Merge branch 'master' into pub.solar
This commit is contained in:
commit
5816d61793
1
.github/FUNDING.yml
vendored
1
.github/FUNDING.yml
vendored
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
# These are supported funding model platforms
|
||||
|
||||
# https://liberapay.com/s.pantaleev/
|
||||
|
|
7
.github/dependabot.yaml
vendored
Normal file
7
.github/dependabot.yaml
vendored
Normal file
|
@ -0,0 +1,7 @@
|
|||
---
|
||||
version: 2
|
||||
updates:
|
||||
- package-ecosystem: "github-actions"
|
||||
directory: "/"
|
||||
schedule:
|
||||
interval: daily
|
16
.github/workflows/matrix.yml
vendored
Normal file
16
.github/workflows/matrix.yml
vendored
Normal file
|
@ -0,0 +1,16 @@
|
|||
---
|
||||
name: Matrix CI
|
||||
|
||||
on: # yamllint disable-line rule:truthy
|
||||
push:
|
||||
pull_request:
|
||||
|
||||
jobs:
|
||||
yamllint:
|
||||
name: 🧹 yamllint
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: ⤵️ Check out configuration from GitHub
|
||||
uses: actions/checkout@v2.4.0
|
||||
- name: 🚀 Run yamllint
|
||||
uses: frenck/action-yamllint@v1.1.2
|
8
.yamllint
Normal file
8
.yamllint
Normal file
|
@ -0,0 +1,8 @@
|
|||
---
|
||||
extends: default
|
||||
|
||||
ignore: |
|
||||
roles/matrix-synapse/vars/workers.yml
|
||||
|
||||
rules:
|
||||
line-length: disable
|
15
CHANGELOG.md
15
CHANGELOG.md
|
@ -1,3 +1,18 @@
|
|||
# 2022-02-01
|
||||
|
||||
## matrix-hookshot bridging support
|
||||
|
||||
Thanks to [HarHarLinks](https://github.com/HarHarLinks), the playbook can now install the [matrix-hookshot](https://github.com/Half-Shot/matrix-hookshot) bridge for bridging Matrix to multiple project management services, such as GitHub, GitLab and JIRA.
|
||||
See our [Setting up matrix-hookshot](docs/configuring-playbook-bridge-hookshot.md) documentation to get started.
|
||||
|
||||
|
||||
# 2022-01-31
|
||||
|
||||
## ARM support for matrix-corporal
|
||||
|
||||
[matrix-corporal](https://github.com/devture/matrix-corporal) (as of version `2.2.3`) is now published to Docker Hub (see [devture/matrix-corporal](https://hub.docker.com/r/devture/matrix-corporal)) as a multi-arch container image with support for all these platforms: `linux/amd64`, `linux/arm64/v8` and `linux/arm/v7`. The playbook no longer resorts to self-building matrix-corporal on these ARM architectures.
|
||||
|
||||
|
||||
# 2022-01-07
|
||||
|
||||
## Dendrite support
|
||||
|
|
|
@ -73,6 +73,8 @@ Using this playbook, you can get the following services configured on your serve
|
|||
|
||||
- (optional) the [matrix-appservice-webhooks](https://github.com/turt2live/matrix-appservice-webhooks) bridge for slack compatible webhooks ([ConcourseCI](https://concourse-ci.org/), [Slack](https://slack.com/) etc. pp.)
|
||||
|
||||
- (optional) the [matrix-hookshot](https://github.com/Half-Shot/matrix-hookshot) bridge for bridging Matrix to generic webhooks and multiple project management services, such as GitHub, GitLab, Figma, and Jira in particular
|
||||
|
||||
- (optional) the [matrix-sms-bridge](https://github.com/benkuly/matrix-sms-bridge) for bridging your Matrix server to SMS - see [docs/configuring-playbook-bridge-matrix-bridge-sms.md](docs/configuring-playbook-bridge-matrix-bridge-sms.md) for setup documentation
|
||||
|
||||
- (optional) the [Heisenbridge](https://github.com/hifi/heisenbridge) for bridging your Matrix server to IRC bouncer-style - see [docs/configuring-playbook-bridge-heisenbridge.md](docs/configuring-playbook-bridge-heisenbridge.md) for setup documentation
|
||||
|
|
|
@ -54,6 +54,6 @@ You can also add the bot to any existing Matrix room (`/invite @bot.matrix-remin
|
|||
|
||||
Basic usage is like this: `!remindme in 2 minutes; This is a test`
|
||||
|
||||
Send `!help commands` to the room to see the bot's help menu for additional commands.
|
||||
Send `!help reminders` to the room to see the bot's help menu for additional commands.
|
||||
|
||||
You can also refer to the upstream [Usage documentation](https://github.com/anoadragon453/matrix-reminder-bot#usage).
|
||||
|
|
|
@ -2,6 +2,8 @@
|
|||
|
||||
The playbook can install and configure [matrix-appservice-webhooks](https://github.com/turt2live/matrix-appservice-webhooks) for you.
|
||||
|
||||
Note: This bridge is no longer maintained. While not a 1:1 replacement, the bridge's author suggests taking a look at [matrix-hookshot](https://github.com/Half-Shot/matrix-hookshot) as a replacement, which can also be installed using [this playbook](configuring-playbook-bridge-hookshot.md).
|
||||
|
||||
This bridge provides support for Slack-compatible webhooks.
|
||||
|
||||
Setup Instructions:
|
||||
|
|
47
docs/configuring-playbook-bridge-hookshot.md
Normal file
47
docs/configuring-playbook-bridge-hookshot.md
Normal file
|
@ -0,0 +1,47 @@
|
|||
# Setting up Hookshot (optional)
|
||||
|
||||
The playbook can install and configure [matrix-hookshot](https://github.com/Half-Shot/matrix-hookshot) for you.
|
||||
|
||||
Hookshot can bridge [Webhooks](https://en.wikipedia.org/wiki/Webhook) from software project management services such as GitHub, GitLab, JIRA, and Figma, as well as generic webhooks.
|
||||
|
||||
See the project's [documentation](https://half-shot.github.io/matrix-hookshot/hookshot.html) to learn what it does in detail and why it might be useful to you.
|
||||
|
||||
Note: the playbook also supports [matrix-appservice-webhooks](configuring-playbook-bridge-appservice-webhooks.md), which however is soon to be archived by its author and to be replaced by hookshot.
|
||||
|
||||
## Setup Instructions
|
||||
|
||||
Refer to the [official instructions](https://half-shot.github.io/matrix-hookshot/setup.html) to learn what the individual options do.
|
||||
|
||||
1. For each of the services (GitHub, GitLab, Jira, Figma, generic webhooks) fill in the respective variables `matrix_hookshot_service_*` listed in [main.yml](/roles/matrix-bridge-hookshot/defaults/main.yml) as required.
|
||||
2. Take special note of the `matrix_hookshot_*_enabled` variables. Services that need no further configuration are enabled by default (GitLab, Generic), while you must first add the required configuration and enable the others (GitHub, Jira, Figma).
|
||||
3. If you're setting up the GitHub bridge, you'll need to generate and download a private key file after you created your GitHub app. Copy the contents of that file to the variable `matrix_hookshot_github_private_key` so the playbook can install it for you, or use one of the [other methods](#manage-github-private-key-with-matrix-aux-role) explained below.
|
||||
4. If you've already installed Matrix services using the playbook before, you'll need to re-run it (`--tags=setup-all,start`). If not, proceed with [configuring other playbook services](configuring-playbook.md) and then with [Installing](installing.md). Get back to this guide once ready. Hookshot can be set up individually using the tag `setup-hookshot`.
|
||||
5. Refer to [Hookshot's official instructions](https://half-shot.github.io/matrix-hookshot/usage.html) to start using the bridge. Note that the different listeners are bound to certain paths (see `matrix_hookshot_matrix_nginx_proxy_configuration` in [init.yml](/roles/matrix-bridge-hookshot/tasks/init.yml)): by default webhooks root is `/hookshot/webhooks/`.
|
||||
|
||||
Other configuration options are available via the `matrix_hookshot_configuration_extension_yaml` and `matrix_hookshot_registration_extension_yaml` variables, see the comments in [main.yml](/roles/matrix-bridge-hookshot/defaults/main.yml) for how to use them.
|
||||
|
||||
### Manage GitHub Private Key with matrix-aux role
|
||||
|
||||
The GitHub bridge requires you to install a private key file. This can be done in multiple ways:
|
||||
- copy the *contents* of the downloaded file and set the variable `matrix_hookshot_github_private_key` to the contents (see example in [main.yml](/roles/matrix-bridge-hookshot/defaults/main.yml)).
|
||||
- somehow copy the file to the path `{{ matrix_hookshot_base_path }}/{{ matrix_hookshot_github_private_key_file }}` (default: `/matrix/hookshot/private-key.pem`) on the server manually.
|
||||
- use the `matrix-aux` role to copy the file from an arbitrary path on your ansible client to the correct path on the server.
|
||||
|
||||
To use `matrix-aux`, make sure the `matrix_hookshot_github_private_key` variable is empty. Then add to `matrix-aux` configuration like this:
|
||||
```yaml
|
||||
matrix_aux_file_definitions:
|
||||
- dest: "{{ matrix_hookshot_base_path }}/{{ matrix_hookshot_github_private_key_file }}"
|
||||
content: "{{ lookup('file', '/path/to/your-github-private-key.pem') }}"
|
||||
mode: '0400'
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
```
|
||||
For more info see the documentation in the [matrix-aux base configuration file](/roles/matrix-aux/defaults/main.yml).
|
||||
|
||||
### Provisioning API
|
||||
|
||||
The provisioning API will be enabled automatically if you set `matrix_dimension_enabled: true` and provided a `matrix_hookshot_provisioning_secret`, unless you override it either way. To use hookshot with dimension, you will need to enter as "Provisioning URL": `http://matrix-hookshot:9002`, which is made up of the variables `matrix_hookshot_container_url` and `matrix_hookshot_provisioning_port`.
|
||||
|
||||
### Metrics
|
||||
|
||||
If metrics are enabled, they will be automatically available in the builtin Prometheus and Grafana, but you need to set up your own Dashboard for now. If additionally metrics proxying for use with external Prometheus is enabled (`matrix_nginx_proxy_proxy_synapse_metrics`), hookshot metrics will also be available (at `matrix_hookshot_metrics_endpoint`, default `/hookshot/metrics`, on the stats subdomain) and with the same password. See also [the Prometheus and Grafana docs](../configuring-playbook-prometheus-grafana.md).
|
|
@ -117,6 +117,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins
|
|||
|
||||
- [Setting up Appservice Webhooks bridging](configuring-playbook-bridge-appservice-webhooks.md) (optional)
|
||||
|
||||
- [Setting up matrix-hookshot](configuring-playbook-bridge-hookshot.md) - a bridge between Matrix and multiple project management services, such as [GitHub](https://github.com), [GitLab](https://about.gitlab.com) and [JIRA](https://www.atlassian.com/software/jira). (optional)
|
||||
|
||||
- [Setting up MX Puppet Skype bridging](configuring-playbook-bridge-mx-puppet-skype.md) (optional)
|
||||
|
||||
- [Setting up MX Puppet Slack bridging](configuring-playbook-bridge-mx-puppet-slack.md) (optional)
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
version: '3'
|
||||
services:
|
||||
nginx:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
# The bare domain name which represents your Matrix identity.
|
||||
# Matrix user ids for your server will be of the form (`@user:<matrix-domain>`).
|
||||
#
|
||||
|
|
|
@ -662,6 +662,45 @@ matrix_heisenbridge_systemd_wanted_services_list: |
|
|||
#
|
||||
######################################################################
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-bridge-hookshot
|
||||
#
|
||||
######################################################################
|
||||
|
||||
# We don't enable bridges by default.
|
||||
matrix_hookshot_enabled: false
|
||||
|
||||
matrix_hookshot_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'hookshot.as.tok') | to_uuid }}"
|
||||
|
||||
matrix_hookshot_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'hookshot.hs.tok') | to_uuid }}"
|
||||
|
||||
matrix_hookshot_systemd_wanted_services_list: |
|
||||
{{
|
||||
(['matrix-' + matrix_homeserver_implementation + '.service'])
|
||||
+
|
||||
(['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else [])
|
||||
}}
|
||||
|
||||
matrix_hookshot_container_http_host_bind_ports_defaultmapping:
|
||||
- "127.0.0.1:{{ matrix_hookshot_appservice_port }}:{{ matrix_hookshot_appservice_port }}"
|
||||
- "127.0.0.1:{{ matrix_hookshot_metrics_port }}:{{ matrix_hookshot_metrics_port }}"
|
||||
- "127.0.0.1:{{ matrix_hookshot_webhook_port }}:{{ matrix_hookshot_webhook_port }}"
|
||||
- "127.0.0.1:{{ matrix_hookshot_provisioning_port }}:{{ matrix_hookshot_provisioning_port }}"
|
||||
|
||||
matrix_hookshot_container_http_host_bind_ports: "{{ [] if matrix_nginx_proxy_enabled else matrix_hookshot_container_http_host_bind_ports_defaultmapping }}"
|
||||
|
||||
matrix_hookshot_provisioning_enabled: "{{ matrix_hookshot_provisioning_secret and matrix_dimension_enabled }}"
|
||||
|
||||
matrix_hookshot_proxy_metrics: "{{ matrix_nginx_proxy_proxy_synapse_metrics }}"
|
||||
matrix_hookshot_proxy_metrics_basic_auth_enabled: "{{ matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_enabled }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# /matrix-bridge-hookshot
|
||||
#
|
||||
######################################################################
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-bridge-mx-puppet-skype
|
||||
|
@ -1089,8 +1128,6 @@ matrix_corporal_matrix_registration_shared_secret: "{{ matrix_synapse_registrati
|
|||
#
|
||||
######################################################################
|
||||
|
||||
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-coturn
|
||||
|
@ -1125,8 +1162,6 @@ matrix_coturn_container_additional_volumes: |
|
|||
#
|
||||
######################################################################
|
||||
|
||||
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-dimension
|
||||
|
@ -1204,8 +1239,6 @@ matrix_dynamic_dns_enabled: false
|
|||
#
|
||||
######################################################################
|
||||
|
||||
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-email2matrix
|
||||
|
@ -1214,7 +1247,7 @@ matrix_dynamic_dns_enabled: false
|
|||
|
||||
matrix_email2matrix_enabled: false
|
||||
|
||||
matrix_email2matrix_container_image_self_build: "{{ matrix_architecture != 'amd64' }}"
|
||||
matrix_email2matrix_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm32', 'arm64'] }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
|
@ -1222,8 +1255,6 @@ matrix_email2matrix_container_image_self_build: "{{ matrix_architecture != 'amd6
|
|||
#
|
||||
######################################################################
|
||||
|
||||
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-jitsi
|
||||
|
@ -1268,8 +1299,6 @@ matrix_jitsi_etherpad_base: "{{ matrix_etherpad_base_url if matrix_etherpad_enab
|
|||
#
|
||||
######################################################################
|
||||
|
||||
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-mailer
|
||||
|
@ -1281,7 +1310,7 @@ matrix_jitsi_etherpad_base: "{{ matrix_etherpad_base_url if matrix_etherpad_enab
|
|||
# Other services (like ma1sd), also use the mailer.
|
||||
matrix_mailer_enabled: true
|
||||
|
||||
matrix_mailer_container_image_self_build: "{{ matrix_architecture != 'amd64'}}"
|
||||
matrix_mailer_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm32', 'arm64'] }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
|
@ -1289,8 +1318,6 @@ matrix_mailer_container_image_self_build: "{{ matrix_architecture != 'amd64'}}"
|
|||
#
|
||||
######################################################################
|
||||
|
||||
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-ma1sd
|
||||
|
@ -1354,8 +1381,6 @@ matrix_ma1sd_database_password: "{{ '%s' | format(matrix_homeserver_generic_secr
|
|||
#
|
||||
######################################################################
|
||||
|
||||
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-nginx-proxy
|
||||
|
@ -1484,6 +1509,8 @@ matrix_nginx_proxy_systemd_wanted_services_list: |
|
|||
(['matrix-bot-go-neb.service'] if matrix_bot_go_neb_enabled else [])
|
||||
+
|
||||
(['matrix-etherpad.service'] if matrix_etherpad_enabled and matrix_dimension_enabled else [])
|
||||
+
|
||||
(['matrix-hookshot.service'] if matrix_hookshot_enabled else [])
|
||||
}}
|
||||
|
||||
matrix_ssl_domains_to_obtain_certificates_for: |
|
||||
|
@ -1529,8 +1556,6 @@ matrix_ssl_pre_obtaining_required_service_name: "{{ 'matrix-dynamic-dns' if matr
|
|||
#
|
||||
######################################################################
|
||||
|
||||
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-postgres
|
||||
|
@ -1779,8 +1804,6 @@ matrix_postgres_import_databases_to_ignore: |
|
|||
#
|
||||
######################################################################
|
||||
|
||||
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-sygnal
|
||||
|
@ -1801,8 +1824,6 @@ matrix_sygnal_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_enable
|
|||
#
|
||||
######################################################################
|
||||
|
||||
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-redis
|
||||
|
@ -1817,8 +1838,6 @@ matrix_redis_enabled: "{{ matrix_synapse_workers_enabled }}"
|
|||
#
|
||||
######################################################################
|
||||
|
||||
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-client-element
|
||||
|
@ -1866,8 +1885,6 @@ matrix_client_element_jitsi_preferredDomain: "{{ matrix_server_fqn_jitsi if matr
|
|||
#
|
||||
######################################################################
|
||||
|
||||
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-client-hydrogen
|
||||
|
@ -1891,8 +1908,6 @@ matrix_client_hydrogen_self_check_validate_certificates: "{{ false if matrix_ssl
|
|||
#
|
||||
######################################################################
|
||||
|
||||
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-client-cinny
|
||||
|
@ -1918,8 +1933,6 @@ matrix_client_cinny_self_check_validate_certificates: "{{ false if matrix_ssl_re
|
|||
#
|
||||
######################################################################
|
||||
|
||||
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-synapse
|
||||
|
@ -2030,8 +2043,6 @@ matrix_synapse_redis_password: "{{ matrix_redis_connection_password if matrix_re
|
|||
#
|
||||
######################################################################
|
||||
|
||||
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-synapse-admin
|
||||
|
@ -2053,8 +2064,6 @@ matrix_synapse_admin_container_image_self_build: "{{ matrix_architecture != 'amd
|
|||
#
|
||||
######################################################################
|
||||
|
||||
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-prometheus-node-exporter
|
||||
|
@ -2069,8 +2078,6 @@ matrix_prometheus_node_exporter_enabled: false
|
|||
#
|
||||
######################################################################
|
||||
|
||||
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-prometheus
|
||||
|
@ -2095,6 +2102,8 @@ matrix_prometheus_scraper_node_targets: "{{ ['matrix-prometheus-node-exporter:91
|
|||
matrix_prometheus_scraper_postgres_enabled: "{{ matrix_prometheus_postgres_exporter_enabled }}"
|
||||
matrix_prometheus_scraper_postgres_targets: "{{ ['matrix-prometheus-postgres-exporter:'+ matrix_prometheus_postgres_exporter_port|string] if matrix_prometheus_scraper_postgres_enabled else [] }}"
|
||||
|
||||
matrix_prometheus_scraper_hookshot_enabled: "{{ matrix_hookshot_metrics_enabled }}"
|
||||
matrix_prometheus_scraper_hookshot_targets: "{{ [matrix_hookshot_container_url|string +':'+ matrix_hookshot_metrics_port|string] if matrix_hookshot_metrics_enabled else [] }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
|
@ -2102,7 +2111,6 @@ matrix_prometheus_scraper_postgres_targets: "{{ ['matrix-prometheus-postgres-exp
|
|||
#
|
||||
######################################################################
|
||||
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-prometheus-postgres-exporter
|
||||
|
@ -2158,8 +2166,6 @@ matrix_grafana_systemd_wanted_services_list: |
|
|||
#
|
||||
######################################################################
|
||||
|
||||
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-registration
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
---
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup.yml"
|
||||
when: run_stop|bool
|
||||
tags:
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
---
|
||||
|
||||
matrix_awx_enabled: true
|
||||
|
||||
# Defaults for 'Customise Website + Access Export' template
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
|
||||
- name: Record Backup Server variables locally on AWX
|
||||
delegate_to: 127.0.0.1
|
||||
|
@ -38,18 +39,18 @@
|
|||
credential: "{{ member_id }} - AWX SSH Key"
|
||||
survey_enabled: true
|
||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/backup_server.json') }}"
|
||||
become_enabled: yes
|
||||
become_enabled: true
|
||||
state: present
|
||||
verbosity: 1
|
||||
tower_host: "https://{{ awx_host }}"
|
||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||
validate_certs: yes
|
||||
validate_certs: true
|
||||
tags: use-survey
|
||||
|
||||
- name: Include vars in matrix_vars.yml
|
||||
include_vars:
|
||||
file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
|
||||
no_log: True
|
||||
no_log: true
|
||||
|
||||
- name: Copy new 'matrix_vars.yml' to target machine
|
||||
copy:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
|
||||
- name: Record Bridge Discord AppService variables locally on AWX
|
||||
delegate_to: 127.0.0.1
|
||||
|
@ -33,7 +34,7 @@
|
|||
- name: Copy new 'Bridge Discord Appservice' survey.json to target machine
|
||||
copy:
|
||||
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/bridge_discord_appservice.json'
|
||||
dest: '/matrix/awx/bridge_discord_appservice.json'
|
||||
dest: '/matrix/awx/bridge_discord_appservice.json'
|
||||
mode: '0660'
|
||||
|
||||
- name: Recreate 'Bridge Discord Appservice' job template
|
||||
|
@ -54,4 +55,4 @@
|
|||
verbosity: 1
|
||||
tower_host: "https://{{ awx_host }}"
|
||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||
validate_certs: yes
|
||||
validate_certs: true
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
|
||||
- name: Collect current datetime
|
||||
set_fact:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
|
||||
- name: Create a AWX session token for executing modules
|
||||
awx.awx.tower_token:
|
||||
|
@ -7,4 +8,4 @@
|
|||
tower_host: "https://{{ awx_host }}"
|
||||
tower_oauthtoken: "{{ awx_master_token }}"
|
||||
register: awx_session_token
|
||||
no_log: True
|
||||
no_log: true
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
#
|
||||
# Create user and define if they are admin
|
||||
#
|
||||
|
|
|
@ -48,7 +48,7 @@
|
|||
- name: Reload vars in matrix_vars.yml
|
||||
include_vars:
|
||||
file: '{{ awx_cached_matrix_vars }}'
|
||||
no_log: True
|
||||
no_log: true
|
||||
|
||||
- name: Save new 'Customise Website + Access Export' survey.json to the AWX tower, template
|
||||
delegate_to: 127.0.0.1
|
||||
|
@ -60,7 +60,7 @@
|
|||
- name: Copy new 'Customise Website + Access Export' survey.json to target machine
|
||||
copy:
|
||||
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_website_access_export.json'
|
||||
dest: '/matrix/awx/configure_website_access_export.json'
|
||||
dest: '/matrix/awx/configure_website_access_export.json'
|
||||
mode: '0660'
|
||||
when: awx_customise_base_domain_website is defined
|
||||
|
||||
|
@ -74,7 +74,7 @@
|
|||
- name: Copy new 'Customise Website + Access Export' survey.json to target machine
|
||||
copy:
|
||||
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/access_export.json'
|
||||
dest: '/matrix/awx/access_export.json'
|
||||
dest: '/matrix/awx/access_export.json'
|
||||
mode: '0660'
|
||||
when: awx_customise_base_domain_website is undefined
|
||||
|
||||
|
@ -92,12 +92,12 @@
|
|||
credential: "{{ member_id }} - AWX SSH Key"
|
||||
survey_enabled: true
|
||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_website_access_export.json') }}"
|
||||
become_enabled: yes
|
||||
become_enabled: true
|
||||
state: present
|
||||
verbosity: 1
|
||||
tower_host: "https://{{ awx_host }}"
|
||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||
validate_certs: yes
|
||||
validate_certs: true
|
||||
when: awx_customise_base_domain_website is defined
|
||||
|
||||
- name: Recreate 'Access Export' job template
|
||||
|
@ -114,12 +114,12 @@
|
|||
credential: "{{ member_id }} - AWX SSH Key"
|
||||
survey_enabled: true
|
||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/access_export.json') }}"
|
||||
become_enabled: yes
|
||||
become_enabled: true
|
||||
state: present
|
||||
verbosity: 1
|
||||
tower_host: "https://{{ awx_host }}"
|
||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||
validate_certs: yes
|
||||
validate_certs: true
|
||||
when: awx_customise_base_domain_website is undefined
|
||||
|
||||
- name: If user doesn't define a awx_sftp_password, create a disabled 'sftp' account
|
||||
|
@ -153,7 +153,7 @@
|
|||
user:
|
||||
name: sftp
|
||||
groups: sftp
|
||||
append: yes
|
||||
append: true
|
||||
when: awx_customise_base_domain_website is defined
|
||||
|
||||
- name: Create the ro /chroot directory with sticky bit if it doesn't exist. (/chroot/website has matrix:matrix permissions and is mounted to nginx container)
|
||||
|
|
|
@ -23,7 +23,7 @@
|
|||
command: rm /chroot/export/matrix*
|
||||
count: 1
|
||||
units: days
|
||||
unique: yes
|
||||
unique: true
|
||||
|
||||
- name: Delete the AWX session token for executing modules
|
||||
awx.awx.tower_token:
|
||||
|
|
|
@ -3,14 +3,14 @@
|
|||
- name: Include vars in organisation.yml
|
||||
include_vars:
|
||||
file: '/var/lib/awx/projects/clients/{{ member_id }}/organisation.yml'
|
||||
no_log: True
|
||||
no_log: true
|
||||
|
||||
- name: Include vars in hosting_vars.yml
|
||||
include_vars:
|
||||
file: '/var/lib/awx/projects/hosting/hosting_vars.yml'
|
||||
no_log: True
|
||||
no_log: true
|
||||
|
||||
- name: Include AWX master token from awx_tokens.yml
|
||||
include_vars:
|
||||
file: /var/lib/awx/projects/hosting/awx_tokens.yml
|
||||
no_log: True
|
||||
no_log: true
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
- name: Include new vars in matrix_vars.yml
|
||||
include_vars:
|
||||
file: '{{ awx_cached_matrix_vars }}'
|
||||
no_log: True
|
||||
no_log: true
|
||||
|
||||
- name: If include_vars succeeds overwrite the old matrix_vars.yml
|
||||
delegate_to: 127.0.0.1
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
|
||||
---
|
||||
# Load initial hosting and organisation variables from AWX volume
|
||||
- include_tasks:
|
||||
file: "load_hosting_and_org_variables.yml"
|
||||
|
|
|
@ -9,20 +9,20 @@
|
|||
- name: Include vars in matrix_vars.yml
|
||||
include_vars:
|
||||
file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
|
||||
no_log: True
|
||||
no_log: true
|
||||
|
||||
- name: Ensure curl and jq intalled on target machine
|
||||
apt:
|
||||
pkg:
|
||||
- curl
|
||||
- jq
|
||||
- curl
|
||||
- jq
|
||||
state: present
|
||||
|
||||
- name: Collect before shrink size of Synapse database
|
||||
shell: du -sh /matrix/postgres/data
|
||||
register: awx_db_size_before_stat
|
||||
when: (awx_purge_mode.find("Perform final shrink") != -1)
|
||||
no_log: True
|
||||
no_log: true
|
||||
|
||||
- name: Collect the internal IP of the matrix-synapse container
|
||||
shell: "/usr/bin/docker inspect --format '{''{range.NetworkSettings.Networks}''}{''{.IPAddress}''}{''{end}''}' matrix-synapse"
|
||||
|
@ -34,7 +34,7 @@
|
|||
curl -X POST -d '{"type":"m.login.password", "user":"admin-janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_matrix/client/r0/login" | jq '.access_token'
|
||||
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
|
||||
register: awx_janitors_token
|
||||
no_log: True
|
||||
no_log: true
|
||||
|
||||
- name: Copy build_room_list.py script to target machine
|
||||
copy:
|
||||
|
@ -55,7 +55,7 @@
|
|||
fetch:
|
||||
src: /tmp/room_list_complete.json
|
||||
dest: "/tmp/{{ subscription_id }}_room_list_complete.json"
|
||||
flat: yes
|
||||
flat: true
|
||||
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
|
||||
|
||||
- name: Remove complete room list from target machine
|
||||
|
@ -80,7 +80,7 @@
|
|||
- name: Setting host fact awx_room_list_no_local_users
|
||||
set_fact:
|
||||
awx_room_list_no_local_users: "{{ lookup('file', '/tmp/{{ subscription_id }}_room_list_no_local_users.txt') }}"
|
||||
no_log: True
|
||||
no_log: true
|
||||
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
|
||||
|
||||
- name: Purge all rooms with no local users
|
||||
|
@ -113,7 +113,7 @@
|
|||
set_fact:
|
||||
awx_room_list_joined_members: "{{ lookup('file', '/tmp/{{ subscription_id }}_room_list_joined_members.txt') }}"
|
||||
when: awx_purge_mode.find("Number of users [slower]") != -1
|
||||
no_log: True
|
||||
no_log: true
|
||||
|
||||
- name: Purge all rooms with more then N users
|
||||
include_tasks: purge_database_users.yml
|
||||
|
@ -138,7 +138,7 @@
|
|||
set_fact:
|
||||
awx_room_list_state_events: "{{ lookup('file', '/tmp/{{ subscription_id }}_room_list_state_events.txt') }}"
|
||||
when: awx_purge_mode.find("Number of events [slower]") != -1
|
||||
no_log: True
|
||||
no_log: true
|
||||
|
||||
- name: Purge all rooms with more then N events
|
||||
include_tasks: purge_database_events.yml
|
||||
|
@ -161,17 +161,17 @@
|
|||
verbosity: 1
|
||||
tower_host: "https://{{ awx_host }}"
|
||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||
validate_certs: yes
|
||||
validate_certs: true
|
||||
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1)
|
||||
|
||||
- name: Execute rust-synapse-compress-state job template
|
||||
delegate_to: 127.0.0.1
|
||||
awx.awx.tower_job_launch:
|
||||
job_template: "{{ matrix_domain }} - 0 - Deploy/Update a Server"
|
||||
wait: yes
|
||||
wait: true
|
||||
tower_host: "https://{{ awx_host }}"
|
||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||
validate_certs: yes
|
||||
validate_certs: true
|
||||
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1)
|
||||
|
||||
- name: Revert 'Deploy/Update a Server' job template
|
||||
|
@ -190,14 +190,14 @@
|
|||
verbosity: 1
|
||||
tower_host: "https://{{ awx_host }}"
|
||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||
validate_certs: yes
|
||||
validate_certs: true
|
||||
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1)
|
||||
|
||||
- name: Ensure matrix-synapse is stopped
|
||||
service:
|
||||
name: matrix-synapse
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
daemon_reload: true
|
||||
when: (awx_purge_mode.find("Perform final shrink") != -1)
|
||||
|
||||
- name: Re-index Synapse database
|
||||
|
@ -208,7 +208,7 @@
|
|||
service:
|
||||
name: matrix-synapse
|
||||
state: started
|
||||
daemon_reload: yes
|
||||
daemon_reload: true
|
||||
when: (awx_purge_mode.find("Perform final shrink") != -1)
|
||||
|
||||
- name: Adjust 'Deploy/Update a Server' job template
|
||||
|
@ -227,17 +227,17 @@
|
|||
verbosity: 1
|
||||
tower_host: "https://{{ awx_host }}"
|
||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||
validate_certs: yes
|
||||
validate_certs: true
|
||||
when: (awx_purge_mode.find("Perform final shrink") != -1)
|
||||
|
||||
- name: Execute run-postgres-vacuum job template
|
||||
delegate_to: 127.0.0.1
|
||||
awx.awx.tower_job_launch:
|
||||
job_template: "{{ matrix_domain }} - 0 - Deploy/Update a Server"
|
||||
wait: yes
|
||||
wait: true
|
||||
tower_host: "https://{{ awx_host }}"
|
||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||
validate_certs: yes
|
||||
validate_certs: true
|
||||
when: (awx_purge_mode.find("Perform final shrink") != -1)
|
||||
|
||||
- name: Revert 'Deploy/Update a Server' job template
|
||||
|
@ -256,7 +256,7 @@
|
|||
verbosity: 1
|
||||
tower_host: "https://{{ awx_host }}"
|
||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||
validate_certs: yes
|
||||
validate_certs: true
|
||||
when: (awx_purge_mode.find("Perform final shrink") != -1)
|
||||
|
||||
- name: Cleanup room_list files
|
||||
|
@ -264,13 +264,13 @@
|
|||
shell: |
|
||||
rm /tmp/{{ subscription_id }}_room_list*
|
||||
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
|
||||
ignore_errors: yes
|
||||
ignore_errors: true
|
||||
|
||||
- name: Collect after shrink size of Synapse database
|
||||
shell: du -sh /matrix/postgres/data
|
||||
register: awx_db_size_after_stat
|
||||
when: (awx_purge_mode.find("Perform final shrink") != -1)
|
||||
no_log: True
|
||||
no_log: true
|
||||
|
||||
- name: Print total number of rooms processed
|
||||
debug:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
|
||||
- name: Ensure dateutils is installed in AWX
|
||||
delegate_to: 127.0.0.1
|
||||
|
@ -8,13 +9,13 @@
|
|||
- name: Include vars in matrix_vars.yml
|
||||
include_vars:
|
||||
file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
|
||||
no_log: True
|
||||
no_log: true
|
||||
|
||||
- name: Ensure curl and jq intalled on target machine
|
||||
apt:
|
||||
pkg:
|
||||
- curl
|
||||
- jq
|
||||
- curl
|
||||
- jq
|
||||
state: present
|
||||
|
||||
- name: Collect the internal IP of the matrix-synapse container
|
||||
|
@ -25,7 +26,7 @@
|
|||
shell: |
|
||||
curl -XPOST -d '{"type":"m.login.password", "user":"admin-janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_matrix/client/r0/login" | jq '.access_token'
|
||||
register: awx_janitors_token
|
||||
no_log: True
|
||||
no_log: true
|
||||
|
||||
- name: Generate list of dates to purge to
|
||||
delegate_to: 127.0.0.1
|
||||
|
@ -37,16 +38,16 @@
|
|||
register: awx_local_media_size_before
|
||||
when: awx_purge_media_type == "Local Media"
|
||||
async: 600
|
||||
ignore_errors: yes
|
||||
no_log: True
|
||||
ignore_errors: true
|
||||
no_log: true
|
||||
|
||||
- name: Calculate initial size of remote media repository
|
||||
shell: du -sh /matrix/synapse/storage/media-store/remote*
|
||||
register: awx_remote_media_size_before
|
||||
when: awx_purge_media_type == "Remote Media"
|
||||
async: 600
|
||||
ignore_errors: yes
|
||||
no_log: True
|
||||
ignore_errors: true
|
||||
no_log: true
|
||||
|
||||
- name: Purge local media with loop
|
||||
include_tasks: purge_media_local.yml
|
||||
|
@ -62,15 +63,15 @@
|
|||
shell: du -sh /matrix/synapse/storage/media-store/local*
|
||||
register: awx_local_media_size_after
|
||||
when: awx_purge_media_type == "Local Media"
|
||||
ignore_errors: yes
|
||||
no_log: True
|
||||
ignore_errors: true
|
||||
no_log: true
|
||||
|
||||
- name: Calculate final size of remote media repository
|
||||
shell: du -sh /matrix/synapse/storage/media-store/remote*
|
||||
register: awx_remote_media_size_after
|
||||
when: awx_purge_media_type == "Remote Media"
|
||||
ignore_errors: yes
|
||||
no_log: True
|
||||
ignore_errors: true
|
||||
no_log: true
|
||||
|
||||
- name: Print size of local media repository before purge
|
||||
debug:
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
authorized_key:
|
||||
user: root
|
||||
state: present
|
||||
exclusive: yes
|
||||
exclusive: true
|
||||
key: "{{ lookup('file', '/var/lib/awx/projects/hosting/client_public.key') }}"
|
||||
|
||||
- name: Delete the AWX session token for executing modules
|
||||
|
|
|
@ -25,47 +25,47 @@
|
|||
shell: |
|
||||
curl -s localhost:9000 | grep "^synapse_admin_mau_current "
|
||||
register: awx_mau_stat
|
||||
no_log: True
|
||||
no_log: true
|
||||
|
||||
- name: Calculate CPU usage statistics
|
||||
shell: iostat -c
|
||||
register: awx_cpu_usage_stat
|
||||
no_log: True
|
||||
no_log: true
|
||||
|
||||
- name: Calculate RAM usage statistics
|
||||
shell: free -mh
|
||||
register: awx_ram_usage_stat
|
||||
no_log: True
|
||||
no_log: true
|
||||
|
||||
- name: Calculate free disk space
|
||||
shell: df -h
|
||||
register: awx_disk_space_stat
|
||||
no_log: True
|
||||
no_log: true
|
||||
|
||||
- name: Calculate size of Synapse database
|
||||
shell: du -sh /matrix/postgres/data
|
||||
register: awx_db_size_stat
|
||||
no_log: True
|
||||
no_log: true
|
||||
|
||||
- name: Calculate size of local media repository
|
||||
shell: du -sh /matrix/synapse/storage/media-store/local*
|
||||
register: awx_local_media_size_stat
|
||||
async: 600
|
||||
ignore_errors: yes
|
||||
no_log: True
|
||||
ignore_errors: true
|
||||
no_log: true
|
||||
|
||||
- name: Calculate size of remote media repository
|
||||
shell: du -sh /matrix/synapse/storage/media-store/remote*
|
||||
register: awx_remote_media_size_stat
|
||||
async: 600
|
||||
ignore_errors: yes
|
||||
no_log: True
|
||||
ignore_errors: true
|
||||
no_log: true
|
||||
|
||||
- name: Calculate docker container statistics
|
||||
shell: docker stats --all --no-stream
|
||||
register: awx_docker_stats
|
||||
ignore_errors: yes
|
||||
no_log: True
|
||||
ignore_errors: true
|
||||
no_log: true
|
||||
|
||||
- name: Print size of remote media repository
|
||||
debug:
|
||||
|
|
|
@ -235,9 +235,9 @@
|
|||
credential: "{{ member_id }} - AWX SSH Key"
|
||||
survey_enabled: true
|
||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_corporal.json') }}"
|
||||
become_enabled: yes
|
||||
become_enabled: true
|
||||
state: present
|
||||
verbosity: 1
|
||||
tower_host: "https://{{ awx_host }}"
|
||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||
validate_certs: yes
|
||||
validate_certs: true
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
- name: Include vars in matrix_vars.yml
|
||||
include_vars:
|
||||
file: '{{ awx_cached_matrix_vars }}'
|
||||
no_log: True
|
||||
no_log: true
|
||||
|
||||
- name: Install jq and curl on remote machine
|
||||
apt:
|
||||
|
@ -14,7 +14,7 @@
|
|||
|
||||
- name: Collect access token of @admin-dimension user
|
||||
shell: |
|
||||
curl -X POST --header 'Content-Type: application/json' -d '{ "identifier": { "type": "m.id.user","user": "admin-dimension" }, "password": "{{ awx_dimension_user_password }}", "type": "m.login.password"}' 'https://matrix.{{ matrix_domain }}/_matrix/client/r0/login' | jq -c '. | {access_token}' | sed 's/.*\":\"//' | sed 's/\"}//'
|
||||
curl -X POST --header 'Content-Type: application/json' -d '{"identifier": {"type": "m.id.user","user": "admin-dimension"}, "password": "{{ awx_dimension_user_password }}", "type": "m.login.password"}' 'https://matrix.{{ matrix_domain }}/_matrix/client/r0/login' | jq -c '. | {access_token}' | sed 's/.*\":\"//' | sed 's/\"}//'
|
||||
register: awx_dimension_user_access_token
|
||||
|
||||
- name: Record Synapse variables locally on AWX
|
||||
|
@ -80,7 +80,7 @@
|
|||
- name: Copy new 'Configure Dimension' survey.json to target machine
|
||||
copy:
|
||||
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_dimension.json'
|
||||
dest: '/matrix/awx/configure_dimension.json'
|
||||
dest: '/matrix/awx/configure_dimension.json'
|
||||
mode: '0660'
|
||||
|
||||
- name: Recreate 'Configure Dimension' job template
|
||||
|
@ -97,9 +97,9 @@
|
|||
credential: "{{ member_id }} - AWX SSH Key"
|
||||
survey_enabled: true
|
||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_dimension.json') }}"
|
||||
become_enabled: yes
|
||||
become_enabled: true
|
||||
state: present
|
||||
verbosity: 1
|
||||
tower_host: "https://{{ awx_host }}"
|
||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||
validate_certs: yes
|
||||
validate_certs: true
|
||||
|
|
|
@ -172,9 +172,9 @@
|
|||
credential: "{{ member_id }} - AWX SSH Key"
|
||||
survey_enabled: true
|
||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_element.json') }}"
|
||||
become_enabled: yes
|
||||
become_enabled: true
|
||||
state: present
|
||||
verbosity: 1
|
||||
tower_host: "https://{{ awx_host }}"
|
||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||
validate_certs: yes
|
||||
validate_certs: true
|
||||
|
|
|
@ -40,4 +40,4 @@
|
|||
verbosity: 1
|
||||
tower_host: "https://{{ awx_host }}"
|
||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||
validate_certs: yes
|
||||
validate_certs: true
|
||||
|
|
|
@ -20,7 +20,7 @@
|
|||
- name: Copy new 'Configure Jitsi' survey.json to target machine
|
||||
copy:
|
||||
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_jitsi.json'
|
||||
dest: '/matrix/awx/configure_jitsi.json'
|
||||
dest: '/matrix/awx/configure_jitsi.json'
|
||||
mode: '0660'
|
||||
|
||||
- name: Recreate 'Configure Jitsi' job template
|
||||
|
@ -37,9 +37,9 @@
|
|||
credential: "{{ member_id }} - AWX SSH Key"
|
||||
survey_enabled: true
|
||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_jitsi.json') }}"
|
||||
become_enabled: yes
|
||||
become_enabled: true
|
||||
state: present
|
||||
verbosity: 1
|
||||
tower_host: "https://{{ awx_host }}"
|
||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||
validate_certs: yes
|
||||
validate_certs: true
|
||||
|
|
|
@ -66,7 +66,7 @@
|
|||
with_dict:
|
||||
'awx_matrix_ma1sd_auth_store': '{{ awx_matrix_ma1sd_auth_store }}'
|
||||
'awx_matrix_ma1sd_configuration_extension_yaml': '{{ awx_matrix_ma1sd_configuration_extension_yaml.splitlines() | to_json }}'
|
||||
no_log: True
|
||||
no_log: true
|
||||
|
||||
- name: Save new 'Configure ma1sd' survey.json to the AWX tower, template
|
||||
delegate_to: 127.0.0.1
|
||||
|
@ -77,7 +77,7 @@
|
|||
- name: Copy new 'Configure ma1sd' survey.json to target machine
|
||||
copy:
|
||||
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_ma1sd.json'
|
||||
dest: '/matrix/awx/configure_ma1sd.json'
|
||||
dest: '/matrix/awx/configure_ma1sd.json'
|
||||
mode: '0660'
|
||||
|
||||
- name: Recreate 'Configure ma1sd (Advanced)' job template
|
||||
|
@ -94,10 +94,9 @@
|
|||
credential: "{{ member_id }} - AWX SSH Key"
|
||||
survey_enabled: true
|
||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_ma1sd.json') }}"
|
||||
become_enabled: yes
|
||||
become_enabled: true
|
||||
state: present
|
||||
verbosity: 1
|
||||
tower_host: "https://{{ awx_host }}"
|
||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||
validate_certs: yes
|
||||
|
||||
validate_certs: true
|
||||
|
|
|
@ -36,9 +36,9 @@
|
|||
credential: "{{ member_id }} - AWX SSH Key"
|
||||
survey_enabled: true
|
||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_email_relay.json') }}"
|
||||
become_enabled: yes
|
||||
become_enabled: true
|
||||
state: present
|
||||
verbosity: 1
|
||||
tower_host: "https://{{ awx_host }}"
|
||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||
validate_certs: yes
|
||||
validate_certs: true
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
|
||||
- name: Limit max upload size to 200MB part 1
|
||||
set_fact:
|
||||
|
@ -197,7 +198,7 @@
|
|||
- name: Copy new 'Configure Synapse' survey.json to target machine
|
||||
copy:
|
||||
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse.json'
|
||||
dest: '/matrix/awx/configure_synapse.json'
|
||||
dest: '/matrix/awx/configure_synapse.json'
|
||||
mode: '0660'
|
||||
|
||||
- name: Recreate 'Configure Synapse' job template
|
||||
|
@ -214,9 +215,9 @@
|
|||
credential: "{{ member_id }} - AWX SSH Key"
|
||||
survey_enabled: true
|
||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse.json') }}"
|
||||
become_enabled: yes
|
||||
become_enabled: true
|
||||
state: present
|
||||
verbosity: 1
|
||||
tower_host: "https://{{ awx_host }}"
|
||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||
validate_certs: yes
|
||||
validate_certs: true
|
||||
|
|
|
@ -19,7 +19,7 @@
|
|||
- name: Copy new 'Configure Synapse Admin' survey.json to target machine
|
||||
copy:
|
||||
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse_admin.json'
|
||||
dest: '/matrix/awx/configure_synapse_admin.json'
|
||||
dest: '/matrix/awx/configure_synapse_admin.json'
|
||||
mode: '0660'
|
||||
|
||||
- name: Recreate 'Configure Synapse Admin' job template
|
||||
|
@ -36,9 +36,9 @@
|
|||
credential: "{{ member_id }} - AWX SSH Key"
|
||||
survey_enabled: true
|
||||
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse_admin.json') }}"
|
||||
become_enabled: yes
|
||||
become_enabled: true
|
||||
state: present
|
||||
verbosity: 1
|
||||
tower_host: "https://{{ awx_host }}"
|
||||
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
|
||||
validate_certs: yes
|
||||
validate_certs: true
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
command: |
|
||||
openssl rand -hex 16
|
||||
register: generic_secret
|
||||
no_log: True
|
||||
no_log: true
|
||||
when: ( matrix_homeserver_generic_secret_key is undefined ) or ( matrix_homeserver_generic_secret_key | length == 0 )
|
||||
|
||||
- name: Add new matrix_homeserver_generic_secret_key variable
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
# The bare domain name which represents your Matrix identity.
|
||||
# Matrix user ids for your server will be of the form (`@user:<matrix-domain>`).
|
||||
#
|
||||
|
@ -98,8 +99,8 @@ matrix_host_command_openssl: "/usr/bin/env openssl"
|
|||
matrix_host_command_systemctl: "/usr/bin/env systemctl"
|
||||
matrix_host_command_sh: "/usr/bin/env sh"
|
||||
|
||||
matrix_ntpd_package: "{{ 'systemd-timesyncd' if (ansible_distribution == 'CentOS' and ansible_distribution_major_version > '7') or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version > '18') else ( 'systemd' if ansible_os_family == 'Suse' else 'ntp' ) }}"
|
||||
matrix_ntpd_service: "{{ 'systemd-timesyncd' if (ansible_distribution == 'CentOS' and ansible_distribution_major_version > '7') or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version > '18') or ansible_distribution == 'Archlinux' or ansible_os_family == 'Suse' else ('ntpd' if ansible_os_family == 'RedHat' else 'ntp') }}"
|
||||
matrix_ntpd_package: "{{ 'systemd-timesyncd' if (ansible_os_family == 'RedHat' and ansible_distribution_major_version|int > 7) or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version|int > 18) else ( 'systemd' if ansible_os_family == 'Suse' else 'ntp' ) }}"
|
||||
matrix_ntpd_service: "{{ 'systemd-timesyncd' if (ansible_os_family == 'RedHat' and ansible_distribution_major_version|int > 7) or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version|int > 18) or ansible_distribution == 'Archlinux' or ansible_os_family == 'Suse' else ('ntpd' if ansible_os_family == 'RedHat' else 'ntp') }}"
|
||||
|
||||
matrix_homeserver_url: "https://{{ matrix_server_fqn_matrix }}"
|
||||
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
---
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/sanity_check.yml"
|
||||
tags:
|
||||
- always
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
---
|
||||
|
||||
- include_tasks: "{{ role_path }}/tasks/server_base/setup_centos.yml"
|
||||
when: ansible_distribution == 'CentOS' and ansible_distribution_major_version < '8'
|
||||
- include_tasks: "{{ role_path }}/tasks/server_base/setup_redhat.yml"
|
||||
when: ansible_os_family == 'RedHat' and ansible_distribution_major_version|int < 8
|
||||
|
||||
- include_tasks: "{{ role_path }}/tasks/server_base/setup_centos8.yml"
|
||||
when: ansible_distribution == 'CentOS' and ansible_distribution_major_version > '7'
|
||||
- include_tasks: "{{ role_path }}/tasks/server_base/setup_redhat8.yml"
|
||||
when: ansible_os_family == 'RedHat' and ansible_distribution_major_version|int > 7
|
||||
|
||||
- block:
|
||||
# ansible_lsb is only available if lsb-release is installed.
|
||||
|
@ -13,7 +13,7 @@
|
|||
name:
|
||||
- lsb-release
|
||||
state: present
|
||||
update_cache: yes
|
||||
update_cache: true
|
||||
register: lsb_release_installation_result
|
||||
|
||||
- name: Reread ansible_lsb facts if lsb-release got installed
|
||||
|
@ -34,10 +34,10 @@
|
|||
service:
|
||||
name: docker
|
||||
state: started
|
||||
enabled: yes
|
||||
enabled: true
|
||||
|
||||
- name: "Ensure {{ matrix_ntpd_service }} is started and autoruns"
|
||||
service:
|
||||
name: "{{ matrix_ntpd_service }}"
|
||||
state: started
|
||||
enabled: yes
|
||||
enabled: true
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
- python-docker
|
||||
- python-dnspython
|
||||
state: latest
|
||||
update_cache: yes
|
||||
update_cache: true
|
||||
|
||||
- name: Ensure Docker is installed
|
||||
pacman:
|
||||
|
|
|
@ -7,7 +7,7 @@
|
|||
- ca-certificates
|
||||
- gnupg
|
||||
state: present
|
||||
update_cache: yes
|
||||
update_cache: true
|
||||
|
||||
- name: Ensure Docker's APT key is trusted
|
||||
apt_key:
|
||||
|
@ -22,7 +22,7 @@
|
|||
apt_repository:
|
||||
repo: "deb [arch={{ matrix_debian_arch }}] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} stable"
|
||||
state: present
|
||||
update_cache: yes
|
||||
update_cache: true
|
||||
when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce'
|
||||
|
||||
- name: Ensure APT packages are installed
|
||||
|
@ -30,7 +30,7 @@
|
|||
name:
|
||||
- "{{ matrix_ntpd_package }}"
|
||||
state: latest
|
||||
update_cache: yes
|
||||
update_cache: true
|
||||
|
||||
- name: Ensure Docker is installed
|
||||
apt:
|
||||
|
|
|
@ -7,7 +7,7 @@
|
|||
- ca-certificates
|
||||
- gnupg
|
||||
state: present
|
||||
update_cache: yes
|
||||
update_cache: true
|
||||
|
||||
- name: Ensure Docker's APT key is trusted
|
||||
apt_key:
|
||||
|
@ -22,7 +22,7 @@
|
|||
apt_repository:
|
||||
repo: "deb [arch={{ matrix_debian_arch }}] https://download.docker.com/linux/raspbian {{ ansible_distribution_release }} stable"
|
||||
state: present
|
||||
update_cache: yes
|
||||
update_cache: true
|
||||
when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce'
|
||||
|
||||
- name: Ensure APT packages are installed
|
||||
|
@ -30,7 +30,7 @@
|
|||
name:
|
||||
- "{{ matrix_ntpd_package }}"
|
||||
state: latest
|
||||
update_cache: yes
|
||||
update_cache: true
|
||||
|
||||
- name: Ensure Docker is installed
|
||||
apt:
|
||||
|
|
|
@ -22,7 +22,7 @@
|
|||
name:
|
||||
- "{{ matrix_ntpd_package }}"
|
||||
state: latest
|
||||
update_cache: yes
|
||||
update_cache: true
|
||||
|
||||
- name: Ensure Docker is installed
|
||||
yum:
|
|
@ -22,14 +22,14 @@
|
|||
name:
|
||||
- epel-release
|
||||
state: latest
|
||||
update_cache: yes
|
||||
update_cache: true
|
||||
|
||||
- name: Ensure yum packages are installed
|
||||
yum:
|
||||
name:
|
||||
- "{{ matrix_ntpd_package }}"
|
||||
state: latest
|
||||
update_cache: yes
|
||||
update_cache: true
|
||||
|
||||
- name: Ensure Docker is installed
|
||||
yum:
|
|
@ -18,8 +18,8 @@
|
|||
state: present
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
home: "{{ matrix_base_data_path }}"
|
||||
create_home: no
|
||||
system: yes
|
||||
create_home: false
|
||||
system: true
|
||||
register: matrix_user
|
||||
|
||||
- name: Set Matrix Group UID Variable
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
# We need others to be able to read these directories too,
|
||||
# so that matrix-nginx-proxy's nginx user can access the files.
|
||||
#
|
||||
|
|
|
@ -1,11 +1,11 @@
|
|||
|
||||
# This is for both CentOS 7 and 8
|
||||
- name: Ensure fuse installed (CentOS)
|
||||
---
|
||||
# This is for both RedHat 7 and 8
|
||||
- name: Ensure fuse installed (RedHat)
|
||||
yum:
|
||||
name:
|
||||
- fuse
|
||||
state: latest
|
||||
when: ansible_distribution == 'CentOS'
|
||||
when: ansible_os_family == 'RedHat'
|
||||
|
||||
# This is for both Debian and Raspbian
|
||||
- name: Ensure fuse installed (Debian/Raspbian)
|
||||
|
|
|
@ -1,11 +1,11 @@
|
|||
|
||||
# This is for both CentOS 7 and 8
|
||||
- name: Ensure openssl installed (CentOS)
|
||||
---
|
||||
# This is for both RedHat 7 and 8
|
||||
- name: Ensure openssl installed (RedHat)
|
||||
yum:
|
||||
name:
|
||||
- openssl
|
||||
state: latest
|
||||
when: ansible_distribution == 'CentOS'
|
||||
when: ansible_os_family == 'RedHat'
|
||||
|
||||
# This is for both Debian and Raspbian
|
||||
- name: Ensure openssl installed (Debian/Raspbian)
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
# This will contain a list of enabled services that the playbook is managing.
|
||||
# Each component is expected to append its service name to this list.
|
||||
matrix_systemd_services_list: []
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
# Go-NEB is a Matrix bot written in Go. It is the successor to Matrix-NEB, the original Matrix bot written in Python.
|
||||
# See: https://github.com/matrix-org/go-neb
|
||||
|
||||
|
@ -203,8 +204,8 @@ matrix_bot_go_neb_services: []
|
|||
# # Each room will get the notification with the alert rendered with the given template
|
||||
# rooms:
|
||||
# "!someroomid:domain.tld":
|
||||
# text_template: "{% raw %}{{range .Alerts -}} [{{ .Status }}] {{index .Labels \"alertname\" }}: {{index .Annotations \"description\"}} {{ end -}}{% endraw %}"
|
||||
# html_template: "{% raw %}{{range .Alerts -}} {{ $severity := index .Labels \"severity\" }} {{ if eq .Status \"firing\" }} {{ if eq $severity \"critical\"}} <font color='red'><b>[FIRING - CRITICAL]</b></font> {{ else if eq $severity \"warning\"}} <font color='orange'><b>[FIRING - WARNING]</b></font> {{ else }} <b>[FIRING - {{ $severity }}]</b> {{ end }} {{ else }} <font color='green'><b>[RESOLVED]</b></font> {{ end }} {{ index .Labels \"alertname\"}} : {{ index .Annotations \"description\"}} <a href=\"{{ .GeneratorURL }}\">source</a><br/>{{end -}}{% endraw %}"
|
||||
# text_template: "{% raw %}{{range .Alerts -}} [{{ .Status }}] {{index .Labels \"alertname\"}}: {{index .Annotations \"description\"}} {{ end -}}{% endraw %}"
|
||||
# html_template: "{% raw %}{{range .Alerts -}} {{ $severity := index .Labels \"severity\"}} {{ if eq .Status \"firing\"}} {{ if eq $severity \"critical\"}} <font color='red'><b>[FIRING - CRITICAL]</b></font> {{ else if eq $severity \"warning\"}} <font color='orange'><b>[FIRING - WARNING]</b></font> {{ else }} <b>[FIRING - {{ $severity }}]</b> {{ end }} {{ else }} <font color='green'><b>[RESOLVED]</b></font> {{ end }} {{ index .Labels \"alertname\"}} : {{ index .Annotations \"description\"}} <a href=\"{{ .GeneratorURL }}\">source</a><br/>{{end -}}{% endraw %}"
|
||||
# msg_type: "m.text" # Must be either `m.text` or `m.notice`
|
||||
|
||||
# Default configuration template which covers the generic use case.
|
||||
|
@ -228,4 +229,3 @@ matrix_bot_go_neb_configuration_extension: "{{ matrix_bot_go_neb_configuration_e
|
|||
# Holds the final configuration (a combination of the default and its extension).
|
||||
# You most likely don't need to touch this variable. Instead, see `matrix_bot_go_neb_configuration_yaml`.
|
||||
matrix_bot_go_neb_configuration: "{{ matrix_bot_go_neb_configuration_yaml|from_yaml|combine(matrix_bot_go_neb_configuration_extension, recursive=True) }}"
|
||||
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
---
|
||||
|
||||
- set_fact:
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-go-neb.service'] }}"
|
||||
when: matrix_bot_go_neb_enabled|bool
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
---
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
tags:
|
||||
- always
|
||||
|
|
|
@ -11,9 +11,9 @@
|
|||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_bot_go_neb_config_path }}", when: true }
|
||||
- { path: "{{ matrix_bot_go_neb_data_path }}", when: true }
|
||||
- { path: "{{ matrix_bot_go_neb_data_store_path }}", when: true }
|
||||
- {path: "{{ matrix_bot_go_neb_config_path }}", when: true}
|
||||
- {path: "{{ matrix_bot_go_neb_data_path }}", when: true}
|
||||
- {path: "{{ matrix_bot_go_neb_data_store_path }}", when: true}
|
||||
when: "item.when|bool"
|
||||
|
||||
- name: Ensure go-neb image is pulled
|
||||
|
@ -40,7 +40,7 @@
|
|||
|
||||
- name: Ensure systemd reloaded after matrix-bot-go-neb.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
daemon_reload: true
|
||||
when: "matrix_bot_go_neb_systemd_service_result.changed|bool"
|
||||
|
||||
- name: Ensure matrix-bot-go-neb.service restarted, if necessary
|
||||
|
|
|
@ -9,8 +9,8 @@
|
|||
service:
|
||||
name: matrix-bot-go-neb
|
||||
state: stopped
|
||||
enabled: no
|
||||
daemon_reload: yes
|
||||
enabled: false
|
||||
daemon_reload: true
|
||||
register: stopping_result
|
||||
when: "matrix_bot_go_neb_service_stat.stat.exists|bool"
|
||||
|
||||
|
@ -22,7 +22,7 @@
|
|||
|
||||
- name: Ensure systemd reloaded after matrix-bot-go-neb.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
daemon_reload: true
|
||||
when: "matrix_bot_go_neb_service_stat.stat.exists|bool"
|
||||
|
||||
- name: Ensure Matrix go-neb paths don't exist
|
||||
|
|
|
@ -39,8 +39,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-go-neb \
|
|||
{{ matrix_bot_go_neb_docker_image }} \
|
||||
-c "go-neb /config/config.yaml"
|
||||
|
||||
ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-go-neb 2>/dev/null'
|
||||
ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-go-neb 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-go-neb 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-go-neb 2>/dev/null'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-bot-go-neb
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
# honoroit is a helpdesk bot
|
||||
# See: https://gitlab.com/etke.cc/honoroit
|
||||
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
---
|
||||
|
||||
- set_fact:
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-honoroit.service'] }}"
|
||||
when: matrix_bot_honoroit_enabled|bool
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
---
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
tags:
|
||||
- always
|
||||
|
|
|
@ -33,10 +33,10 @@
|
|||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_bot_honoroit_config_path }}", when: true }
|
||||
- { path: "{{ matrix_bot_honoroit_data_path }}", when: true }
|
||||
- { path: "{{ matrix_bot_honoroit_data_store_path }}", when: true }
|
||||
- { path: "{{ matrix_bot_honoroit_docker_src_files_path }}", when: true}
|
||||
- {path: "{{ matrix_bot_honoroit_config_path }}", when: true}
|
||||
- {path: "{{ matrix_bot_honoroit_data_path }}", when: true}
|
||||
- {path: "{{ matrix_bot_honoroit_data_store_path }}", when: true}
|
||||
- {path: "{{ matrix_bot_honoroit_docker_src_files_path }}", when: true}
|
||||
when: "item.when|bool"
|
||||
|
||||
- name: Ensure honoroit environment variables file created
|
||||
|
@ -70,7 +70,7 @@
|
|||
build:
|
||||
dockerfile: Dockerfile
|
||||
path: "{{ matrix_bot_honoroit_docker_src_files_path }}"
|
||||
pull: yes
|
||||
pull: true
|
||||
when: "matrix_bot_honoroit_container_image_self_build|bool"
|
||||
|
||||
- name: Ensure matrix-bot-honoroit.service installed
|
||||
|
@ -82,7 +82,7 @@
|
|||
|
||||
- name: Ensure systemd reloaded after matrix-bot-honoroit.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
daemon_reload: true
|
||||
when: "matrix_bot_honoroit_systemd_service_result.changed|bool"
|
||||
|
||||
- name: Ensure matrix-bot-honoroit.service restarted, if necessary
|
||||
|
|
|
@ -9,8 +9,8 @@
|
|||
service:
|
||||
name: matrix-bot-honoroit
|
||||
state: stopped
|
||||
enabled: no
|
||||
daemon_reload: yes
|
||||
enabled: false
|
||||
daemon_reload: true
|
||||
register: stopping_result
|
||||
when: "matrix_bot_honoroit_service_stat.stat.exists|bool"
|
||||
|
||||
|
@ -22,7 +22,7 @@
|
|||
|
||||
- name: Ensure systemd reloaded after matrix-bot-honoroit.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
daemon_reload: true
|
||||
when: "matrix_bot_honoroit_service_stat.stat.exists|bool"
|
||||
|
||||
- name: Ensure Matrix honoroit paths don't exist
|
||||
|
|
|
@ -29,8 +29,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-honoroit \
|
|||
{% endfor %}
|
||||
{{ matrix_bot_honoroit_docker_image }}
|
||||
|
||||
ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-honoroit 2>/dev/null'
|
||||
ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-honoroit 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-honoroit 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-honoroit 2>/dev/null'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-bot-honoroit
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
# matrix-reminder-bot is a bot for one-off and recurring reminders
|
||||
# See: https://github.com/anoadragon453/matrix-reminder-bot
|
||||
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
---
|
||||
|
||||
- set_fact:
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-matrix-reminder-bot.service'] }}"
|
||||
when: matrix_bot_matrix_reminder_bot_enabled|bool
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
---
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
tags:
|
||||
- always
|
||||
|
|
|
@ -34,10 +34,10 @@
|
|||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_bot_matrix_reminder_bot_config_path }}", when: true }
|
||||
- { path: "{{ matrix_bot_matrix_reminder_bot_data_path }}", when: true }
|
||||
- { path: "{{ matrix_bot_matrix_reminder_bot_data_store_path }}", when: true }
|
||||
- { path: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}", when: true}
|
||||
- {path: "{{ matrix_bot_matrix_reminder_bot_config_path }}", when: true}
|
||||
- {path: "{{ matrix_bot_matrix_reminder_bot_data_path }}", when: true}
|
||||
- {path: "{{ matrix_bot_matrix_reminder_bot_data_store_path }}", when: true}
|
||||
- {path: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}", when: true}
|
||||
when: "item.when|bool"
|
||||
|
||||
- name: Ensure matrix-reminder-bot image is pulled
|
||||
|
@ -65,7 +65,7 @@
|
|||
build:
|
||||
dockerfile: docker/Dockerfile
|
||||
path: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}"
|
||||
pull: yes
|
||||
pull: true
|
||||
when: "matrix_bot_matrix_reminder_bot_container_image_self_build|bool"
|
||||
|
||||
- name: Ensure matrix-reminder-bot config installed
|
||||
|
@ -85,7 +85,7 @@
|
|||
|
||||
- name: Ensure systemd reloaded after matrix-bot-matrix-reminder-bot.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
daemon_reload: true
|
||||
when: "matrix_bot_matrix_reminder_bot_systemd_service_result.changed|bool"
|
||||
|
||||
- name: Ensure matrix-bot-matrix-reminder-bot.service restarted, if necessary
|
||||
|
|
|
@ -9,8 +9,8 @@
|
|||
service:
|
||||
name: matrix-bot-matrix-reminder-bot
|
||||
state: stopped
|
||||
enabled: no
|
||||
daemon_reload: yes
|
||||
enabled: false
|
||||
daemon_reload: true
|
||||
register: stopping_result
|
||||
when: "matrix_bot_matrix_reminder_bot_service_stat.stat.exists|bool"
|
||||
|
||||
|
@ -22,7 +22,7 @@
|
|||
|
||||
- name: Ensure systemd reloaded after matrix-bot-matrix-reminder-bot.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
daemon_reload: true
|
||||
when: "matrix_bot_matrix_reminder_bot_service_stat.stat.exists|bool"
|
||||
|
||||
- name: Ensure Matrix matrix-reminder-bot paths don't exist
|
||||
|
|
|
@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-matrix-rem
|
|||
{{ matrix_bot_matrix_reminder_bot_docker_image }} \
|
||||
-c "matrix-reminder-bot /config/config.yaml"
|
||||
|
||||
ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-matrix-reminder-bot 2>/dev/null'
|
||||
ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-matrix-reminder-bot 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-matrix-reminder-bot 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-matrix-reminder-bot 2>/dev/null'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-bot-matrix-reminder-bot
|
||||
|
|
|
@ -1,9 +1,10 @@
|
|||
---
|
||||
# A moderation tool for Matrix
|
||||
# See: https://github.com/matrix-org/mjolnir
|
||||
|
||||
matrix_bot_mjolnir_enabled: true
|
||||
|
||||
matrix_bot_mjolnir_version: "v1.2.1"
|
||||
matrix_bot_mjolnir_version: "v1.3.1"
|
||||
|
||||
matrix_bot_mjolnir_container_image_self_build: false
|
||||
matrix_bot_mjolnir_container_image_self_build_repo: "https://github.com/matrix-org/mjolnir.git"
|
||||
|
@ -56,4 +57,3 @@ matrix_bot_mjolnir_configuration_extension: "{{ matrix_bot_mjolnir_configuration
|
|||
# Holds the final configuration (a combination of the default and its extension).
|
||||
# You most likely don't need to touch this variable. Instead, see `matrix_bot_mjolnir_configuration_yaml`.
|
||||
matrix_bot_mjolnir_configuration: "{{ matrix_bot_mjolnir_configuration_yaml|from_yaml|combine(matrix_bot_mjolnir_configuration_extension, recursive=True) }}"
|
||||
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
|
||||
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
|
||||
- name: Fail if trying to self-build on Ansible < 2.8
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
---
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
tags:
|
||||
- always
|
||||
|
|
|
@ -11,10 +11,10 @@
|
|||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_bot_mjolnir_base_path }}", when: true }
|
||||
- { path: "{{ matrix_bot_mjolnir_config_path }}", when: true }
|
||||
- { path: "{{ matrix_bot_mjolnir_data_path }}", when: true }
|
||||
- { path: "{{ matrix_bot_mjolnir_docker_src_files_path }}", when: "{{ matrix_bot_mjolnir_container_image_self_build }}" }
|
||||
- {path: "{{ matrix_bot_mjolnir_base_path }}", when: true}
|
||||
- {path: "{{ matrix_bot_mjolnir_config_path }}", when: true}
|
||||
- {path: "{{ matrix_bot_mjolnir_data_path }}", when: true}
|
||||
- {path: "{{ matrix_bot_mjolnir_docker_src_files_path }}", when: "{{ matrix_bot_mjolnir_container_image_self_build }}"}
|
||||
when: "item.when|bool"
|
||||
|
||||
- name: Ensure mjolnir Docker image is pulled
|
||||
|
@ -42,7 +42,7 @@
|
|||
build:
|
||||
dockerfile: Dockerfile
|
||||
path: "{{ matrix_bot_mjolnir_docker_src_files_path }}"
|
||||
pull: yes
|
||||
pull: true
|
||||
when: "matrix_bot_mjolnir_container_image_self_build|bool"
|
||||
|
||||
- name: Ensure matrix-bot-mjolnir config installed
|
||||
|
@ -62,7 +62,7 @@
|
|||
|
||||
- name: Ensure systemd reloaded after matrix-bot-mjolnir.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
daemon_reload: true
|
||||
when: "matrix_bot_mjolnir_systemd_service_result.changed|bool"
|
||||
|
||||
- name: Ensure matrix-bot-mjolnir.service restarted, if necessary
|
||||
|
|
|
@ -9,8 +9,8 @@
|
|||
service:
|
||||
name: matrix-bot-mjolnir
|
||||
state: stopped
|
||||
enabled: no
|
||||
daemon_reload: yes
|
||||
enabled: false
|
||||
daemon_reload: true
|
||||
register: stopping_result
|
||||
when: "matrix_bot_mjolnir_service_stat.stat.exists|bool"
|
||||
|
||||
|
@ -22,7 +22,7 @@
|
|||
|
||||
- name: Ensure systemd reloaded after matrix-bot-mjolnir.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
daemon_reload: true
|
||||
when: "matrix_bot_mjolnir_service_stat.stat.exists|bool"
|
||||
|
||||
- name: Ensure matrix-bot-mjolnir paths don't exist
|
||||
|
|
|
@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-mjolnir \
|
|||
{% endfor %}
|
||||
{{ matrix_bot_mjolnir_docker_image }}
|
||||
|
||||
ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-mjolnir 2>/dev/null'
|
||||
ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-mjolnir 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-mjolnir 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-mjolnir 2>/dev/null'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-bot-mjolnir
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
# matrix-appservice-discord is a Matrix <-> Discord bridge
|
||||
# See: https://github.com/Half-Shot/matrix-appservice-discord
|
||||
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
|
||||
# We don't want to fail in such cases.
|
||||
- name: Fail if matrix-synapse role already executed
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
---
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
tags:
|
||||
- always
|
||||
|
|
|
@ -54,8 +54,8 @@
|
|||
service:
|
||||
name: matrix-appservice-discord
|
||||
state: stopped
|
||||
enabled: no
|
||||
daemon_reload: yes
|
||||
enabled: false
|
||||
daemon_reload: true
|
||||
failed_when: false
|
||||
when: "matrix_appservice_discord_stat_db.stat.exists"
|
||||
|
||||
|
@ -105,7 +105,7 @@
|
|||
|
||||
- name: Ensure systemd reloaded after matrix-appservice-discord.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
daemon_reload: true
|
||||
when: "matrix_appservice_discord_systemd_service_result.changed"
|
||||
|
||||
- name: Ensure matrix-appservice-discord.service restarted, if necessary
|
||||
|
|
|
@ -9,8 +9,8 @@
|
|||
service:
|
||||
name: matrix-appservice-discord
|
||||
state: stopped
|
||||
enabled: no
|
||||
daemon_reload: yes
|
||||
enabled: false
|
||||
daemon_reload: true
|
||||
when: "matrix_appservice_discord_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure matrix-appservice-discord.service doesn't exist
|
||||
|
@ -21,5 +21,5 @@
|
|||
|
||||
- name: Ensure systemd reloaded after matrix-appservice-discord.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
daemon_reload: true
|
||||
when: "matrix_appservice_discord_service_stat.stat.exists"
|
||||
|
|
|
@ -35,8 +35,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-dis
|
|||
{{ matrix_appservice_discord_docker_image }} \
|
||||
node /build/src/discordas.js -p 9005 -c /cfg/config.yaml -f /cfg/registration.yaml
|
||||
|
||||
ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-discord 2>/dev/null'
|
||||
ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-discord 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-discord 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-discord 2>/dev/null'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-appservice-discord
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
# Matrix Appservice IRC is a Matrix <-> IRC bridge
|
||||
# See: https://github.com/matrix-org/matrix-appservice-irc
|
||||
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
|
||||
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
|
||||
- name: Fail if trying to self-build on Ansible < 2.8
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
---
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
tags:
|
||||
- always
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
---
|
||||
|
||||
- name: Fail if Postgres not enabled
|
||||
fail:
|
||||
msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot migrate."
|
||||
|
@ -16,7 +18,7 @@
|
|||
service:
|
||||
name: matrix-postgres
|
||||
state: started
|
||||
daemon_reload: yes
|
||||
daemon_reload: true
|
||||
register: matrix_postgres_service_start_result
|
||||
|
||||
- name: Wait a bit, so that Postgres can start
|
||||
|
|
|
@ -10,10 +10,10 @@
|
|||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_appservice_irc_base_path }}", when: true }
|
||||
- { path: "{{ matrix_appservice_irc_config_path }}", when: true }
|
||||
- { path: "{{ matrix_appservice_irc_data_path }}", when: true }
|
||||
- { path: "{{ matrix_appservice_irc_docker_src_files_path }}", when: "{{ matrix_appservice_irc_container_image_self_build }}" }
|
||||
- {path: "{{ matrix_appservice_irc_base_path }}", when: true}
|
||||
- {path: "{{ matrix_appservice_irc_config_path }}", when: true}
|
||||
- {path: "{{ matrix_appservice_irc_data_path }}", when: true}
|
||||
- {path: "{{ matrix_appservice_irc_docker_src_files_path }}", when: "{{ matrix_appservice_irc_container_image_self_build }}"}
|
||||
when: item.when|bool
|
||||
|
||||
- name: Check if an old passkey file already exists
|
||||
|
@ -26,7 +26,7 @@
|
|||
service:
|
||||
name: matrix-appservice-irc
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
daemon_reload: true
|
||||
failed_when: false
|
||||
|
||||
- name: (Data relocation) Move AppService IRC passkey.pem file to ./data directory
|
||||
|
@ -82,7 +82,7 @@
|
|||
build:
|
||||
dockerfile: Dockerfile
|
||||
path: "{{ matrix_appservice_irc_docker_src_files_path }}"
|
||||
pull: yes
|
||||
pull: true
|
||||
when: "matrix_appservice_irc_enabled|bool and matrix_appservice_irc_container_image_self_build|bool and matrix_appservice_irc_git_pull_results.changed"
|
||||
|
||||
- name: Ensure Matrix Appservice IRC config installed
|
||||
|
@ -186,7 +186,7 @@
|
|||
|
||||
- name: Ensure systemd reloaded after matrix-appservice-irc.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
daemon_reload: true
|
||||
when: "matrix_appservice_irc_systemd_service_result.changed"
|
||||
|
||||
- name: Ensure matrix-appservice-irc.service restarted, if necessary
|
||||
|
|
|
@ -9,8 +9,8 @@
|
|||
service:
|
||||
name: matrix-appservice-irc
|
||||
state: stopped
|
||||
enabled: no
|
||||
daemon_reload: yes
|
||||
enabled: false
|
||||
daemon_reload: true
|
||||
when: "matrix_appservice_irc_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure matrix-appservice-irc.service doesn't exist
|
||||
|
@ -21,5 +21,5 @@
|
|||
|
||||
- name: Ensure systemd reloaded after matrix-appservice-irc.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
daemon_reload: true
|
||||
when: "matrix_appservice_irc_service_stat.stat.exists"
|
||||
|
|
|
@ -36,8 +36,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-irc
|
|||
{{ matrix_appservice_irc_docker_image }} \
|
||||
-c 'node app.js -c /config/config.yaml -f /config/registration.yaml -p 9999'
|
||||
|
||||
ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-irc 2>/dev/null'
|
||||
ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-irc 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-irc 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-irc 2>/dev/null'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-appservice-irc
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
# matrix-appservice-slack is a Matrix <-> Slack bridge
|
||||
# See: https://github.com/matrix-org/matrix-appservice-slack
|
||||
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
|
||||
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
|
||||
- name: Fail if trying to self-build on Ansible < 2.8
|
||||
|
@ -39,40 +40,40 @@
|
|||
when: "matrix_synapse_role_executed|default(False)"
|
||||
|
||||
- block:
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
fail:
|
||||
msg: >-
|
||||
Trying to append Slack Appservice's reverse-proxying configuration to matrix-nginx-proxy,
|
||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
||||
To fix this, please change the order of roles in your playbook,
|
||||
so that the matrix-nginx-proxy role would run after the matrix-bridge-appservice-slack role.
|
||||
when: matrix_nginx_proxy_role_executed|default(False)|bool
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
fail:
|
||||
msg: >-
|
||||
Trying to append Slack Appservice's reverse-proxying configuration to matrix-nginx-proxy,
|
||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
||||
To fix this, please change the order of roles in your playbook,
|
||||
so that the matrix-nginx-proxy role would run after the matrix-bridge-appservice-slack role.
|
||||
when: matrix_nginx_proxy_role_executed|default(False)|bool
|
||||
|
||||
- name: Generate Matrix Appservice Slack proxying configuration for matrix-nginx-proxy
|
||||
set_fact:
|
||||
matrix_appservice_slack_matrix_nginx_proxy_configuration: |
|
||||
location {{ matrix_appservice_slack_public_endpoint }} {
|
||||
{% if matrix_nginx_proxy_enabled|default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "{{ matrix_appservice_slack_appservice_url }}:{{ matrix_appservice_slack_slack_port }}";
|
||||
proxy_pass $backend;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://127.0.0.1:{{ matrix_appservice_slack_slack_port }};
|
||||
{% endif %}
|
||||
}
|
||||
- name: Generate Matrix Appservice Slack proxying configuration for matrix-nginx-proxy
|
||||
set_fact:
|
||||
matrix_appservice_slack_matrix_nginx_proxy_configuration: |
|
||||
location {{ matrix_appservice_slack_public_endpoint }} {
|
||||
{% if matrix_nginx_proxy_enabled|default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "{{ matrix_appservice_slack_appservice_url }}:{{ matrix_appservice_slack_slack_port }}";
|
||||
proxy_pass $backend;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://127.0.0.1:{{ matrix_appservice_slack_slack_port }};
|
||||
{% endif %}
|
||||
}
|
||||
|
||||
- name: Register Slack Appservice proxying configuration with matrix-nginx-proxy
|
||||
set_fact:
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
|
||||
{{
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
|
||||
+
|
||||
[matrix_appservice_slack_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
- name: Register Slack Appservice proxying configuration with matrix-nginx-proxy
|
||||
set_fact:
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
|
||||
{{
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
|
||||
+
|
||||
[matrix_appservice_slack_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
tags:
|
||||
- always
|
||||
- always
|
||||
when: matrix_appservice_slack_enabled|bool
|
||||
|
||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
---
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
tags:
|
||||
- always
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
---
|
||||
|
||||
- name: Fail if Postgres not enabled
|
||||
fail:
|
||||
msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot migrate."
|
||||
|
@ -16,7 +18,7 @@
|
|||
service:
|
||||
name: matrix-postgres
|
||||
state: started
|
||||
daemon_reload: yes
|
||||
daemon_reload: true
|
||||
register: matrix_postgres_service_start_result
|
||||
|
||||
- name: Wait a bit, so that Postgres can start
|
||||
|
|
|
@ -8,10 +8,10 @@
|
|||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_appservice_slack_base_path }}", when: true }
|
||||
- { path: "{{ matrix_appservice_slack_config_path }}", when: true }
|
||||
- { path: "{{ matrix_appservice_slack_data_path }}", when: true }
|
||||
- { path: "{{ matrix_appservice_slack_docker_src_files_path }}", when: "{{ matrix_appservice_slack_container_image_self_build }}" }
|
||||
- {path: "{{ matrix_appservice_slack_base_path }}", when: true}
|
||||
- {path: "{{ matrix_appservice_slack_config_path }}", when: true}
|
||||
- {path: "{{ matrix_appservice_slack_data_path }}", when: true}
|
||||
- {path: "{{ matrix_appservice_slack_docker_src_files_path }}", when: "{{ matrix_appservice_slack_container_image_self_build }}"}
|
||||
when: item.when|bool
|
||||
|
||||
- set_fact:
|
||||
|
@ -56,7 +56,7 @@
|
|||
build:
|
||||
dockerfile: Dockerfile
|
||||
path: "{{ matrix_appservice_slack_docker_src_files_path }}"
|
||||
pull: yes
|
||||
pull: true
|
||||
when: "matrix_appservice_slack_container_image_self_build|bool and matrix_appservice_slack_git_pull_results.changed"
|
||||
|
||||
- name: Ensure Matrix Appservice Slack config installed
|
||||
|
@ -84,7 +84,7 @@
|
|||
|
||||
- name: Ensure systemd reloaded after matrix-appservice-slack.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
daemon_reload: true
|
||||
when: "matrix_appservice_slack_systemd_service_result.changed"
|
||||
|
||||
- name: Ensure matrix-appservice-slack.service restarted, if necessary
|
||||
|
|
|
@ -9,8 +9,8 @@
|
|||
service:
|
||||
name: matrix-appservice-slack
|
||||
state: stopped
|
||||
enabled: no
|
||||
daemon_reload: yes
|
||||
enabled: false
|
||||
daemon_reload: true
|
||||
when: "matrix_appservice_slack_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure matrix-appservice-slack.service doesn't exist
|
||||
|
@ -21,5 +21,5 @@
|
|||
|
||||
- name: Ensure systemd reloaded after matrix-appservice-slack.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
daemon_reload: true
|
||||
when: "matrix_appservice_slack_service_stat.stat.exists"
|
||||
|
|
|
@ -35,8 +35,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-sla
|
|||
{{ matrix_appservice_slack_docker_image }} \
|
||||
node app.js -p {{matrix_appservice_slack_matrix_port}} -c /config/config.yaml -f /config/slack-registration.yaml
|
||||
|
||||
ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-slack 2>/dev/null'
|
||||
ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-slack 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-slack 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-slack 2>/dev/null'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-appservice-slack
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
# matrix-appservice-webhooks is a Matrix <-> webhook bridge
|
||||
# See: https://github.com/redoonetworks/matrix-appservice-webhooks
|
||||
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
|
||||
# We don't want to fail in such cases.
|
||||
- name: Fail if matrix-synapse role already executed
|
||||
|
@ -32,42 +33,42 @@
|
|||
when: "matrix_synapse_role_executed|default(False)"
|
||||
|
||||
- block:
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
fail:
|
||||
msg: >-
|
||||
Trying to append webhooks Appservice's reverse-proxying configuration to matrix-nginx-proxy,
|
||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
||||
To fix this, please change the order of roles in your playbook,
|
||||
so that the matrix-nginx-proxy role would run after the matrix-bridge-appservice-webhooks role.
|
||||
when: matrix_nginx_proxy_role_executed|default(False)|bool
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
fail:
|
||||
msg: >-
|
||||
Trying to append webhooks Appservice's reverse-proxying configuration to matrix-nginx-proxy,
|
||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
||||
To fix this, please change the order of roles in your playbook,
|
||||
so that the matrix-nginx-proxy role would run after the matrix-bridge-appservice-webhooks role.
|
||||
when: matrix_nginx_proxy_role_executed|default(False)|bool
|
||||
|
||||
- name: Generate Matrix Appservice webhooks proxying configuration for matrix-nginx-proxy
|
||||
set_fact:
|
||||
matrix_appservice_webhooks_matrix_nginx_proxy_configuration: |
|
||||
{% if matrix_nginx_proxy_enabled|default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
location ~ ^{{ matrix_appservice_webhooks_public_endpoint }}/(.*)$ {
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "matrix-appservice-webhooks:{{ matrix_appservice_webhooks_matrix_port }}";
|
||||
proxy_pass http://$backend/$1;
|
||||
}
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
location {{ matrix_appservice_webhooks_public_endpoint }}/ {
|
||||
proxy_pass http://127.0.0.1:{{ matrix_appservice_webhooks_matrix_port }}/;
|
||||
}
|
||||
{% endif %}
|
||||
- name: Generate Matrix Appservice webhooks proxying configuration for matrix-nginx-proxy
|
||||
set_fact:
|
||||
matrix_appservice_webhooks_matrix_nginx_proxy_configuration: |
|
||||
{% if matrix_nginx_proxy_enabled|default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
location ~ ^{{ matrix_appservice_webhooks_public_endpoint }}/(.*)$ {
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "matrix-appservice-webhooks:{{ matrix_appservice_webhooks_matrix_port }}";
|
||||
proxy_pass http://$backend/$1;
|
||||
}
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
location {{ matrix_appservice_webhooks_public_endpoint }}/ {
|
||||
proxy_pass http://127.0.0.1:{{ matrix_appservice_webhooks_matrix_port }}/;
|
||||
}
|
||||
{% endif %}
|
||||
|
||||
- name: Register webhooks Appservice proxying configuration with matrix-nginx-proxy
|
||||
set_fact:
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
|
||||
{{
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
|
||||
+
|
||||
[matrix_appservice_webhooks_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
- name: Register webhooks Appservice proxying configuration with matrix-nginx-proxy
|
||||
set_fact:
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
|
||||
{{
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
|
||||
+
|
||||
[matrix_appservice_webhooks_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
tags:
|
||||
- always
|
||||
- always
|
||||
when: matrix_appservice_webhooks_enabled|bool
|
||||
|
||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
---
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
tags:
|
||||
- always
|
||||
|
|
|
@ -8,10 +8,10 @@
|
|||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_appservice_webhooks_base_path }}", when: true }
|
||||
- { path: "{{ matrix_appservice_webhooks_config_path }}", when: true }
|
||||
- { path: "{{ matrix_appservice_webhooks_data_path }}", when: true }
|
||||
- { path: "{{ matrix_appservice_webhooks_docker_src_files_path }}", when: "{{ matrix_appservice_webhooks_container_image_self_build }}"}
|
||||
- {path: "{{ matrix_appservice_webhooks_base_path }}", when: true}
|
||||
- {path: "{{ matrix_appservice_webhooks_config_path }}", when: true}
|
||||
- {path: "{{ matrix_appservice_webhooks_data_path }}", when: true}
|
||||
- {path: "{{ matrix_appservice_webhooks_docker_src_files_path }}", when: "{{ matrix_appservice_webhooks_container_image_self_build }}"}
|
||||
when: "item.when|bool"
|
||||
|
||||
- name: Ensure Appservice webhooks image is pulled
|
||||
|
@ -40,7 +40,7 @@
|
|||
build:
|
||||
dockerfile: "{{ matrix_appservice_webhooks_container_image_self_build_repo_dockerfile_path }}"
|
||||
path: "{{ matrix_appservice_webhooks_docker_src_files_path }}"
|
||||
pull: yes
|
||||
pull: true
|
||||
when: "matrix_appservice_webhooks_container_image_self_build|bool"
|
||||
|
||||
- name: Ensure Matrix Appservice webhooks config is installed
|
||||
|
@ -84,5 +84,5 @@
|
|||
|
||||
- name: Ensure systemd reloaded after matrix-appservice-webhooks.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
daemon_reload: true
|
||||
when: "matrix_appservice_webhooks_systemd_service_result.changed"
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue