Merge branch 'master' into pub.solar
This commit is contained in:
commit
ce1cf0e78f
40
CHANGELOG.md
40
CHANGELOG.md
|
@ -1,3 +1,43 @@
|
|||
# 2022-11-30
|
||||
|
||||
## matrix-postgres-backup has been replaced by the com.devture.ansible.role.postgres_backup external role
|
||||
|
||||
Just like we've [replaced Postgres with an external role](#matrix-postgres-has-been-replaced-by-the-comdevtureansiblerolepostgres-external-role) on 2022-11-28, we're now replacing `matrix-postgres-backup` with an external role - [com.devture.ansible.role.postgres_backup](https://github.com/devture/com.devture.ansible.role.postgres_backup).
|
||||
|
||||
You'll need to rename your `matrix_postgres_backup`-prefixed variables such that they use a `devture_postgres_backup` prefix.
|
||||
|
||||
|
||||
# 2022-11-28
|
||||
|
||||
## matrix-postgres has been replaced by the com.devture.ansible.role.postgres external role
|
||||
|
||||
**TLDR**: the tasks that install the integrated Postgres server now live in an external role - [com.devture.ansible.role.postgres](https://github.com/devture/com.devture.ansible.role.postgres). You'll need to run `make roles` to install it, and to also rename your `matrix_postgres`-prefixed variables to use a `devture_postgres` prefix (e.g. `matrix_postgres_connection_password` -> `devture_postgres_connection_password`). All your data will still be there! Some scripts have moved (`/usr/local/bin/matrix-postgres-cli` -> `/matrix/postgres/bin/cli`).
|
||||
|
||||
The `matrix-postgres` role that has been part of the playbook for a long time has been replaced with the [com.devture.ansible.role.postgres](https://github.com/devture/com.devture.ansible.role.postgres) role. This was done as part of our work to [use external roles for some things](#the-playbook-now-uses-external-roles-for-some-things) for better code re-use and maintainability.
|
||||
|
||||
The new role is an upgraded version of the old `matrix-postgres` role with these notable differences:
|
||||
|
||||
- it uses different names for its variables (`matrix_postgres` -> `devture_postgres`)
|
||||
- when [Vacuuming PostgreSQL](docs/maintenance-postgres.md#vacuuming-postgresql), it will vacuum all your databases, not just the Synapse one
|
||||
|
||||
You'll need to run `make roles` to install the new role. You would also need to rename your `matrix_postgres`-prefixed variables to use a `devture_postgres` prefix.
|
||||
|
||||
Note: the systemd service still remains the same - `matrix-postgres.service`. Your data will still be in `/matrix/postgres`, etc.
|
||||
Postgres-related scripts will be moved to `/matrix/postgres/bin` (`/usr/local/bin/matrix-postgres-cli` -> `/matrix/postgres/bin/cli`, etc). Also see [The playbook no longer installs scripts in /usr/local/bin](#the-playbook-no-longer-installs-scripts-in-usrlocalbin).
|
||||
|
||||
## The playbook no longer installs scripts to /usr/local/bin
|
||||
|
||||
The locations of various scripts installed by the playbook have changed.
|
||||
|
||||
The playbook no longer contaminates your `/usr/local/bin` directory.
|
||||
All scripts installed by the playbook now live in `bin/` directories under `/matrix`. Some examples are below:
|
||||
|
||||
- `/usr/local/bin/matrix-remove-all` -> `/matrix/bin/remove-all`
|
||||
- `/usr/local/bin/matrix-postgres-cli` -> `/matrix/postgres/bin/cli`
|
||||
- `/usr/local/bin/matrix-ssl-lets-encrypt-certificates-renew` -> `/matrix/ssl/bin/lets-encrypt-certificates-renew`
|
||||
- `/usr/local/bin/matrix-synapse-register-user` -> `/matrix/synapse/bin/register-user`
|
||||
|
||||
|
||||
# 2022-11-25
|
||||
|
||||
## 2x-5x performance improvements in playbook runtime
|
||||
|
|
|
@ -9,19 +9,14 @@ If your local computer cannot run Ansible, you can also run Ansible on some serv
|
|||
|
||||
## Supported Ansible versions
|
||||
|
||||
Ansible 2.7.1 or newer is required ([last discussion about Ansible versions](https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/743)).
|
||||
|
||||
Note: Ubuntu 20.04 ships with Ansible 2.9.6 which is a buggy version (see this [bug](https://bugs.launchpad.net/ubuntu/+source/ansible/+bug/1880359)), which can't be used in combination with a host running new systemd (more details in [#517](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/517), [#669](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/669)). If this problem affects you, you can: avoid running Ubuntu 20.04 on your host; run Ansible from another machine targeting your host; or try to upgrade to a newer Ansible version (see below).
|
||||
|
||||
|
||||
## Checking your Ansible version
|
||||
|
||||
In most cases, you won't need to worry about the Ansible version.
|
||||
The playbook will try to detect it and tell you if you're on an unsupported version.
|
||||
|
||||
To manually check which version of Ansible you're on, run: `ansible --version`.
|
||||
|
||||
If you're on an old version of Ansible, you should [upgrade Ansible to a newer version](#upgrading-ansible) or [use Ansible via Docker](#using-ansible-via-docker).
|
||||
For the **best experience**, we recommend getting the **latest version of Ansible available**.
|
||||
|
||||
We're not sure what's the minimum version of Ansible that can run this playbook successfully.
|
||||
The lowest version that we've confirmed (on 2022-11-26) to be working fine is: `ansible-core` (`2.11.7`) combined with `ansible` (`4.10.0`).
|
||||
|
||||
If your distro ships with an Ansible version older than this, you may run into issues. Consider [Upgrading Ansible](#upgrading-ansible) or [using Ansible via Docker](#using-ansible-via-docker).
|
||||
|
||||
|
||||
## Upgrading Ansible
|
||||
|
|
|
@ -2,9 +2,11 @@
|
|||
|
||||
# Overview
|
||||
Captcha can be enabled for this home server. This file explains how to do that.
|
||||
The captcha mechanism used is Google's [ReCaptcha](https://www.google.com/recaptcha/). This requires API keys from Google.
|
||||
The captcha mechanism used is Google's [ReCaptcha](https://www.google.com/recaptcha/). This requires API keys from Google. If your homeserver is Dendrite then [hCapcha](https://www.hcaptcha.com) can be used instead.
|
||||
|
||||
## Getting keys
|
||||
## ReCaptcha
|
||||
|
||||
### Getting keys
|
||||
|
||||
Requires a site/secret key pair from:
|
||||
|
||||
|
@ -12,12 +14,39 @@ Requires a site/secret key pair from:
|
|||
|
||||
Must be a reCAPTCHA **v2** key using the "I'm not a robot" Checkbox option
|
||||
|
||||
## Setting ReCaptcha Keys
|
||||
### Setting ReCaptcha keys
|
||||
|
||||
Once registered as above, set the following values:
|
||||
|
||||
```yaml
|
||||
# for Synapse
|
||||
matrix_synapse_enable_registration_captcha: true
|
||||
matrix_synapse_recaptcha_public_key: 'YOUR_SITE_KEY'
|
||||
matrix_synapse_recaptcha_private_key: 'YOUR_SECRET_KEY'
|
||||
|
||||
# for Dendrite
|
||||
matrix_dendrite_client_api_enable_registration_captcha: true
|
||||
matrix_dendrite_client_api_recaptcha_public_key: 'YOUR_SITE_KEY'
|
||||
matrix_dendrite_client_api_recaptcha_private_key: 'YOUR_SECRET_KEY'
|
||||
```
|
||||
|
||||
## hCaptcha
|
||||
|
||||
### Getting keys
|
||||
|
||||
Requires a site/secret key pair from:
|
||||
|
||||
<https://dashboard.hcaptcha.com/sites/new>
|
||||
|
||||
### Setting hCaptcha keys
|
||||
|
||||
```yaml
|
||||
matrix_dendrite_client_api_enable_registration_captcha: true
|
||||
matrix_dendrite_client_api_recaptcha_public_key: 'YOUR_SITE_KEY'
|
||||
matrix_dendrite_client_api_recaptcha_private_key: 'YOUR_SECRET_KEY'
|
||||
|
||||
matrix_dendrite_client_api_recaptcha_siteverify_api: 'https://hcaptcha.com/siteverify'
|
||||
matrix_dendrite_client_api_recaptcha_api_js_url: 'https://js.hcaptcha.com/1/api.js'
|
||||
matrix_dendrite_client_api_recaptcha_form_field: 'h-captcha-response'
|
||||
matrix_dendrite_client_api_recaptcha_sitekey_class: 'h-captcha'
|
||||
```
|
||||
|
|
|
@ -40,7 +40,7 @@ Minimal working configuration (`inventory/host_vars/matrix.DOMAIN/vars.yml`) to
|
|||
```yaml
|
||||
matrix_backup_borg_enabled: true
|
||||
matrix_backup_borg_location_repositories:
|
||||
- USER@HOST:REPO
|
||||
- ssh://USER@HOST/./REPO
|
||||
matrix_backup_borg_storage_encryption_passphrase: "PASSPHRASE"
|
||||
matrix_backup_borg_ssh_key_private: |
|
||||
-----BEGIN OPENSSH PRIVATE KEY-----
|
||||
|
|
|
@ -93,4 +93,4 @@ To explicitly enable metrics, use `matrix_hookshot_metrics_enabled: true`. This
|
|||
|
||||
### Collision with matrix-appservice-webhooks
|
||||
|
||||
If you are also running [matrix-appservice-webhooks](configuring-playbook-bridge-appservice-webhooks.md), it reserves its namespace by the default setting `matrix_appservice_webhooks_user_prefix: '_webhook_'`. You should take care if you modify its or hookshot's prefix that they do not collide with each other's namespace (default `matrix_hookshot_generic_user_id_prefix: '_webhooks_'`).
|
||||
If you are also running [matrix-appservice-webhooks](configuring-playbook-bridge-appservice-webhooks.md), it reserves its namespace by the default setting `matrix_appservice_webhooks_user_prefix: '_webhook_'`. You should take care if you modify its or hookshot's prefix that they do not collide with each other's namespace (default `matrix_hookshot_generic_userIdPrefix: '_webhooks_'`).
|
||||
|
|
|
@ -10,7 +10,7 @@ If you'd like to use an external PostgreSQL server that you manage, you can edit
|
|||
If you'd like to use an external Postgres server, use a custom `vars.yml` configuration like this:
|
||||
|
||||
```yaml
|
||||
matrix_postgres_enabled: false
|
||||
devture_postgres_enabled: false
|
||||
|
||||
# Rewire Synapse to use your external Postgres server
|
||||
matrix_synapse_database_host: "your-postgres-server-hostname"
|
||||
|
|
|
@ -127,6 +127,16 @@ Read how it works [here](https://github.com/jitsi/jitsi-videobridge/blob/master/
|
|||
|
||||
You may want to **limit the maximum video resolution**, to save up resources on both server and clients.
|
||||
|
||||
## (Optional) Specify a Max number of participants on a Jitsi conference
|
||||
|
||||
The playbook allows a user to set a max number of participants allowed to join a Jitsi conference. By default there is no limit.
|
||||
|
||||
In order to set the max number of participants add the following variable to your `inventory/host_vars/matrix.DOMAIN/vars.yml` configuration:
|
||||
|
||||
```
|
||||
matrix_prosody_jitsi_max_participants: <INTEGER OF MAX PARTICPANTS>
|
||||
```
|
||||
|
||||
## (Optional) Additional JVBs
|
||||
|
||||
By default, a single JVB ([Jitsi VideoBridge](https://github.com/jitsi/jitsi-videobridge)) is deployed on the same host as the Matrix server. To allow more video-conferences to happen at the same time, you may need to provision additional JVB services on other hosts.
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
# Setting up postgres backup (optional)
|
||||
|
||||
The playbook can install and configure [docker-postgres-backup-local](https://github.com/prodrigestivill/docker-postgres-backup-local) for you.
|
||||
The playbook can install and configure [docker-postgres-backup-local](https://github.com/prodrigestivill/docker-postgres-backup-local) for you via the [com.devture.ansible.role.postgres_backup](https://github.com/devture/com.devture.ansible.role.postgres_backup) Ansible role.
|
||||
|
||||
For a more complete backup solution (one that includes not only Postgres, but also other configuration/data files), you may wish to look into [borg backup](configuring-playbook-backup-borg.md) instead.
|
||||
|
||||
|
@ -10,7 +10,7 @@ For a more complete backup solution (one that includes not only Postgres, but al
|
|||
Minimal working configuration (`inventory/host_vars/matrix.DOMAIN/vars.yml`) to enable Postgres backup:
|
||||
|
||||
```yaml
|
||||
matrix_postgres_backup_enabled: true
|
||||
devture_postgres_backup_enabled: true
|
||||
```
|
||||
|
||||
Refer to the table below for additional configuration variables and their default values.
|
||||
|
@ -18,12 +18,13 @@ Refer to the table below for additional configuration variables and their defaul
|
|||
|
||||
| Name | Default value | Description |
|
||||
| :-------------------------------- | :--------------------------- | :--------------------------------------------------------------- |
|
||||
|`matrix_postgres_backup_enabled`|`false`|Set to true to use [docker-postgres-backup-local](https://github.com/prodrigestivill/docker-postgres-backup-local) to create automatic database backups|
|
||||
|`matrix_postgres_backup_schedule`| `'@daily'` |Cron-schedule specifying the interval between postgres backups.|
|
||||
|`matrix_postgres_backup_keep_days`|`7`|Number of daily backups to keep|
|
||||
|`matrix_postgres_backup_keep_weeks`|`4`|Number of weekly backups to keep|
|
||||
|`matrix_postgres_backup_keep_months`|`12`|Number of monthly backups to keep|
|
||||
|`matrix_postgres_backup_path` | `"{{ matrix_base_data_path }}/postgres-backup"` | Storagepath for the database backups|
|
||||
|`devture_postgres_backup_enabled`|`false`|Set to true to use [docker-postgres-backup-local](https://github.com/prodrigestivill/docker-postgres-backup-local) to create automatic database backups|
|
||||
|`devture_postgres_backup_schedule`| `'@daily'` |Cron-schedule specifying the interval between postgres backups.|
|
||||
|`devture_postgres_backup_keep_days`|`7`|Number of daily backups to keep|
|
||||
|`devture_postgres_backup_keep_weeks`|`4`|Number of weekly backups to keep|
|
||||
|`devture_postgres_backup_keep_months`|`12`|Number of monthly backups to keep|
|
||||
|`devture_postgres_base_path` | `"{{ matrix_base_data_path }}/postgres-backup"` | Base path for postgres-backup. Also see `devture_postgres_data_path` |
|
||||
|`devture_postgres_data_path` | `"{{ devture_postgres_base_path }}/data"` | Storage path for postgres-backup database backups |
|
||||
|
||||
|
||||
## Installing
|
||||
|
|
|
@ -15,6 +15,9 @@ matrix_prometheus_node_exporter_enabled: true
|
|||
# You can remove this, if unnecessary.
|
||||
matrix_prometheus_postgres_exporter_enabled: true
|
||||
|
||||
# You can remove this, if unnecessary.
|
||||
matrix_prometheus_nginxlog_exporter_enabled: true
|
||||
|
||||
matrix_grafana_enabled: true
|
||||
|
||||
matrix_grafana_anonymous_access: false
|
||||
|
@ -39,6 +42,7 @@ Name | Description
|
|||
`matrix_prometheus_enabled`|[Prometheus](https://prometheus.io) is a time series database. It holds all the data we're going to talk about.
|
||||
`matrix_prometheus_node_exporter_enabled`|[Node Exporter](https://prometheus.io/docs/guides/node-exporter/) is an addon of sorts to Prometheus that collects generic system information such as CPU, memory, filesystem, and even system temperatures
|
||||
`matrix_prometheus_postgres_exporter_enabled`|[Postgres Exporter](configuring-playbook-prometheus-postgres.md) is an addon of sorts to expose Postgres database metrics to Prometheus.
|
||||
`matrix_prometheus_nginxlog_exporter_enabled`|[NGINX Log Exporter](configuring-playbook-prometheus-nginxlog.md) is an addon of sorts to expose NGINX logs to Prometheus.
|
||||
`matrix_grafana_enabled`|[Grafana](https://grafana.com/) is the visual component. It shows (on the `stats.<your-domain>` subdomain) the dashboards with the graphs that we're interested in
|
||||
`matrix_grafana_anonymous_access`|By default you need to log in to see graphs. If you want to publicly share your graphs (e.g. when asking for help in [`#synapse:matrix.org`](https://matrix.to/#/#synapse:matrix.org?via=matrix.org&via=privacytools.io&via=mozilla.org)) you'll want to enable this option.
|
||||
`matrix_grafana_default_admin_user`<br>`matrix_grafana_default_admin_password`|By default Grafana creates a user with `admin` as the username and password. If you feel this is insecure and you want to change it beforehand, you can do that here
|
||||
|
@ -73,6 +77,7 @@ Name | Description
|
|||
`matrix_prometheus_node_exporter_enabled`|Set this to `true` to enable the node (general system stats) exporter (locally, on the container network)
|
||||
`matrix_prometheus_node_exporter_metrics_proxying_enabled`|Set this to `true` to expose the node (general system stats) metrics on `https://matrix.DOMAIN/metrics/node-exporter` (only takes effect if `matrix_nginx_proxy_proxy_matrix_metrics_enabled: true`)
|
||||
`matrix_prometheus_postgres_exporter_enabled`|Set this to `true` to enable the [Postgres exporter](configuring-playbook-prometheus-postgres.md) (locally, on the container network)
|
||||
`matrix_prometheus_nginxlog_exporter_enabled`|Set this to `true` to enable the [NGINX Log exporter](configuring-playbook-prometheus-nginxlog.md) (locally, on the container network)
|
||||
`matrix_prometheus_postgres_exporter_metrics_proxying_enabled`|Set this to `true` to expose the [Postgres exporter](configuring-playbook-prometheus-postgres.md) metrics on `https://matrix.DOMAIN/metrics/postgres-exporter` (only takes effect if `matrix_nginx_proxy_proxy_matrix_metrics_enabled: true`)
|
||||
`matrix_bridge_hookshot_metrics_enabled`|Set this to `true` to make [Hookshot](configuring-playbook-bridge-hookshot.md) expose metrics (locally, on the container network)
|
||||
`matrix_bridge_hookshot_metrics_proxying_enabled`|Set this to `true` to expose the [Hookshot](configuring-playbook-bridge-hookshot.md) metrics on `https://matrix.DOMAIN/metrics/hookshot` (only takes effect if `matrix_nginx_proxy_proxy_matrix_metrics_enabled: true`)
|
||||
|
|
59
docs/configuring-playbook-prometheus-nginxlog.md
Normal file
59
docs/configuring-playbook-prometheus-nginxlog.md
Normal file
|
@ -0,0 +1,59 @@
|
|||
# Enabling metrics and graphs for NginX logs (optional)
|
||||
|
||||
It can be useful to have some (visual) insight into NignX logs.
|
||||
|
||||
This adds [prometheus-nginxlog-exporter](https://github.com/martin-helmich/prometheus-nginxlog-exporter/) to your matrix deployment.
|
||||
It will provide a prometheus 'metrics' endpoint exposing data from both the `matrix-nginx-proxy` and `matrix-synapse-reverse-proxy-companion` logs and automatically aggregates the data with prometheus.
|
||||
Optionally it visualizes the data, if [`matrix-grafana`](configuring-playbook-prometheus-grafana.md) is enabled, by means of a dedicated Grafana dashboard named `NGINX PROXY`
|
||||
|
||||
You can enable this role by adding the following settings in your configuration file (`inventory/host_vars/matrix.<your-domain>/vars.yml`):
|
||||
|
||||
```yaml
|
||||
matrix_prometheus_nginxlog_exporter_enabled: true
|
||||
|
||||
# required depency
|
||||
matrix_prometheus_enabled: true
|
||||
|
||||
# optional for visualization
|
||||
matrix_grafana_enabled: true
|
||||
```
|
||||
|
||||
x | Prerequisites | Variable | Description
|
||||
|:--:|:--:|:--:|:--|
|
||||
**REQUIRED** | `matrix-prometheus`| `matrix_prometheus_enabled`|[Prometheus](https://prometheus.io) is a time series database. It holds all the data we're going to talk about.
|
||||
_Optional_ | [`matrix-grafana`](configuring-playbook-prometheus-grafana.md) | [`matrix_grafana_enabled`](configuring-playbook-prometheus-grafana.md)|[Grafana](https://grafana.com) is the visual component. It shows (on the `stats.<your-domain>` subdomain) graphs that we're interested in. When enabled the `NGINX PROXY` dashboard is automatically added.
|
||||
|
||||
## Docker Image Compatibility
|
||||
|
||||
At the moment of writing only images for `amd64` and `arm64` architectures are available
|
||||
|
||||
The playbook currently does not support building an image.
|
||||
You can however use a custom-build image by setting
|
||||
```yaml
|
||||
matrix_prometheus_nginxlog_exporter_docker_image_arch_check_enabled: false
|
||||
matrix_prometheus_nginxlog_exporter_docker_image: path/to/docker/image:tag
|
||||
```
|
||||
|
||||
## Security and privacy
|
||||
|
||||
Metrics and resulting graphs can contain a lot of information. NginX logs contain information like IP address, URLs, UserAgents and more. This information can reveal usage patterns and could be considered Personally Identifiable Information (PII). Think about this before enabling (anonymous) access.
|
||||
Please make sure you change the default Grafana password.
|
||||
|
||||
## Save metrics on an external Prometheus server
|
||||
|
||||
The playbook will automatically integrate the metrics into the Prometheus server provided with this playbook. You can choose to save data on an external Prometheus instance.
|
||||
|
||||
The metrics of this role will be exposed on `https://matrix.DOMAIN/metrics/nginxlog` when setting
|
||||
```yaml
|
||||
matrix_prometheus_nginxlog_exporter_metrics_proxying_enabled: true
|
||||
|
||||
# required dependency
|
||||
matrix_nginx_proxy_proxy_matrix_metrics_enabled: true
|
||||
```
|
||||
The playbook can provide a single endpoint (`https://matrix.DOMAIN/metrics/*`), under which various services may expose their metrics (e.g. `/metrics/node-exporter`, `/metrics/postgres-exporter`, `/metrics/nginxlog`, etc). To enable this `/metrics/*` feature, use `matrix_nginx_proxy_proxy_matrix_metrics_enabled`. To protect access using [Basic Authentication](https://en.wikipedia.org/wiki/Basic_access_authentication), see `matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_enabled`.
|
||||
|
||||
The following variables may be of interest:
|
||||
|
||||
Name | Description
|
||||
-----|----------
|
||||
`matrix_nginx_proxy_proxy_matrix_metrics_enabled`|Set this to `true` to enable metrics exposure for various services on `https://matrix.DOMAIN/metrics/*`. Refer to the individual `matrix_SERVICE_metrics_proxying_enabled` variables below for exposing metrics for each individual service.
|
|
@ -62,7 +62,7 @@ Migrating your existing data can happen in multiple ways:
|
|||
|
||||
Instead of using `s3_media_upload` directly, which is very slow and painful for an initial data migration, we recommend [using another tool in combination with `s3_media_upload`](#using-another-tool-in-combination-with-s3_media_upload).
|
||||
|
||||
To copy your existing files, SSH into the server and run `/usr/local/bin/matrix-synapse-s3-storage-provider-shell`.
|
||||
To copy your existing files, SSH into the server and run `/matrix/synapse/ext/s3-storage-provider/bin/shell`.
|
||||
|
||||
This launches a Synapse container, which has access to the local media store, Postgres database, S3 store and has some convenient environment variables configured for you to use (`MEDIA_PATH`, `BUCKET`, `ENDPOINT`, `UPDATE_DB_DAYS`, etc).
|
||||
|
||||
|
@ -76,12 +76,12 @@ Then use the following commands (`$` values come from environment variables - th
|
|||
|
||||
The `s3_media_upload upload` command may take a lot of time to complete.
|
||||
|
||||
Instead of running the above commands manually in the shell, you can also run the `/usr/local/bin/matrix-synapse-s3-storage-provider-migrate` script which will run the same commands automatically. We demonstrate how to do it manually, because:
|
||||
Instead of running the above commands manually in the shell, you can also run the `/matrix/synapse/ext/s3-storage-provider/bin/migrate` script which will run the same commands automatically. We demonstrate how to do it manually, because:
|
||||
|
||||
- it's what the upstream project demonstrates and it teaches you how to use the `s3_media_upload` tool
|
||||
- allows you to check and verify the output of each command, to catch mistakes
|
||||
- includes progress bars and detailed output for each command
|
||||
- allows you to easily interrupt slow-running commands, etc. (the `/usr/local/bin/matrix-synapse-s3-storage-provider-migrate` starts a container without interactive TTY support, so `Ctrl+C` may not work and you and require killing via `docker kill ..`)
|
||||
- allows you to easily interrupt slow-running commands, etc. (the `/matrix/synapse/ext/s3-storage-provider/bin/migrate` starts a container without interactive TTY support, so `Ctrl+C` may not work and you and require killing via `docker kill ..`)
|
||||
|
||||
### Using another tool in combination with `s3_media_upload`
|
||||
|
||||
|
@ -119,7 +119,7 @@ As described in [How it works?](#how-it-works) above, when new media is uploaded
|
|||
|
||||
By default, we periodically ensure that all local files are uploaded to S3 and are then removed from the local filesystem. This is done automatically using:
|
||||
|
||||
- the `/usr/local/bin/matrix-synapse-s3-storage-provider-migrate` script
|
||||
- the `/matrix/synapse/ext/s3-storage-provider/bin/migrate` script
|
||||
- .. invoked via the `matrix-synapse-s3-storage-provider-migrate.service` service
|
||||
- .. triggered by the `matrix-synapse-s3-storage-provider-migrate.timer` timer, every day at 05:00
|
||||
|
||||
|
|
|
@ -37,7 +37,7 @@ If you'd like more customization power, you can start with one of the presets an
|
|||
If you increase worker counts too much, you may need to increase the maximum number of Postgres connections too (example):
|
||||
|
||||
```yaml
|
||||
matrix_postgres_process_extra_arguments: [
|
||||
devture_postgres_process_extra_arguments: [
|
||||
"-c 'max_connections=200'"
|
||||
]
|
||||
```
|
||||
|
@ -56,21 +56,27 @@ Certain Synapse administration tasks (managing users and rooms, etc.) can be per
|
|||
|
||||
If you'd like to use OpenID Connect authentication with Synapse, you'll need some additional reverse-proxy configuration (see [our nginx reverse-proxy doc page](configuring-playbook-nginx.md#synapse-openid-connect-for-single-sign-on)).
|
||||
|
||||
This example configuration is for [keycloak](https://www.keycloak.org/), an opensource Identity Provider maintained by Red Hat.
|
||||
|
||||
For more detailed documentation on available options and how to setup keycloak, see the [Synapse documentation on OpenID Connect with keycloak](https://github.com/matrix-org/synapse/blob/develop/docs/openid.md#keycloak).
|
||||
|
||||
In case you encounter errors regarding the parsing of the variables, you can try to add `{% raw %}` and `{% endraw %}` blocks around them. For example ;
|
||||
|
||||
```
|
||||
matrix_synapse_configuration_extension_yaml: |
|
||||
oidc_providers:
|
||||
- idp_id: keycloak
|
||||
idp_name: "Keycloak"
|
||||
issuer: "https://url.ix/auth/realms/x"
|
||||
idp_name: "My KeyCloak server"
|
||||
issuer: "https://url.ix/auth/realms/{realm_name}"
|
||||
client_id: "matrix"
|
||||
client_secret: "{{ vault_synapse_keycloak }}"
|
||||
scopes: ["openid", "profile"]
|
||||
authorization_endpoint: "https://url.ix/auth/realms/x/protocol/openid-connect/auth"
|
||||
token_endpoint: "https://url.ix/auth/realms/x/protocol/openid-connect/token"
|
||||
userinfo_endpoint: "https://url.ix/auth/realms/x/protocol/openid-connect/userinfo"
|
||||
user_mapping_provider:
|
||||
config:
|
||||
display_name_template: "{% raw %}{{ user.given_name }}{% endraw %} {% raw %}{{ user.family_name }}{% endraw %}"
|
||||
localpart_template: "{% raw %}{{ user.preferred_username }}{% endraw %}"
|
||||
display_name_template: "{% raw %}{{ user.name }}{% endraw %}"
|
||||
email_template: "{% raw %}{{ user.email }}{% endraw %}"
|
||||
allow_existing_users: true # Optional
|
||||
backchannel_logout_enabled: true # Optional
|
||||
```
|
||||
|
||||
|
|
|
@ -317,7 +317,7 @@ If you've installed [Jitsi](configuring-playbook-jitsi.md) (not installed by def
|
|||
Yes, we can stop installing Docker ourselves. Just use this in your `vars.yml` file:
|
||||
|
||||
```yaml
|
||||
matrix_playbook_docker_installation_enabled: true
|
||||
matrix_playbook_docker_installation_enabled: false
|
||||
```
|
||||
|
||||
### I run another webserver on the same server where I wish to install Matrix. What now?
|
||||
|
|
|
@ -97,9 +97,9 @@ Once the database is clear and the ownership of the tables has been fixed in the
|
|||
Check, if `--dbname` is set to `synapse` (not `matrix`) and replace paths (or even better, copy this line from your terminal)
|
||||
|
||||
```
|
||||
/usr/bin/env docker run --rm --name matrix-postgres-import --log-driver=none --user=998:1001 --cap-drop=ALL --network=matrix --env-file=/matrix/postgres/env-postgres-psql --mount type=bind,src=/migration/synapse_dump.sql,dst=/synapse_dump.sql,ro --entrypoint=/bin/sh docker.io/postgres:14.1-alpine -c "cat /synapse_dump.sql | grep -vE '^(CREATE|ALTER) ROLE (matrix)(;| WITH)' | grep -vE '^CREATE DATABASE (matrix)\s' | psql -v ON_ERROR_STOP=1 -h matrix-postgres --dbname=synapse"
|
||||
/usr/bin/env docker run --rm --name matrix-postgres-import --log-driver=none --user=998:1001 --cap-drop=ALL --network=matrix --env-file=/matrix/postgres/env-postgres-psql --mount type=bind,src=/migration/synapse_dump.sql,dst=/synapse_dump.sql,ro --entrypoint=/bin/sh docker.io/postgres:15.0-alpine -c "cat /synapse_dump.sql | grep -vE '^(CREATE|ALTER) ROLE (matrix)(;| WITH)' | grep -vE '^CREATE DATABASE (matrix)\s' | psql -v ON_ERROR_STOP=1 -h matrix-postgres --dbname=synapse"
|
||||
```
|
||||
|
||||
### Hints
|
||||
|
||||
To open psql terminal run `/usr/local/bin/matrix-postgres-cli`
|
||||
To open psql terminal run `/matrix/postgres/bin/cli`
|
||||
|
|
|
@ -16,7 +16,7 @@ Table of contents:
|
|||
|
||||
## Getting a database terminal
|
||||
|
||||
You can use the `/usr/local/bin/matrix-postgres-cli` tool to get interactive terminal access ([psql](https://www.postgresql.org/docs/11/app-psql.html)) to the PostgreSQL server.
|
||||
You can use the `/matrix/postgres/bin/cli` tool to get interactive terminal access ([psql](https://www.postgresql.org/docs/11/app-psql.html)) to the PostgreSQL server.
|
||||
|
||||
If you are using an [external Postgres server](configuring-playbook-external-postgres.md), the above tool will not be available.
|
||||
|
||||
|
@ -99,7 +99,7 @@ Example: `--extra-vars="postgres_dump_name=matrix-postgres-dump.sql"`
|
|||
|
||||
## Tuning PostgreSQL
|
||||
|
||||
PostgreSQL can be tuned to make it run faster. This is done by passing extra arguments to Postgres with the `matrix_postgres_process_extra_arguments` variable. You should use a website like https://pgtune.leopard.in.ua/ or information from https://wiki.postgresql.org/wiki/Tuning_Your_PostgreSQL_Server to determine what Postgres settings you should change.
|
||||
PostgreSQL can be tuned to make it run faster. This is done by passing extra arguments to Postgres with the `devture_postgres_process_extra_arguments` variable. You should use a website like https://pgtune.leopard.in.ua/ or information from https://wiki.postgresql.org/wiki/Tuning_Your_PostgreSQL_Server to determine what Postgres settings you should change.
|
||||
|
||||
**Note**: the configuration generator at https://pgtune.leopard.in.ua/ adds spaces around the `=` sign, which is invalid. You'll need to remove it manually (`max_connections = 300` -> `max_connections=300`)
|
||||
|
||||
|
@ -109,7 +109,7 @@ These are not recommended values and they may not work well for you. This is jus
|
|||
|
||||
Here is an example config for a small 2 core server with 4GB of RAM and SSD storage:
|
||||
```
|
||||
matrix_postgres_process_extra_arguments: [
|
||||
devture_postgres_process_extra_arguments: [
|
||||
"-c shared_buffers=128MB",
|
||||
"-c effective_cache_size=2304MB",
|
||||
"-c effective_io_concurrency=100",
|
||||
|
@ -120,7 +120,7 @@ matrix_postgres_process_extra_arguments: [
|
|||
|
||||
Here is an example config for a 4 core server with 8GB of RAM on a Virtual Private Server (VPS); the paramters have been configured using https://pgtune.leopard.in.ua with the following setup: PostgreSQL version 12, OS Type: Linux, DB Type: Mixed type of application, Data Storage: SSD storage:
|
||||
```
|
||||
matrix_postgres_process_extra_arguments: [
|
||||
devture_postgres_process_extra_arguments: [
|
||||
"-c max_connections=100",
|
||||
"-c shared_buffers=2GB",
|
||||
"-c effective_cache_size=6GB",
|
||||
|
@ -142,7 +142,7 @@ matrix_postgres_process_extra_arguments: [
|
|||
|
||||
Here is an example config for a large 6 core server with 24GB of RAM:
|
||||
```
|
||||
matrix_postgres_process_extra_arguments: [
|
||||
devture_postgres_process_extra_arguments: [
|
||||
"-c max_connections=40",
|
||||
"-c shared_buffers=1536MB",
|
||||
"-c checkpoint_completion_target=0.7",
|
||||
|
|
|
@ -9,7 +9,7 @@ Table of contents:
|
|||
- [Managing users via a Web UI](#managing-users-via-a-web-ui)
|
||||
- [Letting certain users register on your private server](#letting-certain-users-register-on-your-private-server)
|
||||
- [Enabling public user registration](#enabling-public-user-registration)
|
||||
- [Adding/Removing Administrator privileges to an existing user](#addingremoving-administrator-privileges-to-an-existing-user)
|
||||
- [Adding/Removing Administrator privileges to an existing Synapse user](#addingremoving-administrator-privileges-to-an-existing-synapse-user)
|
||||
|
||||
|
||||
## Registering users manually
|
||||
|
@ -23,7 +23,7 @@ ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=<your-usern
|
|||
**or** using the command-line after **SSH**-ing to your server (requires that [all services have been started](#starting-the-services)):
|
||||
|
||||
```
|
||||
/usr/local/bin/matrix-synapse-register-user <your-username> <your-password> <admin access: 0 or 1>
|
||||
/matrix/synapse/bin/register-user <your-username> <your-password> <admin access: 0 or 1>
|
||||
```
|
||||
|
||||
**Note**: `<your-username>` is just a plain username (like `john`), not your full `@<username>:<your-domain>` identifier.
|
||||
|
@ -58,13 +58,24 @@ and running the [installation](installing.md) procedure once again.
|
|||
If you're opening up registrations publicly like this, you might also wish to [configure CAPTCHA protection](configuring-captcha.md).
|
||||
|
||||
|
||||
## Adding/Removing Administrator privileges to an existing user
|
||||
## Adding/Removing Administrator privileges to an existing Synapse user
|
||||
|
||||
The script `/usr/local/bin/matrix-change-user-admin-status` may be used to change a user's admin privileges.
|
||||
|
||||
* log on to your server with ssh
|
||||
* execute with the username and 0/1 (0 = non-admin | 1 = admin)
|
||||
To change the admin privileges for a user, you need to run an SQL query like this against the `synapse` database:
|
||||
|
||||
```sql
|
||||
UPDATE users SET admin=ADMIN_VALUE WHERE name = '@USER:DOMAIN'
|
||||
```
|
||||
/usr/local/bin/matrix-change-user-admin-status <username> <0/1>
|
||||
```
|
||||
|
||||
where:
|
||||
|
||||
- `ADMIN_VALUE` being either `0` (regular user) or `1` (admin)
|
||||
- `USER` and `DOMAIN` pointing to a valid user on your server
|
||||
|
||||
If you're using the integrated Postgres server and not an [external Postgres server](configuring-playbook-external-postgres.md), you can launch a Postgres into the `synapse` database by:
|
||||
|
||||
- running `/matrix/postgres/bin/cli` - to launch [`psql`](https://www.postgresql.org/docs/current/app-psql.html)
|
||||
- running `\c synapse` - to change to the `synapse` database
|
||||
|
||||
You can then proceed to run the query above.
|
||||
|
||||
**Note**: directly modifying the raw data of Synapse (or any other software) could cause the software to break. You've been warned!
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
|
||||
## Uninstalling using a script
|
||||
|
||||
Installing places a `/usr/local/bin/matrix-remove-all` script on the server.
|
||||
Installing places a `/matrix/bin/remove-all` script on the server.
|
||||
|
||||
You can run it to to have it uninstall things for you automatically (see below). **Use with caution!**
|
||||
|
||||
|
@ -25,8 +25,6 @@ If you prefer to uninstall manually, run these commands (most are meant to be ex
|
|||
|
||||
- delete the Matrix-related systemd `.service` and `.timer` files (`rm -f /etc/systemd/system/matrix*.{service,timer}`) and reload systemd (`systemctl daemon-reload`)
|
||||
|
||||
- delete some helper scripts (`rm -f /usr/local/bin/matrix*`)
|
||||
|
||||
- delete some cached Docker images (`docker system prune -a`) or just delete them all (`docker rmi $(docker images -aq)`)
|
||||
|
||||
- delete the Docker networks: `docker network rm matrix matrix-coturn` (might have been deleted already if you ran the `docker system prune` command)
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
# Updating users passwords
|
||||
|
||||
## Option 1 (if you are using the default matrix-postgres container):
|
||||
## Option 1 (if you are using the integrated Postgres database):
|
||||
|
||||
You can reset a user's password via the Ansible playbook (make sure to edit the `<your-username>` and `<your-password>` part below):
|
||||
|
||||
|
@ -36,7 +36,7 @@ Use the Synapse User Admin API as described here: https://github.com/matrix-org/
|
|||
|
||||
This requires an [access token](obtaining-access-tokens.md) from a server admin account. *This method will also log the user out of all of their clients while the other options do not.*
|
||||
|
||||
If you didn't make your account a server admin when you created it, you can use the `/usr/local/bin/matrix-change-user-admin-status` script as described in [registering-users.md](registering-users.md).
|
||||
If you didn't make your account a server admin when you created it, you can learn how to switch it now by reading about it in [Adding/Removing Administrator privileges to an existing Synapse user](registering-users.md#addingremoving-administrator-privileges-to-an-existing-synapse-user).
|
||||
|
||||
### Example:
|
||||
To set @user:domain.com's password to `correct_horse_battery_staple` you could use this curl command:
|
||||
|
|
|
@ -35,4 +35,4 @@ matrix_ssl_lets_encrypt_support_email: ''
|
|||
#
|
||||
# The playbook creates additional Postgres users and databases (one for each enabled service)
|
||||
# using this superuser account.
|
||||
matrix_postgres_connection_password: ''
|
||||
devture_postgres_connection_password: ''
|
||||
|
|
File diff suppressed because it is too large
Load diff
|
@ -34,7 +34,9 @@
|
|||
- custom/matrix-base
|
||||
- custom/matrix-dynamic-dns
|
||||
- custom/matrix-mailer
|
||||
- custom/matrix-postgres
|
||||
|
||||
- role: galaxy/com.devture.ansible.role.postgres
|
||||
|
||||
- custom/matrix-redis
|
||||
- custom/matrix-corporal
|
||||
- custom/matrix-bridge-appservice-discord
|
||||
|
@ -78,6 +80,7 @@
|
|||
- custom/matrix-synapse-admin
|
||||
- custom/matrix-prometheus-node-exporter
|
||||
- custom/matrix-prometheus-postgres-exporter
|
||||
- custom/matrix-prometheus-nginxlog-exporter
|
||||
- custom/matrix-prometheus
|
||||
- custom/matrix-grafana
|
||||
- custom/matrix-registration
|
||||
|
@ -95,8 +98,11 @@
|
|||
- custom/matrix-nginx-proxy
|
||||
- custom/matrix-coturn
|
||||
- custom/matrix-aux
|
||||
- custom/matrix-postgres-backup
|
||||
|
||||
- role: galaxy/com.devture.ansible.role.postgres_backup
|
||||
|
||||
- custom/matrix-backup-borg
|
||||
|
||||
- custom/matrix-user-creator
|
||||
- custom/matrix-common-after
|
||||
|
||||
|
|
|
@ -18,6 +18,12 @@
|
|||
- src: git+https://github.com/devture/com.devture.ansible.role.playbook_state_preserver.git
|
||||
version: ff2fd42e1c1a9e28e3312bbd725395f9c2fc7f16
|
||||
|
||||
- src: git+https://github.com/devture/com.devture.ansible.role.postgres.git
|
||||
version: e75973e3a4edc12dfc3e880e43b12ebecbf82c61
|
||||
|
||||
- src: git+https://github.com/devture/com.devture.ansible.role.postgres_backup.git
|
||||
version: 77b1f9ae1aafa31c9078178c1036bf744c99d08b
|
||||
|
||||
- src: git+https://github.com/devture/com.devture.ansible.role.systemd_service_manager.git
|
||||
version: 6ccb88ac5fc27e1e70afcd48278ade4b564a9096
|
||||
|
||||
|
|
|
@ -37,9 +37,9 @@ matrix_backup_borg_location_source_directories: []
|
|||
|
||||
# postgres db backup
|
||||
matrix_backup_borg_postgresql_enabled: true
|
||||
matrix_backup_borg_supported_postgres_versions: ['12', '13', '14']
|
||||
matrix_backup_borg_supported_postgres_versions: ['12', '13', '14', '15']
|
||||
matrix_backup_borg_postgresql_databases: []
|
||||
matrix_backup_borg_postgresql_databases_hostname: "matrix-postgres"
|
||||
matrix_backup_borg_postgresql_databases_hostname: ''
|
||||
matrix_backup_borg_postgresql_databases_username: "matrix"
|
||||
matrix_backup_borg_postgresql_databases_password: ""
|
||||
matrix_backup_borg_postgresql_databases_port: 5432
|
||||
|
|
|
@ -5,22 +5,22 @@
|
|||
- name: Fail with matrix_backup_borg_version advice if Postgres not enabled
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You are not running a built-in Postgres server (`matrix_postgres_enabled: false`), so auto-detecting its version and setting `matrix_backup_borg_version` automatically based on that cannot happen.
|
||||
You are not running a built-in Postgres server (`devture_postgres_enabled: false`), so auto-detecting its version and setting `matrix_backup_borg_version` automatically based on that cannot happen.
|
||||
Consider setting `matrix_backup_borg_version` to your Postgres version manually.
|
||||
when: not matrix_postgres_enabled
|
||||
when: not devture_postgres_enabled
|
||||
|
||||
- ansible.builtin.import_role:
|
||||
name: custom/matrix-postgres
|
||||
- ansible.builtin.include_role:
|
||||
name: galaxy/com.devture.ansible.role.postgres
|
||||
tasks_from: detect_existing_postgres_version
|
||||
|
||||
- name: Fail if detected Postgres version is unsupported
|
||||
ansible.builtin.fail:
|
||||
msg: "You cannot use borg backup with such an old version ({{ matrix_postgres_detected_version }}) of Postgres. Consider upgrading - link to docs for upgrading Postgres: docs/maintenance-postgres.md#upgrading-postgresql"
|
||||
when: "matrix_postgres_detected_version not in matrix_backup_borg_supported_postgres_versions"
|
||||
msg: "You cannot use borg backup with such an old version ({{ devture_postgres_detected_version }}) of Postgres. Consider upgrading - link to docs for upgrading Postgres: docs/maintenance-postgres.md#upgrading-postgresql"
|
||||
when: "devture_postgres_detected_version not in matrix_backup_borg_supported_postgres_versions"
|
||||
|
||||
- name: Set the correct borg backup version to use
|
||||
ansible.builtin.set_fact:
|
||||
matrix_backup_borg_version: "{{ matrix_postgres_detected_version }}"
|
||||
matrix_backup_borg_version: "{{ devture_postgres_detected_version }}"
|
||||
|
||||
- name: Ensure borg paths exist
|
||||
ansible.builtin.file:
|
||||
|
@ -105,19 +105,3 @@
|
|||
src: "{{ role_path }}/templates/systemd/matrix-backup-borg.timer.j2"
|
||||
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-backup-borg.timer"
|
||||
mode: 0644
|
||||
register: matrix_backup_borg_systemd_timer_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-backup-borg.service installation
|
||||
ansible.builtin.service:
|
||||
daemon_reload: true
|
||||
when: "matrix_backup_borg_systemd_service_result.changed | bool"
|
||||
|
||||
- name: Ensure matrix-backup-borg.service enabled
|
||||
ansible.builtin.service:
|
||||
enabled: true
|
||||
name: matrix-backup-borg.service
|
||||
|
||||
- name: Ensure matrix-backup-borg.timer enabled
|
||||
ansible.builtin.service:
|
||||
enabled: true
|
||||
name: matrix-backup-borg.timer
|
||||
|
|
|
@ -1,12 +1,13 @@
|
|||
---
|
||||
- name: Fail if required settings not defined
|
||||
- name: Fail if required backup-borg settings not defined
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
You need to define a required configuration setting (`{{ item.name }}`).
|
||||
when: "item.when | bool and vars[item.name] == ''"
|
||||
with_items:
|
||||
- "matrix_backup_borg_ssh_key_private"
|
||||
- "matrix_backup_borg_location_repositories"
|
||||
- {'name': 'matrix_backup_borg_ssh_key_private', when: true}
|
||||
- {'name': 'matrix_backup_borg_location_repositories', when: true}
|
||||
- {'name': 'matrix_backup_borg_postgresql_databases_hostname', when: "{{ matrix_backup_borg_postgresql_enabled }}"}
|
||||
|
||||
- name: Fail if encryption passphrase is undefined unless repository is unencrypted
|
||||
ansible.builtin.fail:
|
||||
|
|
|
@ -34,7 +34,7 @@ hooks:
|
|||
hostname: {{ matrix_backup_borg_postgresql_databases_hostname|to_json }}
|
||||
username: {{ matrix_backup_borg_postgresql_databases_username|to_json }}
|
||||
password: {{ matrix_backup_borg_postgresql_databases_password|to_json }}
|
||||
port: {{ matrix_backup_borg_postgresql_databases_port|to_json }}
|
||||
port: {{ matrix_backup_borg_postgresql_databases_port | int | to_json }}
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
after_backup:
|
||||
|
|
|
@ -31,14 +31,21 @@ ExecStartPre=-{{ devture_systemd_docker_base_host_command_docker }} run --rm --n
|
|||
{{ arg }} \
|
||||
{% endfor %}
|
||||
{{ matrix_backup_borg_docker_image }} \
|
||||
sh -c "borgmatic --init --encryption {{ matrix_backup_borg_encryption }}"
|
||||
sh -c "borgmatic rcreate --encryption {{ matrix_backup_borg_encryption }}"
|
||||
|
||||
# The `CAP_DAC_OVERRIDE` capability is required, so that `root` in the container
|
||||
# can read the `/etc/borgmatic.d/config.yaml` (`{{ matrix_backup_borg_config_path }}/config.yaml`) file,
|
||||
# owned by `matrix:matrix` on the filesystem.
|
||||
#
|
||||
# `/root` is mountes as temporary filesystem, because we're using `--read-only` and because
|
||||
# Borgmatic tries to write to at least a few paths under `/root` (`.config`, `.ssh`, `.borgmatic`).
|
||||
ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-backup-borg \
|
||||
--log-driver=none \
|
||||
--cap-drop=ALL \
|
||||
--cap-add=CAP_DAC_OVERRIDE \
|
||||
--read-only \
|
||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
||||
--network={{ matrix_docker_network }} \
|
||||
--tmpfs=/root:rw,noexec,nosuid,size=100m \
|
||||
--tmpfs=/tmp:rw,noexec,nosuid,size=100m \
|
||||
--mount type=bind,src={{ matrix_backup_borg_config_path }}/passwd,dst=/etc/passwd,ro \
|
||||
--mount type=bind,src={{ matrix_backup_borg_config_path }},dst=/etc/borgmatic.d,ro \
|
||||
|
|
|
@ -117,14 +117,10 @@ matrix_user_gid: ~
|
|||
matrix_base_data_path: "/matrix"
|
||||
matrix_base_data_path_mode: "750"
|
||||
|
||||
matrix_bin_path: "{{ matrix_base_data_path }}/bin"
|
||||
|
||||
matrix_static_files_base_path: "{{ matrix_base_data_path }}/static-files"
|
||||
|
||||
# This is now unused. We keep it so that cleanup tasks can use it.
|
||||
# To be removed in the future.
|
||||
matrix_cron_path: "/etc/cron.d"
|
||||
|
||||
matrix_local_bin_path: "/usr/local/bin"
|
||||
|
||||
matrix_host_command_sleep: "/usr/bin/env sleep"
|
||||
matrix_host_command_chown: "/usr/bin/env chown"
|
||||
matrix_host_command_fusermount: "/usr/bin/env fusermount"
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
---
|
||||
|
||||
- name: Ensure Matrix base path exists
|
||||
- name: Ensure Matrix base paths exists
|
||||
ansible.builtin.file:
|
||||
path: "{{ item }}"
|
||||
state: directory
|
||||
|
@ -9,14 +9,15 @@
|
|||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- "{{ matrix_base_data_path }}"
|
||||
- "{{ matrix_bin_path }}"
|
||||
|
||||
- name: Ensure Matrix network is created in Docker
|
||||
community.docker.docker_network:
|
||||
name: "{{ matrix_docker_network }}"
|
||||
driver: bridge
|
||||
|
||||
- name: Ensure matrix-remove-all script created
|
||||
- name: Ensure remove-all script created
|
||||
ansible.builtin.template:
|
||||
src: "{{ role_path }}/templates/usr-local-bin/matrix-remove-all.j2"
|
||||
dest: "{{ matrix_local_bin_path }}/matrix-remove-all"
|
||||
src: "{{ role_path }}/templates/bin/remove-all.j2"
|
||||
dest: "{{ matrix_bin_path }}/remove-all"
|
||||
mode: 0750
|
||||
|
|
|
@ -17,6 +17,7 @@
|
|||
- {'old': 'hostname_matrix', 'new': 'matrix_server_fqn_matrix'}
|
||||
- {'old': 'hostname_riot', 'new': 'matrix_server_fqn_element'}
|
||||
- {'old': 'matrix_server_fqn_riot', 'new': 'matrix_server_fqn_element'}
|
||||
- {'old': 'matrix_local_bin_path', 'new': '<there is no global bin path anymore - each role has its own>'}
|
||||
|
||||
# We have a dedicated check for this variable, because we'd like to have a custom (friendlier) message.
|
||||
- name: Fail if matrix_homeserver_generic_secret_key is undefined
|
||||
|
|
|
@ -23,8 +23,6 @@ else
|
|||
|
||||
systemctl daemon-reload
|
||||
|
||||
echo "Remove matrix scripts"
|
||||
find {{ matrix_local_bin_path }}/ -name "matrix-*" -delete
|
||||
echo "Remove unused Docker images and resources"
|
||||
docker system prune -af
|
||||
echo "Remove Docker matrix network (should be gone already, but ..)"
|
|
@ -43,7 +43,7 @@ matrix_bot_buscarron_sqlite_database_path_in_container: "/data/bot.db"
|
|||
|
||||
matrix_bot_buscarron_database_username: 'buscarron'
|
||||
matrix_bot_buscarron_database_password: 'some-password'
|
||||
matrix_bot_buscarron_database_hostname: 'matrix-postgres'
|
||||
matrix_bot_buscarron_database_hostname: ''
|
||||
matrix_bot_buscarron_database_port: 5432
|
||||
matrix_bot_buscarron_database_name: 'buscarron'
|
||||
|
||||
|
|
|
@ -11,8 +11,11 @@
|
|||
|
||||
- when: "matrix_bot_buscarron_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
block:
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_postgres_db_migration_request:
|
||||
- ansible.builtin.include_role:
|
||||
name: galaxy/com.devture.ansible.role.postgres
|
||||
tasks_from: migrate_db_to_postgres
|
||||
vars:
|
||||
devture_postgres_db_migration_request:
|
||||
src: "{{ matrix_bot_buscarron_sqlite_database_path_local }}"
|
||||
dst: "{{ matrix_bot_buscarron_database_connection_string }}"
|
||||
caller: "{{ role_path | basename }}"
|
||||
|
@ -20,10 +23,6 @@
|
|||
engine_old: 'sqlite'
|
||||
systemd_services_to_stop: ['matrix-bot-buscarron.service']
|
||||
|
||||
- ansible.builtin.import_role:
|
||||
name: custom/matrix-postgres
|
||||
tasks_from: migrate_db_to_postgres
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_bot_buscarron_requires_restart: true
|
||||
|
||||
|
@ -89,15 +88,10 @@
|
|||
src: "{{ role_path }}/templates/systemd/matrix-bot-buscarron.service.j2"
|
||||
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-buscarron.service"
|
||||
mode: 0644
|
||||
register: matrix_bot_buscarron_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-bot-buscarron.service installation
|
||||
ansible.builtin.service:
|
||||
daemon_reload: true
|
||||
when: "matrix_bot_buscarron_systemd_service_result.changed | bool"
|
||||
|
||||
- name: Ensure matrix-bot-buscarron.service restarted, if necessary
|
||||
ansible.builtin.service:
|
||||
name: "matrix-bot-buscarron.service"
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
when: "matrix_bot_buscarron_requires_restart | bool"
|
||||
|
|
|
@ -1,9 +1,10 @@
|
|||
---
|
||||
|
||||
- name: Fail if required settings not defined
|
||||
- name: Fail if required Buscarron settings not defined
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
You need to define a required configuration setting (`{{ item.name }}`).
|
||||
when: "item.when | bool and vars[item.name] == ''"
|
||||
with_items:
|
||||
- "matrix_bot_buscarron_password"
|
||||
- {'name': 'matrix_bot_buscarron_password', when: true}
|
||||
- {'name': 'matrix_bot_buscarron_database_hostname', when: "{{ matrix_bot_buscarron_database_engine == 'postgres' }}"}
|
||||
|
|
|
@ -42,13 +42,9 @@
|
|||
mode: 0644
|
||||
register: matrix_bot_go_neb_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-bot-go-neb.service installation
|
||||
ansible.builtin.service:
|
||||
daemon_reload: true
|
||||
when: "matrix_bot_go_neb_systemd_service_result.changed | bool"
|
||||
|
||||
- name: Ensure matrix-bot-go-neb.service restarted, if necessary
|
||||
ansible.builtin.service:
|
||||
name: "matrix-bot-go-neb.service"
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
when: "matrix_bot_go_neb_requires_restart | bool"
|
||||
|
|
|
@ -43,7 +43,7 @@ matrix_bot_honoroit_sqlite_database_path_in_container: "/data/bot.db"
|
|||
|
||||
matrix_bot_honoroit_database_username: 'honoroit'
|
||||
matrix_bot_honoroit_database_password: 'some-password'
|
||||
matrix_bot_honoroit_database_hostname: 'matrix-postgres'
|
||||
matrix_bot_honoroit_database_hostname: ''
|
||||
matrix_bot_honoroit_database_port: 5432
|
||||
matrix_bot_honoroit_database_name: 'honoroit'
|
||||
|
||||
|
|
|
@ -11,8 +11,11 @@
|
|||
|
||||
- when: "matrix_bot_honoroit_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
block:
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_postgres_db_migration_request:
|
||||
- ansible.builtin.include_role:
|
||||
name: galaxy/com.devture.ansible.role.postgres
|
||||
tasks_from: migrate_db_to_postgres
|
||||
vars:
|
||||
devture_postgres_db_migration_request:
|
||||
src: "{{ matrix_bot_honoroit_sqlite_database_path_local }}"
|
||||
dst: "{{ matrix_bot_honoroit_database_connection_string }}"
|
||||
caller: "{{ role_path | basename }}"
|
||||
|
@ -20,10 +23,6 @@
|
|||
engine_old: 'sqlite'
|
||||
systemd_services_to_stop: ['matrix-bot-honoroit.service']
|
||||
|
||||
- ansible.builtin.import_role:
|
||||
name: custom/matrix-postgres
|
||||
tasks_from: migrate_db_to_postgres
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_bot_honoroit_requires_restart: true
|
||||
|
||||
|
@ -91,13 +90,9 @@
|
|||
mode: 0644
|
||||
register: matrix_bot_honoroit_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-bot-honoroit.service installation
|
||||
ansible.builtin.service:
|
||||
daemon_reload: true
|
||||
when: "matrix_bot_honoroit_systemd_service_result.changed | bool"
|
||||
|
||||
- name: Ensure matrix-bot-honoroit.service restarted, if necessary
|
||||
ansible.builtin.service:
|
||||
name: "matrix-bot-honoroit.service"
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
when: "matrix_bot_honoroit_requires_restart | bool"
|
||||
|
|
|
@ -1,10 +1,11 @@
|
|||
---
|
||||
|
||||
- name: Fail if required settings not defined
|
||||
- name: Fail if required honoroit settings not defined
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
You need to define a required configuration setting (`{{ item.name }}`).
|
||||
when: "item.when | bool and vars[item.name] == ''"
|
||||
with_items:
|
||||
- "matrix_bot_honoroit_password"
|
||||
- "matrix_bot_honoroit_roomid"
|
||||
- {'name': 'matrix_bot_honoroit_password', when: true}
|
||||
- {'name': 'matrix_bot_honoroit_roomid', when: true}
|
||||
- {'name': 'matrix_bot_honoroit_database_hostname', when: "{{ matrix_bot_honoroit_database_engine == 'postgres' }}"}
|
||||
|
|
|
@ -61,14 +61,3 @@
|
|||
src: "{{ role_path }}/templates/systemd/matrix-bot-matrix-registration-bot.service.j2"
|
||||
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-matrix-registration-bot.service"
|
||||
mode: 0644
|
||||
register: matrix_bot_matrix_registration_bot_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-bot-matrix-registration-bot.service installation
|
||||
ansible.builtin.service:
|
||||
daemon_reload: true
|
||||
when: "matrix_bot_matrix_registration_bot_systemd_service_result.changed | bool"
|
||||
|
||||
- name: Ensure matrix-bot-matrix-registration-bot.service restarted, if necessary
|
||||
ansible.builtin.service:
|
||||
name: "matrix-bot-matrix-registration-bot.service"
|
||||
state: restarted
|
||||
|
|
|
@ -44,7 +44,7 @@ matrix_bot_matrix_reminder_bot_sqlite_database_path_in_container: "/data/bot.db"
|
|||
|
||||
matrix_bot_matrix_reminder_bot_database_username: 'matrix_reminder_bot'
|
||||
matrix_bot_matrix_reminder_bot_database_password: 'some-password'
|
||||
matrix_bot_matrix_reminder_bot_database_hostname: 'matrix-postgres'
|
||||
matrix_bot_matrix_reminder_bot_database_hostname: ''
|
||||
matrix_bot_matrix_reminder_bot_database_port: 5432
|
||||
matrix_bot_matrix_reminder_bot_database_name: 'matrix_reminder_bot'
|
||||
|
||||
|
|
|
@ -12,8 +12,11 @@
|
|||
|
||||
- when: "matrix_bot_matrix_reminder_bot_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
block:
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_postgres_db_migration_request:
|
||||
- ansible.builtin.include_role:
|
||||
name: galaxy/com.devture.ansible.role.postgres
|
||||
tasks_from: migrate_db_to_postgres
|
||||
vars:
|
||||
devture_postgres_db_migration_request:
|
||||
src: "{{ matrix_bot_matrix_reminder_bot_sqlite_database_path_local }}"
|
||||
dst: "{{ matrix_bot_matrix_reminder_bot_database_connection_string }}"
|
||||
caller: "{{ role_path | basename }}"
|
||||
|
@ -21,10 +24,6 @@
|
|||
engine_old: 'sqlite'
|
||||
systemd_services_to_stop: ['matrix-bot-matrix-reminder-bot.service']
|
||||
|
||||
- ansible.builtin.import_role:
|
||||
name: custom/matrix-postgres
|
||||
tasks_from: migrate_db_to_postgres
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_bot_matrix_reminder_bot_requires_restart: true
|
||||
|
||||
|
@ -92,13 +91,9 @@
|
|||
mode: 0644
|
||||
register: matrix_bot_matrix_reminder_bot_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-bot-matrix-reminder-bot.service installation
|
||||
ansible.builtin.service:
|
||||
daemon_reload: true
|
||||
when: "matrix_bot_matrix_reminder_bot_systemd_service_result.changed | bool"
|
||||
|
||||
- name: Ensure matrix-bot-matrix-reminder-bot.service restarted, if necessary
|
||||
ansible.builtin.service:
|
||||
name: "matrix-bot-matrix-reminder-bot.service"
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
when: "matrix_bot_matrix_reminder_bot_requires_restart | bool"
|
||||
|
|
|
@ -1,15 +1,16 @@
|
|||
---
|
||||
|
||||
- name: Fail if required settings not defined
|
||||
- name: Fail if required matrix-reminder-bot settings not defined
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
when: "item.when | bool and vars[item.name] == ''"
|
||||
with_items:
|
||||
- "matrix_bot_matrix_reminder_bot_matrix_user_password"
|
||||
- "matrix_bot_matrix_reminder_bot_reminders_timezone"
|
||||
- {'name': 'matrix_bot_matrix_reminder_bot_matrix_user_password', when: true}
|
||||
- {'name': 'matrix_bot_matrix_reminder_bot_reminders_timezone', when: true}
|
||||
- {'name': 'matrix_bot_matrix_reminder_bot_database_hostname', when: "{{ matrix_bot_matrix_reminder_bot_database_engine == 'postgres' }}"}
|
||||
|
||||
- name: (Deprecation) Catch and report renamed settings
|
||||
- name: (Deprecation) Catch and report renamed matrix-reminder-bot settings
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
Your configuration contains a variable, which now has a different name.
|
||||
|
|
|
@ -27,7 +27,7 @@ matrix_bot_maubot_sqlite_database_path_in_container: "/data/maubot.db"
|
|||
|
||||
matrix_bot_maubot_database_username: matrix_bot_maubot
|
||||
matrix_bot_maubot_database_password: ~
|
||||
matrix_bot_maubot_database_hostname: 'matrix-postgres'
|
||||
matrix_bot_maubot_database_hostname: ''
|
||||
matrix_bot_maubot_database_port: 5432
|
||||
matrix_bot_maubot_database_name: matrix_bot_maubot
|
||||
|
||||
|
|
|
@ -65,9 +65,3 @@
|
|||
src: "{{ role_path }}/templates/systemd/matrix-bot-maubot.service.j2"
|
||||
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-maubot.service"
|
||||
mode: 0644
|
||||
register: matrix_bot_maubot_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-bot-maubot.service installation
|
||||
ansible.builtin.service:
|
||||
daemon_reload: true
|
||||
when: "matrix_bot_maubot_systemd_service_result.changed|bool"
|
||||
|
|
|
@ -1,10 +1,11 @@
|
|||
---
|
||||
|
||||
- name: Fail if required settings not defined
|
||||
- name: Fail if required maubot settings not defined
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
You need to define a required configuration setting (`{{ item.name }}`).
|
||||
when: "item.when | bool and vars[item.name] == ''"
|
||||
with_items:
|
||||
- matrix_bot_maubot_unshared_secret
|
||||
- matrix_bot_maubot_admins
|
||||
- {'name': 'matrix_bot_maubot_unshared_secret', when: true}
|
||||
- {'name': 'matrix_bot_maubot_admins', when: true}
|
||||
- {'name': 'matrix_bot_maubot_database_hostname', when: "{{ matrix_bot_maubot_database_engine == 'postgres' }}"}
|
||||
|
|
|
@ -66,13 +66,9 @@
|
|||
mode: 0644
|
||||
register: matrix_bot_mjolnir_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-bot-mjolnir.service installation
|
||||
ansible.builtin.service:
|
||||
daemon_reload: true
|
||||
when: "matrix_bot_mjolnir_systemd_service_result.changed | bool"
|
||||
|
||||
- name: Ensure matrix-bot-mjolnir.service restarted, if necessary
|
||||
ansible.builtin.service:
|
||||
name: "matrix-bot-mjolnir.service"
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
when: "matrix_bot_mjolnir_requires_restart | bool"
|
||||
|
|
|
@ -9,7 +9,7 @@ matrix_bot_postmoogle_docker_repo: "https://gitlab.com/etke.cc/postmoogle.git"
|
|||
matrix_bot_postmoogle_docker_repo_version: "{{ 'main' if matrix_bot_postmoogle_version == 'latest' else matrix_bot_postmoogle_version }}"
|
||||
matrix_bot_postmoogle_docker_src_files_path: "{{ matrix_base_data_path }}/postmoogle/docker-src"
|
||||
|
||||
matrix_bot_postmoogle_version: v0.9.9
|
||||
matrix_bot_postmoogle_version: v0.9.10
|
||||
matrix_bot_postmoogle_docker_image: "{{ matrix_bot_postmoogle_docker_image_name_prefix }}postmoogle:{{ matrix_bot_postmoogle_version }}"
|
||||
matrix_bot_postmoogle_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_postmoogle_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}"
|
||||
matrix_bot_postmoogle_docker_image_force_pull: "{{ matrix_bot_postmoogle_docker_image.endswith(':latest') }}"
|
||||
|
@ -42,7 +42,7 @@ matrix_bot_postmoogle_sqlite_database_path_in_container: "/data/bot.db"
|
|||
|
||||
matrix_bot_postmoogle_database_username: 'postmoogle'
|
||||
matrix_bot_postmoogle_database_password: 'some-password'
|
||||
matrix_bot_postmoogle_database_hostname: 'matrix-postgres'
|
||||
matrix_bot_postmoogle_database_hostname: ''
|
||||
matrix_bot_postmoogle_database_port: 5432
|
||||
matrix_bot_postmoogle_database_name: 'postmoogle'
|
||||
|
||||
|
@ -78,18 +78,6 @@ matrix_bot_postmoogle_prefix: '!pm'
|
|||
# Max email size in megabytes, including attachments
|
||||
matrix_bot_postmoogle_maxsize: '1024'
|
||||
|
||||
# DEPRECATED, use !pm users instead
|
||||
# A list of whitelisted users allowed to use the bridge.
|
||||
# If not defined, everyone is allowed.
|
||||
# Example set of rules:
|
||||
# matrix_bot_postmoogle_users:
|
||||
# - @someone:example.com
|
||||
# - @another:example.com
|
||||
# - @bot.*:example.com
|
||||
# - @*:another.com
|
||||
matrix_bot_postmoogle_users:
|
||||
- "@*:{{ matrix_domain }}"
|
||||
|
||||
# A list of admins
|
||||
# Example set of rules:
|
||||
# matrix_bot_postmoogle_admins:
|
||||
|
@ -99,9 +87,17 @@ matrix_bot_postmoogle_users:
|
|||
# - @*:another.com
|
||||
matrix_bot_postmoogle_admins: "{{ [matrix_admin] if matrix_admin else [] }}"
|
||||
|
||||
# Sentry DSN
|
||||
# Sentry DSN. Deprecated, use matrix_bot_postmoogle_monitoring_sentry_dsn
|
||||
matrix_bot_postmoogle_sentry: ''
|
||||
|
||||
# Sentry integration
|
||||
matrix_bot_postmoogle_monitoring_sentry_dsn: "{{ matrix_bot_postmoogle_sentry }}"
|
||||
matrix_bot_postmoogle_monitoring_sentry_rate: 20
|
||||
|
||||
# healthchecks.io integration
|
||||
matrix_bot_postmoogle_monitoring_healthchecks_uuid: ''
|
||||
matrix_bot_postmoogle_monitoring_healthchecks_duration: 60
|
||||
|
||||
# Log level
|
||||
matrix_bot_postmoogle_loglevel: 'INFO'
|
||||
|
||||
|
@ -147,6 +143,15 @@ matrix_bot_postmoogle_tls_key: ""
|
|||
# Mandatory TLS, even on plain SMTP port
|
||||
matrix_bot_postmoogle_tls_required: false
|
||||
|
||||
# trusted proxies
|
||||
matrix_bot_postmoogle_proxies: []
|
||||
|
||||
# reserved mailboxes
|
||||
matrix_bot_postmoogle_mailboxes_reserved: []
|
||||
|
||||
# mailbox activation flow
|
||||
matrix_bot_postmoogle_mailboxes_activation: none
|
||||
|
||||
# Additional environment variables to pass to the postmoogle container
|
||||
#
|
||||
# Example:
|
||||
|
|
|
@ -8,8 +8,11 @@
|
|||
|
||||
- when: "matrix_bot_postmoogle_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
block:
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_postgres_db_migration_request:
|
||||
- ansible.builtin.include_role:
|
||||
name: galaxy/com.devture.ansible.role.postgres
|
||||
tasks_from: migrate_db_to_postgres
|
||||
vars:
|
||||
devture_postgres_db_migration_request:
|
||||
src: "{{ matrix_bot_postmoogle_sqlite_database_path_local }}"
|
||||
dst: "{{ matrix_bot_postmoogle_database_connection_string }}"
|
||||
caller: "{{ role_path | basename }}"
|
||||
|
@ -17,10 +20,6 @@
|
|||
engine_old: 'sqlite'
|
||||
systemd_services_to_stop: ['matrix-bot-postmoogle.service']
|
||||
|
||||
- ansible.builtin.import_role:
|
||||
name: custom/matrix-postgres
|
||||
tasks_from: migrate_db_to_postgres
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_bot_postmoogle_requires_restart: true
|
||||
|
||||
|
@ -86,8 +85,3 @@
|
|||
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-postmoogle.service"
|
||||
mode: 0644
|
||||
register: matrix_bot_postmoogle_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-bot-postmoogle.service installation
|
||||
ansible.builtin.service:
|
||||
daemon_reload: true
|
||||
when: "matrix_bot_postmoogle_systemd_service_result.changed | bool"
|
||||
|
|
|
@ -1,9 +1,10 @@
|
|||
---
|
||||
|
||||
- name: Fail if required settings not defined
|
||||
- name: Fail if required Postmoogle settings not defined
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
You need to define a required configuration setting (`{{ item.name }}`).
|
||||
when: "item.when | bool and vars[item.name] == ''"
|
||||
with_items:
|
||||
- "matrix_bot_postmoogle_password"
|
||||
- {'name': 'matrix_bot_postmoogle_password', when: true}
|
||||
- {'name': 'matrix_bot_postmoogle_database_hostname', when: "{{ matrix_bot_postmoogle_database_engine == 'postgres' }}"}
|
||||
|
|
|
@ -7,7 +7,6 @@ POSTMOOGLE_DB_DSN={{ matrix_bot_postmoogle_database_connection_string }}
|
|||
POSTMOOGLE_DB_DIALECT={{ matrix_bot_postmoogle_database_dialect }}
|
||||
POSTMOOGLE_PREFIX={{ matrix_bot_postmoogle_prefix }}
|
||||
POSTMOOGLE_MAXSIZE={{ matrix_bot_postmoogle_maxsize }}
|
||||
POSTMOOGLE_SENTRY={{ matrix_bot_postmoogle_sentry }}
|
||||
POSTMOOGLE_LOGLEVEL={{ matrix_bot_postmoogle_loglevel }}
|
||||
POSTMOOGLE_NOENCRYPTION={{ matrix_bot_postmoogle_noencryption }}
|
||||
POSTMOOGLE_ADMINS={{ matrix_bot_postmoogle_admins | join(' ') }}
|
||||
|
@ -16,5 +15,12 @@ POSTMOOGLE_TLS_CERT={{ matrix_bot_postmoogle_tls_cert }}
|
|||
POSTMOOGLE_TLS_KEY={{ matrix_bot_postmoogle_tls_key }}
|
||||
POSTMOOGLE_TLS_REQUIRED={{ matrix_bot_postmoogle_tls_required }}
|
||||
POSTMOOGLE_DATA_SECRET={{ matrix_bot_postmoogle_data_secret }}
|
||||
POSTMOOGLE_PROXIES={{ matrix_bot_postmoogle_proxies | join(' ') }}
|
||||
POSTMOOGLE_MONITORING_SENTRY_DSN={{ matrix_bot_postmoogle_monitoring_sentry_dsn }}
|
||||
POSTMOOGLE_MONITORING_SENTRY_RATE={{ matrix_bot_postmoogle_monitoring_sentry_rate }}
|
||||
POSTMOOGLE_MONITORING_HEALTHCHECKS_UUID={{ matrix_bot_postmoogle_monitoring_healthchecks_uuid }}
|
||||
POSTMOOGLE_MONITORING_HEALTHCHECKS_DURATION={{ matrix_bot_postmoogle_monitoring_healthchecks_duration }}
|
||||
POSTMOOGLE_MAILBOXES_RESERVED={{ matrix_bot_postmoogle_mailboxes_reserved | join(' ') }}
|
||||
POSTMOOGLE_MAILBOXES_ACTIVATION={{ matrix_bot_postmoogle_mailboxes_activation }}
|
||||
|
||||
{{ matrix_bot_postmoogle_environment_variables_extension }}
|
||||
|
|
|
@ -60,7 +60,7 @@ matrix_appservice_discord_sqlite_database_path_in_container: "/data/discord.db"
|
|||
|
||||
matrix_appservice_discord_database_username: 'matrix_appservice_discord'
|
||||
matrix_appservice_discord_database_password: 'some-password'
|
||||
matrix_appservice_discord_database_hostname: 'matrix-postgres'
|
||||
matrix_appservice_discord_database_hostname: ''
|
||||
matrix_appservice_discord_database_port: 5432
|
||||
matrix_appservice_discord_database_name: 'matrix_appservice_discord'
|
||||
|
||||
|
|
|
@ -12,8 +12,11 @@
|
|||
|
||||
- when: "matrix_appservice_discord_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
block:
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_postgres_db_migration_request:
|
||||
- ansible.builtin.include_role:
|
||||
name: galaxy/com.devture.ansible.role.postgres
|
||||
tasks_from: migrate_db_to_postgres
|
||||
vars:
|
||||
devture_postgres_db_migration_request:
|
||||
src: "{{ matrix_appservice_discord_sqlite_database_path_local }}"
|
||||
dst: "{{ matrix_appservice_discord_database_connString }}"
|
||||
caller: "{{ role_path | basename }}"
|
||||
|
@ -21,10 +24,6 @@
|
|||
engine_old: 'sqlite'
|
||||
systemd_services_to_stop: ['matrix-appservice-discord.service']
|
||||
|
||||
- ansible.builtin.import_role:
|
||||
name: custom/matrix-postgres
|
||||
tasks_from: migrate_db_to_postgres
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_appservice_discord_requires_restart: true
|
||||
|
||||
|
@ -109,13 +108,9 @@
|
|||
mode: 0644
|
||||
register: matrix_appservice_discord_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-appservice-discord.service installation
|
||||
ansible.builtin.service:
|
||||
daemon_reload: true
|
||||
when: "matrix_appservice_discord_systemd_service_result.changed"
|
||||
|
||||
- name: Ensure matrix-appservice-discord.service restarted, if necessary
|
||||
ansible.builtin.service:
|
||||
name: "matrix-appservice-discord.service"
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
when: "matrix_appservice_discord_requires_restart | bool"
|
||||
|
|
|
@ -1,16 +1,17 @@
|
|||
---
|
||||
|
||||
- name: Fail if required settings not defined
|
||||
- name: Fail if required appservice-discord settings not defined
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
You need to define a required configuration setting (`{{ item.name }}`).
|
||||
when: "item.when | bool and vars[item.name] == ''"
|
||||
with_items:
|
||||
- "matrix_appservice_discord_client_id"
|
||||
- "matrix_appservice_discord_bot_token"
|
||||
- "matrix_appservice_discord_appservice_token"
|
||||
- "matrix_appservice_discord_homeserver_token"
|
||||
- "matrix_appservice_discord_homeserver_domain"
|
||||
- {'name': 'matrix_appservice_discord_client_id', when: true}
|
||||
- {'name': 'matrix_appservice_discord_bot_token', when: true}
|
||||
- {'name': 'matrix_appservice_discord_appservice_token', when: true}
|
||||
- {'name': 'matrix_appservice_discord_homeserver_token', when: true}
|
||||
- {'name': 'matrix_appservice_discord_homeserver_domain', when: true}
|
||||
- {'name': 'matrix_appservice_discord_database_hostname', when: "{{ matrix_appservice_discord_database_engine == 'postgres' }}"}
|
||||
|
||||
- name: (Deprecation) Catch and report renamed appservice-discord variables
|
||||
ansible.builtin.fail:
|
||||
|
|
|
@ -29,8 +29,8 @@ matrix_appservice_irc_appservice_address: 'http://matrix-appservice-irc:9999'
|
|||
|
||||
matrix_appservice_irc_database_engine: nedb
|
||||
matrix_appservice_irc_database_username: matrix_appservice_irc
|
||||
matrix_appservice_irc_database_password: ~
|
||||
matrix_appservice_irc_database_hostname: 'matrix-postgres'
|
||||
matrix_appservice_irc_database_password: 'some-password'
|
||||
matrix_appservice_irc_database_hostname: ''
|
||||
matrix_appservice_irc_database_port: 5432
|
||||
matrix_appservice_irc_database_name: matrix_appservice_irc
|
||||
|
||||
|
|
|
@ -2,8 +2,8 @@
|
|||
|
||||
- name: Fail if Postgres not enabled
|
||||
ansible.builtin.fail:
|
||||
msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot migrate."
|
||||
when: "not matrix_postgres_enabled | bool"
|
||||
msg: "Postgres via the com.devture.ansible.role.postgres role is not enabled (`devture_postgres_enabled`). Cannot migrate."
|
||||
when: "not devture_postgres_enabled | bool"
|
||||
|
||||
# Defaults
|
||||
|
||||
|
@ -14,19 +14,19 @@
|
|||
|
||||
# Actual import work
|
||||
|
||||
- name: Ensure matrix-postgres is started
|
||||
- name: Ensure Postgres is started
|
||||
ansible.builtin.service:
|
||||
name: matrix-postgres
|
||||
name: "{{ devture_postgres_identifier }}"
|
||||
state: started
|
||||
daemon_reload: true
|
||||
register: matrix_postgres_service_start_result
|
||||
register: postgres_service_start_result
|
||||
|
||||
- name: Wait a bit, so that Postgres can start
|
||||
ansible.builtin.wait_for:
|
||||
timeout: "{{ postgres_start_wait_time }}"
|
||||
delegate_to: 127.0.0.1
|
||||
become: false
|
||||
when: "matrix_postgres_service_start_result.changed | bool"
|
||||
when: postgres_service_start_result.changed | bool
|
||||
|
||||
- name: Check existence of matrix-appservice-irc service
|
||||
ansible.builtin.stat:
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
---
|
||||
|
||||
- ansible.builtin.import_role:
|
||||
- ansible.builtin.include_role:
|
||||
name: custom/matrix-base
|
||||
tasks_from: ensure_openssl_installed
|
||||
|
||||
|
@ -199,13 +199,9 @@
|
|||
mode: 0644
|
||||
register: matrix_appservice_irc_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-appservice-irc.service installation
|
||||
ansible.builtin.service:
|
||||
daemon_reload: true
|
||||
when: "matrix_appservice_irc_systemd_service_result.changed"
|
||||
|
||||
- name: Ensure matrix-appservice-irc.service restarted, if necessary
|
||||
ansible.builtin.service:
|
||||
name: "matrix-appservice-irc.service"
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
when: "matrix_appservice_irc_requires_restart | bool"
|
||||
|
|
|
@ -3,11 +3,12 @@
|
|||
- name: Fail if required settings not defined
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
You need to define a required configuration setting (`{{ item.name }}`).
|
||||
when: "item.when | bool and vars[item.name] == ''"
|
||||
with_items:
|
||||
- "matrix_appservice_irc_appservice_token"
|
||||
- "matrix_appservice_irc_homeserver_token"
|
||||
- {'name': 'matrix_appservice_irc_appservice_token', when: true}
|
||||
- {'name': 'matrix_appservice_irc_homeserver_token', when: true}
|
||||
- {'name': 'matrix_appservice_irc_database_hostname', when: "{{ matrix_appservice_irc_database_engine == 'postgres' }}"}
|
||||
|
||||
# Our base configuration (`matrix_appservice_irc_configuration_yaml`) is not enough to
|
||||
# let the playbook run without errors.
|
||||
|
|
|
@ -90,7 +90,7 @@ matrix_appservice_kakaotalk_sqlite_database_path_in_container: "/data/appservice
|
|||
|
||||
matrix_appservice_kakaotalk_database_username: 'matrix_appservice_kakaotalk'
|
||||
matrix_appservice_kakaotalk_database_password: 'some-password'
|
||||
matrix_appservice_kakaotalk_database_hostname: 'matrix-postgres'
|
||||
matrix_appservice_kakaotalk_database_hostname: ''
|
||||
matrix_appservice_kakaotalk_database_port: 5432
|
||||
matrix_appservice_kakaotalk_database_name: 'matrix_appservice_kakaotalk'
|
||||
|
||||
|
|
|
@ -109,9 +109,3 @@
|
|||
src: "{{ role_path }}/templates/systemd/matrix-appservice-kakaotalk.service.j2"
|
||||
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-kakaotalk.service"
|
||||
mode: 0644
|
||||
register: matrix_appservice_kakaotalk_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-appservice-kakaotalk.service or matrix-appservice-kakaotalk-node.service installation
|
||||
ansible.builtin.service:
|
||||
daemon_reload: true
|
||||
when: matrix_appservice_kakaotalk_node_systemd_service_result.changed or matrix_appservice_kakaotalk_systemd_service_result.changed
|
||||
|
|
|
@ -1,10 +1,11 @@
|
|||
---
|
||||
|
||||
- name: Fail if required settings not defined
|
||||
- name: Fail if required appservice-kakaotalk settings not defined
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
You need to define a required configuration setting (`{{ item.name }}`).
|
||||
when: "item.when | bool and vars[item.name] == ''"
|
||||
with_items:
|
||||
- "matrix_appservice_kakaotalk_appservice_token"
|
||||
- "matrix_appservice_kakaotalk_homeserver_token"
|
||||
- {'name': 'matrix_appservice_kakaotalk_appservice_token', when: true}
|
||||
- {'name': 'matrix_appservice_kakaotalk_homeserver_token', when: true}
|
||||
- {'name': 'matrix_appservice_kakaotalk_database_hostname', when: "{{ matrix_appservice_kakaotalk_database_engine == 'postgres' }}"}
|
||||
|
|
|
@ -11,7 +11,7 @@ matrix_appservice_slack_docker_src_files_path: "{{ matrix_base_data_path }}/apps
|
|||
|
||||
# matrix_appservice_slack_version used to contain the full Docker image tag (e.g. `release-X.X.X`).
|
||||
# It's a bare version number now. We try to somewhat retain compatibility below.
|
||||
matrix_appservice_slack_version: 2.0.1
|
||||
matrix_appservice_slack_version: 2.0.2
|
||||
matrix_appservice_slack_docker_image: "{{ matrix_container_global_registry_prefix }}matrixdotorg/matrix-appservice-slack:{{ matrix_appservice_slack_docker_image_tag }}"
|
||||
matrix_appservice_slack_docker_image_tag: "{{ 'latest' if matrix_appservice_slack_version == 'latest' else ('release-' + matrix_appservice_slack_version) }}"
|
||||
matrix_appservice_slack_docker_image_force_pull: "{{ matrix_appservice_slack_docker_image.endswith(':latest') }}"
|
||||
|
@ -57,8 +57,8 @@ matrix_appservice_slack_id_token: ''
|
|||
|
||||
matrix_appservice_slack_database_engine: nedb
|
||||
matrix_appservice_slack_database_username: matrix_appservice_slack
|
||||
matrix_appservice_slack_database_password: ~
|
||||
matrix_appservice_slack_database_hostname: 'matrix-postgres'
|
||||
matrix_appservice_slack_database_password: 'some-passsword'
|
||||
matrix_appservice_slack_database_hostname: ''
|
||||
matrix_appservice_slack_database_port: 5432
|
||||
matrix_appservice_slack_database_name: matrix_appservice_slack
|
||||
|
||||
|
|
|
@ -2,8 +2,8 @@
|
|||
|
||||
- name: Fail if Postgres not enabled
|
||||
ansible.builtin.fail:
|
||||
msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot migrate."
|
||||
when: "not matrix_postgres_enabled | bool"
|
||||
msg: "Postgres via the com.devture.ansible.role.postgres role is not enabled (`devture_postgres_enabled`). Cannot migrate."
|
||||
when: "not devture_postgres_enabled | bool"
|
||||
|
||||
# Defaults
|
||||
|
||||
|
@ -14,19 +14,19 @@
|
|||
|
||||
# Actual import work
|
||||
|
||||
- name: Ensure matrix-postgres is started
|
||||
- name: Ensure Postgres is started
|
||||
ansible.builtin.service:
|
||||
name: matrix-postgres
|
||||
name: "{{ devture_postgres_identifier }}"
|
||||
state: started
|
||||
daemon_reload: true
|
||||
register: matrix_postgres_service_start_result
|
||||
register: postgres_service_start_result
|
||||
|
||||
- name: Wait a bit, so that Postgres can start
|
||||
ansible.builtin.wait_for:
|
||||
timeout: "{{ postgres_start_wait_time }}"
|
||||
delegate_to: 127.0.0.1
|
||||
become: false
|
||||
when: "matrix_postgres_service_start_result.changed | bool"
|
||||
when: "postgres_service_start_result.changed | bool"
|
||||
|
||||
- name: Ensure matrix-appservice-slack is stopped
|
||||
ansible.builtin.service:
|
||||
|
|
|
@ -87,15 +87,10 @@
|
|||
src: "{{ role_path }}/templates/systemd/matrix-appservice-slack.service.j2"
|
||||
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-slack.service"
|
||||
mode: 0644
|
||||
register: matrix_appservice_slack_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-appservice-slack.service installation
|
||||
ansible.builtin.service:
|
||||
daemon_reload: true
|
||||
when: "matrix_appservice_slack_systemd_service_result.changed"
|
||||
|
||||
- name: Ensure matrix-appservice-slack.service restarted, if necessary
|
||||
ansible.builtin.service:
|
||||
name: "matrix-appservice-slack.service"
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
when: "matrix_appservice_slack_requires_restart | bool"
|
||||
|
|
|
@ -1,16 +1,17 @@
|
|||
---
|
||||
|
||||
- name: Fail if required settings not defined
|
||||
- name: Fail if required appservice-slack settings not defined
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
You need to define a required configuration setting (`{{ item.name }}`).
|
||||
when: "item.when | bool and vars[item.name] == ''"
|
||||
with_items:
|
||||
- "matrix_appservice_slack_control_room_id"
|
||||
- "matrix_appservice_slack_appservice_token"
|
||||
- "matrix_appservice_slack_homeserver_url"
|
||||
- "matrix_appservice_slack_homeserver_token"
|
||||
- "matrix_appservice_slack_id_token"
|
||||
- {'name': 'matrix_appservice_slack_control_room_id', when: true}
|
||||
- {'name': 'matrix_appservice_slack_appservice_token', when: true}
|
||||
- {'name': 'matrix_appservice_slack_homeserver_url', when: true}
|
||||
- {'name': 'matrix_appservice_slack_homeserver_token', when: true}
|
||||
- {'name': 'matrix_appservice_slack_id_token', when: true}
|
||||
- {'name': 'matrix_appservice_slack_database_hostname', when: "{{ matrix_appservice_slack_database_engine == 'postgres' }}"}
|
||||
|
||||
- name: (Deprecation) Catch and report renamed settings
|
||||
ansible.builtin.fail:
|
||||
|
|
|
@ -86,9 +86,3 @@
|
|||
src: "{{ role_path }}/templates/systemd/matrix-appservice-webhooks.service.j2"
|
||||
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-webhooks.service"
|
||||
mode: 0644
|
||||
register: matrix_appservice_webhooks_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-appservice-webhooks.service installation
|
||||
ansible.builtin.service:
|
||||
daemon_reload: true
|
||||
when: "matrix_appservice_webhooks_systemd_service_result.changed"
|
||||
|
|
|
@ -55,8 +55,8 @@ matrix_beeper_linkedin_appservice_bot_username: linkedinbot
|
|||
matrix_beeper_linkedin_database_engine: "postgres"
|
||||
|
||||
matrix_beeper_linkedin_database_username: 'matrix_beeper_linkedin'
|
||||
matrix_beeper_linkedin_database_password: ""
|
||||
matrix_beeper_linkedin_database_hostname: 'matrix-postgres'
|
||||
matrix_beeper_linkedin_database_password: 'some-password'
|
||||
matrix_beeper_linkedin_database_hostname: ''
|
||||
matrix_beeper_linkedin_database_port: 5432
|
||||
matrix_beeper_linkedin_database_name: 'matrix_beeper_linkedin'
|
||||
|
||||
|
|
|
@ -88,9 +88,3 @@
|
|||
src: "{{ role_path }}/templates/systemd/matrix-beeper-linkedin.service.j2"
|
||||
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-beeper-linkedin.service"
|
||||
mode: 0644
|
||||
register: matrix_beeper_linkedin_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-beeper-linkedin.service installation
|
||||
ansible.builtin.service:
|
||||
daemon_reload: true
|
||||
when: "matrix_beeper_linkedin_systemd_service_result.changed"
|
||||
|
|
|
@ -1,10 +1,11 @@
|
|||
---
|
||||
|
||||
- name: Fail if required settings not defined
|
||||
- name: Fail if required beeper-linkedin settings not defined
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
You need to define a required configuration setting (`{{ item.name }}`).
|
||||
when: "item.when | bool and vars[item.name] == ''"
|
||||
with_items:
|
||||
- "matrix_beeper_linkedin_appservice_token"
|
||||
- "matrix_beeper_linkedin_homeserver_token"
|
||||
- {'name': 'matrix_beeper_linkedin_appservice_token', when: true}
|
||||
- {'name': 'matrix_beeper_linkedin_homeserver_token', when: true}
|
||||
- {'name': 'matrix_beeper_linkedin_database_hostname', when: "{{ matrix_beeper_linkedin_database_engine == 'postgres' }}"}
|
||||
|
|
|
@ -56,7 +56,7 @@ matrix_go_skype_bridge_sqlite_database_path_in_container: "/data/go-skype-bridge
|
|||
|
||||
matrix_go_skype_bridge_database_username: 'matrix_go_skype_bridge'
|
||||
matrix_go_skype_bridge_database_password: 'some-password'
|
||||
matrix_go_skype_bridge_database_hostname: 'matrix-postgres'
|
||||
matrix_go_skype_bridge_database_hostname: ''
|
||||
matrix_go_skype_bridge_database_port: 5432
|
||||
matrix_go_skype_bridge_database_name: 'matrix_go_skype_bridge'
|
||||
|
||||
|
|
|
@ -12,8 +12,11 @@
|
|||
|
||||
- when: "matrix_go_skype_bridge_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
block:
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_postgres_db_migration_request:
|
||||
- ansible.builtin.include_role:
|
||||
name: galaxy/com.devture.ansible.role.postgres
|
||||
tasks_from: migrate_db_to_postgres
|
||||
vars:
|
||||
devture_postgres_db_migration_request:
|
||||
src: "{{ matrix_go_skype_bridge_sqlite_database_path_local }}"
|
||||
dst: "{{ matrix_go_skype_bridge_database_connection_string }}"
|
||||
caller: "{{ role_path | basename }}"
|
||||
|
@ -22,10 +25,6 @@
|
|||
systemd_services_to_stop: ['matrix-go-skype-bridge.service']
|
||||
pgloader_options: ['--with "quote identifiers"']
|
||||
|
||||
- ansible.builtin.import_role:
|
||||
name: custom/matrix-postgres
|
||||
tasks_from: migrate_db_to_postgres
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_go_skype_bridge_requires_restart: true
|
||||
|
||||
|
@ -128,13 +127,9 @@
|
|||
mode: 0644
|
||||
register: matrix_go_skype_bridge_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-go-skype-bridge.service installation
|
||||
ansible.builtin.service:
|
||||
daemon_reload: true
|
||||
when: "matrix_go_skype_bridge_systemd_service_result.changed"
|
||||
|
||||
- name: Ensure matrix-go-skype-bridge.service restarted, if necessary
|
||||
ansible.builtin.service:
|
||||
name: "matrix-go-skype-bridge.service"
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
when: "matrix_go_skype_bridge_requires_restart | bool"
|
||||
|
|
|
@ -1,10 +1,11 @@
|
|||
---
|
||||
|
||||
- name: Fail if required settings not defined
|
||||
- name: Fail if required go-skype-bridge settings not defined
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
You need to define a required configuration setting (`{{ item.name }}`).
|
||||
when: "item.when | bool and vars[item.name] == ''"
|
||||
with_items:
|
||||
- "matrix_go_skype_bridge_appservice_token"
|
||||
- "matrix_go_skype_bridge_homeserver_token"
|
||||
- {'name': 'matrix_go_skype_bridge_appservice_token', when: true}
|
||||
- {'name': 'matrix_go_skype_bridge_homeserver_token', when: true}
|
||||
- {'name': 'matrix_go_skype_bridge_database_hostname', when: "{{ matrix_go_skype_bridge_database_engine == 'postgres' }}"}
|
||||
|
|
|
@ -34,9 +34,3 @@
|
|||
src: "{{ role_path }}/templates/systemd/matrix-heisenbridge.service.j2"
|
||||
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-heisenbridge.service"
|
||||
mode: 0644
|
||||
register: matrix_heisenbridge_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-heisenbridge.service installation
|
||||
ansible.builtin.service:
|
||||
daemon_reload: true
|
||||
when: matrix_heisenbridge_systemd_service_result.changed
|
||||
|
|
|
@ -10,7 +10,7 @@ matrix_hookshot_container_image_self_build: false
|
|||
matrix_hookshot_container_image_self_build_repo: "https://github.com/matrix-org/matrix-hookshot.git"
|
||||
matrix_hookshot_container_image_self_build_branch: "{{ 'main' if matrix_hookshot_version == 'latest' else matrix_hookshot_version }}"
|
||||
|
||||
matrix_hookshot_version: 2.4.0
|
||||
matrix_hookshot_version: 2.5.0
|
||||
|
||||
matrix_hookshot_docker_image: "{{ matrix_hookshot_docker_image_name_prefix }}halfshot/matrix-hookshot:{{ matrix_hookshot_version }}"
|
||||
matrix_hookshot_docker_image_name_prefix: "{{ 'localhost/' if matrix_hookshot_container_image_self_build else matrix_container_global_registry_prefix }}"
|
||||
|
@ -52,7 +52,7 @@ matrix_hookshot_webhook_endpoint: "{{ matrix_hookshot_public_endpoint }}/webhook
|
|||
# You need to create a GitHub app to enable this and fill in the empty variables below
|
||||
# https://matrix-org.github.io/matrix-hookshot/setup/github.html
|
||||
matrix_hookshot_github_enabled: false
|
||||
matrix_hookshot_github_appid: ''
|
||||
matrix_hookshot_github_auth_id: ''
|
||||
# Set this variable to the contents of the generated and downloaded GitHub private key:
|
||||
# matrix_hookshot_github_private_key: |
|
||||
# -----BEGIN RSA PRIVATE KEY-----
|
||||
|
@ -61,22 +61,25 @@ matrix_hookshot_github_appid: ''
|
|||
# Alternatively, leave it empty and do it manually or use matrix-aux instead, see docs/matrix-bridge-hookshot.md for info.
|
||||
matrix_hookshot_github_private_key: ''
|
||||
matrix_hookshot_github_private_key_file: 'private-key.pem'
|
||||
matrix_hookshot_github_secret: '' # "Webhook secret" on the GitHub App page
|
||||
matrix_hookshot_github_webhook_secret: '' # "Webhook secret" on the GitHub App page
|
||||
matrix_hookshot_github_oauth_enabled: false
|
||||
# You need to configure oauth settings only when you have enabled oauth (optional)
|
||||
matrix_hookshot_github_oauth_id: '' # "Client ID" on the GitHub App page
|
||||
matrix_hookshot_github_oauth_secret: '' # "Client Secret" on the GitHub App page
|
||||
matrix_hookshot_github_oauth_client_id: '' # "Client ID" on the GitHub App page
|
||||
matrix_hookshot_github_oauth_client_secret: '' # "Client Secret" on the GitHub App page
|
||||
# Default value of matrix_hookshot_github_oauth_endpoint: "/hookshot/webhooks/oauth"
|
||||
matrix_hookshot_github_oauth_endpoint: "{{ matrix_hookshot_webhook_endpoint }}/oauth"
|
||||
matrix_hookshot_github_oauth_uri: "{{ matrix_hookshot_urlprefix }}{{ matrix_hookshot_github_oauth_endpoint }}"
|
||||
matrix_hookshot_github_oauth_redirect_uri: "{{ matrix_hookshot_urlprefix }}{{ matrix_hookshot_github_oauth_endpoint }}"
|
||||
|
||||
# These are the default settings mentioned here and don't need to be modified: https://matrix-org.github.io/matrix-hookshot/usage/room_configuration/github_repo.html#configuration
|
||||
matrix_hookshot_github_ignore_hooks: "{}"
|
||||
matrix_hookshot_github_command_prefix: '!gh'
|
||||
matrix_hookshot_github_showIssueRoomLink: false # noqa var-naming
|
||||
matrix_hookshot_github_pr_diff: "{enabled: false, maxLines: 5}"
|
||||
matrix_hookshot_github_including_labels: ''
|
||||
matrix_hookshot_github_excluding_labels: ''
|
||||
matrix_hookshot_github_hotlink_prefix: "#"
|
||||
matrix_hookshot_github_defaultOptions_ignoreHooks: {} # noqa var-naming
|
||||
matrix_hookshot_github_defaultOptions_commandPrefix: '!gh' # noqa var-naming
|
||||
matrix_hookshot_github_defaultOptions_showIssueRoomLink: false # noqa var-naming
|
||||
matrix_hookshot_github_defaultOptions_prDiff: # noqa var-naming
|
||||
enabled: false
|
||||
maxLines: 5
|
||||
matrix_hookshot_github_defaultOptions_includingLabels: '' # noqa var-naming
|
||||
matrix_hookshot_github_defaultOptions_excludingLabels: '' # noqa var-naming
|
||||
matrix_hookshot_github_defaultOptions_hotlinkIssues_prefix: "#" # noqa var-naming
|
||||
|
||||
|
||||
matrix_hookshot_gitlab_enabled: true
|
||||
|
@ -91,7 +94,7 @@ matrix_hookshot_gitlab_instances:
|
|||
url: https://gitlab.com
|
||||
|
||||
# This will be the "Secret token" you have to enter into all GitLab instances for authentication
|
||||
matrix_hookshot_gitlab_secret: ''
|
||||
matrix_hookshot_gitlab_webhook_secret: ''
|
||||
|
||||
|
||||
matrix_hookshot_figma_enabled: false
|
||||
|
@ -104,33 +107,35 @@ matrix_hookshot_figma_publicUrl: "{{ matrix_hookshot_urlprefix }}{{ matrix_hooks
|
|||
# teamId: your-team-id
|
||||
# accessToken: your-personal-access-token
|
||||
# passcode: your-webhook-passcode
|
||||
|
||||
matrix_hookshot_figma_instances: {}
|
||||
|
||||
matrix_hookshot_jira_enabled: false
|
||||
# Get the these values from https://matrix-org.github.io/matrix-hookshot/setup/jira.html#jira-oauth
|
||||
matrix_hookshot_jira_secret: ''
|
||||
matrix_hookshot_jira_webhook_secret: ''
|
||||
matrix_hookshot_jira_oauth_enabled: false
|
||||
matrix_hookshot_jira_oauth_id: ''
|
||||
matrix_hookshot_jira_oauth_secret: ''
|
||||
matrix_hookshot_jira_oauth_client_id: ''
|
||||
matrix_hookshot_jira_oauth_client_secret: ''
|
||||
# Default value of matrix_hookshot_jira_oauth_endpoint: "/hookshot/webhooks/jira/oauth"
|
||||
matrix_hookshot_jira_oauth_endpoint: "{{ matrix_hookshot_webhook_endpoint }}/jira/oauth"
|
||||
matrix_hookshot_jira_oauth_uri: "{{ matrix_hookshot_urlprefix }}{{ matrix_hookshot_jira_oauth_endpoint }}"
|
||||
matrix_hookshot_jira_oauth_redirect_uri: "{{ matrix_hookshot_urlprefix }}{{ matrix_hookshot_jira_oauth_endpoint }}"
|
||||
|
||||
|
||||
# No need to change these
|
||||
matrix_hookshot_generic_enabled: true
|
||||
matrix_hookshot_generic_enableHttpGet: false
|
||||
# Default value of matrix_hookshot_generic_endpoint: "/hookshot/webhooks"
|
||||
matrix_hookshot_generic_endpoint: "{{ matrix_hookshot_webhook_endpoint }}"
|
||||
# urlprefix gets updated with protocol & port in group_vars/matrix_servers
|
||||
matrix_hookshot_generic_urlprefix: "{{ matrix_hookshot_urlprefix }}{{ matrix_hookshot_generic_endpoint }}"
|
||||
matrix_hookshot_generic_allow_js_transformation_functions: false
|
||||
matrix_hookshot_generic_urlPrefix: "{{ matrix_hookshot_urlprefix }}{{ matrix_hookshot_generic_endpoint }}"
|
||||
# If you're also using matrix-appservice-webhooks, take care that these prefixes don't overlap
|
||||
matrix_hookshot_generic_user_id_prefix: '_webhooks_'
|
||||
matrix_hookshot_generic_userIdPrefix: '_webhooks_'
|
||||
matrix_hookshot_generic_allowJsTransformationFunctions: false
|
||||
matrix_hookshot_generic_waitForComplete: false
|
||||
|
||||
|
||||
matrix_hookshot_feeds_enabled: true
|
||||
matrix_hookshot_feeds_pollIntervalSeconds: 600 # noqa var-naming
|
||||
matrix_hookshot_feeds_pollTimeoutSeconds: 10 # noqa var-naming
|
||||
matrix_hookshot_feeds_pollTimeoutSeconds: 30 # noqa var-naming
|
||||
|
||||
|
||||
# There is no need to edit ports. use matrix_hookshot_container_http_host_bind_ports below to expose ports instead.
|
||||
|
@ -141,6 +146,8 @@ matrix_hookshot_provisioning_enabled: false
|
|||
matrix_hookshot_provisioning_internal: "/v1"
|
||||
matrix_hookshot_provisioning_endpoint: "{{ matrix_hookshot_public_endpoint }}{{ matrix_hookshot_provisioning_internal }}"
|
||||
|
||||
# Valid logging levels are: debug, info, warn, error
|
||||
matrix_hookshot_logging_level: warn
|
||||
|
||||
matrix_hookshot_widgets_enabled: true
|
||||
matrix_hookshot_widgets_port: 9003
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
---
|
||||
|
||||
- ansible.builtin.import_role:
|
||||
- ansible.builtin.include_role:
|
||||
name: custom/matrix-base
|
||||
tasks_from: ensure_openssl_installed
|
||||
|
||||
|
@ -110,9 +110,3 @@
|
|||
src: "{{ role_path }}/templates/systemd/matrix-hookshot.service.j2"
|
||||
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-hookshot.service"
|
||||
mode: 0644
|
||||
register: matrix_hookshot_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-hookshot.service installation
|
||||
ansible.builtin.service:
|
||||
daemon_reload: true
|
||||
when: matrix_hookshot_systemd_service_result.changed
|
||||
|
|
|
@ -1,5 +1,34 @@
|
|||
---
|
||||
|
||||
- name: (Deprecation) Catch and report renamed Hookshot variables
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
Your configuration contains a variable, which now has a different name.
|
||||
Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`).
|
||||
when: "item.old in vars"
|
||||
with_items:
|
||||
- {'old': 'matrix_hookshot_feeds_interval', 'new': 'matrix_hookshot_feeds_pollIntervalSeconds'}
|
||||
- {'old': 'matrix_hookshot_generic_urlprefix', 'new': 'matrix_hookshot_generic_urlPrefix'}
|
||||
- {'old': 'matrix_hookshot_generic_allow_js_transformation_functions', 'new': 'matrix_hookshot_generic_allowJsTransformationFunctions'}
|
||||
- {'old': 'matrix_hookshot_generic_user_id_prefix', 'new': 'matrix_hookshot_generic_userIdPrefix'}
|
||||
- {'old': 'matrix_hookshot_github_secret', 'new': 'matrix_hookshot_github_webhook_secret'}
|
||||
- {'old': 'matrix_hookshot_github_appid', 'new': 'matrix_hookshot_github_auth_id'}
|
||||
- {'old': 'matrix_hookshot_github_oauth_id', 'new': 'matrix_hookshot_github_oauth_client_id'}
|
||||
- {'old': 'matrix_hookshot_github_oauth_secret', 'new': 'matrix_hookshot_github_oauth_client_secret'}
|
||||
- {'old': 'matrix_hookshot_github_oauth_uri', 'new': 'matrix_hookshot_github_oauth_redirect_uri'}
|
||||
- {'old': 'matrix_hookshot_github_ignore_hooks', 'new': 'matrix_hookshot_github_defaultOptions_ignoreHooks'}
|
||||
- {'old': 'matrix_hookshot_github_command_prefix', 'new': 'matrix_hookshot_github_defaultOptions_commandPrefix'}
|
||||
- {'old': 'matrix_hookshot_github_showIssueRoomLink', 'new': 'matrix_hookshot_github_defaultOptions_showIssueRoomLink'}
|
||||
- {'old': 'matrix_hookshot_github_pr_diff', 'new': 'matrix_hookshot_github_defaultOptions_prDiff'}
|
||||
- {'old': 'matrix_hookshot_github_including_labels', 'new': 'matrix_hookshot_github_defaultOptions_includingLabels'}
|
||||
- {'old': 'matrix_hookshot_github_excluding_labels', 'new': 'matrix_hookshot_github_defaultOptions_excludingLabels'}
|
||||
- {'old': 'matrix_hookshot_github_hotlink_prefix', 'new': 'matrix_hookshot_github_defaultOptions_hotlinkIssues_prefix'}
|
||||
- {'old': 'matrix_hookshot_jira_secret', 'new': 'matrix_hookshot_jira_webhook_secret'}
|
||||
- {'old': 'matrix_hookshot_jira_oauth_id', 'new': 'matrix_hookshot_jira_oauth_client_id'}
|
||||
- {'old': 'matrix_hookshot_jira_oauth_secret', 'new': 'matrix_hookshot_jira_oauth_client_secret'}
|
||||
- {'old': 'matrix_hookshot_jira_oauth_uri', 'new': 'matrix_hookshot_jira_oauth_client_secret'}
|
||||
- {'old': 'matrix_hookshot_gitlab_secret', 'new': 'matrix_hookshot_gitlab_webhook_secret'}
|
||||
|
||||
- name: Fail if required settings not defined
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
|
@ -15,8 +44,8 @@
|
|||
You need to define a required configuration setting (`{{ item }}`) to enable GitHub.
|
||||
when: "matrix_hookshot_github_enabled and vars[item] == ''"
|
||||
with_items:
|
||||
- "matrix_hookshot_github_appid"
|
||||
- "matrix_hookshot_github_secret"
|
||||
- "matrix_hookshot_github_auth_id"
|
||||
- "matrix_hookshot_github_webhook_secret"
|
||||
|
||||
- name: Fail if required GitHub OAuth settings not defined
|
||||
ansible.builtin.fail:
|
||||
|
@ -24,8 +53,8 @@
|
|||
You need to define a required configuration setting (`{{ item }}`) to enable GitHub OAuth.
|
||||
when: "matrix_hookshot_github_oauth_enabled and vars[item] == ''"
|
||||
with_items:
|
||||
- "matrix_hookshot_github_oauth_id"
|
||||
- "matrix_hookshot_github_oauth_secret"
|
||||
- "matrix_hookshot_github_oauth_client_id"
|
||||
- "matrix_hookshot_github_oauth_client_secret"
|
||||
|
||||
- name: Fail if required Jira settings not defined
|
||||
ansible.builtin.fail:
|
||||
|
@ -33,7 +62,7 @@
|
|||
You need to define a required configuration setting (`{{ item }}`) to enable Jira.
|
||||
when: "matrix_hookshot_jira_enabled and vars[item] == ''"
|
||||
with_items:
|
||||
- "matrix_hookshot_jira_secret"
|
||||
- "matrix_hookshot_jira_webhook_secret"
|
||||
|
||||
- name: Fail if required Jira OAuth settings not defined
|
||||
ansible.builtin.fail:
|
||||
|
@ -41,14 +70,14 @@
|
|||
You need to define a required configuration setting (`{{ item }}`) to enable Jira OAuth.
|
||||
when: "matrix_hookshot_jira_oauth_enabled and vars[item] == ''"
|
||||
with_items:
|
||||
- "matrix_hookshot_jira_oauth_id"
|
||||
- "matrix_hookshot_jira_oauth_secret"
|
||||
- "matrix_hookshot_jira_oauth_client_id"
|
||||
- "matrix_hookshot_jira_oauth_client_secret"
|
||||
|
||||
- name: Fail if required Figma settings not defined
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define at least one Figma instance to enable Figma.
|
||||
when: "matrix_hookshot_figma_enabled and matrix_hookshot_figma_instances is undefined"
|
||||
You need to define at least one Figma instance in `matrix_hookshot_figma_instances` to enable Figma.
|
||||
when: "matrix_hookshot_figma_enabled and matrix_hookshot_figma_instances | length == 0"
|
||||
|
||||
- name: Fail if required provisioning settings not defined
|
||||
ansible.builtin.fail:
|
||||
|
@ -58,15 +87,6 @@
|
|||
with_items:
|
||||
- "matrix_hookshot_provisioning_secret"
|
||||
|
||||
- name: (Deprecation) Catch and report renamed Hookshot variables
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
Your configuration contains a variable, which now has a different name.
|
||||
Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`).
|
||||
when: "item.old in vars"
|
||||
with_items:
|
||||
- {'old': 'matrix_hookshot_feeds_interval', 'new': 'matrix_hookshot_feeds_pollIntervalSeconds'}
|
||||
|
||||
- name: (Deprecation) Catch and report old metrics usage
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
|
|
|
@ -14,69 +14,70 @@ github:
|
|||
auth:
|
||||
# Authentication for the GitHub App.
|
||||
#
|
||||
id: {{ matrix_hookshot_github_appid }}
|
||||
id: {{ matrix_hookshot_github_auth_id | to_json }}
|
||||
privateKeyFile: /data/{{ matrix_hookshot_github_private_key_file }}
|
||||
webhook:
|
||||
# Webhook settings for the GitHub app.
|
||||
#
|
||||
secret: {{ matrix_hookshot_github_secret|to_json }}
|
||||
secret: {{ matrix_hookshot_github_webhook_secret | to_json }}
|
||||
{% if matrix_hookshot_github_oauth_enabled %}
|
||||
oauth:
|
||||
# (Optional) Settings for allowing users to sign in via OAuth.
|
||||
#
|
||||
client_id: {{ matrix_hookshot_github_oauth_id }}
|
||||
client_secret: {{ matrix_hookshot_github_oauth_secret|to_json }}
|
||||
redirect_uri: {{ matrix_hookshot_github_oauth_uri }}
|
||||
client_id: {{ matrix_hookshot_github_oauth_client_id | to_json }}
|
||||
client_secret: {{ matrix_hookshot_github_oauth_client_secret | to_json }}
|
||||
redirect_uri: {{ matrix_hookshot_github_oauth_redirect_uri | to_json }}
|
||||
{% endif %}
|
||||
defaultOptions:
|
||||
# (Optional) Default options for GitHub connections.
|
||||
#
|
||||
ignoreHooks: {{ matrix_hookshot_github_ignore_hooks }}
|
||||
commandPrefix: "{{ matrix_hookshot_github_command_prefix }}"
|
||||
showIssueRoomLink: {{ matrix_hookshot_github_showIssueRoomLink }}
|
||||
prDiff: {{ matrix_hookshot_github_pr_diff }}
|
||||
includingLabels:{{ matrix_hookshot_github_including_labels }}
|
||||
excludingLabels: {{ matrix_hookshot_github_excluding_labels }}
|
||||
ignoreHooks: {{ matrix_hookshot_github_defaultOptions_ignoreHooks | to_json }}
|
||||
commandPrefix: {{ matrix_hookshot_github_defaultOptions_commandPrefix | to_json }}
|
||||
showIssueRoomLink: {{ matrix_hookshot_github_defaultOptions_showIssueRoomLink | to_json }}
|
||||
prDiff: {{ matrix_hookshot_github_defaultOptions_prDiff | to_json }}
|
||||
includingLabels: {{ matrix_hookshot_github_defaultOptions_includingLabels | to_json }}
|
||||
excludingLabels: {{ matrix_hookshot_github_defaultOptions_excludingLabels | to_json }}
|
||||
hotlinkIssues:
|
||||
prefix: "{{ matrix_hookshot_github_hotlink_prefix }}"
|
||||
prefix: {{ matrix_hookshot_github_defaultOptions_hotlinkIssues_prefix | to_json }}
|
||||
{% endif %}
|
||||
{% if matrix_hookshot_gitlab_enabled %}
|
||||
gitlab:
|
||||
# (Optional) Configure this to enable GitLab support
|
||||
#
|
||||
instances:
|
||||
{{ matrix_hookshot_gitlab_instances }}
|
||||
instances: {{ matrix_hookshot_gitlab_instances | to_json }}
|
||||
webhook:
|
||||
secret: {{ matrix_hookshot_gitlab_secret|to_json }}
|
||||
secret: {{ matrix_hookshot_gitlab_webhook_secret | to_json }}
|
||||
{% endif %}
|
||||
{% if matrix_hookshot_figma_enabled %}
|
||||
figma:
|
||||
# (Optional) Configure this to enable Figma support
|
||||
#
|
||||
publicUrl: {{ matrix_hookshot_figma_publicUrl }}
|
||||
instances: {{ matrix_hookshot_figma_instances }}
|
||||
publicUrl: {{ matrix_hookshot_figma_publicUrl | to_json }}
|
||||
instances: {{ matrix_hookshot_figma_instances | to_json }}
|
||||
{% endif %}
|
||||
{% if matrix_hookshot_jira_enabled %}
|
||||
jira:
|
||||
# (Optional) Configure this to enable Jira support
|
||||
#
|
||||
webhook:
|
||||
secret: {{ matrix_hookshot_jira_secret|to_json }}
|
||||
secret: {{ matrix_hookshot_jira_webhook_secret | to_json }}
|
||||
{% if matrix_hookshot_jira_oauth_enabled %}
|
||||
oauth:
|
||||
client_id: {{ matrix_hookshot_jira_oauth_id|to_json }}
|
||||
client_secret: {{ matrix_hookshot_jira_oauth_secret|to_json }}
|
||||
redirect_uri: {{ matrix_hookshot_jira_oauth_uri }}
|
||||
client_id: {{ matrix_hookshot_jira_oauth_client_id | to_json }}
|
||||
client_secret: {{ matrix_hookshot_jira_oauth_client_secret | to_json }}
|
||||
redirect_uri: {{ matrix_hookshot_jira_oauth_redirect_uri | to_json }}
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
{% if matrix_hookshot_generic_enabled %}
|
||||
generic:
|
||||
# (Optional) Support for generic webhook events. `allowJsTransformationFunctions` will allow users to write short transformation snippets in code, and thus is unsafe in untrusted environments
|
||||
#
|
||||
enabled: {{ matrix_hookshot_generic_enabled }}
|
||||
urlPrefix: {{ matrix_hookshot_generic_urlprefix }}
|
||||
allowJsTransformationFunctions: {{ matrix_hookshot_generic_allow_js_transformation_functions }}
|
||||
userIdPrefix: {{ matrix_hookshot_generic_user_id_prefix|to_json }}
|
||||
enabled: {{ matrix_hookshot_generic_enabled | to_json }}
|
||||
enableHttpGet: {{ matrix_hookshot_generic_enableHttpGet | to_json }}
|
||||
urlPrefix: {{ matrix_hookshot_generic_urlPrefix | to_json }}
|
||||
userIdPrefix: {{ matrix_hookshot_generic_userIdPrefix | to_json }}
|
||||
allowJsTransformationFunctions: {{ matrix_hookshot_generic_allowJsTransformationFunctions | to_json }}
|
||||
waitForComplete: {{ matrix_hookshot_generic_waitForComplete | to_json }}
|
||||
{% endif %}
|
||||
{% if matrix_hookshot_feeds_enabled %}
|
||||
feeds:
|
||||
|
@ -90,7 +91,7 @@ feeds:
|
|||
provisioning:
|
||||
# (Optional) Provisioning API for integration managers
|
||||
#
|
||||
secret: {{ matrix_hookshot_provisioning_secret|to_json }}
|
||||
secret: {{ matrix_hookshot_provisioning_secret | to_json }}
|
||||
{% endif %}
|
||||
passFile:
|
||||
# A passkey used to encrypt tokens stored inside the bridge.
|
||||
|
@ -100,34 +101,34 @@ passFile:
|
|||
bot:
|
||||
# (Optional) Define profile information for the bot user
|
||||
#
|
||||
displayname: {{ matrix_hookshot_bot_displayname }}
|
||||
avatar: {{ matrix_hookshot_bot_avatar }}
|
||||
displayname: {{ matrix_hookshot_bot_displayname | to_json }}
|
||||
avatar: {{ matrix_hookshot_bot_avatar | to_json }}
|
||||
metrics:
|
||||
# (Optional) Prometheus metrics support
|
||||
#
|
||||
enabled: {{ matrix_hookshot_metrics_enabled }}
|
||||
enabled: {{ matrix_hookshot_metrics_enabled | to_json }}
|
||||
logging:
|
||||
# (Optional) Logging settings. You can have a severity debug,info,warn,error
|
||||
#
|
||||
level: warn
|
||||
level: {{ matrix_hookshot_logging_level | to_json }}
|
||||
{% if matrix_hookshot_widgets_enabled %}
|
||||
widgets:
|
||||
# (Optional) EXPERIMENTAL support for complimentary widgets
|
||||
#
|
||||
addToAdminRooms: {{ matrix_hookshot_widgets_addToAdminRooms }}
|
||||
addToAdminRooms: {{ matrix_hookshot_widgets_addToAdminRooms | to_json }}
|
||||
{% if matrix_hookshot_widgets_roomSetupWidget_enabled %}
|
||||
roomSetupWidget:
|
||||
addOnInvite: {{ matrix_hookshot_widgets_roomSetupWidget_addOnInvite }}
|
||||
addOnInvite: {{ matrix_hookshot_widgets_roomSetupWidget_addOnInvite | to_json }}
|
||||
{% endif %}
|
||||
{% if not matrix_hookshot_widgets_disallowedIpRanges is in [None, ''] %}
|
||||
disallowedIpRanges: {{ matrix_hookshot_widgets_disallowedIpRanges }}
|
||||
disallowedIpRanges: {{ matrix_hookshot_widgets_disallowedIpRanges | to_json }}
|
||||
{% endif %}
|
||||
publicUrl: {{ matrix_hookshot_widgets_publicUrl }}
|
||||
publicUrl: {{ matrix_hookshot_widgets_publicUrl | to_json }}
|
||||
branding:
|
||||
widgetTitle: {{ matrix_hookshot_widgets_branding_widgetTitle }}
|
||||
widgetTitle: {{ matrix_hookshot_widgets_branding_widgetTitle | to_json }}
|
||||
{% endif %}
|
||||
{% if matrix_hookshot_permissions %}
|
||||
permissions: {{ matrix_hookshot_permissions }}
|
||||
permissions: {{ matrix_hookshot_permissions | to_json }}
|
||||
{% endif %}
|
||||
listeners:
|
||||
# (Optional) HTTP Listener configuration.
|
||||
|
|
|
@ -18,7 +18,7 @@ namespaces:
|
|||
exclusive: true
|
||||
{% endif %}
|
||||
{% if matrix_hookshot_generic_enabled %}
|
||||
- regex: "@{{ matrix_hookshot_generic_user_id_prefix }}.*:{{ matrix_domain }}" # Where foobar is your homeserver's domain // depending on userIdPrefix setting in conf
|
||||
- regex: "@{{ matrix_hookshot_generic_userIdPrefix }}.*:{{ matrix_domain }}" # Where foobar is your homeserver's domain // depending on userIdPrefix setting in conf
|
||||
exclusive: true
|
||||
{% endif %}
|
||||
aliases:
|
||||
|
|
|
@ -67,7 +67,7 @@ matrix_mautrix_discord_sqlite_database_path_in_container: "/data/mautrix-discord
|
|||
|
||||
matrix_mautrix_discord_database_username: 'matrix_mautrix_discord'
|
||||
matrix_mautrix_discord_database_password: 'some-password'
|
||||
matrix_mautrix_discord_database_hostname: 'matrix-postgres'
|
||||
matrix_mautrix_discord_database_hostname: ''
|
||||
matrix_mautrix_discord_database_port: 5432
|
||||
matrix_mautrix_discord_database_name: 'matrix_mautrix_discord'
|
||||
|
||||
|
|
|
@ -12,8 +12,11 @@
|
|||
|
||||
- when: "matrix_mautrix_discord_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
block:
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_postgres_db_migration_request:
|
||||
- ansible.builtin.include_role:
|
||||
name: galaxy/com.devture.ansible.role.postgres
|
||||
tasks_from: migrate_db_to_postgres
|
||||
vars:
|
||||
devture_postgres_db_migration_request:
|
||||
src: "{{ matrix_mautrix_discord_sqlite_database_path_local }}"
|
||||
dst: "{{ matrix_mautrix_discord_database_connection_string }}"
|
||||
caller: "{{ role_path | basename }}"
|
||||
|
@ -22,10 +25,6 @@
|
|||
systemd_services_to_stop: ['matrix-mautrix-discord.service']
|
||||
pgloader_options: ['--with "quote identifiers"']
|
||||
|
||||
- ansible.builtin.import_role:
|
||||
name: custom/matrix-postgres
|
||||
tasks_from: migrate_db_to_postgres
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_mautrix_discord_requires_restart: true
|
||||
|
||||
|
@ -101,13 +100,9 @@
|
|||
mode: 0644
|
||||
register: matrix_mautrix_discord_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-mautrix-discord.service installation
|
||||
ansible.builtin.service:
|
||||
daemon_reload: true
|
||||
when: "matrix_mautrix_discord_systemd_service_result.changed"
|
||||
|
||||
- name: Ensure matrix-mautrix-discord.service restarted, if necessary
|
||||
ansible.builtin.service:
|
||||
name: "matrix-mautrix-discord.service"
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
when: "matrix_mautrix_discord_requires_restart | bool"
|
||||
|
|
|
@ -1,10 +1,11 @@
|
|||
---
|
||||
|
||||
- name: Fail if required settings not defined
|
||||
- name: Fail if required mautrix-discord settings not defined
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
You need to define a required configuration setting (`{{ item.name }}`).
|
||||
when: "item.when | bool and vars[item.name] == ''"
|
||||
with_items:
|
||||
- "matrix_mautrix_discord_appservice_token"
|
||||
- "matrix_mautrix_discord_homeserver_token"
|
||||
- {'name': 'matrix_mautrix_discord_appservice_token', when: true}
|
||||
- {'name': 'matrix_mautrix_discord_homeserver_token', when: true}
|
||||
- {'name': 'matrix_mautrix_discord_database_hostname', when: "{{ matrix_mautrix_discord_database_engine == 'postgres' }}"}
|
||||
|
|
|
@ -74,7 +74,7 @@ matrix_mautrix_facebook_sqlite_database_path_in_container: "/data/mautrix-facebo
|
|||
|
||||
matrix_mautrix_facebook_database_username: 'matrix_mautrix_facebook'
|
||||
matrix_mautrix_facebook_database_password: 'some-password'
|
||||
matrix_mautrix_facebook_database_hostname: 'matrix-postgres'
|
||||
matrix_mautrix_facebook_database_hostname: ''
|
||||
matrix_mautrix_facebook_database_port: 5432
|
||||
matrix_mautrix_facebook_database_name: 'matrix_mautrix_facebook'
|
||||
|
||||
|
|
|
@ -12,8 +12,11 @@
|
|||
|
||||
- when: "matrix_mautrix_facebook_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
block:
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_postgres_db_migration_request:
|
||||
- ansible.builtin.include_role:
|
||||
name: galaxy/com.devture.ansible.role.postgres
|
||||
tasks_from: migrate_db_to_postgres
|
||||
vars:
|
||||
devture_postgres_db_migration_request:
|
||||
src: "{{ matrix_mautrix_facebook_sqlite_database_path_local }}"
|
||||
dst: "{{ matrix_mautrix_facebook_database_connection_string }}"
|
||||
caller: "{{ role_path | basename }}"
|
||||
|
@ -21,10 +24,6 @@
|
|||
engine_old: 'sqlite'
|
||||
systemd_services_to_stop: ['matrix-mautrix-facebook.service']
|
||||
|
||||
- ansible.builtin.import_role:
|
||||
name: custom/matrix-postgres
|
||||
tasks_from: migrate_db_to_postgres
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_mautrix_facebook_requires_restart: true
|
||||
|
||||
|
@ -116,15 +115,10 @@
|
|||
src: "{{ role_path }}/templates/systemd/matrix-mautrix-facebook.service.j2"
|
||||
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-facebook.service"
|
||||
mode: 0644
|
||||
register: matrix_mautrix_facebook_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-mautrix-facebook.service installation
|
||||
ansible.builtin.service:
|
||||
daemon_reload: true
|
||||
when: "matrix_mautrix_facebook_systemd_service_result.changed"
|
||||
|
||||
- name: Ensure matrix-mautrix-facebook.service restarted, if necessary
|
||||
ansible.builtin.service:
|
||||
name: "matrix-mautrix-facebook.service"
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
when: "matrix_mautrix_facebook_requires_restart | bool"
|
||||
|
|
|
@ -1,14 +1,15 @@
|
|||
---
|
||||
|
||||
- name: Fail if required settings not defined
|
||||
- name: Fail if required mautrix-facebook settings not defined
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
You need to define a required configuration setting (`{{ item.name }}`).
|
||||
when: "item.when | bool and vars[item.name] == ''"
|
||||
with_items:
|
||||
- "matrix_mautrix_facebook_public_endpoint"
|
||||
- "matrix_mautrix_facebook_appservice_token"
|
||||
- "matrix_mautrix_facebook_homeserver_token"
|
||||
- {'name': 'matrix_mautrix_facebook_public_endpoint', when: true}
|
||||
- {'name': 'matrix_mautrix_facebook_appservice_token', when: true}
|
||||
- {'name': 'matrix_mautrix_facebook_homeserver_token', when: true}
|
||||
- {'name': 'matrix_mautrix_facebook_database_hostname', when: "{{ matrix_mautrix_facebook_database_engine == 'postgres' }}"}
|
||||
|
||||
- when: "matrix_mautrix_facebook_database_engine == 'sqlite' and matrix_mautrix_facebook_docker_image.endswith(':da1b4ec596e334325a1589e70829dea46e73064b')"
|
||||
block:
|
||||
|
|
|
@ -68,7 +68,7 @@ matrix_mautrix_googlechat_sqlite_database_path_in_container: "/data/mautrix-goog
|
|||
|
||||
matrix_mautrix_googlechat_database_username: 'matrix_mautrix_googlechat'
|
||||
matrix_mautrix_googlechat_database_password: 'some-password'
|
||||
matrix_mautrix_googlechat_database_hostname: 'matrix-postgres'
|
||||
matrix_mautrix_googlechat_database_hostname: ''
|
||||
matrix_mautrix_googlechat_database_port: 5432
|
||||
matrix_mautrix_googlechat_database_name: 'matrix_mautrix_googlechat'
|
||||
|
||||
|
|
|
@ -12,8 +12,11 @@
|
|||
|
||||
- when: "matrix_mautrix_googlechat_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
block:
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_postgres_db_migration_request:
|
||||
- ansible.builtin.include_role:
|
||||
name: galaxy/com.devture.ansible.role.postgres
|
||||
tasks_from: migrate_db_to_postgres
|
||||
vars:
|
||||
devture_postgres_db_migration_request:
|
||||
src: "{{ matrix_mautrix_googlechat_sqlite_database_path_local }}"
|
||||
dst: "{{ matrix_mautrix_googlechat_database_connection_string }}"
|
||||
caller: "{{ role_path | basename }}"
|
||||
|
@ -21,10 +24,6 @@
|
|||
engine_old: 'sqlite'
|
||||
systemd_services_to_stop: ['matrix-mautrix-googlechat.service']
|
||||
|
||||
- ansible.builtin.import_role:
|
||||
name: custom/matrix-postgres
|
||||
tasks_from: migrate_db_to_postgres
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_mautrix_googlechat_requires_restart: true
|
||||
|
||||
|
@ -116,15 +115,10 @@
|
|||
src: "{{ role_path }}/templates/systemd/matrix-mautrix-googlechat.service.j2"
|
||||
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-googlechat.service"
|
||||
mode: 0644
|
||||
register: matrix_mautrix_googlechat_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-mautrix-googlechat.service installation
|
||||
ansible.builtin.service:
|
||||
daemon_reload: true
|
||||
when: "matrix_mautrix_googlechat_systemd_service_result.changed"
|
||||
|
||||
- name: Ensure matrix-mautrix-googlechat.service restarted, if necessary
|
||||
ansible.builtin.service:
|
||||
name: "matrix-mautrix-googlechat.service"
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
when: "matrix_mautrix_googlechat_requires_restart | bool"
|
||||
|
|
|
@ -1,14 +1,12 @@
|
|||
---
|
||||
|
||||
- name: Fail if required settings not defined
|
||||
- name: Fail if required mautrix-googlechat settings not defined
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
You need to define a required configuration setting (`{{ item.name }}`).
|
||||
when: "item.when | bool and vars[item.name] == ''"
|
||||
with_items:
|
||||
- "matrix_mautrix_googlechat_public_endpoint"
|
||||
- "matrix_mautrix_googlechat_appservice_token"
|
||||
- "matrix_mautrix_googlechat_homeserver_token"
|
||||
- ansible.builtin.debug:
|
||||
msg:
|
||||
- '`matrix_mautrix_googlechat_homeserver_domain` == {{ matrix_mautrix_googlechat_homeserver_domain }}'
|
||||
- {'name': 'matrix_mautrix_googlechat_public_endpoint', when: true}
|
||||
- {'name': 'matrix_mautrix_googlechat_appservice_token', when: true}
|
||||
- {'name': 'matrix_mautrix_googlechat_homeserver_token', when: true}
|
||||
- {'name': 'matrix_mautrix_googlechat_database_hostname', when: "{{ matrix_mautrix_googlechat_database_engine == 'postgres' }}"}
|
||||
|
|
|
@ -65,7 +65,7 @@ matrix_mautrix_hangouts_sqlite_database_path_in_container: "/data/mautrix-hangou
|
|||
|
||||
matrix_mautrix_hangouts_database_username: 'matrix_mautrix_hangouts'
|
||||
matrix_mautrix_hangouts_database_password: 'some-password'
|
||||
matrix_mautrix_hangouts_database_hostname: 'matrix-postgres'
|
||||
matrix_mautrix_hangouts_database_hostname: ''
|
||||
matrix_mautrix_hangouts_database_port: 5432
|
||||
matrix_mautrix_hangouts_database_name: 'matrix_mautrix_hangouts'
|
||||
|
||||
|
|
|
@ -12,8 +12,11 @@
|
|||
|
||||
- when: "matrix_mautrix_hangouts_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
block:
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_postgres_db_migration_request:
|
||||
- ansible.builtin.include_role:
|
||||
name: galaxy/com.devture.ansible.role.postgres
|
||||
tasks_from: migrate_db_to_postgres
|
||||
vars:
|
||||
devture_postgres_db_migration_request:
|
||||
src: "{{ matrix_mautrix_hangouts_sqlite_database_path_local }}"
|
||||
dst: "{{ matrix_mautrix_hangouts_database_connection_string }}"
|
||||
caller: "{{ role_path | basename }}"
|
||||
|
@ -21,10 +24,6 @@
|
|||
engine_old: 'sqlite'
|
||||
systemd_services_to_stop: ['matrix-mautrix-hangouts.service']
|
||||
|
||||
- ansible.builtin.import_role:
|
||||
name: custom/matrix-postgres
|
||||
tasks_from: migrate_db_to_postgres
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_mautrix_hangouts_requires_restart: true
|
||||
|
||||
|
@ -116,15 +115,10 @@
|
|||
src: "{{ role_path }}/templates/systemd/matrix-mautrix-hangouts.service.j2"
|
||||
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-hangouts.service"
|
||||
mode: 0644
|
||||
register: matrix_mautrix_hangouts_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-mautrix-hangouts.service installation
|
||||
ansible.builtin.service:
|
||||
daemon_reload: true
|
||||
when: "matrix_mautrix_hangouts_systemd_service_result.changed"
|
||||
|
||||
- name: Ensure matrix-mautrix-hangouts.service restarted, if necessary
|
||||
ansible.builtin.service:
|
||||
name: "matrix-mautrix-hangouts.service"
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
when: "matrix_mautrix_hangouts_requires_restart | bool"
|
||||
|
|
|
@ -1,14 +1,12 @@
|
|||
---
|
||||
|
||||
- name: Fail if required settings not defined
|
||||
- name: Fail if required mautrix-hangouts settings not defined
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
You need to define a required configuration setting (`{{ item.name }}`).
|
||||
when: "item.when | bool and vars[item.name] == ''"
|
||||
with_items:
|
||||
- "matrix_mautrix_hangouts_public_endpoint"
|
||||
- "matrix_mautrix_hangouts_appservice_token"
|
||||
- "matrix_mautrix_hangouts_homeserver_token"
|
||||
- ansible.builtin.debug:
|
||||
msg:
|
||||
- '`matrix_mautrix_hangouts_homeserver_domain` == {{ matrix_mautrix_hangouts_homeserver_domain }}'
|
||||
- {'name': 'matrix_mautrix_hangouts_public_endpoint', when: true}
|
||||
- {'name': 'matrix_mautrix_hangouts_appservice_token', when: true}
|
||||
- {'name': 'matrix_mautrix_hangouts_homeserver_token', when: true}
|
||||
- {'name': 'matrix_mautrix_hangouts_database_hostname', when: "{{ matrix_mautrix_hangouts_database_engine == 'postgres' }}"}
|
||||
|
|
|
@ -55,7 +55,7 @@ matrix_mautrix_instagram_database_engine: 'postgres'
|
|||
|
||||
matrix_mautrix_instagram_database_username: 'matrix_mautrix_instagram'
|
||||
matrix_mautrix_instagram_database_password: 'some-password'
|
||||
matrix_mautrix_instagram_database_hostname: 'matrix-postgres'
|
||||
matrix_mautrix_instagram_database_hostname: ''
|
||||
matrix_mautrix_instagram_database_port: 5432
|
||||
matrix_mautrix_instagram_database_name: 'matrix_mautrix_instagram'
|
||||
|
||||
|
|
|
@ -70,9 +70,3 @@
|
|||
src: "{{ role_path }}/templates/systemd/matrix-mautrix-instagram.service.j2"
|
||||
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-instagram.service"
|
||||
mode: 0644
|
||||
register: matrix_mautrix_instagram_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-mautrix-instagram.service installation
|
||||
ansible.builtin.service:
|
||||
daemon_reload: true
|
||||
when: "matrix_mautrix_instagram_systemd_service_result.changed"
|
||||
|
|
|
@ -1,9 +1,10 @@
|
|||
---
|
||||
- name: Fail if required settings not defined
|
||||
- name: Fail if required mautrix-instagram settings not defined
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
You need to define a required configuration setting (`{{ item.name }}`).
|
||||
when: "item.when | bool and vars[item.name] == ''"
|
||||
with_items:
|
||||
- "matrix_mautrix_instagram_appservice_token"
|
||||
- "matrix_mautrix_instagram_homeserver_token"
|
||||
- {'name': 'matrix_mautrix_instagram_appservice_token', when: true}
|
||||
- {'name': 'matrix_mautrix_instagram_homeserver_token', when: true}
|
||||
- {'name': 'matrix_mautrix_instagram_database_hostname', when: "{{ matrix_mautrix_instagram_database_engine == 'postgres' }}"}
|
||||
|
|
|
@ -9,7 +9,7 @@ matrix_mautrix_signal_docker_repo: "https://mau.dev/mautrix/signal.git"
|
|||
matrix_mautrix_signal_docker_repo_version: "{{ 'master' if matrix_mautrix_signal_version == 'latest' else matrix_mautrix_signal_version }}"
|
||||
matrix_mautrix_signal_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-signal/docker-src"
|
||||
|
||||
matrix_mautrix_signal_version: v0.4.1
|
||||
matrix_mautrix_signal_version: v0.4.2
|
||||
matrix_mautrix_signal_daemon_version: 0.23.0
|
||||
# See: https://mau.dev/mautrix/signal/container_registry
|
||||
matrix_mautrix_signal_docker_image: "dock.mau.dev/mautrix/signal:{{ matrix_mautrix_signal_version }}"
|
||||
|
@ -76,7 +76,7 @@ matrix_mautrix_signal_database_engine: 'postgres'
|
|||
|
||||
matrix_mautrix_signal_database_username: 'matrix_mautrix_signal'
|
||||
matrix_mautrix_signal_database_password: 'some-password'
|
||||
matrix_mautrix_signal_database_hostname: 'matrix-postgres'
|
||||
matrix_mautrix_signal_database_hostname: ''
|
||||
matrix_mautrix_signal_database_port: 5432
|
||||
matrix_mautrix_signal_database_name: 'matrix_mautrix_signal'
|
||||
|
||||
|
|
|
@ -121,9 +121,3 @@
|
|||
src: "{{ role_path }}/templates/systemd/matrix-mautrix-signal.service.j2"
|
||||
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-signal.service"
|
||||
mode: 0644
|
||||
register: matrix_mautrix_signal_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-mautrix-signal.service installation
|
||||
ansible.builtin.service:
|
||||
daemon_reload: true
|
||||
when: "matrix_mautrix_signal_systemd_service_result.changed or matrix_mautrix_signal_daemon_systemd_service_result.changed"
|
||||
|
|
|
@ -1,15 +1,16 @@
|
|||
---
|
||||
|
||||
- name: Fail if required settings not defined
|
||||
- name: Fail if required mautrix-signal settings not defined
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
You need to define a required configuration setting (`{{ item.name }}`).
|
||||
when: "item.when | bool and vars[item.name] == ''"
|
||||
with_items:
|
||||
- "matrix_mautrix_signal_homeserver_domain"
|
||||
- "matrix_mautrix_signal_homeserver_address"
|
||||
- "matrix_mautrix_signal_homeserver_token"
|
||||
- "matrix_mautrix_signal_appservice_token"
|
||||
- {'name': 'matrix_mautrix_signal_homeserver_domain', when: true}
|
||||
- {'name': 'matrix_mautrix_signal_homeserver_address', when: true}
|
||||
- {'name': 'matrix_mautrix_signal_homeserver_token', when: true}
|
||||
- {'name': 'matrix_mautrix_signal_appservice_token', when: true}
|
||||
- {'name': 'matrix_mautrix_signal_database_hostname', when: "{{ matrix_mautrix_signal_database_engine == 'postgres' }}"}
|
||||
|
||||
- name: (Deprecation) Fail if matrix_mautrix_signal_bridge_permissions specified as YAML string, instead of a dictionary
|
||||
ansible.builtin.fail:
|
||||
|
|
|
@ -16,7 +16,7 @@ matrix_mautrix_telegram_docker_repo: "https://mau.dev/mautrix/telegram.git"
|
|||
matrix_mautrix_telegram_docker_repo_version: "{{ 'master' if matrix_mautrix_telegram_version == 'latest' else matrix_mautrix_telegram_version }}"
|
||||
matrix_mautrix_telegram_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-telegram/docker-src"
|
||||
|
||||
matrix_mautrix_telegram_version: v0.12.1
|
||||
matrix_mautrix_telegram_version: v0.12.2
|
||||
# See: https://mau.dev/mautrix/telegram/container_registry
|
||||
matrix_mautrix_telegram_docker_image: "dock.mau.dev/mautrix/telegram:{{ matrix_mautrix_telegram_version }}"
|
||||
matrix_mautrix_telegram_docker_image_force_pull: "{{ matrix_mautrix_telegram_docker_image.endswith(':latest') }}"
|
||||
|
@ -95,7 +95,7 @@ matrix_mautrix_telegram_sqlite_database_path_in_container: "/data/mautrix-telegr
|
|||
|
||||
matrix_mautrix_telegram_database_username: 'matrix_mautrix_telegram'
|
||||
matrix_mautrix_telegram_database_password: 'some-password'
|
||||
matrix_mautrix_telegram_database_hostname: 'matrix-postgres'
|
||||
matrix_mautrix_telegram_database_hostname: ''
|
||||
matrix_mautrix_telegram_database_port: 5432
|
||||
matrix_mautrix_telegram_database_name: 'matrix_mautrix_telegram'
|
||||
|
||||
|
|
|
@ -12,8 +12,11 @@
|
|||
|
||||
- when: "matrix_mautrix_telegram_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||
block:
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_postgres_db_migration_request:
|
||||
- ansible.builtin.include_role:
|
||||
name: galaxy/com.devture.ansible.role.postgres
|
||||
tasks_from: migrate_db_to_postgres
|
||||
vars:
|
||||
devture_postgres_db_migration_request:
|
||||
src: "{{ matrix_mautrix_telegram_sqlite_database_path_local }}"
|
||||
dst: "{{ matrix_mautrix_telegram_database_connection_string }}"
|
||||
caller: "{{ role_path | basename }}"
|
||||
|
@ -21,10 +24,6 @@
|
|||
engine_old: 'sqlite'
|
||||
systemd_services_to_stop: ['matrix-mautrix-telegram.service']
|
||||
|
||||
- ansible.builtin.import_role:
|
||||
name: custom/matrix-postgres
|
||||
tasks_from: migrate_db_to_postgres
|
||||
|
||||
- ansible.builtin.set_fact:
|
||||
matrix_mautrix_telegram_requires_restart: true
|
||||
|
||||
|
@ -141,15 +140,10 @@
|
|||
src: "{{ role_path }}/templates/systemd/matrix-mautrix-telegram.service.j2"
|
||||
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-telegram.service"
|
||||
mode: 0644
|
||||
register: matrix_mautrix_telegram_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-mautrix-telegram.service installation
|
||||
ansible.builtin.service:
|
||||
daemon_reload: true
|
||||
when: "matrix_mautrix_telegram_systemd_service_result.changed"
|
||||
|
||||
- name: Ensure matrix-mautrix-telegram.service restarted, if necessary
|
||||
ansible.builtin.service:
|
||||
name: "matrix-mautrix-telegram.service"
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
when: "matrix_mautrix_telegram_requires_restart | bool"
|
||||
|
|
|
@ -1,16 +1,17 @@
|
|||
---
|
||||
|
||||
- name: Fail if required settings not defined
|
||||
- name: Fail if required mautrix-telegram settings not defined
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
You need to define a required configuration setting (`{{ item.name }}`).
|
||||
when: "item.when | bool and vars[item.name] == ''"
|
||||
with_items:
|
||||
- "matrix_mautrix_telegram_api_id"
|
||||
- "matrix_mautrix_telegram_api_hash"
|
||||
- "matrix_mautrix_telegram_public_endpoint"
|
||||
- "matrix_mautrix_telegram_appservice_token"
|
||||
- "matrix_mautrix_telegram_homeserver_token"
|
||||
- {'name': 'matrix_mautrix_telegram_api_id', when: true}
|
||||
- {'name': 'matrix_mautrix_telegram_api_hash', when: true}
|
||||
- {'name': 'matrix_mautrix_telegram_public_endpoint', when: true}
|
||||
- {'name': 'matrix_mautrix_telegram_appservice_token', when: true}
|
||||
- {'name': 'matrix_mautrix_telegram_homeserver_token', when: true}
|
||||
- {'name': 'matrix_mautrix_telegram_database_hostname', when: "{{ matrix_mautrix_telegram_database_engine == 'postgres' }}"}
|
||||
|
||||
- name: (Deprecation) Catch and report renamed Telegram variables
|
||||
ansible.builtin.fail:
|
||||
|
|
|
@ -54,7 +54,7 @@ matrix_mautrix_twitter_federate_rooms: true
|
|||
matrix_mautrix_twitter_database_engine: 'postgres'
|
||||
|
||||
matrix_mautrix_twitter_database_username: 'matrix_mautrix_twitter'
|
||||
matrix_mautrix_twitter_database_password: ''
|
||||
matrix_mautrix_twitter_database_password: 'some-password'
|
||||
matrix_mautrix_twitter_database_hostname: ''
|
||||
matrix_mautrix_twitter_database_port: 5432
|
||||
matrix_mautrix_twitter_database_name: 'matrix_mautrix_twitter'
|
||||
|
|
|
@ -72,15 +72,10 @@
|
|||
src: "{{ role_path }}/templates/systemd/matrix-mautrix-twitter.service.j2"
|
||||
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-twitter.service"
|
||||
mode: 0644
|
||||
register: matrix_mautrix_twitter_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-mautrix-twitter.service installation
|
||||
ansible.builtin.service:
|
||||
daemon_reload: true
|
||||
when: "matrix_mautrix_twitter_systemd_service_result.changed"
|
||||
|
||||
- name: Ensure matrix-mautrix-twitter.service restarted, if necessary
|
||||
ansible.builtin.service:
|
||||
name: "matrix-mautrix-twitter.service"
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
when: "matrix_mautrix_twitter_requires_restart | bool"
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue