Merge branch 'master' into pub.solar

This commit is contained in:
teutat3s 2022-09-28 12:26:38 +02:00
commit faae6699ec
Signed by: teutat3s
GPG key ID: 18DAE600A6BBE705
68 changed files with 221 additions and 227 deletions

View file

@ -9,5 +9,8 @@ skip_list:
- schema
- command-instead-of-shell
- role-name
# We frequently load configuration from a template (into a variable), then merge that with another variable (configuration extension)
# before finally dumping it to a file.
- template-instead-of-copy
offline: false

View file

@ -1,6 +1,7 @@
---
- block:
- when: matrix_backup_borg_postgresql_enabled | bool and matrix_backup_borg_version == ''
block:
- name: Fail with matrix_backup_borg_version advice if Postgres not enabled
ansible.builtin.fail:
msg: >-
@ -20,7 +21,6 @@
- name: Set the correct borg backup version to use
ansible.builtin.set_fact:
matrix_backup_borg_version: "{{ matrix_postgres_detected_version }}"
when: matrix_backup_borg_postgresql_enabled | bool and matrix_backup_borg_version == ''
- name: Ensure borg paths exist
ansible.builtin.file:

View file

@ -9,7 +9,8 @@
- ansible.builtin.include_tasks: "{{ role_path }}/tasks/server_base/setup_fedora.yml"
when: ansible_os_family == 'RedHat' and ansible_distribution_major_version | int > 30
- block:
- when: ansible_os_family == 'Debian'
block:
# ansible_lsb is only available if lsb-release is installed.
- name: Ensure lsb-release installed
ansible.builtin.apt:
@ -28,7 +29,6 @@
- ansible.builtin.include_tasks: "{{ role_path }}/tasks/server_base/setup_raspbian.yml"
when: (ansible_os_family == 'Debian') and (ansible_lsb.id == 'Raspbian')
when: ansible_os_family == 'Debian'
- ansible.builtin.include_tasks: "{{ role_path }}/tasks/server_base/setup_archlinux.yml"
when: ansible_distribution == 'Archlinux'
@ -39,7 +39,7 @@
state: started
enabled: true
- name: "Ensure {{ matrix_ntpd_service }} is started and autoruns"
- name: "Ensure ntpd is started and autoruns"
ansible.builtin.service:
name: "{{ matrix_ntpd_service }}"
state: started

View file

@ -2,13 +2,15 @@
- ansible.builtin.set_fact:
matrix_bot_buscarron_requires_restart: false
- block:
- when: "matrix_bot_buscarron_database_engine == 'postgres'"
block:
- name: Check if an SQLite database already exists
ansible.builtin.stat:
path: "{{ matrix_bot_buscarron_sqlite_database_path_local }}"
register: matrix_bot_buscarron_sqlite_database_path_local_stat_result
- block:
- when: "matrix_bot_buscarron_sqlite_database_path_local_stat_result.stat.exists | bool"
block:
- ansible.builtin.set_fact:
matrix_postgres_db_migration_request:
src: "{{ matrix_bot_buscarron_sqlite_database_path_local }}"
@ -24,8 +26,6 @@
- ansible.builtin.set_fact:
matrix_bot_buscarron_requires_restart: true
when: "matrix_bot_buscarron_sqlite_database_path_local_stat_result.stat.exists | bool"
when: "matrix_bot_buscarron_database_engine == 'postgres'"
- name: Ensure buscarron paths exist
ansible.builtin.file:

View file

@ -2,13 +2,15 @@
- ansible.builtin.set_fact:
matrix_bot_honoroit_requires_restart: false
- block:
- when: "matrix_bot_honoroit_database_engine == 'postgres'"
block:
- name: Check if an SQLite database already exists
ansible.builtin.stat:
path: "{{ matrix_bot_honoroit_sqlite_database_path_local }}"
register: matrix_bot_honoroit_sqlite_database_path_local_stat_result
- block:
- when: "matrix_bot_honoroit_sqlite_database_path_local_stat_result.stat.exists | bool"
block:
- ansible.builtin.set_fact:
matrix_postgres_db_migration_request:
src: "{{ matrix_bot_honoroit_sqlite_database_path_local }}"
@ -24,8 +26,6 @@
- ansible.builtin.set_fact:
matrix_bot_honoroit_requires_restart: true
when: "matrix_bot_honoroit_sqlite_database_path_local_stat_result.stat.exists | bool"
when: "matrix_bot_honoroit_database_engine == 'postgres'"
- name: Ensure honoroit paths exist
ansible.builtin.file:

View file

@ -3,13 +3,15 @@
- ansible.builtin.set_fact:
matrix_bot_matrix_reminder_bot_requires_restart: false
- block:
- when: "matrix_bot_matrix_reminder_bot_database_engine == 'postgres'"
block:
- name: Check if an SQLite database already exists
ansible.builtin.stat:
path: "{{ matrix_bot_matrix_reminder_bot_sqlite_database_path_local }}"
register: matrix_bot_matrix_reminder_bot_sqlite_database_path_local_stat_result
- block:
- when: "matrix_bot_matrix_reminder_bot_sqlite_database_path_local_stat_result.stat.exists | bool"
block:
- ansible.builtin.set_fact:
matrix_postgres_db_migration_request:
src: "{{ matrix_bot_matrix_reminder_bot_sqlite_database_path_local }}"
@ -25,8 +27,6 @@
- ansible.builtin.set_fact:
matrix_bot_matrix_reminder_bot_requires_restart: true
when: "matrix_bot_matrix_reminder_bot_sqlite_database_path_local_stat_result.stat.exists | bool"
when: "matrix_bot_matrix_reminder_bot_database_engine == 'postgres'"
- name: Ensure matrix-reminder-bot paths exist
ansible.builtin.file:

View file

@ -1,11 +1,13 @@
---
- block:
- when: "matrix_bot_postmoogle_database_engine == 'postgres'"
block:
- name: Check if an SQLite database already exists
ansible.builtin.stat:
path: "{{ matrix_bot_postmoogle_sqlite_database_path_local }}"
register: matrix_bot_postmoogle_sqlite_database_path_local_stat_result
- block:
- when: "matrix_bot_postmoogle_sqlite_database_path_local_stat_result.stat.exists | bool"
block:
- ansible.builtin.set_fact:
matrix_postgres_db_migration_request:
src: "{{ matrix_bot_postmoogle_sqlite_database_path_local }}"
@ -21,8 +23,6 @@
- ansible.builtin.set_fact:
matrix_bot_postmoogle_requires_restart: true
when: "matrix_bot_postmoogle_sqlite_database_path_local_stat_result.stat.exists | bool"
when: "matrix_bot_postmoogle_database_engine == 'postgres'"
- name: Ensure postmoogle paths exist
ansible.builtin.file:

View file

@ -3,13 +3,15 @@
- ansible.builtin.set_fact:
matrix_appservice_discord_requires_restart: false
- block:
- when: "matrix_appservice_discord_database_engine == 'postgres'"
block:
- name: Check if an SQLite database already exists
ansible.builtin.stat:
path: "{{ matrix_appservice_discord_sqlite_database_path_local }}"
register: matrix_appservice_discord_sqlite_database_path_local_stat_result
- block:
- when: "matrix_appservice_discord_sqlite_database_path_local_stat_result.stat.exists | bool"
block:
- ansible.builtin.set_fact:
matrix_postgres_db_migration_request:
src: "{{ matrix_appservice_discord_sqlite_database_path_local }}"
@ -25,8 +27,6 @@
- ansible.builtin.set_fact:
matrix_appservice_discord_requires_restart: true
when: "matrix_appservice_discord_sqlite_database_path_local_stat_result.stat.exists | bool"
when: "matrix_appservice_discord_database_engine == 'postgres'"
- name: Ensure Appservice Discord image is pulled
docker_image:

View file

@ -21,7 +21,8 @@
path: "{{ matrix_appservice_irc_base_path }}/passkey.pem"
register: matrix_appservice_irc_stat_passkey
- block:
- when: "matrix_appservice_irc_stat_passkey.stat.exists"
block:
- name: (Data relocation) Ensure matrix-appservice-irc.service is stopped
ansible.builtin.service:
name: matrix-appservice-irc
@ -44,24 +45,23 @@
- rooms.db
- users.db
failed_when: false
when: "matrix_appservice_irc_stat_passkey.stat.exists"
- ansible.builtin.set_fact:
matrix_appservice_irc_requires_restart: false
- block:
- when: "matrix_appservice_irc_database_engine == 'postgres'"
block:
- name: Check if a nedb database already exists
ansible.builtin.stat:
path: "{{ matrix_appservice_irc_data_path }}/users.db"
register: matrix_appservice_irc_nedb_database_path_local_stat_result
- block:
- when: "matrix_appservice_irc_nedb_database_path_local_stat_result.stat.exists | bool"
block:
- ansible.builtin.import_tasks: "{{ role_path }}/tasks/migrate_nedb_to_postgres.yml"
- ansible.builtin.set_fact:
matrix_appservice_irc_requires_restart: true
when: "matrix_appservice_irc_nedb_database_path_local_stat_result.stat.exists | bool"
when: "matrix_appservice_irc_database_engine == 'postgres'"
- name: Ensure Appservice IRC image is pulled
docker_image:

View file

@ -43,7 +43,10 @@
The matrix-bridge-appservice-slack role needs to execute before the matrix-synapse role.
when: "matrix_synapse_role_executed | default(False)"
- block:
- when: matrix_appservice_slack_enabled | bool
tags:
- always
block:
- name: Fail if matrix-nginx-proxy role already executed
ansible.builtin.fail:
msg: >-
@ -76,9 +79,6 @@
+
[matrix_appservice_slack_matrix_nginx_proxy_configuration]
}}
tags:
- always
when: matrix_appservice_slack_enabled | bool
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
ansible.builtin.debug:

View file

@ -17,19 +17,19 @@
- ansible.builtin.set_fact:
matrix_appservice_slack_requires_restart: false
- block:
- when: "matrix_appservice_slack_database_engine == 'postgres'"
block:
- name: Check if a nedb database already exists
ansible.builtin.stat:
path: "{{ matrix_appservice_slack_data_path }}/teams.db"
register: matrix_appservice_slack_nedb_database_path_local_stat_result
- block:
- when: "matrix_appservice_slack_nedb_database_path_local_stat_result.stat.exists | bool"
block:
- ansible.builtin.import_tasks: "{{ role_path }}/tasks/migrate_nedb_to_postgres.yml"
- ansible.builtin.set_fact:
matrix_appservice_slack_requires_restart: true
when: "matrix_appservice_slack_nedb_database_path_local_stat_result.stat.exists | bool"
when: "matrix_appservice_slack_database_engine == 'postgres'"
- name: Ensure Appservice Slack image is pulled
docker_image:

View file

@ -36,7 +36,10 @@
The matrix-bridge-appservice-webhooks role needs to execute before the matrix-synapse role.
when: "matrix_synapse_role_executed | default(False)"
- block:
- when: matrix_appservice_webhooks_enabled | bool
tags:
- always
block:
- name: Fail if matrix-nginx-proxy role already executed
ansible.builtin.fail:
msg: >-
@ -71,9 +74,6 @@
+
[matrix_appservice_webhooks_matrix_nginx_proxy_configuration]
}}
tags:
- always
when: matrix_appservice_webhooks_enabled | bool
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
ansible.builtin.debug:

View file

@ -26,7 +26,8 @@
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- block:
- when: "matrix_appservice_webhooks_container_image_self_build | bool"
block:
- name: Ensure Appservice webhooks repository is present on self-build
ansible.builtin.git:
repo: "{{ matrix_appservice_webhooks_container_image_self_build_repo }}"
@ -47,7 +48,6 @@
dockerfile: "{{ matrix_appservice_webhooks_container_image_self_build_repo_dockerfile_path }}"
path: "{{ matrix_appservice_webhooks_docker_src_files_path }}"
pull: true
when: "matrix_appservice_webhooks_container_image_self_build | bool"
- name: Ensure Matrix Appservice webhooks config is installed
ansible.builtin.copy:

View file

@ -34,7 +34,8 @@
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- block:
- when: "matrix_beeper_linkedin_container_image_self_build | bool"
block:
- name: Ensure Beeper LinkedIn repository is present on self-build
ansible.builtin.git:
repo: "{{ matrix_beeper_linkedin_container_image_self_build_repo }}"
@ -72,7 +73,6 @@
pull: true
args:
TARGETARCH: "{{ matrix_architecture }}"
when: "matrix_beeper_linkedin_container_image_self_build | bool"
- name: Ensure beeper-linkedin config.yaml installed
ansible.builtin.copy:

View file

@ -11,13 +11,15 @@
- ansible.builtin.set_fact:
matrix_go_skype_bridge_requires_restart: false
- block:
- when: "matrix_go_skype_bridge_database_engine == 'postgres'"
block:
- name: Check if an SQLite database already exists
ansible.builtin.stat:
path: "{{ matrix_go_skype_bridge_sqlite_database_path_local }}"
register: matrix_go_skype_bridge_sqlite_database_path_local_stat_result
- block:
- when: "matrix_go_skype_bridge_sqlite_database_path_local_stat_result.stat.exists | bool"
block:
- ansible.builtin.set_fact:
matrix_postgres_db_migration_request:
src: "{{ matrix_go_skype_bridge_sqlite_database_path_local }}"
@ -34,9 +36,6 @@
- ansible.builtin.set_fact:
matrix_go_skype_bridge_requires_restart: true
when: "matrix_go_skype_bridge_sqlite_database_path_local_stat_result.stat.exists | bool"
when: "matrix_go_skype_bridge_database_engine == 'postgres'"
- name: Ensure Go Skype Bridge paths exists
ansible.builtin.file:

View file

@ -28,7 +28,8 @@
}}
when: matrix_hookshot_enabled | bool
- block:
- when: matrix_hookshot_enabled | bool
block:
- name: Fail if matrix-nginx-proxy role already executed
ansible.builtin.fail:
msg: >-
@ -128,7 +129,6 @@
[matrix_hookshot_matrix_nginx_proxy_metrics_configuration_matrix_domain]
}}
when: matrix_hookshot_metrics_enabled | bool and matrix_hookshot_metrics_proxying_enabled | bool
when: matrix_hookshot_enabled | bool
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
ansible.builtin.debug:

View file

@ -11,13 +11,15 @@
- ansible.builtin.set_fact:
matrix_mautrix_discord_requires_restart: false
- block:
- when: "matrix_mautrix_discord_database_engine == 'postgres'"
block:
- name: Check if an SQLite database already exists
ansible.builtin.stat:
path: "{{ matrix_mautrix_discord_sqlite_database_path_local }}"
register: matrix_mautrix_discord_sqlite_database_path_local_stat_result
- block:
- when: "matrix_mautrix_discord_sqlite_database_path_local_stat_result.stat.exists | bool"
block:
- ansible.builtin.set_fact:
matrix_postgres_db_migration_request:
src: "{{ matrix_mautrix_discord_sqlite_database_path_local }}"
@ -34,9 +36,6 @@
- ansible.builtin.set_fact:
matrix_mautrix_discord_requires_restart: true
when: "matrix_mautrix_discord_sqlite_database_path_local_stat_result.stat.exists | bool"
when: "matrix_mautrix_discord_database_engine == 'postgres'"
- name: Ensure Mautrix Discord paths exists
ansible.builtin.file:

View file

@ -27,7 +27,10 @@
}}
when: matrix_mautrix_facebook_enabled | bool
- block:
- when: matrix_mautrix_facebook_enabled | bool and matrix_mautrix_facebook_appservice_public_enabled | bool
tags:
- always
block:
- name: Fail if matrix-nginx-proxy role already executed
ansible.builtin.fail:
msg: >-
@ -70,7 +73,3 @@
URL endpoint to the matrix-mautrix-facebook container.
You can expose the container's port using the `matrix_mautrix_facebook_container_http_host_bind_port` variable.
when: "not matrix_nginx_proxy_enabled | default(False) | bool"
tags:
- always
when: matrix_mautrix_facebook_enabled | bool and matrix_mautrix_facebook_appservice_public_enabled | bool

View file

@ -11,13 +11,15 @@
- ansible.builtin.set_fact:
matrix_mautrix_facebook_requires_restart: false
- block:
- when: "matrix_mautrix_facebook_database_engine == 'postgres'"
block:
- name: Check if an SQLite database already exists
ansible.builtin.stat:
path: "{{ matrix_mautrix_facebook_sqlite_database_path_local }}"
register: matrix_mautrix_facebook_sqlite_database_path_local_stat_result
- block:
- when: "matrix_mautrix_facebook_sqlite_database_path_local_stat_result.stat.exists | bool"
block:
- ansible.builtin.set_fact:
matrix_postgres_db_migration_request:
src: "{{ matrix_mautrix_facebook_sqlite_database_path_local }}"
@ -33,8 +35,6 @@
- ansible.builtin.set_fact:
matrix_mautrix_facebook_requires_restart: true
when: "matrix_mautrix_facebook_sqlite_database_path_local_stat_result.stat.exists | bool"
when: "matrix_mautrix_facebook_database_engine == 'postgres'"
- name: Ensure Mautrix Facebook image is pulled
docker_image:

View file

@ -10,7 +10,8 @@
- "matrix_mautrix_facebook_appservice_token"
- "matrix_mautrix_facebook_homeserver_token"
- block:
- when: "matrix_mautrix_facebook_database_engine == 'sqlite' and matrix_mautrix_facebook_docker_image.endswith(':da1b4ec596e334325a1589e70829dea46e73064b')"
block:
- name: Inject warning if on an old SQLite-supporting version
ansible.builtin.set_fact:
matrix_playbook_runtime_results: |
@ -21,4 +22,3 @@
"NOTE: Your mautrix-facebook bridge is still on SQLite and on the last version that supported it, before support was dropped. Support has been subsequently re-added in v0.3.2, so we advise you to upgrade (by removing your `matrix_mautrix_facebook_docker_image` definition from vars.yml)"
]
}}
when: "matrix_mautrix_facebook_database_engine == 'sqlite' and matrix_mautrix_facebook_docker_image.endswith(':da1b4ec596e334325a1589e70829dea46e73064b')"

View file

@ -27,7 +27,10 @@
}}
when: matrix_mautrix_googlechat_enabled | bool
- block:
- when: matrix_mautrix_googlechat_enabled | bool
tags:
- always
block:
- name: Fail if matrix-nginx-proxy role already executed
ansible.builtin.fail:
msg: >-
@ -59,9 +62,6 @@
+
[matrix_mautrix_googlechat_matrix_nginx_proxy_configuration]
}}
tags:
- always
when: matrix_mautrix_googlechat_enabled | bool
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
ansible.builtin.debug:

View file

@ -11,13 +11,15 @@
- ansible.builtin.set_fact:
matrix_mautrix_googlechat_requires_restart: false
- block:
- when: "matrix_mautrix_googlechat_database_engine == 'postgres'"
block:
- name: Check if an SQLite database already exists
ansible.builtin.stat:
path: "{{ matrix_mautrix_googlechat_sqlite_database_path_local }}"
register: matrix_mautrix_googlechat_sqlite_database_path_local_stat_result
- block:
- when: "matrix_mautrix_googlechat_sqlite_database_path_local_stat_result.stat.exists | bool"
block:
- ansible.builtin.set_fact:
matrix_postgres_db_migration_request:
src: "{{ matrix_mautrix_googlechat_sqlite_database_path_local }}"
@ -33,8 +35,6 @@
- ansible.builtin.set_fact:
matrix_mautrix_googlechat_requires_restart: true
when: "matrix_mautrix_googlechat_sqlite_database_path_local_stat_result.stat.exists | bool"
when: "matrix_mautrix_googlechat_database_engine == 'postgres'"
- name: Ensure Mautrix googlechat image is pulled
docker_image:

View file

@ -27,7 +27,10 @@
}}
when: matrix_mautrix_hangouts_enabled | bool
- block:
- when: matrix_mautrix_hangouts_enabled | bool
tags:
- always
block:
- name: Fail if matrix-nginx-proxy role already executed
ansible.builtin.fail:
msg: >-
@ -59,9 +62,6 @@
+
[matrix_mautrix_hangouts_matrix_nginx_proxy_configuration]
}}
tags:
- always
when: matrix_mautrix_hangouts_enabled | bool
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
ansible.builtin.debug:

View file

@ -11,13 +11,15 @@
- ansible.builtin.set_fact:
matrix_mautrix_hangouts_requires_restart: false
- block:
- when: "matrix_mautrix_hangouts_database_engine == 'postgres'"
block:
- name: Check if an SQLite database already exists
ansible.builtin.stat:
path: "{{ matrix_mautrix_hangouts_sqlite_database_path_local }}"
register: matrix_mautrix_hangouts_sqlite_database_path_local_stat_result
- block:
- when: "matrix_mautrix_hangouts_sqlite_database_path_local_stat_result.stat.exists | bool"
block:
- ansible.builtin.set_fact:
matrix_postgres_db_migration_request:
src: "{{ matrix_mautrix_hangouts_sqlite_database_path_local }}"
@ -33,8 +35,6 @@
- ansible.builtin.set_fact:
matrix_mautrix_hangouts_requires_restart: true
when: "matrix_mautrix_hangouts_sqlite_database_path_local_stat_result.stat.exists | bool"
when: "matrix_mautrix_hangouts_database_engine == 'postgres'"
- name: Ensure Mautrix Hangouts image is pulled
docker_image:

View file

@ -27,7 +27,10 @@
}}
when: matrix_mautrix_telegram_enabled | bool
- block:
- when: matrix_mautrix_telegram_enabled | bool and matrix_mautrix_telegram_appservice_public_enabled | bool
tags:
- always
block:
- name: Fail if matrix-nginx-proxy role already executed
ansible.builtin.fail:
msg: >-
@ -69,7 +72,3 @@
URL endpoint to the matrix-mautrix-telegram container.
You can expose the container's port using the `matrix_mautrix_telegram_container_http_host_bind_port` variable.
when: "not matrix_nginx_proxy_enabled | default(False) | bool"
tags:
- always
when: matrix_mautrix_telegram_enabled | bool and matrix_mautrix_telegram_appservice_public_enabled | bool

View file

@ -11,13 +11,15 @@
- ansible.builtin.set_fact:
matrix_mautrix_telegram_requires_restart: false
- block:
- when: "matrix_mautrix_telegram_database_engine == 'postgres'"
block:
- name: Check if an SQLite database already exists
ansible.builtin.stat:
path: "{{ matrix_mautrix_telegram_sqlite_database_path_local }}"
register: matrix_mautrix_telegram_sqlite_database_path_local_stat_result
- block:
- when: "matrix_mautrix_telegram_sqlite_database_path_local_stat_result.stat.exists | bool"
block:
- ansible.builtin.set_fact:
matrix_postgres_db_migration_request:
src: "{{ matrix_mautrix_telegram_sqlite_database_path_local }}"
@ -33,8 +35,6 @@
- ansible.builtin.set_fact:
matrix_mautrix_telegram_requires_restart: true
when: "matrix_mautrix_telegram_sqlite_database_path_local_stat_result.stat.exists | bool"
when: "matrix_mautrix_telegram_database_engine == 'postgres'"
- name: Ensure Mautrix Telegram paths exist
ansible.builtin.file:

View file

@ -11,13 +11,15 @@
- ansible.builtin.set_fact:
matrix_mautrix_whatsapp_requires_restart: false
- block:
- when: "matrix_mautrix_whatsapp_database_engine == 'postgres'"
block:
- name: Check if an SQLite database already exists
ansible.builtin.stat:
path: "{{ matrix_mautrix_whatsapp_sqlite_database_path_local }}"
register: matrix_mautrix_whatsapp_sqlite_database_path_local_stat_result
- block:
- when: "matrix_mautrix_whatsapp_sqlite_database_path_local_stat_result.stat.exists | bool"
block:
- ansible.builtin.set_fact:
matrix_postgres_db_migration_request:
src: "{{ matrix_mautrix_whatsapp_sqlite_database_path_local }}"
@ -34,9 +36,6 @@
- ansible.builtin.set_fact:
matrix_mautrix_whatsapp_requires_restart: true
when: "matrix_mautrix_whatsapp_sqlite_database_path_local_stat_result.stat.exists | bool"
when: "matrix_mautrix_whatsapp_database_engine == 'postgres'"
- name: Ensure Mautrix Whatsapp paths exists
ansible.builtin.file:

View file

@ -27,7 +27,8 @@
path: "{{ matrix_mx_puppet_discord_base_path }}/database.db"
register: matrix_mx_puppet_discord_stat_database
- block:
- when: "matrix_mx_puppet_discord_stat_database.stat.exists"
block:
- name: (Data relocation) Ensure matrix-mx-puppet-discord.service is stopped
ansible.builtin.service:
name: matrix-mx-puppet-discord
@ -40,18 +41,19 @@
cmd: "mv {{ matrix_mx_puppet_discord_base_path }}/database.db {{ matrix_mx_puppet_discord_data_path }}/database.db"
register: matrix_mx_puppet_discord_relocate_database_result
changed_when: matrix_mx_puppet_discord_relocate_database_result.rc == 0
when: "matrix_mx_puppet_discord_stat_database.stat.exists"
- ansible.builtin.set_fact:
matrix_mx_puppet_discord_requires_restart: false
- block:
- when: "matrix_mx_puppet_discord_database_engine == 'postgres'"
block:
- name: Check if an SQLite database already exists
ansible.builtin.stat:
path: "{{ matrix_mx_puppet_discord_sqlite_database_path_local }}"
register: matrix_mx_puppet_discord_sqlite_database_path_local_stat_result
- block:
- when: "matrix_mx_puppet_discord_sqlite_database_path_local_stat_result.stat.exists | bool"
block:
- ansible.builtin.set_fact:
matrix_postgres_db_migration_request:
src: "{{ matrix_mx_puppet_discord_sqlite_database_path_local }}"
@ -67,8 +69,6 @@
- ansible.builtin.set_fact:
matrix_mx_puppet_discord_requires_restart: true
when: "matrix_mx_puppet_discord_sqlite_database_path_local_stat_result.stat.exists | bool"
when: "matrix_mx_puppet_discord_database_engine == 'postgres'"
- name: Ensure MX Puppet Discord image is pulled
docker_image:

View file

@ -43,13 +43,15 @@
- ansible.builtin.set_fact:
matrix_mx_puppet_groupme_requires_restart: false
- block:
- when: "matrix_mx_puppet_groupme_database_engine == 'postgres'"
block:
- name: Check if an SQLite database already exists
ansible.builtin.stat:
path: "{{ matrix_mx_puppet_groupme_sqlite_database_path_local }}"
register: matrix_mx_puppet_groupme_sqlite_database_path_local_stat_result
- block:
- when: "matrix_mx_puppet_groupme_sqlite_database_path_local_stat_result.stat.exists | bool"
block:
- ansible.builtin.set_fact:
matrix_postgres_db_migration_request:
src: "{{ matrix_mx_puppet_groupme_sqlite_database_path_local }}"
@ -65,8 +67,6 @@
- ansible.builtin.set_fact:
matrix_mx_puppet_groupme_requires_restart: true
when: "matrix_mx_puppet_groupme_sqlite_database_path_local_stat_result.stat.exists | bool"
when: "matrix_mx_puppet_groupme_database_engine == 'postgres'"
- name: Ensure MX Puppet Groupme image is pulled
docker_image:

View file

@ -12,13 +12,15 @@
- ansible.builtin.set_fact:
matrix_mx_puppet_instagram_requires_restart: false
- block:
- when: "matrix_mx_puppet_instagram_database_engine == 'postgres'"
block:
- name: Check if an SQLite database already exists
ansible.builtin.stat:
path: "{{ matrix_mx_puppet_instagram_sqlite_database_path_local }}"
register: matrix_mx_puppet_instagram_sqlite_database_path_local_stat_result
- block:
- when: "matrix_mx_puppet_instagram_sqlite_database_path_local_stat_result.stat.exists | bool"
block:
- ansible.builtin.set_fact:
matrix_postgres_db_migration_request:
src: "{{ matrix_mx_puppet_instagram_sqlite_database_path_local }}"
@ -34,8 +36,6 @@
- ansible.builtin.set_fact:
matrix_mx_puppet_instagram_requires_restart: true
when: "matrix_mx_puppet_instagram_sqlite_database_path_local_stat_result.stat.exists | bool"
when: "matrix_mx_puppet_instagram_database_engine == 'postgres'"
- name: Ensure mx-puppet-instagram image is pulled
docker_image:

View file

@ -27,7 +27,10 @@
}}
when: matrix_mx_puppet_slack_enabled | bool
- block:
- when: matrix_mx_puppet_slack_enabled | bool
tags:
- always
block:
- name: Fail if matrix-nginx-proxy role already executed
ansible.builtin.fail:
msg: >-
@ -60,9 +63,6 @@
+
[matrix_mx_puppet_slack_matrix_nginx_proxy_configuration]
}}
tags:
- always
when: matrix_mx_puppet_slack_enabled | bool
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
ansible.builtin.debug:

View file

@ -39,13 +39,15 @@
- ansible.builtin.set_fact:
matrix_mx_puppet_slack_requires_restart: false
- block:
- when: "matrix_mx_puppet_slack_database_engine == 'postgres'"
block:
- name: Check if an SQLite database already exists
ansible.builtin.stat:
path: "{{ matrix_mx_puppet_slack_sqlite_database_path_local }}"
register: matrix_mx_puppet_slack_sqlite_database_path_local_stat_result
- block:
- when: "matrix_mx_puppet_slack_sqlite_database_path_local_stat_result.stat.exists | bool"
block:
- ansible.builtin.set_fact:
matrix_postgres_db_migration_request:
src: "{{ matrix_mx_puppet_slack_sqlite_database_path_local }}"
@ -61,8 +63,6 @@
- ansible.builtin.set_fact:
matrix_mx_puppet_slack_requires_restart: true
when: "matrix_mx_puppet_slack_sqlite_database_path_local_stat_result.stat.exists | bool"
when: "matrix_mx_puppet_slack_database_engine == 'postgres'"
- name: Ensure MX Puppet Slack image is pulled
docker_image:

View file

@ -43,13 +43,15 @@
- ansible.builtin.set_fact:
matrix_mx_puppet_steam_requires_restart: false
- block:
- when: "matrix_mx_puppet_steam_database_engine == 'postgres'"
block:
- name: Check if an SQLite database already exists
ansible.builtin.stat:
path: "{{ matrix_mx_puppet_steam_sqlite_database_path_local }}"
register: matrix_mx_puppet_steam_sqlite_database_path_local_stat_result
- block:
- when: "matrix_mx_puppet_steam_sqlite_database_path_local_stat_result.stat.exists | bool"
block:
- ansible.builtin.set_fact:
matrix_postgres_db_migration_request:
src: "{{ matrix_mx_puppet_steam_sqlite_database_path_local }}"
@ -65,8 +67,6 @@
- ansible.builtin.set_fact:
matrix_mx_puppet_steam_requires_restart: true
when: "matrix_mx_puppet_steam_sqlite_database_path_local_stat_result.stat.exists | bool"
when: "matrix_mx_puppet_steam_database_engine == 'postgres'"
- name: Ensure MX Puppet Steam image is pulled
docker_image:

View file

@ -27,7 +27,10 @@
}}
when: matrix_mx_puppet_twitter_enabled | bool
- block:
- when: matrix_mx_puppet_twitter_enabled | bool
tags:
- always
block:
- name: Fail if matrix-nginx-proxy role already executed
ansible.builtin.fail:
msg: >-
@ -60,9 +63,6 @@
+
[matrix_mx_puppet_twitter_matrix_nginx_proxy_configuration]
}}
tags:
- always
when: matrix_mx_puppet_twitter_enabled | bool
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
ansible.builtin.debug:

View file

@ -43,13 +43,15 @@
- ansible.builtin.set_fact:
matrix_mx_puppet_twitter_requires_restart: false
- block:
- when: "matrix_mx_puppet_twitter_database_engine == 'postgres'"
block:
- name: Check if an SQLite database already exists
ansible.builtin.stat:
path: "{{ matrix_mx_puppet_twitter_sqlite_database_path_local }}"
register: matrix_mx_puppet_twitter_sqlite_database_path_local_stat_result
- block:
- when: "matrix_mx_puppet_twitter_sqlite_database_path_local_stat_result.stat.exists | bool"
block:
- ansible.builtin.set_fact:
matrix_postgres_db_migration_request:
src: "{{ matrix_mx_puppet_twitter_sqlite_database_path_local }}"
@ -65,8 +67,6 @@
- ansible.builtin.set_fact:
matrix_mx_puppet_twitter_requires_restart: true
when: "matrix_mx_puppet_twitter_sqlite_database_path_local_stat_result.stat.exists | bool"
when: "matrix_mx_puppet_twitter_database_engine == 'postgres'"
- name: Ensure MX Puppet Twitter image is pulled
docker_image:

View file

@ -21,7 +21,10 @@
}}
when: matrix_cactus_comments_enabled | bool
- block:
- when: matrix_cactus_comments_enabled | bool and matrix_cactus_comments_serve_client_enabled | bool
tags:
- always
block:
- name: Fail if matrix-nginx-proxy role already executed
ansible.builtin.fail:
msg: >-
@ -63,7 +66,3 @@
reverse proxy.
Please make sure that you're proxying client files in {{ matrix_cactus_comments_client_path }} correctly
when: "not matrix_nginx_proxy_enabled | default(False) | bool"
tags:
- always
when: matrix_cactus_comments_enabled | bool and matrix_cactus_comments_serve_client_enabled | bool

View file

@ -65,7 +65,8 @@
pull: true
when: "matrix_cactus_comments_container_image_self_build | bool"
- block:
- when: matrix_cactus_comments_client_local_dir | length == 0
block:
- name: Download client binary to local folder
ansible.builtin.get_url:
url: "https://gitlab.com/cactus-comments/cactus-client/-/archive/v{{ matrix_cactus_comments_client_version }}/cactus-client-v{{ matrix_cactus_comments_client_version }}.tar.gz"
@ -101,9 +102,9 @@
mode: "{{ matrix_cactus_comments_client_file_permissions }}"
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
when: matrix_cactus_comments_client_local_dir | length == 0
- block:
- when: matrix_cactus_comments_client_local_dir | length > 0
block:
- name: Propagate locally distributed client javascreipt
ansible.builtin.copy:
src: "{{ matrix_cactus_comments_client_local_dir }}/src/cactus.js"
@ -118,7 +119,6 @@
mode: "{{ matrix_cactus_comments_client_file_permissions }}"
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
when: matrix_cactus_comments_client_local_dir | length > 0
- name: Ensure matrix-cactus-comments.service installed
ansible.builtin.template:

View file

@ -10,7 +10,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/vecto
# - https://github.com/vector-im/element-web/issues/19544
matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}"
matrix_client_element_version: v1.11.5
matrix_client_element_version: v1.11.6
matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}"
matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}"
matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}"

View file

@ -4,7 +4,11 @@
# Tasks related to setting up Element themes
#
- block:
- when: matrix_client_element_themes_enabled | bool
run_once: true
delegate_to: 127.0.0.1
become: false
block:
- name: Ensure Element themes repository is pulled
ansible.builtin.git:
repo: "{{ matrix_client_element_themes_repository_url }}"
@ -29,12 +33,6 @@
matrix_client_element_settingDefaults_custom_themes: "{{ matrix_client_element_settingDefaults_custom_themes + [item['content'] | b64decode | from_json] }}" # noqa var-naming
with_items: "{{ matrix_client_element_theme_file_contents.results }}"
run_once: true
delegate_to: 127.0.0.1
become: false
when: matrix_client_element_themes_enabled | bool
#
# Tasks related to getting rid of Element themes (if it was previously enabled)
#

View file

@ -34,7 +34,8 @@
delegate_to: 127.0.0.1
become: false
- block:
- when: "ansible_distribution != 'Archlinux'"
block:
- name: Populate service facts
ansible.builtin.service_facts:
@ -50,9 +51,9 @@
with_items: "{{ matrix_systemd_services_list }}"
when:
- "item.endswith('.service') and (ansible_facts.services[item] | default(none) is none or ansible_facts.services[item].state != 'running')"
when: "ansible_distribution != 'Archlinux'"
- block:
- when: "ansible_distribution == 'Archlinux'"
block:
# Currently there is a bug in ansible that renders is incompatible with systemd.
# service_facts is not collecting the data successfully.
# Therefore iterating here manually
@ -70,4 +71,3 @@
Try running `systemctl status {{ item.item }}` and `journalctl -fu {{ item.item }}` on the server to investigate.
with_items: "{{ systemdstatus.results }}"
when: "item.status['ActiveState'] != 'active'"
when: "ansible_distribution == 'Archlinux'"

View file

@ -29,7 +29,8 @@
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- block:
- when: "matrix_coturn_container_image_self_build | bool"
block:
- name: Ensure Coturn repository is present on self-build
ansible.builtin.git:
repo: "{{ matrix_coturn_container_image_self_build_repo }}"
@ -50,7 +51,6 @@
dockerfile: "{{ matrix_coturn_container_image_self_build_repo_dockerfile_path }}"
path: "{{ matrix_coturn_docker_src_files_path }}"
pull: true
when: "matrix_coturn_container_image_self_build | bool"
- name: Ensure Coturn configuration path exists
ansible.builtin.file:

View file

@ -3,13 +3,15 @@
- ansible.builtin.set_fact:
matrix_dimension_requires_restart: false
- block:
- when: "matrix_dimension_database_engine == 'postgres'"
block:
- name: Check if an SQLite database already exists
ansible.builtin.stat:
path: "{{ matrix_dimension_sqlite_database_path_local }}"
register: matrix_dimension_sqlite_database_path_local_stat_result
- block:
- when: "matrix_dimension_sqlite_database_path_local_stat_result.stat.exists | bool"
block:
# pgloader makes a few columns `smallint`, instead of `boolean`.
# We need to fix them up.
- ansible.builtin.set_fact:
@ -67,8 +69,6 @@
- ansible.builtin.set_fact:
matrix_dimension_requires_restart: true
when: "matrix_dimension_sqlite_database_path_local_stat_result.stat.exists | bool"
when: "matrix_dimension_database_engine == 'postgres'"
- name: Ensure Dimension base path exists
ansible.builtin.file:

View file

@ -7,7 +7,7 @@ matrix_dynamic_dns_enabled: true
# The dynamic dns daemon interval
matrix_dynamic_dns_daemon_interval: '300'
matrix_dynamic_dns_version: v3.9.1-ls99
matrix_dynamic_dns_version: v3.9.1-ls100
# The docker container to use when in mode
matrix_dynamic_dns_docker_image: "{{ matrix_dynamic_dns_docker_image_name_prefix }}linuxserver/ddclient:{{ matrix_dynamic_dns_version }}"

View file

@ -4,7 +4,10 @@
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-etherpad.service'] }}"
when: matrix_etherpad_enabled | bool
- block:
- when: matrix_etherpad_enabled | bool
tags:
- always
block:
- name: Fail if matrix-nginx-proxy role already executed
ansible.builtin.fail:
msg: >-
@ -49,9 +52,6 @@
+
[matrix_etherpad_matrix_nginx_proxy_configuration]
}}
tags:
- always
when: matrix_etherpad_enabled | bool
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
ansible.builtin.debug:

View file

@ -42,7 +42,8 @@
# We use shell commands for the migration, because the Ansible copy module cannot
# recursively copy remote directories (like `/matrix/mxisd/data/sign.key`) in older versions of Ansible.
- block:
- when: "ma1sd_migrate_mxisd_data_dir_stat.stat.exists"
block:
- name: Copy mxisd data files to ma1sd folder
ansible.builtin.command:
cmd: "cp -ar {{ matrix_base_data_path }}/mxisd/data {{ matrix_ma1sd_base_path }}"
@ -66,7 +67,6 @@
cmd: "mv {{ matrix_base_data_path }}/mxisd {{ matrix_base_data_path }}/mxisd.migrated"
register: matrix_ma1sd_migrate_mxisd_move_directory_result
changed_when: matrix_ma1sd_migrate_mxisd_move_directory_result.rc == 0
when: "ma1sd_migrate_mxisd_data_dir_stat.stat.exists"
- name: Ensure outdated matrix-mxisd.service doesn't exist
ansible.builtin.file:

View file

@ -21,13 +21,15 @@
- ansible.builtin.set_fact:
matrix_ma1sd_requires_restart: false
- block:
- when: "matrix_ma1sd_database_engine == 'postgres'"
block:
- name: Check if an SQLite database already exists
ansible.builtin.stat:
path: "{{ matrix_ma1sd_sqlite_database_path_local }}"
register: matrix_ma1sd_sqlite_database_path_local_stat_result
- block:
- when: "matrix_ma1sd_sqlite_database_path_local_stat_result.stat.exists | bool"
block:
- ansible.builtin.set_fact:
matrix_postgres_db_migration_request:
src: "{{ matrix_ma1sd_sqlite_database_path_local }}"
@ -44,8 +46,6 @@
- ansible.builtin.set_fact:
matrix_ma1sd_requires_restart: true
when: "matrix_ma1sd_sqlite_database_path_local_stat_result.stat.exists | bool"
when: "matrix_ma1sd_database_engine == 'postgres'"
- name: Ensure ma1sd image is pulled
docker_image:
@ -59,7 +59,8 @@
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- block:
- when: "matrix_ma1sd_container_image_self_build | bool"
block:
- name: Ensure gradle is installed for self-building (Debian)
ansible.builtin.apt:
name:
@ -111,7 +112,6 @@
repository: "{{ matrix_ma1sd_docker_image }}"
force_tag: true
source: local
when: "matrix_ma1sd_container_image_self_build | bool"
- name: Ensure ma1sd config installed
ansible.builtin.copy:

View file

@ -15,7 +15,8 @@
# See: https://docs.ansible.com/ansible/2.3/htpasswd_module.html#requirements-on-host-that-executes-module
# We support various distros, with various versions of Python. Installing additional Python modules can be a hassle.
# As a workaround, we run `htpasswd` from an Apache container image.
- block:
- when: matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_username != ''
block:
- name: Ensure Apache Docker image is pulled for generating matrix-metrics-htpasswd from username/password (protecting /metrics/* URIs)
docker_image:
name: "{{ matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_apache_container_image }}"
@ -57,4 +58,3 @@
ansible.builtin.file:
path: /tmp/matrix-nginx-proxy-metrics-password
state: absent
when: matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_username != ''

View file

@ -9,7 +9,8 @@
follow_redirects: "{{ matrix_nginx_proxy_self_check_well_known_matrix_client_follow_redirects }}"
validate_certs: "{{ matrix_nginx_proxy_self_check_validate_certificates }}"
- block:
- when: matrix_well_known_matrix_server_enabled | bool
block:
- ansible.builtin.set_fact:
well_known_file_check_matrix_server:
path: /.well-known/matrix/server
@ -21,7 +22,6 @@
- name: Determine domains that we require certificates for (ma1sd)
ansible.builtin.set_fact:
well_known_file_checks: "{{ well_known_file_checks + [well_known_file_check_matrix_server] }}"
when: matrix_well_known_matrix_server_enabled | bool
- name: Perform well-known checks
ansible.builtin.include_tasks: "{{ role_path }}/tasks/self_check_well_known_file.yml"

View file

@ -16,7 +16,8 @@
# Tasks related to setting up Let's Encrypt's management of certificates
#
- block:
- when: "matrix_ssl_retrieval_method == 'lets-encrypt'"
block:
- name: Ensure certbot Docker image is pulled
docker_image:
name: "{{ matrix_ssl_lets_encrypt_certbot_docker_image }}"
@ -43,13 +44,13 @@
mode: 0644
when: "item.applicable | bool"
with_items: "{{ matrix_ssl_renewal_systemd_units_list }}"
when: "matrix_ssl_retrieval_method == 'lets-encrypt'"
#
# Tasks related to getting rid of Let's Encrypt's management of certificates
#
- block:
- when: "matrix_ssl_retrieval_method != 'lets-encrypt'"
block:
- name: Ensure matrix-ssl-lets-encrypt-renew cronjob removed
ansible.builtin.file:
path: "{{ matrix_systemd_path }}/{{ item.name }}"
@ -61,4 +62,3 @@
ansible.builtin.file:
path: "{{ matrix_local_bin_path }}/matrix-ssl-lets-encrypt-certificates-renew"
state: absent
when: "matrix_ssl_retrieval_method != 'lets-encrypt'"

View file

@ -13,7 +13,8 @@
- ansible.builtin.set_fact:
domain_name_needs_cert: "{{ not domain_name_certificate_path_stat.stat.exists }}"
- block:
- when: "domain_name_needs_cert | bool and matrix_ssl_pre_obtaining_required_service_name != ''"
block:
- name: Ensure required service for obtaining is started
ansible.builtin.service:
name: "{{ matrix_ssl_pre_obtaining_required_service_name }}"
@ -24,7 +25,6 @@
ansible.builtin.wait_for:
timeout: "{{ matrix_ssl_pre_obtaining_required_service_start_wait_time_seconds }}"
when: "matrix_ssl_pre_obtaining_required_service_start_result.changed | bool"
when: "domain_name_needs_cert | bool and matrix_ssl_pre_obtaining_required_service_name != ''"
# This will fail if there is something running on port 80 (like matrix-nginx-proxy).
# We suppress the error, as we'll try another method below.

View file

@ -35,7 +35,8 @@
- or raw htpasswd content (provided in `matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_raw_content`)
when: "matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_enabled | bool and (matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_raw_content == '' and (matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_username == '' or matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_password == ''))"
- block:
- when: "matrix_ssl_retrieval_method == 'lets-encrypt'"
block:
- name: (Deprecation) Catch and report renamed settings
ansible.builtin.fail:
msg: >-
@ -57,7 +58,6 @@
- "matrix_nginx_proxy_proxy_synapse_client_api_addr_with_container"
- "matrix_nginx_proxy_proxy_synapse_client_api_addr_sans_container"
when: "vars[item] == '' or vars[item] is none"
when: "matrix_ssl_retrieval_method == 'lets-encrypt'"
- name: (Deprecation) Catch and report old metrics usage
ansible.builtin.fail:

View file

@ -7,7 +7,7 @@ matrix_ntfy_base_path: "{{ matrix_base_data_path }}/ntfy"
matrix_ntfy_config_dir_path: "{{ matrix_ntfy_base_path }}/config"
matrix_ntfy_data_path: "{{ matrix_ntfy_base_path }}/data"
matrix_ntfy_version: v1.27.2
matrix_ntfy_version: v1.28.0
matrix_ntfy_docker_image: "{{ matrix_container_global_registry_prefix }}binwiederhier/ntfy:{{ matrix_ntfy_version }}"
matrix_ntfy_docker_image_force_pull: "{{ matrix_ntfy_docker_image.endswith(':latest') }}"

View file

@ -78,7 +78,7 @@ matrix_postgres_import_roles_to_ignore: [matrix_postgres_connection_username]
# which is unsupported by default by newer Postgres versions (v14+).
# When users are created and passwords are set by the playbook, they end up hashed as `scram-sha-256` on Postgres v14+.
# If an md5-hashed password is restored on top, Postgres v14+ will refuse to authenticate users with it by default.
matrix_postgres_import_roles_ignore_regex: "^(CREATE|ALTER) ROLE ({{ matrix_postgres_import_roles_to_ignore | join('|') }})(;| WITH)" # noqa var-spacing
matrix_postgres_import_roles_ignore_regex: "^(CREATE|ALTER) ROLE ({{ matrix_postgres_import_roles_to_ignore | join('|') }})(;| WITH)" # noqa jinja[spacing]
# A list of databases to avoid creating when importing (or upgrading) the database.
# If a dump file contains the databases and they've also been created beforehand (see `matrix_postgres_additional_databases`),
@ -86,7 +86,7 @@ matrix_postgres_import_roles_ignore_regex: "^(CREATE|ALTER) ROLE ({{ matrix_post
# We either need to not create them or to ignore the `CREATE DATABASE` statements in the dump.
matrix_postgres_import_databases_to_ignore: [matrix_postgres_db_name]
matrix_postgres_import_databases_ignore_regex: "^CREATE DATABASE ({{ matrix_postgres_import_databases_to_ignore | join('|') }})\\s" # noqa var-spacing
matrix_postgres_import_databases_ignore_regex: "^CREATE DATABASE ({{ matrix_postgres_import_databases_to_ignore | join('|') }})\\s" # noqa jinja[spacing]
# The number of seconds to wait after starting `matrix-postgres.service`
# and before trying to run queries for creating additional databases/users against it.

View file

@ -25,7 +25,8 @@
# We either expect `postgres_db_connection_string` specifying a full Postgres database connection string,
# or `postgres_connection_string_variable_name`, specifying a name of a variable, which contains a valid connection string.
- block:
- when: 'postgres_connection_string_variable_name is defined'
block:
- name: Fail if postgres_connection_string_variable_name points to an undefined variable
ansible.builtin.fail: msg="postgres_connection_string_variable_name is defined, but there is no variable with the name `{{ postgres_connection_string_variable_name }}`"
when: "postgres_connection_string_variable_name not in vars"
@ -33,7 +34,6 @@
- name: Get Postgres connection string from variable
ansible.builtin.set_fact:
postgres_db_connection_string: "{{ lookup('vars', postgres_connection_string_variable_name) }}"
when: 'postgres_connection_string_variable_name is defined'
- name: Fail if playbook called incorrectly
ansible.builtin.fail:

View file

@ -31,7 +31,8 @@
msg: "File cannot be found on the server at {{ matrix_postgres_db_migration_request.src }}"
when: "not matrix_postgres_db_migration_request_src_stat_result.stat.exists"
- block:
- when: "matrix_postgres_pgloader_container_image_self_build | bool"
block:
- name: Ensure pgloader repository is present on self-build
ansible.builtin.git:
repo: "{{ matrix_postgres_pgloader_container_image_self_build_repo }}"
@ -69,7 +70,6 @@
dockerfile: Dockerfile
path: "{{ matrix_postgres_pgloader_container_image_self_build_src_path }}"
pull: true
when: "matrix_postgres_pgloader_container_image_self_build | bool"
- name: Ensure pgloader Docker image is pulled
docker_image:
@ -134,7 +134,8 @@
register: matrix_postgres_migrate_db_to_postgres_import_result
changed_when: matrix_postgres_migrate_db_to_postgres_import_result.rc == 0
- block:
- when: "matrix_postgres_db_migration_request.additional_psql_statements_list | default([]) | length > 0"
block:
- ansible.builtin.import_role:
name: matrix-postgres
tasks_from: detect_existing_postgres_version
@ -157,8 +158,6 @@
register: matrix_postgres_migrate_db_to_postgres_additional_queries_result
changed_when: matrix_postgres_migrate_db_to_postgres_additional_queries_result.rc == 0
when: "matrix_postgres_db_migration_request.additional_psql_statements_list | default([]) | length > 0"
- name: Archive {{ matrix_postgres_db_migration_request.engine_old }} database ({{ matrix_postgres_db_migration_request.src }} -> {{ matrix_postgres_db_migration_request.src }}.backup)
ansible.builtin.command:
cmd: "mv {{ matrix_postgres_db_migration_request.src }} {{ matrix_postgres_db_migration_request.src }}.backup"

View file

@ -52,14 +52,14 @@
group: "{{ matrix_user_groupname }}"
when: "result_pg_old_data_dir_stat.stat.exists"
- block:
- when: "result_pg_old_data_dir_stat.stat.exists"
block:
- name: Relocate Postgres data files from old directory to new
ansible.builtin.command:
cmd: "mv {{ item.path }} {{ matrix_postgres_data_path }}/{{ item.path | basename }}"
with_items: "{{ result_pg_old_data_dir_find.files }}"
register: matrix_postgres_migrate_postgres_data_directory_move_result
changed_when: matrix_postgres_migrate_postgres_data_directory_move_result.rc == 0
when: "result_pg_old_data_dir_stat.stat.exists"
# Intentionally not starting matrix-postgres here.
# It likely needs to be updated to point to the new directory.

View file

@ -4,7 +4,8 @@
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-prometheus-node-exporter.service'] }}"
when: matrix_prometheus_node_exporter_enabled | bool
- block:
- when: matrix_prometheus_node_exporter_enabled | bool and matrix_prometheus_node_exporter_metrics_proxying_enabled | bool
block:
- name: Fail if matrix-nginx-proxy role already executed
ansible.builtin.fail:
msg: >-
@ -38,4 +39,3 @@
+
[matrix_prometheus_node_exporter_nginx_metrics_configuration_block]
}}
when: matrix_prometheus_node_exporter_enabled | bool and matrix_prometheus_node_exporter_metrics_proxying_enabled | bool

View file

@ -4,7 +4,8 @@
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-prometheus-postgres-exporter.service'] }}"
when: matrix_prometheus_postgres_exporter_enabled | bool
- block:
- when: matrix_prometheus_node_exporter_enabled | bool and matrix_prometheus_node_exporter_metrics_proxying_enabled | bool
block:
- name: Fail if matrix-nginx-proxy role already executed
ansible.builtin.fail:
msg: >-
@ -38,4 +39,3 @@
+
[matrix_prometheus_postgres_exporter_nginx_metrics_configuration_block]
}}
when: matrix_prometheus_node_exporter_enabled | bool and matrix_prometheus_node_exporter_metrics_proxying_enabled | bool

View file

@ -10,7 +10,10 @@
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-registration.service'] }}"
when: matrix_registration_enabled | bool
- block:
- when: matrix_registration_enabled | bool
tags:
- always
block:
- name: Fail if matrix-nginx-proxy role already executed
ansible.builtin.fail:
msg: >-
@ -54,9 +57,6 @@
+
[matrix_registration_matrix_nginx_proxy_configuration]
}}
tags:
- always
when: matrix_registration_enabled | bool
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
ansible.builtin.debug:

View file

@ -3,13 +3,15 @@
- ansible.builtin.set_fact:
matrix_registration_requires_restart: false
- block:
- when: "matrix_registration_database_engine == 'postgres'"
block:
- name: Check if an SQLite database already exists
ansible.builtin.stat:
path: "{{ matrix_registration_sqlite_database_path_local }}"
register: matrix_registration_sqlite_database_path_local_stat_result
- block:
- when: "matrix_registration_sqlite_database_path_local_stat_result.stat.exists | bool"
block:
- ansible.builtin.set_fact:
matrix_postgres_db_migration_request:
src: "{{ matrix_registration_sqlite_database_path_local }}"
@ -30,8 +32,6 @@
- ansible.builtin.set_fact:
matrix_registration_requires_restart: true
when: "matrix_registration_sqlite_database_path_local_stat_result.stat.exists | bool"
when: "matrix_registration_database_engine == 'postgres'"
- name: Ensure matrix-registration paths exist
ansible.builtin.file:

View file

@ -10,7 +10,10 @@
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-synapse-admin.service'] }}"
when: matrix_synapse_admin_enabled | bool
- block:
- when: matrix_synapse_admin_enabled | bool
tags:
- always
block:
- name: Fail if matrix-nginx-proxy role already executed
ansible.builtin.fail:
msg: >-
@ -45,9 +48,6 @@
+
[matrix_synapse_admin_matrix_nginx_proxy_configuration]
}}
tags:
- always
when: matrix_synapse_admin_enabled | bool
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
ansible.builtin.debug:

View file

@ -9,7 +9,7 @@ matrix_synapse_container_image_self_build_repo: "https://github.com/matrix-org/s
matrix_synapse_docker_image: "{{ matrix_synapse_docker_image_name_prefix }}matrixdotorg/synapse:{{ matrix_synapse_docker_image_tag }}"
matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_container_image_self_build else matrix_container_global_registry_prefix }}"
matrix_synapse_version: v1.67.0
matrix_synapse_version: v1.68.0
matrix_synapse_docker_image_tag: "{{ matrix_synapse_version }}"
matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}"

View file

@ -26,7 +26,8 @@
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-goofys.service'] }}"
when: matrix_s3_media_store_enabled | bool
- block:
- when: matrix_synapse_enabled | bool and matrix_synapse_metrics_proxying_enabled | bool
block:
- name: Fail if matrix-nginx-proxy role already executed
ansible.builtin.fail:
msg: >-
@ -84,4 +85,3 @@
[matrix_synapse_worker_nginx_metrics_configuration_block]
}}
when: matrix_synapse_workers_enabled_list | length > 0
when: matrix_synapse_enabled | bool and matrix_synapse_metrics_proxying_enabled | bool

View file

@ -85,16 +85,17 @@
#
# Row 3 contains a space when there's no result.
- block:
- when: "matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.failed or matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.stdout_lines | length != 4"
block:
- ansible.builtin.debug: var="matrix_synapse_rust_synapse_compress_state_find_rooms_command_result"
- name: Fail if room find result is not what we expect
ansible.builtin.fail:
msg: >-
Expecting 4 lines in the "find rooms" result.
when: "matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.failed or matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.stdout_lines | length != 4"
- block:
- when: "matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.stdout_lines[2] != ' '"
block:
# matrix_synapse_rust_synapse_compress_state_eligible_rooms is a list
# of dictionaries like this: {'room_id': '!some-id', 'count': 2461329}
- ansible.builtin.set_fact:
@ -113,7 +114,6 @@
with_items: "{{ matrix_synapse_rust_synapse_compress_state_eligible_rooms }}"
loop_control:
loop_var: room_details
when: "matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.stdout_lines[2] != ' '"
- name: Show notice about lack of rooms to compress
ansible.builtin.debug:

View file

@ -18,7 +18,8 @@
group: "{{ matrix_user_groupname }}"
when: "not local_path_media_store_stat.failed and not local_path_media_store_stat.stat.exists"
- block:
- when: "matrix_synapse_container_image_self_build | bool"
block:
- name: Ensure Synapse repository is present on self-build
ansible.builtin.git:
repo: "{{ matrix_synapse_container_image_self_build_repo }}"
@ -48,7 +49,6 @@
environment:
DOCKER_BUILDKIT: 1
when: "matrix_synapse_git_pull_results.changed | bool or matrix_synapse_docker_image_check_result.stdout == ''"
when: "matrix_synapse_container_image_self_build | bool"
- name: Ensure Synapse Docker image is pulled
docker_image:

View file

@ -37,7 +37,8 @@
msg: "Unrecognized Synapse worker `app`: `{{ matrix_synapse_worker_details.app }}`. Supported types are: {{ matrix_synapse_workers_avail_list | join(', ') }}"
when: "matrix_synapse_worker_details.app not in matrix_synapse_workers_avail_list"
- block:
- when: "matrix_synapse_worker_details.type == 'stream_writer'"
block:
- name: Fail if stream_writer_stream not defined for stream_writer worker
ansible.builtin.fail:
msg: >-
@ -50,7 +51,6 @@
ansible.builtin.fail:
msg: "Synapse background workers of type stream_writer (such as {{ item }}) need to define a valid `replication_port` property"
when: "'replication_port' not in matrix_synapse_worker_details"
when: "matrix_synapse_worker_details.type == 'stream_writer'"
- ansible.builtin.set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + [matrix_synapse_worker_details.name + '.service'] }}"

View file

@ -34,7 +34,7 @@ matrix_synapse_workers_generic_worker_client_server_endpoints: "{{ matrix_synaps
matrix_synapse_workers_generic_worker_federation_endpoints: "{{ matrix_synapse_workers_generic_worker_endpoints | default([]) | map('regex_search', matrix_synapse_workers_generic_worker_federation_endpoints_regex) | list | difference([none]) }}"
# matrix_synapse_workers_generic_worker_federation_endpoints_regex contains the regex used in matrix_synapse_workers_generic_worker_federation_endpoints.
# It's intentionally put in a separate variable, to avoid tripping ansible-lint's var-spacing rule.
# It's intentionally put in a separate variable, to avoid tripping ansible-lint's jinja[spacing] rule.
matrix_synapse_workers_generic_worker_federation_endpoints_regex: '.*(/_matrix/federation|/_matrix/key).*'
# matrix_synapse_workers_stream_writer_typing_stream_worker_client_server_endpoints contains the endpoints serviced by the `typing` stream writer.