Merge branch 'master' into pub.solar

This commit is contained in:
teutat3s 2022-02-09 17:23:27 +01:00
commit 5816d61793
Signed by: teutat3s
GPG key ID: 18DAE600A6BBE705
436 changed files with 2470 additions and 1375 deletions

1
.github/FUNDING.yml vendored
View file

@ -1,3 +1,4 @@
---
# These are supported funding model platforms # These are supported funding model platforms
# https://liberapay.com/s.pantaleev/ # https://liberapay.com/s.pantaleev/

7
.github/dependabot.yaml vendored Normal file
View file

@ -0,0 +1,7 @@
---
version: 2
updates:
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: daily

16
.github/workflows/matrix.yml vendored Normal file
View file

@ -0,0 +1,16 @@
---
name: Matrix CI
on: # yamllint disable-line rule:truthy
push:
pull_request:
jobs:
yamllint:
name: 🧹 yamllint
runs-on: ubuntu-latest
steps:
- name: ⤵️ Check out configuration from GitHub
uses: actions/checkout@v2.4.0
- name: 🚀 Run yamllint
uses: frenck/action-yamllint@v1.1.2

8
.yamllint Normal file
View file

@ -0,0 +1,8 @@
---
extends: default
ignore: |
roles/matrix-synapse/vars/workers.yml
rules:
line-length: disable

View file

@ -1,3 +1,18 @@
# 2022-02-01
## matrix-hookshot bridging support
Thanks to [HarHarLinks](https://github.com/HarHarLinks), the playbook can now install the [matrix-hookshot](https://github.com/Half-Shot/matrix-hookshot) bridge for bridging Matrix to multiple project management services, such as GitHub, GitLab and JIRA.
See our [Setting up matrix-hookshot](docs/configuring-playbook-bridge-hookshot.md) documentation to get started.
# 2022-01-31
## ARM support for matrix-corporal
[matrix-corporal](https://github.com/devture/matrix-corporal) (as of version `2.2.3`) is now published to Docker Hub (see [devture/matrix-corporal](https://hub.docker.com/r/devture/matrix-corporal)) as a multi-arch container image with support for all these platforms: `linux/amd64`, `linux/arm64/v8` and `linux/arm/v7`. The playbook no longer resorts to self-building matrix-corporal on these ARM architectures.
# 2022-01-07 # 2022-01-07
## Dendrite support ## Dendrite support

View file

@ -73,6 +73,8 @@ Using this playbook, you can get the following services configured on your serve
- (optional) the [matrix-appservice-webhooks](https://github.com/turt2live/matrix-appservice-webhooks) bridge for slack compatible webhooks ([ConcourseCI](https://concourse-ci.org/), [Slack](https://slack.com/) etc. pp.) - (optional) the [matrix-appservice-webhooks](https://github.com/turt2live/matrix-appservice-webhooks) bridge for slack compatible webhooks ([ConcourseCI](https://concourse-ci.org/), [Slack](https://slack.com/) etc. pp.)
- (optional) the [matrix-hookshot](https://github.com/Half-Shot/matrix-hookshot) bridge for bridging Matrix to generic webhooks and multiple project management services, such as GitHub, GitLab, Figma, and Jira in particular
- (optional) the [matrix-sms-bridge](https://github.com/benkuly/matrix-sms-bridge) for bridging your Matrix server to SMS - see [docs/configuring-playbook-bridge-matrix-bridge-sms.md](docs/configuring-playbook-bridge-matrix-bridge-sms.md) for setup documentation - (optional) the [matrix-sms-bridge](https://github.com/benkuly/matrix-sms-bridge) for bridging your Matrix server to SMS - see [docs/configuring-playbook-bridge-matrix-bridge-sms.md](docs/configuring-playbook-bridge-matrix-bridge-sms.md) for setup documentation
- (optional) the [Heisenbridge](https://github.com/hifi/heisenbridge) for bridging your Matrix server to IRC bouncer-style - see [docs/configuring-playbook-bridge-heisenbridge.md](docs/configuring-playbook-bridge-heisenbridge.md) for setup documentation - (optional) the [Heisenbridge](https://github.com/hifi/heisenbridge) for bridging your Matrix server to IRC bouncer-style - see [docs/configuring-playbook-bridge-heisenbridge.md](docs/configuring-playbook-bridge-heisenbridge.md) for setup documentation

View file

@ -1,4 +1,4 @@
--- ---
collections: collections:
- name: community.general - name: community.general
- name: community.docker - name: community.docker

View file

@ -54,6 +54,6 @@ You can also add the bot to any existing Matrix room (`/invite @bot.matrix-remin
Basic usage is like this: `!remindme in 2 minutes; This is a test` Basic usage is like this: `!remindme in 2 minutes; This is a test`
Send `!help commands` to the room to see the bot's help menu for additional commands. Send `!help reminders` to the room to see the bot's help menu for additional commands.
You can also refer to the upstream [Usage documentation](https://github.com/anoadragon453/matrix-reminder-bot#usage). You can also refer to the upstream [Usage documentation](https://github.com/anoadragon453/matrix-reminder-bot#usage).

View file

@ -2,6 +2,8 @@
The playbook can install and configure [matrix-appservice-webhooks](https://github.com/turt2live/matrix-appservice-webhooks) for you. The playbook can install and configure [matrix-appservice-webhooks](https://github.com/turt2live/matrix-appservice-webhooks) for you.
Note: This bridge is no longer maintained. While not a 1:1 replacement, the bridge's author suggests taking a look at [matrix-hookshot](https://github.com/Half-Shot/matrix-hookshot) as a replacement, which can also be installed using [this playbook](configuring-playbook-bridge-hookshot.md).
This bridge provides support for Slack-compatible webhooks. This bridge provides support for Slack-compatible webhooks.
Setup Instructions: Setup Instructions:

View file

@ -0,0 +1,47 @@
# Setting up Hookshot (optional)
The playbook can install and configure [matrix-hookshot](https://github.com/Half-Shot/matrix-hookshot) for you.
Hookshot can bridge [Webhooks](https://en.wikipedia.org/wiki/Webhook) from software project management services such as GitHub, GitLab, JIRA, and Figma, as well as generic webhooks.
See the project's [documentation](https://half-shot.github.io/matrix-hookshot/hookshot.html) to learn what it does in detail and why it might be useful to you.
Note: the playbook also supports [matrix-appservice-webhooks](configuring-playbook-bridge-appservice-webhooks.md), which however is soon to be archived by its author and to be replaced by hookshot.
## Setup Instructions
Refer to the [official instructions](https://half-shot.github.io/matrix-hookshot/setup.html) to learn what the individual options do.
1. For each of the services (GitHub, GitLab, Jira, Figma, generic webhooks) fill in the respective variables `matrix_hookshot_service_*` listed in [main.yml](/roles/matrix-bridge-hookshot/defaults/main.yml) as required.
2. Take special note of the `matrix_hookshot_*_enabled` variables. Services that need no further configuration are enabled by default (GitLab, Generic), while you must first add the required configuration and enable the others (GitHub, Jira, Figma).
3. If you're setting up the GitHub bridge, you'll need to generate and download a private key file after you created your GitHub app. Copy the contents of that file to the variable `matrix_hookshot_github_private_key` so the playbook can install it for you, or use one of the [other methods](#manage-github-private-key-with-matrix-aux-role) explained below.
4. If you've already installed Matrix services using the playbook before, you'll need to re-run it (`--tags=setup-all,start`). If not, proceed with [configuring other playbook services](configuring-playbook.md) and then with [Installing](installing.md). Get back to this guide once ready. Hookshot can be set up individually using the tag `setup-hookshot`.
5. Refer to [Hookshot's official instructions](https://half-shot.github.io/matrix-hookshot/usage.html) to start using the bridge. Note that the different listeners are bound to certain paths (see `matrix_hookshot_matrix_nginx_proxy_configuration` in [init.yml](/roles/matrix-bridge-hookshot/tasks/init.yml)): by default webhooks root is `/hookshot/webhooks/`.
Other configuration options are available via the `matrix_hookshot_configuration_extension_yaml` and `matrix_hookshot_registration_extension_yaml` variables, see the comments in [main.yml](/roles/matrix-bridge-hookshot/defaults/main.yml) for how to use them.
### Manage GitHub Private Key with matrix-aux role
The GitHub bridge requires you to install a private key file. This can be done in multiple ways:
- copy the *contents* of the downloaded file and set the variable `matrix_hookshot_github_private_key` to the contents (see example in [main.yml](/roles/matrix-bridge-hookshot/defaults/main.yml)).
- somehow copy the file to the path `{{ matrix_hookshot_base_path }}/{{ matrix_hookshot_github_private_key_file }}` (default: `/matrix/hookshot/private-key.pem`) on the server manually.
- use the `matrix-aux` role to copy the file from an arbitrary path on your ansible client to the correct path on the server.
To use `matrix-aux`, make sure the `matrix_hookshot_github_private_key` variable is empty. Then add to `matrix-aux` configuration like this:
```yaml
matrix_aux_file_definitions:
- dest: "{{ matrix_hookshot_base_path }}/{{ matrix_hookshot_github_private_key_file }}"
content: "{{ lookup('file', '/path/to/your-github-private-key.pem') }}"
mode: '0400'
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
```
For more info see the documentation in the [matrix-aux base configuration file](/roles/matrix-aux/defaults/main.yml).
### Provisioning API
The provisioning API will be enabled automatically if you set `matrix_dimension_enabled: true` and provided a `matrix_hookshot_provisioning_secret`, unless you override it either way. To use hookshot with dimension, you will need to enter as "Provisioning URL": `http://matrix-hookshot:9002`, which is made up of the variables `matrix_hookshot_container_url` and `matrix_hookshot_provisioning_port`.
### Metrics
If metrics are enabled, they will be automatically available in the builtin Prometheus and Grafana, but you need to set up your own Dashboard for now. If additionally metrics proxying for use with external Prometheus is enabled (`matrix_nginx_proxy_proxy_synapse_metrics`), hookshot metrics will also be available (at `matrix_hookshot_metrics_endpoint`, default `/hookshot/metrics`, on the stats subdomain) and with the same password. See also [the Prometheus and Grafana docs](../configuring-playbook-prometheus-grafana.md).

View file

@ -117,6 +117,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins
- [Setting up Appservice Webhooks bridging](configuring-playbook-bridge-appservice-webhooks.md) (optional) - [Setting up Appservice Webhooks bridging](configuring-playbook-bridge-appservice-webhooks.md) (optional)
- [Setting up matrix-hookshot](configuring-playbook-bridge-hookshot.md) - a bridge between Matrix and multiple project management services, such as [GitHub](https://github.com), [GitLab](https://about.gitlab.com) and [JIRA](https://www.atlassian.com/software/jira). (optional)
- [Setting up MX Puppet Skype bridging](configuring-playbook-bridge-mx-puppet-skype.md) (optional) - [Setting up MX Puppet Skype bridging](configuring-playbook-bridge-mx-puppet-skype.md) (optional)
- [Setting up MX Puppet Slack bridging](configuring-playbook-bridge-mx-puppet-slack.md) (optional) - [Setting up MX Puppet Slack bridging](configuring-playbook-bridge-mx-puppet-slack.md) (optional)

View file

@ -1,7 +1,8 @@
---
version: '3' version: '3'
services: services:
nginx: nginx:
image: local/nginx image: local/nginx
ports: ports:
- 40888:80 - 40888:80
volumes: volumes:

View file

@ -1,3 +1,4 @@
---
# The bare domain name which represents your Matrix identity. # The bare domain name which represents your Matrix identity.
# Matrix user ids for your server will be of the form (`@user:<matrix-domain>`). # Matrix user ids for your server will be of the form (`@user:<matrix-domain>`).
# #

View file

@ -662,6 +662,45 @@ matrix_heisenbridge_systemd_wanted_services_list: |
# #
###################################################################### ######################################################################
######################################################################
#
# matrix-bridge-hookshot
#
######################################################################
# We don't enable bridges by default.
matrix_hookshot_enabled: false
matrix_hookshot_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'hookshot.as.tok') | to_uuid }}"
matrix_hookshot_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'hookshot.hs.tok') | to_uuid }}"
matrix_hookshot_systemd_wanted_services_list: |
{{
(['matrix-' + matrix_homeserver_implementation + '.service'])
+
(['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else [])
}}
matrix_hookshot_container_http_host_bind_ports_defaultmapping:
- "127.0.0.1:{{ matrix_hookshot_appservice_port }}:{{ matrix_hookshot_appservice_port }}"
- "127.0.0.1:{{ matrix_hookshot_metrics_port }}:{{ matrix_hookshot_metrics_port }}"
- "127.0.0.1:{{ matrix_hookshot_webhook_port }}:{{ matrix_hookshot_webhook_port }}"
- "127.0.0.1:{{ matrix_hookshot_provisioning_port }}:{{ matrix_hookshot_provisioning_port }}"
matrix_hookshot_container_http_host_bind_ports: "{{ [] if matrix_nginx_proxy_enabled else matrix_hookshot_container_http_host_bind_ports_defaultmapping }}"
matrix_hookshot_provisioning_enabled: "{{ matrix_hookshot_provisioning_secret and matrix_dimension_enabled }}"
matrix_hookshot_proxy_metrics: "{{ matrix_nginx_proxy_proxy_synapse_metrics }}"
matrix_hookshot_proxy_metrics_basic_auth_enabled: "{{ matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_enabled }}"
######################################################################
#
# /matrix-bridge-hookshot
#
######################################################################
###################################################################### ######################################################################
# #
# matrix-bridge-mx-puppet-skype # matrix-bridge-mx-puppet-skype
@ -1089,8 +1128,6 @@ matrix_corporal_matrix_registration_shared_secret: "{{ matrix_synapse_registrati
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-coturn # matrix-coturn
@ -1125,8 +1162,6 @@ matrix_coturn_container_additional_volumes: |
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-dimension # matrix-dimension
@ -1204,8 +1239,6 @@ matrix_dynamic_dns_enabled: false
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-email2matrix # matrix-email2matrix
@ -1214,7 +1247,7 @@ matrix_dynamic_dns_enabled: false
matrix_email2matrix_enabled: false matrix_email2matrix_enabled: false
matrix_email2matrix_container_image_self_build: "{{ matrix_architecture != 'amd64' }}" matrix_email2matrix_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm32', 'arm64'] }}"
###################################################################### ######################################################################
# #
@ -1222,8 +1255,6 @@ matrix_email2matrix_container_image_self_build: "{{ matrix_architecture != 'amd6
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-jitsi # matrix-jitsi
@ -1268,8 +1299,6 @@ matrix_jitsi_etherpad_base: "{{ matrix_etherpad_base_url if matrix_etherpad_enab
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-mailer # matrix-mailer
@ -1281,7 +1310,7 @@ matrix_jitsi_etherpad_base: "{{ matrix_etherpad_base_url if matrix_etherpad_enab
# Other services (like ma1sd), also use the mailer. # Other services (like ma1sd), also use the mailer.
matrix_mailer_enabled: true matrix_mailer_enabled: true
matrix_mailer_container_image_self_build: "{{ matrix_architecture != 'amd64'}}" matrix_mailer_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm32', 'arm64'] }}"
###################################################################### ######################################################################
# #
@ -1289,8 +1318,6 @@ matrix_mailer_container_image_self_build: "{{ matrix_architecture != 'amd64'}}"
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-ma1sd # matrix-ma1sd
@ -1354,8 +1381,6 @@ matrix_ma1sd_database_password: "{{ '%s' | format(matrix_homeserver_generic_secr
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-nginx-proxy # matrix-nginx-proxy
@ -1484,6 +1509,8 @@ matrix_nginx_proxy_systemd_wanted_services_list: |
(['matrix-bot-go-neb.service'] if matrix_bot_go_neb_enabled else []) (['matrix-bot-go-neb.service'] if matrix_bot_go_neb_enabled else [])
+ +
(['matrix-etherpad.service'] if matrix_etherpad_enabled and matrix_dimension_enabled else []) (['matrix-etherpad.service'] if matrix_etherpad_enabled and matrix_dimension_enabled else [])
+
(['matrix-hookshot.service'] if matrix_hookshot_enabled else [])
}} }}
matrix_ssl_domains_to_obtain_certificates_for: | matrix_ssl_domains_to_obtain_certificates_for: |
@ -1529,8 +1556,6 @@ matrix_ssl_pre_obtaining_required_service_name: "{{ 'matrix-dynamic-dns' if matr
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-postgres # matrix-postgres
@ -1779,8 +1804,6 @@ matrix_postgres_import_databases_to_ignore: |
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-sygnal # matrix-sygnal
@ -1801,8 +1824,6 @@ matrix_sygnal_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_enable
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-redis # matrix-redis
@ -1817,8 +1838,6 @@ matrix_redis_enabled: "{{ matrix_synapse_workers_enabled }}"
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-client-element # matrix-client-element
@ -1866,8 +1885,6 @@ matrix_client_element_jitsi_preferredDomain: "{{ matrix_server_fqn_jitsi if matr
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-client-hydrogen # matrix-client-hydrogen
@ -1891,8 +1908,6 @@ matrix_client_hydrogen_self_check_validate_certificates: "{{ false if matrix_ssl
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-client-cinny # matrix-client-cinny
@ -1918,8 +1933,6 @@ matrix_client_cinny_self_check_validate_certificates: "{{ false if matrix_ssl_re
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-synapse # matrix-synapse
@ -2030,8 +2043,6 @@ matrix_synapse_redis_password: "{{ matrix_redis_connection_password if matrix_re
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-synapse-admin # matrix-synapse-admin
@ -2053,8 +2064,6 @@ matrix_synapse_admin_container_image_self_build: "{{ matrix_architecture != 'amd
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-prometheus-node-exporter # matrix-prometheus-node-exporter
@ -2069,8 +2078,6 @@ matrix_prometheus_node_exporter_enabled: false
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-prometheus # matrix-prometheus
@ -2095,6 +2102,8 @@ matrix_prometheus_scraper_node_targets: "{{ ['matrix-prometheus-node-exporter:91
matrix_prometheus_scraper_postgres_enabled: "{{ matrix_prometheus_postgres_exporter_enabled }}" matrix_prometheus_scraper_postgres_enabled: "{{ matrix_prometheus_postgres_exporter_enabled }}"
matrix_prometheus_scraper_postgres_targets: "{{ ['matrix-prometheus-postgres-exporter:'+ matrix_prometheus_postgres_exporter_port|string] if matrix_prometheus_scraper_postgres_enabled else [] }}" matrix_prometheus_scraper_postgres_targets: "{{ ['matrix-prometheus-postgres-exporter:'+ matrix_prometheus_postgres_exporter_port|string] if matrix_prometheus_scraper_postgres_enabled else [] }}"
matrix_prometheus_scraper_hookshot_enabled: "{{ matrix_hookshot_metrics_enabled }}"
matrix_prometheus_scraper_hookshot_targets: "{{ [matrix_hookshot_container_url|string +':'+ matrix_hookshot_metrics_port|string] if matrix_hookshot_metrics_enabled else [] }}"
###################################################################### ######################################################################
# #
@ -2102,7 +2111,6 @@ matrix_prometheus_scraper_postgres_targets: "{{ ['matrix-prometheus-postgres-exp
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-prometheus-postgres-exporter # matrix-prometheus-postgres-exporter
@ -2158,8 +2166,6 @@ matrix_grafana_systemd_wanted_services_list: |
# #
###################################################################### ######################################################################
###################################################################### ######################################################################
# #
# matrix-registration # matrix-registration

View file

@ -1,3 +1,5 @@
---
- import_tasks: "{{ role_path }}/tasks/setup.yml" - import_tasks: "{{ role_path }}/tasks/setup.yml"
when: run_stop|bool when: run_stop|bool
tags: tags:

View file

@ -1,3 +1,5 @@
---
matrix_awx_enabled: true matrix_awx_enabled: true
# Defaults for 'Customise Website + Access Export' template # Defaults for 'Customise Website + Access Export' template

View file

@ -1,3 +1,4 @@
---
- name: Record Backup Server variables locally on AWX - name: Record Backup Server variables locally on AWX
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
@ -38,18 +39,18 @@
credential: "{{ member_id }} - AWX SSH Key" credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/backup_server.json') }}" survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/backup_server.json') }}"
become_enabled: yes become_enabled: true
state: present state: present
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true
tags: use-survey tags: use-survey
- name: Include vars in matrix_vars.yml - name: Include vars in matrix_vars.yml
include_vars: include_vars:
file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml' file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
no_log: True no_log: true
- name: Copy new 'matrix_vars.yml' to target machine - name: Copy new 'matrix_vars.yml' to target machine
copy: copy:
@ -58,8 +59,8 @@
mode: '0660' mode: '0660'
tags: use-survey tags: use-survey
- name: Run initial backup of /matrix/ and snapshot the database simultaneously - name: Run initial backup of /matrix/ and snapshot the database simultaneously
command: "{{ item }}" command: "{{ item }}"
with_items: with_items:
- borgmatic -c /root/.config/borgmatic/config_1.yaml - borgmatic -c /root/.config/borgmatic/config_1.yaml
- /bin/sh /usr/local/bin/awx-export-service.sh 1 0 - /bin/sh /usr/local/bin/awx-export-service.sh 1 0

View file

@ -1,3 +1,4 @@
---
- name: Record Bridge Discord AppService variables locally on AWX - name: Record Bridge Discord AppService variables locally on AWX
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
@ -33,7 +34,7 @@
- name: Copy new 'Bridge Discord Appservice' survey.json to target machine - name: Copy new 'Bridge Discord Appservice' survey.json to target machine
copy: copy:
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/bridge_discord_appservice.json' src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/bridge_discord_appservice.json'
dest: '/matrix/awx/bridge_discord_appservice.json' dest: '/matrix/awx/bridge_discord_appservice.json'
mode: '0660' mode: '0660'
- name: Recreate 'Bridge Discord Appservice' job template - name: Recreate 'Bridge Discord Appservice' job template
@ -54,4 +55,4 @@
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true

View file

@ -1,3 +1,4 @@
---
- name: Collect current datetime - name: Collect current datetime
set_fact: set_fact:

View file

@ -1,3 +1,4 @@
---
- name: Create a AWX session token for executing modules - name: Create a AWX session token for executing modules
awx.awx.tower_token: awx.awx.tower_token:
@ -7,4 +8,4 @@
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_master_token }}" tower_oauthtoken: "{{ awx_master_token }}"
register: awx_session_token register: awx_session_token
no_log: True no_log: true

View file

@ -1,3 +1,4 @@
---
# #
# Create user and define if they are admin # Create user and define if they are admin
# #

View file

@ -48,7 +48,7 @@
- name: Reload vars in matrix_vars.yml - name: Reload vars in matrix_vars.yml
include_vars: include_vars:
file: '{{ awx_cached_matrix_vars }}' file: '{{ awx_cached_matrix_vars }}'
no_log: True no_log: true
- name: Save new 'Customise Website + Access Export' survey.json to the AWX tower, template - name: Save new 'Customise Website + Access Export' survey.json to the AWX tower, template
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
@ -60,7 +60,7 @@
- name: Copy new 'Customise Website + Access Export' survey.json to target machine - name: Copy new 'Customise Website + Access Export' survey.json to target machine
copy: copy:
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_website_access_export.json' src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_website_access_export.json'
dest: '/matrix/awx/configure_website_access_export.json' dest: '/matrix/awx/configure_website_access_export.json'
mode: '0660' mode: '0660'
when: awx_customise_base_domain_website is defined when: awx_customise_base_domain_website is defined
@ -74,7 +74,7 @@
- name: Copy new 'Customise Website + Access Export' survey.json to target machine - name: Copy new 'Customise Website + Access Export' survey.json to target machine
copy: copy:
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/access_export.json' src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/access_export.json'
dest: '/matrix/awx/access_export.json' dest: '/matrix/awx/access_export.json'
mode: '0660' mode: '0660'
when: awx_customise_base_domain_website is undefined when: awx_customise_base_domain_website is undefined
@ -92,12 +92,12 @@
credential: "{{ member_id }} - AWX SSH Key" credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_website_access_export.json') }}" survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_website_access_export.json') }}"
become_enabled: yes become_enabled: true
state: present state: present
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true
when: awx_customise_base_domain_website is defined when: awx_customise_base_domain_website is defined
- name: Recreate 'Access Export' job template - name: Recreate 'Access Export' job template
@ -114,12 +114,12 @@
credential: "{{ member_id }} - AWX SSH Key" credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/access_export.json') }}" survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/access_export.json') }}"
become_enabled: yes become_enabled: true
state: present state: present
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true
when: awx_customise_base_domain_website is undefined when: awx_customise_base_domain_website is undefined
- name: If user doesn't define a awx_sftp_password, create a disabled 'sftp' account - name: If user doesn't define a awx_sftp_password, create a disabled 'sftp' account
@ -153,7 +153,7 @@
user: user:
name: sftp name: sftp
groups: sftp groups: sftp
append: yes append: true
when: awx_customise_base_domain_website is defined when: awx_customise_base_domain_website is defined
- name: Create the ro /chroot directory with sticky bit if it doesn't exist. (/chroot/website has matrix:matrix permissions and is mounted to nginx container) - name: Create the ro /chroot directory with sticky bit if it doesn't exist. (/chroot/website has matrix:matrix permissions and is mounted to nginx container)
@ -208,7 +208,7 @@
group: sftp group: sftp
mode: '0644' mode: '0644'
when: (awx_sftp_public_key | length > 0) and (awx_sftp_auth_method == "SSH Key") when: (awx_sftp_public_key | length > 0) and (awx_sftp_auth_method == "SSH Key")
- name: Remove any existing Subsystem lines - name: Remove any existing Subsystem lines
lineinfile: lineinfile:
path: /etc/ssh/sshd_config path: /etc/ssh/sshd_config

View file

@ -1,7 +1,7 @@
--- ---
- name: Run export of /matrix/ and snapshot the database simultaneously - name: Run export of /matrix/ and snapshot the database simultaneously
command: "{{ item }}" command: "{{ item }}"
with_items: with_items:
- /bin/sh /usr/local/bin/awx-export-service.sh 1 0 - /bin/sh /usr/local/bin/awx-export-service.sh 1 0
- /bin/sh /usr/local/bin/awx-export-service.sh 0 1 - /bin/sh /usr/local/bin/awx-export-service.sh 0 1
@ -23,7 +23,7 @@
command: rm /chroot/export/matrix* command: rm /chroot/export/matrix*
count: 1 count: 1
units: days units: days
unique: yes unique: true
- name: Delete the AWX session token for executing modules - name: Delete the AWX session token for executing modules
awx.awx.tower_token: awx.awx.tower_token:

View file

@ -3,14 +3,14 @@
- name: Include vars in organisation.yml - name: Include vars in organisation.yml
include_vars: include_vars:
file: '/var/lib/awx/projects/clients/{{ member_id }}/organisation.yml' file: '/var/lib/awx/projects/clients/{{ member_id }}/organisation.yml'
no_log: True no_log: true
- name: Include vars in hosting_vars.yml - name: Include vars in hosting_vars.yml
include_vars: include_vars:
file: '/var/lib/awx/projects/hosting/hosting_vars.yml' file: '/var/lib/awx/projects/hosting/hosting_vars.yml'
no_log: True no_log: true
- name: Include AWX master token from awx_tokens.yml - name: Include AWX master token from awx_tokens.yml
include_vars: include_vars:
file: /var/lib/awx/projects/hosting/awx_tokens.yml file: /var/lib/awx/projects/hosting/awx_tokens.yml
no_log: True no_log: true

View file

@ -3,9 +3,9 @@
- name: Include new vars in matrix_vars.yml - name: Include new vars in matrix_vars.yml
include_vars: include_vars:
file: '{{ awx_cached_matrix_vars }}' file: '{{ awx_cached_matrix_vars }}'
no_log: True no_log: true
- name: If include_vars succeeds overwrite the old matrix_vars.yml - name: If include_vars succeeds overwrite the old matrix_vars.yml
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
shell: "cp {{ awx_cached_matrix_vars }} /var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml && rm {{ awx_cached_matrix_vars }}" shell: "cp {{ awx_cached_matrix_vars }} /var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml && rm {{ awx_cached_matrix_vars }}"

View file

@ -1,6 +1,6 @@
---
# Load initial hosting and organisation variables from AWX volume # Load initial hosting and organisation variables from AWX volume
- include_tasks: - include_tasks:
file: "load_hosting_and_org_variables.yml" file: "load_hosting_and_org_variables.yml"
apply: apply:
tags: always tags: always
@ -9,7 +9,7 @@
- always - always
# Renames or updates the vars.yml if needed # Renames or updates the vars.yml if needed
- include_tasks: - include_tasks:
file: "update_variables.yml" file: "update_variables.yml"
apply: apply:
tags: always tags: always
@ -18,7 +18,7 @@
- always - always
# Create AWX session token # Create AWX session token
- include_tasks: - include_tasks:
file: "create_session_token.yml" file: "create_session_token.yml"
apply: apply:
tags: always tags: always
@ -27,7 +27,7 @@
- always - always
# Perform a backup of the server # Perform a backup of the server
- include_tasks: - include_tasks:
file: "backup_server.yml" file: "backup_server.yml"
apply: apply:
tags: backup-server tags: backup-server
@ -36,7 +36,7 @@
- backup-server - backup-server
# Perform a export of the server # Perform a export of the server
- include_tasks: - include_tasks:
file: "export_server.yml" file: "export_server.yml"
apply: apply:
tags: export-server tags: export-server
@ -45,7 +45,7 @@
- export-server - export-server
# Create a user account if called # Create a user account if called
- include_tasks: - include_tasks:
file: "create_user.yml" file: "create_user.yml"
apply: apply:
tags: create-user tags: create-user
@ -54,7 +54,7 @@
- create-user - create-user
# Purge local/remote media if called # Purge local/remote media if called
- include_tasks: - include_tasks:
file: "purge_media_main.yml" file: "purge_media_main.yml"
apply: apply:
tags: purge-media tags: purge-media
@ -63,7 +63,7 @@
- purge-media - purge-media
# Purge Synapse database if called # Purge Synapse database if called
- include_tasks: - include_tasks:
file: "purge_database_main.yml" file: "purge_database_main.yml"
apply: apply:
tags: purge-database tags: purge-database
@ -72,7 +72,7 @@
- purge-database - purge-database
# Rotate SSH key if called # Rotate SSH key if called
- include_tasks: - include_tasks:
file: "rotate_ssh.yml" file: "rotate_ssh.yml"
apply: apply:
tags: rotate-ssh tags: rotate-ssh
@ -81,16 +81,16 @@
- rotate-ssh - rotate-ssh
# Import configs, media repo from /chroot/backup import # Import configs, media repo from /chroot/backup import
- include_tasks: - include_tasks:
file: "import_awx.yml" file: "import_awx.yml"
apply: apply:
tags: import-awx tags: import-awx
when: run_setup|bool and matrix_awx_enabled|bool when: run_setup|bool and matrix_awx_enabled|bool
tags: tags:
- import-awx - import-awx
# Perform extra self-check functions # Perform extra self-check functions
- include_tasks: - include_tasks:
file: "self_check.yml" file: "self_check.yml"
apply: apply:
tags: self-check tags: self-check
@ -99,7 +99,7 @@
- self-check - self-check
# Create cached matrix_vars.yml file # Create cached matrix_vars.yml file
- include_tasks: - include_tasks:
file: "cache_matrix_variables.yml" file: "cache_matrix_variables.yml"
apply: apply:
tags: always tags: always
@ -108,7 +108,7 @@
- always - always
# Configure SFTP so user can upload a static website or access the servers export # Configure SFTP so user can upload a static website or access the servers export
- include_tasks: - include_tasks:
file: "customise_website_access_export.yml" file: "customise_website_access_export.yml"
apply: apply:
tags: setup-nginx-proxy tags: setup-nginx-proxy
@ -117,7 +117,7 @@
- setup-nginx-proxy - setup-nginx-proxy
# Additional playbook to set the variable file during Element configuration # Additional playbook to set the variable file during Element configuration
- include_tasks: - include_tasks:
file: "set_variables_element.yml" file: "set_variables_element.yml"
apply: apply:
tags: setup-client-element tags: setup-client-element
@ -126,7 +126,7 @@
- setup-client-element - setup-client-element
# Additional playbook to set the variable file during Mailer configuration # Additional playbook to set the variable file during Mailer configuration
- include_tasks: - include_tasks:
file: "set_variables_mailer.yml" file: "set_variables_mailer.yml"
apply: apply:
tags: setup-mailer tags: setup-mailer
@ -135,7 +135,7 @@
- setup-mailer - setup-mailer
# Additional playbook to set the variable file during Element configuration # Additional playbook to set the variable file during Element configuration
- include_tasks: - include_tasks:
file: "set_variables_element_subdomain.yml" file: "set_variables_element_subdomain.yml"
apply: apply:
tags: setup-client-element-subdomain tags: setup-client-element-subdomain
@ -144,7 +144,7 @@
- setup-client-element-subdomain - setup-client-element-subdomain
# Additional playbook to set the variable file during Synapse configuration # Additional playbook to set the variable file during Synapse configuration
- include_tasks: - include_tasks:
file: "set_variables_synapse.yml" file: "set_variables_synapse.yml"
apply: apply:
tags: setup-synapse tags: setup-synapse
@ -153,7 +153,7 @@
- setup-synapse - setup-synapse
# Additional playbook to set the variable file during Jitsi configuration # Additional playbook to set the variable file during Jitsi configuration
- include_tasks: - include_tasks:
file: "set_variables_jitsi.yml" file: "set_variables_jitsi.yml"
apply: apply:
tags: setup-jitsi tags: setup-jitsi
@ -162,7 +162,7 @@
- setup-jitsi - setup-jitsi
# Additional playbook to set the variable file during Ma1sd configuration # Additional playbook to set the variable file during Ma1sd configuration
- include_tasks: - include_tasks:
file: "set_variables_ma1sd.yml" file: "set_variables_ma1sd.yml"
apply: apply:
tags: setup-ma1sd tags: setup-ma1sd
@ -171,7 +171,7 @@
- setup-ma1sd - setup-ma1sd
# Additional playbook to set the variable file during Corporal configuration # Additional playbook to set the variable file during Corporal configuration
- include_tasks: - include_tasks:
file: "set_variables_corporal.yml" file: "set_variables_corporal.yml"
apply: apply:
tags: setup-corporal tags: setup-corporal
@ -180,7 +180,7 @@
- setup-corporal - setup-corporal
# Additional playbook to set the variable file during Dimension configuration # Additional playbook to set the variable file during Dimension configuration
- include_tasks: - include_tasks:
file: "set_variables_dimension.yml" file: "set_variables_dimension.yml"
apply: apply:
tags: setup-dimension tags: setup-dimension
@ -189,7 +189,7 @@
- setup-dimension - setup-dimension
# Additional playbook to set the variable file during Synapse Admin configuration # Additional playbook to set the variable file during Synapse Admin configuration
- include_tasks: - include_tasks:
file: "set_variables_synapse_admin.yml" file: "set_variables_synapse_admin.yml"
apply: apply:
tags: setup-synapse-admin tags: setup-synapse-admin
@ -198,7 +198,7 @@
- setup-synapse-admin - setup-synapse-admin
# Additional playbook to set the variable file during Discord Appservice Bridge configuration # Additional playbook to set the variable file during Discord Appservice Bridge configuration
- include_tasks: - include_tasks:
file: "bridge_discord_appservice.yml" file: "bridge_discord_appservice.yml"
apply: apply:
tags: bridge-discord-appservice tags: bridge-discord-appservice
@ -207,7 +207,7 @@
- bridge-discord-appservice - bridge-discord-appservice
# Delete AWX session token # Delete AWX session token
- include_tasks: - include_tasks:
file: "delete_session_token.yml" file: "delete_session_token.yml"
apply: apply:
tags: always tags: always
@ -216,7 +216,7 @@
- always - always
# Load newly formed matrix variables from AWX volume # Load newly formed matrix variables from AWX volume
- include_tasks: - include_tasks:
file: "load_matrix_variables.yml" file: "load_matrix_variables.yml"
apply: apply:
tags: always tags: always

View file

@ -9,20 +9,20 @@
- name: Include vars in matrix_vars.yml - name: Include vars in matrix_vars.yml
include_vars: include_vars:
file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml' file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
no_log: True no_log: true
- name: Ensure curl and jq intalled on target machine - name: Ensure curl and jq intalled on target machine
apt: apt:
pkg: pkg:
- curl - curl
- jq - jq
state: present state: present
- name: Collect before shrink size of Synapse database - name: Collect before shrink size of Synapse database
shell: du -sh /matrix/postgres/data shell: du -sh /matrix/postgres/data
register: awx_db_size_before_stat register: awx_db_size_before_stat
when: (awx_purge_mode.find("Perform final shrink") != -1) when: (awx_purge_mode.find("Perform final shrink") != -1)
no_log: True no_log: true
- name: Collect the internal IP of the matrix-synapse container - name: Collect the internal IP of the matrix-synapse container
shell: "/usr/bin/docker inspect --format '{''{range.NetworkSettings.Networks}''}{''{.IPAddress}''}{''{end}''}' matrix-synapse" shell: "/usr/bin/docker inspect --format '{''{range.NetworkSettings.Networks}''}{''{.IPAddress}''}{''{end}''}' matrix-synapse"
@ -34,7 +34,7 @@
curl -X POST -d '{"type":"m.login.password", "user":"admin-janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_matrix/client/r0/login" | jq '.access_token' curl -X POST -d '{"type":"m.login.password", "user":"admin-janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_matrix/client/r0/login" | jq '.access_token'
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
register: awx_janitors_token register: awx_janitors_token
no_log: True no_log: true
- name: Copy build_room_list.py script to target machine - name: Copy build_room_list.py script to target machine
copy: copy:
@ -55,7 +55,7 @@
fetch: fetch:
src: /tmp/room_list_complete.json src: /tmp/room_list_complete.json
dest: "/tmp/{{ subscription_id }}_room_list_complete.json" dest: "/tmp/{{ subscription_id }}_room_list_complete.json"
flat: yes flat: true
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
- name: Remove complete room list from target machine - name: Remove complete room list from target machine
@ -80,7 +80,7 @@
- name: Setting host fact awx_room_list_no_local_users - name: Setting host fact awx_room_list_no_local_users
set_fact: set_fact:
awx_room_list_no_local_users: "{{ lookup('file', '/tmp/{{ subscription_id }}_room_list_no_local_users.txt') }}" awx_room_list_no_local_users: "{{ lookup('file', '/tmp/{{ subscription_id }}_room_list_no_local_users.txt') }}"
no_log: True no_log: true
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
- name: Purge all rooms with no local users - name: Purge all rooms with no local users
@ -113,7 +113,7 @@
set_fact: set_fact:
awx_room_list_joined_members: "{{ lookup('file', '/tmp/{{ subscription_id }}_room_list_joined_members.txt') }}" awx_room_list_joined_members: "{{ lookup('file', '/tmp/{{ subscription_id }}_room_list_joined_members.txt') }}"
when: awx_purge_mode.find("Number of users [slower]") != -1 when: awx_purge_mode.find("Number of users [slower]") != -1
no_log: True no_log: true
- name: Purge all rooms with more then N users - name: Purge all rooms with more then N users
include_tasks: purge_database_users.yml include_tasks: purge_database_users.yml
@ -138,7 +138,7 @@
set_fact: set_fact:
awx_room_list_state_events: "{{ lookup('file', '/tmp/{{ subscription_id }}_room_list_state_events.txt') }}" awx_room_list_state_events: "{{ lookup('file', '/tmp/{{ subscription_id }}_room_list_state_events.txt') }}"
when: awx_purge_mode.find("Number of events [slower]") != -1 when: awx_purge_mode.find("Number of events [slower]") != -1
no_log: True no_log: true
- name: Purge all rooms with more then N events - name: Purge all rooms with more then N events
include_tasks: purge_database_events.yml include_tasks: purge_database_events.yml
@ -161,17 +161,17 @@
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1) when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1)
- name: Execute rust-synapse-compress-state job template - name: Execute rust-synapse-compress-state job template
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
awx.awx.tower_job_launch: awx.awx.tower_job_launch:
job_template: "{{ matrix_domain }} - 0 - Deploy/Update a Server" job_template: "{{ matrix_domain }} - 0 - Deploy/Update a Server"
wait: yes wait: true
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1) when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1)
- name: Revert 'Deploy/Update a Server' job template - name: Revert 'Deploy/Update a Server' job template
@ -190,14 +190,14 @@
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1) when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1)
- name: Ensure matrix-synapse is stopped - name: Ensure matrix-synapse is stopped
service: service:
name: matrix-synapse name: matrix-synapse
state: stopped state: stopped
daemon_reload: yes daemon_reload: true
when: (awx_purge_mode.find("Perform final shrink") != -1) when: (awx_purge_mode.find("Perform final shrink") != -1)
- name: Re-index Synapse database - name: Re-index Synapse database
@ -208,7 +208,7 @@
service: service:
name: matrix-synapse name: matrix-synapse
state: started state: started
daemon_reload: yes daemon_reload: true
when: (awx_purge_mode.find("Perform final shrink") != -1) when: (awx_purge_mode.find("Perform final shrink") != -1)
- name: Adjust 'Deploy/Update a Server' job template - name: Adjust 'Deploy/Update a Server' job template
@ -227,17 +227,17 @@
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true
when: (awx_purge_mode.find("Perform final shrink") != -1) when: (awx_purge_mode.find("Perform final shrink") != -1)
- name: Execute run-postgres-vacuum job template - name: Execute run-postgres-vacuum job template
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
awx.awx.tower_job_launch: awx.awx.tower_job_launch:
job_template: "{{ matrix_domain }} - 0 - Deploy/Update a Server" job_template: "{{ matrix_domain }} - 0 - Deploy/Update a Server"
wait: yes wait: true
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true
when: (awx_purge_mode.find("Perform final shrink") != -1) when: (awx_purge_mode.find("Perform final shrink") != -1)
- name: Revert 'Deploy/Update a Server' job template - name: Revert 'Deploy/Update a Server' job template
@ -256,7 +256,7 @@
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true
when: (awx_purge_mode.find("Perform final shrink") != -1) when: (awx_purge_mode.find("Perform final shrink") != -1)
- name: Cleanup room_list files - name: Cleanup room_list files
@ -264,13 +264,13 @@
shell: | shell: |
rm /tmp/{{ subscription_id }}_room_list* rm /tmp/{{ subscription_id }}_room_list*
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
ignore_errors: yes ignore_errors: true
- name: Collect after shrink size of Synapse database - name: Collect after shrink size of Synapse database
shell: du -sh /matrix/postgres/data shell: du -sh /matrix/postgres/data
register: awx_db_size_after_stat register: awx_db_size_after_stat
when: (awx_purge_mode.find("Perform final shrink") != -1) when: (awx_purge_mode.find("Perform final shrink") != -1)
no_log: True no_log: true
- name: Print total number of rooms processed - name: Print total number of rooms processed
debug: debug:

View file

@ -1,3 +1,4 @@
---
- name: Ensure dateutils is installed in AWX - name: Ensure dateutils is installed in AWX
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
@ -8,13 +9,13 @@
- name: Include vars in matrix_vars.yml - name: Include vars in matrix_vars.yml
include_vars: include_vars:
file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml' file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
no_log: True no_log: true
- name: Ensure curl and jq intalled on target machine - name: Ensure curl and jq intalled on target machine
apt: apt:
pkg: pkg:
- curl - curl
- jq - jq
state: present state: present
- name: Collect the internal IP of the matrix-synapse container - name: Collect the internal IP of the matrix-synapse container
@ -25,7 +26,7 @@
shell: | shell: |
curl -XPOST -d '{"type":"m.login.password", "user":"admin-janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_matrix/client/r0/login" | jq '.access_token' curl -XPOST -d '{"type":"m.login.password", "user":"admin-janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_matrix/client/r0/login" | jq '.access_token'
register: awx_janitors_token register: awx_janitors_token
no_log: True no_log: true
- name: Generate list of dates to purge to - name: Generate list of dates to purge to
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
@ -37,16 +38,16 @@
register: awx_local_media_size_before register: awx_local_media_size_before
when: awx_purge_media_type == "Local Media" when: awx_purge_media_type == "Local Media"
async: 600 async: 600
ignore_errors: yes ignore_errors: true
no_log: True no_log: true
- name: Calculate initial size of remote media repository - name: Calculate initial size of remote media repository
shell: du -sh /matrix/synapse/storage/media-store/remote* shell: du -sh /matrix/synapse/storage/media-store/remote*
register: awx_remote_media_size_before register: awx_remote_media_size_before
when: awx_purge_media_type == "Remote Media" when: awx_purge_media_type == "Remote Media"
async: 600 async: 600
ignore_errors: yes ignore_errors: true
no_log: True no_log: true
- name: Purge local media with loop - name: Purge local media with loop
include_tasks: purge_media_local.yml include_tasks: purge_media_local.yml
@ -62,15 +63,15 @@
shell: du -sh /matrix/synapse/storage/media-store/local* shell: du -sh /matrix/synapse/storage/media-store/local*
register: awx_local_media_size_after register: awx_local_media_size_after
when: awx_purge_media_type == "Local Media" when: awx_purge_media_type == "Local Media"
ignore_errors: yes ignore_errors: true
no_log: True no_log: true
- name: Calculate final size of remote media repository - name: Calculate final size of remote media repository
shell: du -sh /matrix/synapse/storage/media-store/remote* shell: du -sh /matrix/synapse/storage/media-store/remote*
register: awx_remote_media_size_after register: awx_remote_media_size_after
when: awx_purge_media_type == "Remote Media" when: awx_purge_media_type == "Remote Media"
ignore_errors: yes ignore_errors: true
no_log: True no_log: true
- name: Print size of local media repository before purge - name: Print size of local media repository before purge
debug: debug:

View file

@ -4,7 +4,7 @@
authorized_key: authorized_key:
user: root user: root
state: present state: present
exclusive: yes exclusive: true
key: "{{ lookup('file', '/var/lib/awx/projects/hosting/client_public.key') }}" key: "{{ lookup('file', '/var/lib/awx/projects/hosting/client_public.key') }}"
- name: Delete the AWX session token for executing modules - name: Delete the AWX session token for executing modules

View file

@ -25,53 +25,53 @@
shell: | shell: |
curl -s localhost:9000 | grep "^synapse_admin_mau_current " curl -s localhost:9000 | grep "^synapse_admin_mau_current "
register: awx_mau_stat register: awx_mau_stat
no_log: True no_log: true
- name: Calculate CPU usage statistics - name: Calculate CPU usage statistics
shell: iostat -c shell: iostat -c
register: awx_cpu_usage_stat register: awx_cpu_usage_stat
no_log: True no_log: true
- name: Calculate RAM usage statistics - name: Calculate RAM usage statistics
shell: free -mh shell: free -mh
register: awx_ram_usage_stat register: awx_ram_usage_stat
no_log: True no_log: true
- name: Calculate free disk space - name: Calculate free disk space
shell: df -h shell: df -h
register: awx_disk_space_stat register: awx_disk_space_stat
no_log: True no_log: true
- name: Calculate size of Synapse database - name: Calculate size of Synapse database
shell: du -sh /matrix/postgres/data shell: du -sh /matrix/postgres/data
register: awx_db_size_stat register: awx_db_size_stat
no_log: True no_log: true
- name: Calculate size of local media repository - name: Calculate size of local media repository
shell: du -sh /matrix/synapse/storage/media-store/local* shell: du -sh /matrix/synapse/storage/media-store/local*
register: awx_local_media_size_stat register: awx_local_media_size_stat
async: 600 async: 600
ignore_errors: yes ignore_errors: true
no_log: True no_log: true
- name: Calculate size of remote media repository - name: Calculate size of remote media repository
shell: du -sh /matrix/synapse/storage/media-store/remote* shell: du -sh /matrix/synapse/storage/media-store/remote*
register: awx_remote_media_size_stat register: awx_remote_media_size_stat
async: 600 async: 600
ignore_errors: yes ignore_errors: true
no_log: True no_log: true
- name: Calculate docker container statistics - name: Calculate docker container statistics
shell: docker stats --all --no-stream shell: docker stats --all --no-stream
register: awx_docker_stats register: awx_docker_stats
ignore_errors: yes ignore_errors: true
no_log: True no_log: true
- name: Print size of remote media repository - name: Print size of remote media repository
debug: debug:
msg: "{{ awx_remote_media_size_stat.stdout.split('\n') }}" msg: "{{ awx_remote_media_size_stat.stdout.split('\n') }}"
when: awx_remote_media_size_stat is defined when: awx_remote_media_size_stat is defined
- name: Print size of local media repository - name: Print size of local media repository
debug: debug:
msg: "{{ awx_local_media_size_stat.stdout.split('\n') }}" msg: "{{ awx_local_media_size_stat.stdout.split('\n') }}"

View file

@ -235,9 +235,9 @@
credential: "{{ member_id }} - AWX SSH Key" credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_corporal.json') }}" survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_corporal.json') }}"
become_enabled: yes become_enabled: true
state: present state: present
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true

View file

@ -3,18 +3,18 @@
- name: Include vars in matrix_vars.yml - name: Include vars in matrix_vars.yml
include_vars: include_vars:
file: '{{ awx_cached_matrix_vars }}' file: '{{ awx_cached_matrix_vars }}'
no_log: True no_log: true
- name: Install jq and curl on remote machine - name: Install jq and curl on remote machine
apt: apt:
name: name:
- jq - jq
- curl - curl
state: present state: present
- name: Collect access token of @admin-dimension user - name: Collect access token of @admin-dimension user
shell: | shell: |
curl -X POST --header 'Content-Type: application/json' -d '{ "identifier": { "type": "m.id.user","user": "admin-dimension" }, "password": "{{ awx_dimension_user_password }}", "type": "m.login.password"}' 'https://matrix.{{ matrix_domain }}/_matrix/client/r0/login' | jq -c '. | {access_token}' | sed 's/.*\":\"//' | sed 's/\"}//' curl -X POST --header 'Content-Type: application/json' -d '{"identifier": {"type": "m.id.user","user": "admin-dimension"}, "password": "{{ awx_dimension_user_password }}", "type": "m.login.password"}' 'https://matrix.{{ matrix_domain }}/_matrix/client/r0/login' | jq -c '. | {access_token}' | sed 's/.*\":\"//' | sed 's/\"}//'
register: awx_dimension_user_access_token register: awx_dimension_user_access_token
- name: Record Synapse variables locally on AWX - name: Record Synapse variables locally on AWX
@ -27,7 +27,7 @@
with_dict: with_dict:
'matrix_dimension_enabled': '{{ matrix_dimension_enabled }}' 'matrix_dimension_enabled': '{{ matrix_dimension_enabled }}'
'matrix_dimension_access_token': '"{{ awx_dimension_user_access_token.stdout }}"' 'matrix_dimension_access_token': '"{{ awx_dimension_user_access_token.stdout }}"'
- name: Set final users list if users are defined - name: Set final users list if users are defined
set_fact: set_fact:
awx_dimension_users_final: "{{ awx_dimension_users }}" awx_dimension_users_final: "{{ awx_dimension_users }}"
@ -80,7 +80,7 @@
- name: Copy new 'Configure Dimension' survey.json to target machine - name: Copy new 'Configure Dimension' survey.json to target machine
copy: copy:
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_dimension.json' src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_dimension.json'
dest: '/matrix/awx/configure_dimension.json' dest: '/matrix/awx/configure_dimension.json'
mode: '0660' mode: '0660'
- name: Recreate 'Configure Dimension' job template - name: Recreate 'Configure Dimension' job template
@ -97,9 +97,9 @@
credential: "{{ member_id }} - AWX SSH Key" credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_dimension.json') }}" survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_dimension.json') }}"
become_enabled: yes become_enabled: true
state: present state: present
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true

View file

@ -172,9 +172,9 @@
credential: "{{ member_id }} - AWX SSH Key" credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_element.json') }}" survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_element.json') }}"
become_enabled: yes become_enabled: true
state: present state: present
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true

View file

@ -9,7 +9,7 @@
insertafter: '# Element Settings Start' insertafter: '# Element Settings Start'
with_dict: with_dict:
'matrix_server_fqn_element': "{{ awx_element_subdomain | trim }}.{{ matrix_domain }}" 'matrix_server_fqn_element': "{{ awx_element_subdomain | trim }}.{{ matrix_domain }}"
- name: Save new 'Configure Element Subdomain' survey.json to the AWX tower, template - name: Save new 'Configure Element Subdomain' survey.json to the AWX tower, template
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
template: template:
@ -40,4 +40,4 @@
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true

View file

@ -20,7 +20,7 @@
- name: Copy new 'Configure Jitsi' survey.json to target machine - name: Copy new 'Configure Jitsi' survey.json to target machine
copy: copy:
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_jitsi.json' src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_jitsi.json'
dest: '/matrix/awx/configure_jitsi.json' dest: '/matrix/awx/configure_jitsi.json'
mode: '0660' mode: '0660'
- name: Recreate 'Configure Jitsi' job template - name: Recreate 'Configure Jitsi' job template
@ -37,9 +37,9 @@
credential: "{{ member_id }} - AWX SSH Key" credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_jitsi.json') }}" survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_jitsi.json') }}"
become_enabled: yes become_enabled: true
state: present state: present
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true

View file

@ -66,7 +66,7 @@
with_dict: with_dict:
'awx_matrix_ma1sd_auth_store': '{{ awx_matrix_ma1sd_auth_store }}' 'awx_matrix_ma1sd_auth_store': '{{ awx_matrix_ma1sd_auth_store }}'
'awx_matrix_ma1sd_configuration_extension_yaml': '{{ awx_matrix_ma1sd_configuration_extension_yaml.splitlines() | to_json }}' 'awx_matrix_ma1sd_configuration_extension_yaml': '{{ awx_matrix_ma1sd_configuration_extension_yaml.splitlines() | to_json }}'
no_log: True no_log: true
- name: Save new 'Configure ma1sd' survey.json to the AWX tower, template - name: Save new 'Configure ma1sd' survey.json to the AWX tower, template
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
@ -77,7 +77,7 @@
- name: Copy new 'Configure ma1sd' survey.json to target machine - name: Copy new 'Configure ma1sd' survey.json to target machine
copy: copy:
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_ma1sd.json' src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_ma1sd.json'
dest: '/matrix/awx/configure_ma1sd.json' dest: '/matrix/awx/configure_ma1sd.json'
mode: '0660' mode: '0660'
- name: Recreate 'Configure ma1sd (Advanced)' job template - name: Recreate 'Configure ma1sd (Advanced)' job template
@ -94,10 +94,9 @@
credential: "{{ member_id }} - AWX SSH Key" credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_ma1sd.json') }}" survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_ma1sd.json') }}"
become_enabled: yes become_enabled: true
state: present state: present
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true

View file

@ -36,9 +36,9 @@
credential: "{{ member_id }} - AWX SSH Key" credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_email_relay.json') }}" survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_email_relay.json') }}"
become_enabled: yes become_enabled: true
state: present state: present
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true

View file

@ -1,3 +1,4 @@
---
- name: Limit max upload size to 200MB part 1 - name: Limit max upload size to 200MB part 1
set_fact: set_fact:
@ -197,7 +198,7 @@
- name: Copy new 'Configure Synapse' survey.json to target machine - name: Copy new 'Configure Synapse' survey.json to target machine
copy: copy:
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse.json' src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse.json'
dest: '/matrix/awx/configure_synapse.json' dest: '/matrix/awx/configure_synapse.json'
mode: '0660' mode: '0660'
- name: Recreate 'Configure Synapse' job template - name: Recreate 'Configure Synapse' job template
@ -214,9 +215,9 @@
credential: "{{ member_id }} - AWX SSH Key" credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse.json') }}" survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse.json') }}"
become_enabled: yes become_enabled: true
state: present state: present
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true

View file

@ -19,7 +19,7 @@
- name: Copy new 'Configure Synapse Admin' survey.json to target machine - name: Copy new 'Configure Synapse Admin' survey.json to target machine
copy: copy:
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse_admin.json' src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse_admin.json'
dest: '/matrix/awx/configure_synapse_admin.json' dest: '/matrix/awx/configure_synapse_admin.json'
mode: '0660' mode: '0660'
- name: Recreate 'Configure Synapse Admin' job template - name: Recreate 'Configure Synapse Admin' job template
@ -36,9 +36,9 @@
credential: "{{ member_id }} - AWX SSH Key" credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse_admin.json') }}" survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse_admin.json') }}"
become_enabled: yes become_enabled: true
state: present state: present
verbosity: 1 verbosity: 1
tower_host: "https://{{ awx_host }}" tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}" tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes validate_certs: true

View file

@ -12,7 +12,7 @@
command: | command: |
openssl rand -hex 16 openssl rand -hex 16
register: generic_secret register: generic_secret
no_log: True no_log: true
when: ( matrix_homeserver_generic_secret_key is undefined ) or ( matrix_homeserver_generic_secret_key | length == 0 ) when: ( matrix_homeserver_generic_secret_key is undefined ) or ( matrix_homeserver_generic_secret_key | length == 0 )
- name: Add new matrix_homeserver_generic_secret_key variable - name: Add new matrix_homeserver_generic_secret_key variable
@ -22,5 +22,5 @@
line: "matrix_homeserver_generic_secret_key: {{ generic_secret.stdout }}" line: "matrix_homeserver_generic_secret_key: {{ generic_secret.stdout }}"
insertbefore: '# Basic Settings End' insertbefore: '# Basic Settings End'
mode: '0600' mode: '0600'
state: present state: present
when: ( matrix_homeserver_generic_secret_key is undefined ) or ( matrix_homeserver_generic_secret_key | length == 0 ) when: ( matrix_homeserver_generic_secret_key is undefined ) or ( matrix_homeserver_generic_secret_key | length == 0 )

View file

@ -1,3 +1,4 @@
---
# The bare domain name which represents your Matrix identity. # The bare domain name which represents your Matrix identity.
# Matrix user ids for your server will be of the form (`@user:<matrix-domain>`). # Matrix user ids for your server will be of the form (`@user:<matrix-domain>`).
# #
@ -98,8 +99,8 @@ matrix_host_command_openssl: "/usr/bin/env openssl"
matrix_host_command_systemctl: "/usr/bin/env systemctl" matrix_host_command_systemctl: "/usr/bin/env systemctl"
matrix_host_command_sh: "/usr/bin/env sh" matrix_host_command_sh: "/usr/bin/env sh"
matrix_ntpd_package: "{{ 'systemd-timesyncd' if (ansible_distribution == 'CentOS' and ansible_distribution_major_version > '7') or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version > '18') else ( 'systemd' if ansible_os_family == 'Suse' else 'ntp' ) }}" matrix_ntpd_package: "{{ 'systemd-timesyncd' if (ansible_os_family == 'RedHat' and ansible_distribution_major_version|int > 7) or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version|int > 18) else ( 'systemd' if ansible_os_family == 'Suse' else 'ntp' ) }}"
matrix_ntpd_service: "{{ 'systemd-timesyncd' if (ansible_distribution == 'CentOS' and ansible_distribution_major_version > '7') or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version > '18') or ansible_distribution == 'Archlinux' or ansible_os_family == 'Suse' else ('ntpd' if ansible_os_family == 'RedHat' else 'ntp') }}" matrix_ntpd_service: "{{ 'systemd-timesyncd' if (ansible_os_family == 'RedHat' and ansible_distribution_major_version|int > 7) or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version|int > 18) or ansible_distribution == 'Archlinux' or ansible_os_family == 'Suse' else ('ntpd' if ansible_os_family == 'RedHat' else 'ntp') }}"
matrix_homeserver_url: "https://{{ matrix_server_fqn_matrix }}" matrix_homeserver_url: "https://{{ matrix_server_fqn_matrix }}"

View file

@ -6,4 +6,4 @@
state: absent state: absent
with_items: with_items:
- "{{ matrix_base_data_path }}/environment-variables" - "{{ matrix_base_data_path }}/environment-variables"
- "{{ matrix_base_data_path }}/scratchpad" - "{{ matrix_base_data_path }}/scratchpad"

View file

@ -1,3 +1,5 @@
---
- import_tasks: "{{ role_path }}/tasks/sanity_check.yml" - import_tasks: "{{ role_path }}/tasks/sanity_check.yml"
tags: tags:
- always - always

View file

@ -1,10 +1,10 @@
--- ---
- include_tasks: "{{ role_path }}/tasks/server_base/setup_centos.yml" - include_tasks: "{{ role_path }}/tasks/server_base/setup_redhat.yml"
when: ansible_distribution == 'CentOS' and ansible_distribution_major_version < '8' when: ansible_os_family == 'RedHat' and ansible_distribution_major_version|int < 8
- include_tasks: "{{ role_path }}/tasks/server_base/setup_centos8.yml" - include_tasks: "{{ role_path }}/tasks/server_base/setup_redhat8.yml"
when: ansible_distribution == 'CentOS' and ansible_distribution_major_version > '7' when: ansible_os_family == 'RedHat' and ansible_distribution_major_version|int > 7
- block: - block:
# ansible_lsb is only available if lsb-release is installed. # ansible_lsb is only available if lsb-release is installed.
@ -13,7 +13,7 @@
name: name:
- lsb-release - lsb-release
state: present state: present
update_cache: yes update_cache: true
register: lsb_release_installation_result register: lsb_release_installation_result
- name: Reread ansible_lsb facts if lsb-release got installed - name: Reread ansible_lsb facts if lsb-release got installed
@ -34,10 +34,10 @@
service: service:
name: docker name: docker
state: started state: started
enabled: yes enabled: true
- name: "Ensure {{ matrix_ntpd_service }} is started and autoruns" - name: "Ensure {{ matrix_ntpd_service }} is started and autoruns"
service: service:
name: "{{ matrix_ntpd_service }}" name: "{{ matrix_ntpd_service }}"
state: started state: started
enabled: yes enabled: true

View file

@ -6,7 +6,7 @@
- python-docker - python-docker
- python-dnspython - python-dnspython
state: latest state: latest
update_cache: yes update_cache: true
- name: Ensure Docker is installed - name: Ensure Docker is installed
pacman: pacman:

View file

@ -7,7 +7,7 @@
- ca-certificates - ca-certificates
- gnupg - gnupg
state: present state: present
update_cache: yes update_cache: true
- name: Ensure Docker's APT key is trusted - name: Ensure Docker's APT key is trusted
apt_key: apt_key:
@ -22,7 +22,7 @@
apt_repository: apt_repository:
repo: "deb [arch={{ matrix_debian_arch }}] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} stable" repo: "deb [arch={{ matrix_debian_arch }}] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} stable"
state: present state: present
update_cache: yes update_cache: true
when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce' when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce'
- name: Ensure APT packages are installed - name: Ensure APT packages are installed
@ -30,7 +30,7 @@
name: name:
- "{{ matrix_ntpd_package }}" - "{{ matrix_ntpd_package }}"
state: latest state: latest
update_cache: yes update_cache: true
- name: Ensure Docker is installed - name: Ensure Docker is installed
apt: apt:

View file

@ -7,7 +7,7 @@
- ca-certificates - ca-certificates
- gnupg - gnupg
state: present state: present
update_cache: yes update_cache: true
- name: Ensure Docker's APT key is trusted - name: Ensure Docker's APT key is trusted
apt_key: apt_key:
@ -22,7 +22,7 @@
apt_repository: apt_repository:
repo: "deb [arch={{ matrix_debian_arch }}] https://download.docker.com/linux/raspbian {{ ansible_distribution_release }} stable" repo: "deb [arch={{ matrix_debian_arch }}] https://download.docker.com/linux/raspbian {{ ansible_distribution_release }} stable"
state: present state: present
update_cache: yes update_cache: true
when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce' when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce'
- name: Ensure APT packages are installed - name: Ensure APT packages are installed
@ -30,7 +30,7 @@
name: name:
- "{{ matrix_ntpd_package }}" - "{{ matrix_ntpd_package }}"
state: latest state: latest
update_cache: yes update_cache: true
- name: Ensure Docker is installed - name: Ensure Docker is installed
apt: apt:

View file

@ -22,7 +22,7 @@
name: name:
- "{{ matrix_ntpd_package }}" - "{{ matrix_ntpd_package }}"
state: latest state: latest
update_cache: yes update_cache: true
- name: Ensure Docker is installed - name: Ensure Docker is installed
yum: yum:

View file

@ -22,14 +22,14 @@
name: name:
- epel-release - epel-release
state: latest state: latest
update_cache: yes update_cache: true
- name: Ensure yum packages are installed - name: Ensure yum packages are installed
yum: yum:
name: name:
- "{{ matrix_ntpd_package }}" - "{{ matrix_ntpd_package }}"
state: latest state: latest
update_cache: yes update_cache: true
- name: Ensure Docker is installed - name: Ensure Docker is installed
yum: yum:

View file

@ -18,8 +18,8 @@
state: present state: present
group: "{{ matrix_user_groupname }}" group: "{{ matrix_user_groupname }}"
home: "{{ matrix_base_data_path }}" home: "{{ matrix_base_data_path }}"
create_home: no create_home: false
system: yes system: true
register: matrix_user register: matrix_user
- name: Set Matrix Group UID Variable - name: Set Matrix Group UID Variable

View file

@ -1,3 +1,4 @@
---
# We need others to be able to read these directories too, # We need others to be able to read these directories too,
# so that matrix-nginx-proxy's nginx user can access the files. # so that matrix-nginx-proxy's nginx user can access the files.
# #

View file

@ -1,11 +1,11 @@
---
# This is for both CentOS 7 and 8 # This is for both RedHat 7 and 8
- name: Ensure fuse installed (CentOS) - name: Ensure fuse installed (RedHat)
yum: yum:
name: name:
- fuse - fuse
state: latest state: latest
when: ansible_distribution == 'CentOS' when: ansible_os_family == 'RedHat'
# This is for both Debian and Raspbian # This is for both Debian and Raspbian
- name: Ensure fuse installed (Debian/Raspbian) - name: Ensure fuse installed (Debian/Raspbian)

View file

@ -1,11 +1,11 @@
---
# This is for both CentOS 7 and 8 # This is for both RedHat 7 and 8
- name: Ensure openssl installed (CentOS) - name: Ensure openssl installed (RedHat)
yum: yum:
name: name:
- openssl - openssl
state: latest state: latest
when: ansible_distribution == 'CentOS' when: ansible_os_family == 'RedHat'
# This is for both Debian and Raspbian # This is for both Debian and Raspbian
- name: Ensure openssl installed (Debian/Raspbian) - name: Ensure openssl installed (Debian/Raspbian)

View file

@ -1,3 +1,4 @@
---
# This will contain a list of enabled services that the playbook is managing. # This will contain a list of enabled services that the playbook is managing.
# Each component is expected to append its service name to this list. # Each component is expected to append its service name to this list.
matrix_systemd_services_list: [] matrix_systemd_services_list: []

View file

@ -1,3 +1,4 @@
---
# Go-NEB is a Matrix bot written in Go. It is the successor to Matrix-NEB, the original Matrix bot written in Python. # Go-NEB is a Matrix bot written in Go. It is the successor to Matrix-NEB, the original Matrix bot written in Python.
# See: https://github.com/matrix-org/go-neb # See: https://github.com/matrix-org/go-neb
@ -203,8 +204,8 @@ matrix_bot_go_neb_services: []
# # Each room will get the notification with the alert rendered with the given template # # Each room will get the notification with the alert rendered with the given template
# rooms: # rooms:
# "!someroomid:domain.tld": # "!someroomid:domain.tld":
# text_template: "{% raw %}{{range .Alerts -}} [{{ .Status }}] {{index .Labels \"alertname\" }}: {{index .Annotations \"description\"}} {{ end -}}{% endraw %}" # text_template: "{% raw %}{{range .Alerts -}} [{{ .Status }}] {{index .Labels \"alertname\"}}: {{index .Annotations \"description\"}} {{ end -}}{% endraw %}"
# html_template: "{% raw %}{{range .Alerts -}} {{ $severity := index .Labels \"severity\" }} {{ if eq .Status \"firing\" }} {{ if eq $severity \"critical\"}} <font color='red'><b>[FIRING - CRITICAL]</b></font> {{ else if eq $severity \"warning\"}} <font color='orange'><b>[FIRING - WARNING]</b></font> {{ else }} <b>[FIRING - {{ $severity }}]</b> {{ end }} {{ else }} <font color='green'><b>[RESOLVED]</b></font> {{ end }} {{ index .Labels \"alertname\"}} : {{ index .Annotations \"description\"}} <a href=\"{{ .GeneratorURL }}\">source</a><br/>{{end -}}{% endraw %}" # html_template: "{% raw %}{{range .Alerts -}} {{ $severity := index .Labels \"severity\"}} {{ if eq .Status \"firing\"}} {{ if eq $severity \"critical\"}} <font color='red'><b>[FIRING - CRITICAL]</b></font> {{ else if eq $severity \"warning\"}} <font color='orange'><b>[FIRING - WARNING]</b></font> {{ else }} <b>[FIRING - {{ $severity }}]</b> {{ end }} {{ else }} <font color='green'><b>[RESOLVED]</b></font> {{ end }} {{ index .Labels \"alertname\"}} : {{ index .Annotations \"description\"}} <a href=\"{{ .GeneratorURL }}\">source</a><br/>{{end -}}{% endraw %}"
# msg_type: "m.text" # Must be either `m.text` or `m.notice` # msg_type: "m.text" # Must be either `m.text` or `m.notice`
# Default configuration template which covers the generic use case. # Default configuration template which covers the generic use case.
@ -228,4 +229,3 @@ matrix_bot_go_neb_configuration_extension: "{{ matrix_bot_go_neb_configuration_e
# Holds the final configuration (a combination of the default and its extension). # Holds the final configuration (a combination of the default and its extension).
# You most likely don't need to touch this variable. Instead, see `matrix_bot_go_neb_configuration_yaml`. # You most likely don't need to touch this variable. Instead, see `matrix_bot_go_neb_configuration_yaml`.
matrix_bot_go_neb_configuration: "{{ matrix_bot_go_neb_configuration_yaml|from_yaml|combine(matrix_bot_go_neb_configuration_extension, recursive=True) }}" matrix_bot_go_neb_configuration: "{{ matrix_bot_go_neb_configuration_yaml|from_yaml|combine(matrix_bot_go_neb_configuration_extension, recursive=True) }}"

View file

@ -1,3 +1,5 @@
---
- set_fact: - set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-go-neb.service'] }}" matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-go-neb.service'] }}"
when: matrix_bot_go_neb_enabled|bool when: matrix_bot_go_neb_enabled|bool

View file

@ -1,3 +1,5 @@
---
- import_tasks: "{{ role_path }}/tasks/init.yml" - import_tasks: "{{ role_path }}/tasks/init.yml"
tags: tags:
- always - always

View file

@ -11,9 +11,9 @@
owner: "{{ matrix_user_username }}" owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}" group: "{{ matrix_user_groupname }}"
with_items: with_items:
- { path: "{{ matrix_bot_go_neb_config_path }}", when: true } - {path: "{{ matrix_bot_go_neb_config_path }}", when: true}
- { path: "{{ matrix_bot_go_neb_data_path }}", when: true } - {path: "{{ matrix_bot_go_neb_data_path }}", when: true}
- { path: "{{ matrix_bot_go_neb_data_store_path }}", when: true } - {path: "{{ matrix_bot_go_neb_data_store_path }}", when: true}
when: "item.when|bool" when: "item.when|bool"
- name: Ensure go-neb image is pulled - name: Ensure go-neb image is pulled
@ -40,7 +40,7 @@
- name: Ensure systemd reloaded after matrix-bot-go-neb.service installation - name: Ensure systemd reloaded after matrix-bot-go-neb.service installation
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_bot_go_neb_systemd_service_result.changed|bool" when: "matrix_bot_go_neb_systemd_service_result.changed|bool"
- name: Ensure matrix-bot-go-neb.service restarted, if necessary - name: Ensure matrix-bot-go-neb.service restarted, if necessary

View file

@ -9,8 +9,8 @@
service: service:
name: matrix-bot-go-neb name: matrix-bot-go-neb
state: stopped state: stopped
enabled: no enabled: false
daemon_reload: yes daemon_reload: true
register: stopping_result register: stopping_result
when: "matrix_bot_go_neb_service_stat.stat.exists|bool" when: "matrix_bot_go_neb_service_stat.stat.exists|bool"
@ -22,7 +22,7 @@
- name: Ensure systemd reloaded after matrix-bot-go-neb.service removal - name: Ensure systemd reloaded after matrix-bot-go-neb.service removal
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_bot_go_neb_service_stat.stat.exists|bool" when: "matrix_bot_go_neb_service_stat.stat.exists|bool"
- name: Ensure Matrix go-neb paths don't exist - name: Ensure Matrix go-neb paths don't exist

View file

@ -39,8 +39,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-go-neb \
{{ matrix_bot_go_neb_docker_image }} \ {{ matrix_bot_go_neb_docker_image }} \
-c "go-neb /config/config.yaml" -c "go-neb /config/config.yaml"
ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-go-neb 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-go-neb 2>/dev/null'
ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-go-neb 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-go-neb 2>/dev/null'
Restart=always Restart=always
RestartSec=30 RestartSec=30
SyslogIdentifier=matrix-bot-go-neb SyslogIdentifier=matrix-bot-go-neb

View file

@ -1,3 +1,4 @@
---
# honoroit is a helpdesk bot # honoroit is a helpdesk bot
# See: https://gitlab.com/etke.cc/honoroit # See: https://gitlab.com/etke.cc/honoroit

View file

@ -1,3 +1,5 @@
---
- set_fact: - set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-honoroit.service'] }}" matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-honoroit.service'] }}"
when: matrix_bot_honoroit_enabled|bool when: matrix_bot_honoroit_enabled|bool

View file

@ -1,3 +1,5 @@
---
- import_tasks: "{{ role_path }}/tasks/init.yml" - import_tasks: "{{ role_path }}/tasks/init.yml"
tags: tags:
- always - always

View file

@ -33,10 +33,10 @@
owner: "{{ matrix_user_username }}" owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}" group: "{{ matrix_user_groupname }}"
with_items: with_items:
- { path: "{{ matrix_bot_honoroit_config_path }}", when: true } - {path: "{{ matrix_bot_honoroit_config_path }}", when: true}
- { path: "{{ matrix_bot_honoroit_data_path }}", when: true } - {path: "{{ matrix_bot_honoroit_data_path }}", when: true}
- { path: "{{ matrix_bot_honoroit_data_store_path }}", when: true } - {path: "{{ matrix_bot_honoroit_data_store_path }}", when: true}
- { path: "{{ matrix_bot_honoroit_docker_src_files_path }}", when: true} - {path: "{{ matrix_bot_honoroit_docker_src_files_path }}", when: true}
when: "item.when|bool" when: "item.when|bool"
- name: Ensure honoroit environment variables file created - name: Ensure honoroit environment variables file created
@ -70,7 +70,7 @@
build: build:
dockerfile: Dockerfile dockerfile: Dockerfile
path: "{{ matrix_bot_honoroit_docker_src_files_path }}" path: "{{ matrix_bot_honoroit_docker_src_files_path }}"
pull: yes pull: true
when: "matrix_bot_honoroit_container_image_self_build|bool" when: "matrix_bot_honoroit_container_image_self_build|bool"
- name: Ensure matrix-bot-honoroit.service installed - name: Ensure matrix-bot-honoroit.service installed
@ -82,7 +82,7 @@
- name: Ensure systemd reloaded after matrix-bot-honoroit.service installation - name: Ensure systemd reloaded after matrix-bot-honoroit.service installation
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_bot_honoroit_systemd_service_result.changed|bool" when: "matrix_bot_honoroit_systemd_service_result.changed|bool"
- name: Ensure matrix-bot-honoroit.service restarted, if necessary - name: Ensure matrix-bot-honoroit.service restarted, if necessary

View file

@ -9,8 +9,8 @@
service: service:
name: matrix-bot-honoroit name: matrix-bot-honoroit
state: stopped state: stopped
enabled: no enabled: false
daemon_reload: yes daemon_reload: true
register: stopping_result register: stopping_result
when: "matrix_bot_honoroit_service_stat.stat.exists|bool" when: "matrix_bot_honoroit_service_stat.stat.exists|bool"
@ -22,7 +22,7 @@
- name: Ensure systemd reloaded after matrix-bot-honoroit.service removal - name: Ensure systemd reloaded after matrix-bot-honoroit.service removal
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_bot_honoroit_service_stat.stat.exists|bool" when: "matrix_bot_honoroit_service_stat.stat.exists|bool"
- name: Ensure Matrix honoroit paths don't exist - name: Ensure Matrix honoroit paths don't exist

View file

@ -29,8 +29,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-honoroit \
{% endfor %} {% endfor %}
{{ matrix_bot_honoroit_docker_image }} {{ matrix_bot_honoroit_docker_image }}
ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-honoroit 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-honoroit 2>/dev/null'
ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-honoroit 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-honoroit 2>/dev/null'
Restart=always Restart=always
RestartSec=30 RestartSec=30
SyslogIdentifier=matrix-bot-honoroit SyslogIdentifier=matrix-bot-honoroit

View file

@ -1,3 +1,4 @@
---
# matrix-reminder-bot is a bot for one-off and recurring reminders # matrix-reminder-bot is a bot for one-off and recurring reminders
# See: https://github.com/anoadragon453/matrix-reminder-bot # See: https://github.com/anoadragon453/matrix-reminder-bot

View file

@ -1,3 +1,5 @@
---
- set_fact: - set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-matrix-reminder-bot.service'] }}" matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-matrix-reminder-bot.service'] }}"
when: matrix_bot_matrix_reminder_bot_enabled|bool when: matrix_bot_matrix_reminder_bot_enabled|bool

View file

@ -1,3 +1,5 @@
---
- import_tasks: "{{ role_path }}/tasks/init.yml" - import_tasks: "{{ role_path }}/tasks/init.yml"
tags: tags:
- always - always

View file

@ -34,10 +34,10 @@
owner: "{{ matrix_user_username }}" owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}" group: "{{ matrix_user_groupname }}"
with_items: with_items:
- { path: "{{ matrix_bot_matrix_reminder_bot_config_path }}", when: true } - {path: "{{ matrix_bot_matrix_reminder_bot_config_path }}", when: true}
- { path: "{{ matrix_bot_matrix_reminder_bot_data_path }}", when: true } - {path: "{{ matrix_bot_matrix_reminder_bot_data_path }}", when: true}
- { path: "{{ matrix_bot_matrix_reminder_bot_data_store_path }}", when: true } - {path: "{{ matrix_bot_matrix_reminder_bot_data_store_path }}", when: true}
- { path: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}", when: true} - {path: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}", when: true}
when: "item.when|bool" when: "item.when|bool"
- name: Ensure matrix-reminder-bot image is pulled - name: Ensure matrix-reminder-bot image is pulled
@ -65,7 +65,7 @@
build: build:
dockerfile: docker/Dockerfile dockerfile: docker/Dockerfile
path: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}" path: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}"
pull: yes pull: true
when: "matrix_bot_matrix_reminder_bot_container_image_self_build|bool" when: "matrix_bot_matrix_reminder_bot_container_image_self_build|bool"
- name: Ensure matrix-reminder-bot config installed - name: Ensure matrix-reminder-bot config installed
@ -85,7 +85,7 @@
- name: Ensure systemd reloaded after matrix-bot-matrix-reminder-bot.service installation - name: Ensure systemd reloaded after matrix-bot-matrix-reminder-bot.service installation
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_bot_matrix_reminder_bot_systemd_service_result.changed|bool" when: "matrix_bot_matrix_reminder_bot_systemd_service_result.changed|bool"
- name: Ensure matrix-bot-matrix-reminder-bot.service restarted, if necessary - name: Ensure matrix-bot-matrix-reminder-bot.service restarted, if necessary

View file

@ -9,8 +9,8 @@
service: service:
name: matrix-bot-matrix-reminder-bot name: matrix-bot-matrix-reminder-bot
state: stopped state: stopped
enabled: no enabled: false
daemon_reload: yes daemon_reload: true
register: stopping_result register: stopping_result
when: "matrix_bot_matrix_reminder_bot_service_stat.stat.exists|bool" when: "matrix_bot_matrix_reminder_bot_service_stat.stat.exists|bool"
@ -22,7 +22,7 @@
- name: Ensure systemd reloaded after matrix-bot-matrix-reminder-bot.service removal - name: Ensure systemd reloaded after matrix-bot-matrix-reminder-bot.service removal
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_bot_matrix_reminder_bot_service_stat.stat.exists|bool" when: "matrix_bot_matrix_reminder_bot_service_stat.stat.exists|bool"
- name: Ensure Matrix matrix-reminder-bot paths don't exist - name: Ensure Matrix matrix-reminder-bot paths don't exist

View file

@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-matrix-rem
{{ matrix_bot_matrix_reminder_bot_docker_image }} \ {{ matrix_bot_matrix_reminder_bot_docker_image }} \
-c "matrix-reminder-bot /config/config.yaml" -c "matrix-reminder-bot /config/config.yaml"
ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-matrix-reminder-bot 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-matrix-reminder-bot 2>/dev/null'
ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-matrix-reminder-bot 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-matrix-reminder-bot 2>/dev/null'
Restart=always Restart=always
RestartSec=30 RestartSec=30
SyslogIdentifier=matrix-bot-matrix-reminder-bot SyslogIdentifier=matrix-bot-matrix-reminder-bot

View file

@ -1,9 +1,10 @@
---
# A moderation tool for Matrix # A moderation tool for Matrix
# See: https://github.com/matrix-org/mjolnir # See: https://github.com/matrix-org/mjolnir
matrix_bot_mjolnir_enabled: true matrix_bot_mjolnir_enabled: true
matrix_bot_mjolnir_version: "v1.2.1" matrix_bot_mjolnir_version: "v1.3.1"
matrix_bot_mjolnir_container_image_self_build: false matrix_bot_mjolnir_container_image_self_build: false
matrix_bot_mjolnir_container_image_self_build_repo: "https://github.com/matrix-org/mjolnir.git" matrix_bot_mjolnir_container_image_self_build_repo: "https://github.com/matrix-org/mjolnir.git"
@ -56,4 +57,3 @@ matrix_bot_mjolnir_configuration_extension: "{{ matrix_bot_mjolnir_configuration
# Holds the final configuration (a combination of the default and its extension). # Holds the final configuration (a combination of the default and its extension).
# You most likely don't need to touch this variable. Instead, see `matrix_bot_mjolnir_configuration_yaml`. # You most likely don't need to touch this variable. Instead, see `matrix_bot_mjolnir_configuration_yaml`.
matrix_bot_mjolnir_configuration: "{{ matrix_bot_mjolnir_configuration_yaml|from_yaml|combine(matrix_bot_mjolnir_configuration_extension, recursive=True) }}" matrix_bot_mjolnir_configuration: "{{ matrix_bot_mjolnir_configuration_yaml|from_yaml|combine(matrix_bot_mjolnir_configuration_extension, recursive=True) }}"

View file

@ -1,3 +1,4 @@
---
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070 # See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
- name: Fail if trying to self-build on Ansible < 2.8 - name: Fail if trying to self-build on Ansible < 2.8

View file

@ -1,3 +1,5 @@
---
- import_tasks: "{{ role_path }}/tasks/init.yml" - import_tasks: "{{ role_path }}/tasks/init.yml"
tags: tags:
- always - always

View file

@ -11,10 +11,10 @@
owner: "{{ matrix_user_username }}" owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}" group: "{{ matrix_user_groupname }}"
with_items: with_items:
- { path: "{{ matrix_bot_mjolnir_base_path }}", when: true } - {path: "{{ matrix_bot_mjolnir_base_path }}", when: true}
- { path: "{{ matrix_bot_mjolnir_config_path }}", when: true } - {path: "{{ matrix_bot_mjolnir_config_path }}", when: true}
- { path: "{{ matrix_bot_mjolnir_data_path }}", when: true } - {path: "{{ matrix_bot_mjolnir_data_path }}", when: true}
- { path: "{{ matrix_bot_mjolnir_docker_src_files_path }}", when: "{{ matrix_bot_mjolnir_container_image_self_build }}" } - {path: "{{ matrix_bot_mjolnir_docker_src_files_path }}", when: "{{ matrix_bot_mjolnir_container_image_self_build }}"}
when: "item.when|bool" when: "item.when|bool"
- name: Ensure mjolnir Docker image is pulled - name: Ensure mjolnir Docker image is pulled
@ -42,7 +42,7 @@
build: build:
dockerfile: Dockerfile dockerfile: Dockerfile
path: "{{ matrix_bot_mjolnir_docker_src_files_path }}" path: "{{ matrix_bot_mjolnir_docker_src_files_path }}"
pull: yes pull: true
when: "matrix_bot_mjolnir_container_image_self_build|bool" when: "matrix_bot_mjolnir_container_image_self_build|bool"
- name: Ensure matrix-bot-mjolnir config installed - name: Ensure matrix-bot-mjolnir config installed
@ -62,7 +62,7 @@
- name: Ensure systemd reloaded after matrix-bot-mjolnir.service installation - name: Ensure systemd reloaded after matrix-bot-mjolnir.service installation
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_bot_mjolnir_systemd_service_result.changed|bool" when: "matrix_bot_mjolnir_systemd_service_result.changed|bool"
- name: Ensure matrix-bot-mjolnir.service restarted, if necessary - name: Ensure matrix-bot-mjolnir.service restarted, if necessary

View file

@ -9,8 +9,8 @@
service: service:
name: matrix-bot-mjolnir name: matrix-bot-mjolnir
state: stopped state: stopped
enabled: no enabled: false
daemon_reload: yes daemon_reload: true
register: stopping_result register: stopping_result
when: "matrix_bot_mjolnir_service_stat.stat.exists|bool" when: "matrix_bot_mjolnir_service_stat.stat.exists|bool"
@ -22,7 +22,7 @@
- name: Ensure systemd reloaded after matrix-bot-mjolnir.service removal - name: Ensure systemd reloaded after matrix-bot-mjolnir.service removal
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_bot_mjolnir_service_stat.stat.exists|bool" when: "matrix_bot_mjolnir_service_stat.stat.exists|bool"
- name: Ensure matrix-bot-mjolnir paths don't exist - name: Ensure matrix-bot-mjolnir paths don't exist

View file

@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-mjolnir \
{% endfor %} {% endfor %}
{{ matrix_bot_mjolnir_docker_image }} {{ matrix_bot_mjolnir_docker_image }}
ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-mjolnir 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-mjolnir 2>/dev/null'
ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-mjolnir 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-mjolnir 2>/dev/null'
Restart=always Restart=always
RestartSec=30 RestartSec=30
SyslogIdentifier=matrix-bot-mjolnir SyslogIdentifier=matrix-bot-mjolnir

View file

@ -1,3 +1,4 @@
---
# matrix-appservice-discord is a Matrix <-> Discord bridge # matrix-appservice-discord is a Matrix <-> Discord bridge
# See: https://github.com/Half-Shot/matrix-appservice-discord # See: https://github.com/Half-Shot/matrix-appservice-discord

View file

@ -1,3 +1,4 @@
---
# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist. # If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
# We don't want to fail in such cases. # We don't want to fail in such cases.
- name: Fail if matrix-synapse role already executed - name: Fail if matrix-synapse role already executed

View file

@ -1,3 +1,5 @@
---
- import_tasks: "{{ role_path }}/tasks/init.yml" - import_tasks: "{{ role_path }}/tasks/init.yml"
tags: tags:
- always - always

View file

@ -54,8 +54,8 @@
service: service:
name: matrix-appservice-discord name: matrix-appservice-discord
state: stopped state: stopped
enabled: no enabled: false
daemon_reload: yes daemon_reload: true
failed_when: false failed_when: false
when: "matrix_appservice_discord_stat_db.stat.exists" when: "matrix_appservice_discord_stat_db.stat.exists"
@ -105,7 +105,7 @@
- name: Ensure systemd reloaded after matrix-appservice-discord.service installation - name: Ensure systemd reloaded after matrix-appservice-discord.service installation
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_appservice_discord_systemd_service_result.changed" when: "matrix_appservice_discord_systemd_service_result.changed"
- name: Ensure matrix-appservice-discord.service restarted, if necessary - name: Ensure matrix-appservice-discord.service restarted, if necessary

View file

@ -9,8 +9,8 @@
service: service:
name: matrix-appservice-discord name: matrix-appservice-discord
state: stopped state: stopped
enabled: no enabled: false
daemon_reload: yes daemon_reload: true
when: "matrix_appservice_discord_service_stat.stat.exists" when: "matrix_appservice_discord_service_stat.stat.exists"
- name: Ensure matrix-appservice-discord.service doesn't exist - name: Ensure matrix-appservice-discord.service doesn't exist
@ -21,5 +21,5 @@
- name: Ensure systemd reloaded after matrix-appservice-discord.service removal - name: Ensure systemd reloaded after matrix-appservice-discord.service removal
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_appservice_discord_service_stat.stat.exists" when: "matrix_appservice_discord_service_stat.stat.exists"

View file

@ -35,8 +35,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-dis
{{ matrix_appservice_discord_docker_image }} \ {{ matrix_appservice_discord_docker_image }} \
node /build/src/discordas.js -p 9005 -c /cfg/config.yaml -f /cfg/registration.yaml node /build/src/discordas.js -p 9005 -c /cfg/config.yaml -f /cfg/registration.yaml
ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-discord 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-discord 2>/dev/null'
ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-discord 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-discord 2>/dev/null'
Restart=always Restart=always
RestartSec=30 RestartSec=30
SyslogIdentifier=matrix-appservice-discord SyslogIdentifier=matrix-appservice-discord

View file

@ -1,3 +1,4 @@
---
# Matrix Appservice IRC is a Matrix <-> IRC bridge # Matrix Appservice IRC is a Matrix <-> IRC bridge
# See: https://github.com/matrix-org/matrix-appservice-irc # See: https://github.com/matrix-org/matrix-appservice-irc

View file

@ -1,3 +1,4 @@
---
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070 # See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
- name: Fail if trying to self-build on Ansible < 2.8 - name: Fail if trying to self-build on Ansible < 2.8

View file

@ -1,3 +1,5 @@
---
- import_tasks: "{{ role_path }}/tasks/init.yml" - import_tasks: "{{ role_path }}/tasks/init.yml"
tags: tags:
- always - always

View file

@ -1,3 +1,5 @@
---
- name: Fail if Postgres not enabled - name: Fail if Postgres not enabled
fail: fail:
msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot migrate." msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot migrate."
@ -16,7 +18,7 @@
service: service:
name: matrix-postgres name: matrix-postgres
state: started state: started
daemon_reload: yes daemon_reload: true
register: matrix_postgres_service_start_result register: matrix_postgres_service_start_result
- name: Wait a bit, so that Postgres can start - name: Wait a bit, so that Postgres can start

View file

@ -10,10 +10,10 @@
owner: "{{ matrix_user_username }}" owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}" group: "{{ matrix_user_groupname }}"
with_items: with_items:
- { path: "{{ matrix_appservice_irc_base_path }}", when: true } - {path: "{{ matrix_appservice_irc_base_path }}", when: true}
- { path: "{{ matrix_appservice_irc_config_path }}", when: true } - {path: "{{ matrix_appservice_irc_config_path }}", when: true}
- { path: "{{ matrix_appservice_irc_data_path }}", when: true } - {path: "{{ matrix_appservice_irc_data_path }}", when: true}
- { path: "{{ matrix_appservice_irc_docker_src_files_path }}", when: "{{ matrix_appservice_irc_container_image_self_build }}" } - {path: "{{ matrix_appservice_irc_docker_src_files_path }}", when: "{{ matrix_appservice_irc_container_image_self_build }}"}
when: item.when|bool when: item.when|bool
- name: Check if an old passkey file already exists - name: Check if an old passkey file already exists
@ -26,7 +26,7 @@
service: service:
name: matrix-appservice-irc name: matrix-appservice-irc
state: stopped state: stopped
daemon_reload: yes daemon_reload: true
failed_when: false failed_when: false
- name: (Data relocation) Move AppService IRC passkey.pem file to ./data directory - name: (Data relocation) Move AppService IRC passkey.pem file to ./data directory
@ -82,7 +82,7 @@
build: build:
dockerfile: Dockerfile dockerfile: Dockerfile
path: "{{ matrix_appservice_irc_docker_src_files_path }}" path: "{{ matrix_appservice_irc_docker_src_files_path }}"
pull: yes pull: true
when: "matrix_appservice_irc_enabled|bool and matrix_appservice_irc_container_image_self_build|bool and matrix_appservice_irc_git_pull_results.changed" when: "matrix_appservice_irc_enabled|bool and matrix_appservice_irc_container_image_self_build|bool and matrix_appservice_irc_git_pull_results.changed"
- name: Ensure Matrix Appservice IRC config installed - name: Ensure Matrix Appservice IRC config installed
@ -186,7 +186,7 @@
- name: Ensure systemd reloaded after matrix-appservice-irc.service installation - name: Ensure systemd reloaded after matrix-appservice-irc.service installation
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_appservice_irc_systemd_service_result.changed" when: "matrix_appservice_irc_systemd_service_result.changed"
- name: Ensure matrix-appservice-irc.service restarted, if necessary - name: Ensure matrix-appservice-irc.service restarted, if necessary

View file

@ -9,8 +9,8 @@
service: service:
name: matrix-appservice-irc name: matrix-appservice-irc
state: stopped state: stopped
enabled: no enabled: false
daemon_reload: yes daemon_reload: true
when: "matrix_appservice_irc_service_stat.stat.exists" when: "matrix_appservice_irc_service_stat.stat.exists"
- name: Ensure matrix-appservice-irc.service doesn't exist - name: Ensure matrix-appservice-irc.service doesn't exist
@ -21,5 +21,5 @@
- name: Ensure systemd reloaded after matrix-appservice-irc.service removal - name: Ensure systemd reloaded after matrix-appservice-irc.service removal
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_appservice_irc_service_stat.stat.exists" when: "matrix_appservice_irc_service_stat.stat.exists"

View file

@ -36,8 +36,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-irc
{{ matrix_appservice_irc_docker_image }} \ {{ matrix_appservice_irc_docker_image }} \
-c 'node app.js -c /config/config.yaml -f /config/registration.yaml -p 9999' -c 'node app.js -c /config/config.yaml -f /config/registration.yaml -p 9999'
ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-irc 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-irc 2>/dev/null'
ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-irc 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-irc 2>/dev/null'
Restart=always Restart=always
RestartSec=30 RestartSec=30
SyslogIdentifier=matrix-appservice-irc SyslogIdentifier=matrix-appservice-irc

View file

@ -1,3 +1,4 @@
---
# matrix-appservice-slack is a Matrix <-> Slack bridge # matrix-appservice-slack is a Matrix <-> Slack bridge
# See: https://github.com/matrix-org/matrix-appservice-slack # See: https://github.com/matrix-org/matrix-appservice-slack

View file

@ -1,3 +1,4 @@
---
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070 # See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
- name: Fail if trying to self-build on Ansible < 2.8 - name: Fail if trying to self-build on Ansible < 2.8
@ -39,40 +40,40 @@
when: "matrix_synapse_role_executed|default(False)" when: "matrix_synapse_role_executed|default(False)"
- block: - block:
- name: Fail if matrix-nginx-proxy role already executed - name: Fail if matrix-nginx-proxy role already executed
fail: fail:
msg: >- msg: >-
Trying to append Slack Appservice's reverse-proxying configuration to matrix-nginx-proxy, Trying to append Slack Appservice's reverse-proxying configuration to matrix-nginx-proxy,
but it's pointless since the matrix-nginx-proxy role had already executed. but it's pointless since the matrix-nginx-proxy role had already executed.
To fix this, please change the order of roles in your playbook, To fix this, please change the order of roles in your playbook,
so that the matrix-nginx-proxy role would run after the matrix-bridge-appservice-slack role. so that the matrix-nginx-proxy role would run after the matrix-bridge-appservice-slack role.
when: matrix_nginx_proxy_role_executed|default(False)|bool when: matrix_nginx_proxy_role_executed|default(False)|bool
- name: Generate Matrix Appservice Slack proxying configuration for matrix-nginx-proxy - name: Generate Matrix Appservice Slack proxying configuration for matrix-nginx-proxy
set_fact: set_fact:
matrix_appservice_slack_matrix_nginx_proxy_configuration: | matrix_appservice_slack_matrix_nginx_proxy_configuration: |
location {{ matrix_appservice_slack_public_endpoint }} { location {{ matrix_appservice_slack_public_endpoint }} {
{% if matrix_nginx_proxy_enabled|default(False) %} {% if matrix_nginx_proxy_enabled|default(False) %}
{# Use the embedded DNS resolver in Docker containers to discover the service #} {# Use the embedded DNS resolver in Docker containers to discover the service #}
resolver 127.0.0.11 valid=5s; resolver 127.0.0.11 valid=5s;
set $backend "{{ matrix_appservice_slack_appservice_url }}:{{ matrix_appservice_slack_slack_port }}"; set $backend "{{ matrix_appservice_slack_appservice_url }}:{{ matrix_appservice_slack_slack_port }}";
proxy_pass $backend; proxy_pass $backend;
{% else %} {% else %}
{# Generic configuration for use outside of our container setup #} {# Generic configuration for use outside of our container setup #}
proxy_pass http://127.0.0.1:{{ matrix_appservice_slack_slack_port }}; proxy_pass http://127.0.0.1:{{ matrix_appservice_slack_slack_port }};
{% endif %} {% endif %}
} }
- name: Register Slack Appservice proxying configuration with matrix-nginx-proxy - name: Register Slack Appservice proxying configuration with matrix-nginx-proxy
set_fact: set_fact:
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: | matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
{{ {{
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([]) matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
+ +
[matrix_appservice_slack_matrix_nginx_proxy_configuration] [matrix_appservice_slack_matrix_nginx_proxy_configuration]
}} }}
tags: tags:
- always - always
when: matrix_appservice_slack_enabled|bool when: matrix_appservice_slack_enabled|bool
- name: Warn about reverse-proxying if matrix-nginx-proxy not used - name: Warn about reverse-proxying if matrix-nginx-proxy not used

View file

@ -1,3 +1,5 @@
---
- import_tasks: "{{ role_path }}/tasks/init.yml" - import_tasks: "{{ role_path }}/tasks/init.yml"
tags: tags:
- always - always

View file

@ -1,3 +1,5 @@
---
- name: Fail if Postgres not enabled - name: Fail if Postgres not enabled
fail: fail:
msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot migrate." msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot migrate."
@ -16,7 +18,7 @@
service: service:
name: matrix-postgres name: matrix-postgres
state: started state: started
daemon_reload: yes daemon_reload: true
register: matrix_postgres_service_start_result register: matrix_postgres_service_start_result
- name: Wait a bit, so that Postgres can start - name: Wait a bit, so that Postgres can start

View file

@ -8,10 +8,10 @@
owner: "{{ matrix_user_username }}" owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}" group: "{{ matrix_user_groupname }}"
with_items: with_items:
- { path: "{{ matrix_appservice_slack_base_path }}", when: true } - {path: "{{ matrix_appservice_slack_base_path }}", when: true}
- { path: "{{ matrix_appservice_slack_config_path }}", when: true } - {path: "{{ matrix_appservice_slack_config_path }}", when: true}
- { path: "{{ matrix_appservice_slack_data_path }}", when: true } - {path: "{{ matrix_appservice_slack_data_path }}", when: true}
- { path: "{{ matrix_appservice_slack_docker_src_files_path }}", when: "{{ matrix_appservice_slack_container_image_self_build }}" } - {path: "{{ matrix_appservice_slack_docker_src_files_path }}", when: "{{ matrix_appservice_slack_container_image_self_build }}"}
when: item.when|bool when: item.when|bool
- set_fact: - set_fact:
@ -56,7 +56,7 @@
build: build:
dockerfile: Dockerfile dockerfile: Dockerfile
path: "{{ matrix_appservice_slack_docker_src_files_path }}" path: "{{ matrix_appservice_slack_docker_src_files_path }}"
pull: yes pull: true
when: "matrix_appservice_slack_container_image_self_build|bool and matrix_appservice_slack_git_pull_results.changed" when: "matrix_appservice_slack_container_image_self_build|bool and matrix_appservice_slack_git_pull_results.changed"
- name: Ensure Matrix Appservice Slack config installed - name: Ensure Matrix Appservice Slack config installed
@ -84,7 +84,7 @@
- name: Ensure systemd reloaded after matrix-appservice-slack.service installation - name: Ensure systemd reloaded after matrix-appservice-slack.service installation
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_appservice_slack_systemd_service_result.changed" when: "matrix_appservice_slack_systemd_service_result.changed"
- name: Ensure matrix-appservice-slack.service restarted, if necessary - name: Ensure matrix-appservice-slack.service restarted, if necessary

View file

@ -9,8 +9,8 @@
service: service:
name: matrix-appservice-slack name: matrix-appservice-slack
state: stopped state: stopped
enabled: no enabled: false
daemon_reload: yes daemon_reload: true
when: "matrix_appservice_slack_service_stat.stat.exists" when: "matrix_appservice_slack_service_stat.stat.exists"
- name: Ensure matrix-appservice-slack.service doesn't exist - name: Ensure matrix-appservice-slack.service doesn't exist
@ -21,5 +21,5 @@
- name: Ensure systemd reloaded after matrix-appservice-slack.service removal - name: Ensure systemd reloaded after matrix-appservice-slack.service removal
service: service:
daemon_reload: yes daemon_reload: true
when: "matrix_appservice_slack_service_stat.stat.exists" when: "matrix_appservice_slack_service_stat.stat.exists"

View file

@ -35,8 +35,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-sla
{{ matrix_appservice_slack_docker_image }} \ {{ matrix_appservice_slack_docker_image }} \
node app.js -p {{matrix_appservice_slack_matrix_port}} -c /config/config.yaml -f /config/slack-registration.yaml node app.js -p {{matrix_appservice_slack_matrix_port}} -c /config/config.yaml -f /config/slack-registration.yaml
ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-slack 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-slack 2>/dev/null'
ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-slack 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-slack 2>/dev/null'
Restart=always Restart=always
RestartSec=30 RestartSec=30
SyslogIdentifier=matrix-appservice-slack SyslogIdentifier=matrix-appservice-slack

View file

@ -1,3 +1,4 @@
---
# matrix-appservice-webhooks is a Matrix <-> webhook bridge # matrix-appservice-webhooks is a Matrix <-> webhook bridge
# See: https://github.com/redoonetworks/matrix-appservice-webhooks # See: https://github.com/redoonetworks/matrix-appservice-webhooks

View file

@ -1,3 +1,4 @@
---
# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist. # If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
# We don't want to fail in such cases. # We don't want to fail in such cases.
- name: Fail if matrix-synapse role already executed - name: Fail if matrix-synapse role already executed
@ -32,42 +33,42 @@
when: "matrix_synapse_role_executed|default(False)" when: "matrix_synapse_role_executed|default(False)"
- block: - block:
- name: Fail if matrix-nginx-proxy role already executed - name: Fail if matrix-nginx-proxy role already executed
fail: fail:
msg: >- msg: >-
Trying to append webhooks Appservice's reverse-proxying configuration to matrix-nginx-proxy, Trying to append webhooks Appservice's reverse-proxying configuration to matrix-nginx-proxy,
but it's pointless since the matrix-nginx-proxy role had already executed. but it's pointless since the matrix-nginx-proxy role had already executed.
To fix this, please change the order of roles in your playbook, To fix this, please change the order of roles in your playbook,
so that the matrix-nginx-proxy role would run after the matrix-bridge-appservice-webhooks role. so that the matrix-nginx-proxy role would run after the matrix-bridge-appservice-webhooks role.
when: matrix_nginx_proxy_role_executed|default(False)|bool when: matrix_nginx_proxy_role_executed|default(False)|bool
- name: Generate Matrix Appservice webhooks proxying configuration for matrix-nginx-proxy - name: Generate Matrix Appservice webhooks proxying configuration for matrix-nginx-proxy
set_fact: set_fact:
matrix_appservice_webhooks_matrix_nginx_proxy_configuration: | matrix_appservice_webhooks_matrix_nginx_proxy_configuration: |
{% if matrix_nginx_proxy_enabled|default(False) %} {% if matrix_nginx_proxy_enabled|default(False) %}
{# Use the embedded DNS resolver in Docker containers to discover the service #} {# Use the embedded DNS resolver in Docker containers to discover the service #}
location ~ ^{{ matrix_appservice_webhooks_public_endpoint }}/(.*)$ { location ~ ^{{ matrix_appservice_webhooks_public_endpoint }}/(.*)$ {
resolver 127.0.0.11 valid=5s; resolver 127.0.0.11 valid=5s;
set $backend "matrix-appservice-webhooks:{{ matrix_appservice_webhooks_matrix_port }}"; set $backend "matrix-appservice-webhooks:{{ matrix_appservice_webhooks_matrix_port }}";
proxy_pass http://$backend/$1; proxy_pass http://$backend/$1;
} }
{% else %} {% else %}
{# Generic configuration for use outside of our container setup #} {# Generic configuration for use outside of our container setup #}
location {{ matrix_appservice_webhooks_public_endpoint }}/ { location {{ matrix_appservice_webhooks_public_endpoint }}/ {
proxy_pass http://127.0.0.1:{{ matrix_appservice_webhooks_matrix_port }}/; proxy_pass http://127.0.0.1:{{ matrix_appservice_webhooks_matrix_port }}/;
} }
{% endif %} {% endif %}
- name: Register webhooks Appservice proxying configuration with matrix-nginx-proxy - name: Register webhooks Appservice proxying configuration with matrix-nginx-proxy
set_fact: set_fact:
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: | matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
{{ {{
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([]) matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
+ +
[matrix_appservice_webhooks_matrix_nginx_proxy_configuration] [matrix_appservice_webhooks_matrix_nginx_proxy_configuration]
}} }}
tags: tags:
- always - always
when: matrix_appservice_webhooks_enabled|bool when: matrix_appservice_webhooks_enabled|bool
- name: Warn about reverse-proxying if matrix-nginx-proxy not used - name: Warn about reverse-proxying if matrix-nginx-proxy not used

Some files were not shown because too many files have changed in this diff Show more