diff --git a/examples/hosts b/examples/hosts index 67dc3519..7c1e29cc 100644 --- a/examples/hosts +++ b/examples/hosts @@ -7,5 +7,5 @@ # For improved Ansible performance, SSH pipelining is enabled by default (`ansible_ssh_pipelining=yes`). # If this causes SSH connection troubles, feel free to disable it. -[matrix-servers] +[matrix_servers] matrix. ansible_host= ansible_ssh_user=root ansible_ssh_pipelining=yes diff --git a/group_vars/matrix-servers b/group_vars/matrix_servers similarity index 100% rename from group_vars/matrix-servers rename to group_vars/matrix_servers diff --git a/roles/matrix-base/tasks/main.yml b/roles/matrix-base/tasks/main.yml index 892cd7d1..6587d81d 100644 --- a/roles/matrix-base/tasks/main.yml +++ b/roles/matrix-base/tasks/main.yml @@ -3,22 +3,22 @@ - always - import_tasks: "{{ role_path }}/tasks/clean_up_old_files.yml" - when: run_setup + when: run_setup|bool tags: - setup-all - import_tasks: "{{ role_path }}/tasks/setup_server_base.yml" - when: run_setup + when: run_setup|bool tags: - setup-all - import_tasks: "{{ role_path }}/tasks/setup_matrix_base.yml" - when: run_setup + when: run_setup|bool tags: - setup-all - import_tasks: "{{ role_path }}/tasks/setup_well_known.yml" - when: run_setup + when: run_setup|bool tags: - setup-all - setup-mxisd @@ -28,6 +28,6 @@ - import_tasks: "{{ role_path }}/tasks/self_check_dns.yml" delegate_to: 127.0.0.1 become: false - when: run_self_check + when: run_self_check|bool tags: - self-check diff --git a/roles/matrix-base/tasks/self_check_dns.yml b/roles/matrix-base/tasks/self_check_dns.yml index 36c14631..ceab00da 100644 --- a/roles/matrix-base/tasks/self_check_dns.yml +++ b/roles/matrix-base/tasks/self_check_dns.yml @@ -19,7 +19,7 @@ - name: Determine domains that we require certificates for (mxisd) set_fact: dns_srv_record_checks: "{{ dns_srv_record_checks + [dns_srv_record_check_mxisd] }}" - when: "matrix_mxisd_enabled" + when: matrix_mxisd_enabled|bool - name: Perform DNS SRV checks include_tasks: "{{ role_path }}/tasks/self_check_dns_srv.yml" diff --git a/roles/matrix-base/tasks/setup_well_known.yml b/roles/matrix-base/tasks/setup_well_known.yml index 06e62617..36706df4 100644 --- a/roles/matrix-base/tasks/setup_well_known.yml +++ b/roles/matrix-base/tasks/setup_well_known.yml @@ -27,10 +27,10 @@ mode: 0644 owner: "{{ matrix_user_username }}" group: "{{ matrix_user_username }}" - when: matrix_well_known_matrix_server_enabled + when: matrix_well_known_matrix_server_enabled|bool - name: Ensure Matrix /.well-known/matrix/server file deleted file: path: "{{ matrix_static_files_base_path }}/.well-known/matrix/server" state: absent - when: "not matrix_well_known_matrix_server_enabled" + when: "not matrix_well_known_matrix_server_enabled|bool" diff --git a/roles/matrix-bridge-appservice-discord/tasks/init.yml b/roles/matrix-bridge-appservice-discord/tasks/init.yml index ee6fe1ff..9d7b1939 100644 --- a/roles/matrix-bridge-appservice-discord/tasks/init.yml +++ b/roles/matrix-bridge-appservice-discord/tasks/init.yml @@ -1,3 +1,3 @@ - set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-appservice-discord'] }}" - when: matrix_appservice_discord_enabled + when: matrix_appservice_discord_enabled|bool diff --git a/roles/matrix-bridge-appservice-discord/tasks/main.yml b/roles/matrix-bridge-appservice-discord/tasks/main.yml index 61dfc73b..bad5e320 100644 --- a/roles/matrix-bridge-appservice-discord/tasks/main.yml +++ b/roles/matrix-bridge-appservice-discord/tasks/main.yml @@ -3,19 +3,19 @@ - always - import_tasks: "{{ role_path }}/tasks/validate_config.yml" - when: "run_setup and matrix_appservice_discord_enabled" + when: "run_setup|bool and matrix_appservice_discord_enabled|bool" tags: - setup-all - setup-appservice-discord - import_tasks: "{{ role_path }}/tasks/setup_install.yml" - when: "run_setup and matrix_appservice_discord_enabled" + when: "run_setup|bool and matrix_appservice_discord_enabled|bool" tags: - setup-all - setup-appservice-discord - import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" - when: "run_setup and not matrix_appservice_discord_enabled" + when: "run_setup|bool and not matrix_appservice_discord_enabled|bool" tags: - setup-all - setup-appservice-discord diff --git a/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml b/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml index cbeb27b5..59dd8d01 100644 --- a/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml +++ b/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml @@ -11,6 +11,7 @@ - name: Ensure Appservice Discord image is pulled docker_image: name: "{{ matrix_appservice_discord_docker_image }}" + source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" - name: Ensure Appservice Discord base directory exists file: @@ -90,4 +91,3 @@ {{ matrix_synapse_app_service_config_files|default([]) }} + {{ ["{{ matrix_synapse_app_service_config_file_appservice_discord }}"] | to_nice_json }} - diff --git a/roles/matrix-bridge-appservice-irc/tasks/init.yml b/roles/matrix-bridge-appservice-irc/tasks/init.yml index e4dd1d98..2bd8c2a7 100644 --- a/roles/matrix-bridge-appservice-irc/tasks/init.yml +++ b/roles/matrix-bridge-appservice-irc/tasks/init.yml @@ -1,3 +1,3 @@ - set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-appservice-irc'] }}" - when: matrix_appservice_irc_enabled + when: matrix_appservice_irc_enabled|bool diff --git a/roles/matrix-bridge-appservice-irc/tasks/main.yml b/roles/matrix-bridge-appservice-irc/tasks/main.yml index a0aa679e..da92ecf0 100644 --- a/roles/matrix-bridge-appservice-irc/tasks/main.yml +++ b/roles/matrix-bridge-appservice-irc/tasks/main.yml @@ -3,19 +3,19 @@ - always - import_tasks: "{{ role_path }}/tasks/validate_config.yml" - when: "run_setup and matrix_appservice_irc_enabled" + when: "run_setup|bool and matrix_appservice_irc_enabled|bool" tags: - setup-all - setup-appservice-irc - import_tasks: "{{ role_path }}/tasks/setup_install.yml" - when: "run_setup and matrix_appservice_irc_enabled" + when: "run_setup|bool and matrix_appservice_irc_enabled|bool" tags: - setup-all - setup-appservice-irc - import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" - when: "run_setup and not matrix_appservice_irc_enabled" + when: "run_setup|bool and not matrix_appservice_irc_enabled|bool" tags: - setup-all - setup-appservice-irc diff --git a/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml b/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml index b0266bb1..2825ac6b 100644 --- a/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml +++ b/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml @@ -11,6 +11,7 @@ - name: Ensure Appservice IRC image is pulled docker_image: name: "{{ matrix_appservice_irc_docker_image }}" + source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" - name: Ensure Appservice IRC base directory exists file: diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/init.yml b/roles/matrix-bridge-mautrix-facebook/tasks/init.yml index cafdc4d5..b19c90cd 100644 --- a/roles/matrix-bridge-mautrix-facebook/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-facebook/tasks/init.yml @@ -1,3 +1,3 @@ - set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-facebook'] }}" - when: "matrix_mautrix_facebook_enabled" + when: matrix_mautrix_facebook_enabled|bool diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/main.yml b/roles/matrix-bridge-mautrix-facebook/tasks/main.yml index f86fadbe..54fb6f9d 100644 --- a/roles/matrix-bridge-mautrix-facebook/tasks/main.yml +++ b/roles/matrix-bridge-mautrix-facebook/tasks/main.yml @@ -3,19 +3,19 @@ - always - import_tasks: "{{ role_path }}/tasks/validate_config.yml" - when: "run_setup and matrix_mautrix_facebook_enabled" + when: "run_setup|bool and matrix_mautrix_facebook_enabled|bool" tags: - setup-all - setup-mautrix-facebook - import_tasks: "{{ role_path }}/tasks/setup_install.yml" - when: "run_setup and matrix_mautrix_facebook_enabled" + when: "run_setup|bool and matrix_mautrix_facebook_enabled|bool" tags: - setup-all - setup-mautrix-facebook - import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" - when: "run_setup and not matrix_mautrix_facebook_enabled" + when: "run_setup|bool and not matrix_mautrix_facebook_enabled|bool" tags: - setup-all - setup-mautrix-facebook diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml index f0c29193..a1332187 100644 --- a/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml @@ -11,6 +11,7 @@ - name: Ensure Mautrix Facebook image is pulled docker_image: name: "{{ matrix_mautrix_facebook_docker_image }}" + source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" - name: Ensure Mautrix Facebook base directory exists file: diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/init.yml b/roles/matrix-bridge-mautrix-telegram/tasks/init.yml index f9956d3d..27a84f1f 100644 --- a/roles/matrix-bridge-mautrix-telegram/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-telegram/tasks/init.yml @@ -1,3 +1,3 @@ - set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-telegram'] }}" - when: "matrix_mautrix_telegram_enabled" + when: matrix_mautrix_telegram_enabled|bool diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/main.yml b/roles/matrix-bridge-mautrix-telegram/tasks/main.yml index e304aedf..8a218ed8 100644 --- a/roles/matrix-bridge-mautrix-telegram/tasks/main.yml +++ b/roles/matrix-bridge-mautrix-telegram/tasks/main.yml @@ -3,19 +3,19 @@ - always - import_tasks: "{{ role_path }}/tasks/validate_config.yml" - when: "run_setup and matrix_mautrix_telegram_enabled" + when: "run_setup|bool and matrix_mautrix_telegram_enabled|bool" tags: - setup-all - setup-mautrix-telegram - import_tasks: "{{ role_path }}/tasks/setup_install.yml" - when: "run_setup and matrix_mautrix_telegram_enabled" + when: "run_setup|bool and matrix_mautrix_telegram_enabled|bool" tags: - setup-all - setup-mautrix-telegram - import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" - when: "run_setup and not matrix_mautrix_telegram_enabled" + when: "run_setup|bool and not matrix_mautrix_telegram_enabled|bool" tags: - setup-all - setup-mautrix-telegram diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml index 920ff54f..59b95550 100644 --- a/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml @@ -11,6 +11,7 @@ - name: Ensure Mautrix Telegram image is pulled docker_image: name: "{{ matrix_mautrix_telegram_docker_image }}" + source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" - name: Ensure Mautrix Telegram base directory exists file: @@ -98,7 +99,7 @@ but it's pointless since the matrix-nginx-proxy role had already executed. To fix this, please change the order of roles in your plabook, so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-telegram role. - when: "matrix_nginx_proxy_role_executed" + when: matrix_nginx_proxy_role_executed|bool - name: Generate Mautrix Telegram proxying configuration for matrix-nginx-proxy set_fact: diff --git a/roles/matrix-bridge-mautrix-whatsapp/tasks/init.yml b/roles/matrix-bridge-mautrix-whatsapp/tasks/init.yml index c1e62d87..4b67e2ba 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-whatsapp/tasks/init.yml @@ -1,3 +1,3 @@ - set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-whatsapp'] }}" - when: "matrix_mautrix_whatsapp_enabled" + when: matrix_mautrix_whatsapp_enabled|bool diff --git a/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml index 03bc8308..7c090e9b 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml @@ -11,6 +11,7 @@ - name: Ensure Mautrix Whatsapp image is pulled docker_image: name: "{{ matrix_mautrix_whatsapp_docker_image }}" + source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" - name: Ensure Mautrix Whatsapp base directory exists file: diff --git a/roles/matrix-common-after/tasks/main.yml b/roles/matrix-common-after/tasks/main.yml index 4581024e..fb942553 100644 --- a/roles/matrix-common-after/tasks/main.yml +++ b/roles/matrix-common-after/tasks/main.yml @@ -1,9 +1,9 @@ - import_tasks: "{{ role_path }}/tasks/start.yml" - when: run_start + when: run_start|bool tags: - start - import_tasks: "{{ role_path }}/tasks/stop.yml" - when: run_stop + when: run_stop|bool tags: - stop diff --git a/roles/matrix-corporal/tasks/init.yml b/roles/matrix-corporal/tasks/init.yml index b7e0e3f8..e2001844 100644 --- a/roles/matrix-corporal/tasks/init.yml +++ b/roles/matrix-corporal/tasks/init.yml @@ -1,3 +1,3 @@ - set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-corporal'] }}" - when: "matrix_corporal_enabled" + when: matrix_corporal_enabled|bool diff --git a/roles/matrix-corporal/tasks/main.yml b/roles/matrix-corporal/tasks/main.yml index c4d109b8..90c8105c 100644 --- a/roles/matrix-corporal/tasks/main.yml +++ b/roles/matrix-corporal/tasks/main.yml @@ -3,13 +3,13 @@ - always - import_tasks: "{{ role_path }}/tasks/validate_config.yml" - when: "run_setup and matrix_corporal_enabled" + when: "run_setup|bool and matrix_corporal_enabled|bool" tags: - setup-all - setup-corporal - import_tasks: "{{ role_path }}/tasks/setup_corporal.yml" - when: run_setup + when: run_setup|bool tags: - setup-all - setup-corporal @@ -17,6 +17,6 @@ - import_tasks: "{{ role_path }}/tasks/self_check_corporal.yml" delegate_to: 127.0.0.1 become: false - when: "run_self_check and matrix_corporal_enabled" + when: "run_self_check|bool and matrix_corporal_enabled|bool" tags: - - self-check \ No newline at end of file + - self-check diff --git a/roles/matrix-corporal/tasks/setup_corporal.yml b/roles/matrix-corporal/tasks/setup_corporal.yml index 816f05c1..9c65b11c 100644 --- a/roles/matrix-corporal/tasks/setup_corporal.yml +++ b/roles/matrix-corporal/tasks/setup_corporal.yml @@ -15,19 +15,20 @@ - "{{ matrix_corporal_config_dir_path }}" - "{{ matrix_corporal_cache_dir_path }}" - "{{ matrix_corporal_var_dir_path }}" - when: "matrix_corporal_enabled" + when: matrix_corporal_enabled|bool - name: Ensure Matrix Corporal Docker image is pulled docker_image: name: "{{ matrix_corporal_docker_image }}" - when: "matrix_corporal_enabled" + source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" + when: matrix_corporal_enabled|bool - name: Ensure Matrix Corporal config installed template: src: "{{ role_path }}/templates/config.json.j2" dest: "{{ matrix_corporal_config_dir_path }}/config.json" mode: 0644 - when: "matrix_corporal_enabled" + when: matrix_corporal_enabled|bool - name: Ensure matrix-corporal.service installed template: @@ -35,12 +36,12 @@ dest: "/etc/systemd/system/matrix-corporal.service" mode: 0644 register: matrix_corporal_systemd_service_result - when: "matrix_corporal_enabled" + when: matrix_corporal_enabled|bool - name: Ensure systemd reloaded after matrix-corporal.service installation service: daemon_reload: yes - when: "matrix_corporal_enabled and matrix_corporal_systemd_service_result.changed" + when: "matrix_corporal_enabled|bool and matrix_corporal_systemd_service_result.changed" # @@ -51,7 +52,7 @@ stat: path: "/etc/systemd/system/matrix-corporal.service" register: matrix_corporal_service_stat - when: "not matrix_corporal_enabled" + when: "not matrix_corporal_enabled|bool" - name: Ensure matrix-corporal is stopped service: @@ -59,18 +60,18 @@ state: stopped daemon_reload: yes register: stopping_result - when: "not matrix_corporal_enabled and matrix_corporal_service_stat.stat.exists" + when: "not matrix_corporal_enabled|bool and matrix_corporal_service_stat.stat.exists" - name: Ensure matrix-corporal.service doesn't exist file: path: "/etc/systemd/system/matrix-corporal.service" state: absent - when: "not matrix_corporal_enabled and matrix_corporal_service_stat.stat.exists" + when: "not matrix_corporal_enabled|bool and matrix_corporal_service_stat.stat.exists" - name: Ensure systemd reloaded after matrix-corporal.service removal service: daemon_reload: yes - when: "not matrix_corporal_enabled and matrix_corporal_service_stat.stat.exists" + when: "not matrix_corporal_enabled|bool and matrix_corporal_service_stat.stat.exists" - name: Ensure matrix-corporal files don't exist file: @@ -79,10 +80,10 @@ with_items: - /etc/systemd/system/matrix-corporal.service - "{{ matrix_corporal_config_dir_path }}/config.json" - when: "not matrix_corporal_enabled" + when: "not matrix_corporal_enabled|bool" - name: Ensure Matrix Corporal Docker image doesn't exist docker_image: name: "{{ matrix_corporal_docker_image }}" state: absent - when: "not matrix_corporal_enabled" + when: "not matrix_corporal_enabled|bool" diff --git a/roles/matrix-corporal/tasks/validate_config.yml b/roles/matrix-corporal/tasks/validate_config.yml index db84f9d9..ace2eb1f 100644 --- a/roles/matrix-corporal/tasks/validate_config.yml +++ b/roles/matrix-corporal/tasks/validate_config.yml @@ -14,4 +14,4 @@ - name: Fail if HTTP API enabled, but no token set fail: msg: "The Matrix Corporal HTTP API is enabled (`matrix_corporal_http_api_enabled`), but no auth token has been set in `matrix_corporal_http_api_auth_token`" - when: "matrix_corporal_http_api_enabled and matrix_corporal_http_api_auth_token == ''" + when: "matrix_corporal_http_api_enabled|bool and matrix_corporal_http_api_auth_token == ''" diff --git a/roles/matrix-coturn/tasks/init.yml b/roles/matrix-coturn/tasks/init.yml index 7d19d48d..603b536a 100644 --- a/roles/matrix-coturn/tasks/init.yml +++ b/roles/matrix-coturn/tasks/init.yml @@ -1,3 +1,3 @@ - set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-coturn'] }}" - when: "matrix_coturn_enabled" + when: matrix_coturn_enabled|bool diff --git a/roles/matrix-coturn/tasks/main.yml b/roles/matrix-coturn/tasks/main.yml index e12aeca3..007a7ede 100644 --- a/roles/matrix-coturn/tasks/main.yml +++ b/roles/matrix-coturn/tasks/main.yml @@ -3,13 +3,13 @@ - always - import_tasks: "{{ role_path }}/tasks/validate_config.yml" - when: "run_setup and matrix_coturn_enabled" + when: "run_setup|bool and matrix_coturn_enabled|bool" tags: - setup-all - setup-coturn - import_tasks: "{{ role_path }}/tasks/setup_coturn.yml" - when: run_setup + when: run_setup|bool tags: - setup-all - - setup-coturn \ No newline at end of file + - setup-coturn diff --git a/roles/matrix-coturn/tasks/setup_coturn.yml b/roles/matrix-coturn/tasks/setup_coturn.yml index 9f79f4c8..6a7a9f18 100644 --- a/roles/matrix-coturn/tasks/setup_coturn.yml +++ b/roles/matrix-coturn/tasks/setup_coturn.yml @@ -7,7 +7,8 @@ - name: Ensure Coturn image is pulled docker_image: name: "{{ matrix_coturn_docker_image }}" - when: matrix_coturn_enabled + source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" + when: matrix_coturn_enabled|bool - name: Ensure Coturn configuration path exists file: @@ -16,14 +17,14 @@ mode: 0750 owner: "{{ matrix_user_username }}" group: "{{ matrix_user_username }}" - when: matrix_coturn_enabled + when: matrix_coturn_enabled|bool - name: Ensure turnserver.conf installed template: src: "{{ role_path }}/templates/turnserver.conf.j2" dest: "{{ matrix_coturn_config_path }}" mode: 0644 - when: matrix_coturn_enabled + when: matrix_coturn_enabled|bool # `docker_network` doesn't work as expected when the given network # is a substring of a network that already exists. @@ -34,12 +35,12 @@ cmd: "docker network ls -q --filter='name=^{{ matrix_coturn_docker_network }}$'" register: matrix_coturn_result_docker_network changed_when: false - when: matrix_coturn_enabled + when: matrix_coturn_enabled|bool - name: Create Coturn network in Docker shell: cmd: "docker network create --driver=bridge {{ matrix_coturn_docker_network }}" - when: "matrix_coturn_enabled and matrix_coturn_result_docker_network.stdout == ''" + when: "matrix_coturn_enabled|bool and matrix_coturn_result_docker_network.stdout == ''" - name: Ensure matrix-coturn.service installed template: @@ -47,12 +48,12 @@ dest: "/etc/systemd/system/matrix-coturn.service" mode: 0644 register: matrix_coturn_systemd_service_result - when: matrix_coturn_enabled + when: matrix_coturn_enabled|bool - name: Ensure systemd reloaded after matrix-coturn.service installation service: daemon_reload: yes - when: "matrix_coturn_enabled and matrix_coturn_systemd_service_result.changed" + when: "matrix_coturn_enabled|bool and matrix_coturn_systemd_service_result.changed" # This may be unnecessary when more long-lived certificates are used. # We optimize for the common use-case though (short-lived Let's Encrypt certificates). @@ -63,11 +64,11 @@ cron_file: matrix-coturn-ssl-reload name: matrix-coturn-ssl-reload state: present - hour: 4 - minute: 20 + hour: "4" + minute: "20" day: "*/5" job: /bin/systemctl reload matrix-coturn.service - when: matrix_coturn_enabled and matrix_coturn_tls_enabled + when: "matrix_coturn_enabled|bool and matrix_coturn_tls_enabled|bool" # @@ -79,13 +80,13 @@ user: root cron_file: matrix-coturn-ssl-reload state: absent - when: "not matrix_coturn_enabled or not matrix_coturn_tls_enabled" + when: "not matrix_coturn_enabled|bool or not matrix_coturn_tls_enabled|bool" - name: Check existence of matrix-coturn service stat: path: "/etc/systemd/system/matrix-coturn.service" register: matrix_coturn_service_stat - when: "not matrix_coturn_enabled" + when: "not matrix_coturn_enabled|bool" - name: Ensure matrix-coturn is stopped service: @@ -93,27 +94,27 @@ state: stopped daemon_reload: yes register: stopping_result - when: "not matrix_coturn_enabled and matrix_coturn_service_stat.stat.exists" + when: "not matrix_coturn_enabled|bool and matrix_coturn_service_stat.stat.exists" - name: Ensure matrix-coturn.service doesn't exist file: path: "/etc/systemd/system/matrix-coturn.service" state: absent - when: "not matrix_coturn_enabled and matrix_coturn_service_stat.stat.exists" + when: "not matrix_coturn_enabled|bool and matrix_coturn_service_stat.stat.exists" - name: Ensure systemd reloaded after matrix-coturn.service removal service: daemon_reload: yes - when: "not matrix_coturn_enabled and matrix_coturn_service_stat.stat.exists" + when: "not matrix_coturn_enabled|bool and matrix_coturn_service_stat.stat.exists" - name: Ensure Matrix coturn paths don't exist file: path: "{{ matrix_coturn_base_path }}" state: absent - when: "not matrix_coturn_enabled" + when: "not matrix_coturn_enabled|bool" - name: Ensure coturn Docker image doesn't exist docker_image: name: "{{ matrix_coturn_docker_image }}" state: absent - when: "not matrix_coturn_enabled" + when: "not matrix_coturn_enabled|bool" diff --git a/roles/matrix-dimension/tasks/init.yml b/roles/matrix-dimension/tasks/init.yml index 3e98de9d..e1d94683 100644 --- a/roles/matrix-dimension/tasks/init.yml +++ b/roles/matrix-dimension/tasks/init.yml @@ -1,3 +1,3 @@ - set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-dimension'] }}" - when: "matrix_dimension_enabled" \ No newline at end of file + when: matrix_dimension_enabled|bool diff --git a/roles/matrix-dimension/tasks/main.yml b/roles/matrix-dimension/tasks/main.yml index dd3bfc51..1888f945 100644 --- a/roles/matrix-dimension/tasks/main.yml +++ b/roles/matrix-dimension/tasks/main.yml @@ -3,13 +3,13 @@ - always - import_tasks: "{{ role_path }}/tasks/validate_config.yml" - when: run_setup + when: run_setup|bool tags: - setup-all - setup-dimension - import_tasks: "{{ role_path }}/tasks/setup_dimension.yml" - when: run_setup + when: run_setup|bool tags: - setup-all - - setup-dimension \ No newline at end of file + - setup-dimension diff --git a/roles/matrix-dimension/tasks/setup_dimension.yml b/roles/matrix-dimension/tasks/setup_dimension.yml index e8dea9ea..436bdd6d 100644 --- a/roles/matrix-dimension/tasks/setup_dimension.yml +++ b/roles/matrix-dimension/tasks/setup_dimension.yml @@ -11,7 +11,7 @@ mode: 0770 owner: "{{ matrix_user_username }}" group: "{{ matrix_dimension_user_gid }}" - when: matrix_dimension_enabled + when: matrix_dimension_enabled|bool - name: Ensure Dimension config installed copy: @@ -20,12 +20,13 @@ mode: 0640 owner: "{{ matrix_user_username }}" group: "{{ matrix_dimension_user_gid }}" - when: matrix_dimension_enabled + when: matrix_dimension_enabled|bool - name: Ensure Dimension image is pulled docker_image: name: "{{ matrix_dimension_docker_image }}" - when: matrix_dimension_enabled + source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" + when: matrix_dimension_enabled|bool - name: Ensure matrix-dimension.service installed template: @@ -33,12 +34,12 @@ dest: "/etc/systemd/system/matrix-dimension.service" mode: 0644 register: matrix_dimension_systemd_service_result - when: matrix_dimension_enabled + when: matrix_dimension_enabled|bool - name: Ensure systemd reloaded after matrix-dimension.service installation service: daemon_reload: yes - when: "matrix_dimension_enabled and matrix_dimension_systemd_service_result.changed" + when: "matrix_dimension_enabled|bool and matrix_dimension_systemd_service_result.changed" # # Tasks related to getting rid of the dimension (if it was previously enabled) @@ -48,7 +49,7 @@ stat: path: "/etc/systemd/system/matrix-dimension.service" register: matrix_dimension_service_stat - when: not matrix_dimension_enabled + when: "not matrix_dimension_enabled|bool" - name: Ensure matrix-dimension is stopped service: @@ -56,27 +57,27 @@ state: stopped daemon_reload: yes register: stopping_result - when: "not matrix_dimension_enabled and matrix_dimension_service_stat.stat.exists" + when: "not matrix_dimension_enabled|bool and matrix_dimension_service_stat.stat.exists" - name: Ensure matrix-dimension.service doesn't exist file: path: "/etc/systemd/system/matrix-dimension.service" state: absent - when: "not matrix_dimension_enabled and matrix_dimension_service_stat.stat.exists" + when: "not matrix_dimension_enabled|bool and matrix_dimension_service_stat.stat.exists" - name: Ensure systemd reloaded after matrix-dimension.service removal service: daemon_reload: yes - when: "not matrix_dimension_enabled and matrix_dimension_service_stat.stat.exists" + when: "not matrix_dimension_enabled|bool and matrix_dimension_service_stat.stat.exists" - name: Ensure Dimension environment variables path doesn't exist file: path: "{{ matrix_dimension_base_path }}" state: absent - when: "not matrix_dimension_enabled" + when: "not matrix_dimension_enabled|bool" - name: Ensure Dimension Docker image doesn't exist docker_image: name: "{{ matrix_dimension_docker_image }}" state: absent - when: "not matrix_dimension_enabled" + when: "not matrix_dimension_enabled|bool" diff --git a/roles/matrix-dimension/tasks/validate_config.yml b/roles/matrix-dimension/tasks/validate_config.yml index 69971a9b..59a4c050 100644 --- a/roles/matrix-dimension/tasks/validate_config.yml +++ b/roles/matrix-dimension/tasks/validate_config.yml @@ -12,4 +12,4 @@ You need to enable Matrix Federation to use Dimension. Set `{{ item }}` to 'true'. with_items: - "matrix_synapse_federation_enabled" - when: "matrix_dimension_enabled and matrix_synapse_federation_enabled == false" + when: "matrix_dimension_enabled|bool and not matrix_synapse_federation_enabled|bool" diff --git a/roles/matrix-mailer/tasks/init.yml b/roles/matrix-mailer/tasks/init.yml index c5f51ffe..1557bc64 100644 --- a/roles/matrix-mailer/tasks/init.yml +++ b/roles/matrix-mailer/tasks/init.yml @@ -1,3 +1,3 @@ - set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mailer'] }}" - when: "matrix_mailer_enabled" \ No newline at end of file + when: matrix_mailer_enabled|bool diff --git a/roles/matrix-mailer/tasks/main.yml b/roles/matrix-mailer/tasks/main.yml index d2f574ad..f636614e 100644 --- a/roles/matrix-mailer/tasks/main.yml +++ b/roles/matrix-mailer/tasks/main.yml @@ -3,7 +3,7 @@ - always - import_tasks: "{{ role_path }}/tasks/setup_mailer.yml" - when: run_setup + when: run_setup|bool tags: - setup-all - - setup-mailer \ No newline at end of file + - setup-mailer diff --git a/roles/matrix-mailer/tasks/setup_mailer.yml b/roles/matrix-mailer/tasks/setup_mailer.yml index 46445092..b60d031d 100644 --- a/roles/matrix-mailer/tasks/setup_mailer.yml +++ b/roles/matrix-mailer/tasks/setup_mailer.yml @@ -11,19 +11,20 @@ mode: 0750 owner: "{{ matrix_user_username }}" group: "{{ matrix_user_username }}" - when: matrix_mailer_enabled + when: matrix_mailer_enabled|bool - name: Ensure mailer environment variables file created template: src: "{{ role_path }}/templates/env-mailer.j2" dest: "{{ matrix_mailer_base_path }}/env-mailer" mode: 0640 - when: matrix_mailer_enabled + when: matrix_mailer_enabled|bool - name: Ensure mailer image is pulled docker_image: name: "{{ matrix_mailer_docker_image }}" - when: matrix_mailer_enabled + source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" + when: matrix_mailer_enabled|bool - name: Ensure matrix-mailer.service installed template: @@ -31,12 +32,12 @@ dest: "/etc/systemd/system/matrix-mailer.service" mode: 0644 register: matrix_mailer_systemd_service_result - when: matrix_mailer_enabled + when: matrix_mailer_enabled|bool - name: Ensure systemd reloaded after matrix-mailer.service installation service: daemon_reload: yes - when: "matrix_mailer_enabled and matrix_mailer_systemd_service_result.changed" + when: "matrix_mailer_enabled|bool and matrix_mailer_systemd_service_result.changed" # # Tasks related to getting rid of the mailer (if it was previously enabled) @@ -46,7 +47,7 @@ stat: path: "/etc/systemd/system/matrix-mailer.service" register: matrix_mailer_service_stat - when: "not matrix_mailer_enabled" + when: "not matrix_mailer_enabled|bool" - name: Ensure matrix-mailer is stopped service: @@ -54,27 +55,27 @@ state: stopped daemon_reload: yes register: stopping_result - when: "not matrix_mailer_enabled and matrix_mailer_service_stat.stat.exists" + when: "not matrix_mailer_enabled|bool and matrix_mailer_service_stat.stat.exists" - name: Ensure matrix-mailer.service doesn't exist file: path: "/etc/systemd/system/matrix-mailer.service" state: absent - when: "not matrix_mailer_enabled and matrix_mailer_service_stat.stat.exists" + when: "not matrix_mailer_enabled|bool and matrix_mailer_service_stat.stat.exists" - name: Ensure systemd reloaded after matrix-mailer.service removal service: daemon_reload: yes - when: "not matrix_mailer_enabled and matrix_mailer_service_stat.stat.exists" + when: "not matrix_mailer_enabled|bool and matrix_mailer_service_stat.stat.exists" - name: Ensure Matrix mailer environment variables path doesn't exist file: path: "{{ matrix_mailer_base_path }}" state: absent - when: "not matrix_mailer_enabled" + when: "not matrix_mailer_enabled|bool" - name: Ensure mailer Docker image doesn't exist docker_image: name: "{{ matrix_mailer_docker_image }}" state: absent - when: "not matrix_mailer_enabled" + when: "not matrix_mailer_enabled|bool" diff --git a/roles/matrix-mxisd/tasks/init.yml b/roles/matrix-mxisd/tasks/init.yml index b41ad7e3..94543b35 100644 --- a/roles/matrix-mxisd/tasks/init.yml +++ b/roles/matrix-mxisd/tasks/init.yml @@ -1,3 +1,3 @@ - set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mxisd'] }}" - when: "matrix_mxisd_enabled" \ No newline at end of file + when: matrix_mxisd_enabled|bool diff --git a/roles/matrix-mxisd/tasks/main.yml b/roles/matrix-mxisd/tasks/main.yml index c0e863d4..31970db4 100644 --- a/roles/matrix-mxisd/tasks/main.yml +++ b/roles/matrix-mxisd/tasks/main.yml @@ -3,7 +3,7 @@ - always - import_tasks: "{{ role_path }}/tasks/validate_config.yml" - when: "run_setup and matrix_mxisd_enabled" + when: "run_setup|bool and matrix_mxisd_enabled|bool" tags: - setup-all - setup-mxisd @@ -16,6 +16,6 @@ - import_tasks: "{{ role_path }}/tasks/self_check_mxisd.yml" delegate_to: 127.0.0.1 become: false - when: "run_self_check and matrix_mxisd_enabled" + when: "run_self_check|bool and matrix_mxisd_enabled|bool" tags: - self-check diff --git a/roles/matrix-mxisd/tasks/setup_mxisd.yml b/roles/matrix-mxisd/tasks/setup_mxisd.yml index e5b950de..4f9fdca8 100644 --- a/roles/matrix-mxisd/tasks/setup_mxisd.yml +++ b/roles/matrix-mxisd/tasks/setup_mxisd.yml @@ -14,12 +14,13 @@ with_items: - "{{ matrix_mxisd_config_path }}" - "{{ matrix_mxisd_data_path }}" - when: matrix_mxisd_enabled + when: matrix_mxisd_enabled|bool - name: Ensure mxisd image is pulled docker_image: name: "{{ matrix_mxisd_docker_image }}" - when: matrix_mxisd_enabled + source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" + when: matrix_mxisd_enabled|bool - name: Ensure mxisd config installed copy: @@ -28,7 +29,7 @@ mode: 0644 owner: "{{ matrix_user_username }}" group: "{{ matrix_user_username }}" - when: matrix_mxisd_enabled + when: matrix_mxisd_enabled|bool - name: Ensure custom templates are installed if any copy: @@ -42,7 +43,7 @@ - {value: "{{ matrix_mxisd_threepid_medium_email_custom_session_validation_template }}", location: 'validate-template.eml'} - {value: "{{ matrix_mxisd_threepid_medium_email_custom_unbind_fraudulent_template }}", location: 'unbind-fraudulent.eml'} - {value: "{{ matrix_mxisd_threepid_medium_email_custom_matrixid_template }}", location: 'mxid-template.eml'} - when: matrix_mxisd_enabled and matrix_mxisd_threepid_medium_email_custom_templates_enabled and item.value + when: "matrix_mxisd_enabled|bool and matrix_mxisd_threepid_medium_email_custom_templates_enabled|bool and item.value" - name: Ensure matrix-mxisd.service installed template: @@ -50,12 +51,12 @@ dest: "/etc/systemd/system/matrix-mxisd.service" mode: 0644 register: matrix_mxisd_systemd_service_result - when: matrix_mxisd_enabled + when: matrix_mxisd_enabled|bool - name: Ensure systemd reloaded after matrix-mxisd.service installation service: daemon_reload: yes - when: "matrix_mxisd_enabled and matrix_mxisd_systemd_service_result.changed" + when: "matrix_mxisd_enabled|bool and matrix_mxisd_systemd_service_result.changed" # # Tasks related to getting rid of mxisd (if it was previously enabled) @@ -72,27 +73,27 @@ state: stopped daemon_reload: yes register: stopping_result - when: "not matrix_mxisd_enabled and matrix_mxisd_service_stat.stat.exists" + when: "not matrix_mxisd_enabled|bool and matrix_mxisd_service_stat.stat.exists" - name: Ensure matrix-mxisd.service doesn't exist file: path: "/etc/systemd/system/matrix-mxisd.service" state: absent - when: "not matrix_mxisd_enabled and matrix_mxisd_service_stat.stat.exists" + when: "not matrix_mxisd_enabled|bool and matrix_mxisd_service_stat.stat.exists" - name: Ensure systemd reloaded after matrix-mxisd.service removal service: daemon_reload: yes - when: "not matrix_mxisd_enabled and matrix_mxisd_service_stat.stat.exists" + when: "not matrix_mxisd_enabled|bool and matrix_mxisd_service_stat.stat.exists" - name: Ensure Matrix mxisd paths don't exist file: path: "{{ matrix_mxisd_base_path }}" state: absent - when: "not matrix_mxisd_enabled" + when: "not matrix_mxisd_enabled|bool" - name: Ensure mxisd Docker image doesn't exist docker_image: name: "{{ matrix_mxisd_docker_image }}" state: absent - when: "not matrix_mxisd_enabled" + when: "not matrix_mxisd_enabled|bool" diff --git a/roles/matrix-nginx-proxy/tasks/init.yml b/roles/matrix-nginx-proxy/tasks/init.yml index dc27f789..c968d093 100644 --- a/roles/matrix-nginx-proxy/tasks/init.yml +++ b/roles/matrix-nginx-proxy/tasks/init.yml @@ -1,3 +1,3 @@ - set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-nginx-proxy'] }}" - when: "matrix_nginx_proxy_enabled" \ No newline at end of file + when: matrix_nginx_proxy_enabled|bool diff --git a/roles/matrix-nginx-proxy/tasks/main.yml b/roles/matrix-nginx-proxy/tasks/main.yml index 08a71400..ad111951 100644 --- a/roles/matrix-nginx-proxy/tasks/main.yml +++ b/roles/matrix-nginx-proxy/tasks/main.yml @@ -6,20 +6,20 @@ # This role performs actions even if the role is disabled, so we need # to ensure there's a valid configuration in any case. - import_tasks: "{{ role_path }}/tasks/validate_config.yml" - when: run_setup + when: run_setup|bool tags: - setup-all - setup-nginx-proxy - import_tasks: "{{ role_path }}/tasks/ssl/main.yml" - when: run_setup + when: run_setup|bool tags: - setup-all - setup-nginx-proxy - setup-ssl - import_tasks: "{{ role_path }}/tasks/setup_nginx_proxy.yml" - when: run_setup + when: run_setup|bool tags: - setup-all - setup-nginx-proxy @@ -27,7 +27,7 @@ - import_tasks: "{{ role_path }}/tasks/self_check_well_known.yml" delegate_to: 127.0.0.1 become: false - when: run_self_check + when: run_self_check|bool tags: - self-check diff --git a/roles/matrix-nginx-proxy/tasks/self_check_well_known.yml b/roles/matrix-nginx-proxy/tasks/self_check_well_known.yml index 5f2138a4..72be0f41 100644 --- a/roles/matrix-nginx-proxy/tasks/self_check_well_known.yml +++ b/roles/matrix-nginx-proxy/tasks/self_check_well_known.yml @@ -21,7 +21,7 @@ - name: Determine domains that we require certificates for (mxisd) set_fact: well_known_file_checks: "{{ well_known_file_checks + [well_known_file_check_matrix_server] }}" - when: "matrix_well_known_matrix_server_enabled" + when: matrix_well_known_matrix_server_enabled|bool - name: Perform well-known checks include_tasks: "{{ role_path }}/tasks/self_check_well_known_file.yml" diff --git a/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml b/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml index 9f834560..b775c333 100644 --- a/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml +++ b/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml @@ -27,7 +27,7 @@ src: "{{ role_path }}/templates/nginx/nginx.conf.j2" dest: "{{ matrix_nginx_proxy_base_path }}/nginx.conf" mode: 0644 - when: "matrix_nginx_proxy_enabled" + when: matrix_nginx_proxy_enabled|bool - name: Ensure matrix-synapse-metrics-htpasswd is present (protecting /_synapse/metrics URI) template: @@ -36,35 +36,35 @@ owner: "{{ matrix_user_username }}" group: "{{ matrix_user_username }}" mode: 0400 - when: "matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_enabled and matrix_nginx_proxy_proxy_synapse_metrics" + when: "matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_enabled|bool and matrix_nginx_proxy_proxy_synapse_metrics|bool" - name: Ensure Matrix nginx-proxy configured (generic) template: src: "{{ role_path }}/templates/nginx/conf.d/nginx-http.conf.j2" dest: "{{ matrix_nginx_proxy_confd_path }}/nginx-http.conf" mode: 0644 - when: "matrix_nginx_proxy_enabled" + when: matrix_nginx_proxy_enabled|bool - name: Ensure Matrix nginx-proxy configuration for matrix domain exists template: src: "{{ role_path }}/templates/nginx/conf.d/matrix-synapse.conf.j2" dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-synapse.conf" mode: 0644 - when: "matrix_nginx_proxy_proxy_matrix_enabled" + when: matrix_nginx_proxy_proxy_matrix_enabled|bool - name: Ensure Matrix nginx-proxy configuration for riot domain exists template: src: "{{ role_path }}/templates/nginx/conf.d/matrix-riot-web.conf.j2" dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-riot-web.conf" mode: 0644 - when: "matrix_nginx_proxy_proxy_riot_enabled" + when: matrix_nginx_proxy_proxy_riot_enabled|bool - name: Ensure Matrix nginx-proxy configuration for dimension domain exists template: src: "{{ role_path }}/templates/nginx/conf.d/matrix-dimension.conf.j2" dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-dimension.conf" mode: 0644 - when: "matrix_nginx_proxy_proxy_dimension_enabled" + when: matrix_nginx_proxy_proxy_dimension_enabled|bool - name: Ensure Matrix nginx-proxy data directory for base domain exists file: @@ -73,7 +73,7 @@ mode: 0750 owner: "{{ matrix_user_username }}" group: "{{ matrix_user_username }}" - when: "matrix_nginx_proxy_base_domain_serving_enabled" + when: matrix_nginx_proxy_base_domain_serving_enabled|bool - name: Ensure Matrix nginx-proxy homepage for base domain exists copy: @@ -82,14 +82,14 @@ mode: 0644 owner: "{{ matrix_user_username }}" group: "{{ matrix_user_username }}" - when: "matrix_nginx_proxy_base_domain_serving_enabled" + when: matrix_nginx_proxy_base_domain_serving_enabled|bool - name: Ensure Matrix nginx-proxy configuration for base domain exists template: src: "{{ role_path }}/templates/nginx/conf.d/matrix-domain.conf.j2" dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-domain.conf" mode: 0644 - when: "matrix_nginx_proxy_base_domain_serving_enabled" + when: matrix_nginx_proxy_base_domain_serving_enabled|bool # # Tasks related to setting up matrix-nginx-proxy @@ -97,7 +97,8 @@ - name: Ensure nginx Docker image is pulled docker_image: name: "{{ matrix_nginx_proxy_docker_image }}" - when: matrix_nginx_proxy_enabled + source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" + when: matrix_nginx_proxy_enabled|bool - name: Ensure matrix-nginx-proxy.service installed template: @@ -105,7 +106,7 @@ dest: "/etc/systemd/system/matrix-nginx-proxy.service" mode: 0644 register: matrix_nginx_proxy_systemd_service_result - when: matrix_nginx_proxy_enabled + when: matrix_nginx_proxy_enabled|bool - name: Ensure systemd reloaded after matrix-nginx-proxy.service installation service: @@ -121,7 +122,7 @@ stat: path: "/etc/systemd/system/matrix-nginx-proxy.service" register: matrix_nginx_proxy_service_stat - when: "not matrix_nginx_proxy_enabled" + when: "not matrix_nginx_proxy_enabled|bool" - name: Ensure matrix-nginx-proxy is stopped service: @@ -129,57 +130,57 @@ state: stopped daemon_reload: yes register: stopping_result - when: "not matrix_nginx_proxy_enabled and matrix_nginx_proxy_service_stat.stat.exists" + when: "not matrix_nginx_proxy_enabled|bool and matrix_nginx_proxy_service_stat.stat.exists" - name: Ensure matrix-nginx-proxy.service doesn't exist file: path: "/etc/systemd/system/matrix-nginx-proxy.service" state: absent - when: "not matrix_nginx_proxy_enabled and matrix_nginx_proxy_service_stat.stat.exists" + when: "not matrix_nginx_proxy_enabled|bool and matrix_nginx_proxy_service_stat.stat.exists" - name: Ensure systemd reloaded after matrix-nginx-proxy.service removal service: daemon_reload: yes - when: "not matrix_nginx_proxy_enabled and matrix_nginx_proxy_service_stat.stat.exists" + when: "not matrix_nginx_proxy_enabled|bool and matrix_nginx_proxy_service_stat.stat.exists" - name: Ensure Matrix nginx-proxy configuration for matrix domain deleted file: path: "{{ matrix_nginx_proxy_confd_path }}/matrix-synapse.conf" state: absent - when: "not matrix_nginx_proxy_proxy_matrix_enabled" + when: "not matrix_nginx_proxy_proxy_matrix_enabled|bool" - name: Ensure Matrix nginx-proxy configuration for riot domain deleted file: path: "{{ matrix_nginx_proxy_confd_path }}/matrix-riot-web.conf" state: absent - when: "not matrix_nginx_proxy_proxy_riot_enabled" + when: "not matrix_nginx_proxy_proxy_riot_enabled|bool" - name: Ensure Matrix nginx-proxy configuration for dimension domain deleted file: path: "{{ matrix_nginx_proxy_confd_path }}/matrix-dimension.conf" state: absent - when: "not matrix_nginx_proxy_proxy_dimension_enabled" + when: "not matrix_nginx_proxy_proxy_dimension_enabled|bool" - name: Ensure Matrix nginx-proxy homepage for base domain deleted file: path: "{{ matrix_nginx_proxy_data_path }}/matrix-domain/index.html" state: absent - when: "not matrix_nginx_proxy_base_domain_serving_enabled" + when: "not matrix_nginx_proxy_base_domain_serving_enabled|bool" - name: Ensure Matrix nginx-proxy configuration for base domain deleted file: path: "{{ matrix_nginx_proxy_confd_path }}/matrix-domain.conf" state: absent - when: "not matrix_nginx_proxy_base_domain_serving_enabled" + when: "not matrix_nginx_proxy_base_domain_serving_enabled|bool" - name: Ensure Matrix nginx-proxy configuration for main config override deleted file: path: "{{ matrix_nginx_proxy_base_path }}/nginx.conf" state: absent - when: "not matrix_nginx_proxy_enabled" + when: "not matrix_nginx_proxy_enabled|bool" - name: Ensure Matrix nginx-proxy htpasswd is deleted (protecting /_synapse/metrics URI) file: path: "{{ matrix_nginx_proxy_data_path }}/matrix-synapse-metrics-htpasswd" state: absent - when: "not matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_enabled or not matrix_nginx_proxy_proxy_synapse_metrics" + when: "not matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_enabled|bool or not matrix_nginx_proxy_proxy_synapse_metrics|bool" diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml index 629f24c7..970ecc94 100644 --- a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml +++ b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml @@ -36,6 +36,7 @@ - name: Ensure certbot Docker image is pulled docker_image: name: "{{ matrix_ssl_lets_encrypt_certbot_docker_image }}" + source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" when: "matrix_ssl_retrieval_method == 'lets-encrypt'" - name: Obtain Let's Encrypt certificates @@ -67,8 +68,8 @@ cron_file: matrix-ssl-lets-encrypt name: matrix-ssl-lets-encrypt-certificates-renew state: present - hour: 4 - minute: 15 + hour: "4" + minute: "15" day: "*" job: /usr/local/bin/matrix-ssl-lets-encrypt-certificates-renew @@ -78,11 +79,11 @@ cron_file: matrix-ssl-lets-encrypt name: matrix-nginx-proxy-reload state: present - hour: 5 - minute: 20 + hour: "5" + minute: "20" day: "*" job: /bin/systemctl reload matrix-nginx-proxy.service - when: matrix_nginx_proxy_enabled + when: matrix_nginx_proxy_enabled|bool when: "matrix_ssl_retrieval_method == 'lets-encrypt'" @@ -98,7 +99,7 @@ cron_file: matrix-ssl-lets-encrypt name: matrix-nginx-proxy-reload state: absent - when: "not matrix_nginx_proxy_enabled" + when: "not matrix_nginx_proxy_enabled|bool" # When Let's Encrypt is not used at all, remove all cronjobs in that cron file. - name: Ensure matrix-ssl-lets-encrypt-renew cronjob removed diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml index dde5a6da..85afce2c 100644 --- a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml +++ b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml @@ -35,7 +35,7 @@ --agree-tos --email={{ matrix_ssl_lets_encrypt_support_email }} -d {{ domain_name }} - when: "domain_name_needs_cert" + when: domain_name_needs_cert|bool register: result_certbot_direct ignore_errors: true diff --git a/roles/matrix-postgres/tasks/import_postgres.yml b/roles/matrix-postgres/tasks/import_postgres.yml index 67d7f86c..bbed1c95 100644 --- a/roles/matrix-postgres/tasks/import_postgres.yml +++ b/roles/matrix-postgres/tasks/import_postgres.yml @@ -5,7 +5,7 @@ - name: Fail if Postgres not enabled fail: msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot import." - when: "not matrix_postgres_enabled" + when: "not matrix_postgres_enabled|bool" - name: Fail if playbook called incorrectly fail: @@ -20,7 +20,7 @@ - name: Fail if provided Postgres dump file doesn't exists fail: msg: "File cannot be found on the server at {{ server_path_postgres_dump }}" - when: not result_server_path_postgres_dump_stat.stat.exists + when: "not result_server_path_postgres_dump_stat.stat.exists" # Defaults @@ -54,7 +54,7 @@ - name: Abort, if no existing Postgres version detected fail: msg: "Could not find existing Postgres installation" - when: "not matrix_postgres_detected_existing" + when: "not matrix_postgres_detected_existing|bool" - name: Generate Postgres database import command set_fact: diff --git a/roles/matrix-postgres/tasks/import_sqlite_db.yml b/roles/matrix-postgres/tasks/import_sqlite_db.yml index d5fc832f..5953557b 100644 --- a/roles/matrix-postgres/tasks/import_sqlite_db.yml +++ b/roles/matrix-postgres/tasks/import_sqlite_db.yml @@ -5,7 +5,7 @@ - name: Fail if Postgres not enabled fail: msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot import." - when: "not matrix_postgres_enabled" + when: "not matrix_postgres_enabled|bool" - name: Fail if playbook called incorrectly fail: @@ -20,7 +20,7 @@ - name: Fail if provided SQLite homeserver.db file doesn't exist fail: msg: "File cannot be found on the server at {{ server_path_homeserver_db }}" - when: not result_server_path_homeserver_db_stat.stat.exists + when: "not result_server_path_homeserver_db_stat.stat.exists" # Defaults diff --git a/roles/matrix-postgres/tasks/init.yml b/roles/matrix-postgres/tasks/init.yml index a8544e0f..6b8e40ba 100644 --- a/roles/matrix-postgres/tasks/init.yml +++ b/roles/matrix-postgres/tasks/init.yml @@ -1,3 +1,3 @@ - set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-postgres'] }}" - when: matrix_postgres_enabled \ No newline at end of file + when: matrix_postgres_enabled|bool diff --git a/roles/matrix-postgres/tasks/main.yml b/roles/matrix-postgres/tasks/main.yml index 397924ee..ef9b770e 100644 --- a/roles/matrix-postgres/tasks/main.yml +++ b/roles/matrix-postgres/tasks/main.yml @@ -3,28 +3,28 @@ - always - import_tasks: "{{ role_path }}/tasks/validate_config.yml" - when: "run_setup and matrix_postgres_enabled" + when: "run_setup|bool and matrix_postgres_enabled|bool" tags: - setup-all - setup-postgres - import_tasks: "{{ role_path }}/tasks/setup_postgres.yml" - when: run_setup + when: run_setup|bool tags: - setup-all - setup-postgres - import_tasks: "{{ role_path }}/tasks/import_postgres.yml" - when: run_import_postgres + when: run_import_postgres|bool tags: - import-postgres - import_tasks: "{{ role_path }}/tasks/import_sqlite_db.yml" - when: run_import_sqlite_db + when: run_import_sqlite_db|bool tags: - import-sqlite-db - import_tasks: "{{ role_path }}/tasks/upgrade_postgres.yml" - when: run_upgrade_postgres + when: run_upgrade_postgres|bool tags: - upgrade-postgres diff --git a/roles/matrix-postgres/tasks/setup_postgres.yml b/roles/matrix-postgres/tasks/setup_postgres.yml index 659650db..3df4c6e0 100644 --- a/roles/matrix-postgres/tasks/setup_postgres.yml +++ b/roles/matrix-postgres/tasks/setup_postgres.yml @@ -5,10 +5,10 @@ # - import_tasks: "{{ role_path }}/tasks/migrate_postgres_data_directory.yml" - when: matrix_postgres_enabled + when: matrix_postgres_enabled|bool - import_tasks: "{{ role_path }}/tasks/util/detect_existing_postgres_version.yml" - when: matrix_postgres_enabled + when: matrix_postgres_enabled|bool # If we have found an existing version (installed from before), we use its corresponding Docker image. # If not, we install using the latest Postgres. @@ -16,18 +16,19 @@ # Upgrading is supposed to be performed separately and explicitly (see `upgrade_postgres.yml`). - set_fact: matrix_postgres_docker_image_to_use: "{{ matrix_postgres_docker_image_latest if matrix_postgres_detected_version_corresponding_docker_image == '' else matrix_postgres_detected_version_corresponding_docker_image }}" - when: matrix_postgres_enabled + when: matrix_postgres_enabled|bool - name: Warn if on an old version of Postgres debug: msg: "NOTE: Your setup is on an old Postgres version ({{ matrix_postgres_docker_image_to_use }}), while {{ matrix_postgres_docker_image_latest }} is supported. You can upgrade using --tags=upgrade-postgres" - when: "matrix_postgres_enabled and matrix_postgres_docker_image_to_use != matrix_postgres_docker_image_latest" + when: "matrix_postgres_enabled|bool and matrix_postgres_docker_image_to_use != matrix_postgres_docker_image_latest" # Even if we don't run the internal server, we still need this for running the CLI - name: Ensure postgres Docker image is pulled docker_image: name: "{{ matrix_postgres_docker_image_to_use }}" - when: matrix_postgres_enabled + source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" + when: matrix_postgres_enabled|bool # We always create these directories, even if an external Postgres is used, # because we store environment variable files there. @@ -41,7 +42,7 @@ with_items: - "{{ matrix_postgres_base_path }}" - "{{ matrix_postgres_data_path }}" - when: matrix_postgres_enabled + when: matrix_postgres_enabled|bool - name: Ensure Postgres environment variables file created template: @@ -51,21 +52,21 @@ with_items: - "env-postgres-psql" - "env-postgres-server" - when: matrix_postgres_enabled + when: matrix_postgres_enabled|bool - name: Ensure matrix-postgres-cli script created template: src: "{{ role_path }}/templates/usr-local-bin/matrix-postgres-cli.j2" dest: "/usr/local/bin/matrix-postgres-cli" mode: 0750 - when: matrix_postgres_enabled + when: matrix_postgres_enabled|bool - name: Ensure matrix-make-user-admin script created template: src: "{{ role_path }}/templates/usr-local-bin/matrix-make-user-admin.j2" dest: "/usr/local/bin/matrix-make-user-admin" mode: 0750 - when: matrix_postgres_enabled + when: matrix_postgres_enabled|bool # # Tasks related to setting up an internal postgres server @@ -77,12 +78,12 @@ dest: "/etc/systemd/system/matrix-postgres.service" mode: 0644 register: matrix_postgres_systemd_service_result - when: matrix_postgres_enabled + when: matrix_postgres_enabled|bool - name: Ensure systemd reloaded after matrix-postgres.service installation service: daemon_reload: yes - when: "matrix_postgres_enabled and matrix_postgres_systemd_service_result.changed" + when: "matrix_postgres_enabled|bool and matrix_postgres_systemd_service_result.changed" # # Tasks related to getting rid of the internal postgres server (if it was previously enabled) @@ -92,41 +93,41 @@ stat: path: "/etc/systemd/system/matrix-postgres.service" register: matrix_postgres_service_stat - when: "not matrix_postgres_enabled" + when: "not matrix_postgres_enabled|bool" - name: Ensure matrix-postgres is stopped service: name: matrix-postgres state: stopped daemon_reload: yes - when: "not matrix_postgres_enabled and matrix_postgres_service_stat.stat.exists" + when: "not matrix_postgres_enabled|bool and matrix_postgres_service_stat.stat.exists" - name: Ensure matrix-postgres.service doesn't exist file: path: "/etc/systemd/system/matrix-postgres.service" state: absent - when: "not matrix_postgres_enabled and matrix_postgres_service_stat.stat.exists" + when: "not matrix_postgres_enabled|bool and matrix_postgres_service_stat.stat.exists" - name: Ensure systemd reloaded after matrix-postgres.service removal service: daemon_reload: yes - when: "not matrix_postgres_enabled and matrix_postgres_service_stat.stat.exists" + when: "not matrix_postgres_enabled|bool and matrix_postgres_service_stat.stat.exists" - name: Check existence of matrix-postgres local data path stat: path: "{{ matrix_postgres_data_path }}" register: matrix_postgres_data_path_stat - when: "not matrix_postgres_enabled" + when: "not matrix_postgres_enabled|bool" # We just want to notify the user. Deleting data is too destructive. - name: Notify if matrix-postgres local data remains debug: msg: "Note: You are not using a local PostgreSQL database, but some old data remains from before in `{{ matrix_postgres_data_path }}`. Feel free to delete it." - when: "not matrix_postgres_enabled and matrix_postgres_data_path_stat.stat.exists" + when: "not matrix_postgres_enabled|bool and matrix_postgres_data_path_stat.stat.exists" - name: Ensure matrix-postgres-update-user-password-hash script created template: src: "{{ role_path }}/templates/usr-local-bin/matrix-postgres-update-user-password-hash.j2" dest: "/usr/local/bin/matrix-postgres-update-user-password-hash" mode: 0750 - when: matrix_postgres_enabled \ No newline at end of file + when: matrix_postgres_enabled|bool diff --git a/roles/matrix-postgres/tasks/upgrade_postgres.yml b/roles/matrix-postgres/tasks/upgrade_postgres.yml index c32634b9..64f3d64b 100644 --- a/roles/matrix-postgres/tasks/upgrade_postgres.yml +++ b/roles/matrix-postgres/tasks/upgrade_postgres.yml @@ -23,7 +23,7 @@ - name: Fail, if trying to upgrade external Postgres database fail: msg: "Your configuration indicates that you're not using Postgres from this role. There is nothing to upgrade." - when: "not matrix_postgres_enabled" + when: "not matrix_postgres_enabled|bool" - name: Check Postgres auto-upgrade backup data directory stat: @@ -40,7 +40,7 @@ - name: Abort, if no existing Postgres version detected fail: msg: "Could not find existing Postgres installation" - when: "not matrix_postgres_detected_existing" + when: "not matrix_postgres_detected_existing|bool" - name: Abort, if already at latest Postgres version fail: diff --git a/roles/matrix-postgres/tasks/util/detect_existing_postgres_version.yml b/roles/matrix-postgres/tasks/util/detect_existing_postgres_version.yml index a3fbe33e..52476353 100644 --- a/roles/matrix-postgres/tasks/util/detect_existing_postgres_version.yml +++ b/roles/matrix-postgres/tasks/util/detect_existing_postgres_version.yml @@ -23,12 +23,12 @@ slurp: src: "{{ matrix_postgres_detection_pg_version_path }}" register: result_pg_version - when: "matrix_postgres_detected_existing" + when: matrix_postgres_detected_existing|bool - name: Determine existing Postgres version (make sense of PG_VERSION file) set_fact: matrix_postgres_detected_version: "{{ result_pg_version['content']|b64decode|replace('\n', '') }}" - when: "matrix_postgres_detected_existing" + when: matrix_postgres_detected_existing|bool - name: Determine corresponding Docker image to detected version (assume default of latest) set_fact: @@ -43,4 +43,4 @@ - name: Determine corresponding Docker image to detected version (use 10.x, if detected) set_fact: matrix_postgres_detected_version_corresponding_docker_image: "{{ matrix_postgres_docker_image_v10 }}" - when: "matrix_postgres_detected_version == '10' or matrix_postgres_detected_version.startswith('10.')" \ No newline at end of file + when: "matrix_postgres_detected_version == '10' or matrix_postgres_detected_version.startswith('10.')" diff --git a/roles/matrix-riot-web/tasks/init.yml b/roles/matrix-riot-web/tasks/init.yml index 1fd0c7eb..52c096ee 100644 --- a/roles/matrix-riot-web/tasks/init.yml +++ b/roles/matrix-riot-web/tasks/init.yml @@ -1,3 +1,3 @@ - set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-riot-web'] }}" - when: matrix_riot_web_enabled \ No newline at end of file + when: matrix_riot_web_enabled|bool diff --git a/roles/matrix-riot-web/tasks/main.yml b/roles/matrix-riot-web/tasks/main.yml index a2fd2c8e..5792517e 100644 --- a/roles/matrix-riot-web/tasks/main.yml +++ b/roles/matrix-riot-web/tasks/main.yml @@ -3,13 +3,13 @@ - always - import_tasks: "{{ role_path }}/tasks/validate_config.yml" - when: "run_setup and matrix_riot_web_enabled" + when: "run_setup|bool and matrix_riot_web_enabled|bool" tags: - setup-all - setup-riot-web - import_tasks: "{{ role_path }}/tasks/setup_riot_web.yml" - when: run_setup + when: run_setup|bool tags: - setup-all - setup-riot-web @@ -17,6 +17,6 @@ - import_tasks: "{{ role_path }}/tasks/self_check_riot_web.yml" delegate_to: 127.0.0.1 become: false - when: "run_self_check and matrix_riot_web_enabled" + when: "run_self_check|bool and matrix_riot_web_enabled|bool" tags: - - self-check \ No newline at end of file + - self-check diff --git a/roles/matrix-riot-web/tasks/setup_riot_web.yml b/roles/matrix-riot-web/tasks/setup_riot_web.yml index 62eb750b..1d420177 100644 --- a/roles/matrix-riot-web/tasks/setup_riot_web.yml +++ b/roles/matrix-riot-web/tasks/setup_riot_web.yml @@ -11,12 +11,13 @@ mode: 0750 owner: "{{ matrix_user_username }}" group: "{{ matrix_user_username }}" - when: matrix_riot_web_enabled + when: matrix_riot_web_enabled|bool - name: Ensure riot-web Docker image is pulled docker_image: name: "{{ matrix_riot_web_docker_image }}" - when: matrix_riot_web_enabled + source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" + when: matrix_riot_web_enabled|bool - name: Ensure Matrix riot-web config files installed template: @@ -30,7 +31,7 @@ - {src: "{{ role_path }}/templates/nginx.conf.j2", name: "nginx.conf"} - {src: "{{ role_path }}/templates/welcome.html.j2", name: "welcome.html"} - {src: "{{ matrix_riot_web_embedded_pages_home_path }}", name: "home.html"} - when: "matrix_riot_web_enabled and item.src is not none" + when: "matrix_riot_web_enabled|bool and item.src is not none" - name: Ensure Matrix riot-web config files removed file: @@ -38,7 +39,7 @@ state: absent with_items: - {src: "{{ matrix_riot_web_embedded_pages_home_path }}", name: "home.html"} - when: "matrix_riot_web_enabled and item.src is none" + when: "matrix_riot_web_enabled|bool and item.src is none" - name: Ensure matrix-riot-web.service installed template: @@ -46,7 +47,7 @@ dest: "/etc/systemd/system/matrix-riot-web.service" mode: 0644 register: matrix_riot_web_systemd_service_result - when: matrix_riot_web_enabled + when: matrix_riot_web_enabled|bool - name: Ensure systemd reloaded after matrix-riot-web.service installation service: @@ -61,7 +62,7 @@ stat: path: "/etc/systemd/system/matrix-riot-web.service" register: matrix_riot_web_service_stat - when: "not matrix_riot_web_enabled" + when: "not matrix_riot_web_enabled|bool" - name: Ensure matrix-riot-web is stopped service: @@ -69,27 +70,27 @@ state: stopped daemon_reload: yes register: stopping_result - when: "not matrix_riot_web_enabled and matrix_riot_web_service_stat.stat.exists" + when: "not matrix_riot_web_enabled|bool and matrix_riot_web_service_stat.stat.exists" - name: Ensure matrix-riot-web.service doesn't exist file: path: "/etc/systemd/system/matrix-riot-web.service" state: absent - when: "not matrix_riot_web_enabled and matrix_riot_web_service_stat.stat.exists" + when: "not matrix_riot_web_enabled|bool and matrix_riot_web_service_stat.stat.exists" - name: Ensure systemd reloaded after matrix-riot-web.service removal service: daemon_reload: yes - when: "not matrix_riot_web_enabled and matrix_riot_web_service_stat.stat.exists" + when: "not matrix_riot_web_enabled|bool and matrix_riot_web_service_stat.stat.exists" - name: Ensure Matrix riot-web paths doesn't exist file: path: "{{ matrix_riot_web_data_path }}" state: absent - when: "not matrix_riot_web_enabled" + when: "not matrix_riot_web_enabled|bool" - name: Ensure riot-web Docker image doesn't exist docker_image: name: "{{ matrix_riot_web_docker_image }}" state: absent - when: "not matrix_riot_web_enabled" + when: "not matrix_riot_web_enabled|bool" diff --git a/roles/matrix-synapse/tasks/ext/ldap-auth/setup.yml b/roles/matrix-synapse/tasks/ext/ldap-auth/setup.yml index 8c87e8e5..f4290ac2 100644 --- a/roles/matrix-synapse/tasks/ext/ldap-auth/setup.yml +++ b/roles/matrix-synapse/tasks/ext/ldap-auth/setup.yml @@ -1,11 +1,10 @@ - set_fact: matrix_synapse_password_providers_enabled: true - when: "matrix_synapse_ext_password_provider_ldap_enabled" + when: matrix_synapse_ext_password_provider_ldap_enabled|bool - set_fact: matrix_synapse_additional_loggers: > {{ matrix_synapse_additional_loggers }} + {{ [{'name': 'ldap_auth_provider', 'level': 'INFO'}] }} - when: "matrix_synapse_ext_password_provider_ldap_enabled" - + when: matrix_synapse_ext_password_provider_ldap_enabled|bool diff --git a/roles/matrix-synapse/tasks/ext/rest-auth/setup.yml b/roles/matrix-synapse/tasks/ext/rest-auth/setup.yml index 31efa5f2..0270784a 100644 --- a/roles/matrix-synapse/tasks/ext/rest-auth/setup.yml +++ b/roles/matrix-synapse/tasks/ext/rest-auth/setup.yml @@ -1,7 +1,7 @@ --- - import_tasks: "{{ role_path }}/tasks/ext/rest-auth/setup_install.yml" - when: matrix_synapse_ext_password_provider_rest_auth_enabled + when: matrix_synapse_ext_password_provider_rest_auth_enabled|bool - import_tasks: "{{ role_path }}/tasks/ext/rest-auth/setup_uninstall.yml" - when: "not matrix_synapse_ext_password_provider_rest_auth_enabled" + when: "not matrix_synapse_ext_password_provider_rest_auth_enabled|bool" diff --git a/roles/matrix-synapse/tasks/ext/shared-secret-auth/setup.yml b/roles/matrix-synapse/tasks/ext/shared-secret-auth/setup.yml index ac443410..ed8d0197 100644 --- a/roles/matrix-synapse/tasks/ext/shared-secret-auth/setup.yml +++ b/roles/matrix-synapse/tasks/ext/shared-secret-auth/setup.yml @@ -1,7 +1,7 @@ --- - import_tasks: "{{ role_path }}/tasks/ext/shared-secret-auth/setup_install.yml" - when: matrix_synapse_ext_password_provider_shared_secret_auth_enabled + when: matrix_synapse_ext_password_provider_shared_secret_auth_enabled|bool - import_tasks: "{{ role_path }}/tasks/ext/shared-secret-auth/setup_uninstall.yml" - when: "not matrix_synapse_ext_password_provider_shared_secret_auth_enabled" + when: "not matrix_synapse_ext_password_provider_shared_secret_auth_enabled|bool" diff --git a/roles/matrix-synapse/tasks/goofys/setup.yml b/roles/matrix-synapse/tasks/goofys/setup.yml index 56a792f0..6370408d 100644 --- a/roles/matrix-synapse/tasks/goofys/setup.yml +++ b/roles/matrix-synapse/tasks/goofys/setup.yml @@ -1,7 +1,7 @@ --- - import_tasks: "{{ role_path }}/tasks/goofys/setup_install.yml" - when: matrix_s3_media_store_enabled + when: matrix_s3_media_store_enabled|bool - import_tasks: "{{ role_path }}/tasks/goofys/setup_uninstall.yml" - when: "not matrix_s3_media_store_enabled" + when: "not matrix_s3_media_store_enabled|bool" diff --git a/roles/matrix-synapse/tasks/goofys/setup_install.yml b/roles/matrix-synapse/tasks/goofys/setup_install.yml index 86d228b0..0a73d45e 100644 --- a/roles/matrix-synapse/tasks/goofys/setup_install.yml +++ b/roles/matrix-synapse/tasks/goofys/setup_install.yml @@ -1,6 +1,7 @@ - name: Ensure Goofys Docker image is pulled docker_image: name: "{{ matrix_s3_goofys_docker_image }}" + source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" # This will throw a Permission Denied error if already mounted - name: Check Matrix Goofys external storage mountpoint path diff --git a/roles/matrix-synapse/tasks/import_media_store.yml b/roles/matrix-synapse/tasks/import_media_store.yml index 8d964715..db68f22d 100644 --- a/roles/matrix-synapse/tasks/import_media_store.yml +++ b/roles/matrix-synapse/tasks/import_media_store.yml @@ -10,7 +10,7 @@ - name: Fail if media store is on Amazon S3 fail: msg: "Your media store is on Amazon S3. Due to technical limitations, restoring is not supported." - when: "matrix_s3_media_store_enabled" + when: matrix_s3_media_store_enabled|bool - name: Check if the provided media store directory exists stat: @@ -68,7 +68,7 @@ owner: "{{ matrix_user_username }}" group: "{{ matrix_user_username }}" recurse: yes - when: "not matrix_s3_media_store_enabled" + when: "not matrix_s3_media_store_enabled|bool" # We don't chown for Goofys, because due to the way it's mounted, # all files become owned by whoever needs to own them. @@ -78,6 +78,6 @@ name: "{{ item }}" state: started daemon_reload: yes - when: stopping_result.changed + when: "stopping_result.changed" with_items: - matrix-synapse diff --git a/roles/matrix-synapse/tasks/init.yml b/roles/matrix-synapse/tasks/init.yml index d8ff42a1..d5f64862 100644 --- a/roles/matrix-synapse/tasks/init.yml +++ b/roles/matrix-synapse/tasks/init.yml @@ -1,7 +1,7 @@ - set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-synapse'] }}" - when: matrix_synapse_enabled + when: matrix_synapse_enabled|bool - set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-goofys'] }}" - when: matrix_s3_media_store_enabled + when: matrix_s3_media_store_enabled|bool diff --git a/roles/matrix-synapse/tasks/main.yml b/roles/matrix-synapse/tasks/main.yml index f51b2416..57bf8b7c 100644 --- a/roles/matrix-synapse/tasks/main.yml +++ b/roles/matrix-synapse/tasks/main.yml @@ -3,43 +3,43 @@ - always - import_tasks: "{{ role_path }}/tasks/validate_config.yml" - when: run_setup + when: run_setup|bool tags: - setup-all - setup-synapse - import_tasks: "{{ role_path }}/tasks/setup_synapse.yml" - when: run_setup + when: run_setup|bool tags: - setup-all - setup-synapse - import_tasks: "{{ role_path }}/tasks/import_media_store.yml" - when: run_import_media_store + when: run_import_media_store|bool tags: - import-media-store - import_tasks: "{{ role_path }}/tasks/register_user.yml" - when: run_register_user + when: run_register_user|bool tags: - register-user - import_tasks: "{{ role_path }}/tasks/self_check_client_api.yml" delegate_to: 127.0.0.1 become: false - when: run_self_check + when: run_self_check|bool tags: - self-check - import_tasks: "{{ role_path }}/tasks/self_check_federation_api.yml" delegate_to: 127.0.0.1 become: false - when: run_self_check + when: run_self_check|bool tags: - self-check - import_tasks: "{{ role_path }}/tasks/update_user_password.yml" - when: run_update_user_password + when: run_update_user_password|bool tags: - update-user-password diff --git a/roles/matrix-synapse/tasks/register_user.yml b/roles/matrix-synapse/tasks/register_user.yml index c476adfe..5f0cd9ff 100644 --- a/roles/matrix-synapse/tasks/register_user.yml +++ b/roles/matrix-synapse/tasks/register_user.yml @@ -25,7 +25,7 @@ - name: Wait a while, so that Synapse can manage to start pause: seconds: 7 - when: start_result.changed + when: "start_result.changed" - name: Register user shell: "/usr/local/bin/matrix-synapse-register-user {{ username }} {{ password }} {{ '1' if admin == 'yes' else '0' }}" diff --git a/roles/matrix-synapse/tasks/self_check_client_api.yml b/roles/matrix-synapse/tasks/self_check_client_api.yml index 2fdc3e06..50d0f4ef 100644 --- a/roles/matrix-synapse/tasks/self_check_client_api.yml +++ b/roles/matrix-synapse/tasks/self_check_client_api.yml @@ -7,14 +7,14 @@ validate_certs: "{{ matrix_synapse_self_check_validate_certificates }}" register: result_matrix_synapse_client_api ignore_errors: true - when: matrix_synapse_enabled + when: matrix_synapse_enabled|bool - name: Fail if Matrix Client API not working fail: msg: "Failed checking Matrix Client API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_client_api_url_endpoint_public }}`). Is Synapse running? Is port 443 open in your firewall? Full error: {{ result_matrix_synapse_client_api }}" - when: "matrix_synapse_enabled and (result_matrix_synapse_client_api.failed or 'json' not in result_matrix_synapse_client_api)" + when: "matrix_synapse_enabled|bool and (result_matrix_synapse_client_api.failed or 'json' not in result_matrix_synapse_client_api)" - name: Report working Matrix Client API debug: msg: "The Matrix Client API at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_client_api_url_endpoint_public }}`) is working" - when: matrix_synapse_enabled + when: matrix_synapse_enabled|bool diff --git a/roles/matrix-synapse/tasks/self_check_federation_api.yml b/roles/matrix-synapse/tasks/self_check_federation_api.yml index 034d91ae..b584cb35 100644 --- a/roles/matrix-synapse/tasks/self_check_federation_api.yml +++ b/roles/matrix-synapse/tasks/self_check_federation_api.yml @@ -7,19 +7,19 @@ validate_certs: "{{ matrix_synapse_self_check_validate_certificates }}" register: result_matrix_synapse_federation_api ignore_errors: true - when: matrix_synapse_enabled + when: matrix_synapse_enabled|bool - name: Fail if Matrix Federation API not working fail: msg: "Failed checking Matrix Federation API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`). Is Synapse running? Is port 8448 open in your firewall? Full error: {{ result_matrix_synapse_federation_api }}" - when: "matrix_synapse_enabled and matrix_synapse_federation_enabled and (result_matrix_synapse_federation_api.failed or 'json' not in result_matrix_synapse_federation_api)" + when: "matrix_synapse_enabled|bool and matrix_synapse_federation_enabled|bool and (result_matrix_synapse_federation_api.failed or 'json' not in result_matrix_synapse_federation_api)" - name: Fail if Matrix Federation API unexpectedly enabled fail: msg: "Matrix Federation API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`) despite being disabled." - when: "matrix_synapse_enabled and not matrix_synapse_federation_enabled and not result_matrix_synapse_federation_api.failed" + when: "matrix_synapse_enabled|bool and not matrix_synapse_federation_enabled|bool and not result_matrix_synapse_federation_api.failed" - name: Report working Matrix Federation API debug: msg: "The Matrix Federation API at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`) is working" - when: "matrix_synapse_enabled and matrix_synapse_federation_enabled" + when: "matrix_synapse_enabled|bool and matrix_synapse_federation_enabled|bool" diff --git a/roles/matrix-synapse/tasks/setup_synapse.yml b/roles/matrix-synapse/tasks/setup_synapse.yml index 754ab1d9..60b02d55 100644 --- a/roles/matrix-synapse/tasks/setup_synapse.yml +++ b/roles/matrix-synapse/tasks/setup_synapse.yml @@ -18,7 +18,7 @@ # We handle matrix_synapse_media_store_path elsewhere (in ./synapse/setup_install.yml), # because if it's using Goofys and it's already mounted (from before), # trying to chown/chmod it here will cause trouble. - when: "matrix_synapse_enabled or matrix_s3_media_store_enabled" + when: "matrix_synapse_enabled|bool or matrix_s3_media_store_enabled|bool" - import_tasks: "{{ role_path }}/tasks/ext/setup.yml" diff --git a/roles/matrix-synapse/tasks/synapse/setup.yml b/roles/matrix-synapse/tasks/synapse/setup.yml index 227369a8..b5d27c36 100644 --- a/roles/matrix-synapse/tasks/synapse/setup.yml +++ b/roles/matrix-synapse/tasks/synapse/setup.yml @@ -1,7 +1,7 @@ --- - import_tasks: "{{ role_path }}/tasks/synapse/setup_install.yml" - when: matrix_synapse_enabled + when: matrix_synapse_enabled|bool - import_tasks: "{{ role_path }}/tasks/synapse/setup_uninstall.yml" - when: "not matrix_synapse_enabled" + when: "not matrix_synapse_enabled|bool" diff --git a/roles/matrix-synapse/tasks/synapse/setup_install.yml b/roles/matrix-synapse/tasks/synapse/setup_install.yml index 6e56b659..56747c1d 100644 --- a/roles/matrix-synapse/tasks/synapse/setup_install.yml +++ b/roles/matrix-synapse/tasks/synapse/setup_install.yml @@ -21,6 +21,7 @@ - name: Ensure Synapse Docker image is pulled docker_image: name: "{{ matrix_synapse_docker_image }}" + source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" - name: Check if a Synapse signing key exists stat: @@ -71,11 +72,10 @@ - name: Ensure systemd reloaded after matrix-synapse.service installation service: daemon_reload: yes - when: matrix_synapse_systemd_service_result.changed + when: "matrix_synapse_systemd_service_result.changed" - name: Ensure matrix-synapse-register-user script created template: src: "{{ role_path }}/templates/synapse/usr-local-bin/matrix-synapse-register-user.j2" dest: "/usr/local/bin/matrix-synapse-register-user" mode: 0750 - diff --git a/roles/matrix-synapse/tasks/update_user_password.yml b/roles/matrix-synapse/tasks/update_user_password.yml index d28adfb4..e3bc97b7 100644 --- a/roles/matrix-synapse/tasks/update_user_password.yml +++ b/roles/matrix-synapse/tasks/update_user_password.yml @@ -13,7 +13,7 @@ - name: Fail if not using matrix-postgres container fail: msg: "This command is working only when matrix-postgres container is being used" - when: "not matrix_postgres_enabled" + when: "not matrix_postgres_enabled|bool" - name: Ensure matrix-synapse is started service: @@ -33,12 +33,12 @@ - name: Wait a while, so that Matrix Synapse can manage to start pause: seconds: 7 - when: start_result.changed + when: "start_result.changed" - name: Wait a while, so that Matrix Postgres can manage to start pause: seconds: 7 - when: postgres_start_result.changed + when: "postgres_start_result.changed" - name: Generate password hash shell: "/usr/bin/docker exec matrix-synapse /usr/local/bin/hash_password -c /data/homeserver.yaml -p {{ password }}" diff --git a/setup.yml b/setup.yml index ecb211e3..341840a2 100755 --- a/setup.yml +++ b/setup.yml @@ -1,6 +1,6 @@ --- - name: "Set up a Matrix server" - hosts: "{{ target if target is defined else 'matrix-servers' }}" + hosts: "{{ target if target is defined else 'matrix_servers' }}" become: true roles: