diff --git a/.config/ansible-lint.yml b/.config/ansible-lint.yml index beff4658..22ba9253 100644 --- a/.config/ansible-lint.yml +++ b/.config/ansible-lint.yml @@ -9,5 +9,8 @@ skip_list: - schema - command-instead-of-shell - role-name + # We frequently load configuration from a template (into a variable), then merge that with another variable (configuration extension) + # before finally dumping it to a file. + - template-instead-of-copy offline: false diff --git a/roles/matrix-backup-borg/tasks/setup_install.yml b/roles/matrix-backup-borg/tasks/setup_install.yml index e3401a13..b44a8fa1 100644 --- a/roles/matrix-backup-borg/tasks/setup_install.yml +++ b/roles/matrix-backup-borg/tasks/setup_install.yml @@ -1,6 +1,7 @@ --- -- block: +- when: matrix_backup_borg_postgresql_enabled | bool and matrix_backup_borg_version == '' + block: - name: Fail with matrix_backup_borg_version advice if Postgres not enabled ansible.builtin.fail: msg: >- @@ -20,7 +21,6 @@ - name: Set the correct borg backup version to use ansible.builtin.set_fact: matrix_backup_borg_version: "{{ matrix_postgres_detected_version }}" - when: matrix_backup_borg_postgresql_enabled | bool and matrix_backup_borg_version == '' - name: Ensure borg paths exist ansible.builtin.file: diff --git a/roles/matrix-base/defaults/main.yml b/roles/matrix-base/defaults/main.yml index 2f8645e5..eccda626 100644 --- a/roles/matrix-base/defaults/main.yml +++ b/roles/matrix-base/defaults/main.yml @@ -134,7 +134,7 @@ matrix_host_command_openssl: "/usr/bin/env openssl" matrix_host_command_systemctl: "/usr/bin/env systemctl" matrix_host_command_sh: "/usr/bin/env sh" -matrix_ntpd_package: "{{ 'systemd-timesyncd' if (ansible_os_family == 'RedHat' and ansible_distribution_major_version | int > 7) or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version | int > 18) else ('systemd' if ansible_os_family == 'Suse' else 'ntp') }}" +matrix_ntpd_package: "{{ 'systemd-timesyncd' if (ansible_os_family == 'RedHat' and ansible_distribution_major_version | int > 7) or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version | int > 18) else ('systemd' if ansible_os_family == 'Suse' else 'ntp') }}" matrix_ntpd_service: "{{ 'systemd-timesyncd' if (ansible_os_family == 'RedHat' and ansible_distribution_major_version | int > 7) or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version | int > 18) or ansible_distribution == 'Archlinux' or ansible_os_family == 'Suse' else ('ntpd' if ansible_os_family == 'RedHat' else 'ntp') }}" matrix_homeserver_url: "https://{{ matrix_server_fqn_matrix }}" diff --git a/roles/matrix-base/tasks/server_base/setup.yml b/roles/matrix-base/tasks/server_base/setup.yml index 40d5a4d0..8cc4dff4 100644 --- a/roles/matrix-base/tasks/server_base/setup.yml +++ b/roles/matrix-base/tasks/server_base/setup.yml @@ -9,7 +9,8 @@ - ansible.builtin.include_tasks: "{{ role_path }}/tasks/server_base/setup_fedora.yml" when: ansible_os_family == 'RedHat' and ansible_distribution_major_version | int > 30 -- block: +- when: ansible_os_family == 'Debian' + block: # ansible_lsb is only available if lsb-release is installed. - name: Ensure lsb-release installed ansible.builtin.apt: @@ -28,7 +29,6 @@ - ansible.builtin.include_tasks: "{{ role_path }}/tasks/server_base/setup_raspbian.yml" when: (ansible_os_family == 'Debian') and (ansible_lsb.id == 'Raspbian') - when: ansible_os_family == 'Debian' - ansible.builtin.include_tasks: "{{ role_path }}/tasks/server_base/setup_archlinux.yml" when: ansible_distribution == 'Archlinux' @@ -39,7 +39,7 @@ state: started enabled: true -- name: "Ensure {{ matrix_ntpd_service }} is started and autoruns" +- name: "Ensure ntpd is started and autoruns" ansible.builtin.service: name: "{{ matrix_ntpd_service }}" state: started diff --git a/roles/matrix-bot-buscarron/tasks/setup_install.yml b/roles/matrix-bot-buscarron/tasks/setup_install.yml index 0db7b728..564ff7e0 100644 --- a/roles/matrix-bot-buscarron/tasks/setup_install.yml +++ b/roles/matrix-bot-buscarron/tasks/setup_install.yml @@ -2,13 +2,15 @@ - ansible.builtin.set_fact: matrix_bot_buscarron_requires_restart: false -- block: +- when: "matrix_bot_buscarron_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_bot_buscarron_sqlite_database_path_local }}" register: matrix_bot_buscarron_sqlite_database_path_local_stat_result - - block: + - when: "matrix_bot_buscarron_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_bot_buscarron_sqlite_database_path_local }}" @@ -24,8 +26,6 @@ - ansible.builtin.set_fact: matrix_bot_buscarron_requires_restart: true - when: "matrix_bot_buscarron_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_bot_buscarron_database_engine == 'postgres'" - name: Ensure buscarron paths exist ansible.builtin.file: diff --git a/roles/matrix-bot-honoroit/tasks/setup_install.yml b/roles/matrix-bot-honoroit/tasks/setup_install.yml index 9bb979fc..8a440484 100644 --- a/roles/matrix-bot-honoroit/tasks/setup_install.yml +++ b/roles/matrix-bot-honoroit/tasks/setup_install.yml @@ -2,13 +2,15 @@ - ansible.builtin.set_fact: matrix_bot_honoroit_requires_restart: false -- block: +- when: "matrix_bot_honoroit_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_bot_honoroit_sqlite_database_path_local }}" register: matrix_bot_honoroit_sqlite_database_path_local_stat_result - - block: + - when: "matrix_bot_honoroit_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_bot_honoroit_sqlite_database_path_local }}" @@ -24,8 +26,6 @@ - ansible.builtin.set_fact: matrix_bot_honoroit_requires_restart: true - when: "matrix_bot_honoroit_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_bot_honoroit_database_engine == 'postgres'" - name: Ensure honoroit paths exist ansible.builtin.file: diff --git a/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml b/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml index 0ad895af..93285bf6 100644 --- a/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml +++ b/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml @@ -3,13 +3,15 @@ - ansible.builtin.set_fact: matrix_bot_matrix_reminder_bot_requires_restart: false -- block: +- when: "matrix_bot_matrix_reminder_bot_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_bot_matrix_reminder_bot_sqlite_database_path_local }}" register: matrix_bot_matrix_reminder_bot_sqlite_database_path_local_stat_result - - block: + - when: "matrix_bot_matrix_reminder_bot_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_bot_matrix_reminder_bot_sqlite_database_path_local }}" @@ -25,8 +27,6 @@ - ansible.builtin.set_fact: matrix_bot_matrix_reminder_bot_requires_restart: true - when: "matrix_bot_matrix_reminder_bot_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_bot_matrix_reminder_bot_database_engine == 'postgres'" - name: Ensure matrix-reminder-bot paths exist ansible.builtin.file: diff --git a/roles/matrix-bot-postmoogle/tasks/setup_install.yml b/roles/matrix-bot-postmoogle/tasks/setup_install.yml index 3e6e6dc6..9c9e59ee 100644 --- a/roles/matrix-bot-postmoogle/tasks/setup_install.yml +++ b/roles/matrix-bot-postmoogle/tasks/setup_install.yml @@ -1,11 +1,13 @@ --- -- block: +- when: "matrix_bot_postmoogle_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_bot_postmoogle_sqlite_database_path_local }}" register: matrix_bot_postmoogle_sqlite_database_path_local_stat_result - - block: + - when: "matrix_bot_postmoogle_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_bot_postmoogle_sqlite_database_path_local }}" @@ -21,8 +23,6 @@ - ansible.builtin.set_fact: matrix_bot_postmoogle_requires_restart: true - when: "matrix_bot_postmoogle_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_bot_postmoogle_database_engine == 'postgres'" - name: Ensure postmoogle paths exist ansible.builtin.file: diff --git a/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml b/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml index af17613c..e12c1572 100644 --- a/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml +++ b/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml @@ -3,13 +3,15 @@ - ansible.builtin.set_fact: matrix_appservice_discord_requires_restart: false -- block: +- when: "matrix_appservice_discord_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_appservice_discord_sqlite_database_path_local }}" register: matrix_appservice_discord_sqlite_database_path_local_stat_result - - block: + - when: "matrix_appservice_discord_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_appservice_discord_sqlite_database_path_local }}" @@ -25,8 +27,6 @@ - ansible.builtin.set_fact: matrix_appservice_discord_requires_restart: true - when: "matrix_appservice_discord_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_appservice_discord_database_engine == 'postgres'" - name: Ensure Appservice Discord image is pulled docker_image: diff --git a/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml b/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml index 6b7fc92d..6794e814 100644 --- a/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml +++ b/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml @@ -21,7 +21,8 @@ path: "{{ matrix_appservice_irc_base_path }}/passkey.pem" register: matrix_appservice_irc_stat_passkey -- block: +- when: "matrix_appservice_irc_stat_passkey.stat.exists" + block: - name: (Data relocation) Ensure matrix-appservice-irc.service is stopped ansible.builtin.service: name: matrix-appservice-irc @@ -44,24 +45,23 @@ - rooms.db - users.db failed_when: false - when: "matrix_appservice_irc_stat_passkey.stat.exists" - ansible.builtin.set_fact: matrix_appservice_irc_requires_restart: false -- block: +- when: "matrix_appservice_irc_database_engine == 'postgres'" + block: - name: Check if a nedb database already exists ansible.builtin.stat: path: "{{ matrix_appservice_irc_data_path }}/users.db" register: matrix_appservice_irc_nedb_database_path_local_stat_result - - block: + - when: "matrix_appservice_irc_nedb_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.import_tasks: "{{ role_path }}/tasks/migrate_nedb_to_postgres.yml" - ansible.builtin.set_fact: matrix_appservice_irc_requires_restart: true - when: "matrix_appservice_irc_nedb_database_path_local_stat_result.stat.exists | bool" - when: "matrix_appservice_irc_database_engine == 'postgres'" - name: Ensure Appservice IRC image is pulled docker_image: diff --git a/roles/matrix-bridge-appservice-slack/tasks/init.yml b/roles/matrix-bridge-appservice-slack/tasks/init.yml index 023b4288..d06e5aaf 100644 --- a/roles/matrix-bridge-appservice-slack/tasks/init.yml +++ b/roles/matrix-bridge-appservice-slack/tasks/init.yml @@ -43,7 +43,10 @@ The matrix-bridge-appservice-slack role needs to execute before the matrix-synapse role. when: "matrix_synapse_role_executed | default(False)" -- block: +- when: matrix_appservice_slack_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -76,9 +79,6 @@ + [matrix_appservice_slack_matrix_nginx_proxy_configuration] }} - tags: - - always - when: matrix_appservice_slack_enabled | bool - name: Warn about reverse-proxying if matrix-nginx-proxy not used ansible.builtin.debug: diff --git a/roles/matrix-bridge-appservice-slack/tasks/setup_install.yml b/roles/matrix-bridge-appservice-slack/tasks/setup_install.yml index a2921d98..9b741d69 100644 --- a/roles/matrix-bridge-appservice-slack/tasks/setup_install.yml +++ b/roles/matrix-bridge-appservice-slack/tasks/setup_install.yml @@ -17,19 +17,19 @@ - ansible.builtin.set_fact: matrix_appservice_slack_requires_restart: false -- block: +- when: "matrix_appservice_slack_database_engine == 'postgres'" + block: - name: Check if a nedb database already exists ansible.builtin.stat: path: "{{ matrix_appservice_slack_data_path }}/teams.db" register: matrix_appservice_slack_nedb_database_path_local_stat_result - - block: + - when: "matrix_appservice_slack_nedb_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.import_tasks: "{{ role_path }}/tasks/migrate_nedb_to_postgres.yml" - ansible.builtin.set_fact: matrix_appservice_slack_requires_restart: true - when: "matrix_appservice_slack_nedb_database_path_local_stat_result.stat.exists | bool" - when: "matrix_appservice_slack_database_engine == 'postgres'" - name: Ensure Appservice Slack image is pulled docker_image: diff --git a/roles/matrix-bridge-appservice-webhooks/tasks/init.yml b/roles/matrix-bridge-appservice-webhooks/tasks/init.yml index 7cb2cfd6..1f8ace9e 100644 --- a/roles/matrix-bridge-appservice-webhooks/tasks/init.yml +++ b/roles/matrix-bridge-appservice-webhooks/tasks/init.yml @@ -36,7 +36,10 @@ The matrix-bridge-appservice-webhooks role needs to execute before the matrix-synapse role. when: "matrix_synapse_role_executed | default(False)" -- block: +- when: matrix_appservice_webhooks_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -71,9 +74,6 @@ + [matrix_appservice_webhooks_matrix_nginx_proxy_configuration] }} - tags: - - always - when: matrix_appservice_webhooks_enabled | bool - name: Warn about reverse-proxying if matrix-nginx-proxy not used ansible.builtin.debug: diff --git a/roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml b/roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml index 603f9d1d..5cd8da88 100644 --- a/roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml +++ b/roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml @@ -26,7 +26,8 @@ delay: "{{ matrix_container_retries_delay }}" until: result is not failed -- block: +- when: "matrix_appservice_webhooks_container_image_self_build | bool" + block: - name: Ensure Appservice webhooks repository is present on self-build ansible.builtin.git: repo: "{{ matrix_appservice_webhooks_container_image_self_build_repo }}" @@ -47,7 +48,6 @@ dockerfile: "{{ matrix_appservice_webhooks_container_image_self_build_repo_dockerfile_path }}" path: "{{ matrix_appservice_webhooks_docker_src_files_path }}" pull: true - when: "matrix_appservice_webhooks_container_image_self_build | bool" - name: Ensure Matrix Appservice webhooks config is installed ansible.builtin.copy: diff --git a/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml b/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml index f1d7e8fd..c1b19df9 100644 --- a/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml +++ b/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml @@ -34,7 +34,8 @@ delay: "{{ matrix_container_retries_delay }}" until: result is not failed -- block: +- when: "matrix_beeper_linkedin_container_image_self_build | bool" + block: - name: Ensure Beeper LinkedIn repository is present on self-build ansible.builtin.git: repo: "{{ matrix_beeper_linkedin_container_image_self_build_repo }}" @@ -72,7 +73,6 @@ pull: true args: TARGETARCH: "{{ matrix_architecture }}" - when: "matrix_beeper_linkedin_container_image_self_build | bool" - name: Ensure beeper-linkedin config.yaml installed ansible.builtin.copy: diff --git a/roles/matrix-bridge-go-skype-bridge/tasks/setup_install.yml b/roles/matrix-bridge-go-skype-bridge/tasks/setup_install.yml index 7403ff5c..32019686 100644 --- a/roles/matrix-bridge-go-skype-bridge/tasks/setup_install.yml +++ b/roles/matrix-bridge-go-skype-bridge/tasks/setup_install.yml @@ -11,13 +11,15 @@ - ansible.builtin.set_fact: matrix_go_skype_bridge_requires_restart: false -- block: +- when: "matrix_go_skype_bridge_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_go_skype_bridge_sqlite_database_path_local }}" register: matrix_go_skype_bridge_sqlite_database_path_local_stat_result - - block: + - when: "matrix_go_skype_bridge_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_go_skype_bridge_sqlite_database_path_local }}" @@ -34,9 +36,6 @@ - ansible.builtin.set_fact: matrix_go_skype_bridge_requires_restart: true - when: "matrix_go_skype_bridge_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_go_skype_bridge_database_engine == 'postgres'" - - name: Ensure Go Skype Bridge paths exists ansible.builtin.file: diff --git a/roles/matrix-bridge-hookshot/tasks/init.yml b/roles/matrix-bridge-hookshot/tasks/init.yml index e6cd1209..63921f31 100644 --- a/roles/matrix-bridge-hookshot/tasks/init.yml +++ b/roles/matrix-bridge-hookshot/tasks/init.yml @@ -28,7 +28,8 @@ }} when: matrix_hookshot_enabled | bool -- block: +- when: matrix_hookshot_enabled | bool + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -128,7 +129,6 @@ [matrix_hookshot_matrix_nginx_proxy_metrics_configuration_matrix_domain] }} when: matrix_hookshot_metrics_enabled | bool and matrix_hookshot_metrics_proxying_enabled | bool - when: matrix_hookshot_enabled | bool - name: Warn about reverse-proxying if matrix-nginx-proxy not used ansible.builtin.debug: diff --git a/roles/matrix-bridge-mautrix-discord/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-discord/tasks/setup_install.yml index 7e2ed79c..4b05765a 100644 --- a/roles/matrix-bridge-mautrix-discord/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-discord/tasks/setup_install.yml @@ -11,13 +11,15 @@ - ansible.builtin.set_fact: matrix_mautrix_discord_requires_restart: false -- block: +- when: "matrix_mautrix_discord_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_mautrix_discord_sqlite_database_path_local }}" register: matrix_mautrix_discord_sqlite_database_path_local_stat_result - - block: + - when: "matrix_mautrix_discord_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_mautrix_discord_sqlite_database_path_local }}" @@ -34,9 +36,6 @@ - ansible.builtin.set_fact: matrix_mautrix_discord_requires_restart: true - when: "matrix_mautrix_discord_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_mautrix_discord_database_engine == 'postgres'" - - name: Ensure Mautrix Discord paths exists ansible.builtin.file: diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/init.yml b/roles/matrix-bridge-mautrix-facebook/tasks/init.yml index 5252af82..5565689f 100644 --- a/roles/matrix-bridge-mautrix-facebook/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-facebook/tasks/init.yml @@ -27,7 +27,10 @@ }} when: matrix_mautrix_facebook_enabled | bool -- block: +- when: matrix_mautrix_facebook_enabled | bool and matrix_mautrix_facebook_appservice_public_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -70,7 +73,3 @@ URL endpoint to the matrix-mautrix-facebook container. You can expose the container's port using the `matrix_mautrix_facebook_container_http_host_bind_port` variable. when: "not matrix_nginx_proxy_enabled | default(False) | bool" - - tags: - - always - when: matrix_mautrix_facebook_enabled | bool and matrix_mautrix_facebook_appservice_public_enabled | bool diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml index 3e7d8f05..ca882fb0 100644 --- a/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml @@ -11,13 +11,15 @@ - ansible.builtin.set_fact: matrix_mautrix_facebook_requires_restart: false -- block: +- when: "matrix_mautrix_facebook_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_mautrix_facebook_sqlite_database_path_local }}" register: matrix_mautrix_facebook_sqlite_database_path_local_stat_result - - block: + - when: "matrix_mautrix_facebook_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_mautrix_facebook_sqlite_database_path_local }}" @@ -33,8 +35,6 @@ - ansible.builtin.set_fact: matrix_mautrix_facebook_requires_restart: true - when: "matrix_mautrix_facebook_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_mautrix_facebook_database_engine == 'postgres'" - name: Ensure Mautrix Facebook image is pulled docker_image: diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/validate_config.yml b/roles/matrix-bridge-mautrix-facebook/tasks/validate_config.yml index 4f588b5f..413ea027 100644 --- a/roles/matrix-bridge-mautrix-facebook/tasks/validate_config.yml +++ b/roles/matrix-bridge-mautrix-facebook/tasks/validate_config.yml @@ -10,7 +10,8 @@ - "matrix_mautrix_facebook_appservice_token" - "matrix_mautrix_facebook_homeserver_token" -- block: +- when: "matrix_mautrix_facebook_database_engine == 'sqlite' and matrix_mautrix_facebook_docker_image.endswith(':da1b4ec596e334325a1589e70829dea46e73064b')" + block: - name: Inject warning if on an old SQLite-supporting version ansible.builtin.set_fact: matrix_playbook_runtime_results: | @@ -21,4 +22,3 @@ "NOTE: Your mautrix-facebook bridge is still on SQLite and on the last version that supported it, before support was dropped. Support has been subsequently re-added in v0.3.2, so we advise you to upgrade (by removing your `matrix_mautrix_facebook_docker_image` definition from vars.yml)" ] }} - when: "matrix_mautrix_facebook_database_engine == 'sqlite' and matrix_mautrix_facebook_docker_image.endswith(':da1b4ec596e334325a1589e70829dea46e73064b')" diff --git a/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml b/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml index 2c5bdc10..c4ae920c 100644 --- a/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml @@ -27,7 +27,10 @@ }} when: matrix_mautrix_googlechat_enabled | bool -- block: +- when: matrix_mautrix_googlechat_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -59,9 +62,6 @@ + [matrix_mautrix_googlechat_matrix_nginx_proxy_configuration] }} - tags: - - always - when: matrix_mautrix_googlechat_enabled | bool - name: Warn about reverse-proxying if matrix-nginx-proxy not used ansible.builtin.debug: diff --git a/roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml index f2192a34..f2fccb29 100644 --- a/roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml @@ -11,13 +11,15 @@ - ansible.builtin.set_fact: matrix_mautrix_googlechat_requires_restart: false -- block: +- when: "matrix_mautrix_googlechat_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_mautrix_googlechat_sqlite_database_path_local }}" register: matrix_mautrix_googlechat_sqlite_database_path_local_stat_result - - block: + - when: "matrix_mautrix_googlechat_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_mautrix_googlechat_sqlite_database_path_local }}" @@ -33,8 +35,6 @@ - ansible.builtin.set_fact: matrix_mautrix_googlechat_requires_restart: true - when: "matrix_mautrix_googlechat_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_mautrix_googlechat_database_engine == 'postgres'" - name: Ensure Mautrix googlechat image is pulled docker_image: diff --git a/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml b/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml index 39b88edb..380dc4b3 100644 --- a/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml @@ -27,7 +27,10 @@ }} when: matrix_mautrix_hangouts_enabled | bool -- block: +- when: matrix_mautrix_hangouts_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -59,9 +62,6 @@ + [matrix_mautrix_hangouts_matrix_nginx_proxy_configuration] }} - tags: - - always - when: matrix_mautrix_hangouts_enabled | bool - name: Warn about reverse-proxying if matrix-nginx-proxy not used ansible.builtin.debug: diff --git a/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml index 4087162e..48c83584 100644 --- a/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml @@ -11,13 +11,15 @@ - ansible.builtin.set_fact: matrix_mautrix_hangouts_requires_restart: false -- block: +- when: "matrix_mautrix_hangouts_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_mautrix_hangouts_sqlite_database_path_local }}" register: matrix_mautrix_hangouts_sqlite_database_path_local_stat_result - - block: + - when: "matrix_mautrix_hangouts_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_mautrix_hangouts_sqlite_database_path_local }}" @@ -33,8 +35,6 @@ - ansible.builtin.set_fact: matrix_mautrix_hangouts_requires_restart: true - when: "matrix_mautrix_hangouts_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_mautrix_hangouts_database_engine == 'postgres'" - name: Ensure Mautrix Hangouts image is pulled docker_image: diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/init.yml b/roles/matrix-bridge-mautrix-telegram/tasks/init.yml index f9b3bb1c..f828f793 100644 --- a/roles/matrix-bridge-mautrix-telegram/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-telegram/tasks/init.yml @@ -27,7 +27,10 @@ }} when: matrix_mautrix_telegram_enabled | bool -- block: +- when: matrix_mautrix_telegram_enabled | bool and matrix_mautrix_telegram_appservice_public_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -69,7 +72,3 @@ URL endpoint to the matrix-mautrix-telegram container. You can expose the container's port using the `matrix_mautrix_telegram_container_http_host_bind_port` variable. when: "not matrix_nginx_proxy_enabled | default(False) | bool" - - tags: - - always - when: matrix_mautrix_telegram_enabled | bool and matrix_mautrix_telegram_appservice_public_enabled | bool diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml index 6ce39657..7a50b709 100644 --- a/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml @@ -11,13 +11,15 @@ - ansible.builtin.set_fact: matrix_mautrix_telegram_requires_restart: false -- block: +- when: "matrix_mautrix_telegram_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_mautrix_telegram_sqlite_database_path_local }}" register: matrix_mautrix_telegram_sqlite_database_path_local_stat_result - - block: + - when: "matrix_mautrix_telegram_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_mautrix_telegram_sqlite_database_path_local }}" @@ -33,8 +35,6 @@ - ansible.builtin.set_fact: matrix_mautrix_telegram_requires_restart: true - when: "matrix_mautrix_telegram_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_mautrix_telegram_database_engine == 'postgres'" - name: Ensure Mautrix Telegram paths exist ansible.builtin.file: diff --git a/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml index c3edd6a7..b58542f7 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml @@ -11,13 +11,15 @@ - ansible.builtin.set_fact: matrix_mautrix_whatsapp_requires_restart: false -- block: +- when: "matrix_mautrix_whatsapp_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_mautrix_whatsapp_sqlite_database_path_local }}" register: matrix_mautrix_whatsapp_sqlite_database_path_local_stat_result - - block: + - when: "matrix_mautrix_whatsapp_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_mautrix_whatsapp_sqlite_database_path_local }}" @@ -34,9 +36,6 @@ - ansible.builtin.set_fact: matrix_mautrix_whatsapp_requires_restart: true - when: "matrix_mautrix_whatsapp_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_mautrix_whatsapp_database_engine == 'postgres'" - - name: Ensure Mautrix Whatsapp paths exists ansible.builtin.file: diff --git a/roles/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml index d60f73f9..b863b444 100644 --- a/roles/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml @@ -27,7 +27,8 @@ path: "{{ matrix_mx_puppet_discord_base_path }}/database.db" register: matrix_mx_puppet_discord_stat_database -- block: +- when: "matrix_mx_puppet_discord_stat_database.stat.exists" + block: - name: (Data relocation) Ensure matrix-mx-puppet-discord.service is stopped ansible.builtin.service: name: matrix-mx-puppet-discord @@ -40,18 +41,19 @@ cmd: "mv {{ matrix_mx_puppet_discord_base_path }}/database.db {{ matrix_mx_puppet_discord_data_path }}/database.db" register: matrix_mx_puppet_discord_relocate_database_result changed_when: matrix_mx_puppet_discord_relocate_database_result.rc == 0 - when: "matrix_mx_puppet_discord_stat_database.stat.exists" - ansible.builtin.set_fact: matrix_mx_puppet_discord_requires_restart: false -- block: +- when: "matrix_mx_puppet_discord_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_mx_puppet_discord_sqlite_database_path_local }}" register: matrix_mx_puppet_discord_sqlite_database_path_local_stat_result - - block: + - when: "matrix_mx_puppet_discord_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_mx_puppet_discord_sqlite_database_path_local }}" @@ -67,8 +69,6 @@ - ansible.builtin.set_fact: matrix_mx_puppet_discord_requires_restart: true - when: "matrix_mx_puppet_discord_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_mx_puppet_discord_database_engine == 'postgres'" - name: Ensure MX Puppet Discord image is pulled docker_image: diff --git a/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml index 497f0109..f81ae4a0 100644 --- a/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml @@ -43,13 +43,15 @@ - ansible.builtin.set_fact: matrix_mx_puppet_groupme_requires_restart: false -- block: +- when: "matrix_mx_puppet_groupme_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_mx_puppet_groupme_sqlite_database_path_local }}" register: matrix_mx_puppet_groupme_sqlite_database_path_local_stat_result - - block: + - when: "matrix_mx_puppet_groupme_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_mx_puppet_groupme_sqlite_database_path_local }}" @@ -65,8 +67,6 @@ - ansible.builtin.set_fact: matrix_mx_puppet_groupme_requires_restart: true - when: "matrix_mx_puppet_groupme_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_mx_puppet_groupme_database_engine == 'postgres'" - name: Ensure MX Puppet Groupme image is pulled docker_image: diff --git a/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml index 7695d88e..600ed63c 100644 --- a/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml @@ -12,13 +12,15 @@ - ansible.builtin.set_fact: matrix_mx_puppet_instagram_requires_restart: false -- block: +- when: "matrix_mx_puppet_instagram_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_mx_puppet_instagram_sqlite_database_path_local }}" register: matrix_mx_puppet_instagram_sqlite_database_path_local_stat_result - - block: + - when: "matrix_mx_puppet_instagram_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_mx_puppet_instagram_sqlite_database_path_local }}" @@ -34,8 +36,6 @@ - ansible.builtin.set_fact: matrix_mx_puppet_instagram_requires_restart: true - when: "matrix_mx_puppet_instagram_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_mx_puppet_instagram_database_engine == 'postgres'" - name: Ensure mx-puppet-instagram image is pulled docker_image: diff --git a/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml b/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml index 506a271d..9eff170a 100644 --- a/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml @@ -27,7 +27,10 @@ }} when: matrix_mx_puppet_slack_enabled | bool -- block: +- when: matrix_mx_puppet_slack_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -60,9 +63,6 @@ + [matrix_mx_puppet_slack_matrix_nginx_proxy_configuration] }} - tags: - - always - when: matrix_mx_puppet_slack_enabled | bool - name: Warn about reverse-proxying if matrix-nginx-proxy not used ansible.builtin.debug: diff --git a/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml index 70dac9ac..9c5ae4fc 100644 --- a/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml @@ -39,13 +39,15 @@ - ansible.builtin.set_fact: matrix_mx_puppet_slack_requires_restart: false -- block: +- when: "matrix_mx_puppet_slack_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_mx_puppet_slack_sqlite_database_path_local }}" register: matrix_mx_puppet_slack_sqlite_database_path_local_stat_result - - block: + - when: "matrix_mx_puppet_slack_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_mx_puppet_slack_sqlite_database_path_local }}" @@ -61,8 +63,6 @@ - ansible.builtin.set_fact: matrix_mx_puppet_slack_requires_restart: true - when: "matrix_mx_puppet_slack_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_mx_puppet_slack_database_engine == 'postgres'" - name: Ensure MX Puppet Slack image is pulled docker_image: diff --git a/roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml index 80487630..c75566f3 100644 --- a/roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml @@ -43,13 +43,15 @@ - ansible.builtin.set_fact: matrix_mx_puppet_steam_requires_restart: false -- block: +- when: "matrix_mx_puppet_steam_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_mx_puppet_steam_sqlite_database_path_local }}" register: matrix_mx_puppet_steam_sqlite_database_path_local_stat_result - - block: + - when: "matrix_mx_puppet_steam_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_mx_puppet_steam_sqlite_database_path_local }}" @@ -65,8 +67,6 @@ - ansible.builtin.set_fact: matrix_mx_puppet_steam_requires_restart: true - when: "matrix_mx_puppet_steam_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_mx_puppet_steam_database_engine == 'postgres'" - name: Ensure MX Puppet Steam image is pulled docker_image: diff --git a/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml b/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml index 444491ea..a58cd9ac 100644 --- a/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml @@ -27,7 +27,10 @@ }} when: matrix_mx_puppet_twitter_enabled | bool -- block: +- when: matrix_mx_puppet_twitter_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -60,9 +63,6 @@ + [matrix_mx_puppet_twitter_matrix_nginx_proxy_configuration] }} - tags: - - always - when: matrix_mx_puppet_twitter_enabled | bool - name: Warn about reverse-proxying if matrix-nginx-proxy not used ansible.builtin.debug: diff --git a/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml index 305cd5de..ed94eae5 100644 --- a/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml @@ -43,13 +43,15 @@ - ansible.builtin.set_fact: matrix_mx_puppet_twitter_requires_restart: false -- block: +- when: "matrix_mx_puppet_twitter_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_mx_puppet_twitter_sqlite_database_path_local }}" register: matrix_mx_puppet_twitter_sqlite_database_path_local_stat_result - - block: + - when: "matrix_mx_puppet_twitter_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_mx_puppet_twitter_sqlite_database_path_local }}" @@ -65,8 +67,6 @@ - ansible.builtin.set_fact: matrix_mx_puppet_twitter_requires_restart: true - when: "matrix_mx_puppet_twitter_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_mx_puppet_twitter_database_engine == 'postgres'" - name: Ensure MX Puppet Twitter image is pulled docker_image: diff --git a/roles/matrix-cactus-comments/tasks/init.yml b/roles/matrix-cactus-comments/tasks/init.yml index 9a15cf89..5067d025 100644 --- a/roles/matrix-cactus-comments/tasks/init.yml +++ b/roles/matrix-cactus-comments/tasks/init.yml @@ -21,7 +21,10 @@ }} when: matrix_cactus_comments_enabled | bool -- block: +- when: matrix_cactus_comments_enabled | bool and matrix_cactus_comments_serve_client_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -63,7 +66,3 @@ reverse proxy. Please make sure that you're proxying client files in {{ matrix_cactus_comments_client_path }} correctly when: "not matrix_nginx_proxy_enabled | default(False) | bool" - - tags: - - always - when: matrix_cactus_comments_enabled | bool and matrix_cactus_comments_serve_client_enabled | bool diff --git a/roles/matrix-cactus-comments/tasks/setup_install.yml b/roles/matrix-cactus-comments/tasks/setup_install.yml index 8e6bb68e..ec5311e8 100644 --- a/roles/matrix-cactus-comments/tasks/setup_install.yml +++ b/roles/matrix-cactus-comments/tasks/setup_install.yml @@ -65,7 +65,8 @@ pull: true when: "matrix_cactus_comments_container_image_self_build | bool" -- block: +- when: matrix_cactus_comments_client_local_dir | length == 0 + block: - name: Download client binary to local folder ansible.builtin.get_url: url: "https://gitlab.com/cactus-comments/cactus-client/-/archive/v{{ matrix_cactus_comments_client_version }}/cactus-client-v{{ matrix_cactus_comments_client_version }}.tar.gz" @@ -101,9 +102,9 @@ mode: "{{ matrix_cactus_comments_client_file_permissions }}" owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" - when: matrix_cactus_comments_client_local_dir | length == 0 -- block: +- when: matrix_cactus_comments_client_local_dir | length > 0 + block: - name: Propagate locally distributed client javascreipt ansible.builtin.copy: src: "{{ matrix_cactus_comments_client_local_dir }}/src/cactus.js" @@ -118,7 +119,6 @@ mode: "{{ matrix_cactus_comments_client_file_permissions }}" owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" - when: matrix_cactus_comments_client_local_dir | length > 0 - name: Ensure matrix-cactus-comments.service installed ansible.builtin.template: diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index 4898e9ca..a534ba11 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -10,7 +10,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/vecto # - https://github.com/vector-im/element-web/issues/19544 matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" -matrix_client_element_version: v1.11.5 +matrix_client_element_version: v1.11.6 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" diff --git a/roles/matrix-client-element/tasks/prepare_themes.yml b/roles/matrix-client-element/tasks/prepare_themes.yml index 8185122c..3f5c9783 100644 --- a/roles/matrix-client-element/tasks/prepare_themes.yml +++ b/roles/matrix-client-element/tasks/prepare_themes.yml @@ -4,7 +4,11 @@ # Tasks related to setting up Element themes # -- block: +- when: matrix_client_element_themes_enabled | bool + run_once: true + delegate_to: 127.0.0.1 + become: false + block: - name: Ensure Element themes repository is pulled ansible.builtin.git: repo: "{{ matrix_client_element_themes_repository_url }}" @@ -29,12 +33,6 @@ matrix_client_element_settingDefaults_custom_themes: "{{ matrix_client_element_settingDefaults_custom_themes + [item['content'] | b64decode | from_json] }}" # noqa var-naming with_items: "{{ matrix_client_element_theme_file_contents.results }}" - run_once: true - delegate_to: 127.0.0.1 - become: false - when: matrix_client_element_themes_enabled | bool - - # # Tasks related to getting rid of Element themes (if it was previously enabled) # diff --git a/roles/matrix-common-after/tasks/start.yml b/roles/matrix-common-after/tasks/start.yml index 605b3f61..c88eb64f 100644 --- a/roles/matrix-common-after/tasks/start.yml +++ b/roles/matrix-common-after/tasks/start.yml @@ -34,7 +34,8 @@ delegate_to: 127.0.0.1 become: false -- block: +- when: "ansible_distribution != 'Archlinux'" + block: - name: Populate service facts ansible.builtin.service_facts: @@ -50,9 +51,9 @@ with_items: "{{ matrix_systemd_services_list }}" when: - "item.endswith('.service') and (ansible_facts.services[item] | default(none) is none or ansible_facts.services[item].state != 'running')" - when: "ansible_distribution != 'Archlinux'" -- block: +- when: "ansible_distribution == 'Archlinux'" + block: # Currently there is a bug in ansible that renders is incompatible with systemd. # service_facts is not collecting the data successfully. # Therefore iterating here manually @@ -70,4 +71,3 @@ Try running `systemctl status {{ item.item }}` and `journalctl -fu {{ item.item }}` on the server to investigate. with_items: "{{ systemdstatus.results }}" when: "item.status['ActiveState'] != 'active'" - when: "ansible_distribution == 'Archlinux'" diff --git a/roles/matrix-coturn/tasks/setup_install.yml b/roles/matrix-coturn/tasks/setup_install.yml index 2a1af731..be9d8574 100644 --- a/roles/matrix-coturn/tasks/setup_install.yml +++ b/roles/matrix-coturn/tasks/setup_install.yml @@ -29,7 +29,8 @@ delay: "{{ matrix_container_retries_delay }}" until: result is not failed -- block: +- when: "matrix_coturn_container_image_self_build | bool" + block: - name: Ensure Coturn repository is present on self-build ansible.builtin.git: repo: "{{ matrix_coturn_container_image_self_build_repo }}" @@ -50,7 +51,6 @@ dockerfile: "{{ matrix_coturn_container_image_self_build_repo_dockerfile_path }}" path: "{{ matrix_coturn_docker_src_files_path }}" pull: true - when: "matrix_coturn_container_image_self_build | bool" - name: Ensure Coturn configuration path exists ansible.builtin.file: diff --git a/roles/matrix-dimension/tasks/setup_install.yml b/roles/matrix-dimension/tasks/setup_install.yml index 7060285a..c5570836 100644 --- a/roles/matrix-dimension/tasks/setup_install.yml +++ b/roles/matrix-dimension/tasks/setup_install.yml @@ -3,13 +3,15 @@ - ansible.builtin.set_fact: matrix_dimension_requires_restart: false -- block: +- when: "matrix_dimension_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_dimension_sqlite_database_path_local }}" register: matrix_dimension_sqlite_database_path_local_stat_result - - block: + - when: "matrix_dimension_sqlite_database_path_local_stat_result.stat.exists | bool" + block: # pgloader makes a few columns `smallint`, instead of `boolean`. # We need to fix them up. - ansible.builtin.set_fact: @@ -67,8 +69,6 @@ - ansible.builtin.set_fact: matrix_dimension_requires_restart: true - when: "matrix_dimension_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_dimension_database_engine == 'postgres'" - name: Ensure Dimension base path exists ansible.builtin.file: diff --git a/roles/matrix-dynamic-dns/defaults/main.yml b/roles/matrix-dynamic-dns/defaults/main.yml index 53ecfa33..c465fef9 100644 --- a/roles/matrix-dynamic-dns/defaults/main.yml +++ b/roles/matrix-dynamic-dns/defaults/main.yml @@ -7,7 +7,7 @@ matrix_dynamic_dns_enabled: true # The dynamic dns daemon interval matrix_dynamic_dns_daemon_interval: '300' -matrix_dynamic_dns_version: v3.9.1-ls99 +matrix_dynamic_dns_version: v3.9.1-ls100 # The docker container to use when in mode matrix_dynamic_dns_docker_image: "{{ matrix_dynamic_dns_docker_image_name_prefix }}linuxserver/ddclient:{{ matrix_dynamic_dns_version }}" diff --git a/roles/matrix-etherpad/tasks/init.yml b/roles/matrix-etherpad/tasks/init.yml index e16b78dd..cfd127bd 100644 --- a/roles/matrix-etherpad/tasks/init.yml +++ b/roles/matrix-etherpad/tasks/init.yml @@ -4,7 +4,10 @@ matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-etherpad.service'] }}" when: matrix_etherpad_enabled | bool -- block: +- when: matrix_etherpad_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -49,9 +52,6 @@ + [matrix_etherpad_matrix_nginx_proxy_configuration] }} - tags: - - always - when: matrix_etherpad_enabled | bool - name: Warn about reverse-proxying if matrix-nginx-proxy not used ansible.builtin.debug: diff --git a/roles/matrix-ma1sd/tasks/migrate_mxisd.yml b/roles/matrix-ma1sd/tasks/migrate_mxisd.yml index 7457001c..3ba7b14d 100644 --- a/roles/matrix-ma1sd/tasks/migrate_mxisd.yml +++ b/roles/matrix-ma1sd/tasks/migrate_mxisd.yml @@ -42,7 +42,8 @@ # We use shell commands for the migration, because the Ansible copy module cannot # recursively copy remote directories (like `/matrix/mxisd/data/sign.key`) in older versions of Ansible. -- block: +- when: "ma1sd_migrate_mxisd_data_dir_stat.stat.exists" + block: - name: Copy mxisd data files to ma1sd folder ansible.builtin.command: cmd: "cp -ar {{ matrix_base_data_path }}/mxisd/data {{ matrix_ma1sd_base_path }}" @@ -66,7 +67,6 @@ cmd: "mv {{ matrix_base_data_path }}/mxisd {{ matrix_base_data_path }}/mxisd.migrated" register: matrix_ma1sd_migrate_mxisd_move_directory_result changed_when: matrix_ma1sd_migrate_mxisd_move_directory_result.rc == 0 - when: "ma1sd_migrate_mxisd_data_dir_stat.stat.exists" - name: Ensure outdated matrix-mxisd.service doesn't exist ansible.builtin.file: diff --git a/roles/matrix-ma1sd/tasks/setup_install.yml b/roles/matrix-ma1sd/tasks/setup_install.yml index ef32288f..5f4b2957 100644 --- a/roles/matrix-ma1sd/tasks/setup_install.yml +++ b/roles/matrix-ma1sd/tasks/setup_install.yml @@ -21,13 +21,15 @@ - ansible.builtin.set_fact: matrix_ma1sd_requires_restart: false -- block: +- when: "matrix_ma1sd_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_ma1sd_sqlite_database_path_local }}" register: matrix_ma1sd_sqlite_database_path_local_stat_result - - block: + - when: "matrix_ma1sd_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_ma1sd_sqlite_database_path_local }}" @@ -44,8 +46,6 @@ - ansible.builtin.set_fact: matrix_ma1sd_requires_restart: true - when: "matrix_ma1sd_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_ma1sd_database_engine == 'postgres'" - name: Ensure ma1sd image is pulled docker_image: @@ -59,7 +59,8 @@ delay: "{{ matrix_container_retries_delay }}" until: result is not failed -- block: +- when: "matrix_ma1sd_container_image_self_build | bool" + block: - name: Ensure gradle is installed for self-building (Debian) ansible.builtin.apt: name: @@ -111,7 +112,6 @@ repository: "{{ matrix_ma1sd_docker_image }}" force_tag: true source: local - when: "matrix_ma1sd_container_image_self_build | bool" - name: Ensure ma1sd config installed ansible.builtin.copy: diff --git a/roles/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml b/roles/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml index c511e402..c2215eba 100644 --- a/roles/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml +++ b/roles/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml @@ -15,7 +15,8 @@ # See: https://docs.ansible.com/ansible/2.3/htpasswd_module.html#requirements-on-host-that-executes-module # We support various distros, with various versions of Python. Installing additional Python modules can be a hassle. # As a workaround, we run `htpasswd` from an Apache container image. -- block: +- when: matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_username != '' + block: - name: Ensure Apache Docker image is pulled for generating matrix-metrics-htpasswd from username/password (protecting /metrics/* URIs) docker_image: name: "{{ matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_apache_container_image }}" @@ -57,4 +58,3 @@ ansible.builtin.file: path: /tmp/matrix-nginx-proxy-metrics-password state: absent - when: matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_username != '' diff --git a/roles/matrix-nginx-proxy/tasks/self_check_well_known.yml b/roles/matrix-nginx-proxy/tasks/self_check_well_known.yml index 2a5042d5..e7ed549c 100644 --- a/roles/matrix-nginx-proxy/tasks/self_check_well_known.yml +++ b/roles/matrix-nginx-proxy/tasks/self_check_well_known.yml @@ -9,7 +9,8 @@ follow_redirects: "{{ matrix_nginx_proxy_self_check_well_known_matrix_client_follow_redirects }}" validate_certs: "{{ matrix_nginx_proxy_self_check_validate_certificates }}" -- block: +- when: matrix_well_known_matrix_server_enabled | bool + block: - ansible.builtin.set_fact: well_known_file_check_matrix_server: path: /.well-known/matrix/server @@ -21,7 +22,6 @@ - name: Determine domains that we require certificates for (ma1sd) ansible.builtin.set_fact: well_known_file_checks: "{{ well_known_file_checks + [well_known_file_check_matrix_server] }}" - when: matrix_well_known_matrix_server_enabled | bool - name: Perform well-known checks ansible.builtin.include_tasks: "{{ role_path }}/tasks/self_check_well_known_file.yml" diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml index f2afe2ff..029ef860 100644 --- a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml +++ b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml @@ -16,7 +16,8 @@ # Tasks related to setting up Let's Encrypt's management of certificates # -- block: +- when: "matrix_ssl_retrieval_method == 'lets-encrypt'" + block: - name: Ensure certbot Docker image is pulled docker_image: name: "{{ matrix_ssl_lets_encrypt_certbot_docker_image }}" @@ -43,13 +44,13 @@ mode: 0644 when: "item.applicable | bool" with_items: "{{ matrix_ssl_renewal_systemd_units_list }}" - when: "matrix_ssl_retrieval_method == 'lets-encrypt'" # # Tasks related to getting rid of Let's Encrypt's management of certificates # -- block: +- when: "matrix_ssl_retrieval_method != 'lets-encrypt'" + block: - name: Ensure matrix-ssl-lets-encrypt-renew cronjob removed ansible.builtin.file: path: "{{ matrix_systemd_path }}/{{ item.name }}" @@ -61,4 +62,3 @@ ansible.builtin.file: path: "{{ matrix_local_bin_path }}/matrix-ssl-lets-encrypt-certificates-renew" state: absent - when: "matrix_ssl_retrieval_method != 'lets-encrypt'" diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml index 18cae090..176692ff 100644 --- a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml +++ b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml @@ -13,7 +13,8 @@ - ansible.builtin.set_fact: domain_name_needs_cert: "{{ not domain_name_certificate_path_stat.stat.exists }}" -- block: +- when: "domain_name_needs_cert | bool and matrix_ssl_pre_obtaining_required_service_name != ''" + block: - name: Ensure required service for obtaining is started ansible.builtin.service: name: "{{ matrix_ssl_pre_obtaining_required_service_name }}" @@ -24,7 +25,6 @@ ansible.builtin.wait_for: timeout: "{{ matrix_ssl_pre_obtaining_required_service_start_wait_time_seconds }}" when: "matrix_ssl_pre_obtaining_required_service_start_result.changed | bool" - when: "domain_name_needs_cert | bool and matrix_ssl_pre_obtaining_required_service_name != ''" # This will fail if there is something running on port 80 (like matrix-nginx-proxy). # We suppress the error, as we'll try another method below. diff --git a/roles/matrix-nginx-proxy/tasks/validate_config.yml b/roles/matrix-nginx-proxy/tasks/validate_config.yml index 6c87a4bb..f7d18c9e 100644 --- a/roles/matrix-nginx-proxy/tasks/validate_config.yml +++ b/roles/matrix-nginx-proxy/tasks/validate_config.yml @@ -35,7 +35,8 @@ - or raw htpasswd content (provided in `matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_raw_content`) when: "matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_enabled | bool and (matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_raw_content == '' and (matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_username == '' or matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_password == ''))" -- block: +- when: "matrix_ssl_retrieval_method == 'lets-encrypt'" + block: - name: (Deprecation) Catch and report renamed settings ansible.builtin.fail: msg: >- @@ -57,7 +58,6 @@ - "matrix_nginx_proxy_proxy_synapse_client_api_addr_with_container" - "matrix_nginx_proxy_proxy_synapse_client_api_addr_sans_container" when: "vars[item] == '' or vars[item] is none" - when: "matrix_ssl_retrieval_method == 'lets-encrypt'" - name: (Deprecation) Catch and report old metrics usage ansible.builtin.fail: diff --git a/roles/matrix-ntfy/defaults/main.yml b/roles/matrix-ntfy/defaults/main.yml index 66bc5be4..76243980 100644 --- a/roles/matrix-ntfy/defaults/main.yml +++ b/roles/matrix-ntfy/defaults/main.yml @@ -7,7 +7,7 @@ matrix_ntfy_base_path: "{{ matrix_base_data_path }}/ntfy" matrix_ntfy_config_dir_path: "{{ matrix_ntfy_base_path }}/config" matrix_ntfy_data_path: "{{ matrix_ntfy_base_path }}/data" -matrix_ntfy_version: v1.27.2 +matrix_ntfy_version: v1.28.0 matrix_ntfy_docker_image: "{{ matrix_container_global_registry_prefix }}binwiederhier/ntfy:{{ matrix_ntfy_version }}" matrix_ntfy_docker_image_force_pull: "{{ matrix_ntfy_docker_image.endswith(':latest') }}" diff --git a/roles/matrix-postgres/defaults/main.yml b/roles/matrix-postgres/defaults/main.yml index 39481f2e..117611a3 100644 --- a/roles/matrix-postgres/defaults/main.yml +++ b/roles/matrix-postgres/defaults/main.yml @@ -78,7 +78,7 @@ matrix_postgres_import_roles_to_ignore: [matrix_postgres_connection_username] # which is unsupported by default by newer Postgres versions (v14+). # When users are created and passwords are set by the playbook, they end up hashed as `scram-sha-256` on Postgres v14+. # If an md5-hashed password is restored on top, Postgres v14+ will refuse to authenticate users with it by default. -matrix_postgres_import_roles_ignore_regex: "^(CREATE|ALTER) ROLE ({{ matrix_postgres_import_roles_to_ignore | join('|') }})(;| WITH)" # noqa var-spacing +matrix_postgres_import_roles_ignore_regex: "^(CREATE|ALTER) ROLE ({{ matrix_postgres_import_roles_to_ignore | join('|') }})(;| WITH)" # noqa jinja[spacing] # A list of databases to avoid creating when importing (or upgrading) the database. # If a dump file contains the databases and they've also been created beforehand (see `matrix_postgres_additional_databases`), @@ -86,7 +86,7 @@ matrix_postgres_import_roles_ignore_regex: "^(CREATE|ALTER) ROLE ({{ matrix_post # We either need to not create them or to ignore the `CREATE DATABASE` statements in the dump. matrix_postgres_import_databases_to_ignore: [matrix_postgres_db_name] -matrix_postgres_import_databases_ignore_regex: "^CREATE DATABASE ({{ matrix_postgres_import_databases_to_ignore | join('|') }})\\s" # noqa var-spacing +matrix_postgres_import_databases_ignore_regex: "^CREATE DATABASE ({{ matrix_postgres_import_databases_to_ignore | join('|') }})\\s" # noqa jinja[spacing] # The number of seconds to wait after starting `matrix-postgres.service` # and before trying to run queries for creating additional databases/users against it. diff --git a/roles/matrix-postgres/tasks/import_generic_sqlite_db.yml b/roles/matrix-postgres/tasks/import_generic_sqlite_db.yml index 671cb33f..f99478dd 100644 --- a/roles/matrix-postgres/tasks/import_generic_sqlite_db.yml +++ b/roles/matrix-postgres/tasks/import_generic_sqlite_db.yml @@ -25,7 +25,8 @@ # We either expect `postgres_db_connection_string` specifying a full Postgres database connection string, # or `postgres_connection_string_variable_name`, specifying a name of a variable, which contains a valid connection string. -- block: +- when: 'postgres_connection_string_variable_name is defined' + block: - name: Fail if postgres_connection_string_variable_name points to an undefined variable ansible.builtin.fail: msg="postgres_connection_string_variable_name is defined, but there is no variable with the name `{{ postgres_connection_string_variable_name }}`" when: "postgres_connection_string_variable_name not in vars" @@ -33,7 +34,6 @@ - name: Get Postgres connection string from variable ansible.builtin.set_fact: postgres_db_connection_string: "{{ lookup('vars', postgres_connection_string_variable_name) }}" - when: 'postgres_connection_string_variable_name is defined' - name: Fail if playbook called incorrectly ansible.builtin.fail: diff --git a/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml b/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml index f79a12f8..bfd91c29 100644 --- a/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml +++ b/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml @@ -31,7 +31,8 @@ msg: "File cannot be found on the server at {{ matrix_postgres_db_migration_request.src }}" when: "not matrix_postgres_db_migration_request_src_stat_result.stat.exists" -- block: +- when: "matrix_postgres_pgloader_container_image_self_build | bool" + block: - name: Ensure pgloader repository is present on self-build ansible.builtin.git: repo: "{{ matrix_postgres_pgloader_container_image_self_build_repo }}" @@ -69,7 +70,6 @@ dockerfile: Dockerfile path: "{{ matrix_postgres_pgloader_container_image_self_build_src_path }}" pull: true - when: "matrix_postgres_pgloader_container_image_self_build | bool" - name: Ensure pgloader Docker image is pulled docker_image: @@ -134,7 +134,8 @@ register: matrix_postgres_migrate_db_to_postgres_import_result changed_when: matrix_postgres_migrate_db_to_postgres_import_result.rc == 0 -- block: +- when: "matrix_postgres_db_migration_request.additional_psql_statements_list | default([]) | length > 0" + block: - ansible.builtin.import_role: name: matrix-postgres tasks_from: detect_existing_postgres_version @@ -157,8 +158,6 @@ register: matrix_postgres_migrate_db_to_postgres_additional_queries_result changed_when: matrix_postgres_migrate_db_to_postgres_additional_queries_result.rc == 0 - when: "matrix_postgres_db_migration_request.additional_psql_statements_list | default([]) | length > 0" - - name: Archive {{ matrix_postgres_db_migration_request.engine_old }} database ({{ matrix_postgres_db_migration_request.src }} -> {{ matrix_postgres_db_migration_request.src }}.backup) ansible.builtin.command: cmd: "mv {{ matrix_postgres_db_migration_request.src }} {{ matrix_postgres_db_migration_request.src }}.backup" diff --git a/roles/matrix-postgres/tasks/migrate_postgres_data_directory.yml b/roles/matrix-postgres/tasks/migrate_postgres_data_directory.yml index fde580f5..0e3a606d 100644 --- a/roles/matrix-postgres/tasks/migrate_postgres_data_directory.yml +++ b/roles/matrix-postgres/tasks/migrate_postgres_data_directory.yml @@ -52,14 +52,14 @@ group: "{{ matrix_user_groupname }}" when: "result_pg_old_data_dir_stat.stat.exists" -- block: +- when: "result_pg_old_data_dir_stat.stat.exists" + block: - name: Relocate Postgres data files from old directory to new ansible.builtin.command: cmd: "mv {{ item.path }} {{ matrix_postgres_data_path }}/{{ item.path | basename }}" with_items: "{{ result_pg_old_data_dir_find.files }}" register: matrix_postgres_migrate_postgres_data_directory_move_result changed_when: matrix_postgres_migrate_postgres_data_directory_move_result.rc == 0 - when: "result_pg_old_data_dir_stat.stat.exists" # Intentionally not starting matrix-postgres here. # It likely needs to be updated to point to the new directory. diff --git a/roles/matrix-prometheus-node-exporter/tasks/init.yml b/roles/matrix-prometheus-node-exporter/tasks/init.yml index 42f21667..460ab137 100644 --- a/roles/matrix-prometheus-node-exporter/tasks/init.yml +++ b/roles/matrix-prometheus-node-exporter/tasks/init.yml @@ -4,7 +4,8 @@ matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-prometheus-node-exporter.service'] }}" when: matrix_prometheus_node_exporter_enabled | bool -- block: +- when: matrix_prometheus_node_exporter_enabled | bool and matrix_prometheus_node_exporter_metrics_proxying_enabled | bool + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -38,4 +39,3 @@ + [matrix_prometheus_node_exporter_nginx_metrics_configuration_block] }} - when: matrix_prometheus_node_exporter_enabled | bool and matrix_prometheus_node_exporter_metrics_proxying_enabled | bool diff --git a/roles/matrix-prometheus-postgres-exporter/tasks/init.yml b/roles/matrix-prometheus-postgres-exporter/tasks/init.yml index 03fe965c..20333dce 100644 --- a/roles/matrix-prometheus-postgres-exporter/tasks/init.yml +++ b/roles/matrix-prometheus-postgres-exporter/tasks/init.yml @@ -4,7 +4,8 @@ matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-prometheus-postgres-exporter.service'] }}" when: matrix_prometheus_postgres_exporter_enabled | bool -- block: +- when: matrix_prometheus_node_exporter_enabled | bool and matrix_prometheus_node_exporter_metrics_proxying_enabled | bool + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -38,4 +39,3 @@ + [matrix_prometheus_postgres_exporter_nginx_metrics_configuration_block] }} - when: matrix_prometheus_node_exporter_enabled | bool and matrix_prometheus_node_exporter_metrics_proxying_enabled | bool diff --git a/roles/matrix-registration/tasks/init.yml b/roles/matrix-registration/tasks/init.yml index 922db0f7..2b43dffd 100644 --- a/roles/matrix-registration/tasks/init.yml +++ b/roles/matrix-registration/tasks/init.yml @@ -10,7 +10,10 @@ matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-registration.service'] }}" when: matrix_registration_enabled | bool -- block: +- when: matrix_registration_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -54,9 +57,6 @@ + [matrix_registration_matrix_nginx_proxy_configuration] }} - tags: - - always - when: matrix_registration_enabled | bool - name: Warn about reverse-proxying if matrix-nginx-proxy not used ansible.builtin.debug: diff --git a/roles/matrix-registration/tasks/setup_install.yml b/roles/matrix-registration/tasks/setup_install.yml index d3048337..6b895d69 100644 --- a/roles/matrix-registration/tasks/setup_install.yml +++ b/roles/matrix-registration/tasks/setup_install.yml @@ -3,13 +3,15 @@ - ansible.builtin.set_fact: matrix_registration_requires_restart: false -- block: +- when: "matrix_registration_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_registration_sqlite_database_path_local }}" register: matrix_registration_sqlite_database_path_local_stat_result - - block: + - when: "matrix_registration_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_registration_sqlite_database_path_local }}" @@ -30,8 +32,6 @@ - ansible.builtin.set_fact: matrix_registration_requires_restart: true - when: "matrix_registration_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_registration_database_engine == 'postgres'" - name: Ensure matrix-registration paths exist ansible.builtin.file: diff --git a/roles/matrix-synapse-admin/tasks/init.yml b/roles/matrix-synapse-admin/tasks/init.yml index f934eced..c2b2d05f 100644 --- a/roles/matrix-synapse-admin/tasks/init.yml +++ b/roles/matrix-synapse-admin/tasks/init.yml @@ -10,7 +10,10 @@ matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-synapse-admin.service'] }}" when: matrix_synapse_admin_enabled | bool -- block: +- when: matrix_synapse_admin_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -45,9 +48,6 @@ + [matrix_synapse_admin_matrix_nginx_proxy_configuration] }} - tags: - - always - when: matrix_synapse_admin_enabled | bool - name: Warn about reverse-proxying if matrix-nginx-proxy not used ansible.builtin.debug: diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 40f20bcd..4c5fc09e 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -9,7 +9,7 @@ matrix_synapse_container_image_self_build_repo: "https://github.com/matrix-org/s matrix_synapse_docker_image: "{{ matrix_synapse_docker_image_name_prefix }}matrixdotorg/synapse:{{ matrix_synapse_docker_image_tag }}" matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_container_image_self_build else matrix_container_global_registry_prefix }}" -matrix_synapse_version: v1.67.0 +matrix_synapse_version: v1.68.0 matrix_synapse_docker_image_tag: "{{ matrix_synapse_version }}" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" diff --git a/roles/matrix-synapse/tasks/init.yml b/roles/matrix-synapse/tasks/init.yml index acfbf031..a77320c2 100644 --- a/roles/matrix-synapse/tasks/init.yml +++ b/roles/matrix-synapse/tasks/init.yml @@ -26,7 +26,8 @@ matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-goofys.service'] }}" when: matrix_s3_media_store_enabled | bool -- block: +- when: matrix_synapse_enabled | bool and matrix_synapse_metrics_proxying_enabled | bool + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -84,4 +85,3 @@ [matrix_synapse_worker_nginx_metrics_configuration_block] }} when: matrix_synapse_workers_enabled_list | length > 0 - when: matrix_synapse_enabled | bool and matrix_synapse_metrics_proxying_enabled | bool diff --git a/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml b/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml index 29860e5a..fab0af55 100644 --- a/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml +++ b/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml @@ -85,16 +85,17 @@ # # Row 3 contains a space when there's no result. -- block: +- when: "matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.failed or matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.stdout_lines | length != 4" + block: - ansible.builtin.debug: var="matrix_synapse_rust_synapse_compress_state_find_rooms_command_result" - name: Fail if room find result is not what we expect ansible.builtin.fail: msg: >- Expecting 4 lines in the "find rooms" result. - when: "matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.failed or matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.stdout_lines | length != 4" -- block: +- when: "matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.stdout_lines[2] != ' '" + block: # matrix_synapse_rust_synapse_compress_state_eligible_rooms is a list # of dictionaries like this: {'room_id': '!some-id', 'count': 2461329} - ansible.builtin.set_fact: @@ -113,7 +114,6 @@ with_items: "{{ matrix_synapse_rust_synapse_compress_state_eligible_rooms }}" loop_control: loop_var: room_details - when: "matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.stdout_lines[2] != ' '" - name: Show notice about lack of rooms to compress ansible.builtin.debug: diff --git a/roles/matrix-synapse/tasks/synapse/setup_install.yml b/roles/matrix-synapse/tasks/synapse/setup_install.yml index e4ec0f67..aea03f05 100644 --- a/roles/matrix-synapse/tasks/synapse/setup_install.yml +++ b/roles/matrix-synapse/tasks/synapse/setup_install.yml @@ -18,7 +18,8 @@ group: "{{ matrix_user_groupname }}" when: "not local_path_media_store_stat.failed and not local_path_media_store_stat.stat.exists" -- block: +- when: "matrix_synapse_container_image_self_build | bool" + block: - name: Ensure Synapse repository is present on self-build ansible.builtin.git: repo: "{{ matrix_synapse_container_image_self_build_repo }}" @@ -48,7 +49,6 @@ environment: DOCKER_BUILDKIT: 1 when: "matrix_synapse_git_pull_results.changed | bool or matrix_synapse_docker_image_check_result.stdout == ''" - when: "matrix_synapse_container_image_self_build | bool" - name: Ensure Synapse Docker image is pulled docker_image: diff --git a/roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml b/roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml index eee73151..b69529b9 100644 --- a/roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml +++ b/roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml @@ -37,7 +37,8 @@ msg: "Unrecognized Synapse worker `app`: `{{ matrix_synapse_worker_details.app }}`. Supported types are: {{ matrix_synapse_workers_avail_list | join(', ') }}" when: "matrix_synapse_worker_details.app not in matrix_synapse_workers_avail_list" -- block: +- when: "matrix_synapse_worker_details.type == 'stream_writer'" + block: - name: Fail if stream_writer_stream not defined for stream_writer worker ansible.builtin.fail: msg: >- @@ -50,7 +51,6 @@ ansible.builtin.fail: msg: "Synapse background workers of type stream_writer (such as {{ item }}) need to define a valid `replication_port` property" when: "'replication_port' not in matrix_synapse_worker_details" - when: "matrix_synapse_worker_details.type == 'stream_writer'" - ansible.builtin.set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + [matrix_synapse_worker_details.name + '.service'] }}" diff --git a/roles/matrix-synapse/vars/main.yml b/roles/matrix-synapse/vars/main.yml index b403b461..a4d43e78 100644 --- a/roles/matrix-synapse/vars/main.yml +++ b/roles/matrix-synapse/vars/main.yml @@ -34,7 +34,7 @@ matrix_synapse_workers_generic_worker_client_server_endpoints: "{{ matrix_synaps matrix_synapse_workers_generic_worker_federation_endpoints: "{{ matrix_synapse_workers_generic_worker_endpoints | default([]) | map('regex_search', matrix_synapse_workers_generic_worker_federation_endpoints_regex) | list | difference([none]) }}" # matrix_synapse_workers_generic_worker_federation_endpoints_regex contains the regex used in matrix_synapse_workers_generic_worker_federation_endpoints. -# It's intentionally put in a separate variable, to avoid tripping ansible-lint's var-spacing rule. +# It's intentionally put in a separate variable, to avoid tripping ansible-lint's jinja[spacing] rule. matrix_synapse_workers_generic_worker_federation_endpoints_regex: '.*(/_matrix/federation|/_matrix/key).*' # matrix_synapse_workers_stream_writer_typing_stream_worker_client_server_endpoints contains the endpoints serviced by the `typing` stream writer.