Merge branch 'master' into pub.solar
This commit is contained in:
commit
a00e600d28
|
@ -4,11 +4,14 @@
|
|||
If you're just installing Matrix services for the first time, please continue with the [Configuration](configuring-playbook.md) / [Installation](installing.md) flow and come back here later.
|
||||
|
||||
## Prerequisites
|
||||
|
||||
This playbook now supports running [Dimension](https://dimension.t2bot.io) in both a federated and an [unfederated](https://github.com/turt2live/matrix-dimension/blob/master/docs/unfederated.md) environment. This is handled automatically based on the value of `matrix_synapse_federation_enabled`.
|
||||
|
||||
Other important prerequisite is the `dimension.<your-domain>` DNS record being set up correctly. See [Configuring your DNS server](configuring-dns.md) on how to set up DNS record correctly.
|
||||
|
||||
|
||||
## Enable
|
||||
|
||||
[Dimension integrations manager](https://dimension.t2bot.io) installation is disabled by default. You can enable it in your configuration file (`inventory/host_vars/matrix.<your-domain>/vars.yml`):
|
||||
|
||||
```yaml
|
||||
|
@ -17,23 +20,31 @@ matrix_dimension_enabled: true
|
|||
|
||||
|
||||
## Define admin users
|
||||
|
||||
These users can modify the integrations this Dimension supports. Admin interface is accessible by opening Dimension in Riot and clicking the settings icon.
|
||||
Add this to your configuration file (`inventory/host_vars/matrix.<your-domain>/vars.yml`):
|
||||
|
||||
```yaml
|
||||
matrix_dimension_admins: ['@user1:domain.com', '@user2:domain.com']
|
||||
matrix_dimension_admins:
|
||||
- "@user1:{{ matrix_domain }}"
|
||||
- "@user2:{{ matrix_domain }}"
|
||||
```
|
||||
|
||||
|
||||
## Access token
|
||||
You are required to specify an access token for Dimension to work.
|
||||
To get an access token, follow these steps:
|
||||
|
||||
We recommend that you create a dedicated Matrix user for Dimension (`dimension` is a good username).
|
||||
Follow our [Registering users](registering-users.md) guide to learn how to register **a regular (non-admin) user**.
|
||||
|
||||
You are required to specify an access token (belonging to this new user) for Dimension to work.
|
||||
To get an access token for the Dimension user, follow these steps:
|
||||
|
||||
1. In a private browsing session (incognito window), open Riot.
|
||||
2. It's preferable to use a dedicated user for the access token, so create and log in with that user's username and password.
|
||||
3. Set the display name and avatar, if required.
|
||||
4. In the settings page choose "Help & About", scroll down to the bottom and click `Access Token: <click to reveal>`.
|
||||
5. Copy the highlighted text to your configuration.
|
||||
6. Close the private browsing session. **Do not log out**. Logging out will invalidate the token, making it not work.
|
||||
2. Log in with the `dimension` user and its password.
|
||||
1. Set the display name and avatar, if required.
|
||||
2. In the settings page choose "Help & About", scroll down to the bottom and click `Access Token: <click to reveal>`.
|
||||
3. Copy the highlighted text to your configuration.
|
||||
4. Close the private browsing session. **Do not log out**. Logging out will invalidate the token, making it not work.
|
||||
|
||||
**Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.**
|
||||
|
||||
|
@ -45,12 +56,23 @@ matrix_dimension_access_token: "YOUR ACCESS TOKEN HERE"
|
|||
|
||||
For more information on how to acquire an access token, visit [https://t2bot.io/docs/access_tokens](https://t2bot.io/docs/access_tokens).
|
||||
|
||||
|
||||
## Installation
|
||||
|
||||
After these variables have been set, please run the following command to re-run setup and to restart Dimension:
|
||||
|
||||
```
|
||||
ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start
|
||||
```
|
||||
|
||||
|
||||
## Jitsi domain
|
||||
|
||||
By default Dimension will use [jitsi.riot.im](https://jitsi.riot.im/) as the `conferenceDomain` of [Jitsi](https://jitsi.org/) audio/video conference widgets. For users running [a self-hosted Jitsi instance](./configuring-playbook-jitsi.md), you will likely want the widget to use your own Jitsi instance. Currently there is no way to configure this via the playbook, see [this issue](https://github.com/turt2live/matrix-dimension/issues/345) for details.
|
||||
|
||||
In the interim until the above limitation is resolved, an admin user needs to configure the domain via the admin ui once dimension is running. In riot-web, go to *Manage Integrations* → *Settings* → *Widgets* → *Jitsi Conference Settings* and set *Jitsi Domain* and *Jitsi Script URL* appropriately.
|
||||
|
||||
|
||||
## Additional features
|
||||
|
||||
To use a more custom configuration, you can define a `matrix_dimension_configuration_extension_yaml` string variable and put your configuration in it.
|
||||
|
|
|
@ -4,7 +4,7 @@ The playbook can install the [Jitsi](https://jitsi.org/) video-conferencing plat
|
|||
|
||||
Jitsi installation is **not enabled by default**, because it's not a core component of Matrix services.
|
||||
|
||||
The setup done by the playbook is very similar to [docker-jitsi-meet](https://github.com/jitsi/docker-jitsi-meet).
|
||||
The setup done by the playbook is very similar to [docker-jitsi-meet](https://github.com/jitsi/docker-jitsi-meet). You can refer to the documentation there for many of the options here.
|
||||
|
||||
|
||||
## Prerequisites
|
||||
|
@ -34,13 +34,13 @@ matrix_jitsi_jibri_xmpp_password: ""
|
|||
```
|
||||
|
||||
|
||||
## (Optional) configure internal Jitsi authentication and guests mode
|
||||
## (Optional) Configure Jitsi authentication and guests mode
|
||||
|
||||
By default the Jitsi Meet instance does not require any kind of login and is open to use for anyone without registration.
|
||||
|
||||
If you're fine with such an open Jitsi instance, please skip to [Apply changes](#apply-changes).
|
||||
|
||||
If you would like to control who is allowed to open meetings on your new Jitsi instance, then please follow this step to enable Jitsi's `internal` authentication and guests mode. With this optional configuration, all meeting rooms have to be opened by at least one registered user, after that guests are free to join. If a registered host is not present yet, guests are put on hold into a waiting room.
|
||||
If you would like to control who is allowed to open meetings on your new Jitsi instance, then please follow this step to enable Jitsi's authentication and guests mode. With authentication enabled, all meeting rooms have to be opened by a registered user, after which guests are free to join. If a registered host is not yet present, guests are put on hold in individual waiting rooms.
|
||||
|
||||
Add these two lines to your `inventory/host_vars/matrix.DOMAIN/vars.yml` configuration:
|
||||
|
||||
|
@ -49,11 +49,28 @@ matrix_jitsi_enable_auth: true
|
|||
matrix_jitsi_enable_guests: true
|
||||
```
|
||||
|
||||
### (Optional) LDAP authentication
|
||||
|
||||
The default authentication mode of Jitsi is `internal`, however LDAP is also supported. An example LDAP configuration could be:
|
||||
|
||||
```yaml
|
||||
matrix_jitsi_enable_auth: true
|
||||
matrix_jitsi_auth_type: ldap
|
||||
matrix_jitsi_ldap_url: ldap://ldap.DOMAIN # or ldaps:// if using tls
|
||||
matrix_jitsi_ldap_base: "OU=People,DC=DOMAIN"
|
||||
matrix_jitsi_ldap_filter: "(&(uid=%u)(employeeType=active))"
|
||||
matrix_jitsi_ldap_use_tls: false
|
||||
matrix_jitsi_ldap_start_tls: true
|
||||
```
|
||||
|
||||
For more information refer to the [docker-jitsi-meet](https://github.com/jitsi/docker-jitsi-meet#authentication-using-ldap) and the [saslauthd `LDAP_SASLAUTHD`](https://github.com/winlibs/cyrus-sasl/blob/master/saslauthd/LDAP_SASLAUTHD) documentation.
|
||||
|
||||
|
||||
## (Optional) Making your Jitsi server work on a LAN
|
||||
|
||||
By default the Jitsi Meet instance does not work with a client in LAN (Local Area Network), even if others are connected from WAN. There are no video and audio. In the case of WAN to WAN everything is ok.
|
||||
|
||||
The reason is the Jitsi VideoBridge git to LAN client the IP address of the docker image instead of the host. The [documentation](https://github.com/jitsi/docker-jitsi-meet#running-behind-nat-or-on-a-lan-environment) of Jitsi in docker suggest to add DOCKER_HOST_ADDRESS in enviornment variable to make it work.
|
||||
The reason is the Jitsi VideoBridge git to LAN client the IP address of the docker image instead of the host. The [documentation](https://github.com/jitsi/docker-jitsi-meet#running-behind-nat-or-on-a-lan-environment) of Jitsi in docker suggest to add `DOCKER_HOST_ADDRESS` in enviornment variable to make it work.
|
||||
|
||||
Here is how to do it in the playbook.
|
||||
|
||||
|
@ -68,7 +85,7 @@ matrix_jitsi_jvb_container_extra_arguments:
|
|||
|
||||
Then re-run the playbook: `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start`
|
||||
|
||||
## Required if configuring Jitsi with its internal authentication: register new users
|
||||
## Required if configuring Jitsi with internal authentication: register new users
|
||||
|
||||
Until this gets integrated into the playbook, we need to register new users / meeting hosts for Jitsi manually.
|
||||
Please SSH into your matrix host machine and execute the following command targeting the `matrix-jitsi-prosody` container:
|
||||
|
@ -84,9 +101,15 @@ Run this command for each user you would like to create, replacing `<USERNAME>`
|
|||
|
||||
## Usage
|
||||
|
||||
You can use the self-hosted Jitsi server through Riot, through an Integration Manager like [Dimension](docs/configuring-playbook-dimension.md) or directly at `https://jitsi.DOMAIN`.
|
||||
You can use the self-hosted Jitsi server in multiple ways:
|
||||
|
||||
To use it via riot-web (the one configured by the playbook at `https://riot.DOMAIN`), just start a voice or a video call in a room containing more than 2 members and that would create a Jitsi widget which utilizes your self-hosted Jitsi server.
|
||||
- **by adding a widget to a room via riot-web** (the one configured by the playbook at `https://riot.DOMAIN`). Just start a voice or a video call in a room containing more than 2 members and that would create a Jitsi widget which utilizes your self-hosted Jitsi server.
|
||||
|
||||
- **by adding a widget to a room via the Dimension Integration Manager**. You'll have to point the widget to your own Jitsi server manually. See our [Dimension](./configuring-playbook-dimension.md) documentation page for more details. Naturally, Dimension would need to be installed first (the playbook doesn't install it by default).
|
||||
|
||||
- **directly (without any Matrix integration)**. Just go to `https://jitsi.DOMAIN`
|
||||
|
||||
**Note**: Riot apps on mobile devices currently [don't support joining meetings on a self-hosted Jitsi server](https://github.com/vector-im/riot-web/blob/601816862f7d84ac47547891bd53effa73d32957/docs/jitsi.md#mobile-app-support).
|
||||
|
||||
|
||||
## Troubleshooting
|
||||
|
|
|
@ -31,3 +31,12 @@ matrix_synapse_turn_uris:
|
|||
- turn:HOSTNAME_OR_IP?transport=udp
|
||||
- turn:HOSTNAME_OR_IP?transport=tcp
|
||||
```
|
||||
|
||||
If you have or want to enable [Jitsi](configuring-playbook-jitsi.md), you might want to enable the TURN server there too.
|
||||
If you do not do it, Jitsi will fall back to an upstream service.
|
||||
|
||||
```yaml
|
||||
matrix_jitsi_web_stun_servers:
|
||||
- stun:HOSTNAME_OR_IP:PORT
|
||||
```
|
||||
You can put multiple host/port combinations if you like.
|
||||
|
|
|
@ -104,7 +104,7 @@ server {
|
|||
</VirtualHost>
|
||||
```
|
||||
|
||||
**For Caddy**, it would be something like this:
|
||||
**For Caddy 2**, it would be something like this:
|
||||
|
||||
```caddy
|
||||
reverse_proxy /.well-known/matrix/* https://matrix.DOMAIN {
|
||||
|
@ -112,6 +112,14 @@ reverse_proxy /.well-known/matrix/* https://matrix.DOMAIN {
|
|||
}
|
||||
```
|
||||
|
||||
**For Caddy 1**, it would be something like this:
|
||||
|
||||
```caddy
|
||||
proxy /.well-known/matrix/ https://matrix.DOMAIN {
|
||||
header_upstream Host {http.reverse_proxy.upstream.hostport}
|
||||
}
|
||||
```
|
||||
|
||||
**For HAProxy**, it would be something like this:
|
||||
|
||||
```haproxy
|
||||
|
|
|
@ -5,4 +5,6 @@
|
|||
3. Copy directory `/matrix` from the old server to the new server. Make sure to preserve ownership and permissions (use `cp -p` or `rsync -ar`)!
|
||||
4. Make sure your DNS records are adjusted to point to the new server's IP address
|
||||
5. Remove old server from the `inventory/hosts` file and add new server.
|
||||
6. Run `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start`. This will create the matrix user and group and start all services on the new server
|
||||
6. Run `ansible-playbook -i inventory/hosts setup.yml --tags=setup-system-user`. This will create the `matrix` user and group on the new server
|
||||
7. Because the `matrix` user and group are created dynamically on each server, the user/group id may differ between the old and new server. We suggest that you adjust ownership of `/matrix` files manually by running this on the new server: `chown -R matrix:matrix /matrix`.
|
||||
8. Run `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start` to finish the installation and start all services
|
||||
|
|
|
@ -22,8 +22,7 @@ matrix_server_fqn_dimension: "dimension.{{ matrix_domain }}"
|
|||
matrix_server_fqn_jitsi: "jitsi.{{ matrix_domain }}"
|
||||
|
||||
matrix_user_username: "matrix"
|
||||
matrix_user_uid: 991
|
||||
matrix_user_gid: 991
|
||||
matrix_user_groupname: "matrix"
|
||||
|
||||
matrix_base_data_path: "/matrix"
|
||||
matrix_base_data_path_mode: "750"
|
||||
|
|
|
@ -2,6 +2,11 @@
|
|||
tags:
|
||||
- always
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/clean_up_old_files.yml"
|
||||
when: run_setup|bool
|
||||
tags:
|
||||
|
@ -12,6 +17,14 @@
|
|||
tags:
|
||||
- setup-all
|
||||
|
||||
# This needs to always run, because it populates `matrix_user_uid` and `matrix_user_gid`,
|
||||
# which are required by many other roles.
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_matrix_user.yml"
|
||||
when: run_setup|bool
|
||||
tags:
|
||||
- always
|
||||
- setup-system-user
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_matrix_base.yml"
|
||||
when: run_setup|bool
|
||||
tags:
|
||||
|
|
|
@ -1,25 +1,12 @@
|
|||
---
|
||||
|
||||
- name: Ensure Matrix group is created
|
||||
group:
|
||||
name: "{{ matrix_user_username }}"
|
||||
gid: "{{ matrix_user_gid }}"
|
||||
state: present
|
||||
|
||||
- name: Ensure Matrix user is created
|
||||
user:
|
||||
name: "{{ matrix_user_username }}"
|
||||
uid: "{{ matrix_user_uid }}"
|
||||
state: present
|
||||
group: "{{ matrix_user_username }}"
|
||||
|
||||
- name: Ensure Matrix base path exists
|
||||
file:
|
||||
path: "{{ item }}"
|
||||
state: directory
|
||||
mode: "{{ matrix_base_data_path_mode }}"
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- "{{ matrix_base_data_path }}"
|
||||
|
||||
|
@ -54,4 +41,3 @@
|
|||
src: "{{ role_path }}/templates/usr-local-bin/matrix-remove-all.j2"
|
||||
dest: "{{ matrix_local_bin_path }}/matrix-remove-all"
|
||||
mode: 0750
|
||||
|
||||
|
|
22
roles/matrix-base/tasks/setup_matrix_user.yml
Normal file
22
roles/matrix-base/tasks/setup_matrix_user.yml
Normal file
|
@ -0,0 +1,22 @@
|
|||
---
|
||||
|
||||
- name: Ensure Matrix group is created
|
||||
group:
|
||||
name: "{{ matrix_user_groupname }}"
|
||||
state: present
|
||||
register: matrix_group
|
||||
|
||||
- name: Set Matrix Group GID Variable
|
||||
set_fact:
|
||||
matrix_user_gid: "{{ matrix_group.gid }}"
|
||||
|
||||
- name: Ensure Matrix user is created
|
||||
user:
|
||||
name: "{{ matrix_user_username }}"
|
||||
state: present
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
register: matrix_user
|
||||
|
||||
- name: Set Matrix Group UID Variable
|
||||
set_fact:
|
||||
matrix_user_uid: "{{ matrix_user.uid }}"
|
|
@ -8,7 +8,7 @@
|
|||
state: directory
|
||||
mode: 0755
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- "{{ matrix_static_files_base_path }}/.well-known/matrix"
|
||||
|
||||
|
@ -18,7 +18,7 @@
|
|||
dest: "{{ matrix_static_files_base_path }}/.well-known/matrix/client"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure Matrix /.well-known/matrix/server file configured
|
||||
template:
|
||||
|
@ -26,7 +26,7 @@
|
|||
dest: "{{ matrix_static_files_base_path }}/.well-known/matrix/server"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
when: matrix_well_known_matrix_server_enabled|bool
|
||||
|
||||
- name: Ensure Matrix /.well-known/matrix/server file deleted
|
||||
|
|
11
roles/matrix-base/tasks/validate_config.yml
Normal file
11
roles/matrix-base/tasks/validate_config.yml
Normal file
|
@ -0,0 +1,11 @@
|
|||
---
|
||||
|
||||
- name: (Deprecation) Warn about unused user/group variables
|
||||
fail:
|
||||
msg: >
|
||||
The `{{ item }}` variable defined in your configuration is not used by this playbook anymore.
|
||||
User/group creation is now dynamic. You can remove these variables from your configuration, as they have no effect on anything.
|
||||
when: "item in vars"
|
||||
with_items:
|
||||
- 'matrix_user_uid'
|
||||
- 'matrix_user_gid'
|
|
@ -13,7 +13,7 @@
|
|||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- "{{ matrix_appservice_discord_base_path }}"
|
||||
- "{{ matrix_appservice_discord_config_path }}"
|
||||
|
@ -46,7 +46,7 @@
|
|||
dest: "{{ matrix_appservice_discord_config_path }}/config.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure AppService Discord registration.yaml installed
|
||||
copy:
|
||||
|
@ -54,7 +54,7 @@
|
|||
dest: "{{ matrix_appservice_discord_config_path }}/registration.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
# If `matrix_appservice_discord_client_id` hasn't changed, the same invite link would be generated.
|
||||
# We intentionally suppress Ansible changes.
|
||||
|
|
|
@ -13,7 +13,7 @@
|
|||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- "{{ matrix_appservice_irc_base_path }}"
|
||||
- "{{ matrix_appservice_irc_config_path }}"
|
||||
|
@ -50,7 +50,7 @@
|
|||
dest: "{{ matrix_appservice_irc_config_path }}/config.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Check if Appservice IRC passkey exists
|
||||
stat:
|
||||
|
@ -70,7 +70,7 @@
|
|||
path: "{{ matrix_appservice_irc_data_path }}/passkey.pem"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
# Ideally, we'd like to generate the final registration.yaml file by ourselves.
|
||||
#
|
||||
|
@ -134,7 +134,7 @@
|
|||
dest: "{{ matrix_appservice_irc_config_path }}/registration.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure matrix-appservice-irc.service installed
|
||||
template:
|
||||
|
|
|
@ -13,7 +13,7 @@
|
|||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- "{{ matrix_appservice_slack_base_path }}"
|
||||
- "{{ matrix_appservice_slack_config_path }}"
|
||||
|
@ -25,7 +25,7 @@
|
|||
dest: "{{ matrix_appservice_slack_config_path }}/config.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure appservice-slack registration.yaml installed
|
||||
copy:
|
||||
|
@ -33,7 +33,7 @@
|
|||
dest: "{{ matrix_appservice_slack_config_path }}/slack-registration.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure matrix-appservice-slack.service installed
|
||||
template:
|
||||
|
|
|
@ -13,7 +13,7 @@
|
|||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- "{{ matrix_appservice_webhooks_base_path }}"
|
||||
- "{{ matrix_appservice_webhooks_config_path }}"
|
||||
|
@ -25,7 +25,7 @@
|
|||
dest: "{{ matrix_appservice_webhooks_config_path }}/config.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure Matrix Appservice webhooks schema.yml template exists
|
||||
template:
|
||||
|
@ -33,7 +33,7 @@
|
|||
dest: "{{ matrix_appservice_webhooks_config_path }}/schema.yml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure Matrix Appservice webhooks database.json template exists
|
||||
template:
|
||||
|
@ -41,7 +41,7 @@
|
|||
dest: "{{ matrix_appservice_webhooks_data_path }}/database.json"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure appservice-webhooks registration.yaml installed
|
||||
copy:
|
||||
|
@ -49,7 +49,7 @@
|
|||
dest: "{{ matrix_appservice_webhooks_config_path }}/webhooks-registration.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure matrix-appservice-webhooks.service installed
|
||||
template:
|
||||
|
|
|
@ -22,7 +22,7 @@
|
|||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_mautrix_facebook_base_path }}", when: true }
|
||||
- { path: "{{ matrix_mautrix_facebook_config_path }}", when: true }
|
||||
|
@ -73,7 +73,7 @@
|
|||
dest: "{{ matrix_mautrix_facebook_config_path }}/config.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure mautrix-facebook registration.yaml installed
|
||||
copy:
|
||||
|
@ -81,7 +81,7 @@
|
|||
dest: "{{ matrix_mautrix_facebook_config_path }}/registration.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure matrix-mautrix-facebook.service installed
|
||||
template:
|
||||
|
|
|
@ -22,7 +22,7 @@
|
|||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_mautrix_hangouts_base_path }}", when: true }
|
||||
- { path: "{{ matrix_mautrix_hangouts_config_path }}", when: true }
|
||||
|
@ -72,7 +72,7 @@
|
|||
dest: "{{ matrix_mautrix_hangouts_config_path }}/config.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure mautrix-hangouts registration.yaml installed
|
||||
copy:
|
||||
|
@ -80,7 +80,7 @@
|
|||
dest: "{{ matrix_mautrix_hangouts_config_path }}/registration.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure matrix-mautrix-hangouts.service installed
|
||||
template:
|
||||
|
|
|
@ -21,7 +21,7 @@
|
|||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- "{{ matrix_mautrix_telegram_base_path }}"
|
||||
- "{{ matrix_mautrix_telegram_config_path }}"
|
||||
|
@ -50,7 +50,7 @@
|
|||
dest: "{{ matrix_mautrix_telegram_config_path }}/config.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure mautrix-telegram registration.yaml installed
|
||||
copy:
|
||||
|
@ -58,7 +58,7 @@
|
|||
dest: "{{ matrix_mautrix_telegram_config_path }}/registration.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure matrix-mautrix-telegram.service installed
|
||||
template:
|
||||
|
|
|
@ -21,7 +21,7 @@
|
|||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- "{{ matrix_mautrix_whatsapp_base_path }}"
|
||||
- "{{ matrix_mautrix_whatsapp_config_path }}"
|
||||
|
@ -59,7 +59,7 @@
|
|||
dest: "{{ matrix_mautrix_whatsapp_config_path }}/config.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure mautrix-whatsapp registration.yaml installed
|
||||
copy:
|
||||
|
@ -67,7 +67,7 @@
|
|||
dest: "{{ matrix_mautrix_whatsapp_config_path }}/registration.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure matrix-mautrix-whatsapp.service installed
|
||||
template:
|
||||
|
|
|
@ -22,7 +22,7 @@
|
|||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_mx_puppet_skype_base_path }}", when: true }
|
||||
- { path: "{{ matrix_mx_puppet_skype_config_path }}", when: true }
|
||||
|
@ -42,6 +42,7 @@
|
|||
docker_image:
|
||||
name: "{{ matrix_mx_puppet_skype_docker_image }}"
|
||||
source: build
|
||||
force_source: yes
|
||||
build:
|
||||
dockerfile: Dockerfile
|
||||
path: "{{ matrix_mx_puppet_skype_docker_src_files_path }}"
|
||||
|
@ -71,7 +72,7 @@
|
|||
dest: "{{ matrix_mx_puppet_skype_config_path }}/config.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure mx-puppet-skype skype-registration.yaml installed
|
||||
copy:
|
||||
|
@ -79,7 +80,7 @@
|
|||
dest: "{{ matrix_mx_puppet_skype_config_path }}/registration.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure matrix-mx-puppet-skype.service installed
|
||||
template:
|
||||
|
|
|
@ -22,7 +22,7 @@
|
|||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_mx_puppet_slack_base_path }}", when: true }
|
||||
- { path: "{{ matrix_mx_puppet_slack_config_path }}", when: true }
|
||||
|
@ -70,7 +70,7 @@
|
|||
dest: "{{ matrix_mx_puppet_slack_config_path }}/config.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure mx-puppet-slack slack-registration.yaml installed
|
||||
copy:
|
||||
|
@ -78,7 +78,7 @@
|
|||
dest: "{{ matrix_mx_puppet_slack_config_path }}/registration.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure matrix-mx-puppet-slack.service installed
|
||||
template:
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- "{{ matrix_corporal_config_dir_path }}"
|
||||
- "{{ matrix_corporal_cache_dir_path }}"
|
||||
|
@ -31,7 +31,7 @@
|
|||
dest: "{{ matrix_corporal_config_dir_path }}/config.json"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
when: matrix_corporal_enabled|bool
|
||||
|
||||
- name: Ensure matrix-corporal.service installed
|
||||
|
|
|
@ -2,7 +2,7 @@ matrix_coturn_enabled: true
|
|||
|
||||
matrix_coturn_container_image_self_build: false
|
||||
|
||||
matrix_coturn_docker_image: "instrumentisto/coturn:4.5.1.1"
|
||||
matrix_coturn_docker_image: "instrumentisto/coturn:4.5.1.2"
|
||||
matrix_coturn_docker_image_force_pull: "{{ matrix_coturn_docker_image.endswith(':latest') }}"
|
||||
|
||||
# The Docker network that Coturn would be put into.
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_coturn_docker_src_files_path }}", when: "{{ matrix_coturn_container_image_self_build }}"}
|
||||
when: matrix_riot_web_enabled|bool and item.when
|
||||
|
@ -47,7 +47,7 @@
|
|||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
when: matrix_coturn_enabled|bool
|
||||
|
||||
- name: Ensure turnserver.conf installed
|
||||
|
|
|
@ -9,6 +9,9 @@ Type=simple
|
|||
ExecStartPre=-/usr/bin/docker kill matrix-dimension
|
||||
ExecStartPre=-/usr/bin/docker rm matrix-dimension
|
||||
|
||||
# Fixup database ownership if it got changed somehow (during a server migration, etc.)
|
||||
ExecStartPre=-/usr/bin/chown {{ matrix_dimension_user_uid }}:{{ matrix_dimension_user_gid }} {{ matrix_dimension_base_path }}/dimension.db
|
||||
|
||||
ExecStart=/usr/bin/docker run --rm --name matrix-dimension \
|
||||
--log-driver=none \
|
||||
--user={{ matrix_dimension_user_uid }}:{{ matrix_dimension_user_gid }} \
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- "{{ matrix_email2matrix_base_path }}"
|
||||
- "{{ matrix_email2matrix_config_dir_path }}"
|
||||
|
@ -21,7 +21,7 @@
|
|||
src: "{{ role_path }}/templates/config.json.j2"
|
||||
dest: "{{ matrix_email2matrix_config_dir_path }}/config.json"
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
mode: 0640
|
||||
when: matrix_email2matrix_enabled|bool
|
||||
|
||||
|
|
|
@ -7,6 +7,28 @@ matrix_jitsi_enable_guests: false
|
|||
matrix_jitsi_enable_recording: true
|
||||
matrix_jitsi_enable_transcriptions: true
|
||||
|
||||
# Authentication type, must be one of internal, jwt or ldap. Currently only
|
||||
# internal and ldap are supported by this playbook.
|
||||
matrix_jitsi_auth_type: internal
|
||||
|
||||
# Configuration options for LDAP authentication. For details see upstream:
|
||||
# https://github.com/jitsi/docker-jitsi-meet#authentication-using-ldap.
|
||||
# Defaults are taken from:
|
||||
# https://github.com/jitsi/docker-jitsi-meet/blob/master/prosody/rootfs/defaults/saslauthd.conf
|
||||
matrix_jitsi_ldap_url: ""
|
||||
matrix_jitsi_ldap_base: ""
|
||||
matrix_jitsi_ldap_binddn: ""
|
||||
matrix_jitsi_ldap_bindpw: ""
|
||||
matrix_jitsi_ldap_filter: "uid=%u"
|
||||
matrix_jitsi_ldap_auth_method: "bind"
|
||||
matrix_jitsi_ldap_version: "3"
|
||||
matrix_jitsi_ldap_use_tls: false
|
||||
matrix_jitsi_ldap_tls_ciphers: ""
|
||||
matrix_jitsi_ldap_tls_check_peer: false
|
||||
matrix_jitsi_ldap_tls_cacert_file: "/etc/ssl/certs/ca-certificates.crt"
|
||||
matrix_jitsi_ldap_tls_cacert_dir: "/etc/ssl/certs"
|
||||
matrix_jitsi_ldap_start_tls: false
|
||||
|
||||
matrix_jitsi_timezone: UTC
|
||||
|
||||
matrix_jitsi_xmpp_domain: matrix-jitsi-web
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_jitsi_base_path }}", when: true }
|
||||
when: matrix_jitsi_enabled|bool and item.when
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
state: directory
|
||||
mode: 0777
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_jitsi_jicofo_base_path }}", when: true }
|
||||
- { path: "{{ matrix_jitsi_jicofo_config_path }}", when: true }
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
state: directory
|
||||
mode: 0777
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_jitsi_jvb_base_path }}", when: true }
|
||||
- { path: "{{ matrix_jitsi_jvb_config_path }}", when: true }
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
state: directory
|
||||
mode: 0777
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_jitsi_prosody_base_path }}", when: true }
|
||||
- { path: "{{ matrix_jitsi_prosody_config_path }}", when: true }
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
state: directory
|
||||
mode: 0777
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_jitsi_web_base_path }}", when: true }
|
||||
- { path: "{{ matrix_jitsi_web_config_path }}", when: true }
|
||||
|
|
|
@ -1,8 +1,22 @@
|
|||
AUTH_TYPE=internal
|
||||
AUTH_TYPE={{ matrix_jitsi_auth_type }}
|
||||
|
||||
ENABLE_AUTH={{ 1 if matrix_jitsi_enable_auth else 0 }}
|
||||
ENABLE_GUESTS={{ 1 if matrix_jitsi_enable_guests else 0 }}
|
||||
|
||||
LDAP_URL={{ matrix_jitsi_ldap_url }}
|
||||
LDAP_BASE={{ matrix_jitsi_ldap_base }}
|
||||
LDAP_BINDDN={{ matrix_jitsi_ldap_binddn }}
|
||||
LDAP_BINDPW={{ matrix_jitsi_ldap_bindpw }}
|
||||
LDAP_FILTER={{ matrix_jitsi_ldap_filter }}
|
||||
LDAP_AUTH_METHOD={{ matrix_jitsi_ldap_auth_method }}
|
||||
LDAP_VERSION={{ matrix_jitsi_ldap_version }}
|
||||
LDAP_USE_TLS={{ 1 if matrix_jitsi_ldap_use_tls else 0 }}
|
||||
LDAP_TLS_CIPHERS={{ matrix_jitsi_ldap_tls_ciphers }}
|
||||
LDAP_TLS_CHECK_PEER={{ 1 if matrix_jitsi_ldap_tls_check_peer else 0 }}
|
||||
LDAP_TLS_CACERT_FILE={{ matrix_jitsi_ldap_tls_cacert_file }}
|
||||
LDAP_TLS_CACERT_DIR={{ matrix_jitsi_ldap_tls_cacert_dir }}
|
||||
LDAP_START_TLS={{ 1 if matrix_jitsi_ldap_start_tls else 0 }}
|
||||
|
||||
XMPP_DOMAIN={{ matrix_jitsi_xmpp_domain }}
|
||||
XMPP_AUTH_DOMAIN={{ matrix_jitsi_xmpp_auth_domain }}
|
||||
XMPP_GUEST_DOMAIN={{ matrix_jitsi_xmpp_guest_domain }}
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_ma1sd_config_path }}", when: true }
|
||||
- { path: "{{ matrix_ma1sd_data_path }}", when: true }
|
||||
|
@ -69,7 +69,7 @@
|
|||
dest: "{{ matrix_ma1sd_config_path }}/ma1sd.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
when: matrix_ma1sd_enabled|bool
|
||||
|
||||
- name: Ensure custom templates are installed if any
|
||||
|
@ -78,7 +78,7 @@
|
|||
dest: "{{ matrix_ma1sd_data_path }}/{{ item.location }}"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- {value: "{{ matrix_ma1sd_threepid_medium_email_custom_invite_template }}", location: 'invite-template.eml'}
|
||||
- {value: "{{ matrix_ma1sd_threepid_medium_email_custom_session_validation_template }}", location: 'validate-template.eml'}
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
when: matrix_mailer_enabled|bool
|
||||
|
||||
- name: Ensure mailer environment variables file created
|
||||
|
|
|
@ -16,7 +16,7 @@
|
|||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- "{{ matrix_nginx_proxy_base_path }}"
|
||||
- "{{ matrix_nginx_proxy_data_path }}"
|
||||
|
@ -34,7 +34,7 @@
|
|||
src: "{{ role_path }}/templates/nginx/matrix-synapse-metrics-htpasswd.j2"
|
||||
dest: "{{ matrix_nginx_proxy_data_path }}/matrix-synapse-metrics-htpasswd"
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
mode: 0400
|
||||
when: "matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_enabled|bool and matrix_nginx_proxy_proxy_synapse_metrics|bool"
|
||||
|
||||
|
@ -79,7 +79,7 @@
|
|||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
when: matrix_nginx_proxy_base_domain_serving_enabled|bool
|
||||
|
||||
- name: Ensure Matrix nginx-proxy homepage for base domain exists
|
||||
|
@ -88,7 +88,7 @@
|
|||
dest: "{{ matrix_nginx_proxy_data_path }}/matrix-domain/index.html"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
when: matrix_nginx_proxy_base_domain_serving_enabled|bool and matrix_nginx_proxy_base_domain_homepage_enabled|bool
|
||||
|
||||
- name: Ensure Matrix nginx-proxy configuration for base domain exists
|
||||
|
|
|
@ -11,7 +11,7 @@
|
|||
state: directory
|
||||
mode: 0755
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- "{{ matrix_static_files_base_path }}/.well-known/matrix"
|
||||
|
||||
|
@ -21,4 +21,4 @@
|
|||
dest: "{{ matrix_static_files_base_path }}/.well-known/matrix"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
|
@ -14,7 +14,7 @@
|
|||
state: directory
|
||||
mode: 0770
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
recurse: true
|
||||
with_items:
|
||||
- "{{ matrix_ssl_log_dir_path }}"
|
||||
|
|
|
@ -17,7 +17,7 @@
|
|||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
when: "not matrix_ssl_certificate_cert_path_stat_result.stat.exists"
|
||||
|
||||
# The proper way to do this is by using a sequence of
|
||||
|
|
|
@ -50,7 +50,7 @@
|
|||
state: directory
|
||||
mode: 0700
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure matrix-postgres is started
|
||||
service:
|
||||
|
|
|
@ -46,7 +46,7 @@
|
|||
state: directory
|
||||
mode: 0700
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
when: "result_pg_old_data_dir_stat.stat.exists"
|
||||
|
||||
- block:
|
||||
|
|
|
@ -42,7 +42,7 @@
|
|||
force: true
|
||||
mode: 0550
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure matrix-postgres is started
|
||||
service:
|
||||
|
|
|
@ -38,7 +38,7 @@
|
|||
state: directory
|
||||
mode: 0700
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- "{{ matrix_postgres_base_path }}"
|
||||
- "{{ matrix_postgres_data_path }}"
|
||||
|
@ -52,7 +52,7 @@
|
|||
path: "{{ matrix_postgres_data_path }}"
|
||||
state: directory
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
recurse: yes
|
||||
when: matrix_postgres_enabled|bool
|
||||
|
||||
|
|
|
@ -2,7 +2,7 @@ matrix_riot_web_enabled: true
|
|||
|
||||
matrix_riot_web_container_image_self_build: false
|
||||
|
||||
matrix_riot_web_docker_image: "vectorim/riot-web:v1.5.15"
|
||||
matrix_riot_web_docker_image: "vectorim/riot-web:v1.6.0"
|
||||
matrix_riot_web_docker_image_force_pull: "{{ matrix_riot_web_docker_image.endswith(':latest') }}"
|
||||
|
||||
matrix_riot_web_data_path: "{{ matrix_base_data_path }}/riot-web"
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_riot_web_data_path }}", when: true }
|
||||
- { path: "{{ matrix_riot_web_docker_src_files_path }}", when: "{{ matrix_riot_web_container_image_self_build }}" }
|
||||
|
@ -48,7 +48,7 @@
|
|||
dest: "{{ matrix_riot_web_data_path }}/config.json"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
when: matrix_riot_web_enabled|bool
|
||||
|
||||
- name: Ensure Matrix riot-web config files installed
|
||||
|
@ -57,7 +57,7 @@
|
|||
dest: "{{ matrix_riot_web_data_path }}/{{ item.name }}"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- {src: "{{ role_path }}/templates/nginx.conf.j2", name: "nginx.conf"}
|
||||
- {src: "{{ role_path }}/templates/welcome.html.j2", name: "welcome.html"}
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
force: true
|
||||
mode: 0440
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- set_fact:
|
||||
matrix_synapse_password_providers_enabled: true
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
force: true
|
||||
mode: 0440
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- set_fact:
|
||||
matrix_synapse_password_providers_enabled: true
|
||||
|
|
|
@ -17,8 +17,8 @@
|
|||
path: "{{ matrix_synapse_media_store_path }}"
|
||||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_uid }}"
|
||||
group: "{{ matrix_user_gid }}"
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
when: "not local_path_matrix_synapse_media_store_path_stat.failed and not local_path_matrix_synapse_media_store_path_stat.stat.exists"
|
||||
|
||||
- name: Ensure goofys environment variables file created
|
||||
|
|
|
@ -66,7 +66,7 @@
|
|||
file:
|
||||
path: "{{ matrix_synapse_media_store_path }}"
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
recurse: yes
|
||||
when: "not matrix_s3_media_store_enabled|bool"
|
||||
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_synapse_config_dir_path }}", when: true }
|
||||
- { path: "{{ matrix_synapse_run_path }}", when: true }
|
||||
|
|
|
@ -15,7 +15,7 @@
|
|||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
when: "not local_path_media_store_stat.failed and not local_path_media_store_stat.stat.exists"
|
||||
|
||||
- name: Ensure Synapse repository is present on self-build
|
||||
|
@ -79,7 +79,7 @@
|
|||
dest: "{{ matrix_synapse_config_dir_path }}/homeserver.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure Synapse log config installed
|
||||
template:
|
||||
|
|
Loading…
Reference in a new issue