Merge branch 'master' into pub.solar
This commit is contained in:
commit
831aabaa87
93
CHANGELOG.md
93
CHANGELOG.md
|
@ -1,3 +1,96 @@
|
|||
# 2021-01-31
|
||||
|
||||
## Etherpad support
|
||||
|
||||
Thanks to [@pushytoxin](https://github.com/pushytoxin), the playbook can now install the [Etherpad](https://etherpad.org) realtime collaborative text editor. It can be used in a [Jitsi](https://jitsi.org/) audio/video call or integrated as a widget into Matrix chat rooms via the [Dimension](https://dimension.t2bot.io) integration manager.
|
||||
|
||||
To get it installed, follow [our Etherpad docs page](docs/configuring-playbook-etherpad.md).
|
||||
|
||||
|
||||
# 2021-01-22
|
||||
|
||||
## (Breaking Change) Postgres changes that require manual intervention
|
||||
|
||||
We've made a lot of changes to our Postgres setup and some manual action is required (described below). Sorry about the hassle.
|
||||
|
||||
**TLDR**: people running an [external Postgres server](docs/configuring-playbook-external-postgres.md) don't need to change anything for now. Everyone else (the common/default case) is affected and manual intervention is required.
|
||||
|
||||
### Why?
|
||||
|
||||
- we had a default Postgres password (`matrix_postgres_connection_password: synapse-password`), which we think is **not ideal for security anymore**. We now ask you to generate/provide a strong password yourself. Postgres is normally not exposed outside the container network, making it relatively secure, but still:
|
||||
- by tweaking the configuration, you may end up intentionally or unintentionally exposing your Postgres server to the local network (or even publicly), while still using the default default credentials (`synapse` + `synapse-password`)
|
||||
- we can't be sure we trust all these services (bridges, etc). Some of them may try to talk to or attack `matrix-postgres` using the default credentials (`synapse` + `synapse-password`)
|
||||
- you may have other containers running on the same Docker network, which may try to talk to or attack `matrix-postgres` using the default credentials (`synapse` + `synapse-password`)
|
||||
- our Postgres usage **was overly-focused on Synapse** (default username of `synapse` and default/main database of `homeserver`). Additional homeserver options are likely coming in the future ([Dendrite](https://matrix.org/docs/projects/server/dendrite), [Conduit](https://matrix.org/docs/projects/server/conduit), [The Construct](https://matrix.org/docs/projects/server/construct)), so being too focused on `matrix-synapse` is not great. From now on, Synapse is just another component of this playbook, which happens to have an *additional database* (called `synapse`) on the Postgres server.
|
||||
- we try to reorganize things a bit, to make the playbook even friendlier to people running an [external Postgres server](docs/configuring-playbook-external-postgres.md). Work on this will proceed in the future.
|
||||
|
||||
So, this is some **effort to improve security** and to **prepare for a brighter future of having more homeserver options** than just Synapse.
|
||||
|
||||
### What has really changed?
|
||||
|
||||
- the default superuser Postgres username is now `matrix` (used to be `synapse`)
|
||||
- the default Postgres database is now `matrix` (used to be `homeserver`)
|
||||
- Synapse's database is now `synapse` (used to be `homeserver`). This is now just another "additional database" that the playbook manages for you
|
||||
- Synapse's user called `synapse` is just a regular user that can only use the `synapse` database (not a superuser anymore)
|
||||
|
||||
### What do I do if I'm using the integrated Postgres server (default)?
|
||||
|
||||
By default, the playbook runs an integrated Postgres server for you in a container (`matrix-postgres`). Unless you've explicitly configured an [external Postgres server](docs/configuring-playbook-external-postgres.md), these steps are meant for you.
|
||||
|
||||
To migrate to the new setup, expect a few minutes of downtime, while you follow these steps:
|
||||
|
||||
1. We believe the steps below are safe and you won't encounter any data loss, but consider [making a Postgres backup](docs/maintenance-postgres.md#backing-up-postgresql) anyway. If you've never backed up Postgres, now would be a good time to try it.
|
||||
|
||||
2. Generate a strong password to be used for your superuser Postgres user (called `matrix`). You can use `pwgen -s 64 1` to generate it, or some other tool. The **maximum length** for a Postgres password is 100 bytes (characters). Don't go crazy!
|
||||
|
||||
3. Update your playbook's `inventory/host_vars/matrix.DOMAIN/vars.yml` file, adding a line like this:
|
||||
```yaml
|
||||
matrix_postgres_connection_password: 'YOUR_POSTGRES_PASSWORD_HERE'
|
||||
```
|
||||
|
||||
.. where `YOUR_POSTGRES_PASSWORD_HERE` is to be replaced with the password you generated during step #2.
|
||||
|
||||
4. Stop all services: `ansible-playbook -i inventory/hosts setup.yml --tags=stop`
|
||||
5. Log in to the server via SSH. The next commands will be performed there.
|
||||
6. Start the Postgres database server: `systemctl start matrix-postgres`
|
||||
7. Open a Postgres shell: `/usr/local/bin/matrix-postgres-cli`
|
||||
8. Execute the following query, while making sure to **change the password inside** (**don't forget the ending `;`**):
|
||||
|
||||
```sql
|
||||
CREATE ROLE matrix LOGIN SUPERUSER PASSWORD 'YOUR_POSTGRES_PASSWORD_HERE';
|
||||
```
|
||||
|
||||
.. where `YOUR_POSTGRES_PASSWORD_HERE` is to be replaced with the password you generated during step #2.
|
||||
|
||||
9. Execute the following queries as you see them (no modifications necessary, so you can just **paste them all at once**):
|
||||
|
||||
```sql
|
||||
CREATE DATABASE matrix OWNER matrix;
|
||||
|
||||
ALTER DATABASE postgres OWNER TO matrix;
|
||||
ALTER DATABASE template0 OWNER TO matrix;
|
||||
ALTER DATABASE template1 OWNER TO matrix;
|
||||
|
||||
\c matrix;
|
||||
|
||||
ALTER DATABASE homeserver RENAME TO synapse;
|
||||
|
||||
ALTER ROLE synapse NOSUPERUSER NOCREATEDB NOCREATEROLE;
|
||||
|
||||
\quit
|
||||
```
|
||||
|
||||
You may need to press *Enter* after pasting the lines above.
|
||||
|
||||
10. Re-run the playbook normally: `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start`
|
||||
|
||||
### What do I do if I'm using an external Postgres server?
|
||||
|
||||
If you've explicitly configured an [external Postgres server](docs/configuring-playbook-external-postgres.md), there are **no changes** that you need to do at this time.
|
||||
|
||||
The fact that we've renamed Synapse's database from `homeserver` to `synapse` (in our defaults) should not affect you, as you're already explicitly defining `matrix_synapse_database_database` (if you've followed our guide, that is). If you're not explicitly defining this variable, you may wish to do so (`matrix_synapse_database_database: homeserver`), to avoid the new `synapse` default and keep things as they were.
|
||||
|
||||
|
||||
# 2021-01-20
|
||||
|
||||
## (Breaking Change) The mautrix-facebook bridge now requires a Postgres database
|
||||
|
|
130
README.md
130
README.md
|
@ -4,9 +4,16 @@
|
|||
|
||||
## Purpose
|
||||
|
||||
This Ansible playbook is meant to easily let you run your own [Matrix](http://matrix.org/) homeserver.
|
||||
This [Ansible](https://www.ansible.com/) playbook is meant to help you run your own [Matrix](http://matrix.org/) homeserver, along with the [various services](#supported-services) related to that.
|
||||
|
||||
That is, it lets you join the Matrix network with your own `@<username>:<your-domain>` identifier, all hosted on your own server.
|
||||
That is, it lets you join the Matrix network using your own `@<username>:<your-domain>` identifier, all hosted on your own server (see [prerequisites](docs/prerequisites.md)).
|
||||
|
||||
We run all services in [Docker](https://www.docker.com/) containers (see [the container images we use](docs/container-images.md)), which lets us have a predictable and up-to-date setup, across multiple supported distros (see [prerequisites](docs/prerequisites.md)) and [architectures](docs/alternative-architectures.md) (x86/amd64 being recommended).
|
||||
|
||||
[Installation](docs/README.md) (upgrades) and some maintenance tasks are automated using [Ansible](https://www.ansible.com/) (see [our Ansible guide](docs/ansible.md)).
|
||||
|
||||
|
||||
## Supported services
|
||||
|
||||
Using this playbook, you can get the following services configured on your server:
|
||||
|
||||
|
@ -56,6 +63,12 @@ Using this playbook, you can get the following services configured on your serve
|
|||
|
||||
- (optional) the [matrix-appservice-webhooks](https://github.com/turt2live/matrix-appservice-webhooks) bridge for slack compatible webhooks ([ConcourseCI](https://concourse-ci.org/), [Slack](https://slack.com/) etc. pp.)
|
||||
|
||||
- (optional) the [matrix-sms-bridge](https://github.com/benkuly/matrix-sms-bridge) for bridging your Matrix server to SMS - see [docs/configuring-playbook-bridge-matrix-bridge-sms.md](docs/configuring-playbook-bridge-matrix-bridge-sms.md) for setup documentation
|
||||
|
||||
- (optional) the [mx-puppet-skype](https://hub.docker.com/r/sorunome/mx-puppet-skype) for bridging your Matrix server to [Skype](https://www.skype.com) - see [docs/configuring-playbook-bridge-mx-puppet-skype.md](docs/configuring-playbook-bridge-mx-puppet-skype.md) for setup documentation
|
||||
|
||||
- (optional) the [mx-puppet-slack](https://hub.docker.com/r/sorunome/mx-puppet-skype) for bridging your Matrix server to [Slack](https://slack.com) - see [docs/configuring-playbook-bridge-mx-puppet-slack.md](docs/configuring-playbook-bridge-mx-puppet-slack.md) for setup documentation
|
||||
|
||||
- (optional) the [mx-puppet-instagram](https://github.com/Sorunome/mx-puppet-instagram) bridge for Instagram-DMs ([Instagram](https://www.instagram.com/)) - see [docs/configuring-playbook-bridge-mx-puppet-instagram.md](docs/configuring-playbook-bridge-mx-puppet-instagram.md) for setup documentation
|
||||
|
||||
- (optional) the [mx-puppet-twitter](https://github.com/Sorunome/mx-puppet-twitter) bridge for Twitter-DMs ([Twitter](https://twitter.com/) - see [docs/configuring-playbook-bridge-mx-puppet-twitter.md](docs/configuring-playbook-bridge-mx-puppet-twitter.md) for setup documentation
|
||||
|
@ -64,12 +77,12 @@ Using this playbook, you can get the following services configured on your serve
|
|||
|
||||
- (optional) the [mx-puppet-steam](https://github.com/icewind1991/mx-puppet-steam) bridge for [Steam](https://steamapp.com/)) - see [docs/configuring-playbook-bridge-mx-puppet-steam.md](docs/configuring-playbook-bridge-mx-puppet-steam.md) for setup documentation
|
||||
|
||||
- (optional) the [matrix-sms-bridge](https://github.com/benkuly/matrix-sms-bridge) for bridging your Matrix server to SMS - see [docs/configuring-playbook-bridge-matrix-bridge-sms.md](docs/configuring-playbook-bridge-matrix-bridge-sms.md) for setup documentation
|
||||
|
||||
- (optional) [Email2Matrix](https://github.com/devture/email2matrix) for relaying email messages to Matrix rooms - see [docs/configuring-playbook-email2matrix.md](docs/configuring-playbook-email2matrix.md) for setup documentation
|
||||
|
||||
- (optional) [Dimension](https://github.com/turt2live/matrix-dimension), an open source integrations manager for matrix clients - see [docs/configuring-playbook-dimension.md](docs/configuring-playbook-dimension.md) for setup documentation
|
||||
|
||||
- (optional) [Etherpad](https://etherpad.org), an open source collaborative text editor - see [docs/configuring-playbook-etherpad.md](docs/configuring-playbook-etherpad.md) for setup documentation
|
||||
|
||||
- (optional) [Jitsi](https://jitsi.org/), an open source video-conferencing platform - see [docs/configuring-playbook-jitsi.md](docs/configuring-playbook-jitsi.md) for setup documentation
|
||||
|
||||
- (optional) [matrix-reminder-bot](https://github.com/anoadragon453/matrix-reminder-bot) for scheduling one-off & recurring reminders and alarms - see [docs/configuring-playbook-bot-matrix-reminder-bot.md](docs/configuring-playbook-bot-matrix-reminder-bot.md) for setup documentation
|
||||
|
@ -85,33 +98,6 @@ Sticking with the defaults (which install a subset of the above components) is t
|
|||
You can always re-run the playbook later to add or remove components.
|
||||
|
||||
|
||||
## What's different about this Ansible playbook?
|
||||
|
||||
This is similar to the [EMnify/matrix-synapse-auto-deploy](https://github.com/EMnify/matrix-synapse-auto-deploy) Ansible deployment, but:
|
||||
|
||||
- this one is a complete Ansible playbook (instead of just a role), so it's **easier to run** - especially for folks not familiar with Ansible
|
||||
|
||||
- this one installs and hooks together **a lot more Matrix-related services** for you (see above)
|
||||
|
||||
- this one **can be executed more than once** without causing trouble
|
||||
|
||||
- works on various distros: **CentOS** (7.0+), Debian-based distributions (**Debian** 9/Stretch+, **Ubuntu** 16.04+), **Archlinux**
|
||||
|
||||
- this one installs everything in a single directory (`/matrix` by default) and **doesn't "contaminate" your server** with files all over the place
|
||||
|
||||
- this one **doesn't necessarily take over** ports 80 and 443. By default, it sets up nginx for you there, but you can also [use your own webserver](docs/configuring-playbook-own-webserver.md)
|
||||
|
||||
- this one **runs everything in Docker containers**, so it's likely more predictable and less fragile (see [Docker images used by this playbook](#docker-images-used-by-this-playbook))
|
||||
|
||||
- this one retrieves and automatically renews free [Let's Encrypt](https://letsencrypt.org/) **SSL certificates** for you
|
||||
|
||||
- this one optionally can store the `media_store` content repository files on [Amazon S3](https://aws.amazon.com/s3/) (but defaults to storing files on the server's filesystem)
|
||||
|
||||
- this one optionally **allows you to use an external PostgreSQL server** for Synapse's database (but defaults to running one in a container)
|
||||
|
||||
- helps you **import data from a previous installation** (so you can migrate your manual virtualenv/Docker setup to a more managed one)
|
||||
|
||||
|
||||
## Installation
|
||||
|
||||
To configure and install Matrix on your own server, follow the [README in the docs/ directory](docs/README.md).
|
||||
|
@ -124,88 +110,6 @@ This playbook evolves over time, sometimes with backward-incompatible changes.
|
|||
When updating the playbook, refer to [the changelog](CHANGELOG.md) to catch up with what's new.
|
||||
|
||||
|
||||
## Docker images used by this playbook
|
||||
|
||||
This playbook sets up your server using the following Docker images:
|
||||
|
||||
- [matrixdotorg/synapse](https://hub.docker.com/r/matrixdotorg/synapse/) - the official [Synapse](https://github.com/matrix-org/synapse) Matrix homeserver (optional)
|
||||
|
||||
- [instrumentisto/coturn](https://hub.docker.com/r/instrumentisto/coturn/) - the [Coturn](https://github.com/coturn/coturn) STUN/TURN server (optional)
|
||||
|
||||
- [vectorim/element-web](https://hub.docker.com/r/vectorim/element-web/) - the [Element](https://element.io/) web client (optional)
|
||||
|
||||
- [ma1uta/ma1sd](https://hub.docker.com/r/ma1uta/ma1sd/) - the [ma1sd](https://github.com/ma1uta/ma1sd) Matrix Identity server (optional)
|
||||
|
||||
- [postgres](https://hub.docker.com/_/postgres/) - the [Postgres](https://www.postgresql.org/) database server (optional)
|
||||
|
||||
- [ewoutp/goofys](https://hub.docker.com/r/ewoutp/goofys/) - the [Goofys](https://github.com/kahing/goofys) Amazon [S3](https://aws.amazon.com/s3/) file-system-mounting program (optional)
|
||||
|
||||
- [devture/exim-relay](https://hub.docker.com/r/devture/exim-relay/) - the [Exim](https://www.exim.org/) email server (optional)
|
||||
|
||||
- [devture/email2matrix](https://hub.docker.com/r/devture/email2matrix/) - the [Email2Matrix](https://github.com/devture/email2matrix) email server, which can relay email messages to Matrix rooms (optional)
|
||||
|
||||
- [devture/matrix-corporal](https://hub.docker.com/r/devture/matrix-corporal/) - [Matrix Corporal](https://github.com/devture/matrix-corporal): reconciliator and gateway for a managed Matrix server (optional)
|
||||
|
||||
- [zeratax/matrix-registration](https://hub.docker.com/r/devture/zeratax-matrix-registration/) - [matrix-registration](https://github.com/ZerataX/matrix-registration): a simple python application to have a token based matrix registration (optional)
|
||||
|
||||
- [nginx](https://hub.docker.com/_/nginx/) - the [nginx](http://nginx.org/) web server (optional)
|
||||
|
||||
- [certbot/certbot](https://hub.docker.com/r/certbot/certbot/) - the [certbot](https://certbot.eff.org/) tool for obtaining SSL certificates from [Let's Encrypt](https://letsencrypt.org/) (optional)
|
||||
|
||||
- [tulir/mautrix-telegram](https://mau.dev/tulir/mautrix-telegram/container_registry) - the [mautrix-telegram](https://github.com/tulir/mautrix-telegram) bridge to [Telegram](https://telegram.org/) (optional)
|
||||
|
||||
- [tulir/mautrix-whatsapp](https://mau.dev/tulir/mautrix-whatsapp/container_registry) - the [mautrix-whatsapp](https://github.com/tulir/mautrix-whatsapp) bridge to [Whatsapp](https://www.whatsapp.com/) (optional)
|
||||
|
||||
- [tulir/mautrix-facebook](https://mau.dev/tulir/mautrix-facebook/container_registry) - the [mautrix-facebook](https://github.com/tulir/mautrix-facebook) bridge to [Facebook](https://facebook.com/) (optional)
|
||||
|
||||
- [tulir/mautrix-hangouts](https://mau.dev/tulir/mautrix-hangouts/container_registry) - the [mautrix-hangouts](https://github.com/tulir/mautrix-hangouts) bridge to [Google Hangouts](https://en.wikipedia.org/wiki/Google_Hangouts) (optional)
|
||||
|
||||
- [tulir/mautrix-signal](https://mau.dev/tulir/mautrix-signal/container_registry) - the [mautrix-signal](https://github.com/tulir/mautrix-signal) bridge to [Signal](https://www.signal.org/) (optional)
|
||||
|
||||
- [matrixdotorg/matrix-appservice-irc](https://hub.docker.com/r/matrixdotorg/matrix-appservice-irc) - the [matrix-appservice-irc](https://github.com/matrix-org/matrix-appservice-irc) bridge to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) (optional)
|
||||
|
||||
- [halfshot/matrix-appservice-discord](https://hub.docker.com/r/halfshot/matrix-appservice-discord) - the [matrix-appservice-discord](https://github.com/Half-Shot/matrix-appservice-discord) bridge to [Discord](https://discordapp.com/) (optional)
|
||||
|
||||
- [cadair/matrix-appservice-slack](https://hub.docker.com/r/cadair/matrix-appservice-slack) - the [matrix-appservice-slack](https://github.com/matrix-org/matrix-appservice-slack) bridge to [Slack](https://slack.com/) (optional)
|
||||
|
||||
- [turt2live/matrix-appservice-webhooks](https://hub.docker.com/r/turt2live/matrix-appservice-webhooks) - the [Appservice Webhooks](https://github.com/turt2live/matrix-appservice-webhooks) bridge (optional)
|
||||
|
||||
- [folivonet/matrix-sms-bridge](https://hub.docker.com/repository/docker/folivonet/matrix-sms-bridge) - the [matrix-sms-brdige](https://github.com/benkuly/matrix-sms-bridge) (optional)
|
||||
|
||||
- [sorunome/mx-puppet-skype](https://hub.docker.com/r/sorunome/mx-puppet-skype) - the [mx-puppet-skype](https://github.com/Sorunome/mx-puppet-skype) bridge to [Skype](https://www.skype.com) (optional)
|
||||
|
||||
- [sorunome/mx-puppet-slack](https://hub.docker.com/r/sorunome/mx-puppet-slack) - the [mx-puppet-slack](https://github.com/Sorunome/mx-puppet-slack) bridge to [Slack](https://slack.com) (optional)
|
||||
|
||||
- [sorunome/mx-puppet-instagram](https://hub.docker.com/r/sorunome/mx-puppet-instagram) - the [mx-puppet-instagram](https://github.com/Sorunome/mx-puppet-instagram) bridge to [Instagram](https://www.instagram.com) (optional)
|
||||
|
||||
- [sorunome/mx-puppet-twitter](https://hub.docker.com/r/sorunome/mx-puppet-twitter) - the [mx-puppet-twitter](https://github.com/Sorunome/mx-puppet-twitter) bridge to [Twitter](https://twitter.com) (optional)
|
||||
|
||||
- [sorunome/mx-puppet-discord](https://hub.docker.com/r/sorunome/mx-puppet-discord) - the [mx-puppet-discord](https://github.com/matrix-discord/mx-puppet-discord) bridge to [Discord](https://discordapp.com) (optional)
|
||||
|
||||
- [icewind1991/mx-puppet-steam](https://hub.docker.com/r/icewind1991/mx-puppet-steam) - the [mx-puppet-steam](https://github.com/icewind1991/mx-puppet-steam) bridge to [Steam](https://steampowered.com) (optional)
|
||||
|
||||
- [turt2live/matrix-dimension](https://hub.docker.com/r/turt2live/matrix-dimension) - the [Dimension](https://dimension.t2bot.io/) integrations manager (optional)
|
||||
|
||||
- [jitsi/web](https://hub.docker.com/r/jitsi/web) - the [Jitsi](https://jitsi.org/) web UI (optional)
|
||||
|
||||
- [jitsi/jicofo](https://hub.docker.com/r/jitsi/jicofo) - the [Jitsi](https://jitsi.org/) Focus component (optional)
|
||||
|
||||
- [jitsi/prosody](https://hub.docker.com/r/jitsi/prosody) - the [Jitsi](https://jitsi.org/) Prosody XMPP server component (optional)
|
||||
|
||||
- [jitsi/jvb](https://hub.docker.com/r/jitsi/jvb) - the [Jitsi](https://jitsi.org/) Video Bridge component (optional)
|
||||
|
||||
- [anoa/matrix-reminder-bot](https://hub.docker.com/r/anoa/matrix-reminder-bot) - the [matrix-reminder-bot](https://github.com/anoadragon453/matrix-reminder-bot) bot for one-off & recurring reminders and alarms (optional)
|
||||
|
||||
- [awesometechnologies/synapse-admin](https://hub.docker.com/r/awesometechnologies/synapse-admin) - the [synapse-admin](https://github.com/Awesome-Technologies/synapse-admin) web UI tool for administrating users and rooms on your Matrix server (optional)
|
||||
|
||||
|
||||
## Deficiencies
|
||||
|
||||
This Ansible playbook can be improved in the following ways:
|
||||
|
||||
- setting up automatic backups to one or more storage providers
|
||||
|
||||
|
||||
## Support
|
||||
|
||||
- Matrix room: [#matrix-docker-ansible-deploy:devture.com](https://matrix.to/#/#matrix-docker-ansible-deploy:devture.com)
|
||||
|
|
|
@ -21,6 +21,6 @@ matrix_architecture: "arm32"
|
|||
|
||||
## Implementation details
|
||||
|
||||
For `amd64`, prebuilt images are used everywhere (because all images are available for this architecture).
|
||||
For `amd64`, prebuilt container images (see the [container images we use](container-images.md)) are used everywhere, because all images are available for this architecture.
|
||||
|
||||
For other architectures, components which have a prebuilt image make use of it. If the component is not available for the specific architecture, [self-building](self-building.md) will be used. Not all components support self-building though, so your mileage may vary.
|
||||
|
|
|
@ -38,8 +38,9 @@ To [adjust room access privileges](#adjusting-room-access-privileges) or do vari
|
|||
|
||||
There's the Discord bridge's guide for [setting privileges on bridge managed rooms](https://github.com/Half-Shot/matrix-appservice-discord/blob/master/docs/howto.md#set-privileges-on-bridge-managed-rooms). To do the same with our container setup, run the following command on the server:
|
||||
|
||||
```
|
||||
docker exec -it matrix-appservice-discord /bin/sh -c 'cp /build/tools/adminme.js /tmp/adminme.js && cp /cfg/registration.yaml /tmp/discord-registration.yaml && cd /tmp && node /tmp/adminme.js -c /cfg/config.yaml -r "!ROOM_ID:SERVER" -u "@USER:SERVER" -p 100'
|
||||
```sh
|
||||
docker exec -it matrix-appservice-discord \
|
||||
/bin/sh -c 'cp /cfg/registration.yaml /tmp/discord-registration.yaml && cd /tmp && node /build/tools/adminme.js -c /cfg/config.yaml -m "!ROOM_ID:SERVER" -u "@USER:SERVER" -p 100'
|
||||
```
|
||||
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ matrix_mautrix_signal_enabled: true
|
|||
|
||||
## Set up Double Puppeting
|
||||
|
||||
If you'd like to use [Double Puppeting](https://github.com/tulir/mautrix-whatsapp/wiki/Authentication#replacing-whatsapp-accounts-matrix-puppet-with-matrix-account) (hint: you most likely do), you have 2 ways of going about it.
|
||||
If you'd like to use [Double Puppeting](https://github.com/tulir/mautrix-signal/wiki/Authentication#double-puppeting) (hint: you most likely do), you have 2 ways of going about it.
|
||||
|
||||
### Method 1: automatically, by enabling Shared Secret Auth
|
||||
|
||||
|
|
26
docs/configuring-playbook-etherpad.md
Normal file
26
docs/configuring-playbook-etherpad.md
Normal file
|
@ -0,0 +1,26 @@
|
|||
# Setting up Etherpad (optional)
|
||||
|
||||
[Etherpad](https://etherpad.org) is is an open source collaborative text editor that can be embedded in a Matrix chat room using the [Dimension integrations manager](https://dimension.t2bot.io)
|
||||
|
||||
When enabled together with the Jitsi audio/video conferencing system (see [our docs on Jitsi](configuring-playbook-jitsi.md)), it will be made available as an option during the conferences.
|
||||
|
||||
## Prerequisites
|
||||
|
||||
For the self-hosted Etherpad instance to be available to your users, you must first enable and configure the **Dimension integrations manager** as described in [the playbook documentation](configuring-playbook-dimension.md)
|
||||
|
||||
## Installing
|
||||
|
||||
[Etherpad](https://etherpad.org) installation is disabled by default. You can enable it in your configuration file (`inventory/host_vars/matrix.<your-domain>/vars.yml`):
|
||||
|
||||
```yaml
|
||||
matrix_etherpad_enabled: true
|
||||
```
|
||||
|
||||
## Set Dimension default to the self-hosted Etherpad
|
||||
|
||||
The Dimension administrator users can configure the default URL template. The Dimension configuration menu can be accessed with the sprocket icon as you begin to add a widget to a room in Element. There you will find the Etherpad Widget Configuration action beneath the _Widgets_ tab. Replace `scalar.vector.im` with your own Dimension domain.
|
||||
|
||||
### Removing the integrated Etherpad chat
|
||||
|
||||
If you wish to disable the Etherpad chat button, you can do it by appending `?showChat=false` to the end of the pad URL, or the template.
|
||||
Example: `https://dimension.<your-domain>/etherpad/p/$roomId_$padName?showChat=false`
|
|
@ -4,6 +4,7 @@ By default, this playbook would set up a PostgreSQL database server on your mach
|
|||
If that's alright, you can skip this.
|
||||
|
||||
If you'd like to use an external PostgreSQL server that you manage, you can edit your configuration file (`inventory/host_vars/matrix.<your-domain>/vars.yml`).
|
||||
|
||||
It should be something like this:
|
||||
|
||||
```yaml
|
||||
|
|
|
@ -34,8 +34,7 @@ Possible values are:
|
|||
- `"intermediate"` (**default**) - Recommended configuration for a general-purpose server
|
||||
- `"old"` - Services accessed by very old clients or libraries, such as Internet Explorer 8 (Windows XP), Java 6, or OpenSSL 0.9.8
|
||||
|
||||
**Be really carefull when setting it to `"modern"`**. This could break comunication with other Matrix servers, limiting your federation posibilities. The
|
||||
[Federarion tester](https://federationtester.matrix.org/) also won't work.
|
||||
**Be really carefull when setting it to `"modern"`**. This could break comunication with other Matrix servers, limiting your federation posibilities.
|
||||
|
||||
Besides changing the preset (`matrix_nginx_proxy_ssl_preset`), you can also directly override these 3 variables:
|
||||
|
||||
|
|
|
@ -33,7 +33,7 @@ When you're done with all the configuration you'd like to do, continue with [Ins
|
|||
|
||||
- [Setting up the Jitsi video-conferencing platform](configuring-playbook-jitsi.md) (optional)
|
||||
|
||||
- [Setting Dynamic DNS](configuring-playbook-dynamic-dns.md) (optional)
|
||||
- [Setting up Dynamic DNS](configuring-playbook-dynamic-dns.md) (optional)
|
||||
|
||||
### Core service adjustments
|
||||
|
||||
|
|
87
docs/container-images.md
Normal file
87
docs/container-images.md
Normal file
|
@ -0,0 +1,87 @@
|
|||
# Container Images used by the playbook
|
||||
|
||||
This page summarizes the container ([Docker](https://www.docker.com/)) images used by the playbook when setting up your server.
|
||||
|
||||
We try to stick to official images (provided by their respective projects) as much as possible.
|
||||
|
||||
|
||||
## Container images used by default
|
||||
|
||||
These services are enabled and used by default, but you can turn them off, if you wish.
|
||||
|
||||
- [matrixdotorg/synapse](https://hub.docker.com/r/matrixdotorg/synapse/) - the official [Synapse](https://github.com/matrix-org/synapse) Matrix homeserver (optional)
|
||||
|
||||
- [instrumentisto/coturn](https://hub.docker.com/r/instrumentisto/coturn/) - the [Coturn](https://github.com/coturn/coturn) STUN/TURN server (optional)
|
||||
|
||||
- [vectorim/element-web](https://hub.docker.com/r/vectorim/element-web/) - the [Element](https://element.io/) web client (optional)
|
||||
|
||||
- [ma1uta/ma1sd](https://hub.docker.com/r/ma1uta/ma1sd/) - the [ma1sd](https://github.com/ma1uta/ma1sd) Matrix Identity server (optional)
|
||||
|
||||
- [postgres](https://hub.docker.com/_/postgres/) - the [Postgres](https://www.postgresql.org/) database server (optional)
|
||||
|
||||
- [devture/exim-relay](https://hub.docker.com/r/devture/exim-relay/) - the [Exim](https://www.exim.org/) email server (optional)
|
||||
|
||||
- [nginx](https://hub.docker.com/_/nginx/) - the [nginx](http://nginx.org/) web server (optional)
|
||||
|
||||
- [certbot/certbot](https://hub.docker.com/r/certbot/certbot/) - the [certbot](https://certbot.eff.org/) tool for obtaining SSL certificates from [Let's Encrypt](https://letsencrypt.org/) (optional)
|
||||
|
||||
|
||||
## Optional other container images we may use
|
||||
|
||||
These services are not part of our default installation, but can be enabled by [configuring the playbook](configuring-playbook.md) (either before the initial installation or any time later):
|
||||
|
||||
- [ewoutp/goofys](https://hub.docker.com/r/ewoutp/goofys/) - the [Goofys](https://github.com/kahing/goofys) Amazon [S3](https://aws.amazon.com/s3/) file-system-mounting program (optional)
|
||||
|
||||
- [etherpad/etherpad](https://hub.docker.com/r/etherpad/etherpad/) - the [Etherpad](https://etherpad.org) realtime collaborative text editor that can be used in a Jitsi audio/video call or integrated as a widget into Matrix chat rooms via the Dimension integration manager (optional)
|
||||
|
||||
- [devture/email2matrix](https://hub.docker.com/r/devture/email2matrix/) - the [Email2Matrix](https://github.com/devture/email2matrix) email server, which can relay email messages to Matrix rooms (optional)
|
||||
|
||||
- [devture/matrix-corporal](https://hub.docker.com/r/devture/matrix-corporal/) - [Matrix Corporal](https://github.com/devture/matrix-corporal): reconciliator and gateway for a managed Matrix server (optional)
|
||||
|
||||
- [zeratax/matrix-registration](https://hub.docker.com/r/devture/zeratax-matrix-registration/) - [matrix-registration](https://github.com/ZerataX/matrix-registration): a simple python application to have a token based matrix registration (optional)
|
||||
|
||||
- [tulir/mautrix-telegram](https://mau.dev/tulir/mautrix-telegram/container_registry) - the [mautrix-telegram](https://github.com/tulir/mautrix-telegram) bridge to [Telegram](https://telegram.org/) (optional)
|
||||
|
||||
- [tulir/mautrix-whatsapp](https://mau.dev/tulir/mautrix-whatsapp/container_registry) - the [mautrix-whatsapp](https://github.com/tulir/mautrix-whatsapp) bridge to [Whatsapp](https://www.whatsapp.com/) (optional)
|
||||
|
||||
- [tulir/mautrix-facebook](https://mau.dev/tulir/mautrix-facebook/container_registry) - the [mautrix-facebook](https://github.com/tulir/mautrix-facebook) bridge to [Facebook](https://facebook.com/) (optional)
|
||||
|
||||
- [tulir/mautrix-hangouts](https://mau.dev/tulir/mautrix-hangouts/container_registry) - the [mautrix-hangouts](https://github.com/tulir/mautrix-hangouts) bridge to [Google Hangouts](https://en.wikipedia.org/wiki/Google_Hangouts) (optional)
|
||||
|
||||
- [tulir/mautrix-signal](https://mau.dev/tulir/mautrix-signal/container_registry) - the [mautrix-signal](https://github.com/tulir/mautrix-signal) bridge to [Signal](https://www.signal.org/) (optional)
|
||||
|
||||
- [matrixdotorg/matrix-appservice-irc](https://hub.docker.com/r/matrixdotorg/matrix-appservice-irc) - the [matrix-appservice-irc](https://github.com/matrix-org/matrix-appservice-irc) bridge to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) (optional)
|
||||
|
||||
- [halfshot/matrix-appservice-discord](https://hub.docker.com/r/halfshot/matrix-appservice-discord) - the [matrix-appservice-discord](https://github.com/Half-Shot/matrix-appservice-discord) bridge to [Discord](https://discordapp.com/) (optional)
|
||||
|
||||
- [cadair/matrix-appservice-slack](https://hub.docker.com/r/cadair/matrix-appservice-slack) - the [matrix-appservice-slack](https://github.com/matrix-org/matrix-appservice-slack) bridge to [Slack](https://slack.com/) (optional)
|
||||
|
||||
- [turt2live/matrix-appservice-webhooks](https://hub.docker.com/r/turt2live/matrix-appservice-webhooks) - the [Appservice Webhooks](https://github.com/turt2live/matrix-appservice-webhooks) bridge (optional)
|
||||
|
||||
- [folivonet/matrix-sms-bridge](https://hub.docker.com/repository/docker/folivonet/matrix-sms-bridge) - the [matrix-sms-bridge](https://github.com/benkuly/matrix-sms-bridge) (optional)
|
||||
|
||||
- [sorunome/mx-puppet-skype](https://hub.docker.com/r/sorunome/mx-puppet-skype) - the [mx-puppet-skype](https://github.com/Sorunome/mx-puppet-skype) bridge to [Skype](https://www.skype.com) (optional)
|
||||
|
||||
- [sorunome/mx-puppet-slack](https://hub.docker.com/r/sorunome/mx-puppet-slack) - the [mx-puppet-slack](https://github.com/Sorunome/mx-puppet-slack) bridge to [Slack](https://slack.com) (optional)
|
||||
|
||||
- [sorunome/mx-puppet-instagram](https://hub.docker.com/r/sorunome/mx-puppet-instagram) - the [mx-puppet-instagram](https://github.com/Sorunome/mx-puppet-instagram) bridge to [Instagram](https://www.instagram.com) (optional)
|
||||
|
||||
- [sorunome/mx-puppet-twitter](https://hub.docker.com/r/sorunome/mx-puppet-twitter) - the [mx-puppet-twitter](https://github.com/Sorunome/mx-puppet-twitter) bridge to [Twitter](https://twitter.com) (optional)
|
||||
|
||||
- [sorunome/mx-puppet-discord](https://hub.docker.com/r/sorunome/mx-puppet-discord) - the [mx-puppet-discord](https://github.com/matrix-discord/mx-puppet-discord) bridge to [Discord](https://discordapp.com) (optional)
|
||||
|
||||
- [icewind1991/mx-puppet-steam](https://hub.docker.com/r/icewind1991/mx-puppet-steam) - the [mx-puppet-steam](https://github.com/icewind1991/mx-puppet-steam) bridge to [Steam](https://steampowered.com) (optional)
|
||||
|
||||
- [turt2live/matrix-dimension](https://hub.docker.com/r/turt2live/matrix-dimension) - the [Dimension](https://dimension.t2bot.io/) integrations manager (optional)
|
||||
|
||||
- [jitsi/web](https://hub.docker.com/r/jitsi/web) - the [Jitsi](https://jitsi.org/) web UI (optional)
|
||||
|
||||
- [jitsi/jicofo](https://hub.docker.com/r/jitsi/jicofo) - the [Jitsi](https://jitsi.org/) Focus component (optional)
|
||||
|
||||
- [jitsi/prosody](https://hub.docker.com/r/jitsi/prosody) - the [Jitsi](https://jitsi.org/) Prosody XMPP server component (optional)
|
||||
|
||||
- [jitsi/jvb](https://hub.docker.com/r/jitsi/jvb) - the [Jitsi](https://jitsi.org/) Video Bridge component (optional)
|
||||
|
||||
- [anoa/matrix-reminder-bot](https://hub.docker.com/r/anoa/matrix-reminder-bot) - the [matrix-reminder-bot](https://github.com/anoadragon453/matrix-reminder-bot) bot for one-off & recurring reminders and alarms (optional)
|
||||
|
||||
- [awesometechnologies/synapse-admin](https://hub.docker.com/r/awesometechnologies/synapse-admin) - the [synapse-admin](https://github.com/Awesome-Technologies/synapse-admin) web UI tool for administrating users and rooms on your Matrix server (optional)
|
119
docs/faq.md
119
docs/faq.md
|
@ -21,11 +21,11 @@ For a lot more generic questions and answers, see the [matrix.org FAQ](https://m
|
|||
|
||||
[Matrix](https://matrix.org/) is a new type of realtime communication (chat) network, the closest analogy to which is probably "email".
|
||||
|
||||
You don't just use the "email" protocols (SMTP, POP3, IMAP) directly though. There's a some *server* somewhere which stores your data (`@gmail.com`, `@yahoo.com`, `@hotmail.com`, `@your-company.com`) and you access using these "email" protocol using use some *client* program (Outlook, Thunderbird, some website, etc).
|
||||
You don't just use the "email" protocols (SMTP, POP3, IMAP) directly though. There's a *server* somewhere which stores your data (`@gmail.com`, `@yahoo.com`, `@hotmail.com`, `@your-company.com`) and you access it by using these "email" protocols via some *client* program (Outlook, Thunderbird, some website, etc).
|
||||
|
||||
In the world of the Matrix chat protocol, there are various client programs. The first and currently most full-featured one is called [Element](https://element.io/) (used to be called Riot.im and Vector.im in the past). There are [many other clients](https://matrix.org/clients/). You can switch clients as much as you want until you find the one that is right for you on a given platform (you may use Element on your desktop, but Fluffychat on your phone, etc).
|
||||
|
||||
Matrix is also like email due to the fact that are many servers around the world which can all talk to each other (you can send email from `@gmail.com` addresses to `@yahoo.com` and `@hotmail.com` addresses). It's the same with Matrix (`@bob:his-domain.com` can talk to `@alice:her-domain.org`).
|
||||
Matrix is also like email due to the fact that there are many servers around the world which can all talk to each other (you can send email from `@gmail.com` addresses to `@yahoo.com` and `@hotmail.com` addresses). It's the same with Matrix (`@bob:his-domain.com` can talk to `@alice:her-domain.org`).
|
||||
|
||||
If someone else is hosting your Matrix server (you being `@user:matrix.org` or some other public server like this), all you need is a Matrix client program, like Element.
|
||||
|
||||
|
@ -37,11 +37,11 @@ In short:
|
|||
- Element is a client program you can use to participate on the Matrix chat network via some server (yours or someone else's). There are also [many other client programs](https://matrix.org/clients/).
|
||||
- Synapse is a server program you can use to host your very own Matrix server.
|
||||
|
||||
This FAQ here mostly focuses on installing Matrix services using the Ansible automation tool. You can learn much more about Matrix in the [matrix.org FAQ](https://matrix.org/faq/).
|
||||
This FAQ here mostly focuses on installing various Matrix services using the Ansible automation tool. You can learn much more about Matrix in the [matrix.org FAQ](https://matrix.org/faq/).
|
||||
|
||||
## People I wish to talk to are not on Matrix. Can I talk to them?
|
||||
|
||||
You most likely can. Besides Matrix-native chats, Matrix also supports this concept of "bridging", which allows you to plug other networks into it.
|
||||
You most likely can. Besides Matrix-native chats, Matrix also supports the concept of "bridging", which allows you to plug other networks into it.
|
||||
|
||||
This Ansible playbook can help you install [tens of bridges for various networks](configuring-playbook.md#bridging-other-networks).
|
||||
|
||||
|
@ -82,9 +82,9 @@ To learn more, see our [dedicated Ansible documentation page](ansible.md).
|
|||
|
||||
### Why use this playbook and not install Synapse and other things manually?
|
||||
|
||||
There's various guides telling you how easy it is to install [Synapse](https://github.com/matrix-org/synapse).
|
||||
There are various guides telling you how easy it is to install [Synapse](https://github.com/matrix-org/synapse).
|
||||
|
||||
Reading this Ansible playbook's documentation, you may also be thinking:
|
||||
Reading the documentation of this Ansible playbook, you may also be thinking:
|
||||
|
||||
> I don't know what [Ansible](https://www.ansible.com/) is. I don't know what [Docker](https://www.docker.com/) is. This looks more complicated.
|
||||
|
||||
|
@ -111,6 +111,33 @@ Besides Synapse, you'd need other things - a Postgres database, likely the [Elem
|
|||
|
||||
Using the playbook, you get all these components in a way that works well together out of the box.
|
||||
|
||||
### What's different about this Ansible playbook compared to [EMnify/matrix-synapse-auto-deploy](https://github.com/EMnify/matrix-synapse-auto-deploy)?
|
||||
|
||||
This is similar to the [EMnify/matrix-synapse-auto-deploy](https://github.com/EMnify/matrix-synapse-auto-deploy) Ansible deployment, but:
|
||||
|
||||
- this one is a complete Ansible playbook (instead of just a role), so it's **easier to run** - especially for folks not familiar with Ansible
|
||||
|
||||
- this one installs and hooks together **a lot more Matrix-related services** for you (see above)
|
||||
|
||||
- this one **can be executed more than once** without causing trouble
|
||||
|
||||
- works on various distros: **CentOS** (7.0+), Debian-based distributions (**Debian** 9/Stretch+, **Ubuntu** 16.04+), **Archlinux**
|
||||
|
||||
- this one installs everything in a single directory (`/matrix` by default) and **doesn't "contaminate" your server** with files all over the place
|
||||
|
||||
- this one **doesn't necessarily take over** ports 80 and 443. By default, it sets up nginx for you there, but you can also [use your own webserver](configuring-playbook-own-webserver.md)
|
||||
|
||||
- this one **runs everything in Docker containers**, so it's likely more predictable and less fragile (see [Docker images used by this playbook](container-images.md))
|
||||
|
||||
- this one retrieves and automatically renews free [Let's Encrypt](https://letsencrypt.org/) **SSL certificates** for you
|
||||
|
||||
- this one optionally can store the `media_store` content repository files on [Amazon S3](https://aws.amazon.com/s3/) (but defaults to storing files on the server's filesystem)
|
||||
|
||||
- this one optionally **allows you to use an external PostgreSQL server** for Synapse's database (but defaults to running one in a container)
|
||||
|
||||
- helps you **import data from a previous installation** (so you can migrate your manual virtualenv/Docker setup to a more managed one)
|
||||
|
||||
- this one is actually **maintained**
|
||||
|
||||
## Server-related
|
||||
|
||||
|
@ -146,7 +173,7 @@ It also lets us have a unified setup which runs the same across various supporte
|
|||
|
||||
### Is Docker a hard requirement?
|
||||
|
||||
Yes. See [Why don't you use Podman instead of Docker?](#is-docker-a-hard-requirement) for why we're not using another container runtime.
|
||||
Yes. See [Why don't you use Podman instead of Docker?](#why-dont-you-use-podman-instead-of-docker) for why we're not using another container runtime.
|
||||
|
||||
All of our services run in containers. It's how we achieve predictability and also how we support tens of different services across lots of distros.
|
||||
|
||||
|
@ -176,7 +203,7 @@ This largely depends on your use case. It's not so much the number of users that
|
|||
|
||||
Federated rooms with lots of history and containing hundreds of other servers are very heavy CPU-wise and memory-wise.
|
||||
|
||||
You can probably use a 1 CPU + 1GB memory server to host hundreds of local users just fine, but as soon as of them joins a federated room like `#matrix:matrix.org` (Matrix HQ) or some IRC-bridged room (say `##linux`), your server will get the need for a lot more power (at least 2GB RAM, etc).
|
||||
You can probably use a 1 CPU + 1GB memory server to host hundreds of local users just fine, but as soon as one of them joins a federated room like `#matrix:matrix.org` (Matrix HQ) or some IRC-bridged room (say `##linux`), your server will get the need for a lot more power (at least 2GB RAM, etc).
|
||||
|
||||
Running Matrix on a server with 1GB of memory is possible (especially if you disable some not-so-important services). See [How do I optimize this setup for a low-power server?](#how-do-i-optimize-this-setup-for-a-low-power-server).
|
||||
|
||||
|
@ -193,7 +220,7 @@ If your distro runs within an [LXC container](https://linuxcontainers.org/), you
|
|||
|
||||
### Why install my server at matrix.DOMAIN and not at the base DOMAIN?
|
||||
|
||||
It's the same with email servers. Your email address is likely `name@company.com`, not `name@mail.company.com`, even though it's really `mail.company.com` that is really handling your data for `@company.com` email to work.
|
||||
It's the same with email servers. Your email address is likely `name@company.com`, not `name@mail.company.com`, even though it's `mail.company.com` that is really handling your data for `@company.com` email to work.
|
||||
|
||||
Using a separate domain name is easier to manage (although it's a little hard to get right at first) and keeps your Matrix server isolated from your website (if you have one), from your email server (if you have one), etc.
|
||||
|
||||
|
@ -203,7 +230,7 @@ If you'd really like to install Matrix services directly on the base domain, see
|
|||
|
||||
### I don't control anything on the base domain and can't set up delegation to matrix.DOMAIN. What do I do?
|
||||
|
||||
If you're not in control of your base domain (or server handling it) at all, you can take a look at [How do I install on matrix.DOMAIN without involving the base DOMAIN?](#how-do-i-install-on-matrixdomain-without-involving-the-base-domain)
|
||||
If you're not in control of your base domain (or the server handling it) at all, you can take a look at [How do I install on matrix.DOMAIN without involving the base DOMAIN?](#how-do-i-install-on-matrixdomain-without-involving-the-base-domain)
|
||||
|
||||
### I can't set up HTTPS on the base domain. How will I get Matrix federating?
|
||||
|
||||
|
@ -297,6 +324,36 @@ matrix_docker_installation_enabled: true
|
|||
|
||||
By default, we install a webserver for you (nginx), but you can also use [your own webserver](configuring-playbook-own-webserver.md).
|
||||
|
||||
### How is the effective configuration determined?
|
||||
|
||||
Configuration variables are defined in multiple places in this playbook and are considered in this order:
|
||||
|
||||
- there are defaults coming from each role's defaults file (`role/matrix*/defaults/main.yml`). These variable values aim to be good defaults for when the role is used standalone (outside of this collection of roles, also called playbook).
|
||||
|
||||
- then, there are overrides in `group_vars/matrix_servers`, which aim to adjust these "standalone role defaults" to something which better fits the playbook in its entirety.
|
||||
|
||||
- finally, there's your `inventory/host_vars/matrix.DOMAIN/vars.yml` file, which is the ultimate override
|
||||
|
||||
### What configuration variables are available?
|
||||
|
||||
You can discover the variables you can override in each role (`role/matrix*/defaults/main.yml`).
|
||||
|
||||
As described in [How is the effective configuration determined?](#how-is-the-effective-configuration-determined), these role-defaults may be overriden by values defined in `group_vars/matrix_servers`.
|
||||
|
||||
Refer to both of these for inspiration. Still, as mentioned in [Configuring the playbook](configuring-playbook.md), you're only ever supposed to edit your own `inventory/host_vars/matrix.DOMAIN/vars.yml` file and nothing else inside the playbook (unless you're meaning to contribute new features).
|
||||
|
||||
### I'd like to adjust some configuration which doesn't have a corresponding variable. How do I do it?
|
||||
|
||||
The playbook doesn't aim to expose all configuration settings for all services using variables.
|
||||
Doing so would amount to hundreds of variables that we have to create and maintain.
|
||||
|
||||
Instead, we only try to make some important basics configurable using dedicated variables you can see in each role.
|
||||
See [What configuration variables are available?](#what-configuration-variables-are-available).
|
||||
|
||||
Besides that, each role (component) aims to provide a `matrix_SOME_COMPONENT_configuration_extension_yaml` (or `matrix_SOME_COMPONENT_configuration_extension_json`) variable, which can be used to override the configuration.
|
||||
|
||||
Check each role's `role/matrix*/defaults/main.yml` for the corresponding variable and an example for how use it.
|
||||
|
||||
|
||||
## Installation
|
||||
|
||||
|
@ -325,6 +382,46 @@ It can perform a local connection instead. Just set `ansible_connection=local` a
|
|||
If you're running Ansible from within a container (one of the possibilities we list on our [dedicated Ansible documentation page](ansible.md)), then using `ansible_connection=local` is not possible.
|
||||
|
||||
|
||||
## Troubleshooting
|
||||
|
||||
### I get "Error response from daemon: configured logging driver does not support reading" when I do `docker logs matrix-synapse`.
|
||||
|
||||
See [How can I see the logs?](#how-can-i-see-the-logs).
|
||||
|
||||
### How can I see the logs?
|
||||
|
||||
We utilize [systemd/journald](https://www.freedesktop.org/software/systemd/man/systemd-journald.service.html#Description) for logging.
|
||||
|
||||
To see logs for Synapse, run `journalctl -fu matrix-synapse.service`. You may wish to see the [manual page for journalctl](https://www.commandlinux.com/man-page/man1/journalctl.1.html).
|
||||
|
||||
Available service names can be seen by doing `ls /etc/systemd/system/matrix*.service` on the server.
|
||||
|
||||
Some services also log to files in `/matrix/*/data/..`, but we're slowly moving away from that.
|
||||
|
||||
We also disable Docker logging, so you can't use `docker logs matrix-*` either. We do this to prevent useless double (or even triple) logging and to avoid having to rotate log files.
|
||||
|
||||
We just simply delegate logging to journald and it takes care of persistence and expiring old data.
|
||||
|
||||
Also see: [How long do systemd/journald logs persist for?](#how-long-do-systemdjournald-logs-persist-for)
|
||||
|
||||
### How long do systemd/journald logs persist for?
|
||||
|
||||
On some distros, the journald logs are just in-memory and not persisted to disk.
|
||||
|
||||
Consult (and feel free to adjust) your distro's journald logging configuration in `/etc/systemd/journald.conf`.
|
||||
|
||||
To enable persistence and put some limits on how large the journal log files can become, adjust your configuration like this:
|
||||
|
||||
```ini
|
||||
[Journal]
|
||||
RuntimeMaxUse=200M
|
||||
SystemMaxUse=1G
|
||||
RateLimitInterval=0
|
||||
RateLimitBurst=0
|
||||
Storage=persistent
|
||||
```
|
||||
|
||||
|
||||
## Maintenance
|
||||
|
||||
### Do I need to do anything to keep my Matrix server updated?
|
||||
|
@ -341,7 +438,7 @@ If your previous installation is done in some other way (not using this Ansible
|
|||
|
||||
### How do I back up the data on my server?
|
||||
|
||||
We haven't document this properly yet, but the general advice is to:
|
||||
We haven't documented this properly yet, but the general advice is to:
|
||||
|
||||
- back up Postgres by making a database dump. See [Backing up PostgreSQL](maintenance-postgres.md#backing-up-postgresql)
|
||||
|
||||
|
|
|
@ -7,8 +7,8 @@ Run this if you'd like to import your database from a previous installation.
|
|||
## Prerequisites
|
||||
|
||||
For this to work, **the database name in Postgres must match** what this playbook uses.
|
||||
This playbook uses a Postgres database name of `homeserver` by default (controlled by the `matrix_postgres_db_name` variable).
|
||||
If your database name differs, be sure to change `matrix_postgres_db_name` to your desired name and to re-run the playbook before proceeding.
|
||||
This playbook uses a Postgres database name of `synapse` by default (controlled by the `matrix_synapse_database_database` variable).
|
||||
If your database name differs, be sure to change `matrix_synapse_database_database` to your desired name and to re-run the playbook before proceeding.
|
||||
|
||||
The playbook supports importing Postgres dump files in **text** (e.g. `pg_dump > dump.sql`) or **gzipped** formats (e.g. `pg_dump | gzip -c > dump.sql.gz`).
|
||||
|
||||
|
@ -21,10 +21,17 @@ Before doing the actual import, **you need to upload your Postgres dump file to
|
|||
|
||||
To import, run this command (make sure to replace `<server-path-to-postgres-dump.sql>` with a file path on your server):
|
||||
|
||||
ansible-playbook -i inventory/hosts setup.yml --extra-vars='server_path_postgres_dump=<server-path-to-postgres-dump.sql>' --tags=import-postgres
|
||||
```sh
|
||||
ansible-playbook -i inventory/hosts setup.yml \
|
||||
--extra-vars='postgres_default_import_database=synapse server_path_postgres_dump=<server-path-to-postgres-dump.sql>' \
|
||||
--tags=import-postgres
|
||||
```
|
||||
|
||||
We specify the `synapse` database as the default import database. If your dump is a single-database dump (`pg_dump`), then we need to tell it where to go to. If you're redefining `matrix_synapse_database_database` to something other than `synapse`, please adjust it here too. For database dumps spanning multiple databases (`pg_dumpall`), you can remove the `postgres_default_import_database` definition (but it doesn't hurt to keep it too).
|
||||
|
||||
**Note**: `<server-path-to-postgres-dump.sql>` must be a file path to a Postgres dump file on the server (not on your local machine!).
|
||||
|
||||
|
||||
## Troubleshooting
|
||||
|
||||
A table ownership issue can occur if you are importing from a Synapse installation which was both:
|
||||
|
|
|
@ -36,11 +36,19 @@ When you're ready to start the Matrix services (and set them up to auto-start in
|
|||
ansible-playbook -i inventory/hosts setup.yml --tags=start
|
||||
```
|
||||
|
||||
Now that the services are running, you might want to:
|
||||
Now that services are running, you need to **finalize the installation process** (required for federation to work!) by [Configuring Service Discovery via .well-known](configuring-well-known.md)
|
||||
|
||||
- **finalize the installation process** (required for federation to work!) by [Configuring Service Discovery via .well-known](configuring-well-known.md)
|
||||
- or [create your first user account](registering-users.md)
|
||||
- or [set up the Dimension Integrations Manager](configuring-playbook-dimension.md)
|
||||
- or [check if services work](maintenance-checking-services.md)
|
||||
- or learn how to [upgrade your services when new versions are released](maintenance-upgrading-services.md)
|
||||
- or learn how to [migrate to another server](maintenance-migrating.md)
|
||||
|
||||
## Things to do next
|
||||
|
||||
If you have started services and **finalized the installation process** (required for federation to work!) by [Configuring Service Discovery via .well-known](configuring-well-known.md), you can:
|
||||
|
||||
- [check if services work](maintenance-checking-services.md)
|
||||
- or [create your first Matrix user account](registering-users.md)
|
||||
- or [set up additional services](configuring-playbook.md#other-configuration-options) (bridges to other chat networks, bots, etc.)
|
||||
- or learn how to [upgrade services when new versions are released](maintenance-upgrading-services.md)
|
||||
- or learn how to [maintain your server](faq.md#maintenance)
|
||||
- or join some Matrix rooms:
|
||||
* via the *Explore rooms* feature in Element or some other client, or by discovering them using this [matrix-static list](https://view.matrix.org). Note: joining large rooms may overload small servers.
|
||||
* or come say Hi in our support room - [#matrix-docker-ansible-deploy:devture.com](https://matrix.to/#/#matrix-docker-ansible-deploy:devture.com). You might learn something or get to help someone else new to Matrix hosting.
|
||||
- or help make this playbook better by contributing (code, documentation, or [coffee/beer](https://liberapay.com/s.pantaleev/donate))
|
||||
|
|
|
@ -19,6 +19,17 @@ You can use the `/usr/local/bin/matrix-postgres-cli` tool to get interactive ter
|
|||
|
||||
If you are using an [external Postgres server](configuring-playbook-external-postgres.md), the above tool will not be available.
|
||||
|
||||
By default, this tool puts you in the `matrix` database, which contains nothing.
|
||||
|
||||
To see the available databases, run `\list` (or just `\l`).
|
||||
|
||||
To change to another database (for example `synapse`), run `\connect synapse` (or just `\c synapse`).
|
||||
|
||||
You can then proceed to write queries. Example: `SELECT COUNT(*) FROM users;`
|
||||
|
||||
**Be careful**. Modifying the database directly (especially as services are running) is dangerous and may lead to irreversible database corruption.
|
||||
When in doubt, consider [making a backup](#backing-up-postgresql).
|
||||
|
||||
|
||||
## Vacuuming PostgreSQL
|
||||
|
||||
|
@ -53,6 +64,8 @@ pg_dumpall -h matrix-postgres \
|
|||
|
||||
If you are using an [external Postgres server](configuring-playbook-external-postgres.md), the above command will not work, because the credentials file (`/matrix/postgres/env-postgres-psql`) is not available.
|
||||
|
||||
If your server is on the ARM32 [architecture](alternative-architectures.md), you may need to remove the `-alpine` suffix from the image name in the command above.
|
||||
|
||||
Restoring a backup made this way can be done by [importing it](importing-postgres.md).
|
||||
|
||||
|
||||
|
|
|
@ -2,13 +2,13 @@
|
|||
|
||||
To install Matrix services using this Ansible playbook, you need:
|
||||
|
||||
- (Recommended) An **x86** server running one of these operating systems:
|
||||
- (Recommended) An **x86** server ([What kind of server specs do I need?](faq.md#what-kind-of-server-specs-do-i-need)) running one of these operating systems:
|
||||
- **CentOS** (7 only for now; [8 is not yet supported](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/300))
|
||||
- **Debian** (9/Stretch+)
|
||||
- **Ubuntu** (16.04+, although [20.04 may be problematic](ansible.md#supported-ansible-versions))
|
||||
- **Debian** (9/Stretch or newer)
|
||||
- **Ubuntu** (16.04 or newer, although [20.04 may be problematic](ansible.md#supported-ansible-versions))
|
||||
- **Archlinux**
|
||||
|
||||
We only strive to support released stable versions of distributions, not betas or pre-releases. This playbook can take over your whole server or co-exist with other services that you have there.
|
||||
Generally, newer is better. We only strive to support released stable versions of distributions, not betas or pre-releases. This playbook can take over your whole server or co-exist with other services that you have there.
|
||||
|
||||
This playbook somewhat supports running on non-`amd64` architectures like ARM. See [Alternative Architectures](alternative-architectures.md).
|
||||
|
||||
|
|
|
@ -2,13 +2,14 @@
|
|||
|
||||
**Caution: self-building does not have to be used on its own. See the [Alternative Architectures](alternative-architectures.md) page.**
|
||||
|
||||
The playbook supports the self-building of various components, which don't have a container image for your architecture. For `amd64`, self-building is not required.
|
||||
The playbook supports self-building of various components, which don't have a container image for your architecture (see the [container images we use](container-images.md)). For `amd64`, self-building is not required.
|
||||
|
||||
For other architectures (e.g. `arm32`, `arm64`), ready-made container images are used when available. If there's no ready-made image for a specific component and said component supports self-building, an image will be built on the host. Building images like this takes more time and resources (some build tools need to get installed by the playbook to assist building).
|
||||
|
||||
To make use of self-building, you don't need to do anything besides change your architecture variable (e.g. `matrix_architecture: arm64`). If a component has an image for the specified architecture, the playbook will use it. If not, it will build the image.
|
||||
To make use of self-building, you don't need to do anything besides change your architecture variable (e.g. `matrix_architecture: arm64`). If a component has an image for the specified architecture, the playbook will use it directly. If not, it will build the image on the server itself.
|
||||
|
||||
Note that **not all components support self-building yet**.
|
||||
|
||||
List of roles where self-building the Docker image is currently possible:
|
||||
- `matrix-synapse`
|
||||
- `matrix-synapse-admin`
|
||||
|
@ -18,6 +19,7 @@ List of roles where self-building the Docker image is currently possible:
|
|||
- `matrix-corporal`
|
||||
- `matrix-ma1sd`
|
||||
- `matrix-mailer`
|
||||
- `matrix-bridge-appservice-irc`
|
||||
- `matrix-bridge-appservice-slack`
|
||||
- `matrix-bridge-mautrix-facebook`
|
||||
- `matrix-bridge-mautrix-hangouts`
|
||||
|
|
|
@ -9,10 +9,11 @@
|
|||
# to the host line below or by adding `ansible_ssh_pipelining: False` to your variables file.
|
||||
#
|
||||
# If you're running this Ansible playbook on the same server as the one you're installing to,
|
||||
# consider adding an additional `ansible_connection=local` argument below.
|
||||
# consider adding an additional `ansible_connection=local` argument to the host line below.
|
||||
#
|
||||
# Ansible may fail to discover which Python interpreter to use on the host for some distros (like Ubuntu 20.04).
|
||||
# You may sometimes need to explicitly add `ansible_python_interpreter=/usr/bin/python3` to lines below.
|
||||
# You may sometimes need to explicitly add the argument `ansible_python_interpreter=/usr/bin/python3`
|
||||
# to the host line below.
|
||||
|
||||
[matrix_servers]
|
||||
matrix.<your-domain> ansible_host=<your-server's external IP address> ansible_ssh_user=root
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
# Note: this playbook does not touch the server referenced here.
|
||||
# Installation happens on another server ("matrix.<matrix-domain>").
|
||||
#
|
||||
# If you've deployed using the wrong domain, you'll have to run the Uninstalling step,
|
||||
# If you've deployed using the wrong domain, you'll have to run the Uninstalling step,
|
||||
# because you can't change the Domain after deployment.
|
||||
#
|
||||
# Example value: example.com
|
||||
|
@ -18,12 +18,18 @@ matrix_domain: YOUR_BARE_DOMAIN_NAME_HERE
|
|||
# you won't be required to define this variable (see `docs/configuring-playbook-ssl-certificates.md`).
|
||||
#
|
||||
# Example value: someone@example.com
|
||||
matrix_ssl_lets_encrypt_support_email: YOUR_EMAIL_ADDRESS_HERE
|
||||
matrix_ssl_lets_encrypt_support_email: ''
|
||||
|
||||
# A shared secret (between Coturn and Synapse) used for authentication.
|
||||
# You can put any string here, but generating a strong one is preferred (e.g. `pwgen -s 64 1`).
|
||||
matrix_coturn_turn_static_auth_secret: ""
|
||||
matrix_coturn_turn_static_auth_secret: ''
|
||||
|
||||
# A secret used to protect access keys issued by the server.
|
||||
# You can put any string here, but generating a strong one is preferred (e.g. `pwgen -s 64 1`).
|
||||
matrix_synapse_macaroon_secret_key: ""
|
||||
matrix_synapse_macaroon_secret_key: ''
|
||||
|
||||
# A Postgres password to use for the superuser Postgres user (called `matrix` by default).
|
||||
#
|
||||
# The playbook creates additional Postgres users and databases (one for each enabled service)
|
||||
# using this superuser account.
|
||||
matrix_postgres_connection_password: ''
|
||||
|
|
|
@ -149,6 +149,8 @@ matrix_appservice_slack_database_password: "{{ matrix_synapse_macaroon_secret_ke
|
|||
# We don't enable bridges by default.
|
||||
matrix_appservice_irc_enabled: false
|
||||
|
||||
matrix_appservice_irc_container_self_build: "{{ matrix_architecture != 'amd64' }}"
|
||||
|
||||
# Normally, matrix-nginx-proxy is enabled and nginx can reach matrix-appservice-irc over the container network.
|
||||
# If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose
|
||||
# matrix-appservice-irc's client-server port to the local host.
|
||||
|
@ -755,7 +757,30 @@ matrix_dimension_database_password: "{{ matrix_synapse_macaroon_secret_key | pas
|
|||
#
|
||||
######################################################################
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-etherpad
|
||||
#
|
||||
######################################################################
|
||||
|
||||
matrix_etherpad_enabled: false
|
||||
|
||||
matrix_etherpad_systemd_required_services_list: |
|
||||
{{
|
||||
['docker.service']
|
||||
+
|
||||
(['matrix-postgres.service'] if matrix_postgres_enabled else [])
|
||||
}}
|
||||
|
||||
# Postgres is the default, except if not using `matrix_postgres` (internal postgres)
|
||||
matrix_etherpad_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}"
|
||||
matrix_etherpad_database_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'etherpad.db') | to_uuid }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# /matrix-etherpad
|
||||
#
|
||||
######################################################################
|
||||
|
||||
######################################################################
|
||||
#
|
||||
|
@ -818,6 +843,13 @@ matrix_jitsi_web_stun_servers: |
|
|||
else [ 'stun:meet-jit-si-turnrelay.jitsi.net:443']
|
||||
}}
|
||||
|
||||
# If the self-hosted Etherpad instance is available, it will also show up in Jitsi conferences,
|
||||
# unless explicitly disabled by setting `matrix_jitsi_etherpad_enabled` to false.
|
||||
# Falls back to the scalar.vector.im etherpad in case someone sets `matrix_jitsi_etherpad_enabled` to true,
|
||||
# while also setting `matrix_etherpad_enabled` to false.
|
||||
matrix_jitsi_etherpad_enabled: "{{ matrix_etherpad_enabled }}"
|
||||
matrix_jitsi_etherpad_base: "{{ matrix_etherpad_base_url if matrix_etherpad_enabled else 'https://scalar.vector.im/etherpad' }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# /matrix-jitsi
|
||||
|
@ -1021,16 +1053,22 @@ matrix_ssl_pre_obtaining_required_service_name: "{{ 'matrix-dynamic-dns' if matr
|
|||
|
||||
matrix_postgres_enabled: true
|
||||
|
||||
matrix_postgres_connection_hostname: "matrix-postgres"
|
||||
matrix_postgres_connection_username: "synapse"
|
||||
# Please note that the max length of the password is 99 characters
|
||||
matrix_postgres_connection_password: "synapse-password"
|
||||
matrix_postgres_db_name: "homeserver"
|
||||
matrix_postgres_architecture: "{{ matrix_architecture }}"
|
||||
|
||||
# We unset this if internal Postgres disabled, which will cascade to some other variables
|
||||
# and tell users they need to set it (either here or in those variables).
|
||||
matrix_postgres_connection_hostname: "{{ 'matrix-postgres' if matrix_postgres_enabled else '' }}"
|
||||
|
||||
matrix_postgres_pgloader_container_image_self_build: "{{ matrix_architecture != 'amd64' }}"
|
||||
|
||||
matrix_postgres_additional_databases: |
|
||||
{{
|
||||
([{
|
||||
'name': matrix_synapse_database_database,
|
||||
'username': matrix_synapse_database_user,
|
||||
'password': matrix_synapse_database_password,
|
||||
}] if (matrix_synapse_enabled and matrix_synapse_database_database != matrix_postgres_db_name and matrix_synapse_database_host == 'matrix-postgres') else [])
|
||||
+
|
||||
([{
|
||||
'name': matrix_ma1sd_database_name,
|
||||
'username': matrix_ma1sd_database_username,
|
||||
|
@ -1138,6 +1176,12 @@ matrix_postgres_additional_databases: |
|
|||
'username': matrix_dimension_database_username,
|
||||
'password': matrix_dimension_database_password,
|
||||
}] if (matrix_dimension_enabled and matrix_dimension_database_engine == 'postgres' and matrix_dimension_database_hostname == 'matrix-postgres') else [])
|
||||
+
|
||||
([{
|
||||
'name': matrix_etherpad_database_name,
|
||||
'username': matrix_etherpad_database_username,
|
||||
'password': matrix_etherpad_database_password,
|
||||
}] if (matrix_etherpad_enabled and matrix_etherpad_database_engine == 'postgres' and matrix_etherpad_database_hostname == 'matrix-postgres') else [])
|
||||
}}
|
||||
|
||||
matrix_postgres_import_roles_to_ignore: |
|
||||
|
@ -1243,10 +1287,7 @@ matrix_synapse_container_metrics_api_host_bind_port: "{{ '127.0.0.1:9100' if (ma
|
|||
# For exposing the Synapse Manhole port (plain HTTP) to the local host.
|
||||
matrix_synapse_container_manhole_api_host_bind_port: "{{ '127.0.0.1:9000' if matrix_synapse_manhole_enabled else '' }}"
|
||||
|
||||
matrix_synapse_database_host: "{{ matrix_postgres_connection_hostname }}"
|
||||
matrix_synapse_database_user: "{{ matrix_postgres_connection_username }}"
|
||||
matrix_synapse_database_password: "{{ matrix_postgres_connection_password }}"
|
||||
matrix_synapse_database_database: "{{ matrix_postgres_db_name }}"
|
||||
matrix_synapse_database_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'synapse.db') | to_uuid }}"
|
||||
|
||||
# We do not enable TLS in Synapse by default.
|
||||
# TLS is handled by the matrix-nginx-proxy, which proxies the requests to Synapse.
|
||||
|
|
|
@ -66,6 +66,7 @@ matrix_host_command_chown: "/usr/bin/env chown"
|
|||
matrix_host_command_fusermount: "/usr/bin/env fusermount"
|
||||
matrix_host_command_openssl: "/usr/bin/env openssl"
|
||||
matrix_host_command_systemctl: "/usr/bin/env systemctl"
|
||||
matrix_host_command_sh: "/usr/bin/env sh"
|
||||
|
||||
matrix_ntpd_package: "ntp"
|
||||
matrix_ntpd_service: "{{ 'ntpd' if ansible_os_family == 'RedHat' or ansible_distribution == 'Archlinux' else 'ntp' }}"
|
||||
|
|
|
@ -23,7 +23,14 @@
|
|||
repo: "deb [arch={{ matrix_debian_arch }}] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} stable"
|
||||
state: present
|
||||
update_cache: yes
|
||||
when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce'
|
||||
when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce' and not ansible_distribution_release == 'bullseye'
|
||||
|
||||
- name: Ensure Docker repository is enabled (using Debian Buster on Debian Bullseye, for which there is no Docker yet)
|
||||
apt_repository:
|
||||
repo: "deb [arch={{ matrix_debian_arch }}] https://download.docker.com/linux/{{ ansible_distribution|lower }} buster stable"
|
||||
state: present
|
||||
update_cache: yes
|
||||
when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce' and ansible_distribution_release == 'bullseye'
|
||||
|
||||
- name: Ensure APT packages are installed
|
||||
apt:
|
||||
|
|
|
@ -13,8 +13,8 @@ DefaultDependencies=no
|
|||
[Service]
|
||||
Type=simple
|
||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-bot-matrix-reminder-bot
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-bot-matrix-reminder-bot
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-matrix-reminder-bot 2>/dev/null'
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-matrix-reminder-bot 2>/dev/null'
|
||||
|
||||
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-matrix-reminder-bot \
|
||||
--log-driver=none \
|
||||
|
@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-matrix-rem
|
|||
{{ matrix_bot_matrix_reminder_bot_docker_image }} \
|
||||
-c "matrix-reminder-bot /config/config.yaml"
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-bot-matrix-reminder-bot
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-bot-matrix-reminder-bot
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-matrix-reminder-bot 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-matrix-reminder-bot 2>/dev/null'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-bot-matrix-reminder-bot
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
#jinja2: lstrip_blocks: "True"
|
||||
bridge:
|
||||
# Domain part of the bridge, e.g. matrix.org
|
||||
domain: {{ matrix_appservice_discord_bridge_domain }}
|
||||
domain: {{ matrix_appservice_discord_bridge_domain|to_json }}
|
||||
# This should be your publically facing URL because Discord may use it to
|
||||
# fetch media from the media store.
|
||||
homeserverUrl: {{ matrix_appservice_discord_bridge_homeserverUrl }}
|
||||
homeserverUrl: {{ matrix_appservice_discord_bridge_homeserverUrl|to_json }}
|
||||
# Interval at which to process users in the 'presence queue'. If you have
|
||||
# 5 users, one user will be processed every 500 milliseconds according to the
|
||||
# value below. This has a minimum value of 250.
|
||||
|
@ -33,7 +33,7 @@ bridge:
|
|||
# Authentication configuration for the discord bot.
|
||||
auth:
|
||||
clientID: {{ matrix_appservice_discord_client_id|string|to_json }}
|
||||
botToken: {{ matrix_appservice_discord_bot_token }}
|
||||
botToken: {{ matrix_appservice_discord_bot_token|to_json }}
|
||||
# You must enable "Privileged Gateway Intents" in your bot settings on discord.com (e.g. https://discord.com/developers/applications/12345/bot)
|
||||
# for this to work
|
||||
usePrivilegedIntents: {{ matrix_appservice_discord_auth_usePrivilegedIntents|to_json }}
|
||||
|
|
|
@ -13,8 +13,8 @@ DefaultDependencies=no
|
|||
[Service]
|
||||
Type=simple
|
||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-appservice-discord
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-appservice-discord
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-discord 2>/dev/null'
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-discord 2>/dev/null'
|
||||
|
||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
||||
|
@ -35,8 +35,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-dis
|
|||
{{ matrix_appservice_discord_docker_image }} \
|
||||
node /build/src/discordas.js -p 9005 -c /cfg/config.yaml -f /cfg/registration.yaml
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-appservice-discord
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-appservice-discord
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-discord 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-discord 2>/dev/null'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-appservice-discord
|
||||
|
|
|
@ -3,7 +3,11 @@
|
|||
|
||||
matrix_appservice_irc_enabled: true
|
||||
|
||||
matrix_appservice_irc_docker_image: "docker.io/matrixdotorg/matrix-appservice-irc:release-0.17.1"
|
||||
matrix_appservice_irc_container_self_build: false
|
||||
matrix_appservice_irc_docker_repo: "https://github.com/matrix-org/matrix-appservice-irc.git"
|
||||
matrix_appservice_irc_docker_src_files_path: "{{ matrix_base_data_path }}/appservice-irc/docker-src"
|
||||
|
||||
matrix_appservice_irc_docker_image: "docker.io/matrixdotorg/matrix-appservice-irc:release-0.23.0"
|
||||
matrix_appservice_irc_docker_image_force_pull: "{{ matrix_appservice_irc_docker_image.endswith(':latest') }}"
|
||||
|
||||
matrix_appservice_irc_base_path: "{{ matrix_base_data_path }}/appservice-irc"
|
||||
|
|
|
@ -2,15 +2,17 @@
|
|||
|
||||
- name: Ensure Appservice IRC paths exist
|
||||
file:
|
||||
path: "{{ item }}"
|
||||
path: "{{ item.path }}"
|
||||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- "{{ matrix_appservice_irc_base_path }}"
|
||||
- "{{ matrix_appservice_irc_config_path }}"
|
||||
- "{{ matrix_appservice_irc_data_path }}"
|
||||
- { path: "{{ matrix_appservice_irc_base_path }}", when: true }
|
||||
- { path: "{{ matrix_appservice_irc_config_path }}", when: true }
|
||||
- { path: "{{ matrix_appservice_irc_data_path }}", when: true }
|
||||
- { path: "{{ matrix_appservice_irc_docker_src_files_path }}", when: "{{ matrix_appservice_irc_container_self_build }}" }
|
||||
when: item.when|bool
|
||||
|
||||
- name: Check if an old passkey file already exists
|
||||
stat:
|
||||
|
@ -59,6 +61,26 @@
|
|||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
force_source: "{{ matrix_appservice_irc_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_irc_docker_image_force_pull }}"
|
||||
when: "matrix_appservice_irc_enabled|bool and not matrix_appservice_irc_container_self_build|bool"
|
||||
|
||||
- name: Ensure matrix-appservice-irc repository is present when self-building
|
||||
git:
|
||||
repo: "{{ matrix_appservice_irc_docker_repo }}"
|
||||
dest: "{{ matrix_appservice_irc_docker_src_files_path }}"
|
||||
force: "yes"
|
||||
register: matrix_appservice_irc_git_pull_results
|
||||
when: "matrix_appservice_irc_enabled|bool and matrix_appservice_irc_container_self_build|bool"
|
||||
|
||||
- name: Ensure matrix-appservice-irc Docker image is build
|
||||
docker_image:
|
||||
name: "{{ matrix_appservice_irc_docker_image }}"
|
||||
source: build
|
||||
force_source: yes
|
||||
build:
|
||||
dockerfile: Dockerfile
|
||||
path: "{{ matrix_appservice_irc_docker_src_files_path }}"
|
||||
pull: yes
|
||||
when: "matrix_appservice_irc_enabled|bool and matrix_appservice_irc_container_self_build|bool and matrix_appservice_irc_git_pull_results.changed"
|
||||
|
||||
- name: Ensure Matrix Appservice IRC config installed
|
||||
copy:
|
||||
|
|
|
@ -13,8 +13,8 @@ DefaultDependencies=no
|
|||
[Service]
|
||||
Type=simple
|
||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-appservice-irc
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-appservice-irc
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-irc 2>/dev/null'
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-irc 2>/dev/null'
|
||||
|
||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
||||
|
@ -36,8 +36,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-irc
|
|||
{{ matrix_appservice_irc_docker_image }} \
|
||||
-c 'node app.js -c /config/config.yaml -f /config/registration.yaml -p 9999'
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-appservice-irc
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-appservice-irc
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-irc 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-irc 2>/dev/null'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-appservice-irc
|
||||
|
|
|
@ -13,8 +13,8 @@ DefaultDependencies=no
|
|||
[Service]
|
||||
Type=simple
|
||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-appservice-slack
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-appservice-slack
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-slack 2>/dev/null'
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-slack 2>/dev/null'
|
||||
|
||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
||||
|
@ -35,8 +35,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-sla
|
|||
{{ matrix_appservice_slack_docker_image }} \
|
||||
node app.js -p {{matrix_appservice_slack_matrix_port}} -c /config/config.yaml -f /config/slack-registration.yaml
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-appservice-slack
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-appservice-slack
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-slack 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-slack 2>/dev/null'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-appservice-slack
|
||||
|
|
|
@ -13,8 +13,8 @@ DefaultDependencies=no
|
|||
[Service]
|
||||
Type=simple
|
||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-appservice-webhooks
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-appservice-webhooks
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-webhooks 2>/dev/null'
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-webhooks 2>/dev/null'
|
||||
|
||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
||||
|
@ -35,8 +35,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-web
|
|||
{{ matrix_appservice_webhooks_docker_image }} \
|
||||
node index.js -p {{ matrix_appservice_webhooks_matrix_port }} -c /config/config.yaml -f /config/webhooks-registration.yaml
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-appservice-webhooks
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-appservice-webhooks
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-webhooks 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-webhooks 2>/dev/null'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-appservice-webhooks
|
||||
|
|
|
@ -69,6 +69,8 @@ matrix_mautrix_facebook_login_shared_secret: ''
|
|||
|
||||
matrix_mautrix_facebook_bridge_login_shared_secret_map: "{{ {matrix_mautrix_facebook_homeserver_domain: matrix_mautrix_facebook_login_shared_secret} if matrix_mautrix_facebook_login_shared_secret else {} }}"
|
||||
|
||||
matrix_mautrix_facebook_appservice_bot_username: facebookbot
|
||||
|
||||
matrix_mautrix_facebook_bridge_presence: true
|
||||
|
||||
# Default configuration template which covers the generic use case.
|
||||
|
@ -101,8 +103,11 @@ matrix_mautrix_facebook_registration_yaml: |
|
|||
users:
|
||||
- exclusive: true
|
||||
regex: '^@facebook_.+:{{ matrix_mautrix_facebook_homeserver_domain|regex_escape }}$'
|
||||
- exclusive: true
|
||||
regex: '^@{{ matrix_mautrix_facebook_appservice_bot_username|regex_escape }}:{{ matrix_mautrix_facebook_homeserver_domain|regex_escape }}$'
|
||||
url: {{ matrix_mautrix_facebook_appservice_address }}
|
||||
sender_localpart: facebookbot
|
||||
# See https://github.com/tulir/mautrix-signal/issues/43
|
||||
sender_localpart: _bot_{{ matrix_mautrix_facebook_appservice_bot_username }}
|
||||
rate_limited: false
|
||||
|
||||
matrix_mautrix_facebook_registration: "{{ matrix_mautrix_facebook_registration_yaml|from_yaml }}"
|
||||
|
|
|
@ -46,7 +46,7 @@ appservice:
|
|||
# The unique ID of this appservice.
|
||||
id: facebook
|
||||
# Username of the appservice bot.
|
||||
bot_username: facebookbot
|
||||
bot_username: {{ matrix_mautrix_facebook_appservice_bot_username|to_json }}
|
||||
# Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
|
||||
# to leave display name/avatar as-is.
|
||||
bot_displayname: Facebook bridge bot
|
||||
|
|
|
@ -13,8 +13,13 @@ DefaultDependencies=no
|
|||
[Service]
|
||||
Type=simple
|
||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-mautrix-facebook
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-mautrix-facebook
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-facebook 2>/dev/null'
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-facebook 2>/dev/null'
|
||||
|
||||
# This bridge uses another mechanism for migrations now (migrations happen automatically during regular startup),
|
||||
# so going forward, running this alembic stuff will not necessary.
|
||||
# People who are upgrading from an older version of the bridge should go through this migration
|
||||
# first though, so we're keeping it around for now.
|
||||
ExecStartPre={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-facebook-db \
|
||||
--log-driver=none \
|
||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
||||
|
@ -39,10 +44,10 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-facebo
|
|||
{{ arg }} \
|
||||
{% endfor %}
|
||||
{{ matrix_mautrix_facebook_docker_image }} \
|
||||
python3 -m mautrix_facebook -c /config/config.yaml
|
||||
python3 -m mautrix_facebook -c /config/config.yaml --no-update
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-mautrix-facebook
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-mautrix-facebook
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-facebook 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-facebook 2>/dev/null'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-mautrix-facebook
|
||||
|
|
|
@ -71,6 +71,8 @@ matrix_mautrix_hangouts_appservice_database: "{{
|
|||
# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth).
|
||||
matrix_mautrix_hangouts_login_shared_secret: ''
|
||||
|
||||
matrix_mautrix_hangouts_appservice_bot_username: hangoutsbot
|
||||
|
||||
# Default configuration template which covers the generic use case.
|
||||
# You can customize it by controlling the various variables inside it.
|
||||
#
|
||||
|
@ -101,8 +103,11 @@ matrix_mautrix_hangouts_registration_yaml: |
|
|||
users:
|
||||
- exclusive: true
|
||||
regex: '^@hangouts_.+:{{ matrix_mautrix_hangouts_homeserver_domain|regex_escape }}$'
|
||||
- exclusive: true
|
||||
regex: '^@{{ matrix_mautrix_hangouts_appservice_bot_username|regex_escape }}:{{ matrix_mautrix_hangouts_homeserver_domain|regex_escape }}$'
|
||||
url: {{ matrix_mautrix_hangouts_appservice_address }}
|
||||
sender_localpart: hangoutsbot
|
||||
# See https://github.com/tulir/mautrix-signal/issues/43
|
||||
sender_localpart: _bot_{{ matrix_mautrix_hangouts_appservice_bot_username }}
|
||||
rate_limited: false
|
||||
|
||||
matrix_mautrix_hangouts_registration: "{{ matrix_mautrix_hangouts_registration_yaml|from_yaml }}"
|
||||
|
|
|
@ -32,7 +32,7 @@ appservice:
|
|||
# The unique ID of this appservice.
|
||||
id: hangouts
|
||||
# Username of the appservice bot.
|
||||
bot_username: hangoutsbot
|
||||
bot_username: {{ matrix_mautrix_hangouts_appservice_bot_username|to_json }}
|
||||
# Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
|
||||
# to leave display name/avatar as-is.
|
||||
bot_displayname: Hangouts bridge bot
|
||||
|
|
|
@ -13,8 +13,8 @@ DefaultDependencies=no
|
|||
[Service]
|
||||
Type=simple
|
||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-mautrix-hangouts matrix-mautrix-hangouts-db
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-mautrix-hangouts matrix-mautrix-hangouts-db
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-hangouts matrix-mautrix-hangouts-db 2>/dev/null'
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-hangouts matrix-mautrix-hangouts-db 2>/dev/null'
|
||||
ExecStartPre={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-hangouts-db \
|
||||
--log-driver=none \
|
||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
||||
|
@ -42,10 +42,10 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-hangou
|
|||
{{ arg }} \
|
||||
{% endfor %}
|
||||
{{ matrix_mautrix_hangouts_docker_image }} \
|
||||
python3 -m mautrix_hangouts -c /config/config.yaml
|
||||
python3 -m mautrix_hangouts -c /config/config.yaml --no-update
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-mautrix-hangouts
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-mautrix-hangouts
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-hangouts 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-hangouts 2>/dev/null'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-mautrix-hangouts
|
||||
|
|
|
@ -43,6 +43,8 @@ matrix_mautrix_signal_daemon_systemd_wanted_services_list: []
|
|||
matrix_mautrix_signal_appservice_token: ''
|
||||
matrix_mautrix_signal_homeserver_token: ''
|
||||
|
||||
matrix_mautrix_signal_appservice_bot_username: signalbot
|
||||
|
||||
# Database-related configuration fields
|
||||
#
|
||||
# This bridge only supports postgres.
|
||||
|
@ -59,7 +61,7 @@ matrix_mautrix_signal_database_connection_string: 'postgres://{{ matrix_mautrix_
|
|||
|
||||
matrix_mautrix_signal_appservice_database: "{{
|
||||
{
|
||||
'postgres': matrix_mautrix_facebook_database_connection_string,
|
||||
'postgres': matrix_mautrix_signal_database_connection_string,
|
||||
}[matrix_mautrix_signal_database_engine]
|
||||
}}"
|
||||
|
||||
|
|
|
@ -35,6 +35,9 @@
|
|||
- "{{ matrix_mautrix_signal_base_path }}"
|
||||
- "{{ matrix_mautrix_signal_config_path }}"
|
||||
- "{{ matrix_mautrix_signal_daemon_path }}"
|
||||
- "{{ matrix_mautrix_signal_daemon_path }}/avatars"
|
||||
- "{{ matrix_mautrix_signal_daemon_path }}/attachments"
|
||||
- "{{ matrix_mautrix_signal_daemon_path }}/data"
|
||||
|
||||
- name: Ensure mautrix-signal config.yaml installed
|
||||
copy:
|
||||
|
|
|
@ -43,7 +43,7 @@ appservice:
|
|||
# The unique ID of this appservice.
|
||||
id: signal
|
||||
# Username of the appservice bot.
|
||||
bot_username: signalbot
|
||||
bot_username: {{ matrix_mautrix_signal_appservice_bot_username|to_json }}
|
||||
# Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
|
||||
# to leave display name/avatar as-is.
|
||||
bot_displayname: Signal bridge bot
|
||||
|
|
|
@ -6,9 +6,12 @@ namespaces:
|
|||
users:
|
||||
- exclusive: true
|
||||
regex: '^@signal_.+:{{ matrix_mautrix_signal_homeserver_domain|regex_escape }}$'
|
||||
- exclusive: true
|
||||
regex: '^@{{ matrix_mautrix_signal_appservice_bot_username|regex_escape }}:{{ matrix_mautrix_signal_homeserver_domain|regex_escape }}$'
|
||||
aliases:
|
||||
- exclusive: true
|
||||
regex: '^#signal_.+:{{ matrix_mautrix_signal_homeserver_domain|regex_escape }}$'
|
||||
url: {{ matrix_mautrix_signal_appservice_address }}
|
||||
sender_localpart: signalbot
|
||||
# See https://github.com/tulir/mautrix-signal/issues/43
|
||||
sender_localpart: _bot_{{ matrix_mautrix_signal_appservice_bot_username }}
|
||||
rate_limited: false
|
||||
|
|
|
@ -15,21 +15,23 @@ Wants={{ service }}
|
|||
Type=simple
|
||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-mautrix-signal-daemon
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-mautrix-signal-daemon
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-signal-daemon 2>/dev/null'
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-signal-daemon 2>/dev/null'
|
||||
|
||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
||||
|
||||
# We can't use `--read-only` for this bridge.
|
||||
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-signal-daemon \
|
||||
--log-driver=none \
|
||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
||||
--cap-drop=ALL \
|
||||
--network={{ matrix_docker_network }} \
|
||||
-v {{ matrix_mautrix_signal_daemon_path }}:/signald:z \
|
||||
{{ matrix_mautrix_signal_daemon_docker_image }}
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-mautrix-signal-daemon
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-mautrix-signal-daemon
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-signal-daemon 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-signal-daemon 2>/dev/null'
|
||||
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
|
|
|
@ -14,8 +14,8 @@ Wants={{ service }}
|
|||
[Service]
|
||||
Type=simple
|
||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-mautrix-signal
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-mautrix-signal
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-signal 2>/dev/null'
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-signal 2>/dev/null'
|
||||
|
||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
||||
|
@ -23,19 +23,22 @@ ExecStartPre={{ matrix_host_command_sleep }} 5
|
|||
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-signal \
|
||||
--log-driver=none \
|
||||
--network={{ matrix_docker_network }} \
|
||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
||||
--cap-drop=ALL \
|
||||
--read-only \
|
||||
{% if matrix_mautrix_signal_container_http_host_bind_port %}
|
||||
-p {{ matrix_mautrix_signal_container_http_host_bind_port }}:29328 \
|
||||
{% endif %}
|
||||
-v {{ matrix_mautrix_signal_daemon_path }}:/signald:z \
|
||||
-v {{ matrix_mautrix_signal_config_path }}:/data:z \
|
||||
-v {{ matrix_mautrix_signal_config_path }}:/config:z \
|
||||
{% for arg in matrix_mautrix_signal_container_extra_arguments %}
|
||||
{{ arg }} \
|
||||
{% endfor %}
|
||||
{{ matrix_mautrix_signal_docker_image }} \
|
||||
python3 -m mautrix_signal -c /data/config.yaml
|
||||
python3 -m mautrix_signal -c /config/config.yaml --no-update
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-mautrix-signal
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-mautrix-signal
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-signal 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-signal 2>/dev/null'
|
||||
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
|
|
|
@ -30,6 +30,8 @@ matrix_mautrix_telegram_homeserver_domain: '{{ matrix_domain }}'
|
|||
matrix_mautrix_telegram_appservice_address: 'http://matrix-mautrix-telegram:8080'
|
||||
matrix_mautrix_telegram_appservice_public_external: 'https://{{ matrix_server_fqn_matrix }}{{ matrix_mautrix_telegram_public_endpoint }}'
|
||||
|
||||
matrix_mautrix_telegram_appservice_bot_username: telegrambot
|
||||
|
||||
# Controls whether the matrix-mautrix-telegram container exposes its HTTP port (tcp/8080 in the container).
|
||||
#
|
||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:9006"), or empty string to not expose.
|
||||
|
@ -109,11 +111,14 @@ matrix_mautrix_telegram_registration_yaml: |
|
|||
users:
|
||||
- exclusive: true
|
||||
regex: '^@telegram_.+:{{ matrix_mautrix_telegram_homeserver_domain|regex_escape }}$'
|
||||
- exclusive: true
|
||||
regex: '^@{{ matrix_mautrix_telegram_appservice_bot_username|regex_escape }}:{{ matrix_mautrix_telegram_homeserver_domain|regex_escape }}$'
|
||||
aliases:
|
||||
- exclusive: true
|
||||
regex: '^#telegram_.+:{{ matrix_mautrix_telegram_homeserver_domain|regex_escape }}$'
|
||||
# See https://github.com/tulir/mautrix-signal/issues/43
|
||||
sender_localpart: _bot_{{ matrix_mautrix_telegram_appservice_bot_username }}
|
||||
url: {{ matrix_mautrix_telegram_appservice_address }}
|
||||
sender_localpart: telegrambot
|
||||
rate_limited: false
|
||||
|
||||
matrix_mautrix_telegram_registration: "{{ matrix_mautrix_telegram_registration_yaml|from_yaml }}"
|
||||
|
|
|
@ -13,7 +13,7 @@ homeserver:
|
|||
# Changing these values requires regeneration of the registration.
|
||||
appservice:
|
||||
# The address that the homeserver can use to connect to this appservice.
|
||||
address: {{ matrix_mautrix_telegram_appservice_address }}
|
||||
address: {{ matrix_mautrix_telegram_appservice_address|to_json }}
|
||||
|
||||
# The hostname and port where this appservice should listen.
|
||||
hostname: 0.0.0.0
|
||||
|
@ -36,10 +36,10 @@ appservice:
|
|||
# Whether or not the public-facing endpoints should be enabled.
|
||||
enabled: true
|
||||
# The prefix to use in the public-facing endpoints.
|
||||
prefix: {{ matrix_mautrix_telegram_public_endpoint }}
|
||||
prefix: {{ matrix_mautrix_telegram_public_endpoint|to_json }}
|
||||
# The base URL where the public-facing endpoints are available. The prefix is not added
|
||||
# implicitly.
|
||||
external: {{ matrix_mautrix_telegram_appservice_public_external }}
|
||||
external: {{ matrix_mautrix_telegram_appservice_public_external|to_json }}
|
||||
|
||||
# Provisioning API part of the web server for automated portal creation and fetching information.
|
||||
# Used by things like Dimension (https://dimension.t2bot.io/).
|
||||
|
@ -55,15 +55,15 @@ appservice:
|
|||
# The unique ID of this appservice.
|
||||
id: telegram
|
||||
# Username of the appservice bot.
|
||||
bot_username: telegrambot
|
||||
bot_username: {{ matrix_mautrix_telegram_appservice_bot_username|to_json }}
|
||||
# Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
|
||||
# to leave display name/avatar as-is.
|
||||
bot_displayname: Telegram bridge bot
|
||||
bot_avatar: mxc://maunium.net/tJCRmUyJDsgRNgqhOgoiHWbX
|
||||
|
||||
# Authentication tokens for AS <-> HS communication.
|
||||
as_token: "{{ matrix_mautrix_telegram_appservice_token }}"
|
||||
hs_token: "{{ matrix_mautrix_telegram_homeserver_token }}"
|
||||
as_token: {{ matrix_mautrix_telegram_appservice_token|to_json }}
|
||||
hs_token: {{ matrix_mautrix_telegram_homeserver_token|to_json }}
|
||||
|
||||
# Bridge config
|
||||
bridge:
|
||||
|
@ -330,10 +330,10 @@ bridge:
|
|||
# Telegram config
|
||||
telegram:
|
||||
# Get your own API keys at https://my.telegram.org/apps
|
||||
api_id: {{ matrix_mautrix_telegram_api_id }}
|
||||
api_hash: {{ matrix_mautrix_telegram_api_hash }}
|
||||
api_id: {{ matrix_mautrix_telegram_api_id|to_json }}
|
||||
api_hash: {{ matrix_mautrix_telegram_api_hash|to_json }}
|
||||
# (Optional) Create your own bot at https://t.me/BotFather
|
||||
bot_token: {{ matrix_mautrix_telegram_bot_token }}
|
||||
bot_token: {{ matrix_mautrix_telegram_bot_token|to_json }}
|
||||
|
||||
# Telethon connection options.
|
||||
connection:
|
||||
|
|
|
@ -13,8 +13,8 @@ DefaultDependencies=no
|
|||
[Service]
|
||||
Type=simple
|
||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-mautrix-telegram
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-mautrix-telegram
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-telegram 2>/dev/null'
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-telegram 2>/dev/null'
|
||||
ExecStartPre={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-telegram-db \
|
||||
--log-driver=none \
|
||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
||||
|
@ -42,10 +42,10 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-telegr
|
|||
{{ arg }} \
|
||||
{% endfor %}
|
||||
{{ matrix_mautrix_telegram_docker_image }} \
|
||||
python3 -m mautrix_telegram -c /config/config.yaml
|
||||
python3 -m mautrix_telegram -c /config/config.yaml --no-update
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-mautrix-telegram
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-mautrix-telegram
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-telegram 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-telegram 2>/dev/null'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-mautrix-telegram
|
||||
|
|
|
@ -27,6 +27,8 @@ matrix_mautrix_whatsapp_systemd_wanted_services_list: []
|
|||
matrix_mautrix_whatsapp_appservice_token: ''
|
||||
matrix_mautrix_whatsapp_homeserver_token: ''
|
||||
|
||||
matrix_mautrix_whatsapp_appservice_bot_username: whatsappbot
|
||||
|
||||
|
||||
# Database-related configuration fields.
|
||||
#
|
||||
|
@ -93,11 +95,14 @@ matrix_mautrix_whatsapp_registration_yaml: |
|
|||
url: {{ matrix_mautrix_whatsapp_appservice_address }}
|
||||
as_token: "{{ matrix_mautrix_whatsapp_appservice_token }}"
|
||||
hs_token: "{{ matrix_mautrix_whatsapp_homeserver_token }}"
|
||||
sender_localpart: whatsappbot
|
||||
# See https://github.com/tulir/mautrix-signal/issues/43
|
||||
sender_localpart: _bot_{{ matrix_mautrix_whatsapp_appservice_bot_username }}
|
||||
rate_limited: false
|
||||
namespaces:
|
||||
users:
|
||||
- regex: '^@whatsapp_[0-9]+:{{ matrix_mautrix_whatsapp_homeserver_domain|regex_escape }}$'
|
||||
exclusive: true
|
||||
- exclusive: true
|
||||
regex: '^@{{ matrix_mautrix_whatsapp_appservice_bot_username|regex_escape }}:{{ matrix_mautrix_whatsapp_homeserver_domain|regex_escape }}$'
|
||||
|
||||
matrix_mautrix_whatsapp_registration: "{{ matrix_mautrix_whatsapp_registration_yaml|from_yaml }}"
|
||||
|
|
|
@ -36,7 +36,7 @@ appservice:
|
|||
# Appservice bot details.
|
||||
bot:
|
||||
# Username of the appservice bot.
|
||||
username: whatsappbot
|
||||
username: {{ matrix_mautrix_whatsapp_appservice_bot_username|to_json }}
|
||||
# Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
|
||||
# to leave display name/avatar as-is.
|
||||
displayname: WhatsApp bridge bot
|
||||
|
|
|
@ -13,8 +13,8 @@ DefaultDependencies=no
|
|||
[Service]
|
||||
Type=simple
|
||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-mautrix-whatsapp
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-mautrix-whatsapp
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-whatsapp 2>/dev/null'
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-whatsapp 2>/dev/null'
|
||||
|
||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
||||
|
@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-whatsa
|
|||
{{ matrix_mautrix_whatsapp_docker_image }} \
|
||||
/usr/bin/mautrix-whatsapp -c /config/config.yaml -r /config/registration.yaml
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-mautrix-whatsapp
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-mautrix-whatsapp
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-whatsapp 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-whatsapp 2>/dev/null'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-mautrix-whatsapp
|
||||
|
|
|
@ -122,20 +122,4 @@ logging:
|
|||
lineDateFormat: MMM-D HH:mm:ss.SSS
|
||||
# Logging files
|
||||
# Log files are rotated daily by default
|
||||
files:
|
||||
# Log file path
|
||||
- file: "/data/bridge.log"
|
||||
# Log level for this file
|
||||
# Allowed values starting with most verbose:
|
||||
# silly, debug, verbose, info, warn, error
|
||||
level: info
|
||||
# Date and time formatting
|
||||
datePattern: YYYY-MM-DD
|
||||
# Maximum number of logs to keep.
|
||||
# This can be a number of files or number of days.
|
||||
# If using days, add 'd' as a suffix
|
||||
maxFiles: 14d
|
||||
# Maximum size of the file after which it will rotate. This can be a
|
||||
# number of bytes, or units of kb, mb, and gb. If using the units, add
|
||||
# 'k', 'm', or 'g' as the suffix
|
||||
maxSize: 50m
|
||||
files: []
|
||||
|
|
|
@ -13,8 +13,8 @@ DefaultDependencies=no
|
|||
[Service]
|
||||
Type=simple
|
||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-mx-puppet-discord
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-mx-puppet-discord
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-discord 2>/dev/null'
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-discord 2>/dev/null'
|
||||
|
||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
||||
|
@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-disc
|
|||
{% endfor %}
|
||||
{{ matrix_mx_puppet_discord_docker_image }}
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-mx-puppet-discord
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-mx-puppet-discord
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-discord 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-discord 2>/dev/null'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-mx-puppet-discord
|
||||
|
|
|
@ -66,20 +66,4 @@ logging:
|
|||
lineDateFormat: MMM-D HH:mm:ss.SSS
|
||||
# Logging files
|
||||
# Log files are rotated daily by default
|
||||
files:
|
||||
# Log file path
|
||||
- file: "/data/bridge.log"
|
||||
# Log level for this file
|
||||
# Allowed values starting with most verbose:
|
||||
# silly, debug, verbose, info, warn, error
|
||||
level: info
|
||||
# Date and time formatting
|
||||
datePattern: YYYY-MM-DD
|
||||
# Maximum number of logs to keep.
|
||||
# This can be a number of files or number of days.
|
||||
# If using days, add 'd' as a suffix
|
||||
maxFiles: 14d
|
||||
# Maximum size of the file after which it will rotate. This can be a
|
||||
# number of bytes, or units of kb, mb, and gb. If using the units, add
|
||||
# 'k', 'm', or 'g' as the suffix
|
||||
maxSize: 50m
|
||||
files: []
|
||||
|
|
|
@ -13,8 +13,8 @@ DefaultDependencies=no
|
|||
[Service]
|
||||
Type=simple
|
||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-mx-puppet-instagram
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-mx-puppet-instagram
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-instagram 2>/dev/null'
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-instagram 2>/dev/null'
|
||||
|
||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
||||
|
@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-inst
|
|||
{% endfor %}
|
||||
{{ matrix_mx_puppet_instagram_docker_image }}
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-mx-puppet-instagram
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-mx-puppet-instagram
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-instagram 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-instagram 2>/dev/null'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-mx-puppet-instagram
|
||||
|
|
|
@ -42,30 +42,7 @@ logging:
|
|||
lineDateFormat: MMM-D HH:mm:ss.SSS
|
||||
# Logging files
|
||||
# Log files are rotated daily by default
|
||||
files:
|
||||
# Log file path
|
||||
- file: "/data/bridge.log"
|
||||
# Log level for this file
|
||||
# Allowed values starting with most verbose:
|
||||
# silly, debug, verbose, info, warn, error
|
||||
level: info
|
||||
# Date and time formatting
|
||||
datePattern: YYYY-MM-DD
|
||||
# Maximum number of logs to keep.
|
||||
# This can be a number of files or number of days.
|
||||
# If using days, add 'd' as a suffix
|
||||
maxFiles: 14d
|
||||
# Maximum size of the file after which it will rotate. This can be a
|
||||
# number of bytes, or units of kb, mb, and gb. If using the units, add
|
||||
# 'k', 'm', or 'g' as the suffix
|
||||
maxSize: 50m
|
||||
# Optionally enable/disable logging for certain modules
|
||||
#disabled:
|
||||
# - PresenceHandler
|
||||
# - module: bot-sdk-MatrixLiteClient
|
||||
# regex: /_matrix/client/r0/presence/ # this regex needs to match to disable the log
|
||||
#enabled:
|
||||
# - Store
|
||||
files: []
|
||||
|
||||
database:
|
||||
{% if matrix_mx_puppet_skype_database_engine == 'postgres' %}
|
||||
|
|
|
@ -13,8 +13,8 @@ DefaultDependencies=no
|
|||
[Service]
|
||||
Type=simple
|
||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-mx-puppet-skype
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-mx-puppet-skype
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-skype 2>/dev/null'
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-skype 2>/dev/null'
|
||||
|
||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
||||
|
@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-skyp
|
|||
{% endfor %}
|
||||
{{ matrix_mx_puppet_skype_docker_image }}
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-mx-puppet-skype
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-mx-puppet-skype
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-skype 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-skype 2>/dev/null'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-mx-puppet-skype
|
||||
|
|
|
@ -80,20 +80,4 @@ logging:
|
|||
lineDateFormat: MMM-D HH:mm:ss.SSS
|
||||
# Logging files
|
||||
# Log files are rotated daily by default
|
||||
files:
|
||||
# Log file path
|
||||
- file: "/data/bridge.log"
|
||||
# Log level for this file
|
||||
# Allowed values starting with most verbose:
|
||||
# silly, debug, verbose, info, warn, error
|
||||
level: info
|
||||
# Date and time formatting
|
||||
datePattern: YYYY-MM-DD
|
||||
# Maximum number of logs to keep.
|
||||
# This can be a number of files or number of days.
|
||||
# If using days, add 'd' as a suffix
|
||||
maxFiles: 14d
|
||||
# Maximum size of the file after which it will rotate. This can be a
|
||||
# number of bytes, or units of kb, mb, and gb. If using the units, add
|
||||
# 'k', 'm', or 'g' as the suffix
|
||||
maxSize: 50m
|
||||
files: []
|
||||
|
|
|
@ -13,8 +13,8 @@ DefaultDependencies=no
|
|||
[Service]
|
||||
Type=simple
|
||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-mx-puppet-slack
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-mx-puppet-slack
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-slack 2>/dev/null'
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-slack 2>/dev/null'
|
||||
|
||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
||||
|
@ -36,8 +36,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-slac
|
|||
{% endfor %}
|
||||
{{ matrix_mx_puppet_slack_docker_image }}
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-mx-puppet-slack
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-mx-puppet-slack
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-slack 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-slack 2>/dev/null'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-mx-puppet-slack
|
||||
|
|
|
@ -83,20 +83,4 @@ logging:
|
|||
lineDateFormat: MMM-D HH:mm:ss.SSS
|
||||
# Logging files
|
||||
# Log files are rotated daily by default
|
||||
files:
|
||||
# Log file path
|
||||
- file: "/data/bridge.log"
|
||||
# Log level for this file
|
||||
# Allowed values starting with most verbose:
|
||||
# silly, debug, verbose, info, warn, error
|
||||
level: info
|
||||
# Date and time formatting
|
||||
datePattern: YYYY-MM-DD
|
||||
# Maximum number of logs to keep.
|
||||
# This can be a number of files or number of days.
|
||||
# If using days, add 'd' as a suffix
|
||||
maxFiles: 14d
|
||||
# Maximum size of the file after which it will rotate. This can be a
|
||||
# number of bytes, or units of kb, mb, and gb. If using the units, add
|
||||
# 'k', 'm', or 'g' as the suffix
|
||||
maxSize: 50m
|
||||
files: []
|
||||
|
|
|
@ -13,8 +13,8 @@ DefaultDependencies=no
|
|||
[Service]
|
||||
Type=simple
|
||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-mx-puppet-steam
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-mx-puppet-steam
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-steam 2>/dev/null'
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-steam 2>/dev/null'
|
||||
|
||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
||||
|
@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-stea
|
|||
{% endfor %}
|
||||
{{ matrix_mx_puppet_steam_docker_image }}
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-mx-puppet-steam
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-mx-puppet-steam
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-steam 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-steam 2>/dev/null'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-mx-puppet-steam
|
||||
|
|
|
@ -76,20 +76,4 @@ logging:
|
|||
lineDateFormat: MMM-D HH:mm:ss.SSS
|
||||
# Logging files
|
||||
# Log files are rotated daily by default
|
||||
files:
|
||||
# Log file path
|
||||
- file: "/data/bridge.log"
|
||||
# Log level for this file
|
||||
# Allowed values starting with most verbose:
|
||||
# silly, debug, verbose, info, warn, error
|
||||
level: info
|
||||
# Date and time formatting
|
||||
datePattern: YYYY-MM-DD
|
||||
# Maximum number of logs to keep.
|
||||
# This can be a number of files or number of days.
|
||||
# If using days, add 'd' as a suffix
|
||||
maxFiles: 14d
|
||||
# Maximum size of the file after which it will rotate. This can be a
|
||||
# number of bytes, or units of kb, mb, and gb. If using the units, add
|
||||
# 'k', 'm', or 'g' as the suffix
|
||||
maxSize: 50m
|
||||
files: []
|
||||
|
|
|
@ -13,8 +13,8 @@ DefaultDependencies=no
|
|||
[Service]
|
||||
Type=simple
|
||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-mx-puppet-twitter
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-mx-puppet-twitter
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-twitter 2>/dev/null'
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-twitter 2>/dev/null'
|
||||
|
||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
||||
|
@ -36,8 +36,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-twit
|
|||
{% endfor %}
|
||||
{{ matrix_mx_puppet_twitter_docker_image }}
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-mx-puppet-twitter
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-mx-puppet-twitter
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-twitter 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-twitter 2>/dev/null'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-mx-puppet-twitter
|
||||
|
|
|
@ -3,7 +3,7 @@ matrix_client_element_enabled: true
|
|||
matrix_client_element_container_image_self_build: false
|
||||
matrix_client_element_container_image_self_build_repo: "https://github.com/vector-im/riot-web.git"
|
||||
|
||||
matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:v1.7.17"
|
||||
matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:v1.7.20"
|
||||
matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else 'docker.io/' }}"
|
||||
matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}"
|
||||
|
||||
|
@ -59,6 +59,8 @@ matrix_client_element_branding_authHeaderLogoUrl: "{{ matrix_client_element_welc
|
|||
# URL to Wallpaper, shown in background of welcome page
|
||||
matrix_client_element_branding_welcomeBackgroundUrl: ~
|
||||
|
||||
matrix_client_element_page_template_welcome_path: "{{ role_path }}/templates/welcome.html.j2"
|
||||
|
||||
# By default, there's no Element homepage (when logged in). If you wish to have one,
|
||||
# point this to a `home.html` template file on your local filesystem.
|
||||
matrix_client_element_embedded_pages_home_path: ~
|
||||
|
|
|
@ -62,7 +62,7 @@
|
|||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- {src: "{{ role_path }}/templates/nginx.conf.j2", name: "nginx.conf"}
|
||||
- {src: "{{ role_path }}/templates/welcome.html.j2", name: "welcome.html"}
|
||||
- {src: "{{ matrix_client_element_page_template_welcome_path }}", name: "welcome.html"}
|
||||
- {src: "{{ matrix_client_element_embedded_pages_home_path }}", name: "home.html"}
|
||||
when: "matrix_client_element_enabled|bool and item.src is not none"
|
||||
|
||||
|
|
|
@ -10,8 +10,8 @@ DefaultDependencies=no
|
|||
[Service]
|
||||
Type=simple
|
||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-client-element
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-client-element
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-client-element 2>/dev/null'
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-client-element 2>/dev/null'
|
||||
|
||||
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-client-element \
|
||||
--log-driver=none \
|
||||
|
@ -35,8 +35,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-client-element
|
|||
{% endfor %}
|
||||
{{ matrix_client_element_docker_image }}
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-client-element
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-client-element
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-client-element 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-client-element 2>/dev/null'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-client-element
|
||||
|
|
|
@ -10,8 +10,8 @@ DefaultDependencies=no
|
|||
[Service]
|
||||
Type=simple
|
||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-corporal
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-corporal
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-corporal 2>/dev/null'
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-corporal 2>/dev/null'
|
||||
|
||||
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-corporal \
|
||||
--log-driver=none \
|
||||
|
@ -34,8 +34,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-corporal \
|
|||
{{ matrix_corporal_docker_image }} \
|
||||
/matrix-corporal -config=/etc/matrix-corporal/config.json
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-corporal
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-corporal
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-corporal 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-corporal 2>/dev/null'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-corporal
|
||||
|
|
|
@ -41,7 +41,5 @@
|
|||
path: "{{ matrix_coturn_base_path }}"
|
||||
state: absent
|
||||
|
||||
- name: Ensure coturn Docker image doesn't exist
|
||||
docker_image:
|
||||
name: "{{ matrix_coturn_docker_image }}"
|
||||
state: absent
|
||||
# Intentionally not removing the Docker image when uninstalling.
|
||||
# We can't be sure it had been pulled by us in the first place.
|
||||
|
|
|
@ -10,8 +10,8 @@ DefaultDependencies=no
|
|||
[Service]
|
||||
Type=simple
|
||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-coturn
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-coturn
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-coturn 2>/dev/null'
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-coturn 2>/dev/null'
|
||||
|
||||
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-coturn \
|
||||
--log-driver=none \
|
||||
|
@ -42,8 +42,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-coturn \
|
|||
{{ matrix_coturn_docker_image }} \
|
||||
-c /turnserver.conf
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-coturn
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-coturn
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-coturn 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-coturn 2>/dev/null'
|
||||
|
||||
# This only reloads certificates (not other configuration).
|
||||
# See: https://github.com/coturn/coturn/pull/236
|
||||
|
|
|
@ -13,8 +13,8 @@ DefaultDependencies=no
|
|||
[Service]
|
||||
Type=simple
|
||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-dimension
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-dimension
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-dimension 2>/dev/null'
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-dimension 2>/dev/null'
|
||||
|
||||
# Fixup database ownership if it got changed somehow (during a server migration, etc.)
|
||||
{% if matrix_dimension_database_engine == 'sqlite' %}
|
||||
|
@ -38,8 +38,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-dimension \
|
|||
{% endfor %}
|
||||
{{ matrix_dimension_docker_image }}
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-dimension
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-dimension
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-dimension 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-dimension 2>/dev/null'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-dimension
|
||||
|
|
|
@ -22,3 +22,6 @@
|
|||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_dynamic_dns_service_stat.stat.exists"
|
||||
|
||||
# Intentionally not removing the Docker image when uninstalling.
|
||||
# We can't be sure it had been pulled by us in the first place.
|
||||
|
|
|
@ -13,8 +13,8 @@ DefaultDependencies=no
|
|||
[Service]
|
||||
Type=simple
|
||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-dynamic-dns
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-dynamic-dns
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-dynamic-dns 2>/dev/null'
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-dynamic-dns 2>/dev/null'
|
||||
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-dynamic-dns \
|
||||
--log-driver=none \
|
||||
--network={{ matrix_docker_network }} \
|
||||
|
@ -26,8 +26,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-dynamic-dns \
|
|||
{% endfor %}
|
||||
{{ matrix_dynamic_dns_docker_image }}
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-dynamic-dns
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-dynamic-dns
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-dynamic-dns 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-dynamic-dns 2>/dev/null'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-dynamic-dns
|
||||
|
|
|
@ -8,8 +8,8 @@ DefaultDependencies=no
|
|||
[Service]
|
||||
Type=simple
|
||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-email2matrix
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-email2matrix
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-email2matrix 2>/dev/null'
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-email2matrix 2>/dev/null'
|
||||
|
||||
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-email2matrix \
|
||||
--log-driver=none \
|
||||
|
@ -24,8 +24,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-email2matrix \
|
|||
{% endfor %}
|
||||
{{ matrix_email2matrix_docker_image }}
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-email2matrix
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-email2matrix
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-email2matrix 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-email2matrix 2>/dev/null'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-email2matrix
|
||||
|
|
93
roles/matrix-etherpad/defaults/main.yml
Normal file
93
roles/matrix-etherpad/defaults/main.yml
Normal file
|
@ -0,0 +1,93 @@
|
|||
matrix_etherpad_enabled: false
|
||||
|
||||
matrix_etherpad_base_path: "{{ matrix_base_data_path }}/etherpad"
|
||||
|
||||
matrix_etherpad_docker_image: "docker.io/etherpad/etherpad:1.8.7"
|
||||
matrix_etherpad_docker_image_force_pull: "{{ matrix_etherpad_docker_image.endswith(':latest') }}"
|
||||
|
||||
# List of systemd services that matrix-etherpad.service depends on.
|
||||
matrix_etherpad_systemd_required_services_list: ['docker.service']
|
||||
|
||||
# List of systemd services that matrix-etherpad.service wants
|
||||
matrix_etherpad_systemd_wanted_services_list: []
|
||||
|
||||
# Container user has to be able to write to the source file directories until this bug is fixed:
|
||||
# https://github.com/ether/etherpad-lite/issues/2683
|
||||
matrix_etherpad_user_uid: '5001'
|
||||
matrix_etherpad_user_gid: '5001'
|
||||
|
||||
# Controls whether the matrix-etherpad container exposes its HTTP port (tcp/9001 in the container).
|
||||
#
|
||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:9001"), or empty string to not expose.
|
||||
matrix_etherpad_container_http_host_bind_port: '9001'
|
||||
|
||||
# A list of extra arguments to pass to the container
|
||||
matrix_etherpad_container_extra_arguments: []
|
||||
|
||||
matrix_etherpad_public_endpoint: '/etherpad'
|
||||
|
||||
# By default, the Etherpad app can be accessed within the Dimension domain
|
||||
matrix_etherpad_base_url: "https://{{ matrix_server_fqn_dimension }}{{ matrix_etherpad_public_endpoint }}"
|
||||
|
||||
# Database-related configuration fields.
|
||||
#
|
||||
# Etherpad recommends using a dedicated database, and supports Sqlite only for development
|
||||
#
|
||||
# To use Postgres:
|
||||
# - change the engine (`matrix_etherpad_database_engine: 'postgres'`)
|
||||
# - adjust your database credentials via the `matrix_etherpad_postgres_*` variables
|
||||
matrix_etherpad_database_engine: 'sqlite'
|
||||
|
||||
matrix_etherpad_sqlite_database_path_local: "{{ matrix_etherpad_base_path }}/etherpad.db"
|
||||
matrix_etherpad_sqlite_database_path_in_container: "/data/etherpad.db"
|
||||
|
||||
matrix_etherpad_database_username: 'matrix_etherpad'
|
||||
matrix_etherpad_database_password: 'some-password'
|
||||
matrix_etherpad_database_hostname: 'matrix-postgres'
|
||||
matrix_etherpad_database_port: 5432
|
||||
matrix_etherpad_database_name: 'matrix_etherpad'
|
||||
|
||||
matrix_etherpad_database_connection_string: 'postgres://{{ matrix_etherpad_database_username }}:{{ matrix_etherpad_database_password }}@{{ matrix_etherpad_database_hostname }}:{{ matrix_etherpad_database_port }}/{{ matrix_etherpad_database_name }}'
|
||||
|
||||
# Variables configuring the etherpad
|
||||
matrix_etherpad_title: 'Etherpad'
|
||||
matrix_etherpad_default_pad_text: |
|
||||
Welcome to Etherpad!
|
||||
|
||||
This pad text is synchronized as you type, so that everyone viewing this page sees the same text. This allows you to collaborate seamlessly on documents!
|
||||
|
||||
Get involved with Etherpad at https://etherpad.org
|
||||
|
||||
# Default Etherpad configuration template which covers the generic use case.
|
||||
# You can customize it by controlling the various variables inside it.
|
||||
#
|
||||
# For a more advanced customization, you can extend the default (see `matrix_etherpad_configuration_extension_json`)
|
||||
# or completely replace this variable with your own template.
|
||||
matrix_etherpad_configuration_default: "{{ lookup('template', 'templates/settings.json.j2') }}"
|
||||
|
||||
# Your custom JSON configuration for Etherpad goes here.
|
||||
# This configuration extends the default starting configuration (`matrix_etherpad_configuration_json`).
|
||||
#
|
||||
# You can override individual variables from the default configuration, or introduce new ones.
|
||||
#
|
||||
# If you need something more special, you can take full control by
|
||||
# completely redefining `matrix_etherpad_configuration_json`.
|
||||
#
|
||||
# Example configuration extension follows:
|
||||
#
|
||||
# matrix_etherpad_configuration_extension_json: |
|
||||
# {
|
||||
# "loadTest": true,
|
||||
# "commitRateLimiting": {
|
||||
# "duration": 1,
|
||||
# "points": 10
|
||||
# }
|
||||
# }
|
||||
#
|
||||
matrix_etherpad_configuration_extension_json: '{}'
|
||||
|
||||
matrix_etherpad_configuration_extension: "{{ matrix_etherpad_configuration_extension_json|from_json if matrix_etherpad_configuration_extension_json|from_json is mapping else {} }}"
|
||||
|
||||
# Holds the final Etherpad configuration (a combination of the default and its extension).
|
||||
# You most likely don't need to touch this variable. Instead, see `matrix_etherpad_configuration_json`.
|
||||
matrix_etherpad_configuration: "{{ matrix_etherpad_configuration_default|combine(matrix_etherpad_configuration_extension, recursive=True) }}"
|
62
roles/matrix-etherpad/tasks/init.yml
Normal file
62
roles/matrix-etherpad/tasks/init.yml
Normal file
|
@ -0,0 +1,62 @@
|
|||
- set_fact:
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-etherpad.service'] }}"
|
||||
when: matrix_etherpad_enabled|bool
|
||||
|
||||
- block:
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
fail:
|
||||
msg: >-
|
||||
Trying to append Etherpad's reverse-proxying configuration to matrix-nginx-proxy,
|
||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
||||
To fix this, please change the order of roles in your plabook,
|
||||
so that the matrix-nginx-proxy role would run after the matrix-etherpad role.
|
||||
when: matrix_nginx_proxy_role_executed|default(False)|bool
|
||||
|
||||
- name: Generate Etherpad proxying configuration for matrix-nginx-proxy
|
||||
set_fact:
|
||||
matrix_etherpad_matrix_nginx_proxy_configuration: |
|
||||
rewrite ^{{ matrix_etherpad_public_endpoint }}$ $scheme://$server_name{{ matrix_etherpad_public_endpoint }}/ permanent;
|
||||
|
||||
location {{ matrix_etherpad_public_endpoint }}/ {
|
||||
{% if matrix_nginx_proxy_enabled|default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
proxy_pass http://matrix-etherpad:9001/;
|
||||
{# These are proxy directives needed specifically by Etherpad #}
|
||||
proxy_buffering off;
|
||||
proxy_http_version 1.1; # recommended with keepalive connections
|
||||
proxy_pass_header Server;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto $scheme; # for EP to set secure cookie flag when https is used
|
||||
# WebSocket proxying - from http://nginx.org/en/docs/http/websocket.html
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection $connection_upgrade;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
# A good guide for setting up your Etherpad behind nginx:
|
||||
# https://docs.gandi.net/en/cloud/tutorials/etherpad_lite.html
|
||||
proxy_pass http://127.0.0.1:9001/;
|
||||
{% endif %}
|
||||
}
|
||||
|
||||
- name: Register Etherpad proxying configuration with matrix-nginx-proxy
|
||||
set_fact:
|
||||
matrix_nginx_proxy_proxy_dimension_additional_server_configuration_blocks: |
|
||||
{{
|
||||
matrix_nginx_proxy_proxy_dimension_additional_server_configuration_blocks|default([])
|
||||
+
|
||||
[matrix_etherpad_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
tags:
|
||||
- always
|
||||
when: matrix_etherpad_enabled|bool
|
||||
|
||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||
debug:
|
||||
msg: >-
|
||||
NOTE: You've enabled the Etherpad tool but are not using the matrix-nginx-proxy
|
||||
reverse proxy.
|
||||
Please make sure that you're proxying the `{{ matrix_etherpad_public_endpoint }}`
|
||||
URL endpoint to the matrix-etherpad container.
|
||||
You can expose the container's port using the `matrix_etherpad_container_http_host_bind_port` variable.
|
||||
when: "matrix_etherpad_enabled|bool and matrix_nginx_proxy_enabled is not defined"
|
21
roles/matrix-etherpad/tasks/main.yml
Normal file
21
roles/matrix-etherpad/tasks/main.yml
Normal file
|
@ -0,0 +1,21 @@
|
|||
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
tags:
|
||||
- always
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
|
||||
when: run_setup|bool and matrix_etherpad_enabled|bool
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-etherpad
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
|
||||
when: run_setup|bool and not matrix_etherpad_enabled|bool
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-etherpad
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: run_setup|bool and matrix_etherpad_enabled|bool
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-etherpad
|
36
roles/matrix-etherpad/tasks/setup_install.yml
Normal file
36
roles/matrix-etherpad/tasks/setup_install.yml
Normal file
|
@ -0,0 +1,36 @@
|
|||
---
|
||||
|
||||
- name: Ensure Etherpad base path exists
|
||||
file:
|
||||
path: "{{ matrix_etherpad_base_path }}"
|
||||
state: directory
|
||||
mode: 0770
|
||||
owner: "{{ matrix_etherpad_user_uid }}"
|
||||
group: "{{ matrix_etherpad_user_gid }}"
|
||||
|
||||
- name: Ensure Etherpad config installed
|
||||
copy:
|
||||
content: "{{ matrix_etherpad_configuration|to_nice_json }}"
|
||||
dest: "{{ matrix_etherpad_base_path }}/settings.json"
|
||||
mode: 0640
|
||||
owner: "{{ matrix_etherpad_user_uid }}"
|
||||
group: "{{ matrix_etherpad_user_gid }}"
|
||||
|
||||
- name: Ensure Etherpad image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_etherpad_docker_image }}"
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
force_source: "{{ matrix_etherpad_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_etherpad_docker_image_force_pull }}"
|
||||
|
||||
- name: Ensure matrix-etherpad.service installed
|
||||
template:
|
||||
src: "{{ role_path }}/templates/systemd/matrix-etherpad.service.j2"
|
||||
dest: "{{ matrix_systemd_path }}/matrix-etherpad.service"
|
||||
mode: 0644
|
||||
register: matrix_etherpad_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-etherpad.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_etherpad_systemd_service_result.changed|bool"
|
35
roles/matrix-etherpad/tasks/setup_uninstall.yml
Normal file
35
roles/matrix-etherpad/tasks/setup_uninstall.yml
Normal file
|
@ -0,0 +1,35 @@
|
|||
---
|
||||
|
||||
- name: Check existence of matrix-etherpad service
|
||||
stat:
|
||||
path: "{{ matrix_systemd_path }}/matrix-etherpad.service"
|
||||
register: matrix_etherpad_service_stat
|
||||
|
||||
- name: Ensure matrix-etherpad is stopped
|
||||
service:
|
||||
name: matrix-etherpad
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
register: stopping_result
|
||||
when: "matrix_etherpad_service_stat.stat.exists|bool"
|
||||
|
||||
- name: Ensure matrix-etherpad.service doesn't exist
|
||||
file:
|
||||
path: "{{ matrix_systemd_path }}/matrix-etherpad.service"
|
||||
state: absent
|
||||
when: "matrix_etherpad_service_stat.stat.exists|bool"
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-etherpad.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_etherpad_service_stat.stat.exists|bool"
|
||||
|
||||
- name: Ensure Etherpad base directory doesn't exist
|
||||
file:
|
||||
path: "{{ matrix_etherpad_base_path }}"
|
||||
state: absent
|
||||
|
||||
- name: Ensure Etherpad Docker image doesn't exist
|
||||
docker_image:
|
||||
name: "{{ matrix_etherpad_docker_image }}"
|
||||
state: absent
|
5
roles/matrix-etherpad/tasks/validate_config.yml
Normal file
5
roles/matrix-etherpad/tasks/validate_config.yml
Normal file
|
@ -0,0 +1,5 @@
|
|||
- name: Fail if Etherpad is enabled without the Dimension integrations manager
|
||||
fail:
|
||||
msg: >-
|
||||
To integrate Etherpad notes with Matrix rooms you need to set "matrix_dimension_enabled" to true
|
||||
when: "not matrix_dimension_enabled|bool"
|
106
roles/matrix-etherpad/templates/settings.json.j2
Normal file
106
roles/matrix-etherpad/templates/settings.json.j2
Normal file
|
@ -0,0 +1,106 @@
|
|||
{
|
||||
"title": {{ matrix_etherpad_title|to_json }},
|
||||
"favicon": "favicon.ico",
|
||||
"skinName": "colibris",
|
||||
"skinVariants": "super-light-toolbar super-light-editor light-background",
|
||||
"ip": "::",
|
||||
"port": 9001,
|
||||
"showSettingsInAdminPage": true,
|
||||
"dbType": {{ matrix_etherpad_database_engine|to_json }},
|
||||
"dbSettings": {
|
||||
{% if matrix_etherpad_database_engine == 'sqlite' %}
|
||||
"filename": {{ matrix_etherpad_sqlite_database_path_in_container|to_json }}
|
||||
{% elif matrix_etherpad_database_engine == 'postgres' %}
|
||||
"database": {{ matrix_etherpad_database_name|to_json }},
|
||||
"host": {{ matrix_etherpad_database_hostname|to_json }},
|
||||
"password": {{ matrix_etherpad_database_password|to_json }},
|
||||
"port": {{ matrix_etherpad_database_port|to_json }},
|
||||
"user": {{ matrix_etherpad_database_username|to_json }}
|
||||
{% endif %}
|
||||
},
|
||||
"defaultPadText" : {{ matrix_etherpad_default_pad_text|to_json }},
|
||||
"suppressErrorsInPadText": false,
|
||||
"requireSession": false,
|
||||
"editOnly": false,
|
||||
"minify": true,
|
||||
"maxAge": 21600,
|
||||
"abiword": null,
|
||||
"soffice": null,
|
||||
"tidyHtml": null,
|
||||
"allowUnknownFileEnds": true,
|
||||
"requireAuthentication": false,
|
||||
"requireAuthorization": false,
|
||||
"trustProxy": true,
|
||||
"cookie": {
|
||||
"sameSite": "Lax"
|
||||
},
|
||||
"disableIPlogging": true,
|
||||
"automaticReconnectionTimeout": 0,
|
||||
"scrollWhenFocusLineIsOutOfViewport": {
|
||||
"percentage": {
|
||||
"editionAboveViewport": 0,
|
||||
"editionBelowViewport": 0
|
||||
},
|
||||
"duration": 0,
|
||||
"scrollWhenCaretIsInTheLastLineOfViewport": false,
|
||||
"percentageToScrollWhenUserPressesArrowUp": 0
|
||||
},
|
||||
"socketTransportProtocols" : ["xhr-polling", "jsonp-polling", "htmlfile"],
|
||||
"loadTest": false,
|
||||
"importExportRateLimiting": {
|
||||
"windowMs": 90000,
|
||||
"max": 10
|
||||
},
|
||||
"importMaxFileSize": 52428800,
|
||||
"commitRateLimiting": {
|
||||
"duration": 1,
|
||||
"points": 10
|
||||
},
|
||||
"exposeVersion": false,
|
||||
"padOptions": {
|
||||
"noColors": false,
|
||||
"showControls": true,
|
||||
"showChat": false,
|
||||
"showLineNumbers": true,
|
||||
"useMonospaceFont": false,
|
||||
"userName": false,
|
||||
"userColor": false,
|
||||
"rtl": false,
|
||||
"alwaysShowChat": false,
|
||||
"chatAndUsers": false,
|
||||
"lang": "en-gb"
|
||||
},
|
||||
"padShortcutEnabled" : {
|
||||
"altF9": true,
|
||||
"altC": true,
|
||||
"cmdShift2": true,
|
||||
"delete": true,
|
||||
"return": true,
|
||||
"esc": true,
|
||||
"cmdS": true,
|
||||
"tab": true,
|
||||
"cmdZ": true,
|
||||
"cmdY": true,
|
||||
"cmdI": true,
|
||||
"cmdB": true,
|
||||
"cmdU": true,
|
||||
"cmd5": true,
|
||||
"cmdShiftL": true,
|
||||
"cmdShiftN": true,
|
||||
"cmdShift1": true,
|
||||
"cmdShiftC": true,
|
||||
"cmdH": true,
|
||||
"ctrlHome": true,
|
||||
"pageUp": true,
|
||||
"pageDown": true
|
||||
},
|
||||
"loglevel": "INFO",
|
||||
"logconfig" :
|
||||
{ "appenders": [
|
||||
{ "type": "console",
|
||||
"layout": {"type": "messagePassThrough"}
|
||||
}
|
||||
]
|
||||
},
|
||||
"customLocaleStrings": {}
|
||||
}
|
|
@ -0,0 +1,49 @@
|
|||
#jinja2: lstrip_blocks: "True"
|
||||
[Unit]
|
||||
Description=Matrix Etherpad
|
||||
{% for service in matrix_etherpad_systemd_required_services_list %}
|
||||
Requires={{ service }}
|
||||
After={{ service }}
|
||||
{% endfor %}
|
||||
{% for service in matrix_etherpad_systemd_wanted_services_list %}
|
||||
Wants={{ service }}
|
||||
{% endfor %}
|
||||
DefaultDependencies=no
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-etherpad
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-etherpad
|
||||
|
||||
# Fixup database ownership if it got changed somehow (during a server migration, etc.)
|
||||
{% if matrix_etherpad_database_engine == 'sqlite' %}
|
||||
ExecStartPre=-{{ matrix_host_command_chown }} {{ matrix_etherpad_user_uid }} {{ matrix_etherpad_sqlite_database_path_local }}
|
||||
{% endif %}
|
||||
|
||||
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-etherpad \
|
||||
--log-driver=none \
|
||||
--user={{ matrix_etherpad_user_uid }}:{{ matrix_etherpad_user_gid }} \
|
||||
--cap-drop=ALL \
|
||||
--network={{ matrix_docker_network }} \
|
||||
{% if matrix_etherpad_container_http_host_bind_port %}
|
||||
-p {{ matrix_etherpad_container_http_host_bind_port }}:9001 \
|
||||
{% endif %}
|
||||
--mount type=bind,src={{ matrix_etherpad_base_path }},dst=/data \
|
||||
{% for arg in matrix_etherpad_container_extra_arguments %}
|
||||
{{ arg }} \
|
||||
{% endfor %}
|
||||
{{ matrix_etherpad_docker_image }} \
|
||||
node --experimental-worker /opt/etherpad-lite/node_modules/ep_etherpad-lite/node/server.js \
|
||||
--settings /data/settings.json --credentials /data/credentials.json \
|
||||
--sessionkey /data/sessionkey.json --apikey /data/apijey.json
|
||||
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-etherpad
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-etherpad
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-etherpad
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -67,6 +67,9 @@ matrix_jitsi_web_public_url: "https://{{ matrix_server_fqn_jitsi }}"
|
|||
# Addresses need to be prefixed with one of `stun:`, `turn:` or `turns:`.
|
||||
matrix_jitsi_web_stun_servers: ['stun:meet-jit-si-turnrelay.jitsi.net:443']
|
||||
|
||||
# Controls whether Etherpad will be available within Jitsi
|
||||
matrix_jitsi_etherpad_enabled: false
|
||||
|
||||
# Controls whether the matrix-jitsi-web container exposes its HTTP port (tcp/80 in the container).
|
||||
#
|
||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:12080"), or empty string to not expose.
|
||||
|
|
|
@ -89,8 +89,5 @@
|
|||
state: absent
|
||||
when: "not matrix_jitsi_enabled|bool"
|
||||
|
||||
- name: Ensure jitsi-jicofo Docker image doesn't exist
|
||||
docker_image:
|
||||
name: "{{ matrix_jitsi_jicofo_docker_image }}"
|
||||
state: absent
|
||||
when: "not matrix_jitsi_enabled|bool"
|
||||
# Intentionally not removing the Docker image when uninstalling.
|
||||
# We can't be sure it had been pulled by us in the first place.
|
||||
|
|
|
@ -89,8 +89,5 @@
|
|||
state: absent
|
||||
when: "not matrix_jitsi_enabled|bool"
|
||||
|
||||
- name: Ensure jitsi-jvb Docker image doesn't exist
|
||||
docker_image:
|
||||
name: "{{ matrix_jitsi_jvb_docker_image }}"
|
||||
state: absent
|
||||
when: "not matrix_jitsi_enabled|bool"
|
||||
# Intentionally not removing the Docker image when uninstalling.
|
||||
# We can't be sure it had been pulled by us in the first place.
|
||||
|
|
|
@ -80,8 +80,5 @@
|
|||
state: absent
|
||||
when: "not matrix_jitsi_enabled|bool"
|
||||
|
||||
- name: Ensure jitsi-prosody Docker image doesn't exist
|
||||
docker_image:
|
||||
name: "{{ matrix_jitsi_prosody_docker_image }}"
|
||||
state: absent
|
||||
when: "not matrix_jitsi_enabled|bool"
|
||||
# Intentionally not removing the Docker image when uninstalling.
|
||||
# We can't be sure it had been pulled by us in the first place.
|
||||
|
|
|
@ -90,8 +90,6 @@
|
|||
state: absent
|
||||
when: "not matrix_jitsi_enabled|bool"
|
||||
|
||||
- name: Ensure jitsi-web Docker image doesn't exist
|
||||
docker_image:
|
||||
name: "{{ matrix_jitsi_web_docker_image }}"
|
||||
state: absent
|
||||
when: "not matrix_jitsi_enabled|bool"
|
||||
# Intentionally not removing the Docker image when uninstalling.
|
||||
# We can't be sure it had been pulled by us in the first place.
|
||||
|
||||
|
|
|
@ -10,8 +10,8 @@ DefaultDependencies=no
|
|||
[Service]
|
||||
Type=simple
|
||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-jitsi-jicofo
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-jitsi-jicofo
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-jicofo 2>/dev/null'
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-jicofo 2>/dev/null'
|
||||
|
||||
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-jicofo \
|
||||
--log-driver=none \
|
||||
|
@ -23,8 +23,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-jicofo \
|
|||
{% endfor %}
|
||||
{{ matrix_jitsi_jicofo_docker_image }}
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-jitsi-jicofo
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-jitsi-jicofo
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-jicofo 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-jicofo 2>/dev/null'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-jitsi-jicofo
|
||||
|
|
|
@ -10,8 +10,8 @@ DefaultDependencies=no
|
|||
[Service]
|
||||
Type=simple
|
||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-jitsi-jvb
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-jitsi-jvb
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-jvb 2>/dev/null'
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-jvb 2>/dev/null'
|
||||
|
||||
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-jvb \
|
||||
--log-driver=none \
|
||||
|
@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-jvb \
|
|||
{% endfor %}
|
||||
{{ matrix_jitsi_jvb_docker_image }}
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-jitsi-jvb
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-jitsi-jvb
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-jvb 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-jvb 2>/dev/null'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-jitsi-jvb
|
||||
|
|
|
@ -10,8 +10,8 @@ DefaultDependencies=no
|
|||
[Service]
|
||||
Type=simple
|
||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-jitsi-prosody
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-jitsi-prosody
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-prosody 2>/dev/null'
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-prosody 2>/dev/null'
|
||||
|
||||
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-prosody \
|
||||
--log-driver=none \
|
||||
|
@ -24,8 +24,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-prosody
|
|||
{% endfor %}
|
||||
{{ matrix_jitsi_prosody_docker_image }}
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-jitsi-prosody
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-jitsi-prosody
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-prosody 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-prosody 2>/dev/null'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-jitsi-prosody
|
||||
|
|
|
@ -11,5 +11,8 @@ config.p2p.stunServers = [
|
|||
];
|
||||
{% endif %}
|
||||
|
||||
{% if matrix_jitsi_etherpad_enabled %}
|
||||
config.etherpad_base = {{ (matrix_jitsi_etherpad_base + '/p/') |to_json }}
|
||||
{% endif %}
|
||||
|
||||
{{ matrix_jitsi_web_custom_config_extension }}
|
||||
|
|
|
@ -37,4 +37,6 @@ RESOLUTION_WIDTH_MIN={{ matrix_jitsi_web_config_resolution_width_min }}
|
|||
START_AUDIO_MUTED={{ matrix_jitsi_web_config_start_audio_muted_after_nth_participant }}
|
||||
START_VIDEO_MUTED={{ matrix_jitsi_web_config_start_video_muted_after_nth_participant }}
|
||||
|
||||
ETHERPAD_URL_BASE={{ (matrix_jitsi_etherpad_base + '/') if matrix_jitsi_etherpad_enabled else ''}}
|
||||
|
||||
{{ matrix_jitsi_web_environment_variables_extension }}
|
||||
|
|
|
@ -10,8 +10,8 @@ DefaultDependencies=no
|
|||
[Service]
|
||||
Type=simple
|
||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-jitsi-web
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-jitsi-web
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-web 2>/dev/null'
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-web 2>/dev/null'
|
||||
|
||||
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-web \
|
||||
--log-driver=none \
|
||||
|
@ -27,8 +27,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-web \
|
|||
{% endfor %}
|
||||
{{ matrix_jitsi_web_docker_image }}
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-jitsi-web
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-jitsi-web
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-web 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-web 2>/dev/null'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-jitsi-web
|
||||
|
|
|
@ -13,8 +13,8 @@ DefaultDependencies=no
|
|||
[Service]
|
||||
Type=simple
|
||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-ma1sd
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-ma1sd
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-ma1sd 2>/dev/null'
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-ma1sd 2>/dev/null'
|
||||
|
||||
# ma1sd writes an SQLite shared library (libsqlitejdbc.so) to /tmp and executes it from there,
|
||||
# so /tmp needs to be mounted with an exec option.
|
||||
|
@ -38,8 +38,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-ma1sd \
|
|||
{% endfor %}
|
||||
{{ matrix_ma1sd_docker_image }}
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-ma1sd
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-ma1sd
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-ma1sd 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-ma1sd 2>/dev/null'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-ma1sd
|
||||
|
|
|
@ -8,8 +8,8 @@ DefaultDependencies=no
|
|||
[Service]
|
||||
Type=simple
|
||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-mailer
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-mailer
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mailer 2>/dev/null'
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mailer 2>/dev/null'
|
||||
|
||||
# --hostname gives us a friendlier hostname than the default.
|
||||
# The real hostname is passed via a `HOSTNAME` environment variable though.
|
||||
|
@ -28,8 +28,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mailer \
|
|||
{% endfor %}
|
||||
{{ matrix_mailer_docker_image }}
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-mailer
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-mailer
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mailer 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mailer 2>/dev/null'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-mailer
|
||||
|
|
|
@ -295,7 +295,7 @@ matrix_ssl_domains_to_obtain_certificates_for: []
|
|||
|
||||
# Controls whether to obtain production or staging certificates from Let's Encrypt.
|
||||
matrix_ssl_lets_encrypt_staging: false
|
||||
matrix_ssl_lets_encrypt_certbot_docker_image: "docker.io/certbot/certbot:{{ matrix_ssl_architecture }}-v1.10.1"
|
||||
matrix_ssl_lets_encrypt_certbot_docker_image: "docker.io/certbot/certbot:{{ matrix_ssl_architecture }}-v1.11.0"
|
||||
matrix_ssl_lets_encrypt_certbot_docker_image_force_pull: "{{ matrix_ssl_lets_encrypt_certbot_docker_image.endswith(':latest') }}"
|
||||
matrix_ssl_lets_encrypt_certbot_standalone_http_port: 2402
|
||||
matrix_ssl_lets_encrypt_support_email: ~
|
||||
|
|
|
@ -55,7 +55,7 @@
|
|||
file:
|
||||
path: "{{ matrix_systemd_path }}/{{ item.name }}"
|
||||
state: absent
|
||||
when: "{{ not item.applicable }}"
|
||||
when: "not item.applicable|bool"
|
||||
with_items: "{{ matrix_ssl_renewal_systemd_units_list }}"
|
||||
|
||||
- name: Ensure Let's Encrypt SSL renewal script removed
|
||||
|
|
|
@ -45,6 +45,11 @@ http {
|
|||
keepalive_timeout 65;
|
||||
|
||||
#gzip on;
|
||||
{# Map directive needed for proxied WebSocket upgrades #}
|
||||
map $http_upgrade $connection_upgrade {
|
||||
default upgrade;
|
||||
'' close;
|
||||
}
|
||||
|
||||
include /etc/nginx/conf.d/*.conf;
|
||||
}
|
||||
|
|
|
@ -13,8 +13,8 @@ DefaultDependencies=no
|
|||
[Service]
|
||||
Type=simple
|
||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-nginx-proxy
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-nginx-proxy
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-nginx-proxy 2>/dev/null'
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-nginx-proxy 2>/dev/null'
|
||||
|
||||
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-nginx-proxy \
|
||||
--log-driver=none \
|
||||
|
@ -47,8 +47,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-nginx-proxy \
|
|||
{% endfor %}
|
||||
{{ matrix_nginx_proxy_docker_image }}
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-nginx-proxy
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-nginx-proxy
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-nginx-proxy 2>/dev/null'
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-nginx-proxy 2>/dev/null'
|
||||
ExecReload={{ matrix_host_command_docker }} exec matrix-nginx-proxy /usr/sbin/nginx -s reload
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
|
|
|
@ -1,18 +1,27 @@
|
|||
matrix_postgres_enabled: true
|
||||
|
||||
matrix_postgres_connection_hostname: ""
|
||||
matrix_postgres_connection_username: ""
|
||||
matrix_postgres_connection_hostname: "matrix-postgres"
|
||||
matrix_postgres_connection_port: 5432
|
||||
matrix_postgres_connection_username: "matrix"
|
||||
matrix_postgres_connection_password: ""
|
||||
matrix_postgres_db_name: ""
|
||||
matrix_postgres_db_name: "matrix"
|
||||
|
||||
matrix_postgres_base_path: "{{ matrix_base_data_path }}/postgres"
|
||||
matrix_postgres_data_path: "{{ matrix_postgres_base_path }}/data"
|
||||
|
||||
matrix_postgres_docker_image_v9: "docker.io/postgres:9.6.20-alpine"
|
||||
matrix_postgres_docker_image_v10: "docker.io/postgres:10.15-alpine"
|
||||
matrix_postgres_docker_image_v11: "docker.io/postgres:11.10-alpine"
|
||||
matrix_postgres_docker_image_v12: "docker.io/postgres:12.5-alpine"
|
||||
matrix_postgres_docker_image_v13: "docker.io/postgres:13.1-alpine"
|
||||
matrix_postgres_architecture: amd64
|
||||
|
||||
# matrix_postgres_docker_image_suffix controls whether we use Alpine-based images (`-alpine`) or the normal Debian-based images.
|
||||
# Alpine-based Postgres images are smaller and we usually prefer them, but they don't work on ARM32 (tested on a Raspberry Pi 3 running Raspbian 10.7).
|
||||
# On ARM32, `-alpine` images fail with the following error:
|
||||
# > LOG: startup process (PID 37) was terminated by signal 11: Segmentation fault
|
||||
matrix_postgres_docker_image_suffix: "{{ '-alpine' if matrix_postgres_architecture in ['amd64', 'arm64'] else '' }}"
|
||||
|
||||
matrix_postgres_docker_image_v9: "docker.io/postgres:9.6.20{{ matrix_postgres_docker_image_suffix }}"
|
||||
matrix_postgres_docker_image_v10: "docker.io/postgres:10.15{{ matrix_postgres_docker_image_suffix }}"
|
||||
matrix_postgres_docker_image_v11: "docker.io/postgres:11.10{{ matrix_postgres_docker_image_suffix }}"
|
||||
matrix_postgres_docker_image_v12: "docker.io/postgres:12.5{{ matrix_postgres_docker_image_suffix }}"
|
||||
matrix_postgres_docker_image_v13: "docker.io/postgres:13.1{{ matrix_postgres_docker_image_suffix }}"
|
||||
matrix_postgres_docker_image_latest: "{{ matrix_postgres_docker_image_v13 }}"
|
||||
|
||||
# This variable is assigned at runtime. Overriding its value has no effect.
|
||||
|
@ -63,7 +72,10 @@ matrix_postgres_import_databases_ignore_regex: "^CREATE DATABASE ({{ matrix_post
|
|||
# and before trying to run queries for creating additional databases/users against it.
|
||||
#
|
||||
# For most (subsequent) runs, Postgres would already be running, so no waiting will be happening at all.
|
||||
matrix_postgres_additional_databases_postgres_start_wait_timeout_seconds: 15
|
||||
#
|
||||
# On ARM, we wait some more. ARM32 devices are especially known for being slow.
|
||||
# ARM64 likely don't need such a long delay, but it doesn't hurt too much having it.
|
||||
matrix_postgres_additional_databases_postgres_start_wait_timeout_seconds: "{{ 45 if matrix_postgres_architecture in ['arm32', 'arm64'] else 15 }}"
|
||||
|
||||
|
||||
matrix_postgres_pgloader_container_image_self_build: false
|
||||
|
|
|
@ -35,6 +35,13 @@
|
|||
postgres_import_wait_time: "{{ 7 * 86400 }}"
|
||||
when: "postgres_import_wait_time|default('') == ''"
|
||||
|
||||
# By default, we connect and import into the main (`matrix`) database.
|
||||
# Single-database dumps for Synapse may wish to import into `synapse` instead.
|
||||
- name: Set postgres_default_import_database, if not provided
|
||||
set_fact:
|
||||
postgres_default_import_database: "{{ matrix_postgres_db_name }}"
|
||||
when: "postgres_default_import_database|default('') == ''"
|
||||
|
||||
# Actual import work
|
||||
|
||||
- name: Ensure matrix-postgres is started
|
||||
|
@ -76,7 +83,7 @@
|
|||
{{ 'gunzip |' if server_path_postgres_dump.endswith('.gz') else '' }}
|
||||
grep -vE '{{ matrix_postgres_import_roles_ignore_regex }}' |
|
||||
grep -vE '{{ matrix_postgres_import_databases_ignore_regex }}' |
|
||||
psql -v ON_ERROR_STOP=1 -h matrix-postgres"
|
||||
psql -v ON_ERROR_STOP=1 -h matrix-postgres --dbname={{ postgres_default_import_database }}"
|
||||
|
||||
# This is a hack.
|
||||
# See: https://ansibledaily.com/print-to-standard-output-without-escaping/
|
||||
|
|
|
@ -120,6 +120,25 @@
|
|||
- always
|
||||
when: "matrix_postgres_enabled|bool and matrix_postgres_additional_databases|length > 0"
|
||||
|
||||
- name: Check existence of matrix-postgres backup data path
|
||||
stat:
|
||||
path: "{{ matrix_postgres_data_path }}-auto-upgrade-backup"
|
||||
register: matrix_postgres_data_backup_path_stat
|
||||
when: "matrix_postgres_enabled|bool"
|
||||
|
||||
- name: Inject warning if backup data remains
|
||||
set_fact:
|
||||
matrix_playbook_runtime_results: |
|
||||
{{
|
||||
matrix_playbook_runtime_results|default([])
|
||||
+
|
||||
[
|
||||
"NOTE: You have some Postgres backup data in `{{ matrix_postgres_data_path }}-auto-upgrade-backup`, which was created during the last major Postgres update you ran. If your setup works well after this upgrade, feel free to delete this whole directory."
|
||||
]
|
||||
}}
|
||||
when: "matrix_postgres_enabled|bool and matrix_postgres_data_backup_path_stat.stat.exists"
|
||||
|
||||
|
||||
#
|
||||
# Tasks related to getting rid of the internal postgres server (if it was previously enabled)
|
||||
#
|
||||
|
@ -155,9 +174,16 @@
|
|||
when: "not matrix_postgres_enabled|bool"
|
||||
|
||||
# We just want to notify the user. Deleting data is too destructive.
|
||||
- name: Notify if matrix-postgres local data remains
|
||||
debug:
|
||||
msg: "Note: You are not using a local PostgreSQL database, but some old data remains from before in `{{ matrix_postgres_data_path }}`. Feel free to delete it."
|
||||
- name: Inject warning if matrix-postgres local data remains
|
||||
set_fact:
|
||||
matrix_playbook_runtime_results: |
|
||||
{{
|
||||
matrix_playbook_runtime_results|default([])
|
||||
+
|
||||
[
|
||||
"NOTE: You are not using a local PostgreSQL database, but some old data remains from before in `{{ matrix_postgres_data_path }}`. Feel free to delete it."
|
||||
]
|
||||
}}
|
||||
when: "not matrix_postgres_enabled|bool and matrix_postgres_data_path_stat.stat.exists"
|
||||
|
||||
- name: Remove Postgres scripts
|
||||
|
|
|
@ -6,17 +6,29 @@
|
|||
The `matrix_postgres_use_external` variable defined in your configuration is not used by this playbook anymore!
|
||||
You'll need to adapt to the new way of using an external Postgres server.
|
||||
It's a combination of `matrix_postgres_enabled: false` and specifying Postgres connection
|
||||
details in a few `matrix_synapse_database_` variables.
|
||||
details in a few `matrix_postgres_connection_` variables.
|
||||
See the "Using an external PostgreSQL server (optional)" documentation page.
|
||||
when: "'matrix_postgres_use_external' in vars"
|
||||
|
||||
# This is separate (from the other required variables below),
|
||||
# because we'd like to have a friendlier message for our existing users.
|
||||
- name: Fail if matrix_postgres_connection_password not defined
|
||||
fail:
|
||||
msg: >-
|
||||
The playbook no longer has a default Postgres password defined in the `matrix_postgres_connection_password` variable, among lots of other Postgres changes.
|
||||
You need to perform multiple manual steps to resolve this.
|
||||
See our changelog for more details:
|
||||
https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/CHANGELOG.md#breaking-change-postgres-changes-that-require-manual-intervention
|
||||
when: "matrix_postgres_connection_password == ''"
|
||||
|
||||
- name: Fail if required Postgres settings not defined
|
||||
fail:
|
||||
msg: >
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
with_items:
|
||||
- "matrix_postgres_connection_hostname"
|
||||
- "matrix_postgres_connection_port"
|
||||
- "matrix_postgres_connection_username"
|
||||
- "matrix_postgres_connection_password"
|
||||
- "matrix_postgres_db_name"
|
||||
|
@ -24,4 +36,4 @@
|
|||
- name: Fail if Postgres password length exceeded
|
||||
fail:
|
||||
msg: "The maximum `matrix_postgres_connection_password` length is 99 characters"
|
||||
when: "matrix_postgres_connection_hostname|length > 99"
|
||||
when: "matrix_postgres_connection_password|length > 99"
|
||||
|
|
|
@ -2,18 +2,18 @@
|
|||
-- Seen here: https://stackoverflow.com/a/49858797
|
||||
DO $$
|
||||
BEGIN
|
||||
CREATE USER {{ additional_db.username }};
|
||||
CREATE USER "{{ additional_db.username }}";
|
||||
EXCEPTION WHEN DUPLICATE_OBJECT THEN
|
||||
RAISE NOTICE 'not creating user {{ additional_db.username }}, since it already exists';
|
||||
RAISE NOTICE 'not creating user "{{ additional_db.username }}", since it already exists';
|
||||
END
|
||||
$$;
|
||||
|
||||
-- This is useful for initial user creation (since we don't assign a password above) and for handling subsequent password changes
|
||||
-- TODO - we should escape quotes in the password.
|
||||
ALTER ROLE {{ additional_db.username }} PASSWORD '{{ additional_db.password }}';
|
||||
ALTER ROLE "{{ additional_db.username }}" PASSWORD '{{ additional_db.password }}';
|
||||
|
||||
-- This will generate an error on subsequent execution
|
||||
CREATE DATABASE {{ additional_db.name }} WITH LC_CTYPE 'C' LC_COLLATE 'C' OWNER {{ additional_db.username }};
|
||||
CREATE DATABASE "{{ additional_db.name }}" WITH LC_CTYPE 'C' LC_COLLATE 'C' OWNER "{{ additional_db.username }}";
|
||||
|
||||
-- This is useful for changing the database owner subsequently
|
||||
ALTER DATABASE {{ additional_db.name }} OWNER TO {{ additional_db.username }};
|
||||
ALTER DATABASE "{{ additional_db.name }}" OWNER TO "{{ additional_db.username }}";
|
||||
|
|
|
@ -9,7 +9,7 @@ DefaultDependencies=no
|
|||
Type=simple
|
||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} stop matrix-postgres
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-postgres
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-postgres 2>/dev/null'
|
||||
|
||||
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-postgres \
|
||||
--log-driver=none \
|
||||
|
@ -31,7 +31,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-postgres \
|
|||
{{ matrix_postgres_docker_image_to_use }}
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} stop matrix-postgres
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-postgres
|
||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-postgres 2>/dev/null'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-postgres
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue