From a1c5a197a93d410d714215b90627bcfb007864b4 Mon Sep 17 00:00:00 2001 From: Fanch Date: Mon, 4 May 2020 21:43:54 +0200 Subject: [PATCH 1/2] remove default UID/GID --- roles/matrix-base/defaults/main.yml | 2 -- roles/matrix-base/tasks/setup_matrix_base.yml | 13 ++++++++++--- 2 files changed, 10 insertions(+), 5 deletions(-) diff --git a/roles/matrix-base/defaults/main.yml b/roles/matrix-base/defaults/main.yml index 7f4c6ace..90061a06 100644 --- a/roles/matrix-base/defaults/main.yml +++ b/roles/matrix-base/defaults/main.yml @@ -22,8 +22,6 @@ matrix_server_fqn_dimension: "dimension.{{ matrix_domain }}" matrix_server_fqn_jitsi: "jitsi.{{ matrix_domain }}" matrix_user_username: "matrix" -matrix_user_uid: 991 -matrix_user_gid: 991 matrix_base_data_path: "/matrix" matrix_base_data_path_mode: "750" diff --git a/roles/matrix-base/tasks/setup_matrix_base.yml b/roles/matrix-base/tasks/setup_matrix_base.yml index 24217883..9720cb91 100644 --- a/roles/matrix-base/tasks/setup_matrix_base.yml +++ b/roles/matrix-base/tasks/setup_matrix_base.yml @@ -3,15 +3,23 @@ - name: Ensure Matrix group is created group: name: "{{ matrix_user_username }}" - gid: "{{ matrix_user_gid }}" state: present + register: matrix_group + +- name: Set Matrix Group GID Variable + set_fact: + matrix_user_gid: "{{ matrix_group.gid }}" - name: Ensure Matrix user is created user: name: "{{ matrix_user_username }}" - uid: "{{ matrix_user_uid }}" state: present group: "{{ matrix_user_username }}" + register: matrix_user + +- name: Set Matrix Group UID Variable + set_fact: + matrix_user_uid: "{{ matrix_user.uid }}" - name: Ensure Matrix base path exists file: @@ -54,4 +62,3 @@ src: "{{ role_path }}/templates/usr-local-bin/matrix-remove-all.j2" dest: "{{ matrix_local_bin_path }}/matrix-remove-all" mode: 0750 - From 8fea6f5130e658cd0edbf030ce61a82cf9c874b2 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 6 May 2020 09:43:30 +0300 Subject: [PATCH 2/2] Make sure matrix_user_uid and matrix_user_gid are always set If one runs the playbook with `--tags=setup-all`, it would have been fine. But running with a specific tag (e.g. `--tags=setup-riot-web`) would have made that initialization be skipped, and the `matrix-riot-web` role would fail, due to missing variables. --- roles/matrix-base/tasks/main.yml | 7 ++++++ roles/matrix-base/tasks/setup_matrix_base.yml | 21 ------------------ roles/matrix-base/tasks/setup_matrix_user.yml | 22 +++++++++++++++++++ 3 files changed, 29 insertions(+), 21 deletions(-) create mode 100644 roles/matrix-base/tasks/setup_matrix_user.yml diff --git a/roles/matrix-base/tasks/main.yml b/roles/matrix-base/tasks/main.yml index 827a4101..c51d6811 100644 --- a/roles/matrix-base/tasks/main.yml +++ b/roles/matrix-base/tasks/main.yml @@ -12,6 +12,13 @@ tags: - setup-all +# This needs to always run, because it populates `matrix_user_uid` and `matrix_user_gid`, +# which are required by many other roles. +- import_tasks: "{{ role_path }}/tasks/setup_matrix_user.yml" + when: run_setup|bool + tags: + - always + - import_tasks: "{{ role_path }}/tasks/setup_matrix_base.yml" when: run_setup|bool tags: diff --git a/roles/matrix-base/tasks/setup_matrix_base.yml b/roles/matrix-base/tasks/setup_matrix_base.yml index 9720cb91..fa26b5f5 100644 --- a/roles/matrix-base/tasks/setup_matrix_base.yml +++ b/roles/matrix-base/tasks/setup_matrix_base.yml @@ -1,26 +1,5 @@ --- -- name: Ensure Matrix group is created - group: - name: "{{ matrix_user_username }}" - state: present - register: matrix_group - -- name: Set Matrix Group GID Variable - set_fact: - matrix_user_gid: "{{ matrix_group.gid }}" - -- name: Ensure Matrix user is created - user: - name: "{{ matrix_user_username }}" - state: present - group: "{{ matrix_user_username }}" - register: matrix_user - -- name: Set Matrix Group UID Variable - set_fact: - matrix_user_uid: "{{ matrix_user.uid }}" - - name: Ensure Matrix base path exists file: path: "{{ item }}" diff --git a/roles/matrix-base/tasks/setup_matrix_user.yml b/roles/matrix-base/tasks/setup_matrix_user.yml new file mode 100644 index 00000000..277a41d9 --- /dev/null +++ b/roles/matrix-base/tasks/setup_matrix_user.yml @@ -0,0 +1,22 @@ +--- + +- name: Ensure Matrix group is created + group: + name: "{{ matrix_user_username }}" + state: present + register: matrix_group + +- name: Set Matrix Group GID Variable + set_fact: + matrix_user_gid: "{{ matrix_group.gid }}" + +- name: Ensure Matrix user is created + user: + name: "{{ matrix_user_username }}" + state: present + group: "{{ matrix_user_username }}" + register: matrix_user + +- name: Set Matrix Group UID Variable + set_fact: + matrix_user_uid: "{{ matrix_user.uid }}"