diff --git a/CHANGELOG.md b/CHANGELOG.md index 32153869d..5ab03e7e9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,13 @@ +# 2020-03-15 + +## Raspberry Pi support + +The playbook supports installing to a Raspberry Pi server, for at least some of the services. + +Since most ready-made container images do not support that architecture, we achieve this by building images locally on the device itself. +See our [Self-building documentation page](docs/self-building.md) for how to get started. + + # 2020-02-26 ## Riot-web themes are here diff --git a/docs/prerequisites.md b/docs/prerequisites.md index 7b3df42ff..4e72e2ead 100644 --- a/docs/prerequisites.md +++ b/docs/prerequisites.md @@ -1,6 +1,6 @@ # Prerequisites -- An x86 server running **CentOS** (7 only for now; [8 is not yet supported](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/300)), **Debian** (9/Stretch+) or **Ubuntu** (16.04+). This playbook doesn't support running on ARM so it won't work on a Raspberry Pi. We only strive to support released stable versions of distributions, not betas or pre-releases. This playbook can take over your whole server or co-exist with other services that you have there. +- An x86 server running **CentOS** (7 only for now; [8 is not yet supported](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/300)), **Debian** (9/Stretch+) or **Ubuntu** (16.04+). This playbook doesn't support running on ARM ([see](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/299)), however a minimal subset of the tools can be built on the host, which may result in a working configuration, even on a Raspberry pi (see [Self-Building](self-building.md)). We only strive to support released stable versions of distributions, not betas or pre-releases. This playbook can take over your whole server or co-exist with other services that you have there. - [Python](https://www.python.org/) being installed on the server. Most distributions install Python by default, but some don't (e.g. Ubuntu 18.04) and require manual installation (something like `apt-get install python`). diff --git a/docs/self-building.md b/docs/self-building.md new file mode 100644 index 000000000..a4d6fad9c --- /dev/null +++ b/docs/self-building.md @@ -0,0 +1,19 @@ +# Self-building + +The playbook supports the self-building of some of its components. This may be useful for architectures besides x86_64, which have no Docker images right now (e g. the armv7 for the Raspberry Pi). Some playbook roles have been updated, so they build the necessary image on the host. It needs more space, as some build tools need to be present (like Java, for mxisd). + +To use these modification there is a variable that needs to be switched to enable this functionality. Add this to your `vars.yaml` file: +```yaml +matrix_container_images_self_build = true +``` +Setting that variable will self-build every role which supports self-building. Self-building can be set on a per-role basis as well. + +List of roles where self-building the docker image is currently possible: +- synapse +- riot-web +- coturn +- mxisd +- matrix-bridge-mautrix-facebook +- matrix-bridge-mautrix-hangouts + +Adding self-building support to other roles is welcome. Feel free to contribute! diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 5efde0c95..f722e2659 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -172,6 +172,8 @@ matrix_appservice_irc_homeserver_token: "{{ matrix_synapse_macaroon_secret_key | # We don't enable bridges by default. matrix_mautrix_facebook_enabled: false +matrix_mautrix_facebook_container_image_self_build: "{{ matrix_container_images_self_build }}" + matrix_mautrix_facebook_systemd_required_services_list: | {{ ['docker.service'] @@ -201,6 +203,8 @@ matrix_mautrix_facebook_login_shared_secret: "{{ matrix_synapse_ext_password_pro # We don't enable bridges by default. matrix_mautrix_hangouts_enabled: false +matrix_mautrix_hangouts_container_image_self_build: "{{ matrix_container_images_self_build }}" + matrix_mautrix_hangouts_systemd_required_services_list: | {{ ['docker.service'] @@ -329,6 +333,8 @@ matrix_corporal_matrix_registration_shared_secret: "{{ matrix_synapse_registrati matrix_coturn_enabled: true +matrix_coturn_container_image_self_build: "{{ matrix_container_images_self_build }}" + matrix_coturn_turn_external_ip_address: "{{ ansible_host }}" matrix_coturn_tls_enabled: true @@ -415,6 +421,8 @@ matrix_mailer_enabled: true # If you wish to use the public identity servers (matrix.org, vector.im) instead of your own you may wish to disable this. matrix_mxisd_enabled: true +matrix_mxisd_container_image_self_build: "{{ matrix_container_images_self_build }}" + # Normally, matrix-nginx-proxy is enabled and nginx can reach mxisd over the container network. # If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose # mxisd's web-server port. @@ -559,6 +567,8 @@ matrix_postgres_db_name: "homeserver" # If you wish to connect to your Matrix server by other means, you may wish to disable this. matrix_riot_web_enabled: true +matrix_riot_web_container_image_self_build: "{{ matrix_container_images_self_build }}" + # Normally, matrix-nginx-proxy is enabled and nginx can reach riot-web over the container network. # If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose # the riot-web HTTP port to the local host. @@ -600,6 +610,8 @@ matrix_riot_web_welcome_user_id: ~ # ###################################################################### +matrix_synapse_container_image_self_build: "{{ matrix_container_images_self_build }}" + # When mxisd is enabled, we can use it instead of the default public Identity servers. matrix_synapse_trusted_third_party_id_servers: "{{ [matrix_server_fqn_matrix] if matrix_mxisd_enabled else matrix_synapse_id_servers_public }}" diff --git a/roles/matrix-base/defaults/main.yml b/roles/matrix-base/defaults/main.yml index b4fef1dd7..c2a81c294 100644 --- a/roles/matrix-base/defaults/main.yml +++ b/roles/matrix-base/defaults/main.yml @@ -66,3 +66,7 @@ run_setup: true run_self_check: true run_start: true run_stop: true + +# Building every docker image from source on the target host +# Controlling docker image build is possible on a per unit base +matrix_container_images_self_build: false \ No newline at end of file diff --git a/roles/matrix-base/tasks/server_base/setup.yml b/roles/matrix-base/tasks/server_base/setup.yml index 45feb1527..70b2e4fcc 100644 --- a/roles/matrix-base/tasks/server_base/setup.yml +++ b/roles/matrix-base/tasks/server_base/setup.yml @@ -4,7 +4,10 @@ when: ansible_distribution == 'CentOS' - include_tasks: "{{ role_path }}/tasks/server_base/setup_debian.yml" - when: ansible_os_family == 'Debian' + when: (ansible_os_family == 'Debian') and (ansible_lsb.id != 'Raspbian') + +- include_tasks: "{{ role_path }}/tasks/server_base/setup_raspbian.yml" + when: (ansible_os_family == 'Debian') and (ansible_lsb.id == 'Raspbian') - name: Ensure Docker is started and autoruns service: diff --git a/roles/matrix-base/tasks/server_base/setup_raspbian.yml b/roles/matrix-base/tasks/server_base/setup_raspbian.yml new file mode 100644 index 000000000..e92842843 --- /dev/null +++ b/roles/matrix-base/tasks/server_base/setup_raspbian.yml @@ -0,0 +1,42 @@ +--- + +- name: Ensure APT usage dependencies are installed + apt: + name: + - apt-transport-https + - ca-certificates + state: present + update_cache: yes + +- name: Ensure Docker's APT key is trusted + apt_key: + url: https://download.docker.com/linux/raspbian/gpg + id: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88 + state: present + register: add_repository_key + ignore_errors: true + when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce' + +- name: Ensure Docker repository is enabled + apt_repository: + repo: "deb [arch=armhf] https://download.docker.com/linux/raspbian {{ ansible_distribution_release }} stable" + state: present + update_cache: yes + when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce' + +- name: Ensure APT packages are installed + apt: + name: + - bash-completion + - python-docker + - ntp + - fuse + state: latest + update_cache: yes + +- name: Ensure Docker is installed + apt: + name: + - "{{ matrix_docker_package_name }}" + state: latest + when: matrix_docker_installation_enabled|bool diff --git a/roles/matrix-bridge-mautrix-facebook/defaults/main.yml b/roles/matrix-bridge-mautrix-facebook/defaults/main.yml index bf57e9260..30693bd58 100644 --- a/roles/matrix-bridge-mautrix-facebook/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-facebook/defaults/main.yml @@ -3,6 +3,8 @@ matrix_mautrix_facebook_enabled: true +matrix_mautrix_facebook_container_image_self_build: false + # See: https://mau.dev/tulir/mautrix-facebook/container_registry matrix_mautrix_facebook_docker_image: "dock.mau.dev/tulir/mautrix-facebook:latest" matrix_mautrix_facebook_docker_image_force_pull: "{{ matrix_mautrix_facebook_docker_image.endswith(':latest') }}" @@ -10,6 +12,7 @@ matrix_mautrix_facebook_docker_image_force_pull: "{{ matrix_mautrix_facebook_doc matrix_mautrix_facebook_base_path: "{{ matrix_base_data_path }}/mautrix-facebook" matrix_mautrix_facebook_config_path: "{{ matrix_mautrix_facebook_base_path }}/config" matrix_mautrix_facebook_data_path: "{{ matrix_mautrix_facebook_base_path }}/data" +matrix_mautrix_facebook_docker_src_files_path: "{{ matrix_mautrix_facebook_base_path }}/docker-src" matrix_mautrix_facebook_homeserver_address: 'http://matrix-synapse:8008' matrix_mautrix_facebook_homeserver_domain: '{{ matrix_domain }}' diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/init.yml b/roles/matrix-bridge-mautrix-facebook/tasks/init.yml index 92f978672..c9688cf04 100644 --- a/roles/matrix-bridge-mautrix-facebook/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-facebook/tasks/init.yml @@ -14,3 +14,10 @@ + {{ ["/matrix-mautrix-facebook-registration.yaml"] }} when: matrix_mautrix_facebook_enabled|bool + +# ansible lower than 2.8, does not support docker_image build parameters +# for self buildig it is explicitly needed, so we rather fail here +- name: Fail if running on Ansible lower than 2.8 and trying self building + fail: + msg: "To self build Mautrix Facebook image, you should usa ansible 2.8 or higher. E.g. pip contains such packages." + when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mautrix_facebook_container_image_self_build" diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml index 68c823c6c..5a70c2e43 100644 --- a/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml @@ -14,6 +14,7 @@ source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mautrix_facebook_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_facebook_docker_image_force_pull }}" + when: matrix_mautrix_facebook_enabled|bool and not matrix_mautrix_facebook_container_image_self_build - name: Ensure Mautrix Facebook paths exist file: @@ -26,6 +27,25 @@ - "{{ matrix_mautrix_facebook_base_path }}" - "{{ matrix_mautrix_facebook_config_path }}" - "{{ matrix_mautrix_facebook_data_path }}" + - { src: "{{ matrix_mautrix_facebook_docker_src_files_path }}", when: "{{ matrix_mautrix_facebook_container_image_self_build }}" } + +- name: Ensure Mautrix Facebook repository is present on self-build + git: + repo: https://github.com/tulir/mautrix-facebook.git + dest: "{{ matrix_mautrix_facebook_docker_src_files_path }}" +# version: "{{ matrix_coturn_docker_image.split(':')[1] }}" + force: "yes" + when: "matrix_mautrix_facebook_enabled|bool and matrix_mautrix_facebook_container_image_self_build" + +- name: Ensure Mautrix Facebook Docker image is built + docker_image: + name: "{{ matrix_mautrix_facebook_docker_image }}" + source: build + build: + dockerfile: Dockerfile + path: "{{ matrix_mautrix_facebook_docker_src_files_path }}" + pull: yes + when: "matrix_mautrix_facebook_enabled|bool and matrix_mautrix_facebook_container_image_self_build" - name: Check if an old database file already exists stat: diff --git a/roles/matrix-bridge-mautrix-hangouts/defaults/main.yml b/roles/matrix-bridge-mautrix-hangouts/defaults/main.yml index fdb2c6390..5284bc822 100644 --- a/roles/matrix-bridge-mautrix-hangouts/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-hangouts/defaults/main.yml @@ -3,6 +3,8 @@ matrix_mautrix_hangouts_enabled: true +matrix_mautrix_hangouts_container_image_self_build: false + # See: https://mau.dev/tulir/mautrix-hangouts/container_registry matrix_mautrix_hangouts_docker_image: "dock.mau.dev/tulir/mautrix-hangouts:latest" matrix_mautrix_hangouts_docker_image_force_pull: "{{ matrix_mautrix_hangouts_docker_image.endswith(':latest') }}" @@ -10,6 +12,7 @@ matrix_mautrix_hangouts_docker_image_force_pull: "{{ matrix_mautrix_hangouts_doc matrix_mautrix_hangouts_base_path: "{{ matrix_base_data_path }}/mautrix-hangouts" matrix_mautrix_hangouts_config_path: "{{ matrix_mautrix_hangouts_base_path }}/config" matrix_mautrix_hangouts_data_path: "{{ matrix_mautrix_hangouts_base_path }}/data" +matrix_mautrix_hangouts_docker_src_files_path: "{{ matrix_mautrix_hangouts_base_path }}/docker-src" matrix_mautrix_hangouts_public_endpoint: '/mautrix-hangouts' diff --git a/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml b/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml index ee18eeb0e..9dd09d819 100644 --- a/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml @@ -59,4 +59,11 @@ Please make sure that you're proxying the `{{ matrix_mautrix_hangouts_public_endpoint }}` URL endpoint to the matrix-mautrix-hangouts container. You can expose the container's port using the `matrix_mautrix_hangouts_container_http_host_bind_port` variable. - when: "matrix_mautrix_hangouts_enabled|bool and matrix_nginx_proxy_enabled is not defined" + when: "matrix_mautrix_hangouts_enabled|bool and (matrix_nginx_proxy_enabled is not defined or matrix_nginx_proxy_enabled|bool == false)" + +# ansible lower than 2.8, does not support docker_image build parameters +# for self buildig it is explicitly needed, so we rather fail here +- name: Fail if running on Ansible lower than 2.8 and trying self building + fail: + msg: "To self build Mautrix Hangouts image, you should usa ansible 2.8 or higher. E.g. pip contains such packages." + when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mautrix_hangouts_container_image_self_build" diff --git a/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml index 7f3251656..db1fe736d 100644 --- a/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml @@ -14,6 +14,7 @@ source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mautrix_hangouts_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_hangouts_docker_image_force_pull }}" + when: matrix_mautrix_hangouts_enabled|bool and not matrix_mautrix_hangouts_container_image_self_build - name: Ensure Mautrix Hangouts paths exist file: @@ -26,6 +27,26 @@ - "{{ matrix_mautrix_hangouts_base_path }}" - "{{ matrix_mautrix_hangouts_config_path }}" - "{{ matrix_mautrix_hangouts_data_path }}" + - { src: "{{ matrix_mautrix_hangouts_docker_src_files_path }}", when: "{{ matrix_mautrix_hangouts_container_image_self_build }}" } + + when: matrix_mautrix_hangouts_enabled|bool and not matrix_mautrix_hangouts_container_image_self_build + +- name: Ensure Mautrix Hangots repository is present on self build + git: + repo: https://github.com/tulir/mautrix-hangouts.git + dest: "{{ matrix_mautrix_hangouts_docker_src_files_path }}" + force: "yes" + when: "matrix_mautrix_hangouts_enabled|bool and matrix_mautrix_hangouts_container_image_self_build" + +- name: Ensure Mautrix Hangouts Docker image is built + docker_image: + name: "{{ matrix_mautrix_hangouts_docker_image }}" + source: build + build: + dockerfile: Dockerfile + path: "{{ matrix_mautrix_hangouts_docker_src_files_path }}" + pull: yes + when: "matrix_mautrix_hangouts_enabled|bool and matrix_mautrix_hangouts_container_image_self_build" - name: Check if an old database file already exists stat: diff --git a/roles/matrix-coturn/defaults/main.yml b/roles/matrix-coturn/defaults/main.yml index 4bcbb2231..06063e3b2 100644 --- a/roles/matrix-coturn/defaults/main.yml +++ b/roles/matrix-coturn/defaults/main.yml @@ -1,5 +1,7 @@ matrix_coturn_enabled: true +matrix_coturn_container_image_self_build: false + matrix_coturn_docker_image: "instrumentisto/coturn:4.5.1.1" matrix_coturn_docker_image_force_pull: "{{ matrix_coturn_docker_image.endswith(':latest') }}" @@ -13,6 +15,7 @@ matrix_coturn_docker_image_force_pull: "{{ matrix_coturn_docker_image.endswith(' matrix_coturn_docker_network: "matrix-coturn" matrix_coturn_base_path: "{{ matrix_base_data_path }}/coturn" +matrix_coturn_docker_src_files_path: "{{ matrix_coturn_base_path }}/docker-src" matrix_coturn_config_path: "{{ matrix_coturn_base_path }}/turnserver.conf" # List of systemd services that matrix-coturn.service depends on diff --git a/roles/matrix-coturn/tasks/init.yml b/roles/matrix-coturn/tasks/init.yml index 603b536ab..b59feebd0 100644 --- a/roles/matrix-coturn/tasks/init.yml +++ b/roles/matrix-coturn/tasks/init.yml @@ -1,3 +1,10 @@ - set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-coturn'] }}" when: matrix_coturn_enabled|bool + +# ansible lower than 2.8, does not support docker_image build parameters +# for self buildig it is explicitly needed, so we rather fail here +- name: Fail if running on Ansible lower than 2.8 and trying self building + fail: + msg: "To self build Coturn image, you should usa ansible 2.8 or higher. E.g. pip contains such packages." + when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_coturn_container_image_self_build" diff --git a/roles/matrix-coturn/tasks/setup_coturn.yml b/roles/matrix-coturn/tasks/setup_coturn.yml index eaa29aa58..d86e4b22f 100644 --- a/roles/matrix-coturn/tasks/setup_coturn.yml +++ b/roles/matrix-coturn/tasks/setup_coturn.yml @@ -4,13 +4,42 @@ # Tasks related to setting up Coturn # +- name: Ensure Matrix Coturn path exists + file: + path: "{{ item }}" + state: directory + mode: 0750 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_username }}" + with_items: + - { src: "{{ matrix_coturn_docker_src_files_path }}", when: "{{ matrix_coturn_container_image_self_build }}"} + when: matrix_riot_web_enabled|bool + - name: Ensure Coturn image is pulled docker_image: name: "{{ matrix_coturn_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_coturn_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_coturn_docker_image_force_pull }}" - when: matrix_coturn_enabled|bool + when: matrix_coturn_enabled|bool and not matrix_coturn_container_image_self_build + +- name: Ensure Coturn repository is present on self-build + git: + repo: https://github.com/instrumentisto/coturn-docker-image.git + dest: "{{ matrix_coturn_docker_src_files_path }}" + version: "{{ matrix_coturn_docker_image.split(':')[1] }}" + force: "yes" + when: "matrix_coturn_enabled|bool and matrix_coturn_container_image_self_build" + +- name: Ensure Coturn Docker image is built + docker_image: + name: "{{ matrix_coturn_docker_image }}" + source: build + build: + dockerfile: Dockerfile + path: "{{ matrix_coturn_docker_src_files_path }}" + pull: yes + when: "matrix_coturn_enabled|bool and matrix_coturn_container_image_self_build" - name: Ensure Coturn configuration path exists file: diff --git a/roles/matrix-mxisd/defaults/main.yml b/roles/matrix-mxisd/defaults/main.yml index 286839dab..605f40281 100644 --- a/roles/matrix-mxisd/defaults/main.yml +++ b/roles/matrix-mxisd/defaults/main.yml @@ -3,10 +3,13 @@ matrix_mxisd_enabled: true +matrix_mxisd_container_image_self_build: false + matrix_mxisd_docker_image: "kamax/mxisd:1.4.6" matrix_mxisd_docker_image_force_pull: "{{ matrix_mxisd_docker_image.endswith(':latest') }}" matrix_mxisd_base_path: "{{ matrix_base_data_path }}/mxisd" +matrix_mxisd_docker_src_files_path: "{{ matrix_mxisd_base_path }}/docker-src" matrix_mxisd_config_path: "{{ matrix_mxisd_base_path }}/config" matrix_mxisd_data_path: "{{ matrix_mxisd_base_path }}/data" diff --git a/roles/matrix-mxisd/tasks/init.yml b/roles/matrix-mxisd/tasks/init.yml index 94543b355..dcf1d0532 100644 --- a/roles/matrix-mxisd/tasks/init.yml +++ b/roles/matrix-mxisd/tasks/init.yml @@ -1,3 +1,10 @@ - set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mxisd'] }}" when: matrix_mxisd_enabled|bool + +# ansible lower than 2.8, does not support docker_image build parameters +# for self buildig it is explicitly needed, so we rather fail here +- name: Fail if running on Ansible lower than 2.8 and trying self building + fail: + msg: "To self build Mxisd image, you should usa ansible 2.8 or higher. E.g. pip contains such packages." + when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mxisd_container_image_self_build" diff --git a/roles/matrix-mxisd/tasks/setup_mxisd.yml b/roles/matrix-mxisd/tasks/setup_mxisd.yml index 2bafa1791..27c00c70b 100644 --- a/roles/matrix-mxisd/tasks/setup_mxisd.yml +++ b/roles/matrix-mxisd/tasks/setup_mxisd.yml @@ -14,6 +14,7 @@ with_items: - "{{ matrix_mxisd_config_path }}" - "{{ matrix_mxisd_data_path }}" + - { src: "{{ matrix_mxisd_docker_src_files_path }}", when: "{{ matrix_mxisd_container_image_self_build }}"} when: matrix_mxisd_enabled|bool - name: Ensure mxisd image is pulled @@ -22,7 +23,34 @@ source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mxisd_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mxisd_docker_image_force_pull }}" - when: matrix_mxisd_enabled|bool + when: matrix_mxisd_enabled|bool and not matrix_mxisd_container_image_self_build + +- block: + - name: Ensure gradle is installed for self-building + apt: + name: + - gradle + state: present + update_cache: yes + when: (ansible_os_family == 'Debian') + + - name: Ensure gradle is installed for self-building + fail: + msg: "Installing gradle on CentOS is currently not supported, so self-building mxisd cannot happen at this time" + when: ansible_distribution == 'CentOS' + + - name: Ensure mxisd repository is present on self-build + git: + repo: https://github.com/kamax-matrix/mxisd.git + dest: "{{ matrix_mxisd_docker_src_files_path }}" + version: "v{{ matrix_mxisd_docker_image.split(':')[1] }}" + force: "yes" + + - name: Ensure mxisd Docker image is built + shell: "./gradlew dockerBuild" + args: + chdir: "{{ matrix_mxisd_docker_src_files_path }}" + when: "matrix_mxisd_enabled|bool and matrix_mxisd_container_image_self_build" - name: Ensure mxisd config installed copy: diff --git a/roles/matrix-riot-web/defaults/main.yml b/roles/matrix-riot-web/defaults/main.yml index e707a61a3..08b141a16 100644 --- a/roles/matrix-riot-web/defaults/main.yml +++ b/roles/matrix-riot-web/defaults/main.yml @@ -1,9 +1,12 @@ matrix_riot_web_enabled: true +matrix_riot_web_container_image_self_build: false + matrix_riot_web_docker_image: "vectorim/riot-web:v1.5.12" matrix_riot_web_docker_image_force_pull: "{{ matrix_riot_web_docker_image.endswith(':latest') }}" matrix_riot_web_data_path: "{{ matrix_base_data_path }}/riot-web" +matrix_riot_web_docker_src_files_path: "{{ matrix_riot_web_data_path }}/docker-src" # Controls whether the matrix-riot-web container exposes its HTTP port (tcp/8080 in the container). # diff --git a/roles/matrix-riot-web/tasks/init.yml b/roles/matrix-riot-web/tasks/init.yml index 52c096eea..7c8a1550c 100644 --- a/roles/matrix-riot-web/tasks/init.yml +++ b/roles/matrix-riot-web/tasks/init.yml @@ -1,3 +1,10 @@ - set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-riot-web'] }}" when: matrix_riot_web_enabled|bool + +# ansible lower than 2.8, does not support docker_image build parameters +# for self buildig it is explicitly needed, so we rather fail here +- name: Fail if running on Ansible lower than 2.8 and trying self building + fail: + msg: "To self build Riot Web image, you should usa ansible 2.8 or higher. E.g. pip contains such packages." + when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_riot_web_container_image_self_build" diff --git a/roles/matrix-riot-web/tasks/setup_riot_web.yml b/roles/matrix-riot-web/tasks/setup_riot_web.yml index a3e1048f9..feccbe816 100644 --- a/roles/matrix-riot-web/tasks/setup_riot_web.yml +++ b/roles/matrix-riot-web/tasks/setup_riot_web.yml @@ -6,11 +6,14 @@ - name: Ensure Matrix riot-web path exists file: - path: "{{ matrix_riot_web_data_path }}" + path: "{{ item }}" state: directory mode: 0750 owner: "{{ matrix_user_username }}" group: "{{ matrix_user_username }}" + with_items: + - "{{ matrix_riot_web_data_path }}" + - { src: "{{ matrix_riot_web_docker_src_files_path }}", when: "{{ matrix_riot_web_container_image_self_build }}" } when: matrix_riot_web_enabled|bool - name: Ensure riot-web Docker image is pulled @@ -19,7 +22,25 @@ source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_riot_web_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_riot_web_docker_image_force_pull }}" - when: matrix_riot_web_enabled|bool + when: matrix_riot_web_enabled|bool and not matrix_riot_web_container_image_self_build + +- name: Ensure Riot Web repository is present on self-build + git: + repo: https://github.com/vector-im/riot-web.git + dest: "{{ matrix_riot_web_docker_src_files_path }}" + version: "{{ matrix_riot_web_docker_image.split(':')[1] }}" + force: "yes" + when: "matrix_riot_web_enabled|bool and matrix_riot_web_container_image_self_build" + +- name: Ensure Riot Web Docker image is built + docker_image: + name: "{{ matrix_riot_web_docker_image }}" + source: build + build: + dockerfile: Dockerfile + path: "{{ matrix_riot_web_docker_src_files_path }}" + pull: yes + when: "matrix_riot_web_enabled|bool and matrix_riot_web_container_image_self_build" - name: Ensure Matrix riot-web configuration installed copy: diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 05ad9126a..fe9f5545f 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -3,10 +3,13 @@ matrix_synapse_enabled: true +matrix_synapse_container_image_self_build: false + matrix_synapse_docker_image: "matrixdotorg/synapse:v1.11.1" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" matrix_synapse_base_path: "{{ matrix_base_data_path }}/synapse" +matrix_synapse_docker_src_files_path: "{{ matrix_synapse_base_path }}/docker-src" matrix_synapse_config_dir_path: "{{ matrix_synapse_base_path }}/config" matrix_synapse_run_path: "{{ matrix_synapse_base_path }}/run" matrix_synapse_storage_path: "{{ matrix_synapse_base_path }}/storage" diff --git a/roles/matrix-synapse/tasks/init.yml b/roles/matrix-synapse/tasks/init.yml index d5f648623..004a2a920 100644 --- a/roles/matrix-synapse/tasks/init.yml +++ b/roles/matrix-synapse/tasks/init.yml @@ -5,3 +5,10 @@ - set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-goofys'] }}" when: matrix_s3_media_store_enabled|bool + +# ansible lower than 2.8, does not support docker_image build parameters +# for self buildig it is explicitly needed, so we rather fail here +- name: Fail if running on Ansible lower than 2.8 and trying self building + fail: + msg: "To self build Synapse image, you should usa ansible 2.8 or higher. E.g. pip contains such packages." + when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_synapse_container_image_self_build" diff --git a/roles/matrix-synapse/tasks/setup_synapse.yml b/roles/matrix-synapse/tasks/setup_synapse.yml index b565a4d2d..8d5f72d24 100644 --- a/roles/matrix-synapse/tasks/setup_synapse.yml +++ b/roles/matrix-synapse/tasks/setup_synapse.yml @@ -11,6 +11,7 @@ - "{{ matrix_synapse_config_dir_path }}" - "{{ matrix_synapse_run_path }}" - "{{ matrix_synapse_ext_path }}" + - { src: "{{ matrix_synapse_docker_src_files_path }}", when: "{{ matrix_synapse_container_image_self_build }}" } # We handle matrix_synapse_media_store_path elsewhere (in ./synapse/setup_install.yml), # because if it's using Goofys and it's already mounted (from before), # trying to chown/chmod it here will cause trouble. diff --git a/roles/matrix-synapse/tasks/synapse/setup_install.yml b/roles/matrix-synapse/tasks/synapse/setup_install.yml index 88fb0049c..cf24cefb5 100644 --- a/roles/matrix-synapse/tasks/synapse/setup_install.yml +++ b/roles/matrix-synapse/tasks/synapse/setup_install.yml @@ -18,12 +18,31 @@ group: "{{ matrix_user_username }}" when: "not local_path_media_store_stat.failed and not local_path_media_store_stat.stat.exists" +- name: Ensure Synapse repository is present on self-build + git: + repo: https://github.com/matrix-org/synapse.git + dest: "{{ matrix_synapse_docker_src_files_path }}" + version: "{{ matrix_synapse_docker_image.split(':')[1] }}" + force: "yes" + when: "matrix_synapse_container_image_self_build" + +- name: Ensure Synapse Docker image is built + docker_image: + name: "{{ matrix_synapse_docker_image }}" + source: build + build: + dockerfile: docker/Dockerfile + path: "{{ matrix_synapse_docker_src_files_path }}" + pull: yes + when: "matrix_synapse_container_image_self_build" + - name: Ensure Synapse Docker image is pulled docker_image: name: "{{ matrix_synapse_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_synapse_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_synapse_docker_image_force_pull }}" + when: "not matrix_synapse_container_image_self_build" - name: Check if a Synapse signing key exists stat: