pub-solar/matrix-docker-ansible-deploy
5
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
matrix-docker-ansible-deploy/roles/matrix-synapse/tasks/synapse/setup_install.yml
Slavi Pantaleev 5eed874199 Improve self-building experience (avoid conflict with pullable images) 
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/716

This patch makes us use more fully-qualified container image names
(either prefixed with docker.io/ or with localhost/).

The latter happens when self-building is enabled.

We've recently had issues where if an image was removed manually
and the service was restarted (making `docker run` fetch it from Docker Hub, etc.),
we'd end up with a pulled image, even though we're aiming for a self-built one.
Re-running the playbook would then not do a rebuild, because:
- the image with that name already exists (even though it's something
else)
- we sometimes had conditional logic where we'd build only if the git
repo changed

By explicitly changing the name of the images (prefixing with localhost/),
we avoid such confusion and the possibility that we'd automatically pul something
which is not what we expect.

Also, I've removed that condition where building would happen on git
changes only. We now always build (unless an image with that name
already exists). We just force-build when the git repo changes.
2020-11-14 23:00:49 +02:00

109 lines
4.2 KiB
YAML
Raw Blame History

---
# This will throw a Permission Denied error if already mounted using fuse
- name: Check Synapse media store path
stat:
path: "{{ matrix_synapse_media_store_path }}"
register: local_path_media_store_stat
ignore_errors: yes
# This is separate and conditional, to ensure we don't execute it
# if the path already exists or we failed to check, because it's mounted using fuse.
- name: Ensure Synapse media store path exists
file:
path: "{{ matrix_synapse_media_store_path }}"
state: directory
mode: 0750
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
when: "not local_path_media_store_stat.failed and not local_path_media_store_stat.stat.exists"
- name: Ensure Synapse repository is present on self-build
git:
repo: https://github.com/matrix-org/synapse.git
dest: "{{ matrix_synapse_docker_src_files_path }}"
version: "{{ matrix_synapse_docker_image.split(':')[1] }}"
force: "yes"
register: matrix_synapse_git_pull_results
when: "matrix_synapse_container_image_self_build|bool"
- name: Ensure Synapse Docker image is built
docker_image:
name: "{{ matrix_synapse_docker_image }}"
source: build
force_source: "{{ matrix_synapse_git_pull_results.changed }}"
build:
dockerfile: docker/Dockerfile
path: "{{ matrix_synapse_docker_src_files_path }}"
pull: yes
when: "matrix_synapse_container_image_self_build|bool"
- name: Ensure Synapse Docker image is pulled
docker_image:
name: "{{ matrix_synapse_docker_image }}"
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
force_source: "{{ matrix_synapse_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_synapse_docker_image_force_pull }}"
when: "not matrix_synapse_container_image_self_build"
- name: Check if a Synapse signing key exists
stat:
path: "{{ matrix_synapse_config_dir_path }}/{{ matrix_server_fqn_matrix }}.signing.key"
register: matrix_synapse_signing_key_stat
# We do this so that the signing key would get generated.
#
# This will also generate a default homeserver.yaml configuration file and a log configuration file.
# We don't care about those configuraiton files, as we replace them with our own anyway (see below).
#
# We don't use the `docker_container` module, because using it with `cap_drop` requires
# a very recent version, which is not available for a lot of people yet.
- name: Generate initial Synapse config and signing key
command: |
docker run
--rm
--name=matrix-config
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
--cap-drop=ALL
-v {{ matrix_synapse_config_dir_path }}:/data
-e UID={{ matrix_user_uid }}
-e GID={{ matrix_user_gid }}
-e SYNAPSE_CONFIG_PATH=/data/homeserver.yaml
-e SYNAPSE_SERVER_NAME={{ matrix_server_fqn_matrix }}
-e SYNAPSE_REPORT_STATS=no
{{ matrix_synapse_docker_image }}
generate
when: "not matrix_synapse_signing_key_stat.stat.exists"
- name: Ensure Synapse homeserver config installed
copy:
content: "{{ matrix_synapse_configuration|to_nice_yaml }}"
dest: "{{ matrix_synapse_config_dir_path }}/homeserver.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
- name: Ensure Synapse log config installed
template:
src: "{{ matrix_synapse_template_synapse_log }}"
dest: "{{ matrix_synapse_config_dir_path }}/{{ matrix_server_fqn_matrix }}.log.config"
mode: 0644
- name: Ensure matrix-synapse.service installed
template:
src: "{{ role_path }}/templates/synapse/systemd/matrix-synapse.service.j2"
dest: "{{ matrix_systemd_path }}/matrix-synapse.service"
mode: 0644
register: matrix_synapse_systemd_service_result
- name: Ensure systemd reloaded after matrix-synapse.service installation
service:
daemon_reload: yes
when: "matrix_synapse_systemd_service_result.changed"
- name: Ensure matrix-synapse-register-user script created
template:
src: "{{ role_path }}/templates/synapse/usr-local-bin/matrix-synapse-register-user.j2"
dest: "{{ matrix_local_bin_path }}/matrix-synapse-register-user"
mode: 0750
Reference in a new issue View git blame Copy permalink