5825a0c919
* Add construct for cactus comments role * Adjust config files * Add docker self build to defaults * Adjust tasks * Fix smaller syntax errors * Fix env argument * Add tmp path to allow container writing there Background why I did this: https://docs.gunicorn.org/en/stable/settings.html#worker-tmp-dir * Change port back to 5000 as not configurable in container * Try to add appservice config file for synapse to use * Inject appservice file * Correct copied variable name * Comment out unused app service file injection would need mounting the appservice file to the synapse container i guess * Move role before synapse to be able to inject during runtime * Remove unused parts * Change default user id to mirror official docs * Add docs * Update roles/matrix-cactus-comments/tasks/setup_install.yml Co-authored-by: Slavi Pantaleev <slavi@devture.com> * Update roles/matrix-cactus-comments/templates/cactus_appservice.yaml.j2 Co-authored-by: Slavi Pantaleev <slavi@devture.com> * Generate secrets if necessary, adjust docs * Rename cactusbot userid * Shorten salt strings Co-authored-by: Slavi Pantaleev <slavi@devture.com> * Use tmpfs instead of persistent mount * Remove proxy option as it is nonsense * Add download and serving of cc-client files * Add documentation on client * Clarify docs a bit * Add nginx proxy to required services Signed-off-by: Julian-Samuel Gebühr <julian-samuel@gebuehr.net> * Use container address Signed-off-by: Julian-Samuel Gebühr <julian-samuel@gebuehr.net> * Correct comment of user id Signed-off-by: Julian-Samuel Gebühr <julian-samuel@gebuehr.net> * Use releases or local distributed client Signed-off-by: Julian-Samuel Gebühr <julian-samuel@gebuehr.net> * Move homeserver url to defaults Signed-off-by: Julian-Samuel Gebühr <julian-samuel@gebuehr.net> * Correct truth value Signed-off-by: Julian-Samuel Gebühr <julian-samuel@gebuehr.net> * Add documentation of variables Co-authored-by: Slavi Pantaleev <slavi@devture.com> * Tabs vs. spaces Co-authored-by: Slavi Pantaleev <slavi@devture.com> * Make nginx root configurable Signed-off-by: Julian-Samuel Gebühr <julian-samuel@gebuehr.net> * Complete ake nginx root configurable Signed-off-by: Julian-Samuel Gebühr <julian-samuel@gebuehr.net> * Fix file permission Signed-off-by: Julian-Samuel Gebühr <julian-samuel@gebuehr.net> * Fix lint errors Signed-off-by: Julian-Samuel Gebühr <julian-samuel@gebuehr.net> Signed-off-by: Julian-Samuel Gebühr <julian-samuel@gebuehr.net> Co-authored-by: Slavi Pantaleev <slavi@devture.com>
68 lines
3 KiB
YAML
68 lines
3 KiB
YAML
---
|
|
|
|
- ansible.builtin.set_fact:
|
|
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-cactus-comments.service'] }}"
|
|
when: matrix_cactus_comments_enabled | bool
|
|
|
|
# If the matrix-synapse role is not used, these variables may not exist.
|
|
- ansible.builtin.set_fact:
|
|
matrix_homeserver_container_runtime_injected_arguments: >
|
|
{{
|
|
matrix_homeserver_container_runtime_injected_arguments | default([])
|
|
+
|
|
["--mount type=bind,src={{ matrix_cactus_comments_app_service_config_file }},dst=/matrix-cactus-comments.yaml,ro"]
|
|
}}
|
|
|
|
matrix_homeserver_app_service_runtime_injected_config_files: >
|
|
{{
|
|
matrix_homeserver_app_service_runtime_injected_config_files | default([])
|
|
+
|
|
["/matrix-cactus-comments.yaml"]
|
|
}}
|
|
when: matrix_cactus_comments_enabled | bool
|
|
|
|
- block:
|
|
- name: Fail if matrix-nginx-proxy role already executed
|
|
ansible.builtin.fail:
|
|
msg: >-
|
|
Trying to append Cactus Comment's reverse-proxying configuration to matrix-nginx-proxy,
|
|
but it's pointless since the matrix-nginx-proxy role had already executed.
|
|
To fix this, please change the order of roles in your playbook,
|
|
so that the matrix-nginx-proxy role would run after the matrix-cactus-comments role.
|
|
when: matrix_nginx_proxy_role_executed | default(False) | bool
|
|
|
|
- name: Mount volume
|
|
ansible.builtin.set_fact:
|
|
matrix_nginx_proxy_container_additional_volumes: >
|
|
{{
|
|
matrix_nginx_proxy_container_additional_volumes | default([])
|
|
+
|
|
[{"src": "{{ matrix_cactus_comments_client_path }}", "dst": "/cactus-comments/cactus-comments", "options": "ro"}]
|
|
}}
|
|
- name: Generate Cactus Comment proxying configuration for matrix-nginx-proxy
|
|
ansible.builtin.set_fact:
|
|
matrix_cactus_comments_nginx_proxy_configuration: |
|
|
location {{ matrix_cactus_comments_client_endpoint }} {
|
|
root {{ matrix_cactus_comments_client_nginx_path }};
|
|
}
|
|
when: "matrix_nginx_proxy_enabled | default(False) | bool"
|
|
- name: Register Cactus Comment proxying configuration with matrix-nginx-proxy
|
|
ansible.builtin.set_fact:
|
|
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
|
|
{{
|
|
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([])
|
|
+
|
|
[matrix_cactus_comments_nginx_proxy_configuration]
|
|
}}
|
|
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
|
ansible.builtin.debug:
|
|
msg: >-
|
|
NOTE: You've enabled Cactus Comments but are not using the matrix-nginx-proxy
|
|
reverse proxy.
|
|
Please make sure that you're proxying client files in {{ matrix_cactus_comments_client_path }} correctly
|
|
when: "not matrix_nginx_proxy_enabled | default(False) | bool"
|
|
|
|
tags:
|
|
- always
|
|
when: matrix_cactus_comments_enabled | bool and matrix_cactus_comments_serve_client_enabled | bool
|