Commit graph

20 commits

Author SHA1 Message Date
Slavi Pantaleev 6427397486 Do not hardcode sslmode=disable to Postgres connection strings - make it configurable
This is backward-compatible with what we had before. We're not changing
the SSL mode - just making it configurable.

Most components are defaulting to `sslmode=disable`, while some
(`matrix-bot-matrix-reminder-bot` and others) do not specify an `sslmode` at all.

We're making sslmode configurable, because certain external Postgres
servers may be configured to require SSL encryption.
In such cases `sslmode=disable` does not work and needs to be changed to
`sslmode=require` or something else (`verify-ca`, `verify-full`, etc).
2023-08-22 19:40:50 +03:00
Slavi Pantaleev ae2f67e15f Make maubot communicate with the homeserver via the container network
Supersedes https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2791
2023-07-26 15:27:58 +03:00
Shreyas Ajjarapu 418dd953ad
Updating maubot to the latest version 2023-04-07 11:44:17 -05:00
Slavi Pantaleev dddfee16bc Fix all 300+ ansible-lint-reported errors 2023-03-07 17:28:15 +02:00
Slavi Pantaleev 227d9d8209 Fix variable name typo 2023-03-01 23:14:40 +02:00
Aine a9a17d803e
Update maubot 0.3.1 -> 0.4.0 2023-01-29 18:12:26 +00:00
Aine d1b4a6ebe1
unify docker images urls 2023-01-14 15:26:58 +02:00
Slavi Pantaleev 2688e8bfc3 Optimize initial installation by not reloading systemd after each .service install
We expect `--tags=start` to handle systemd reloading, so we don't need
to do it manually each time we install/uninstall a .service file.
2022-11-27 10:02:45 +02:00
Slavi Pantaleev eedf5ad94d Remove some hardcoded matrix-postgres references 2022-11-27 08:23:43 +02:00
Slavi Pantaleev a04f6f4e3d Optimize uninstall tasks a bit
- forego removing Docker images - it's not effective anyway, because it
  only removes the last version.. which is a drop in the bucket, usually

- do not reload systemd - it's none of our business. `--tags=start`,
  etc., handle this

- combine all uninstall tasks under a single block, which only runs if
  we detect traces (a leftover systemd .service file) of the component.
  If no such .service is detected, we skip them all. This may lead to
  incorect cleanup in rare cases, but is good enough for the most part.
2022-11-25 17:28:57 +02:00
Slavi Pantaleev 61f67d8f0a Add install-* tags for quicker runs 2022-11-25 16:02:51 +02:00
Slavi Pantaleev 7c2a7a8eb6 Replace most import_tasks calls with include_tasks for improved performance 2022-11-24 11:33:45 +02:00
Slavi Pantaleev 735bacca89 Do not run matrix-nginx-proxy config injection tasks unless necessary
These `init.yml` (now `inject_into_nginx_proxy.yml`) tasks do not need
to `always` run. They only need to run for `setup-all` and
`setup-nginx-proxy`. Unless we're dealing with these 2 tags, we can
spare ourselves a lot of work.

This patch also moves the `when` statement from `init.yml` into
`main.yml` in an effort to further optimize things by potentially
avoiding the extra file include.
2022-11-23 15:52:58 +02:00
Slavi Pantaleev 0ea7cb5d18 Remove various init.yml files - initialize systemd services, etc., statically (not at runtime) 2022-11-23 11:45:46 +02:00
Slavi Pantaleev d3bd1ca024 matrix_*_retries_{count,delay} -> devture_playbook_help_*_retries_{count,delay} 2022-11-04 16:44:29 +02:00
Slavi Pantaleev 7086c0ebe3 matrix_host_command_sh -> devture_systemd_docker_base_host_command_sh (via com.devture.ansible.role.systemd_docker_base) 2022-11-04 16:40:25 +02:00
Slavi Pantaleev a9a81460ec matrix_host_command_docker -> devture_systemd_docker_base_host_command_docker (via com.devture.ansible.role.systemd_docker_base) 2022-11-04 16:39:35 +02:00
Slavi Pantaleev 835d2e9581 matrix_systemd_path -> devture_systemd_docker_base_systemd_path (via com.devture.ansible.role.systemd_docker_base) 2022-11-04 16:38:38 +02:00
Slavi Pantaleev f03f716989 matrix_systemd_unit_home_path -> devture_systemd_docker_base_systemd_unit_home_path (via com.devture.ansible.role.systemd_docker_base) 2022-11-04 16:37:47 +02:00
Slavi Pantaleev 410a915a8a Move roles/matrix* to roles/custom/matrix*
This paves the way for installing other roles into `roles/galaxy` using `ansible-galaxy`,
similar to how it's done in:

- https://github.com/spantaleev/gitea-docker-ansible-deploy
- https://github.com/spantaleev/nextcloud-docker-ansible-deploy

In the near future, we'll be removing a lot of the shared role code from here
and using upstream roles for it. Some of the core `matrix-*` roles have
already been extracted out into other reusable roles:

- https://github.com/devture/com.devture.ansible.role.postgres
- https://github.com/devture/com.devture.ansible.role.systemd_docker_base
- https://github.com/devture/com.devture.ansible.role.timesync
- https://github.com/devture/com.devture.ansible.role.vars_preserver
- https://github.com/devture/com.devture.ansible.role.playbook_runtime_messages
- https://github.com/devture/com.devture.ansible.role.playbook_help

We just need to migrate to those.
2022-11-03 09:11:29 +02:00