From bb816df557c5040fbc59a7935e407df1df677e89 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 14 May 2019 23:47:22 +0900 Subject: [PATCH] Move mautrix telegram and whatsapp into separate roles The goal is to move each bridge into its own separate role. This commit starts off the work on this with 2 bridges: - mautrix-telegram - mautrix-whatsapp Each bridge's role (including these 2) is meant to: - depend only on the matrix-base role - integrate nicely with the matrix-synapse role (if available) - integrate nicely with the matrix-nginx-proxy role (if available and if required). mautrix-telegram bridge benefits from integrating with it. - not break if matrix-synapse or matrix-nginx-proxy are not used at all This has been provoked by #174 (Github Issue). --- group_vars/matrix-servers | 37 +++++++++++++ .../defaults/main.yml | 34 ++++++++++++ .../tasks}/init.yml | 2 +- .../tasks/main.yml | 21 ++++++++ .../tasks/setup-install.yml} | 52 ++++++++----------- .../tasks/setup-uninstall.yml | 6 +++ .../tasks/validate_config.yml | 11 ++++ .../templates}/config.yaml.j2 | 10 ++-- .../matrix-mautrix-telegram.service.j2 | 16 ++++-- .../defaults/main.yml | 21 ++++++++ .../tasks}/init.yml | 2 +- .../tasks/main.yml | 15 ++++++ .../tasks/setup-install.yml} | 44 ++++++---------- .../tasks/setup-uninstall.yml | 6 +++ .../templates}/config.yaml.j2 | 8 +-- .../matrix-mautrix-whatsapp.service.j2 | 16 ++++-- roles/matrix-corporal/tasks/init.yml | 2 +- roles/matrix-synapse/defaults/main.yml | 30 ++--------- roles/matrix-synapse/tasks/ext/init.yml | 4 -- roles/matrix-synapse/tasks/ext/setup.yml | 4 -- roles/matrix-synapse/tasks/main.yml | 8 ++- roles/matrix-synapse/vars/main.yml | 3 ++ setup.yml | 2 + 23 files changed, 242 insertions(+), 112 deletions(-) create mode 100644 roles/matrix-bridge-mautrix-telegram/defaults/main.yml rename roles/{matrix-synapse/tasks/ext/mautrix-telegram => matrix-bridge-mautrix-telegram/tasks}/init.yml (72%) create mode 100644 roles/matrix-bridge-mautrix-telegram/tasks/main.yml rename roles/{matrix-synapse/tasks/ext/mautrix-telegram/setup.yml => matrix-bridge-mautrix-telegram/tasks/setup-install.yml} (74%) create mode 100644 roles/matrix-bridge-mautrix-telegram/tasks/setup-uninstall.yml create mode 100644 roles/matrix-bridge-mautrix-telegram/tasks/validate_config.yml rename roles/{matrix-synapse/templates/ext/mautrix-telegram => matrix-bridge-mautrix-telegram/templates}/config.yaml.j2 (97%) rename roles/{matrix-synapse/templates/ext/mautrix-telegram => matrix-bridge-mautrix-telegram/templates}/systemd/matrix-mautrix-telegram.service.j2 (78%) create mode 100644 roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml rename roles/{matrix-synapse/tasks/ext/mautrix-whatsapp => matrix-bridge-mautrix-whatsapp/tasks}/init.yml (72%) create mode 100644 roles/matrix-bridge-mautrix-whatsapp/tasks/main.yml rename roles/{matrix-synapse/tasks/ext/mautrix-whatsapp/setup.yml => matrix-bridge-mautrix-whatsapp/tasks/setup-install.yml} (63%) create mode 100644 roles/matrix-bridge-mautrix-whatsapp/tasks/setup-uninstall.yml rename roles/{matrix-synapse/templates/ext/mautrix-whatsapp => matrix-bridge-mautrix-whatsapp/templates}/config.yaml.j2 (93%) rename roles/{matrix-synapse/templates/ext/mautrix-whatsapp => matrix-bridge-mautrix-whatsapp/templates}/systemd/matrix-mautrix-whatsapp.service.j2 (68%) diff --git a/group_vars/matrix-servers b/group_vars/matrix-servers index 44318970..41cd2e02 100755 --- a/group_vars/matrix-servers +++ b/group_vars/matrix-servers @@ -48,6 +48,43 @@ matrix_identity_server_url: "{{ 'https://' + matrix_synapse_trusted_third_party_ ###################################################################### +###################################################################### +# +# matrix-bridge-mautrix-telegram +# +###################################################################### + +# We don't enable bridges by default. +matrix_mautrix_telegram_enabled: false + +matrix_mautrix_telegram_systemd_required_services_list: ['docker.service', 'matrix-synapse.service'] + +matrix_mautrix_telegram_public_endpoint: "/{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'telegram') | to_uuid }}" + +###################################################################### +# +# /matrix-bridge-mautrix-telegram +# +###################################################################### + + +###################################################################### +# +# matrix-bridge-mautrix-whatsapp +# +###################################################################### + +# We don't enable bridges by default. +matrix_mautrix_whatsapp_enabled: false + +matrix_mautrix_whatsapp_systemd_required_services_list: ['docker.service', 'matrix-synapse.service'] + +###################################################################### +# +# /matrix-bridge-mautrix-whatsapp +# +###################################################################### + ###################################################################### # diff --git a/roles/matrix-bridge-mautrix-telegram/defaults/main.yml b/roles/matrix-bridge-mautrix-telegram/defaults/main.yml new file mode 100644 index 00000000..ad6d49a5 --- /dev/null +++ b/roles/matrix-bridge-mautrix-telegram/defaults/main.yml @@ -0,0 +1,34 @@ +# mautrix-telegram is a Matrix <-> Telegram bridge +# See: https://github.com/tulir/mautrix-telegram + +matrix_mautrix_telegram_enabled: true + +matrix_mautrix_telegram_docker_image: "tulir/mautrix-telegram:v0.5.1" + +matrix_mautrix_telegram_base_path: "{{ matrix_base_data_path }}/mautrix-telegram" + +# Get your own API keys at https://my.telegram.org/apps +matrix_mautrix_telegram_api_id: '' +matrix_mautrix_telegram_api_hash: '' + +# Mautrix telegram public endpoint to log in to telegram +# Use an uuid so it's not easily discoverable. +# Example: /741a0483-ba17-4682-9900-30bd7269f1cc +matrix_mautrix_telegram_public_endpoint: '' + +matrix_mautrix_telegram_homeserver_address: 'https://{{ matrix_server_fqn_matrix }}' +matrix_mautrix_telegram_homeserver_domain: '{{ matrix_domain }}' +matrix_mautrix_telegram_appservice_address: 'http://matrix-mautrix-telegram:8080' +matrix_mautrix_telegram_appservice_public_external: 'https://{{ matrix_server_fqn_matrix }}{{ matrix_mautrix_telegram_public_endpoint }}' + +# Set this to a port number to expose on the host when not using matrix-nginx-proxy +matrix_mautrix_telegram_container_exposed_port_number: ~ + +# A list of extra arguments to pass to the container +matrix_mautrix_telegram_container_extra_arguments: [] + +# List of systemd services that matrix-mautrix-telegram.service depends on. +matrix_mautrix_telegram_systemd_required_services_list: ['docker.service'] + +# List of systemd services that matrix-mautrix-telegram.service wants +matrix_mautrix_telegram_systemd_wanted_services_list: [] diff --git a/roles/matrix-synapse/tasks/ext/mautrix-telegram/init.yml b/roles/matrix-bridge-mautrix-telegram/tasks/init.yml similarity index 72% rename from roles/matrix-synapse/tasks/ext/mautrix-telegram/init.yml rename to roles/matrix-bridge-mautrix-telegram/tasks/init.yml index 566d7321..f9956d3d 100644 --- a/roles/matrix-synapse/tasks/ext/mautrix-telegram/init.yml +++ b/roles/matrix-bridge-mautrix-telegram/tasks/init.yml @@ -1,3 +1,3 @@ - set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-telegram'] }}" - when: matrix_mautrix_telegram_enabled \ No newline at end of file + when: "matrix_mautrix_telegram_enabled" diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/main.yml b/roles/matrix-bridge-mautrix-telegram/tasks/main.yml new file mode 100644 index 00000000..c16c03f5 --- /dev/null +++ b/roles/matrix-bridge-mautrix-telegram/tasks/main.yml @@ -0,0 +1,21 @@ +- import_tasks: "{{ role_path }}/tasks/init.yml" + tags: + - always + +- import_tasks: "{{ role_path }}/tasks/validate_config.yml" + when: "run_setup and matrix_mautrix_telegram_enabled" + tags: + - setup-all + - setup-mautrix-telegram + +- import_tasks: "{{ role_path }}/tasks/setup-install.yml" + when: "run_setup and matrix_mautrix_telegram_enabled" + tags: + - setup-all + - setup-mautrix-telegram + +- import_tasks: "{{ role_path }}/tasks/setup-uninstall.yml" + when: "run_setup and not matrix_mautrix_telegram_enabled" + tags: + - setup-all + - setup-mautrix-telegram diff --git a/roles/matrix-synapse/tasks/ext/mautrix-telegram/setup.yml b/roles/matrix-bridge-mautrix-telegram/tasks/setup-install.yml similarity index 74% rename from roles/matrix-synapse/tasks/ext/mautrix-telegram/setup.yml rename to roles/matrix-bridge-mautrix-telegram/tasks/setup-install.yml index 02487ddb..920ff54f 100644 --- a/roles/matrix-synapse/tasks/ext/mautrix-telegram/setup.yml +++ b/roles/matrix-bridge-mautrix-telegram/tasks/setup-install.yml @@ -1,33 +1,38 @@ --- +# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist. +# We don't want to fail in such cases. +- name: Fail if matrix-synapse role already executed + fail: + msg: >- + The matrix-bridge-mautrix-telegram role needs to execute before the matrix-synapse role. + when: "matrix_synapse_role_executed|default(False)" + - name: Ensure Mautrix Telegram image is pulled docker_image: name: "{{ matrix_mautrix_telegram_docker_image }}" - when: "matrix_mautrix_telegram_enabled" -- name: Ensure Mautrix Telegram configuration path exists +- name: Ensure Mautrix Telegram base directory exists file: path: "{{ matrix_mautrix_telegram_base_path }}" state: directory mode: 0750 owner: "{{ matrix_user_username }}" group: "{{ matrix_user_username }}" - when: "matrix_mautrix_telegram_enabled" - name: Check if a mautrix-telegram configuration file exists stat: path: "{{ matrix_mautrix_telegram_base_path }}/config.yaml" register: mautrix_telegram_config_file_stat - when: "matrix_mautrix_telegram_enabled" - name: Ensure Matrix Mautrix telegram config installed template: - src: "{{ role_path }}/templates/ext/mautrix-telegram/config.yaml.j2" + src: "{{ role_path }}/templates/config.yaml.j2" dest: "{{ matrix_mautrix_telegram_base_path }}/config.yaml" mode: 0644 owner: "{{ matrix_user_username }}" group: "{{ matrix_user_username }}" - when: "matrix_mautrix_telegram_enabled and not mautrix_telegram_config_file_stat.stat.exists" + when: "not mautrix_telegram_config_file_stat.stat.exists" - name: (Migration) Fix up old configuration lineinfile: @@ -38,26 +43,24 @@ with_items: - {'regexp': '^(\s+)filename: \./mautrix-telegram.log', 'line': '\1filename: /data/mautrix-telegram.log'} - {'regexp': '^(\s+)database:', 'line': '\1database: sqlite:////data/mautrix-telegram.db'} - when: "matrix_mautrix_telegram_enabled and mautrix_telegram_config_file_stat.stat.exists" + when: "mautrix_telegram_config_file_stat.stat.exists" - name: Ensure matrix-mautrix-telegram.service installed template: - src: "{{ role_path }}/templates/ext/mautrix-telegram/systemd/matrix-mautrix-telegram.service.j2" + src: "{{ role_path }}/templates/systemd/matrix-mautrix-telegram.service.j2" dest: "/etc/systemd/system/matrix-mautrix-telegram.service" mode: 0644 register: matrix_mautrix_telegram_systemd_service_result - when: "matrix_mautrix_telegram_enabled" - name: Ensure systemd reloaded after matrix-mautrix-telegram.service installation service: daemon_reload: yes - when: "matrix_mautrix_telegram_enabled and matrix_mautrix_telegram_systemd_service_result.changed" + when: "matrix_mautrix_telegram_systemd_service_result.changed" - name: Check if a mautrix-telegram registration file exists stat: path: "{{ matrix_mautrix_telegram_base_path }}/registration.yaml" register: mautrix_telegram_registration_file_stat - when: "matrix_mautrix_telegram_enabled" - name: Generate matrix-mautrix-telegram registration.yaml if it doesn't exist shell: @@ -70,25 +73,22 @@ -v {{ matrix_mautrix_telegram_base_path }}:/data:z {{ matrix_mautrix_telegram_docker_image }} python3 -m mautrix_telegram -g -c /data/config.yaml -r /data/registration.yaml - when: "matrix_mautrix_telegram_enabled and not mautrix_telegram_registration_file_stat.stat.exists" + when: "not mautrix_telegram_registration_file_stat.stat.exists" - set_fact: matrix_synapse_app_service_config_file_mautrix_telegram: '/app-registration/mautrix-telegram.yml' - when: "matrix_mautrix_telegram_enabled" +# If the matrix-synapse role is not used, these variables may not exist. - set_fact: matrix_synapse_container_additional_volumes: > - {{ matrix_synapse_container_additional_volumes }} + {{ matrix_synapse_container_additional_volumes|default([]) }} + {{ [{'src': '{{ matrix_mautrix_telegram_base_path }}/registration.yaml', 'dst': '{{ matrix_synapse_app_service_config_file_mautrix_telegram }}', 'options': 'ro'}] }} - when: "matrix_mautrix_telegram_enabled" -- set_fact: matrix_synapse_app_service_config_files: > - {{ matrix_synapse_app_service_config_files }} + {{ matrix_synapse_app_service_config_files|default([]) }} + {{ ["{{ matrix_synapse_app_service_config_file_mautrix_telegram }}"] | to_nice_json }} - when: "matrix_mautrix_telegram_enabled" - block: - name: Fail if matrix-nginx-proxy role already executed @@ -97,7 +97,7 @@ Trying to append Mautrix Telegram's reverse-proxying configuration to matrix-nginx-proxy, but it's pointless since the matrix-nginx-proxy role had already executed. To fix this, please change the order of roles in your plabook, - so that the matrix-nginx-proxy role would run after the matrix-synapse role. + so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-telegram role. when: "matrix_nginx_proxy_role_executed" - name: Generate Mautrix Telegram proxying configuration for matrix-nginx-proxy @@ -124,7 +124,7 @@ [matrix_mautrix_telegram_matrix_nginx_proxy_configuration] }} - when: "matrix_mautrix_telegram_enabled and matrix_nginx_proxy_enabled|default(False)" + when: "matrix_nginx_proxy_enabled|default(False)" tags: - always @@ -135,14 +135,4 @@ reverse proxy. Please make sure that you're proxying the `{{ matrix_mautrix_telegram_public_endpoint }}` URL endpoint to the matrix-mautrix-telegram container. - when: "matrix_mautrix_telegram_enabled and matrix_nginx_proxy_enabled is not defined" - -# -# Tasks related to getting rid of matrix-mautrix-telegram (if it was previously enabled) -# - -- name: Ensure matrix-mautrix-telegram.service doesn't exist - file: - path: "/etc/systemd/system/matrix-mautrix-telegram.service" - state: absent - when: "not matrix_mautrix_telegram_enabled" + when: "matrix_nginx_proxy_enabled is not defined" diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/setup-uninstall.yml b/roles/matrix-bridge-mautrix-telegram/tasks/setup-uninstall.yml new file mode 100644 index 00000000..4ee46afc --- /dev/null +++ b/roles/matrix-bridge-mautrix-telegram/tasks/setup-uninstall.yml @@ -0,0 +1,6 @@ +--- + +- name: Ensure matrix-mautrix-telegram.service doesn't exist + file: + path: "/etc/systemd/system/matrix-mautrix-telegram.service" + state: absent diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/validate_config.yml b/roles/matrix-bridge-mautrix-telegram/tasks/validate_config.yml new file mode 100644 index 00000000..fac59c9f --- /dev/null +++ b/roles/matrix-bridge-mautrix-telegram/tasks/validate_config.yml @@ -0,0 +1,11 @@ +--- + +- name: Fail if required settings not defined + fail: + msg: >- + You need to define a required configuration setting (`{{ item }}`). + when: "vars[item] == ''" + with_items: + - "matrix_mautrix_telegram_api_id" + - "matrix_mautrix_telegram_api_hash" + - "matrix_mautrix_telegram_public_endpoint" diff --git a/roles/matrix-synapse/templates/ext/mautrix-telegram/config.yaml.j2 b/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 similarity index 97% rename from roles/matrix-synapse/templates/ext/mautrix-telegram/config.yaml.j2 rename to roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 index 3fb7796a..b2854646 100644 --- a/roles/matrix-synapse/templates/ext/mautrix-telegram/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 @@ -2,9 +2,9 @@ # Homeserver details homeserver: # The address that this appservice can use to connect to the homeserver. - address: https://{{ matrix_server_fqn_matrix }} + address: {{ matrix_mautrix_telegram_homeserver_address }} # The domain of the homeserver (for MXIDs, etc). - domain: {{ matrix_domain }} + domain: {{ matrix_mautrix_telegram_homeserver_domain }} # Whether or not to verify the SSL certificate of the homeserver. # Only applies if address starts with https:// verify_ssl: true @@ -13,7 +13,7 @@ homeserver: # Changing these values requires regeneration of the registration. appservice: # The address that the homeserver can use to connect to this appservice. - address: http://matrix-mautrix-telegram:8080 + address: {{ matrix_mautrix_telegram_appservice_address }} # The hostname and port where this appservice should listen. hostname: 0.0.0.0 @@ -39,7 +39,7 @@ appservice: prefix: {{ matrix_mautrix_telegram_public_endpoint }} # The base URL where the public-facing endpoints are available. The prefix is not added # implicitly. - external: https://{{ matrix_server_fqn_matrix }}{{ matrix_mautrix_telegram_public_endpoint }} + external: {{ matrix_mautrix_telegram_appservice_public_external }} # Provisioning API part of the web server for automated portal creation and fetching information. # Used by things like Dimension (https://dimension.t2bot.io/). @@ -207,7 +207,7 @@ bridge: # domain - All users on that homeserver # mxid - Specific user permissions: - '{{ matrix_domain }}': full + '{{ matrix_mautrix_telegram_homeserver_domain }}': full # Options related to the message relay Telegram bot. relaybot: diff --git a/roles/matrix-synapse/templates/ext/mautrix-telegram/systemd/matrix-mautrix-telegram.service.j2 b/roles/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 similarity index 78% rename from roles/matrix-synapse/templates/ext/mautrix-telegram/systemd/matrix-mautrix-telegram.service.j2 rename to roles/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 index 8b162f8c..846dde7e 100644 --- a/roles/matrix-synapse/templates/ext/mautrix-telegram/systemd/matrix-mautrix-telegram.service.j2 +++ b/roles/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 @@ -1,10 +1,13 @@ #jinja2: lstrip_blocks: "True" [Unit] Description=Matrix Mautrix Telegram server -After=docker.service -Requires=docker.service -Requires=matrix-synapse.service -After=matrix-synapse.service +{% for service in matrix_mautrix_telegram_systemd_required_services_list %} +Requires={{ service }} +After={{ service }} +{% endfor %} +{% for service in matrix_mautrix_telegram_systemd_wanted_services_list %} +Wants={{ service }} +{% endfor %} [Service] Type=simple @@ -17,6 +20,7 @@ ExecStartPre=/usr/bin/docker run --rm --name matrix-mautrix-telegram-db \ -v {{ matrix_mautrix_telegram_base_path }}:/data:z \ {{ matrix_mautrix_telegram_docker_image }} \ alembic -x config=/data/config.yaml upgrade head + ExecStart=/usr/bin/docker run --rm --name matrix-mautrix-telegram \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ @@ -26,8 +30,12 @@ ExecStart=/usr/bin/docker run --rm --name matrix-mautrix-telegram \ -p 127.0.0.1:{{ matrix_mautrix_telegram_container_exposed_port_number }}:8080 \ {% endif %} -v {{ matrix_mautrix_telegram_base_path }}:/data:z \ + {% for arg in matrix_mautrix_telegram_container_extra_arguments %} + {{ arg }} \ + {% endfor %} {{ matrix_mautrix_telegram_docker_image }} \ python3 -m mautrix_telegram -c /data/config.yaml + ExecStop=-/usr/bin/docker kill matrix-mautrix-telegram ExecStop=-/usr/bin/docker rm matrix-mautrix-telegram Restart=always diff --git a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml new file mode 100644 index 00000000..32375b87 --- /dev/null +++ b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml @@ -0,0 +1,21 @@ +# mautrix-whatsapp is a Matrix <-> Whatsapp bridge +# See: https://github.com/tulir/mautrix-whatsapp + +matrix_mautrix_whatsapp_enabled: true + +matrix_mautrix_whatsapp_docker_image: "tulir/mautrix-whatsapp:latest" + +matrix_mautrix_whatsapp_base_path: "{{ matrix_base_data_path }}/mautrix-whatsapp" + +matrix_mautrix_whatsapp_homeserver_address: "https://{{ matrix_server_fqn_matrix }}" +matrix_mautrix_whatsapp_homeserver_domain: "{{ matrix_domain }}" +matrix_mautrix_whatsapp_appservice_address: "http://matrix-mautrix-whatsapp:8080" + +# A list of extra arguments to pass to the container +matrix_mautrix_whatsapp_container_extra_arguments: [] + +# List of systemd services that matrix-mautrix-whatsapp.service depends on. +matrix_mautrix_whatsapp_systemd_required_services_list: ['docker.service'] + +# List of systemd services that matrix-mautrix-whatsapp.service wants +matrix_mautrix_whatsapp_systemd_wanted_services_list: [] diff --git a/roles/matrix-synapse/tasks/ext/mautrix-whatsapp/init.yml b/roles/matrix-bridge-mautrix-whatsapp/tasks/init.yml similarity index 72% rename from roles/matrix-synapse/tasks/ext/mautrix-whatsapp/init.yml rename to roles/matrix-bridge-mautrix-whatsapp/tasks/init.yml index fdc0d1b9..c1e62d87 100644 --- a/roles/matrix-synapse/tasks/ext/mautrix-whatsapp/init.yml +++ b/roles/matrix-bridge-mautrix-whatsapp/tasks/init.yml @@ -1,3 +1,3 @@ - set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-whatsapp'] }}" - when: matrix_mautrix_whatsapp_enabled \ No newline at end of file + when: "matrix_mautrix_whatsapp_enabled" diff --git a/roles/matrix-bridge-mautrix-whatsapp/tasks/main.yml b/roles/matrix-bridge-mautrix-whatsapp/tasks/main.yml new file mode 100644 index 00000000..1f40d8c0 --- /dev/null +++ b/roles/matrix-bridge-mautrix-whatsapp/tasks/main.yml @@ -0,0 +1,15 @@ +- import_tasks: "{{ role_path }}/tasks/init.yml" + tags: + - always + +- import_tasks: "{{ role_path }}/tasks/setup-install.yml" + when: "run_setup and matrix_mautrix_whatsapp_enabled" + tags: + - setup-all + - setup-mautrix-whatsapp + +- import_tasks: "{{ role_path }}/tasks/setup-uninstall.yml" + when: "run_setup and not matrix_mautrix_whatsapp_enabled" + tags: + - setup-all + - setup-mautrix-whatsapp diff --git a/roles/matrix-synapse/tasks/ext/mautrix-whatsapp/setup.yml b/roles/matrix-bridge-mautrix-whatsapp/tasks/setup-install.yml similarity index 63% rename from roles/matrix-synapse/tasks/ext/mautrix-whatsapp/setup.yml rename to roles/matrix-bridge-mautrix-whatsapp/tasks/setup-install.yml index 065ca673..03bc8308 100644 --- a/roles/matrix-synapse/tasks/ext/mautrix-whatsapp/setup.yml +++ b/roles/matrix-bridge-mautrix-whatsapp/tasks/setup-install.yml @@ -1,52 +1,55 @@ --- +# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist. +# We don't want to fail in such cases. +- name: Fail if matrix-synapse role already executed + fail: + msg: >- + The matrix-bridge-mautrix-whatsapp role needs to execute before the matrix-synapse role. + when: "matrix_synapse_role_executed|default(False)" + - name: Ensure Mautrix Whatsapp image is pulled docker_image: name: "{{ matrix_mautrix_whatsapp_docker_image }}" - when: "matrix_mautrix_whatsapp_enabled" -- name: Ensure Mautrix Whatsapp configuration path exists +- name: Ensure Mautrix Whatsapp base directory exists file: path: "{{ matrix_mautrix_whatsapp_base_path }}" state: directory mode: 0750 owner: "{{ matrix_user_username }}" group: "{{ matrix_user_username }}" - when: "matrix_mautrix_whatsapp_enabled" - name: Check if a mautrix-whatsapp configuration file exists stat: path: "{{ matrix_mautrix_whatsapp_base_path }}/config.yaml" register: mautrix_whatsapp_config_file_stat - when: "matrix_mautrix_whatsapp_enabled" - name: Ensure Matrix Mautrix whatsapp config installed template: - src: "{{ role_path }}/templates/ext/mautrix-whatsapp/config.yaml.j2" + src: "{{ role_path }}/templates//config.yaml.j2" dest: "{{ matrix_mautrix_whatsapp_base_path }}/config.yaml" mode: 0644 owner: "{{ matrix_user_username }}" group: "{{ matrix_user_username }}" - when: "matrix_mautrix_whatsapp_enabled and not mautrix_whatsapp_config_file_stat.stat.exists" + when: "not mautrix_whatsapp_config_file_stat.stat.exists" - name: Ensure matrix-mautrix-whatsapp.service installed template: - src: "{{ role_path }}/templates/ext/mautrix-whatsapp/systemd/matrix-mautrix-whatsapp.service.j2" + src: "{{ role_path }}/templates/systemd/matrix-mautrix-whatsapp.service.j2" dest: "/etc/systemd/system/matrix-mautrix-whatsapp.service" mode: 0644 register: matrix_mautrix_whatsapp_systemd_service_result - when: "matrix_mautrix_whatsapp_enabled" - name: Ensure systemd reloaded after matrix-mautrix-whatsapp.service installation service: daemon_reload: yes - when: "matrix_mautrix_whatsapp_enabled and matrix_mautrix_whatsapp_systemd_service_result.changed" + when: "matrix_mautrix_whatsapp_systemd_service_result.changed" - name: Check if a mautrix-whatsapp registration file exists stat: path: "{{ matrix_mautrix_whatsapp_base_path }}/registration.yaml" register: mautrix_whatsapp_registration_file_stat - when: "matrix_mautrix_whatsapp_enabled" - name: Generate matrix-mautrix-whatsapp registration.yaml if it doesn't exist shell: @@ -59,32 +62,19 @@ -v {{ matrix_mautrix_whatsapp_base_path }}:/data:z {{ matrix_mautrix_whatsapp_docker_image }} /usr/bin/mautrix-whatsapp -g -c /data/config.yaml -r /data/registration.yaml - when: "matrix_mautrix_whatsapp_enabled and not mautrix_whatsapp_registration_file_stat.stat.exists" + when: "not mautrix_whatsapp_registration_file_stat.stat.exists" - set_fact: matrix_synapse_app_service_config_file_mautrix_whatsapp: '/app-registration/mautrix-whatsapp.yml' - when: "matrix_mautrix_whatsapp_enabled" +# If the matrix-synapse role is not used, these variables may not exist. - set_fact: matrix_synapse_container_additional_volumes: > - {{ matrix_synapse_container_additional_volumes }} + {{ matrix_synapse_container_additional_volumes|default([]) }} + {{ [{'src': '{{ matrix_mautrix_whatsapp_base_path }}/registration.yaml', 'dst': '{{ matrix_synapse_app_service_config_file_mautrix_whatsapp }}', 'options': 'ro'}] }} - when: "matrix_mautrix_whatsapp_enabled" -- set_fact: matrix_synapse_app_service_config_files: > - {{ matrix_synapse_app_service_config_files }} + {{ matrix_synapse_app_service_config_files|default([]) }} + {{ ["{{ matrix_synapse_app_service_config_file_mautrix_whatsapp }}"] | to_nice_json }} - when: "matrix_mautrix_whatsapp_enabled" - -# -# Tasks related to getting rid of matrix-mautrix-whatsapp (if it was previously enabled) -# - -- name: Ensure matrix-mautrix-whatsapp.service doesn't exist - file: - path: "/etc/systemd/system/matrix-mautrix-whatsapp.service" - state: absent - when: "not matrix_mautrix_whatsapp_enabled" diff --git a/roles/matrix-bridge-mautrix-whatsapp/tasks/setup-uninstall.yml b/roles/matrix-bridge-mautrix-whatsapp/tasks/setup-uninstall.yml new file mode 100644 index 00000000..0c5078a2 --- /dev/null +++ b/roles/matrix-bridge-mautrix-whatsapp/tasks/setup-uninstall.yml @@ -0,0 +1,6 @@ +--- + +- name: Ensure matrix-mautrix-whatsapp.service doesn't exist + file: + path: "/etc/systemd/system/matrix-mautrix-whatsapp.service" + state: absent diff --git a/roles/matrix-synapse/templates/ext/mautrix-whatsapp/config.yaml.j2 b/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 similarity index 93% rename from roles/matrix-synapse/templates/ext/mautrix-whatsapp/config.yaml.j2 rename to roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 index d8561897..310acb4f 100644 --- a/roles/matrix-synapse/templates/ext/mautrix-whatsapp/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 @@ -2,15 +2,15 @@ # Homeserver details. homeserver: # The address that this appservice can use to connect to the homeserver. - address: https://{{ matrix_server_fqn_matrix }} + address: {{ matrix_mautrix_whatsapp_homeserver_address }} # The domain of the homeserver (for MXIDs, etc). - domain: {{ matrix_domain }} + domain: {{ matrix_mautrix_whatsapp_homeserver_domain }} # Application service host/registration related details. # Changing these values requires regeneration of the registration. appservice: # The address that the homeserver can use to connect to this appservice. - address: http://matrix-mautrix-whatsapp:8080 + address: {{ matrix_mautrix_whatsapp_appservice_address }} # The hostname and port where this appservice should listen. hostname: 0.0.0.0 @@ -68,7 +68,7 @@ bridge: # domain - All users on that homeserver # mxid - Specific user permissions: - '{{ matrix_domain }}': user + '{{ matrix_mautrix_whatsapp_homeserver_domain }}': user # Logging config. logging: diff --git a/roles/matrix-synapse/templates/ext/mautrix-whatsapp/systemd/matrix-mautrix-whatsapp.service.j2 b/roles/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 similarity index 68% rename from roles/matrix-synapse/templates/ext/mautrix-whatsapp/systemd/matrix-mautrix-whatsapp.service.j2 rename to roles/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 index d05f73e2..b824cab2 100644 --- a/roles/matrix-synapse/templates/ext/mautrix-whatsapp/systemd/matrix-mautrix-whatsapp.service.j2 +++ b/roles/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 @@ -1,15 +1,19 @@ #jinja2: lstrip_blocks: "True" [Unit] Description=Matrix Mautrix Whatsapp server -After=docker.service -Requires=docker.service -Requires=matrix-synapse.service -After=matrix-synapse.service +{% for service in matrix_mautrix_whatsapp_systemd_required_services_list %} +Requires={{ service }} +After={{ service }} +{% endfor %} +{% for service in matrix_mautrix_whatsapp_systemd_wanted_services_list %} +Wants={{ service }} +{% endfor %} [Service] Type=simple ExecStartPre=-/usr/bin/docker kill matrix-mautrix-whatsapp ExecStartPre=-/usr/bin/docker rm matrix-mautrix-whatsapp + ExecStart=/usr/bin/docker run --rm --name matrix-mautrix-whatsapp \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ @@ -17,8 +21,12 @@ ExecStart=/usr/bin/docker run --rm --name matrix-mautrix-whatsapp \ --network={{ matrix_docker_network }} \ -v {{ matrix_mautrix_whatsapp_base_path }}:/data:z \ --workdir=/data \ + {% for arg in matrix_mautrix_whatsapp_container_extra_arguments %} + {{ arg }} \ + {% endfor %} {{ matrix_mautrix_whatsapp_docker_image }} \ /usr/bin/mautrix-whatsapp + ExecStop=-/usr/bin/docker kill matrix-mautrix-whatsapp ExecStop=-/usr/bin/docker rm matrix-mautrix-whatsapp Restart=always diff --git a/roles/matrix-corporal/tasks/init.yml b/roles/matrix-corporal/tasks/init.yml index e0d89edf..b7e0e3f8 100644 --- a/roles/matrix-corporal/tasks/init.yml +++ b/roles/matrix-corporal/tasks/init.yml @@ -1,3 +1,3 @@ - set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-corporal'] }}" - when: "matrix_corporal_enabled" \ No newline at end of file + when: "matrix_corporal_enabled" diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index e6b70219..749806a2 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -1,3 +1,8 @@ +# Synapse is a Matrix homeserver +# See: https://github.com/matrix-org/synapse + +matrix_synapse_enabled: true + matrix_synapse_docker_image: "matrixdotorg/synapse:v0.99.3.2" matrix_synapse_base_path: "{{ matrix_base_data_path }}/synapse" @@ -239,31 +244,6 @@ matrix_s3_media_store_region: "eu-central-1" # Controls whether the self-check feature should validate SSL certificates. matrix_synapse_self_check_validate_certificates: true -# Matrix mautrix is a Matrix <-> Telegram bridge -# Enable telegram bridge -matrix_mautrix_telegram_enabled: false - -matrix_mautrix_telegram_docker_image: "tulir/mautrix-telegram:v0.5.1" - -matrix_mautrix_telegram_base_path: "{{ matrix_base_data_path }}/mautrix-telegram" - -# Get your own API keys at https://my.telegram.org/apps -matrix_mautrix_telegram_api_id: YOUR_TELEGRAM_APP_ID -matrix_mautrix_telegram_api_hash: YOUR_TELEGRAM_API_HASH -# Mautrix telegram public endpoint to log in to telegram -# Use an uuid so it's not easily discoverable -matrix_mautrix_telegram_public_endpoint: "/{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'telegram') | to_uuid }}" -# Set this to a port number to expose on the host when not using the nginx proxy -matrix_mautrix_telegram_container_exposed_port_number: ~ - -# Matrix mautrix is a Matrix <-> Whatsapp bridge -# Enable whatsapp bridge -matrix_mautrix_whatsapp_enabled: false - -matrix_mautrix_whatsapp_docker_image: "tulir/mautrix-whatsapp:latest" - -matrix_mautrix_whatsapp_base_path: "{{ matrix_base_data_path }}/mautrix-whatsapp" - # Matrix mautrix is a Matrix <-> Facebook bridge # Enable facebook bridge matrix_mautrix_facebook_enabled: false diff --git a/roles/matrix-synapse/tasks/ext/init.yml b/roles/matrix-synapse/tasks/ext/init.yml index 9ebaf5e2..05a96758 100644 --- a/roles/matrix-synapse/tasks/ext/init.yml +++ b/roles/matrix-synapse/tasks/ext/init.yml @@ -1,9 +1,5 @@ --- -- import_tasks: "{{ role_path }}/tasks/ext/mautrix-telegram/init.yml" - -- import_tasks: "{{ role_path }}/tasks/ext/mautrix-whatsapp/init.yml" - - import_tasks: "{{ role_path }}/tasks/ext/mautrix-facebook/init.yml" - import_tasks: "{{ role_path }}/tasks/ext/appservice-irc/init.yml" diff --git a/roles/matrix-synapse/tasks/ext/setup.yml b/roles/matrix-synapse/tasks/ext/setup.yml index 3b2a61ce..f5bad306 100644 --- a/roles/matrix-synapse/tasks/ext/setup.yml +++ b/roles/matrix-synapse/tasks/ext/setup.yml @@ -6,10 +6,6 @@ - import_tasks: "{{ role_path }}/tasks/ext/ldap-auth/setup.yml" -- import_tasks: "{{ role_path }}/tasks/ext/mautrix-telegram/setup.yml" - -- import_tasks: "{{ role_path }}/tasks/ext/mautrix-whatsapp/setup.yml" - - import_tasks: "{{ role_path }}/tasks/ext/mautrix-facebook/setup.yml" - import_tasks: "{{ role_path }}/tasks/ext/appservice-irc/setup.yml" diff --git a/roles/matrix-synapse/tasks/main.yml b/roles/matrix-synapse/tasks/main.yml index 058cf05f..8404ccf1 100644 --- a/roles/matrix-synapse/tasks/main.yml +++ b/roles/matrix-synapse/tasks/main.yml @@ -41,4 +41,10 @@ - import_tasks: "{{ role_path }}/tasks/update_user_password.yml" when: run_update_user_password tags: - - update-user-password \ No newline at end of file + - update-user-password + +- name: Mark matrix-synapse role as executed + set_fact: + matrix_synapse_role_executed: true + tags: + - always diff --git a/roles/matrix-synapse/vars/main.yml b/roles/matrix-synapse/vars/main.yml index f5c40021..3b5ab854 100644 --- a/roles/matrix-synapse/vars/main.yml +++ b/roles/matrix-synapse/vars/main.yml @@ -4,3 +4,6 @@ matrix_synapse_id_servers_public: ['vector.im', 'matrix.org'] matrix_synapse_client_api_url_endpoint_public: "https://{{ matrix_server_fqn_matrix }}/_matrix/client/versions" matrix_synapse_federation_api_url_endpoint_public: "https://{{ matrix_server_fqn_matrix }}:8448/_matrix/federation/v1/version" + +# Tells whether this role had executed or not. Toggled to `true` during runtime. +matrix_synapse_role_executed: false diff --git a/setup.yml b/setup.yml index e2978f59..d19ece9c 100755 --- a/setup.yml +++ b/setup.yml @@ -8,6 +8,8 @@ - matrix-mailer - matrix-postgres - matrix-corporal + - matrix-bridge-mautrix-telegram + - matrix-bridge-mautrix-whatsapp - matrix-synapse - matrix-riot-web - matrix-mxisd