|
|||||||
shell: |
|
shell: |
|
||||||
curl -s localhost:9000 | grep "^synapse_admin_mau_current "
|
curl -s localhost:9000 | grep "^synapse_admin_mau_current "
|
||||||
register: awx_mau_stat
|
register: awx_mau_stat
|
||||||
no_log: True
|
no_log: true
|
||||||
|
|
||||||
- name: Calculate CPU usage statistics
|
- name: Calculate CPU usage statistics
|
||||||
shell: iostat -c
|
shell: iostat -c
|
||||||
register: awx_cpu_usage_stat
|
register: awx_cpu_usage_stat
|
||||||
no_log: True
|
no_log: true
|
||||||
|
|
||||||
- name: Calculate RAM usage statistics
|
- name: Calculate RAM usage statistics
|
||||||
shell: free -mh
|
shell: free -mh
|
||||||
register: awx_ram_usage_stat
|
register: awx_ram_usage_stat
|
||||||
no_log: True
|
no_log: true
|
||||||
|
|
||||||
- name: Calculate free disk space
|
- name: Calculate free disk space
|
||||||
shell: df -h
|
shell: df -h
|
||||||
register: awx_disk_space_stat
|
register: awx_disk_space_stat
|
||||||
no_log: True
|
no_log: true
|
||||||
|
|
||||||
- name: Calculate size of Synapse database
|
- name: Calculate size of Synapse database
|
||||||
shell: du -sh /matrix/postgres/data
|
shell: du -sh /matrix/postgres/data
|
||||||
register: awx_db_size_stat
|
register: awx_db_size_stat
|
||||||
no_log: True
|
no_log: true
|
||||||
|
|
||||||
- name: Calculate size of local media repository
|
- name: Calculate size of local media repository
|
||||||
shell: du -sh /matrix/synapse/storage/media-store/local*
|
shell: du -sh /matrix/synapse/storage/media-store/local*
|
||||||
register: awx_local_media_size_stat
|
register: awx_local_media_size_stat
|
||||||
async: 600
|
async: 600
|
||||||
ignore_errors: yes
|
ignore_errors: true
|
||||||
no_log: True
|
no_log: true
|
||||||
|
|
||||||
- name: Calculate size of remote media repository
|
- name: Calculate size of remote media repository
|
||||||
shell: du -sh /matrix/synapse/storage/media-store/remote*
|
shell: du -sh /matrix/synapse/storage/media-store/remote*
|
||||||
register: awx_remote_media_size_stat
|
register: awx_remote_media_size_stat
|
||||||
async: 600
|
async: 600
|
||||||
ignore_errors: yes
|
ignore_errors: true
|
||||||
no_log: True
|
no_log: true
|
||||||
|
|
||||||
- name: Calculate docker container statistics
|
- name: Calculate docker container statistics
|
||||||
shell: docker stats --all --no-stream
|
shell: docker stats --all --no-stream
|
||||||
register: awx_docker_stats
|
register: awx_docker_stats
|
||||||
ignore_errors: yes
|
ignore_errors: true
|
||||||
no_log: True
|
no_log: true
|
||||||
|
|
||||||
- name: Print size of remote media repository
|
- name: Print size of remote media repository
|
||||||
debug:
|
debug:
|
||||||
msg: "{{ awx_remote_media_size_stat.stdout.split('\n') }}"
|
msg: "{{ awx_remote_media_size_stat.stdout.split('\n') }}"
|
||||||
when: awx_remote_media_size_stat is defined
|
when: awx_remote_media_size_stat is defined
|
||||||
|
|
||||||
- name: Print size of local media repository
|
- name: Print size of local media repository
|
||||||
debug:
|
debug:
|
||||||
msg: "{{ awx_local_media_size_stat.stdout.split('\n') }}"
|
msg: "{{ awx_local_media_size_stat.stdout.split('\n') }}"
|
||||||
|
@ -235,9 +235,9 @@
|
|||||||
credential: "{{ member_id }} - AWX SSH Key"
|
credential: "{{ member_id }} - AWX SSH Key"
|
||||||
survey_enabled: true
|
survey_enabled: true
|
||||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_corporal.json') }}"
|
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_corporal.json') }}"
|
||||||
become_enabled: yes
|
become_enabled: true
|
||||||
state: present
|
state: present
|
||||||
verbosity: 1
|
verbosity: 1
|
||||||
tower_host: "https://{{ awx_host }}"
|
tower_host: "https://{{ awx_host }}"
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||||
validate_certs: yes
|
validate_certs: true
|
||||||
|
@ -3,18 +3,18 @@
|
|||||||
- name: Include vars in matrix_vars.yml
|
- name: Include vars in matrix_vars.yml
|
||||||
include_vars:
|
include_vars:
|
||||||
file: '{{ awx_cached_matrix_vars }}'
|
file: '{{ awx_cached_matrix_vars }}'
|
||||||
no_log: True
|
no_log: true
|
||||||
|
|
||||||
- name: Install jq and curl on remote machine
|
- name: Install jq and curl on remote machine
|
||||||
apt:
|
apt:
|
||||||
name:
|
name:
|
||||||
- jq
|
- jq
|
||||||
- curl
|
- curl
|
||||||
state: present
|
state: present
|
||||||
|
|
||||||
- name: Collect access token of @admin-dimension user
|
- name: Collect access token of @admin-dimension user
|
||||||
shell: |
|
shell: |
|
||||||
curl -X POST --header 'Content-Type: application/json' -d '{ "identifier": { "type": "m.id.user","user": "admin-dimension" }, "password": "{{ awx_dimension_user_password }}", "type": "m.login.password"}' 'https://matrix.{{ matrix_domain }}/_matrix/client/r0/login' | jq -c '. | {access_token}' | sed 's/.*\":\"//' | sed 's/\"}//'
|
curl -X POST --header 'Content-Type: application/json' -d '{ "identifier": { "type": "m.id.user","user": "admin-dimension"}, "password": "{{ awx_dimension_user_password }}", "type": "m.login.password"}' 'https://matrix.{{ matrix_domain }}/_matrix/client/r0/login' | jq -c '. | {access_token}' | sed 's/.*\":\"//' | sed 's/\"}//'
|
||||||
register: awx_dimension_user_access_token
|
register: awx_dimension_user_access_token
|
||||||
|
|
||||||
- name: Record Synapse variables locally on AWX
|
- name: Record Synapse variables locally on AWX
|
||||||
@ -27,7 +27,7 @@
|
|||||||
with_dict:
|
with_dict:
|
||||||
'matrix_dimension_enabled': '{{ matrix_dimension_enabled }}'
|
'matrix_dimension_enabled': '{{ matrix_dimension_enabled }}'
|
||||||
'matrix_dimension_access_token': '"{{ awx_dimension_user_access_token.stdout }}"'
|
'matrix_dimension_access_token': '"{{ awx_dimension_user_access_token.stdout }}"'
|
||||||
|
|
||||||
- name: Set final users list if users are defined
|
- name: Set final users list if users are defined
|
||||||
set_fact:
|
set_fact:
|
||||||
awx_dimension_users_final: "{{ awx_dimension_users }}"
|
awx_dimension_users_final: "{{ awx_dimension_users }}"
|
||||||
@ -80,7 +80,7 @@
|
|||||||
- name: Copy new 'Configure Dimension' survey.json to target machine
|
- name: Copy new 'Configure Dimension' survey.json to target machine
|
||||||
copy:
|
copy:
|
||||||
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_dimension.json'
|
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_dimension.json'
|
||||||
dest: '/matrix/awx/configure_dimension.json'
|
dest: '/matrix/awx/configure_dimension.json'
|
||||||
mode: '0660'
|
mode: '0660'
|
||||||
|
|
||||||
- name: Recreate 'Configure Dimension' job template
|
- name: Recreate 'Configure Dimension' job template
|
||||||
@ -97,9 +97,9 @@
|
|||||||
credential: "{{ member_id }} - AWX SSH Key"
|
credential: "{{ member_id }} - AWX SSH Key"
|
||||||
survey_enabled: true
|
survey_enabled: true
|
||||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_dimension.json') }}"
|
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_dimension.json') }}"
|
||||||
become_enabled: yes
|
become_enabled: true
|
||||||
state: present
|
state: present
|
||||||
verbosity: 1
|
verbosity: 1
|
||||||
tower_host: "https://{{ awx_host }}"
|
tower_host: "https://{{ awx_host }}"
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||||
validate_certs: yes
|
validate_certs: true
|
||||||
|
@ -172,9 +172,9 @@
|
|||||||
credential: "{{ member_id }} - AWX SSH Key"
|
credential: "{{ member_id }} - AWX SSH Key"
|
||||||
survey_enabled: true
|
survey_enabled: true
|
||||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_element.json') }}"
|
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_element.json') }}"
|
||||||
become_enabled: yes
|
become_enabled: true
|
||||||
state: present
|
state: present
|
||||||
verbosity: 1
|
verbosity: 1
|
||||||
tower_host: "https://{{ awx_host }}"
|
tower_host: "https://{{ awx_host }}"
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||||
validate_certs: yes
|
validate_certs: true
|
||||||
|
@ -9,7 +9,7 @@
|
|||||||
insertafter: '# Element Settings Start'
|
insertafter: '# Element Settings Start'
|
||||||
with_dict:
|
with_dict:
|
||||||
'matrix_server_fqn_element': "{{ awx_element_subdomain | trim }}.{{ matrix_domain }}"
|
'matrix_server_fqn_element': "{{ awx_element_subdomain | trim }}.{{ matrix_domain }}"
|
||||||
|
|
||||||
- name: Save new 'Configure Element Subdomain' survey.json to the AWX tower, template
|
- name: Save new 'Configure Element Subdomain' survey.json to the AWX tower, template
|
||||||
delegate_to: 127.0.0.1
|
delegate_to: 127.0.0.1
|
||||||
template:
|
template:
|
||||||
@ -40,4 +40,4 @@
|
|||||||
verbosity: 1
|
verbosity: 1
|
||||||
tower_host: "https://{{ awx_host }}"
|
tower_host: "https://{{ awx_host }}"
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||||
validate_certs: yes
|
validate_certs: true
|
||||||
|
@ -20,7 +20,7 @@
|
|||||||
- name: Copy new 'Configure Jitsi' survey.json to target machine
|
- name: Copy new 'Configure Jitsi' survey.json to target machine
|
||||||
copy:
|
copy:
|
||||||
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_jitsi.json'
|
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_jitsi.json'
|
||||||
dest: '/matrix/awx/configure_jitsi.json'
|
dest: '/matrix/awx/configure_jitsi.json'
|
||||||
mode: '0660'
|
mode: '0660'
|
||||||
|
|
||||||
- name: Recreate 'Configure Jitsi' job template
|
- name: Recreate 'Configure Jitsi' job template
|
||||||
@ -37,9 +37,9 @@
|
|||||||
credential: "{{ member_id }} - AWX SSH Key"
|
credential: "{{ member_id }} - AWX SSH Key"
|
||||||
survey_enabled: true
|
survey_enabled: true
|
||||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_jitsi.json') }}"
|
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_jitsi.json') }}"
|
||||||
become_enabled: yes
|
become_enabled: true
|
||||||
state: present
|
state: present
|
||||||
verbosity: 1
|
verbosity: 1
|
||||||
tower_host: "https://{{ awx_host }}"
|
tower_host: "https://{{ awx_host }}"
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||||
validate_certs: yes
|
validate_certs: true
|
||||||
|
@ -66,7 +66,7 @@
|
|||||||
with_dict:
|
with_dict:
|
||||||
'awx_matrix_ma1sd_auth_store': '{{ awx_matrix_ma1sd_auth_store }}'
|
'awx_matrix_ma1sd_auth_store': '{{ awx_matrix_ma1sd_auth_store }}'
|
||||||
'awx_matrix_ma1sd_configuration_extension_yaml': '{{ awx_matrix_ma1sd_configuration_extension_yaml.splitlines() | to_json }}'
|
'awx_matrix_ma1sd_configuration_extension_yaml': '{{ awx_matrix_ma1sd_configuration_extension_yaml.splitlines() | to_json }}'
|
||||||
no_log: True
|
no_log: true
|
||||||
|
|
||||||
- name: Save new 'Configure ma1sd' survey.json to the AWX tower, template
|
- name: Save new 'Configure ma1sd' survey.json to the AWX tower, template
|
||||||
delegate_to: 127.0.0.1
|
delegate_to: 127.0.0.1
|
||||||
@ -77,7 +77,7 @@
|
|||||||
- name: Copy new 'Configure ma1sd' survey.json to target machine
|
- name: Copy new 'Configure ma1sd' survey.json to target machine
|
||||||
copy:
|
copy:
|
||||||
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_ma1sd.json'
|
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_ma1sd.json'
|
||||||
dest: '/matrix/awx/configure_ma1sd.json'
|
dest: '/matrix/awx/configure_ma1sd.json'
|
||||||
mode: '0660'
|
mode: '0660'
|
||||||
|
|
||||||
- name: Recreate 'Configure ma1sd (Advanced)' job template
|
- name: Recreate 'Configure ma1sd (Advanced)' job template
|
||||||
@ -94,10 +94,9 @@
|
|||||||
credential: "{{ member_id }} - AWX SSH Key"
|
credential: "{{ member_id }} - AWX SSH Key"
|
||||||
survey_enabled: true
|
survey_enabled: true
|
||||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_ma1sd.json') }}"
|
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_ma1sd.json') }}"
|
||||||
become_enabled: yes
|
become_enabled: true
|
||||||
state: present
|
state: present
|
||||||
verbosity: 1
|
verbosity: 1
|
||||||
tower_host: "https://{{ awx_host }}"
|
tower_host: "https://{{ awx_host }}"
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||||
validate_certs: yes
|
validate_certs: true
|
||||||
|
|
||||||
|
@ -36,9 +36,9 @@
|
|||||||
credential: "{{ member_id }} - AWX SSH Key"
|
credential: "{{ member_id }} - AWX SSH Key"
|
||||||
survey_enabled: true
|
survey_enabled: true
|
||||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_email_relay.json') }}"
|
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_email_relay.json') }}"
|
||||||
become_enabled: yes
|
become_enabled: true
|
||||||
state: present
|
state: present
|
||||||
verbosity: 1
|
verbosity: 1
|
||||||
tower_host: "https://{{ awx_host }}"
|
tower_host: "https://{{ awx_host }}"
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||||
validate_certs: yes
|
validate_certs: true
|
||||||
|
@ -1,3 +1,4 @@
|
|||||||
|
---
|
||||||
|
|
||||||
- name: Limit max upload size to 200MB part 1
|
- name: Limit max upload size to 200MB part 1
|
||||||
set_fact:
|
set_fact:
|
||||||
@ -197,7 +198,7 @@
|
|||||||
- name: Copy new 'Configure Synapse' survey.json to target machine
|
- name: Copy new 'Configure Synapse' survey.json to target machine
|
||||||
copy:
|
copy:
|
||||||
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse.json'
|
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse.json'
|
||||||
dest: '/matrix/awx/configure_synapse.json'
|
dest: '/matrix/awx/configure_synapse.json'
|
||||||
mode: '0660'
|
mode: '0660'
|
||||||
|
|
||||||
- name: Recreate 'Configure Synapse' job template
|
- name: Recreate 'Configure Synapse' job template
|
||||||
@ -214,9 +215,9 @@
|
|||||||
credential: "{{ member_id }} - AWX SSH Key"
|
credential: "{{ member_id }} - AWX SSH Key"
|
||||||
survey_enabled: true
|
survey_enabled: true
|
||||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse.json') }}"
|
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse.json') }}"
|
||||||
become_enabled: yes
|
become_enabled: true
|
||||||
state: present
|
state: present
|
||||||
verbosity: 1
|
verbosity: 1
|
||||||
tower_host: "https://{{ awx_host }}"
|
tower_host: "https://{{ awx_host }}"
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||||
validate_certs: yes
|
validate_certs: true
|
||||||
|
@ -19,7 +19,7 @@
|
|||||||
- name: Copy new 'Configure Synapse Admin' survey.json to target machine
|
- name: Copy new 'Configure Synapse Admin' survey.json to target machine
|
||||||
copy:
|
copy:
|
||||||
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse_admin.json'
|
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse_admin.json'
|
||||||
dest: '/matrix/awx/configure_synapse_admin.json'
|
dest: '/matrix/awx/configure_synapse_admin.json'
|
||||||
mode: '0660'
|
mode: '0660'
|
||||||
|
|
||||||
- name: Recreate 'Configure Synapse Admin' job template
|
- name: Recreate 'Configure Synapse Admin' job template
|
||||||
@ -36,9 +36,9 @@
|
|||||||
credential: "{{ member_id }} - AWX SSH Key"
|
credential: "{{ member_id }} - AWX SSH Key"
|
||||||
survey_enabled: true
|
survey_enabled: true
|
||||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse_admin.json') }}"
|
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse_admin.json') }}"
|
||||||
become_enabled: yes
|
become_enabled: true
|
||||||
state: present
|
state: present
|
||||||
verbosity: 1
|
verbosity: 1
|
||||||
tower_host: "https://{{ awx_host }}"
|
tower_host: "https://{{ awx_host }}"
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||||
validate_certs: yes
|
validate_certs: true
|
||||||
|
@ -12,7 +12,7 @@
|
|||||||
command: |
|
command: |
|
||||||
openssl rand -hex 16
|
openssl rand -hex 16
|
||||||
register: generic_secret
|
register: generic_secret
|
||||||
no_log: True
|
no_log: true
|
||||||
when: ( matrix_homeserver_generic_secret_key is undefined ) or ( matrix_homeserver_generic_secret_key | length == 0 )
|
when: ( matrix_homeserver_generic_secret_key is undefined ) or ( matrix_homeserver_generic_secret_key | length == 0 )
|
||||||
|
|
||||||
- name: Add new matrix_homeserver_generic_secret_key variable
|
- name: Add new matrix_homeserver_generic_secret_key variable
|
||||||
@ -22,5 +22,5 @@
|
|||||||
line: "matrix_homeserver_generic_secret_key: {{ generic_secret.stdout }}"
|
line: "matrix_homeserver_generic_secret_key: {{ generic_secret.stdout }}"
|
||||||
insertbefore: '# Basic Settings End'
|
insertbefore: '# Basic Settings End'
|
||||||
mode: '0600'
|
mode: '0600'
|
||||||
state: present
|
state: present
|
||||||
when: ( matrix_homeserver_generic_secret_key is undefined ) or ( matrix_homeserver_generic_secret_key | length == 0 )
|
when: ( matrix_homeserver_generic_secret_key is undefined ) or ( matrix_homeserver_generic_secret_key | length == 0 )
|
||||||
|
@ -1,3 +1,4 @@
|
|||||||
|
---
|
||||||
# The bare domain name which represents your Matrix identity.
|
# The bare domain name which represents your Matrix identity.
|
||||||
# Matrix user ids for your server will be of the form (`@user:<matrix-domain>`).
|
# Matrix user ids for your server will be of the form (`@user:<matrix-domain>`).
|
||||||
#
|
#
|
||||||
|
@ -6,4 +6,4 @@
|
|||||||
state: absent
|
state: absent
|
||||||
with_items:
|
with_items:
|
||||||
- "{{ matrix_base_data_path }}/environment-variables"
|
- "{{ matrix_base_data_path }}/environment-variables"
|
||||||
- "{{ matrix_base_data_path }}/scratchpad"
|
- "{{ matrix_base_data_path }}/scratchpad"
|
||||||
|
@ -1,3 +1,5 @@
|
|||||||
|
---
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/sanity_check.yml"
|
- import_tasks: "{{ role_path }}/tasks/sanity_check.yml"
|
||||||
tags:
|
tags:
|
||||||
- always
|
- always
|
||||||
|
@ -13,7 +13,7 @@
|
|||||||
name:
|
name:
|
||||||
- lsb-release
|
- lsb-release
|
||||||
state: present
|
state: present
|
||||||
update_cache: yes
|
update_cache: true
|
||||||
register: lsb_release_installation_result
|
register: lsb_release_installation_result
|
||||||
|
|
||||||
- name: Reread ansible_lsb facts if lsb-release got installed
|
- name: Reread ansible_lsb facts if lsb-release got installed
|
||||||
@ -34,10 +34,10 @@
|
|||||||
service:
|
service:
|
||||||
name: docker
|
name: docker
|
||||||
state: started
|
state: started
|
||||||
enabled: yes
|
enabled: true
|
||||||
|
|
||||||
- name: "Ensure {{ matrix_ntpd_service }} is started and autoruns"
|
- name: "Ensure {{ matrix_ntpd_service }} is started and autoruns"
|
||||||
service:
|
service:
|
||||||
name: "{{ matrix_ntpd_service }}"
|
name: "{{ matrix_ntpd_service }}"
|
||||||
state: started
|
state: started
|
||||||
enabled: yes
|
enabled: true
|
||||||
|
@ -6,7 +6,7 @@
|
|||||||
- python-docker
|
- python-docker
|
||||||
- python-dnspython
|
- python-dnspython
|
||||||
state: latest
|
state: latest
|
||||||
update_cache: yes
|
update_cache: true
|
||||||
|
|
||||||
- name: Ensure Docker is installed
|
- name: Ensure Docker is installed
|
||||||
pacman:
|
pacman:
|
||||||
|
@ -22,7 +22,7 @@
|
|||||||
name:
|
name:
|
||||||
- "{{ matrix_ntpd_package }}"
|
- "{{ matrix_ntpd_package }}"
|
||||||
state: latest
|
state: latest
|
||||||
update_cache: yes
|
update_cache: true
|
||||||
|
|
||||||
- name: Ensure Docker is installed
|
- name: Ensure Docker is installed
|
||||||
yum:
|
yum:
|
||||||
|
@ -22,14 +22,14 @@
|
|||||||
name:
|
name:
|
||||||
- epel-release
|
- epel-release
|
||||||
state: latest
|
state: latest
|
||||||
update_cache: yes
|
update_cache: true
|
||||||
|
|
||||||
- name: Ensure yum packages are installed
|
- name: Ensure yum packages are installed
|
||||||
yum:
|
yum:
|
||||||
name:
|
name:
|
||||||
- "{{ matrix_ntpd_package }}"
|
- "{{ matrix_ntpd_package }}"
|
||||||
state: latest
|
state: latest
|
||||||
update_cache: yes
|
update_cache: true
|
||||||
|
|
||||||
- name: Ensure Docker is installed
|
- name: Ensure Docker is installed
|
||||||
yum:
|
yum:
|
||||||
|
@ -7,7 +7,7 @@
|
|||||||
- ca-certificates
|
- ca-certificates
|
||||||
- gnupg
|
- gnupg
|
||||||
state: present
|
state: present
|
||||||
update_cache: yes
|
update_cache: true
|
||||||
|
|
||||||
- name: Ensure Docker's APT key is trusted
|
- name: Ensure Docker's APT key is trusted
|
||||||
apt_key:
|
apt_key:
|
||||||
@ -22,7 +22,7 @@
|
|||||||
apt_repository:
|
apt_repository:
|
||||||
repo: "deb [arch={{ matrix_debian_arch }}] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} stable"
|
repo: "deb [arch={{ matrix_debian_arch }}] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} stable"
|
||||||
state: present
|
state: present
|
||||||
update_cache: yes
|
update_cache: true
|
||||||
when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce'
|
when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce'
|
||||||
|
|
||||||
- name: Ensure APT packages are installed
|
- name: Ensure APT packages are installed
|
||||||
@ -30,7 +30,7 @@
|
|||||||
name:
|
name:
|
||||||
- "{{ matrix_ntpd_package }}"
|
- "{{ matrix_ntpd_package }}"
|
||||||
state: latest
|
state: latest
|
||||||
update_cache: yes
|
update_cache: true
|
||||||
|
|
||||||
- name: Ensure Docker is installed
|
- name: Ensure Docker is installed
|
||||||
apt:
|
apt:
|
||||||
|
@ -7,7 +7,7 @@
|
|||||||
- ca-certificates
|
- ca-certificates
|
||||||
- gnupg
|
- gnupg
|
||||||
state: present
|
state: present
|
||||||
update_cache: yes
|
update_cache: true
|
||||||
|
|
||||||
- name: Ensure Docker's APT key is trusted
|
- name: Ensure Docker's APT key is trusted
|
||||||
apt_key:
|
apt_key:
|
||||||
@ -22,7 +22,7 @@
|
|||||||
apt_repository:
|
apt_repository:
|
||||||
repo: "deb [arch={{ matrix_debian_arch }}] https://download.docker.com/linux/raspbian {{ ansible_distribution_release }} stable"
|
repo: "deb [arch={{ matrix_debian_arch }}] https://download.docker.com/linux/raspbian {{ ansible_distribution_release }} stable"
|
||||||
state: present
|
state: present
|
||||||
update_cache: yes
|
update_cache: true
|
||||||
when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce'
|
when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce'
|
||||||
|
|
||||||
- name: Ensure APT packages are installed
|
- name: Ensure APT packages are installed
|
||||||
@ -30,7 +30,7 @@
|
|||||||
name:
|
name:
|
||||||
- "{{ matrix_ntpd_package }}"
|
- "{{ matrix_ntpd_package }}"
|
||||||
state: latest
|
state: latest
|
||||||
update_cache: yes
|
update_cache: true
|
||||||
|
|
||||||
- name: Ensure Docker is installed
|
- name: Ensure Docker is installed
|
||||||
apt:
|
apt:
|
||||||
|
@ -18,8 +18,8 @@
|
|||||||
state: present
|
state: present
|
||||||
group: "{{ matrix_user_groupname }}"
|
group: "{{ matrix_user_groupname }}"
|
||||||
home: "{{ matrix_base_data_path }}"
|
home: "{{ matrix_base_data_path }}"
|
||||||
create_home: no
|
create_home: false
|
||||||
system: yes
|
system: true
|
||||||
register: matrix_user
|
register: matrix_user
|
||||||
|
|
||||||
- name: Set Matrix Group UID Variable
|
- name: Set Matrix Group UID Variable
|
||||||
|
@ -1,3 +1,4 @@
|
|||||||
|
---
|
||||||
# We need others to be able to read these directories too,
|
# We need others to be able to read these directories too,
|
||||||
# so that matrix-nginx-proxy's nginx user can access the files.
|
# so that matrix-nginx-proxy's nginx user can access the files.
|
||||||
#
|
#
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
|
---
|
||||||
# This is for both CentOS 7 and 8
|
# This is for both CentOS 7 and 8
|
||||||
- name: Ensure fuse installed (CentOS)
|
- name: Ensure fuse installed (CentOS)
|
||||||
yum:
|
yum:
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
|
---
|
||||||
# This is for both CentOS 7 and 8
|
# This is for both CentOS 7 and 8
|
||||||
- name: Ensure openssl installed (CentOS)
|
- name: Ensure openssl installed (CentOS)
|
||||||
yum:
|
yum:
|
||||||
|
@ -1,3 +1,4 @@
|
|||||||
|
---
|
||||||
# This will contain a list of enabled services that the playbook is managing.
|
# This will contain a list of enabled services that the playbook is managing.
|
||||||
# Each component is expected to append its service name to this list.
|
# Each component is expected to append its service name to this list.
|
||||||
matrix_systemd_services_list: []
|
matrix_systemd_services_list: []
|
||||||
|
@ -1,3 +1,4 @@
|
|||||||
|
---
|
||||||
# Go-NEB is a Matrix bot written in Go. It is the successor to Matrix-NEB, the original Matrix bot written in Python.
|
# Go-NEB is a Matrix bot written in Go. It is the successor to Matrix-NEB, the original Matrix bot written in Python.
|
||||||
# See: https://github.com/matrix-org/go-neb
|
# See: https://github.com/matrix-org/go-neb
|
||||||
|
|
||||||
@ -203,8 +204,8 @@ matrix_bot_go_neb_services: []
|
|||||||
# # Each room will get the notification with the alert rendered with the given template
|
# # Each room will get the notification with the alert rendered with the given template
|
||||||
# rooms:
|
# rooms:
|
||||||
# "!someroomid:domain.tld":
|
# "!someroomid:domain.tld":
|
||||||
# text_template: "{% raw %}{{range .Alerts -}} [{{ .Status }}] {{index .Labels \"alertname\" }}: {{index .Annotations \"description\"}} {{ end -}}{% endraw %}"
|
# text_template: "{% raw %}{{range .Alerts -}} [{{ .Status }}] {{index .Labels \"alertname\"}}: {{index .Annotations \"description\"}} {{ end -}}{% endraw %}"
|
||||||
# html_template: "{% raw %}{{range .Alerts -}} {{ $severity := index .Labels \"severity\" }} {{ if eq .Status \"firing\" }} {{ if eq $severity \"critical\"}} <font color='red'><b>[FIRING - CRITICAL]</b></font> {{ else if eq $severity \"warning\"}} <font color='orange'><b>[FIRING - WARNING]</b></font> {{ else }} <b>[FIRING - {{ $severity }}]</b> {{ end }} {{ else }} <font color='green'><b>[RESOLVED]</b></font> {{ end }} {{ index .Labels \"alertname\"}} : {{ index .Annotations \"description\"}} <a href=\"{{ .GeneratorURL }}\">source</a><br/>{{end -}}{% endraw %}"
|
# html_template: "{% raw %}{{range .Alerts -}} {{ $severity := index .Labels \"severity\"}} {{ if eq .Status \"firing\"}} {{ if eq $severity \"critical\"}} <font color='red'><b>[FIRING - CRITICAL]</b></font> {{ else if eq $severity \"warning\"}} <font color='orange'><b>[FIRING - WARNING]</b></font> {{ else }} <b>[FIRING - {{ $severity }}]</b> {{ end }} {{ else }} <font color='green'><b>[RESOLVED]</b></font> {{ end }} {{ index .Labels \"alertname\"}} : {{ index .Annotations \"description\"}} <a href=\"{{ .GeneratorURL }}\">source</a><br/>{{end -}}{% endraw %}"
|
||||||
# msg_type: "m.text" # Must be either `m.text` or `m.notice`
|
# msg_type: "m.text" # Must be either `m.text` or `m.notice`
|
||||||
|
|
||||||
# Default configuration template which covers the generic use case.
|
# Default configuration template which covers the generic use case.
|
||||||
@ -228,4 +229,3 @@ matrix_bot_go_neb_configuration_extension: "{{ matrix_bot_go_neb_configuration_e
|
|||||||
# Holds the final configuration (a combination of the default and its extension).
|
# Holds the final configuration (a combination of the default and its extension).
|
||||||
# You most likely don't need to touch this variable. Instead, see `matrix_bot_go_neb_configuration_yaml`.
|
# You most likely don't need to touch this variable. Instead, see `matrix_bot_go_neb_configuration_yaml`.
|
||||||
matrix_bot_go_neb_configuration: "{{ matrix_bot_go_neb_configuration_yaml|from_yaml|combine(matrix_bot_go_neb_configuration_extension, recursive=True) }}"
|
matrix_bot_go_neb_configuration: "{{ matrix_bot_go_neb_configuration_yaml|from_yaml|combine(matrix_bot_go_neb_configuration_extension, recursive=True) }}"
|
||||||
|
|
||||||
|
@ -1,3 +1,5 @@
|
|||||||
|
---
|
||||||
|
|
||||||
- set_fact:
|
- set_fact:
|
||||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-go-neb.service'] }}"
|
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-go-neb.service'] }}"
|
||||||
when: matrix_bot_go_neb_enabled|bool
|
when: matrix_bot_go_neb_enabled|bool
|
||||||
|
@ -1,3 +1,5 @@
|
|||||||
|
---
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||||
tags:
|
tags:
|
||||||
- always
|
- always
|
||||||
|
@ -11,9 +11,9 @@
|
|||||||
owner: "{{ matrix_user_username }}"
|
owner: "{{ matrix_user_username }}"
|
||||||
group: "{{ matrix_user_groupname }}"
|
group: "{{ matrix_user_groupname }}"
|
||||||
with_items:
|
with_items:
|
||||||
- { path: "{{ matrix_bot_go_neb_config_path }}", when: true }
|
- {path: "{{ matrix_bot_go_neb_config_path }}", when: true}
|
||||||
- { path: "{{ matrix_bot_go_neb_data_path }}", when: true }
|
- {path: "{{ matrix_bot_go_neb_data_path }}", when: true}
|
||||||
- { path: "{{ matrix_bot_go_neb_data_store_path }}", when: true }
|
- {path: "{{ matrix_bot_go_neb_data_store_path }}", when: true}
|
||||||
when: "item.when|bool"
|
when: "item.when|bool"
|
||||||
|
|
||||||
- name: Ensure go-neb image is pulled
|
- name: Ensure go-neb image is pulled
|
||||||
@ -40,7 +40,7 @@
|
|||||||
|
|
||||||
- name: Ensure systemd reloaded after matrix-bot-go-neb.service installation
|
- name: Ensure systemd reloaded after matrix-bot-go-neb.service installation
|
||||||
service:
|
service:
|
||||||
daemon_reload: yes
|
daemon_reload: true
|
||||||
when: "matrix_bot_go_neb_systemd_service_result.changed|bool"
|
when: "matrix_bot_go_neb_systemd_service_result.changed|bool"
|
||||||
|
|
||||||
- name: Ensure matrix-bot-go-neb.service restarted, if necessary
|
- name: Ensure matrix-bot-go-neb.service restarted, if necessary
|
||||||
|
@ -9,8 +9,8 @@
|
|||||||
service:
|
service:
|
||||||
name: matrix-bot-go-neb
|
name: matrix-bot-go-neb
|
||||||
state: stopped
|
state: stopped
|
||||||
enabled: no
|
enabled: false
|
||||||
daemon_reload: yes
|
daemon_reload: true
|
||||||
register: stopping_result
|
register: stopping_result
|
||||||
when: "matrix_bot_go_neb_service_stat.stat.exists|bool"
|
when: "matrix_bot_go_neb_service_stat.stat.exists|bool"
|
||||||
|
|
||||||
@ -22,7 +22,7 @@
|
|||||||
|
|
||||||
- name: Ensure systemd reloaded after matrix-bot-go-neb.service removal
|
- name: Ensure systemd reloaded after matrix-bot-go-neb.service removal
|
||||||
service:
|
service:
|
||||||
daemon_reload: yes
|
daemon_reload: true
|
||||||
when: "matrix_bot_go_neb_service_stat.stat.exists|bool"
|
when: "matrix_bot_go_neb_service_stat.stat.exists|bool"
|
||||||
|
|
||||||
- name: Ensure Matrix go-neb paths don't exist
|
- name: Ensure Matrix go-neb paths don't exist
|
||||||
|
@ -1,3 +1,4 @@
|
|||||||
|
---
|
||||||
# honoroit is a helpdesk bot
|
# honoroit is a helpdesk bot
|
||||||
# See: https://gitlab.com/etke.cc/honoroit
|
# See: https://gitlab.com/etke.cc/honoroit
|
||||||
|
|
||||||
|
@ -1,3 +1,5 @@
|
|||||||
|
---
|
||||||
|
|
||||||
- set_fact:
|
- set_fact:
|
||||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-honoroit.service'] }}"
|
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-honoroit.service'] }}"
|
||||||
when: matrix_bot_honoroit_enabled|bool
|
when: matrix_bot_honoroit_enabled|bool
|
||||||
|
@ -1,3 +1,5 @@
|
|||||||
|
---
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||||
tags:
|
tags:
|
||||||
- always
|
- always
|
||||||
|
@ -33,10 +33,10 @@
|
|||||||
owner: "{{ matrix_user_username }}"
|
owner: "{{ matrix_user_username }}"
|
||||||
group: "{{ matrix_user_groupname }}"
|
group: "{{ matrix_user_groupname }}"
|
||||||
with_items:
|
with_items:
|
||||||
- { path: "{{ matrix_bot_honoroit_config_path }}", when: true }
|
- {path: "{{ matrix_bot_honoroit_config_path }}", when: true}
|
||||||
- { path: "{{ matrix_bot_honoroit_data_path }}", when: true }
|
- {path: "{{ matrix_bot_honoroit_data_path }}", when: true}
|
||||||
- { path: "{{ matrix_bot_honoroit_data_store_path }}", when: true }
|
- {path: "{{ matrix_bot_honoroit_data_store_path }}", when: true}
|
||||||
- { path: "{{ matrix_bot_honoroit_docker_src_files_path }}", when: true}
|
- {path: "{{ matrix_bot_honoroit_docker_src_files_path }}", when: true}
|
||||||
when: "item.when|bool"
|
when: "item.when|bool"
|
||||||
|
|
||||||
- name: Ensure honoroit environment variables file created
|
- name: Ensure honoroit environment variables file created
|
||||||
@ -70,7 +70,7 @@
|
|||||||
build:
|
build:
|
||||||
dockerfile: Dockerfile
|
dockerfile: Dockerfile
|
||||||
path: "{{ matrix_bot_honoroit_docker_src_files_path }}"
|
path: "{{ matrix_bot_honoroit_docker_src_files_path }}"
|
||||||
pull: yes
|
pull: true
|
||||||
when: "matrix_bot_honoroit_container_image_self_build|bool"
|
when: "matrix_bot_honoroit_container_image_self_build|bool"
|
||||||
|
|
||||||
- name: Ensure matrix-bot-honoroit.service installed
|
- name: Ensure matrix-bot-honoroit.service installed
|
||||||
@ -82,7 +82,7 @@
|
|||||||
|
|
||||||
- name: Ensure systemd reloaded after matrix-bot-honoroit.service installation
|
- name: Ensure systemd reloaded after matrix-bot-honoroit.service installation
|
||||||
service:
|
service:
|
||||||
daemon_reload: yes
|
daemon_reload: true
|
||||||
when: "matrix_bot_honoroit_systemd_service_result.changed|bool"
|
when: "matrix_bot_honoroit_systemd_service_result.changed|bool"
|
||||||
|
|
||||||
- name: Ensure matrix-bot-honoroit.service restarted, if necessary
|
- name: Ensure matrix-bot-honoroit.service restarted, if necessary
|
||||||
|
@ -9,8 +9,8 @@
|
|||||||
service:
|
service:
|
||||||
name: matrix-bot-honoroit
|
name: matrix-bot-honoroit
|
||||||
state: stopped
|
state: stopped
|
||||||
enabled: no
|
enabled: false
|
||||||
daemon_reload: yes
|
daemon_reload: true
|
||||||
register: stopping_result
|
register: stopping_result
|
||||||
when: "matrix_bot_honoroit_service_stat.stat.exists|bool"
|
when: "matrix_bot_honoroit_service_stat.stat.exists|bool"
|
||||||
|
|
||||||
@ -22,7 +22,7 @@
|
|||||||
|
|
||||||
- name: Ensure systemd reloaded after matrix-bot-honoroit.service removal
|
- name: Ensure systemd reloaded after matrix-bot-honoroit.service removal
|
||||||
service:
|
service:
|
||||||
daemon_reload: yes
|
daemon_reload: true
|
||||||
when: "matrix_bot_honoroit_service_stat.stat.exists|bool"
|
when: "matrix_bot_honoroit_service_stat.stat.exists|bool"
|
||||||
|
|
||||||
- name: Ensure Matrix honoroit paths don't exist
|
- name: Ensure Matrix honoroit paths don't exist
|
||||||
|
@ -1,3 +1,4 @@
|
|||||||
|
---
|
||||||
# matrix-reminder-bot is a bot for one-off and recurring reminders
|
# matrix-reminder-bot is a bot for one-off and recurring reminders
|
||||||
# See: https://github.com/anoadragon453/matrix-reminder-bot
|
# See: https://github.com/anoadragon453/matrix-reminder-bot
|
||||||
|
|
||||||
|
@ -1,3 +1,5 @@
|
|||||||
|
---
|
||||||
|
|
||||||
- set_fact:
|
- set_fact:
|
||||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-matrix-reminder-bot.service'] }}"
|
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-matrix-reminder-bot.service'] }}"
|
||||||
when: matrix_bot_matrix_reminder_bot_enabled|bool
|
when: matrix_bot_matrix_reminder_bot_enabled|bool
|
||||||
|
@ -1,3 +1,5 @@
|
|||||||
|
---
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||||
tags:
|
tags:
|
||||||
- always
|
- always
|
||||||
|
@ -34,10 +34,10 @@
|
|||||||
owner: "{{ matrix_user_username }}"
|
owner: "{{ matrix_user_username }}"
|
||||||
group: "{{ matrix_user_groupname }}"
|
group: "{{ matrix_user_groupname }}"
|
||||||
with_items:
|
with_items:
|
||||||
- { path: "{{ matrix_bot_matrix_reminder_bot_config_path }}", when: true }
|
- {path: "{{ matrix_bot_matrix_reminder_bot_config_path }}", when: true}
|
||||||
- { path: "{{ matrix_bot_matrix_reminder_bot_data_path }}", when: true }
|
- {path: "{{ matrix_bot_matrix_reminder_bot_data_path }}", when: true}
|
||||||
- { path: "{{ matrix_bot_matrix_reminder_bot_data_store_path }}", when: true }
|
- {path: "{{ matrix_bot_matrix_reminder_bot_data_store_path }}", when: true}
|
||||||
- { path: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}", when: true}
|
- {path: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}", when: true}
|
||||||
when: "item.when|bool"
|
when: "item.when|bool"
|
||||||
|
|
||||||
- name: Ensure matrix-reminder-bot image is pulled
|
- name: Ensure matrix-reminder-bot image is pulled
|
||||||
@ -65,7 +65,7 @@
|
|||||||
build:
|
build:
|
||||||
dockerfile: docker/Dockerfile
|
dockerfile: docker/Dockerfile
|
||||||
path: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}"
|
path: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}"
|
||||||
pull: yes
|
pull: true
|
||||||
when: "matrix_bot_matrix_reminder_bot_container_image_self_build|bool"
|
when: "matrix_bot_matrix_reminder_bot_container_image_self_build|bool"
|
||||||
|
|
||||||
- name: Ensure matrix-reminder-bot config installed
|
- name: Ensure matrix-reminder-bot config installed
|
||||||
@ -85,7 +85,7 @@
|
|||||||
|
|
||||||
- name: Ensure systemd reloaded after matrix-bot-matrix-reminder-bot.service installation
|
- name: Ensure systemd reloaded after matrix-bot-matrix-reminder-bot.service installation
|
||||||
service:
|
service:
|
||||||
daemon_reload: yes
|
daemon_reload: true
|
||||||
when: "matrix_bot_matrix_reminder_bot_systemd_service_result.changed|bool"
|
when: "matrix_bot_matrix_reminder_bot_systemd_service_result.changed|bool"
|
||||||
|
|
||||||
- name: Ensure matrix-bot-matrix-reminder-bot.service restarted, if necessary
|
- name: Ensure matrix-bot-matrix-reminder-bot.service restarted, if necessary
|
||||||
|
@ -9,8 +9,8 @@
|
|||||||
service:
|
service:
|
||||||
name: matrix-bot-matrix-reminder-bot
|
name: matrix-bot-matrix-reminder-bot
|
||||||
state: stopped
|
state: stopped
|
||||||
enabled: no
|
enabled: false
|
||||||
daemon_reload: yes
|
daemon_reload: true
|
||||||
register: stopping_result
|
register: stopping_result
|
||||||
when: "matrix_bot_matrix_reminder_bot_service_stat.stat.exists|bool"
|
when: "matrix_bot_matrix_reminder_bot_service_stat.stat.exists|bool"
|
||||||
|
|
||||||
@ -22,7 +22,7 @@
|
|||||||
|
|
||||||
- name: Ensure systemd reloaded after matrix-bot-matrix-reminder-bot.service removal
|
- name: Ensure systemd reloaded after matrix-bot-matrix-reminder-bot.service removal
|
||||||
service:
|
service:
|
||||||
daemon_reload: yes
|
daemon_reload: true
|
||||||
when: "matrix_bot_matrix_reminder_bot_service_stat.stat.exists|bool"
|
when: "matrix_bot_matrix_reminder_bot_service_stat.stat.exists|bool"
|
||||||
|
|
||||||
- name: Ensure Matrix matrix-reminder-bot paths don't exist
|
- name: Ensure Matrix matrix-reminder-bot paths don't exist
|
||||||
|
@ -1,3 +1,4 @@
|
|||||||
|
---
|
||||||
# A moderation tool for Matrix
|
# A moderation tool for Matrix
|
||||||
# See: https://github.com/matrix-org/mjolnir
|
# See: https://github.com/matrix-org/mjolnir
|
||||||
|
|
||||||
@ -56,4 +57,3 @@ matrix_bot_mjolnir_configuration_extension: "{{ matrix_bot_mjolnir_configuration
|
|||||||
# Holds the final configuration (a combination of the default and its extension).
|
# Holds the final configuration (a combination of the default and its extension).
|
||||||
# You most likely don't need to touch this variable. Instead, see `matrix_bot_mjolnir_configuration_yaml`.
|
# You most likely don't need to touch this variable. Instead, see `matrix_bot_mjolnir_configuration_yaml`.
|
||||||
matrix_bot_mjolnir_configuration: "{{ matrix_bot_mjolnir_configuration_yaml|from_yaml|combine(matrix_bot_mjolnir_configuration_extension, recursive=True) }}"
|
matrix_bot_mjolnir_configuration: "{{ matrix_bot_mjolnir_configuration_yaml|from_yaml|combine(matrix_bot_mjolnir_configuration_extension, recursive=True) }}"
|
||||||
|
|
||||||
|
@ -1,3 +1,4 @@
|
|||||||
|
---
|
||||||
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
|
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
|
||||||
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
|
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
|
||||||
- name: Fail if trying to self-build on Ansible < 2.8
|
- name: Fail if trying to self-build on Ansible < 2.8
|
||||||
|
@ -1,3 +1,5 @@
|
|||||||
|
---
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||||
tags:
|
tags:
|
||||||
- always
|
- always
|
||||||
|
@ -11,10 +11,10 @@
|
|||||||
owner: "{{ matrix_user_username }}"
|
owner: "{{ matrix_user_username }}"
|
||||||
group: "{{ matrix_user_groupname }}"
|
group: "{{ matrix_user_groupname }}"
|
||||||
with_items:
|
with_items:
|
||||||
- { path: "{{ matrix_bot_mjolnir_base_path }}", when: true }
|
- {path: "{{ matrix_bot_mjolnir_base_path }}", when: true}
|
||||||
- { path: "{{ matrix_bot_mjolnir_config_path }}", when: true }
|
- {path: "{{ matrix_bot_mjolnir_config_path }}", when: true}
|
||||||
- { path: "{{ matrix_bot_mjolnir_data_path }}", when: true }
|
- {path: "{{ matrix_bot_mjolnir_data_path }}", when: true}
|
||||||
- { path: "{{ matrix_bot_mjolnir_docker_src_files_path }}", when: "{{ matrix_bot_mjolnir_container_image_self_build }}" }
|
- {path: "{{ matrix_bot_mjolnir_docker_src_files_path }}", when: "{{ matrix_bot_mjolnir_container_image_self_build }}"}
|
||||||
when: "item.when|bool"
|
when: "item.when|bool"
|
||||||
|
|
||||||
- name: Ensure mjolnir Docker image is pulled
|
- name: Ensure mjolnir Docker image is pulled
|
||||||
@ -42,7 +42,7 @@
|
|||||||
build:
|
build:
|
||||||
dockerfile: Dockerfile
|
dockerfile: Dockerfile
|
||||||
path: "{{ matrix_bot_mjolnir_docker_src_files_path }}"
|
path: "{{ matrix_bot_mjolnir_docker_src_files_path }}"
|
||||||
pull: yes
|
pull: true
|
||||||
when: "matrix_bot_mjolnir_container_image_self_build|bool"
|
when: "matrix_bot_mjolnir_container_image_self_build|bool"
|
||||||
|
|
||||||
- name: Ensure matrix-bot-mjolnir config installed
|
- name: Ensure matrix-bot-mjolnir config installed
|
||||||
@ -62,7 +62,7 @@
|
|||||||
|
|
||||||
- name: Ensure systemd reloaded after matrix-bot-mjolnir.service installation
|
- name: Ensure systemd reloaded after matrix-bot-mjolnir.service installation
|
||||||
service:
|
service:
|
||||||
daemon_reload: yes
|
daemon_reload: true
|
||||||
when: "matrix_bot_mjolnir_systemd_service_result.changed|bool"
|
when: "matrix_bot_mjolnir_systemd_service_result.changed|bool"
|
||||||
|
|
||||||
- name: Ensure matrix-bot-mjolnir.service restarted, if necessary
|
- name: Ensure matrix-bot-mjolnir.service restarted, if necessary
|
||||||
|
@ -9,8 +9,8 @@
|
|||||||
service:
|
service:
|
||||||
name: matrix-bot-mjolnir
|
name: matrix-bot-mjolnir
|
||||||
state: stopped
|
state: stopped
|
||||||
enabled: no
|
enabled: false
|
||||||
daemon_reload: yes
|
daemon_reload: true
|
||||||
register: stopping_result
|
register: stopping_result
|
||||||
when: "matrix_bot_mjolnir_service_stat.stat.exists|bool"
|
when: "matrix_bot_mjolnir_service_stat.stat.exists|bool"
|
||||||
|
|
||||||
@ -22,7 +22,7 @@
|
|||||||
|
|
||||||
- name: Ensure systemd reloaded after matrix-bot-mjolnir.service removal
|
- name: Ensure systemd reloaded after matrix-bot-mjolnir.service removal
|
||||||
service:
|
service:
|
||||||
daemon_reload: yes
|
daemon_reload: true
|
||||||
when: "matrix_bot_mjolnir_service_stat.stat.exists|bool"
|
when: "matrix_bot_mjolnir_service_stat.stat.exists|bool"
|
||||||
|
|
||||||
- name: Ensure matrix-bot-mjolnir paths don't exist
|
- name: Ensure matrix-bot-mjolnir paths don't exist
|
||||||
|
@ -1,3 +1,4 @@
|
|||||||
|
---
|
||||||
# matrix-appservice-discord is a Matrix <-> Discord bridge
|
# matrix-appservice-discord is a Matrix <-> Discord bridge
|
||||||
# See: https://github.com/Half-Shot/matrix-appservice-discord
|
# See: https://github.com/Half-Shot/matrix-appservice-discord
|
||||||
|
|
||||||
|
@ -1,3 +1,4 @@
|
|||||||
|
---
|
||||||
# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
|
# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
|
||||||
# We don't want to fail in such cases.
|
# We don't want to fail in such cases.
|
||||||
- name: Fail if matrix-synapse role already executed
|
- name: Fail if matrix-synapse role already executed
|
||||||
|
@ -1,3 +1,5 @@
|
|||||||
|
---
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||||
tags:
|
tags:
|
||||||
- always
|
- always
|
||||||
|
@ -54,8 +54,8 @@
|
|||||||
service:
|
service:
|
||||||
name: matrix-appservice-discord
|
name: matrix-appservice-discord
|
||||||
state: stopped
|
state: stopped
|
||||||
enabled: no
|
enabled: false
|
||||||
daemon_reload: yes
|
daemon_reload: true
|
||||||
failed_when: false
|
failed_when: false
|
||||||
when: "matrix_appservice_discord_stat_db.stat.exists"
|
when: "matrix_appservice_discord_stat_db.stat.exists"
|
||||||
|
|
||||||
@ -105,7 +105,7 @@
|
|||||||
|
|
||||||
- name: Ensure systemd reloaded after matrix-appservice-discord.service installation
|
- name: Ensure systemd reloaded after matrix-appservice-discord.service installation
|
||||||
service:
|
service:
|
||||||
daemon_reload: yes
|
daemon_reload: true
|
||||||
when: "matrix_appservice_discord_systemd_service_result.changed"
|
when: "matrix_appservice_discord_systemd_service_result.changed"
|
||||||
|
|
||||||
- name: Ensure matrix-appservice-discord.service restarted, if necessary
|
- name: Ensure matrix-appservice-discord.service restarted, if necessary
|
||||||
|
@ -9,8 +9,8 @@
|
|||||||
service:
|
service:
|
||||||
name: matrix-appservice-discord
|
name: matrix-appservice-discord
|
||||||
state: stopped
|
state: stopped
|
||||||
enabled: no
|
enabled: false
|
||||||
daemon_reload: yes
|
daemon_reload: true
|
||||||
when: "matrix_appservice_discord_service_stat.stat.exists"
|
when: "matrix_appservice_discord_service_stat.stat.exists"
|
||||||
|
|
||||||
- name: Ensure matrix-appservice-discord.service doesn't exist
|
- name: Ensure matrix-appservice-discord.service doesn't exist
|
||||||
@ -21,5 +21,5 @@
|
|||||||
|
|
||||||
- name: Ensure systemd reloaded after matrix-appservice-discord.service removal
|
- name: Ensure systemd reloaded after matrix-appservice-discord.service removal
|
||||||
service:
|
service:
|
||||||
daemon_reload: yes
|
daemon_reload: true
|
||||||
when: "matrix_appservice_discord_service_stat.stat.exists"
|
when: "matrix_appservice_discord_service_stat.stat.exists"
|
||||||
|
@ -1,3 +1,4 @@
|
|||||||
|
---
|
||||||
# Matrix Appservice IRC is a Matrix <-> IRC bridge
|
# Matrix Appservice IRC is a Matrix <-> IRC bridge
|
||||||
# See: https://github.com/matrix-org/matrix-appservice-irc
|
# See: https://github.com/matrix-org/matrix-appservice-irc
|
||||||
|
|
||||||
|
@ -1,3 +1,4 @@
|
|||||||
|
---
|
||||||
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
|
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
|
||||||
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
|
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
|
||||||
- name: Fail if trying to self-build on Ansible < 2.8
|
- name: Fail if trying to self-build on Ansible < 2.8
|
||||||
|
@ -1,3 +1,5 @@
|
|||||||
|
---
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||||
tags:
|
tags:
|
||||||
- always
|
- always
|
||||||
|
@ -1,3 +1,5 @@
|
|||||||
|
---
|
||||||
|
|
||||||
- name: Fail if Postgres not enabled
|
- name: Fail if Postgres not enabled
|
||||||
fail:
|
fail:
|
||||||
msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot migrate."
|
msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot migrate."
|
||||||
@ -16,7 +18,7 @@
|
|||||||
service:
|
service:
|
||||||
name: matrix-postgres
|
name: matrix-postgres
|
||||||
state: started
|
state: started
|
||||||
daemon_reload: yes
|
daemon_reload: true
|
||||||
register: matrix_postgres_service_start_result
|
register: matrix_postgres_service_start_result
|
||||||
|
|
||||||
- name: Wait a bit, so that Postgres can start
|
- name: Wait a bit, so that Postgres can start
|
||||||
|
@ -10,10 +10,10 @@
|
|||||||
owner: "{{ matrix_user_username }}"
|
owner: "{{ matrix_user_username }}"
|
||||||
group: "{{ matrix_user_groupname }}"
|
group: "{{ matrix_user_groupname }}"
|
||||||
with_items:
|
with_items:
|
||||||
- { path: "{{ matrix_appservice_irc_base_path }}", when: true }
|
- {path: "{{ matrix_appservice_irc_base_path }}", when: true}
|
||||||
- { path: "{{ matrix_appservice_irc_config_path }}", when: true }
|
- {path: "{{ matrix_appservice_irc_config_path }}", when: true}
|
||||||
- { path: "{{ matrix_appservice_irc_data_path }}", when: true }
|
- {path: "{{ matrix_appservice_irc_data_path }}", when: true}
|
||||||
- { path: "{{ matrix_appservice_irc_docker_src_files_path }}", when: "{{ matrix_appservice_irc_container_image_self_build }}" }
|
- {path: "{{ matrix_appservice_irc_docker_src_files_path }}", when: "{{ matrix_appservice_irc_container_image_self_build }}"}
|
||||||
when: item.when|bool
|
when: item.when|bool
|
||||||
|
|
||||||
- name: Check if an old passkey file already exists
|
- name: Check if an old passkey file already exists
|
||||||
@ -26,7 +26,7 @@
|
|||||||
service:
|
service:
|
||||||
name: matrix-appservice-irc
|
name: matrix-appservice-irc
|
||||||
state: stopped
|
state: stopped
|
||||||
daemon_reload: yes
|
daemon_reload: true
|
||||||
failed_when: false
|
failed_when: false
|
||||||
|
|
||||||
- name: (Data relocation) Move AppService IRC passkey.pem file to ./data directory
|
- name: (Data relocation) Move AppService IRC passkey.pem file to ./data directory
|
||||||
@ -82,7 +82,7 @@
|
|||||||
build:
|
build:
|
||||||
dockerfile: Dockerfile
|
dockerfile: Dockerfile
|
||||||
path: "{{ matrix_appservice_irc_docker_src_files_path }}"
|
path: "{{ matrix_appservice_irc_docker_src_files_path }}"
|
||||||
pull: yes
|
pull: true
|
||||||
when: "matrix_appservice_irc_enabled|bool and matrix_appservice_irc_container_image_self_build|bool and matrix_appservice_irc_git_pull_results.changed"
|
when: "matrix_appservice_irc_enabled|bool and matrix_appservice_irc_container_image_self_build|bool and matrix_appservice_irc_git_pull_results.changed"
|
||||||
|
|
||||||
- name: Ensure Matrix Appservice IRC config installed
|
- name: Ensure Matrix Appservice IRC config installed
|
||||||
@ -186,7 +186,7 @@
|
|||||||
|
|
||||||
- name: Ensure systemd reloaded after matrix-appservice-irc.service installation
|
- name: Ensure systemd reloaded after matrix-appservice-irc.service installation
|
||||||
service:
|
service:
|
||||||
daemon_reload: yes
|
daemon_reload: true
|
||||||
when: "matrix_appservice_irc_systemd_service_result.changed"
|
when: "matrix_appservice_irc_systemd_service_result.changed"
|
||||||
|
|
||||||
- name: Ensure matrix-appservice-irc.service restarted, if necessary
|
- name: Ensure matrix-appservice-irc.service restarted, if necessary
|
||||||
|
@ -9,8 +9,8 @@
|
|||||||
service:
|
service:
|
||||||
name: matrix-appservice-irc
|
name: matrix-appservice-irc
|
||||||
state: stopped
|
state: stopped
|
||||||
enabled: no
|
enabled: false
|
||||||
daemon_reload: yes
|
daemon_reload: true
|
||||||
when: "matrix_appservice_irc_service_stat.stat.exists"
|
when: "matrix_appservice_irc_service_stat.stat.exists"
|
||||||
|
|
||||||
- name: Ensure matrix-appservice-irc.service doesn't exist
|
- name: Ensure matrix-appservice-irc.service doesn't exist
|
||||||
@ -21,5 +21,5 @@
|
|||||||
|
|
||||||
- name: Ensure systemd reloaded after matrix-appservice-irc.service removal
|
- name: Ensure systemd reloaded after matrix-appservice-irc.service removal
|
||||||
service:
|
service:
|
||||||
daemon_reload: yes
|
daemon_reload: true
|
||||||
when: "matrix_appservice_irc_service_stat.stat.exists"
|
when: "matrix_appservice_irc_service_stat.stat.exists"
|
||||||
|
@ -1,3 +1,4 @@
|
|||||||
|
---
|
||||||
# matrix-appservice-slack is a Matrix <-> Slack bridge
|
# matrix-appservice-slack is a Matrix <-> Slack bridge
|
||||||
# See: https://github.com/matrix-org/matrix-appservice-slack
|
# See: https://github.com/matrix-org/matrix-appservice-slack
|
||||||
|
|
||||||
|
@ -1,3 +1,4 @@
|
|||||||
|
---
|
||||||
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
|
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
|
||||||
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
|
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
|
||||||
- name: Fail if trying to self-build on Ansible < 2.8
|
- name: Fail if trying to self-build on Ansible < 2.8
|
||||||
@ -39,40 +40,40 @@
|
|||||||
when: "matrix_synapse_role_executed|default(False)"
|
when: "matrix_synapse_role_executed|default(False)"
|
||||||
|
|
||||||
- block:
|
- block:
|
||||||
- name: Fail if matrix-nginx-proxy role already executed
|
- name: Fail if matrix-nginx-proxy role already executed
|
||||||
fail:
|
fail:
|
||||||
msg: >-
|
msg: >-
|
||||||
Trying to append Slack Appservice's reverse-proxying configuration to matrix-nginx-proxy,
|
Trying to append Slack Appservice's reverse-proxying configuration to matrix-nginx-proxy,
|
||||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
but it's pointless since the matrix-nginx-proxy role had already executed.
|
||||||
To fix this, please change the order of roles in your playbook,
|
To fix this, please change the order of roles in your playbook,
|
||||||
so that the matrix-nginx-proxy role would run after the matrix-bridge-appservice-slack role.
|
so that the matrix-nginx-proxy role would run after the matrix-bridge-appservice-slack role.
|
||||||
when: matrix_nginx_proxy_role_executed|default(False)|bool
|
when: matrix_nginx_proxy_role_executed|default(False)|bool
|
||||||
|
|
||||||
- name: Generate Matrix Appservice Slack proxying configuration for matrix-nginx-proxy
|
- name: Generate Matrix Appservice Slack proxying configuration for matrix-nginx-proxy
|
||||||
set_fact:
|
set_fact:
|
||||||
matrix_appservice_slack_matrix_nginx_proxy_configuration: |
|
matrix_appservice_slack_matrix_nginx_proxy_configuration: |
|
||||||
location {{ matrix_appservice_slack_public_endpoint }} {
|
location {{ matrix_appservice_slack_public_endpoint }} {
|
||||||
{% if matrix_nginx_proxy_enabled|default(False) %}
|
{% if matrix_nginx_proxy_enabled|default(False) %}
|
||||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||||
resolver 127.0.0.11 valid=5s;
|
resolver 127.0.0.11 valid=5s;
|
||||||
set $backend "{{ matrix_appservice_slack_appservice_url }}:{{ matrix_appservice_slack_slack_port }}";
|
set $backend "{{ matrix_appservice_slack_appservice_url }}:{{ matrix_appservice_slack_slack_port }}";
|
||||||
proxy_pass $backend;
|
proxy_pass $backend;
|
||||||
{% else %}
|
{% else %}
|
||||||
{# Generic configuration for use outside of our container setup #}
|
{# Generic configuration for use outside of our container setup #}
|
||||||
proxy_pass http://127.0.0.1:{{ matrix_appservice_slack_slack_port }};
|
proxy_pass http://127.0.0.1:{{ matrix_appservice_slack_slack_port }};
|
||||||
{% endif %}
|
{% endif %}
|
||||||
}
|
}
|
||||||
|
|
||||||
- name: Register Slack Appservice proxying configuration with matrix-nginx-proxy
|
- name: Register Slack Appservice proxying configuration with matrix-nginx-proxy
|
||||||
set_fact:
|
set_fact:
|
||||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
|
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
|
||||||
{{
|
{{
|
||||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
|
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
|
||||||
+
|
+
|
||||||
[matrix_appservice_slack_matrix_nginx_proxy_configuration]
|
[matrix_appservice_slack_matrix_nginx_proxy_configuration]
|
||||||
}}
|
}}
|
||||||
tags:
|
tags:
|
||||||
- always
|
- always
|
||||||
when: matrix_appservice_slack_enabled|bool
|
when: matrix_appservice_slack_enabled|bool
|
||||||
|
|
||||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||||
|
@ -1,3 +1,5 @@
|
|||||||
|
---
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||||
tags:
|
tags:
|
||||||
- always
|
- always
|
||||||
|
@ -1,3 +1,5 @@
|
|||||||
|
---
|
||||||
|
|
||||||
- name: Fail if Postgres not enabled
|
- name: Fail if Postgres not enabled
|
||||||
fail:
|
fail:
|
||||||
msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot migrate."
|
msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot migrate."
|
||||||
@ -16,7 +18,7 @@
|
|||||||
service:
|
service:
|
||||||
name: matrix-postgres
|
name: matrix-postgres
|
||||||
state: started
|
state: started
|
||||||
daemon_reload: yes
|
daemon_reload: true
|
||||||
register: matrix_postgres_service_start_result
|
register: matrix_postgres_service_start_result
|
||||||
|
|
||||||
- name: Wait a bit, so that Postgres can start
|
- name: Wait a bit, so that Postgres can start
|
||||||
|
@ -8,10 +8,10 @@
|
|||||||
owner: "{{ matrix_user_username }}"
|
owner: "{{ matrix_user_username }}"
|
||||||
group: "{{ matrix_user_groupname }}"
|
group: "{{ matrix_user_groupname }}"
|
||||||
with_items:
|
with_items:
|
||||||
- { path: "{{ matrix_appservice_slack_base_path }}", when: true }
|
- {path: "{{ matrix_appservice_slack_base_path }}", when: true}
|
||||||
- { path: "{{ matrix_appservice_slack_config_path }}", when: true }
|
- {path: "{{ matrix_appservice_slack_config_path }}", when: true}
|
||||||
- { path: "{{ matrix_appservice_slack_data_path }}", when: true }
|
- {path: "{{ matrix_appservice_slack_data_path }}", when: true}
|
||||||
- { path: "{{ matrix_appservice_slack_docker_src_files_path }}", when: "{{ matrix_appservice_slack_container_image_self_build }}" }
|
- {path: "{{ matrix_appservice_slack_docker_src_files_path }}", when: "{{ matrix_appservice_slack_container_image_self_build }}"}
|
||||||
when: item.when|bool
|
when: item.when|bool
|
||||||
|
|
||||||
- set_fact:
|
- set_fact:
|
||||||
@ -56,7 +56,7 @@
|
|||||||
build:
|
build:
|
||||||
dockerfile: Dockerfile
|
dockerfile: Dockerfile
|
||||||
path: "{{ matrix_appservice_slack_docker_src_files_path }}"
|
path: "{{ matrix_appservice_slack_docker_src_files_path }}"
|
||||||
pull: yes
|
pull: true
|
||||||
when: "matrix_appservice_slack_container_image_self_build|bool and matrix_appservice_slack_git_pull_results.changed"
|
when: "matrix_appservice_slack_container_image_self_build|bool and matrix_appservice_slack_git_pull_results.changed"
|
||||||
|
|
||||||
- name: Ensure Matrix Appservice Slack config installed
|
- name: Ensure Matrix Appservice Slack config installed
|
||||||
@ -84,7 +84,7 @@
|
|||||||
|
|
||||||
- name: Ensure systemd reloaded after matrix-appservice-slack.service installation
|
- name: Ensure systemd reloaded after matrix-appservice-slack.service installation
|
||||||
service:
|
service:
|
||||||
daemon_reload: yes
|
daemon_reload: true
|
||||||
when: "matrix_appservice_slack_systemd_service_result.changed"
|
when: "matrix_appservice_slack_systemd_service_result.changed"
|
||||||
|
|
||||||
- name: Ensure matrix-appservice-slack.service restarted, if necessary
|
- name: Ensure matrix-appservice-slack.service restarted, if necessary
|
||||||
|
@ -9,8 +9,8 @@
|
|||||||
service:
|
service:
|
||||||
name: matrix-appservice-slack
|
name: matrix-appservice-slack
|
||||||
state: stopped
|
state: stopped
|
||||||
enabled: no
|
enabled: false
|
||||||
daemon_reload: yes
|
daemon_reload: true
|
||||||
when: "matrix_appservice_slack_service_stat.stat.exists"
|
when: "matrix_appservice_slack_service_stat.stat.exists"
|
||||||
|
|
||||||
- name: Ensure matrix-appservice-slack.service doesn't exist
|
- name: Ensure matrix-appservice-slack.service doesn't exist
|
||||||
@ -21,5 +21,5 @@
|
|||||||
|
|
||||||
- name: Ensure systemd reloaded after matrix-appservice-slack.service removal
|
- name: Ensure systemd reloaded after matrix-appservice-slack.service removal
|
||||||
service:
|
service:
|
||||||
daemon_reload: yes
|
daemon_reload: true
|
||||||
when: "matrix_appservice_slack_service_stat.stat.exists"
|
when: "matrix_appservice_slack_service_stat.stat.exists"
|
||||||
|
@ -1,3 +1,4 @@
|
|||||||
|
---
|
||||||
# matrix-appservice-webhooks is a Matrix <-> webhook bridge
|
# matrix-appservice-webhooks is a Matrix <-> webhook bridge
|
||||||
# See: https://github.com/redoonetworks/matrix-appservice-webhooks
|
# See: https://github.com/redoonetworks/matrix-appservice-webhooks
|
||||||
|
|
||||||
|
@ -1,3 +1,4 @@
|
|||||||
|
---
|
||||||
# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
|
# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
|
||||||
# We don't want to fail in such cases.
|
# We don't want to fail in such cases.
|
||||||
- name: Fail if matrix-synapse role already executed
|
- name: Fail if matrix-synapse role already executed
|
||||||
@ -32,42 +33,42 @@
|
|||||||
when: "matrix_synapse_role_executed|default(False)"
|
when: "matrix_synapse_role_executed|default(False)"
|
||||||
|
|
||||||
- block:
|
- block:
|
||||||
- name: Fail if matrix-nginx-proxy role already executed
|
- name: Fail if matrix-nginx-proxy role already executed
|
||||||
fail:
|
fail:
|
||||||
msg: >-
|
msg: >-
|
||||||
Trying to append webhooks Appservice's reverse-proxying configuration to matrix-nginx-proxy,
|
Trying to append webhooks Appservice's reverse-proxying configuration to matrix-nginx-proxy,
|
||||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
but it's pointless since the matrix-nginx-proxy role had already executed.
|
||||||
To fix this, please change the order of roles in your playbook,
|
To fix this, please change the order of roles in your playbook,
|
||||||
so that the matrix-nginx-proxy role would run after the matrix-bridge-appservice-webhooks role.
|
so that the matrix-nginx-proxy role would run after the matrix-bridge-appservice-webhooks role.
|
||||||
when: matrix_nginx_proxy_role_executed|default(False)|bool
|
when: matrix_nginx_proxy_role_executed|default(False)|bool
|
||||||
|
|
||||||
- name: Generate Matrix Appservice webhooks proxying configuration for matrix-nginx-proxy
|
- name: Generate Matrix Appservice webhooks proxying configuration for matrix-nginx-proxy
|
||||||
set_fact:
|
set_fact:
|
||||||
matrix_appservice_webhooks_matrix_nginx_proxy_configuration: |
|
matrix_appservice_webhooks_matrix_nginx_proxy_configuration: |
|
||||||
{% if matrix_nginx_proxy_enabled|default(False) %}
|
{% if matrix_nginx_proxy_enabled|default(False) %}
|
||||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||||
location ~ ^{{ matrix_appservice_webhooks_public_endpoint }}/(.*)$ {
|
location ~ ^{{ matrix_appservice_webhooks_public_endpoint }}/(.*)$ {
|
||||||
resolver 127.0.0.11 valid=5s;
|
resolver 127.0.0.11 valid=5s;
|
||||||
set $backend "matrix-appservice-webhooks:{{ matrix_appservice_webhooks_matrix_port }}";
|
set $backend "matrix-appservice-webhooks:{{ matrix_appservice_webhooks_matrix_port }}";
|
||||||
proxy_pass http://$backend/$1;
|
proxy_pass http://$backend/$1;
|
||||||
}
|
}
|
||||||
{% else %}
|
{% else %}
|
||||||
{# Generic configuration for use outside of our container setup #}
|
{# Generic configuration for use outside of our container setup #}
|
||||||
location {{ matrix_appservice_webhooks_public_endpoint }}/ {
|
location {{ matrix_appservice_webhooks_public_endpoint }}/ {
|
||||||
proxy_pass http://127.0.0.1:{{ matrix_appservice_webhooks_matrix_port }}/;
|
proxy_pass http://127.0.0.1:{{ matrix_appservice_webhooks_matrix_port }}/;
|
||||||
}
|
}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
- name: Register webhooks Appservice proxying configuration with matrix-nginx-proxy
|
- name: Register webhooks Appservice proxying configuration with matrix-nginx-proxy
|
||||||
set_fact:
|
set_fact:
|
||||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
|
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
|
||||||
{{
|
{{
|
||||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
|
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
|
||||||
+
|
+
|
||||||
[matrix_appservice_webhooks_matrix_nginx_proxy_configuration]
|
[matrix_appservice_webhooks_matrix_nginx_proxy_configuration]
|
||||||
}}
|
}}
|
||||||
tags:
|
tags:
|
||||||
- always
|
- always
|
||||||
when: matrix_appservice_webhooks_enabled|bool
|
when: matrix_appservice_webhooks_enabled|bool
|
||||||
|
|
||||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||||
|
@ -1,3 +1,5 @@
|
|||||||
|
---
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||||
tags:
|
tags:
|
||||||
- always
|
- always
|
||||||
|
@ -8,10 +8,10 @@
|
|||||||
owner: "{{ matrix_user_username }}"
|
owner: "{{ matrix_user_username }}"
|
||||||
group: "{{ matrix_user_groupname }}"
|
group: "{{ matrix_user_groupname }}"
|
||||||
with_items:
|
with_items:
|
||||||
- { path: "{{ matrix_appservice_webhooks_base_path }}", when: true }
|
- {path: "{{ matrix_appservice_webhooks_base_path }}", when: true}
|
||||||
- { path: "{{ matrix_appservice_webhooks_config_path }}", when: true }
|
- {path: "{{ matrix_appservice_webhooks_config_path }}", when: true}
|
||||||
- { path: "{{ matrix_appservice_webhooks_data_path }}", when: true }
|
- {path: "{{ matrix_appservice_webhooks_data_path }}", when: true}
|
||||||
- { path: "{{ matrix_appservice_webhooks_docker_src_files_path }}", when: "{{ matrix_appservice_webhooks_container_image_self_build }}"}
|
- {path: "{{ matrix_appservice_webhooks_docker_src_files_path }}", when: "{{ matrix_appservice_webhooks_container_image_self_build }}"}
|
||||||
when: "item.when|bool"
|
when: "item.when|bool"
|
||||||
|
|
||||||
- name: Ensure Appservice webhooks image is pulled
|
- name: Ensure Appservice webhooks image is pulled
|
||||||
@ -40,7 +40,7 @@
|
|||||||
build:
|
build:
|
||||||
dockerfile: "{{ matrix_appservice_webhooks_container_image_self_build_repo_dockerfile_path }}"
|
dockerfile: "{{ matrix_appservice_webhooks_container_image_self_build_repo_dockerfile_path }}"
|
||||||
path: "{{ matrix_appservice_webhooks_docker_src_files_path }}"
|
path: "{{ matrix_appservice_webhooks_docker_src_files_path }}"
|
||||||
pull: yes
|
pull: true
|
||||||
when: "matrix_appservice_webhooks_container_image_self_build|bool"
|
when: "matrix_appservice_webhooks_container_image_self_build|bool"
|
||||||
|
|
||||||
- name: Ensure Matrix Appservice webhooks config is installed
|
- name: Ensure Matrix Appservice webhooks config is installed
|
||||||
@ -84,5 +84,5 @@
|
|||||||
|
|
||||||
- name: Ensure systemd reloaded after matrix-appservice-webhooks.service installation
|
- name: Ensure systemd reloaded after matrix-appservice-webhooks.service installation
|
||||||
service:
|
service:
|
||||||
daemon_reload: yes
|
daemon_reload: true
|
||||||
when: "matrix_appservice_webhooks_systemd_service_result.changed"
|
when: "matrix_appservice_webhooks_systemd_service_result.changed"
|
||||||
|
@ -9,8 +9,8 @@
|
|||||||
service:
|
service:
|
||||||
name: matrix-appservice-webhooks
|
name: matrix-appservice-webhooks
|
||||||
state: stopped
|
state: stopped
|
||||||
enabled: no
|
enabled: false
|
||||||
daemon_reload: yes
|
daemon_reload: true
|
||||||
when: "matrix_appservice_webhooks_service_stat.stat.exists"
|
when: "matrix_appservice_webhooks_service_stat.stat.exists"
|
||||||
|
|
||||||
- name: Ensure matrix-appservice-webhooks.service doesn't exist
|
- name: Ensure matrix-appservice-webhooks.service doesn't exist
|
||||||
@ -21,5 +21,5 @@
|
|||||||
|
|
||||||
- name: Ensure systemd reloaded after matrix-appservice-webhooks.service removal
|
- name: Ensure systemd reloaded after matrix-appservice-webhooks.service removal
|
||||||
service:
|
service:
|
||||||
daemon_reload: yes
|
daemon_reload: true
|
||||||
when: "matrix_appservice_webhooks_service_stat.stat.exists"
|
when: "matrix_appservice_webhooks_service_stat.stat.exists"
|
||||||
|
@ -1,3 +1,4 @@
|
|||||||
|
---
|
||||||
# beeper-linkedin is a Matrix <-> LinkedIn bridge
|
# beeper-linkedin is a Matrix <-> LinkedIn bridge
|
||||||
# See: https://gitlab.com/beeper/linkedin
|
# See: https://gitlab.com/beeper/linkedin
|
||||||
|
|
||||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user