From d84b2868b72ca4faa4e840263bb87900d661e65a Mon Sep 17 00:00:00 2001 From: Christian Wolf Date: Sat, 28 Mar 2020 11:39:15 +0100 Subject: [PATCH 1/8] Added basic changes to make it compatible with Archlinux --- roles/matrix-base/tasks/sanity_check.yml | 7 +++++++ roles/matrix-base/tasks/server_base/setup.yml | 5 ++++- .../tasks/server_base/setup_archlinux.yml | 21 +++++++++++++++++++ roles/matrix-mxisd/tasks/setup_mxisd.yml | 8 +++++++ .../tasks/ssl/setup_ssl_self_signed.yml | 8 +++++++ .../synapse-simple-antispam/setup_install.yml | 8 +++++++ 6 files changed, 56 insertions(+), 1 deletion(-) create mode 100644 roles/matrix-base/tasks/server_base/setup_archlinux.yml diff --git a/roles/matrix-base/tasks/sanity_check.yml b/roles/matrix-base/tasks/sanity_check.yml index b2d8c249..b0e1c8b6 100644 --- a/roles/matrix-base/tasks/sanity_check.yml +++ b/roles/matrix-base/tasks/sanity_check.yml @@ -44,3 +44,10 @@ - "{{ matrix_server_fqn_matrix }}" - "{{ matrix_server_fqn_riot }}" when: "item != item|lower" + +- name: Fail if using python2 on Archlinux + fail: + msg: "Detected that you're using python2 when installing onto Archlinux. Archlinux by default only supports python3." + when: + - ansible_distribution == 'Archlinux' + - ansible_python.version.major != 3 diff --git a/roles/matrix-base/tasks/server_base/setup.yml b/roles/matrix-base/tasks/server_base/setup.yml index 70b2e4fc..73abbec2 100644 --- a/roles/matrix-base/tasks/server_base/setup.yml +++ b/roles/matrix-base/tasks/server_base/setup.yml @@ -9,6 +9,9 @@ - include_tasks: "{{ role_path }}/tasks/server_base/setup_raspbian.yml" when: (ansible_os_family == 'Debian') and (ansible_lsb.id == 'Raspbian') +- include_tasks: "{{ role_path }}/tasks/server_base/setup_archlinux.yml" + when: ansible_distribution == 'Archlinux' + - name: Ensure Docker is started and autoruns service: name: docker @@ -17,6 +20,6 @@ - name: Ensure ntpd is started and autoruns service: - name: "{{ 'ntpd' if ansible_os_family == 'RedHat' else 'ntp' }}" + name: "{{ 'ntpd' if ansible_os_family == 'RedHat' or ansible_distribution == 'Archlinux' else 'ntp' }}" state: started enabled: yes diff --git a/roles/matrix-base/tasks/server_base/setup_archlinux.yml b/roles/matrix-base/tasks/server_base/setup_archlinux.yml new file mode 100644 index 00000000..2edd2e71 --- /dev/null +++ b/roles/matrix-base/tasks/server_base/setup_archlinux.yml @@ -0,0 +1,21 @@ +--- + +- name: Install host dependencies + pacman: + name: + - bash-completion + - python-docker + - ntp + # TODO This needs to be verified. Which version do we need? + - fuse3 + - cronie + - python-dnspython + state: latest + update_cache: yes + +- name: Ensure Docker is installed + apt: + name: + - docker + state: latest + when: matrix_docker_installation_enabled|bool diff --git a/roles/matrix-mxisd/tasks/setup_mxisd.yml b/roles/matrix-mxisd/tasks/setup_mxisd.yml index cc7712bb..456bbf95 100644 --- a/roles/matrix-mxisd/tasks/setup_mxisd.yml +++ b/roles/matrix-mxisd/tasks/setup_mxisd.yml @@ -39,6 +39,14 @@ msg: "Installing gradle on CentOS is currently not supported, so self-building mxisd cannot happen at this time" when: ansible_distribution == 'CentOS' + - name: Ensure gradle is installed for self-building (Archlinux) + pacman: + name: + - gradle + state: latest + update_cache: yes + when: ansible_distribution == 'Archlinux' + - name: Ensure mxisd repository is present on self-build git: repo: https://github.com/kamax-matrix/mxisd.git diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml index 437c8f68..9d459969 100644 --- a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml +++ b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml @@ -16,6 +16,14 @@ update_cache: no when: "matrix_ssl_retrieval_method == 'self-signed' and ansible_os_family == 'Debian'" +- name: Ensure OpenSSL installed (Archlinux) + pacman: + name: + - openssl + state: latest + update_cache: no + when: "matrix_ssl_retrieval_method == 'self-signed' and ansible_distribution == 'Archlinux' + - name: Generate self-signed certificates include_tasks: "{{ role_path }}/tasks/ssl/setup_ssl_self_signed_obtain_for_domain.yml" with_items: "{{ matrix_ssl_domains_to_obtain_certificates_for }}" diff --git a/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml b/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml index 5c20d869..067aeb3c 100644 --- a/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml +++ b/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml @@ -21,6 +21,14 @@ update_cache: no when: "ansible_os_family == 'Debian'" +- name: Ensure git installed (Archlinux) + pacman + name: + - git + state: present + update_cache: no + when: "ansible_distribution == 'Archlinux'" + - name: Clone synapse-simple-antispam git repository git: repo: "{{ matrix_synapse_ext_spam_checker_synapse_simple_antispam_git_repository_url }}" From 2849f0b1b851e83283226698e8ba1b6d13173d75 Mon Sep 17 00:00:00 2001 From: Christian Wolf Date: Sat, 28 Mar 2020 11:39:35 +0100 Subject: [PATCH 2/8] Changed task titles to be consistent --- roles/matrix-mxisd/tasks/setup_mxisd.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-mxisd/tasks/setup_mxisd.yml b/roles/matrix-mxisd/tasks/setup_mxisd.yml index 456bbf95..0ad36301 100644 --- a/roles/matrix-mxisd/tasks/setup_mxisd.yml +++ b/roles/matrix-mxisd/tasks/setup_mxisd.yml @@ -26,7 +26,7 @@ when: matrix_mxisd_enabled|bool and not matrix_mxisd_container_image_self_build - block: - - name: Ensure gradle is installed for self-building + - name: Ensure gradle is installed for self-building (Debian) apt: name: - gradle @@ -34,7 +34,7 @@ update_cache: yes when: (ansible_os_family == 'Debian') - - name: Ensure gradle is installed for self-building + - name: Ensure gradle is installed for self-building (CentOS) fail: msg: "Installing gradle on CentOS is currently not supported, so self-building mxisd cannot happen at this time" when: ansible_distribution == 'CentOS' From 26bc66117daad960edf112fdf6b3e6b1ccee25ea Mon Sep 17 00:00:00 2001 From: Christian Wolf Date: Sat, 28 Mar 2020 11:42:41 +0100 Subject: [PATCH 3/8] Removed redunadant waiting --- roles/matrix-synapse/tasks/update_user_password.yml | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/roles/matrix-synapse/tasks/update_user_password.yml b/roles/matrix-synapse/tasks/update_user_password.yml index 5d63f8cb..b0187004 100644 --- a/roles/matrix-synapse/tasks/update_user_password.yml +++ b/roles/matrix-synapse/tasks/update_user_password.yml @@ -33,12 +33,7 @@ - name: Wait a while, so that Matrix Synapse can manage to start pause: seconds: 7 - when: "start_result.changed" - -- name: Wait a while, so that Matrix Postgres can manage to start - pause: - seconds: 7 - when: "postgres_start_result.changed" + when: "start_result.changed" or "postgres_start_result.changed" - name: Generate password hash shell: "/usr/bin/docker exec matrix-synapse /usr/local/bin/hash_password -c /data/homeserver.yaml -p {{ password }}" From 4bc73ff4bb0f69c87030e61b050be33b191444c8 Mon Sep 17 00:00:00 2001 From: Christian Wolf Date: Sat, 28 Mar 2020 11:57:32 +0100 Subject: [PATCH 4/8] Removed autoinstallation of cron due to documentation --- roles/matrix-base/tasks/server_base/setup_archlinux.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/roles/matrix-base/tasks/server_base/setup_archlinux.yml b/roles/matrix-base/tasks/server_base/setup_archlinux.yml index 2edd2e71..1d3cbd53 100644 --- a/roles/matrix-base/tasks/server_base/setup_archlinux.yml +++ b/roles/matrix-base/tasks/server_base/setup_archlinux.yml @@ -8,7 +8,6 @@ - ntp # TODO This needs to be verified. Which version do we need? - fuse3 - - cronie - python-dnspython state: latest update_cache: yes From 8c9b5ea6dd3191e349336230ed9c57f3a82e5a17 Mon Sep 17 00:00:00 2001 From: Christian Wolf Date: Sat, 28 Mar 2020 13:00:01 +0100 Subject: [PATCH 5/8] Removed a few syntax bugs in Archlinux configuration --- roles/matrix-base/tasks/server_base/setup_archlinux.yml | 2 +- roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml | 2 +- .../tasks/ext/synapse-simple-antispam/setup_install.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/matrix-base/tasks/server_base/setup_archlinux.yml b/roles/matrix-base/tasks/server_base/setup_archlinux.yml index 1d3cbd53..e68e4e99 100644 --- a/roles/matrix-base/tasks/server_base/setup_archlinux.yml +++ b/roles/matrix-base/tasks/server_base/setup_archlinux.yml @@ -13,7 +13,7 @@ update_cache: yes - name: Ensure Docker is installed - apt: + pacman: name: - docker state: latest diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml index 9d459969..8fa316da 100644 --- a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml +++ b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml @@ -22,7 +22,7 @@ - openssl state: latest update_cache: no - when: "matrix_ssl_retrieval_method == 'self-signed' and ansible_distribution == 'Archlinux' + when: "matrix_ssl_retrieval_method == 'self-signed' and ansible_distribution == 'Archlinux'" - name: Generate self-signed certificates include_tasks: "{{ role_path }}/tasks/ssl/setup_ssl_self_signed_obtain_for_domain.yml" diff --git a/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml b/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml index 067aeb3c..611325c0 100644 --- a/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml +++ b/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml @@ -22,7 +22,7 @@ when: "ansible_os_family == 'Debian'" - name: Ensure git installed (Archlinux) - pacman + pacman: name: - git state: present From 51c271905dee12673f46043df91340f2fd6cc6a4 Mon Sep 17 00:00:00 2001 From: Christian Wolf Date: Sat, 28 Mar 2020 13:00:56 +0100 Subject: [PATCH 6/8] Removed bug in enhanced waiting --- roles/matrix-synapse/tasks/update_user_password.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-synapse/tasks/update_user_password.yml b/roles/matrix-synapse/tasks/update_user_password.yml index b0187004..0d77f5dd 100644 --- a/roles/matrix-synapse/tasks/update_user_password.yml +++ b/roles/matrix-synapse/tasks/update_user_password.yml @@ -33,7 +33,7 @@ - name: Wait a while, so that Matrix Synapse can manage to start pause: seconds: 7 - when: "start_result.changed" or "postgres_start_result.changed" + when: "start_result.changed or postgres_start_result.changed" - name: Generate password hash shell: "/usr/bin/docker exec matrix-synapse /usr/local/bin/hash_password -c /data/homeserver.yaml -p {{ password }}" From 3f62ff11204f26a2087a7721a2c847c65b2dc559 Mon Sep 17 00:00:00 2001 From: Christian Wolf Date: Sat, 28 Mar 2020 17:33:35 +0100 Subject: [PATCH 7/8] Overcame bug in current systemd --- roles/matrix-common-after/tasks/start.yml | 30 ++++++++++++++++++++++- 1 file changed, 29 insertions(+), 1 deletion(-) diff --git a/roles/matrix-common-after/tasks/start.yml b/roles/matrix-common-after/tasks/start.yml index 6a531814..18d3a2c3 100644 --- a/roles/matrix-common-after/tasks/start.yml +++ b/roles/matrix-common-after/tasks/start.yml @@ -30,6 +30,7 @@ - name: Populate service facts service_facts: + when: ansible_distribution != 'Archlinux' - name: Fail if service isn't detected to be running fail: @@ -38,4 +39,31 @@ It's possible that there's a configuration problem or another service on your server interferes with it (uses the same ports, etc.). Try running `systemctl status {{ item }}` and `journalctl -fu {{ item }}` on the server to investigate. with_items: "{{ matrix_systemd_services_list }}" - when: "ansible_facts.services[item + '.service']|default(none) is none or ansible_facts.services[item + '.service'].state != 'running'" + when: + - "ansible_facts.services[item + '.service']|default(none) is none or ansible_facts.services[item + '.service'].state != 'running'" + - ansible_distribution != 'Archlinux' + +# Currently there is a bug in ansible that renders is incompatible with systemd. +# service_facts is not collecting the data successfully. +# Therefore iterating here manually +- name: Fetch systemd information + systemd: + name: "{{ item }}" + register: systemdstatus + with_items: "{{ matrix_systemd_services_list }}" + when: + - ansible_distribution == 'Archlinux' + +- name: Fail if service isn't detected to be running + fail: + msg: >- + {{ item.item }} was not detected to be running. + It's possible that there's a configuration problem or another service on your server interferes with it (uses the same ports, etc.). + Try running `systemctl status {{ item.item }}` and `journalctl -fu {{ item.item }}` on the server to investigate. + with_items: "{{ systemdstatus.results }}" + loop_control: + label: "{{ item.name }}" + when: + #- "ansible_facts.services[item + '.service']|default(none) is none or ansible_facts.services[item + '.service'].state != 'running'" + - "item.status['ActiveState'] != 'active'" + - "ansible_distribution == 'Archlinux'" From 1b87dbf54b8a2f304c9a2342209b7306df2221dc Mon Sep 17 00:00:00 2001 From: Christian Wolf Date: Sat, 28 Mar 2020 17:33:51 +0100 Subject: [PATCH 8/8] Added documentation to README file --- docs/prerequisites.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/prerequisites.md b/docs/prerequisites.md index e72b3496..3427c8a3 100644 --- a/docs/prerequisites.md +++ b/docs/prerequisites.md @@ -1,6 +1,6 @@ # Prerequisites -- An x86 server running **CentOS** (7 only for now; [8 is not yet supported](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/300)), **Debian** (9/Stretch+) or **Ubuntu** (16.04+). This playbook doesn't support running on ARM ([see](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/299)), however a minimal subset of the tools can be built on the host, which may result in a working configuration, even on a Raspberry pi (see [Self-Building](self-building.md)). We only strive to support released stable versions of distributions, not betas or pre-releases. This playbook can take over your whole server or co-exist with other services that you have there. +- An x86 server running **CentOS** (7 only for now; [8 is not yet supported](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/300)), **Debian** (9/Stretch+), **Ubuntu** (16.04+), or **Archlinux**. This playbook doesn't support running on ARM ([see](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/299)), however a minimal subset of the tools can be built on the host, which may result in a working configuration, even on a Raspberry pi (see [Self-Building](self-building.md)). We only strive to support released stable versions of distributions, not betas or pre-releases. This playbook can take over your whole server or co-exist with other services that you have there. - `root` access to your server (or a user capable of elevating to `root` via `sudo`).