Commit graph

182 commits

Author SHA1 Message Date
Aaron Raimist ca361af616
Add Hydrogen 2021-05-15 04:23:36 -05:00
Aaron Raimist 3d2142f88b
Add sanity check for server architecture 2021-04-10 16:14:32 -05:00
Slavi Pantaleev 93960b70be Do not fail if _matrix-identity DNS SRV record missing
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/963

This also simplifies Prerequisites, which is great.

It'd be nice if we were doing these checks in some optional manner
and reporting them as helpful messages (using
`matrix_playbook_runtime_results`), but that's more complicated.
I'd rather drop these checks completely.
2021-03-30 11:24:04 +03:00
Slavi Pantaleev 9a0222fa47 Add Sygnal support
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/683
2021-03-20 13:32:22 +02:00
Yannick Goossens 51e2547484 Added support for the Go-NEB bot 2021-03-11 19:23:01 +01:00
Slavi Pantaleev 5cfeae806b Merge branch 'master' into synapse-workers 2021-02-14 13:00:57 +02:00
Slavi Pantaleev 85a260daaf Make --tags=setup-prometheus not break, relying on matrix-base facts 2021-02-12 11:59:24 +02:00
Peetz0r 144a5e6198 Register docker network info and use it for prometheus-node-exporter
Using the hardcoded IP did break while I was
messing with IPv6 stuff on the other branch
2021-02-10 22:54:42 +01:00
Peetz0r 989100b1c1 Grafana nginx proxy config 2021-02-10 22:54:14 +01:00
Peetz0r e0e459ac0c Fixed missing quotes 2021-01-30 11:58:24 +01:00
Peetz0r 473936065d Use Debian Buster Docker repo on Debian Bullseye
Future maintainer: check on https://docs.docker.com/engine/install/debian/ if Docker for
Debian 11 is released, then undo this commit
2021-01-30 09:02:41 +01:00
Slavi Pantaleev d98a1ceadd Merge branch 'master' into synapse-workers 2021-01-27 10:27:17 +02:00
Slavi Pantaleev 512f42aa76 Do not report docker kill/rm attempts as errors
These are just defensive cleanup tasks that we run.
In the good case, there's nothing to kill or remove, so they trigger an
error like this:

> Error response from daemon: Cannot kill container: something: No such container: something

and:

> Error: No such container: something

People often ask us if this is a problem, so instead of always having to
answer with "no, this is to be expected", we'd rather eliminate it now
and make logs cleaner.

In the event that:
- a container is really stuck and needs cleanup using kill/rm
- and cleanup fails, and we fail to report it because of error
suppression (`2>/dev/null`)

.. we'd still get an error when launching ("container name already in use .."),
so it shouldn't be too hard to investigate.
2021-01-27 10:22:46 +02:00
Slavi Pantaleev 70dcdd41a7 Simplify matrix-remove-all
We don't have instantiated services anymore, nor
/etc/systemd/system/matrix-synapse.service.wants/ stuff.
2021-01-25 14:02:30 +02:00
Slavi Pantaleev d3ecc6f017 Fix bridges failing to upload media when Synapse workers are enabled 2021-01-25 13:55:08 +02:00
Slavi Pantaleev c05d3d09bd Disable systemd services while stopping them
This removes some `multi-target.wants` symlinks as well, etc.

But despite systemd saying:

> Removed symlink /etc/systemd/system/matrix-synapse.service.wants/matrix-synapse-worker@appservice:0.service

.. I still see such symlinks tehre for me for some reason, so keeping the
code (below) to find & delete them still seems like a good idea.
2021-01-25 08:58:23 +02:00
Slavi Pantaleev 92ee3d78a0 Fix matrix-remove-all for when Synapse workers are enabled 2021-01-24 19:42:32 +02:00
Slavi Pantaleev 1692a28fe4 Work around annoying Docker warning about undefined $HOME
> WARNING: Error loading config file: .dockercfg: $HOME is not defined

.. which appeared in Docker 20.10.
2021-01-15 00:23:01 +02:00
Slavi Pantaleev e1690722f7 Replace cronjobs with systemd timers
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/756

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/737

I feel like timers are somewhat more complicated and dirty (compared to
cronjobs), but they come with these benefits:

- log output goes to journald
- on newer systemd distros, you can see when the timer fired, when it
will fire, etc.
- we don't need to rely on cron (reducing our dependencies to just
systemd + Docker)

Cronjobs work well, but it's one more dependency that needs to be
installed. We were even asking people to install it manually
(in `docs/prerequisites.md`), which could have gone unnoticed.

Once in a while someone says "my SSL certificates didn't renew"
and it's likely because they forgot to install a cron daemon.

Switching to systemd timers means that installation is simpler
and more unified.
2021-01-14 23:35:50 +02:00
Slavi Pantaleev 6cce5383bc Fix Ansible 2.9.6 check
Fixup for https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/769
2021-01-03 08:55:30 +02:00
Slavi Pantaleev 2c09111a3a Actually enforce that we run on Ansible >= 2.7.1
Related to 6e652e10ad
2021-01-03 08:54:17 +02:00
Slavi Pantaleev 8710883064
Merge pull request #743 from pushytoxin/docker_network
Drop the old workaround for an Ansible bug that has been fixed three years ago
2021-01-03 08:49:09 +02:00
Aaron Raimist 8827a49e21
Check equality properly 2020-12-26 20:20:00 -06:00
Aaron Raimist 3dd0517f04
Check for buggy version of Ansible that Ubuntu 20.04 provides 2020-12-26 20:13:49 -06:00
Slavi Pantaleev 8748f3d443 Move python{,3}-docker installation to another task
This also adds support for installing python3-docker (not python-docker)
in systems that run Python 3.
2020-12-17 11:49:56 +02:00
Slavi Pantaleev 349fbb6434 Do not hardcode armhf for Raspbian
Raspbian doesn't seem to support arm64, so this is somewhat pointless
right now.

However, they might in the future. Doing this should also unify us
some more with `setup_debian.yml` with the ultimate goal of
eliminating `setup_raspbian.yml`.
2020-12-17 11:47:34 +02:00
Slavi Pantaleev a09ed58892 Ensure gnupg installed on Raspbian
It's likely installed by default, but it doesn't hurt to specify it.
It also makes us more the same with `setup_debian.yml`.
2020-12-17 11:45:32 +02:00
Slavi Pantaleev f545de53f7 Do not hardcode "ubuntu" for the Docker APT key URL
Well, `ubuntu` or `debian`, the same key is served right now,
so it doesn't really matter.

This seems cleaner and less prone to breakage though.
2020-12-17 11:39:18 +02:00
Slavi Pantaleev 55f252a6ed Do not hardcode amd64 in setup_debian.yml
Until now, we've only supported non-amd64 on Raspbian.

Seems like there are now people running Debian/Ubuntu on ARM,
so we were forcing them into amd64 Docker packages.

I've gotten a report that this change fixes support
for Ubuntu Server 20.04 on RPi 4B.
2020-12-17 11:37:30 +02:00
Slavi Pantaleev ed159cc742 Move matrix_architecture to matrix-base
We were only defining this in `group_vars/matrix_servers`, which is
inconsistent with how we normally do things.
2020-12-17 11:33:18 +02:00
Slavi Pantaleev 47613e5a27 Remove synapse-janitor support
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/746
2020-12-11 23:24:42 +02:00
Slavi Pantaleev d556aa943f Update docker-ce.repo to not hardcode $releasever=7
This keeps it in line with https://download.docker.com/linux/centos/docker-ce.repo

Whether or not Docker works well on CentOS 8 for our purposes
hasn't been verified yet.

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/300
2020-12-07 07:20:47 +02:00
Béla Becker 6921ec4b8a Revert "Work around buggy docker_network sometimes failing to work"
The docker_network bug was fixed two years ago
This reverts commit 36658addcd.
2020-12-05 19:02:10 +01:00
Slavi Pantaleev 27c9014cb8 Improve uninstallation instructions
Also switches to using `docker system prune -a` for a less invasive
cleanup of Docker images and related resources.
2020-11-24 09:38:17 +02:00
Tobias Küchel 1cf5b1d80f e2ee_backup: rename variables to be consistent with naming scheme 2020-10-16 09:24:50 +02:00
Tobias Küchel 5158fa4df9 e2ee_backup_methods: rather leave the default empty, so that the system default may apply 2020-10-16 08:50:16 +02:00
Tobias Küchel 8f7e21892d fix indentation, updated to proposed changes from Slavi: no more ifdef 2020-10-16 08:47:37 +02:00
Tobias Küchel 4cfa112755 update default backup_methods as proposed by the system anyway 2020-10-16 08:44:04 +02:00
Tobias Küchel 6599204334 fix commata not being set when secure_backup_required false 2020-10-16 08:20:22 +02:00
Tobias Küchel 48f929dc91 add variables for secure_backup_required and secure_backup_setup_methods 2020-10-16 00:32:00 +02:00
Slavi Pantaleev 23daec748c Require Ansible v2.7 or newer (because of items2dict and dict2items)
Interestingly, no one has reported this failure before #662 (Github
Issue).

It doesn't make sense to keep saying that we support such old Ansible
versions, when we're not even testing on anything close to those.

Time is also passing and such versions are getting more and more
ancient. It's time we bumped our requirements to something that is more
likely to work.
2020-10-02 11:53:19 +03:00
Slavi Pantaleev 43c5f3ec6e Do not create /home/matrix when creating the matrix user 2020-09-29 18:14:37 +03:00
Slavi Pantaleev 7eb8192a51 Comlain about version requirement on Ansible v1
I don't believe Ansible v1 would even go as far as executing this
sanity check, but.. Adding an extra defensive check for completeness.
2020-09-29 12:37:39 +03:00
Slavi Pantaleev 3d702fe03b Avoid set_fact with error message to prevent confusion 2020-09-29 12:23:39 +03:00
Chris van Dijk b9c8d059d0 Support both the im.vector.riot and io.element variants in client .well-known
According to the docs, "e2ee" is already under "io.element":
  https://github.com/vector-im/element-web/blob/develop/docs/e2ee.md#disabling-encryption-by-default
however "jitsi" is still under "im.vector.riot":
  https://github.com/vector-im/element-web/blob/develop/docs/jitsi.md#configuring-element-to-use-your-self-hosted-jitsi-server

For now let's just maintain backward and forward compatibility for both
settings since the client version is out of the control of this
playbook.
2020-09-26 16:57:02 +00:00
Chris van Dijk f6b0f0a477 Rename matrix_riot_jitsi_preferredDomain and matrix_riot_e2ee_default to Element 2020-09-26 16:24:09 +00:00
Slavi Pantaleev 3c285bc6f5 Install lsb-release on Debian distros if unavailable
Certain more-minimal Debian installations may not have
lsb-release installed, which makes the playbook fail.

We need lsb-release on Debian, so that ansible_lsb
could tell us if this is Debian or Raspbian.
2020-08-27 13:58:35 +03:00
Slavi Pantaleev daf13107a0 Add support for rust-synapse-compress-state 2020-08-21 13:53:39 +03:00
merklaw fa6d85636f Add note about installing 'docker' Python package if Docker installation is disabled 2020-08-05 17:35:25 +02:00
merklaw 87df15441c Add note about installilng 'docker' Python package if Docker installation is disabled 2020-08-05 17:31:16 +02:00
vractal 9b61fef271 Replace gpg dependency for gnupg for better debian compatibility 2020-07-28 15:26:16 -04:00
hungrymonkey d093b9b148 Added gpg as base dependency for Debian 10
AWS Debian marketplace image does not have gpg preinstalled

https://aws.amazon.com/marketplace/pp/B0859NK4HC?ref=cns_srchrow

TASK [matrix-base : Ensure Docker's APT key is trusted] *******************************************************************************************************************************************************
fatal: [matrix.domain.com]: FAILED! => {"changed": false, "msg": "Failed to find required executable gpg in paths: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"}

Closes #590
2020-07-18 07:56:30 -07:00
Slavi Pantaleev c6ab1c6a90 Riot is now Element
Fixes #586 (Github Issue)
2020-07-17 11:31:20 +03:00
shadow ddfc945fcf Remove unused validate_config.yml, since it causes ansible warnings 2020-07-11 00:40:12 +03:00
Slavi Pantaleev 227f1a28e3 Allow matrix_user_uid/matrix_user_gid to be specified manually 2020-07-06 11:05:34 +03:00
Slavi Pantaleev de545f9c5f Update docs on self-building and remove useless variable
`matrix_container_images_self_build` was not really doing anything
anymore. It previously was influencing `matrix_*_self_build` variables,
but it's no longer the case since some time ago.

Individual `matrix_*_self_build` variables are still available.
People that would like to toggle self-building for a specific component
ought to use those.

These variables are also controlled automatically (via
`group_vars/matrix_servers`) depending on `matrix_architecture`.

In other words, self-building is being done automatically for
all components when they don't have a prebuilt image for the specified
architecture. Some components only support `amd64`, while others also
have images for other architectures.
2020-06-29 14:58:03 +03:00
Slavi Pantaleev 5c5f1c6ab9 Add support for telling Riot to not default to E2EE
Related to https://github.com/vector-im/riot-web/pull/13914
2020-06-24 11:39:51 +03:00
Slavi Pantaleev 7729511a84 Make vars.yml snapshotting optional and more configurable
Certain people organize their inventory in a different way
and we'd like to accommodate them.

Related to #542 (Github Issue).
2020-06-14 10:01:22 +03:00
Slavi Pantaleev 67ab7e7a1b Preserve vars.yml on the server for easily restoring
Fixes #542 (Github Issues).
2020-06-13 07:52:01 +03:00
Slavi Pantaleev 10b3ceff72 Make Matrix federation port configurable
Fixes #523 (Github Issue).
2020-06-09 08:29:03 +03:00
Chris van Dijk 74df10633a Remove hardcoded command paths in playbook cron usage 2020-05-27 23:14:58 +02:00
Chris van Dijk 6e3b877dc2 Remove hardcoded command paths in playbook shell usage 2020-05-27 23:14:56 +02:00
Chris van Dijk 6334f6c1ea Remove hardcoded command paths in systemd unit files
Depending on the distro, common commands like sleep and chown may either
be located in /bin or /usr/bin.

Systemd added path lookup to ExecStart in v239, allowing only the
command name to be put in unit files and not the full path as
historically required. At least Ubuntu 18.04 LTS is however still on
v237 so we should maintain portability for a while longer.
2020-05-27 23:14:54 +02:00
Dan Arnfield 787f12e70d Fix typo in validation 2020-05-08 13:56:31 -05:00
Slavi Pantaleev c1c8b8e62c Warn about matrix_user_uid/matrix_user_gid
We don't really need to fail in such a spectactular way,
but it's probably good to do. It will only happen for people
who are defining their own user/group id, which is rare.

It seems like a good idea to tell them that this doesn't work
as they expect anymore and to ask them to remove these variables,
which otherwise give them a fake sense of hope.

Related to #486 (Github Pull Request).
2020-05-06 10:17:19 +03:00
Slavi Pantaleev 36c61b5b4e Introduce a separate group variable (matrix_user_groupname)
Related to #485 (Github Pull Request).
2020-05-06 10:02:47 +03:00
Slavi Pantaleev ccc7aaf0ce Fix "Migrating to a new server" flow due to dynamic user/group creation 2020-05-06 09:55:40 +03:00
Slavi Pantaleev 8fea6f5130 Make sure matrix_user_uid and matrix_user_gid are always set
If one runs the playbook with `--tags=setup-all`, it would have been
fine.

But running with a specific tag (e.g. `--tags=setup-riot-web`) would
have made that initialization be skipped, and the `matrix-riot-web` role
would fail, due to missing variables.
2020-05-06 09:43:30 +03:00
Fanch a1c5a197a9 remove default UID/GID 2020-05-04 21:43:54 +02:00
Chris van Dijk 7585bcc4ac Allow the matrix user username and groupname to be configured separately
No migration steps should be required.
2020-05-01 19:59:32 +02:00
Slavi Pantaleev 9a43cc02e0 Only install docker-python if matrix_docker_installation_enabled
Should help with #300 (Github Issue).
2020-04-17 09:45:35 +03:00
Slavi Pantaleev 7035af87d8 Add support for Jitsi discovery for Riot via /.well-known/matrix/client
This will not work yet, as no version of Riot currently supports it.
It's expected to land in riot-web v1.5.16 via matrix-org/matrix-react-sdk#4348.
2020-04-09 09:58:35 +03:00
Alin Trăistaru 604e581a97 add ntpd defaults 2020-04-05 10:00:09 +03:00
Marcel Partap 874e2e1fc0 Rename variables (s/mxisd/ma1sd/) and adapt roles 2020-04-02 11:31:38 +02:00
Slavi Pantaleev 26b73e3a4b Do not install unnecessary bash-completion 2020-03-30 17:00:20 +03:00
Christian Wolf 8c9b5ea6dd Removed a few syntax bugs in Archlinux configuration 2020-03-28 13:00:01 +01:00
Christian Wolf 4bc73ff4bb Removed autoinstallation of cron due to documentation 2020-03-28 11:57:32 +01:00
Christian Wolf d84b2868b7 Added basic changes to make it compatible with Archlinux 2020-03-28 11:39:15 +01:00
mooomooo eebc6e13f8 Made directory variables for /etc/systemd/system , /etc/cron.d , /usr/local/bin 2020-03-24 11:27:58 -07:00
Slavi Pantaleev cdd9ee1962 Add Jitsi support 2020-03-23 17:19:15 +02:00
Horvath Gergely 2d537484d5 introduce variable 2020-03-14 19:16:29 +01:00
Horvath Gergely 3c8535c3bc check ansible version for self-building in every role 2020-03-08 19:17:10 +01:00
Horvath Gergely 6232a81caf check if target distro is Raspbian and install docker accordingly 2020-03-08 19:04:41 +01:00
Horvath Gergely 310aa685f9 refactor based on Slavi's requests 2020-03-08 00:24:00 +01:00
Horvath Gergely 610c98d6ab add riot-web support for raspberry pi 2020-02-21 18:51:56 +01:00
Horvath Gergely 40d0fea06c add mautrix-hangouts support for raspberry pi 2020-02-21 18:27:26 +01:00
Horvath Gergely f28c7b71d2 build mxisd for rapsberry pi 2020-02-21 18:08:24 +01:00
Horvath Gergely 8c1e00a6cd add mautrix-facebook support for raspberry pi 2020-02-21 07:56:28 +01:00
Horvath Gergely 7c4a86bc6b add coturn support for raspberry pi 2020-02-19 22:18:17 +01:00
Horvath Gergely a096eafb45 add possibility to install synapse on raspberry pi 2020-02-17 21:48:48 +01:00
Horvath Gergely 8a0c3146d3 Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy 2020-02-11 20:56:54 +01:00
dhose 320d512541 Fix for when if case evaluates to false 2020-01-24 19:46:58 +01:00
Dan Arnfield bc620895ca Install python3-docker if ansible is running python 3 2020-01-24 06:59:42 -06:00
Gergely Horváth 1c314fcf29 first version of raspbian docker setup 2020-01-13 13:38:21 +01:00
Gergely Horváth 05966c8cff make sure Raspbian is not handled the same as Debian 2020-01-13 12:52:28 +01:00
Aaron Raimist 2ea507e2ea
Don't make it Dimension specific 2019-12-09 22:23:56 -06:00
Aaron Raimist fe932273aa
Implement MSC1957: Integration manager discovery
https://github.com/matrix-org/matrix-doc/pull/1957

Yay Riot iOS now supports integration manager discovery!
2019-12-05 17:32:51 -06:00
Slavi Pantaleev 4cc6cdf6f3
Merge pull request #314 from aaronraimist/well-known-client-no-identity
Remove identity server section from .well-known/matrix/client if there is no identity server
2019-11-21 11:59:46 +02:00
Aaron Raimist 9ab68a3cb4
Remove identity server section from .well-known/matrix/client if there is no identity server
Riot used to be fine with it being blank but now it complains. This creates an ugly looking comma when there is an identity server configured but I guess that's fine.
2019-11-20 16:05:16 -06:00
Slavi Pantaleev f348370f15
Remove unnecessary update_cache directive / Debian
We've just updated it in the task above, so it's unnecessary
2019-11-19 09:22:41 +02:00