Integrate matrix-dynamic-dns with matrix-nginx-proxy without causing a dependency

We'd like the roles to be self-contained (as much as possible).

Thus, the `matrix-nginx-proxy` shouldn't reference any variables from
other roles. Instead, we rely on injection via
`group_vars/matrix_servers`.

Related to #681 (Github Pull Request)
This commit is contained in:
Slavi Pantaleev 2020-11-10 23:46:33 +02:00
parent 8782919d85
commit 1427286cec
3 changed files with 17 additions and 10 deletions

View file

@ -851,6 +851,8 @@ matrix_ssl_architecture: "{{
}[matrix_architecture]
}}"
matrix_ssl_pre_obtaining_required_service_name: "{{ 'matrix-dynamic-dns' if matrix_dynamic_dns_enabled else '' }}
######################################################################
#
# /matrix-nginx-proxy

View file

@ -243,6 +243,10 @@ matrix_ssl_base_path: "{{ matrix_base_data_path }}/ssl"
matrix_ssl_config_dir_path: "{{ matrix_ssl_base_path }}/config"
matrix_ssl_log_dir_path: "{{ matrix_ssl_base_path }}/log"
# If you'd like to start some service before a certificate is obtained, specify it here.
# This could be something like `matrix-dynamic-dns`, etc.
matrix_ssl_pre_obtaining_required_service_name: ~
matrix_ssl_pre_obtaining_required_service_start_wait_time_seconds: 60
# nginx status page configurations.
matrix_nginx_proxy_proxy_matrix_nginx_status_enabled: false

View file

@ -12,17 +12,18 @@
- set_fact:
domain_name_needs_cert: "{{ not domain_name_certificate_path_stat.stat.exists }}"
- name: Ensure dynamic dns has ran
service:
name: "dynamic-dns"
state: started
register: dynamic_dns_service_update
when: "domain_name_needs_cert|bool and matrix_dynamic_dns_enabled|bool"
- block:
- name: Ensure required service for obtaining is started
service:
name: "{{ matrix_ssl_pre_obtaining_required_service_name }}"
state: started
register: matrix_ssl_pre_obtaining_required_service_start_result
- name: Sleep for 60 seconds so that DNS records can be updated
wait_for:
timeout: 60
when: dynamic_dns_service_update.changed
- name: Wait some time, so that the required service for obtaining can start
wait_for:
timeout: "{{ matrix_ssl_service_to_start_before_obtaining_start_wait_time_seconds }}"
when: "matrix_ssl_pre_obtaining_required_service_start_result.changed|bool"
when: "domain_name_needs_cert|bool and matrix_ssl_pre_obtaining_required_service_name != ''"
# This will fail if there is something running on port 80 (like matrix-nginx-proxy).
# We suppress the error, as we'll try another method below.