GoMatrixHosting v0.4.9 update
This commit is contained in:
parent
10c68a8cf4
commit
122a92fa1c
|
@ -31,9 +31,9 @@ Updates to this section are trailed here:
|
|||
|
||||
## Does I need an AWX setup to use this? How do I configure it?
|
||||
|
||||
Yes, you'll need to configure an AWX instance, the [Create AWX System](https://gitlab.com/GoMatrixHosting/create-awx-system) repository makes it easy to do. Just follow the steps listed in ['/docs/Installation.md' of that repository](https://gitlab.com/GoMatrixHosting/create-awx-system/-/blob/master/docs/Installation.md).
|
||||
Yes, you'll need to configure an AWX instance, the [Create AWX System](https://gitlab.com/GoMatrixHosting/create-awx-system) repository makes it easy to do. Just follow the steps listed in ['/docs/Installation_AWX.md' of that repository](https://gitlab.com/GoMatrixHosting/create-awx-system/-/blob/master/docs/Installation_AWX.md).
|
||||
|
||||
For simpler installation steps you can use to get started with this system, check out our minimal installation guide at ['/doc/Installation_Minimal.md of that repository'](https://gitlab.com/GoMatrixHosting/create-awx-system/-/blob/master/docs/Installation_Minimal.md).
|
||||
For simpler installation steps you can use to get started with this system, check out our minimal installation guide at ['/doc/Installation_Minimal_AWX.md of that repository'](https://gitlab.com/GoMatrixHosting/create-awx-system/-/blob/master/docs/Installation_Minimal_AWX.md).
|
||||
|
||||
|
||||
## Does I need a front-end WordPress site? And a DigitalOcean account?
|
||||
|
|
19
roles/matrix-awx/surveys/configure_email_relay.json.j2
Normal file
19
roles/matrix-awx/surveys/configure_email_relay.json.j2
Normal file
|
@ -0,0 +1,19 @@
|
|||
{
|
||||
"name": "Configure Email Relay",
|
||||
"description": "Enable MailGun relay to increase verification email reliability.",
|
||||
"spec": [
|
||||
{
|
||||
"question_name": "Enable Email Relay",
|
||||
"question_description": "Enables the MailGun email relay server, enabling this will increase the reliability of your email verification.",
|
||||
"required": false,
|
||||
"min": null,
|
||||
"max": null,
|
||||
"default": "{{ matrix_mailer_relay_use | string | lower }}",
|
||||
"choices": "true\nfalse",
|
||||
"new_question": true,
|
||||
"variable": "matrix_mailer_relay_use",
|
||||
"type": "multiplechoice"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
|
@ -98,6 +98,15 @@
|
|||
tags:
|
||||
- setup-client-element
|
||||
|
||||
# Additional playbook to set the variable file during Mailer configuration
|
||||
- include_tasks:
|
||||
file: "set_variables_mailer.yml"
|
||||
apply:
|
||||
tags: setup-mailer
|
||||
when: run_setup|bool and matrix_awx_enabled|bool
|
||||
tags:
|
||||
- setup-mailer
|
||||
|
||||
# Additional playbook to set the variable file during Element configuration
|
||||
- include_tasks:
|
||||
file: "set_variables_element_subdomain.yml"
|
||||
|
|
50
roles/matrix-awx/tasks/set_variables_mailer.yml
Normal file
50
roles/matrix-awx/tasks/set_variables_mailer.yml
Normal file
|
@ -0,0 +1,50 @@
|
|||
|
||||
- name: Record Mailer variables locally on AWX
|
||||
delegate_to: 127.0.0.1
|
||||
lineinfile:
|
||||
path: '{{ awx_cached_matrix_vars }}'
|
||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
||||
line: "{{ item.key }}: {{ item.value }}"
|
||||
insertafter: '# Email Settings Start'
|
||||
with_dict:
|
||||
'matrix_mailer_relay_use': '{{ matrix_mailer_relay_use }}'
|
||||
|
||||
- name: Save new 'Configure Email Relay' survey.json to the AWX tower, template
|
||||
delegate_to: 127.0.0.1
|
||||
template:
|
||||
src: 'roles/matrix-awx/surveys/configure_email_relay.json.j2'
|
||||
dest: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_email_relay.json'
|
||||
|
||||
- name: Copy new 'Configure Email Relay' survey.json to target machine
|
||||
copy:
|
||||
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_email_relay.json'
|
||||
dest: '/matrix/awx/configure_email_relay.json'
|
||||
mode: '0660'
|
||||
|
||||
- name: Collect AWX admin token the hard way!
|
||||
delegate_to: 127.0.0.1
|
||||
shell: |
|
||||
curl -sku {{ tower_username }}:{{ tower_password }} -H "Content-Type: application/json" -X POST -d '{"description":"Tower CLI", "application":null, "scope":"write"}' https://{{ tower_host }}/api/v2/users/1/personal_tokens/ | jq '.token' | sed -r 's/\"//g'
|
||||
register: tower_token
|
||||
no_log: True
|
||||
|
||||
- name: Recreate 'Configure Email Relay' job template
|
||||
delegate_to: 127.0.0.1
|
||||
awx.awx.tower_job_template:
|
||||
name: "{{ matrix_domain }} - 1 - Configure Email Relay"
|
||||
description: "Enable MailGun relay to increase verification email reliability."
|
||||
extra_vars: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/extra_vars.json') }}"
|
||||
job_type: run
|
||||
job_tags: "start,setup-mailer"
|
||||
inventory: "{{ member_id }}"
|
||||
project: "{{ member_id }} - Matrix Docker Ansible Deploy"
|
||||
playbook: setup.yml
|
||||
credential: "{{ member_id }} - AWX SSH Key"
|
||||
survey_enabled: true
|
||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_email_relay.json') }}"
|
||||
become_enabled: yes
|
||||
state: present
|
||||
verbosity: 1
|
||||
tower_host: "https://{{ tower_host }}"
|
||||
tower_oauthtoken: "{{ tower_token.stdout }}"
|
||||
validate_certs: yes
|
|
@ -5,7 +5,7 @@ matrix_client_hydrogen_enabled: true
|
|||
matrix_client_hydrogen_container_image_self_build: true
|
||||
matrix_client_hydrogen_container_image_self_build_repo: "https://github.com/vector-im/hydrogen-web.git"
|
||||
|
||||
matrix_client_hydrogen_version: v0.1.53
|
||||
matrix_client_hydrogen_version: v0.1.56
|
||||
matrix_client_hydrogen_docker_image: "{{ matrix_client_hydrogen_docker_image_name_prefix }}vectorim/hydrogen-web:{{ matrix_client_hydrogen_version }}"
|
||||
matrix_client_hydrogen_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_hydrogen_container_image_self_build }}"
|
||||
matrix_client_hydrogen_docker_image_force_pull: "{{ matrix_client_hydrogen_docker_image.endswith(':latest') }}"
|
||||
|
|
|
@ -15,8 +15,8 @@ matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_cont
|
|||
# amd64 gets released first.
|
||||
# arm32 relies on self-building, so the same version can be built immediately.
|
||||
# arm64 users need to wait for a prebuilt image to become available.
|
||||
matrix_synapse_version: v1.34.0
|
||||
matrix_synapse_version_arm64: v1.34.0
|
||||
matrix_synapse_version: v1.35.1
|
||||
matrix_synapse_version_arm64: v1.35.1
|
||||
matrix_synapse_docker_image_tag: "{{ matrix_synapse_version if matrix_architecture in ['arm32', 'amd64'] else matrix_synapse_version_arm64 }}"
|
||||
matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}"
|
||||
|
||||
|
|
|
@ -705,33 +705,6 @@ acme:
|
|||
#
|
||||
#account_key_file: /data/acme_account.key
|
||||
|
||||
# List of allowed TLS fingerprints for this server to publish along
|
||||
# with the signing keys for this server. Other matrix servers that
|
||||
# make HTTPS requests to this server will check that the TLS
|
||||
# certificates returned by this server match one of the fingerprints.
|
||||
#
|
||||
# Synapse automatically adds the fingerprint of its own certificate
|
||||
# to the list. So if federation traffic is handled directly by synapse
|
||||
# then no modification to the list is required.
|
||||
#
|
||||
# If synapse is run behind a load balancer that handles the TLS then it
|
||||
# will be necessary to add the fingerprints of the certificates used by
|
||||
# the loadbalancers to this list if they are different to the one
|
||||
# synapse is using.
|
||||
#
|
||||
# Homeservers are permitted to cache the list of TLS fingerprints
|
||||
# returned in the key responses up to the "valid_until_ts" returned in
|
||||
# key. It may be necessary to publish the fingerprints of a new
|
||||
# certificate and wait until the "valid_until_ts" of the previous key
|
||||
# responses have passed before deploying it.
|
||||
#
|
||||
# You can calculate a fingerprint from a given TLS listener via:
|
||||
# openssl s_client -connect $host:$port < /dev/null 2> /dev/null |
|
||||
# openssl x509 -outform DER | openssl sha256 -binary | base64 | tr -d '='
|
||||
# or by checking matrix.org/federationtester/api/report?server_name=$host
|
||||
#
|
||||
#tls_fingerprints: [{"sha256": "<base64_encoded_sha256_fingerprint>"}]
|
||||
|
||||
|
||||
## Federation ##
|
||||
|
||||
|
@ -2904,7 +2877,8 @@ opentracing:
|
|||
#enabled: true
|
||||
|
||||
# The list of homeservers we wish to send and receive span contexts and span baggage.
|
||||
# See docs/opentracing.rst
|
||||
# See docs/opentracing.rst.
|
||||
#
|
||||
# This is a list of regexes which are matched against the server_name of the
|
||||
# homeserver.
|
||||
#
|
||||
|
@ -2913,19 +2887,26 @@ opentracing:
|
|||
#homeserver_whitelist:
|
||||
# - ".*"
|
||||
|
||||
# A list of the matrix IDs of users whose requests will always be traced,
|
||||
# even if the tracing system would otherwise drop the traces due to
|
||||
# probabilistic sampling.
|
||||
#
|
||||
# By default, the list is empty.
|
||||
#
|
||||
#force_tracing_for_users:
|
||||
# - "@user1:server_name"
|
||||
# - "@user2:server_name"
|
||||
|
||||
# Jaeger can be configured to sample traces at different rates.
|
||||
# All configuration options provided by Jaeger can be set here.
|
||||
# Jaeger's configuration mostly related to trace sampling which
|
||||
# Jaeger's configuration is mostly related to trace sampling which
|
||||
# is documented here:
|
||||
# https://www.jaegertracing.io/docs/1.13/sampling/.
|
||||
# https://www.jaegertracing.io/docs/latest/sampling/.
|
||||
#
|
||||
#jaeger_config:
|
||||
# sampler:
|
||||
# type: const
|
||||
# param: 1
|
||||
|
||||
# Logging whether spans were started and reported
|
||||
#
|
||||
# logging:
|
||||
# false
|
||||
|
||||
|
@ -2995,4 +2976,20 @@ redis:
|
|||
#
|
||||
password: {{ matrix_synapse_redis_password }}
|
||||
|
||||
|
||||
# Enable experimental features in Synapse.
|
||||
#
|
||||
# Experimental features might break or be removed without a deprecation
|
||||
# period.
|
||||
#
|
||||
experimental_features:
|
||||
# Support for Spaces (MSC1772), it enables the following:
|
||||
#
|
||||
# * The Spaces Summary API (MSC2946).
|
||||
# * Restricting room membership based on space membership (MSC3083).
|
||||
#
|
||||
# Uncomment to disable support for Spaces.
|
||||
#spaces_enabled: false
|
||||
|
||||
|
||||
# vim:ft=yaml
|
||||
|
|
Loading…
Reference in a new issue