Merge branch 'master' into pub.solar
This commit is contained in:
commit
1f15b4cad2
13
CHANGELOG.md
13
CHANGELOG.md
|
@ -1,3 +1,16 @@
|
||||||
|
# 2022-04-14
|
||||||
|
|
||||||
|
## (Compatibility Break) Changes to `docker-src` permissions necessitating manual action
|
||||||
|
|
||||||
|
Users who build container images from source will need to manually correct file permissions of some directories on the server.
|
||||||
|
|
||||||
|
When self-building, the playbook used to `git clone` repositories (into `/matrix/SERVICE/docker-src`) using the `root` user, but now uses `matrix` instead to work around [the following issue with git 2.35.2](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1749).
|
||||||
|
|
||||||
|
If you're on a non-`amd64` architecture (that is, you're overriding `matrix_architecture` in your `vars.yml` file) or you have enabled self-building for some service (e.g. `matrix_*_self_build: true`), you're certainly building some container images from source and have `docker-src` directories with mixed permissions lying around in various `/matrix/SERVICE` directories.
|
||||||
|
|
||||||
|
The playbook *could* correct these permissions automatically, but that requires additional Ansible tasks in some ~45 different places - something that takes considerable effort. So we ask users observing errors related to `docker-src` directories to correct the problem manually by **running this command on the Matrix server** (which deletes all `/matrix/*/docker-src` directories): `find /matrix -maxdepth 2 -name 'docker-src' | xargs rm -rf`
|
||||||
|
|
||||||
|
|
||||||
# 2022-03-17
|
# 2022-03-17
|
||||||
|
|
||||||
## (Compatibility Break) ma1sd identity server no longer installed by default
|
## (Compatibility Break) ma1sd identity server no longer installed by default
|
||||||
|
|
|
@ -1,39 +0,0 @@
|
||||||
# Configuring AWX System (optional)
|
|
||||||
|
|
||||||
An AWX setup for managing multiple Matrix servers.
|
|
||||||
|
|
||||||
This section is used in an AWX system that can create and manage multiple [Matrix](http://matrix.org/) servers. You can issue members an AWX login to their own 'organisation', which they can use to manage/configure 1 to N servers.
|
|
||||||
|
|
||||||
Members can be assigned a server from Digitalocean, or they can connect their own on-premises server. These playbooks are free to use in a commercial context with the 'MemberPress Plus' plugin. They can also be run in a non-commercial context.
|
|
||||||
|
|
||||||
The AWX system is arranged into 'members' each with their own 'subscriptions'. After creating a subscription the user enters the 'provision stage' where they defined the URLs they will use, the servers location and whether or not there's already a website at the base domain. They then proceed onto the 'deploy stage' where they can configure their Matrix server.
|
|
||||||
|
|
||||||
This system can manage the updates, configuration, import and export, backups and monitoring on its own. It is an extension of the popular deploy script [spantaleev/matrix-docker-ansible-deploy](https://github.com/spantaleev/matrix-docker-ansible-deploy).
|
|
||||||
|
|
||||||
Warning: This system is about to undergo heavy revision, **we do not recommend using it at this time.**
|
|
||||||
|
|
||||||
## Other Required Playbooks
|
|
||||||
|
|
||||||
The following repositories allow you to copy and use this setup:
|
|
||||||
|
|
||||||
[Create AWX System](https://gitlab.com/GoMatrixHosting/create-awx-system) - Creates and configures the AWX system for you.
|
|
||||||
|
|
||||||
[Ansible Create Delete Subscription Membership](https://gitlab.com/GoMatrixHosting/ansible-create-delete-subscription-membership) - Used by the AWX system to create memberships and subscriptions. Also includes other administrative playbooks for updates, backups and restoring servers.
|
|
||||||
|
|
||||||
[Ansible Provision Server](https://gitlab.com/GoMatrixHosting/ansible-provision-server) - Used by AWX members to perform initial configuration of their DigitalOcean or On-Premises server.
|
|
||||||
|
|
||||||
[GMHosting External Tools](https://gitlab.com/GoMatrixHosting/gmhosting-external-tools) - Extra tools we run outside of AWX, some of which are experimental.
|
|
||||||
|
|
||||||
|
|
||||||
## Does I need an AWX setup to use this? How do I configure it?
|
|
||||||
|
|
||||||
Yes, you'll need to configure an AWX instance, the [Create AWX System](https://gitlab.com/GoMatrixHosting/create-awx-system) repository makes it easy to do. Just follow the steps listed in ['/docs/Installation_AWX.md' of that repository](https://gitlab.com/GoMatrixHosting/create-awx-system/-/blob/master/docs/Installation_AWX.md).
|
|
||||||
|
|
||||||
For simpler installation steps you can use to get started with this system, check out our minimal installation guide at ['/doc/Installation_Minimal_AWX.md of that repository'](https://gitlab.com/GoMatrixHosting/create-awx-system/-/blob/master/docs/Installation_Minimal_AWX.md).
|
|
||||||
|
|
||||||
|
|
||||||
## Does I need a front-end WordPress site? And a DigitalOcean account?
|
|
||||||
|
|
||||||
You do not need a front-end WordPress site or the MemberPress plugin to use this setup. It can be run on it's own in a non-commercial context.
|
|
||||||
|
|
||||||
You also don't need a DigitalOcean account, although this will limit you to only being able to connect 'On-Premises' servers.
|
|
|
@ -4,17 +4,23 @@ The playbook can install and configure [borgbackup](https://www.borgbackup.org/)
|
||||||
BorgBackup is a deduplicating backup program with optional compression and encryption.
|
BorgBackup is a deduplicating backup program with optional compression and encryption.
|
||||||
That means your daily incremental backups can be stored in a fraction of the space and is safe whether you store it at home or on a cloud service.
|
That means your daily incremental backups can be stored in a fraction of the space and is safe whether you store it at home or on a cloud service.
|
||||||
|
|
||||||
The backup will run based on `matrix_backup_borg_schedule` var (systemd timer calendar), default: 4am every day
|
You will need a remote server where borg will store the backups. There are hosted, borg compatible solutions available, such as [BorgBase](https://www.borgbase.com).
|
||||||
|
|
||||||
|
The backup will run based on `matrix_backup_borg_schedule` var (systemd timer calendar), default: 4am every day.
|
||||||
|
|
||||||
## Prerequisites
|
## Prerequisites
|
||||||
|
|
||||||
1. Create ssh key on any machine:
|
1. Create a new SSH key:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
ssh-keygen -t ed25519 -N '' -f matrix-borg-backup -C matrix
|
ssh-keygen -t ed25519 -N '' -f matrix-borg-backup -C matrix
|
||||||
```
|
```
|
||||||
|
|
||||||
2. Add public part of that ssh key to your borg provider / server:
|
This can be done on any machine and you don't need to place the key in the `.ssh` folder. It will be added to the Ansible config later.
|
||||||
|
|
||||||
|
2. Add the **public** part of this SSH key (the `matrix-borg-backup.pub` file) to your borg provider/server:
|
||||||
|
|
||||||
|
If you plan to use a hosted solution, follow their instructions. If you have your own server, copy the key over:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
# example to append the new PUBKEY contents, where:
|
# example to append the new PUBKEY contents, where:
|
||||||
|
@ -39,13 +45,17 @@ matrix_backup_borg_ssh_key_private: |
|
||||||
|
|
||||||
where:
|
where:
|
||||||
|
|
||||||
* USER - ssh user of a provider / server
|
* USER - SSH user of a provider/server
|
||||||
* HOST - ssh host of a provider / server
|
* HOST - SSH host of a provider/server
|
||||||
* REPO - borg repository name, it will be initialized on backup start, eg: `matrix`
|
* REPO - borg repository name, it will be initialized on backup start, eg: `matrix`
|
||||||
* PASSPHRASE - super-secret borg passphrase, you may generate it with `pwgen -s 64 1` or use any password manager
|
* PASSPHRASE - passphrase used for encrypting backups, you may generate it with `pwgen -s 64 1` or use any password manager
|
||||||
* PRIVATE KEY - the content of the public part of the ssh key you created before
|
* PRIVATE KEY - the content of the **private** part of the SSH key you created before
|
||||||
|
|
||||||
Check the `roles/matrix-backup-borg/defaults/main.yml` for the full list of available options
|
To backup without encryption, add `matrix_backup_borg_encryption: 'none'` to your vars. This will also enable the `matrix_backup_borg_unknown_unencrypted_repo_access_is_ok` variable.
|
||||||
|
|
||||||
|
`matrix_backup_borg_location_source_directories` defines the list of directories to back up: it's set to `{{ matrix_base_data_path }}` by default, which is the base directory for every service's data, such as Synapse, Postgres and the bridges. You might want to exclude certain directories or file patterns from the backup using the `matrix_backup_borg_location_exclude_patterns` variable.
|
||||||
|
|
||||||
|
Check the `roles/matrix-backup-borg/defaults/main.yml` file for the full list of available options.
|
||||||
|
|
||||||
## Installing
|
## Installing
|
||||||
|
|
||||||
|
|
|
@ -22,18 +22,18 @@ Other configuration options are available via the `matrix_hookshot_configuration
|
||||||
|
|
||||||
### URLs for bridges setup
|
### URLs for bridges setup
|
||||||
|
|
||||||
All of the following endpoints are reachable on your `matrix.` subdomain (if the feature is enabled).
|
Unless indicated otherwise, the following endpoints are reachable on your `matrix.` subdomain (if the feature is enabled).
|
||||||
|
|
||||||
| Listener | default path | variable | used as |
|
| listener | default path | variable | used as |
|
||||||
|---|---|---|---|
|
|---|---|---|---|
|
||||||
| webhooks | `/hookshot/webhooks/` | `matrix_hookshot_webhook_endpoint` | GitHub "Webhook URL" |
|
| webhooks | `/hookshot/webhooks/` | `matrix_hookshot_webhook_endpoint` | generics, GitHub "Webhook URL", etc. |
|
||||||
| github oauth | `/hookshot/webhooks/oauth` | `matrix_hookshot_github_oauth_endpoint` | GitHub "Callback URL" |
|
| github oauth | `/hookshot/webhooks/oauth` | `matrix_hookshot_github_oauth_endpoint` | GitHub "Callback URL" |
|
||||||
| jira oauth | `/hookshot/webhooks/jira/oauth` | `matrix_hookshot_jira_oauth_endpoint` | JIRA OAuth |
|
| jira oauth | `/hookshot/webhooks/jira/oauth` | `matrix_hookshot_jira_oauth_endpoint` | JIRA OAuth |
|
||||||
| figma endpoint | `/hookshot/webhooks/figma/webhook` | `matrix_hookshot_figma_endpoint` | Figma |
|
| figma endpoint | `/hookshot/webhooks/figma/webhook` | `matrix_hookshot_figma_endpoint` | Figma |
|
||||||
| provisioning | `/hookshot/v1/` | `matrix_hookshot_provisioning_endpoint` | Dimension [provisioning](#provisioning-api) |
|
| provisioning | `/hookshot/v1/` | `matrix_hookshot_provisioning_endpoint` | Dimension [provisioning](#provisioning-api) |
|
||||||
| appservice | `/hookshot/_matrix/app/` | `matrix_hookshot_appservice_endpoint` | Matrix server |
|
| appservice | `/hookshot/_matrix/app/` | `matrix_hookshot_appservice_endpoint` | Matrix server |
|
||||||
| metrics | `/hookshot/metrics/` | `matrix_hookshot_metrics_endpoint` | Prometheus |
|
| widgets | `/hookshot/widgetapi/` | `/matrix_hookshot_widgets_endpoint` | Widgets |
|
||||||
| widgets | | | not supported |
|
| metrics | `/hookshot/metrics/` (on `stats.` subdomain) | `matrix_hookshot_metrics_endpoint` | Prometheus |
|
||||||
|
|
||||||
See also `matrix_hookshot_matrix_nginx_proxy_configuration` in [init.yml](/roles/matrix-bridge-hookshot/tasks/init.yml).
|
See also `matrix_hookshot_matrix_nginx_proxy_configuration` in [init.yml](/roles/matrix-bridge-hookshot/tasks/init.yml).
|
||||||
|
|
||||||
|
|
|
@ -49,4 +49,19 @@ If you want to use the relay-bot feature ([relay bot documentation](https://docs
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
matrix_mautrix_telegram_bot_token: YOUR_TELEGRAM_BOT_TOKEN
|
matrix_mautrix_telegram_bot_token: YOUR_TELEGRAM_BOT_TOKEN
|
||||||
|
matrix_mautrix_telegram_configuration_extension_yaml: |
|
||||||
|
bridge:
|
||||||
|
permissions:
|
||||||
|
'*': relaybot
|
||||||
```
|
```
|
||||||
|
|
||||||
|
You might also want to give permissions to administrate the bot:
|
||||||
|
```yaml
|
||||||
|
matrix_mautrix_telegram_configuration_extension_yaml: |
|
||||||
|
bridge:
|
||||||
|
permissions:
|
||||||
|
'@user:DOMAIN': admin
|
||||||
|
```
|
||||||
|
|
||||||
|
More details about permissions in this example:
|
||||||
|
https://github.com/mautrix/telegram/blob/master/mautrix_telegram/example-config.yaml#L410
|
||||||
|
|
|
@ -45,27 +45,6 @@ matrix_integration_manager_ui_url: "{{ matrix_dimension_integrations_ui_url if m
|
||||||
######################################################################
|
######################################################################
|
||||||
|
|
||||||
|
|
||||||
######################################################################
|
|
||||||
#
|
|
||||||
# matrix-awx
|
|
||||||
#
|
|
||||||
######################################################################
|
|
||||||
|
|
||||||
# We don't enable AWX support by default.
|
|
||||||
matrix_awx_enabled: false
|
|
||||||
|
|
||||||
matrix_nginx_proxy_data_path: "{{ '/chroot/website' if (matrix_awx_enabled and not matrix_nginx_proxy_base_domain_homepage_enabled) else (matrix_nginx_proxy_base_path + '/data') }}"
|
|
||||||
matrix_nginx_proxy_data_path_in_container: "{{ '/nginx-data/matrix-domain' if (matrix_awx_enabled and not matrix_nginx_proxy_base_domain_homepage_enabled) else '/nginx-data' }}"
|
|
||||||
matrix_nginx_proxy_data_path_extension: "{{ '' if (matrix_awx_enabled and not matrix_nginx_proxy_base_domain_homepage_enabled) else '/matrix-domain' }}"
|
|
||||||
matrix_nginx_proxy_base_domain_create_directory: "{{ not matrix_awx_enabled }}"
|
|
||||||
|
|
||||||
######################################################################
|
|
||||||
#
|
|
||||||
# /matrix-awx
|
|
||||||
#
|
|
||||||
######################################################################
|
|
||||||
|
|
||||||
|
|
||||||
######################################################################
|
######################################################################
|
||||||
#
|
#
|
||||||
# matrix-bridge-appservice-discord
|
# matrix-bridge-appservice-discord
|
||||||
|
@ -697,9 +676,9 @@ matrix_hookshot_provisioning_enabled: "{{ matrix_hookshot_provisioning_secret an
|
||||||
matrix_hookshot_proxy_metrics: "{{ matrix_nginx_proxy_proxy_synapse_metrics }}"
|
matrix_hookshot_proxy_metrics: "{{ matrix_nginx_proxy_proxy_synapse_metrics }}"
|
||||||
matrix_hookshot_proxy_metrics_basic_auth_enabled: "{{ matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_enabled }}"
|
matrix_hookshot_proxy_metrics_basic_auth_enabled: "{{ matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_enabled }}"
|
||||||
|
|
||||||
matrix_hookshot_generic_urlprefix_port_enabled: "{{ matrix_nginx_proxy_container_https_host_bind_port == 443 if matrix_nginx_proxy_https_enabled else matrix_nginx_proxy_container_https_host_bind_port == 80 }}"
|
matrix_hookshot_urlprefix_port_enabled: "{{ matrix_nginx_proxy_container_https_host_bind_port == 443 if matrix_nginx_proxy_https_enabled else matrix_nginx_proxy_container_https_host_bind_port == 80 }}"
|
||||||
matrix_hookshot_generic_urlprefix_port: ":{{ matrix_nginx_proxy_container_https_host_bind_port if matrix_nginx_proxy_https_enabled else matrix_nginx_proxy_container_http_host_bind_port }}"
|
matrix_hookshot_urlprefix_port: ":{{ matrix_nginx_proxy_container_https_host_bind_port if matrix_nginx_proxy_https_enabled else matrix_nginx_proxy_container_http_host_bind_port }}"
|
||||||
matrix_hookshot_generic_urlprefix: "http{{ 's' if matrix_nginx_proxy_https_enabled else '' }}://{{ matrix_server_fqn_matrix }}{{ matrix_hookshot_generic_urlprefix_port if matrix_hookshot_generic_urlprefix_port_enabled else '' }}{{ matrix_hookshot_generic_endpoint }}"
|
matrix_hookshot_urlprefix: "http{{ 's' if matrix_nginx_proxy_https_enabled else '' }}://{{ matrix_server_fqn_matrix }}{{ matrix_hookshot_urlprefix_port if matrix_hookshot_urlprefix_port_enabled else '' }}"
|
||||||
|
|
||||||
######################################################################
|
######################################################################
|
||||||
#
|
#
|
||||||
|
@ -1102,13 +1081,33 @@ matrix_bot_mjolnir_systemd_required_services_list: |
|
||||||
######################################################################
|
######################################################################
|
||||||
|
|
||||||
matrix_backup_borg_enabled: false
|
matrix_backup_borg_enabled: false
|
||||||
|
matrix_backup_borg_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm32', 'arm64'] }}"
|
||||||
|
matrix_backup_borg_postgresql_enabled: "{{ matrix_postgres_enabled }}"
|
||||||
|
matrix_backup_borg_postgresql_databases_hostname: "{{ matrix_postgres_connection_hostname }}"
|
||||||
|
matrix_backup_borg_postgresql_databases_username: "{{ matrix_postgres_connection_username }}"
|
||||||
|
matrix_backup_borg_postgresql_databases_password: "{{ matrix_postgres_connection_password }}"
|
||||||
|
matrix_backup_borg_postgresql_databases_port: "{{ matrix_postgres_connection_port }}"
|
||||||
|
matrix_backup_borg_postgresql_databases: |
|
||||||
|
{{
|
||||||
|
(([{
|
||||||
|
'name': matrix_synapse_database_database
|
||||||
|
}] if (matrix_synapse_enabled and matrix_synapse_database_database == matrix_postgres_db_name and matrix_synapse_database_host == 'matrix-postgres') else [])
|
||||||
|
+
|
||||||
|
matrix_postgres_additional_databases)|map(attribute='name')|list
|
||||||
|
}}
|
||||||
matrix_backup_borg_location_source_directories:
|
matrix_backup_borg_location_source_directories:
|
||||||
- "{{ matrix_base_data_path }}"
|
- "{{ matrix_base_data_path }}"
|
||||||
matrix_backup_borg_location_exclude_patterns: |
|
matrix_backup_borg_location_exclude_patterns: |
|
||||||
{{
|
{{
|
||||||
{
|
([matrix_synapse_media_store_path + '/local_thumbnails', matrix_synapse_media_store_path + '/remote_thumbnail', matrix_synapse_media_store_path + '/url_cache', matrix_synapse_media_store_path + '/url_cache_thumbnails'] if matrix_homeserver_implementation == 'synapse' else [])
|
||||||
'synapse': ["{{ matrix_synapse_media_store_path }}/local_thumbnails", "{{ matrix_synapse_media_store_path }}/remote_thumbnail", "{{ matrix_synapse_media_store_path }}/url_cache", "{{ matrix_synapse_media_store_path }}/url_cache_thumbnails"],
|
+
|
||||||
}[matrix_homeserver_implementation]
|
([matrix_postgres_data_path] if matrix_postgres_enabled else [])
|
||||||
|
}}
|
||||||
|
matrix_backup_borg_systemd_required_services_list: |
|
||||||
|
{{
|
||||||
|
['docker.service']
|
||||||
|
+
|
||||||
|
(['matrix-postgres.service'] if matrix_postgres_enabled else [])
|
||||||
}}
|
}}
|
||||||
|
|
||||||
######################################################################
|
######################################################################
|
||||||
|
|
|
@ -1,8 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
matrix_awx_enabled: true
|
|
||||||
|
|
||||||
# Defaults for 'Customise Website + Access Export' template
|
|
||||||
awx_sftp_auth_method: 'Disabled'
|
|
||||||
awx_sftp_password: ''
|
|
||||||
awx_sftp_public_key: ''
|
|
|
@ -1,29 +0,0 @@
|
||||||
|
|
||||||
import sys
|
|
||||||
import requests
|
|
||||||
import json
|
|
||||||
|
|
||||||
janitor_token = sys.argv[1]
|
|
||||||
synapse_container_ip = sys.argv[2]
|
|
||||||
synapse_container_port = sys.argv[3]
|
|
||||||
|
|
||||||
# collect total amount of rooms
|
|
||||||
|
|
||||||
rooms_raw_url = 'http://' + synapse_container_ip + ':' + synapse_container_port + '/_synapse/admin/v1/rooms'
|
|
||||||
rooms_raw_header = {'Authorization': 'Bearer ' + janitor_token}
|
|
||||||
rooms_raw = requests.get(rooms_raw_url, headers=rooms_raw_header)
|
|
||||||
rooms_raw_python = json.loads(rooms_raw.text)
|
|
||||||
total_rooms = rooms_raw_python["total_rooms"]
|
|
||||||
|
|
||||||
# build complete room list file
|
|
||||||
|
|
||||||
room_list_file = open("/tmp/room_list_complete.json", "w")
|
|
||||||
|
|
||||||
for i in range(0, total_rooms, 100):
|
|
||||||
rooms_inc_url = 'http://' + synapse_container_ip + ':' + synapse_container_port + '/_synapse/admin/v1/rooms?from=' + str(i)
|
|
||||||
rooms_inc = requests.get(rooms_inc_url, headers=rooms_raw_header)
|
|
||||||
room_list_file.write(rooms_inc.text)
|
|
||||||
|
|
||||||
room_list_file.close()
|
|
||||||
|
|
||||||
print(total_rooms)
|
|
|
@ -1,42 +0,0 @@
|
||||||
{
|
|
||||||
"name": "Access Export",
|
|
||||||
"description": "Access the services export.",
|
|
||||||
"spec": [
|
|
||||||
{
|
|
||||||
"question_name": "SFTP Authorisation Method",
|
|
||||||
"question_description": "Set whether you want to disable SFTP, use a password to connect to SFTP or connect with a more secure SSH key.",
|
|
||||||
"required": true,
|
|
||||||
"min": null,
|
|
||||||
"max": null,
|
|
||||||
"default": "{{ awx_sftp_auth_method | string }}",
|
|
||||||
"choices": "Disabled\nPassword\nSSH Key",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "awx_sftp_auth_method",
|
|
||||||
"type": "multiplechoice"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "SFTP Password",
|
|
||||||
"question_description": "Sets the password of the 'sftp' account, which allows you to upload a multi-file static website by SFTP, as well as export the latest copy of your Matrix service. Must be defined if 'Password' method is selected. WARNING: You must set a strong and unique password here.",
|
|
||||||
"required": false,
|
|
||||||
"min": 0,
|
|
||||||
"max": 64,
|
|
||||||
"default": "{{ awx_sftp_password }}",
|
|
||||||
"choices": "",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "awx_sftp_password",
|
|
||||||
"type": "password"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "SFTP Public SSH Key (More Secure)",
|
|
||||||
"question_description": "Sets the public SSH key used to access the 'sftp' account, which allows you to upload a multi-file static website by SFTP, as well as export the latest copy of your Matrix service. Must be defined if 'SSH Key' method is selected.",
|
|
||||||
"required": false,
|
|
||||||
"min": 0,
|
|
||||||
"max": 16384,
|
|
||||||
"default": "{{ awx_sftp_public_key }}",
|
|
||||||
"choices": "",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "awx_sftp_public_key",
|
|
||||||
"type": "text"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
|
@ -1,18 +0,0 @@
|
||||||
{
|
|
||||||
"name": "Backup Server",
|
|
||||||
"description": "Performs a backup of the entire service to a remote location.",
|
|
||||||
"spec": [
|
|
||||||
{
|
|
||||||
"question_name": "Enable Backup",
|
|
||||||
"question_description": "Set if remote backup is enabled or not. If enabled a daily backup of your server will be sent to the backup server located in {{ backup_server_location }}.",
|
|
||||||
"required": false,
|
|
||||||
"min": null,
|
|
||||||
"max": null,
|
|
||||||
"default": "{{ awx_backup_enabled | string | lower }}",
|
|
||||||
"choices": "true\nfalse",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "awx_backup_enabled",
|
|
||||||
"type": "multiplechoice"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
|
@ -1,66 +0,0 @@
|
||||||
{
|
|
||||||
"name": "Bridge Discord Appservice",
|
|
||||||
"description": "Enables a private bridge you can use to connect Matrix rooms to Discord.",
|
|
||||||
"spec": [
|
|
||||||
{
|
|
||||||
"question_name": "Enable Discord AppService Bridge",
|
|
||||||
"question_description": "Enables a private bridge you can use to connect Matrix rooms to Discord.",
|
|
||||||
"required": true,
|
|
||||||
"min": null,
|
|
||||||
"max": null,
|
|
||||||
"default": "{{ matrix_appservice_discord_enabled | string | lower }}",
|
|
||||||
"choices": "true\nfalse",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "matrix_appservice_discord_enabled",
|
|
||||||
"type": "multiplechoice"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "Discord OAuth2 Client ID",
|
|
||||||
"question_description": "The OAuth2 'CLIENT ID' which can be found in the 'OAuth2' tab of your new discord application: https://discord.com/developers/applications",
|
|
||||||
"required": true,
|
|
||||||
"min": 0,
|
|
||||||
"max": 128,
|
|
||||||
"default": "{{ matrix_appservice_discord_client_id | trim }}",
|
|
||||||
"choices": "",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "matrix_appservice_discord_client_id",
|
|
||||||
"type": "text"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "Discord Bot Token",
|
|
||||||
"question_description": "The Bot 'TOKEN' which can be found in the 'Bot' tab of your new discord application: https://discord.com/developers/applications",
|
|
||||||
"required": true,
|
|
||||||
"min": 0,
|
|
||||||
"max": 256,
|
|
||||||
"default": "{{ matrix_appservice_discord_bot_token | trim }}",
|
|
||||||
"choices": "",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "matrix_appservice_discord_bot_token",
|
|
||||||
"type": "password"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "Auto-Admin Matrix User",
|
|
||||||
"question_description": "The username you would like to be automatically joined and promoted to administrator (PL100) in bridged rooms. Exclude the '@' and server name postfix. So to create @stevo:example.org just enter 'stevo'.",
|
|
||||||
"required": false,
|
|
||||||
"min": 0,
|
|
||||||
"max": 1024,
|
|
||||||
"default": "",
|
|
||||||
"choices": "",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "awx_appservice_discord_admin_user",
|
|
||||||
"type": "text"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "Auto-Admin Rooms",
|
|
||||||
"question_description": "A list of rooms you want the user to be automatically joined and promoted to administrator (PL100) in. These should be the internal IDs (for example '!axfBUsKhfAjSMBdjKX:example.org') separated by newlines.",
|
|
||||||
"required": false,
|
|
||||||
"min": 0,
|
|
||||||
"max": 4096,
|
|
||||||
"default": "",
|
|
||||||
"choices": "",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "awx_appservice_discord_admin_rooms",
|
|
||||||
"type": "textarea"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
|
@ -1,88 +0,0 @@
|
||||||
{
|
|
||||||
"name": "Configure Matrix Corporal",
|
|
||||||
"description": "Configure Matrix Corporal, a tool that manages your Matrix server according to a configuration policy.",
|
|
||||||
"spec": [
|
|
||||||
{
|
|
||||||
"question_name": "Enable Corporal",
|
|
||||||
"question_description": "Controls if Matrix Corporal is enabled at all. If you're unsure if you need Matrix Corporal or not, you most likely don't.",
|
|
||||||
"required": true,
|
|
||||||
"min": null,
|
|
||||||
"max": null,
|
|
||||||
"default": "{{ matrix_corporal_enabled|string|lower }}",
|
|
||||||
"choices": "true\nfalse",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "matrix_corporal_enabled",
|
|
||||||
"type": "multiplechoice"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "Corporal Policy Provider",
|
|
||||||
"question_description": "Controls what provider policy is used with Matrix Corporal.",
|
|
||||||
"required": true,
|
|
||||||
"min": null,
|
|
||||||
"max": null,
|
|
||||||
"default": "{{ awx_corporal_policy_provider_mode }}",
|
|
||||||
"choices": "Simple Static File\nHTTP Pull Mode (API Enabled)\nHTTP Push Mode (API Enabled)",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "awx_corporal_policy_provider_mode",
|
|
||||||
"type": "multiplechoice"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "Simple Static File Configuration",
|
|
||||||
"question_description": "The configuration file for Matrix Corporal, only needed if 'Simple Static File' provider is selected, any configuration entered here will be saved and applied.",
|
|
||||||
"required": false,
|
|
||||||
"min": 0,
|
|
||||||
"max": 65536,
|
|
||||||
"default": "",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "awx_corporal_simple_static_config",
|
|
||||||
"type": "textarea"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "HTTP Pull Mode URI",
|
|
||||||
"question_description": "The network address to remotely fetch the configuration from. Only needed if 'HTTP Pull Mode (API Enabled)' provider is selected.",
|
|
||||||
"required": false,
|
|
||||||
"min": 0,
|
|
||||||
"max": 4096,
|
|
||||||
"default": "{{ awx_corporal_pull_mode_uri }}",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "awx_corporal_pull_mode_uri",
|
|
||||||
"type": "text"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "HTTP Pull Mode Authentication Token",
|
|
||||||
"question_description": "An authentication token for pulling the Corporal configuration from a network location. Only needed if 'HTTP Pull Mode (API Enabled)' provider is selected. WARNING: You must set a strong and unique password here.",
|
|
||||||
"required": false,
|
|
||||||
"min": 0,
|
|
||||||
"max": 256,
|
|
||||||
"default": "{{ awx_corporal_pull_mode_token }}",
|
|
||||||
"choices": "",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "awx_corporal_pull_mode_token",
|
|
||||||
"type": "password"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "Corporal API Authentication Token",
|
|
||||||
"question_description": "An authentication token for interfacing with Corporals API. Only needed to be set if 'HTTP Pull Mode (API Enabled)' or 'HTTP Push Mode (API Enabled)' provider is selected. WARNING: You must set a strong and unique password here.",
|
|
||||||
"required": false,
|
|
||||||
"min": 0,
|
|
||||||
"max": 256,
|
|
||||||
"default": "{{ matrix_corporal_http_api_auth_token }}",
|
|
||||||
"choices": "",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "matrix_corporal_http_api_auth_token",
|
|
||||||
"type": "password"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "Raise Synapse Ratelimits",
|
|
||||||
"question_description": "For Matrix Corporal to work you will need to temporarily raise the rate limits for logins, please return this value to 'Normal' after you're done using Corporal.",
|
|
||||||
"required": false,
|
|
||||||
"min": null,
|
|
||||||
"max": null,
|
|
||||||
"default": "{{ awx_corporal_raise_ratelimits }}",
|
|
||||||
"choices": "Normal\nRaised",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "awx_corporal_raise_ratelimits",
|
|
||||||
"type": "multiplechoice"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
|
@ -1,30 +0,0 @@
|
||||||
{
|
|
||||||
"name": "Configure Dimension",
|
|
||||||
"description": "Configure Dimension, the self-hosted integrations server.",
|
|
||||||
"spec": [
|
|
||||||
{
|
|
||||||
"question_name": "Enable Dimension",
|
|
||||||
"question_description": "Enables the Dimension integration server, before doing this you need to create a CNAME record for 'dimension.{{ matrix_domain }}' that points to 'matrix.{{ matrix_domain }}'.",
|
|
||||||
"required": false,
|
|
||||||
"min": null,
|
|
||||||
"max": null,
|
|
||||||
"default": "{{ matrix_dimension_enabled | string | lower }}",
|
|
||||||
"choices": "true\nfalse",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "matrix_dimension_enabled",
|
|
||||||
"type": "multiplechoice"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "Dimension Users",
|
|
||||||
"question_description": "Here you can list the user accounts that will be able to configure Dimension. Entries must be seperated with newlines and must be a complete Matrix ID. For example: '@dimension:{{ matrix_domain }}'",
|
|
||||||
"required": false,
|
|
||||||
"min": 0,
|
|
||||||
"max": 65536,
|
|
||||||
"default": {{ awx_dimension_users_final | to_json }},
|
|
||||||
"choices": "",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "awx_dimension_users",
|
|
||||||
"type": "textarea"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
|
@ -1,114 +0,0 @@
|
||||||
{
|
|
||||||
"name": "Configure Element",
|
|
||||||
"description": "Configure Element web client, Element is the most developed Matrix client software.",
|
|
||||||
"spec": [
|
|
||||||
{
|
|
||||||
"question_name": "Enable Element-Web",
|
|
||||||
"question_description": "Set if Element web client is enabled or not.",
|
|
||||||
"required": true,
|
|
||||||
"min": null,
|
|
||||||
"max": null,
|
|
||||||
"default": "{{ matrix_client_element_enabled }}",
|
|
||||||
"choices": "true\nfalse",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "matrix_client_element_enabled",
|
|
||||||
"type": "multiplechoice"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "Set Theme for Web Client",
|
|
||||||
"question_description": "Sets the default theme for the web client, can be changed later by individual users.",
|
|
||||||
"required": false,
|
|
||||||
"min": null,
|
|
||||||
"max": null,
|
|
||||||
"default": "{{ matrix_client_element_default_theme }}",
|
|
||||||
"choices": "light\ndark",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "matrix_client_element_default_theme",
|
|
||||||
"type": "multiplechoice"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "Set Branding for Web Client",
|
|
||||||
"question_description": "Sets the 'branding' seen in the tab and on the welcome page to a custom value.Leaving this field blank will cause the default branding will be used: 'Element'",
|
|
||||||
"required": false,
|
|
||||||
"min": 0,
|
|
||||||
"max": 256,
|
|
||||||
"default": "{{ matrix_client_element_brand | trim }}",
|
|
||||||
"choices": "",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "matrix_client_element_brand",
|
|
||||||
"type": "text"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "Set Welcome Page Background",
|
|
||||||
"question_description": "Sets the background image on the welcome page, you should enter a URL to the image you want to use. Must be a 'https' link, otherwise it won't be set. Leaving this field blank will cause the default background to be used.",
|
|
||||||
"required": false,
|
|
||||||
"min": 0,
|
|
||||||
"max": 1024,
|
|
||||||
"default": "{{ matrix_client_element_branding_welcomeBackgroundUrl | trim }}",
|
|
||||||
"choices": "",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "matrix_client_element_branding_welcomeBackgroundUrl",
|
|
||||||
"type": "text"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "Set Welcome Page Logo",
|
|
||||||
"question_description": "Sets the logo found on the welcome and login page, must be a valid https link to your logo, the logo itself should be a square vector image (SVG). Leaving this field blank will cause the default Element logo to be used.",
|
|
||||||
"required": false,
|
|
||||||
"min": 0,
|
|
||||||
"max": 1024,
|
|
||||||
"default": "{{ matrix_client_element_welcome_logo | trim }}",
|
|
||||||
"choices": "",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "matrix_client_element_welcome_logo",
|
|
||||||
"type": "text"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "Set Welcome Page Logo URL",
|
|
||||||
"question_description": "Sets the URL link the welcome page logo leads to, must be a valid https link. Leaving this field blank will cause this default link to be used: 'https://element.io'",
|
|
||||||
"required": false,
|
|
||||||
"min": 0,
|
|
||||||
"max": 1024,
|
|
||||||
"default": "{{ matrix_client_element_welcome_logo_link | trim }}",
|
|
||||||
"choices": "",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "matrix_client_element_welcome_logo_link",
|
|
||||||
"type": "text"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "Set Welcome Page Headline",
|
|
||||||
"question_description": "Sets the headline seen on the welcome page. Leaving this field blank will cause this default headline to be used: 'Welcome to Element!'",
|
|
||||||
"required": false,
|
|
||||||
"min": 0,
|
|
||||||
"max": 512,
|
|
||||||
"default": "{{ awx_matrix_client_element_welcome_headline | trim }}",
|
|
||||||
"choices": "",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "awx_matrix_client_element_welcome_headline",
|
|
||||||
"type": "text"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "Set Welcome Page Text",
|
|
||||||
"question_description": "Sets the text seen on the welcome page. Leaving this field blank will cause this default headline to be used: 'Decentralised, encrypted chat & collaboration powered by [Matrix]'",
|
|
||||||
"required": false,
|
|
||||||
"min": 0,
|
|
||||||
"max": 2048,
|
|
||||||
"default": "{{ awx_matrix_client_element_welcome_text | trim }}",
|
|
||||||
"choices": "",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "awx_matrix_client_element_welcome_text",
|
|
||||||
"type": "text"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "Show Registration Button",
|
|
||||||
"question_description": "If you show the registration button on the welcome page.",
|
|
||||||
"required": false,
|
|
||||||
"min": null,
|
|
||||||
"max": null,
|
|
||||||
"default": "{{ matrix_client_element_registration_enabled }}",
|
|
||||||
"choices": "true\nfalse",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "matrix_client_element_registration_enabled",
|
|
||||||
"type": "multiplechoice"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
|
@ -1,18 +0,0 @@
|
||||||
{
|
|
||||||
"name": "Configure Element Subdomain",
|
|
||||||
"description": "Configure Element clients subdomain location. (Eg: 'element' for element.example.org)",
|
|
||||||
"spec": [
|
|
||||||
{
|
|
||||||
"question_name": "Set Element Subdomain",
|
|
||||||
"question_description": "Sets the subdomain of the Element web-client, you should only specify the subdomain, not the base domain you've already set. (Eg: 'element' for element.example.org) Note that if you change this value you'll need to reconfigure your DNS.",
|
|
||||||
"required": false,
|
|
||||||
"min": 0,
|
|
||||||
"max": 2048,
|
|
||||||
"default": "{{ awx_element_subdomain }}",
|
|
||||||
"choices": "",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "awx_element_subdomain",
|
|
||||||
"type": "text"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
|
@ -1,19 +0,0 @@
|
||||||
{
|
|
||||||
"name": "Configure Email Relay",
|
|
||||||
"description": "Enable MailGun relay to increase verification email reliability.",
|
|
||||||
"spec": [
|
|
||||||
{
|
|
||||||
"question_name": "Enable Email Relay",
|
|
||||||
"question_description": "Enables the MailGun email relay server, enabling this will increase the reliability of your email verification.",
|
|
||||||
"required": false,
|
|
||||||
"min": null,
|
|
||||||
"max": null,
|
|
||||||
"default": "{{ matrix_mailer_relay_use | string | lower }}",
|
|
||||||
"choices": "true\nfalse",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "matrix_mailer_relay_use",
|
|
||||||
"type": "multiplechoice"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|
|
@ -1,31 +0,0 @@
|
||||||
{
|
|
||||||
"name": "Configure Jitsi",
|
|
||||||
"description": "Configure Jitsi conferencing settings.",
|
|
||||||
"spec": [
|
|
||||||
{
|
|
||||||
"question_name": "Enable Jitsi",
|
|
||||||
"question_description": "Set if Jitsi is enabled or not. If disabled your server will use the https://jitsi.riot.im server. If you're on a smaller server disabling this might increase the performance of your Matrix service.",
|
|
||||||
"required": false,
|
|
||||||
"min": null,
|
|
||||||
"max": null,
|
|
||||||
"default": "{{ matrix_jitsi_enabled }}",
|
|
||||||
"choices": "true\nfalse",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "matrix_jitsi_enabled",
|
|
||||||
"type": "multiplechoice"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "Set Default Language",
|
|
||||||
"question_description": "2 digit 639-1 language code to adjust the language of the web client. For a list of possible codes see: https://en.wikipedia.org/wiki/List_of_ISO_639-1_codes",
|
|
||||||
"required": false,
|
|
||||||
"min": 0,
|
|
||||||
"max": 2,
|
|
||||||
"default": "{{ matrix_jitsi_web_config_defaultLanguage }}",
|
|
||||||
"choices": "",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "matrix_jitsi_web_config_defaultLanguage",
|
|
||||||
"type": "text"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|
|
@ -1,41 +0,0 @@
|
||||||
{
|
|
||||||
"name": "Configure ma1sd",
|
|
||||||
"description": "Configure ma1sd settings, ma1sd is a self-hosted identity server for Matrix.",
|
|
||||||
"spec": [
|
|
||||||
{
|
|
||||||
"question_name": "Enable ma1sd",
|
|
||||||
"question_description": "Set if ma1sd is enabled or not. If disabled your server will loose identity functionality (not recommended).",
|
|
||||||
"required": false,
|
|
||||||
"min": null,
|
|
||||||
"max": null,
|
|
||||||
"default": "{{ matrix_ma1sd_enabled | string | lower }}",
|
|
||||||
"choices": "true\nfalse",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "matrix_ma1sd_enabled",
|
|
||||||
"type": "multiplechoice"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "ma1sd Authentication Mode",
|
|
||||||
"question_description": "Set the source of user account authentication credentials with the ma1sd.",
|
|
||||||
"required": false,
|
|
||||||
"min": null,
|
|
||||||
"max": null,
|
|
||||||
"default": "{{ awx_matrix_ma1sd_auth_store }}",
|
|
||||||
"choices": "Synapse Internal\nLDAP/AD",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "awx_matrix_ma1sd_auth_store",
|
|
||||||
"type": "multiplechoice"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "LDAP/AD Configuration",
|
|
||||||
"question_description": "Settings for connecting LDAP/AD to the ma1sd service. (ignored if using Synapse Internal, see https://github.com/ma1uta/ma1sd/blob/master/docs/stores/README.md )",
|
|
||||||
"required": false,
|
|
||||||
"min": 0,
|
|
||||||
"max": 65536,
|
|
||||||
"default": {{ awx_matrix_ma1sd_configuration_extension_yaml | to_json }},
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "awx_matrix_ma1sd_configuration_extension_yaml",
|
|
||||||
"type": "textarea"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
|
@ -1,29 +0,0 @@
|
||||||
{
|
|
||||||
"name": "Configure Mjolnir",
|
|
||||||
"description": "Configure Mjolnir settings, Mjolnir is a moderation bot for Matrix.",
|
|
||||||
"spec": [
|
|
||||||
{
|
|
||||||
"question_name": "Enable Mjolnir",
|
|
||||||
"question_description": "Set if Mjolnir is enabled or not. Mjolnir is a moderation bot for Matrix.",
|
|
||||||
"required": true,
|
|
||||||
"min": null,
|
|
||||||
"max": null,
|
|
||||||
"default": "{{ matrix_bot_mjolnir_enabled | string | lower }}",
|
|
||||||
"choices": "true\nfalse",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "matrix_bot_mjolnir_enabled",
|
|
||||||
"type": "multiplechoice"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "Mjolnir Management Room",
|
|
||||||
"question_description": "Sets the internal ID of the management room for Mjolnir. Example: '!wAeZaPCKvaCHcSqxAW:matrix.org'",
|
|
||||||
"required": true,
|
|
||||||
"min": null,
|
|
||||||
"max": null,
|
|
||||||
"default": "{{ matrix_bot_mjolnir_management_room }}",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "matrix_bot_mjolnir_management_room",
|
|
||||||
"type": "text"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
|
@ -1,198 +0,0 @@
|
||||||
{
|
|
||||||
"name": "Configure Synapse",
|
|
||||||
"description": "Configure Synapse settings. Synapse is the homeserver software that powers your Matrix instance.",
|
|
||||||
"spec": [
|
|
||||||
{
|
|
||||||
"question_name": "Enable Public Registration",
|
|
||||||
"question_description": "Controls whether people with access to the homeserver can register by themselves.",
|
|
||||||
"required": false,
|
|
||||||
"min": null,
|
|
||||||
"max": null,
|
|
||||||
"default": "{{ matrix_synapse_enable_registration | string | lower }}",
|
|
||||||
"choices": "true\nfalse",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "matrix_synapse_enable_registration",
|
|
||||||
"type": "multiplechoice"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "Enable Federation",
|
|
||||||
"question_description": "Controls whether Synapse will federate at all. Disable this to completely isolate your server from the rest of the Matrix network.",
|
|
||||||
"required": false,
|
|
||||||
"min": null,
|
|
||||||
"max": null,
|
|
||||||
"default": "{{ matrix_synapse_federation_enabled | string | lower }}",
|
|
||||||
"choices": "true\nfalse",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "matrix_synapse_federation_enabled",
|
|
||||||
"type": "multiplechoice"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "Allow Public Rooms Over Federation",
|
|
||||||
"question_description": "Controls whether remote servers can fetch this server's public rooms directory via federation. For private servers, you'll most likely want to forbid this.",
|
|
||||||
"required": false,
|
|
||||||
"min": null,
|
|
||||||
"max": null,
|
|
||||||
"default": "{{ matrix_synapse_allow_public_rooms_over_federation | string | lower }}",
|
|
||||||
"choices": "true\nfalse",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "matrix_synapse_allow_public_rooms_over_federation",
|
|
||||||
"type": "multiplechoice"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "Enable Community Creation",
|
|
||||||
"question_description": "Allows regular users (who aren't server admins) to create 'communities', which are basically groups of rooms.",
|
|
||||||
"required": false,
|
|
||||||
"min": null,
|
|
||||||
"max": null,
|
|
||||||
"default": "{{ matrix_synapse_enable_group_creation | string | lower }}",
|
|
||||||
"choices": "true\nfalse",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "matrix_synapse_enable_group_creation",
|
|
||||||
"type": "multiplechoice"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "Enable Synapse Presence",
|
|
||||||
"question_description": "Controls whether presence is enabled. This shows who's online and reading your posts. Disabling it will increase both performance and user privacy.",
|
|
||||||
"required": false,
|
|
||||||
"min": null,
|
|
||||||
"max": null,
|
|
||||||
"default": "{{ matrix_synapse_presence_enabled | string | lower }}",
|
|
||||||
"choices": "true\nfalse",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "matrix_synapse_presence_enabled",
|
|
||||||
"type": "multiplechoice"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "Enable URL Previews",
|
|
||||||
"question_description": "Controls whether URL previews should be generated. This will cause a request from Synapse to URLs shared by users.",
|
|
||||||
"required": false,
|
|
||||||
"min": null,
|
|
||||||
"max": null,
|
|
||||||
"default": "{{ matrix_synapse_url_preview_enabled | string | lower }}",
|
|
||||||
"choices": "true\nfalse",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "matrix_synapse_url_preview_enabled",
|
|
||||||
"type": "multiplechoice"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "Enable Guest Access",
|
|
||||||
"question_description": "Controls whether 'guest accounts' can access rooms without registering. Guest users do not count towards your servers user limit.",
|
|
||||||
"required": false,
|
|
||||||
"min": null,
|
|
||||||
"max": null,
|
|
||||||
"default": "{{ matrix_synapse_allow_guest_access | string | lower }}",
|
|
||||||
"choices": "true\nfalse",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "matrix_synapse_allow_guest_access",
|
|
||||||
"type": "multiplechoice"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "Registration Requires Email",
|
|
||||||
"question_description": "Controls whether an email address is required to register on the server.",
|
|
||||||
"required": false,
|
|
||||||
"min": null,
|
|
||||||
"max": null,
|
|
||||||
"default": "{{ awx_registrations_require_3pid | string | lower }}",
|
|
||||||
"choices": "true\nfalse",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "awx_registrations_require_3pid",
|
|
||||||
"type": "multiplechoice"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "Registration Shared Secret",
|
|
||||||
"question_description": "A secret that allows registration of standard or admin accounts by anyone who has the shared secret, even if registration is otherwise disabled. WARNING: You must set a strong and unique password here.",
|
|
||||||
"required": false,
|
|
||||||
"min": 0,
|
|
||||||
"max": 256,
|
|
||||||
"default": "",
|
|
||||||
"choices": "",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "awx_matrix_synapse_registration_shared_secret",
|
|
||||||
"type": "password"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "Synapse Max Upload Size",
|
|
||||||
"question_description": "Sets the maximum size for uploaded files in MB.",
|
|
||||||
"required": false,
|
|
||||||
"min": 0,
|
|
||||||
"max": 3,
|
|
||||||
"default": "{{ matrix_synapse_max_upload_size_mb }}",
|
|
||||||
"choices": "",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "awx_synapse_max_upload_size_mb",
|
|
||||||
"type": "text"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "URL Preview Languages",
|
|
||||||
"question_description": "Sets the languages that URL previews will be generated in. Entries are a 2-3 letter IETF language tag, they must be seperated with newlines. For example: 'fr' https://en.wikipedia.org/wiki/IETF_language_tag",
|
|
||||||
"required": false,
|
|
||||||
"min": 0,
|
|
||||||
"max": 65536,
|
|
||||||
"default": {{ awx_url_preview_accept_language_default | to_json }},
|
|
||||||
"choices": "",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "awx_url_preview_accept_language",
|
|
||||||
"type": "textarea"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "Federation Whitelist",
|
|
||||||
"question_description": "Here you can list the URLs of other Matrix homeservers and Synapse will only federate with those homeservers. Entries must be seperated with newlines and must not have a 'https://' prefix. For example: 'matrix.example.org'",
|
|
||||||
"required": false,
|
|
||||||
"min": 0,
|
|
||||||
"max": 65536,
|
|
||||||
"default": {{ awx_federation_whitelist | to_json }},
|
|
||||||
"choices": "",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "awx_federation_whitelist",
|
|
||||||
"type": "textarea"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "Synapse Auto-Join Rooms",
|
|
||||||
"question_description": "Sets the 'auto-join' rooms, where new users will be automatically invited to, these rooms must already exist. Entries must be room addresses that are separated with newlines. For example: '#announcements:example.org'",
|
|
||||||
"required": false,
|
|
||||||
"min": 0,
|
|
||||||
"max": 65536,
|
|
||||||
"default": {{ awx_synapse_auto_join_rooms | to_json }},
|
|
||||||
"choices": "",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "awx_synapse_auto_join_rooms",
|
|
||||||
"type": "textarea"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "Enable ReCaptcha on Registration",
|
|
||||||
"question_description": "Enables Googles ReCaptcha verification for registering an account, recommended for public servers.",
|
|
||||||
"required": false,
|
|
||||||
"min": null,
|
|
||||||
"max": null,
|
|
||||||
"default": "{{ awx_enable_registration_captcha | string | lower }}",
|
|
||||||
"choices": "true\nfalse",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "awx_enable_registration_captcha",
|
|
||||||
"type": "multiplechoice"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "Recaptcha Public Key",
|
|
||||||
"question_description": "Sets the Google ReCaptcha public key for this website.",
|
|
||||||
"required": false,
|
|
||||||
"min": 0,
|
|
||||||
"max": 40,
|
|
||||||
"default": "{{ awx_recaptcha_public_key }}",
|
|
||||||
"choices": "",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "awx_recaptcha_public_key",
|
|
||||||
"type": "text"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "Recaptcha Private Key",
|
|
||||||
"question_description": "Sets the Google ReCaptcha private key for this website.",
|
|
||||||
"required": false,
|
|
||||||
"min": 0,
|
|
||||||
"max": 40,
|
|
||||||
"default": "{{ awx_recaptcha_private_key }}",
|
|
||||||
"choices": "",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "awx_recaptcha_private_key",
|
|
||||||
"type": "text"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
|
@ -1,18 +0,0 @@
|
||||||
{
|
|
||||||
"name": "Configure Synapse Admin",
|
|
||||||
"description": "Configure 'Synapse Admin', a moderation tool to help you manage your server.",
|
|
||||||
"spec": [
|
|
||||||
{
|
|
||||||
"question_name": "Enable Synapse Admin",
|
|
||||||
"question_description": "Set if Synapse Admin is enabled or not. If enabled you can access it at https://{{ matrix_server_fqn_matrix }}/synapse-admin.",
|
|
||||||
"required": false,
|
|
||||||
"min": null,
|
|
||||||
"max": null,
|
|
||||||
"default": "{{ matrix_synapse_admin_enabled | string | lower }}",
|
|
||||||
"choices": "true\nfalse",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "matrix_synapse_admin_enabled",
|
|
||||||
"type": "multiplechoice"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
|
@ -1,54 +0,0 @@
|
||||||
{
|
|
||||||
"name": "Configure Website Access Backup",
|
|
||||||
"description": "Configure base domain website settings and access the services backup.",
|
|
||||||
"spec": [
|
|
||||||
{
|
|
||||||
"question_name": "Customise Base Domain Website",
|
|
||||||
"question_description": "Set if you want to adjust the base domain website using SFTP.",
|
|
||||||
"required": true,
|
|
||||||
"min": null,
|
|
||||||
"max": null,
|
|
||||||
"default": "{{ awx_customise_base_domain_website | string | lower }}",
|
|
||||||
"choices": "true\nfalse",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "awx_customise_base_domain_website",
|
|
||||||
"type": "multiplechoice"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "SFTP Authorisation Method",
|
|
||||||
"question_description": "Set whether you want to disable SFTP, use a password to connect to SFTP or connect with a more secure SSH key.",
|
|
||||||
"required": true,
|
|
||||||
"min": null,
|
|
||||||
"max": null,
|
|
||||||
"default": "{{ awx_sftp_auth_method | string }}",
|
|
||||||
"choices": "Disabled\nPassword\nSSH Key",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "awx_sftp_auth_method",
|
|
||||||
"type": "multiplechoice"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "SFTP Password",
|
|
||||||
"question_description": "Sets the password of the 'sftp' account, which allows you to upload a multi-file static website by SFTP, as well as export the latest copy of your Matrix service. Must be defined if 'Password' method is selected. WARNING: You must set a strong and unique password here.",
|
|
||||||
"required": false,
|
|
||||||
"min": 0,
|
|
||||||
"max": 64,
|
|
||||||
"default": "{{ awx_sftp_password }}",
|
|
||||||
"choices": "",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "awx_sftp_password",
|
|
||||||
"type": "password"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"question_name": "SFTP Public SSH Key (More Secure)",
|
|
||||||
"question_description": "Sets the public SSH key used to access the 'sftp' account, which allows you to upload a multi-file static website by SFTP, as well as export the latest copy of your Matrix service. Must be defined if 'SSH Key' method is selected.",
|
|
||||||
"required": false,
|
|
||||||
"min": 0,
|
|
||||||
"max": 16384,
|
|
||||||
"default": "{{ awx_sftp_public_key }}",
|
|
||||||
"choices": "",
|
|
||||||
"new_question": true,
|
|
||||||
"variable": "awx_sftp_public_key",
|
|
||||||
"type": "text"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
|
@ -1,101 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Record Backup Server variables locally on AWX
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: {{ item.value }}"
|
|
||||||
insertafter: '# AWX Settings Start'
|
|
||||||
with_dict:
|
|
||||||
'awx_backup_enabled': '{{ awx_backup_enabled }}'
|
|
||||||
tags: use-survey
|
|
||||||
|
|
||||||
- name: Save new 'Backup Server' survey.json to the AWX tower, template
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
template:
|
|
||||||
src: 'roles/matrix-awx/surveys/backup_server.json.j2'
|
|
||||||
dest: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/backup_server.json'
|
|
||||||
tags: use-survey
|
|
||||||
|
|
||||||
- name: Copy new 'Backup Server' survey.json to target machine
|
|
||||||
copy:
|
|
||||||
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/backup_server.json'
|
|
||||||
dest: '/matrix/awx/backup_server.json'
|
|
||||||
mode: '0660'
|
|
||||||
tags: use-survey
|
|
||||||
|
|
||||||
- name: Recreate 'Backup Server' job template
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
awx.awx.tower_job_template:
|
|
||||||
name: "{{ matrix_domain }} - 0 - Backup Server"
|
|
||||||
description: "Performs a backup of the entire service to a remote location."
|
|
||||||
extra_vars: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/extra_vars.json') }}"
|
|
||||||
job_type: run
|
|
||||||
job_tags: "backup-server,use-survey"
|
|
||||||
inventory: "{{ member_id }}"
|
|
||||||
project: "{{ member_id }} - Matrix Docker Ansible Deploy"
|
|
||||||
playbook: setup.yml
|
|
||||||
credential: "{{ member_id }} - AWX SSH Key"
|
|
||||||
survey_enabled: true
|
|
||||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/backup_server.json') }}"
|
|
||||||
become_enabled: true
|
|
||||||
state: present
|
|
||||||
verbosity: 1
|
|
||||||
tower_host: "https://{{ awx_host }}"
|
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
|
||||||
validate_certs: true
|
|
||||||
tags: use-survey
|
|
||||||
|
|
||||||
- name: Include vars in matrix_vars.yml
|
|
||||||
include_vars:
|
|
||||||
file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
|
|
||||||
no_log: true
|
|
||||||
|
|
||||||
- name: Copy new 'matrix_vars.yml' to target machine
|
|
||||||
copy:
|
|
||||||
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
|
|
||||||
dest: '/matrix/awx/matrix_vars.yml'
|
|
||||||
mode: '0660'
|
|
||||||
tags: use-survey
|
|
||||||
|
|
||||||
- name: Run initial backup of /matrix/ and snapshot the database simultaneously
|
|
||||||
command: "{{ item }}"
|
|
||||||
with_items:
|
|
||||||
- borgmatic -c /root/.config/borgmatic/config_1.yaml
|
|
||||||
- /bin/sh /usr/local/bin/awx-export-service.sh 1 0
|
|
||||||
register: _create_instances
|
|
||||||
async: 3600 # Maximum runtime in seconds.
|
|
||||||
poll: 0 # Fire and continue (never poll)
|
|
||||||
when: awx_backup_enabled|bool
|
|
||||||
|
|
||||||
- name: Wait for both of these jobs to finish
|
|
||||||
async_status:
|
|
||||||
jid: "{{ item.ansible_job_id }}"
|
|
||||||
register: _jobs
|
|
||||||
until: _jobs.finished
|
|
||||||
delay: 5 # Check every 5 seconds.
|
|
||||||
retries: 720 # Retry for a full hour.
|
|
||||||
with_items: "{{ _create_instances.results }}"
|
|
||||||
when: awx_backup_enabled|bool
|
|
||||||
|
|
||||||
- name: Perform borg backup of postgres dump
|
|
||||||
command: borgmatic -c /root/.config/borgmatic/config_2.yaml
|
|
||||||
when: awx_backup_enabled|bool
|
|
||||||
|
|
||||||
- name: Delete the AWX session token for executing modules
|
|
||||||
awx.awx.tower_token:
|
|
||||||
description: 'AWX Session Token'
|
|
||||||
scope: "write"
|
|
||||||
state: absent
|
|
||||||
existing_token_id: "{{ awx_session_token.ansible_facts.tower_token.id }}"
|
|
||||||
tower_host: "https://{{ awx_host }}"
|
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
|
||||||
|
|
||||||
- name: Set boolean value to exit playbook
|
|
||||||
set_fact:
|
|
||||||
awx_end_playbook: true
|
|
||||||
|
|
||||||
- name: End playbook if this task list is called.
|
|
||||||
meta: end_play
|
|
||||||
when: awx_end_playbook is defined and awx_end_playbook|bool
|
|
|
@ -1,58 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Record Bridge Discord AppService variables locally on AWX
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: {{ item.value }}"
|
|
||||||
insertafter: '# Bridge Discord AppService Start'
|
|
||||||
with_dict:
|
|
||||||
'matrix_appservice_discord_enabled': '{{ matrix_appservice_discord_enabled }}'
|
|
||||||
'matrix_appservice_discord_client_id': '{{ matrix_appservice_discord_client_id }}'
|
|
||||||
'matrix_appservice_discord_bot_token': '{{ matrix_appservice_discord_bot_token }}'
|
|
||||||
|
|
||||||
- name: If the raw inputs is not empty start constructing parsed awx_appservice_discord_admin_rooms list
|
|
||||||
set_fact:
|
|
||||||
awx_appservice_discord_admin_rooms_array: |-
|
|
||||||
{{ awx_appservice_discord_admin_rooms.splitlines() | to_json }}
|
|
||||||
when: awx_appservice_discord_admin_rooms | trim | length > 0
|
|
||||||
|
|
||||||
- name: Promote user to administer (PL100) of each room
|
|
||||||
command: |
|
|
||||||
docker exec -i matrix-appservice-discord /bin/sh -c 'cp /cfg/registration.yaml /tmp/discord-registration.yaml && cd /tmp && node /build/tools/adminme.js -c /cfg/config.yaml -m "{{ item.1 }}" -u "@{{ awx_appservice_discord_admin_user }}:{{ matrix_domain }}" -p 100'
|
|
||||||
with_indexed_items:
|
|
||||||
- "{{ awx_appservice_discord_admin_rooms_array }}"
|
|
||||||
when: ( awx_appservice_discord_admin_rooms | trim | length > 0 ) and ( awx_appservice_discord_admin_user is defined )
|
|
||||||
|
|
||||||
- name: Save new 'Bridge Discord Appservice' survey.json to the AWX tower, template
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
template:
|
|
||||||
src: 'roles/matrix-awx/surveys/bridge_discord_appservice.json.j2'
|
|
||||||
dest: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}//bridge_discord_appservice.json'
|
|
||||||
|
|
||||||
- name: Copy new 'Bridge Discord Appservice' survey.json to target machine
|
|
||||||
copy:
|
|
||||||
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/bridge_discord_appservice.json'
|
|
||||||
dest: '/matrix/awx/bridge_discord_appservice.json'
|
|
||||||
mode: '0660'
|
|
||||||
|
|
||||||
- name: Recreate 'Bridge Discord Appservice' job template
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
awx.awx.tower_job_template:
|
|
||||||
name: "{{ matrix_domain }} - 3 - Bridge Discord AppService"
|
|
||||||
description: "Enables a private bridge you can use to connect Matrix rooms to Discord."
|
|
||||||
extra_vars: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/extra_vars.json') }}"
|
|
||||||
job_type: run
|
|
||||||
job_tags: "start,setup-all,bridge-discord-appservice"
|
|
||||||
inventory: "{{ member_id }}"
|
|
||||||
project: "{{ member_id }} - Matrix Docker Ansible Deploy"
|
|
||||||
playbook: setup.yml
|
|
||||||
credential: "{{ member_id }} - AWX SSH Key"
|
|
||||||
survey_enabled: true
|
|
||||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/bridge_discord_appservice.json') }}"
|
|
||||||
state: present
|
|
||||||
verbosity: 1
|
|
||||||
tower_host: "https://{{ awx_host }}"
|
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
|
||||||
validate_certs: true
|
|
|
@ -1,13 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Collect current datetime
|
|
||||||
set_fact:
|
|
||||||
awx_datetime: "{{ lookup('pipe', 'date +%Y-%m-%d_%H:%M') }}"
|
|
||||||
|
|
||||||
- name: Create cached matrix_vars.yml file location
|
|
||||||
set_fact:
|
|
||||||
awx_cached_matrix_vars: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars_{{ awx_datetime }}.yml'
|
|
||||||
|
|
||||||
- name: Create cached matrix_vars.yml
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
shell: "cp /var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml {{ awx_cached_matrix_vars }}"
|
|
|
@ -1,11 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Create a AWX session token for executing modules
|
|
||||||
awx.awx.tower_token:
|
|
||||||
description: 'AWX Session Token'
|
|
||||||
scope: "write"
|
|
||||||
state: present
|
|
||||||
tower_host: "https://{{ awx_host }}"
|
|
||||||
tower_oauthtoken: "{{ awx_master_token }}"
|
|
||||||
register: awx_session_token
|
|
||||||
no_log: true
|
|
|
@ -1,41 +0,0 @@
|
||||||
---
|
|
||||||
#
|
|
||||||
# Create user and define if they are admin
|
|
||||||
#
|
|
||||||
# /usr/local/bin/matrix-synapse-register-user <your_username> <your_password> <admin access: 0 or 1>
|
|
||||||
#
|
|
||||||
|
|
||||||
- name: Set admin bool to zero
|
|
||||||
set_fact:
|
|
||||||
awx_admin_bool: 0
|
|
||||||
when: awx_admin_access == 'false'
|
|
||||||
|
|
||||||
- name: Examine if server admin set
|
|
||||||
set_fact:
|
|
||||||
awx_admin_bool: 1
|
|
||||||
when: awx_admin_access == 'true'
|
|
||||||
|
|
||||||
- name: Create user account
|
|
||||||
command: |
|
|
||||||
/usr/local/bin/matrix-synapse-register-user {{ awx_new_username | quote }} {{ awx_new_password | quote }} {{ awx_admin_bool }}
|
|
||||||
register: awx_cmd_output
|
|
||||||
|
|
||||||
- name: Delete the AWX session token for executing modules
|
|
||||||
awx.awx.tower_token:
|
|
||||||
description: 'AWX Session Token'
|
|
||||||
scope: "write"
|
|
||||||
state: absent
|
|
||||||
existing_token_id: "{{ awx_session_token.ansible_facts.tower_token.id }}"
|
|
||||||
tower_host: "https://{{ awx_host }}"
|
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
|
||||||
|
|
||||||
- name: Set boolean value to exit playbook
|
|
||||||
set_fact:
|
|
||||||
awx_end_playbook: true
|
|
||||||
|
|
||||||
- name: Result
|
|
||||||
debug: msg="{{ awx_cmd_output.stdout }}"
|
|
||||||
|
|
||||||
- name: End playbook if this task list is called.
|
|
||||||
meta: end_play
|
|
||||||
when: awx_end_playbook is defined and awx_end_playbook|bool
|
|
|
@ -1,267 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Enable index.html creation if user doesn't wish to customise base domain
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: {{ item.value }}"
|
|
||||||
insertafter: '# Base Domain Settings Start'
|
|
||||||
with_dict:
|
|
||||||
'matrix_nginx_proxy_base_domain_homepage_enabled': 'true'
|
|
||||||
when: (awx_customise_base_domain_website is defined) and not awx_customise_base_domain_website|bool
|
|
||||||
|
|
||||||
- name: Disable index.html creation to allow multi-file site if user does wish to customise base domain
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: {{ item.value }}"
|
|
||||||
insertafter: '# Base Domain Settings Start'
|
|
||||||
with_dict:
|
|
||||||
'matrix_nginx_proxy_base_domain_homepage_enabled': 'false'
|
|
||||||
when: (awx_customise_base_domain_website is defined) and awx_customise_base_domain_website|bool
|
|
||||||
|
|
||||||
- name: Record custom 'Customise Website + Access Export' variables locally on AWX
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: {{ item.value }}"
|
|
||||||
insertafter: '# Custom Settings Start'
|
|
||||||
with_dict:
|
|
||||||
'awx_sftp_auth_method': '"{{ awx_sftp_auth_method }}"'
|
|
||||||
'awx_sftp_password': '"{{ awx_sftp_password }}"'
|
|
||||||
'awx_sftp_public_key': '"{{ awx_sftp_public_key }}"'
|
|
||||||
|
|
||||||
- name: Record custom 'Customise Website + Access Export' variables locally on AWX
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: {{ item.value }}"
|
|
||||||
insertafter: '# Custom Settings Start'
|
|
||||||
with_dict:
|
|
||||||
'awx_customise_base_domain_website': '{{ awx_customise_base_domain_website }}'
|
|
||||||
when: awx_customise_base_domain_website is defined
|
|
||||||
|
|
||||||
- name: Reload vars in matrix_vars.yml
|
|
||||||
include_vars:
|
|
||||||
file: '{{ awx_cached_matrix_vars }}'
|
|
||||||
no_log: true
|
|
||||||
|
|
||||||
- name: Save new 'Customise Website + Access Export' survey.json to the AWX tower, template
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
template:
|
|
||||||
src: './roles/matrix-awx/surveys/configure_website_access_export.json.j2'
|
|
||||||
dest: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_website_access_export.json'
|
|
||||||
when: awx_customise_base_domain_website is defined
|
|
||||||
|
|
||||||
- name: Copy new 'Customise Website + Access Export' survey.json to target machine
|
|
||||||
copy:
|
|
||||||
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_website_access_export.json'
|
|
||||||
dest: '/matrix/awx/configure_website_access_export.json'
|
|
||||||
mode: '0660'
|
|
||||||
when: awx_customise_base_domain_website is defined
|
|
||||||
|
|
||||||
- name: Save new 'Customise Website + Access Export' survey.json to the AWX tower, template
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
template:
|
|
||||||
src: './roles/matrix-awx/surveys/access_export.json.j2'
|
|
||||||
dest: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/access_export.json'
|
|
||||||
when: awx_customise_base_domain_website is undefined
|
|
||||||
|
|
||||||
- name: Copy new 'Customise Website + Access Export' survey.json to target machine
|
|
||||||
copy:
|
|
||||||
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/access_export.json'
|
|
||||||
dest: '/matrix/awx/access_export.json'
|
|
||||||
mode: '0660'
|
|
||||||
when: awx_customise_base_domain_website is undefined
|
|
||||||
|
|
||||||
- name: Recreate 'Configure Website + Access Export' job template
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
awx.awx.tower_job_template:
|
|
||||||
name: "{{ matrix_domain }} - 1 - Configure Website + Access Export"
|
|
||||||
description: "Configure base domain website settings and access the servers export."
|
|
||||||
extra_vars: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/extra_vars.json') }}"
|
|
||||||
job_type: run
|
|
||||||
job_tags: "start,setup-nginx-proxy"
|
|
||||||
inventory: "{{ member_id }}"
|
|
||||||
project: "{{ member_id }} - Matrix Docker Ansible Deploy"
|
|
||||||
playbook: setup.yml
|
|
||||||
credential: "{{ member_id }} - AWX SSH Key"
|
|
||||||
survey_enabled: true
|
|
||||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_website_access_export.json') }}"
|
|
||||||
become_enabled: true
|
|
||||||
state: present
|
|
||||||
verbosity: 1
|
|
||||||
tower_host: "https://{{ awx_host }}"
|
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
|
||||||
validate_certs: true
|
|
||||||
when: awx_customise_base_domain_website is defined
|
|
||||||
|
|
||||||
- name: Recreate 'Access Export' job template
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
awx.awx.tower_job_template:
|
|
||||||
name: "{{ matrix_domain }} - 1 - Access Export"
|
|
||||||
description: "Access the services export."
|
|
||||||
extra_vars: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/extra_vars.json') }}"
|
|
||||||
job_type: run
|
|
||||||
job_tags: "start,setup-nginx-proxy"
|
|
||||||
inventory: "{{ member_id }}"
|
|
||||||
project: "{{ member_id }} - Matrix Docker Ansible Deploy"
|
|
||||||
playbook: setup.yml
|
|
||||||
credential: "{{ member_id }} - AWX SSH Key"
|
|
||||||
survey_enabled: true
|
|
||||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/access_export.json') }}"
|
|
||||||
become_enabled: true
|
|
||||||
state: present
|
|
||||||
verbosity: 1
|
|
||||||
tower_host: "https://{{ awx_host }}"
|
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
|
||||||
validate_certs: true
|
|
||||||
when: awx_customise_base_domain_website is undefined
|
|
||||||
|
|
||||||
- name: If user doesn't define a awx_sftp_password, create a disabled 'sftp' account
|
|
||||||
user:
|
|
||||||
name: sftp
|
|
||||||
comment: SFTP user to set custom web files and access servers export
|
|
||||||
shell: /bin/false
|
|
||||||
home: /home/sftp
|
|
||||||
group: matrix
|
|
||||||
password: '*'
|
|
||||||
update_password: always
|
|
||||||
when: awx_sftp_password|length == 0
|
|
||||||
|
|
||||||
- name: If user defines awx_sftp_password, enable account and set password on 'stfp' account
|
|
||||||
user:
|
|
||||||
name: sftp
|
|
||||||
comment: SFTP user to set custom web files and access servers export
|
|
||||||
shell: /bin/false
|
|
||||||
home: /home/sftp
|
|
||||||
group: matrix
|
|
||||||
password: "{{ awx_sftp_password | password_hash('sha512') }}"
|
|
||||||
update_password: always
|
|
||||||
when: awx_sftp_password|length > 0
|
|
||||||
|
|
||||||
- name: Ensure group "sftp" exists
|
|
||||||
group:
|
|
||||||
name: sftp
|
|
||||||
state: present
|
|
||||||
|
|
||||||
- name: adding existing user 'sftp' to group matrix
|
|
||||||
user:
|
|
||||||
name: sftp
|
|
||||||
groups: sftp
|
|
||||||
append: true
|
|
||||||
when: awx_customise_base_domain_website is defined
|
|
||||||
|
|
||||||
- name: Create the ro /chroot directory with sticky bit if it doesn't exist. (/chroot/website has matrix:matrix permissions and is mounted to nginx container)
|
|
||||||
file:
|
|
||||||
path: /chroot
|
|
||||||
state: directory
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: '1755'
|
|
||||||
|
|
||||||
- name: Ensure /chroot/website location exists.
|
|
||||||
file:
|
|
||||||
path: /chroot/website
|
|
||||||
state: directory
|
|
||||||
owner: matrix
|
|
||||||
group: matrix
|
|
||||||
mode: '0770'
|
|
||||||
when: awx_customise_base_domain_website is defined
|
|
||||||
|
|
||||||
- name: Ensure /chroot/export location exists
|
|
||||||
file:
|
|
||||||
path: /chroot/export
|
|
||||||
state: directory
|
|
||||||
owner: sftp
|
|
||||||
group: sftp
|
|
||||||
mode: '0700'
|
|
||||||
|
|
||||||
- name: Ensure /home/sftp/.ssh location exists
|
|
||||||
file:
|
|
||||||
path: /home/sftp/.ssh
|
|
||||||
state: directory
|
|
||||||
owner: sftp
|
|
||||||
group: sftp
|
|
||||||
mode: '0700'
|
|
||||||
|
|
||||||
- name: Ensure /home/sftp/authorized_keys exists
|
|
||||||
file:
|
|
||||||
path: /home/sftp/.ssh/authorized_keys
|
|
||||||
state: touch
|
|
||||||
owner: sftp
|
|
||||||
group: sftp
|
|
||||||
mode: '0644'
|
|
||||||
|
|
||||||
- name: Clear authorized_keys file
|
|
||||||
shell: echo "" > /home/sftp/.ssh/authorized_keys
|
|
||||||
|
|
||||||
- name: Insert public SSH key into authorized_keys file
|
|
||||||
lineinfile:
|
|
||||||
path: /home/sftp/.ssh/authorized_keys
|
|
||||||
line: "{{ awx_sftp_public_key }}"
|
|
||||||
owner: sftp
|
|
||||||
group: sftp
|
|
||||||
mode: '0644'
|
|
||||||
when: (awx_sftp_public_key | length > 0) and (awx_sftp_auth_method == "SSH Key")
|
|
||||||
|
|
||||||
- name: Remove any existing Subsystem lines
|
|
||||||
lineinfile:
|
|
||||||
path: /etc/ssh/sshd_config
|
|
||||||
state: absent
|
|
||||||
regexp: '^Subsystem'
|
|
||||||
|
|
||||||
- name: Set SSH Subsystem State
|
|
||||||
lineinfile:
|
|
||||||
path: /etc/ssh/sshd_config
|
|
||||||
insertafter: "^# override default of no subsystems"
|
|
||||||
line: "Subsystem sftp internal-sftp"
|
|
||||||
|
|
||||||
- name: Add SSH Match User section for disabled auth
|
|
||||||
blockinfile:
|
|
||||||
path: /etc/ssh/sshd_config
|
|
||||||
state: absent
|
|
||||||
block: |
|
|
||||||
Match User sftp
|
|
||||||
ChrootDirectory /chroot
|
|
||||||
PermitTunnel no
|
|
||||||
X11Forwarding no
|
|
||||||
AllowTcpForwarding no
|
|
||||||
PasswordAuthentication yes
|
|
||||||
AuthorizedKeysFile /home/sftp/.ssh/authorized_keys
|
|
||||||
when: awx_sftp_auth_method == "Disabled"
|
|
||||||
|
|
||||||
- name: Add SSH Match User section for password auth
|
|
||||||
blockinfile:
|
|
||||||
path: /etc/ssh/sshd_config
|
|
||||||
state: present
|
|
||||||
block: |
|
|
||||||
Match User sftp
|
|
||||||
ChrootDirectory /chroot
|
|
||||||
PermitTunnel no
|
|
||||||
X11Forwarding no
|
|
||||||
AllowTcpForwarding no
|
|
||||||
PasswordAuthentication yes
|
|
||||||
when: awx_sftp_auth_method == "Password"
|
|
||||||
|
|
||||||
- name: Add SSH Match User section for publickey auth
|
|
||||||
blockinfile:
|
|
||||||
path: /etc/ssh/sshd_config
|
|
||||||
state: present
|
|
||||||
block: |
|
|
||||||
Match User sftp
|
|
||||||
ChrootDirectory /chroot
|
|
||||||
PermitTunnel no
|
|
||||||
X11Forwarding no
|
|
||||||
AllowTcpForwarding no
|
|
||||||
AuthorizedKeysFile /home/sftp/.ssh/authorized_keys
|
|
||||||
when: awx_sftp_auth_method == "SSH Key"
|
|
||||||
|
|
||||||
- name: Restart service ssh.service
|
|
||||||
service:
|
|
||||||
name: ssh.service
|
|
||||||
state: restarted
|
|
|
@ -1,10 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Delete the AWX session token for executing modules
|
|
||||||
awx.awx.tower_token:
|
|
||||||
description: 'AWX Session Token'
|
|
||||||
scope: "write"
|
|
||||||
state: absent
|
|
||||||
existing_token_id: "{{ awx_session_token.ansible_facts.tower_token.id }}"
|
|
||||||
tower_host: "https://{{ awx_host }}"
|
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
|
|
@ -1,43 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Run export of /matrix/ and snapshot the database simultaneously
|
|
||||||
command: "{{ item }}"
|
|
||||||
with_items:
|
|
||||||
- /bin/sh /usr/local/bin/awx-export-service.sh 1 0
|
|
||||||
- /bin/sh /usr/local/bin/awx-export-service.sh 0 1
|
|
||||||
register: awx_create_instances
|
|
||||||
async: 3600 # Maximum runtime in seconds.
|
|
||||||
poll: 0 # Fire and continue (never poll)
|
|
||||||
|
|
||||||
- name: Wait for both of these jobs to finish
|
|
||||||
async_status:
|
|
||||||
jid: "{{ item.ansible_job_id }}"
|
|
||||||
register: awx_jobs
|
|
||||||
until: awx_jobs.finished
|
|
||||||
delay: 5 # Check every 5 seconds.
|
|
||||||
retries: 720 # Retry for a full hour.
|
|
||||||
with_items: "{{ awx_create_instances.results }}"
|
|
||||||
|
|
||||||
- name: Schedule deletion of the export in 24 hours
|
|
||||||
at:
|
|
||||||
command: rm /chroot/export/matrix*
|
|
||||||
count: 1
|
|
||||||
units: days
|
|
||||||
unique: true
|
|
||||||
|
|
||||||
- name: Delete the AWX session token for executing modules
|
|
||||||
awx.awx.tower_token:
|
|
||||||
description: 'AWX Session Token'
|
|
||||||
scope: "write"
|
|
||||||
state: absent
|
|
||||||
existing_token_id: "{{ awx_session_token.ansible_facts.tower_token.id }}"
|
|
||||||
tower_host: "https://{{ awx_host }}"
|
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
|
||||||
|
|
||||||
- name: Set boolean value to exit playbook
|
|
||||||
set_fact:
|
|
||||||
awx_end_playbook: true
|
|
||||||
|
|
||||||
- name: End playbook if this task list is called.
|
|
||||||
meta: end_play
|
|
||||||
when: awx_end_playbook is defined and awx_end_playbook|bool
|
|
|
@ -1,7 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Ensure correct ownership of /matrix/awx
|
|
||||||
shell: chown -R matrix:matrix /matrix/awx
|
|
||||||
|
|
||||||
- name: Ensure correct ownership of /matrix/synapse
|
|
||||||
shell: chown -R matrix:matrix /matrix/synapse
|
|
|
@ -1,16 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Include vars in organisation.yml
|
|
||||||
include_vars:
|
|
||||||
file: '/var/lib/awx/projects/clients/{{ member_id }}/organisation.yml'
|
|
||||||
no_log: true
|
|
||||||
|
|
||||||
- name: Include vars in hosting_vars.yml
|
|
||||||
include_vars:
|
|
||||||
file: '/var/lib/awx/projects/hosting/hosting_vars.yml'
|
|
||||||
no_log: true
|
|
||||||
|
|
||||||
- name: Include AWX master token from awx_tokens.yml
|
|
||||||
include_vars:
|
|
||||||
file: /var/lib/awx/projects/hosting/awx_tokens.yml
|
|
||||||
no_log: true
|
|
|
@ -1,16 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Include new vars in matrix_vars.yml
|
|
||||||
include_vars:
|
|
||||||
file: '{{ awx_cached_matrix_vars }}'
|
|
||||||
no_log: true
|
|
||||||
|
|
||||||
- name: If include_vars succeeds overwrite the old matrix_vars.yml
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
shell: "cp {{ awx_cached_matrix_vars }} /var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml && rm {{ awx_cached_matrix_vars }}"
|
|
||||||
|
|
||||||
- name: Copy new 'matrix_vars.yml' to target machine
|
|
||||||
copy:
|
|
||||||
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
|
|
||||||
dest: '/matrix/awx/matrix_vars.yml'
|
|
||||||
mode: '0660'
|
|
|
@ -1,234 +0,0 @@
|
||||||
---
|
|
||||||
# Load initial hosting and organisation variables from AWX volume
|
|
||||||
- include_tasks:
|
|
||||||
file: "load_hosting_and_org_variables.yml"
|
|
||||||
apply:
|
|
||||||
tags: always
|
|
||||||
when: run_setup|bool and matrix_awx_enabled|bool
|
|
||||||
tags:
|
|
||||||
- always
|
|
||||||
|
|
||||||
# Renames or updates the vars.yml if needed
|
|
||||||
- include_tasks:
|
|
||||||
file: "update_variables.yml"
|
|
||||||
apply:
|
|
||||||
tags: always
|
|
||||||
when: run_setup|bool and matrix_awx_enabled|bool
|
|
||||||
tags:
|
|
||||||
- always
|
|
||||||
|
|
||||||
# Create AWX session token
|
|
||||||
- include_tasks:
|
|
||||||
file: "create_session_token.yml"
|
|
||||||
apply:
|
|
||||||
tags: always
|
|
||||||
when: run_setup|bool and matrix_awx_enabled|bool
|
|
||||||
tags:
|
|
||||||
- always
|
|
||||||
|
|
||||||
# Perform a backup of the server
|
|
||||||
- include_tasks:
|
|
||||||
file: "backup_server.yml"
|
|
||||||
apply:
|
|
||||||
tags: backup-server
|
|
||||||
when: run_setup|bool and matrix_awx_enabled|bool
|
|
||||||
tags:
|
|
||||||
- backup-server
|
|
||||||
|
|
||||||
# Perform a export of the server
|
|
||||||
- include_tasks:
|
|
||||||
file: "export_server.yml"
|
|
||||||
apply:
|
|
||||||
tags: export-server
|
|
||||||
when: run_setup|bool and matrix_awx_enabled|bool
|
|
||||||
tags:
|
|
||||||
- export-server
|
|
||||||
|
|
||||||
# Create a user account if called
|
|
||||||
- include_tasks:
|
|
||||||
file: "create_user.yml"
|
|
||||||
apply:
|
|
||||||
tags: create-user
|
|
||||||
when: run_setup|bool and matrix_awx_enabled|bool
|
|
||||||
tags:
|
|
||||||
- create-user
|
|
||||||
|
|
||||||
# Purge local/remote media if called
|
|
||||||
- include_tasks:
|
|
||||||
file: "purge_media_main.yml"
|
|
||||||
apply:
|
|
||||||
tags: purge-media
|
|
||||||
when: run_setup|bool and matrix_awx_enabled|bool
|
|
||||||
tags:
|
|
||||||
- purge-media
|
|
||||||
|
|
||||||
# Purge Synapse database if called
|
|
||||||
- include_tasks:
|
|
||||||
file: "purge_database_main.yml"
|
|
||||||
apply:
|
|
||||||
tags: purge-database
|
|
||||||
when: run_setup|bool and matrix_awx_enabled|bool
|
|
||||||
tags:
|
|
||||||
- purge-database
|
|
||||||
|
|
||||||
# Rotate SSH key if called
|
|
||||||
- include_tasks:
|
|
||||||
file: "rotate_ssh.yml"
|
|
||||||
apply:
|
|
||||||
tags: rotate-ssh
|
|
||||||
when: run_setup|bool and matrix_awx_enabled|bool
|
|
||||||
tags:
|
|
||||||
- rotate-ssh
|
|
||||||
|
|
||||||
# Import configs, media repo from /chroot/backup import
|
|
||||||
- include_tasks:
|
|
||||||
file: "import_awx.yml"
|
|
||||||
apply:
|
|
||||||
tags: import-awx
|
|
||||||
when: run_setup|bool and matrix_awx_enabled|bool
|
|
||||||
tags:
|
|
||||||
- import-awx
|
|
||||||
|
|
||||||
# Perform extra self-check functions
|
|
||||||
- include_tasks:
|
|
||||||
file: "self_check.yml"
|
|
||||||
apply:
|
|
||||||
tags: self-check
|
|
||||||
when: run_setup|bool and matrix_awx_enabled|bool
|
|
||||||
tags:
|
|
||||||
- self-check
|
|
||||||
|
|
||||||
# Create cached matrix_vars.yml file
|
|
||||||
- include_tasks:
|
|
||||||
file: "cache_matrix_variables.yml"
|
|
||||||
apply:
|
|
||||||
tags: always
|
|
||||||
when: run_setup|bool and matrix_awx_enabled|bool
|
|
||||||
tags:
|
|
||||||
- always
|
|
||||||
|
|
||||||
# Configure SFTP so user can upload a static website or access the servers export
|
|
||||||
- include_tasks:
|
|
||||||
file: "customise_website_access_export.yml"
|
|
||||||
apply:
|
|
||||||
tags: setup-nginx-proxy
|
|
||||||
when: run_setup|bool and matrix_awx_enabled|bool
|
|
||||||
tags:
|
|
||||||
- setup-nginx-proxy
|
|
||||||
|
|
||||||
# Additional playbook to set the variable file during Element configuration
|
|
||||||
- include_tasks:
|
|
||||||
file: "set_variables_element.yml"
|
|
||||||
apply:
|
|
||||||
tags: setup-client-element
|
|
||||||
when: run_setup|bool and matrix_awx_enabled|bool
|
|
||||||
tags:
|
|
||||||
- setup-client-element
|
|
||||||
|
|
||||||
# Additional playbook to set the variable file during Mailer configuration
|
|
||||||
- include_tasks:
|
|
||||||
file: "set_variables_mailer.yml"
|
|
||||||
apply:
|
|
||||||
tags: setup-mailer
|
|
||||||
when: run_setup|bool and matrix_awx_enabled|bool
|
|
||||||
tags:
|
|
||||||
- setup-mailer
|
|
||||||
|
|
||||||
# Additional playbook to set the variable file during Element configuration
|
|
||||||
- include_tasks:
|
|
||||||
file: "set_variables_element_subdomain.yml"
|
|
||||||
apply:
|
|
||||||
tags: setup-client-element-subdomain
|
|
||||||
when: run_setup|bool and matrix_awx_enabled|bool
|
|
||||||
tags:
|
|
||||||
- setup-client-element-subdomain
|
|
||||||
|
|
||||||
# Additional playbook to set the variable file during Synapse configuration
|
|
||||||
- include_tasks:
|
|
||||||
file: "set_variables_synapse.yml"
|
|
||||||
apply:
|
|
||||||
tags: setup-synapse
|
|
||||||
when: run_setup|bool and matrix_awx_enabled|bool
|
|
||||||
tags:
|
|
||||||
- setup-synapse
|
|
||||||
|
|
||||||
# Additional playbook to set the variable file during Jitsi configuration
|
|
||||||
- include_tasks:
|
|
||||||
file: "set_variables_jitsi.yml"
|
|
||||||
apply:
|
|
||||||
tags: setup-jitsi
|
|
||||||
when: run_setup|bool and matrix_awx_enabled|bool
|
|
||||||
tags:
|
|
||||||
- setup-jitsi
|
|
||||||
|
|
||||||
# Additional playbook to set the variable file during Ma1sd configuration
|
|
||||||
- include_tasks:
|
|
||||||
file: "set_variables_ma1sd.yml"
|
|
||||||
apply:
|
|
||||||
tags: setup-ma1sd
|
|
||||||
when: run_setup|bool and matrix_awx_enabled|bool
|
|
||||||
tags:
|
|
||||||
- setup-ma1sd
|
|
||||||
|
|
||||||
# Additional playbook to set the variable file during Mjolnir Bot configuration
|
|
||||||
- include_tasks:
|
|
||||||
file: "set_variables_mjolnir.yml"
|
|
||||||
apply:
|
|
||||||
tags: setup-bot-mjolnir
|
|
||||||
when: run_setup|bool and matrix_awx_enabled|bool
|
|
||||||
tags:
|
|
||||||
- setup-bot-mjolnir
|
|
||||||
|
|
||||||
# Additional playbook to set the variable file during Corporal configuration
|
|
||||||
- include_tasks:
|
|
||||||
file: "set_variables_corporal.yml"
|
|
||||||
apply:
|
|
||||||
tags: setup-corporal
|
|
||||||
when: run_setup|bool and matrix_awx_enabled|bool
|
|
||||||
tags:
|
|
||||||
- setup-corporal
|
|
||||||
|
|
||||||
# Additional playbook to set the variable file during Dimension configuration
|
|
||||||
- include_tasks:
|
|
||||||
file: "set_variables_dimension.yml"
|
|
||||||
apply:
|
|
||||||
tags: setup-dimension
|
|
||||||
when: run_setup|bool and matrix_awx_enabled|bool
|
|
||||||
tags:
|
|
||||||
- setup-dimension
|
|
||||||
|
|
||||||
# Additional playbook to set the variable file during Synapse Admin configuration
|
|
||||||
- include_tasks:
|
|
||||||
file: "set_variables_synapse_admin.yml"
|
|
||||||
apply:
|
|
||||||
tags: setup-synapse-admin
|
|
||||||
when: run_setup|bool and matrix_awx_enabled|bool
|
|
||||||
tags:
|
|
||||||
- setup-synapse-admin
|
|
||||||
|
|
||||||
# Additional playbook to set the variable file during Discord Appservice Bridge configuration
|
|
||||||
- include_tasks:
|
|
||||||
file: "bridge_discord_appservice.yml"
|
|
||||||
apply:
|
|
||||||
tags: bridge-discord-appservice
|
|
||||||
when: run_setup|bool and matrix_awx_enabled|bool
|
|
||||||
tags:
|
|
||||||
- bridge-discord-appservice
|
|
||||||
|
|
||||||
# Delete AWX session token
|
|
||||||
- include_tasks:
|
|
||||||
file: "delete_session_token.yml"
|
|
||||||
apply:
|
|
||||||
tags: always
|
|
||||||
when: run_setup|bool and matrix_awx_enabled|bool
|
|
||||||
tags:
|
|
||||||
- always
|
|
||||||
|
|
||||||
# Load newly formed matrix variables from AWX volume
|
|
||||||
- include_tasks:
|
|
||||||
file: "load_matrix_variables.yml"
|
|
||||||
apply:
|
|
||||||
tags: always
|
|
||||||
when: run_setup|bool and matrix_awx_enabled|bool
|
|
||||||
tags:
|
|
||||||
- always
|
|
|
@ -1,14 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Purge all rooms with more then N events
|
|
||||||
shell: |
|
|
||||||
curl --header "Authorization: Bearer {{ awx_janitors_token.stdout[1:-1] }}" -X POST -H "Content-Type: application/json" -d '{ "delete_local_events": false, "purge_up_to_ts": {{ awx_purge_epoche_time.stdout }}000 }' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_synapse/admin/v1/purge_history/{{ item[1:-1] }}"
|
|
||||||
register: awx_purge_command
|
|
||||||
|
|
||||||
- name: Print output of purge command
|
|
||||||
debug:
|
|
||||||
msg: "{{ awx_purge_command.stdout }}"
|
|
||||||
|
|
||||||
- name: Pause for 5 seconds to let Synapse breathe
|
|
||||||
pause:
|
|
||||||
seconds: 5
|
|
|
@ -1,320 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Ensure dateutils and curl is installed in AWX
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
yum:
|
|
||||||
name: dateutils
|
|
||||||
state: latest
|
|
||||||
|
|
||||||
- name: Include vars in matrix_vars.yml
|
|
||||||
include_vars:
|
|
||||||
file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
|
|
||||||
no_log: true
|
|
||||||
|
|
||||||
- name: Ensure curl and jq intalled on target machine
|
|
||||||
apt:
|
|
||||||
pkg:
|
|
||||||
- curl
|
|
||||||
- jq
|
|
||||||
state: present
|
|
||||||
|
|
||||||
- name: Collect before shrink size of Synapse database
|
|
||||||
shell: du -sh /matrix/postgres/data
|
|
||||||
register: awx_db_size_before_stat
|
|
||||||
when: (awx_purge_mode.find("Perform final shrink") != -1)
|
|
||||||
no_log: true
|
|
||||||
|
|
||||||
- name: Collect the internal IP of the matrix-synapse container
|
|
||||||
shell: "/usr/bin/docker inspect --format '{''{range.NetworkSettings.Networks}''}{''{.IPAddress}''}{''{end}''}' matrix-synapse"
|
|
||||||
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
|
|
||||||
register: awx_synapse_container_ip
|
|
||||||
|
|
||||||
- name: Collect access token for @admin-janitor user
|
|
||||||
shell: |
|
|
||||||
curl -X POST -d '{"type":"m.login.password", "user":"admin-janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_matrix/client/r0/login" | jq '.access_token'
|
|
||||||
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
|
|
||||||
register: awx_janitors_token
|
|
||||||
no_log: true
|
|
||||||
|
|
||||||
- name: Copy build_room_list.py script to target machine
|
|
||||||
copy:
|
|
||||||
src: ./roles/matrix-awx/scripts/matrix_build_room_list.py
|
|
||||||
dest: /usr/local/bin/matrix_build_room_list.py
|
|
||||||
owner: matrix
|
|
||||||
group: matrix
|
|
||||||
mode: '0755'
|
|
||||||
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
|
|
||||||
|
|
||||||
- name: Run build_room_list.py script
|
|
||||||
shell: |
|
|
||||||
runuser -u matrix -- python3 /usr/local/bin/matrix_build_room_list.py {{ awx_janitors_token.stdout[1:-1] }} {{ awx_synapse_container_ip.stdout }} {{ matrix_synapse_container_client_api_port.stdout }}
|
|
||||||
register: awx_rooms_total
|
|
||||||
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
|
|
||||||
|
|
||||||
- name: Fetch complete room list from target machine
|
|
||||||
fetch:
|
|
||||||
src: /tmp/room_list_complete.json
|
|
||||||
dest: "/tmp/{{ subscription_id }}_room_list_complete.json"
|
|
||||||
flat: true
|
|
||||||
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
|
|
||||||
|
|
||||||
- name: Remove complete room list from target machine
|
|
||||||
file:
|
|
||||||
path: /tmp/room_list_complete.json
|
|
||||||
state: absent
|
|
||||||
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
|
|
||||||
|
|
||||||
- name: Generate list of rooms with no local users
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
shell: |
|
|
||||||
jq 'try .rooms[] | select(.joined_local_members == 0) | .room_id' < /tmp/{{ subscription_id }}_room_list_complete.json > /tmp/{{ subscription_id }}_room_list_no_local_users.txt
|
|
||||||
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
|
|
||||||
|
|
||||||
- name: Count number of rooms with no local users
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
shell: |
|
|
||||||
wc -l /tmp/{{ subscription_id }}_room_list_no_local_users.txt | awk '{ print $1 }'
|
|
||||||
register: awx_rooms_no_local_total
|
|
||||||
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
|
|
||||||
|
|
||||||
- name: Setting host fact awx_room_list_no_local_users
|
|
||||||
set_fact:
|
|
||||||
awx_room_list_no_local_users: "{{ lookup('file', '/tmp/{{ subscription_id }}_room_list_no_local_users.txt') }}"
|
|
||||||
no_log: true
|
|
||||||
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
|
|
||||||
|
|
||||||
- name: Purge all rooms with no local users
|
|
||||||
include_tasks: purge_database_no_local.yml
|
|
||||||
loop: "{{ awx_room_list_no_local_users.splitlines() | flatten(levels=1) }}"
|
|
||||||
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
|
|
||||||
|
|
||||||
- name: Collect epoche time from date
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
shell: |
|
|
||||||
date -d '{{ awx_purge_date }}' +"%s"
|
|
||||||
when: (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
|
|
||||||
register: awx_purge_epoche_time
|
|
||||||
|
|
||||||
- name: Generate list of rooms with more then N users
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
shell: |
|
|
||||||
jq 'try .rooms[] | select(.joined_members > {{ awx_purge_metric_value }}) | .room_id' < /tmp/{{ subscription_id }}_room_list_complete.json > /tmp/{{ subscription_id }}_room_list_joined_members.txt
|
|
||||||
when: awx_purge_mode.find("Number of users [slower]") != -1
|
|
||||||
|
|
||||||
- name: Count number of rooms with more then N users
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
shell: |
|
|
||||||
wc -l /tmp/{{ subscription_id }}_room_list_joined_members.txt | awk '{ print $1 }'
|
|
||||||
register: awx_rooms_join_members_total
|
|
||||||
when: awx_purge_mode.find("Number of users [slower]") != -1
|
|
||||||
|
|
||||||
- name: Setting host fact awx_room_list_joined_members
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
set_fact:
|
|
||||||
awx_room_list_joined_members: "{{ lookup('file', '/tmp/{{ subscription_id }}_room_list_joined_members.txt') }}"
|
|
||||||
when: awx_purge_mode.find("Number of users [slower]") != -1
|
|
||||||
no_log: true
|
|
||||||
|
|
||||||
- name: Purge all rooms with more then N users
|
|
||||||
include_tasks: purge_database_users.yml
|
|
||||||
loop: "{{ awx_room_list_joined_members.splitlines() | flatten(levels=1) }}"
|
|
||||||
when: awx_purge_mode.find("Number of users [slower]") != -1
|
|
||||||
|
|
||||||
- name: Generate list of rooms with more then N events
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
shell: |
|
|
||||||
jq 'try .rooms[] | select(.state_events > {{ awx_purge_metric_value }}) | .room_id' < /tmp/{{ subscription_id }}_room_list_complete.json > /tmp/{{ subscription_id }}_room_list_state_events.txt
|
|
||||||
when: awx_purge_mode.find("Number of events [slower]") != -1
|
|
||||||
|
|
||||||
- name: Count number of rooms with more then N events
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
shell: |
|
|
||||||
wc -l /tmp/{{ subscription_id }}_room_list_state_events.txt | awk '{ print $1 }'
|
|
||||||
register: awx_rooms_state_events_total
|
|
||||||
when: awx_purge_mode.find("Number of events [slower]") != -1
|
|
||||||
|
|
||||||
- name: Setting host fact awx_room_list_state_events
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
set_fact:
|
|
||||||
awx_room_list_state_events: "{{ lookup('file', '/tmp/{{ subscription_id }}_room_list_state_events.txt') }}"
|
|
||||||
when: awx_purge_mode.find("Number of events [slower]") != -1
|
|
||||||
no_log: true
|
|
||||||
|
|
||||||
- name: Purge all rooms with more then N events
|
|
||||||
include_tasks: purge_database_events.yml
|
|
||||||
loop: "{{ awx_room_list_state_events.splitlines() | flatten(levels=1) }}"
|
|
||||||
when: awx_purge_mode.find("Number of events [slower]") != -1
|
|
||||||
|
|
||||||
- name: Adjust 'Deploy/Update a Server' job template
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
awx.awx.tower_job_template:
|
|
||||||
name: "{{ matrix_domain }} - 0 - Deploy/Update a Server"
|
|
||||||
description: "Creates a new matrix service with Spantaleev's playbooks"
|
|
||||||
extra_vars: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/extra_vars.json') }}"
|
|
||||||
job_type: run
|
|
||||||
job_tags: "rust-synapse-compress-state"
|
|
||||||
inventory: "{{ member_id }}"
|
|
||||||
project: "{{ member_id }} - Matrix Docker Ansible Deploy"
|
|
||||||
playbook: setup.yml
|
|
||||||
credential: "{{ member_id }} - AWX SSH Key"
|
|
||||||
state: present
|
|
||||||
verbosity: 1
|
|
||||||
tower_host: "https://{{ awx_host }}"
|
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
|
||||||
validate_certs: true
|
|
||||||
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1)
|
|
||||||
|
|
||||||
- name: Execute rust-synapse-compress-state job template
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
awx.awx.tower_job_launch:
|
|
||||||
job_template: "{{ matrix_domain }} - 0 - Deploy/Update a Server"
|
|
||||||
wait: true
|
|
||||||
tower_host: "https://{{ awx_host }}"
|
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
|
||||||
validate_certs: true
|
|
||||||
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1)
|
|
||||||
|
|
||||||
- name: Revert 'Deploy/Update a Server' job template
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
awx.awx.tower_job_template:
|
|
||||||
name: "{{ matrix_domain }} - 0 - Deploy/Update a Server"
|
|
||||||
description: "Creates a new matrix service with Spantaleev's playbooks"
|
|
||||||
extra_vars: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/extra_vars.json') }}"
|
|
||||||
job_type: run
|
|
||||||
job_tags: "setup-all,start"
|
|
||||||
inventory: "{{ member_id }}"
|
|
||||||
project: "{{ member_id }} - Matrix Docker Ansible Deploy"
|
|
||||||
playbook: setup.yml
|
|
||||||
credential: "{{ member_id }} - AWX SSH Key"
|
|
||||||
state: present
|
|
||||||
verbosity: 1
|
|
||||||
tower_host: "https://{{ awx_host }}"
|
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
|
||||||
validate_certs: true
|
|
||||||
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1)
|
|
||||||
|
|
||||||
- name: Ensure matrix-synapse is stopped
|
|
||||||
service:
|
|
||||||
name: matrix-synapse
|
|
||||||
state: stopped
|
|
||||||
daemon_reload: true
|
|
||||||
when: (awx_purge_mode.find("Perform final shrink") != -1)
|
|
||||||
|
|
||||||
- name: Re-index Synapse database
|
|
||||||
shell: docker exec -i matrix-postgres psql "host=127.0.0.1 port=5432 dbname=synapse user=synapse password={{ matrix_synapse_connection_password }}" -c 'REINDEX (VERBOSE) DATABASE synapse'
|
|
||||||
when: (awx_purge_mode.find("Perform final shrink") != -1)
|
|
||||||
|
|
||||||
- name: Ensure matrix-synapse is started
|
|
||||||
service:
|
|
||||||
name: matrix-synapse
|
|
||||||
state: started
|
|
||||||
daemon_reload: true
|
|
||||||
when: (awx_purge_mode.find("Perform final shrink") != -1)
|
|
||||||
|
|
||||||
- name: Adjust 'Deploy/Update a Server' job template
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
awx.awx.tower_job_template:
|
|
||||||
name: "{{ matrix_domain }} - 0 - Deploy/Update a Server"
|
|
||||||
description: "Creates a new matrix service with Spantaleev's playbooks"
|
|
||||||
extra_vars: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/extra_vars.json') }}"
|
|
||||||
job_type: run
|
|
||||||
job_tags: "run-postgres-vacuum,start"
|
|
||||||
inventory: "{{ member_id }}"
|
|
||||||
project: "{{ member_id }} - Matrix Docker Ansible Deploy"
|
|
||||||
playbook: setup.yml
|
|
||||||
credential: "{{ member_id }} - AWX SSH Key"
|
|
||||||
state: present
|
|
||||||
verbosity: 1
|
|
||||||
tower_host: "https://{{ awx_host }}"
|
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
|
||||||
validate_certs: true
|
|
||||||
when: (awx_purge_mode.find("Perform final shrink") != -1)
|
|
||||||
|
|
||||||
- name: Execute run-postgres-vacuum job template
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
awx.awx.tower_job_launch:
|
|
||||||
job_template: "{{ matrix_domain }} - 0 - Deploy/Update a Server"
|
|
||||||
wait: true
|
|
||||||
tower_host: "https://{{ awx_host }}"
|
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
|
||||||
validate_certs: true
|
|
||||||
when: (awx_purge_mode.find("Perform final shrink") != -1)
|
|
||||||
|
|
||||||
- name: Revert 'Deploy/Update a Server' job template
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
awx.awx.tower_job_template:
|
|
||||||
name: "{{ matrix_domain }} - 0 - Deploy/Update a Server"
|
|
||||||
description: "Creates a new matrix service with Spantaleev's playbooks"
|
|
||||||
extra_vars: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/extra_vars.json') }}"
|
|
||||||
job_type: run
|
|
||||||
job_tags: "setup-all,start"
|
|
||||||
inventory: "{{ member_id }}"
|
|
||||||
project: "{{ member_id }} - Matrix Docker Ansible Deploy"
|
|
||||||
playbook: setup.yml
|
|
||||||
credential: "{{ member_id }} - AWX SSH Key"
|
|
||||||
state: present
|
|
||||||
verbosity: 1
|
|
||||||
tower_host: "https://{{ awx_host }}"
|
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
|
||||||
validate_certs: true
|
|
||||||
when: (awx_purge_mode.find("Perform final shrink") != -1)
|
|
||||||
|
|
||||||
- name: Cleanup room_list files
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
shell: |
|
|
||||||
rm /tmp/{{ subscription_id }}_room_list*
|
|
||||||
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
|
|
||||||
ignore_errors: true
|
|
||||||
|
|
||||||
- name: Collect after shrink size of Synapse database
|
|
||||||
shell: du -sh /matrix/postgres/data
|
|
||||||
register: awx_db_size_after_stat
|
|
||||||
when: (awx_purge_mode.find("Perform final shrink") != -1)
|
|
||||||
no_log: true
|
|
||||||
|
|
||||||
- name: Print total number of rooms processed
|
|
||||||
debug:
|
|
||||||
msg: '{{ awx_rooms_total.stdout }}'
|
|
||||||
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
|
|
||||||
|
|
||||||
- name: Print the number of rooms purged with no local users
|
|
||||||
debug:
|
|
||||||
msg: '{{ awx_rooms_no_local_total.stdout }}'
|
|
||||||
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
|
|
||||||
|
|
||||||
- name: Print the number of rooms purged with more then N users
|
|
||||||
debug:
|
|
||||||
msg: '{{ awx_rooms_join_members_total.stdout }}'
|
|
||||||
when: awx_purge_mode.find("Number of users") != -1
|
|
||||||
|
|
||||||
- name: Print the number of rooms purged with more then N events
|
|
||||||
debug:
|
|
||||||
msg: '{{ awx_rooms_state_events_total.stdout }}'
|
|
||||||
when: awx_purge_mode.find("Number of events") != -1
|
|
||||||
|
|
||||||
- name: Print before purge size of Synapse database
|
|
||||||
debug:
|
|
||||||
msg: "{{ awx_db_size_before_stat.stdout.split('\n') }}"
|
|
||||||
when: ( awx_db_size_before_stat is defined ) and ( awx_purge_mode.find("Perform final shrink" ) != -1 )
|
|
||||||
|
|
||||||
- name: Print after purge size of Synapse database
|
|
||||||
debug:
|
|
||||||
msg: "{{ awx_db_size_after_stat.stdout.split('\n') }}"
|
|
||||||
when: (awx_db_size_after_stat is defined) and (awx_purge_mode.find("Perform final shrink") != -1)
|
|
||||||
|
|
||||||
- name: Delete the AWX session token for executing modules
|
|
||||||
awx.awx.tower_token:
|
|
||||||
description: 'AWX Session Token'
|
|
||||||
scope: "write"
|
|
||||||
state: absent
|
|
||||||
existing_token_id: "{{ awx_session_token.ansible_facts.tower_token.id }}"
|
|
||||||
tower_host: "https://{{ awx_host }}"
|
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
|
||||||
|
|
||||||
- name: Set boolean value to exit playbook
|
|
||||||
set_fact:
|
|
||||||
awx_end_playbook: true
|
|
||||||
|
|
||||||
- name: End playbook early if this task is called.
|
|
||||||
meta: end_play
|
|
||||||
when: awx_end_playbook is defined and awx_end_playbook|bool
|
|
|
@ -1,14 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Purge all rooms with no local users
|
|
||||||
shell: |
|
|
||||||
curl --header "Authorization: Bearer {{ awx_janitors_token.stdout[1:-1] }}" -X POST -H "Content-Type: application/json" -d '{ "room_id": {{ item }} }' '{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_synapse/admin/v1/purge_room'
|
|
||||||
register: awx_purge_command
|
|
||||||
|
|
||||||
- name: Print output of purge command
|
|
||||||
debug:
|
|
||||||
msg: "{{ awx_purge_command.stdout }}"
|
|
||||||
|
|
||||||
- name: Pause for 5 seconds to let Synapse breathe
|
|
||||||
pause:
|
|
||||||
seconds: 5
|
|
|
@ -1,14 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Purge all rooms with more then N users
|
|
||||||
shell: |
|
|
||||||
curl --header "Authorization: Bearer {{ awx_janitors_token.stdout[1:-1] }}" -X POST -H "Content-Type: application/json" -d '{ "delete_local_events": false, "purge_up_to_ts": {{ awx_purge_epoche_time.stdout }}000 }' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_synapse/admin/v1/purge_history/{{ item[1:-1] }}"
|
|
||||||
register: awx_purge_command
|
|
||||||
|
|
||||||
- name: Print output of purge command
|
|
||||||
debug:
|
|
||||||
msg: "{{ awx_purge_command.stdout }}"
|
|
||||||
|
|
||||||
- name: Pause for 5 seconds to let Synapse breathe
|
|
||||||
pause:
|
|
||||||
seconds: 5
|
|
|
@ -1,19 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Collect epoche time from date
|
|
||||||
shell: |
|
|
||||||
date -d '{{ item }}' +"%s"
|
|
||||||
register: awx_epoche_time
|
|
||||||
|
|
||||||
- name: Purge local media to specific date
|
|
||||||
shell: |
|
|
||||||
curl -X POST --header "Authorization: Bearer {{ awx_janitors_token.stdout[1:-1] }}" '{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_synapse/admin/v1/media/matrix.{{ matrix_domain }}/delete?before_ts={{ awx_epoche_time.stdout }}000'
|
|
||||||
register: awx_purge_command
|
|
||||||
|
|
||||||
- name: Print output of purge command
|
|
||||||
debug:
|
|
||||||
msg: "{{ awx_purge_command.stdout }}"
|
|
||||||
|
|
||||||
- name: Pause for 5 seconds to let Synapse breathe
|
|
||||||
pause:
|
|
||||||
seconds: 5
|
|
|
@ -1,111 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Ensure dateutils is installed in AWX
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
yum:
|
|
||||||
name: dateutils
|
|
||||||
state: latest
|
|
||||||
|
|
||||||
- name: Include vars in matrix_vars.yml
|
|
||||||
include_vars:
|
|
||||||
file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
|
|
||||||
no_log: true
|
|
||||||
|
|
||||||
- name: Ensure curl and jq intalled on target machine
|
|
||||||
apt:
|
|
||||||
pkg:
|
|
||||||
- curl
|
|
||||||
- jq
|
|
||||||
state: present
|
|
||||||
|
|
||||||
- name: Collect the internal IP of the matrix-synapse container
|
|
||||||
shell: "/usr/bin/docker inspect --format '{''{range.NetworkSettings.Networks}''}{''{.IPAddress}''}{''{end}''}' matrix-synapse"
|
|
||||||
register: awx_synapse_container_ip
|
|
||||||
|
|
||||||
- name: Collect access token for @admin-janitor user
|
|
||||||
shell: |
|
|
||||||
curl -XPOST -d '{"type":"m.login.password", "user":"admin-janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_matrix/client/r0/login" | jq '.access_token'
|
|
||||||
register: awx_janitors_token
|
|
||||||
no_log: true
|
|
||||||
|
|
||||||
- name: Generate list of dates to purge to
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
shell: "dateseq {{ awx_purge_from_date }} {{ awx_purge_to_date }}"
|
|
||||||
register: awx_purge_dates
|
|
||||||
|
|
||||||
- name: Calculate initial size of local media repository
|
|
||||||
shell: du -sh /matrix/synapse/storage/media-store/local*
|
|
||||||
register: awx_local_media_size_before
|
|
||||||
when: awx_purge_media_type == "Local Media"
|
|
||||||
async: 600
|
|
||||||
ignore_errors: true
|
|
||||||
no_log: true
|
|
||||||
|
|
||||||
- name: Calculate initial size of remote media repository
|
|
||||||
shell: du -sh /matrix/synapse/storage/media-store/remote*
|
|
||||||
register: awx_remote_media_size_before
|
|
||||||
when: awx_purge_media_type == "Remote Media"
|
|
||||||
async: 600
|
|
||||||
ignore_errors: true
|
|
||||||
no_log: true
|
|
||||||
|
|
||||||
- name: Purge local media with loop
|
|
||||||
include_tasks: purge_media_local.yml
|
|
||||||
loop: "{{ awx_purge_dates.stdout_lines | flatten(levels=1) }}"
|
|
||||||
when: awx_purge_media_type == "Local Media"
|
|
||||||
|
|
||||||
- name: Purge remote media with loop
|
|
||||||
include_tasks: purge_media_remote.yml
|
|
||||||
loop: "{{ awx_purge_dates.stdout_lines | flatten(levels=1) }}"
|
|
||||||
when: awx_purge_media_type == "Remote Media"
|
|
||||||
|
|
||||||
- name: Calculate final size of local media repository
|
|
||||||
shell: du -sh /matrix/synapse/storage/media-store/local*
|
|
||||||
register: awx_local_media_size_after
|
|
||||||
when: awx_purge_media_type == "Local Media"
|
|
||||||
ignore_errors: true
|
|
||||||
no_log: true
|
|
||||||
|
|
||||||
- name: Calculate final size of remote media repository
|
|
||||||
shell: du -sh /matrix/synapse/storage/media-store/remote*
|
|
||||||
register: awx_remote_media_size_after
|
|
||||||
when: awx_purge_media_type == "Remote Media"
|
|
||||||
ignore_errors: true
|
|
||||||
no_log: true
|
|
||||||
|
|
||||||
- name: Print size of local media repository before purge
|
|
||||||
debug:
|
|
||||||
msg: "{{ awx_local_media_size_before.stdout.split('\n') }}"
|
|
||||||
when: awx_purge_media_type == "Local Media"
|
|
||||||
|
|
||||||
- name: Print size of local media repository after purge
|
|
||||||
debug:
|
|
||||||
msg: "{{ awx_local_media_size_after.stdout.split('\n') }}"
|
|
||||||
when: awx_purge_media_type == "Local Media"
|
|
||||||
|
|
||||||
- name: Print size of remote media repository before purge
|
|
||||||
debug:
|
|
||||||
msg: "{{ awx_remote_media_size_before.stdout.split('\n') }}"
|
|
||||||
when: awx_purge_media_type == "Remote Media"
|
|
||||||
|
|
||||||
- name: Print size of remote media repository after purge
|
|
||||||
debug:
|
|
||||||
msg: "{{ awx_remote_media_size_after.stdout.split('\n') }}"
|
|
||||||
when: awx_purge_media_type == "Remote Media"
|
|
||||||
|
|
||||||
- name: Delete the AWX session token for executing modules
|
|
||||||
awx.awx.tower_token:
|
|
||||||
description: 'AWX Session Token'
|
|
||||||
scope: "write"
|
|
||||||
state: absent
|
|
||||||
existing_token_id: "{{ awx_session_token.ansible_facts.tower_token.id }}"
|
|
||||||
tower_host: "https://{{ awx_host }}"
|
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
|
||||||
|
|
||||||
- name: Set boolean value to exit playbook
|
|
||||||
set_fact:
|
|
||||||
awx_end_playbook: true
|
|
||||||
|
|
||||||
- name: End playbook early if this task is called.
|
|
||||||
meta: end_play
|
|
||||||
when: awx_end_playbook is defined and awx_end_playbook|bool
|
|
|
@ -1,19 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Collect epoche time from date
|
|
||||||
shell: |
|
|
||||||
date -d '{{ item }}' +"%s"
|
|
||||||
register: awx_epoche_time
|
|
||||||
|
|
||||||
- name: Purge remote media to specific date
|
|
||||||
shell: |
|
|
||||||
curl -X POST --header "Authorization: Bearer {{ awx_janitors_token.stdout[1:-1] }}" '{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_synapse/admin/v1/purge_media_cache?before_ts={{ awx_epoche_time.stdout }}000'
|
|
||||||
register: awx_purge_command
|
|
||||||
|
|
||||||
- name: Print output of purge command
|
|
||||||
debug:
|
|
||||||
msg: "{{ awx_purge_command.stdout }}"
|
|
||||||
|
|
||||||
- name: Pause for 5 seconds to let Synapse breathe
|
|
||||||
pause:
|
|
||||||
seconds: 5
|
|
|
@ -1,25 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Set the new authorized key taken from file
|
|
||||||
authorized_key:
|
|
||||||
user: root
|
|
||||||
state: present
|
|
||||||
exclusive: true
|
|
||||||
key: "{{ lookup('file', '/var/lib/awx/projects/hosting/client_public.key') }}"
|
|
||||||
|
|
||||||
- name: Delete the AWX session token for executing modules
|
|
||||||
awx.awx.tower_token:
|
|
||||||
description: 'AWX Session Token'
|
|
||||||
scope: "write"
|
|
||||||
state: absent
|
|
||||||
existing_token_id: "{{ awx_session_token.ansible_facts.tower_token.id }}"
|
|
||||||
tower_host: "https://{{ awx_host }}"
|
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
|
||||||
|
|
||||||
- name: Set boolean value to exit playbook
|
|
||||||
set_fact:
|
|
||||||
end_playbook: true
|
|
||||||
|
|
||||||
- name: End playbook if this task list is called.
|
|
||||||
meta: end_play
|
|
||||||
when: end_playbook is defined and end_playbook|bool
|
|
|
@ -1,108 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Install prerequisite apt packages on target
|
|
||||||
apt:
|
|
||||||
name:
|
|
||||||
- sysstat
|
|
||||||
- curl
|
|
||||||
state: present
|
|
||||||
|
|
||||||
- name: Install prerequisite yum packages on AWX
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
yum:
|
|
||||||
name:
|
|
||||||
- bind-utils
|
|
||||||
state: present
|
|
||||||
|
|
||||||
- name: Install prerequisite pip packages on AWX
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
pip:
|
|
||||||
name:
|
|
||||||
- dnspython
|
|
||||||
state: present
|
|
||||||
|
|
||||||
- name: Calculate MAU value
|
|
||||||
shell: |
|
|
||||||
curl -s localhost:9000 | grep "^synapse_admin_mau_current "
|
|
||||||
register: awx_mau_stat
|
|
||||||
no_log: true
|
|
||||||
|
|
||||||
- name: Calculate CPU usage statistics
|
|
||||||
shell: iostat -c
|
|
||||||
register: awx_cpu_usage_stat
|
|
||||||
no_log: true
|
|
||||||
|
|
||||||
- name: Calculate RAM usage statistics
|
|
||||||
shell: free -mh
|
|
||||||
register: awx_ram_usage_stat
|
|
||||||
no_log: true
|
|
||||||
|
|
||||||
- name: Calculate free disk space
|
|
||||||
shell: df -h
|
|
||||||
register: awx_disk_space_stat
|
|
||||||
no_log: true
|
|
||||||
|
|
||||||
- name: Calculate size of Synapse database
|
|
||||||
shell: du -sh /matrix/postgres/data
|
|
||||||
register: awx_db_size_stat
|
|
||||||
no_log: true
|
|
||||||
|
|
||||||
- name: Calculate size of local media repository
|
|
||||||
shell: du -sh /matrix/synapse/storage/media-store/local*
|
|
||||||
register: awx_local_media_size_stat
|
|
||||||
async: 600
|
|
||||||
ignore_errors: true
|
|
||||||
no_log: true
|
|
||||||
|
|
||||||
- name: Calculate size of remote media repository
|
|
||||||
shell: du -sh /matrix/synapse/storage/media-store/remote*
|
|
||||||
register: awx_remote_media_size_stat
|
|
||||||
async: 600
|
|
||||||
ignore_errors: true
|
|
||||||
no_log: true
|
|
||||||
|
|
||||||
- name: Calculate docker container statistics
|
|
||||||
shell: docker stats --all --no-stream
|
|
||||||
register: awx_docker_stats
|
|
||||||
ignore_errors: true
|
|
||||||
no_log: true
|
|
||||||
|
|
||||||
- name: Print size of remote media repository
|
|
||||||
debug:
|
|
||||||
msg: "{{ awx_remote_media_size_stat.stdout.split('\n') }}"
|
|
||||||
when: awx_remote_media_size_stat is defined
|
|
||||||
|
|
||||||
- name: Print size of local media repository
|
|
||||||
debug:
|
|
||||||
msg: "{{ awx_local_media_size_stat.stdout.split('\n') }}"
|
|
||||||
when: awx_local_media_size_stat is defined
|
|
||||||
|
|
||||||
- name: Print size of Synapse database
|
|
||||||
debug:
|
|
||||||
msg: "{{ awx_db_size_stat.stdout.split('\n') }}"
|
|
||||||
when: awx_db_size_stat is defined
|
|
||||||
|
|
||||||
- name: Print free disk space
|
|
||||||
debug:
|
|
||||||
msg: "{{ awx_disk_space_stat.stdout.split('\n') }}"
|
|
||||||
when: awx_disk_space_stat is defined
|
|
||||||
|
|
||||||
- name: Print RAM usage statistics
|
|
||||||
debug:
|
|
||||||
msg: "{{ awx_ram_usage_stat.stdout.split('\n') }}"
|
|
||||||
when: awx_ram_usage_stat is defined
|
|
||||||
|
|
||||||
- name: Print CPU usage statistics
|
|
||||||
debug:
|
|
||||||
msg: "{{ awx_cpu_usage_stat.stdout.split('\n') }}"
|
|
||||||
when: awx_cpu_usage_stat is defined
|
|
||||||
|
|
||||||
- name: Print MAU value
|
|
||||||
debug:
|
|
||||||
msg: "{{ awx_mau_stat.stdout.split('\n') }}"
|
|
||||||
when: awx_mau_stat is defined
|
|
||||||
|
|
||||||
- name: Print docker container statistics
|
|
||||||
debug:
|
|
||||||
msg: "{{ awx_docker_stats.stdout.split('\n') }}"
|
|
||||||
when: awx_docker_stats is defined
|
|
|
@ -1,243 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Record Corporal Enabled/Disabled variable
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: {{ item.value }}"
|
|
||||||
insertafter: '# Corporal Settings Start'
|
|
||||||
with_dict:
|
|
||||||
'matrix_corporal_enabled': '{{ matrix_corporal_enabled }}'
|
|
||||||
|
|
||||||
- name: Enable Shared Secret Auth if Corporal enabled
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: {{ item.value }}"
|
|
||||||
insertafter: '# Shared Secret Auth Settings Start'
|
|
||||||
with_dict:
|
|
||||||
'matrix_synapse_ext_password_provider_shared_secret_auth_enabled': 'true'
|
|
||||||
when: matrix_corporal_enabled|bool
|
|
||||||
|
|
||||||
- name: Disable Shared Secret Auth if Corporal disabled
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: {{ item.value }}"
|
|
||||||
insertafter: '# Shared Secret Auth Settings Start'
|
|
||||||
with_dict:
|
|
||||||
'matrix_synapse_ext_password_provider_shared_secret_auth_enabled': 'false'
|
|
||||||
when: not matrix_corporal_enabled|bool
|
|
||||||
|
|
||||||
- name: Enable Rest Auth Endpoint if Corporal enabled
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: {{ item.value }}"
|
|
||||||
insertafter: '# Synapse Extension Start'
|
|
||||||
with_dict:
|
|
||||||
'matrix_synapse_ext_password_provider_rest_auth_enabled': 'true'
|
|
||||||
when: matrix_corporal_enabled|bool
|
|
||||||
|
|
||||||
- name: Disable Rest Auth Endpoint if Corporal disabled
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: {{ item.value }}"
|
|
||||||
insertafter: '# Synapse Extension Start'
|
|
||||||
with_dict:
|
|
||||||
'matrix_synapse_ext_password_provider_rest_auth_enabled': 'false'
|
|
||||||
when: not matrix_corporal_enabled|bool
|
|
||||||
|
|
||||||
- name: Disable Corporal API if Simple Static File mode selected
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: {{ item.value }}"
|
|
||||||
insertafter: '# Corporal Settings Start'
|
|
||||||
with_dict:
|
|
||||||
'matrix_corporal_http_api_enabled': 'false'
|
|
||||||
when: (awx_corporal_policy_provider_mode == "Simple Static File") or (not matrix_corporal_enabled|bool)
|
|
||||||
|
|
||||||
- name: Enable Corporal API if Push/Pull mode delected
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: {{ item.value }}"
|
|
||||||
insertafter: '# Corporal Settings Start'
|
|
||||||
with_dict:
|
|
||||||
'matrix_corporal_http_api_enabled': 'true'
|
|
||||||
when: (awx_corporal_policy_provider_mode != "Simple Static File") and (matrix_corporal_enabled|bool)
|
|
||||||
|
|
||||||
- name: Record Corporal API Access Token if it's defined
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: {{ item.value }}"
|
|
||||||
insertafter: '# Corporal Settings Start'
|
|
||||||
with_dict:
|
|
||||||
'matrix_corporal_http_api_auth_token': '{{ matrix_corporal_http_api_auth_token }}'
|
|
||||||
when: ( matrix_corporal_http_api_auth_token|length > 0 ) and ( awx_corporal_policy_provider_mode != "Simple Static File" )
|
|
||||||
|
|
||||||
- name: Record 'Simple Static File' configuration variables in matrix_vars.yml
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
blockinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
insertbefore: "# Corporal Policy Provider Settings End"
|
|
||||||
marker_begin: "Corporal"
|
|
||||||
marker_end: "Corporal"
|
|
||||||
block: |
|
|
||||||
matrix_corporal_policy_provider_config: |
|
|
||||||
{
|
|
||||||
"Type": "static_file",
|
|
||||||
"Path": "/etc/matrix-corporal/corporal-policy.json"
|
|
||||||
}
|
|
||||||
when: awx_corporal_policy_provider_mode == "Simple Static File"
|
|
||||||
|
|
||||||
- name: Touch the /matrix/corporal/ directory
|
|
||||||
file:
|
|
||||||
path: "/matrix/corporal/"
|
|
||||||
state: directory
|
|
||||||
owner: matrix
|
|
||||||
group: matrix
|
|
||||||
mode: '750'
|
|
||||||
|
|
||||||
- name: Touch the /matrix/corporal/config/ directory
|
|
||||||
file:
|
|
||||||
path: "/matrix/corporal/config/"
|
|
||||||
state: directory
|
|
||||||
owner: matrix
|
|
||||||
group: matrix
|
|
||||||
mode: '750'
|
|
||||||
|
|
||||||
- name: Touch the /matrix/corporal/cache/ directory
|
|
||||||
file:
|
|
||||||
path: "/matrix/corporal/cache/"
|
|
||||||
state: directory
|
|
||||||
owner: matrix
|
|
||||||
group: matrix
|
|
||||||
mode: '750'
|
|
||||||
|
|
||||||
- name: Touch the corporal-policy.json file to ensure it exists
|
|
||||||
file:
|
|
||||||
path: "/matrix/corporal/config/corporal-policy.json"
|
|
||||||
state: touch
|
|
||||||
owner: matrix
|
|
||||||
group: matrix
|
|
||||||
mode: '660'
|
|
||||||
|
|
||||||
- name: Touch the last-policy.json file to ensure it exists
|
|
||||||
file:
|
|
||||||
path: "/matrix/corporal/config/last-policy.json"
|
|
||||||
state: touch
|
|
||||||
owner: matrix
|
|
||||||
group: matrix
|
|
||||||
mode: '660'
|
|
||||||
|
|
||||||
- name: Record 'Simple Static File' configuration content in corporal-policy.json
|
|
||||||
copy:
|
|
||||||
content: "{{ awx_corporal_simple_static_config | string }}"
|
|
||||||
dest: "/matrix/corporal/config/corporal-policy.json"
|
|
||||||
owner: matrix
|
|
||||||
group: matrix
|
|
||||||
mode: '660'
|
|
||||||
when: (awx_corporal_policy_provider_mode == "Simple Static File") and (awx_corporal_simple_static_config|length > 0)
|
|
||||||
|
|
||||||
- name: Record 'HTTP Pull Mode' configuration variables in matrix_vars.yml
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
blockinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
insertafter: "# Corporal Policy Provider Settings Start"
|
|
||||||
block: |
|
|
||||||
matrix_corporal_policy_provider_config: |
|
|
||||||
{
|
|
||||||
"Type": "http",
|
|
||||||
"Uri": "{{ awx_corporal_pull_mode_uri }}",
|
|
||||||
"AuthorizationBearerToken": "{{ awx_corporal_pull_mode_token }}",
|
|
||||||
"CachePath": "/var/cache/matrix-corporal/last-policy.json",
|
|
||||||
"ReloadIntervalSeconds": 1800,
|
|
||||||
"TimeoutMilliseconds": 30000
|
|
||||||
}
|
|
||||||
when: (awx_corporal_policy_provider_mode == "HTTP Pull Mode (API Enabled)") and (matrix_corporal_pull_mode_uri|length > 0) and (awx_corporal_pull_mode_token|length > 0)
|
|
||||||
|
|
||||||
- name: Record 'HTTP Push Mode' configuration variables in matrix_vars.yml
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
blockinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
insertafter: "# Corporal Policy Provider Settings Start"
|
|
||||||
block: |
|
|
||||||
matrix_corporal_policy_provider_config: |
|
|
||||||
{
|
|
||||||
"Type": "last_seen_store_policy",
|
|
||||||
"CachePath": "/var/cache/matrix-corporal/last-policy.json"
|
|
||||||
}
|
|
||||||
when: (awx_corporal_policy_provider_mode == "HTTP Push Mode (API Enabled)")
|
|
||||||
|
|
||||||
- name: Lower RateLimit if set to 'Normal'
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
replace:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: ' address:\n per_second: 50\n burst_count: 300\n account:\n per_second: 0.17\n burst_count: 300'
|
|
||||||
replace: ' address:\n per_second: 0.17\n burst_count: 3\n account:\n per_second: 0.17\n burst_count: 3'
|
|
||||||
when: awx_corporal_raise_ratelimits == "Normal"
|
|
||||||
|
|
||||||
- name: Raise RateLimit if set to 'Raised'
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
replace:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: ' address:\n per_second: 0.17\n burst_count: 3\n account:\n per_second: 0.17\n burst_count: 3'
|
|
||||||
replace: ' address:\n per_second: 50\n burst_count: 300\n account:\n per_second: 0.17\n burst_count: 300'
|
|
||||||
when: awx_corporal_raise_ratelimits == "Raised"
|
|
||||||
|
|
||||||
- name: Save new 'Configure Corporal' survey.json to the AWX tower
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
template:
|
|
||||||
src: 'roles/matrix-awx/surveys/configure_corporal.json.j2'
|
|
||||||
dest: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_corporal.json'
|
|
||||||
|
|
||||||
- name: Copy new 'Configure Corporal' survey.json to target machine
|
|
||||||
copy:
|
|
||||||
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_corporal.json'
|
|
||||||
dest: '/matrix/awx/configure_corporal.json'
|
|
||||||
mode: '0660'
|
|
||||||
|
|
||||||
- debug:
|
|
||||||
msg: "matrix_corporal_matrix_homeserver_api_endpoint: {{ matrix_corporal_matrix_homeserver_api_endpoint }}"
|
|
||||||
|
|
||||||
- debug:
|
|
||||||
msg: "matrix_corporal_matrix_auth_shared_secret: {{ matrix_corporal_matrix_auth_shared_secret }}"
|
|
||||||
|
|
||||||
- debug:
|
|
||||||
msg: "matrix_corporal_http_gateway_internal_rest_auth_enabled: {{ matrix_corporal_http_gateway_internal_rest_auth_enabled }}"
|
|
||||||
|
|
||||||
- debug:
|
|
||||||
msg: "matrix_corporal_matrix_registration_shared_secret: {{ matrix_corporal_matrix_registration_shared_secret }}"
|
|
||||||
|
|
||||||
- name: Recreate 'Configure Corporal (Advanced)' job template
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
awx.awx.tower_job_template:
|
|
||||||
name: "{{ matrix_domain }} - 1 - Configure Corporal (Advanced)"
|
|
||||||
description: "Configure Matrix Corporal, a tool that manages your Matrix server according to a configuration policy."
|
|
||||||
extra_vars: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/extra_vars.json') }}"
|
|
||||||
job_type: run
|
|
||||||
job_tags: "start,setup-corporal"
|
|
||||||
inventory: "{{ member_id }}"
|
|
||||||
project: "{{ member_id }} - Matrix Docker Ansible Deploy"
|
|
||||||
playbook: setup.yml
|
|
||||||
credential: "{{ member_id }} - AWX SSH Key"
|
|
||||||
survey_enabled: true
|
|
||||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_corporal.json') }}"
|
|
||||||
become_enabled: true
|
|
||||||
state: present
|
|
||||||
verbosity: 1
|
|
||||||
tower_host: "https://{{ awx_host }}"
|
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
|
||||||
validate_certs: true
|
|
|
@ -1,105 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Include vars in matrix_vars.yml
|
|
||||||
include_vars:
|
|
||||||
file: '{{ awx_cached_matrix_vars }}'
|
|
||||||
no_log: true
|
|
||||||
|
|
||||||
- name: Install jq and curl on remote machine
|
|
||||||
apt:
|
|
||||||
name:
|
|
||||||
- jq
|
|
||||||
- curl
|
|
||||||
state: present
|
|
||||||
|
|
||||||
- name: Collect access token of @admin-dimension user
|
|
||||||
shell: |
|
|
||||||
curl -X POST --header 'Content-Type: application/json' -d '{"identifier": {"type": "m.id.user","user": "admin-dimension"}, "password": "{{ awx_dimension_user_password }}", "type": "m.login.password"}' 'https://matrix.{{ matrix_domain }}/_matrix/client/r0/login' | jq '.access_token'
|
|
||||||
register: awx_dimension_user_access_token
|
|
||||||
|
|
||||||
- name: Record Synapse variables locally on AWX
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: {{ item.value }}"
|
|
||||||
insertafter: '# Dimension Settings Start'
|
|
||||||
with_dict:
|
|
||||||
'matrix_dimension_enabled': '{{ matrix_dimension_enabled }}'
|
|
||||||
'matrix_dimension_access_token': '"{{ awx_dimension_user_access_token.stdout[1:-1] }}"'
|
|
||||||
|
|
||||||
- name: Set final users list if users are defined
|
|
||||||
set_fact:
|
|
||||||
awx_dimension_users_final: "{{ awx_dimension_users }}"
|
|
||||||
when: awx_dimension_users | length > 0
|
|
||||||
|
|
||||||
- name: Set final users list if no users are defined
|
|
||||||
set_fact:
|
|
||||||
awx_dimension_users_final: '@dimension:{{ matrix_domain }}'
|
|
||||||
when: awx_dimension_users | length == 0
|
|
||||||
|
|
||||||
- name: Remove Dimension Users
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
replace:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: '^ - .*\n'
|
|
||||||
after: 'matrix_dimension_admins:'
|
|
||||||
before: '# Dimension Settings End'
|
|
||||||
|
|
||||||
- name: Set Dimension Users Header
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
insertbefore: '# Dimension Settings End'
|
|
||||||
line: "matrix_dimension_admins:"
|
|
||||||
|
|
||||||
- name: Set Dimension Users
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
insertafter: '^matrix_dimension_admins:'
|
|
||||||
line: ' - "{{ item }}"'
|
|
||||||
with_items: "{{ awx_dimension_users_final.splitlines() }}"
|
|
||||||
|
|
||||||
- name: Record Dimension Custom variables locally on AWX
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: {{ item.value }}"
|
|
||||||
insertbefore: '# Dimension Settings End'
|
|
||||||
with_dict:
|
|
||||||
'awx_dimension_users': '{{ awx_dimension_users.splitlines() | to_json }}'
|
|
||||||
|
|
||||||
- name: Save new 'Configure Dimension' survey.json to the AWX tower, template
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
template:
|
|
||||||
src: 'roles/matrix-awx/surveys/configure_dimension.json.j2'
|
|
||||||
dest: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}//configure_dimension.json'
|
|
||||||
|
|
||||||
- name: Copy new 'Configure Dimension' survey.json to target machine
|
|
||||||
copy:
|
|
||||||
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_dimension.json'
|
|
||||||
dest: '/matrix/awx/configure_dimension.json'
|
|
||||||
mode: '0660'
|
|
||||||
|
|
||||||
- name: Recreate 'Configure Dimension' job template
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
awx.awx.tower_job_template:
|
|
||||||
name: "{{ matrix_domain }} - 1 - Configure Dimension"
|
|
||||||
description: "Configure Dimension, the self-hosted integrations server."
|
|
||||||
extra_vars: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/extra_vars.json') }}"
|
|
||||||
job_type: run
|
|
||||||
job_tags: "start,setup-all,setup-dimension"
|
|
||||||
inventory: "{{ member_id }}"
|
|
||||||
project: "{{ member_id }} - Matrix Docker Ansible Deploy"
|
|
||||||
playbook: setup.yml
|
|
||||||
credential: "{{ member_id }} - AWX SSH Key"
|
|
||||||
survey_enabled: true
|
|
||||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_dimension.json') }}"
|
|
||||||
become_enabled: true
|
|
||||||
state: present
|
|
||||||
verbosity: 1
|
|
||||||
tower_host: "https://{{ awx_host }}"
|
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
|
||||||
validate_certs: true
|
|
|
@ -1,180 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Record Element-Web variables locally on AWX
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: {{ item.value }}"
|
|
||||||
insertafter: '# Element Settings Start'
|
|
||||||
with_dict:
|
|
||||||
'matrix_client_element_enabled': '{{ matrix_client_element_enabled }}'
|
|
||||||
'matrix_client_element_jitsi_preferredDomain': 'jitsi.{{ matrix_domain }}'
|
|
||||||
'matrix_client_element_default_theme': '{{ matrix_client_element_default_theme }}'
|
|
||||||
'matrix_client_element_registration_enabled': '{{ matrix_client_element_registration_enabled }}'
|
|
||||||
'matrix_client_element_brand': '{{ matrix_client_element_brand | trim }}'
|
|
||||||
'matrix_client_element_branding_welcomeBackgroundUrl': '{{ matrix_client_element_branding_welcomeBackgroundUrl | trim }}'
|
|
||||||
'matrix_client_element_welcome_logo': '{{ matrix_client_element_welcome_logo | trim }}'
|
|
||||||
'matrix_client_element_welcome_logo_link': '{{ matrix_client_element_welcome_logo_link | trim }}'
|
|
||||||
|
|
||||||
- name: Record Element-Web custom variables locally on AWX
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: '{{ item.value }}'"
|
|
||||||
insertbefore: '# Element Settings End'
|
|
||||||
with_dict:
|
|
||||||
'awx_matrix_client_element_welcome_headline': '{{ awx_matrix_client_element_welcome_headline | trim }}'
|
|
||||||
'awx_matrix_client_element_welcome_text': '{{ awx_matrix_client_element_welcome_text | trim }}'
|
|
||||||
|
|
||||||
- name: Set Element-Web custom branding locally on AWX
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: '{{ item.value }}'"
|
|
||||||
insertafter: '# Element Settings Start'
|
|
||||||
with_dict:
|
|
||||||
'matrix_client_element_brand': "{{ matrix_client_element_brand }}"
|
|
||||||
when: matrix_client_element_brand | trim | length > 0
|
|
||||||
|
|
||||||
- name: Remove Element-Web custom branding locally on AWX if not defined
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^matrix_client_element_brand: "
|
|
||||||
state: absent
|
|
||||||
when: matrix_client_element_brand | trim | length == 0
|
|
||||||
|
|
||||||
- name: Set fact for 'https' string
|
|
||||||
set_fact:
|
|
||||||
awx_https_string: "https"
|
|
||||||
|
|
||||||
- name: Set Element-Web custom logo locally on AWX if defined
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: '{{ item.value }}'"
|
|
||||||
insertafter: '# Element Settings Start'
|
|
||||||
with_dict:
|
|
||||||
'matrix_client_element_welcome_logo': '{{ matrix_client_element_welcome_logo }}'
|
|
||||||
when: ( awx_https_string in matrix_client_element_welcome_logo ) and ( matrix_client_element_welcome_logo | trim | length > 0 )
|
|
||||||
|
|
||||||
- name: Remove Element-Web custom logo locally on AWX if not defined
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^matrix_client_element_welcome_logo: "
|
|
||||||
state: absent
|
|
||||||
when: matrix_client_element_welcome_logo | trim | length == 0
|
|
||||||
|
|
||||||
- name: Set Element-Web custom logo link locally on AWX if defined
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: '{{ item.value }}'"
|
|
||||||
insertafter: '# Element Settings Start'
|
|
||||||
with_dict:
|
|
||||||
'matrix_client_element_welcome_logo_link': '{{ matrix_client_element_welcome_logo_link }}'
|
|
||||||
when: ( awx_https_string in matrix_client_element_welcome_logo_link ) and ( matrix_client_element_welcome_logo_link | trim | length > 0 )
|
|
||||||
|
|
||||||
- name: Remove Element-Web custom logo link locally on AWX if not defined
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^matrix_client_element_welcome_logo_link: "
|
|
||||||
state: absent
|
|
||||||
when: matrix_client_element_welcome_logo_link | trim | length == 0
|
|
||||||
|
|
||||||
- name: Set Element-Web custom headline locally on AWX if defined
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: '{{ item.value }}'"
|
|
||||||
insertafter: '# Element Settings Start'
|
|
||||||
with_dict:
|
|
||||||
'matrix_client_element_welcome_headline': '{{ awx_matrix_client_element_welcome_headline }}'
|
|
||||||
when: awx_matrix_client_element_welcome_headline | trim | length > 0
|
|
||||||
|
|
||||||
- name: Remove Element-Web custom headline locally on AWX if not defined
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^matrix_client_element_welcome_headline: "
|
|
||||||
state: absent
|
|
||||||
when: awx_matrix_client_element_welcome_headline | trim | length == 0
|
|
||||||
|
|
||||||
- name: Set Element-Web custom text locally on AWX if defined
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: '{{ item.value }}'"
|
|
||||||
insertafter: '# Element Settings Start'
|
|
||||||
with_dict:
|
|
||||||
'matrix_client_element_welcome_text': '{{ awx_matrix_client_element_welcome_text }}'
|
|
||||||
when: awx_matrix_client_element_welcome_text | trim | length > 0
|
|
||||||
|
|
||||||
- name: Remove Element-Web custom text locally on AWX if not defined
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^matrix_client_element_welcome_text: "
|
|
||||||
state: absent
|
|
||||||
when: awx_matrix_client_element_welcome_text | trim | length == 0
|
|
||||||
|
|
||||||
- name: Set Element-Web background locally on AWX if defined
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: '{{ item.value }}'"
|
|
||||||
insertafter: '# Element Settings Start'
|
|
||||||
with_dict:
|
|
||||||
'matrix_client_element_branding_welcomeBackgroundUrl': '{{ matrix_client_element_branding_welcomeBackgroundUrl }}'
|
|
||||||
when: matrix_client_element_branding_welcomeBackgroundUrl | trim | length > 0
|
|
||||||
|
|
||||||
- name: Remove Element-Web background locally on AWX if not defined
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^matrix_client_element_branding_welcomeBackgroundUrl: "
|
|
||||||
state: absent
|
|
||||||
when: matrix_client_element_branding_welcomeBackgroundUrl | trim | length == 0
|
|
||||||
|
|
||||||
- name: Save new 'Configure Element' survey.json to the AWX tower, template
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
template:
|
|
||||||
src: 'roles/matrix-awx/surveys/configure_element.json.j2'
|
|
||||||
dest: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_element.json'
|
|
||||||
|
|
||||||
- name: Copy new 'Configure Element' survey.json to target machine
|
|
||||||
copy:
|
|
||||||
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_element.json'
|
|
||||||
dest: '/matrix/awx/configure_element.json'
|
|
||||||
mode: '0660'
|
|
||||||
|
|
||||||
- name: Recreate 'Configure Element' job template
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
awx.awx.tower_job_template:
|
|
||||||
name: "{{ matrix_domain }} - 1 - Configure Element"
|
|
||||||
description: "Configure Element client via survey."
|
|
||||||
extra_vars: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/extra_vars.json') }}"
|
|
||||||
job_type: run
|
|
||||||
job_tags: "start,setup-client-element"
|
|
||||||
inventory: "{{ member_id }}"
|
|
||||||
project: "{{ member_id }} - Matrix Docker Ansible Deploy"
|
|
||||||
playbook: setup.yml
|
|
||||||
credential: "{{ member_id }} - AWX SSH Key"
|
|
||||||
survey_enabled: true
|
|
||||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_element.json') }}"
|
|
||||||
become_enabled: true
|
|
||||||
state: present
|
|
||||||
verbosity: 1
|
|
||||||
tower_host: "https://{{ awx_host }}"
|
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
|
||||||
validate_certs: true
|
|
|
@ -1,43 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Record Element-Web variables locally on AWX
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: {{ item.value }}"
|
|
||||||
insertafter: '# Element Settings Start'
|
|
||||||
with_dict:
|
|
||||||
'matrix_server_fqn_element': "{{ awx_element_subdomain | trim }}.{{ matrix_domain }}"
|
|
||||||
|
|
||||||
- name: Save new 'Configure Element Subdomain' survey.json to the AWX tower, template
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
template:
|
|
||||||
src: 'roles/matrix-awx/surveys/configure_element_subdomain.json.j2'
|
|
||||||
dest: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_element_subdomain.json'
|
|
||||||
|
|
||||||
- name: Copy new 'Configure Element Subdomain' survey.json to target machine
|
|
||||||
copy:
|
|
||||||
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_element_subdomain.json'
|
|
||||||
dest: '/matrix/awx/configure_element_subdomain.json'
|
|
||||||
mode: '0660'
|
|
||||||
|
|
||||||
- name: Recreate 'Configure Element Subdomain' job template
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
awx.awx.tower_job_template:
|
|
||||||
name: "{{ matrix_domain }} - 1 - Configure Element Subdomain"
|
|
||||||
description: "Configure Element clients subdomain location. (Eg: 'element' for element.example.org)"
|
|
||||||
extra_vars: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/extra_vars.json') }}"
|
|
||||||
job_type: run
|
|
||||||
job_tags: "start,setup-all,setup-client-element-subdomain"
|
|
||||||
inventory: "{{ member_id }}"
|
|
||||||
project: "{{ member_id }} - Matrix Docker Ansible Deploy"
|
|
||||||
playbook: setup.yml
|
|
||||||
credential: "{{ member_id }} - AWX SSH Key"
|
|
||||||
survey_enabled: true
|
|
||||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_element_subdomain.json') }}"
|
|
||||||
state: present
|
|
||||||
verbosity: 1
|
|
||||||
tower_host: "https://{{ awx_host }}"
|
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
|
||||||
validate_certs: true
|
|
|
@ -1,45 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Record Jitsi variables locally on AWX
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: {{ item.value }}"
|
|
||||||
insertafter: '# Jitsi Settings Start'
|
|
||||||
with_dict:
|
|
||||||
'matrix_jitsi_enabled': '{{ matrix_jitsi_enabled }}'
|
|
||||||
'matrix_jitsi_web_config_defaultLanguage': '{{ matrix_jitsi_web_config_defaultLanguage | trim }}'
|
|
||||||
|
|
||||||
- name: Save new 'Configure Jitsi' survey.json to the AWX tower, template
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
template:
|
|
||||||
src: 'roles/matrix-awx/surveys/configure_jitsi.json.j2'
|
|
||||||
dest: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_jitsi.json'
|
|
||||||
|
|
||||||
- name: Copy new 'Configure Jitsi' survey.json to target machine
|
|
||||||
copy:
|
|
||||||
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_jitsi.json'
|
|
||||||
dest: '/matrix/awx/configure_jitsi.json'
|
|
||||||
mode: '0660'
|
|
||||||
|
|
||||||
- name: Recreate 'Configure Jitsi' job template
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
awx.awx.tower_job_template:
|
|
||||||
name: "{{ matrix_domain }} - 1 - Configure Jitsi"
|
|
||||||
description: "Configure Jitsi conferencing settings."
|
|
||||||
extra_vars: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/extra_vars.json') }}"
|
|
||||||
job_type: run
|
|
||||||
job_tags: "start,setup-jitsi"
|
|
||||||
inventory: "{{ member_id }}"
|
|
||||||
project: "{{ member_id }} - Matrix Docker Ansible Deploy"
|
|
||||||
playbook: setup.yml
|
|
||||||
credential: "{{ member_id }} - AWX SSH Key"
|
|
||||||
survey_enabled: true
|
|
||||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_jitsi.json') }}"
|
|
||||||
become_enabled: true
|
|
||||||
state: present
|
|
||||||
verbosity: 1
|
|
||||||
tower_host: "https://{{ awx_host }}"
|
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
|
||||||
validate_certs: true
|
|
|
@ -1,102 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Record ma1sd variables locally on AWX
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: {{ item.value }}"
|
|
||||||
insertafter: '# ma1sd Settings Start'
|
|
||||||
with_dict:
|
|
||||||
'matrix_ma1sd_enabled': '{{ matrix_ma1sd_enabled }}'
|
|
||||||
|
|
||||||
- name: Disable REST auth (matrix-corporal/ma1sd) if using internal auth
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: {{ item.value }}"
|
|
||||||
insertafter: '# Synapse Extension Start'
|
|
||||||
with_dict:
|
|
||||||
'matrix_synapse_awx_password_provider_rest_auth_enabled': 'false'
|
|
||||||
when: awx_matrix_ma1sd_auth_store == 'Synapse Internal'
|
|
||||||
|
|
||||||
- name: Enable REST auth if using external LDAP/AD with ma1sd
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: {{ item.value }}"
|
|
||||||
insertafter: '# Synapse Extension Start'
|
|
||||||
with_dict:
|
|
||||||
'matrix_synapse_awx_password_provider_rest_auth_enabled': 'true'
|
|
||||||
'matrix_synapse_awx_password_provider_rest_auth_endpoint': '"http://matrix-ma1sd:{{ matrix_ma1sd_container_port }}"'
|
|
||||||
when: awx_matrix_ma1sd_auth_store == 'LDAP/AD'
|
|
||||||
|
|
||||||
- name: Remove entire ma1sd configuration extension
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
replace:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: '^.*\n'
|
|
||||||
after: '# ma1sd Extension Start'
|
|
||||||
before: '# ma1sd Extension End'
|
|
||||||
|
|
||||||
- name: Replace conjoined ma1sd configuration extension limiters
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
replace:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: '^# ma1sd Extension Start# ma1sd Extension End'
|
|
||||||
replace: '# ma1sd Extension Start\n# ma1sd Extension End'
|
|
||||||
|
|
||||||
- name: Insert/Update ma1sd configuration extension variables
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
blockinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
marker: "# {mark} ma1sd ANSIBLE MANAGED BLOCK"
|
|
||||||
insertafter: '# ma1sd Extension Start'
|
|
||||||
block: '{{ awx_matrix_ma1sd_configuration_extension_yaml }}'
|
|
||||||
|
|
||||||
- name: Record ma1sd Custom variables locally on AWX
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: {{ item.value }}"
|
|
||||||
insertbefore: '# ma1sd Settings End'
|
|
||||||
with_dict:
|
|
||||||
'awx_matrix_ma1sd_auth_store': '{{ awx_matrix_ma1sd_auth_store }}'
|
|
||||||
'awx_matrix_ma1sd_configuration_extension_yaml': '{{ awx_matrix_ma1sd_configuration_extension_yaml.splitlines() | to_json }}'
|
|
||||||
no_log: true
|
|
||||||
|
|
||||||
- name: Save new 'Configure ma1sd' survey.json to the AWX tower, template
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
template:
|
|
||||||
src: 'roles/matrix-awx/surveys/configure_ma1sd.json.j2'
|
|
||||||
dest: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_ma1sd.json'
|
|
||||||
|
|
||||||
- name: Copy new 'Configure ma1sd' survey.json to target machine
|
|
||||||
copy:
|
|
||||||
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_ma1sd.json'
|
|
||||||
dest: '/matrix/awx/configure_ma1sd.json'
|
|
||||||
mode: '0660'
|
|
||||||
|
|
||||||
- name: Recreate 'Configure ma1sd (Advanced)' job template
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
awx.awx.tower_job_template:
|
|
||||||
name: "{{ matrix_domain }} - 1 - Configure ma1sd (Advanced)"
|
|
||||||
description: "Configure Jitsi conferencing settings."
|
|
||||||
extra_vars: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/extra_vars.json') }}"
|
|
||||||
job_type: run
|
|
||||||
job_tags: "start,setup-ma1sd"
|
|
||||||
inventory: "{{ member_id }}"
|
|
||||||
project: "{{ member_id }} - Matrix Docker Ansible Deploy"
|
|
||||||
playbook: setup.yml
|
|
||||||
credential: "{{ member_id }} - AWX SSH Key"
|
|
||||||
survey_enabled: true
|
|
||||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_ma1sd.json') }}"
|
|
||||||
become_enabled: true
|
|
||||||
state: present
|
|
||||||
verbosity: 1
|
|
||||||
tower_host: "https://{{ awx_host }}"
|
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
|
||||||
validate_certs: true
|
|
|
@ -1,44 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Record Mailer variables locally on AWX
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: {{ item.value }}"
|
|
||||||
insertafter: '# Email Settings Start'
|
|
||||||
with_dict:
|
|
||||||
'matrix_mailer_relay_use': '{{ matrix_mailer_relay_use }}'
|
|
||||||
|
|
||||||
- name: Save new 'Configure Email Relay' survey.json to the AWX tower, template
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
template:
|
|
||||||
src: 'roles/matrix-awx/surveys/configure_email_relay.json.j2'
|
|
||||||
dest: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_email_relay.json'
|
|
||||||
|
|
||||||
- name: Copy new 'Configure Email Relay' survey.json to target machine
|
|
||||||
copy:
|
|
||||||
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_email_relay.json'
|
|
||||||
dest: '/matrix/awx/configure_email_relay.json'
|
|
||||||
mode: '0660'
|
|
||||||
|
|
||||||
- name: Recreate 'Configure Email Relay' job template
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
awx.awx.tower_job_template:
|
|
||||||
name: "{{ matrix_domain }} - 1 - Configure Email Relay"
|
|
||||||
description: "Enable MailGun relay to increase verification email reliability."
|
|
||||||
extra_vars: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/extra_vars.json') }}"
|
|
||||||
job_type: run
|
|
||||||
job_tags: "start,setup-mailer"
|
|
||||||
inventory: "{{ member_id }}"
|
|
||||||
project: "{{ member_id }} - Matrix Docker Ansible Deploy"
|
|
||||||
playbook: setup.yml
|
|
||||||
credential: "{{ member_id }} - AWX SSH Key"
|
|
||||||
survey_enabled: true
|
|
||||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_email_relay.json') }}"
|
|
||||||
become_enabled: true
|
|
||||||
state: present
|
|
||||||
verbosity: 1
|
|
||||||
tower_host: "https://{{ awx_host }}"
|
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
|
||||||
validate_certs: true
|
|
|
@ -1,68 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Include vars in matrix_vars.yml
|
|
||||||
include_vars:
|
|
||||||
file: '{{ awx_cached_matrix_vars }}'
|
|
||||||
no_log: true
|
|
||||||
|
|
||||||
- name: Collect the internal IP of the matrix-synapse container
|
|
||||||
shell: |
|
|
||||||
/usr/bin/docker inspect --format '{''{range.NetworkSettings.Networks}''}{''{.IPAddress}''}{''{end}''}' matrix-synapse
|
|
||||||
register: matrix_synapse_ip
|
|
||||||
|
|
||||||
- name: Collect access token of @admin-mjolnir user
|
|
||||||
shell: |
|
|
||||||
curl -X POST --header 'Content-Type: application/json' -d '{"identifier": {"type": "m.id.user","user": "admin-mjolnir"}, "password": "{{ awx_mjolnir_user_password }}", "type": "m.login.password"}' 'http://{{ matrix_synapse_ip.stdout }}:8008/_matrix/client/r0/login' | jq '.access_token'
|
|
||||||
register: awx_mjolnir_user_access_token
|
|
||||||
no_log: true
|
|
||||||
|
|
||||||
- name: Record Mjolnir Bot variables locally on AWX
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: {{ item.value }}"
|
|
||||||
insertafter: '# Mjolnir Settings Start'
|
|
||||||
with_dict:
|
|
||||||
'matrix_bot_mjolnir_enabled': '{{ matrix_bot_mjolnir_enabled }}'
|
|
||||||
'matrix_bot_mjolnir_access_token': '{{ awx_mjolnir_user_access_token.stdout[1:-1] }}'
|
|
||||||
'matrix_bot_mjolnir_management_room': '"{{ matrix_bot_mjolnir_management_room }}"'
|
|
||||||
no_log: true
|
|
||||||
|
|
||||||
- name: Remove Synapse rate-limiting for admin-mjolnir user
|
|
||||||
shell: |
|
|
||||||
/usr/local/bin/matrix-postgres-cli-non-interactive --dbname=synapse --command="INSERT INTO ratelimit_override VALUES ('@admin-mjolnir:{{ matrix_domain }}', 0, 0);"
|
|
||||||
ignore_errors: true
|
|
||||||
|
|
||||||
- name: Save new 'Configure Mjolnir' survey.json to the AWX tower, template
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
template:
|
|
||||||
src: 'roles/matrix-awx/surveys/configure_mjolnir.json.j2'
|
|
||||||
dest: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_mjolnir.json'
|
|
||||||
|
|
||||||
- name: Copy new 'Configure Mjolnir' survey.json to target machine
|
|
||||||
copy:
|
|
||||||
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_mjolnir.json'
|
|
||||||
dest: '/matrix/awx/configure_mjolnir.json'
|
|
||||||
mode: '0660'
|
|
||||||
|
|
||||||
- name: Recreate 'Configure Mjolnir Bot' job template
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
awx.awx.tower_job_template:
|
|
||||||
name: "{{ matrix_domain }} - 1 - Configure Mjolnir Bot"
|
|
||||||
description: "Configure Mjolnir settings, Mjolnir is a moderation bot for Matrix."
|
|
||||||
extra_vars: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/extra_vars.json') }}"
|
|
||||||
job_type: run
|
|
||||||
job_tags: "start,setup-bot-mjolnir"
|
|
||||||
inventory: "{{ member_id }}"
|
|
||||||
project: "{{ member_id }} - Matrix Docker Ansible Deploy"
|
|
||||||
playbook: setup.yml
|
|
||||||
credential: "{{ member_id }} - AWX SSH Key"
|
|
||||||
survey_enabled: true
|
|
||||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_mjolnir.json') }}"
|
|
||||||
become_enabled: true
|
|
||||||
state: present
|
|
||||||
verbosity: 1
|
|
||||||
tower_host: "https://{{ awx_host }}"
|
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
|
||||||
validate_certs: true
|
|
|
@ -1,223 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Limit max upload size to 200MB part 1
|
|
||||||
set_fact:
|
|
||||||
matrix_synapse_max_upload_size_mb: "200"
|
|
||||||
when: awx_synapse_max_upload_size_mb | int >= 200
|
|
||||||
|
|
||||||
- name: Limit max upload size to 200MB part 2
|
|
||||||
set_fact:
|
|
||||||
matrix_synapse_max_upload_size_mb: "{{ awx_synapse_max_upload_size_mb }}"
|
|
||||||
when: awx_synapse_max_upload_size_mb | int < 200
|
|
||||||
|
|
||||||
- name: Record Synapse variables locally on AWX
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: {{ item.value }}"
|
|
||||||
insertafter: '# Synapse Settings Start'
|
|
||||||
with_dict:
|
|
||||||
'matrix_synapse_allow_public_rooms_over_federation': '{{ matrix_synapse_allow_public_rooms_over_federation }}'
|
|
||||||
'matrix_synapse_enable_registration': '{{ matrix_synapse_enable_registration }}'
|
|
||||||
'matrix_synapse_federation_enabled': '{{ matrix_synapse_federation_enabled }}'
|
|
||||||
'matrix_synapse_enable_group_creation': '{{ matrix_synapse_enable_group_creation }}'
|
|
||||||
'matrix_synapse_presence_enabled': '{{ matrix_synapse_presence_enabled }}'
|
|
||||||
'matrix_synapse_max_upload_size_mb': '{{ matrix_synapse_max_upload_size_mb }}'
|
|
||||||
'matrix_synapse_url_preview_enabled': '{{ matrix_synapse_url_preview_enabled }}'
|
|
||||||
'matrix_synapse_allow_guest_access': '{{ matrix_synapse_allow_guest_access }}'
|
|
||||||
|
|
||||||
- name: Empty Synapse variable 'matrix_synapse_auto_join_rooms' locally on AWX, if raw inputs empty
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
replace:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^matrix_synapse_auto_join_rooms: .*$"
|
|
||||||
replace: "matrix_synapse_auto_join_rooms: []"
|
|
||||||
when: awx_synapse_auto_join_rooms | length == 0
|
|
||||||
|
|
||||||
- name: If the raw inputs is not empty start constructing parsed auto_join_rooms list
|
|
||||||
set_fact:
|
|
||||||
awx_synapse_auto_join_rooms_array: |-
|
|
||||||
{{ awx_synapse_auto_join_rooms.splitlines() | to_json }}
|
|
||||||
when: awx_synapse_auto_join_rooms | length > 0
|
|
||||||
|
|
||||||
- name: Record Synapse variable 'matrix_synapse_auto_join_rooms' locally on AWX, if it's not blank
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: {{ item.value }}"
|
|
||||||
insertafter: '# Synapse Settings Start'
|
|
||||||
with_dict:
|
|
||||||
"matrix_synapse_auto_join_rooms": "{{ awx_synapse_auto_join_rooms_array }}"
|
|
||||||
when: awx_synapse_auto_join_rooms | length > 0
|
|
||||||
|
|
||||||
- name: Record Synapse Shared Secret if it's defined
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: {{ item.value }}"
|
|
||||||
insertafter: '# Synapse Settings Start'
|
|
||||||
with_dict:
|
|
||||||
'matrix_synapse_registration_shared_secret': '{{ awx_matrix_synapse_registration_shared_secret }}'
|
|
||||||
when: awx_matrix_synapse_registration_shared_secret | length > 0
|
|
||||||
|
|
||||||
- name: Record registations_require_3pid extra variable if true
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "{{ item }}"
|
|
||||||
line: "{{ item }}"
|
|
||||||
insertbefore: '# Synapse Extension End'
|
|
||||||
with_items:
|
|
||||||
- " registrations_require_3pid:"
|
|
||||||
- " - email"
|
|
||||||
when: awx_registrations_require_3pid | bool
|
|
||||||
|
|
||||||
- name: Remove registrations_require_3pid extra variable if false
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "{{ item }}"
|
|
||||||
line: "{{ item }}"
|
|
||||||
insertbefore: '# Synapse Extension End'
|
|
||||||
state: absent
|
|
||||||
with_items:
|
|
||||||
- " registrations_require_3pid:"
|
|
||||||
- " - email"
|
|
||||||
when: not awx_registrations_require_3pid | bool
|
|
||||||
|
|
||||||
- name: Remove URL Languages
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
replace:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: '^(?!.*\bemail\b) - [a-zA-Z\-]{2,5}\n'
|
|
||||||
after: ' url_preview_accept_language:'
|
|
||||||
before: '# Synapse Extension End'
|
|
||||||
|
|
||||||
- name: Set URL languages default if raw inputs empty
|
|
||||||
set_fact:
|
|
||||||
awx_url_preview_accept_language_default: 'en'
|
|
||||||
when: awx_url_preview_accept_language | length == 0
|
|
||||||
|
|
||||||
- name: Set URL languages default if raw inputs not empty
|
|
||||||
set_fact:
|
|
||||||
awx_url_preview_accept_language_default: "{{ awx_url_preview_accept_language }}"
|
|
||||||
when: awx_url_preview_accept_language|length > 0
|
|
||||||
|
|
||||||
- name: Set URL languages if raw inputs empty
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
insertafter: '^ url_preview_accept_language:'
|
|
||||||
line: " - {{ awx_url_preview_accept_language_default }}"
|
|
||||||
when: awx_url_preview_accept_language|length == 0
|
|
||||||
|
|
||||||
- name: Set URL languages if raw inputs not empty
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
insertafter: '^ url_preview_accept_language:'
|
|
||||||
line: " - {{ item }}"
|
|
||||||
with_items: "{{ awx_url_preview_accept_language.splitlines() }}"
|
|
||||||
when: awx_url_preview_accept_language | length > 0
|
|
||||||
|
|
||||||
- name: Remove Federation Whitelisting 1
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
replace:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: '^ - [a-z0-9]+\.[a-z0-9.]+\n'
|
|
||||||
after: ' federation_domain_whitelist:'
|
|
||||||
before: '# Synapse Extension End'
|
|
||||||
|
|
||||||
- name: Remove Federation Whitelisting 2
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
line: " federation_domain_whitelist:"
|
|
||||||
state: absent
|
|
||||||
|
|
||||||
- name: Set Federation Whitelisting 1
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
insertafter: '^matrix_synapse_configuration_extension_yaml: \|'
|
|
||||||
line: " federation_domain_whitelist:"
|
|
||||||
when: awx_federation_whitelist | length > 0
|
|
||||||
|
|
||||||
- name: Set Federation Whitelisting 2
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
insertafter: '^ federation_domain_whitelist:'
|
|
||||||
line: " - {{ item }}"
|
|
||||||
with_items: "{{ awx_federation_whitelist.splitlines() }}"
|
|
||||||
when: awx_federation_whitelist | length > 0
|
|
||||||
|
|
||||||
- name: Set awx_recaptcha_public_key to a 'public-key' if undefined
|
|
||||||
set_fact: awx_recaptcha_public_key="public-key"
|
|
||||||
when: (awx_recaptcha_public_key is not defined) or (awx_recaptcha_public_key|length == 0)
|
|
||||||
|
|
||||||
- name: Set awx_recaptcha_private_key to a 'private-key' if undefined
|
|
||||||
set_fact: awx_recaptcha_private_key="private-key"
|
|
||||||
when: (awx_recaptcha_private_key is not defined) or (awx_recaptcha_private_key|length == 0)
|
|
||||||
|
|
||||||
- name: Record Synapse Extension variables locally on AWX
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: {{ item.value }}"
|
|
||||||
insertbefore: '# Synapse Extension End'
|
|
||||||
with_dict:
|
|
||||||
' enable_registration_captcha': '{{ awx_enable_registration_captcha }}'
|
|
||||||
' recaptcha_public_key': '{{ awx_recaptcha_public_key }}'
|
|
||||||
' recaptcha_private_key': '{{ awx_recaptcha_private_key }}'
|
|
||||||
|
|
||||||
- name: Record Synapse Custom variables locally on AWX
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: {{ item.value }}"
|
|
||||||
insertbefore: '# Synapse Settings End'
|
|
||||||
with_dict:
|
|
||||||
'awx_federation_whitelist': '{{ awx_federation_whitelist.splitlines() | to_json }}'
|
|
||||||
'awx_url_preview_accept_language_default': '{{ awx_url_preview_accept_language_default.splitlines() | to_json }}'
|
|
||||||
'awx_enable_registration_captcha': '{{ awx_enable_registration_captcha }}'
|
|
||||||
'awx_recaptcha_public_key': '"{{ awx_recaptcha_public_key }}"'
|
|
||||||
'awx_recaptcha_private_key': '"{{ awx_recaptcha_private_key }}"'
|
|
||||||
|
|
||||||
- name: Save new 'Configure Synapse' survey.json to the AWX tower, template
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
template:
|
|
||||||
src: 'roles/matrix-awx/surveys/configure_synapse.json.j2'
|
|
||||||
dest: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}//configure_synapse.json'
|
|
||||||
|
|
||||||
- name: Copy new 'Configure Synapse' survey.json to target machine
|
|
||||||
copy:
|
|
||||||
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse.json'
|
|
||||||
dest: '/matrix/awx/configure_synapse.json'
|
|
||||||
mode: '0660'
|
|
||||||
|
|
||||||
- name: Recreate 'Configure Synapse' job template
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
awx.awx.tower_job_template:
|
|
||||||
name: "{{ matrix_domain }} - 1 - Configure Synapse"
|
|
||||||
description: "Configure Synapse (homeserver) settings."
|
|
||||||
extra_vars: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/extra_vars.json') }}"
|
|
||||||
job_type: run
|
|
||||||
job_tags: "start,setup-synapse"
|
|
||||||
inventory: "{{ member_id }}"
|
|
||||||
project: "{{ member_id }} - Matrix Docker Ansible Deploy"
|
|
||||||
playbook: setup.yml
|
|
||||||
credential: "{{ member_id }} - AWX SSH Key"
|
|
||||||
survey_enabled: true
|
|
||||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse.json') }}"
|
|
||||||
become_enabled: true
|
|
||||||
state: present
|
|
||||||
verbosity: 1
|
|
||||||
tower_host: "https://{{ awx_host }}"
|
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
|
||||||
validate_certs: true
|
|
|
@ -1,44 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Record Synapse Admin variables locally on AWX
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '{{ awx_cached_matrix_vars }}'
|
|
||||||
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
||||||
line: "{{ item.key }}: {{ item.value }}"
|
|
||||||
insertafter: '# Synapse Admin Settings Start'
|
|
||||||
with_dict:
|
|
||||||
'matrix_synapse_admin_enabled': '{{ matrix_synapse_admin_enabled }}'
|
|
||||||
|
|
||||||
- name: Save new 'Configure Synapse Admin' survey.json to the AWX tower, template
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
template:
|
|
||||||
src: 'roles/matrix-awx/surveys/configure_synapse_admin.json.j2'
|
|
||||||
dest: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse_admin.json'
|
|
||||||
|
|
||||||
- name: Copy new 'Configure Synapse Admin' survey.json to target machine
|
|
||||||
copy:
|
|
||||||
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse_admin.json'
|
|
||||||
dest: '/matrix/awx/configure_synapse_admin.json'
|
|
||||||
mode: '0660'
|
|
||||||
|
|
||||||
- name: Recreate 'Configure Synapse Admin' job template
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
awx.awx.tower_job_template:
|
|
||||||
name: "{{ matrix_domain }} - 1 - Configure Synapse Admin"
|
|
||||||
description: "Configure 'Synapse Admin', a moderation tool to help you manage your server."
|
|
||||||
extra_vars: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/extra_vars.json') }}"
|
|
||||||
job_type: run
|
|
||||||
job_tags: "start,setup-all"
|
|
||||||
inventory: "{{ member_id }}"
|
|
||||||
project: "{{ member_id }} - Matrix Docker Ansible Deploy"
|
|
||||||
playbook: setup.yml
|
|
||||||
credential: "{{ member_id }} - AWX SSH Key"
|
|
||||||
survey_enabled: true
|
|
||||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse_admin.json') }}"
|
|
||||||
become_enabled: true
|
|
||||||
state: present
|
|
||||||
verbosity: 1
|
|
||||||
tower_host: "https://{{ awx_host }}"
|
|
||||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
|
||||||
validate_certs: true
|
|
|
@ -1,32 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Rename synapse presence variable
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
replace:
|
|
||||||
path: "/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml"
|
|
||||||
regexp: 'matrix_synapse_use_presence'
|
|
||||||
replace: 'matrix_synapse_presence_enabled'
|
|
||||||
|
|
||||||
- name: Search for matrix_homeserver_generic_secret_key variable in matrix_vars.yml
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
register: presence
|
|
||||||
shell: "grep -i 'matrix_homeserver_generic_secret_key' /var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml"
|
|
||||||
no_log: true
|
|
||||||
|
|
||||||
- name: Generate matrix_homeserver_generic_secret_key variable if not present
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
command: |
|
|
||||||
openssl rand -hex 16
|
|
||||||
register: generic_secret
|
|
||||||
no_log: true
|
|
||||||
when: presence is not changed
|
|
||||||
|
|
||||||
- name: Add new matrix_homeserver_generic_secret_key variable if not present
|
|
||||||
delegate_to: 127.0.0.1
|
|
||||||
lineinfile:
|
|
||||||
path: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
|
|
||||||
line: "matrix_homeserver_generic_secret_key: {{ generic_secret.stdout }}"
|
|
||||||
insertbefore: '# Basic Settings End'
|
|
||||||
mode: '0600'
|
|
||||||
state: present
|
|
||||||
when: presence is not changed
|
|
|
@ -1,18 +1,19 @@
|
||||||
---
|
---
|
||||||
matrix_backup_borg_enabled: true
|
matrix_backup_borg_enabled: true
|
||||||
|
|
||||||
matrix_backup_borg_container_image_self_build: false
|
|
||||||
matrix_backup_borg_docker_repo: "https://github.com/borgmatic-collective/docker-borgmatic"
|
|
||||||
matrix_backup_borg_docker_src_files_path: "{{ matrix_base_data_path }}/borg/docker-src"
|
|
||||||
|
|
||||||
matrix_backup_borg_version: latest
|
|
||||||
matrix_backup_borg_docker_image: "{{ matrix_backup_borg_docker_image_name_prefix }}etke.cc/borgmatic:{{ matrix_backup_borg_version }}"
|
|
||||||
matrix_backup_borg_docker_image_name_prefix: "{{ 'localhost/' if matrix_backup_borg_container_image_self_build else 'registry.gitlab.com/' }}"
|
|
||||||
matrix_backup_borg_docker_image_force_pull: "{{ matrix_backup_borg_docker_image.endswith(':latest') }}"
|
|
||||||
|
|
||||||
matrix_backup_borg_base_path: "{{ matrix_base_data_path }}/backup-borg"
|
matrix_backup_borg_base_path: "{{ matrix_base_data_path }}/backup-borg"
|
||||||
matrix_backup_borg_config_path: "{{ matrix_backup_borg_base_path }}/config"
|
matrix_backup_borg_config_path: "{{ matrix_backup_borg_base_path }}/config"
|
||||||
|
|
||||||
|
matrix_backup_borg_container_image_self_build: false
|
||||||
|
matrix_backup_borg_docker_repo: "https://gitlab.com/etke.cc/borgmatic"
|
||||||
|
matrix_backup_borg_docker_src_files_path: "{{ matrix_backup_borg_base_path }}/docker-src"
|
||||||
|
|
||||||
|
# version determined automatically, based on postgres server version (if enabled), otherwise latest is used
|
||||||
|
matrix_backup_borg_version: ""
|
||||||
|
matrix_backup_borg_docker_image: "{{ matrix_backup_borg_docker_image_name_prefix }}etke.cc/borgmatic:{{ matrix_backup_borg_version }}"
|
||||||
|
matrix_backup_borg_docker_image_name_prefix: "{{ 'localhost/' if matrix_backup_borg_container_image_self_build else 'registry.gitlab.com/' }}"
|
||||||
|
matrix_backup_borg_docker_image_force_pull: "{{ matrix_backup_borg_docker_image.endswith(':latest') or matrix_backup_borg_version|default('') == '' }}"
|
||||||
|
|
||||||
# A list of extra arguments to pass to the container
|
# A list of extra arguments to pass to the container
|
||||||
matrix_backup_borg_container_extra_arguments: []
|
matrix_backup_borg_container_extra_arguments: []
|
||||||
|
|
||||||
|
@ -28,18 +29,30 @@ matrix_backup_borg_schedule: "*-*-* 04:00:00"
|
||||||
# what directories should be added to backup
|
# what directories should be added to backup
|
||||||
matrix_backup_borg_location_source_directories: []
|
matrix_backup_borg_location_source_directories: []
|
||||||
|
|
||||||
|
# postgres db backup
|
||||||
|
matrix_backup_borg_postgresql_enabled: true
|
||||||
|
matrix_backup_borg_supported_postgres_versions: ['12', '13', '14']
|
||||||
|
matrix_backup_borg_postgresql_databases: []
|
||||||
|
matrix_backup_borg_postgresql_databases_hostname: "matrix-postgres"
|
||||||
|
matrix_backup_borg_postgresql_databases_username: "matrix"
|
||||||
|
matrix_backup_borg_postgresql_databases_password: ""
|
||||||
|
matrix_backup_borg_postgresql_databases_port: 5432
|
||||||
|
|
||||||
# target repositories
|
# target repositories
|
||||||
matrix_backup_borg_location_repositories: []
|
matrix_backup_borg_location_repositories: []
|
||||||
|
|
||||||
# exclude following paths:
|
# exclude following paths:
|
||||||
matrix_backup_borg_location_exclude_patterns: []
|
matrix_backup_borg_location_exclude_patterns: []
|
||||||
|
|
||||||
# borg encryption mode, only repokey-* is supported
|
# borg encryption mode, only "repokey-*" and "none" are supported
|
||||||
matrix_backup_borg_encryption: repokey-blake2
|
matrix_backup_borg_encryption: repokey-blake2
|
||||||
|
|
||||||
# private ssh key used to connect to the borg repo
|
# private ssh key used to connect to the borg repo
|
||||||
matrix_backup_borg_ssh_key_private: ""
|
matrix_backup_borg_ssh_key_private: ""
|
||||||
|
|
||||||
|
# allow unencrypted repo access
|
||||||
|
matrix_backup_borg_unknown_unencrypted_repo_access_is_ok: "{{ matrix_backup_borg_encryption == 'none' }}"
|
||||||
|
|
||||||
# borg ssh command with ssh key
|
# borg ssh command with ssh key
|
||||||
matrix_backup_borg_storage_ssh_command: ssh -o "StrictHostKeyChecking accept-new" -i /etc/borgmatic.d/sshkey
|
matrix_backup_borg_storage_ssh_command: ssh -o "StrictHostKeyChecking accept-new" -i /etc/borgmatic.d/sshkey
|
||||||
|
|
||||||
|
@ -47,7 +60,7 @@ matrix_backup_borg_storage_ssh_command: ssh -o "StrictHostKeyChecking accept-new
|
||||||
matrix_backup_borg_storage_compression: lz4
|
matrix_backup_borg_storage_compression: lz4
|
||||||
|
|
||||||
# archive name format
|
# archive name format
|
||||||
matrix_backup_borg_storage_archive_name_format: "matrix-{now:%Y-%m-%d-%H%M%S}"
|
matrix_backup_borg_storage_archive_name_format: matrix-{now:%Y-%m-%d-%H%M%S}
|
||||||
|
|
||||||
# repository passphrase
|
# repository passphrase
|
||||||
matrix_backup_borg_storage_encryption_passphrase: ""
|
matrix_backup_borg_storage_encryption_passphrase: ""
|
||||||
|
@ -60,4 +73,26 @@ matrix_backup_borg_retention_keep_monthly: 12
|
||||||
matrix_backup_borg_retention_keep_yearly: 2
|
matrix_backup_borg_retention_keep_yearly: 2
|
||||||
|
|
||||||
# retention prefix
|
# retention prefix
|
||||||
matrix_backup_borg_retention_prefix: "matrix-"
|
matrix_backup_borg_retention_prefix: matrix-
|
||||||
|
|
||||||
|
# Default borgmatic configuration template which covers the generic use case.
|
||||||
|
# You can customize it by controlling the various variables inside it.
|
||||||
|
#
|
||||||
|
# For a more advanced customization, you can extend the default (see `matrix_backup_borg_configuration_extension_yaml`)
|
||||||
|
# or completely replace this variable with your own template.
|
||||||
|
matrix_backup_borg_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}"
|
||||||
|
|
||||||
|
matrix_backup_borg_configuration_extension_yaml: |
|
||||||
|
# Your custom YAML configuration for borgmatic goes here.
|
||||||
|
# This configuration extends the default starting configuration (`matrix_borg_configuration_yaml`).
|
||||||
|
#
|
||||||
|
# You can override individual variables from the default configuration, or introduce new ones.
|
||||||
|
#
|
||||||
|
# If you need something more special, you can take full control by
|
||||||
|
# completely redefining `matrix_backup_borg_configuration_yaml`.
|
||||||
|
|
||||||
|
matrix_backup_borg_configuration_extension: "{{ matrix_backup_borg_configuration_extension_yaml|from_yaml if matrix_backup_borg_configuration_extension_yaml|from_yaml is mapping else {} }}"
|
||||||
|
|
||||||
|
# Holds the final borgmatic configuration (a combination of the default and its extension).
|
||||||
|
# You most likely don't need to touch this variable. Instead, see `matrix_backup_borg_configuration_yaml`.
|
||||||
|
matrix_backup_borg_configuration: "{{ matrix_backup_borg_configuration_yaml|from_yaml|combine(matrix_backup_borg_configuration_extension, recursive=True) }}"
|
||||||
|
|
|
@ -1,4 +1,17 @@
|
||||||
---
|
---
|
||||||
|
- block:
|
||||||
|
- import_tasks: "{{ role_path }}/../matrix-postgres/tasks/util/detect_existing_postgres_version.yml"
|
||||||
|
|
||||||
|
- name: Fail if detected Postgres version is unsupported
|
||||||
|
fail:
|
||||||
|
msg: "You cannot use borg backup with such an old version ({{ matrix_postgres_detected_version }}) of Postgres. Consider upgrading - link to docs for upgrading Postgres: docs/maintenance-postgres.md#upgrading-postgresql"
|
||||||
|
when: "matrix_postgres_detected_version not in matrix_backup_borg_supported_postgres_versions"
|
||||||
|
|
||||||
|
- name: Set the correct borg backup version to use
|
||||||
|
set_fact:
|
||||||
|
matrix_backup_borg_version: "{{ matrix_postgres_detected_version }}"
|
||||||
|
when: matrix_backup_borg_postgresql_enabled|bool and matrix_backup_borg_version == ''
|
||||||
|
|
||||||
- name: Ensure borg paths exist
|
- name: Ensure borg paths exist
|
||||||
file:
|
file:
|
||||||
path: "{{ item.path }}"
|
path: "{{ item.path }}"
|
||||||
|
@ -11,9 +24,9 @@
|
||||||
- {path: "{{ matrix_backup_borg_docker_src_files_path }}", when: true}
|
- {path: "{{ matrix_backup_borg_docker_src_files_path }}", when: true}
|
||||||
when: "item.when|bool"
|
when: "item.when|bool"
|
||||||
|
|
||||||
- name: Ensure borg config is created
|
- name: Ensure borgmatic config is created
|
||||||
template:
|
copy:
|
||||||
src: "{{ role_path }}/templates/config.yaml.j2"
|
content: "{{ matrix_backup_borg_configuration|to_nice_yaml(indent=2, width=999999) }}"
|
||||||
dest: "{{ matrix_backup_borg_config_path }}/config.yaml"
|
dest: "{{ matrix_backup_borg_config_path }}/config.yaml"
|
||||||
owner: "{{ matrix_user_username }}"
|
owner: "{{ matrix_user_username }}"
|
||||||
group: "{{ matrix_user_groupname }}"
|
group: "{{ matrix_user_groupname }}"
|
||||||
|
@ -52,6 +65,8 @@
|
||||||
repo: "{{ matrix_backup_borg_docker_repo }}"
|
repo: "{{ matrix_backup_borg_docker_repo }}"
|
||||||
dest: "{{ matrix_backup_borg_docker_src_files_path }}"
|
dest: "{{ matrix_backup_borg_docker_src_files_path }}"
|
||||||
force: "yes"
|
force: "yes"
|
||||||
|
become: true
|
||||||
|
become_user: "{{ matrix_user_username }}"
|
||||||
register: matrix_backup_borg_git_pull_results
|
register: matrix_backup_borg_git_pull_results
|
||||||
when: "matrix_backup_borg_container_image_self_build|bool"
|
when: "matrix_backup_borg_container_image_self_build|bool"
|
||||||
|
|
||||||
|
|
|
@ -7,4 +7,9 @@
|
||||||
with_items:
|
with_items:
|
||||||
- "matrix_backup_borg_ssh_key_private"
|
- "matrix_backup_borg_ssh_key_private"
|
||||||
- "matrix_backup_borg_location_repositories"
|
- "matrix_backup_borg_location_repositories"
|
||||||
- "matrix_backup_borg_storage_encryption_passphrase"
|
|
||||||
|
- name: Fail if encryption passphrase is undefined unless repository is unencrypted
|
||||||
|
fail:
|
||||||
|
msg: >-
|
||||||
|
You need to define a required passphrase using the `matrix_backup_borg_storage_encryption_passphrase` variable.
|
||||||
|
when: "matrix_backup_borg_storage_encryption_passphrase == '' and matrix_backup_borg_encryption != 'none'"
|
||||||
|
|
|
@ -7,18 +7,19 @@ location:
|
||||||
exclude_patterns: {{ matrix_backup_borg_location_exclude_patterns|to_json }}
|
exclude_patterns: {{ matrix_backup_borg_location_exclude_patterns|to_json }}
|
||||||
|
|
||||||
storage:
|
storage:
|
||||||
compression: {{ matrix_backup_borg_storage_compression }}
|
compression: {{ matrix_backup_borg_storage_compression|to_json }}
|
||||||
ssh_command: {{ matrix_backup_borg_storage_ssh_command }}
|
ssh_command: {{ matrix_backup_borg_storage_ssh_command|to_json }}
|
||||||
archive_name_format: '{{ matrix_backup_borg_storage_archive_name_format }}'
|
archive_name_format: {{ matrix_backup_borg_storage_archive_name_format|to_json }}
|
||||||
encryption_passphrase: {{ matrix_backup_borg_storage_encryption_passphrase }}
|
encryption_passphrase: {{ matrix_backup_borg_storage_encryption_passphrase|to_json }}
|
||||||
|
unknown_unencrypted_repo_access_is_ok: {{ matrix_backup_borg_unknown_unencrypted_repo_access_is_ok|to_json }}
|
||||||
|
|
||||||
retention:
|
retention:
|
||||||
keep_hourly: {{ matrix_backup_borg_retention_keep_hourly }}
|
keep_hourly: {{ matrix_backup_borg_retention_keep_hourly|to_json }}
|
||||||
keep_daily: {{ matrix_backup_borg_retention_keep_daily }}
|
keep_daily: {{ matrix_backup_borg_retention_keep_daily|to_json }}
|
||||||
keep_weekly: {{ matrix_backup_borg_retention_keep_weekly }}
|
keep_weekly: {{ matrix_backup_borg_retention_keep_weekly|to_json }}
|
||||||
keep_monthly: {{ matrix_backup_borg_retention_keep_monthly }}
|
keep_monthly: {{ matrix_backup_borg_retention_keep_monthly|to_json }}
|
||||||
keep_yearly: {{ matrix_backup_borg_retention_keep_yearly }}
|
keep_yearly: {{ matrix_backup_borg_retention_keep_yearly|to_json }}
|
||||||
prefix: '{{ matrix_backup_borg_retention_prefix }}'
|
prefix: {{ matrix_backup_borg_retention_prefix|to_json }}
|
||||||
|
|
||||||
consistency:
|
consistency:
|
||||||
checks:
|
checks:
|
||||||
|
@ -26,6 +27,16 @@ consistency:
|
||||||
- archives
|
- archives
|
||||||
|
|
||||||
hooks:
|
hooks:
|
||||||
|
{% if matrix_backup_borg_postgresql_enabled and matrix_backup_borg_postgresql_databases|length > 0 %}
|
||||||
|
postgresql_databases:
|
||||||
|
{% for database in matrix_backup_borg_postgresql_databases %}
|
||||||
|
- name: {{ database|to_json }}
|
||||||
|
hostname: {{ matrix_backup_borg_postgresql_databases_hostname|to_json }}
|
||||||
|
username: {{ matrix_backup_borg_postgresql_databases_username|to_json }}
|
||||||
|
password: {{ matrix_backup_borg_postgresql_databases_password|to_json }}
|
||||||
|
port: {{ matrix_backup_borg_postgresql_databases_port|to_json }}
|
||||||
|
{% endfor %}
|
||||||
|
{% endif %}
|
||||||
after_backup:
|
after_backup:
|
||||||
- echo "Backup created."
|
- echo "Backup created."
|
||||||
on_error:
|
on_error:
|
||||||
|
|
|
@ -13,8 +13,8 @@ DefaultDependencies=no
|
||||||
[Service]
|
[Service]
|
||||||
Type=oneshot
|
Type=oneshot
|
||||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-backup-borg 2>/dev/null'
|
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-backup-borg 2>/dev/null || true'
|
||||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-backup-borg 2>/dev/null'
|
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-backup-borg 2>/dev/null || true'
|
||||||
ExecStartPre=-{{ matrix_host_command_docker }} run --rm --name matrix-backup-borg \
|
ExecStartPre=-{{ matrix_host_command_docker }} run --rm --name matrix-backup-borg \
|
||||||
--log-driver=none \
|
--log-driver=none \
|
||||||
--cap-drop=ALL \
|
--cap-drop=ALL \
|
||||||
|
@ -50,8 +50,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-backup-borg \
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{{ matrix_backup_borg_docker_image }}
|
{{ matrix_backup_borg_docker_image }}
|
||||||
|
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-backup-borg 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-backup-borg 2>/dev/null || true'
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-backup-borg 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-backup-borg 2>/dev/null || true'
|
||||||
SyslogIdentifier=matrix-backup-borg
|
SyslogIdentifier=matrix-backup-borg
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
|
|
|
@ -13,8 +13,8 @@ DefaultDependencies=no
|
||||||
[Service]
|
[Service]
|
||||||
Type=simple
|
Type=simple
|
||||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-go-neb 2>/dev/null'
|
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-go-neb 2>/dev/null || true'
|
||||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-go-neb 2>/dev/null'
|
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-go-neb 2>/dev/null || true'
|
||||||
|
|
||||||
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-go-neb \
|
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-go-neb \
|
||||||
--log-driver=none \
|
--log-driver=none \
|
||||||
|
@ -39,8 +39,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-go-neb \
|
||||||
{{ matrix_bot_go_neb_docker_image }} \
|
{{ matrix_bot_go_neb_docker_image }} \
|
||||||
-c "go-neb /config/config.yaml"
|
-c "go-neb /config/config.yaml"
|
||||||
|
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-go-neb 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-go-neb 2>/dev/null || true'
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-go-neb 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-go-neb 2>/dev/null || true'
|
||||||
Restart=always
|
Restart=always
|
||||||
RestartSec=30
|
RestartSec=30
|
||||||
SyslogIdentifier=matrix-bot-go-neb
|
SyslogIdentifier=matrix-bot-go-neb
|
||||||
|
|
|
@ -8,7 +8,7 @@ matrix_bot_honoroit_container_image_self_build: false
|
||||||
matrix_bot_honoroit_docker_repo: "https://gitlab.com/etke.cc/honoroit.git"
|
matrix_bot_honoroit_docker_repo: "https://gitlab.com/etke.cc/honoroit.git"
|
||||||
matrix_bot_honoroit_docker_src_files_path: "{{ matrix_base_data_path }}/honoroit/docker-src"
|
matrix_bot_honoroit_docker_src_files_path: "{{ matrix_base_data_path }}/honoroit/docker-src"
|
||||||
|
|
||||||
matrix_bot_honoroit_version: v0.9.5
|
matrix_bot_honoroit_version: v0.9.6
|
||||||
matrix_bot_honoroit_docker_image: "{{ matrix_bot_honoroit_docker_image_name_prefix }}honoroit:{{ matrix_bot_honoroit_version }}"
|
matrix_bot_honoroit_docker_image: "{{ matrix_bot_honoroit_docker_image_name_prefix }}honoroit:{{ matrix_bot_honoroit_version }}"
|
||||||
matrix_bot_honoroit_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_honoroit_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}"
|
matrix_bot_honoroit_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_honoroit_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}"
|
||||||
matrix_bot_honoroit_docker_image_force_pull: "{{ matrix_bot_honoroit_docker_image.endswith(':latest') }}"
|
matrix_bot_honoroit_docker_image_force_pull: "{{ matrix_bot_honoroit_docker_image.endswith(':latest') }}"
|
||||||
|
|
|
@ -64,6 +64,8 @@
|
||||||
repo: "{{ matrix_bot_honoroit_docker_repo }}"
|
repo: "{{ matrix_bot_honoroit_docker_repo }}"
|
||||||
dest: "{{ matrix_bot_honoroit_docker_src_files_path }}"
|
dest: "{{ matrix_bot_honoroit_docker_src_files_path }}"
|
||||||
force: "yes"
|
force: "yes"
|
||||||
|
become: true
|
||||||
|
become_user: "{{ matrix_user_username }}"
|
||||||
register: matrix_bot_honoroit_git_pull_results
|
register: matrix_bot_honoroit_git_pull_results
|
||||||
when: "matrix_bot_honoroit_container_image_self_build|bool"
|
when: "matrix_bot_honoroit_container_image_self_build|bool"
|
||||||
|
|
||||||
|
|
|
@ -13,8 +13,8 @@ DefaultDependencies=no
|
||||||
[Service]
|
[Service]
|
||||||
Type=simple
|
Type=simple
|
||||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-honoroit 2>/dev/null'
|
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-honoroit 2>/dev/null || true'
|
||||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-honoroit 2>/dev/null'
|
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-honoroit 2>/dev/null || true'
|
||||||
|
|
||||||
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-honoroit \
|
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-honoroit \
|
||||||
--log-driver=none \
|
--log-driver=none \
|
||||||
|
@ -29,8 +29,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-honoroit \
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{{ matrix_bot_honoroit_docker_image }}
|
{{ matrix_bot_honoroit_docker_image }}
|
||||||
|
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-honoroit 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-honoroit 2>/dev/null || true'
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-honoroit 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-honoroit 2>/dev/null || true'
|
||||||
Restart=always
|
Restart=always
|
||||||
RestartSec=30
|
RestartSec=30
|
||||||
SyslogIdentifier=matrix-bot-honoroit
|
SyslogIdentifier=matrix-bot-honoroit
|
||||||
|
|
|
@ -57,6 +57,8 @@
|
||||||
repo: "{{ matrix_bot_matrix_reminder_bot_docker_repo }}"
|
repo: "{{ matrix_bot_matrix_reminder_bot_docker_repo }}"
|
||||||
dest: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}"
|
dest: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}"
|
||||||
force: "yes"
|
force: "yes"
|
||||||
|
become: true
|
||||||
|
become_user: "{{ matrix_user_username }}"
|
||||||
register: matrix_bot_matrix_reminder_bot_git_pull_results
|
register: matrix_bot_matrix_reminder_bot_git_pull_results
|
||||||
when: "matrix_bot_matrix_reminder_bot_container_image_self_build|bool"
|
when: "matrix_bot_matrix_reminder_bot_container_image_self_build|bool"
|
||||||
|
|
||||||
|
|
|
@ -13,8 +13,8 @@ DefaultDependencies=no
|
||||||
[Service]
|
[Service]
|
||||||
Type=simple
|
Type=simple
|
||||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-matrix-reminder-bot 2>/dev/null'
|
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-matrix-reminder-bot 2>/dev/null || true'
|
||||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-matrix-reminder-bot 2>/dev/null'
|
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-matrix-reminder-bot 2>/dev/null || true'
|
||||||
|
|
||||||
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-matrix-reminder-bot \
|
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-matrix-reminder-bot \
|
||||||
--log-driver=none \
|
--log-driver=none \
|
||||||
|
@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-matrix-rem
|
||||||
{{ matrix_bot_matrix_reminder_bot_docker_image }} \
|
{{ matrix_bot_matrix_reminder_bot_docker_image }} \
|
||||||
-c "matrix-reminder-bot /config/config.yaml"
|
-c "matrix-reminder-bot /config/config.yaml"
|
||||||
|
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-matrix-reminder-bot 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-matrix-reminder-bot 2>/dev/null || true'
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-matrix-reminder-bot 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-matrix-reminder-bot 2>/dev/null || true'
|
||||||
Restart=always
|
Restart=always
|
||||||
RestartSec=30
|
RestartSec=30
|
||||||
SyslogIdentifier=matrix-bot-matrix-reminder-bot
|
SyslogIdentifier=matrix-bot-matrix-reminder-bot
|
||||||
|
|
|
@ -35,6 +35,8 @@
|
||||||
dest: "{{ matrix_bot_mjolnir_docker_src_files_path }}"
|
dest: "{{ matrix_bot_mjolnir_docker_src_files_path }}"
|
||||||
version: "{{ matrix_bot_mjolnir_docker_image.split(':')[1] }}"
|
version: "{{ matrix_bot_mjolnir_docker_image.split(':')[1] }}"
|
||||||
force: "yes"
|
force: "yes"
|
||||||
|
become: true
|
||||||
|
become_user: "{{ matrix_user_username }}"
|
||||||
register: matrix_bot_mjolnir_git_pull_results
|
register: matrix_bot_mjolnir_git_pull_results
|
||||||
when: "matrix_bot_mjolnir_container_image_self_build|bool"
|
when: "matrix_bot_mjolnir_container_image_self_build|bool"
|
||||||
|
|
||||||
|
|
|
@ -13,8 +13,8 @@ DefaultDependencies=no
|
||||||
[Service]
|
[Service]
|
||||||
Type=simple
|
Type=simple
|
||||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-mjolnir 2>/dev/null'
|
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-mjolnir 2>/dev/null || true'
|
||||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-mjolnir 2>/dev/null'
|
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-mjolnir 2>/dev/null || true'
|
||||||
|
|
||||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
||||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
ExecStartPre={{ matrix_host_command_sleep }} 5
|
||||||
|
@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-mjolnir \
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{{ matrix_bot_mjolnir_docker_image }}
|
{{ matrix_bot_mjolnir_docker_image }}
|
||||||
|
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-mjolnir 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-mjolnir 2>/dev/null || true'
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-mjolnir 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-mjolnir 2>/dev/null || true'
|
||||||
Restart=always
|
Restart=always
|
||||||
RestartSec=30
|
RestartSec=30
|
||||||
SyslogIdentifier=matrix-bot-mjolnir
|
SyslogIdentifier=matrix-bot-mjolnir
|
||||||
|
|
|
@ -13,8 +13,8 @@ DefaultDependencies=no
|
||||||
[Service]
|
[Service]
|
||||||
Type=simple
|
Type=simple
|
||||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-discord 2>/dev/null'
|
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-discord 2>/dev/null || true'
|
||||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-discord 2>/dev/null'
|
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-discord 2>/dev/null || true'
|
||||||
|
|
||||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
||||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
ExecStartPre={{ matrix_host_command_sleep }} 5
|
||||||
|
@ -35,8 +35,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-dis
|
||||||
{{ matrix_appservice_discord_docker_image }} \
|
{{ matrix_appservice_discord_docker_image }} \
|
||||||
node /build/src/discordas.js -p 9005 -c /cfg/config.yaml -f /cfg/registration.yaml
|
node /build/src/discordas.js -p 9005 -c /cfg/config.yaml -f /cfg/registration.yaml
|
||||||
|
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-discord 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-discord 2>/dev/null || true'
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-discord 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-discord 2>/dev/null || true'
|
||||||
Restart=always
|
Restart=always
|
||||||
RestartSec=30
|
RestartSec=30
|
||||||
SyslogIdentifier=matrix-appservice-discord
|
SyslogIdentifier=matrix-appservice-discord
|
||||||
|
|
|
@ -74,6 +74,8 @@
|
||||||
repo: "{{ matrix_appservice_irc_docker_repo }}"
|
repo: "{{ matrix_appservice_irc_docker_repo }}"
|
||||||
dest: "{{ matrix_appservice_irc_docker_src_files_path }}"
|
dest: "{{ matrix_appservice_irc_docker_src_files_path }}"
|
||||||
force: "yes"
|
force: "yes"
|
||||||
|
become: true
|
||||||
|
become_user: "{{ matrix_user_username }}"
|
||||||
register: matrix_appservice_irc_git_pull_results
|
register: matrix_appservice_irc_git_pull_results
|
||||||
when: "matrix_appservice_irc_enabled|bool and matrix_appservice_irc_container_image_self_build|bool"
|
when: "matrix_appservice_irc_enabled|bool and matrix_appservice_irc_container_image_self_build|bool"
|
||||||
|
|
||||||
|
|
|
@ -13,8 +13,8 @@ DefaultDependencies=no
|
||||||
[Service]
|
[Service]
|
||||||
Type=simple
|
Type=simple
|
||||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-irc 2>/dev/null'
|
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-irc 2>/dev/null || true'
|
||||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-irc 2>/dev/null'
|
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-irc 2>/dev/null || true'
|
||||||
|
|
||||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
||||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
ExecStartPre={{ matrix_host_command_sleep }} 5
|
||||||
|
@ -36,8 +36,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-irc
|
||||||
{{ matrix_appservice_irc_docker_image }} \
|
{{ matrix_appservice_irc_docker_image }} \
|
||||||
-c 'node app.js -c /config/config.yaml -f /config/registration.yaml -p 9999'
|
-c 'node app.js -c /config/config.yaml -f /config/registration.yaml -p 9999'
|
||||||
|
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-irc 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-irc 2>/dev/null || true'
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-irc 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-irc 2>/dev/null || true'
|
||||||
Restart=always
|
Restart=always
|
||||||
RestartSec=30
|
RestartSec=30
|
||||||
SyslogIdentifier=matrix-appservice-irc
|
SyslogIdentifier=matrix-appservice-irc
|
||||||
|
|
|
@ -48,6 +48,8 @@
|
||||||
repo: "{{ matrix_appservice_slack_docker_repo }}"
|
repo: "{{ matrix_appservice_slack_docker_repo }}"
|
||||||
dest: "{{ matrix_appservice_slack_docker_src_files_path }}"
|
dest: "{{ matrix_appservice_slack_docker_src_files_path }}"
|
||||||
force: "yes"
|
force: "yes"
|
||||||
|
become: true
|
||||||
|
become_user: "{{ matrix_user_username }}"
|
||||||
register: matrix_appservice_slack_git_pull_results
|
register: matrix_appservice_slack_git_pull_results
|
||||||
when: "matrix_appservice_slack_container_image_self_build|bool"
|
when: "matrix_appservice_slack_container_image_self_build|bool"
|
||||||
|
|
||||||
|
|
|
@ -13,8 +13,8 @@ DefaultDependencies=no
|
||||||
[Service]
|
[Service]
|
||||||
Type=simple
|
Type=simple
|
||||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-slack 2>/dev/null'
|
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-slack 2>/dev/null || true'
|
||||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-slack 2>/dev/null'
|
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-slack 2>/dev/null || true'
|
||||||
|
|
||||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
||||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
ExecStartPre={{ matrix_host_command_sleep }} 5
|
||||||
|
@ -35,8 +35,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-sla
|
||||||
{{ matrix_appservice_slack_docker_image }} \
|
{{ matrix_appservice_slack_docker_image }} \
|
||||||
node app.js -p {{matrix_appservice_slack_matrix_port}} -c /config/config.yaml -f /config/slack-registration.yaml
|
node app.js -p {{matrix_appservice_slack_matrix_port}} -c /config/config.yaml -f /config/slack-registration.yaml
|
||||||
|
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-slack 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-slack 2>/dev/null || true'
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-slack 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-slack 2>/dev/null || true'
|
||||||
Restart=always
|
Restart=always
|
||||||
RestartSec=30
|
RestartSec=30
|
||||||
SyslogIdentifier=matrix-appservice-slack
|
SyslogIdentifier=matrix-appservice-slack
|
||||||
|
|
|
@ -33,6 +33,8 @@
|
||||||
dest: "{{ matrix_appservice_webhooks_docker_src_files_path }}"
|
dest: "{{ matrix_appservice_webhooks_docker_src_files_path }}"
|
||||||
version: "{{ matrix_appservice_webhooks_container_image_self_build_repo_version }}"
|
version: "{{ matrix_appservice_webhooks_container_image_self_build_repo_version }}"
|
||||||
force: "yes"
|
force: "yes"
|
||||||
|
become: true
|
||||||
|
become_user: "{{ matrix_user_username }}"
|
||||||
register: matrix_appservice_webhooks_git_pull_results
|
register: matrix_appservice_webhooks_git_pull_results
|
||||||
|
|
||||||
- name: Ensure Appservice webhooks Docker image is built
|
- name: Ensure Appservice webhooks Docker image is built
|
||||||
|
|
|
@ -13,8 +13,8 @@ DefaultDependencies=no
|
||||||
[Service]
|
[Service]
|
||||||
Type=simple
|
Type=simple
|
||||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-webhooks 2>/dev/null'
|
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-webhooks 2>/dev/null || true'
|
||||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-webhooks 2>/dev/null'
|
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-webhooks 2>/dev/null || true'
|
||||||
|
|
||||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
||||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
ExecStartPre={{ matrix_host_command_sleep }} 5
|
||||||
|
@ -35,8 +35,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-web
|
||||||
{{ matrix_appservice_webhooks_docker_image }} \
|
{{ matrix_appservice_webhooks_docker_image }} \
|
||||||
node index.js -p {{ matrix_appservice_webhooks_matrix_port }} -c /config/config.yaml -f /config/webhooks-registration.yaml
|
node index.js -p {{ matrix_appservice_webhooks_matrix_port }} -c /config/config.yaml -f /config/webhooks-registration.yaml
|
||||||
|
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-webhooks 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-webhooks 2>/dev/null || true'
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-webhooks 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-webhooks 2>/dev/null || true'
|
||||||
Restart=always
|
Restart=always
|
||||||
RestartSec=30
|
RestartSec=30
|
||||||
SyslogIdentifier=matrix-appservice-webhooks
|
SyslogIdentifier=matrix-appservice-webhooks
|
||||||
|
|
|
@ -41,6 +41,8 @@
|
||||||
dest: "{{ matrix_beeper_linkedin_docker_src_files_path }}"
|
dest: "{{ matrix_beeper_linkedin_docker_src_files_path }}"
|
||||||
version: "{{ matrix_beeper_linkedin_container_image_self_build_branch }}"
|
version: "{{ matrix_beeper_linkedin_container_image_self_build_branch }}"
|
||||||
force: "yes"
|
force: "yes"
|
||||||
|
become: true
|
||||||
|
become_user: "{{ matrix_user_username }}"
|
||||||
register: matrix_beeper_linkedin_git_pull_results
|
register: matrix_beeper_linkedin_git_pull_results
|
||||||
|
|
||||||
# Building the container image (using the default Dockerfile) requires that a docker-requirements.txt file be generated.
|
# Building the container image (using the default Dockerfile) requires that a docker-requirements.txt file be generated.
|
||||||
|
|
|
@ -13,8 +13,8 @@ DefaultDependencies=no
|
||||||
[Service]
|
[Service]
|
||||||
Type=simple
|
Type=simple
|
||||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-beeper-linkedin 2>/dev/null'
|
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-beeper-linkedin 2>/dev/null || true'
|
||||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-beeper-linkedin 2>/dev/null'
|
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-beeper-linkedin 2>/dev/null || true'
|
||||||
|
|
||||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
||||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
ExecStartPre={{ matrix_host_command_sleep }} 5
|
||||||
|
@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-beeper-linkedi
|
||||||
{{ matrix_beeper_linkedin_docker_image }} \
|
{{ matrix_beeper_linkedin_docker_image }} \
|
||||||
python3 -m linkedin_matrix -c /data/config.yaml -r /data/registration.yaml
|
python3 -m linkedin_matrix -c /data/config.yaml -r /data/registration.yaml
|
||||||
|
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-beeper-linkedin 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-beeper-linkedin 2>/dev/null || true'
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-beeper-linkedin 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-beeper-linkedin 2>/dev/null || true'
|
||||||
Restart=always
|
Restart=always
|
||||||
RestartSec=30
|
RestartSec=30
|
||||||
SyslogIdentifier=matrix-beeper-linkedin
|
SyslogIdentifier=matrix-beeper-linkedin
|
||||||
|
|
|
@ -10,7 +10,7 @@ matrix_hookshot_container_image_self_build: false
|
||||||
matrix_hookshot_container_image_self_build_repo: "https://github.com/matrix-org/matrix-hookshot.git"
|
matrix_hookshot_container_image_self_build_repo: "https://github.com/matrix-org/matrix-hookshot.git"
|
||||||
matrix_hookshot_container_image_self_build_branch: "{{ 'main' if matrix_hookshot_version == 'latest' else matrix_hookshot_version }}"
|
matrix_hookshot_container_image_self_build_branch: "{{ 'main' if matrix_hookshot_version == 'latest' else matrix_hookshot_version }}"
|
||||||
|
|
||||||
matrix_hookshot_version: 1.3.0
|
matrix_hookshot_version: 1.5.0
|
||||||
|
|
||||||
matrix_hookshot_docker_image: "{{ matrix_hookshot_docker_image_name_prefix }}halfshot/matrix-hookshot:{{ matrix_hookshot_version }}"
|
matrix_hookshot_docker_image: "{{ matrix_hookshot_docker_image_name_prefix }}halfshot/matrix-hookshot:{{ matrix_hookshot_version }}"
|
||||||
matrix_hookshot_docker_image_name_prefix: "{{ 'localhost/' if matrix_hookshot_container_image_self_build else matrix_container_global_registry_prefix }}"
|
matrix_hookshot_docker_image_name_prefix: "{{ 'localhost/' if matrix_hookshot_container_image_self_build else matrix_container_global_registry_prefix }}"
|
||||||
|
@ -61,14 +61,15 @@ matrix_hookshot_github_oauth_id: '' # "Client ID" on the GitHub App page
|
||||||
matrix_hookshot_github_oauth_secret: '' # "Client Secret" on the GitHub App page
|
matrix_hookshot_github_oauth_secret: '' # "Client Secret" on the GitHub App page
|
||||||
# Default value of matrix_hookshot_github_oauth_endpoint: "/hookshot/webhooks/oauth"
|
# Default value of matrix_hookshot_github_oauth_endpoint: "/hookshot/webhooks/oauth"
|
||||||
matrix_hookshot_github_oauth_endpoint: "{{ matrix_hookshot_webhook_endpoint }}/oauth"
|
matrix_hookshot_github_oauth_endpoint: "{{ matrix_hookshot_webhook_endpoint }}/oauth"
|
||||||
matrix_hookshot_github_oauth_uri: "https://{{ matrix_server_fqn_matrix }}{{ matrix_hookshot_github_oauth_endpoint }}"
|
matrix_hookshot_github_oauth_uri: "{{ matrix_hookshot_urlprefix }}{{ matrix_hookshot_github_oauth_endpoint }}"
|
||||||
# These are the default settings mentioned here and don't need to be modified: https://matrix-org.github.io/matrix-hookshot/usage/room_configuration/github_repo.html#configuration
|
# These are the default settings mentioned here and don't need to be modified: https://matrix-org.github.io/matrix-hookshot/usage/room_configuration/github_repo.html#configuration
|
||||||
matrix_hookshot_github_ignore_hooks: "{}"
|
matrix_hookshot_github_ignore_hooks: "{}"
|
||||||
matrix_hookshot_github_command_prefix: '!gh'
|
matrix_hookshot_github_command_prefix: '!gh'
|
||||||
matrix_hookshot_github_show_issue_room_link: false
|
matrix_hookshot_github_showIssueRoomLink: false
|
||||||
matrix_hookshot_github_pr_diff: "{enabled: false, maxLines: 5}"
|
matrix_hookshot_github_pr_diff: "{enabled: false, maxLines: 5}"
|
||||||
matrix_hookshot_github_including_labels: ''
|
matrix_hookshot_github_including_labels: ''
|
||||||
matrix_hookshot_github_excluding_labels: ''
|
matrix_hookshot_github_excluding_labels: ''
|
||||||
|
matrix_hookshot_github_hotlink_prefix: "#"
|
||||||
|
|
||||||
|
|
||||||
matrix_hookshot_gitlab_enabled: true
|
matrix_hookshot_gitlab_enabled: true
|
||||||
|
@ -86,32 +87,10 @@ matrix_hookshot_gitlab_instances:
|
||||||
matrix_hookshot_gitlab_secret: ''
|
matrix_hookshot_gitlab_secret: ''
|
||||||
|
|
||||||
|
|
||||||
matrix_hookshot_jira_enabled: false
|
|
||||||
# Get the these values from https://matrix-org.github.io/matrix-hookshot/setup/jira.html#jira-oauth
|
|
||||||
matrix_hookshot_jira_secret: ''
|
|
||||||
matrix_hookshot_jira_oauth_enabled: false
|
|
||||||
matrix_hookshot_jira_oauth_id: ''
|
|
||||||
matrix_hookshot_jira_oauth_secret: ''
|
|
||||||
# Default value of matrix_hookshot_jira_oauth_endpoint: "/hookshot/webhooks/jira/oauth"
|
|
||||||
matrix_hookshot_jira_oauth_endpoint: "{{ matrix_hookshot_webhook_endpoint }}/jira/oauth"
|
|
||||||
matrix_hookshot_jira_oauth_uri: "{{ matrix_server_fqn_matrix }}{{ matrix_hookshot_jira_oauth_endpoint }}"
|
|
||||||
|
|
||||||
|
|
||||||
# No need to change these
|
|
||||||
matrix_hookshot_generic_enabled: true
|
|
||||||
# Default value of matrix_hookshot_generic_endpoint: "/hookshot/webhooks"
|
|
||||||
matrix_hookshot_generic_endpoint: "{{ matrix_hookshot_webhook_endpoint }}"
|
|
||||||
# urlprefix gets updated with protocol & port in group_vars/matrix_servers
|
|
||||||
matrix_hookshot_generic_urlprefix: "{{ matrix_server_fqn_matrix }}{{ matrix_hookshot_generic_endpoint }}"
|
|
||||||
matrix_hookshot_generic_allow_js_transformation_functions: false
|
|
||||||
# If you're also using matrix-appservice-webhooks, take care that these prefixes don't overlap
|
|
||||||
matrix_hookshot_generic_user_id_prefix: '_webhooks_'
|
|
||||||
|
|
||||||
|
|
||||||
matrix_hookshot_figma_enabled: false
|
matrix_hookshot_figma_enabled: false
|
||||||
# Default value of matrix_hookshot_figma_endpoint: "/hookshot/webhooks/figma/webhook"
|
# Default value of matrix_hookshot_figma_endpoint: "/hookshot/webhooks/figma/webhook"
|
||||||
matrix_hookshot_figma_endpoint: "{{ matrix_hookshot_webhook_endpoint }}/figma/webhook"
|
matrix_hookshot_figma_endpoint: "{{ matrix_hookshot_webhook_endpoint }}/figma/webhook"
|
||||||
matrix_hookshot_figma_publicUrl: "{{ matrix_server_fqn_matrix }}{{ matrix_hookshot_figma_endpoint }}"
|
matrix_hookshot_figma_publicUrl: "{{ matrix_hookshot_urlprefix }}{{ matrix_hookshot_figma_endpoint }}"
|
||||||
# To bridge figma webhooks, you need to configure one of multiple instances like this:
|
# To bridge figma webhooks, you need to configure one of multiple instances like this:
|
||||||
# matrix_hookshot_figma_instances:
|
# matrix_hookshot_figma_instances:
|
||||||
# your-instance:
|
# your-instance:
|
||||||
|
@ -120,12 +99,70 @@ matrix_hookshot_figma_publicUrl: "{{ matrix_server_fqn_matrix }}{{ matrix_hooksh
|
||||||
# passcode: your-webhook-passcode
|
# passcode: your-webhook-passcode
|
||||||
|
|
||||||
|
|
||||||
|
matrix_hookshot_jira_enabled: false
|
||||||
|
# Get the these values from https://matrix-org.github.io/matrix-hookshot/setup/jira.html#jira-oauth
|
||||||
|
matrix_hookshot_jira_secret: ''
|
||||||
|
matrix_hookshot_jira_oauth_enabled: false
|
||||||
|
matrix_hookshot_jira_oauth_id: ''
|
||||||
|
matrix_hookshot_jira_oauth_secret: ''
|
||||||
|
# Default value of matrix_hookshot_jira_oauth_endpoint: "/hookshot/webhooks/jira/oauth"
|
||||||
|
matrix_hookshot_jira_oauth_endpoint: "{{ matrix_hookshot_webhook_endpoint }}/jira/oauth"
|
||||||
|
matrix_hookshot_jira_oauth_uri: "{{ matrix_hookshot_urlprefix }}{{ matrix_hookshot_jira_oauth_endpoint }}"
|
||||||
|
|
||||||
|
|
||||||
|
# No need to change these
|
||||||
|
matrix_hookshot_generic_enabled: true
|
||||||
|
# Default value of matrix_hookshot_generic_endpoint: "/hookshot/webhooks"
|
||||||
|
matrix_hookshot_generic_endpoint: "{{ matrix_hookshot_webhook_endpoint }}"
|
||||||
|
# urlprefix gets updated with protocol & port in group_vars/matrix_servers
|
||||||
|
matrix_hookshot_generic_urlprefix: "{{ matrix_hookshot_urlprefix }}{{ matrix_hookshot_generic_endpoint }}"
|
||||||
|
matrix_hookshot_generic_allow_js_transformation_functions: false
|
||||||
|
# If you're also using matrix-appservice-webhooks, take care that these prefixes don't overlap
|
||||||
|
matrix_hookshot_generic_user_id_prefix: '_webhooks_'
|
||||||
|
|
||||||
|
|
||||||
# There is no need to edit ports. use matrix_hookshot_container_http_host_bind_ports below to expose ports instead.
|
# There is no need to edit ports. use matrix_hookshot_container_http_host_bind_ports below to expose ports instead.
|
||||||
matrix_hookshot_provisioning_port: 9002
|
matrix_hookshot_provisioning_port: 9002
|
||||||
matrix_hookshot_provisioning_secret: ''
|
matrix_hookshot_provisioning_secret: ''
|
||||||
# Provisioning will be automatically enabled if dimension is enabled and you have provided a provisioning secret, unless you override it
|
# Provisioning will be automatically enabled if dimension is enabled and you have provided a provisioning secret, unless you override it
|
||||||
matrix_hookshot_provisioning_enabled: false
|
matrix_hookshot_provisioning_enabled: false
|
||||||
matrix_hookshot_provisioning_endpoint: "{{ matrix_hookshot_public_endpoint }}/v1"
|
matrix_hookshot_provisioning_internal: "/v1"
|
||||||
|
matrix_hookshot_provisioning_endpoint: "{{ matrix_hookshot_public_endpoint }}{{ matrix_hookshot_provisioning_internal }}"
|
||||||
|
|
||||||
|
|
||||||
|
matrix_hookshot_widgets_enabled: true
|
||||||
|
matrix_hookshot_widgets_port: 9003
|
||||||
|
matrix_hookshot_widgets_addToAdminRooms: false # default off as it is a beta feature
|
||||||
|
matrix_hookshot_widgets_roomSetupWidget_enabled: true
|
||||||
|
matrix_hookshot_widgets_roomSetupWidget_addOnInvite: false
|
||||||
|
# `disallowedIpRanges` describes which IP ranges should be disallowed when resolving homeserver IP addresses (for security reasons). Unless you know what you are doing, it is recommended to not include this key. The following IPs are blocked by default, unless you supply another list.
|
||||||
|
# matrix_hookshot_widgets_disallowedIpRanges:
|
||||||
|
# - 127.0.0.0/8
|
||||||
|
# - 10.0.0.0/8
|
||||||
|
# - 172.16.0.0/12
|
||||||
|
# - 192.168.0.0/16
|
||||||
|
# - 100.64.0.0/10
|
||||||
|
# - 192.0.0.0/24
|
||||||
|
# - 169.254.0.0/16
|
||||||
|
# - 192.88.99.0/24
|
||||||
|
# - 198.18.0.0/15
|
||||||
|
# - 192.0.2.0/24
|
||||||
|
# - 198.51.100.0/24
|
||||||
|
# - 203.0.113.0/24
|
||||||
|
# - 224.0.0.0/4
|
||||||
|
# - ::1/128
|
||||||
|
# - fe80::/10
|
||||||
|
# - fc00::/7
|
||||||
|
# - 2001:db8::/32
|
||||||
|
# - ff00::/8
|
||||||
|
# - fec0::/10
|
||||||
|
matrix_hookshot_widgets_disallowedIpRanges: ''
|
||||||
|
matrix_hookshot_widgets_internal: "/widgetapi"
|
||||||
|
# Default value of matrix_hookshot_widgets_endpoint: "/hookshot/widgetapi"
|
||||||
|
matrix_hookshot_widgets_endpoint: "{{ matrix_hookshot_public_endpoint }}{{ matrix_hookshot_widgets_internal }}"
|
||||||
|
matrix_hookshot_widgets_publicUrl: "{{ matrix_hookshot_urlprefix }}{{ matrix_hookshot_widgets_endpoint }}/v1/static"
|
||||||
|
matrix_hookshot_widgets_branding_widgetTitle: "Hookshot Configuration"
|
||||||
|
|
||||||
|
|
||||||
# You can configure access to the bridge as documented here https://matrix-org.github.io/matrix-hookshot/setup.html#permissions
|
# You can configure access to the bridge as documented here https://matrix-org.github.io/matrix-hookshot/setup.html#permissions
|
||||||
# When empty, the default permissions are applied.
|
# When empty, the default permissions are applied.
|
||||||
|
|
|
@ -55,10 +55,24 @@
|
||||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||||
resolver 127.0.0.11 valid=5s;
|
resolver 127.0.0.11 valid=5s;
|
||||||
set $backend "{{ matrix_hookshot_container_url }}:{{ matrix_hookshot_provisioning_port }}";
|
set $backend "{{ matrix_hookshot_container_url }}:{{ matrix_hookshot_provisioning_port }}";
|
||||||
proxy_pass http://$backend/v1/$1$is_args$args;
|
proxy_pass http://$backend{{ matrix_hookshot_provisioning_internal }}/$1$is_args$args;
|
||||||
{% else %}
|
{% else %}
|
||||||
{# Generic configuration for use outside of our container setup #}
|
{# Generic configuration for use outside of our container setup #}
|
||||||
proxy_pass http://127.0.0.1:{{ matrix_hookshot_provisioning_port }}/v1/$1$is_args$args;
|
proxy_pass http://127.0.0.1:{{ matrix_hookshot_provisioning_port }}{{ matrix_hookshot_provisioning_internal }}/$1$is_args$args;
|
||||||
|
{% endif %}
|
||||||
|
proxy_set_header Host $host;
|
||||||
|
}
|
||||||
|
{% endif %}
|
||||||
|
{% if matrix_hookshot_widgets_enabled %}
|
||||||
|
location ~ ^{{ matrix_hookshot_widgets_endpoint }}/(.*)$ {
|
||||||
|
{% if matrix_nginx_proxy_enabled|default(False) %}
|
||||||
|
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||||
|
resolver 127.0.0.11 valid=5s;
|
||||||
|
set $backend "{{ matrix_hookshot_container_url }}:{{ matrix_hookshot_widgets_port }}";
|
||||||
|
proxy_pass http://$backend{{ matrix_hookshot_widgets_internal }}/$1$is_args$args;
|
||||||
|
{% else %}
|
||||||
|
{# Generic configuration for use outside of our container setup #}
|
||||||
|
proxy_pass http://127.0.0.1:{{ matrix_hookshot_widgets_port }}{{ matrix_hookshot_widgets_internal }}/$1$is_args$args;
|
||||||
{% endif %}
|
{% endif %}
|
||||||
proxy_set_header Host $host;
|
proxy_set_header Host $host;
|
||||||
}
|
}
|
||||||
|
|
|
@ -32,6 +32,8 @@
|
||||||
dest: "{{ matrix_hookshot_docker_src_files_path }}"
|
dest: "{{ matrix_hookshot_docker_src_files_path }}"
|
||||||
version: "{{ matrix_hookshot_container_image_self_build_branch }}"
|
version: "{{ matrix_hookshot_container_image_self_build_branch }}"
|
||||||
force: "yes"
|
force: "yes"
|
||||||
|
become: true
|
||||||
|
become_user: "{{ matrix_user_username }}"
|
||||||
register: matrix_hookshot_git_pull_results
|
register: matrix_hookshot_git_pull_results
|
||||||
when: "matrix_hookshot_container_image_self_build|bool"
|
when: "matrix_hookshot_container_image_self_build|bool"
|
||||||
|
|
||||||
|
|
|
@ -33,10 +33,12 @@ github:
|
||||||
#
|
#
|
||||||
ignoreHooks: {{ matrix_hookshot_github_ignore_hooks }}
|
ignoreHooks: {{ matrix_hookshot_github_ignore_hooks }}
|
||||||
commandPrefix: "{{ matrix_hookshot_github_command_prefix }}"
|
commandPrefix: "{{ matrix_hookshot_github_command_prefix }}"
|
||||||
showIssueRoomLink: {{ matrix_hookshot_github_show_issue_room_link }}
|
showIssueRoomLink: {{ matrix_hookshot_github_showIssueRoomLink }}
|
||||||
prDiff: {{ matrix_hookshot_github_pr_diff }}
|
prDiff: {{ matrix_hookshot_github_pr_diff }}
|
||||||
includingLabels:{{ matrix_hookshot_github_including_labels }}
|
includingLabels:{{ matrix_hookshot_github_including_labels }}
|
||||||
excludingLabels: {{ matrix_hookshot_github_excluding_labels }}
|
excludingLabels: {{ matrix_hookshot_github_excluding_labels }}
|
||||||
|
hotlinkIssues:
|
||||||
|
prefix: "{{ matrix_hookshot_github_hotlink_prefix }}"
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if matrix_hookshot_gitlab_enabled %}
|
{% if matrix_hookshot_gitlab_enabled %}
|
||||||
gitlab:
|
gitlab:
|
||||||
|
@ -47,6 +49,13 @@ gitlab:
|
||||||
webhook:
|
webhook:
|
||||||
secret: {{ matrix_hookshot_gitlab_secret|to_json }}
|
secret: {{ matrix_hookshot_gitlab_secret|to_json }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
{% if matrix_hookshot_figma_enabled %}
|
||||||
|
figma:
|
||||||
|
# (Optional) Configure this to enable Figma support
|
||||||
|
#
|
||||||
|
publicUrl: {{ matrix_hookshot_figma_publicUrl }}
|
||||||
|
instances: {{ matrix_hookshot_figma_instances }}
|
||||||
|
{% endif %}
|
||||||
{% if matrix_hookshot_jira_enabled %}
|
{% if matrix_hookshot_jira_enabled %}
|
||||||
jira:
|
jira:
|
||||||
# (Optional) Configure this to enable Jira support
|
# (Optional) Configure this to enable Jira support
|
||||||
|
@ -69,13 +78,6 @@ generic:
|
||||||
allowJsTransformationFunctions: {{ matrix_hookshot_generic_allow_js_transformation_functions }}
|
allowJsTransformationFunctions: {{ matrix_hookshot_generic_allow_js_transformation_functions }}
|
||||||
userIdPrefix: {{ matrix_hookshot_generic_user_id_prefix|to_json }}
|
userIdPrefix: {{ matrix_hookshot_generic_user_id_prefix|to_json }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if matrix_hookshot_figma_enabled %}
|
|
||||||
figma:
|
|
||||||
# (Optional) Configure this to enable Figma support
|
|
||||||
#
|
|
||||||
publicUrl: {{ matrix_hookshot_figma_publicUrl }}
|
|
||||||
instances: {{ matrix_hookshot_figma_instances }}
|
|
||||||
{% endif %}
|
|
||||||
{% if matrix_hookshot_provisioning_enabled %}
|
{% if matrix_hookshot_provisioning_enabled %}
|
||||||
provisioning:
|
provisioning:
|
||||||
# (Optional) Provisioning API for integration managers
|
# (Optional) Provisioning API for integration managers
|
||||||
|
@ -100,6 +102,22 @@ logging:
|
||||||
# (Optional) Logging settings. You can have a severity debug,info,warn,error
|
# (Optional) Logging settings. You can have a severity debug,info,warn,error
|
||||||
#
|
#
|
||||||
level: info
|
level: info
|
||||||
|
{% if matrix_hookshot_widgets_enabled %}
|
||||||
|
widgets:
|
||||||
|
# (Optional) EXPERIMENTAL support for complimentary widgets
|
||||||
|
#
|
||||||
|
addToAdminRooms: {{ matrix_hookshot_widgets_addToAdminRooms }}
|
||||||
|
{% if matrix_hookshot_widgets_roomSetupWidget_enabled %}
|
||||||
|
roomSetupWidget:
|
||||||
|
addOnInvite: {{ matrix_hookshot_widgets_roomSetupWidget_addOnInvite }}
|
||||||
|
{% endif %}
|
||||||
|
{% if not matrix_hookshot_widgets_disallowedIpRanges is in [None, ''] %}
|
||||||
|
disallowedIpRanges: {{ matrix_hookshot_widgets_disallowedIpRanges }}
|
||||||
|
{% endif %}
|
||||||
|
publicUrl: {{ matrix_hookshot_widgets_publicUrl }}
|
||||||
|
branding:
|
||||||
|
widgetTitle: {{ matrix_hookshot_widgets_branding_widgetTitle }}
|
||||||
|
{% endif %}
|
||||||
{% if matrix_hookshot_permissions %}
|
{% if matrix_hookshot_permissions %}
|
||||||
permissions: {{ matrix_hookshot_permissions }}
|
permissions: {{ matrix_hookshot_permissions }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
@ -125,3 +143,9 @@ listeners:
|
||||||
resources:
|
resources:
|
||||||
- provisioning
|
- provisioning
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
{% if matrix_hookshot_widgets_enabled %}
|
||||||
|
- port: {{ matrix_hookshot_widgets_port }}
|
||||||
|
bindAddress: 0.0.0.0
|
||||||
|
resources:
|
||||||
|
- widgets
|
||||||
|
{% endif %}
|
||||||
|
|
|
@ -7,7 +7,7 @@ matrix_mautrix_facebook_enabled: true
|
||||||
matrix_mautrix_facebook_container_image_self_build: false
|
matrix_mautrix_facebook_container_image_self_build: false
|
||||||
matrix_mautrix_facebook_container_image_self_build_repo: "https://mau.dev/mautrix/facebook.git"
|
matrix_mautrix_facebook_container_image_self_build_repo: "https://mau.dev/mautrix/facebook.git"
|
||||||
|
|
||||||
matrix_mautrix_facebook_version: v0.3.3
|
matrix_mautrix_facebook_version: v0.4.0
|
||||||
matrix_mautrix_facebook_docker_image: "{{ matrix_mautrix_facebook_docker_image_name_prefix }}mautrix/facebook:{{ matrix_mautrix_facebook_version }}"
|
matrix_mautrix_facebook_docker_image: "{{ matrix_mautrix_facebook_docker_image_name_prefix }}mautrix/facebook:{{ matrix_mautrix_facebook_version }}"
|
||||||
matrix_mautrix_facebook_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_facebook_container_image_self_build else 'dock.mau.dev/' }}"
|
matrix_mautrix_facebook_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_facebook_container_image_self_build else 'dock.mau.dev/' }}"
|
||||||
matrix_mautrix_facebook_docker_image_force_pull: "{{ matrix_mautrix_facebook_docker_image.endswith(':latest') }}"
|
matrix_mautrix_facebook_docker_image_force_pull: "{{ matrix_mautrix_facebook_docker_image.endswith(':latest') }}"
|
||||||
|
|
|
@ -66,6 +66,8 @@
|
||||||
dest: "{{ matrix_mautrix_facebook_docker_src_files_path }}"
|
dest: "{{ matrix_mautrix_facebook_docker_src_files_path }}"
|
||||||
version: "{{ matrix_mautrix_facebook_docker_image.split(':')[1] }}"
|
version: "{{ matrix_mautrix_facebook_docker_image.split(':')[1] }}"
|
||||||
force: "yes"
|
force: "yes"
|
||||||
|
become: true
|
||||||
|
become_user: "{{ matrix_user_username }}"
|
||||||
register: matrix_mautrix_facebook_git_pull_results
|
register: matrix_mautrix_facebook_git_pull_results
|
||||||
when: "matrix_mautrix_facebook_container_image_self_build|bool"
|
when: "matrix_mautrix_facebook_container_image_self_build|bool"
|
||||||
|
|
||||||
|
|
|
@ -12,6 +12,9 @@ homeserver:
|
||||||
# such as /_matrix/client/unstable/net.maunium.asmux/dms for atomically
|
# such as /_matrix/client/unstable/net.maunium.asmux/dms for atomically
|
||||||
# updating m.direct.
|
# updating m.direct.
|
||||||
asmux: false
|
asmux: false
|
||||||
|
# Whether asynchronous uploads via MSC2246 should be enabled for media.
|
||||||
|
# Requires a media repo that supports MSC2246.
|
||||||
|
async_media: false
|
||||||
|
|
||||||
# Application service host/registration related details
|
# Application service host/registration related details
|
||||||
# Changing these values requires regeneration of the registration.
|
# Changing these values requires regeneration of the registration.
|
||||||
|
@ -38,6 +41,11 @@ appservice:
|
||||||
# The base URL where the public-facing endpoints are available. The prefix is not added
|
# The base URL where the public-facing endpoints are available. The prefix is not added
|
||||||
# implicitly.
|
# implicitly.
|
||||||
external: {{ matrix_mautrix_facebook_appservice_public_external|to_json }}
|
external: {{ matrix_mautrix_facebook_appservice_public_external|to_json }}
|
||||||
|
# Allow logging in within Matrix. If false, users can only log in using the web interface.
|
||||||
|
allow_matrix_login: true
|
||||||
|
# Segment API key to enable analytics tracking for web server endpoints. Set to null to disable.
|
||||||
|
# Currently the only events are login start, success and fail.
|
||||||
|
segment_key: null
|
||||||
|
|
||||||
# The unique ID of this appservice.
|
# The unique ID of this appservice.
|
||||||
id: facebook
|
id: facebook
|
||||||
|
@ -171,6 +179,8 @@ bridge:
|
||||||
# and missed message backfilling when reconnecting.
|
# and missed message backfilling when reconnecting.
|
||||||
# Set to 0 to always re-sync, or -1 to never re-sync automatically.
|
# Set to 0 to always re-sync, or -1 to never re-sync automatically.
|
||||||
resync_max_disconnected_time: 5
|
resync_max_disconnected_time: 5
|
||||||
|
# Should the bridge do a resync on startup?
|
||||||
|
sync_on_startup: true
|
||||||
# Whether or not temporary disconnections should send notices to the notice room.
|
# Whether or not temporary disconnections should send notices to the notice room.
|
||||||
# If this is false, disconnections will never send messages and connections will only send
|
# If this is false, disconnections will never send messages and connections will only send
|
||||||
# messages if it was disconnected for more than resync_max_disconnected_time seconds.
|
# messages if it was disconnected for more than resync_max_disconnected_time seconds.
|
||||||
|
@ -194,6 +204,34 @@ bridge:
|
||||||
permissions:
|
permissions:
|
||||||
'{{ matrix_mautrix_facebook_homeserver_domain }}': user
|
'{{ matrix_mautrix_facebook_homeserver_domain }}': user
|
||||||
|
|
||||||
|
relay:
|
||||||
|
# Whether relay mode should be allowed. If allowed, `!fb set-relay` can be used to turn any
|
||||||
|
# authenticated user into a relaybot for that chat.
|
||||||
|
enabled: false
|
||||||
|
# The formats to use when sending messages to Messenger via a relay user.
|
||||||
|
#
|
||||||
|
# Available variables:
|
||||||
|
# $sender_displayname - The display name of the sender (e.g. Example User)
|
||||||
|
# $sender_username - The username (Matrix ID localpart) of the sender (e.g. exampleuser)
|
||||||
|
# $sender_mxid - The Matrix ID of the sender (e.g. @exampleuser:example.com)
|
||||||
|
# $message - The message content
|
||||||
|
message_formats:
|
||||||
|
m.text: '<b>$sender_displayname</b>: $message'
|
||||||
|
m.notice: '<b>$sender_displayname<b>: $message'
|
||||||
|
m.emote: '* <b>$sender_displayname<b> $message'
|
||||||
|
m.file: '<b>$sender_displayname</b> sent a file'
|
||||||
|
m.image: '<b>$sender_displayname</b> sent an image'
|
||||||
|
m.audio: '<b>$sender_displayname</b> sent an audio file'
|
||||||
|
m.video: '<b>$sender_displayname</b> sent a video'
|
||||||
|
m.location: '<b>$sender_displayname</b> sent a location'
|
||||||
|
|
||||||
|
facebook:
|
||||||
|
device_seed: generate
|
||||||
|
default_region_hint: ODN
|
||||||
|
connection_type: WIFI
|
||||||
|
carrier: Verizon
|
||||||
|
hni: 311390
|
||||||
|
|
||||||
# Python logging configuration.
|
# Python logging configuration.
|
||||||
#
|
#
|
||||||
# See section 16.7.2 of the Python documentation for more info:
|
# See section 16.7.2 of the Python documentation for more info:
|
||||||
|
|
|
@ -13,8 +13,8 @@ DefaultDependencies=no
|
||||||
[Service]
|
[Service]
|
||||||
Type=simple
|
Type=simple
|
||||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-facebook 2>/dev/null'
|
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-facebook 2>/dev/null || true'
|
||||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-facebook 2>/dev/null'
|
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-facebook 2>/dev/null || true'
|
||||||
|
|
||||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
||||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
ExecStartPre={{ matrix_host_command_sleep }} 5
|
||||||
|
@ -35,8 +35,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-facebo
|
||||||
{{ matrix_mautrix_facebook_docker_image }} \
|
{{ matrix_mautrix_facebook_docker_image }} \
|
||||||
python3 -m mautrix_facebook -c /config/config.yaml --no-update
|
python3 -m mautrix_facebook -c /config/config.yaml --no-update
|
||||||
|
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-facebook 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-facebook 2>/dev/null || true'
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-facebook 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-facebook 2>/dev/null || true'
|
||||||
Restart=always
|
Restart=always
|
||||||
RestartSec=30
|
RestartSec=30
|
||||||
SyslogIdentifier=matrix-mautrix-facebook
|
SyslogIdentifier=matrix-mautrix-facebook
|
||||||
|
|
|
@ -65,6 +65,8 @@
|
||||||
repo: "{{ matrix_mautrix_googlechat_container_image_self_build_repo }}"
|
repo: "{{ matrix_mautrix_googlechat_container_image_self_build_repo }}"
|
||||||
dest: "{{ matrix_mautrix_googlechat_docker_src_files_path }}"
|
dest: "{{ matrix_mautrix_googlechat_docker_src_files_path }}"
|
||||||
force: "yes"
|
force: "yes"
|
||||||
|
become: true
|
||||||
|
become_user: "{{ matrix_user_username }}"
|
||||||
register: matrix_mautrix_googlechat_git_pull_results
|
register: matrix_mautrix_googlechat_git_pull_results
|
||||||
when: "matrix_mautrix_googlechat_container_image_self_build|bool"
|
when: "matrix_mautrix_googlechat_container_image_self_build|bool"
|
||||||
|
|
||||||
|
|
|
@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-google
|
||||||
{{ matrix_mautrix_googlechat_docker_image }} \
|
{{ matrix_mautrix_googlechat_docker_image }} \
|
||||||
python3 -m mautrix_googlechat -c /config/config.yaml --no-update
|
python3 -m mautrix_googlechat -c /config/config.yaml --no-update
|
||||||
|
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-googlechat 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-googlechat 2>/dev/null || true'
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-googlechat 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-googlechat 2>/dev/null || true'
|
||||||
Restart=always
|
Restart=always
|
||||||
RestartSec=30
|
RestartSec=30
|
||||||
SyslogIdentifier=matrix-mautrix-googlechat
|
SyslogIdentifier=matrix-mautrix-googlechat
|
||||||
|
|
|
@ -65,6 +65,8 @@
|
||||||
repo: "{{ matrix_mautrix_hangouts_container_image_self_build_repo }}"
|
repo: "{{ matrix_mautrix_hangouts_container_image_self_build_repo }}"
|
||||||
dest: "{{ matrix_mautrix_hangouts_docker_src_files_path }}"
|
dest: "{{ matrix_mautrix_hangouts_docker_src_files_path }}"
|
||||||
force: "yes"
|
force: "yes"
|
||||||
|
become: true
|
||||||
|
become_user: "{{ matrix_user_username }}"
|
||||||
register: matrix_mautrix_hangouts_git_pull_results
|
register: matrix_mautrix_hangouts_git_pull_results
|
||||||
when: "matrix_mautrix_hangouts_container_image_self_build|bool"
|
when: "matrix_mautrix_hangouts_container_image_self_build|bool"
|
||||||
|
|
||||||
|
|
|
@ -13,8 +13,8 @@ DefaultDependencies=no
|
||||||
[Service]
|
[Service]
|
||||||
Type=simple
|
Type=simple
|
||||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-hangouts matrix-mautrix-hangouts-db 2>/dev/null'
|
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-hangouts matrix-mautrix-hangouts-db 2>/dev/null || true'
|
||||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-hangouts matrix-mautrix-hangouts-db 2>/dev/null'
|
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-hangouts matrix-mautrix-hangouts-db 2>/dev/null || true'
|
||||||
ExecStartPre={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-hangouts-db \
|
ExecStartPre={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-hangouts-db \
|
||||||
--log-driver=none \
|
--log-driver=none \
|
||||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
||||||
|
@ -44,8 +44,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-hangou
|
||||||
{{ matrix_mautrix_hangouts_docker_image }} \
|
{{ matrix_mautrix_hangouts_docker_image }} \
|
||||||
python3 -m mautrix_hangouts -c /config/config.yaml --no-update
|
python3 -m mautrix_hangouts -c /config/config.yaml --no-update
|
||||||
|
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-hangouts 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-hangouts 2>/dev/null || true'
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-hangouts 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-hangouts 2>/dev/null || true'
|
||||||
Restart=always
|
Restart=always
|
||||||
RestartSec=30
|
RestartSec=30
|
||||||
SyslogIdentifier=matrix-mautrix-hangouts
|
SyslogIdentifier=matrix-mautrix-hangouts
|
||||||
|
|
|
@ -7,7 +7,7 @@ matrix_mautrix_instagram_enabled: true
|
||||||
matrix_mautrix_instagram_container_image_self_build: false
|
matrix_mautrix_instagram_container_image_self_build: false
|
||||||
matrix_mautrix_instagram_container_image_self_build_repo: "https://github.com/mautrix/instagram.git"
|
matrix_mautrix_instagram_container_image_self_build_repo: "https://github.com/mautrix/instagram.git"
|
||||||
|
|
||||||
matrix_mautrix_instagram_version: v0.1.2
|
matrix_mautrix_instagram_version: v0.1.3
|
||||||
# See: https://mau.dev/tulir/mautrix-instagram/container_registry
|
# See: https://mau.dev/tulir/mautrix-instagram/container_registry
|
||||||
matrix_mautrix_instagram_docker_image: "{{ matrix_mautrix_instagram_docker_image_name_prefix }}mautrix/instagram:{{ matrix_mautrix_instagram_version }}"
|
matrix_mautrix_instagram_docker_image: "{{ matrix_mautrix_instagram_docker_image_name_prefix }}mautrix/instagram:{{ matrix_mautrix_instagram_version }}"
|
||||||
matrix_mautrix_instagram_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_instagram_container_image_self_build else 'dock.mau.dev/' }}"
|
matrix_mautrix_instagram_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_instagram_container_image_self_build else 'dock.mau.dev/' }}"
|
||||||
|
|
|
@ -38,6 +38,8 @@
|
||||||
repo: "{{ matrix_mautrix_instagram_container_image_self_build_repo }}"
|
repo: "{{ matrix_mautrix_instagram_container_image_self_build_repo }}"
|
||||||
dest: "{{ matrix_mautrix_instagram_docker_src_files_path }}"
|
dest: "{{ matrix_mautrix_instagram_docker_src_files_path }}"
|
||||||
force: "yes"
|
force: "yes"
|
||||||
|
become: true
|
||||||
|
become_user: "{{ matrix_user_username }}"
|
||||||
register: matrix_mautrix_instagram_git_pull_results
|
register: matrix_mautrix_instagram_git_pull_results
|
||||||
when: "matrix_mautrix_instagram_container_image_self_build|bool"
|
when: "matrix_mautrix_instagram_container_image_self_build|bool"
|
||||||
|
|
||||||
|
|
|
@ -13,8 +13,8 @@ DefaultDependencies=no
|
||||||
[Service]
|
[Service]
|
||||||
Type=simple
|
Type=simple
|
||||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-instagram 2>/dev/null'
|
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-instagram 2>/dev/null || true'
|
||||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-instagram 2>/dev/null'
|
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-instagram 2>/dev/null || true'
|
||||||
|
|
||||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
||||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
ExecStartPre={{ matrix_host_command_sleep }} 5
|
||||||
|
@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-instag
|
||||||
{{ matrix_mautrix_instagram_docker_image }} \
|
{{ matrix_mautrix_instagram_docker_image }} \
|
||||||
python3 -m mautrix_instagram -c /config/config.yaml --no-update
|
python3 -m mautrix_instagram -c /config/config.yaml --no-update
|
||||||
|
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-instagram 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-instagram 2>/dev/null || true'
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-instagram 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-instagram 2>/dev/null || true'
|
||||||
Restart=always
|
Restart=always
|
||||||
RestartSec=30
|
RestartSec=30
|
||||||
SyslogIdentifier=matrix-mautrix-instagram
|
SyslogIdentifier=matrix-mautrix-instagram
|
||||||
|
|
|
@ -26,6 +26,8 @@
|
||||||
repo: "{{ matrix_mautrix_signal_docker_repo }}"
|
repo: "{{ matrix_mautrix_signal_docker_repo }}"
|
||||||
dest: "{{ matrix_mautrix_signal_docker_src_files_path }}"
|
dest: "{{ matrix_mautrix_signal_docker_src_files_path }}"
|
||||||
force: "yes"
|
force: "yes"
|
||||||
|
become: true
|
||||||
|
become_user: "{{ matrix_user_username }}"
|
||||||
register: matrix_mautrix_signal_git_pull_results
|
register: matrix_mautrix_signal_git_pull_results
|
||||||
when: "matrix_mautrix_signal_container_image_self_build|bool"
|
when: "matrix_mautrix_signal_container_image_self_build|bool"
|
||||||
|
|
||||||
|
@ -56,6 +58,8 @@
|
||||||
repo: "{{ matrix_mautrix_signal_daemon_docker_repo }}"
|
repo: "{{ matrix_mautrix_signal_daemon_docker_repo }}"
|
||||||
dest: "{{ matrix_mautrix_signal_daemon_docker_src_files_path }}"
|
dest: "{{ matrix_mautrix_signal_daemon_docker_src_files_path }}"
|
||||||
force: "yes"
|
force: "yes"
|
||||||
|
become: true
|
||||||
|
become_user: "{{ matrix_user_username }}"
|
||||||
register: matrix_mautrix_signal_daemon_git_pull_results
|
register: matrix_mautrix_signal_daemon_git_pull_results
|
||||||
when: "matrix_mautrix_signal_daemon_container_image_self_build|bool"
|
when: "matrix_mautrix_signal_daemon_container_image_self_build|bool"
|
||||||
|
|
||||||
|
|
|
@ -15,8 +15,8 @@ Wants={{ service }}
|
||||||
Type=simple
|
Type=simple
|
||||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||||
|
|
||||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-signal-daemon 2>/dev/null'
|
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-signal-daemon 2>/dev/null || true'
|
||||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-signal-daemon 2>/dev/null'
|
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-signal-daemon 2>/dev/null || true'
|
||||||
|
|
||||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
||||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
ExecStartPre={{ matrix_host_command_sleep }} 5
|
||||||
|
@ -30,8 +30,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-signal
|
||||||
-v {{ matrix_mautrix_signal_daemon_path }}:/signald:z \
|
-v {{ matrix_mautrix_signal_daemon_path }}:/signald:z \
|
||||||
{{ matrix_mautrix_signal_daemon_docker_image }}
|
{{ matrix_mautrix_signal_daemon_docker_image }}
|
||||||
|
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-signal-daemon 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-signal-daemon 2>/dev/null || true'
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-signal-daemon 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-signal-daemon 2>/dev/null || true'
|
||||||
|
|
||||||
Restart=always
|
Restart=always
|
||||||
RestartSec=30
|
RestartSec=30
|
||||||
|
|
|
@ -14,8 +14,8 @@ Wants={{ service }}
|
||||||
[Service]
|
[Service]
|
||||||
Type=simple
|
Type=simple
|
||||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-signal 2>/dev/null'
|
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-signal 2>/dev/null || true'
|
||||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-signal 2>/dev/null'
|
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-signal 2>/dev/null || true'
|
||||||
|
|
||||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
||||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
ExecStartPre={{ matrix_host_command_sleep }} 5
|
||||||
|
@ -38,8 +38,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-signal
|
||||||
{{ matrix_mautrix_signal_docker_image }} \
|
{{ matrix_mautrix_signal_docker_image }} \
|
||||||
python3 -m mautrix_signal -c /config/config.yaml --no-update
|
python3 -m mautrix_signal -c /config/config.yaml --no-update
|
||||||
|
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-signal 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-signal 2>/dev/null || true'
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-signal 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-signal 2>/dev/null || true'
|
||||||
|
|
||||||
Restart=always
|
Restart=always
|
||||||
RestartSec=30
|
RestartSec=30
|
||||||
|
|
|
@ -14,7 +14,7 @@ matrix_mautrix_telegram_container_image_self_build: false
|
||||||
matrix_mautrix_telegram_docker_repo: "https://mau.dev/mautrix/telegram.git"
|
matrix_mautrix_telegram_docker_repo: "https://mau.dev/mautrix/telegram.git"
|
||||||
matrix_mautrix_telegram_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-telegram/docker-src"
|
matrix_mautrix_telegram_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-telegram/docker-src"
|
||||||
|
|
||||||
matrix_mautrix_telegram_version: v0.11.2
|
matrix_mautrix_telegram_version: v0.11.3
|
||||||
# See: https://mau.dev/mautrix/telegram/container_registry
|
# See: https://mau.dev/mautrix/telegram/container_registry
|
||||||
matrix_mautrix_telegram_docker_image: "dock.mau.dev/mautrix/telegram:{{ matrix_mautrix_telegram_version }}"
|
matrix_mautrix_telegram_docker_image: "dock.mau.dev/mautrix/telegram:{{ matrix_mautrix_telegram_version }}"
|
||||||
matrix_mautrix_telegram_docker_image_force_pull: "{{ matrix_mautrix_telegram_docker_image.endswith(':latest') }}"
|
matrix_mautrix_telegram_docker_image_force_pull: "{{ matrix_mautrix_telegram_docker_image.endswith(':latest') }}"
|
||||||
|
|
|
@ -65,6 +65,8 @@
|
||||||
repo: "{{ matrix_telegram_lottieconverter_docker_repo }}"
|
repo: "{{ matrix_telegram_lottieconverter_docker_repo }}"
|
||||||
dest: "{{ matrix_telegram_lottieconverter_docker_src_files_path }}"
|
dest: "{{ matrix_telegram_lottieconverter_docker_src_files_path }}"
|
||||||
force: "yes"
|
force: "yes"
|
||||||
|
become: true
|
||||||
|
become_user: "{{ matrix_user_username }}"
|
||||||
register: matrix_telegram_lottieconverter_git_pull_results
|
register: matrix_telegram_lottieconverter_git_pull_results
|
||||||
when: "matrix_telegram_lottieconverter_container_image_self_build|bool and matrix_mautrix_telegram_container_image_self_build|bool"
|
when: "matrix_telegram_lottieconverter_container_image_self_build|bool and matrix_mautrix_telegram_container_image_self_build|bool"
|
||||||
|
|
||||||
|
@ -85,6 +87,8 @@
|
||||||
repo: "{{ matrix_mautrix_telegram_docker_repo }}"
|
repo: "{{ matrix_mautrix_telegram_docker_repo }}"
|
||||||
dest: "{{ matrix_mautrix_telegram_docker_src_files_path }}"
|
dest: "{{ matrix_mautrix_telegram_docker_src_files_path }}"
|
||||||
force: "yes"
|
force: "yes"
|
||||||
|
become: true
|
||||||
|
become_user: "{{ matrix_user_username }}"
|
||||||
register: matrix_mautrix_telegram_git_pull_results
|
register: matrix_mautrix_telegram_git_pull_results
|
||||||
when: "matrix_mautrix_telegram_container_image_self_build|bool"
|
when: "matrix_mautrix_telegram_container_image_self_build|bool"
|
||||||
|
|
||||||
|
|
|
@ -13,8 +13,8 @@ DefaultDependencies=no
|
||||||
[Service]
|
[Service]
|
||||||
Type=simple
|
Type=simple
|
||||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-telegram 2>/dev/null'
|
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-telegram 2>/dev/null || true'
|
||||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-telegram 2>/dev/null'
|
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-telegram 2>/dev/null || true'
|
||||||
|
|
||||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
||||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
ExecStartPre={{ matrix_host_command_sleep }} 5
|
||||||
|
@ -35,8 +35,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-telegr
|
||||||
{{ matrix_mautrix_telegram_docker_image }} \
|
{{ matrix_mautrix_telegram_docker_image }} \
|
||||||
python3 -m mautrix_telegram -c /config/config.yaml --no-update
|
python3 -m mautrix_telegram -c /config/config.yaml --no-update
|
||||||
|
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-telegram 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-telegram 2>/dev/null || true'
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-telegram 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-telegram 2>/dev/null || true'
|
||||||
Restart=always
|
Restart=always
|
||||||
RestartSec=30
|
RestartSec=30
|
||||||
SyslogIdentifier=matrix-mautrix-telegram
|
SyslogIdentifier=matrix-mautrix-telegram
|
||||||
|
|
|
@ -43,6 +43,8 @@
|
||||||
dest: "{{ matrix_mautrix_twitter_docker_src_files_path }}"
|
dest: "{{ matrix_mautrix_twitter_docker_src_files_path }}"
|
||||||
# version: "{{ matrix_coturn_docker_image.split(':')[1] }}"
|
# version: "{{ matrix_coturn_docker_image.split(':')[1] }}"
|
||||||
force: "yes"
|
force: "yes"
|
||||||
|
become: true
|
||||||
|
become_user: "{{ matrix_user_username }}"
|
||||||
register: matrix_mautrix_twitter_git_pull_results
|
register: matrix_mautrix_twitter_git_pull_results
|
||||||
when: "matrix_mautrix_twitter_enabled|bool and matrix_mautrix_twitter_container_image_self_build"
|
when: "matrix_mautrix_twitter_enabled|bool and matrix_mautrix_twitter_container_image_self_build"
|
||||||
|
|
||||||
|
|
|
@ -13,8 +13,8 @@ DefaultDependencies=no
|
||||||
[Service]
|
[Service]
|
||||||
Type=simple
|
Type=simple
|
||||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-twitter 2>/dev/null'
|
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-twitter 2>/dev/null || true'
|
||||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-twitter 2>/dev/null'
|
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-twitter 2>/dev/null || true'
|
||||||
|
|
||||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
||||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
ExecStartPre={{ matrix_host_command_sleep }} 5
|
||||||
|
@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-twitte
|
||||||
{{ matrix_mautrix_twitter_docker_image }} \
|
{{ matrix_mautrix_twitter_docker_image }} \
|
||||||
python3 -m mautrix_twitter -c /config/config.yaml --no-update
|
python3 -m mautrix_twitter -c /config/config.yaml --no-update
|
||||||
|
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-twitter 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-twitter 2>/dev/null || true'
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-twitter 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-twitter 2>/dev/null || true'
|
||||||
Restart=always
|
Restart=always
|
||||||
RestartSec=30
|
RestartSec=30
|
||||||
SyslogIdentifier=matrix-mautrix-twitter
|
SyslogIdentifier=matrix-mautrix-twitter
|
||||||
|
|
|
@ -8,7 +8,7 @@ matrix_mautrix_whatsapp_container_image_self_build: false
|
||||||
matrix_mautrix_whatsapp_container_image_self_build_repo: "https://mau.dev/mautrix/whatsapp.git"
|
matrix_mautrix_whatsapp_container_image_self_build_repo: "https://mau.dev/mautrix/whatsapp.git"
|
||||||
matrix_mautrix_whatsapp_container_image_self_build_branch: "{{ 'master' if matrix_mautrix_whatsapp_version == 'latest' else matrix_mautrix_whatsapp_version }}"
|
matrix_mautrix_whatsapp_container_image_self_build_branch: "{{ 'master' if matrix_mautrix_whatsapp_version == 'latest' else matrix_mautrix_whatsapp_version }}"
|
||||||
|
|
||||||
matrix_mautrix_whatsapp_version: v0.3.0
|
matrix_mautrix_whatsapp_version: v0.3.1
|
||||||
# See: https://mau.dev/mautrix/whatsapp/container_registry
|
# See: https://mau.dev/mautrix/whatsapp/container_registry
|
||||||
matrix_mautrix_whatsapp_docker_image: "{{ matrix_mautrix_whatsapp_docker_image_name_prefix }}mautrix/whatsapp:{{ matrix_mautrix_whatsapp_version }}"
|
matrix_mautrix_whatsapp_docker_image: "{{ matrix_mautrix_whatsapp_docker_image_name_prefix }}mautrix/whatsapp:{{ matrix_mautrix_whatsapp_version }}"
|
||||||
matrix_mautrix_whatsapp_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_whatsapp_container_image_self_build else 'dock.mau.dev/' }}"
|
matrix_mautrix_whatsapp_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_whatsapp_container_image_self_build else 'dock.mau.dev/' }}"
|
||||||
|
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue