pub-solar/matrix-docker-ansible-deploy
5
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
matrix-docker-ansible-deploy/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml
Jim Myhrberg eeca3c8dca
fix: avoid yaml being wrapped at column 80 via to_nice_yaml 
The `to_nice_yaml` helper will by default wrap any string YAML values on
the first space after column 80. This can in worst case yield invalid
YAML syntax. More details in Ansible's documentation here:

https://docs.ansible.com/ansible/latest/user_guide/playbooks_filters.html#formatting-data-yaml-and-json

In short, you need to explicitly provide a custom width argument of a
high number of some kind to avoid the line wrapping.
2022-03-16 01:10:26 +00:00

197 lines
8.2 KiB
YAML
Raw Blame History

---
- import_tasks: "{{ role_path }}/../matrix-base/tasks/util/ensure_openssl_installed.yml"
- name: Ensure Appservice IRC paths exist
file:
path: "{{ item.path }}"
state: directory
mode: 0750
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- {path: "{{ matrix_appservice_irc_base_path }}", when: true}
- {path: "{{ matrix_appservice_irc_config_path }}", when: true}
- {path: "{{ matrix_appservice_irc_data_path }}", when: true}
- {path: "{{ matrix_appservice_irc_docker_src_files_path }}", when: "{{ matrix_appservice_irc_container_image_self_build }}"}
when: item.when|bool
- name: Check if an old passkey file already exists
stat:
path: "{{ matrix_appservice_irc_base_path }}/passkey.pem"
register: matrix_appservice_irc_stat_passkey
- block:
- name: (Data relocation) Ensure matrix-appservice-irc.service is stopped
service:
name: matrix-appservice-irc
state: stopped
daemon_reload: true
failed_when: false
- name: (Data relocation) Move AppService IRC passkey.pem file to ./data directory
command: "mv {{ matrix_appservice_irc_base_path }}/passkey.pem {{ matrix_appservice_irc_data_path }}/passkey.pem"
- name: (Data relocation) Move AppService IRC database files to ./data directory
command: "mv {{ matrix_appservice_irc_base_path }}/{{ item }} {{ matrix_appservice_irc_data_path }}/{{ item }}"
with_items:
- rooms.db
- users.db
failed_when: false
when: "matrix_appservice_irc_stat_passkey.stat.exists"
- set_fact:
matrix_appservice_irc_requires_restart: false
- block:
- name: Check if a nedb database already exists
stat:
path: "{{ matrix_appservice_irc_data_path }}/users.db"
register: matrix_appservice_irc_nedb_database_path_local_stat_result
- block:
- import_tasks: "{{ role_path }}/tasks/migrate_nedb_to_postgres.yml"
- set_fact:
matrix_appservice_irc_requires_restart: true
when: "matrix_appservice_irc_nedb_database_path_local_stat_result.stat.exists|bool"
when: "matrix_appservice_irc_database_engine == 'postgres'"
- name: Ensure Appservice IRC image is pulled
docker_image:
name: "{{ matrix_appservice_irc_docker_image }}"
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
force_source: "{{ matrix_appservice_irc_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_irc_docker_image_force_pull }}"
when: "matrix_appservice_irc_enabled|bool and not matrix_appservice_irc_container_image_self_build|bool"
- name: Ensure matrix-appservice-irc repository is present when self-building
git:
repo: "{{ matrix_appservice_irc_docker_repo }}"
dest: "{{ matrix_appservice_irc_docker_src_files_path }}"
force: "yes"
register: matrix_appservice_irc_git_pull_results
when: "matrix_appservice_irc_enabled|bool and matrix_appservice_irc_container_image_self_build|bool"
- name: Ensure matrix-appservice-irc Docker image is built
docker_image:
name: "{{ matrix_appservice_irc_docker_image }}"
source: build
force_source: "{{ matrix_appservice_irc_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_irc_git_pull_results.changed }}"
build:
dockerfile: Dockerfile
path: "{{ matrix_appservice_irc_docker_src_files_path }}"
pull: true
when: "matrix_appservice_irc_enabled|bool and matrix_appservice_irc_container_image_self_build|bool and matrix_appservice_irc_git_pull_results.changed"
- name: Ensure Matrix Appservice IRC config installed
copy:
content: "{{ matrix_appservice_irc_configuration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_appservice_irc_config_path }}/config.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
- name: Check if Appservice IRC passkey exists
stat:
path: "{{ matrix_appservice_irc_data_path }}/passkey.pem"
register: irc_passkey_file
- name: Generate Appservice IRC passkey if it doesn't exist
shell: "{{ matrix_host_command_openssl }} genpkey -out {{ matrix_appservice_irc_data_path }}/passkey.pem -outform PEM -algorithm RSA -pkeyopt rsa_keygen_bits:2048"
become: true
become_user: "{{ matrix_user_username }}"
when: "not irc_passkey_file.stat.exists"
# In the past, we used to generate the passkey.pem file with root, so permissions may not be okay.
# Fix it.
- name: (Migration) Ensure Appservice IRC passkey permissions are okay
file:
path: "{{ matrix_appservice_irc_data_path }}/passkey.pem"
mode: 0644
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
# Ideally, we'd like to generate the final registration.yaml file by ourselves.
#
# However, the IRC bridge supports multiple servers, which leads to multiple
# users/aliases/rooms rules in the registration file.
#
# Generating a proper file by ourselves is complicated and may lead to deviation
# from what the bridge is doing.
#
# Instead, we do another hacky thing - asking the bridge to generate a template,
# and then we parse it and fix it up with our own AS/HS token.
# We need to do this, because:
# - we'd like to have an up-to-date registration file
# - we can achieve this by asking the bridge to rebuild it each time
# - however, the bridge insists on regenerating all tokens each time
# - .. which is not friendly for integrating with the homeserver
#
# So we have a hybrid approach. We ask the bridge to always generate
# an up-to-date file, and we fix it up with some static values later on,
# to produce a final registration.yaml file, as we desire.
- name: Generate Appservice IRC registration-template.yaml
shell: >-
{{ matrix_host_command_docker }} run --rm --name matrix-appservice-irc-gen
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
--cap-drop=ALL
-v {{ matrix_appservice_irc_config_path }}:/config:z
-v {{ matrix_appservice_irc_data_path }}:/data:z
--entrypoint=/bin/bash
{{ matrix_appservice_irc_docker_image }}
-c
'node app.js
-r
-f /config/registration-template.yaml
-u "http://matrix-appservice-irc:9999"
-c /config/config.yaml
-l irc_bot'
changed_when: false
- name: Read Appservice IRC registration-template.yaml
slurp:
src: "{{ matrix_appservice_irc_config_path }}/registration-template.yaml"
register: matrix_appservice_irc_registration_template_slurp
- name: Remove unnecessary Appservice IRC registration-template.yaml
file:
path: "{{ matrix_appservice_irc_config_path }}/registration-template.yaml"
state: absent
changed_when: false
- name: Parse registration-template.yaml
set_fact:
matrix_appservice_irc_registration_template: "{{ matrix_appservice_irc_registration_template_slurp['content'] | b64decode | from_yaml }}"
- name: Combine registration-template.yaml and own registration override config
set_fact:
matrix_appservice_irc_registration: "{{ matrix_appservice_irc_registration_template|combine(matrix_appservice_irc_registration_override, recursive=True) }}"
- name: Ensure Appservice IRC registration.yaml installed
copy:
content: "{{ matrix_appservice_irc_registration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_appservice_irc_config_path }}/registration.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
- name: Ensure matrix-appservice-irc.service installed
template:
src: "{{ role_path }}/templates/systemd/matrix-appservice-irc.service.j2"
dest: "{{ matrix_systemd_path }}/matrix-appservice-irc.service"
mode: 0644
register: matrix_appservice_irc_systemd_service_result
- name: Ensure systemd reloaded after matrix-appservice-irc.service installation
service:
daemon_reload: true
when: "matrix_appservice_irc_systemd_service_result.changed"
- name: Ensure matrix-appservice-irc.service restarted, if necessary
service:
name: "matrix-appservice-irc.service"
state: restarted
when: "matrix_appservice_irc_requires_restart|bool"
Reference in a new issue View git blame Copy permalink