pub-solar/matrix-docker-ansible-deploy
5
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
matrix-docker-ansible-deploy/roles/matrix-synapse/tasks/synapse/setup_install.yml
Slavi Pantaleev 881fdd28f0 Add support for Synapse container image customization 
This allows people to augment the Synapse image with custom tools and
addons without having to rebuild it from scratch.

If customizations are enabled, the playbook will build a new
`localhost/matrixdotorg/synapse:VERSION-customized` image
on top of the default one (`FROM matrixdotorg/synapse:VERSION`)
and with custom Dockerfile build steps.

For servers that self-build the Synapse image, the Synapse image will be
built first, before proceding to extend it the same way.

In the future, we'll also have easy to enable Dockerfile build steps
for modules that the playbook supports.
2022-10-14 16:37:54 +03:00

151 lines
6.3 KiB
YAML
Raw Blame History

---
# This will throw a Permission Denied error if already mounted using fuse
- name: Check Synapse media store path
ansible.builtin.stat:
path: "{{ matrix_synapse_media_store_path }}"
register: local_path_media_store_stat
ignore_errors: true
# This is separate and conditional, to ensure we don't execute it
# if the path already exists or we failed to check, because it's mounted using fuse.
- name: Ensure Synapse media store path exists
ansible.builtin.file:
path: "{{ matrix_synapse_media_store_path }}"
state: directory
mode: 0750
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
when: "not local_path_media_store_stat.failed and not local_path_media_store_stat.stat.exists"
- when: "matrix_synapse_container_image_self_build | bool"
block:
- name: Ensure Synapse repository is present on self-build
ansible.builtin.git:
repo: "{{ matrix_synapse_container_image_self_build_repo }}"
dest: "{{ matrix_synapse_docker_src_files_path }}"
version: "{{ matrix_synapse_docker_image.split(':')[1] }}"
force: "yes"
become: true
become_user: "{{ matrix_user_username }}"
register: matrix_synapse_git_pull_results
- name: Check if Synapse Docker image exists
ansible.builtin.command: "{{ matrix_host_command_docker }} images --quiet --filter 'reference={{ matrix_synapse_docker_image }}'"
register: matrix_synapse_docker_image_check_result
changed_when: false
# Invoking the `docker build` command here, instead of calling the `docker_image` Ansible module,
# because the latter does not support BuildKit.
# See: https://github.com/ansible-collections/community.general/issues/514
- name: Ensure Synapse Docker image is built
ansible.builtin.shell:
chdir: "{{ matrix_synapse_docker_src_files_path }}"
cmd: |
{{ matrix_host_command_docker }} build \
-t "{{ matrix_synapse_docker_image }}" \
-f docker/Dockerfile \
.
environment:
DOCKER_BUILDKIT: 1
when: "matrix_synapse_git_pull_results.changed | bool or matrix_synapse_docker_image_check_result.stdout == ''"
- name: Ensure Synapse Docker image is pulled
docker_image:
name: "{{ matrix_synapse_docker_image }}"
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
force_source: "{{ matrix_synapse_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_synapse_docker_image_force_pull }}"
when: "not matrix_synapse_container_image_self_build"
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- when: "matrix_synapse_container_image_customizations_enabled | bool"
block:
- name: Ensure customizations Dockerfile is created
ansible.builtin.template:
src: "{{ role_path }}/templates/synapse/customizations/Dockerfile.j2"
dest: "{{ matrix_synapse_customized_docker_src_files_path }}/Dockerfile"
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
mode: 0640
- name: Ensure customized Docker image for Synapse is built
docker_image:
name: "{{ matrix_synapse_docker_image_customized }}"
source: build
build:
dockerfile: Dockerfile
path: "{{ matrix_synapse_customized_docker_src_files_path }}"
pull: true
- name: Check if a Synapse signing key exists
ansible.builtin.stat:
path: "{{ matrix_synapse_config_dir_path }}/{{ matrix_server_fqn_matrix }}.signing.key"
register: matrix_synapse_signing_key_stat
# We do this so that the signing key would get generated.
#
# This will also generate a default homeserver.yaml configuration file and a log configuration file.
# We don't care about those configuration files, as we replace them with our own anyway (see below).
#
# We don't use the `docker_container` module, because using it with `cap_drop` requires
# a very recent docker-py version, which is not available for a lot of people yet.
- name: Generate initial Synapse config and signing key
ansible.builtin.command: |
docker run
--rm
--name=matrix-config
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
--cap-drop=ALL
--mount type=bind,src={{ matrix_synapse_config_dir_path }},dst=/data
-e SYNAPSE_CONFIG_PATH=/data/homeserver.yaml
-e SYNAPSE_SERVER_NAME={{ matrix_server_fqn_matrix }}
-e SYNAPSE_REPORT_STATS=no
{{ matrix_synapse_docker_image }}
generate
when: "not matrix_synapse_signing_key_stat.stat.exists"
- name: Ensure Synapse homeserver config installed
ansible.builtin.copy:
content: "{{ matrix_synapse_configuration | to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_synapse_config_dir_path }}/homeserver.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
- name: Ensure Synapse log config installed
ansible.builtin.template:
src: "{{ matrix_synapse_template_synapse_log }}"
dest: "{{ matrix_synapse_config_dir_path }}/{{ matrix_server_fqn_matrix }}.log.config"
mode: 0644
- name: Ensure matrix-synapse.service installed
ansible.builtin.template:
src: "{{ role_path }}/templates/synapse/systemd/matrix-synapse.service.j2"
dest: "{{ matrix_systemd_path }}/matrix-synapse.service"
mode: 0644
register: matrix_synapse_systemd_service_result
- name: Ensure systemd reloaded after matrix-synapse.service installation
ansible.builtin.service:
daemon_reload: true
when: "matrix_synapse_systemd_service_result.changed"
- name: Ensure matrix-synapse-register-user script created
ansible.builtin.template:
src: "{{ role_path }}/templates/synapse/usr-local-bin/matrix-synapse-register-user.j2"
dest: "{{ matrix_local_bin_path }}/matrix-synapse-register-user"
mode: 0755
- name: Generate sample prometheus.yml for external scraping
ansible.builtin.template:
src: "{{ role_path }}/templates/synapse/prometheus/external_prometheus.yml.example.j2"
dest: "{{ matrix_synapse_base_path }}/external_prometheus.yml.example"
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
mode: 0644
when: matrix_synapse_metrics_proxying_enabled | bool
Reference in a new issue View git blame Copy permalink