1
0
mirror of https://github.com/spantaleev/matrix-docker-ansible-deploy.git synced 2024-12-12 08:43:55 +02:00

fix: all praise the allmighty yamllinter

This commit is contained in:
Marko Weltzer 2022-02-05 21:32:54 +01:00
parent d3983a0f04
commit 7e5b88c3b7
373 changed files with 1565 additions and 1296 deletions

1
.github/FUNDING.yml vendored
View File

@ -1,3 +1,4 @@
---
# These are supported funding model platforms # These are supported funding model platforms
# https://liberapay.com/s.pantaleev/ # https://liberapay.com/s.pantaleev/

5
.yamllint Normal file
View File

@ -0,0 +1,5 @@
---
extends: default
rules:
line-length: disable

View File

@ -1,4 +1,4 @@
--- ---
collections: collections:
- name: community.general - name: community.general
- name: community.docker - name: community.docker

View File

@ -28,7 +28,7 @@ If you use curl, you can get an access token like this:
``` ```
curl -X POST --header 'Content-Type: application/json' -d '{ curl -X POST --header 'Content-Type: application/json' -d '{
"identifier": { "type": "m.id.user", "user": "bot.go-neb" }, "identifier": { "type": "m.id.user", "user": "bot.go-neb"},
"password": "a strong password", "password": "a strong password",
"type": "m.login.password" "type": "m.login.password"
}' 'https://matrix.YOURDOMAIN/_matrix/client/r0/login' }' 'https://matrix.YOURDOMAIN/_matrix/client/r0/login'
@ -198,8 +198,8 @@ matrix_bot_go_neb_services:
# Each room will get the notification with the alert rendered with the given template # Each room will get the notification with the alert rendered with the given template
rooms: rooms:
"!someroomid:domain.tld": "!someroomid:domain.tld":
text_template: "{% raw %}{{range .Alerts -}} [{{ .Status }}] {{index .Labels \"alertname\" }}: {{index .Annotations \"description\"}} {{ end -}}{% endraw %}" text_template: "{% raw %}{{range .Alerts -}} [{{ .Status }}] {{index .Labels \"alertname\"}}: {{index .Annotations \"description\"}} {{ end -}}{% endraw %}"
html_template: "{% raw %}{{range .Alerts -}} {{ $severity := index .Labels \"severity\" }} {{ if eq .Status \"firing\" }} {{ if eq $severity \"critical\"}} <font color='red'><b>[FIRING - CRITICAL]</b></font> {{ else if eq $severity \"warning\"}} <font color='orange'><b>[FIRING - WARNING]</b></font> {{ else }} <b>[FIRING - {{ $severity }}]</b> {{ end }} {{ else }} <font color='green'><b>[RESOLVED]</b></font> {{ end }} {{ index .Labels \"alertname\"}} : {{ index .Annotations \"description\"}} <a href=\"{{ .GeneratorURL }}\">source</a><br/>{{end -}}{% endraw %}" html_template: "{% raw %}{{range .Alerts -}} {{ $severity := index .Labels \"severity\"}} {{ if eq .Status \"firing\"}} {{ if eq $severity \"critical\"}} <font color='red'><b>[FIRING - CRITICAL]</b></font> {{ else if eq $severity \"warning\"}} <font color='orange'><b>[FIRING - WARNING]</b></font> {{ else }} <b>[FIRING - {{ $severity }}]</b> {{ end }} {{ else }} <font color='green'><b>[RESOLVED]</b></font> {{ end }} {{ index .Labels \"alertname\"}} : {{ index .Annotations \"description\"}} <a href=\"{{ .GeneratorURL }}\">source</a><br/>{{end -}}{% endraw %}"
msg_type: "m.text" # Must be either `m.text` or `m.notice` msg_type: "m.text" # Must be either `m.text` or `m.notice`
``` ```

View File

@ -28,7 +28,7 @@ If you use curl, you can get an access token like this:
``` ```
curl -X POST --header 'Content-Type: application/json' -d '{ curl -X POST --header 'Content-Type: application/json' -d '{
"identifier": { "type": "m.id.user", "user": "bot.mjolnir" }, "identifier": { "type": "m.id.user", "user": "bot.mjolnir"},
"password": "PASSWORD_FOR_THE_BOT", "password": "PASSWORD_FOR_THE_BOT",
"type": "m.login.password" "type": "m.login.password"
}' 'https://matrix.DOMAIN/_matrix/client/r0/login' }' 'https://matrix.DOMAIN/_matrix/client/r0/login'

View File

@ -50,7 +50,7 @@ When using this method, **each user** that wishes to enable Double Puppeting nee
``` ```
curl \ curl \
--data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME" }, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Facebook", "initial_device_display_name": "Mautrix-Facebook"}' \ --data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME"}, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Facebook", "initial_device_display_name": "Mautrix-Facebook"}' \
https://matrix.DOMAIN/_matrix/client/r0/login https://matrix.DOMAIN/_matrix/client/r0/login
``` ```

View File

@ -33,7 +33,7 @@ When using this method, **each user** that wishes to enable Double Puppeting nee
``` ```
curl \ curl \
--data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME" }, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-googlechat", "initial_device_display_name": "Mautrix-googlechat"}' \ --data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME"}, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-googlechat", "initial_device_display_name": "Mautrix-googlechat"}' \
https://matrix.DOMAIN/_matrix/client/r0/login https://matrix.DOMAIN/_matrix/client/r0/login
``` ```

View File

@ -35,7 +35,7 @@ When using this method, **each user** that wishes to enable Double Puppeting nee
``` ```
curl \ curl \
--data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME" }, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Hangouts", "initial_device_display_name": "Mautrix-Hangouts"}' \ --data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME"}, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Hangouts", "initial_device_display_name": "Mautrix-Hangouts"}' \
https://matrix.DOMAIN/_matrix/client/r0/login https://matrix.DOMAIN/_matrix/client/r0/login
``` ```

View File

@ -77,7 +77,7 @@ When using this method, **each user** that wishes to enable Double Puppeting nee
``` ```
curl \ curl \
--data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME" }, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Signal", "initial_device_display_name": "Mautrix-Signal"}' \ --data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME"}, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Signal", "initial_device_display_name": "Mautrix-Signal"}' \
https://matrix.DOMAIN/_matrix/client/r0/login https://matrix.DOMAIN/_matrix/client/r0/login
``` ```

View File

@ -32,7 +32,7 @@ When using this method, **each user** that wishes to enable Double Puppeting nee
``` ```
curl \ curl \
--data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME" }, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Telegram", "initial_device_display_name": "Mautrix-Telegram"}' \ --data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME"}, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Telegram", "initial_device_display_name": "Mautrix-Telegram"}' \
https://matrix.DOMAIN/_matrix/client/r0/login https://matrix.DOMAIN/_matrix/client/r0/login
``` ```

View File

@ -48,7 +48,7 @@ When using this method, **each user** that wishes to enable Double Puppeting nee
``` ```
curl \ curl \
--data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME" }, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Whatsapp", "initial_device_display_name": "Mautrix-Whatsapp"}' \ --data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME"}, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Whatsapp", "initial_device_display_name": "Mautrix-Whatsapp"}' \
https://matrix.DOMAIN/_matrix/client/r0/login https://matrix.DOMAIN/_matrix/client/r0/login
``` ```

View File

@ -53,7 +53,7 @@ To get an access token for the Dimension user, you can follow one of two options
``` ```
curl -X POST --header 'Content-Type: application/json' -d '{ curl -X POST --header 'Content-Type: application/json' -d '{
"identifier": { "type": "m.id.user", "user": "YourDimensionUsername" }, "identifier": { "type": "m.id.user", "user": "YourDimensionUsername"},
"password": "YourDimensionPassword", "password": "YourDimensionPassword",
"type": "m.login.password" "type": "m.login.password"
}' 'https://matrix.YOURDOMAIN/_matrix/client/r0/login' }' 'https://matrix.YOURDOMAIN/_matrix/client/r0/login'

View File

@ -40,7 +40,7 @@ To do this, you can execute a command like this:
``` ```
curl \ curl \
--data '{"identifier": {"type": "m.id.user", "user": "email2matrix" }, "password": "MATRIX_PASSWORD_FOR_THE_USER", "type": "m.login.password", "device_id": "Email2Matrix", "initial_device_display_name": "Email2Matrix"}' \ --data '{"identifier": {"type": "m.id.user", "user": "email2matrix"}, "password": "MATRIX_PASSWORD_FOR_THE_USER", "type": "m.login.password", "device_id": "Email2Matrix", "initial_device_display_name": "Email2Matrix"}' \
https://matrix.DOMAIN/_matrix/client/r0/login https://matrix.DOMAIN/_matrix/client/r0/login
``` ```

View File

@ -41,5 +41,5 @@ If you didn't make your account a server admin when you created it, you can use
### Example: ### Example:
To set @user:domain.com's password to `correct_horse_battery_staple` you could use this curl command: To set @user:domain.com's password to `correct_horse_battery_staple` you could use this curl command:
``` ```
curl -XPOST -d '{ "new_password": "correct_horse_battery_staple" }' "https://matrix.<domain>/_matrix/client/r0/admin/reset_password/@user:domain.com?access_token=MDA...this_is_my_access_token curl -XPOST -d '{ "new_password": "correct_horse_battery_staple"}' "https://matrix.<domain>/_matrix/client/r0/admin/reset_password/@user:domain.com?access_token=MDA...this_is_my_access_token
``` ```

View File

@ -1,7 +1,8 @@
---
version: '3' version: '3'
services: services:
nginx: nginx:
image: local/nginx image: local/nginx
ports: ports:
- 40888:80 - 40888:80
volumes: volumes:

View File

@ -1,3 +1,4 @@
---
# The bare domain name which represents your Matrix identity. # The bare domain name which represents your Matrix identity.
# Matrix user ids for your server will be of the form (`@user:<matrix-domain>`). # Matrix user ids for your server will be of the form (`@user:<matrix-domain>`).
# #

View File

@ -265,7 +265,7 @@ matrix_beeper_linkedin_homeserver_token: "{{ '%s' | format(matrix_homeserver_gen
matrix_beeper_linkedin_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}" matrix_beeper_linkedin_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
matrix_beeper_linkedin_bridge_presence: "{{ matrix_synapse_presence_enabled if matrix_synapse_enabled else true }}" matrix_beeper_linkedin_bridge_presence: "{{ matrix_synapse_presence_enabled if matrix_synapse_enabled else true}}"
matrix_beeper_linkedin_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'maulinkedin.db') | to_uuid }}" matrix_beeper_linkedin_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'maulinkedin.db') | to_uuid }}"
@ -303,7 +303,7 @@ matrix_mautrix_facebook_homeserver_token: "{{ '%s' | format(matrix_homeserver_ge
matrix_mautrix_facebook_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}" matrix_mautrix_facebook_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
matrix_mautrix_facebook_bridge_presence: "{{ matrix_synapse_presence_enabled if matrix_synapse_enabled else true }}" matrix_mautrix_facebook_bridge_presence: "{{ matrix_synapse_presence_enabled if matrix_synapse_enabled else true}}"
# We'd like to force-set people with external Postgres to SQLite, so the bridge role can complain # We'd like to force-set people with external Postgres to SQLite, so the bridge role can complain
# and point them to a migration path. # and point them to a migration path.
@ -427,7 +427,7 @@ matrix_mautrix_instagram_homeserver_token: "{{ '%s' | format(matrix_homeserver_g
matrix_mautrix_instagram_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}" matrix_mautrix_instagram_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
matrix_mautrix_instagram_bridge_presence: "{{ matrix_synapse_presence_enabled if matrix_synapse_enabled else true }}" matrix_mautrix_instagram_bridge_presence: "{{ matrix_synapse_presence_enabled if matrix_synapse_enabled else true}}"
# We'd like to force-set people with external Postgres to SQLite, so the bridge role can complain # We'd like to force-set people with external Postgres to SQLite, so the bridge role can complain
# and point them to a migration path. # and point them to a migration path.
@ -1367,7 +1367,7 @@ matrix_ma1sd_threepid_medium_email_connectors_smtp_host: "matrix-mailer"
matrix_ma1sd_threepid_medium_email_connectors_smtp_port: 8025 matrix_ma1sd_threepid_medium_email_connectors_smtp_port: 8025
matrix_ma1sd_threepid_medium_email_connectors_smtp_tls: 0 matrix_ma1sd_threepid_medium_email_connectors_smtp_tls: 0
matrix_ma1sd_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true }}" matrix_ma1sd_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true}}"
matrix_ma1sd_systemd_required_services_list: | matrix_ma1sd_systemd_required_services_list: |
{{ {{
@ -1479,7 +1479,7 @@ matrix_nginx_proxy_proxy_matrix_user_directory_search_enabled: "{{ matrix_ma1sd_
matrix_nginx_proxy_proxy_matrix_user_directory_search_addr_with_container: "{{ matrix_nginx_proxy_proxy_matrix_identity_api_addr_with_container }}" matrix_nginx_proxy_proxy_matrix_user_directory_search_addr_with_container: "{{ matrix_nginx_proxy_proxy_matrix_identity_api_addr_with_container }}"
matrix_nginx_proxy_proxy_matrix_user_directory_search_addr_sans_container: "{{ matrix_nginx_proxy_proxy_matrix_identity_api_addr_sans_container }}" matrix_nginx_proxy_proxy_matrix_user_directory_search_addr_sans_container: "{{ matrix_nginx_proxy_proxy_matrix_identity_api_addr_sans_container }}"
matrix_nginx_proxy_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true }}" matrix_nginx_proxy_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true}}"
# OCSP stapling does not make sense when self-signed certificates are used. # OCSP stapling does not make sense when self-signed certificates are used.
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1073 # See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1073
@ -1886,7 +1886,7 @@ matrix_client_element_integrations_rest_url: "{{ matrix_dimension_integrations_r
matrix_client_element_integrations_widgets_urls: "{{ matrix_dimension_integrations_widgets_urls if matrix_dimension_enabled else ['https://scalar.vector.im/api'] }}" matrix_client_element_integrations_widgets_urls: "{{ matrix_dimension_integrations_widgets_urls if matrix_dimension_enabled else ['https://scalar.vector.im/api'] }}"
matrix_client_element_integrations_jitsi_widget_url: "{{ matrix_dimension_integrations_jitsi_widget_url if matrix_dimension_enabled else 'https://scalar.vector.im/api/widgets/jitsi.html' }}" matrix_client_element_integrations_jitsi_widget_url: "{{ matrix_dimension_integrations_jitsi_widget_url if matrix_dimension_enabled else 'https://scalar.vector.im/api/widgets/jitsi.html' }}"
matrix_client_element_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true }}" matrix_client_element_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true}}"
matrix_client_element_registration_enabled: "{{ matrix_synapse_enable_registration }}" matrix_client_element_registration_enabled: "{{ matrix_synapse_enable_registration }}"
@ -1924,7 +1924,7 @@ matrix_client_hydrogen_container_http_host_bind_port: "{{ '' if matrix_nginx_pro
matrix_client_hydrogen_default_hs_url: "{{ matrix_homeserver_url }}" matrix_client_hydrogen_default_hs_url: "{{ matrix_homeserver_url }}"
matrix_client_hydrogen_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true }}" matrix_client_hydrogen_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true}}"
###################################################################### ######################################################################
# #
@ -1951,7 +1951,7 @@ matrix_client_cinny_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_
matrix_client_cinny_default_hs_url: "{{ matrix_homeserver_url }}" matrix_client_cinny_default_hs_url: "{{ matrix_homeserver_url }}"
matrix_client_cinny_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true }}" matrix_client_cinny_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true}}"
###################################################################### ######################################################################
# #
@ -2042,7 +2042,7 @@ matrix_synapse_turn_uris: |
matrix_synapse_turn_shared_secret: "{{ matrix_coturn_turn_static_auth_secret if matrix_coturn_enabled else '' }}" matrix_synapse_turn_shared_secret: "{{ matrix_coturn_turn_static_auth_secret if matrix_coturn_enabled else '' }}"
matrix_synapse_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true }}" matrix_synapse_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true}}"
matrix_synapse_systemd_required_services_list: | matrix_synapse_systemd_required_services_list: |
{{ {{
@ -2228,7 +2228,7 @@ matrix_registration_shared_secret: |-
matrix_registration_server_location: "{{ matrix_homeserver_container_url }}" matrix_registration_server_location: "{{ matrix_homeserver_container_url }}"
matrix_registration_api_validate_certs: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true }}" matrix_registration_api_validate_certs: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true}}"
matrix_registration_container_image_self_build: "{{ matrix_architecture != 'amd64' }}" matrix_registration_container_image_self_build: "{{ matrix_architecture != 'amd64' }}"
@ -2320,7 +2320,7 @@ matrix_dendrite_turn_shared_secret: "{{ matrix_coturn_turn_static_auth_secret if
matrix_dendrite_disable_tls_validation: "{{ true if matrix_ssl_retrieval_method == 'self-signed' else false }}" matrix_dendrite_disable_tls_validation: "{{ true if matrix_ssl_retrieval_method == 'self-signed' else false }}"
matrix_dendrite_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true }}" matrix_dendrite_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true}}"
matrix_dendrite_trusted_id_servers: "{{ [matrix_server_fqn_matrix] if matrix_ma1sd_enabled else ['matrix.org', 'vector.im'] }}" matrix_dendrite_trusted_id_servers: "{{ [matrix_server_fqn_matrix] if matrix_ma1sd_enabled else ['matrix.org', 'vector.im'] }}"

View File

@ -1,3 +1,5 @@
---
- import_tasks: "{{ role_path }}/tasks/setup.yml" - import_tasks: "{{ role_path }}/tasks/setup.yml"
when: run_stop|bool when: run_stop|bool
tags: tags:

View File

@ -1,3 +1,5 @@
---
matrix_awx_enabled: true matrix_awx_enabled: true
# Defaults for 'Customise Website + Access Export' template # Defaults for 'Customise Website + Access Export' template

View File

@ -1,3 +1,4 @@
---
- name: Record Backup Server variables locally on AWX - name: Record Backup Server variables locally on AWX
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
@ -38,18 +39,18 @@
credential: "{{ member_id }} - AWX SSH Key" credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/backup_server.json') }}" survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/backup_server.json') }}"
become_enabled: yes become_enabled: true
state: present state: present
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true
tags: use-survey tags: use-survey
- name: Include vars in matrix_vars.yml - name: Include vars in matrix_vars.yml
include_vars: include_vars:
file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml' file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
no_log: True no_log: true
- name: Copy new 'matrix_vars.yml' to target machine - name: Copy new 'matrix_vars.yml' to target machine
copy: copy:
@ -58,8 +59,8 @@
mode: '0660' mode: '0660'
tags: use-survey tags: use-survey
- name: Run initial backup of /matrix/ and snapshot the database simultaneously - name: Run initial backup of /matrix/ and snapshot the database simultaneously
command: "{{ item }}" command: "{{ item }}"
with_items: with_items:
- borgmatic -c /root/.config/borgmatic/config_1.yaml - borgmatic -c /root/.config/borgmatic/config_1.yaml
- /bin/sh /usr/local/bin/awx-export-service.sh 1 0 - /bin/sh /usr/local/bin/awx-export-service.sh 1 0

View File

@ -1,3 +1,4 @@
---
- name: Record Bridge Discord AppService variables locally on AWX - name: Record Bridge Discord AppService variables locally on AWX
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
@ -33,7 +34,7 @@
- name: Copy new 'Bridge Discord Appservice' survey.json to target machine - name: Copy new 'Bridge Discord Appservice' survey.json to target machine
copy: copy:
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/bridge_discord_appservice.json' src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/bridge_discord_appservice.json'
dest: '/matrix/awx/bridge_discord_appservice.json' dest: '/matrix/awx/bridge_discord_appservice.json'
mode: '0660' mode: '0660'
- name: Recreate 'Bridge Discord Appservice' job template - name: Recreate 'Bridge Discord Appservice' job template
@ -54,4 +55,4 @@
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true

View File

@ -1,3 +1,4 @@
---
- name: Collect current datetime - name: Collect current datetime
set_fact: set_fact:

View File

@ -1,3 +1,4 @@
---
- name: Create a AWX session token for executing modules - name: Create a AWX session token for executing modules
awx.awx.tower_token: awx.awx.tower_token:
@ -7,4 +8,4 @@
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_master_token }}" tower_oauthtoken: "{{ awx_master_token }}"
register: awx_session_token register: awx_session_token
no_log: True no_log: true

View File

@ -1,3 +1,4 @@
---
# #
# Create user and define if they are admin # Create user and define if they are admin
# #

View File

@ -48,7 +48,7 @@
- name: Reload vars in matrix_vars.yml - name: Reload vars in matrix_vars.yml
include_vars: include_vars:
file: '{{ awx_cached_matrix_vars }}' file: '{{ awx_cached_matrix_vars }}'
no_log: True no_log: true
- name: Save new 'Customise Website + Access Export' survey.json to the AWX tower, template - name: Save new 'Customise Website + Access Export' survey.json to the AWX tower, template
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
@ -60,7 +60,7 @@
- name: Copy new 'Customise Website + Access Export' survey.json to target machine - name: Copy new 'Customise Website + Access Export' survey.json to target machine
copy: copy:
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_website_access_export.json' src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_website_access_export.json'
dest: '/matrix/awx/configure_website_access_export.json' dest: '/matrix/awx/configure_website_access_export.json'
mode: '0660' mode: '0660'
when: awx_customise_base_domain_website is defined when: awx_customise_base_domain_website is defined
@ -74,7 +74,7 @@
- name: Copy new 'Customise Website + Access Export' survey.json to target machine - name: Copy new 'Customise Website + Access Export' survey.json to target machine
copy: copy:
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/access_export.json' src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/access_export.json'
dest: '/matrix/awx/access_export.json' dest: '/matrix/awx/access_export.json'
mode: '0660' mode: '0660'
when: awx_customise_base_domain_website is undefined when: awx_customise_base_domain_website is undefined
@ -92,12 +92,12 @@
credential: "{{ member_id }} - AWX SSH Key" credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_website_access_export.json') }}" survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_website_access_export.json') }}"
become_enabled: yes become_enabled: true
state: present state: present
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true
when: awx_customise_base_domain_website is defined when: awx_customise_base_domain_website is defined
- name: Recreate 'Access Export' job template - name: Recreate 'Access Export' job template
@ -114,12 +114,12 @@
credential: "{{ member_id }} - AWX SSH Key" credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/access_export.json') }}" survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/access_export.json') }}"
become_enabled: yes become_enabled: true
state: present state: present
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true
when: awx_customise_base_domain_website is undefined when: awx_customise_base_domain_website is undefined
- name: If user doesn't define a awx_sftp_password, create a disabled 'sftp' account - name: If user doesn't define a awx_sftp_password, create a disabled 'sftp' account
@ -153,7 +153,7 @@
user: user:
name: sftp name: sftp
groups: sftp groups: sftp
append: yes append: true
when: awx_customise_base_domain_website is defined when: awx_customise_base_domain_website is defined
- name: Create the ro /chroot directory with sticky bit if it doesn't exist. (/chroot/website has matrix:matrix permissions and is mounted to nginx container) - name: Create the ro /chroot directory with sticky bit if it doesn't exist. (/chroot/website has matrix:matrix permissions and is mounted to nginx container)
@ -208,7 +208,7 @@
group: sftp group: sftp
mode: '0644' mode: '0644'
when: (awx_sftp_public_key | length > 0) and (awx_sftp_auth_method == "SSH Key") when: (awx_sftp_public_key | length > 0) and (awx_sftp_auth_method == "SSH Key")
- name: Remove any existing Subsystem lines - name: Remove any existing Subsystem lines
lineinfile: lineinfile:
path: /etc/ssh/sshd_config path: /etc/ssh/sshd_config

View File

@ -1,7 +1,7 @@
--- ---
- name: Run export of /matrix/ and snapshot the database simultaneously - name: Run export of /matrix/ and snapshot the database simultaneously
command: "{{ item }}" command: "{{ item }}"
with_items: with_items:
- /bin/sh /usr/local/bin/awx-export-service.sh 1 0 - /bin/sh /usr/local/bin/awx-export-service.sh 1 0
- /bin/sh /usr/local/bin/awx-export-service.sh 0 1 - /bin/sh /usr/local/bin/awx-export-service.sh 0 1
@ -23,7 +23,7 @@
command: rm /chroot/export/matrix* command: rm /chroot/export/matrix*
count: 1 count: 1
units: days units: days
unique: yes unique: true
- name: Delete the AWX session token for executing modules - name: Delete the AWX session token for executing modules
awx.awx.tower_token: awx.awx.tower_token:

View File

@ -3,14 +3,14 @@
- name: Include vars in organisation.yml - name: Include vars in organisation.yml
include_vars: include_vars:
file: '/var/lib/awx/projects/clients/{{ member_id }}/organisation.yml' file: '/var/lib/awx/projects/clients/{{ member_id }}/organisation.yml'
no_log: True no_log: true
- name: Include vars in hosting_vars.yml - name: Include vars in hosting_vars.yml
include_vars: include_vars:
file: '/var/lib/awx/projects/hosting/hosting_vars.yml' file: '/var/lib/awx/projects/hosting/hosting_vars.yml'
no_log: True no_log: true
- name: Include AWX master token from awx_tokens.yml - name: Include AWX master token from awx_tokens.yml
include_vars: include_vars:
file: /var/lib/awx/projects/hosting/awx_tokens.yml file: /var/lib/awx/projects/hosting/awx_tokens.yml
no_log: True no_log: true

View File

@ -3,9 +3,9 @@
- name: Include new vars in matrix_vars.yml - name: Include new vars in matrix_vars.yml
include_vars: include_vars:
file: '{{ awx_cached_matrix_vars }}' file: '{{ awx_cached_matrix_vars }}'
no_log: True no_log: true
- name: If include_vars succeeds overwrite the old matrix_vars.yml - name: If include_vars succeeds overwrite the old matrix_vars.yml
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
shell: "cp {{ awx_cached_matrix_vars }} /var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml && rm {{ awx_cached_matrix_vars }}" shell: "cp {{ awx_cached_matrix_vars }} /var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml && rm {{ awx_cached_matrix_vars }}"

View File

@ -1,6 +1,6 @@
---
# Load initial hosting and organisation variables from AWX volume # Load initial hosting and organisation variables from AWX volume
- include_tasks: - include_tasks:
file: "load_hosting_and_org_variables.yml" file: "load_hosting_and_org_variables.yml"
apply: apply:
tags: always tags: always
@ -9,7 +9,7 @@
- always - always
# Renames or updates the vars.yml if needed # Renames or updates the vars.yml if needed
- include_tasks: - include_tasks:
file: "update_variables.yml" file: "update_variables.yml"
apply: apply:
tags: always tags: always
@ -18,7 +18,7 @@
- always - always
# Create AWX session token # Create AWX session token
- include_tasks: - include_tasks:
file: "create_session_token.yml" file: "create_session_token.yml"
apply: apply:
tags: always tags: always
@ -27,7 +27,7 @@
- always - always
# Perform a backup of the server # Perform a backup of the server
- include_tasks: - include_tasks:
file: "backup_server.yml" file: "backup_server.yml"
apply: apply:
tags: backup-server tags: backup-server
@ -36,7 +36,7 @@
- backup-server - backup-server
# Perform a export of the server # Perform a export of the server
- include_tasks: - include_tasks:
file: "export_server.yml" file: "export_server.yml"
apply: apply:
tags: export-server tags: export-server
@ -45,7 +45,7 @@
- export-server - export-server
# Create a user account if called # Create a user account if called
- include_tasks: - include_tasks:
file: "create_user.yml" file: "create_user.yml"
apply: apply:
tags: create-user tags: create-user
@ -54,7 +54,7 @@
- create-user - create-user
# Purge local/remote media if called # Purge local/remote media if called
- include_tasks: - include_tasks:
file: "purge_media_main.yml" file: "purge_media_main.yml"
apply: apply:
tags: purge-media tags: purge-media
@ -63,7 +63,7 @@
- purge-media - purge-media
# Purge Synapse database if called # Purge Synapse database if called
- include_tasks: - include_tasks:
file: "purge_database_main.yml" file: "purge_database_main.yml"
apply: apply:
tags: purge-database tags: purge-database
@ -72,7 +72,7 @@
- purge-database - purge-database
# Rotate SSH key if called # Rotate SSH key if called
- include_tasks: - include_tasks:
file: "rotate_ssh.yml" file: "rotate_ssh.yml"
apply: apply:
tags: rotate-ssh tags: rotate-ssh
@ -81,16 +81,16 @@
- rotate-ssh - rotate-ssh
# Import configs, media repo from /chroot/backup import # Import configs, media repo from /chroot/backup import
- include_tasks: - include_tasks:
file: "import_awx.yml" file: "import_awx.yml"
apply: apply:
tags: import-awx tags: import-awx
when: run_setup|bool and matrix_awx_enabled|bool when: run_setup|bool and matrix_awx_enabled|bool
tags: tags:
- import-awx - import-awx
# Perform extra self-check functions # Perform extra self-check functions
- include_tasks: - include_tasks:
file: "self_check.yml" file: "self_check.yml"
apply: apply:
tags: self-check tags: self-check
@ -99,7 +99,7 @@
- self-check - self-check
# Create cached matrix_vars.yml file # Create cached matrix_vars.yml file
- include_tasks: - include_tasks:
file: "cache_matrix_variables.yml" file: "cache_matrix_variables.yml"
apply: apply:
tags: always tags: always
@ -108,7 +108,7 @@
- always - always
# Configure SFTP so user can upload a static website or access the servers export # Configure SFTP so user can upload a static website or access the servers export
- include_tasks: - include_tasks:
file: "customise_website_access_export.yml" file: "customise_website_access_export.yml"
apply: apply:
tags: setup-nginx-proxy tags: setup-nginx-proxy
@ -117,7 +117,7 @@
- setup-nginx-proxy - setup-nginx-proxy
# Additional playbook to set the variable file during Element configuration # Additional playbook to set the variable file during Element configuration
- include_tasks: - include_tasks:
file: "set_variables_element.yml" file: "set_variables_element.yml"
apply: apply:
tags: setup-client-element tags: setup-client-element
@ -126,7 +126,7 @@
- setup-client-element - setup-client-element
# Additional playbook to set the variable file during Mailer configuration # Additional playbook to set the variable file during Mailer configuration
- include_tasks: - include_tasks:
file: "set_variables_mailer.yml" file: "set_variables_mailer.yml"
apply: apply:
tags: setup-mailer tags: setup-mailer
@ -135,7 +135,7 @@
- setup-mailer - setup-mailer
# Additional playbook to set the variable file during Element configuration # Additional playbook to set the variable file during Element configuration
- include_tasks: - include_tasks:
file: "set_variables_element_subdomain.yml" file: "set_variables_element_subdomain.yml"
apply: apply:
tags: setup-client-element-subdomain tags: setup-client-element-subdomain
@ -144,7 +144,7 @@
- setup-client-element-subdomain - setup-client-element-subdomain
# Additional playbook to set the variable file during Synapse configuration # Additional playbook to set the variable file during Synapse configuration
- include_tasks: - include_tasks:
file: "set_variables_synapse.yml" file: "set_variables_synapse.yml"
apply: apply:
tags: setup-synapse tags: setup-synapse
@ -153,7 +153,7 @@
- setup-synapse - setup-synapse
# Additional playbook to set the variable file during Jitsi configuration # Additional playbook to set the variable file during Jitsi configuration
- include_tasks: - include_tasks:
file: "set_variables_jitsi.yml" file: "set_variables_jitsi.yml"
apply: apply:
tags: setup-jitsi tags: setup-jitsi
@ -162,7 +162,7 @@
- setup-jitsi - setup-jitsi
# Additional playbook to set the variable file during Ma1sd configuration # Additional playbook to set the variable file during Ma1sd configuration
- include_tasks: - include_tasks:
file: "set_variables_ma1sd.yml" file: "set_variables_ma1sd.yml"
apply: apply:
tags: setup-ma1sd tags: setup-ma1sd
@ -171,7 +171,7 @@
- setup-ma1sd - setup-ma1sd
# Additional playbook to set the variable file during Corporal configuration # Additional playbook to set the variable file during Corporal configuration
- include_tasks: - include_tasks:
file: "set_variables_corporal.yml" file: "set_variables_corporal.yml"
apply: apply:
tags: setup-corporal tags: setup-corporal
@ -180,7 +180,7 @@
- setup-corporal - setup-corporal
# Additional playbook to set the variable file during Dimension configuration # Additional playbook to set the variable file during Dimension configuration
- include_tasks: - include_tasks:
file: "set_variables_dimension.yml" file: "set_variables_dimension.yml"
apply: apply:
tags: setup-dimension tags: setup-dimension
@ -189,7 +189,7 @@
- setup-dimension - setup-dimension
# Additional playbook to set the variable file during Synapse Admin configuration # Additional playbook to set the variable file during Synapse Admin configuration
- include_tasks: - include_tasks:
file: "set_variables_synapse_admin.yml" file: "set_variables_synapse_admin.yml"
apply: apply:
tags: setup-synapse-admin tags: setup-synapse-admin
@ -198,7 +198,7 @@
- setup-synapse-admin - setup-synapse-admin
# Additional playbook to set the variable file during Discord Appservice Bridge configuration # Additional playbook to set the variable file during Discord Appservice Bridge configuration
- include_tasks: - include_tasks:
file: "bridge_discord_appservice.yml" file: "bridge_discord_appservice.yml"
apply: apply:
tags: bridge-discord-appservice tags: bridge-discord-appservice
@ -207,7 +207,7 @@
- bridge-discord-appservice - bridge-discord-appservice
# Delete AWX session token # Delete AWX session token
- include_tasks: - include_tasks:
file: "delete_session_token.yml" file: "delete_session_token.yml"
apply: apply:
tags: always tags: always
@ -216,7 +216,7 @@
- always - always
# Load newly formed matrix variables from AWX volume # Load newly formed matrix variables from AWX volume
- include_tasks: - include_tasks:
file: "load_matrix_variables.yml" file: "load_matrix_variables.yml"
apply: apply:
tags: always tags: always

View File

@ -9,20 +9,20 @@
- name: Include vars in matrix_vars.yml - name: Include vars in matrix_vars.yml
include_vars: include_vars:
file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml' file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
no_log: True no_log: true
- name: Ensure curl and jq intalled on target machine - name: Ensure curl and jq intalled on target machine
apt: apt:
pkg: pkg:
- curl - curl
- jq - jq
state: present state: present
- name: Collect before shrink size of Synapse database - name: Collect before shrink size of Synapse database
shell: du -sh /matrix/postgres/data shell: du -sh /matrix/postgres/data
register: awx_db_size_before_stat register: awx_db_size_before_stat
when: (awx_purge_mode.find("Perform final shrink") != -1) when: (awx_purge_mode.find("Perform final shrink") != -1)
no_log: True no_log: true
- name: Collect the internal IP of the matrix-synapse container - name: Collect the internal IP of the matrix-synapse container
shell: "/usr/bin/docker inspect --format '{''{range.NetworkSettings.Networks}''}{''{.IPAddress}''}{''{end}''}' matrix-synapse" shell: "/usr/bin/docker inspect --format '{''{range.NetworkSettings.Networks}''}{''{.IPAddress}''}{''{end}''}' matrix-synapse"
@ -34,7 +34,7 @@
curl -X POST -d '{"type":"m.login.password", "user":"admin-janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_matrix/client/r0/login" | jq '.access_token' curl -X POST -d '{"type":"m.login.password", "user":"admin-janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_matrix/client/r0/login" | jq '.access_token'
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
register: awx_janitors_token register: awx_janitors_token
no_log: True no_log: true
- name: Copy build_room_list.py script to target machine - name: Copy build_room_list.py script to target machine
copy: copy:
@ -55,7 +55,7 @@
fetch: fetch:
src: /tmp/room_list_complete.json src: /tmp/room_list_complete.json
dest: "/tmp/{{ subscription_id }}_room_list_complete.json" dest: "/tmp/{{ subscription_id }}_room_list_complete.json"
flat: yes flat: true
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
- name: Remove complete room list from target machine - name: Remove complete room list from target machine
@ -80,7 +80,7 @@
- name: Setting host fact awx_room_list_no_local_users - name: Setting host fact awx_room_list_no_local_users
set_fact: set_fact:
awx_room_list_no_local_users: "{{ lookup('file', '/tmp/{{ subscription_id }}_room_list_no_local_users.txt') }}" awx_room_list_no_local_users: "{{ lookup('file', '/tmp/{{ subscription_id }}_room_list_no_local_users.txt') }}"
no_log: True no_log: true
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
- name: Purge all rooms with no local users - name: Purge all rooms with no local users
@ -113,7 +113,7 @@
set_fact: set_fact:
awx_room_list_joined_members: "{{ lookup('file', '/tmp/{{ subscription_id }}_room_list_joined_members.txt') }}" awx_room_list_joined_members: "{{ lookup('file', '/tmp/{{ subscription_id }}_room_list_joined_members.txt') }}"
when: awx_purge_mode.find("Number of users [slower]") != -1 when: awx_purge_mode.find("Number of users [slower]") != -1
no_log: True no_log: true
- name: Purge all rooms with more then N users - name: Purge all rooms with more then N users
include_tasks: purge_database_users.yml include_tasks: purge_database_users.yml
@ -138,7 +138,7 @@
set_fact: set_fact:
awx_room_list_state_events: "{{ lookup('file', '/tmp/{{ subscription_id }}_room_list_state_events.txt') }}" awx_room_list_state_events: "{{ lookup('file', '/tmp/{{ subscription_id }}_room_list_state_events.txt') }}"
when: awx_purge_mode.find("Number of events [slower]") != -1 when: awx_purge_mode.find("Number of events [slower]") != -1
no_log: True no_log: true
- name: Purge all rooms with more then N events - name: Purge all rooms with more then N events
include_tasks: purge_database_events.yml include_tasks: purge_database_events.yml
@ -161,17 +161,17 @@
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1) when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1)
- name: Execute rust-synapse-compress-state job template - name: Execute rust-synapse-compress-state job template
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
awx.awx.tower_job_launch: awx.awx.tower_job_launch:
job_template: "{{ matrix_domain }} - 0 - Deploy/Update a Server" job_template: "{{ matrix_domain }} - 0 - Deploy/Update a Server"
wait: yes wait: true
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1) when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1)
- name: Revert 'Deploy/Update a Server' job template - name: Revert 'Deploy/Update a Server' job template
@ -190,14 +190,14 @@
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1) when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1)
- name: Ensure matrix-synapse is stopped - name: Ensure matrix-synapse is stopped
service: service:
name: matrix-synapse name: matrix-synapse
state: stopped state: stopped
daemon_reload: yes daemon_reload: true
when: (awx_purge_mode.find("Perform final shrink") != -1) when: (awx_purge_mode.find("Perform final shrink") != -1)
- name: Re-index Synapse database - name: Re-index Synapse database
@ -208,7 +208,7 @@
service: service:
name: matrix-synapse name: matrix-synapse
state: started state: started
daemon_reload: yes daemon_reload: true
when: (awx_purge_mode.find("Perform final shrink") != -1) when: (awx_purge_mode.find("Perform final shrink") != -1)
- name: Adjust 'Deploy/Update a Server' job template - name: Adjust 'Deploy/Update a Server' job template
@ -227,17 +227,17 @@
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true
when: (awx_purge_mode.find("Perform final shrink") != -1) when: (awx_purge_mode.find("Perform final shrink") != -1)
- name: Execute run-postgres-vacuum job template - name: Execute run-postgres-vacuum job template
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
awx.awx.tower_job_launch: awx.awx.tower_job_launch:
job_template: "{{ matrix_domain }} - 0 - Deploy/Update a Server" job_template: "{{ matrix_domain }} - 0 - Deploy/Update a Server"
wait: yes wait: true
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true
when: (awx_purge_mode.find("Perform final shrink") != -1) when: (awx_purge_mode.find("Perform final shrink") != -1)
- name: Revert 'Deploy/Update a Server' job template - name: Revert 'Deploy/Update a Server' job template
@ -256,7 +256,7 @@
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true
when: (awx_purge_mode.find("Perform final shrink") != -1) when: (awx_purge_mode.find("Perform final shrink") != -1)
- name: Cleanup room_list files - name: Cleanup room_list files
@ -264,13 +264,13 @@
shell: | shell: |
rm /tmp/{{ subscription_id }}_room_list* rm /tmp/{{ subscription_id }}_room_list*
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
ignore_errors: yes ignore_errors: true
- name: Collect after shrink size of Synapse database - name: Collect after shrink size of Synapse database
shell: du -sh /matrix/postgres/data shell: du -sh /matrix/postgres/data
register: awx_db_size_after_stat register: awx_db_size_after_stat
when: (awx_purge_mode.find("Perform final shrink") != -1) when: (awx_purge_mode.find("Perform final shrink") != -1)
no_log: True no_log: true
- name: Print total number of rooms processed - name: Print total number of rooms processed
debug: debug:

View File

@ -1,3 +1,4 @@
---
- name: Ensure dateutils is installed in AWX - name: Ensure dateutils is installed in AWX
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
@ -8,13 +9,13 @@
- name: Include vars in matrix_vars.yml - name: Include vars in matrix_vars.yml
include_vars: include_vars:
file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml' file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
no_log: True no_log: true
- name: Ensure curl and jq intalled on target machine - name: Ensure curl and jq intalled on target machine
apt: apt:
pkg: pkg:
- curl - curl
- jq - jq
state: present state: present
- name: Collect the internal IP of the matrix-synapse container - name: Collect the internal IP of the matrix-synapse container
@ -25,7 +26,7 @@
shell: | shell: |
curl -XPOST -d '{"type":"m.login.password", "user":"admin-janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_matrix/client/r0/login" | jq '.access_token' curl -XPOST -d '{"type":"m.login.password", "user":"admin-janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_matrix/client/r0/login" | jq '.access_token'
register: awx_janitors_token register: awx_janitors_token
no_log: True no_log: true
- name: Generate list of dates to purge to - name: Generate list of dates to purge to
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
@ -37,16 +38,16 @@
register: awx_local_media_size_before register: awx_local_media_size_before
when: awx_purge_media_type == "Local Media" when: awx_purge_media_type == "Local Media"
async: 600 async: 600
ignore_errors: yes ignore_errors: true
no_log: True no_log: true
- name: Calculate initial size of remote media repository - name: Calculate initial size of remote media repository
shell: du -sh /matrix/synapse/storage/media-store/remote* shell: du -sh /matrix/synapse/storage/media-store/remote*
register: awx_remote_media_size_before register: awx_remote_media_size_before
when: awx_purge_media_type == "Remote Media" when: awx_purge_media_type == "Remote Media"
async: 600 async: 600
ignore_errors: yes ignore_errors: true
no_log: True no_log: true
- name: Purge local media with loop - name: Purge local media with loop
include_tasks: purge_media_local.yml include_tasks: purge_media_local.yml
@ -62,15 +63,15 @@
shell: du -sh /matrix/synapse/storage/media-store/local* shell: du -sh /matrix/synapse/storage/media-store/local*
register: awx_local_media_size_after register: awx_local_media_size_after
when: awx_purge_media_type == "Local Media" when: awx_purge_media_type == "Local Media"
ignore_errors: yes ignore_errors: true
no_log: True no_log: true
- name: Calculate final size of remote media repository - name: Calculate final size of remote media repository
shell: du -sh /matrix/synapse/storage/media-store/remote* shell: du -sh /matrix/synapse/storage/media-store/remote*
register: awx_remote_media_size_after register: awx_remote_media_size_after
when: awx_purge_media_type == "Remote Media" when: awx_purge_media_type == "Remote Media"
ignore_errors: yes ignore_errors: true
no_log: True no_log: true
- name: Print size of local media repository before purge - name: Print size of local media repository before purge
debug: debug:

View File

@ -4,7 +4,7 @@
authorized_key: authorized_key:
user: root user: root
state: present state: present
exclusive: yes exclusive: true
key: "{{ lookup('file', '/var/lib/awx/projects/hosting/client_public.key') }}" key: "{{ lookup('file', '/var/lib/awx/projects/hosting/client_public.key') }}"
- name: Delete the AWX session token for executing modules - name: Delete the AWX session token for executing modules

View File

@ -25,53 +25,53 @@
shell: | shell: |
curl -s localhost:9000 | grep "^synapse_admin_mau_current " curl -s localhost:9000 | grep "^synapse_admin_mau_current "
register: awx_mau_stat register: awx_mau_stat
no_log: True no_log: true
- name: Calculate CPU usage statistics - name: Calculate CPU usage statistics
shell: iostat -c shell: iostat -c
register: awx_cpu_usage_stat register: awx_cpu_usage_stat
no_log: True no_log: true
- name: Calculate RAM usage statistics - name: Calculate RAM usage statistics
shell: free -mh shell: free -mh
register: awx_ram_usage_stat register: awx_ram_usage_stat
no_log: True no_log: true
- name: Calculate free disk space - name: Calculate free disk space
shell: df -h shell: df -h
register: awx_disk_space_stat register: awx_disk_space_stat
no_log: True no_log: true
- name: Calculate size of Synapse database - name: Calculate size of Synapse database
shell: du -sh /matrix/postgres/data shell: du -sh /matrix/postgres/data
register: awx_db_size_stat register: awx_db_size_stat
no_log: True no_log: true
- name: Calculate size of local media repository - name: Calculate size of local media repository
shell: du -sh /matrix/synapse/storage/media-store/local* shell: du -sh /matrix/synapse/storage/media-store/local*
register: awx_local_media_size_stat register: awx_local_media_size_stat
async: 600 async: 600
ignore_errors: yes ignore_errors: true
no_log: True no_log: true
- name: Calculate size of remote media repository - name: Calculate size of remote media repository
shell: du -sh /matrix/synapse/storage/media-store/remote* shell: du -sh /matrix/synapse/storage/media-store/remote*
register: awx_remote_media_size_stat register: awx_remote_media_size_stat
async: 600 async: 600
ignore_errors: yes ignore_errors: true
no_log: True no_log: true
- name: Calculate docker container statistics - name: Calculate docker container statistics
shell: docker stats --all --no-stream shell: docker stats --all --no-stream
register: awx_docker_stats register: awx_docker_stats
ignore_errors: yes ignore_errors: true
no_log: True no_log: true
- name: Print size of remote media repository - name: Print size of remote media repository
debug: debug:
msg: "{{ awx_remote_media_size_stat.stdout.split('\n') }}" msg: "{{ awx_remote_media_size_stat.stdout.split('\n') }}"
when: awx_remote_media_size_stat is defined when: awx_remote_media_size_stat is defined
- name: Print size of local media repository - name: Print size of local media repository
debug: debug:
msg: "{{ awx_local_media_size_stat.stdout.split('\n') }}" msg: "{{ awx_local_media_size_stat.stdout.split('\n') }}"

View File

@ -235,9 +235,9 @@
credential: "{{ member_id }} - AWX SSH Key" credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_corporal.json') }}" survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_corporal.json') }}"
become_enabled: yes become_enabled: true
state: present state: present
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true

View File

@ -3,18 +3,18 @@
- name: Include vars in matrix_vars.yml - name: Include vars in matrix_vars.yml
include_vars: include_vars:
file: '{{ awx_cached_matrix_vars }}' file: '{{ awx_cached_matrix_vars }}'
no_log: True no_log: true
- name: Install jq and curl on remote machine - name: Install jq and curl on remote machine
apt: apt:
name: name:
- jq - jq
- curl - curl
state: present state: present
- name: Collect access token of @admin-dimension user - name: Collect access token of @admin-dimension user
shell: | shell: |
curl -X POST --header 'Content-Type: application/json' -d '{ "identifier": { "type": "m.id.user","user": "admin-dimension" }, "password": "{{ awx_dimension_user_password }}", "type": "m.login.password"}' 'https://matrix.{{ matrix_domain }}/_matrix/client/r0/login' | jq -c '. | {access_token}' | sed 's/.*\":\"//' | sed 's/\"}//' curl -X POST --header 'Content-Type: application/json' -d '{ "identifier": { "type": "m.id.user","user": "admin-dimension"}, "password": "{{ awx_dimension_user_password }}", "type": "m.login.password"}' 'https://matrix.{{ matrix_domain }}/_matrix/client/r0/login' | jq -c '. | {access_token}' | sed 's/.*\":\"//' | sed 's/\"}//'
register: awx_dimension_user_access_token register: awx_dimension_user_access_token
- name: Record Synapse variables locally on AWX - name: Record Synapse variables locally on AWX
@ -27,7 +27,7 @@
with_dict: with_dict:
'matrix_dimension_enabled': '{{ matrix_dimension_enabled }}' 'matrix_dimension_enabled': '{{ matrix_dimension_enabled }}'
'matrix_dimension_access_token': '"{{ awx_dimension_user_access_token.stdout }}"' 'matrix_dimension_access_token': '"{{ awx_dimension_user_access_token.stdout }}"'
- name: Set final users list if users are defined - name: Set final users list if users are defined
set_fact: set_fact:
awx_dimension_users_final: "{{ awx_dimension_users }}" awx_dimension_users_final: "{{ awx_dimension_users }}"
@ -80,7 +80,7 @@
- name: Copy new 'Configure Dimension' survey.json to target machine - name: Copy new 'Configure Dimension' survey.json to target machine
copy: copy:
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_dimension.json' src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_dimension.json'
dest: '/matrix/awx/configure_dimension.json' dest: '/matrix/awx/configure_dimension.json'
mode: '0660' mode: '0660'
- name: Recreate 'Configure Dimension' job template - name: Recreate 'Configure Dimension' job template
@ -97,9 +97,9 @@
credential: "{{ member_id }} - AWX SSH Key" credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_dimension.json') }}" survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_dimension.json') }}"
become_enabled: yes become_enabled: true
state: present state: present
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true

View File

@ -172,9 +172,9 @@
credential: "{{ member_id }} - AWX SSH Key" credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_element.json') }}" survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_element.json') }}"
become_enabled: yes become_enabled: true
state: present state: present
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true

View File

@ -9,7 +9,7 @@
insertafter: '# Element Settings Start' insertafter: '# Element Settings Start'
with_dict: with_dict:
'matrix_server_fqn_element': "{{ awx_element_subdomain | trim }}.{{ matrix_domain }}" 'matrix_server_fqn_element': "{{ awx_element_subdomain | trim }}.{{ matrix_domain }}"
- name: Save new 'Configure Element Subdomain' survey.json to the AWX tower, template - name: Save new 'Configure Element Subdomain' survey.json to the AWX tower, template
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
template: template:
@ -40,4 +40,4 @@
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true

View File

@ -20,7 +20,7 @@
- name: Copy new 'Configure Jitsi' survey.json to target machine - name: Copy new 'Configure Jitsi' survey.json to target machine
copy: copy:
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_jitsi.json' src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_jitsi.json'
dest: '/matrix/awx/configure_jitsi.json' dest: '/matrix/awx/configure_jitsi.json'
mode: '0660' mode: '0660'
- name: Recreate 'Configure Jitsi' job template - name: Recreate 'Configure Jitsi' job template
@ -37,9 +37,9 @@
credential: "{{ member_id }} - AWX SSH Key" credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_jitsi.json') }}" survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_jitsi.json') }}"
become_enabled: yes become_enabled: true
state: present state: present
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true

View File

@ -66,7 +66,7 @@
with_dict: with_dict:
'awx_matrix_ma1sd_auth_store': '{{ awx_matrix_ma1sd_auth_store }}' 'awx_matrix_ma1sd_auth_store': '{{ awx_matrix_ma1sd_auth_store }}'
'awx_matrix_ma1sd_configuration_extension_yaml': '{{ awx_matrix_ma1sd_configuration_extension_yaml.splitlines() | to_json }}' 'awx_matrix_ma1sd_configuration_extension_yaml': '{{ awx_matrix_ma1sd_configuration_extension_yaml.splitlines() | to_json }}'
no_log: True no_log: true
- name: Save new 'Configure ma1sd' survey.json to the AWX tower, template - name: Save new 'Configure ma1sd' survey.json to the AWX tower, template
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
@ -77,7 +77,7 @@
- name: Copy new 'Configure ma1sd' survey.json to target machine - name: Copy new 'Configure ma1sd' survey.json to target machine
copy: copy:
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_ma1sd.json' src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_ma1sd.json'
dest: '/matrix/awx/configure_ma1sd.json' dest: '/matrix/awx/configure_ma1sd.json'
mode: '0660' mode: '0660'
- name: Recreate 'Configure ma1sd (Advanced)' job template - name: Recreate 'Configure ma1sd (Advanced)' job template
@ -94,10 +94,9 @@
credential: "{{ member_id }} - AWX SSH Key" credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_ma1sd.json') }}" survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_ma1sd.json') }}"
become_enabled: yes become_enabled: true
state: present state: present
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true

View File

@ -36,9 +36,9 @@
credential: "{{ member_id }} - AWX SSH Key" credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_email_relay.json') }}" survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_email_relay.json') }}"
become_enabled: yes become_enabled: true
state: present state: present
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true

View File

@ -1,3 +1,4 @@
---
- name: Limit max upload size to 200MB part 1 - name: Limit max upload size to 200MB part 1
set_fact: set_fact:
@ -197,7 +198,7 @@
- name: Copy new 'Configure Synapse' survey.json to target machine - name: Copy new 'Configure Synapse' survey.json to target machine
copy: copy:
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse.json' src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse.json'
dest: '/matrix/awx/configure_synapse.json' dest: '/matrix/awx/configure_synapse.json'
mode: '0660' mode: '0660'
- name: Recreate 'Configure Synapse' job template - name: Recreate 'Configure Synapse' job template
@ -214,9 +215,9 @@
credential: "{{ member_id }} - AWX SSH Key" credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse.json') }}" survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse.json') }}"
become_enabled: yes become_enabled: true
state: present state: present
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true

View File

@ -19,7 +19,7 @@
- name: Copy new 'Configure Synapse Admin' survey.json to target machine - name: Copy new 'Configure Synapse Admin' survey.json to target machine
copy: copy:
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse_admin.json' src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse_admin.json'
dest: '/matrix/awx/configure_synapse_admin.json' dest: '/matrix/awx/configure_synapse_admin.json'
mode: '0660' mode: '0660'
- name: Recreate 'Configure Synapse Admin' job template - name: Recreate 'Configure Synapse Admin' job template
@ -36,9 +36,9 @@
credential: "{{ member_id }} - AWX SSH Key" credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse_admin.json') }}" survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse_admin.json') }}"
become_enabled: yes become_enabled: true
state: present state: present
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true

View File

@ -12,7 +12,7 @@
command: | command: |
openssl rand -hex 16 openssl rand -hex 16
register: generic_secret register: generic_secret
no_log: True no_log: true
when: ( matrix_homeserver_generic_secret_key is undefined ) or ( matrix_homeserver_generic_secret_key | length == 0 ) when: ( matrix_homeserver_generic_secret_key is undefined ) or ( matrix_homeserver_generic_secret_key | length == 0 )
- name: Add new matrix_homeserver_generic_secret_key variable - name: Add new matrix_homeserver_generic_secret_key variable
@ -22,5 +22,5 @@
line: "matrix_homeserver_generic_secret_key: {{ generic_secret.stdout }}" line: "matrix_homeserver_generic_secret_key: {{ generic_secret.stdout }}"
insertbefore: '# Basic Settings End' insertbefore: '# Basic Settings End'
mode: '0600' mode: '0600'
state: present state: present
when: ( matrix_homeserver_generic_secret_key is undefined ) or ( matrix_homeserver_generic_secret_key | length == 0 ) when: ( matrix_homeserver_generic_secret_key is undefined ) or ( matrix_homeserver_generic_secret_key | length == 0 )

View File

@ -1,3 +1,4 @@
---
# The bare domain name which represents your Matrix identity. # The bare domain name which represents your Matrix identity.
# Matrix user ids for your server will be of the form (`@user:<matrix-domain>`). # Matrix user ids for your server will be of the form (`@user:<matrix-domain>`).
# #

View File

@ -6,4 +6,4 @@
state: absent state: absent
with_items: with_items:
- "{{ matrix_base_data_path }}/environment-variables" - "{{ matrix_base_data_path }}/environment-variables"
- "{{ matrix_base_data_path }}/scratchpad" - "{{ matrix_base_data_path }}/scratchpad"

View File

@ -1,3 +1,5 @@
---
- import_tasks: "{{ role_path }}/tasks/sanity_check.yml" - import_tasks: "{{ role_path }}/tasks/sanity_check.yml"
tags: tags:
- always - always

View File

@ -13,7 +13,7 @@
name: name:
- lsb-release - lsb-release
state: present state: present
update_cache: yes update_cache: true
register: lsb_release_installation_result register: lsb_release_installation_result
- name: Reread ansible_lsb facts if lsb-release got installed - name: Reread ansible_lsb facts if lsb-release got installed
@ -34,10 +34,10 @@
service: service:
name: docker name: docker
state: started state: started
enabled: yes enabled: true
- name: "Ensure {{ matrix_ntpd_service }} is started and autoruns" - name: "Ensure {{ matrix_ntpd_service }} is started and autoruns"
service: service:
name: "{{ matrix_ntpd_service }}" name: "{{ matrix_ntpd_service }}"
state: started state: started
enabled: yes enabled: true

View File

@ -6,7 +6,7 @@
- python-docker - python-docker
- python-dnspython - python-dnspython
state: latest state: latest
update_cache: yes update_cache: true
- name: Ensure Docker is installed - name: Ensure Docker is installed
pacman: pacman:

View File

@ -22,7 +22,7 @@
name: name:
- "{{ matrix_ntpd_package }}" - "{{ matrix_ntpd_package }}"
state: latest state: latest
update_cache: yes update_cache: true
- name: Ensure Docker is installed - name: Ensure Docker is installed
yum: yum:

View File

@ -22,14 +22,14 @@
name: name:
- epel-release - epel-release
state: latest state: latest
update_cache: yes update_cache: true
- name: Ensure yum packages are installed - name: Ensure yum packages are installed
yum: yum:
name: name:
- "{{ matrix_ntpd_package }}" - "{{ matrix_ntpd_package }}"
state: latest state: latest
update_cache: yes update_cache: true
- name: Ensure Docker is installed - name: Ensure Docker is installed
yum: yum:

View File

@ -7,7 +7,7 @@
- ca-certificates - ca-certificates
- gnupg - gnupg
state: present state: present
update_cache: yes update_cache: true
- name: Ensure Docker's APT key is trusted - name: Ensure Docker's APT key is trusted
apt_key: apt_key:
@ -22,7 +22,7 @@
apt_repository: apt_repository:
repo: "deb [arch={{ matrix_debian_arch }}] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} stable" repo: "deb [arch={{ matrix_debian_arch }}] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} stable"
state: present state: present
update_cache: yes update_cache: true
when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce' when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce'
- name: Ensure APT packages are installed - name: Ensure APT packages are installed
@ -30,7 +30,7 @@
name: name:
- "{{ matrix_ntpd_package }}" - "{{ matrix_ntpd_package }}"
state: latest state: latest
update_cache: yes update_cache: true
- name: Ensure Docker is installed - name: Ensure Docker is installed
apt: apt:

View File

@ -7,7 +7,7 @@
- ca-certificates - ca-certificates
- gnupg - gnupg
state: present state: present
update_cache: yes update_cache: true
- name: Ensure Docker's APT key is trusted - name: Ensure Docker's APT key is trusted
apt_key: apt_key:
@ -22,7 +22,7 @@
apt_repository: apt_repository:
repo: "deb [arch={{ matrix_debian_arch }}] https://download.docker.com/linux/raspbian {{ ansible_distribution_release }} stable" repo: "deb [arch={{ matrix_debian_arch }}] https://download.docker.com/linux/raspbian {{ ansible_distribution_release }} stable"
state: present state: present
update_cache: yes update_cache: true
when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce' when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce'
- name: Ensure APT packages are installed - name: Ensure APT packages are installed
@ -30,7 +30,7 @@
name: name:
- "{{ matrix_ntpd_package }}" - "{{ matrix_ntpd_package }}"
state: latest state: latest
update_cache: yes update_cache: true
- name: Ensure Docker is installed - name: Ensure Docker is installed
apt: apt:

View File

@ -18,8 +18,8 @@
state: present state: present
group: "{{ matrix_user_groupname }}" group: "{{ matrix_user_groupname }}"
home: "{{ matrix_base_data_path }}" home: "{{ matrix_base_data_path }}"
create_home: no create_home: false
system: yes system: true
register: matrix_user register: matrix_user
- name: Set Matrix Group UID Variable - name: Set Matrix Group UID Variable

View File

@ -1,3 +1,4 @@
---
# We need others to be able to read these directories too, # We need others to be able to read these directories too,
# so that matrix-nginx-proxy's nginx user can access the files. # so that matrix-nginx-proxy's nginx user can access the files.
# #

View File

@ -1,4 +1,4 @@
---
# This is for both CentOS 7 and 8 # This is for both CentOS 7 and 8
- name: Ensure fuse installed (CentOS) - name: Ensure fuse installed (CentOS)
yum: yum:

View File

@ -1,4 +1,4 @@
---
# This is for both CentOS 7 and 8 # This is for both CentOS 7 and 8
- name: Ensure openssl installed (CentOS) - name: Ensure openssl installed (CentOS)
yum: yum:

View File

@ -1,3 +1,4 @@
---
# This will contain a list of enabled services that the playbook is managing. # This will contain a list of enabled services that the playbook is managing.
# Each component is expected to append its service name to this list. # Each component is expected to append its service name to this list.
matrix_systemd_services_list: [] matrix_systemd_services_list: []

View File

@ -1,3 +1,4 @@
---
# Go-NEB is a Matrix bot written in Go. It is the successor to Matrix-NEB, the original Matrix bot written in Python. # Go-NEB is a Matrix bot written in Go. It is the successor to Matrix-NEB, the original Matrix bot written in Python.
# See: https://github.com/matrix-org/go-neb # See: https://github.com/matrix-org/go-neb
@ -203,8 +204,8 @@ matrix_bot_go_neb_services: []
# # Each room will get the notification with the alert rendered with the given template # # Each room will get the notification with the alert rendered with the given template
# rooms: # rooms:
# "!someroomid:domain.tld": # "!someroomid:domain.tld":
# text_template: "{% raw %}{{range .Alerts -}} [{{ .Status }}] {{index .Labels \"alertname\" }}: {{index .Annotations \"description\"}} {{ end -}}{% endraw %}" # text_template: "{% raw %}{{range .Alerts -}} [{{ .Status }}] {{index .Labels \"alertname\"}}: {{index .Annotations \"description\"}} {{ end -}}{% endraw %}"
# html_template: "{% raw %}{{range .Alerts -}} {{ $severity := index .Labels \"severity\" }} {{ if eq .Status \"firing\" }} {{ if eq $severity \"critical\"}} <font color='red'><b>[FIRING - CRITICAL]</b></font> {{ else if eq $severity \"warning\"}} <font color='orange'><b>[FIRING - WARNING]</b></font> {{ else }} <b>[FIRING - {{ $severity }}]</b> {{ end }} {{ else }} <font color='green'><b>[RESOLVED]</b></font> {{ end }} {{ index .Labels \"alertname\"}} : {{ index .Annotations \"description\"}} <a href=\"{{ .GeneratorURL }}\">source</a><br/>{{end -}}{% endraw %}" # html_template: "{% raw %}{{range .Alerts -}} {{ $severity := index .Labels \"severity\"}} {{ if eq .Status \"firing\"}} {{ if eq $severity \"critical\"}} <font color='red'><b>[FIRING - CRITICAL]</b></font> {{ else if eq $severity \"warning\"}} <font color='orange'><b>[FIRING - WARNING]</b></font> {{ else }} <b>[FIRING - {{ $severity }}]</b> {{ end }} {{ else }} <font color='green'><b>[RESOLVED]</b></font> {{ end }} {{ index .Labels \"alertname\"}} : {{ index .Annotations \"description\"}} <a href=\"{{ .GeneratorURL }}\">source</a><br/>{{end -}}{% endraw %}"
# msg_type: "m.text" # Must be either `m.text` or `m.notice` # msg_type: "m.text" # Must be either `m.text` or `m.notice`
# Default configuration template which covers the generic use case. # Default configuration template which covers the generic use case.
@ -228,4 +229,3 @@ matrix_bot_go_neb_configuration_extension: "{{ matrix_bot_go_neb_configuration_e
# Holds the final configuration (a combination of the default and its extension). # Holds the final configuration (a combination of the default and its extension).
# You most likely don't need to touch this variable. Instead, see `matrix_bot_go_neb_configuration_yaml`. # You most likely don't need to touch this variable. Instead, see `matrix_bot_go_neb_configuration_yaml`.
matrix_bot_go_neb_configuration: "{{ matrix_bot_go_neb_configuration_yaml|from_yaml|combine(matrix_bot_go_neb_configuration_extension, recursive=True) }}" matrix_bot_go_neb_configuration: "{{ matrix_bot_go_neb_configuration_yaml|from_yaml|combine(matrix_bot_go_neb_configuration_extension, recursive=True) }}"

View File

@ -1,3 +1,5 @@
---
- set_fact: - set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-go-neb.service'] }}" matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-go-neb.service'] }}"
when: matrix_bot_go_neb_enabled|bool when: matrix_bot_go_neb_enabled|bool

View File

@ -1,3 +1,5 @@
---
- import_tasks: "{{ role_path }}/tasks/init.yml" - import_tasks: "{{ role_path }}/tasks/init.yml"
tags: tags:
- always - always

View File

@ -11,9 +11,9 @@
owner: "{{ matrix_user_username }}" owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}" group: "{{ matrix_user_groupname }}"
with_items: with_items:
- { path: "{{ matrix_bot_go_neb_config_path }}", when: true } - {path: "{{ matrix_bot_go_neb_config_path }}", when: true}
- { path: "{{ matrix_bot_go_neb_data_path }}", when: true } - {path: "{{ matrix_bot_go_neb_data_path }}", when: true}
- { path: "{{ matrix_bot_go_neb_data_store_path }}", when: true } - {path: "{{ matrix_bot_go_neb_data_store_path }}", when: true}
when: "item.when|bool" when: "item.when|bool"
- name: Ensure go-neb image is pulled - name: Ensure go-neb image is pulled
@ -40,7 +40,7 @@
- name: Ensure systemd reloaded after matrix-bot-go-neb.service installation - name: Ensure systemd reloaded after matrix-bot-go-neb.service installation
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_bot_go_neb_systemd_service_result.changed|bool" when: "matrix_bot_go_neb_systemd_service_result.changed|bool"
- name: Ensure matrix-bot-go-neb.service restarted, if necessary - name: Ensure matrix-bot-go-neb.service restarted, if necessary

View File

@ -9,8 +9,8 @@
service: service:
name: matrix-bot-go-neb name: matrix-bot-go-neb
state: stopped state: stopped
enabled: no enabled: false
daemon_reload: yes daemon_reload: true
register: stopping_result register: stopping_result
when: "matrix_bot_go_neb_service_stat.stat.exists|bool" when: "matrix_bot_go_neb_service_stat.stat.exists|bool"
@ -22,7 +22,7 @@
- name: Ensure systemd reloaded after matrix-bot-go-neb.service removal - name: Ensure systemd reloaded after matrix-bot-go-neb.service removal
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_bot_go_neb_service_stat.stat.exists|bool" when: "matrix_bot_go_neb_service_stat.stat.exists|bool"
- name: Ensure Matrix go-neb paths don't exist - name: Ensure Matrix go-neb paths don't exist

View File

@ -1,3 +1,4 @@
---
# honoroit is a helpdesk bot # honoroit is a helpdesk bot
# See: https://gitlab.com/etke.cc/honoroit # See: https://gitlab.com/etke.cc/honoroit

View File

@ -1,3 +1,5 @@
---
- set_fact: - set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-honoroit.service'] }}" matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-honoroit.service'] }}"
when: matrix_bot_honoroit_enabled|bool when: matrix_bot_honoroit_enabled|bool

View File

@ -1,3 +1,5 @@
---
- import_tasks: "{{ role_path }}/tasks/init.yml" - import_tasks: "{{ role_path }}/tasks/init.yml"
tags: tags:
- always - always

View File

@ -33,10 +33,10 @@
owner: "{{ matrix_user_username }}" owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}" group: "{{ matrix_user_groupname }}"
with_items: with_items:
- { path: "{{ matrix_bot_honoroit_config_path }}", when: true } - {path: "{{ matrix_bot_honoroit_config_path }}", when: true}
- { path: "{{ matrix_bot_honoroit_data_path }}", when: true } - {path: "{{ matrix_bot_honoroit_data_path }}", when: true}
- { path: "{{ matrix_bot_honoroit_data_store_path }}", when: true } - {path: "{{ matrix_bot_honoroit_data_store_path }}", when: true}
- { path: "{{ matrix_bot_honoroit_docker_src_files_path }}", when: true} - {path: "{{ matrix_bot_honoroit_docker_src_files_path }}", when: true}
when: "item.when|bool" when: "item.when|bool"
- name: Ensure honoroit environment variables file created - name: Ensure honoroit environment variables file created
@ -70,7 +70,7 @@
build: build:
dockerfile: Dockerfile dockerfile: Dockerfile
path: "{{ matrix_bot_honoroit_docker_src_files_path }}" path: "{{ matrix_bot_honoroit_docker_src_files_path }}"
pull: yes pull: true
when: "matrix_bot_honoroit_container_image_self_build|bool" when: "matrix_bot_honoroit_container_image_self_build|bool"
- name: Ensure matrix-bot-honoroit.service installed - name: Ensure matrix-bot-honoroit.service installed
@ -82,7 +82,7 @@
- name: Ensure systemd reloaded after matrix-bot-honoroit.service installation - name: Ensure systemd reloaded after matrix-bot-honoroit.service installation
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_bot_honoroit_systemd_service_result.changed|bool" when: "matrix_bot_honoroit_systemd_service_result.changed|bool"
- name: Ensure matrix-bot-honoroit.service restarted, if necessary - name: Ensure matrix-bot-honoroit.service restarted, if necessary

View File

@ -9,8 +9,8 @@
service: service:
name: matrix-bot-honoroit name: matrix-bot-honoroit
state: stopped state: stopped
enabled: no enabled: false
daemon_reload: yes daemon_reload: true
register: stopping_result register: stopping_result
when: "matrix_bot_honoroit_service_stat.stat.exists|bool" when: "matrix_bot_honoroit_service_stat.stat.exists|bool"
@ -22,7 +22,7 @@
- name: Ensure systemd reloaded after matrix-bot-honoroit.service removal - name: Ensure systemd reloaded after matrix-bot-honoroit.service removal
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_bot_honoroit_service_stat.stat.exists|bool" when: "matrix_bot_honoroit_service_stat.stat.exists|bool"
- name: Ensure Matrix honoroit paths don't exist - name: Ensure Matrix honoroit paths don't exist

View File

@ -1,3 +1,4 @@
---
# matrix-reminder-bot is a bot for one-off and recurring reminders # matrix-reminder-bot is a bot for one-off and recurring reminders
# See: https://github.com/anoadragon453/matrix-reminder-bot # See: https://github.com/anoadragon453/matrix-reminder-bot

View File

@ -1,3 +1,5 @@
---
- set_fact: - set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-matrix-reminder-bot.service'] }}" matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-matrix-reminder-bot.service'] }}"
when: matrix_bot_matrix_reminder_bot_enabled|bool when: matrix_bot_matrix_reminder_bot_enabled|bool

View File

@ -1,3 +1,5 @@
---
- import_tasks: "{{ role_path }}/tasks/init.yml" - import_tasks: "{{ role_path }}/tasks/init.yml"
tags: tags:
- always - always

View File

@ -34,10 +34,10 @@
owner: "{{ matrix_user_username }}" owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}" group: "{{ matrix_user_groupname }}"
with_items: with_items:
- { path: "{{ matrix_bot_matrix_reminder_bot_config_path }}", when: true } - {path: "{{ matrix_bot_matrix_reminder_bot_config_path }}", when: true}
- { path: "{{ matrix_bot_matrix_reminder_bot_data_path }}", when: true } - {path: "{{ matrix_bot_matrix_reminder_bot_data_path }}", when: true}
- { path: "{{ matrix_bot_matrix_reminder_bot_data_store_path }}", when: true } - {path: "{{ matrix_bot_matrix_reminder_bot_data_store_path }}", when: true}
- { path: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}", when: true} - {path: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}", when: true}
when: "item.when|bool" when: "item.when|bool"
- name: Ensure matrix-reminder-bot image is pulled - name: Ensure matrix-reminder-bot image is pulled
@ -65,7 +65,7 @@
build: build:
dockerfile: docker/Dockerfile dockerfile: docker/Dockerfile
path: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}" path: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}"
pull: yes pull: true
when: "matrix_bot_matrix_reminder_bot_container_image_self_build|bool" when: "matrix_bot_matrix_reminder_bot_container_image_self_build|bool"
- name: Ensure matrix-reminder-bot config installed - name: Ensure matrix-reminder-bot config installed
@ -85,7 +85,7 @@
- name: Ensure systemd reloaded after matrix-bot-matrix-reminder-bot.service installation - name: Ensure systemd reloaded after matrix-bot-matrix-reminder-bot.service installation
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_bot_matrix_reminder_bot_systemd_service_result.changed|bool" when: "matrix_bot_matrix_reminder_bot_systemd_service_result.changed|bool"
- name: Ensure matrix-bot-matrix-reminder-bot.service restarted, if necessary - name: Ensure matrix-bot-matrix-reminder-bot.service restarted, if necessary

View File

@ -9,8 +9,8 @@
service: service:
name: matrix-bot-matrix-reminder-bot name: matrix-bot-matrix-reminder-bot
state: stopped state: stopped
enabled: no enabled: false
daemon_reload: yes daemon_reload: true
register: stopping_result register: stopping_result
when: "matrix_bot_matrix_reminder_bot_service_stat.stat.exists|bool" when: "matrix_bot_matrix_reminder_bot_service_stat.stat.exists|bool"
@ -22,7 +22,7 @@
- name: Ensure systemd reloaded after matrix-bot-matrix-reminder-bot.service removal - name: Ensure systemd reloaded after matrix-bot-matrix-reminder-bot.service removal
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_bot_matrix_reminder_bot_service_stat.stat.exists|bool" when: "matrix_bot_matrix_reminder_bot_service_stat.stat.exists|bool"
- name: Ensure Matrix matrix-reminder-bot paths don't exist - name: Ensure Matrix matrix-reminder-bot paths don't exist

View File

@ -1,3 +1,4 @@
---
# A moderation tool for Matrix # A moderation tool for Matrix
# See: https://github.com/matrix-org/mjolnir # See: https://github.com/matrix-org/mjolnir
@ -56,4 +57,3 @@ matrix_bot_mjolnir_configuration_extension: "{{ matrix_bot_mjolnir_configuration
# Holds the final configuration (a combination of the default and its extension). # Holds the final configuration (a combination of the default and its extension).
# You most likely don't need to touch this variable. Instead, see `matrix_bot_mjolnir_configuration_yaml`. # You most likely don't need to touch this variable. Instead, see `matrix_bot_mjolnir_configuration_yaml`.
matrix_bot_mjolnir_configuration: "{{ matrix_bot_mjolnir_configuration_yaml|from_yaml|combine(matrix_bot_mjolnir_configuration_extension, recursive=True) }}" matrix_bot_mjolnir_configuration: "{{ matrix_bot_mjolnir_configuration_yaml|from_yaml|combine(matrix_bot_mjolnir_configuration_extension, recursive=True) }}"

View File

@ -1,3 +1,4 @@
---
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070 # See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
- name: Fail if trying to self-build on Ansible < 2.8 - name: Fail if trying to self-build on Ansible < 2.8

View File

@ -1,3 +1,5 @@
---
- import_tasks: "{{ role_path }}/tasks/init.yml" - import_tasks: "{{ role_path }}/tasks/init.yml"
tags: tags:
- always - always

View File

@ -11,10 +11,10 @@
owner: "{{ matrix_user_username }}" owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}" group: "{{ matrix_user_groupname }}"
with_items: with_items:
- { path: "{{ matrix_bot_mjolnir_base_path }}", when: true } - {path: "{{ matrix_bot_mjolnir_base_path }}", when: true}
- { path: "{{ matrix_bot_mjolnir_config_path }}", when: true } - {path: "{{ matrix_bot_mjolnir_config_path }}", when: true}
- { path: "{{ matrix_bot_mjolnir_data_path }}", when: true } - {path: "{{ matrix_bot_mjolnir_data_path }}", when: true}
- { path: "{{ matrix_bot_mjolnir_docker_src_files_path }}", when: "{{ matrix_bot_mjolnir_container_image_self_build }}" } - {path: "{{ matrix_bot_mjolnir_docker_src_files_path }}", when: "{{ matrix_bot_mjolnir_container_image_self_build }}"}
when: "item.when|bool" when: "item.when|bool"
- name: Ensure mjolnir Docker image is pulled - name: Ensure mjolnir Docker image is pulled
@ -42,7 +42,7 @@
build: build:
dockerfile: Dockerfile dockerfile: Dockerfile
path: "{{ matrix_bot_mjolnir_docker_src_files_path }}" path: "{{ matrix_bot_mjolnir_docker_src_files_path }}"
pull: yes pull: true
when: "matrix_bot_mjolnir_container_image_self_build|bool" when: "matrix_bot_mjolnir_container_image_self_build|bool"
- name: Ensure matrix-bot-mjolnir config installed - name: Ensure matrix-bot-mjolnir config installed
@ -62,7 +62,7 @@
- name: Ensure systemd reloaded after matrix-bot-mjolnir.service installation - name: Ensure systemd reloaded after matrix-bot-mjolnir.service installation
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_bot_mjolnir_systemd_service_result.changed|bool" when: "matrix_bot_mjolnir_systemd_service_result.changed|bool"
- name: Ensure matrix-bot-mjolnir.service restarted, if necessary - name: Ensure matrix-bot-mjolnir.service restarted, if necessary

View File

@ -9,8 +9,8 @@
service: service:
name: matrix-bot-mjolnir name: matrix-bot-mjolnir
state: stopped state: stopped
enabled: no enabled: false
daemon_reload: yes daemon_reload: true
register: stopping_result register: stopping_result
when: "matrix_bot_mjolnir_service_stat.stat.exists|bool" when: "matrix_bot_mjolnir_service_stat.stat.exists|bool"
@ -22,7 +22,7 @@
- name: Ensure systemd reloaded after matrix-bot-mjolnir.service removal - name: Ensure systemd reloaded after matrix-bot-mjolnir.service removal
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_bot_mjolnir_service_stat.stat.exists|bool" when: "matrix_bot_mjolnir_service_stat.stat.exists|bool"
- name: Ensure matrix-bot-mjolnir paths don't exist - name: Ensure matrix-bot-mjolnir paths don't exist

View File

@ -1,3 +1,4 @@
---
# matrix-appservice-discord is a Matrix <-> Discord bridge # matrix-appservice-discord is a Matrix <-> Discord bridge
# See: https://github.com/Half-Shot/matrix-appservice-discord # See: https://github.com/Half-Shot/matrix-appservice-discord

View File

@ -1,3 +1,4 @@
---
# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist. # If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
# We don't want to fail in such cases. # We don't want to fail in such cases.
- name: Fail if matrix-synapse role already executed - name: Fail if matrix-synapse role already executed

View File

@ -1,3 +1,5 @@
---
- import_tasks: "{{ role_path }}/tasks/init.yml" - import_tasks: "{{ role_path }}/tasks/init.yml"
tags: tags:
- always - always

View File

@ -54,8 +54,8 @@
service: service:
name: matrix-appservice-discord name: matrix-appservice-discord
state: stopped state: stopped
enabled: no enabled: false
daemon_reload: yes daemon_reload: true
failed_when: false failed_when: false
when: "matrix_appservice_discord_stat_db.stat.exists" when: "matrix_appservice_discord_stat_db.stat.exists"
@ -105,7 +105,7 @@
- name: Ensure systemd reloaded after matrix-appservice-discord.service installation - name: Ensure systemd reloaded after matrix-appservice-discord.service installation
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_appservice_discord_systemd_service_result.changed" when: "matrix_appservice_discord_systemd_service_result.changed"
- name: Ensure matrix-appservice-discord.service restarted, if necessary - name: Ensure matrix-appservice-discord.service restarted, if necessary

View File

@ -9,8 +9,8 @@
service: service:
name: matrix-appservice-discord name: matrix-appservice-discord
state: stopped state: stopped
enabled: no enabled: false
daemon_reload: yes daemon_reload: true
when: "matrix_appservice_discord_service_stat.stat.exists" when: "matrix_appservice_discord_service_stat.stat.exists"
- name: Ensure matrix-appservice-discord.service doesn't exist - name: Ensure matrix-appservice-discord.service doesn't exist
@ -21,5 +21,5 @@
- name: Ensure systemd reloaded after matrix-appservice-discord.service removal - name: Ensure systemd reloaded after matrix-appservice-discord.service removal
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_appservice_discord_service_stat.stat.exists" when: "matrix_appservice_discord_service_stat.stat.exists"

View File

@ -1,3 +1,4 @@
---
# Matrix Appservice IRC is a Matrix <-> IRC bridge # Matrix Appservice IRC is a Matrix <-> IRC bridge
# See: https://github.com/matrix-org/matrix-appservice-irc # See: https://github.com/matrix-org/matrix-appservice-irc

View File

@ -1,3 +1,4 @@
---
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070 # See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
- name: Fail if trying to self-build on Ansible < 2.8 - name: Fail if trying to self-build on Ansible < 2.8

View File

@ -1,3 +1,5 @@
---
- import_tasks: "{{ role_path }}/tasks/init.yml" - import_tasks: "{{ role_path }}/tasks/init.yml"
tags: tags:
- always - always

View File

@ -1,3 +1,5 @@
---
- name: Fail if Postgres not enabled - name: Fail if Postgres not enabled
fail: fail:
msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot migrate." msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot migrate."
@ -16,7 +18,7 @@
service: service:
name: matrix-postgres name: matrix-postgres
state: started state: started
daemon_reload: yes daemon_reload: true
register: matrix_postgres_service_start_result register: matrix_postgres_service_start_result
- name: Wait a bit, so that Postgres can start - name: Wait a bit, so that Postgres can start

View File

@ -10,10 +10,10 @@
owner: "{{ matrix_user_username }}" owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}" group: "{{ matrix_user_groupname }}"
with_items: with_items:
- { path: "{{ matrix_appservice_irc_base_path }}", when: true } - {path: "{{ matrix_appservice_irc_base_path }}", when: true}
- { path: "{{ matrix_appservice_irc_config_path }}", when: true } - {path: "{{ matrix_appservice_irc_config_path }}", when: true}
- { path: "{{ matrix_appservice_irc_data_path }}", when: true } - {path: "{{ matrix_appservice_irc_data_path }}", when: true}
- { path: "{{ matrix_appservice_irc_docker_src_files_path }}", when: "{{ matrix_appservice_irc_container_image_self_build }}" } - {path: "{{ matrix_appservice_irc_docker_src_files_path }}", when: "{{ matrix_appservice_irc_container_image_self_build }}"}
when: item.when|bool when: item.when|bool
- name: Check if an old passkey file already exists - name: Check if an old passkey file already exists
@ -26,7 +26,7 @@
service: service:
name: matrix-appservice-irc name: matrix-appservice-irc
state: stopped state: stopped
daemon_reload: yes daemon_reload: true
failed_when: false failed_when: false
- name: (Data relocation) Move AppService IRC passkey.pem file to ./data directory - name: (Data relocation) Move AppService IRC passkey.pem file to ./data directory
@ -82,7 +82,7 @@
build: build:
dockerfile: Dockerfile dockerfile: Dockerfile
path: "{{ matrix_appservice_irc_docker_src_files_path }}" path: "{{ matrix_appservice_irc_docker_src_files_path }}"
pull: yes pull: true
when: "matrix_appservice_irc_enabled|bool and matrix_appservice_irc_container_image_self_build|bool and matrix_appservice_irc_git_pull_results.changed" when: "matrix_appservice_irc_enabled|bool and matrix_appservice_irc_container_image_self_build|bool and matrix_appservice_irc_git_pull_results.changed"
- name: Ensure Matrix Appservice IRC config installed - name: Ensure Matrix Appservice IRC config installed
@ -186,7 +186,7 @@
- name: Ensure systemd reloaded after matrix-appservice-irc.service installation - name: Ensure systemd reloaded after matrix-appservice-irc.service installation
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_appservice_irc_systemd_service_result.changed" when: "matrix_appservice_irc_systemd_service_result.changed"
- name: Ensure matrix-appservice-irc.service restarted, if necessary - name: Ensure matrix-appservice-irc.service restarted, if necessary

View File

@ -9,8 +9,8 @@
service: service:
name: matrix-appservice-irc name: matrix-appservice-irc
state: stopped state: stopped
enabled: no enabled: false
daemon_reload: yes daemon_reload: true
when: "matrix_appservice_irc_service_stat.stat.exists" when: "matrix_appservice_irc_service_stat.stat.exists"
- name: Ensure matrix-appservice-irc.service doesn't exist - name: Ensure matrix-appservice-irc.service doesn't exist
@ -21,5 +21,5 @@
- name: Ensure systemd reloaded after matrix-appservice-irc.service removal - name: Ensure systemd reloaded after matrix-appservice-irc.service removal
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_appservice_irc_service_stat.stat.exists" when: "matrix_appservice_irc_service_stat.stat.exists"

View File

@ -1,3 +1,4 @@
---
# matrix-appservice-slack is a Matrix <-> Slack bridge # matrix-appservice-slack is a Matrix <-> Slack bridge
# See: https://github.com/matrix-org/matrix-appservice-slack # See: https://github.com/matrix-org/matrix-appservice-slack

View File

@ -1,3 +1,4 @@
---
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070 # See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
- name: Fail if trying to self-build on Ansible < 2.8 - name: Fail if trying to self-build on Ansible < 2.8
@ -39,40 +40,40 @@
when: "matrix_synapse_role_executed|default(False)" when: "matrix_synapse_role_executed|default(False)"
- block: - block:
- name: Fail if matrix-nginx-proxy role already executed - name: Fail if matrix-nginx-proxy role already executed
fail: fail:
msg: >- msg: >-
Trying to append Slack Appservice's reverse-proxying configuration to matrix-nginx-proxy, Trying to append Slack Appservice's reverse-proxying configuration to matrix-nginx-proxy,
but it's pointless since the matrix-nginx-proxy role had already executed. but it's pointless since the matrix-nginx-proxy role had already executed.
To fix this, please change the order of roles in your playbook, To fix this, please change the order of roles in your playbook,
so that the matrix-nginx-proxy role would run after the matrix-bridge-appservice-slack role. so that the matrix-nginx-proxy role would run after the matrix-bridge-appservice-slack role.
when: matrix_nginx_proxy_role_executed|default(False)|bool when: matrix_nginx_proxy_role_executed|default(False)|bool
- name: Generate Matrix Appservice Slack proxying configuration for matrix-nginx-proxy - name: Generate Matrix Appservice Slack proxying configuration for matrix-nginx-proxy
set_fact: set_fact:
matrix_appservice_slack_matrix_nginx_proxy_configuration: | matrix_appservice_slack_matrix_nginx_proxy_configuration: |
location {{ matrix_appservice_slack_public_endpoint }} { location {{ matrix_appservice_slack_public_endpoint }} {
{% if matrix_nginx_proxy_enabled|default(False) %} {% if matrix_nginx_proxy_enabled|default(False) %}
{# Use the embedded DNS resolver in Docker containers to discover the service #} {# Use the embedded DNS resolver in Docker containers to discover the service #}
resolver 127.0.0.11 valid=5s; resolver 127.0.0.11 valid=5s;
set $backend "{{ matrix_appservice_slack_appservice_url }}:{{ matrix_appservice_slack_slack_port }}"; set $backend "{{ matrix_appservice_slack_appservice_url }}:{{ matrix_appservice_slack_slack_port }}";
proxy_pass $backend; proxy_pass $backend;
{% else %} {% else %}
{# Generic configuration for use outside of our container setup #} {# Generic configuration for use outside of our container setup #}
proxy_pass http://127.0.0.1:{{ matrix_appservice_slack_slack_port }}; proxy_pass http://127.0.0.1:{{ matrix_appservice_slack_slack_port }};
{% endif %} {% endif %}
} }
- name: Register Slack Appservice proxying configuration with matrix-nginx-proxy - name: Register Slack Appservice proxying configuration with matrix-nginx-proxy
set_fact: set_fact:
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: | matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
{{ {{
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([]) matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
+ +
[matrix_appservice_slack_matrix_nginx_proxy_configuration] [matrix_appservice_slack_matrix_nginx_proxy_configuration]
}} }}
tags: tags:
- always - always
when: matrix_appservice_slack_enabled|bool when: matrix_appservice_slack_enabled|bool
- name: Warn about reverse-proxying if matrix-nginx-proxy not used - name: Warn about reverse-proxying if matrix-nginx-proxy not used

View File

@ -1,3 +1,5 @@
---
- import_tasks: "{{ role_path }}/tasks/init.yml" - import_tasks: "{{ role_path }}/tasks/init.yml"
tags: tags:
- always - always

View File

@ -1,3 +1,5 @@
---
- name: Fail if Postgres not enabled - name: Fail if Postgres not enabled
fail: fail:
msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot migrate." msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot migrate."
@ -16,7 +18,7 @@
service: service:
name: matrix-postgres name: matrix-postgres
state: started state: started
daemon_reload: yes daemon_reload: true
register: matrix_postgres_service_start_result register: matrix_postgres_service_start_result
- name: Wait a bit, so that Postgres can start - name: Wait a bit, so that Postgres can start

View File

@ -8,10 +8,10 @@
owner: "{{ matrix_user_username }}" owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}" group: "{{ matrix_user_groupname }}"
with_items: with_items:
- { path: "{{ matrix_appservice_slack_base_path }}", when: true } - {path: "{{ matrix_appservice_slack_base_path }}", when: true}
- { path: "{{ matrix_appservice_slack_config_path }}", when: true } - {path: "{{ matrix_appservice_slack_config_path }}", when: true}
- { path: "{{ matrix_appservice_slack_data_path }}", when: true } - {path: "{{ matrix_appservice_slack_data_path }}", when: true}
- { path: "{{ matrix_appservice_slack_docker_src_files_path }}", when: "{{ matrix_appservice_slack_container_image_self_build }}" } - {path: "{{ matrix_appservice_slack_docker_src_files_path }}", when: "{{ matrix_appservice_slack_container_image_self_build }}"}
when: item.when|bool when: item.when|bool
- set_fact: - set_fact:
@ -56,7 +56,7 @@
build: build:
dockerfile: Dockerfile dockerfile: Dockerfile
path: "{{ matrix_appservice_slack_docker_src_files_path }}" path: "{{ matrix_appservice_slack_docker_src_files_path }}"
pull: yes pull: true
when: "matrix_appservice_slack_container_image_self_build|bool and matrix_appservice_slack_git_pull_results.changed" when: "matrix_appservice_slack_container_image_self_build|bool and matrix_appservice_slack_git_pull_results.changed"
- name: Ensure Matrix Appservice Slack config installed - name: Ensure Matrix Appservice Slack config installed
@ -84,7 +84,7 @@
- name: Ensure systemd reloaded after matrix-appservice-slack.service installation - name: Ensure systemd reloaded after matrix-appservice-slack.service installation
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_appservice_slack_systemd_service_result.changed" when: "matrix_appservice_slack_systemd_service_result.changed"
- name: Ensure matrix-appservice-slack.service restarted, if necessary - name: Ensure matrix-appservice-slack.service restarted, if necessary

View File

@ -9,8 +9,8 @@
service: service:
name: matrix-appservice-slack name: matrix-appservice-slack
state: stopped state: stopped
enabled: no enabled: false
daemon_reload: yes daemon_reload: true
when: "matrix_appservice_slack_service_stat.stat.exists" when: "matrix_appservice_slack_service_stat.stat.exists"
- name: Ensure matrix-appservice-slack.service doesn't exist - name: Ensure matrix-appservice-slack.service doesn't exist
@ -21,5 +21,5 @@
- name: Ensure systemd reloaded after matrix-appservice-slack.service removal - name: Ensure systemd reloaded after matrix-appservice-slack.service removal
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_appservice_slack_service_stat.stat.exists" when: "matrix_appservice_slack_service_stat.stat.exists"

View File

@ -1,3 +1,4 @@
---
# matrix-appservice-webhooks is a Matrix <-> webhook bridge # matrix-appservice-webhooks is a Matrix <-> webhook bridge
# See: https://github.com/redoonetworks/matrix-appservice-webhooks # See: https://github.com/redoonetworks/matrix-appservice-webhooks

View File

@ -1,3 +1,4 @@
---
# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist. # If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
# We don't want to fail in such cases. # We don't want to fail in such cases.
- name: Fail if matrix-synapse role already executed - name: Fail if matrix-synapse role already executed
@ -32,42 +33,42 @@
when: "matrix_synapse_role_executed|default(False)" when: "matrix_synapse_role_executed|default(False)"
- block: - block:
- name: Fail if matrix-nginx-proxy role already executed - name: Fail if matrix-nginx-proxy role already executed
fail: fail:
msg: >- msg: >-
Trying to append webhooks Appservice's reverse-proxying configuration to matrix-nginx-proxy, Trying to append webhooks Appservice's reverse-proxying configuration to matrix-nginx-proxy,
but it's pointless since the matrix-nginx-proxy role had already executed. but it's pointless since the matrix-nginx-proxy role had already executed.
To fix this, please change the order of roles in your playbook, To fix this, please change the order of roles in your playbook,
so that the matrix-nginx-proxy role would run after the matrix-bridge-appservice-webhooks role. so that the matrix-nginx-proxy role would run after the matrix-bridge-appservice-webhooks role.
when: matrix_nginx_proxy_role_executed|default(False)|bool when: matrix_nginx_proxy_role_executed|default(False)|bool
- name: Generate Matrix Appservice webhooks proxying configuration for matrix-nginx-proxy - name: Generate Matrix Appservice webhooks proxying configuration for matrix-nginx-proxy
set_fact: set_fact:
matrix_appservice_webhooks_matrix_nginx_proxy_configuration: | matrix_appservice_webhooks_matrix_nginx_proxy_configuration: |
{% if matrix_nginx_proxy_enabled|default(False) %} {% if matrix_nginx_proxy_enabled|default(False) %}
{# Use the embedded DNS resolver in Docker containers to discover the service #} {# Use the embedded DNS resolver in Docker containers to discover the service #}
location ~ ^{{ matrix_appservice_webhooks_public_endpoint }}/(.*)$ { location ~ ^{{ matrix_appservice_webhooks_public_endpoint }}/(.*)$ {
resolver 127.0.0.11 valid=5s; resolver 127.0.0.11 valid=5s;
set $backend "matrix-appservice-webhooks:{{ matrix_appservice_webhooks_matrix_port }}"; set $backend "matrix-appservice-webhooks:{{ matrix_appservice_webhooks_matrix_port }}";
proxy_pass http://$backend/$1; proxy_pass http://$backend/$1;
} }
{% else %} {% else %}
{# Generic configuration for use outside of our container setup #} {# Generic configuration for use outside of our container setup #}
location {{ matrix_appservice_webhooks_public_endpoint }}/ { location {{ matrix_appservice_webhooks_public_endpoint }}/ {
proxy_pass http://127.0.0.1:{{ matrix_appservice_webhooks_matrix_port }}/; proxy_pass http://127.0.0.1:{{ matrix_appservice_webhooks_matrix_port }}/;
} }
{% endif %} {% endif %}
- name: Register webhooks Appservice proxying configuration with matrix-nginx-proxy - name: Register webhooks Appservice proxying configuration with matrix-nginx-proxy
set_fact: set_fact:
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: | matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
{{ {{
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([]) matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
+ +
[matrix_appservice_webhooks_matrix_nginx_proxy_configuration] [matrix_appservice_webhooks_matrix_nginx_proxy_configuration]
}} }}
tags: tags:
- always - always
when: matrix_appservice_webhooks_enabled|bool when: matrix_appservice_webhooks_enabled|bool
- name: Warn about reverse-proxying if matrix-nginx-proxy not used - name: Warn about reverse-proxying if matrix-nginx-proxy not used

View File

@ -1,3 +1,5 @@
---
- import_tasks: "{{ role_path }}/tasks/init.yml" - import_tasks: "{{ role_path }}/tasks/init.yml"
tags: tags:
- always - always

View File

@ -8,10 +8,10 @@
owner: "{{ matrix_user_username }}" owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}" group: "{{ matrix_user_groupname }}"
with_items: with_items:
- { path: "{{ matrix_appservice_webhooks_base_path }}", when: true } - {path: "{{ matrix_appservice_webhooks_base_path }}", when: true}
- { path: "{{ matrix_appservice_webhooks_config_path }}", when: true } - {path: "{{ matrix_appservice_webhooks_config_path }}", when: true}
- { path: "{{ matrix_appservice_webhooks_data_path }}", when: true } - {path: "{{ matrix_appservice_webhooks_data_path }}", when: true}
- { path: "{{ matrix_appservice_webhooks_docker_src_files_path }}", when: "{{ matrix_appservice_webhooks_container_image_self_build }}"} - {path: "{{ matrix_appservice_webhooks_docker_src_files_path }}", when: "{{ matrix_appservice_webhooks_container_image_self_build }}"}
when: "item.when|bool" when: "item.when|bool"
- name: Ensure Appservice webhooks image is pulled - name: Ensure Appservice webhooks image is pulled
@ -40,7 +40,7 @@
build: build:
dockerfile: "{{ matrix_appservice_webhooks_container_image_self_build_repo_dockerfile_path }}" dockerfile: "{{ matrix_appservice_webhooks_container_image_self_build_repo_dockerfile_path }}"
path: "{{ matrix_appservice_webhooks_docker_src_files_path }}" path: "{{ matrix_appservice_webhooks_docker_src_files_path }}"
pull: yes pull: true
when: "matrix_appservice_webhooks_container_image_self_build|bool" when: "matrix_appservice_webhooks_container_image_self_build|bool"
- name: Ensure Matrix Appservice webhooks config is installed - name: Ensure Matrix Appservice webhooks config is installed
@ -84,5 +84,5 @@
- name: Ensure systemd reloaded after matrix-appservice-webhooks.service installation - name: Ensure systemd reloaded after matrix-appservice-webhooks.service installation
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_appservice_webhooks_systemd_service_result.changed" when: "matrix_appservice_webhooks_systemd_service_result.changed"

View File

@ -9,8 +9,8 @@
service: service:
name: matrix-appservice-webhooks name: matrix-appservice-webhooks
state: stopped state: stopped
enabled: no enabled: false
daemon_reload: yes daemon_reload: true
when: "matrix_appservice_webhooks_service_stat.stat.exists" when: "matrix_appservice_webhooks_service_stat.stat.exists"
- name: Ensure matrix-appservice-webhooks.service doesn't exist - name: Ensure matrix-appservice-webhooks.service doesn't exist
@ -21,5 +21,5 @@
- name: Ensure systemd reloaded after matrix-appservice-webhooks.service removal - name: Ensure systemd reloaded after matrix-appservice-webhooks.service removal
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_appservice_webhooks_service_stat.stat.exists" when: "matrix_appservice_webhooks_service_stat.stat.exists"

View File

@ -1,3 +1,4 @@
---
# beeper-linkedin is a Matrix <-> LinkedIn bridge # beeper-linkedin is a Matrix <-> LinkedIn bridge
# See: https://gitlab.com/beeper/linkedin # See: https://gitlab.com/beeper/linkedin

Some files were not shown because too many files have changed in this diff Show More