51312b8250
As suggested in #63 (Github issue), splitting the playbook's logic into multiple roles will be beneficial for maintainability. This patch realizes this split. Still, some components affect others, so the roles are not really independent of one another. For example: - disabling mxisd (`matrix_mxisd_enabled: false`), causes Synapse and riot-web to reconfigure themselves with other (public) Identity servers. - enabling matrix-corporal (`matrix_corporal_enabled: true`) affects how reverse-proxying (by `matrix-nginx-proxy`) is done, in order to put matrix-corporal's gateway server in front of Synapse We may be able to move away from such dependencies in the future, at the expense of a more complicated manual configuration, but it's probably not worth sacrificing the convenience we have now. As part of this work, the way we do "start components" has been redone now to use a loop, as suggested in #65 (Github issue). This should make restarting faster and more reliable.
66 lines
3.2 KiB
YAML
66 lines
3.2 KiB
YAML
---
|
|
|
|
- set_fact:
|
|
well_known_url_matrix: "https://{{ hostname_matrix }}/.well-known/matrix/client"
|
|
well_known_url_identity: "https://{{ hostname_identity }}/.well-known/matrix/client"
|
|
|
|
# These well-known files may be served without a `Content-Type: application/json` header,
|
|
# so we can't rely on the uri module's automatic parsing of JSON.
|
|
- name: Check .well-known on the matrix hostname
|
|
uri:
|
|
url: "{{ well_known_url_matrix }}"
|
|
follow_redirects: false
|
|
return_content: true
|
|
register: result_well_known_matrix
|
|
ignore_errors: true
|
|
|
|
- name: Fail if .well-known not working on the matrix hostname
|
|
fail:
|
|
msg: "Failed checking that well-known is configured at `{{ hostname_matrix }}` (checked endpoint: `{{ well_known_url_matrix }}`). Is port 443 open in your firewall? Full error: {{ result_well_known_matrix }}"
|
|
when: "result_well_known_matrix.failed"
|
|
|
|
- name: Parse JSON for well-known payload at the matrix hostname
|
|
set_fact:
|
|
well_known_matrix_payload: "{{ result_well_known_matrix.content|from_json }}"
|
|
|
|
- name: Fail if .well-known not CORS-aware on the matrix hostname
|
|
fail:
|
|
msg: "Well-known serving for `{{ hostname_matrix }}` (checked endpoint: `{{ well_known_url_matrix }}`) is not CORS-aware. The file needs to be served with an Access-Control-Allow-Origin header set."
|
|
when: "'access_control_allow_origin' not in result_well_known_matrix"
|
|
|
|
- name: Report working .well-known on the matrix hostname
|
|
debug:
|
|
msg: "well-known is configured correctly for `{{ hostname_matrix }}` (checked endpoint: `{{ well_known_url_matrix }}`)"
|
|
|
|
- name: Check .well-known on the identity hostname
|
|
uri:
|
|
url: "{{ well_known_url_identity }}"
|
|
follow_redirects: false
|
|
return_content: true
|
|
register: result_well_known_identity
|
|
ignore_errors: true
|
|
|
|
- name: Fail if .well-known not working on the identity hostname
|
|
fail:
|
|
msg: "Failed checking that well-known is configured at `{{ hostname_identity }}` (checked endpoint: `{{ well_known_url_identity }}`). Is port 443 open in your firewall? Full error: {{ result_well_known_identity }}"
|
|
when: "result_well_known_identity.failed"
|
|
|
|
- name: Parse JSON for well-known payload at the identity hostname
|
|
set_fact:
|
|
well_known_identity_payload: "{{ result_well_known_identity.content|from_json }}"
|
|
|
|
- name: Fail if .well-known not CORS-aware on the identity hostname
|
|
fail:
|
|
msg: "Well-known serving for `{{ hostname_identity }}` (checked endpoint: `{{ well_known_url_identity }}`) is not CORS-aware. The file needs to be served with an Access-Control-Allow-Origin header set. See docs/configuring-well-known.md"
|
|
when: "'access_control_allow_origin' not in result_well_known_identity"
|
|
|
|
# For people who manually copy the well-known file, try to detect if it's outdated
|
|
- name: Fail if well-known is different on matrix hostname and identity hostname
|
|
fail:
|
|
msg: "The well-known files at `{{ hostname_matrix }}` and `{{ hostname_identity }}` are different. Perhaps you copied the file manually before and now it's outdated?"
|
|
when: "well_known_matrix_payload != well_known_identity_payload"
|
|
|
|
- name: Report working .well-known on the identity hostname
|
|
debug:
|
|
msg: "well-known is configured correctly for `{{ hostname_identity }}` (checked endpoint: `{{ well_known_url_identity }}`)"
|