From f57aed8e015593d084518c1dbe27f6f4bd9457de Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Mon, 20 Jun 2022 21:32:03 +0200 Subject: [PATCH 001/562] Add a setting to make nginx forward node_exporter and postgres_exporter --- .../templates/nginx/conf.d/matrix-domain.conf.j2 | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 index 4abcd40a..8d17d64c 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 @@ -45,6 +45,19 @@ {{ render_nginx_status_location_block(matrix_nginx_proxy_proxy_matrix_nginx_status_allowed_addresses) }} {% endif %} + {% if matrix_nginx_proxy_node_exporter_reverse_enabled %} + location /node-exporter/ { + resolver 127.0.0.11 valid=5s; + proxy_pass http://matrix-prometheus-node-exporter:9100/; + } + {% endif %} + {% if matrix_nginx_proxy_postgres_exporter_reverse_enabled %} + location /postgres-exporter/ { + resolver 127.0.0.11 valid=5s; + proxy_pass http://matrix-prometheus-postgres-exporter:9187/; + } + {% endif %} + {% if matrix_nginx_proxy_proxy_matrix_corporal_api_enabled %} location ^~ /_matrix/corporal { {% if matrix_nginx_proxy_enabled %} From d24cb7db6f9ed357ae4653174eccb9b44e0ace84 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Thu, 23 Jun 2022 20:24:52 +0200 Subject: [PATCH 002/562] Initial maubot commit --- group_vars/matrix_servers | 27 ++++ roles/matrix-maubot/defaults/main.yml | 32 +++++ roles/matrix-maubot/tasks/init.yml | 5 + roles/matrix-maubot/tasks/main.yml | 23 ++++ roles/matrix-maubot/tasks/setup_install.yml | 73 ++++++++++ roles/matrix-maubot/tasks/setup_uninstall.yml | 36 +++++ roles/matrix-maubot/tasks/validate_config.yml | 11 ++ .../templates/config/config.yaml.j2 | 127 ++++++++++++++++++ .../systemd/matrix-maubot.service.j2 | 36 +++++ setup.yml | 1 + 10 files changed, 371 insertions(+) create mode 100644 roles/matrix-maubot/defaults/main.yml create mode 100644 roles/matrix-maubot/tasks/init.yml create mode 100644 roles/matrix-maubot/tasks/main.yml create mode 100644 roles/matrix-maubot/tasks/setup_install.yml create mode 100644 roles/matrix-maubot/tasks/setup_uninstall.yml create mode 100644 roles/matrix-maubot/tasks/validate_config.yml create mode 100644 roles/matrix-maubot/templates/config/config.yaml.j2 create mode 100644 roles/matrix-maubot/templates/systemd/matrix-maubot.service.j2 diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index f727da55..4bfcaee5 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1053,6 +1053,33 @@ matrix_bot_matrix_registration_bot_systemd_required_services_list: | # ###################################################################### +###################################################################### +# +# matrix-maubot +# +###################################################################### + +# We don't enable bots by default. +matrix_maubot_enabled: false + +matrix_maubot_container_image_self_build: "{{ matrix_architecture not in ['amd64'] }}" + +matrix_maubot_systemd_required_services_list: | + {{ + ['docker.service'] + + + ['matrix-' + matrix_homeserver_implementation + '.service'] + + + (['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else []) + }} + + +###################################################################### +# +# /matrix-maubot +# +###################################################################### + ###################################################################### # diff --git a/roles/matrix-maubot/defaults/main.yml b/roles/matrix-maubot/defaults/main.yml new file mode 100644 index 00000000..63603c50 --- /dev/null +++ b/roles/matrix-maubot/defaults/main.yml @@ -0,0 +1,32 @@ +--- + +matrix_maubot_enabled: true +matrix_maubot_container_image_self_build: false +matrix_maubot_docker_repo: "https://mau.dev/maubot/maubot.git" +matrix_maubot_docker_src_files_path: "{{ matrix_maubot_base_path }}/docker-src" + +matrix_maubot_version: latest +matrix_maubot_docker_image: "dock.mau.dev/maubot/maubot:{{ matrix_maubot_version }}" +matrix_maubot_docker_image_force_pull: "{{ matrix_maubot_docker_image.endswith(':latest') }}" + +matrix_maubot_base_path: "{{ matrix_base_data_path }}/maubot" +matrix_maubot_data_path: "{{ matrix_maubot_base_path }}/data" + +matrix_maubot_bot_server: "https://{{ matrix_server_fqn_matrix }}" + + + +matrix_maubot_logging_level: info +matrix_maubot_secret: '' +matrix_maubot_admin_user: '' +matrix_maubot_admin_password: '' +matrix_mau_environment_variables_extension: '' + +# A list of extra arguments to pass to the container +matrix_maubot_container_extra_arguments: [] + +# List of systemd services that matrix-bot-matrix-registration-bot.service depends on +matrix_maubot_systemd_required_services_list: ['docker.service'] + +# List of systemd services that matrix-bot-matrix-registration-bot.service wants +matrix_maubot_systemd_wanted_services_list: [] diff --git a/roles/matrix-maubot/tasks/init.yml b/roles/matrix-maubot/tasks/init.yml new file mode 100644 index 00000000..3b62fbf3 --- /dev/null +++ b/roles/matrix-maubot/tasks/init.yml @@ -0,0 +1,5 @@ +--- + +- set_fact: + matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-maubot.service'] }}" + when: matrix_maubot_enabled|bool diff --git a/roles/matrix-maubot/tasks/main.yml b/roles/matrix-maubot/tasks/main.yml new file mode 100644 index 00000000..dbca98c3 --- /dev/null +++ b/roles/matrix-maubot/tasks/main.yml @@ -0,0 +1,23 @@ +--- + +- import_tasks: "{{ role_path }}/tasks/init.yml" + tags: + - always + +- import_tasks: "{{ role_path }}/tasks/validate_config.yml" + when: "run_setup|bool and matrix_maubot_enabled|bool" + tags: + - setup-all + - setup-maubot + +- import_tasks: "{{ role_path }}/tasks/setup_install.yml" + when: "run_setup|bool and matrix_maubot_enabled|bool" + tags: + - setup-all + - setup-maubot + +- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" + when: "run_setup|bool and not matrix_maubot_enabled|bool" + tags: + - setup-all + - setup-maubot diff --git a/roles/matrix-maubot/tasks/setup_install.yml b/roles/matrix-maubot/tasks/setup_install.yml new file mode 100644 index 00000000..5d701946 --- /dev/null +++ b/roles/matrix-maubot/tasks/setup_install.yml @@ -0,0 +1,73 @@ +--- + +- name: Ensure maubot paths exist + file: + path: "{{ item.path }}" + state: directory + mode: 0750 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + with_items: + - {path: "{{ matrix_maubot_base_path }}", when: true} + - - {path: "{{ matrix_maubot_data_path }}", when: true} + - {path: "{{ matrix_maubot_docker_src_files_path }}", when: true} + when: "item.when|bool" + +- name: Ensure maubot configuration file created + template: + src: "{{ role_path }}/templates/config/config.yaml.j2" + dest: "{{ matrix_maubot_base_path }}/config.yaml" + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + mode: 0640 + +- name: Ensure maubot image is pulled + docker_image: + name: "{{ matrix_maubot_docker_image }}" + source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" + force_source: "{{ matrix_maubot_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_maubot_docker_image_force_pull }}" + when: "not matrix_maubot_container_image_self_build|bool" + register: result + retries: "{{ matrix_container_retries_count }}" + delay: "{{ matrix_container_retries_delay }}" + until: result is not failed + +- name: Ensure maubot repository is present on self-build + git: + repo: "{{ matrix_maubot_docker_repo }}" + dest: "{{ matrix_maubot_docker_src_files_path }}" + force: "yes" + become: true + become_user: "{{ matrix_user_username }}" + register: matrix_maubot_git_pull_results + when: "matrix_maubot_container_image_self_build|bool" + +- name: Ensure maubot image is built + docker_image: + name: "{{ matrix_maubot_docker_image }}" + source: build + force_source: "{{ matrix_maubot_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mailer_git_pull_results.changed }}" + build: + dockerfile: Dockerfile + path: "{{ matrix_maubot_docker_src_files_path }}" + pull: true + when: "matrix_maubot_container_image_self_build|bool" + +- name: Ensure matrix-maubot.service installed + template: + src: "{{ role_path }}/templates/systemd/matrix-maubot.service.j2" + dest: "{{ matrix_systemd_path }}/matrix-maubot.service" + mode: 0644 + register: matrix_maubot_systemd_service_result + +- name: Ensure systemd reloaded after matrix-maubot.service installation + service: + daemon_reload: true + when: "matrix_maubot_systemd_service_result.changed|bool" + +- name: Ensure matrix-maubot.service restarted, if necessary + service: + name: "matrix-maubot.service" + state: restarted diff --git a/roles/matrix-maubot/tasks/setup_uninstall.yml b/roles/matrix-maubot/tasks/setup_uninstall.yml new file mode 100644 index 00000000..1765eb03 --- /dev/null +++ b/roles/matrix-maubot/tasks/setup_uninstall.yml @@ -0,0 +1,36 @@ +--- + +- name: Check existence of matrix-maubot service + stat: + path: "{{ matrix_systemd_path }}/matrix-maubot.service" + register: matrix_maubot_service_stat + +- name: Ensure matrix-maubot is stopped + service: + name: matrix-maubot + state: stopped + enabled: false + daemon_reload: true + register: stopping_result + when: "matrix_maubot_service_stat.stat.exists|bool" + +- name: Ensure matrix-maubot.service doesn't exist + file: + path: "{{ matrix_systemd_path }}/matrix-maubot.service" + state: absent + when: "matrix_maubot_service_stat.stat.exists|bool" + +- name: Ensure systemd reloaded after matrix-maubot.service removal + service: + daemon_reload: true + when: "matrix_maubot_service_stat.stat.exists|bool" + +- name: Ensure Matrix maubot paths don't exist + file: + path: "{{ matrix_maubot_base_path }}" + state: absent + +- name: Ensure maubot Docker image doesn't exist + docker_image: + name: "{{ matrix_maubot_docker_image }}" + state: absent diff --git a/roles/matrix-maubot/tasks/validate_config.yml b/roles/matrix-maubot/tasks/validate_config.yml new file mode 100644 index 00000000..e23dc10c --- /dev/null +++ b/roles/matrix-maubot/tasks/validate_config.yml @@ -0,0 +1,11 @@ +--- + +- name: Fail if required settings not defined + fail: + msg: >- + You need to define a required configuration setting (`{{ item }}`). + when: "vars[item] == ''" + with_items: + - matrix_maubot_secret + - matrix_maubot_admin_user + - matrix_maubot_admin_password diff --git a/roles/matrix-maubot/templates/config/config.yaml.j2 b/roles/matrix-maubot/templates/config/config.yaml.j2 new file mode 100644 index 00000000..9f72cfc0 --- /dev/null +++ b/roles/matrix-maubot/templates/config/config.yaml.j2 @@ -0,0 +1,127 @@ +# The full URI to the database. SQLite and Postgres are fully supported. +# Other DBMSes supported by SQLAlchemy may or may not work. +# Format examples: +# SQLite: sqlite:///filename.db +# Postgres: postgresql://username:password@hostname/dbname +database: sqlite:////data/maubot.db + +# Separate database URL for the crypto database. "default" means use the same database as above. +crypto_database: default + +# Additional arguments for asyncpg.create_pool() or sqlite3.connect() +# https://magicstack.github.io/asyncpg/current/api/index.html#asyncpg.pool.create_pool +# https://docs.python.org/3/library/sqlite3.html#sqlite3.connect +# For sqlite, min_size is used as the connection thread pool size and max_size is ignored. +database_opts: + min_size: 1 + max_size: 10 +plugin_directories: + # The directory where uploaded new plugins should be stored. + upload: /data/plugins + # The directories from which plugins should be loaded. + # Duplicate plugin IDs will be moved to the trash. + load: + - /data/plugins + trash: /data/trash + +# Configuration for storing plugin databases +plugin_databases: + # The directory where SQLite plugin databases should be stored. + sqlite: /data/dbs + # The connection URL for plugin databases. If null, all plugins will get SQLite databases. + # If set, plugins using the new asyncpg interface will get a Postgres connection instead. + # Plugins using the legacy SQLAlchemy interface will always get a SQLite connection. + # + # To use the same connection pool as the default database, set to "default" + # (the default database above must be postgres to do this). + # + # When enabled, maubot will create separate Postgres schemas in the database for each plugin. + # To view schemas in psql, use `\dn`. To view enter and interact with a specific schema, + # use `SET search_path = name` (where `name` is the name found with `\dn`) and then use normal + # SQL queries/psql commands. + postgres: + # Maximum number of connections per plugin instance. + postgres_max_conns_per_plugin: 3 + # Overrides for the default database_opts when using a non-"default" postgres connection string. + postgres_opts: {} + +server: + # The IP and port to listen to. + hostname: 0.0.0.0 + port: 29316 + # Public base URL where the server is visible. + public_url: {{ matrix_maubot_bot_server }} + # The base management API path. + base_path: /_matrix/maubot/v1 + # The base path for the UI. + ui_base_path: /_matrix/maubot + # The base path for plugin endpoints. The instance ID will be appended directly. + plugin_base_path: /_matrix/maubot/plugin/ + # Override path from where to load UI resources. + # Set to false to using pkg_resources to find the path. + override_resource_path: /opt/maubot/frontend + # The base appservice API path. Use / for legacy appservice API and /_matrix/app/v1 for v1. + appservice_base_path: /_matrix/app/v1 + # The shared secret to sign API access tokens. + # Set to "generate" to generate and save a new token at startup. + unshared_secret: {{ matrix_maubot_secret }} + +# Known homeservers. This is required for the `mbc auth` command and also allows +# more convenient access from the management UI. This is not required to create +# clients in the management UI, since you can also just type the homeserver URL +# into the box there. +homeservers: + {{ matrix_domain }}: + # Client-server API URL + url: {{ matrix_maubot_bot_server }} + # registration_shared_secret from synapse config + # You can leave this empty if you don't have access to the homeserver. + # When this is empty, `mbc auth --register` won't work, but `mbc auth` (login) will. + secret: {{ matrix_registration_shared_secret }} +admins: + root: '' + {{ matrix_maubot_admin_user }}: {{ matrix_maubot_admin_password }} +api_features: + login: true + plugin: true + plugin_upload: true + instance: true + instance_database: true + client: true + client_proxy: true + client_auth: true + dev_open: true + log: true + +# Python logging configuration. +# +# See section 16.7.2 of the Python documentation for more info: +# https://docs.python.org/3.6/library/logging.config.html#configuration-dictionary-schema +logging: + version: 1 + formatters: + colored: + (): maubot.lib.color_log.ColorFormatter + format: '[%(asctime)s] [%(levelname)s@%(name)s] %(message)s' + normal: + format: '[%(asctime)s] [%(levelname)s@%(name)s] %(message)s' + handlers: + file: + class: logging.handlers.RotatingFileHandler + formatter: normal + filename: /var/log/maubot.log + maxBytes: 10485760 + backupCount: 10 + console: + class: logging.StreamHandler + formatter: colored + loggers: + maubot: + level: DEBUG + mau: + level: DEBUG + aiohttp: + level: INFO + root: + level: DEBUG + handlers: [file, console] diff --git a/roles/matrix-maubot/templates/systemd/matrix-maubot.service.j2 b/roles/matrix-maubot/templates/systemd/matrix-maubot.service.j2 new file mode 100644 index 00000000..d09b8b72 --- /dev/null +++ b/roles/matrix-maubot/templates/systemd/matrix-maubot.service.j2 @@ -0,0 +1,36 @@ +#jinja2: lstrip_blocks: "True" +[Unit] +Description=Maubot +{% for service in matrix_maubot_systemd_required_services_list %} +Requires={{ service }} +After={{ service }} +{% endfor %} +{% for service in matrix_maubot_systemd_wanted_services_list %} +Wants={{ service }} +{% endfor %} +DefaultDependencies=no + +[Service] +Type=simple +Environment="HOME={{ matrix_systemd_unit_home_path }}" +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-maubot 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-maubot 2>/dev/null || true' + +ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-maubot \ + --log-driver=none \ + --cap-drop=ALL \ + --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ + --read-only \ + --mount type=bind,src={{ matrix_maubot_base_path }},dst=/data \ + --network={{ matrix_docker_network }} \ + -p 29316:29316 \ + {{ matrix_maubot_docker_image }} + +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-maubot 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-maubot 2>/dev/null || true' +Restart=always +RestartSec=30 +SyslogIdentifier=matrix-maubot + +[Install] +WantedBy=multi-user.target diff --git a/setup.yml b/setup.yml index 5ea7e5a7..0a0fdc61 100755 --- a/setup.yml +++ b/setup.yml @@ -66,3 +66,4 @@ - matrix-prometheus-postgres-exporter - matrix-backup-borg - matrix-common-after + - matrix-maubot From 13166569985011d650526c129c9c062780c15dea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Thu, 23 Jun 2022 21:57:52 +0200 Subject: [PATCH 003/562] Rename to bot_maubot and fix permission error --- group_vars/matrix_servers | 6 +-- roles/matrix-bot-maubot/defaults/main.yml | 33 +++++++++++++++ .../tasks/init.yml | 2 +- .../tasks/main.yml | 12 +++--- .../tasks/setup_install.yml | 40 +++++++++---------- .../tasks/setup_uninstall.yml | 12 +++--- .../tasks/validate_config.yml | 5 +-- .../templates/config/config.yaml.j2 | 14 ++++--- .../systemd/matrix-maubot.service.j2 | 16 ++++---- roles/matrix-maubot/defaults/main.yml | 32 --------------- setup.yml | 2 +- 11 files changed, 89 insertions(+), 85 deletions(-) create mode 100644 roles/matrix-bot-maubot/defaults/main.yml rename roles/{matrix-maubot => matrix-bot-maubot}/tasks/init.yml (74%) rename roles/{matrix-maubot => matrix-bot-maubot}/tasks/main.yml (56%) rename roles/{matrix-maubot => matrix-bot-maubot}/tasks/setup_install.yml (56%) rename roles/{matrix-maubot => matrix-bot-maubot}/tasks/setup_uninstall.yml (68%) rename roles/{matrix-maubot => matrix-bot-maubot}/tasks/validate_config.yml (66%) rename roles/{matrix-maubot => matrix-bot-maubot}/templates/config/config.yaml.j2 (91%) rename roles/{matrix-maubot => matrix-bot-maubot}/templates/systemd/matrix-maubot.service.j2 (68%) delete mode 100644 roles/matrix-maubot/defaults/main.yml diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index a15e38b4..ef4f4b07 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1065,11 +1065,11 @@ matrix_bot_matrix_registration_bot_systemd_required_services_list: | ###################################################################### # We don't enable bots by default. -matrix_maubot_enabled: false +matrix_bot_maubot_enabled: false -matrix_maubot_container_image_self_build: "{{ matrix_architecture not in ['amd64'] }}" +matrix_bot_maubot_container_image_self_build: "{{ matrix_architecture not in ['amd64'] }}" -matrix_maubot_systemd_required_services_list: | +matrix_bot_maubot_systemd_required_services_list: | {{ ['docker.service'] + diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml new file mode 100644 index 00000000..5e7c58a2 --- /dev/null +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -0,0 +1,33 @@ +--- + +matrix_bot_maubot_enabled: true +matrix_bot_maubot_container_image_self_build: false +matrix_bot_maubot_docker_repo: "https://mau.dev/maubot/maubot.git" +matrix_bot_maubot_docker_src_files_path: "{{ matrix_bot_maubot_base_path }}/docker-src" + +matrix_bot_maubot_version: latest +matrix_bot_maubot_docker_image: "dock.mau.dev/maubot/maubot:{{ matrix_bot_maubot_version }}" +matrix_bot_maubot_docker_image_force_pull: "{{ matrix_bot_maubot_docker_image.endswith(':latest') }}" + +matrix_bot_maubot_base_path: "{{ matrix_base_data_path }}/maubot" +matrix_bot_maubot_data_path: "{{ matrix_bot_maubot_base_path }}/data" +matrix_bot_maubot_container_data_dir: "/data" + +matrix_bot_maubot_bot_server: "https://{{ matrix_server_fqn_matrix }}" + + + +matrix_bot_maubot_logging_level: info +matrix_bot_maubot_secret: '' +matrix_bot_maubot_admin_user: '' +matrix_bot_maubot_admin_password: '' +matrix_mau_environment_variables_extension: '' + +# A list of extra arguments to pass to the container +matrix_bot_maubot_container_extra_arguments: [] + +# List of systemd services that matrix-bot-matrix-registration-bot.service depends on +matrix_bot_maubot_systemd_required_services_list: ['docker.service'] + +# List of systemd services that matrix-bot-matrix-registration-bot.service wants +matrix_bot_maubot_systemd_wanted_services_list: [] diff --git a/roles/matrix-maubot/tasks/init.yml b/roles/matrix-bot-maubot/tasks/init.yml similarity index 74% rename from roles/matrix-maubot/tasks/init.yml rename to roles/matrix-bot-maubot/tasks/init.yml index 3b62fbf3..286c5f46 100644 --- a/roles/matrix-maubot/tasks/init.yml +++ b/roles/matrix-bot-maubot/tasks/init.yml @@ -2,4 +2,4 @@ - set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-maubot.service'] }}" - when: matrix_maubot_enabled|bool + when: matrix_bot_maubot_enabled|bool diff --git a/roles/matrix-maubot/tasks/main.yml b/roles/matrix-bot-maubot/tasks/main.yml similarity index 56% rename from roles/matrix-maubot/tasks/main.yml rename to roles/matrix-bot-maubot/tasks/main.yml index dbca98c3..c67e25ee 100644 --- a/roles/matrix-maubot/tasks/main.yml +++ b/roles/matrix-bot-maubot/tasks/main.yml @@ -5,19 +5,19 @@ - always - import_tasks: "{{ role_path }}/tasks/validate_config.yml" - when: "run_setup|bool and matrix_maubot_enabled|bool" + when: "run_setup|bool and matrix_bot_maubot_enabled|bool" tags: - setup-all - - setup-maubot + - setup-bot-maubot - import_tasks: "{{ role_path }}/tasks/setup_install.yml" - when: "run_setup|bool and matrix_maubot_enabled|bool" + when: "run_setup|bool and matrix_bot_maubot_enabled|bool" tags: - setup-all - - setup-maubot + - setup-bot-maubot - import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" - when: "run_setup|bool and not matrix_maubot_enabled|bool" + when: "run_setup|bool and not matrix_bot_maubot_enabled|bool" tags: - setup-all - - setup-maubot + - setup-bot-maubot diff --git a/roles/matrix-maubot/tasks/setup_install.yml b/roles/matrix-bot-maubot/tasks/setup_install.yml similarity index 56% rename from roles/matrix-maubot/tasks/setup_install.yml rename to roles/matrix-bot-maubot/tasks/setup_install.yml index 5d701946..36871079 100644 --- a/roles/matrix-maubot/tasks/setup_install.yml +++ b/roles/matrix-bot-maubot/tasks/setup_install.yml @@ -4,30 +4,30 @@ file: path: "{{ item.path }}" state: directory - mode: 0750 + mode: 0755 owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" with_items: - - {path: "{{ matrix_maubot_base_path }}", when: true} - - - {path: "{{ matrix_maubot_data_path }}", when: true} - - {path: "{{ matrix_maubot_docker_src_files_path }}", when: true} + - {path: "{{ matrix_bot_maubot_base_path }}", when: true} + - - {path: "{{ matrix_bot_maubot_data_path }}", when: true} + - {path: "{{ matrix_bot_maubot_docker_src_files_path }}", when: true} when: "item.when|bool" - name: Ensure maubot configuration file created template: src: "{{ role_path }}/templates/config/config.yaml.j2" - dest: "{{ matrix_maubot_base_path }}/config.yaml" + dest: "{{ matrix_bot_maubot_base_path }}/config.yaml" owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" - mode: 0640 + mode: "u=rwx" - name: Ensure maubot image is pulled docker_image: - name: "{{ matrix_maubot_docker_image }}" + name: "{{ matrix_bot_maubot_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" - force_source: "{{ matrix_maubot_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" - force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_maubot_docker_image_force_pull }}" - when: "not matrix_maubot_container_image_self_build|bool" + force_source: "{{ matrix_bot_maubot_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_maubot_docker_image_force_pull }}" + when: "not matrix_bot_maubot_container_image_self_build|bool" register: result retries: "{{ matrix_container_retries_count }}" delay: "{{ matrix_container_retries_delay }}" @@ -35,37 +35,37 @@ - name: Ensure maubot repository is present on self-build git: - repo: "{{ matrix_maubot_docker_repo }}" - dest: "{{ matrix_maubot_docker_src_files_path }}" + repo: "{{ matrix_bot_maubot_docker_repo }}" + dest: "{{ matrix_bot_maubot_docker_src_files_path }}" force: "yes" become: true become_user: "{{ matrix_user_username }}" - register: matrix_maubot_git_pull_results - when: "matrix_maubot_container_image_self_build|bool" + register: matrix_bot_maubot_git_pull_results + when: "matrix_bot_maubot_container_image_self_build|bool" - name: Ensure maubot image is built docker_image: - name: "{{ matrix_maubot_docker_image }}" + name: "{{ matrix_bot_maubot_docker_image }}" source: build - force_source: "{{ matrix_maubot_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force_source: "{{ matrix_bot_maubot_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mailer_git_pull_results.changed }}" build: dockerfile: Dockerfile - path: "{{ matrix_maubot_docker_src_files_path }}" + path: "{{ matrix_bot_maubot_docker_src_files_path }}" pull: true - when: "matrix_maubot_container_image_self_build|bool" + when: "matrix_bot_maubot_container_image_self_build|bool" - name: Ensure matrix-maubot.service installed template: src: "{{ role_path }}/templates/systemd/matrix-maubot.service.j2" dest: "{{ matrix_systemd_path }}/matrix-maubot.service" mode: 0644 - register: matrix_maubot_systemd_service_result + register: matrix_bot_maubot_systemd_service_result - name: Ensure systemd reloaded after matrix-maubot.service installation service: daemon_reload: true - when: "matrix_maubot_systemd_service_result.changed|bool" + when: "matrix_bot_maubot_systemd_service_result.changed|bool" - name: Ensure matrix-maubot.service restarted, if necessary service: diff --git a/roles/matrix-maubot/tasks/setup_uninstall.yml b/roles/matrix-bot-maubot/tasks/setup_uninstall.yml similarity index 68% rename from roles/matrix-maubot/tasks/setup_uninstall.yml rename to roles/matrix-bot-maubot/tasks/setup_uninstall.yml index 1765eb03..c9dea82a 100644 --- a/roles/matrix-maubot/tasks/setup_uninstall.yml +++ b/roles/matrix-bot-maubot/tasks/setup_uninstall.yml @@ -3,7 +3,7 @@ - name: Check existence of matrix-maubot service stat: path: "{{ matrix_systemd_path }}/matrix-maubot.service" - register: matrix_maubot_service_stat + register: matrix_bot_maubot_service_stat - name: Ensure matrix-maubot is stopped service: @@ -12,25 +12,25 @@ enabled: false daemon_reload: true register: stopping_result - when: "matrix_maubot_service_stat.stat.exists|bool" + when: "matrix_bot_maubot_service_stat.stat.exists|bool" - name: Ensure matrix-maubot.service doesn't exist file: path: "{{ matrix_systemd_path }}/matrix-maubot.service" state: absent - when: "matrix_maubot_service_stat.stat.exists|bool" + when: "matrix_bot_maubot_service_stat.stat.exists|bool" - name: Ensure systemd reloaded after matrix-maubot.service removal service: daemon_reload: true - when: "matrix_maubot_service_stat.stat.exists|bool" + when: "matrix_bot_maubot_service_stat.stat.exists|bool" - name: Ensure Matrix maubot paths don't exist file: - path: "{{ matrix_maubot_base_path }}" + path: "{{ matrix_bot_maubot_base_path }}" state: absent - name: Ensure maubot Docker image doesn't exist docker_image: - name: "{{ matrix_maubot_docker_image }}" + name: "{{ matrix_bot_maubot_docker_image }}" state: absent diff --git a/roles/matrix-maubot/tasks/validate_config.yml b/roles/matrix-bot-maubot/tasks/validate_config.yml similarity index 66% rename from roles/matrix-maubot/tasks/validate_config.yml rename to roles/matrix-bot-maubot/tasks/validate_config.yml index e23dc10c..6c9871e1 100644 --- a/roles/matrix-maubot/tasks/validate_config.yml +++ b/roles/matrix-bot-maubot/tasks/validate_config.yml @@ -6,6 +6,5 @@ You need to define a required configuration setting (`{{ item }}`). when: "vars[item] == ''" with_items: - - matrix_maubot_secret - - matrix_maubot_admin_user - - matrix_maubot_admin_password + - matrix_bot_maubot_secret + - matrix_bot_maubot_admins diff --git a/roles/matrix-maubot/templates/config/config.yaml.j2 b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 similarity index 91% rename from roles/matrix-maubot/templates/config/config.yaml.j2 rename to roles/matrix-bot-maubot/templates/config/config.yaml.j2 index 9f72cfc0..5e44ff5f 100644 --- a/roles/matrix-maubot/templates/config/config.yaml.j2 +++ b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 @@ -50,7 +50,7 @@ server: hostname: 0.0.0.0 port: 29316 # Public base URL where the server is visible. - public_url: {{ matrix_maubot_bot_server }} + public_url: {{ matrix_bot_maubot_bot_server }} # The base management API path. base_path: /_matrix/maubot/v1 # The base path for the UI. @@ -64,7 +64,7 @@ server: appservice_base_path: /_matrix/app/v1 # The shared secret to sign API access tokens. # Set to "generate" to generate and save a new token at startup. - unshared_secret: {{ matrix_maubot_secret }} + unshared_secret: {{ matrix_bot_maubot_secret }} # Known homeservers. This is required for the `mbc auth` command and also allows # more convenient access from the management UI. This is not required to create @@ -73,14 +73,16 @@ server: homeservers: {{ matrix_domain }}: # Client-server API URL - url: {{ matrix_maubot_bot_server }} + url: {{ matrix_bot_maubot_bot_server }} # registration_shared_secret from synapse config # You can leave this empty if you don't have access to the homeserver. # When this is empty, `mbc auth --register` won't work, but `mbc auth` (login) will. secret: {{ matrix_registration_shared_secret }} -admins: - root: '' - {{ matrix_maubot_admin_user }}: {{ matrix_maubot_admin_password }} + +# List of administrator users. Plaintext passwords will be bcrypted on startup. Set empty password +# to prevent normal login. Root is a special user that can't have a password and will always exist. +admins: {{ matrix_bot_maubot_admins | combine( {"root": ""} ) }} + api_features: login: true plugin: true diff --git a/roles/matrix-maubot/templates/systemd/matrix-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 similarity index 68% rename from roles/matrix-maubot/templates/systemd/matrix-maubot.service.j2 rename to roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 index d09b8b72..3a3c3a0c 100644 --- a/roles/matrix-maubot/templates/systemd/matrix-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 @@ -1,11 +1,11 @@ #jinja2: lstrip_blocks: "True" [Unit] Description=Maubot -{% for service in matrix_maubot_systemd_required_services_list %} +{% for service in matrix_bot_maubot_systemd_required_services_list %} Requires={{ service }} After={{ service }} {% endfor %} -{% for service in matrix_maubot_systemd_wanted_services_list %} +{% for service in matrix_bot_maubot_systemd_wanted_services_list %} Wants={{ service }} {% endfor %} DefaultDependencies=no @@ -18,13 +18,15 @@ ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-maubot \ --log-driver=none \ - --cap-drop=ALL \ - --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ - --read-only \ - --mount type=bind,src={{ matrix_maubot_base_path }},dst=/data \ + -e UID={{ matrix_user_uid }} \ + -e GID={{ matrix_user_gid }} \ + -v {{ matrix_bot_maubot_data_path }}:{{ matrix_bot_maubot_container_data_dir }}:z \ + {% for arg in matrix_bot_maubot_container_extra_arguments %} + {{ arg }} \ + {% endfor %} --network={{ matrix_docker_network }} \ -p 29316:29316 \ - {{ matrix_maubot_docker_image }} + {{ matrix_bot_maubot_docker_image }} ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-maubot 2>/dev/null || true' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-maubot 2>/dev/null || true' diff --git a/roles/matrix-maubot/defaults/main.yml b/roles/matrix-maubot/defaults/main.yml deleted file mode 100644 index 63603c50..00000000 --- a/roles/matrix-maubot/defaults/main.yml +++ /dev/null @@ -1,32 +0,0 @@ ---- - -matrix_maubot_enabled: true -matrix_maubot_container_image_self_build: false -matrix_maubot_docker_repo: "https://mau.dev/maubot/maubot.git" -matrix_maubot_docker_src_files_path: "{{ matrix_maubot_base_path }}/docker-src" - -matrix_maubot_version: latest -matrix_maubot_docker_image: "dock.mau.dev/maubot/maubot:{{ matrix_maubot_version }}" -matrix_maubot_docker_image_force_pull: "{{ matrix_maubot_docker_image.endswith(':latest') }}" - -matrix_maubot_base_path: "{{ matrix_base_data_path }}/maubot" -matrix_maubot_data_path: "{{ matrix_maubot_base_path }}/data" - -matrix_maubot_bot_server: "https://{{ matrix_server_fqn_matrix }}" - - - -matrix_maubot_logging_level: info -matrix_maubot_secret: '' -matrix_maubot_admin_user: '' -matrix_maubot_admin_password: '' -matrix_mau_environment_variables_extension: '' - -# A list of extra arguments to pass to the container -matrix_maubot_container_extra_arguments: [] - -# List of systemd services that matrix-bot-matrix-registration-bot.service depends on -matrix_maubot_systemd_required_services_list: ['docker.service'] - -# List of systemd services that matrix-bot-matrix-registration-bot.service wants -matrix_maubot_systemd_wanted_services_list: [] diff --git a/setup.yml b/setup.yml index 433051c8..79c37741 100755 --- a/setup.yml +++ b/setup.yml @@ -66,4 +66,4 @@ - matrix-postgres-backup - matrix-backup-borg - matrix-common-after - - matrix-maubot + - matrix-bot-maubot From 4d40b61a51662d331f8ad0eaa5b798ccdbb4e501 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 24 Jun 2022 11:50:52 +0200 Subject: [PATCH 004/562] Fix config error, add nginx --- roles/matrix-bot-maubot/defaults/main.yml | 2 + .../matrix-bot-maubot/tasks/setup_install.yml | 42 ++++++++++++++++++- .../systemd/matrix-maubot.service.j2 | 2 +- .../nginx/conf.d/matrix-domain.conf.j2 | 11 ----- setup.yml | 2 +- 5 files changed, 44 insertions(+), 15 deletions(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 5e7c58a2..7e86de6f 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -11,7 +11,9 @@ matrix_bot_maubot_docker_image_force_pull: "{{ matrix_bot_maubot_docker_image.en matrix_bot_maubot_base_path: "{{ matrix_base_data_path }}/maubot" matrix_bot_maubot_data_path: "{{ matrix_bot_maubot_base_path }}/data" +matrix_bot_maubot_config_path: "{{ matrix_bot_maubot_base_path }}/config" matrix_bot_maubot_container_data_dir: "/data" +matrix_bot_maubot_container_config_dir: "/root/.config/" matrix_bot_maubot_bot_server: "https://{{ matrix_server_fqn_matrix }}" diff --git a/roles/matrix-bot-maubot/tasks/setup_install.yml b/roles/matrix-bot-maubot/tasks/setup_install.yml index 36871079..7c651ea2 100644 --- a/roles/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/matrix-bot-maubot/tasks/setup_install.yml @@ -9,18 +9,56 @@ group: "{{ matrix_user_groupname }}" with_items: - {path: "{{ matrix_bot_maubot_base_path }}", when: true} - - - {path: "{{ matrix_bot_maubot_data_path }}", when: true} + - {path: "{{ matrix_bot_maubot_data_path }}", when: true} - {path: "{{ matrix_bot_maubot_docker_src_files_path }}", when: true} when: "item.when|bool" - name: Ensure maubot configuration file created template: src: "{{ role_path }}/templates/config/config.yaml.j2" - dest: "{{ matrix_bot_maubot_base_path }}/config.yaml" + dest: "{{ matrix_bot_maubot_data_path }}/config.yaml" owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" mode: "u=rwx" +- name: Generate Maubot proxying configuration for matrix-nginx-proxy + set_fact: + matrix_bot_maubot_matrix_nginx_proxy_configuration: | + location ~ ^/(_matrix/maubot/.*) { + {% if matrix_nginx_proxy_enabled|default(False) %} + {# Use the embedded DNS resolver in Docker containers to discover the service #} + resolver 127.0.0.11 valid=5s; + set $backend "matrix-maubot:{{ matrix_bot_maubot_port }}/$1"; + proxy_pass http://$backend; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + {% else %} + {# Generic configuration for use outside of our container setup #} + proxy_pass http://127.0.0.1:{{ matrix_bot_maubot_port }}/$1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + {% endif %} + } + +- name: Register Maubot's proxying configuration with matrix-nginx-proxy + set_fact: + matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: | + {{ + matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([]) + + + [matrix_bot_maubot_matrix_nginx_proxy_configuration] + }} + +- name: Warn about reverse-proxying if matrix-nginx-proxy not used + debug: + msg: >- + NOTE: You've enabled Maubot but are not using the matrix-nginx-proxy + reverse proxy. + Please make sure that you're proxying the `/_matrix/maubot` + URL endpoint to the matrix-maubot container. + when: "matrix_bot_maubot_enabled|bool and matrix_nginx_proxy_enabled is not defined" + + - name: Ensure maubot image is pulled docker_image: name: "{{ matrix_bot_maubot_docker_image }}" diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 index 3a3c3a0c..8a7a09ed 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 @@ -25,7 +25,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-maubot \ {{ arg }} \ {% endfor %} --network={{ matrix_docker_network }} \ - -p 29316:29316 \ + -p {{ matrix_bot_maubot_port }}:29316 \ {{ matrix_bot_maubot_docker_image }} ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-maubot 2>/dev/null || true' diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 index 878a297d..2895ba14 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 @@ -45,17 +45,6 @@ {{ render_nginx_status_location_block(matrix_nginx_proxy_proxy_matrix_nginx_status_allowed_addresses) }} {% endif %} - {% if matrix_nginx_proxy_node_exporter_reverse_enabled %} - location /node-exporter/ { - resolver 127.0.0.11 valid=5s; - proxy_pass http://matrix-prometheus-node-exporter:9100/; - } - {% endif %} - {% if matrix_nginx_proxy_postgres_exporter_reverse_enabled %} - location /postgres-exporter/ { - resolver 127.0.0.11 valid=5s; - proxy_pass http://matrix-prometheus-postgres-exporter:9187/; - } {% if matrix_nginx_proxy_proxy_matrix_metrics_enabled %} location /metrics { {% if matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_enabled %} diff --git a/setup.yml b/setup.yml index 79c37741..38c32574 100755 --- a/setup.yml +++ b/setup.yml @@ -39,6 +39,7 @@ - matrix-bridge-hookshot - matrix-bot-matrix-reminder-bot - matrix-bot-matrix-registration-bot + - matrix-bot-maubot - matrix-bot-buscarron - matrix-bot-honoroit - matrix-bot-go-neb @@ -66,4 +67,3 @@ - matrix-postgres-backup - matrix-backup-borg - matrix-common-after - - matrix-bot-maubot From d7eb2d097f17c27e22389b78a11637ff262ec6ca Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 24 Jun 2022 11:58:10 +0200 Subject: [PATCH 005/562] Fix yamllint (emptylines) --- roles/matrix-bot-maubot/defaults/main.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 7e86de6f..7867ec6c 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -18,7 +18,6 @@ matrix_bot_maubot_container_config_dir: "/root/.config/" matrix_bot_maubot_bot_server: "https://{{ matrix_server_fqn_matrix }}" - matrix_bot_maubot_logging_level: info matrix_bot_maubot_secret: '' matrix_bot_maubot_admin_user: '' From 8806598f51a325787c5f3ce764a6213a38902efa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 24 Jun 2022 12:29:06 +0200 Subject: [PATCH 006/562] Add option to proxy management UI (now defaults to false) --- roles/matrix-bot-maubot/defaults/main.yml | 1 + roles/matrix-bot-maubot/tasks/setup_install.yml | 4 +++- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 7867ec6c..33556abe 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -16,6 +16,7 @@ matrix_bot_maubot_container_data_dir: "/data" matrix_bot_maubot_container_config_dir: "/root/.config/" matrix_bot_maubot_bot_server: "https://{{ matrix_server_fqn_matrix }}" +matrix_bot_maubot_proxy_management_interface: False matrix_bot_maubot_logging_level: info diff --git a/roles/matrix-bot-maubot/tasks/setup_install.yml b/roles/matrix-bot-maubot/tasks/setup_install.yml index 7c651ea2..22854ffb 100644 --- a/roles/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/matrix-bot-maubot/tasks/setup_install.yml @@ -39,6 +39,7 @@ proxy_set_header Connection "upgrade"; {% endif %} } + when: matrix_bot_maubot_proxy_management_interface|bool - name: Register Maubot's proxying configuration with matrix-nginx-proxy set_fact: @@ -48,6 +49,7 @@ + [matrix_bot_maubot_matrix_nginx_proxy_configuration] }} + when: matrix_bot_maubot_proxy_management_interface|bool - name: Warn about reverse-proxying if matrix-nginx-proxy not used debug: @@ -56,7 +58,7 @@ reverse proxy. Please make sure that you're proxying the `/_matrix/maubot` URL endpoint to the matrix-maubot container. - when: "matrix_bot_maubot_enabled|bool and matrix_nginx_proxy_enabled is not defined" + when: "matrix_bot_maubot_enabled|bool and matrix_bot_maubot_proxy_management_interface|bool and matrix_nginx_proxy_enabled is not defined" - name: Ensure maubot image is pulled From 0ea146930be1923c11daecc9af9461f1462766a9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 24 Jun 2022 12:39:51 +0200 Subject: [PATCH 007/562] Make exposing management UI configurable --- roles/matrix-bot-maubot/defaults/main.yml | 1 + .../templates/systemd/matrix-maubot.service.j2 | 2 ++ 2 files changed, 3 insertions(+) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 33556abe..0d141a2c 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -17,6 +17,7 @@ matrix_bot_maubot_container_config_dir: "/root/.config/" matrix_bot_maubot_bot_server: "https://{{ matrix_server_fqn_matrix }}" matrix_bot_maubot_proxy_management_interface: False +matrix_bot_maubot_expose_management_interface: True matrix_bot_maubot_logging_level: info diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 index 8a7a09ed..e94696f7 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 @@ -25,7 +25,9 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-maubot \ {{ arg }} \ {% endfor %} --network={{ matrix_docker_network }} \ + {% if matrix_bot_maubot_expose_management_interface|bool %} -p {{ matrix_bot_maubot_port }}:29316 \ + {% endif %} {{ matrix_bot_maubot_docker_image }} ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-maubot 2>/dev/null || true' From 2f1d78fa48de548fe8ce9452c91dfa8662733422 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 24 Jun 2022 12:45:19 +0200 Subject: [PATCH 008/562] Make true and false lowercase --- roles/matrix-bot-maubot/defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 0d141a2c..438c8f46 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -16,8 +16,8 @@ matrix_bot_maubot_container_data_dir: "/data" matrix_bot_maubot_container_config_dir: "/root/.config/" matrix_bot_maubot_bot_server: "https://{{ matrix_server_fqn_matrix }}" -matrix_bot_maubot_proxy_management_interface: False -matrix_bot_maubot_expose_management_interface: True +matrix_bot_maubot_proxy_management_interface: false +matrix_bot_maubot_expose_management_interface: true matrix_bot_maubot_logging_level: info From 2309a61cb0d4a3a8d51ba53404a0b4b1b163ed73 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 24 Jun 2022 13:15:34 +0200 Subject: [PATCH 009/562] Fix minor naming issue --- roles/matrix-bot-maubot/defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 438c8f46..bcac2e9e 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -29,8 +29,8 @@ matrix_mau_environment_variables_extension: '' # A list of extra arguments to pass to the container matrix_bot_maubot_container_extra_arguments: [] -# List of systemd services that matrix-bot-matrix-registration-bot.service depends on +# List of systemd services that matrix-bot-maubot.service depends on matrix_bot_maubot_systemd_required_services_list: ['docker.service'] -# List of systemd services that matrix-bot-matrix-registration-bot.service wants +# List of systemd services that matrix-bot-maubot.service wants matrix_bot_maubot_systemd_wanted_services_list: [] From d5c82a52219c25311a40f45f89892d81152203da Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 24 Jun 2022 17:36:53 +0200 Subject: [PATCH 010/562] Remove logging to /var/log and make readonly --- roles/matrix-bot-maubot/templates/config/config.yaml.j2 | 8 +------- .../templates/systemd/matrix-maubot.service.j2 | 3 ++- 2 files changed, 3 insertions(+), 8 deletions(-) diff --git a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 index 5e44ff5f..86f0076d 100644 --- a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 +++ b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 @@ -108,12 +108,6 @@ logging: normal: format: '[%(asctime)s] [%(levelname)s@%(name)s] %(message)s' handlers: - file: - class: logging.handlers.RotatingFileHandler - formatter: normal - filename: /var/log/maubot.log - maxBytes: 10485760 - backupCount: 10 console: class: logging.StreamHandler formatter: colored @@ -126,4 +120,4 @@ logging: level: INFO root: level: DEBUG - handlers: [file, console] + handlers: [console] diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 index e94696f7..a4e6d750 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 @@ -20,9 +20,10 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-maubot \ --log-driver=none \ -e UID={{ matrix_user_uid }} \ -e GID={{ matrix_user_gid }} \ + --read-only \ -v {{ matrix_bot_maubot_data_path }}:{{ matrix_bot_maubot_container_data_dir }}:z \ {% for arg in matrix_bot_maubot_container_extra_arguments %} - {{ arg }} \ + {{ arg }} \ {% endfor %} --network={{ matrix_docker_network }} \ {% if matrix_bot_maubot_expose_management_interface|bool %} From 6ed105b83071dd6edae569f19d2c551f3eb418a2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 24 Jun 2022 17:54:57 +0200 Subject: [PATCH 011/562] Rename service from matrix-maubot to matrix-bot-maubot --- roles/matrix-bot-maubot/tasks/init.yml | 2 +- roles/matrix-bot-maubot/tasks/setup_install.yml | 12 ++++++------ ...aubot.service.j2 => matrix-bot-maubot.service.j2} | 2 +- 3 files changed, 8 insertions(+), 8 deletions(-) rename roles/matrix-bot-maubot/templates/systemd/{matrix-maubot.service.j2 => matrix-bot-maubot.service.j2} (97%) diff --git a/roles/matrix-bot-maubot/tasks/init.yml b/roles/matrix-bot-maubot/tasks/init.yml index 286c5f46..6f55c747 100644 --- a/roles/matrix-bot-maubot/tasks/init.yml +++ b/roles/matrix-bot-maubot/tasks/init.yml @@ -1,5 +1,5 @@ --- - set_fact: - matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-maubot.service'] }}" + matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-maubot.service'] }}" when: matrix_bot_maubot_enabled|bool diff --git a/roles/matrix-bot-maubot/tasks/setup_install.yml b/roles/matrix-bot-maubot/tasks/setup_install.yml index 22854ffb..dd48a0f0 100644 --- a/roles/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/matrix-bot-maubot/tasks/setup_install.yml @@ -95,19 +95,19 @@ pull: true when: "matrix_bot_maubot_container_image_self_build|bool" -- name: Ensure matrix-maubot.service installed +- name: Ensure matrix-bot-maubot.service installed template: - src: "{{ role_path }}/templates/systemd/matrix-maubot.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-maubot.service" + src: "{{ role_path }}/templates/systemd/matrix-bot-maubot.service.j2" + dest: "{{ matrix_systemd_path }}/matrix-bot-maubot.service" mode: 0644 register: matrix_bot_maubot_systemd_service_result -- name: Ensure systemd reloaded after matrix-maubot.service installation +- name: Ensure systemd reloaded after matrix-bot-maubot.service installation service: daemon_reload: true when: "matrix_bot_maubot_systemd_service_result.changed|bool" -- name: Ensure matrix-maubot.service restarted, if necessary +- name: Ensure matrix-bot-maubot.service restarted, if necessary service: - name: "matrix-maubot.service" + name: "matrix-bot-maubot.service" state: restarted diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 similarity index 97% rename from roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 rename to roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 index a4e6d750..1cfe4c34 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 @@ -35,7 +35,7 @@ ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-maubot 2>/dev/null || true' Restart=always RestartSec=30 -SyslogIdentifier=matrix-maubot +SyslogIdentifier=matrix-bot-maubot [Install] WantedBy=multi-user.target From ba0caf395a01fcf21124ce46dd4cade3c05ebf23 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 24 Jun 2022 17:58:50 +0200 Subject: [PATCH 012/562] Create dckr-src file path only when neccessary Co-authored-by: Slavi Pantaleev --- roles/matrix-bot-maubot/tasks/setup_install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-maubot/tasks/setup_install.yml b/roles/matrix-bot-maubot/tasks/setup_install.yml index dd48a0f0..3b2ce5b7 100644 --- a/roles/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/matrix-bot-maubot/tasks/setup_install.yml @@ -10,7 +10,7 @@ with_items: - {path: "{{ matrix_bot_maubot_base_path }}", when: true} - {path: "{{ matrix_bot_maubot_data_path }}", when: true} - - {path: "{{ matrix_bot_maubot_docker_src_files_path }}", when: true} + - {path: "{{ matrix_bot_maubot_docker_src_files_path }}", when: "{{ matrix_bot_maubot_container_image_self_build }}"} when: "item.when|bool" - name: Ensure maubot configuration file created From 6d1650c83466bdc41ec325ef6efed79bf0c5d8cf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 24 Jun 2022 17:59:45 +0200 Subject: [PATCH 013/562] Remove config dir Co-authored-by: Slavi Pantaleev --- roles/matrix-bot-maubot/defaults/main.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index bcac2e9e..54d50b84 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -13,7 +13,6 @@ matrix_bot_maubot_base_path: "{{ matrix_base_data_path }}/maubot" matrix_bot_maubot_data_path: "{{ matrix_bot_maubot_base_path }}/data" matrix_bot_maubot_config_path: "{{ matrix_bot_maubot_base_path }}/config" matrix_bot_maubot_container_data_dir: "/data" -matrix_bot_maubot_container_config_dir: "/root/.config/" matrix_bot_maubot_bot_server: "https://{{ matrix_server_fqn_matrix }}" matrix_bot_maubot_proxy_management_interface: false From 2f167f21227054b6a94990b724c8a2afec537e58 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 24 Jun 2022 18:01:51 +0200 Subject: [PATCH 014/562] Rename docker container to matrix-bot-maubot --- .../templates/systemd/matrix-bot-maubot.service.j2 | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 index 1cfe4c34..c7415399 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 @@ -13,10 +13,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-maubot 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-maubot 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-maubot 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-maubot \ +ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-maubot \ --log-driver=none \ -e UID={{ matrix_user_uid }} \ -e GID={{ matrix_user_gid }} \ @@ -31,8 +31,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-maubot \ {% endif %} {{ matrix_bot_maubot_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-maubot 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-maubot 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-maubot 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-maubot From 8e9d1657876cda603a0f3d96b75f252c1be37856 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 24 Jun 2022 18:06:06 +0200 Subject: [PATCH 015/562] Another rename to matrix-bot-maubot No functionality changed --- group_vars/matrix_servers | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index ef4f4b07..79df3cf1 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1060,7 +1060,7 @@ matrix_bot_matrix_registration_bot_systemd_required_services_list: | ###################################################################### # -# matrix-maubot +# matrix-bot-maubot # ###################################################################### @@ -1081,7 +1081,7 @@ matrix_bot_maubot_systemd_required_services_list: | ###################################################################### # -# /matrix-maubot +# /matrix-bot-maubot # ###################################################################### From a289116140920ae8ac19d6ccb734003ca42ac2a3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 24 Jun 2022 18:07:09 +0200 Subject: [PATCH 016/562] Use tagged release Co-authored-by: Slavi Pantaleev --- roles/matrix-bot-maubot/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 54d50b84..b38f71c7 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -5,7 +5,7 @@ matrix_bot_maubot_container_image_self_build: false matrix_bot_maubot_docker_repo: "https://mau.dev/maubot/maubot.git" matrix_bot_maubot_docker_src_files_path: "{{ matrix_bot_maubot_base_path }}/docker-src" -matrix_bot_maubot_version: latest +matrix_bot_maubot_version: v0.3.1 matrix_bot_maubot_docker_image: "dock.mau.dev/maubot/maubot:{{ matrix_bot_maubot_version }}" matrix_bot_maubot_docker_image_force_pull: "{{ matrix_bot_maubot_docker_image.endswith(':latest') }}" From 90447a283924d20c3268d8b9ed627964cf004e98 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 24 Jun 2022 18:19:23 +0200 Subject: [PATCH 017/562] Use correct registration secret --- group_vars/matrix_servers | 8 ++++++++ roles/matrix-bot-maubot/templates/config/config.yaml.j2 | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 79df3cf1..1705bdeb 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1078,6 +1078,14 @@ matrix_bot_maubot_systemd_required_services_list: | (['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else []) }} +matrix_bot_maubot_registration_shared_secret: |- + {{ + { + 'synapse': matrix_synapse_registration_shared_secret, + 'dendrite': matrix_dendrite_registration_shared_secret, + }[matrix_homeserver_implementation] + }} + ###################################################################### # diff --git a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 index 86f0076d..2797c03f 100644 --- a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 +++ b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 @@ -77,7 +77,7 @@ homeservers: # registration_shared_secret from synapse config # You can leave this empty if you don't have access to the homeserver. # When this is empty, `mbc auth --register` won't work, but `mbc auth` (login) will. - secret: {{ matrix_registration_shared_secret }} + secret: {{ matrix_bot_maubot_registration_shared_secret|to_json }} # List of administrator users. Plaintext passwords will be bcrypted on startup. Set empty password # to prevent normal login. Root is a special user that can't have a password and will always exist. From 7baf477c160b31abe7c8ae8993d68108d4e6ad99 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 24 Jun 2022 18:21:13 +0200 Subject: [PATCH 018/562] Remove unnecessary variable The /data is hardcoded in the container --- roles/matrix-bot-maubot/defaults/main.yml | 1 - .../templates/systemd/matrix-bot-maubot.service.j2 | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index b38f71c7..6e4219f5 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -12,7 +12,6 @@ matrix_bot_maubot_docker_image_force_pull: "{{ matrix_bot_maubot_docker_image.en matrix_bot_maubot_base_path: "{{ matrix_base_data_path }}/maubot" matrix_bot_maubot_data_path: "{{ matrix_bot_maubot_base_path }}/data" matrix_bot_maubot_config_path: "{{ matrix_bot_maubot_base_path }}/config" -matrix_bot_maubot_container_data_dir: "/data" matrix_bot_maubot_bot_server: "https://{{ matrix_server_fqn_matrix }}" matrix_bot_maubot_proxy_management_interface: false diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 index c7415399..89c91d5f 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 @@ -21,7 +21,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-maubot \ -e UID={{ matrix_user_uid }} \ -e GID={{ matrix_user_gid }} \ --read-only \ - -v {{ matrix_bot_maubot_data_path }}:{{ matrix_bot_maubot_container_data_dir }}:z \ + -v {{ matrix_bot_maubot_data_path }}:/data:z \ {% for arg in matrix_bot_maubot_container_extra_arguments %} {{ arg }} \ {% endfor %} From 64fbc5ff87c45ab3c87b75d21962f123853dc808 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sat, 25 Jun 2022 08:50:22 +0200 Subject: [PATCH 019/562] Replace spaces with tabs --- .../templates/systemd/matrix-bot-maubot.service.j2 | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 index 89c91d5f..df66d321 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 @@ -17,19 +17,19 @@ ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true' ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-maubot \ - --log-driver=none \ + --log-driver=none \ -e UID={{ matrix_user_uid }} \ -e GID={{ matrix_user_gid }} \ --read-only \ -v {{ matrix_bot_maubot_data_path }}:/data:z \ - {% for arg in matrix_bot_maubot_container_extra_arguments %} - {{ arg }} \ - {% endfor %} - --network={{ matrix_docker_network }} \ + {% for arg in matrix_bot_maubot_container_extra_arguments %} + {{ arg }} \ + {% endfor %} + --network={{ matrix_docker_network }} \ {% if matrix_bot_maubot_expose_management_interface|bool %} -p {{ matrix_bot_maubot_port }}:29316 \ {% endif %} - {{ matrix_bot_maubot_docker_image }} + {{ matrix_bot_maubot_docker_image }} ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-maubot 2>/dev/null || true' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true' From a295ec3e3d9b1f75d213d3c9942daec52d57c7be Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sat, 25 Jun 2022 09:44:24 +0200 Subject: [PATCH 020/562] Change to matrix_bot_maubot_bot_server_public This shall indicate that the public url of maubot is here configured the same as matrix_server_fqn_matrix but this must not be the case. In the config I used the matrix fqnd directly as this part of the config is directly bound to the homeserver we want to connect to (but can not use the internal) --- roles/matrix-bot-maubot/defaults/main.yml | 2 +- roles/matrix-bot-maubot/templates/config/config.yaml.j2 | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 6e4219f5..dd777a7b 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -13,7 +13,7 @@ matrix_bot_maubot_base_path: "{{ matrix_base_data_path }}/maubot" matrix_bot_maubot_data_path: "{{ matrix_bot_maubot_base_path }}/data" matrix_bot_maubot_config_path: "{{ matrix_bot_maubot_base_path }}/config" -matrix_bot_maubot_bot_server: "https://{{ matrix_server_fqn_matrix }}" +matrix_bot_maubot_bot_server_public: "https://{{ matrix_server_fqn_matrix }}" matrix_bot_maubot_proxy_management_interface: false matrix_bot_maubot_expose_management_interface: true diff --git a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 index 2797c03f..29860340 100644 --- a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 +++ b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 @@ -50,7 +50,7 @@ server: hostname: 0.0.0.0 port: 29316 # Public base URL where the server is visible. - public_url: {{ matrix_bot_maubot_bot_server }} + public_url: {{ matrix_bot_maubot_bot_server_public }} # The base management API path. base_path: /_matrix/maubot/v1 # The base path for the UI. @@ -73,7 +73,7 @@ server: homeservers: {{ matrix_domain }}: # Client-server API URL - url: {{ matrix_bot_maubot_bot_server }} + url: {{ matrix_server_fqn_matrix }} # registration_shared_secret from synapse config # You can leave this empty if you don't have access to the homeserver. # When this is empty, `mbc auth --register` won't work, but `mbc auth` (login) will. From 2e5ad5cbe97d550b76c77f1597d6322b517d1d2e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sat, 25 Jun 2022 09:46:19 +0200 Subject: [PATCH 021/562] Remove unused variable --- roles/matrix-bot-maubot/defaults/main.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index dd777a7b..9d273053 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -18,7 +18,6 @@ matrix_bot_maubot_proxy_management_interface: false matrix_bot_maubot_expose_management_interface: true -matrix_bot_maubot_logging_level: info matrix_bot_maubot_secret: '' matrix_bot_maubot_admin_user: '' matrix_bot_maubot_admin_password: '' From 9ed70188dd8cb08d25bee55edfc2e887d8ab0f6b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sat, 25 Jun 2022 09:47:32 +0200 Subject: [PATCH 022/562] Use safer |to_json --- roles/matrix-bot-maubot/templates/config/config.yaml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 index 29860340..1a45b91a 100644 --- a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 +++ b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 @@ -64,7 +64,7 @@ server: appservice_base_path: /_matrix/app/v1 # The shared secret to sign API access tokens. # Set to "generate" to generate and save a new token at startup. - unshared_secret: {{ matrix_bot_maubot_secret }} + unshared_secret: {{ matrix_bot_maubot_secret|to_json }} # Known homeservers. This is required for the `mbc auth` command and also allows # more convenient access from the management UI. This is not required to create From 6cc92854df7d81068fb13057e8751b6f488deebe Mon Sep 17 00:00:00 2001 From: Stuart Mumford Date: Wed, 29 Jun 2022 12:37:29 +0000 Subject: [PATCH 023/562] enable setting database URL --- roles/matrix-bot-maubot/templates/config/config.yaml.j2 | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 index 1a45b91a..eb9e7abf 100644 --- a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 +++ b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 @@ -3,10 +3,12 @@ # Format examples: # SQLite: sqlite:///filename.db # Postgres: postgresql://username:password@hostname/dbname -database: sqlite:////data/maubot.db +database: {{ matrix_bot_maubot_storage_database|to_json }} # Separate database URL for the crypto database. "default" means use the same database as above. -crypto_database: default +crypto_database: + type: default + postgres_uri: {{ matrix_bot_maubot_storage_database|to_json }} # Additional arguments for asyncpg.create_pool() or sqlite3.connect() # https://magicstack.github.io/asyncpg/current/api/index.html#asyncpg.pool.create_pool From 320978cdf50baed5a0c4c9e82ba08cafeff91179 Mon Sep 17 00:00:00 2001 From: Stuart Mumford Date: Wed, 29 Jun 2022 13:17:03 +0000 Subject: [PATCH 024/562] Enable setting database URI and other things --- roles/matrix-bot-maubot/defaults/main.yml | 8 +++----- roles/matrix-bot-maubot/tasks/setup_install.yml | 16 ++++++++-------- .../templates/config/config.yaml.j2 | 4 ++-- 3 files changed, 13 insertions(+), 15 deletions(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 9d273053..210fb193 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -17,11 +17,9 @@ matrix_bot_maubot_bot_server_public: "https://{{ matrix_server_fqn_matrix }}" matrix_bot_maubot_proxy_management_interface: false matrix_bot_maubot_expose_management_interface: true - -matrix_bot_maubot_secret: '' -matrix_bot_maubot_admin_user: '' -matrix_bot_maubot_admin_password: '' -matrix_mau_environment_variables_extension: '' +matrix_bot_database_uri: 'sqlite:///data/maubot.db' +matrix_bot_maubot_port: 29316 +matrix_bot_maubot_secret: 'generate' # A list of extra arguments to pass to the container matrix_bot_maubot_container_extra_arguments: [] diff --git a/roles/matrix-bot-maubot/tasks/setup_install.yml b/roles/matrix-bot-maubot/tasks/setup_install.yml index 3b2ce5b7..6d9aec87 100644 --- a/roles/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/matrix-bot-maubot/tasks/setup_install.yml @@ -26,15 +26,15 @@ matrix_bot_maubot_matrix_nginx_proxy_configuration: | location ~ ^/(_matrix/maubot/.*) { {% if matrix_nginx_proxy_enabled|default(False) %} - {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; - set $backend "matrix-maubot:{{ matrix_bot_maubot_port }}/$1"; - proxy_pass http://$backend; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; + {# Use the embedded DNS resolver in Docker containers to discover the service #} + resolver 127.0.0.11 valid=5s; + set $backend "matrix-bot-maubot:29316/$1"; + proxy_pass http://$backend; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; {% else %} - {# Generic configuration for use outside of our container setup #} - proxy_pass http://127.0.0.1:{{ matrix_bot_maubot_port }}/$1; + {# Generic configuration for use outside of our container setup #} + proxy_pass http://127.0.0.1:{{ matrix_bot_maubot_port }}/$1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; {% endif %} diff --git a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 index eb9e7abf..aa9a2045 100644 --- a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 +++ b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 @@ -3,12 +3,12 @@ # Format examples: # SQLite: sqlite:///filename.db # Postgres: postgresql://username:password@hostname/dbname -database: {{ matrix_bot_maubot_storage_database|to_json }} +database: {{ matrix_bot_maubot_database_uri|to_json }} # Separate database URL for the crypto database. "default" means use the same database as above. crypto_database: type: default - postgres_uri: {{ matrix_bot_maubot_storage_database|to_json }} + postgres_uri: {{ matrix_bot_maubot_database_uri|to_json }} # Additional arguments for asyncpg.create_pool() or sqlite3.connect() # https://magicstack.github.io/asyncpg/current/api/index.html#asyncpg.pool.create_pool From 59806ec3ea6287e2bbe896e8aa161f7f77d9c5d9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sat, 9 Jul 2022 11:25:35 +0200 Subject: [PATCH 025/562] Fix typo in variable name --- roles/matrix-bot-maubot/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 210fb193..d15a451f 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -17,7 +17,7 @@ matrix_bot_maubot_bot_server_public: "https://{{ matrix_server_fqn_matrix }}" matrix_bot_maubot_proxy_management_interface: false matrix_bot_maubot_expose_management_interface: true -matrix_bot_database_uri: 'sqlite:///data/maubot.db' +matrix_bot_maubot_database_uri: 'sqlite:////data/maubot.db' matrix_bot_maubot_port: 29316 matrix_bot_maubot_secret: 'generate' From 07cfd3ba090f301bf9cff48870424507af76ea4f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sat, 9 Jul 2022 11:39:23 +0200 Subject: [PATCH 026/562] Use custom invocation instead of provided script --- roles/matrix-bot-maubot/tasks/setup_install.yml | 3 +++ .../templates/systemd/matrix-bot-maubot.service.j2 | 3 ++- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/roles/matrix-bot-maubot/tasks/setup_install.yml b/roles/matrix-bot-maubot/tasks/setup_install.yml index 6d9aec87..de47ecd4 100644 --- a/roles/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/matrix-bot-maubot/tasks/setup_install.yml @@ -10,6 +10,9 @@ with_items: - {path: "{{ matrix_bot_maubot_base_path }}", when: true} - {path: "{{ matrix_bot_maubot_data_path }}", when: true} + - {path: "{{ matrix_bot_maubot_data_path }}/plugins", when: true } + - {path: "{{ matrix_bot_maubot_data_path }}/dbs", when: true } + - {path: "{{ matrix_bot_maubot_data_path }}/trash", when: true } - {path: "{{ matrix_bot_maubot_docker_src_files_path }}", when: "{{ matrix_bot_maubot_container_image_self_build }}"} when: "item.when|bool" diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 index df66d321..cde18e4d 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 @@ -29,7 +29,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-maubot \ {% if matrix_bot_maubot_expose_management_interface|bool %} -p {{ matrix_bot_maubot_port }}:29316 \ {% endif %} - {{ matrix_bot_maubot_docker_image }} + {{ matrix_bot_maubot_docker_image }} \ + python3 -m maubot -c /data/config.yaml ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-maubot 2>/dev/null || true' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true' From 4ab516fca8cc3747df2f82e5be6e702f7fe95ed7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sat, 9 Jul 2022 11:42:18 +0200 Subject: [PATCH 027/562] Fix linter --- roles/matrix-bot-maubot/tasks/setup_install.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/matrix-bot-maubot/tasks/setup_install.yml b/roles/matrix-bot-maubot/tasks/setup_install.yml index de47ecd4..56d8c6a8 100644 --- a/roles/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/matrix-bot-maubot/tasks/setup_install.yml @@ -10,9 +10,9 @@ with_items: - {path: "{{ matrix_bot_maubot_base_path }}", when: true} - {path: "{{ matrix_bot_maubot_data_path }}", when: true} - - {path: "{{ matrix_bot_maubot_data_path }}/plugins", when: true } - - {path: "{{ matrix_bot_maubot_data_path }}/dbs", when: true } - - {path: "{{ matrix_bot_maubot_data_path }}/trash", when: true } + - {path: "{{ matrix_bot_maubot_data_path }}/plugins", when: true} + - {path: "{{ matrix_bot_maubot_data_path }}/dbs", when: true} + - {path: "{{ matrix_bot_maubot_data_path }}/trash", when: true} - {path: "{{ matrix_bot_maubot_docker_src_files_path }}", when: "{{ matrix_bot_maubot_container_image_self_build }}"} when: "item.when|bool" From 9ee5785704aa8a12a83b4e2cfcd650785b6e4aa9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sat, 9 Jul 2022 11:44:11 +0200 Subject: [PATCH 028/562] Add postgres to service dependencies --- group_vars/matrix_servers | 2 ++ 1 file changed, 2 insertions(+) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 1705bdeb..4cc380df 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1075,6 +1075,8 @@ matrix_bot_maubot_systemd_required_services_list: | + ['matrix-' + matrix_homeserver_implementation + '.service'] + + (['matrix-postgres.service'] if matrix_postgres_enabled else []) + + (['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else []) }} From 135096e53a155a9eb9f68b9c43d7306ec94acb3e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sat, 9 Jul 2022 11:55:49 +0200 Subject: [PATCH 029/562] Add defaults --- group_vars/matrix_servers | 9 +++++++++ roles/matrix-bot-maubot/defaults/main.yml | 11 ++++++++++- 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 4cc380df..be09c7ba 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1088,6 +1088,9 @@ matrix_bot_maubot_registration_shared_secret: |- }[matrix_homeserver_implementation] }} +# Postgres is the default, except if not using `matrix_postgres` (internal postgres) +matrix_bot_maubot_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" +matrix_bot_maubot_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mxpup.dsc.db') | to_uuid }}" ###################################################################### # @@ -1805,6 +1808,12 @@ matrix_postgres_additional_databases: | 'password': matrix_bot_honoroit_database_password, }] if (matrix_bot_honoroit_enabled and matrix_bot_honoroit_database_engine == 'postgres' and matrix_bot_honoroit_database_hostname == 'matrix-postgres') else []) + + ([{ + 'name': matrix_bot_maubot_database_name, + 'username': matrix_bot_maubot_database_username, + 'password': matrix_bot_maubot_database_password, + }] if (matrix_bot_maubot_enabled and matrix_bot_maubot_database_engine == 'postgres' and matrix_bot_maubot_database_hostname == 'matrix-postgres') else []) + + ([{ 'name': matrix_bot_buscarron_database_name, 'username': matrix_bot_buscarron_database_username, diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index d15a451f..294cd868 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -17,7 +17,16 @@ matrix_bot_maubot_bot_server_public: "https://{{ matrix_server_fqn_matrix }}" matrix_bot_maubot_proxy_management_interface: false matrix_bot_maubot_expose_management_interface: true -matrix_bot_maubot_database_uri: 'sqlite:////data/maubot.db' +matrix_bot_maubot_database_engine: sqlite +matrix_bot_maubot_sqlite_database_path_local: "{{ matrix_bot_maubot_data_path }}/maubot.db" +matrix_bot_maubot_sqlite_database_path_in_container: "/data/maubot.db" + +matrix_bot_maubot_database_username: matrix_bot_maubot +matrix_bot_maubot_database_password: ~ +matrix_bot_maubot_database_hostname: 'matrix-postgres' +matrix_bot_maubot_database_port: 5432 +matrix_bot_maubot_database_name: matrix_bot_maubot + matrix_bot_maubot_port: 29316 matrix_bot_maubot_secret: 'generate' From a842e9cd1d71be6ef4b23ec5a2b9c52405baaecd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sat, 9 Jul 2022 13:00:17 +0200 Subject: [PATCH 030/562] Fix uninstall (did not remove service) --- roles/matrix-bot-maubot/tasks/setup_uninstall.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/matrix-bot-maubot/tasks/setup_uninstall.yml b/roles/matrix-bot-maubot/tasks/setup_uninstall.yml index c9dea82a..0346b7e7 100644 --- a/roles/matrix-bot-maubot/tasks/setup_uninstall.yml +++ b/roles/matrix-bot-maubot/tasks/setup_uninstall.yml @@ -5,22 +5,22 @@ path: "{{ matrix_systemd_path }}/matrix-maubot.service" register: matrix_bot_maubot_service_stat -- name: Ensure matrix-maubot is stopped +- name: Ensure matrix-bot-maubot is stopped service: - name: matrix-maubot + name: matrix-bot-maubot state: stopped enabled: false daemon_reload: true register: stopping_result when: "matrix_bot_maubot_service_stat.stat.exists|bool" -- name: Ensure matrix-maubot.service doesn't exist +- name: Ensure matrix-bot-maubot.service doesn't exist file: - path: "{{ matrix_systemd_path }}/matrix-maubot.service" + path: "{{ matrix_systemd_path }}/matrix-bot-maubot.service" state: absent when: "matrix_bot_maubot_service_stat.stat.exists|bool" -- name: Ensure systemd reloaded after matrix-maubot.service removal +- name: Ensure systemd reloaded after matrix-bot-maubot.service removal service: daemon_reload: true when: "matrix_bot_maubot_service_stat.stat.exists|bool" From bcd7ec714b4817bf1a3bde5eac48f9f2418b51c1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sat, 9 Jul 2022 13:00:28 +0200 Subject: [PATCH 031/562] Add postgres configuration --- roles/matrix-bot-maubot/defaults/main.yml | 1 + .../templates/config/config.yaml.j2 | 24 +++---------------- 2 files changed, 4 insertions(+), 21 deletions(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 294cd868..21a7a2ec 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -26,6 +26,7 @@ matrix_bot_maubot_database_password: ~ matrix_bot_maubot_database_hostname: 'matrix-postgres' matrix_bot_maubot_database_port: 5432 matrix_bot_maubot_database_name: matrix_bot_maubot +matrix_bot_maubot_database_uri: 'postgres://{{ matrix_bot_maubot_database_username }}:{{ matrix_bot_maubot_database_password }}@{{ matrix_bot_maubot_database_hostname }}:{{ matrix_bot_maubot_database_port }}/{{ matrix_bot_maubot_database_name }}?sslmode=disable' matrix_bot_maubot_port: 29316 matrix_bot_maubot_secret: 'generate' diff --git a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 index aa9a2045..157d76c3 100644 --- a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 +++ b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 @@ -6,9 +6,8 @@ database: {{ matrix_bot_maubot_database_uri|to_json }} # Separate database URL for the crypto database. "default" means use the same database as above. -crypto_database: - type: default - postgres_uri: {{ matrix_bot_maubot_database_uri|to_json }} +crypto_database: + type: default # Additional arguments for asyncpg.create_pool() or sqlite3.connect() # https://magicstack.github.io/asyncpg/current/api/index.html#asyncpg.pool.create_pool @@ -28,24 +27,7 @@ plugin_directories: # Configuration for storing plugin databases plugin_databases: - # The directory where SQLite plugin databases should be stored. - sqlite: /data/dbs - # The connection URL for plugin databases. If null, all plugins will get SQLite databases. - # If set, plugins using the new asyncpg interface will get a Postgres connection instead. - # Plugins using the legacy SQLAlchemy interface will always get a SQLite connection. - # - # To use the same connection pool as the default database, set to "default" - # (the default database above must be postgres to do this). - # - # When enabled, maubot will create separate Postgres schemas in the database for each plugin. - # To view schemas in psql, use `\dn`. To view enter and interact with a specific schema, - # use `SET search_path = name` (where `name` is the name found with `\dn`) and then use normal - # SQL queries/psql commands. - postgres: - # Maximum number of connections per plugin instance. - postgres_max_conns_per_plugin: 3 - # Overrides for the default database_opts when using a non-"default" postgres connection string. - postgres_opts: {} + type: default server: # The IP and port to listen to. From 05c1333ebb8ff1c7863ff00edb9348c42e15c024 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sat, 9 Jul 2022 13:44:41 +0200 Subject: [PATCH 032/562] Restrict permissions of container --- .../templates/systemd/matrix-bot-maubot.service.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 index cde18e4d..b01139d2 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 @@ -18,9 +18,9 @@ ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-maubot \ --log-driver=none \ - -e UID={{ matrix_user_uid }} \ - -e GID={{ matrix_user_gid }} \ + --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --read-only \ + --cap-drop=ALL \ -v {{ matrix_bot_maubot_data_path }}:/data:z \ {% for arg in matrix_bot_maubot_container_extra_arguments %} {{ arg }} \ From f64c1329271d52cbb1b9d7a2ea60c82b19a56460 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 10 Jul 2022 09:51:27 +0200 Subject: [PATCH 033/562] Make database switchable --- roles/matrix-bot-maubot/defaults/main.yml | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 21a7a2ec..50e10bfd 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -26,7 +26,15 @@ matrix_bot_maubot_database_password: ~ matrix_bot_maubot_database_hostname: 'matrix-postgres' matrix_bot_maubot_database_port: 5432 matrix_bot_maubot_database_name: matrix_bot_maubot -matrix_bot_maubot_database_uri: 'postgres://{{ matrix_bot_maubot_database_username }}:{{ matrix_bot_maubot_database_password }}@{{ matrix_bot_maubot_database_hostname }}:{{ matrix_bot_maubot_database_port }}/{{ matrix_bot_maubot_database_name }}?sslmode=disable' + +matrix_bot_maubot_database_connection_string: 'postgres://{{ matrix_bot_maubot_database_username }}:{{ matrix_bot_maubot_database_password }}@{{ matrix_bot_maubot_database_hostname }}:{{ matrix_bot_maubot_database_port }}/{{ matrix_bot_maubot_database_name }}?sslmode=disable' + +matrix_bot_maubot_database_uri: "{{ + { + 'sqlite': ('sqlite:///' + matrix_bot_maubot_sqlite_database_path_in_container), + 'postgres': matrix_bot_maubot_database_connection_string, + }[matrix_bot_maubot_database_engine] + }}" matrix_bot_maubot_port: 29316 matrix_bot_maubot_secret: 'generate' From 27b1835ed47af91b253ab3d399b030a833641cf2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 10 Jul 2022 10:06:17 +0200 Subject: [PATCH 034/562] Fix uninstall (for real this time) --- roles/matrix-bot-maubot/tasks/setup_uninstall.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-maubot/tasks/setup_uninstall.yml b/roles/matrix-bot-maubot/tasks/setup_uninstall.yml index 0346b7e7..f1d2fca2 100644 --- a/roles/matrix-bot-maubot/tasks/setup_uninstall.yml +++ b/roles/matrix-bot-maubot/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-maubot service stat: - path: "{{ matrix_systemd_path }}/matrix-maubot.service" + path: "{{ matrix_systemd_path }}/matrix-bot-maubot.service" register: matrix_bot_maubot_service_stat - name: Ensure matrix-bot-maubot is stopped From 2e15bd85ea3e61090598ad6ae9c1d8a4b6eaac20 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 10 Jul 2022 10:09:55 +0200 Subject: [PATCH 035/562] Rename with addition "unshared" --- roles/matrix-bot-maubot/defaults/main.yml | 2 +- roles/matrix-bot-maubot/tasks/validate_config.yml | 2 +- roles/matrix-bot-maubot/templates/config/config.yaml.j2 | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 50e10bfd..a003e65d 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -37,7 +37,7 @@ matrix_bot_maubot_database_uri: "{{ }}" matrix_bot_maubot_port: 29316 -matrix_bot_maubot_secret: 'generate' +matrix_bot_maubot_unshared_secret: 'generate' # A list of extra arguments to pass to the container matrix_bot_maubot_container_extra_arguments: [] diff --git a/roles/matrix-bot-maubot/tasks/validate_config.yml b/roles/matrix-bot-maubot/tasks/validate_config.yml index 6c9871e1..18070160 100644 --- a/roles/matrix-bot-maubot/tasks/validate_config.yml +++ b/roles/matrix-bot-maubot/tasks/validate_config.yml @@ -6,5 +6,5 @@ You need to define a required configuration setting (`{{ item }}`). when: "vars[item] == ''" with_items: - - matrix_bot_maubot_secret + - matrix_bot_maubot_unshared_secret - matrix_bot_maubot_admins diff --git a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 index 157d76c3..3c844be3 100644 --- a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 +++ b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 @@ -48,7 +48,7 @@ server: appservice_base_path: /_matrix/app/v1 # The shared secret to sign API access tokens. # Set to "generate" to generate and save a new token at startup. - unshared_secret: {{ matrix_bot_maubot_secret|to_json }} + unshared_secret: {{ matrix_bot_maubot_unshared_secret|to_json }} # Known homeservers. This is required for the `mbc auth` command and also allows # more convenient access from the management UI. This is not required to create From 07fdb09f69e51f46c0d1dff080f108dcc3f5bc17 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 10 Jul 2022 10:10:30 +0200 Subject: [PATCH 036/562] Rename with addition "url" --- roles/matrix-bot-maubot/defaults/main.yml | 2 +- roles/matrix-bot-maubot/templates/config/config.yaml.j2 | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index a003e65d..93732021 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -13,7 +13,7 @@ matrix_bot_maubot_base_path: "{{ matrix_base_data_path }}/maubot" matrix_bot_maubot_data_path: "{{ matrix_bot_maubot_base_path }}/data" matrix_bot_maubot_config_path: "{{ matrix_bot_maubot_base_path }}/config" -matrix_bot_maubot_bot_server_public: "https://{{ matrix_server_fqn_matrix }}" +matrix_bot_maubot_bot_server_public_url: "https://{{ matrix_server_fqn_matrix }}" matrix_bot_maubot_proxy_management_interface: false matrix_bot_maubot_expose_management_interface: true diff --git a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 index 3c844be3..559dc02c 100644 --- a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 +++ b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 @@ -34,7 +34,7 @@ server: hostname: 0.0.0.0 port: 29316 # Public base URL where the server is visible. - public_url: {{ matrix_bot_maubot_bot_server_public }} + public_url: {{ matrix_bot_maubot_bot_server_public_url }} # The base management API path. base_path: /_matrix/maubot/v1 # The base path for the UI. From e62632bf5dc1544994cf7c5ac6bfdeb1f51b952e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 10 Jul 2022 11:04:49 +0200 Subject: [PATCH 037/562] Change from spaces to tabs --- .../templates/systemd/matrix-bot-maubot.service.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 index b01139d2..4ba1ac5d 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 @@ -18,7 +18,7 @@ ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-maubot \ --log-driver=none \ - --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ + --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --read-only \ --cap-drop=ALL \ -v {{ matrix_bot_maubot_data_path }}:/data:z \ From ffa20357ea7dd1e703f6caca70a747de1f4999c4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 10 Jul 2022 13:33:29 +0200 Subject: [PATCH 038/562] Use http_bin_port and make networking clearer --- roles/matrix-bot-maubot/defaults/main.yml | 14 ++++++++++++++ roles/matrix-bot-maubot/tasks/setup_install.yml | 2 +- .../templates/systemd/matrix-bot-maubot.service.j2 | 2 +- 3 files changed, 16 insertions(+), 2 deletions(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 93732021..d5be023f 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -36,6 +36,20 @@ matrix_bot_maubot_database_uri: "{{ }[matrix_bot_maubot_database_engine] }}" + +# Defines the port number where the management interface is +# To actually expose the management interface outside of the container, use `matrix_bot_maubot_management_interface_http_bind_port` +matrix_bot_maubot_management_interface_port: 29316 + +# Controls whether the maubot container exposes its HTTP management interface port (tcp/29316 in the container). +# +# Takes an ":" or "" value (e.g. "127.0.0.1:29316"), or empty string to not expose. +# If you'll be setting this at all, it should be defined in terms of `matrix_bot_maubot_management_interface_port`. +# Example: +# matrix_bot_maubot_management_interface_http_bind_port: "127.0.0.1:{{ matrix_bot_maubot_management_interface_port }}" +matrix_bot_maubot_management_interface_http_bind_port: '' + + matrix_bot_maubot_port: 29316 matrix_bot_maubot_unshared_secret: 'generate' diff --git a/roles/matrix-bot-maubot/tasks/setup_install.yml b/roles/matrix-bot-maubot/tasks/setup_install.yml index 56d8c6a8..b4b03165 100644 --- a/roles/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/matrix-bot-maubot/tasks/setup_install.yml @@ -37,7 +37,7 @@ proxy_set_header Connection "upgrade"; {% else %} {# Generic configuration for use outside of our container setup #} - proxy_pass http://127.0.0.1:{{ matrix_bot_maubot_port }}/$1; + proxy_pass http://127.0.0.1:{{ matrix_bot_maubot_management_interface_port }}/$1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; {% endif %} diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 index 4ba1ac5d..497c25a6 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 @@ -27,7 +27,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-maubot \ {% endfor %} --network={{ matrix_docker_network }} \ {% if matrix_bot_maubot_expose_management_interface|bool %} - -p {{ matrix_bot_maubot_port }}:29316 \ + -p {{ matrix_bot_maubot_management_interface_port }}:29316 \ {% endif %} {{ matrix_bot_maubot_docker_image }} \ python3 -m maubot -c /data/config.yaml From acf53f604baa7b99aee601a7a16808f3ed77d79b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 10 Jul 2022 14:48:00 +0200 Subject: [PATCH 039/562] Fix homserver configuration url --- roles/matrix-bot-maubot/templates/config/config.yaml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 index 559dc02c..d542fe91 100644 --- a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 +++ b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 @@ -57,7 +57,7 @@ server: homeservers: {{ matrix_domain }}: # Client-server API URL - url: {{ matrix_server_fqn_matrix }} + url: "https://{{ matrix_server_fqn_matrix }}" # registration_shared_secret from synapse config # You can leave this empty if you don't have access to the homeserver. # When this is empty, `mbc auth --register` won't work, but `mbc auth` (login) will. From 29b336f0a8648b8f79abe624345812742b64a302 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Mon, 11 Jul 2022 13:28:23 +0200 Subject: [PATCH 040/562] Add docs Unrelated to the original branch I added the matrix-registration bot as it was missing in the readme --- README.md | 4 ++++ docs/configuring-playbook.md | 2 ++ 2 files changed, 6 insertions(+) diff --git a/README.md b/README.md index 26f10940..f32b8233 100644 --- a/README.md +++ b/README.md @@ -103,6 +103,10 @@ Using this playbook, you can get the following services configured on your serve - (optional) [matrix-reminder-bot](https://github.com/anoadragon453/matrix-reminder-bot) for scheduling one-off & recurring reminders and alarms - see [docs/configuring-playbook-bot-matrix-reminder-bot.md](docs/configuring-playbook-bot-matrix-reminder-bot.md) for setup documentation +- (optional) [matrix-registration-bot](https://github.com/moan0s/matrix-registration-bot) for invitations by creating and managing registration tokens - see [docs/configuring-playbook-bot-matrix-registration-bot.md](docs/configuring-playbook-bot-matrix-registration-bot.md) for setup documentation + +- (optional) [matrix-maubot](https://github.com/maubot/maubot) a plugin-based Matrix bot system - see [docs/configuring-playbook-bot-matrix-maubot.md](docs/configuring-playbook-bot-matrix-maubot.md) for setup documentation + - (optional) [honoroit](https://gitlab.com/etke.cc/honoroit) helpdesk bot - see [docs/configuring-playbook-bot-honoroit.md](docs/configuring-playbook-bot-honoroit.md) for setup documentation - (optional) [Go-NEB](https://github.com/matrix-org/go-neb) multi functional bot written in Go - see [docs/configuring-playbook-bot-go-neb.md](docs/configuring-playbook-bot-go-neb.md) for setup documentation diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 3bfb01bd..bba1b2e9 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -149,6 +149,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up matrix-registration-bot](configuring-playbook-bot-matrix-registration-bot.md) - a bot to create and manage registration tokens to invite users (optional) +- [Setting up maubot](configuring-playbook-bot-maubot.md) - a plugin-based Matrix bot system (optional) + - [Setting up honoroit](configuring-playbook-bot-honoroit.md) - a helpdesk bot (optional) - [Setting up Go-NEB](configuring-playbook-bot-go-neb.md) - an extensible multifunctional bot (optional) From 1ffc0d963b5089b10dbbcf21140b1b56003c9294 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Tue, 12 Jul 2022 01:15:12 +0200 Subject: [PATCH 041/562] Add maubot configuration docs --- docs/configuring-playbook-bot-maubot.md | 62 +++++++++++++++++++++++++ 1 file changed, 62 insertions(+) create mode 100644 docs/configuring-playbook-bot-maubot.md diff --git a/docs/configuring-playbook-bot-maubot.md b/docs/configuring-playbook-bot-maubot.md new file mode 100644 index 00000000..1fbe8d17 --- /dev/null +++ b/docs/configuring-playbook-bot-maubot.md @@ -0,0 +1,62 @@ +# Setting up maubot (optional) + +The playbook can install and configure [maubot](https://github.com/maubot/maubot) for you. + +After setting up maubot, you can use the web management interface to make it do things. +The default location of the management interface is `matrix./_matrix/maubot/` + +See the project's [documentation](https://docs.mau.fi/maubot/usage/basic.html) to learn what it +does and why it might be useful to you. + +## Adjusting the playbook configuration + +Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: + +```yaml +matrix_bot_maubot_enabled: true +matrix_bot_maubot_admins: + - yourusername: securepassword +``` + +You can add multiple admins. + + +## Installing + +After configuring the playbook, run the [installation](installing.md) command again: + +``` +ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start +``` + +## Usage + +You can visit `matrix./_matrix/maubot/` to manage your available plugins, clients and instances. +To add a client you first need to create an account and obtain a valid access token. + +## Registering the bot user + +You **need to register the bot user manually** before setting up the bot. You can use the playbook to [register a new user](registering-users.md): + +``` +ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=bot.maubot password=PASSWORD_FOR_THE_BOT admin=yes' --tags=register-user +``` + +Choose a strong password for the bot. You can generate a good password with a command like this: `pwgen -s 64 1`. + +## Obtaining an admin access token + +This can be done via `mbc auth` (see the [maubot documentation](https://docs.mau.fi/maubot/usage/cli/auth.html)) or by logging into Element/Schildichat with the bot account +(using the password you set) and navigate to `Settings->Help&About` and scroll to the bottom. +You can expand "Access token" to copy it. + +![Obatining an admin access token with Element](assets/obtain_admin_access_token_element.png) + +**IMPORTANT**: once you copy the token, just close the Matrix client window/tab. Do not "log out", as that would invalidate the token. + + + + + + + From 6b7191c9393fe74d9a10455731584c2e689a212b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Tue, 12 Jul 2022 01:22:20 +0200 Subject: [PATCH 042/562] Fix tabs issue for real --- .../systemd/matrix-bot-maubot.service.j2 | 28 +++++++++---------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 index 497c25a6..59435667 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 @@ -17,20 +17,20 @@ ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true' ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-maubot \ - --log-driver=none \ - --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ - --read-only \ - --cap-drop=ALL \ - -v {{ matrix_bot_maubot_data_path }}:/data:z \ - {% for arg in matrix_bot_maubot_container_extra_arguments %} - {{ arg }} \ - {% endfor %} - --network={{ matrix_docker_network }} \ - {% if matrix_bot_maubot_expose_management_interface|bool %} - -p {{ matrix_bot_maubot_management_interface_port }}:29316 \ - {% endif %} - {{ matrix_bot_maubot_docker_image }} \ - python3 -m maubot -c /data/config.yaml + --log-driver=none \ + --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ + --read-only \ + --cap-drop=ALL \ + -v {{ matrix_bot_maubot_data_path }}:/data:z \ + {% for arg in matrix_bot_maubot_container_extra_arguments %} + {{ arg }} \ + {% endfor %} + --network={{ matrix_docker_network }} \ + {% if matrix_bot_maubot_expose_management_interface|bool %} + -p {{ matrix_bot_maubot_management_interface_port }}:29316 \ + {% endif %} + {{ matrix_bot_maubot_docker_image }} \ + python3 -m maubot -c /data/config.yaml ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-maubot 2>/dev/null || true' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true' From 5b0bdced1d131d17e4335a704169ef3ba3764854 Mon Sep 17 00:00:00 2001 From: Aine Date: Mon, 18 Jul 2022 21:24:17 +0300 Subject: [PATCH 043/562] update Honoroit 0.9.9 -> 0.9.10 --- roles/matrix-bot-honoroit/defaults/main.yml | 5 ++++- roles/matrix-bot-honoroit/templates/env.j2 | 1 + 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/roles/matrix-bot-honoroit/defaults/main.yml b/roles/matrix-bot-honoroit/defaults/main.yml index a48fb878..bbb6ecd3 100644 --- a/roles/matrix-bot-honoroit/defaults/main.yml +++ b/roles/matrix-bot-honoroit/defaults/main.yml @@ -9,7 +9,7 @@ matrix_bot_honoroit_docker_repo: "https://gitlab.com/etke.cc/honoroit.git" matrix_bot_honoroit_docker_repo_version: "{{ matrix_bot_honoroit_version }}" matrix_bot_honoroit_docker_src_files_path: "{{ matrix_base_data_path }}/honoroit/docker-src" -matrix_bot_honoroit_version: v0.9.9 +matrix_bot_honoroit_version: v0.9.10 matrix_bot_honoroit_docker_image: "{{ matrix_bot_honoroit_docker_image_name_prefix }}honoroit:{{ matrix_bot_honoroit_version }}" matrix_bot_honoroit_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_honoroit_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" matrix_bot_honoroit_docker_image_force_pull: "{{ matrix_bot_honoroit_docker_image.endswith(':latest') }}" @@ -97,6 +97,9 @@ matrix_bot_honoroit_text_prefix_open: '' # Text prefix: done matrix_bot_honoroit_text_prefix_done: '' +# Text: no encryption +matrix_bot_honoroit_text_noencryption: '' + # Text: greetings matrix_bot_honoroit_text_greetings: '' diff --git a/roles/matrix-bot-honoroit/templates/env.j2 b/roles/matrix-bot-honoroit/templates/env.j2 index de8b9d84..c5f2025b 100644 --- a/roles/matrix-bot-honoroit/templates/env.j2 +++ b/roles/matrix-bot-honoroit/templates/env.j2 @@ -11,6 +11,7 @@ HONOROIT_CACHESIZE={{ matrix_bot_honoroit_cachesize }} HONOROIT_NOENCRYPTION={{ matrix_bot_honoroit_noencryption }} HONOROIT_TEXT_PREFIX_OPEN={{ matrix_bot_honoroit_text_prefix_open }} HONOROIT_TEXT_PREFIX_DONE={{ matrix_bot_honoroit_text_prefix_done }} +HONOROIT_TEXT_NOENCRYPTION={{ matrix_bot_honoroit_text_noencryption }} HONOROIT_TEXT_GREETINGS={{ matrix_bot_honoroit_text_greetings }} HONOROIT_TEXT_INVITE={{ matrix_bot_honoroit_text_invite }} HONOROIT_TEXT_JOIN={{ matrix_bot_honoroit_text_join }} From 24a027c6b9c5c822ee4202d8b5afc23beabf5d14 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 19 Jul 2022 13:24:27 +0000 Subject: [PATCH 044/562] Update Synapse 1.62.0 -> 1.63.0 --- roles/matrix-synapse/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 87ef3d6a..faf9b3ef 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -9,7 +9,7 @@ matrix_synapse_container_image_self_build_repo: "https://github.com/matrix-org/s matrix_synapse_docker_image: "{{ matrix_synapse_docker_image_name_prefix }}matrixdotorg/synapse:{{ matrix_synapse_docker_image_tag }}" matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_container_image_self_build else matrix_container_global_registry_prefix }}" -matrix_synapse_version: v1.62.0 +matrix_synapse_version: v1.63.0 matrix_synapse_docker_image_tag: "{{ matrix_synapse_version }}" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" From 65bfc1396e0ded8839b66791dc0b8f33d6834d74 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 19 Jul 2022 16:47:01 +0300 Subject: [PATCH 045/562] Revert "Update Hookshot 1.8.0 -> 1.8.1" This reverts commit 05ccee9f6f436c0b6f1e84b8f74fa002f205ef67. Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1952 --- roles/matrix-bridge-hookshot/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-hookshot/defaults/main.yml b/roles/matrix-bridge-hookshot/defaults/main.yml index 7ffb26a2..62f797d0 100644 --- a/roles/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/matrix-bridge-hookshot/defaults/main.yml @@ -10,7 +10,7 @@ matrix_hookshot_container_image_self_build: false matrix_hookshot_container_image_self_build_repo: "https://github.com/matrix-org/matrix-hookshot.git" matrix_hookshot_container_image_self_build_branch: "{{ 'main' if matrix_hookshot_version == 'latest' else matrix_hookshot_version }}" -matrix_hookshot_version: 1.8.1 +matrix_hookshot_version: 1.8.0 matrix_hookshot_docker_image: "{{ matrix_hookshot_docker_image_name_prefix }}halfshot/matrix-hookshot:{{ matrix_hookshot_version }}" matrix_hookshot_docker_image_name_prefix: "{{ 'localhost/' if matrix_hookshot_container_image_self_build else matrix_container_global_registry_prefix }}" From 817830bb3de4594f9552058e0f94ce482f0d992d Mon Sep 17 00:00:00 2001 From: Aaron Raimist Date: Tue, 19 Jul 2022 14:58:19 +0000 Subject: [PATCH 046/562] Update telemetry documentation to more closely match upstream Synapse no longer describes the stats as anonymized since the `server_name` is included. https://github.com/matrix-org/synapse/pull/13321 --- docs/configuring-playbook-telemetry.md | 30 ++----------------- .../templates/synapse/homeserver.yaml.j2 | 4 +-- 2 files changed, 5 insertions(+), 29 deletions(-) diff --git a/docs/configuring-playbook-telemetry.md b/docs/configuring-playbook-telemetry.md index da583838..22728b09 100644 --- a/docs/configuring-playbook-telemetry.md +++ b/docs/configuring-playbook-telemetry.md @@ -3,8 +3,7 @@ By default, this playbook configures your Matrix homeserver to not send any telemetry data anywhere. The [matrix.org](https://matrix.org) team would really appreciate it if you could help the project out by reporting -anonymized usage statistics from your homeserver. Only very [basic aggregate -data](#usage-statistics-being-submitted) (e.g. number of users) will be reported, but it helps track the +usage statistics from your homeserver. Enabling usage statistics helps track the growth of the Matrix community, and helps to make Matrix a success. @@ -19,28 +18,5 @@ matrix_synapse_report_stats: true ## Usage statistics being submitted -If statistics reporting is enabled, the information that gets submitted to the matrix.org team [according to the source code](https://github.com/matrix-org/synapse/blob/master/synapse/app/homeserver.py) is: - -- your homeserver's domain name - -- uptime of the homeserver program - -- [Python](https://www.python.org/) version powering your homeserver - -- total number of users on your home server (including bridged users) - -- total number of native Matrix users on your home server - -- total number of rooms on your homeserver - -- total number of daily active users on your homeserver - -- total number of daily active rooms on your homeserver - -- total number of messages sent per day - -- cache setting information - -- CPU and memory statistics for the homeserver program - -- database engine type and version +See [Synapse's documentation](https://github.com/matrix-org/synapse/blob/develop/docs/usage/administration/monitoring/reporting_homeserver_usage_statistics.md#available-statistics) +for a list of the individual parameters that are reported. diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 index c2364650..3f023ca2 100644 --- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -1587,11 +1587,11 @@ metrics_flags: # #known_servers: true -# Whether or not to report anonymized homeserver usage statistics. +# Whether or not to report homeserver usage statistics. # report_stats: {{ matrix_synapse_report_stats|to_json }} -# The endpoint to report the anonymized homeserver usage statistics to. +# The endpoint to report homeserver usage statistics to. # Defaults to https://matrix.org/report-usage-stats/push # #report_stats_endpoint: https://example.com/report-usage-stats/push From 66d4c7e0720ad0d253dd41721899fa20dfbdedc2 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 19 Jul 2022 15:25:32 +0000 Subject: [PATCH 047/562] [DO NOT MERGE]Update Coturn 4.5.2-r12 -> 4.5.2-r13 **no docker tag yet**, [keep an eye on it](https://hub.docker.com/r/coturn/coturn/tags?page=1&name=4.5.2-r13) --- roles/matrix-coturn/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-coturn/defaults/main.yml b/roles/matrix-coturn/defaults/main.yml index 0b48616b..e1a544ba 100644 --- a/roles/matrix-coturn/defaults/main.yml +++ b/roles/matrix-coturn/defaults/main.yml @@ -8,7 +8,7 @@ matrix_coturn_container_image_self_build_repo: "https://github.com/coturn/coturn matrix_coturn_container_image_self_build_repo_version: "docker/{{ matrix_coturn_version }}" matrix_coturn_container_image_self_build_repo_dockerfile_path: "docker/coturn/alpine/Dockerfile" -matrix_coturn_version: 4.5.2-r12 +matrix_coturn_version: 4.5.2-r13 matrix_coturn_docker_image: "{{ matrix_coturn_docker_image_name_prefix }}coturn/coturn:{{ matrix_coturn_version }}-alpine" matrix_coturn_docker_image_name_prefix: "{{ 'localhost/' if matrix_coturn_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_coturn_docker_image_force_pull: "{{ matrix_coturn_docker_image.endswith(':latest') }}" From efec303a229b7842898f9e2ea3eebb3a7a8afede Mon Sep 17 00:00:00 2001 From: Aaron Raimist Date: Tue, 19 Jul 2022 16:42:53 +0000 Subject: [PATCH 048/562] Explicitly mention that your homeserver's domain is included in telemetry --- docs/configuring-playbook-telemetry.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/docs/configuring-playbook-telemetry.md b/docs/configuring-playbook-telemetry.md index 22728b09..a97fa59c 100644 --- a/docs/configuring-playbook-telemetry.md +++ b/docs/configuring-playbook-telemetry.md @@ -18,5 +18,9 @@ matrix_synapse_report_stats: true ## Usage statistics being submitted +When enabled, Synapse will regularly upload a few dozen statistics about your server. +This data includes your homeserver's domain, the total number of users, the number of active +users, the total number of rooms, and the number of messages sent per day on your homeserver. + See [Synapse's documentation](https://github.com/matrix-org/synapse/blob/develop/docs/usage/administration/monitoring/reporting_homeserver_usage_statistics.md#available-statistics) -for a list of the individual parameters that are reported. +for the full list of statistics that are reported. From 2e02e694b41078488672860ce1b4dfe67bfd9f95 Mon Sep 17 00:00:00 2001 From: Matt Holt Date: Tue, 19 Jul 2022 16:31:01 -0600 Subject: [PATCH 049/562] Update configuring-well-known.md Make use of `example.com` more consistent (replace `DOMAIN`) and simplify Caddy 2 config. Remove Caddy 1 config since Caddy 1 is long past EOL. --- docs/configuring-well-known.md | 48 ++++++++++------------------------ 1 file changed, 14 insertions(+), 34 deletions(-) diff --git a/docs/configuring-well-known.md b/docs/configuring-well-known.md index 53a35386..d4a8dc7e 100644 --- a/docs/configuring-well-known.md +++ b/docs/configuring-well-known.md @@ -15,7 +15,7 @@ All services created by this playbook are meant to be installed on their own ser As [per the Server-Server specification](https://matrix.org/docs/spec/server_server/r0.1.0.html#server-discovery), to use a Matrix user identifier like `@:` while hosting services on a subdomain like `matrix.`, the Matrix network needs to be instructed of such delegation/redirection. -Server delegation can be configured using DNS SRV records or by setting up a `/.well-known/matrix/server` file on the base domain (``). +Server delegation can be configured using DNS SRV records or by setting up a `/.well-known/matrix/server` file on the base domain (``). Both methods have their place and will continue to do so. You only need to use just one of these delegation methods. For simplicity reasons, our setup advocates for the `/.well-known/matrix/server` method and guides you into using that. @@ -79,7 +79,7 @@ If you're managing the base domain by yourself somehow, you'll need to set up se To make things easy for you to set up, this playbook generates and hosts 2 well-known files on the Matrix domain's server. The files are generated at `/matrix/static-files/.well-known/matrix/` and hosted at `https://matrix.example.com/.well-known/matrix/server` and `https://matrix.example.com/.well-known/matrix/client`, even though this is the wrong place to host them. -You have 3 options when it comes to installing the files on the base domain's server: +You have 4 options when it comes to installing the files on the base domain's server: ### (Option 1): **Copying the files manually** to your base domain's server @@ -116,12 +116,12 @@ With this method, you **don't need** to add special HTTP headers for [CORS](http **For nginx**, it would be something like this: ```nginx -# This is your HTTPS-enabled server for DOMAIN. +# This is your HTTPS-enabled server for example.com. server { - server_name DOMAIN; + server_name example.com; location /.well-known/matrix { - proxy_pass https://matrix.DOMAIN/.well-known/matrix; + proxy_pass https://matrix.example.com/.well-known/matrix; proxy_set_header X-Forwarded-For $remote_addr; } @@ -133,11 +133,11 @@ server { ```apache - ServerName DOMAIN + ServerName example.com SSLProxyEngine on - ProxyPass /.well-known/matrix https://matrix.DOMAIN/.well-known/matrix nocanon - ProxyPassReverse /.well-known/matrix https://matrix.DOMAIN/.well-known/matrix nocanon + ProxyPass /.well-known/matrix https://matrix.example.com/.well-known/matrix nocanon + ProxyPassReverse /.well-known/matrix https://matrix.example.com/.well-known/matrix nocanon # other configuration @@ -146,30 +146,10 @@ server { **For Caddy 2**, it would be something like this: ```caddy -DOMAIN.com { - @wellknown { - path /.well-known/matrix/*:x - } - - handle @wellknown { - reverse_proxy https://matrix.DOMAIN.com { - header_up Host {http.reverse_proxy.upstream.hostport} - } - } - # Configration for the base domain goes here - # handle { - # header -Server - # encode zstd gzip - # reverse_proxy localhost:4020 - # } -} -``` - -**For Caddy 1**, it would be something like this: - -```caddy -proxy /.well-known/matrix/ https://matrix.DOMAIN { - header_upstream Host {http.reverse_proxy.upstream.hostport} +example.com { + reverse_proxy /.well-known/matrix/* https://matrix.example.com { + header_up Host {upstream_hostport} + } } ``` @@ -196,7 +176,7 @@ backend matrix-backend ``` # In the _redirects file in the website's root -/.well-known/matrix/* https://matrix.DOMAIN/.well-known/matrix/:splat 200! +/.well-known/matrix/* https://matrix.example.com/.well-known/matrix/:splat 200! ``` **For AWS CloudFront** @@ -206,7 +186,7 @@ backend matrix-backend Make sure to: -- **replace `DOMAIN`** in the server configuration with your actual domain name +- **replace `example.com`** in the server configuration with your actual domain name - and: to **do this for the HTTPS-enabled server block**, as that's where Matrix expects the file to be From dbddd9f989414911f7f81bd59dfa16c575792c2f Mon Sep 17 00:00:00 2001 From: Cody Wyatt Neiman Date: Tue, 19 Jul 2022 19:02:32 -0400 Subject: [PATCH 050/562] Migrate mx-puppet-groupme to new repo --- README.md | 2 +- docs/configuring-playbook-bridge-mx-puppet-groupme.md | 2 +- docs/container-images.md | 2 +- .../matrix-bridge-mx-puppet-groupme/defaults/main.yml | 10 +++++----- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 251df043..832f430c 100644 --- a/README.md +++ b/README.md @@ -89,7 +89,7 @@ Using this playbook, you can get the following services configured on your serve - (optional) the [mx-puppet-discord](https://github.com/matrix-discord/mx-puppet-discord) bridge for [Discord](https://discordapp.com/) - see [docs/configuring-playbook-bridge-mx-puppet-discord.md](docs/configuring-playbook-bridge-mx-puppet-discord.md) for setup documentation -- (optional) the [mx-puppet-groupme](https://gitlab.com/robintown/mx-puppet-groupme) bridge for [GroupMe](https://groupme.com/) - see [docs/configuring-playbook-bridge-mx-puppet-groupme.md](docs/configuring-playbook-bridge-mx-puppet-groupme.md) for setup documentation +- (optional) the [mx-puppet-groupme](https://gitlab.com/xangelix-pub/matrix/mx-puppet-groupme) bridge for [GroupMe](https://groupme.com/) - see [docs/configuring-playbook-bridge-mx-puppet-groupme.md](docs/configuring-playbook-bridge-mx-puppet-groupme.md) for setup documentation - (optional) the [mx-puppet-steam](https://github.com/icewind1991/mx-puppet-steam) bridge for [Steam](https://steamapp.com/) - see [docs/configuring-playbook-bridge-mx-puppet-steam.md](docs/configuring-playbook-bridge-mx-puppet-steam.md) for setup documentation diff --git a/docs/configuring-playbook-bridge-mx-puppet-groupme.md b/docs/configuring-playbook-bridge-mx-puppet-groupme.md index 2f0eda19..4d03d5d9 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-groupme.md +++ b/docs/configuring-playbook-bridge-mx-puppet-groupme.md @@ -1,7 +1,7 @@ # Setting up MX Puppet GroupMe (optional) The playbook can install and configure -[mx-puppet-groupme](https://gitlab.com/robintown/mx-puppet-groupme) for you. +[mx-puppet-groupme](https://gitlab.com/xangelix-pub/matrix/mx-puppet-groupme) for you. See the project page to learn what it does and why it might be useful to you. diff --git a/docs/container-images.md b/docs/container-images.md index a587d932..357164b2 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -76,7 +76,7 @@ These services are not part of our default installation, but can be enabled by [ - [sorunome/mx-puppet-discord](https://hub.docker.com/r/sorunome/mx-puppet-discord) - the [mx-puppet-discord](https://github.com/matrix-discord/mx-puppet-discord) bridge to [Discord](https://discordapp.com) (optional) -- [xangelix/mx-puppet-groupme](https://hub.docker.com/r/xangelix/mx-puppet-groupme) - the [mx-puppet-groupme](https://gitlab.com/robintown/mx-puppet-groupme) bridge to [GroupMe](https://groupme.com/) (optional) +- [xangelix/mx-puppet-groupme](https://hub.docker.com/r/xangelix/mx-puppet-groupme) - the [mx-puppet-groupme](https://gitlab.com/xangelix-pub/matrix/mx-puppet-groupme) bridge to [GroupMe](https://groupme.com/) (optional) - [icewind1991/mx-puppet-steam](https://hub.docker.com/r/icewind1991/mx-puppet-steam) - the [mx-puppet-steam](https://github.com/icewind1991/mx-puppet-steam) bridge to [Steam](https://steampowered.com) (optional) diff --git a/roles/matrix-bridge-mx-puppet-groupme/defaults/main.yml b/roles/matrix-bridge-mx-puppet-groupme/defaults/main.yml index a7016b30..59b8c193 100644 --- a/roles/matrix-bridge-mx-puppet-groupme/defaults/main.yml +++ b/roles/matrix-bridge-mx-puppet-groupme/defaults/main.yml @@ -1,11 +1,11 @@ --- # Mx Puppet GroupMe is a Matrix <-> GroupMe bridge -# Project source code URL: https://gitlab.com/robintown/mx-puppet-groupme +# Project source code URL: https://gitlab.com/xangelix-pub/matrix/mx-puppet-groupme matrix_mx_puppet_groupme_enabled: true matrix_mx_puppet_groupme_container_image_self_build: false -matrix_mx_puppet_groupme_container_image_self_build_repo: "https://gitlab.com/robintown/mx-puppet-groupme" +matrix_mx_puppet_groupme_container_image_self_build_repo: "https://gitlab.com/xangelix-pub/matrix/mx-puppet-groupme" matrix_mx_puppet_groupme_container_image_self_build_repo_version: "{{ 'main' if matrix_mx_puppet_groupme_version == 'latest' else matrix_mx_puppet_groupme_version }}" # Controls whether the mx-puppet-groupme container exposes its HTTP port (tcp/8437 in the container). @@ -13,9 +13,9 @@ matrix_mx_puppet_groupme_container_image_self_build_repo_version: "{{ 'main' if # Takes an ":" or "" value (e.g. "127.0.0.1:8437"), or empty string to not expose. matrix_mx_puppet_groupme_container_http_host_bind_port: '' -matrix_mx_puppet_groupme_version: latest -matrix_mx_puppet_groupme_docker_image: "{{ matrix_mx_puppet_groupme_docker_image_name_prefix }}xangelix/mx-puppet-groupme:{{ matrix_mx_puppet_groupme_version }}" -matrix_mx_puppet_groupme_docker_image_name_prefix: "{{ 'localhost/' if matrix_mx_puppet_groupme_container_image_self_build else matrix_container_global_registry_prefix }}" +matrix_mx_puppet_groupme_version: 533cccc8 +matrix_mx_puppet_groupme_docker_image: "{{ matrix_mx_puppet_groupme_docker_image_name_prefix }}xangelix-pub/matrix/mx-puppet-groupme:{{ matrix_mx_puppet_groupme_version }}" +matrix_mx_puppet_groupme_docker_image_name_prefix: "{{ 'localhost/' if matrix_mx_puppet_groupme_container_image_self_build else 'registry.gitlab.com/' }}" matrix_mx_puppet_groupme_docker_image_force_pull: "{{ matrix_mx_puppet_groupme_docker_image.endswith(':latest') }}" matrix_mx_puppet_groupme_base_path: "{{ matrix_base_data_path }}/mx-puppet-groupme" From 1dea35209ba82f30d363cf7b21628656b5efb1be Mon Sep 17 00:00:00 2001 From: Cody Wyatt Neiman Date: Tue, 19 Jul 2022 19:46:45 -0400 Subject: [PATCH 051/562] Fix self-build error image names --- roles/matrix-bridge-appservice-irc/tasks/init.yml | 2 +- roles/matrix-bridge-appservice-slack/tasks/init.yml | 2 +- roles/matrix-bridge-mautrix-facebook/tasks/init.yml | 2 +- roles/matrix-bridge-mautrix-googlechat/tasks/init.yml | 2 +- roles/matrix-bridge-mautrix-hangouts/tasks/init.yml | 2 +- roles/matrix-bridge-mautrix-instagram/tasks/init.yml | 2 +- roles/matrix-bridge-mautrix-telegram/tasks/init.yml | 2 +- roles/matrix-bridge-mx-puppet-discord/tasks/init.yml | 2 +- roles/matrix-bridge-mx-puppet-groupme/tasks/init.yml | 2 +- roles/matrix-bridge-mx-puppet-instagram/tasks/init.yml | 2 +- roles/matrix-bridge-mx-puppet-slack/tasks/init.yml | 2 +- roles/matrix-bridge-mx-puppet-steam/tasks/init.yml | 2 +- roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml | 2 +- roles/matrix-corporal/tasks/init.yml | 2 +- roles/matrix-coturn/tasks/init.yml | 2 +- roles/matrix-dynamic-dns/tasks/init.yml | 2 +- roles/matrix-ma1sd/tasks/init.yml | 2 +- roles/matrix-mailer/tasks/init.yml | 2 +- roles/matrix-registration/tasks/init.yml | 2 +- roles/matrix-synapse-admin/tasks/init.yml | 2 +- 20 files changed, 20 insertions(+), 20 deletions(-) diff --git a/roles/matrix-bridge-appservice-irc/tasks/init.yml b/roles/matrix-bridge-appservice-irc/tasks/init.yml index d22dd5d7..9713e9b7 100644 --- a/roles/matrix-bridge-appservice-irc/tasks/init.yml +++ b/roles/matrix-bridge-appservice-irc/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the matrix-appservice-irc image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_appservice_irc_container_image_self_build and matrix_appservice_irc_enabled" # If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist. diff --git a/roles/matrix-bridge-appservice-slack/tasks/init.yml b/roles/matrix-bridge-appservice-slack/tasks/init.yml index b4895aea..e11125ed 100644 --- a/roles/matrix-bridge-appservice-slack/tasks/init.yml +++ b/roles/matrix-bridge-appservice-slack/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the matrix-appservice-slack image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_appservice_slack_container_image_self_build and matrix_appservice_slack_enabled" # If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist. diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/init.yml b/roles/matrix-bridge-mautrix-facebook/tasks/init.yml index a5debc0b..c5eb58be 100644 --- a/roles/matrix-bridge-mautrix-facebook/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-facebook/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the Mautrix-Facebook image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mautrix_facebook_container_image_self_build and matrix_mautrix_facebook_enabled" - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml b/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml index af1e7d30..7f846526 100644 --- a/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the Mautrix-Google Chat image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mautrix_googlechat_container_image_self_build and matrix_mautrix_googlechat_enabled" - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml b/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml index 28ca1cdb..8ad9bc02 100644 --- a/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the Mautrix-Hangouts image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mautrix_hangouts_container_image_self_build and matrix_mautrix_hangouts_enabled" - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mautrix-instagram/tasks/init.yml b/roles/matrix-bridge-mautrix-instagram/tasks/init.yml index 858e2917..5a78afed 100644 --- a/roles/matrix-bridge-mautrix-instagram/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-instagram/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the Mautrix-Instagram image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mautrix_instagram_container_image_self_build and matrix_mautrix_instagram_enabled" - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/init.yml b/roles/matrix-bridge-mautrix-telegram/tasks/init.yml index e83bc663..fac5a86c 100644 --- a/roles/matrix-bridge-mautrix-telegram/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-telegram/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the Mautrix-Telegram image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mautrix_telegram_container_image_self_build and matrix_mautrix_telegram_enabled" - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mx-puppet-discord/tasks/init.yml b/roles/matrix-bridge-mx-puppet-discord/tasks/init.yml index 1a821d7d..9fbba3c8 100644 --- a/roles/matrix-bridge-mx-puppet-discord/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-discord/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the mx-puppet-discord image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mx_puppet_discord_container_image_self_build and matrix_mx_puppet_discord_enabled" - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mx-puppet-groupme/tasks/init.yml b/roles/matrix-bridge-mx-puppet-groupme/tasks/init.yml index 92f041d4..1a06b09e 100644 --- a/roles/matrix-bridge-mx-puppet-groupme/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-groupme/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the mx-puppet-groupme image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mx_puppet_groupme_container_image_self_build and matrix_mx_puppet_groupme_enabled" - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mx-puppet-instagram/tasks/init.yml b/roles/matrix-bridge-mx-puppet-instagram/tasks/init.yml index 5e89275c..850c6859 100644 --- a/roles/matrix-bridge-mx-puppet-instagram/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-instagram/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the mx-puppet-instagram image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mx_puppet_instagram_container_image_self_build and matrix_mx_puppet_instagram_enabled" - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml b/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml index fd9d62ae..2213df55 100644 --- a/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the mx-puppet-slack image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mx_puppet_slack_container_image_self_build and matrix_mx_puppet_slack_enabled" - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mx-puppet-steam/tasks/init.yml b/roles/matrix-bridge-mx-puppet-steam/tasks/init.yml index 6c9a9a4f..fb3257b2 100644 --- a/roles/matrix-bridge-mx-puppet-steam/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-steam/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the mx-puppet-steam image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mx_puppet_steam_container_image_self_build and matrix_mx_puppet_steam_enabled" - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml b/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml index 3667ebc7..d6e65964 100644 --- a/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the mx-puppet-twitter image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mx_puppet_twitter_container_image_self_build and matrix_mx_puppet_twitter_enabled" - ansible.builtin.set_fact: diff --git a/roles/matrix-corporal/tasks/init.yml b/roles/matrix-corporal/tasks/init.yml index c6686a37..dffdbe90 100644 --- a/roles/matrix-corporal/tasks/init.yml +++ b/roles/matrix-corporal/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the Matrix Corporal image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_corporal_container_image_self_build and matrix_corporal_enabled" - ansible.builtin.set_fact: diff --git a/roles/matrix-coturn/tasks/init.yml b/roles/matrix-coturn/tasks/init.yml index 60a77264..315dfb65 100644 --- a/roles/matrix-coturn/tasks/init.yml +++ b/roles/matrix-coturn/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the coturn image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_coturn_container_image_self_build and matrix_coturn_enabled" - ansible.builtin.set_fact: diff --git a/roles/matrix-dynamic-dns/tasks/init.yml b/roles/matrix-dynamic-dns/tasks/init.yml index 1cd6170e..9c906441 100644 --- a/roles/matrix-dynamic-dns/tasks/init.yml +++ b/roles/matrix-dynamic-dns/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the Dynamic DNS image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_dynamic_dns_container_image_self_build and matrix_dynamic_dns_enabled" - ansible.builtin.set_fact: diff --git a/roles/matrix-ma1sd/tasks/init.yml b/roles/matrix-ma1sd/tasks/init.yml index 1d425006..48226aa0 100644 --- a/roles/matrix-ma1sd/tasks/init.yml +++ b/roles/matrix-ma1sd/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the ma1sd image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_ma1sd_container_image_self_build and matrix_ma1sd_enabled | bool" - ansible.builtin.set_fact: diff --git a/roles/matrix-mailer/tasks/init.yml b/roles/matrix-mailer/tasks/init.yml index e83902d7..487ed0c9 100644 --- a/roles/matrix-mailer/tasks/init.yml +++ b/roles/matrix-mailer/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the Matrix Mailer image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mailer_container_image_self_build and matrix_mailer_enabled" - ansible.builtin.set_fact: diff --git a/roles/matrix-registration/tasks/init.yml b/roles/matrix-registration/tasks/init.yml index 064f895c..922db0f7 100644 --- a/roles/matrix-registration/tasks/init.yml +++ b/roles/matrix-registration/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the Matrix Registration image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_registration_container_image_self_build and matrix_registration_enabled" - ansible.builtin.set_fact: diff --git a/roles/matrix-synapse-admin/tasks/init.yml b/roles/matrix-synapse-admin/tasks/init.yml index 4d8a5eb0..f934eced 100644 --- a/roles/matrix-synapse-admin/tasks/init.yml +++ b/roles/matrix-synapse-admin/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the Synapse Admin image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_synapse_admin_container_image_self_build and matrix_synapse_admin_enabled" - ansible.builtin.set_fact: From d6d311e810d45d6d4ba5464cc47a988b618fa5d0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Wed, 20 Jul 2022 08:27:20 +0200 Subject: [PATCH 052/562] Fix plugin database issue --- roles/matrix-bot-maubot/templates/config/config.yaml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 index d542fe91..254c836e 100644 --- a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 +++ b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 @@ -27,7 +27,7 @@ plugin_directories: # Configuration for storing plugin databases plugin_databases: - type: default + postgres: default server: # The IP and port to listen to. From 73ebbdcacd75e701a80c5ee31921121f4c75bbaa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Wed, 20 Jul 2022 08:29:03 +0200 Subject: [PATCH 053/562] Move maubot nginx config Reasoning: setup_install.yml only runs on --tags=setup-all or on --tags=setup-bot-maubot. If --tags=setup-nginx-proxy or similar commands are run, setup_install.yml will not run and the nginx configuration will be incomplete. --- roles/matrix-bot-maubot/tasks/init.yml | 39 ++++++++++++++++++ .../matrix-bot-maubot/tasks/setup_install.yml | 40 ------------------- 2 files changed, 39 insertions(+), 40 deletions(-) diff --git a/roles/matrix-bot-maubot/tasks/init.yml b/roles/matrix-bot-maubot/tasks/init.yml index 6f55c747..032fdbf7 100644 --- a/roles/matrix-bot-maubot/tasks/init.yml +++ b/roles/matrix-bot-maubot/tasks/init.yml @@ -3,3 +3,42 @@ - set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-maubot.service'] }}" when: matrix_bot_maubot_enabled|bool + +- name: Generate Maubot proxying configuration for matrix-nginx-proxy + set_fact: + matrix_bot_maubot_matrix_nginx_proxy_configuration: | + location ~ ^/(_matrix/maubot/.*) { + {% if matrix_nginx_proxy_enabled|default(False) %} + {# Use the embedded DNS resolver in Docker containers to discover the service #} + resolver 127.0.0.11 valid=5s; + set $backend "matrix-bot-maubot:29316/$1"; + proxy_pass http://$backend; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + {% else %} + {# Generic configuration for use outside of our container setup #} + proxy_pass http://127.0.0.1:{{ matrix_bot_maubot_management_interface_port }}/$1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + {% endif %} + } + when: matrix_bot_maubot_proxy_management_interface|bool + +- name: Register Maubot's proxying configuration with matrix-nginx-proxy + set_fact: + matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: | + {{ + matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([]) + + + [matrix_bot_maubot_matrix_nginx_proxy_configuration] + }} + when: matrix_bot_maubot_proxy_management_interface|bool + +- name: Warn about reverse-proxying if matrix-nginx-proxy not used + debug: + msg: >- + NOTE: You've enabled Maubot but are not using the matrix-nginx-proxy + reverse proxy. + Please make sure that you're proxying the `/_matrix/maubot` + URL endpoint to the matrix-maubot container. + when: "matrix_bot_maubot_enabled|bool and matrix_bot_maubot_proxy_management_interface|bool and matrix_nginx_proxy_enabled is not defined" diff --git a/roles/matrix-bot-maubot/tasks/setup_install.yml b/roles/matrix-bot-maubot/tasks/setup_install.yml index b4b03165..8b27cd03 100644 --- a/roles/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/matrix-bot-maubot/tasks/setup_install.yml @@ -24,46 +24,6 @@ group: "{{ matrix_user_groupname }}" mode: "u=rwx" -- name: Generate Maubot proxying configuration for matrix-nginx-proxy - set_fact: - matrix_bot_maubot_matrix_nginx_proxy_configuration: | - location ~ ^/(_matrix/maubot/.*) { - {% if matrix_nginx_proxy_enabled|default(False) %} - {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; - set $backend "matrix-bot-maubot:29316/$1"; - proxy_pass http://$backend; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - {% else %} - {# Generic configuration for use outside of our container setup #} - proxy_pass http://127.0.0.1:{{ matrix_bot_maubot_management_interface_port }}/$1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - {% endif %} - } - when: matrix_bot_maubot_proxy_management_interface|bool - -- name: Register Maubot's proxying configuration with matrix-nginx-proxy - set_fact: - matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: | - {{ - matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([]) - + - [matrix_bot_maubot_matrix_nginx_proxy_configuration] - }} - when: matrix_bot_maubot_proxy_management_interface|bool - -- name: Warn about reverse-proxying if matrix-nginx-proxy not used - debug: - msg: >- - NOTE: You've enabled Maubot but are not using the matrix-nginx-proxy - reverse proxy. - Please make sure that you're proxying the `/_matrix/maubot` - URL endpoint to the matrix-maubot container. - when: "matrix_bot_maubot_enabled|bool and matrix_bot_maubot_proxy_management_interface|bool and matrix_nginx_proxy_enabled is not defined" - - - name: Ensure maubot image is pulled docker_image: name: "{{ matrix_bot_maubot_docker_image }}" From d2e6ab6c3885dfa267c0ce5cdfb6163b7782d88b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Wed, 20 Jul 2022 08:41:17 +0200 Subject: [PATCH 054/562] Fix some CI lint errors --- roles/matrix-bot-maubot/tasks/init.yml | 73 +++++++++++++------------- 1 file changed, 37 insertions(+), 36 deletions(-) diff --git a/roles/matrix-bot-maubot/tasks/init.yml b/roles/matrix-bot-maubot/tasks/init.yml index 032fdbf7..09a5f9a8 100644 --- a/roles/matrix-bot-maubot/tasks/init.yml +++ b/roles/matrix-bot-maubot/tasks/init.yml @@ -4,41 +4,42 @@ matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-maubot.service'] }}" when: matrix_bot_maubot_enabled|bool -- name: Generate Maubot proxying configuration for matrix-nginx-proxy - set_fact: - matrix_bot_maubot_matrix_nginx_proxy_configuration: | - location ~ ^/(_matrix/maubot/.*) { - {% if matrix_nginx_proxy_enabled|default(False) %} - {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; - set $backend "matrix-bot-maubot:29316/$1"; - proxy_pass http://$backend; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - {% else %} - {# Generic configuration for use outside of our container setup #} - proxy_pass http://127.0.0.1:{{ matrix_bot_maubot_management_interface_port }}/$1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - {% endif %} - } - when: matrix_bot_maubot_proxy_management_interface|bool +- block: + - name: Generate Maubot proxying configuration for matrix-nginx-proxy + ansible.builtin.set_fact: + matrix_bot_maubot_matrix_nginx_proxy_configuration: | + location ~ ^/(_matrix/maubot/.*) { + {% if matrix_nginx_proxy_enabled|default(False) %} + {# Use the embedded DNS resolver in Docker containers to discover the service #} + resolver 127.0.0.11 valid=5s; + set $backend "matrix-bot-maubot:29316/$1"; + proxy_pass http://$backend; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + {% else %} + {# Generic configuration for use outside of our container setup #} + proxy_pass http://127.0.0.1:{{ matrix_bot_maubot_management_interface_port }}/$1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + {% endif %} + } + when: matrix_bot_maubot_proxy_management_interface|bool -- name: Register Maubot's proxying configuration with matrix-nginx-proxy - set_fact: - matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: | - {{ - matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([]) - + - [matrix_bot_maubot_matrix_nginx_proxy_configuration] - }} - when: matrix_bot_maubot_proxy_management_interface|bool + - name: Register Maubot's proxying configuration with matrix-nginx-proxy + ansible.builtin.set_fact: + matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: | + {{ + matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([]) + + + [matrix_bot_maubot_matrix_nginx_proxy_configuration] + }} + when: matrix_bot_maubot_proxy_management_interface|bool -- name: Warn about reverse-proxying if matrix-nginx-proxy not used - debug: - msg: >- - NOTE: You've enabled Maubot but are not using the matrix-nginx-proxy - reverse proxy. - Please make sure that you're proxying the `/_matrix/maubot` - URL endpoint to the matrix-maubot container. - when: "matrix_bot_maubot_enabled|bool and matrix_bot_maubot_proxy_management_interface|bool and matrix_nginx_proxy_enabled is not defined" + - name: Warn about reverse-proxying if matrix-nginx-proxy not used + ansible.builtin.debug: + msg: >- + NOTE: You've enabled Maubot but are not using the matrix-nginx-proxy + reverse proxy. + Please make sure that you're proxying the `/_matrix/maubot` + URL endpoint to the matrix-maubot container. + when: "matrix_bot_maubot_enabled|bool and matrix_bot_maubot_proxy_management_interface|bool and matrix_nginx_proxy_enabled is not defined" From f8a88707119feea06042cdba20f6e57d4848aadf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Wed, 20 Jul 2022 08:48:26 +0200 Subject: [PATCH 055/562] Use FQCN --- roles/matrix-bot-maubot/tasks/init.yml | 2 +- roles/matrix-bot-maubot/tasks/setup_install.yml | 16 ++++++++-------- .../matrix-bot-maubot/tasks/setup_uninstall.yml | 12 ++++++------ .../matrix-bot-maubot/tasks/validate_config.yml | 2 +- 4 files changed, 16 insertions(+), 16 deletions(-) diff --git a/roles/matrix-bot-maubot/tasks/init.yml b/roles/matrix-bot-maubot/tasks/init.yml index 09a5f9a8..fe33da9b 100644 --- a/roles/matrix-bot-maubot/tasks/init.yml +++ b/roles/matrix-bot-maubot/tasks/init.yml @@ -1,6 +1,6 @@ --- -- set_fact: +- ansible.builtin.set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-maubot.service'] }}" when: matrix_bot_maubot_enabled|bool diff --git a/roles/matrix-bot-maubot/tasks/setup_install.yml b/roles/matrix-bot-maubot/tasks/setup_install.yml index 8b27cd03..cf350c02 100644 --- a/roles/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/matrix-bot-maubot/tasks/setup_install.yml @@ -1,7 +1,7 @@ --- - name: Ensure maubot paths exist - file: + ansible.builtin.file: path: "{{ item.path }}" state: directory mode: 0755 @@ -17,7 +17,7 @@ when: "item.when|bool" - name: Ensure maubot configuration file created - template: + ansible.builtin.template: src: "{{ role_path }}/templates/config/config.yaml.j2" dest: "{{ matrix_bot_maubot_data_path }}/config.yaml" owner: "{{ matrix_user_username }}" @@ -25,7 +25,7 @@ mode: "u=rwx" - name: Ensure maubot image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_maubot_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_bot_maubot_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -37,7 +37,7 @@ until: result is not failed - name: Ensure maubot repository is present on self-build - git: + ansible.builtin.git: repo: "{{ matrix_bot_maubot_docker_repo }}" dest: "{{ matrix_bot_maubot_docker_src_files_path }}" force: "yes" @@ -47,7 +47,7 @@ when: "matrix_bot_maubot_container_image_self_build|bool" - name: Ensure maubot image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_maubot_docker_image }}" source: build force_source: "{{ matrix_bot_maubot_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -59,18 +59,18 @@ when: "matrix_bot_maubot_container_image_self_build|bool" - name: Ensure matrix-bot-maubot.service installed - template: + ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-bot-maubot.service.j2" dest: "{{ matrix_systemd_path }}/matrix-bot-maubot.service" mode: 0644 register: matrix_bot_maubot_systemd_service_result - name: Ensure systemd reloaded after matrix-bot-maubot.service installation - service: + ansible.builtin.service: daemon_reload: true when: "matrix_bot_maubot_systemd_service_result.changed|bool" - name: Ensure matrix-bot-maubot.service restarted, if necessary - service: + ansible.builtin.service: name: "matrix-bot-maubot.service" state: restarted diff --git a/roles/matrix-bot-maubot/tasks/setup_uninstall.yml b/roles/matrix-bot-maubot/tasks/setup_uninstall.yml index f1d2fca2..8812eeed 100644 --- a/roles/matrix-bot-maubot/tasks/setup_uninstall.yml +++ b/roles/matrix-bot-maubot/tasks/setup_uninstall.yml @@ -1,12 +1,12 @@ --- - name: Check existence of matrix-maubot service - stat: + ansible.builtin.stat: path: "{{ matrix_systemd_path }}/matrix-bot-maubot.service" register: matrix_bot_maubot_service_stat - name: Ensure matrix-bot-maubot is stopped - service: + ansible.builtin.service: name: matrix-bot-maubot state: stopped enabled: false @@ -15,22 +15,22 @@ when: "matrix_bot_maubot_service_stat.stat.exists|bool" - name: Ensure matrix-bot-maubot.service doesn't exist - file: + ansible.builtin.file: path: "{{ matrix_systemd_path }}/matrix-bot-maubot.service" state: absent when: "matrix_bot_maubot_service_stat.stat.exists|bool" - name: Ensure systemd reloaded after matrix-bot-maubot.service removal - service: + ansible.builtin.service: daemon_reload: true when: "matrix_bot_maubot_service_stat.stat.exists|bool" - name: Ensure Matrix maubot paths don't exist - file: + ansible.builtin.file: path: "{{ matrix_bot_maubot_base_path }}" state: absent - name: Ensure maubot Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_maubot_docker_image }}" state: absent diff --git a/roles/matrix-bot-maubot/tasks/validate_config.yml b/roles/matrix-bot-maubot/tasks/validate_config.yml index 18070160..5b28d9c0 100644 --- a/roles/matrix-bot-maubot/tasks/validate_config.yml +++ b/roles/matrix-bot-maubot/tasks/validate_config.yml @@ -1,7 +1,7 @@ --- - name: Fail if required settings not defined - fail: + ansible.builtin.fail: msg: >- You need to define a required configuration setting (`{{ item }}`). when: "vars[item] == ''" From 04a817aeaadf8db96f7e81db7a33c1d4edd0b486 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Wed, 20 Jul 2022 08:55:10 +0200 Subject: [PATCH 056/562] Use explicit version for self build --- roles/matrix-bot-maubot/defaults/main.yml | 2 ++ roles/matrix-bot-maubot/tasks/setup_install.yml | 1 + 2 files changed, 3 insertions(+) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index d5be023f..7c5cb0eb 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -4,6 +4,8 @@ matrix_bot_maubot_enabled: true matrix_bot_maubot_container_image_self_build: false matrix_bot_maubot_docker_repo: "https://mau.dev/maubot/maubot.git" matrix_bot_maubot_docker_src_files_path: "{{ matrix_bot_maubot_base_path }}/docker-src" +matrix_bot_maubot_docker_repo_version: "{{ 'master' if matrix_bot_maubot_version == 'latest' else matrix_bot_maubot_version }}" + matrix_bot_maubot_version: v0.3.1 matrix_bot_maubot_docker_image: "dock.mau.dev/maubot/maubot:{{ matrix_bot_maubot_version }}" diff --git a/roles/matrix-bot-maubot/tasks/setup_install.yml b/roles/matrix-bot-maubot/tasks/setup_install.yml index cf350c02..c136fd89 100644 --- a/roles/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/matrix-bot-maubot/tasks/setup_install.yml @@ -39,6 +39,7 @@ - name: Ensure maubot repository is present on self-build ansible.builtin.git: repo: "{{ matrix_bot_maubot_docker_repo }}" + version: "{{ matrix_bot_maubot_docker_repo_version }}" dest: "{{ matrix_bot_maubot_docker_src_files_path }}" force: "yes" become: true From f2dcbe5c9cd5119a671d57c00002f4ef778b7961 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Wed, 20 Jul 2022 09:00:47 +0200 Subject: [PATCH 057/562] Name all tasks --- roles/matrix-bot-maubot/defaults/main.yml | 8 +++++++- roles/matrix-bot-maubot/tasks/init.yml | 6 ++++-- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 7c5cb0eb..57c3f5f7 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -29,7 +29,13 @@ matrix_bot_maubot_database_hostname: 'matrix-postgres' matrix_bot_maubot_database_port: 5432 matrix_bot_maubot_database_name: matrix_bot_maubot -matrix_bot_maubot_database_connection_string: 'postgres://{{ matrix_bot_maubot_database_username }}:{{ matrix_bot_maubot_database_password }}@{{ matrix_bot_maubot_database_hostname }}:{{ matrix_bot_maubot_database_port }}/{{ matrix_bot_maubot_database_name }}?sslmode=disable' +matrix_bot_maubot_database_connection_string: > + postgres://{{ matrix_bot_maubot_database_username }} + :{{ matrix_bot_maubot_database_password }} + @{{ matrix_bot_maubot_database_hostname }} + :{{ matrix_bot_maubot_database_port }} + /{{ matrix_bot_maubot_database_name }} + ?sslmode=disable' matrix_bot_maubot_database_uri: "{{ { diff --git a/roles/matrix-bot-maubot/tasks/init.yml b/roles/matrix-bot-maubot/tasks/init.yml index fe33da9b..54fd714b 100644 --- a/roles/matrix-bot-maubot/tasks/init.yml +++ b/roles/matrix-bot-maubot/tasks/init.yml @@ -1,10 +1,12 @@ --- -- ansible.builtin.set_fact: +- name: Add maubot to the systemd service list + ansible.builtin.set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-maubot.service'] }}" when: matrix_bot_maubot_enabled|bool -- block: +- name: Configure nginx for maubot + block: - name: Generate Maubot proxying configuration for matrix-nginx-proxy ansible.builtin.set_fact: matrix_bot_maubot_matrix_nginx_proxy_configuration: | From 492d430cb00948defab71107935db966d5489c35 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 20 Jul 2022 10:01:42 +0300 Subject: [PATCH 058/562] Revert "Revert "Update Hookshot 1.8.0 -> 1.8.1"" This reverts commit 65bfc1396e0ded8839b66791dc0b8f33d6834d74. The 1.8.1 image is published now, so we can finally upgrade. --- roles/matrix-bridge-hookshot/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-hookshot/defaults/main.yml b/roles/matrix-bridge-hookshot/defaults/main.yml index 62f797d0..7ffb26a2 100644 --- a/roles/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/matrix-bridge-hookshot/defaults/main.yml @@ -10,7 +10,7 @@ matrix_hookshot_container_image_self_build: false matrix_hookshot_container_image_self_build_repo: "https://github.com/matrix-org/matrix-hookshot.git" matrix_hookshot_container_image_self_build_branch: "{{ 'main' if matrix_hookshot_version == 'latest' else matrix_hookshot_version }}" -matrix_hookshot_version: 1.8.0 +matrix_hookshot_version: 1.8.1 matrix_hookshot_docker_image: "{{ matrix_hookshot_docker_image_name_prefix }}halfshot/matrix-hookshot:{{ matrix_hookshot_version }}" matrix_hookshot_docker_image_name_prefix: "{{ 'localhost/' if matrix_hookshot_container_image_self_build else matrix_container_global_registry_prefix }}" From e306d0051e22b4e69e457e4048ceb7c6198d1a4e Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 20 Jul 2022 10:07:03 +0300 Subject: [PATCH 059/562] Add project introduction to maubot's defaults file --- roles/matrix-bot-maubot/defaults/main.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 57c3f5f7..49437ece 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -1,5 +1,8 @@ --- +# maubot is a plugin-based Matrix bot system. +# Project source code URL: https://mau.dev/maubot/maubot + matrix_bot_maubot_enabled: true matrix_bot_maubot_container_image_self_build: false matrix_bot_maubot_docker_repo: "https://mau.dev/maubot/maubot.git" From b8832e30143107e003e51f509e4f92a7ac6b99f8 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 20 Jul 2022 10:27:13 +0300 Subject: [PATCH 060/562] Fix some Jinja2 inconsistencies in maubot role --- roles/matrix-bot-maubot/tasks/init.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/matrix-bot-maubot/tasks/init.yml b/roles/matrix-bot-maubot/tasks/init.yml index 54fd714b..001a3c47 100644 --- a/roles/matrix-bot-maubot/tasks/init.yml +++ b/roles/matrix-bot-maubot/tasks/init.yml @@ -3,7 +3,7 @@ - name: Add maubot to the systemd service list ansible.builtin.set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-maubot.service'] }}" - when: matrix_bot_maubot_enabled|bool + when: matrix_bot_maubot_enabled | bool - name: Configure nginx for maubot block: @@ -11,7 +11,7 @@ ansible.builtin.set_fact: matrix_bot_maubot_matrix_nginx_proxy_configuration: | location ~ ^/(_matrix/maubot/.*) { - {% if matrix_nginx_proxy_enabled|default(False) %} + {% if matrix_nginx_proxy_enabled | default(False) %} {# Use the embedded DNS resolver in Docker containers to discover the service #} resolver 127.0.0.11 valid=5s; set $backend "matrix-bot-maubot:29316/$1"; @@ -25,13 +25,13 @@ proxy_set_header Connection "upgrade"; {% endif %} } - when: matrix_bot_maubot_proxy_management_interface|bool + when: matrix_bot_maubot_proxy_management_interface | bool - name: Register Maubot's proxying configuration with matrix-nginx-proxy ansible.builtin.set_fact: matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: | {{ - matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([]) + matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([]) + [matrix_bot_maubot_matrix_nginx_proxy_configuration] }} @@ -44,4 +44,4 @@ reverse proxy. Please make sure that you're proxying the `/_matrix/maubot` URL endpoint to the matrix-maubot container. - when: "matrix_bot_maubot_enabled|bool and matrix_bot_maubot_proxy_management_interface|bool and matrix_nginx_proxy_enabled is not defined" + when: "matrix_bot_maubot_enabled | bool and matrix_bot_maubot_proxy_management_interface | bool and matrix_nginx_proxy_enabled is not defined" From a1bfad1e9babb1c430f9f89e0c4a98c8051ccdfa Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 20 Jul 2022 11:16:49 +0300 Subject: [PATCH 061/562] Fix whitespace in matrix_bot_maubot_database_connection_string --- roles/matrix-bot-maubot/defaults/main.yml | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 49437ece..f210ba51 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -32,13 +32,7 @@ matrix_bot_maubot_database_hostname: 'matrix-postgres' matrix_bot_maubot_database_port: 5432 matrix_bot_maubot_database_name: matrix_bot_maubot -matrix_bot_maubot_database_connection_string: > - postgres://{{ matrix_bot_maubot_database_username }} - :{{ matrix_bot_maubot_database_password }} - @{{ matrix_bot_maubot_database_hostname }} - :{{ matrix_bot_maubot_database_port }} - /{{ matrix_bot_maubot_database_name }} - ?sslmode=disable' +matrix_bot_maubot_database_connection_string: postgres://{{ matrix_bot_maubot_database_username }}:{{ matrix_bot_maubot_database_password }}@{{ matrix_bot_maubot_database_hostname }}:{{ matrix_bot_maubot_database_port }}/{{ matrix_bot_maubot_database_name }}?sslmode=disable matrix_bot_maubot_database_uri: "{{ { From b20cfc5015317afc4f8d9a7e0f8ba5d80153591e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Wed, 20 Jul 2022 11:23:32 +0200 Subject: [PATCH 062/562] Clear up maubot role (#1960) * Make interface hidden behind proxy by default * Remove expose option and replace with http_bind_port Reasoning: This is a similar binary trigger but allows to bin not on all interfaces * Clarify maubot admin purpose * Remove unnecessary edif * Extend docs to prevent common misconceptions * Make http_bind_port singular, do not allow multiple values * Make optional again --- docs/configuring-playbook-bot-maubot.md | 10 +++++++++- roles/matrix-bot-maubot/defaults/main.yml | 3 +-- .../templates/systemd/matrix-bot-maubot.service.j2 | 6 +++--- 3 files changed, 13 insertions(+), 6 deletions(-) diff --git a/docs/configuring-playbook-bot-maubot.md b/docs/configuring-playbook-bot-maubot.md index 1fbe8d17..d74cfb2f 100644 --- a/docs/configuring-playbook-bot-maubot.md +++ b/docs/configuring-playbook-bot-maubot.md @@ -18,7 +18,8 @@ matrix_bot_maubot_admins: - yourusername: securepassword ``` -You can add multiple admins. +You can add multiple admins. The admin accounts are not connected to any matrix ID and are only used to access the +maubot administration interface. ## Installing @@ -32,6 +33,13 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start ## Usage You can visit `matrix./_matrix/maubot/` to manage your available plugins, clients and instances. + +You should start in the following order +1. **Create one or more clients:** A client is a matrix account which the bot will use to message. +2. **Upload some Plugins:** Plugins can be obtained from [here](https://github.com/maubot/maubot#plugins) or any other source. +3. **Create an instance:** An instance is the actual bot. You have to specify a client which the bot instance will use +and the plugin (how the bot will behave) + To add a client you first need to create an account and obtain a valid access token. ## Registering the bot user diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index f210ba51..c6d92215 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -19,8 +19,7 @@ matrix_bot_maubot_data_path: "{{ matrix_bot_maubot_base_path }}/data" matrix_bot_maubot_config_path: "{{ matrix_bot_maubot_base_path }}/config" matrix_bot_maubot_bot_server_public_url: "https://{{ matrix_server_fqn_matrix }}" -matrix_bot_maubot_proxy_management_interface: false -matrix_bot_maubot_expose_management_interface: true +matrix_bot_maubot_proxy_management_interface: true matrix_bot_maubot_database_engine: sqlite matrix_bot_maubot_sqlite_database_path_local: "{{ matrix_bot_maubot_data_path }}/maubot.db" diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 index 59435667..6f8ec6f6 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 @@ -26,9 +26,9 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-maubot \ {{ arg }} \ {% endfor %} --network={{ matrix_docker_network }} \ - {% if matrix_bot_maubot_expose_management_interface|bool %} - -p {{ matrix_bot_maubot_management_interface_port }}:29316 \ - {% endif %} + {% if matrix_bot_maubot_management_interface_http_bind_port | bool %} + -p {{ matrix_bot_maubot_management_interface_http_bind_port }}:29316 + {% endif %} {{ matrix_bot_maubot_docker_image }} \ python3 -m maubot -c /data/config.yaml From d1649ff67b93f145bbbc3766590b0b62242fa5ba Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 20 Jul 2022 12:40:30 +0300 Subject: [PATCH 063/562] Do not restart matrix-bot-maubot.service on every playbook run Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1894 --- roles/matrix-bot-maubot/tasks/setup_install.yml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/roles/matrix-bot-maubot/tasks/setup_install.yml b/roles/matrix-bot-maubot/tasks/setup_install.yml index c136fd89..5d9965a0 100644 --- a/roles/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/matrix-bot-maubot/tasks/setup_install.yml @@ -70,8 +70,3 @@ ansible.builtin.service: daemon_reload: true when: "matrix_bot_maubot_systemd_service_result.changed|bool" - -- name: Ensure matrix-bot-maubot.service restarted, if necessary - ansible.builtin.service: - name: "matrix-bot-maubot.service" - state: restarted From 46ced6134ca3ebdea1bcd20d65921fe90b68855f Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 20 Jul 2022 12:48:12 +0300 Subject: [PATCH 064/562] Store maubot configuration separately from data Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1894 Because the configuration file is now mounted as readonly and maubot tries to update it on start, we get this warning: > Failed to create tempfile to write updated config to disk: [Errno 30] Read-only file system: '/config/tmpfa8vcb3y.yaml' It doesn't seem to cause issues though. Because the configuration is no longer overwritten on every bot start, each next Ansible run should no longer overwrite it again and report a "changed" task. --- roles/matrix-bot-maubot/tasks/setup_install.yml | 3 ++- .../templates/systemd/matrix-bot-maubot.service.j2 | 7 ++++--- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/roles/matrix-bot-maubot/tasks/setup_install.yml b/roles/matrix-bot-maubot/tasks/setup_install.yml index 5d9965a0..50e48254 100644 --- a/roles/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/matrix-bot-maubot/tasks/setup_install.yml @@ -9,6 +9,7 @@ group: "{{ matrix_user_groupname }}" with_items: - {path: "{{ matrix_bot_maubot_base_path }}", when: true} + - {path: "{{ matrix_bot_maubot_config_path }}", when: true} - {path: "{{ matrix_bot_maubot_data_path }}", when: true} - {path: "{{ matrix_bot_maubot_data_path }}/plugins", when: true} - {path: "{{ matrix_bot_maubot_data_path }}/dbs", when: true} @@ -19,7 +20,7 @@ - name: Ensure maubot configuration file created ansible.builtin.template: src: "{{ role_path }}/templates/config/config.yaml.j2" - dest: "{{ matrix_bot_maubot_data_path }}/config.yaml" + dest: "{{ matrix_bot_maubot_config_path }}/config.yaml" owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" mode: "u=rwx" diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 index 6f8ec6f6..18b32c98 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 @@ -21,16 +21,17 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-maubot \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --read-only \ --cap-drop=ALL \ - -v {{ matrix_bot_maubot_data_path }}:/data:z \ + --mount type=bind,src={{ matrix_bot_maubot_config_path }},dst=/config,ro \ + --mount type=bind,src={{ matrix_bot_maubot_data_path }},dst=/data \ {% for arg in matrix_bot_maubot_container_extra_arguments %} {{ arg }} \ {% endfor %} --network={{ matrix_docker_network }} \ - {% if matrix_bot_maubot_management_interface_http_bind_port | bool %} + {% if matrix_bot_maubot_management_interface_http_bind_port %} -p {{ matrix_bot_maubot_management_interface_http_bind_port }}:29316 {% endif %} {{ matrix_bot_maubot_docker_image }} \ - python3 -m maubot -c /data/config.yaml + python3 -m maubot -c /config/config.yaml ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-maubot 2>/dev/null || true' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true' From d2fb6a86e11b4c2cc197c05597a532ea023b69a9 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 20 Jul 2022 12:50:00 +0300 Subject: [PATCH 065/562] Fix matrix-bot-maubot.service.j2 indentation (tabs only) Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1894 --- .../templates/systemd/matrix-bot-maubot.service.j2 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 index 18b32c98..8957da5e 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 @@ -27,9 +27,9 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-maubot \ {{ arg }} \ {% endfor %} --network={{ matrix_docker_network }} \ - {% if matrix_bot_maubot_management_interface_http_bind_port %} - -p {{ matrix_bot_maubot_management_interface_http_bind_port }}:29316 - {% endif %} + {% if matrix_bot_maubot_management_interface_http_bind_port %} + -p {{ matrix_bot_maubot_management_interface_http_bind_port }}:29316 + {% endif %} {{ matrix_bot_maubot_docker_image }} \ python3 -m maubot -c /config/config.yaml From e5238bf7d52128372042de94a41c94f6eb2df8ed Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 20 Jul 2022 12:54:04 +0300 Subject: [PATCH 066/562] Announce maubot Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1894 --- CHANGELOG.md | 9 +++++++++ docs/container-images.md | 2 ++ docs/self-building.md | 1 + 3 files changed, 12 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index c8d31aba..66f740ed 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,12 @@ +# 2022-07-20 + +## maubot support + +Thanks to [Stuart Mumford (@Cadair)](https://github.com/cadair) for starting ([PR #373](https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/373) and [PR #622](https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/622)) and to [Julian-Samuel Gebühr (@moan0s)](https://github.com/moan0s) for finishing up (in [PR #1894](https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1894)), the playbook can now help you set up [maubot](https://github.com/maubot/maubot) - a plugin-based Matrix bot system. + +See our [Setting up maubot](docs/configuring-playbook-bot-maubot.md) documentation to get started. + + # 2022-07-14 ## mx-puppet-skype removal diff --git a/docs/container-images.md b/docs/container-images.md index a587d932..3821cd8c 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -92,6 +92,8 @@ These services are not part of our default installation, but can be enabled by [ - [anoa/matrix-reminder-bot](https://hub.docker.com/r/anoa/matrix-reminder-bot) - the [matrix-reminder-bot](https://github.com/anoadragon453/matrix-reminder-bot) bot for one-off & recurring reminders and alarms (optional) +- [dock.mau.dev/maubot/maubot](https://mau.dev/maubot/maubot/container_registry) - the [maubot](https://github.com/maubot/maubot) bot (a plugin-based Matrix bot system) (optional) + - [etke.cc/honoroit](https://gitlab.com/etke.cc/honoroit/container_registry) - the [honoroit](https://gitlab.com/etke.cc/honoroit) helpdesk bot (optional) - [matrixdotorg/go-neb](https://hub.docker.com/r/matrixdotorg/go-neb) - the [Go-NEB](https://github.com/matrix-org/go-neb) bot (optional) diff --git a/docs/self-building.md b/docs/self-building.md index ab6e17d3..3351a1f8 100644 --- a/docs/self-building.md +++ b/docs/self-building.md @@ -37,6 +37,7 @@ List of roles where self-building the Docker image is currently possible: - `matrix-bot-mjolnir` - `matrix-bot-honoroit` - `matrix-bot-matrix-reminder-bot` +- `matrix-bot-maubot` - `matrix-email2matrix` Adding self-building support to other roles is welcome. Feel free to contribute! From b575409ed74d575a63a415003304b6305cd1ec71 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 20 Jul 2022 13:02:19 +0300 Subject: [PATCH 067/562] Use |to_json in maubot configuration Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1894 --- roles/matrix-bot-maubot/templates/config/config.yaml.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 index 254c836e..ef46fe76 100644 --- a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 +++ b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 @@ -34,7 +34,7 @@ server: hostname: 0.0.0.0 port: 29316 # Public base URL where the server is visible. - public_url: {{ matrix_bot_maubot_bot_server_public_url }} + public_url: {{ matrix_bot_maubot_bot_server_public_url|to_json }} # The base management API path. base_path: /_matrix/maubot/v1 # The base path for the UI. @@ -65,7 +65,7 @@ homeservers: # List of administrator users. Plaintext passwords will be bcrypted on startup. Set empty password # to prevent normal login. Root is a special user that can't have a password and will always exist. -admins: {{ matrix_bot_maubot_admins | combine( {"root": ""} ) }} +admins: {{ matrix_bot_maubot_admins | combine( {"root": ""} )|to_json }} api_features: login: true From 5ce2732899aea2c35903333b4c783ea7124292ef Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 20 Jul 2022 13:03:50 +0300 Subject: [PATCH 068/562] Make maubot logging level configurable Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1894 --- roles/matrix-bot-maubot/defaults/main.yml | 3 +++ roles/matrix-bot-maubot/templates/config/config.yaml.j2 | 8 ++++---- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index c6d92215..376af188 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -57,6 +57,9 @@ matrix_bot_maubot_management_interface_http_bind_port: '' matrix_bot_maubot_port: 29316 matrix_bot_maubot_unshared_secret: 'generate' +# Specifies the default log level for all bot loggers. +matrix_bot_maubot_logging_level: WARNING + # A list of extra arguments to pass to the container matrix_bot_maubot_container_extra_arguments: [] diff --git a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 index ef46fe76..041522f8 100644 --- a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 +++ b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 @@ -97,11 +97,11 @@ logging: formatter: colored loggers: maubot: - level: DEBUG + level: {{ matrix_bot_maubot_logging_level|to_json }} mau: - level: DEBUG + level: {{ matrix_bot_maubot_logging_level|to_json }} aiohttp: - level: INFO + level: {{ matrix_bot_maubot_logging_level|to_json }} root: - level: DEBUG + level: {{ matrix_bot_maubot_logging_level|to_json }} handlers: [console] From 8a689813ffa8233e6a66b91a52bccdf08953f8f1 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 20 Jul 2022 13:04:35 +0300 Subject: [PATCH 069/562] Remove unused maubot variable Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1894 --- roles/matrix-bot-maubot/defaults/main.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 376af188..0a73d92e 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -54,7 +54,6 @@ matrix_bot_maubot_management_interface_port: 29316 matrix_bot_maubot_management_interface_http_bind_port: '' -matrix_bot_maubot_port: 29316 matrix_bot_maubot_unshared_secret: 'generate' # Specifies the default log level for all bot loggers. From 90551e82ec6be265b56d43e78c0a76030121b58f Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 20 Jul 2022 13:06:11 +0300 Subject: [PATCH 070/562] Make use of matrix_bot_maubot_management_interface_port variable to actually make maubot port configurable Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1894 --- roles/matrix-bot-maubot/tasks/init.yml | 2 +- roles/matrix-bot-maubot/templates/config/config.yaml.j2 | 2 +- .../templates/systemd/matrix-bot-maubot.service.j2 | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/matrix-bot-maubot/tasks/init.yml b/roles/matrix-bot-maubot/tasks/init.yml index 001a3c47..251d0b4a 100644 --- a/roles/matrix-bot-maubot/tasks/init.yml +++ b/roles/matrix-bot-maubot/tasks/init.yml @@ -14,7 +14,7 @@ {% if matrix_nginx_proxy_enabled | default(False) %} {# Use the embedded DNS resolver in Docker containers to discover the service #} resolver 127.0.0.11 valid=5s; - set $backend "matrix-bot-maubot:29316/$1"; + set $backend "matrix-bot-maubot:{{ matrix_bot_maubot_management_interface_port }}/$1"; proxy_pass http://$backend; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; diff --git a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 index 041522f8..938901ea 100644 --- a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 +++ b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 @@ -32,7 +32,7 @@ plugin_databases: server: # The IP and port to listen to. hostname: 0.0.0.0 - port: 29316 + port: {{ matrix_bot_maubot_management_interface_port|to_json }} # Public base URL where the server is visible. public_url: {{ matrix_bot_maubot_bot_server_public_url|to_json }} # The base management API path. diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 index 8957da5e..2773c69d 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 @@ -28,7 +28,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-maubot \ {% endfor %} --network={{ matrix_docker_network }} \ {% if matrix_bot_maubot_management_interface_http_bind_port %} - -p {{ matrix_bot_maubot_management_interface_http_bind_port }}:29316 + -p {{ matrix_bot_maubot_management_interface_http_bind_port }}:{{ matrix_bot_maubot_management_interface_port }} {% endif %} {{ matrix_bot_maubot_docker_image }} \ python3 -m maubot -c /config/config.yaml From ff2ba1d5b158761a6d67902545ea5c3864073d34 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Wed, 20 Jul 2022 12:18:11 +0200 Subject: [PATCH 071/562] Add matrix-registreation-bot docker image --- docs/container-images.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/container-images.md b/docs/container-images.md index 3821cd8c..dcc36973 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -92,6 +92,8 @@ These services are not part of our default installation, but can be enabled by [ - [anoa/matrix-reminder-bot](https://hub.docker.com/r/anoa/matrix-reminder-bot) - the [matrix-reminder-bot](https://github.com/anoadragon453/matrix-reminder-bot) bot for one-off & recurring reminders and alarms (optional) +- [moanos/matrix-registration-bot/](https://hub.docker.com/r/moanos/matrix-registration-bot/) - the [matrix-registration-bot](https://github.com/moan0s/matrix-registration-bot) bot (manage registration tokens for invitations to the server) (optional) + - [dock.mau.dev/maubot/maubot](https://mau.dev/maubot/maubot/container_registry) - the [maubot](https://github.com/maubot/maubot) bot (a plugin-based Matrix bot system) (optional) - [etke.cc/honoroit](https://gitlab.com/etke.cc/honoroit/container_registry) - the [honoroit](https://gitlab.com/etke.cc/honoroit) helpdesk bot (optional) From 89bd25995a235ab30a1896e47b69c714b673c3b5 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 20 Jul 2022 16:06:01 +0300 Subject: [PATCH 072/562] Upgrade Synapse (v1.63.0 -> v1.63.1) --- roles/matrix-synapse/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index faf9b3ef..e6138bba 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -9,7 +9,7 @@ matrix_synapse_container_image_self_build_repo: "https://github.com/matrix-org/s matrix_synapse_docker_image: "{{ matrix_synapse_docker_image_name_prefix }}matrixdotorg/synapse:{{ matrix_synapse_docker_image_tag }}" matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_container_image_self_build else matrix_container_global_registry_prefix }}" -matrix_synapse_version: v1.63.0 +matrix_synapse_version: v1.63.1 matrix_synapse_docker_image_tag: "{{ matrix_synapse_version }}" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" From 592c88b021fa0f6ff14040808608dfd9676713b6 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Wed, 20 Jul 2022 16:52:03 +0000 Subject: [PATCH 073/562] Update Grafana 9.0.3 -> 9.0.4 --- roles/matrix-grafana/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index 3765a0e4..a1cd3273 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -5,7 +5,7 @@ matrix_grafana_enabled: false -matrix_grafana_version: 9.0.3 +matrix_grafana_version: 9.0.4 matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}" matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}" From db604f81ec38caeff0822d11982cf19b661d66c6 Mon Sep 17 00:00:00 2001 From: Simone Date: Wed, 20 Jul 2022 19:21:23 +0200 Subject: [PATCH 074/562] Upgrade heisenbridge 1.13.0 1.13.1 --- roles/matrix-bridge-heisenbridge/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-heisenbridge/defaults/main.yml b/roles/matrix-bridge-heisenbridge/defaults/main.yml index 68c5d75b..da74ed21 100644 --- a/roles/matrix-bridge-heisenbridge/defaults/main.yml +++ b/roles/matrix-bridge-heisenbridge/defaults/main.yml @@ -4,7 +4,7 @@ matrix_heisenbridge_enabled: true -matrix_heisenbridge_version: 1.13.0 +matrix_heisenbridge_version: 1.13.1 matrix_heisenbridge_docker_image: "{{ matrix_container_global_registry_prefix }}hif1/heisenbridge:{{ matrix_heisenbridge_version }}" matrix_heisenbridge_docker_image_force_pull: "{{ matrix_heisenbridge_docker_image.endswith(':latest') }}" From 9e87f9d885d72e7ff95d98eb70379f1d45cd8538 Mon Sep 17 00:00:00 2001 From: Matt Holt Date: Wed, 20 Jul 2022 12:10:34 -0600 Subject: [PATCH 075/562] Update configuring-well-known.md --- docs/configuring-well-known.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-well-known.md b/docs/configuring-well-known.md index d4a8dc7e..81caf04c 100644 --- a/docs/configuring-well-known.md +++ b/docs/configuring-well-known.md @@ -79,7 +79,7 @@ If you're managing the base domain by yourself somehow, you'll need to set up se To make things easy for you to set up, this playbook generates and hosts 2 well-known files on the Matrix domain's server. The files are generated at `/matrix/static-files/.well-known/matrix/` and hosted at `https://matrix.example.com/.well-known/matrix/server` and `https://matrix.example.com/.well-known/matrix/client`, even though this is the wrong place to host them. -You have 4 options when it comes to installing the files on the base domain's server: +You have 3 options when it comes to installing the files on the base domain's server: ### (Option 1): **Copying the files manually** to your base domain's server From ca5d7df16129edf18a502b08c0b335df126262fe Mon Sep 17 00:00:00 2001 From: Aaron Raimist Date: Thu, 21 Jul 2022 03:12:42 +0000 Subject: [PATCH 076/562] Allow new Hydrogen options from #1940 to be customized --- roles/matrix-client-hydrogen/defaults/main.yml | 7 +++++++ roles/matrix-client-hydrogen/templates/config.json.j2 | 10 +++------- 2 files changed, 10 insertions(+), 7 deletions(-) diff --git a/roles/matrix-client-hydrogen/defaults/main.yml b/roles/matrix-client-hydrogen/defaults/main.yml index 1baccdd3..6bb56384 100644 --- a/roles/matrix-client-hydrogen/defaults/main.yml +++ b/roles/matrix-client-hydrogen/defaults/main.yml @@ -31,7 +31,14 @@ matrix_client_hydrogen_systemd_required_services_list: ['docker.service'] matrix_client_hydrogen_self_check_validate_certificates: true # config.json +matrix_client_hydrogen_push: { + "appId": "io.element.hydrogen.web", + "gatewayUrl": "https://matrix.org", + "applicationServerKey": "BC-gpSdVHEXhvHSHS0AzzWrQoukv2BE7KzpoPO_FfPacqOo3l1pdqz7rSgmB04pZCWaHPz7XRe6fjLaC-WPDopM" +} matrix_client_hydrogen_default_hs_url: "" +matrix_client_hydrogen_bugReportEndpointUrl: "https://element.io/bugreports/submit" + # Default Hydrogen configuration template which covers the generic use case. # You can customize it by controlling the various variables inside it. diff --git a/roles/matrix-client-hydrogen/templates/config.json.j2 b/roles/matrix-client-hydrogen/templates/config.json.j2 index 0c4331b6..161ee47b 100644 --- a/roles/matrix-client-hydrogen/templates/config.json.j2 +++ b/roles/matrix-client-hydrogen/templates/config.json.j2 @@ -1,11 +1,7 @@ { - "push": { - "appId": "io.element.hydrogen.web", - "gatewayUrl": "https://matrix.org", - "applicationServerKey": "BC-gpSdVHEXhvHSHS0AzzWrQoukv2BE7KzpoPO_FfPacqOo3l1pdqz7rSgmB04pZCWaHPz7XRe6fjLaC-WPDopM" - }, - "defaultHomeServer": {{ matrix_client_hydrogen_default_hs_url | string|to_json }}, - "bugReportEndpointUrl": "https://element.io/bugreports/submit", + "push": {{ matrix_client_hydrogen_push | to_json }}, + "defaultHomeServer": {{ matrix_client_hydrogen_default_hs_url | string | to_json }}, + "bugReportEndpointUrl": {{ matrix_client_hydrogen_bugReportEndpointUrl | to_json }}, "themeManifests": [ "assets/theme-Element.json" ], From 0e77d2c2f596cc4508a2faedf8e4b5ea0372f394 Mon Sep 17 00:00:00 2001 From: Aaron Raimist Date: Thu, 21 Jul 2022 03:15:35 +0000 Subject: [PATCH 077/562] lint --- roles/matrix-client-hydrogen/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-hydrogen/defaults/main.yml b/roles/matrix-client-hydrogen/defaults/main.yml index 6bb56384..649d49bb 100644 --- a/roles/matrix-client-hydrogen/defaults/main.yml +++ b/roles/matrix-client-hydrogen/defaults/main.yml @@ -37,7 +37,7 @@ matrix_client_hydrogen_push: { "applicationServerKey": "BC-gpSdVHEXhvHSHS0AzzWrQoukv2BE7KzpoPO_FfPacqOo3l1pdqz7rSgmB04pZCWaHPz7XRe6fjLaC-WPDopM" } matrix_client_hydrogen_default_hs_url: "" -matrix_client_hydrogen_bugReportEndpointUrl: "https://element.io/bugreports/submit" +matrix_client_hydrogen_bugReportEndpointUrl: "https://element.io/bugreports/submit" # noqa var-naming # Default Hydrogen configuration template which covers the generic use case. From b8d3453e32fe6f700755e1464a785cda176be798 Mon Sep 17 00:00:00 2001 From: Aaron Raimist Date: Thu, 21 Jul 2022 03:17:34 +0000 Subject: [PATCH 078/562] lint --- roles/matrix-client-hydrogen/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-hydrogen/defaults/main.yml b/roles/matrix-client-hydrogen/defaults/main.yml index 649d49bb..f7f2f92c 100644 --- a/roles/matrix-client-hydrogen/defaults/main.yml +++ b/roles/matrix-client-hydrogen/defaults/main.yml @@ -37,7 +37,7 @@ matrix_client_hydrogen_push: { "applicationServerKey": "BC-gpSdVHEXhvHSHS0AzzWrQoukv2BE7KzpoPO_FfPacqOo3l1pdqz7rSgmB04pZCWaHPz7XRe6fjLaC-WPDopM" } matrix_client_hydrogen_default_hs_url: "" -matrix_client_hydrogen_bugReportEndpointUrl: "https://element.io/bugreports/submit" # noqa var-naming +matrix_client_hydrogen_bugReportEndpointUrl: "https://element.io/bugreports/submit" # noqa var-naming # Default Hydrogen configuration template which covers the generic use case. From 4155ed2518d781f18f2e3ecaf6f1f4b4b3d5b609 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 21 Jul 2022 11:23:57 +0300 Subject: [PATCH 079/562] Leave docker_image module calls unprefixed to increase compatibility Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1965 --- roles/matrix-bot-maubot/tasks/setup_install.yml | 4 ++-- roles/matrix-bot-maubot/tasks/setup_uninstall.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/matrix-bot-maubot/tasks/setup_install.yml b/roles/matrix-bot-maubot/tasks/setup_install.yml index 50e48254..185a2988 100644 --- a/roles/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/matrix-bot-maubot/tasks/setup_install.yml @@ -26,7 +26,7 @@ mode: "u=rwx" - name: Ensure maubot image is pulled - community.docker.docker_image: + docker_image: name: "{{ matrix_bot_maubot_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_bot_maubot_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -49,7 +49,7 @@ when: "matrix_bot_maubot_container_image_self_build|bool" - name: Ensure maubot image is built - community.docker.docker_image: + docker_image: name: "{{ matrix_bot_maubot_docker_image }}" source: build force_source: "{{ matrix_bot_maubot_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bot-maubot/tasks/setup_uninstall.yml b/roles/matrix-bot-maubot/tasks/setup_uninstall.yml index 8812eeed..0be7089c 100644 --- a/roles/matrix-bot-maubot/tasks/setup_uninstall.yml +++ b/roles/matrix-bot-maubot/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure maubot Docker image doesn't exist - community.docker.docker_image: + docker_image: name: "{{ matrix_bot_maubot_docker_image }}" state: absent From db94653b425ee8418b0cabb3ff5ea925ad443a33 Mon Sep 17 00:00:00 2001 From: kleo Date: Thu, 21 Jul 2022 21:56:52 +0800 Subject: [PATCH 080/562] Borg backup provide ssh key example format --- docs/configuring-playbook-backup-borg.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/docs/configuring-playbook-backup-borg.md b/docs/configuring-playbook-backup-borg.md index 44c970af..3371a312 100644 --- a/docs/configuring-playbook-backup-borg.md +++ b/docs/configuring-playbook-backup-borg.md @@ -43,7 +43,13 @@ matrix_backup_borg_location_repositories: - USER@HOST:REPO matrix_backup_borg_storage_encryption_passphrase: "PASSPHRASE" matrix_backup_borg_ssh_key_private: | - PRIVATE KEY + -----BEGIN OPENSSH PRIVATE KEY----- + TG9yZW0gaXBzdW0gZG9sb3Igc2l0IGFtZXQsIGNvbnNlY3RldHVyIGFkaXBpc2NpbmcgZW + xpdCwgc2VkIGRvIGVpdXNtb2QgdGVtcG9yIGluY2lkaWR1bnQgdXQgbGFib3JlIGV0IGRv + bG9yZSBtYWduYSBhbGlxdWEuIFV0IGVuaW0gYWQgbWluaW0gdmVuaWFtLCBxdWlzIG5vc3 + RydWQgZXhlcmNpdGF0aW9uIHVsbGFtY28gbGFib3JpcyBuaXNpIHV0IGFsaXF1aXAgZXgg + ZWEgY29tbW9kbyBjb25zZXF1YXQuIA== + -----END OPENSSH PRIVATE KEY----- ``` where: From 57e8769c5ea735ba5feab3671e809610fb09a266 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 21 Jul 2022 17:07:06 +0300 Subject: [PATCH 081/562] Add hint about matrix_backup_borg_ssh_key_private indentation --- docs/configuring-playbook-backup-borg.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-backup-borg.md b/docs/configuring-playbook-backup-borg.md index 3371a312..41ca0156 100644 --- a/docs/configuring-playbook-backup-borg.md +++ b/docs/configuring-playbook-backup-borg.md @@ -58,7 +58,7 @@ where: * HOST - SSH host of a provider/server * REPO - borg repository name, it will be initialized on backup start, eg: `matrix` * PASSPHRASE - passphrase used for encrypting backups, you may generate it with `pwgen -s 64 1` or use any password manager -* PRIVATE KEY - the content of the **private** part of the SSH key you created before +* PRIVATE KEY - the content of the **private** part of the SSH key you created before. The whole key (all of its belonging lines) under `matrix_backup_borg_ssh_key_private` needs to be indented with 2 spaces To backup without encryption, add `matrix_backup_borg_encryption: 'none'` to your vars. This will also enable the `matrix_backup_borg_unknown_unencrypted_repo_access_is_ok` variable. From e05abfb9d1b52ed4a97354e64b68a0082ae76898 Mon Sep 17 00:00:00 2001 From: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com> Date: Thu, 21 Jul 2022 15:20:47 +0100 Subject: [PATCH 082/562] Fix link to maubot docs in README --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 8b19ef54..1df5801c 100644 --- a/README.md +++ b/README.md @@ -105,7 +105,7 @@ Using this playbook, you can get the following services configured on your serve - (optional) [matrix-registration-bot](https://github.com/moan0s/matrix-registration-bot) for invitations by creating and managing registration tokens - see [docs/configuring-playbook-bot-matrix-registration-bot.md](docs/configuring-playbook-bot-matrix-registration-bot.md) for setup documentation -- (optional) [matrix-maubot](https://github.com/maubot/maubot) a plugin-based Matrix bot system - see [docs/configuring-playbook-bot-matrix-maubot.md](docs/configuring-playbook-bot-matrix-maubot.md) for setup documentation +- (optional) [matrix-maubot](https://github.com/maubot/maubot) a plugin-based Matrix bot system - see [docs/configuring-playbook-bot-maubot.md](docs/configuring-playbook-bot-maubot.md) for setup documentation - (optional) [honoroit](https://gitlab.com/etke.cc/honoroit) helpdesk bot - see [docs/configuring-playbook-bot-honoroit.md](docs/configuring-playbook-bot-honoroit.md) for setup documentation From d81a186f49e5d1976aa672e6e01dddd2afecb728 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 21 Jul 2022 17:26:48 +0300 Subject: [PATCH 083/562] matrix-maubot -> maubot --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 1df5801c..47f67f4e 100644 --- a/README.md +++ b/README.md @@ -105,7 +105,7 @@ Using this playbook, you can get the following services configured on your serve - (optional) [matrix-registration-bot](https://github.com/moan0s/matrix-registration-bot) for invitations by creating and managing registration tokens - see [docs/configuring-playbook-bot-matrix-registration-bot.md](docs/configuring-playbook-bot-matrix-registration-bot.md) for setup documentation -- (optional) [matrix-maubot](https://github.com/maubot/maubot) a plugin-based Matrix bot system - see [docs/configuring-playbook-bot-maubot.md](docs/configuring-playbook-bot-maubot.md) for setup documentation +- (optional) [maubot](https://github.com/maubot/maubot) a plugin-based Matrix bot system - see [docs/configuring-playbook-bot-maubot.md](docs/configuring-playbook-bot-maubot.md) for setup documentation - (optional) [honoroit](https://gitlab.com/etke.cc/honoroit) helpdesk bot - see [docs/configuring-playbook-bot-honoroit.md](docs/configuring-playbook-bot-honoroit.md) for setup documentation From 14296db9ef3582b3d0eece7f1ced9835c0a2b90f Mon Sep 17 00:00:00 2001 From: Aaron Raimist Date: Thu, 21 Jul 2022 15:24:08 +0000 Subject: [PATCH 084/562] Update roles/matrix-client-hydrogen/defaults/main.yml Co-authored-by: Slavi Pantaleev --- roles/matrix-client-hydrogen/defaults/main.yml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/roles/matrix-client-hydrogen/defaults/main.yml b/roles/matrix-client-hydrogen/defaults/main.yml index f7f2f92c..6d7fb5cf 100644 --- a/roles/matrix-client-hydrogen/defaults/main.yml +++ b/roles/matrix-client-hydrogen/defaults/main.yml @@ -31,11 +31,10 @@ matrix_client_hydrogen_systemd_required_services_list: ['docker.service'] matrix_client_hydrogen_self_check_validate_certificates: true # config.json -matrix_client_hydrogen_push: { - "appId": "io.element.hydrogen.web", - "gatewayUrl": "https://matrix.org", - "applicationServerKey": "BC-gpSdVHEXhvHSHS0AzzWrQoukv2BE7KzpoPO_FfPacqOo3l1pdqz7rSgmB04pZCWaHPz7XRe6fjLaC-WPDopM" -} +matrix_client_hydrogen_push: + appId: io.element.hydrogen.web + gatewayUrl: https://matrix.org + applicationServerKey: "BC-gpSdVHEXhvHSHS0AzzWrQoukv2BE7KzpoPO_FfPacqOo3l1pdqz7rSgmB04pZCWaHPz7XRe6fjLaC-WPDopM" matrix_client_hydrogen_default_hs_url: "" matrix_client_hydrogen_bugReportEndpointUrl: "https://element.io/bugreports/submit" # noqa var-naming From 75961359fb42909e66982950dcb55bce201bbf61 Mon Sep 17 00:00:00 2001 From: Maxdeso Date: Thu, 21 Jul 2022 20:54:56 +0300 Subject: [PATCH 085/562] dendrite_recaptcha_siteverify_api --- roles/matrix-dendrite/defaults/main.yml | 1 + roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml index dd6d351e..f3987af9 100644 --- a/roles/matrix-dendrite/defaults/main.yml +++ b/roles/matrix-dendrite/defaults/main.yml @@ -89,6 +89,7 @@ matrix_dendrite_registration_disabled: false matrix_dendrite_enable_registration_captcha: false matrix_dendrite_recaptcha_public_key: "" matrix_dendrite_recaptcha_private_key: "" +matrix_dendrite_recaptcha_siteverify_api: "https://www.google.com/recaptcha/api/siteverify" # A list of additional "volumes" to mount in the container. # This list gets populated dynamically based on Dendrite extensions that have been enabled. diff --git a/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 b/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 index 29f5c55f..62f8caba 100644 --- a/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 +++ b/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 @@ -174,7 +174,7 @@ client_api: recaptcha_public_key: {{ matrix_dendrite_recaptcha_public_key|to_json }} recaptcha_private_key: {{ matrix_dendrite_recaptcha_private_key|to_json }} recaptcha_bypass_secret: "" - recaptcha_siteverify_api: "" + recaptcha_siteverify_api: {{ matrix_dendrite_recaptcha_siteverify_api|to_json }} # TURN server information that this homeserver should send to clients. turn: From 8621ff1379583d5154499f39d1e642f76d5d1d8d Mon Sep 17 00:00:00 2001 From: MdotAmaan Date: Fri, 22 Jul 2022 18:55:44 +0400 Subject: [PATCH 086/562] Add Mautrix Discord Bridge --- ...iguring-playbook-bridge-mautrix-discord.md | 43 ++++ docs/configuring-playbook.md | 2 + group_vars/matrix_servers | 44 ++++ .../defaults/main.yml | 136 +++++++++++ .../tasks/init.yml | 21 ++ .../tasks/main.yml | 22 ++ .../tasks/setup_install.yml | 149 ++++++++++++ .../tasks/setup_uninstall.yml | 25 ++ .../tasks/validate_config.yml | 20 ++ .../templates/config.yaml.j2 | 225 ++++++++++++++++++ .../systemd/matrix-mautrix-discord.service.j2 | 43 ++++ setup.yml | 1 + 12 files changed, 731 insertions(+) create mode 100644 docs/configuring-playbook-bridge-mautrix-discord.md create mode 100644 roles/matrix-bridge-mautrix-discord/defaults/main.yml create mode 100644 roles/matrix-bridge-mautrix-discord/tasks/init.yml create mode 100644 roles/matrix-bridge-mautrix-discord/tasks/main.yml create mode 100644 roles/matrix-bridge-mautrix-discord/tasks/setup_install.yml create mode 100644 roles/matrix-bridge-mautrix-discord/tasks/setup_uninstall.yml create mode 100644 roles/matrix-bridge-mautrix-discord/tasks/validate_config.yml create mode 100644 roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 create mode 100644 roles/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 diff --git a/docs/configuring-playbook-bridge-mautrix-discord.md b/docs/configuring-playbook-bridge-mautrix-discord.md new file mode 100644 index 00000000..73c762a8 --- /dev/null +++ b/docs/configuring-playbook-bridge-mautrix-discord.md @@ -0,0 +1,43 @@ +# Setting up Mautrix Discord (optional) + +The playbook can install and configure [mautrix-discord](https://github.com/mautrix/discord) for you. + +See the project's [documentation](https://docs.mau.fi/bridges/go/discord/index.html) to learn what it does and why it might be useful to you. + +Use the following playbook configuration: + +```yaml +matrix_mautrix_discord_enabled: true +``` + +## Set up Double Puppeting + +If you'd like to use [Double Puppeting](https://docs.mau.fi/bridges/general/double-puppeting.html) (hint: you most likely do), you have 2 ways of going about it. + +### Method 1: automatically, by enabling Shared Secret Auth + +The bridge will automatically perform Double Puppeting if you enable [Shared Secret Auth](configuring-playbook-shared-secret-auth.md) for this playbook. + +This is the recommended way of setting up Double Puppeting, as it's easier to accomplish, works for all your users automatically, and has less of a chance of breaking in the future. + +### Method 2: manually, by asking each user to provide a working access token + +**Note**: This method for enabling Double Puppeting can be configured only after you've already set up bridging (see [Usage](#usage)). + +When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps: + +- retrieve a Matrix access token for yourself. You can use the following command: + +``` +curl \ +--data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME" }, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Discord", "initial_device_display_name": "Mautrix-Discord"}' \ +https://matrix.DOMAIN/_matrix/client/r0/login +``` + +- send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE` + +- make sure you don't log out the `Mautrix-Discord` device some time in the future, as that would break the Double Puppeting feature + +## Usage + +You then need to start a chat with `@discordbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 88f81607..1e171901 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -92,6 +92,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins ### Bridging other networks +- [Setting up Mautrix Discord bridging](configuring-playbook-bridge-mautrix-discord.md) (optional) + - [Setting up Mautrix Telegram bridging](configuring-playbook-bridge-mautrix-telegram.md) (optional) - [Setting up Mautrix Whatsapp bridging](configuring-playbook-bridge-mautrix-whatsapp.md) (optional) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index ea17edb4..1d52c3ad 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -624,6 +624,44 @@ matrix_mautrix_whatsapp_database_password: "{{ '%s' | format(matrix_homeserver_g # ###################################################################### +###################################################################### +# +# matrix-bridge-mautrix-discord +# +###################################################################### + +# We don't enable bridges by default. +matrix_mautrix_discord_enabled: false + +matrix_mautrix_discord_container_image_self_build: "{{ matrix_architecture not in ['arm64', 'amd64'] }}" + +matrix_mautrix_discord_systemd_required_services_list: | + {{ + ['docker.service'] + + + ['matrix-' + matrix_homeserver_implementation + '.service'] + + + (['matrix-postgres.service'] if matrix_postgres_enabled else []) + + + (['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else []) + }} + +matrix_mautrix_discord_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'maudiscord.as.token') | to_uuid }}" + +matrix_mautrix_discord_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'maudiscord.hs.token') | to_uuid }}" + +matrix_mautrix_discord_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}" + +# Postgres is the default, except if not using `matrix_postgres` (internal postgres) +matrix_mautrix_discord_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" +matrix_mautrix_discord_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'maudiscord.db') | to_uuid }}" + +###################################################################### +# +# /matrix-bridge-mautrix-discord +# +###################################################################### + ###################################################################### # # matrix-sms-bridge @@ -1871,6 +1909,12 @@ matrix_postgres_additional_databases: | 'password': matrix_mautrix_whatsapp_database_password, }] if (matrix_mautrix_whatsapp_enabled and matrix_mautrix_whatsapp_database_engine == 'postgres' and matrix_mautrix_whatsapp_database_hostname == 'matrix-postgres') else []) + + ([{ + 'name': matrix_mautrix_discord_database_name, + 'username': matrix_mautrix_discord_database_username, + 'password': matrix_mautrix_discord_database_password, + }] if (matrix_mautrix_discord_enabled and matrix_mautrix_discord_database_engine == 'postgres' and matrix_mautrix_discord_database_hostname == 'matrix-postgres') else []) + + ([{ 'name': matrix_mx_puppet_slack_database_name, 'username': matrix_mx_puppet_slack_database_username, diff --git a/roles/matrix-bridge-mautrix-discord/defaults/main.yml b/roles/matrix-bridge-mautrix-discord/defaults/main.yml new file mode 100644 index 00000000..a1ff83cd --- /dev/null +++ b/roles/matrix-bridge-mautrix-discord/defaults/main.yml @@ -0,0 +1,136 @@ +--- +# mautrix-discord is a Matrix <-> Discord bridge +# Project source code URL: https://github.com/mautrix/discord + +matrix_mautrix_discord_enabled: true + +matrix_mautrix_discord_container_image_self_build: false +matrix_mautrix_discord_container_image_self_build_repo: "https://mau.dev/mautrix/discord.git" +matrix_mautrix_discord_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_discord_version == 'latest' else matrix_mautrix_discord_version }}" + +matrix_mautrix_discord_version: latest +# See: https://mau.dev/mautrix/discord/container_registry +matrix_mautrix_discord_docker_image: "{{ matrix_mautrix_discord_docker_image_name_prefix }}mautrix/discord:{{ matrix_mautrix_discord_version }}" +matrix_mautrix_discord_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_discord_container_image_self_build else 'dock.mau.dev/' }}" +matrix_mautrix_discord_docker_image_force_pull: "{{ matrix_mautrix_discord_docker_image.endswith(':latest') }}" + +matrix_mautrix_discord_base_path: "{{ matrix_base_data_path }}/mautrix-discord" +matrix_mautrix_discord_config_path: "{{ matrix_mautrix_discord_base_path }}/config" +matrix_mautrix_discord_data_path: "{{ matrix_mautrix_discord_base_path }}/data" +matrix_mautrix_discord_docker_src_files_path: "{{ matrix_mautrix_discord_base_path }}/docker-src" + +matrix_mautrix_discord_homeserver_address: "{{ matrix_homeserver_container_url }}" +matrix_mautrix_discord_homeserver_domain: "{{ matrix_domain }}" +matrix_mautrix_discord_appservice_address: "http://matrix-mautrix-discord:8080" + +matrix_mautrix_discord_command_prefix: "!discord" + +# A list of extra arguments to pass to the container +matrix_mautrix_discord_container_extra_arguments: [] + +# List of systemd services that matrix-mautrix-discord.service depends on. +matrix_mautrix_discord_systemd_required_services_list: ['docker.service'] + +# List of systemd services that matrix-mautrix-discord.service wants +matrix_mautrix_discord_systemd_wanted_services_list: [] + +matrix_mautrix_discord_appservice_token: '' +matrix_mautrix_discord_homeserver_token: '' + +matrix_mautrix_discord_appservice_bot_username: discordbot + +# Minimum severity of journal log messages. +# Options: debug, info, warn, error, fatal +matrix_mautrix_discord_logging_level: 'warn' + +# Whether or not created rooms should have federation enabled. +# If false, created portal rooms will never be federated. +matrix_mautrix_discord_federate_rooms: true + +# Database-related configuration fields. +# +# To use SQLite, stick to these defaults. +# +# To use Postgres: +# - change the engine (`matrix_mautrix_discord_database_engine: 'postgres'`) +# - adjust your database credentials via the `matrix_mautrix_discord_database_*` variables +matrix_mautrix_discord_database_engine: 'sqlite' + +matrix_mautrix_discord_sqlite_database_path_local: "{{ matrix_mautrix_discord_data_path }}/mautrix-discord.db" +matrix_mautrix_discord_sqlite_database_path_in_container: "/data/mautrix-discord.db" + +matrix_mautrix_discord_database_username: 'matrix_mautrix_discord' +matrix_mautrix_discord_database_password: 'some-password' +matrix_mautrix_discord_database_hostname: 'matrix-postgres' +matrix_mautrix_discord_database_port: 5432 +matrix_mautrix_discord_database_name: 'matrix_mautrix_discord' + +matrix_mautrix_discord_database_connection_string: 'postgresql://{{ matrix_mautrix_discord_database_username }}:{{ matrix_mautrix_discord_database_password }}@{{ matrix_mautrix_discord_database_hostname }}:{{ matrix_mautrix_discord_database_port }}/{{ matrix_mautrix_discord_database_name }}?sslmode=disable' + +matrix_mautrix_discord_appservice_database_type: "{{ + { + 'sqlite': 'sqlite3', + 'postgres':'postgres', + }[matrix_mautrix_discord_database_engine] +}}" + +matrix_mautrix_discord_appservice_database_uri: "{{ + { + 'sqlite': matrix_mautrix_discord_sqlite_database_path_in_container, + 'postgres': matrix_mautrix_discord_database_connection_string, + }[matrix_mautrix_discord_database_engine] +}}" + +# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth). +matrix_mautrix_discord_login_shared_secret: '' +matrix_mautrix_discord_bridge_login_shared_secret_map: + "{{ {matrix_mautrix_discord_homeserver_domain: matrix_mautrix_discord_login_shared_secret} if matrix_mautrix_discord_login_shared_secret else {} }}" + +# Servers to always allow double puppeting from +matrix_mautrix_discord_bridge_double_puppet_server_map: + "{{ matrix_mautrix_discord_homeserver_domain : matrix_mautrix_discord_homeserver_address }}" + +# Default mautrix-discord configuration template which covers the generic use case. +# You can customize it by controlling the various variables inside it. +# +# For a more advanced customization, you can extend the default (see `matrix_mautrix_discord_configuration_extension_yaml`) +# or completely replace this variable with your own template. +matrix_mautrix_discord_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}" + +matrix_mautrix_discord_configuration_extension_yaml: | + # Your custom YAML configuration goes here. + # This configuration extends the default starting configuration (`matrix_mautrix_discord_configuration_yaml`). + # + # You can override individual variables from the default configuration, or introduce new ones. + # + # If you need something more special, you can take full control by + # completely redefining `matrix_mautrix_discord_configuration_yaml`. + +matrix_mautrix_discord_configuration_extension: "{{ matrix_mautrix_discord_configuration_extension_yaml | from_yaml if matrix_mautrix_discord_configuration_extension_yaml | from_yaml is mapping else {} }}" + +# Holds the final configuration (a combination of the default and its extension). +# You most likely don't need to touch this variable. Instead, see `matrix_mautrix_discord_configuration_yaml`. +matrix_mautrix_discord_configuration: "{{ matrix_mautrix_discord_configuration_yaml | from_yaml | combine(matrix_mautrix_discord_configuration_extension, recursive=True) }}" + +matrix_mautrix_discord_registration_yaml: | + id: discord + url: {{ matrix_mautrix_discord_appservice_address }} + as_token: "{{ matrix_mautrix_discord_appservice_token }}" + hs_token: "{{ matrix_mautrix_discord_homeserver_token }}" + # See https://github.com/mautrix/signal/issues/43 + sender_localpart: _bot_{{ matrix_mautrix_discord_appservice_bot_username }} + rate_limited: false + namespaces: + users: + - regex: '^@discord_[0-9]+:{{ matrix_mautrix_discord_homeserver_domain | regex_escape }}$' + exclusive: true + - exclusive: true + regex: '^@{{ matrix_mautrix_discord_appservice_bot_username | regex_escape }}:{{ matrix_mautrix_discord_homeserver_domain | regex_escape }}$' + de.sorunome.msc2409.push_ephemeral: true + +matrix_mautrix_discord_registration: "{{ matrix_mautrix_discord_registration_yaml | from_yaml }}" + +# Enable End-to-bridge encryption +matrix_mautrix_discord_bridge_encryption_allow: false +matrix_mautrix_discord_bridge_encryption_default: "{{ matrix_mautrix_discord_bridge_encryption_allow }}" +matrix_mautrix_discord_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_discord_bridge_encryption_allow }}" diff --git a/roles/matrix-bridge-mautrix-discord/tasks/init.yml b/roles/matrix-bridge-mautrix-discord/tasks/init.yml new file mode 100644 index 00000000..30baf017 --- /dev/null +++ b/roles/matrix-bridge-mautrix-discord/tasks/init.yml @@ -0,0 +1,21 @@ +--- +- ansible.builtin.set_fact: + matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-discord.service'] }}" + when: matrix_mautrix_discord_enabled | bool + +# If the matrix-synapse role is not used, these variables may not exist. +- ansible.builtin.set_fact: + matrix_synapse_container_extra_arguments: > + {{ + matrix_synapse_container_extra_arguments | default([]) + + + ["--mount type=bind,src={{ matrix_mautrix_discord_config_path }}/registration.yaml,dst=/matrix-mautrix-discord-registration.yaml,ro"] + }} + + matrix_synapse_app_service_config_files: > + {{ + matrix_synapse_app_service_config_files | default([]) + + + ["/matrix-mautrix-discord-registration.yaml"] + }} + when: matrix_mautrix_discord_enabled | bool diff --git a/roles/matrix-bridge-mautrix-discord/tasks/main.yml b/roles/matrix-bridge-mautrix-discord/tasks/main.yml new file mode 100644 index 00000000..9eaadf68 --- /dev/null +++ b/roles/matrix-bridge-mautrix-discord/tasks/main.yml @@ -0,0 +1,22 @@ +--- +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml" + tags: + - always + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml" + when: "run_setup | bool and matrix_mautrix_discord_enabled | bool" + tags: + - setup-all + - setup-mautrix-discord + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_install.yml" + when: "run_setup and matrix_mautrix_discord_enabled" + tags: + - setup-all + - setup-mautrix-discord + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" + when: "run_setup and not matrix_mautrix_discord_enabled" + tags: + - setup-all + - setup-mautrix-discord diff --git a/roles/matrix-bridge-mautrix-discord/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-discord/tasks/setup_install.yml new file mode 100644 index 00000000..935371ef --- /dev/null +++ b/roles/matrix-bridge-mautrix-discord/tasks/setup_install.yml @@ -0,0 +1,149 @@ +--- + +# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist. +# We don't want to fail in such cases. +- name: Fail if matrix-synapse role already executed + ansible.builtin.fail: + msg: >- + The matrix-bridge-mautrix-discord role needs to execute before the matrix-synapse role. + when: "matrix_synapse_role_executed | default(False)" + +- ansible.builtin.set_fact: + matrix_mautrix_discord_requires_restart: false + +- block: + - name: Check if an SQLite database already exists + ansible.builtin.stat: + path: "{{ matrix_mautrix_discord_sqlite_database_path_local }}" + register: matrix_mautrix_discord_sqlite_database_path_local_stat_result + + - block: + - ansible.builtin.set_fact: + matrix_postgres_db_migration_request: + src: "{{ matrix_mautrix_discord_sqlite_database_path_local }}" + dst: "{{ matrix_mautrix_discord_database_connection_string }}" + caller: "{{ role_path | basename }}" + engine_variable_name: 'matrix_mautrix_discord_database_engine' + engine_old: 'sqlite' + systemd_services_to_stop: ['matrix-mautrix-discord.service'] + pgloader_options: ['--with "quote identifiers"'] + + - ansible.builtin.import_role: + name: matrix-postgres + tasks_from: migrate_db_to_postgres + + - ansible.builtin.set_fact: + matrix_mautrix_discord_requires_restart: true + when: "matrix_mautrix_discord_sqlite_database_path_local_stat_result.stat.exists | bool" + when: "matrix_mautrix_discord_database_engine == 'postgres'" + + +- name: Ensure Mautrix Discord paths exists + ansible.builtin.file: + path: "{{ item.path }}" + state: directory + mode: 0750 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + with_items: + - {path: "{{ matrix_mautrix_discord_base_path }}", when: true} + - {path: "{{ matrix_mautrix_discord_config_path }}", when: true} + - {path: "{{ matrix_mautrix_discord_data_path }}", when: true} + - {path: "{{ matrix_mautrix_discord_docker_src_files_path }}", when: "{{ matrix_mautrix_discord_container_image_self_build }}"} + when: item.when | bool + +- name: Ensure Mautrix Discord image is pulled + docker_image: + name: "{{ matrix_mautrix_discord_docker_image }}" + source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" + force_source: "{{ matrix_mautrix_discord_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_discord_docker_image_force_pull }}" + when: not matrix_mautrix_discord_container_image_self_build + register: result + retries: "{{ matrix_container_retries_count }}" + delay: "{{ matrix_container_retries_delay }}" + until: result is not failed + +- name: Ensure Mautrix discord repository is present on self-build + ansible.builtin.git: + repo: "{{ matrix_mautrix_discord_container_image_self_build_repo }}" + dest: "{{ matrix_mautrix_discord_docker_src_files_path }}" + version: "{{ matrix_mautrix_discord_container_image_self_build_branch }}" + force: "yes" + become: true + become_user: "{{ matrix_user_username }}" + register: matrix_mautrix_discord_git_pull_results + when: "matrix_mautrix_discord_container_image_self_build | bool" + +- name: Ensure Mautrix discord Docker image is built + docker_image: + name: "{{ matrix_mautrix_discord_docker_image }}" + source: build + force_source: "{{ matrix_mautrix_discord_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_discord_git_pull_results.changed }}" + build: + dockerfile: Dockerfile + path: "{{ matrix_mautrix_discord_docker_src_files_path }}" + pull: true + when: "matrix_mautrix_discord_container_image_self_build | bool" + +- name: Check if an old database file exists + ansible.builtin.stat: + path: "{{ matrix_mautrix_discord_base_path }}/mautrix-discord.db" + register: matrix_mautrix_discord_stat_database + +- name: Check if an old matrix state file exists + ansible.builtin.stat: + path: "{{ matrix_mautrix_discord_base_path }}/mx-state.json" + register: matrix_mautrix_discord_stat_mx_state + +- name: (Data relocation) Ensure matrix-mautrix-discord.service is stopped + ansible.builtin.service: + name: matrix-mautrix-discord + state: stopped + enabled: false + daemon_reload: true + failed_when: false + when: "matrix_mautrix_discord_stat_database.stat.exists" + +- name: (Data relocation) Move mautrix-discord database file to ./data directory + ansible.builtin.command: "mv {{ matrix_mautrix_discord_base_path }}/mautrix-discord.db {{ matrix_mautrix_discord_data_path }}/mautrix-discord.db" + when: "matrix_mautrix_discord_stat_database.stat.exists" + +- name: (Data relocation) Move mautrix-discord mx-state file to ./data directory + ansible.builtin.command: "mv {{ matrix_mautrix_discord_base_path }}/mx-state.json {{ matrix_mautrix_discord_data_path }}/mx-state.json" + when: "matrix_mautrix_discord_stat_mx_state.stat.exists" + +- name: Ensure mautrix-discord config.yaml installed + ansible.builtin.copy: + content: "{{ matrix_mautrix_discord_configuration | to_nice_yaml(indent=2, width=999999) }}" + dest: "{{ matrix_mautrix_discord_config_path }}/config.yaml" + mode: 0644 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + +- name: Ensure mautrix-discord registration.yaml installed + ansible.builtin.copy: + content: "{{ matrix_mautrix_discord_registration | to_nice_yaml(indent=2, width=999999) }}" + dest: "{{ matrix_mautrix_discord_config_path }}/registration.yaml" + mode: 0644 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + +- name: Ensure matrix-mautrix-discord.service installed + ansible.builtin.template: + src: "{{ role_path }}/templates/systemd/matrix-mautrix-discord.service.j2" + dest: "{{ matrix_systemd_path }}/matrix-mautrix-discord.service" + mode: 0644 + register: matrix_mautrix_discord_systemd_service_result + +- name: Ensure systemd reloaded after matrix-mautrix-discord.service installation + ansible.builtin.service: + daemon_reload: true + when: "matrix_mautrix_discord_systemd_service_result.changed" + +- name: Ensure matrix-mautrix-discord.service restarted, if necessary + ansible.builtin.service: + name: "matrix-mautrix-discord.service" + state: restarted + when: "matrix_mautrix_discord_requires_restart | bool" diff --git a/roles/matrix-bridge-mautrix-discord/tasks/setup_uninstall.yml b/roles/matrix-bridge-mautrix-discord/tasks/setup_uninstall.yml new file mode 100644 index 00000000..94fef89a --- /dev/null +++ b/roles/matrix-bridge-mautrix-discord/tasks/setup_uninstall.yml @@ -0,0 +1,25 @@ +--- + +- name: Check existence of matrix-mautrix-discord service + ansible.builtin.stat: + path: "{{ matrix_systemd_path }}/matrix-mautrix-discord.service" + register: matrix_mautrix_discord_service_stat + +- name: Ensure matrix-mautrix-discord is stopped + ansible.builtin.service: + name: matrix-mautrix-discord + state: stopped + enabled: false + daemon_reload: true + when: "matrix_mautrix_discord_service_stat.stat.exists" + +- name: Ensure matrix-mautrix-discord.service doesn't exist + ansible.builtin.file: + path: "{{ matrix_systemd_path }}/matrix-mautrix-discord.service" + state: absent + when: "matrix_mautrix_discord_service_stat.stat.exists" + +- name: Ensure systemd reloaded after matrix-mautrix-discord.service removal + ansible.builtin.service: + daemon_reload: true + when: "matrix_mautrix_discord_service_stat.stat.exists" diff --git a/roles/matrix-bridge-mautrix-discord/tasks/validate_config.yml b/roles/matrix-bridge-mautrix-discord/tasks/validate_config.yml new file mode 100644 index 00000000..ddf78524 --- /dev/null +++ b/roles/matrix-bridge-mautrix-discord/tasks/validate_config.yml @@ -0,0 +1,20 @@ +--- + +- name: Fail if required settings not defined + ansible.builtin.fail: + msg: >- + You need to define a required configuration setting (`{{ item }}`). + when: "vars[item] == ''" + with_items: + - "matrix_mautrix_discord_appservice_token" + - "matrix_mautrix_discord_homeserver_token" + + +- name: (Deprecation) Catch and report renamed settings + ansible.builtin.fail: + msg: >- + Your configuration contains a variable, which now has a different name. + Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`). + when: "item.old in vars" + with_items: + - {'old': 'matrix_mautrix_discord_log_level', 'new': 'matrix_mautrix_discord_logging_level'} diff --git a/roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 new file mode 100644 index 00000000..fb10b1ac --- /dev/null +++ b/roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 @@ -0,0 +1,225 @@ +#jinja2: lstrip_blocks: "True" +# Homeserver details. +homeserver: + # The address that this appservice can use to connect to the homeserver. + address: {{ matrix_mautrix_discord_homeserver_address }} + # The domain of the homeserver (for MXIDs, etc). + domain: {{ matrix_mautrix_discord_homeserver_domain }} + # Is the homeserver actually mautrix-asmux? + asmux: false + # The URL to push real-time bridge status to. + # If set, the bridge will make POST requests to this URL whenever a user's discord connection state changes. + # The bridge will use the appservice as_token to authorize requests. + status_endpoint: null + # Endpoint for reporting per-message status. + message_send_checkpoint_endpoint: null + # Does the homeserver support https://github.com/matrix-org/matrix-spec-proposals/pull/2246? + async_media: false + +# Application service host/registration related details. +# Changing these values requires regeneration of the registration. +appservice: + # The address that the homeserver can use to connect to this appservice. + address: {{ matrix_mautrix_discord_appservice_address }} + + # The hostname and port where this appservice should listen. + hostname: 0.0.0.0 + port: 8080 + + # Database config. + database: + # The database type. "sqlite3" and "postgres" are supported. + type: {{ matrix_mautrix_discord_appservice_database_type|to_json }} + # The database URI. + # SQLite: File name is enough. https://github.com/mattn/go-sqlite3#connection-string + # Postgres: Connection string. For example, postgres://user:password@host/database?sslmode=disable + # To connect via Unix socket, use something like postgres:///dbname?host=/var/run/postgresql + uri: {{ matrix_mautrix_discord_appservice_database_uri|to_json }} + # Maximum number of connections. Mostly relevant for Postgres. + max_open_conns: 20 + max_idle_conns: 2 + # Maximum connection idle time and lifetime before they're closed. Disabled if null. + # Parsed with https://pkg.go.dev/time#ParseDuration + max_conn_idle_time: null + max_conn_lifetime: null + + # The unique ID of this appservice. + id: discord + # Appservice bot details. + bot: + # Username of the appservice bot. + username: {{ matrix_mautrix_discord_appservice_bot_username|to_json }} + # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty + # to leave display name/avatar as-is. + displayname: Discord bridge bot + avatar: mxc://maunium.net/nIdEykemnwdisvHbpxflpDlC + # Whether or not to receive ephemeral events via appservice transactions. + # Requires MSC2409 support (i.e. Synapse 1.22+). + ephemeral_events: true + + # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify. + as_token: "{{ matrix_mautrix_discord_appservice_token }}" + hs_token: "{{ matrix_mautrix_discord_homeserver_token }}" + +# Bridge config +bridge: + # Localpart template of MXIDs for Discord users. + # {{ '{{.}}' }} is replaced with the internal ID of the Discord user. + username_template: "{{ 'discord_{{.}}' }}" + # Displayname template for Discord users. This is also used as the room name in DMs if private_chat_portal_meta is enabled. + # Available variables: + # {{ '{{.ID}}' }} - Internal user ID + # {{ '{{.Username}}' }} - User's displayname on Discord + # {{ '{{.Discriminator}}' }} - The 4 numbers after the name on Discord + # {{ '{{.Bot}}' }} - Whether the user is a bot + # {{ '{{.System}}' }} - Whether the user is an official system user + displayname_template: "{{ '{{.Username}} {{if .Bot}} (bot){{end}}' }}" + # Displayname template for Discord channels (bridged as rooms, or spaces when type=4). + # Available variables: + # {{ '{{.Name}}' }} - Channel name, or user displayname (pre-formatted with displayname_template) in DMs. + # {{ '{{.ParentName}}' }} - Parent channel name (used for categories). + # {{ '{{.GuildName}}' }} - Guild name. + # {{ '{{.NSFW}}' }} - Whether the channel is marked as NSFW. + # {{ '{{.Type}}' }} - Channel type (see values at https://github.com/bwmarrin/discordgo/blob/v0.25.0/structs.go#L251-L267) + channel_name_template: "{{ '{{if or (eq .Type 3) (eq .Type 4)}}{{.Name}}{{else}}#{{.Name}}{{end}}' }}" + # Displayname template for Discord guilds (bridged as spaces). + # Available variables: + # {{ '{{.Name}}' }} - Guild name + guild_name_template: "{{ '{{.Name}}' }}" + # Should the bridge explicitly set the avatar and room name for DM portal rooms? + # This is implicitly enabled in encrypted rooms. + private_chat_portal_meta: false + portal_message_buffer: 128 + # Number of private channel portals to create on bridge startup. + # Other portals will be created when receiving messages. + startup_private_channel_create_limit: 5 + # Should the bridge send a read receipt from the bridge bot when a message has been sent to Discord? + delivery_receipts: false + # Whether the bridge should send the message status as a custom com.beeper.message_send_status event. + message_status_events: true + # Whether the bridge should send error notices via m.notice events when a message fails to bridge. + message_error_notices: true + # Should the bridge use space-restricted join rules instead of invite-only for guild rooms? + # This can avoid unnecessary invite events in guild rooms when members are synced in. + restricted_rooms: true + # Should the bridge update the m.direct account data event when double puppeting is enabled. + # Note that updating the m.direct event is not atomic (except with mautrix-asmux) + # and is therefore prone to race conditions. + sync_direct_chat_list: false + # Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run. + # This field will automatically be changed back to false after it, except if the config file is not writable. + resend_bridge_info: false + # Should the bridge attempt to completely delete portal rooms when a channel is deleted on Discord? + # If true, the bridge will try to kick Matrix users from the room. Otherwise, the bridge only makes ghosts leave. + delete_portal_on_channel_delete: false + # Whether or not created rooms should have federation enabled. + # If false, created portal rooms will never be federated. + federate_rooms: {{ matrix_mautrix_discord_federate_rooms|to_json }} + # Servers to always allow double puppeting from + double_puppet_server_map: + "{{ matrix_mautrix_discord_homeserver_domain }}": {{ matrix_mautrix_discord_homeserver_address }} + # Allow using double puppeting from any server with a valid client .well-known file. + double_puppet_allow_discovery: false + # Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth + # + # If set, double puppeting will be enabled automatically for local users + # instead of users having to find an access token and run `login-matrix` + # manually. + login_shared_secret_map: {{ matrix_mautrix_discord_bridge_login_shared_secret_map|to_json }} + + # The prefix for commands. Only required in non-management rooms. + command_prefix: "{{ matrix_mautrix_discord_command_prefix }}" + + # Messages sent upon joining a management room. + # Markdown is supported. The defaults are listed below. + management_room_text: + # Sent when joining a room. + welcome: "Hello, I'm a Discord bridge bot." + # Sent when joining a management room and the user is already logged in. + welcome_connected: "Use `help` for help." + # Sent when joining a management room and the user is not logged in. + welcome_unconnected: "Use `help` for help or `login` to log in." + # Optional extra text sent when joining a management room. + additional_help: "" + + # End-to-bridge encryption support options. + # + # See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info. + encryption: + # Allow encryption, work in group chat rooms with e2ee enabled + allow: {{ matrix_mautrix_discord_bridge_encryption_allow|to_json }} + # Default to encryption, force-enable encryption in all portals the bridge creates + # This will cause the bridge bot to be in private chats for the encryption to work properly. + default: {{ matrix_mautrix_discord_bridge_encryption_default|to_json }} + # Require encryption, drop any unencrypted messages. + require: false + # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. + # You must use a client that supports requesting keys from other users to use this feature. + allow_key_sharing: {{ matrix_mautrix_discord_bridge_encryption_key_sharing_allow|to_json }} + # What level of device verification should be required from users? + # + # Valid levels: + # unverified - Send keys to all device in the room. + # cross-signed-untrusted - Require valid cross-signing, but trust all cross-signing keys. + # cross-signed-tofu - Require valid cross-signing, trust cross-signing keys on first use (and reject changes). + # cross-signed-verified - Require valid cross-signing, plus a valid user signature from the bridge bot. + # Note that creating user signatures from the bridge bot is not currently possible. + # verified - Require manual per-device verification + # (currently only possible by modifying the `trust` column in the `crypto_device` database table). + verification_levels: + # Minimum level for which the bridge should send keys to when bridging messages from WhatsApp to Matrix. + receive: unverified + # Minimum level that the bridge should accept for incoming Matrix messages. + send: unverified + # Minimum level that the bridge should require for accepting key requests. + share: cross-signed-tofu + # Options for Megolm room key rotation. These options allow you to + # configure the m.room.encryption event content. See: + # https://spec.matrix.org/v1.3/client-server-api/#mroomencryption for + # more information about that event. + rotation: + # Enable custom Megolm room key rotation settings. Note that these + # settings will only apply to rooms created after this option is + # set. + enable_custom: false + # The maximum number of milliseconds a session should be used + # before changing it. The Matrix spec recommends 604800000 (a week) + # as the default. + milliseconds: 604800000 + # The maximum number of messages that should be sent with a given a + # session before changing it. The Matrix spec recommends 100 as the + # default. + messages: 100 + + # Settings for provisioning API + provisioning: + # Prefix for the provisioning API paths. + prefix: /_matrix/provision + # Shared secret for authentication. If set to "generate", a random secret will be generated, + # or if set to "disable", the provisioning API will be disabled. + shared_secret: generate + + # Permissions for using the bridge. + # Permitted values: + # relay - Talk through the relaybot (if enabled), no access otherwise + # user - Access to use the bridge to chat with a Discord account. + # admin - User level and some additional administration tools + # Permitted keys: + # * - All Matrix users + # domain - All users on that homeserver + # mxid - Specific user + permissions: + "{{ matrix_mautrix_discord_homeserver_domain }}": user + {% if matrix_admin %} + "{{ matrix_admin }}": admin + {% endif %} + +logging: + directory: ./logs + file_name_format: '' + file_date_format: "2006-01-02" + file_mode: 384 + timestamp_format: Jan _2, 2006 15:04:05 + print_level: {{ matrix_mautrix_discord_logging_level }} + print_json: false + file_json: false diff --git a/roles/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 b/roles/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 new file mode 100644 index 00000000..76046b44 --- /dev/null +++ b/roles/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 @@ -0,0 +1,43 @@ +#jinja2: lstrip_blocks: "True" +[Unit] +Description=Matrix Mautrix Discord bridge +{% for service in matrix_mautrix_discord_systemd_required_services_list %} +Requires={{ service }} +After={{ service }} +{% endfor %} +{% for service in matrix_mautrix_discord_systemd_wanted_services_list %} +Wants={{ service }} +{% endfor %} +DefaultDependencies=no + +[Service] +Type=simple +Environment="HOME={{ matrix_systemd_unit_home_path }}" +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-discord 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-discord 2>/dev/null || true' + +# Intentional delay, so that the homeserver (we likely depend on) can manage to start. +ExecStartPre={{ matrix_host_command_sleep }} 5 + +ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-discord \ + --log-driver=none \ + --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ + --cap-drop=ALL \ + --network={{ matrix_docker_network }} \ + -v {{ matrix_mautrix_discord_config_path }}:/config:z \ + -v {{ matrix_mautrix_discord_data_path }}:/data:z \ + --workdir=/data \ + {% for arg in matrix_mautrix_discord_container_extra_arguments %} + {{ arg }} \ + {% endfor %} + {{ matrix_mautrix_discord_docker_image }} \ + /usr/bin/mautrix-discord -c /config/config.yaml -r /config/registration.yaml + +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-discord 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-discord 2>/dev/null || true' +Restart=always +RestartSec=30 +SyslogIdentifier=matrix-mautrix-discord + +[Install] +WantedBy=multi-user.target diff --git a/setup.yml b/setup.yml index 49612a8c..60d40346 100755 --- a/setup.yml +++ b/setup.yml @@ -27,6 +27,7 @@ - matrix-bridge-mautrix-signal - matrix-bridge-mautrix-telegram - matrix-bridge-mautrix-whatsapp + - matrix-bridge-mautrix-discord - matrix-bridge-mx-puppet-discord - matrix-bridge-mx-puppet-groupme - matrix-bridge-mx-puppet-steam From 50ae4d2422bfaa5d68dc3c83582598f8b17a9300 Mon Sep 17 00:00:00 2001 From: Onisokien Ayonoadu <55804238+ayonoaduo@users.noreply.github.com> Date: Fri, 22 Jul 2022 13:11:38 -0600 Subject: [PATCH 087/562] Minor typo update --- docs/configuring-playbook.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 88f81607..e5301df1 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -51,7 +51,7 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Serving your base domain using this playbook's nginx server](configuring-playbook-base-domain-serving.md) (optional) -- [Configure Nginx (optional, advanced)](configuring-playbook-nginx.md) (optional, advanced) +- [Configure Nginx](configuring-playbook-nginx.md) (optional, advanced) - [Using your own webserver, instead of this playbook's nginx proxy](configuring-playbook-own-webserver.md) (optional, advanced) From 53ea0ccca5c009f5701ec0d356a76c5353f7288a Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 23 Jul 2022 09:07:20 +0300 Subject: [PATCH 088/562] Fix linkedin bridge building regression Regression since 1693c4ca1d4cd3276 Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1975 --- .../tasks/setup_install.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml b/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml index 04a787b8..9df4d75b 100644 --- a/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml +++ b/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml @@ -50,12 +50,12 @@ - name: Ensure docker-requirements.txt is generated before building Beeper LinkedIn Docker Image ansible.builtin.command: cmd: | - {{ matrix_host_command_docker }} run \ - --rm \ - --entrypoint=/bin/sh \ - --mount type=bind,src={{ matrix_beeper_linkedin_docker_src_files_path }},dst=/work \ - -w /work \ - docker.io/python:3.9.6-buster \ + {{ matrix_host_command_docker }} run + --rm + --entrypoint=/bin/sh + --mount type=bind,src={{ matrix_beeper_linkedin_docker_src_files_path }},dst=/work + -w /work + docker.io/python:3.9.6-buster -c "pip install poetry && poetry export --without-hashes -E e2be -E images -E metrics | sed 's/==.*//g' > docker-requirements.txt" register: matrix_beeper_linkedin_generate_docker_requirements_result changed_when: matrix_beeper_linkedin_generate_docker_requirements_result.rc == 0 From b2f47fcfcd30523b964593b51b7ac449e12887bd Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 25 Jul 2022 15:38:55 +0300 Subject: [PATCH 089/562] Make linkedin logging level configurable --- roles/matrix-bridge-beeper-linkedin/defaults/main.yml | 3 +++ .../templates/config.yaml.j2 | 10 +++++----- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/roles/matrix-bridge-beeper-linkedin/defaults/main.yml b/roles/matrix-bridge-beeper-linkedin/defaults/main.yml index a8338093..45afd0f1 100644 --- a/roles/matrix-bridge-beeper-linkedin/defaults/main.yml +++ b/roles/matrix-bridge-beeper-linkedin/defaults/main.yml @@ -72,6 +72,9 @@ matrix_beeper_linkedin_appservice_database_uri: "{{ # Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth). matrix_beeper_linkedin_login_shared_secret: '' +# Specifies the default log level for all bridge loggers. +matrix_beeper_linkedin_logging_level: WARNING + # Default beeper-linkedin configuration template which covers the generic use case. # You can customize it by controlling the various variables inside it. # diff --git a/roles/matrix-bridge-beeper-linkedin/templates/config.yaml.j2 b/roles/matrix-bridge-beeper-linkedin/templates/config.yaml.j2 index e0729549..a91eb416 100644 --- a/roles/matrix-bridge-beeper-linkedin/templates/config.yaml.j2 +++ b/roles/matrix-bridge-beeper-linkedin/templates/config.yaml.j2 @@ -259,12 +259,12 @@ logging: formatter: colored loggers: mau: - level: WARNING + level: {{ matrix_beeper_linkedin_logging_level|to_json }} paho: - level: WARNING + level: {{ matrix_beeper_linkedin_logging_level|to_json }} aiohttp: - level: WARNING + level: {{ matrix_beeper_linkedin_logging_level|to_json }} root: - level: WARNING - handlers: [ console] + level: {{ matrix_beeper_linkedin_logging_level|to_json }} + handlers: [console] From ac72879bf5ad04ebb034feb779d8f12db784965a Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 25 Jul 2022 15:55:16 +0300 Subject: [PATCH 090/562] Make bridge permissions more easily configurable Not doing {% if matrix_admin %} checks in the YAML also fixes some issues with indentation being incorrect sometimes. This should be backward compatible, except for mautrix-signal's case where `matrix_mautrix_signal_bridge_permissions` previously existed as a string, not a dictionary. `tasks/validate_config.yml` will catch the problem an even provide a quick fix. --- .../defaults/main.yml | 6 +++++ .../templates/config.yaml.j2 | 8 ++----- .../defaults/main.yml | 22 ++++++++++++------- .../templates/config.yaml.j2 | 6 +---- .../defaults/main.yml | 6 +++++ .../templates/config.yaml.j2 | 6 +---- .../defaults/main.yml | 6 +++++ .../templates/config.yaml.j2 | 6 +---- .../defaults/main.yml | 6 +++++ .../templates/config.yaml.j2 | 6 +---- .../defaults/main.yml | 6 +++++ .../templates/config.yaml.j2 | 6 +---- .../defaults/main.yml | 12 +++++----- .../tasks/validate_config.yml | 9 ++++++++ .../templates/config.yaml.j2 | 3 +-- .../defaults/main.yml | 6 +++++ .../templates/config.yaml.j2 | 6 +---- .../defaults/main.yml | 6 +++++ .../templates/config.yaml.j2 | 6 +---- .../defaults/main.yml | 15 +++++++++---- .../templates/config.yaml.j2 | 6 +---- 21 files changed, 94 insertions(+), 65 deletions(-) diff --git a/roles/matrix-bridge-beeper-linkedin/defaults/main.yml b/roles/matrix-bridge-beeper-linkedin/defaults/main.yml index 45afd0f1..fc2cc898 100644 --- a/roles/matrix-bridge-beeper-linkedin/defaults/main.yml +++ b/roles/matrix-bridge-beeper-linkedin/defaults/main.yml @@ -29,6 +29,12 @@ matrix_beeper_linkedin_bridge_presence: true matrix_beeper_linkedin_command_prefix: "!li" +matrix_beeper_linkedin_bridge_permissions: | + {{ + {matrix_beeper_linkedin_homeserver_domain: 'user'} + | combine({matrix_admin: 'admin'} if matrix_admin else {}) + }} + # A list of extra arguments to pass to the container matrix_beeper_linkedin_container_extra_arguments: [] diff --git a/roles/matrix-bridge-beeper-linkedin/templates/config.yaml.j2 b/roles/matrix-bridge-beeper-linkedin/templates/config.yaml.j2 index a91eb416..a30f2425 100644 --- a/roles/matrix-bridge-beeper-linkedin/templates/config.yaml.j2 +++ b/roles/matrix-bridge-beeper-linkedin/templates/config.yaml.j2 @@ -56,7 +56,7 @@ appservice: # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty # to leave display name/avatar as-is. displayname: LinkedIn bridge bot - avatar: mxc://sumnerevans.com/XMtwdeUBnxYvWNFFrfeTSHqB + avatar: mxc://sumnerevans.com/XMtwdeUBnxYvWNFFrfeTSHqB # Whether or not to receive ephemeral events via appservice transactions. # Requires MSC2409 support (i.e. Synapse 1.22+). @@ -236,11 +236,7 @@ bridge: # * - All Matrix users # domain - All users on that homeserver # mxid - Specific user - permissions: - "{{ matrix_beeper_linkedin_homeserver_domain }}": user - {% if matrix_admin %} - "{{ matrix_admin }}": admin - {% endif %} + permissions: {{ matrix_beeper_linkedin_bridge_permissions|to_json }} diff --git a/roles/matrix-bridge-go-skype-bridge/defaults/main.yml b/roles/matrix-bridge-go-skype-bridge/defaults/main.yml index b05e78a5..cc456538 100644 --- a/roles/matrix-bridge-go-skype-bridge/defaults/main.yml +++ b/roles/matrix-bridge-go-skype-bridge/defaults/main.yml @@ -85,6 +85,20 @@ matrix_go_skype_bridge_bridge_login_shared_secret_map: matrix_go_skype_bridge_bridge_double_puppet_server_map: "{{ matrix_go_skype_bridge_homeserver_domain : matrix_go_skype_bridge_homeserver_address }}" +# Enable End-to-bridge encryption +matrix_go_skype_bridge_bridge_encryption_allow: false +matrix_go_skype_bridge_bridge_encryption_default: "{{ matrix_go_skype_bridge_bridge_encryption_allow }}" + +# Minimum severity of journal log messages. +# Options: debug, info, warn, error, fatal +matrix_go_skype_bridge_log_level: 'warn' + +matrix_go_skype_bridge_bridge_permissions: | + {{ + {matrix_go_skype_bridge_homeserver_domain: 'user'} + | combine({matrix_admin: 'admin'} if matrix_admin else {}) + }} + # Default go-skype-bridge configuration template which covers the generic use case. # You can customize it by controlling the various variables inside it. # @@ -124,11 +138,3 @@ matrix_go_skype_bridge_registration_yaml: | de.sorunome.msc2409.push_ephemeral: true matrix_go_skype_bridge_registration: "{{ matrix_go_skype_bridge_registration_yaml | from_yaml }}" - -# Enable End-to-bridge encryption -matrix_go_skype_bridge_bridge_encryption_allow: false -matrix_go_skype_bridge_bridge_encryption_default: "{{ matrix_go_skype_bridge_bridge_encryption_allow }}" - -# Minimum severity of journal log messages. -# Options: debug, info, warn, error, fatal -matrix_go_skype_bridge_log_level: 'warn' diff --git a/roles/matrix-bridge-go-skype-bridge/templates/config.yaml.j2 b/roles/matrix-bridge-go-skype-bridge/templates/config.yaml.j2 index 56e37f84..2a1dc6c1 100644 --- a/roles/matrix-bridge-go-skype-bridge/templates/config.yaml.j2 +++ b/roles/matrix-bridge-go-skype-bridge/templates/config.yaml.j2 @@ -197,11 +197,7 @@ bridge: # * - All Matrix users # domain - All users on that homeserver # mxid - Specific user - permissions: - "{{ matrix_go_skype_bridge_homeserver_domain }}": user - {% if matrix_admin %} - "{{ matrix_admin }}": admin - {% endif %} + permissions: {{ matrix_go_skype_bridge_bridge_permissions|to_json }} relaybot: # Whether or not relaybot support is enabled. diff --git a/roles/matrix-bridge-mautrix-facebook/defaults/main.yml b/roles/matrix-bridge-mautrix-facebook/defaults/main.yml index 51b4f357..719c86dc 100644 --- a/roles/matrix-bridge-mautrix-facebook/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-facebook/defaults/main.yml @@ -46,6 +46,12 @@ matrix_mautrix_facebook_homeserver_token: '' # If false, created portal rooms will never be federated. matrix_mautrix_facebook_federate_rooms: true +matrix_mautrix_facebook_bridge_permissions: | + {{ + {matrix_mautrix_facebook_homeserver_domain: 'user'} + | combine({matrix_admin: 'admin'} if matrix_admin else {}) + }} + # Controls whether the matrix-mautrix-facebook container exposes its HTTP port. # # Takes an ":" or "" value (e.g. "127.0.0.1:9008"), or empty string to not expose. diff --git a/roles/matrix-bridge-mautrix-facebook/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-facebook/templates/config.yaml.j2 index 4b27e66a..3318255d 100644 --- a/roles/matrix-bridge-mautrix-facebook/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-facebook/templates/config.yaml.j2 @@ -201,11 +201,7 @@ bridge: # * - All Matrix users # domain - All users on that homeserver # mxid - Specific user - permissions: - '{{ matrix_mautrix_facebook_homeserver_domain }}': user - {% if matrix_admin %} - '{{ matrix_admin }}': admin - {% endif %} + permissions: {{ matrix_mautrix_facebook_bridge_permissions|to_json }} relay: # Whether relay mode should be allowed. If allowed, `!fb set-relay` can be used to turn any diff --git a/roles/matrix-bridge-mautrix-googlechat/defaults/main.yml b/roles/matrix-bridge-mautrix-googlechat/defaults/main.yml index 85d534e5..a4b1438b 100644 --- a/roles/matrix-bridge-mautrix-googlechat/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-googlechat/defaults/main.yml @@ -48,6 +48,12 @@ matrix_mautrix_googlechat_homeserver_token: '' # If false, created portal rooms will never be federated. matrix_mautrix_googlechat_federate_rooms: true +matrix_mautrix_googlechat_bridge_permissions: | + {{ + {matrix_mautrix_googlechat_homeserver_domain: 'user'} + | combine({matrix_admin: 'admin'} if matrix_admin else {}) + }} + # Database-related configuration fields. # # To use SQLite, stick to these defaults. diff --git a/roles/matrix-bridge-mautrix-googlechat/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-googlechat/templates/config.yaml.j2 index ad86219c..a2560a9f 100644 --- a/roles/matrix-bridge-mautrix-googlechat/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-googlechat/templates/config.yaml.j2 @@ -117,11 +117,7 @@ bridge: # * - All Matrix users # domain - All users on that homeserver # mxid - Specific user - permissions: - '{{ matrix_mautrix_googlechat_homeserver_domain }}': user - {% if matrix_admin %} - '{{ matrix_admin }}': admin - {% endif %} + permissions: {{ matrix_mautrix_googlechat_bridge_permissions|to_json }} # Python logging configuration. # diff --git a/roles/matrix-bridge-mautrix-hangouts/defaults/main.yml b/roles/matrix-bridge-mautrix-hangouts/defaults/main.yml index fc467871..8b338fd7 100644 --- a/roles/matrix-bridge-mautrix-hangouts/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-hangouts/defaults/main.yml @@ -27,6 +27,12 @@ matrix_mautrix_hangouts_appservice_address: 'http://matrix-mautrix-hangouts:8080 matrix_mautrix_hangouts_command_prefix: "!HO" +matrix_mautrix_hangouts_bridge_permissions: | + {{ + {matrix_mautrix_hangouts_homeserver_domain: 'user'} + | combine({matrix_admin: 'admin'} if matrix_admin else {}) + }} + # Controls whether the matrix-mautrix-hangouts container exposes its HTTP port (tcp/8080 in the container). # # Takes an ":" or "" value (e.g. "127.0.0.1:9007"), or empty string to not expose. diff --git a/roles/matrix-bridge-mautrix-hangouts/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-hangouts/templates/config.yaml.j2 index 6dca06ff..d737f3f1 100644 --- a/roles/matrix-bridge-mautrix-hangouts/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-hangouts/templates/config.yaml.j2 @@ -114,11 +114,7 @@ bridge: # * - All Matrix users # domain - All users on that homeserver # mxid - Specific user - permissions: - '{{ matrix_mautrix_hangouts_homeserver_domain }}': user - {% if matrix_admin %} - '{{ matrix_admin }}': admin - {% endif %} + permissions: {{ matrix_mautrix_hangouts_bridge_permissions|to_json }} # Python logging configuration. # diff --git a/roles/matrix-bridge-mautrix-instagram/defaults/main.yml b/roles/matrix-bridge-mautrix-instagram/defaults/main.yml index e31f3f46..bcb6ddb1 100644 --- a/roles/matrix-bridge-mautrix-instagram/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-instagram/defaults/main.yml @@ -25,6 +25,12 @@ matrix_mautrix_instagram_appservice_address: 'http://matrix-mautrix-instagram:29 matrix_mautrix_instagram_command_prefix: "!ig" +matrix_mautrix_instagram_bridge_permissions: | + {{ + {matrix_mautrix_instagram_homeserver_domain: 'user'} + | combine({matrix_admin: 'admin'} if matrix_admin else {}) + }} + # A list of extra arguments to pass to the container matrix_mautrix_instagram_container_extra_arguments: [] diff --git a/roles/matrix-bridge-mautrix-instagram/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-instagram/templates/config.yaml.j2 index 11b1d997..039b9bfe 100644 --- a/roles/matrix-bridge-mautrix-instagram/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-instagram/templates/config.yaml.j2 @@ -185,11 +185,7 @@ bridge: # * - All Matrix users # domain - All users on that homeserver # mxid - Specific user - permissions: - "{{ matrix_mautrix_instagram_homeserver_domain }}": user - {% if matrix_admin %} - "{{ matrix_admin }}": admin - {% endif %} + permissions: {{ matrix_mautrix_instagram_bridge_permissions|to_json }} # Provisioning API part of the web server for automated portal creation and fetching information. # Used by things like mautrix-manager (https://github.com/tulir/mautrix-manager). provisioning: diff --git a/roles/matrix-bridge-mautrix-signal/defaults/main.yml b/roles/matrix-bridge-mautrix-signal/defaults/main.yml index 84ef38cd..161fa892 100644 --- a/roles/matrix-bridge-mautrix-signal/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-signal/defaults/main.yml @@ -103,12 +103,14 @@ matrix_mautrix_signal_relaybot_enabled: false # * - All Matrix users # domain - All users on that homeserver # mxid - Specific user +# +# This variable used to contain a YAML string, but now needs to contain a hashmap/dictionary. matrix_mautrix_signal_bridge_permissions: | - '*': relay - '{{ matrix_mautrix_signal_homeserver_domain }}': user - {% if matrix_admin %} - "{{ matrix_admin }}": admin - {% endif %} + {{ + {'*': 'relay'} + | combine({matrix_mautrix_signal_homeserver_domain: 'user'}) + | combine({matrix_admin: 'admin'} if matrix_admin else {}) + }} # Default configuration template which covers the generic use case. # You can customize it by controlling the various variables inside it. diff --git a/roles/matrix-bridge-mautrix-signal/tasks/validate_config.yml b/roles/matrix-bridge-mautrix-signal/tasks/validate_config.yml index 01a02c2f..ea2c1c43 100644 --- a/roles/matrix-bridge-mautrix-signal/tasks/validate_config.yml +++ b/roles/matrix-bridge-mautrix-signal/tasks/validate_config.yml @@ -11,6 +11,15 @@ - "matrix_mautrix_signal_homeserver_token" - "matrix_mautrix_signal_appservice_token" +- name: (Deprecation) Fail if matrix_mautrix_signal_bridge_permissions specified as YAML string, instead of a dictionary + ansible.builtin.fail: + msg: >- + The `matrix_mautrix_signal_bridge_permissions` variable in your configuration is specified as a YAML string. + The playbook now expects a hashmap/dictionary in this variable. + Change your configuration like this: + matrix_mautrix_signal_bridge_permissions: {{ matrix_mautrix_signal_bridge_permissions | from_yaml | to_json }} + when: "matrix_mautrix_signal_bridge_permissions is string" + - name: (Deprecation) Catch and report renamed Signal variables ansible.builtin.fail: msg: >- diff --git a/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 index f0644ee2..796a6e41 100644 --- a/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 @@ -223,8 +223,7 @@ bridge: # * - All Matrix users # domain - All users on that homeserver # mxid - Specific user - permissions: - {{ matrix_mautrix_signal_bridge_permissions|from_yaml }} + permissions: {{ matrix_mautrix_signal_bridge_permissions|to_json }} relay: # Whether or not relay mode should be allowed. If allowed, `!signal set-relay` can be used to turn any diff --git a/roles/matrix-bridge-mautrix-telegram/defaults/main.yml b/roles/matrix-bridge-mautrix-telegram/defaults/main.yml index 2ac9fe04..101889c1 100644 --- a/roles/matrix-bridge-mautrix-telegram/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-telegram/defaults/main.yml @@ -27,6 +27,12 @@ matrix_mautrix_telegram_data_path: "{{ matrix_mautrix_telegram_base_path }}/data matrix_mautrix_telegram_command_prefix: "!tg" +matrix_mautrix_telegram_bridge_permissions: | + {{ + {matrix_mautrix_telegram_homeserver_domain: 'user'} + | combine({matrix_admin: 'admin'} if matrix_admin else {}) + }} + # Get your own API keys at https://my.telegram.org/apps matrix_mautrix_telegram_api_id: '' matrix_mautrix_telegram_api_hash: '' diff --git a/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 index 19bacbde..3a7ab7f1 100644 --- a/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 @@ -289,11 +289,7 @@ bridge: # * - All Matrix users # domain - All users on that homeserver # mxid - Specific user - permissions: - '{{ matrix_mautrix_telegram_homeserver_domain }}': full - {% if matrix_admin %} - '{{ matrix_admin }}': admin - {% endif %} + permissions: {{ matrix_mautrix_telegram_bridge_permissions|to_json }} # Options related to the message relay Telegram bot. relaybot: diff --git a/roles/matrix-bridge-mautrix-twitter/defaults/main.yml b/roles/matrix-bridge-mautrix-twitter/defaults/main.yml index 512195cb..29999c45 100644 --- a/roles/matrix-bridge-mautrix-twitter/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-twitter/defaults/main.yml @@ -25,6 +25,12 @@ matrix_mautrix_twitter_appservice_address: 'http://matrix-mautrix-twitter:29327' matrix_mautrix_twitter_command_prefix: "!tw" +matrix_mautrix_twitter_bridge_permissions: | + {{ + {matrix_mautrix_twitter_homeserver_domain: 'user'} + | combine({matrix_admin: 'admin'} if matrix_admin else {}) + }} + # A list of extra arguments to pass to the container matrix_mautrix_twitter_container_extra_arguments: [] diff --git a/roles/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 index b59864f1..da823d1e 100644 --- a/roles/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 @@ -173,11 +173,7 @@ bridge: # * - All Matrix users # domain - All users on that homeserver # mxid - Specific user - permissions: - '{{ matrix_mautrix_twitter_homeserver_domain }}': user - {% if matrix_admin %} - '{{ matrix_admin }}': admin - {% endif %} + permissions: {{ matrix_mautrix_twitter_bridge_permissions|to_json }} # Python logging configuration. diff --git a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml index 7a511651..ed13bbd0 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml @@ -90,6 +90,17 @@ matrix_mautrix_whatsapp_bridge_login_shared_secret_map: matrix_mautrix_whatsapp_bridge_double_puppet_server_map: "{{ matrix_mautrix_whatsapp_homeserver_domain : matrix_mautrix_whatsapp_homeserver_address }}" +# Enable End-to-bridge encryption +matrix_mautrix_whatsapp_bridge_encryption_allow: false +matrix_mautrix_whatsapp_bridge_encryption_default: "{{ matrix_mautrix_whatsapp_bridge_encryption_allow }}" +matrix_mautrix_whatsapp_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_whatsapp_bridge_encryption_allow }}" + +matrix_mautrix_whatsapp_bridge_permissions: | + {{ + {matrix_mautrix_whatsapp_homeserver_domain: 'user'} + | combine({matrix_admin: 'admin'} if matrix_admin else {}) + }} + # Default mautrix-whatsapp configuration template which covers the generic use case. # You can customize it by controlling the various variables inside it. # @@ -130,7 +141,3 @@ matrix_mautrix_whatsapp_registration_yaml: | matrix_mautrix_whatsapp_registration: "{{ matrix_mautrix_whatsapp_registration_yaml | from_yaml }}" -# Enable End-to-bridge encryption -matrix_mautrix_whatsapp_bridge_encryption_allow: false -matrix_mautrix_whatsapp_bridge_encryption_default: "{{ matrix_mautrix_whatsapp_bridge_encryption_allow }}" -matrix_mautrix_whatsapp_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_whatsapp_bridge_encryption_allow }}" diff --git a/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 index 8e0e300b..fab8d964 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 @@ -368,11 +368,7 @@ bridge: # * - All Matrix users # domain - All users on that homeserver # mxid - Specific user - permissions: - "{{ matrix_mautrix_whatsapp_homeserver_domain }}": user - {% if matrix_admin %} - "{{ matrix_admin }}": admin - {% endif %} + permissions: {{ matrix_mautrix_whatsapp_bridge_permissions|to_json }} # Settings for relay mode relay: From 163a423f42439d5defa8863b7a3b61ed2be844c8 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 25 Jul 2022 16:01:04 +0300 Subject: [PATCH 091/562] Fix ansible-lint error --- roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml index ed13bbd0..2bc34a91 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml @@ -140,4 +140,3 @@ matrix_mautrix_whatsapp_registration_yaml: | de.sorunome.msc2409.push_ephemeral: true matrix_mautrix_whatsapp_registration: "{{ matrix_mautrix_whatsapp_registration_yaml | from_yaml }}" - From e46ba5debaf34ee6abc5e09c0e19ff5c666edc85 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 25 Jul 2022 14:34:21 +0300 Subject: [PATCH 092/562] Add matrix-appservice-kakaotalk support Adds support for: https://src.miscworks.net/fair/matrix-appservice-kakaotalk This is pretty similar to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1977 which just appeared, but has mostly been done independently. I've taken some inspiration and did some fixups based on that PR. Thanks to https://github.com/hnarjis for taking the time to contribute! Notable differences between this branch compared to that PR: - better naming and documentation around the "configuration" variables - no unnecessary (5 sec.) intentional delay when starting `matrix-appservice-kakaotalk-node.service` - stores configuration in `config/`, not in `data/` - passes configuration as read-only and starts the bridge with (`--no-update`) to ensure no changes are made to it - starts containers more securely - with `matrix:matrix` user:group (not `root`) and reduced capabilities (`--cap-drop=ALL`) - uses `tcp` for communication between the "node" and the appservice (simpler than sharing unix sockets) - `registration.yaml` which is closer to the one generated by `matrix-appservice-kakaotalk` (no `de.sorunome.msc2409.push_ephemeral` stuff, etc.) - `registration.yaml` which is more customizable (customizable bot username and prefix for puppets - see `matrix_appservice_kakaotalk_appservice_bot_username` and `matrix_appservice_kakaotalk_user_prefix`) - less fragile and more extensible bridge permissions configuration via `matrix_appservice_kakaotalk_bridge_permissions`. Doing `{% if matrix_admin %}` in the bridge configuration sometimes causes syntax problems (I hit some myself) and is not ideal. Other bridges should be redone as well. - configurable command prefix for the bridge, instead of hardcoding `!kt` (see `matrix_appservice_kakaotalk_command_prefix`) - logging that is more consistent with the rest of the playbook (console / journald only, no logging to files), as well as configurable log level (via `matrix_appservice_kakaotalk_logging_level`) - somewhat more detailed documentation (`docs/configuring-playbook-bridge-appservice-kakaotalk.md`) - removed some dead code (data relocation tasks from `tasks/setup_install.yml`, as well as likely unnecessary SQLite -> Postgres migration) --- ...ng-playbook-bridge-appservice-kakaotalk.md | 83 ++++++ docs/configuring-playbook.md | 6 +- group_vars/matrix_servers | 43 +++ .../defaults/main.yml | 196 +++++++++++++ .../tasks/init.yml | 28 ++ .../tasks/main.yml | 23 ++ .../tasks/setup_install.yml | 125 ++++++++ .../tasks/setup_uninstall.yml | 41 +++ .../tasks/validate_config.yml | 10 + .../templates/config.yaml.j2 | 276 ++++++++++++++++++ .../templates/node-config.json.j2 | 13 + ...atrix-appservice-kakaotalk-node.service.j2 | 38 +++ .../matrix-appservice-kakaotalk.service.j2 | 42 +++ setup.yml | 1 + 14 files changed, 923 insertions(+), 2 deletions(-) create mode 100644 docs/configuring-playbook-bridge-appservice-kakaotalk.md create mode 100644 roles/matrix-bridge-appservice-kakaotalk/defaults/main.yml create mode 100644 roles/matrix-bridge-appservice-kakaotalk/tasks/init.yml create mode 100644 roles/matrix-bridge-appservice-kakaotalk/tasks/main.yml create mode 100644 roles/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml create mode 100644 roles/matrix-bridge-appservice-kakaotalk/tasks/setup_uninstall.yml create mode 100644 roles/matrix-bridge-appservice-kakaotalk/tasks/validate_config.yml create mode 100644 roles/matrix-bridge-appservice-kakaotalk/templates/config.yaml.j2 create mode 100644 roles/matrix-bridge-appservice-kakaotalk/templates/node-config.json.j2 create mode 100644 roles/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 create mode 100644 roles/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 diff --git a/docs/configuring-playbook-bridge-appservice-kakaotalk.md b/docs/configuring-playbook-bridge-appservice-kakaotalk.md new file mode 100644 index 00000000..0b284db1 --- /dev/null +++ b/docs/configuring-playbook-bridge-appservice-kakaotalk.md @@ -0,0 +1,83 @@ +# Setting up Appservice Kakaotalk (optional) + +The playbook can install and configure [matrix-appservice-kakaotalk](https://src.miscworks.net/fair/matrix-appservice-kakaotalk) for you. `matrix-appservice-kakaotalk` is a bridge to [Kakaotalk](https://www.kakaocorp.com/page/service/service/KakaoTalk?lang=ENG) based on [node-kakao](https://github.com/storycraft/node-kakao) (now unmaintained) and some [mautrix-facebook](https://github.com/mautrix/facebook) code. + +See the project's [documentation](https://src.miscworks.net/fair/matrix-appservice-kakaotalk) to learn what it does and why it might be useful to you. + +## Installing + +To enable the bridge, add this to your `vars.yml` file: + +```yaml +matrix_appservice_kakaotalk_enabled: true +``` + +You may optionally wish to add some [Additional configuration](#additional-configuration), or to [prepare for double-puppeting](#set-up-double-puppeting) before the initial installation. + +After adjusting your `vars.yml` file, re-run the playbook and restart all services: `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start` + +To make use of the Kakaotalk bridge, see [Usage](#usage) below. + + +### Additional configuration + +There are some additional things you may wish to configure about the bridge. + +Take a look at: + +- `roles/matrix-bridge-appservice-kakaotalk/defaults/main.yml` for some variables that you can customize via your `vars.yml` file +- `roles/matrix-bridge-appservice-kakaotalk/templates/config.yaml.j2` for the bridge's default configuration. You can override settings using the `matrix_appservice_kakaotalk_configuration_extension_yaml` variable + +Here's some example configuration (which goes into your `vars.yml` file): +```yaml +# This configuration: +# - enables encryption (it's off by default) +# - grants some user on your homeserver 'admin' access to the bridge +# (note: the user specified in the `matrix_admin` (part of `roles/matrix-base/defaults/main.yml`) is made an admin by default) +matrix_appservice_kakaotalk_configuration_extension_yaml: | + bridge: + permissions: + '@YOUR_USERNAME:{{ matrix_domain }}': admin + + encryption: + allow: true + default: true +``` + + +### Set up Double Puppeting + +If you'd like to use [Double Puppeting](https://docs.mau.fi/bridges/general/double-puppeting.html) (hint: you most likely do), you have 2 ways of going about it. + +#### Method 1: automatically, by enabling Shared Secret Auth + +The bridge will automatically perform Double Puppeting if you enable [Shared Secret Auth](configuring-playbook-shared-secret-auth.md) for this playbook. + +This is the recommended way of setting up Double Puppeting, as it's easier to accomplish, works for all your users automatically, and has less of a chance of breaking in the future. + +#### Method 2: manually, by asking each user to provide a working access token + +**Note**: This method for enabling Double Puppeting can be configured only after you've already set up bridging (see [Usage](#usage)). + +When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps: + +- retrieve a Matrix access token for yourself. You can use the following command: + +``` +curl \ +--data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME" }, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Appservice-Kakaotalk", "initial_device_display_name": "Appservice-Kakaotalk"}' \ +https://matrix.DOMAIN/_matrix/client/r0/login +``` + +- send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE` + +- make sure you don't log out the `Appservice-Kakaotalk` device some time in the future, as that would break the Double Puppeting feature + + +## Usage + +Start a chat with `@kakaotalkbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). + +Send `login --save EMAIL_OR_PHONE_NUMBER` to the bridge bot to enable bridging for your Kakaotalk account. The `--save` flag may be omitted, if you'd rather not save your password. + +After successfully enabling bridging, you may wish to [set up Double Puppeting](#set-up-double-puppeting), if you haven't already done so. diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index e5301df1..cce74778 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -110,14 +110,16 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up Appservice IRC bridging](configuring-playbook-bridge-appservice-irc.md) (optional) -- [Setting up Beeper LinkedIn bridging](configuring-playbook-bridge-beeper-linkedin.md) (optional) - - [Setting up Appservice Discord bridging](configuring-playbook-bridge-appservice-discord.md) (optional) - [Setting up Appservice Slack bridging](configuring-playbook-bridge-appservice-slack.md) (optional) - [Setting up Appservice Webhooks bridging](configuring-playbook-bridge-appservice-webhooks.md) (optional) +- [Setting up Appservice Kakaotalk bridging](configuring-playbook-bridge-appservice-kakaotalk.md) (optional) + +- [Setting up Beeper LinkedIn bridging](configuring-playbook-bridge-beeper-linkedin.md) (optional) + - [Setting up matrix-hookshot](configuring-playbook-bridge-hookshot.md) - a bridge between Matrix and multiple project management services, such as [GitHub](https://github.com), [GitLab](https://about.gitlab.com) and [JIRA](https://www.atlassian.com/software/jira). (optional) - ~~[Setting up MX Puppet Skype bridging](configuring-playbook-bridge-mx-puppet-skype.md)~~ (optional) - this component has been broken for a long time, so it has been removed from the playbook. Consider [Setting up Go Skype Bridge bridging](configuring-playbook-bridge-go-skype-bridge.md) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index ea17edb4..3f33c7c1 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -213,6 +213,43 @@ matrix_appservice_irc_database_password: "{{ '%s' | format(matrix_homeserver_gen # ###################################################################### +###################################################################### +# +# matrix-bridge-appservice-kakaotalk +# +###################################################################### + +# We don't enable bridges by default. +matrix_appservice_kakaotalk_enabled: false + +matrix_appservice_kakaotalk_systemd_required_services_list: | + {{ + ['docker.service'] + + + ['matrix-appservice-kakaotalk-node.service'] + + + ['matrix-' + matrix_homeserver_implementation + '.service'] + + + (['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else []) + + + (['matrix-postgres.service'] if matrix_postgres_enabled else []) + }} + +matrix_appservice_kakaotalk_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'as.kakao.hs') | to_uuid }}" + +matrix_appservice_kakaotalk_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'as.kakao.hs') | to_uuid }}" + +matrix_appservice_kakaotalk_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}" + +matrix_appservice_kakaotalk_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" +matrix_appservice_kakaotalk_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'as.kakao.db') | to_uuid }}" + +###################################################################### +# +# /matrix-bridge-appservice-kakaotalk +# +###################################################################### + ###################################################################### # @@ -1811,6 +1848,12 @@ matrix_postgres_additional_databases: | 'password': matrix_appservice_irc_database_password, }] if (matrix_appservice_irc_enabled and matrix_appservice_irc_database_engine == 'postgres' and matrix_appservice_irc_database_hostname == 'matrix-postgres') else []) + + ([{ + 'name': matrix_appservice_kakaotalk_database_name, + 'username': matrix_appservice_kakaotalk_database_username, + 'password': matrix_appservice_kakaotalk_database_password, + }] if (matrix_appservice_kakaotalk_enabled and matrix_appservice_kakaotalk_database_engine == 'postgres' and matrix_appservice_kakaotalk_database_hostname == 'matrix-postgres') else []) + + ([{ 'name': matrix_beeper_linkedin_database_name, 'username': matrix_beeper_linkedin_database_username, diff --git a/roles/matrix-bridge-appservice-kakaotalk/defaults/main.yml b/roles/matrix-bridge-appservice-kakaotalk/defaults/main.yml new file mode 100644 index 00000000..482f1fb7 --- /dev/null +++ b/roles/matrix-bridge-appservice-kakaotalk/defaults/main.yml @@ -0,0 +1,196 @@ +--- +# matrix-appservice-kakaotalk is a Matrix <-> Kakaotalk bridge +# Project source code URL: https://src.miscworks.net/fair/matrix-appservice-kakaotalk/ + +matrix_appservice_kakaotalk_enabled: true + +# No images are published for neither of the container images (appservice or node), so we're self-building everything. +matrix_appservice_kakaotalk_container_image_self_build: true +# matrix_appservice_kakaotalk_container_image_self_build_repo: "https://src.miscworks.net/fair/matrix-appservice-kakaotalk.git" +# +# hnarjis' fork is used instead of upstream (fair's), because upstream is currently broken. +# The following error happens when chatting up the bot without this fix: +# [2022-07-25 09:04:53,784] [ERROR@mau.as] Exception in Matrix event handler +# Traceback (most recent call last): +# File "/usr/lib/python3.9/site-packages/mautrix/appservice/as_handler.py", line 239, in try_handle +# await handler_func(event) +# File "/usr/lib/python3.9/site-packages/mautrix/bridge/matrix.py", line 820, in int_handle_event +# await self.int_handle_invite(evt) +# File "/usr/lib/python3.9/site-packages/mautrix/bridge/matrix.py", line 441, in int_handle_invite +# inviter = await self.bridge.get_user(evt.sender) +# File "/usr/lib/python3.9/site-packages/matrix_appservice_kakaotalk/__main__.py", line 112, in get_user +# return await User.get_by_mxid(user_id, create=create) +# File "/usr/lib/python3.9/site-packages/mautrix/util/async_getter_lock.py", line 60, in wrapper +# return await fn(cls, *args, **kwargs) +# File "/usr/lib/python3.9/site-packages/matrix_appservice_kakaotalk/user.py", line 227, in get_by_mxid +# user = cls(mxid) +# TypeError: __init__() missing 2 required positional arguments: 'force_login' and 'was_connected' +matrix_appservice_kakaotalk_container_image_self_build_repo: "https://src.miscworks.net/hnarjis/matrix-appservice-kakaotalk.git" +matrix_appservice_kakaotalk_container_image_self_build_repo_version: "{{ 'master' if matrix_appservice_kakaotalk_version == 'latest' else matrix_appservice_kakaotalk_version }}" + +matrix_appservice_kakaotalk_node_version: "{{ matrix_appservice_kakaotalk_version }}" +matrix_appservice_kakaotalk_node_docker_image: "{{ matrix_appservice_kakaotalk_node_docker_image_prefix }}fair/matrix-appservice-kakaotalk-node:{{ matrix_appservice_kakaotalk_node_version }}" +matrix_appservice_kakaotalk_node_docker_image_prefix: "localhost/" +matrix_appservice_kakaotalk_node_docker_image_force_pull: "{{ matrix_appservice_kakaotalk_node_docker_image.endswith(':latest') }}" + +matrix_appservice_kakaotalk_version: 86c038fd2ffee5e0aebf65136f085cce7e38b54e +matrix_appservice_kakaotalk_docker_image: "{{ matrix_appservice_kakaotalk_docker_image_name_prefix }}fair/matrix-appservice-kakaotalk:{{ matrix_appservice_kakaotalk_version }}" +matrix_appservice_kakaotalk_docker_image_name_prefix: "localhost/" +matrix_appservice_kakaotalk_docker_image_force_pull: "{{ matrix_appservice_kakaotalk_docker_image.endswith(':latest') }}" + +matrix_appservice_kakaotalk_base_path: "{{ matrix_base_data_path }}/appservice-kakaotalk" +matrix_appservice_kakaotalk_config_path: "{{ matrix_appservice_kakaotalk_base_path }}/config" +matrix_appservice_kakaotalk_data_path: "{{ matrix_appservice_kakaotalk_base_path }}/data" +matrix_appservice_kakaotalk_docker_src_files_path: "{{ matrix_appservice_kakaotalk_base_path }}/docker-src" + +matrix_appservice_kakaotalk_command_prefix: "!kt" + +matrix_appservice_kakaotalk_homeserver_address: "{{ matrix_homeserver_container_url }}" +matrix_appservice_kakaotalk_homeserver_domain: '{{ matrix_domain }}' +matrix_appservice_kakaotalk_appservice_address: 'http://matrix-appservice-kakaotalk:11115' + + +# A list of extra arguments to pass to the appservice-kakaotalk container +matrix_appservice_kakaotalk_container_extra_arguments: [] + +# List of systemd services that matrix-appservice-kakaotalk.service depends on. +matrix_appservice_kakaotalk_systemd_required_services_list: ['docker.service', 'matrix-appservice-kakaotalk-node.service'] + +# List of systemd services that matrix-appservice-kakaotalk.service wants +matrix_appservice_kakaotalk_systemd_wanted_services_list: [] + + +# A list of extra arguments to pass to the appservice-kakaotalk-node container +matrix_appservice_kakaotalk_node_container_extra_arguments: [] + +# List of systemd services that matrix-appservice-kakaotalk-node.service depends on. +matrix_appservice_kakaotalk_node_systemd_required_services_list: ['docker.service'] + +# List of systemd services that matrix-appservice-kakaotalk-node.service wants +matrix_appservice_kakaotalk_node_systemd_wanted_services_list: [] + + +matrix_appservice_kakaotalk_appservice_token: '' +matrix_appservice_kakaotalk_homeserver_token: '' + +# Whether or not created rooms should have federation enabled. +# If false, created portal rooms will never be federated. +matrix_appservice_kakaotalk_federate_rooms: true + +# Database-related configuration fields. +# +# To use SQLite: +# - change the engine (`matrix_appservice_kakaotalk_database_engine: 'sqlite'`) +# To use Postgres: +# - adjust your database credentials via the `matrix_appservice_kakaotalk_database_*` variables +matrix_appservice_kakaotalk_database_engine: 'postgres' + +matrix_appservice_kakaotalk_sqlite_database_path_local: "{{ matrix_appservice_kakaotalk_data_path }}/appservice-kakaotalk.db" +matrix_appservice_kakaotalk_sqlite_database_path_in_container: "/data/appservice-kakaotalk.db" + +matrix_appservice_kakaotalk_database_username: 'matrix_appservice_kakaotalk' +matrix_appservice_kakaotalk_database_password: 'some-password' +matrix_appservice_kakaotalk_database_hostname: 'matrix-postgres' +matrix_appservice_kakaotalk_database_port: 5432 +matrix_appservice_kakaotalk_database_name: 'matrix_appservice_kakaotalk' + +matrix_appservice_kakaotalk_database_connection_string: 'postgres://{{ matrix_appservice_kakaotalk_database_username }}:{{ matrix_appservice_kakaotalk_database_password }}@{{ matrix_appservice_kakaotalk_database_hostname }}:{{ matrix_appservice_kakaotalk_database_port }}/{{ matrix_appservice_kakaotalk_database_name }}' + +matrix_appservice_kakaotalk_appservice_database: "{{ + { + 'sqlite': ('sqlite:///' + matrix_appservice_kakaotalk_sqlite_database_path_in_container), + 'postgres': matrix_appservice_kakaotalk_database_connection_string, + }[matrix_appservice_kakaotalk_database_engine] +}}" + + +# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth). +# Also see: matrix_appservice_kakaotalk_bridge_login_shared_secret_map +matrix_appservice_kakaotalk_login_shared_secret: '' + +matrix_appservice_kakaotalk_bridge_login_shared_secret_map: "{{ {matrix_appservice_kakaotalk_homeserver_domain: matrix_appservice_kakaotalk_login_shared_secret} if matrix_appservice_kakaotalk_login_shared_secret else {} }}" + +matrix_appservice_kakaotalk_bridge_permissions: | + {{ + {matrix_appservice_kakaotalk_homeserver_domain: 'user'} + | combine({matrix_admin: 'admin'} if matrix_admin else {}) + }} + +matrix_appservice_kakaotalk_appservice_bot_username: kakaotalkbot +matrix_appservice_kakaotalk_user_prefix: 'kakaotalk_as_' + +# Specifies the default log level for all bridge loggers. +matrix_appservice_kakaotalk_logging_level: WARNING + + +# Default configuration template which covers the generic use case. +# You can customize it by controlling the various variables inside it. +# +# For a more advanced customization, you can extend the default (see `matrix_appservice_kakaotalk_configuration_extension_yaml`) +# or completely replace this variable with your own template. +matrix_appservice_kakaotalk_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}" + +matrix_appservice_kakaotalk_configuration_extension_yaml: | + # Your custom YAML configuration goes here. + # This configuration extends the default starting configuration (`matrix_appservice_kakaotalk_configuration_yaml`). + # + # You can override individual variables from the default configuration, or introduce new ones. + # + # If you need something more special, you can take full control by + # completely redefining `matrix_appservice_kakaotalk_configuration_yaml`. + +matrix_appservice_kakaotalk_configuration_extension: "{{ matrix_appservice_kakaotalk_configuration_extension_yaml | from_yaml if matrix_appservice_kakaotalk_configuration_extension_yaml | from_yaml is mapping else {} }}" + +# Holds the final configuration (a combination of the default and its extension). +# You most likely don't need to touch this variable. Instead, see `matrix_appservice_kakaotalk_configuration_yaml`. +matrix_appservice_kakaotalk_configuration: "{{ matrix_appservice_kakaotalk_configuration_yaml | from_yaml | combine(matrix_appservice_kakaotalk_configuration_extension, recursive=True) }}" + + +# Default configuration template which covers the generic use case. +# You can customize it by controlling the various variables inside it. +# +# For a more advanced customization, you can extend the default (see `matrix_appservice_kakaotalk_node_configuration_extension_yaml`) +# or completely replace this variable with your own template. +# +# The side-effect of this lookup is that Ansible would even parse the JSON for us, returning a dict. +# This is unlike what it does when looking up YAML template files (no automatic parsing there). +matrix_appservice_kakaotalk_node_configuration_default: "{{ lookup('template', 'templates/node-config.json.j2') }}" + +# Your custom JSON configuration for appservice-kakaotalk-node should go to `matrix_appservice_kakaotalk_node_configuration_extension_json`. +# This configuration extends the default starting configuration (`matrix_appservice_kakaotalk_node_configuration_default`). +# +# You can override individual variables from the default configuration, or introduce new ones. +# +# If you need something more special, you can take full control by +# completely redefining `matrix_appservice_kakaotalk_node_configuration_default`. +# +# Example configuration extension follows: +# +# matrix_appservice_kakaotalk_node_configuration_extension_json: | +# { +# "register_timeout": 5000 +# } +matrix_appservice_kakaotalk_node_configuration_extension_json: '{}' + +matrix_appservice_kakaotalk_node_configuration_extension: "{{ matrix_appservice_kakaotalk_node_configuration_extension_json | from_json if matrix_appservice_kakaotalk_node_configuration_extension_json | from_json is mapping else {} }}" + +# Holds the final appservice-kakaotalk-node configuration (a combination of the default and its extension). +# You most likely don't need to touch this variable. Instead, see `matrix_appservice_kakaotalk_node_configuration_default`. +matrix_appservice_kakaotalk_node_configuration: "{{ matrix_appservice_kakaotalk_node_configuration_default | combine(matrix_appservice_kakaotalk_node_configuration_extension, recursive=True) }}" + + +matrix_appservice_kakaotalk_registration_yaml: | + id: appservice-kakaotalk + as_token: {{ matrix_appservice_kakaotalk_appservice_token|to_json }} + hs_token: {{ matrix_appservice_kakaotalk_homeserver_token|to_json }} + namespaces: + users: + - exclusive: true + regex: '^@{{ matrix_appservice_kakaotalk_user_prefix | regex_escape }}.*:{{ matrix_appservice_kakaotalk_homeserver_domain | regex_escape }}$' + - exclusive: true + regex: '^@{{ matrix_appservice_kakaotalk_appservice_bot_username | regex_escape }}:{{ matrix_appservice_kakaotalk_homeserver_domain | regex_escape }}$' + url: {{ matrix_appservice_kakaotalk_appservice_address|to_json }} + sender_localpart: _appservice_kakaotalk + rate_limited: false + +matrix_appservice_kakaotalk_registration: "{{ matrix_appservice_kakaotalk_registration_yaml | from_yaml }}" diff --git a/roles/matrix-bridge-appservice-kakaotalk/tasks/init.yml b/roles/matrix-bridge-appservice-kakaotalk/tasks/init.yml new file mode 100644 index 00000000..c2679b35 --- /dev/null +++ b/roles/matrix-bridge-appservice-kakaotalk/tasks/init.yml @@ -0,0 +1,28 @@ +--- +# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070 +# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 +- name: Fail if trying to self-build on Ansible < 2.8 + ansible.builtin.fail: + msg: "To self-build the appservice-kakaotalk image, you should use Ansible 2.8 or higher. See docs/ansible.md" + when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_appservice_kakaotalk_container_image_self_build and matrix_appservice_kakaotalk_enabled" + +- ansible.builtin.set_fact: + matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-appservice-kakaotalk.service', 'matrix-appservice-kakaotalk-node.service'] }}" + when: matrix_appservice_kakaotalk_enabled | bool + +# If the matrix-synapse role is not used, these variables may not exist. +- ansible.builtin.set_fact: + matrix_synapse_container_extra_arguments: > + {{ + matrix_synapse_container_extra_arguments | default([]) + + + ["--mount type=bind,src={{ matrix_appservice_kakaotalk_config_path }}/registration.yaml,dst=/matrix-appservice-kakaotalk-registration.yaml,ro"] + }} + + matrix_synapse_app_service_config_files: > + {{ + matrix_synapse_app_service_config_files | default([]) + + + ["/matrix-appservice-kakaotalk-registration.yaml"] + }} + when: matrix_appservice_kakaotalk_enabled | bool diff --git a/roles/matrix-bridge-appservice-kakaotalk/tasks/main.yml b/roles/matrix-bridge-appservice-kakaotalk/tasks/main.yml new file mode 100644 index 00000000..dfb286f2 --- /dev/null +++ b/roles/matrix-bridge-appservice-kakaotalk/tasks/main.yml @@ -0,0 +1,23 @@ +--- + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml" + tags: + - always + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml" + when: "run_setup | bool and matrix_appservice_kakaotalk_enabled | bool" + tags: + - setup-all + - setup-appservice-kakaotalk + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_install.yml" + when: "run_setup | bool and matrix_appservice_kakaotalk_enabled | bool" + tags: + - setup-all + - setup-appservice-kakaotalk + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" + when: "run_setup | bool and not matrix_appservice_kakaotalk_enabled | bool" + tags: + - setup-all + - setup-appservice-kakaotalk diff --git a/roles/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml b/roles/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml new file mode 100644 index 00000000..def73c59 --- /dev/null +++ b/roles/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml @@ -0,0 +1,125 @@ +--- + +# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist. +# We don't want to fail in such cases. +- name: Fail if matrix-synapse role already executed + ansible.builtin.fail: + msg: >- + The matrix-bridge-matrix-appservice-kakaotalk role needs to execute before the matrix-synapse role. + when: "matrix_synapse_role_executed | default(False)" + +- name: Ensure matrix-appservice-kakaotalk image is pulled + docker_image: + name: "{{ matrix_appservice_kakaotalk_docker_image }}" + source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" + force_source: "{{ matrix_appservice_kakaotalk_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_kakaotalk_docker_image_force_pull }}" + when: not matrix_appservice_kakaotalk_container_image_self_build + register: result + retries: "{{ matrix_container_retries_count }}" + delay: "{{ matrix_container_retries_delay }}" + until: result is not failed + +- name: Ensure matrix-appservice-kakaotalk-node image is pulled + docker_image: + name: "{{ matrix_appservice_kakaotalk_node_docker_image }}" + source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" + force_source: "{{ matrix_appservice_kakaotalk_node_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_kakaotalk_node_docker_image_force_pull }}" + when: not matrix_appservice_kakaotalk_container_image_self_build + register: result + retries: "{{ matrix_container_retries_count }}" + delay: "{{ matrix_container_retries_delay }}" + until: result is not failed + +- name: Ensure matrix-appservice-kakaotalk paths exist + ansible.builtin.file: + path: "{{ item.path }}" + state: directory + mode: 0750 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + with_items: + - {path: "{{ matrix_appservice_kakaotalk_base_path }}", when: true} + - {path: "{{ matrix_appservice_kakaotalk_config_path }}", when: true} + - {path: "{{ matrix_appservice_kakaotalk_data_path }}", when: true} + - {path: "{{ matrix_appservice_kakaotalk_docker_src_files_path }}", when: "{{ matrix_appservice_kakaotalk_container_image_self_build }}"} + when: item.when | bool + +- name: Ensure matrix-appservice-kakaotalk repository is present on self-build + ansible.builtin.git: + repo: "{{ matrix_appservice_kakaotalk_container_image_self_build_repo }}" + dest: "{{ matrix_appservice_kakaotalk_docker_src_files_path }}" + version: "{{ matrix_appservice_kakaotalk_container_image_self_build_repo_version }}" + force: "yes" + become: true + become_user: "{{ matrix_user_username }}" + register: matrix_appservice_kakaotalk_git_pull_results + when: "matrix_appservice_kakaotalk_container_image_self_build | bool" + +- name: Ensure matrix-appservice-kakaotalk-node Docker image is built + docker_image: + name: "{{ matrix_appservice_kakaotalk_node_docker_image }}" + source: build + force_source: "{{ matrix_appservice_kakaotalk_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_kakaotalk_git_pull_results.changed }}" + build: + dockerfile: Dockerfile + path: "{{ matrix_appservice_kakaotalk_docker_src_files_path }}/node" + pull: true + when: "matrix_appservice_kakaotalk_container_image_self_build | bool" + +- name: Ensure matrix-appservice-kakaotalk Docker image is built + docker_image: + name: "{{ matrix_appservice_kakaotalk_docker_image }}" + source: build + force_source: "{{ matrix_appservice_kakaotalk_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_kakaotalk_git_pull_results.changed }}" + build: + dockerfile: Dockerfile + path: "{{ matrix_appservice_kakaotalk_docker_src_files_path }}" + pull: true + when: "matrix_appservice_kakaotalk_container_image_self_build | bool" + +- name: Ensure matrix-appservice-kakaotalk-node config.json installed + ansible.builtin.copy: + content: "{{ matrix_appservice_kakaotalk_node_configuration | to_nice_json }}" + dest: "{{ matrix_appservice_kakaotalk_config_path }}/node-config.json" + mode: 0644 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + +- name: Ensure matrix-appservice-kakaotalk config.yaml installed + ansible.builtin.copy: + content: "{{ matrix_appservice_kakaotalk_configuration | to_nice_yaml(indent=2, width=999999) }}" + dest: "{{ matrix_appservice_kakaotalk_config_path }}/config.yaml" + mode: 0644 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + +- name: Ensure matrix-appservice-kakaotalk registration.yaml installed + ansible.builtin.copy: + content: "{{ matrix_appservice_kakaotalk_registration | to_nice_yaml(indent=2, width=999999) }}" + dest: "{{ matrix_appservice_kakaotalk_config_path }}/registration.yaml" + mode: 0644 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + +- name: Ensure matrix-appservice-kakaotalk-node.service installed + ansible.builtin.template: + src: "{{ role_path }}/templates/systemd/matrix-appservice-kakaotalk-node.service.j2" + dest: "{{ matrix_systemd_path }}/matrix-appservice-kakaotalk-node.service" + mode: 0644 + register: matrix_appservice_kakaotalk_node_systemd_service_result + +- name: Ensure matrix-appservice-kakaotalk.service installed + ansible.builtin.template: + src: "{{ role_path }}/templates/systemd/matrix-appservice-kakaotalk.service.j2" + dest: "{{ matrix_systemd_path }}/matrix-appservice-kakaotalk.service" + mode: 0644 + register: matrix_appservice_kakaotalk_systemd_service_result + +- name: Ensure systemd reloaded after matrix-appservice-kakaotalk.service or matrix-appservice-kakaotalk-node.service installation + ansible.builtin.service: + daemon_reload: true + when: matrix_appservice_kakaotalk_node_systemd_service_result.changed or matrix_appservice_kakaotalk_systemd_service_result.changed diff --git a/roles/matrix-bridge-appservice-kakaotalk/tasks/setup_uninstall.yml b/roles/matrix-bridge-appservice-kakaotalk/tasks/setup_uninstall.yml new file mode 100644 index 00000000..fb11c383 --- /dev/null +++ b/roles/matrix-bridge-appservice-kakaotalk/tasks/setup_uninstall.yml @@ -0,0 +1,41 @@ +--- + +- name: Check existence of matrix-appservice-kakaotalk service + ansible.builtin.stat: + path: "{{ matrix_systemd_path }}/matrix-appservice-kakaotalk.service" + register: matrix_appservice_kakaotalk_service_stat + +- name: Ensure matrix-appservice-kakaotalk is stopped + ansible.builtin.service: + name: matrix-appservice-kakaotalk + state: stopped + enabled: false + daemon_reload: true + when: "matrix_appservice_kakaotalk_service_stat.stat.exists" + +- name: Check existence of matrix-appservice-kakaotalk-node service + ansible.builtin.stat: + path: "{{ matrix_systemd_path }}/matrix-appservice-kakaotalk-node.service" + register: matrix_appservice_kakaotalk_node_service_stat + +- name: Ensure matrix-appservice-kakaotalk-node is stopped + ansible.builtin.service: + name: matrix-appservice-kakaotalk-node + state: stopped + enabled: false + daemon_reload: true + when: "matrix_appservice_kakaotalk_node_service_stat.stat.exists" + +- name: Ensure matrix-appservice-kakaotalk.service files don't exist + ansible.builtin.file: + path: "{{ item }}" + state: absent + with_items: + - "{{ matrix_systemd_path }}/matrix-appservice-kakaotalk-node.service" + - "{{ matrix_systemd_path }}/matrix-appservice-kakaotalk.service" + when: "matrix_appservice_kakaotalk_service_stat.stat.exists" + +- name: Ensure systemd reloaded after matrix-appservice-kakaotalk service files removal + ansible.builtin.service: + daemon_reload: true + when: "matrix_appservice_kakaotalk_service_stat.stat.exists or matrix_appservice_kakaotalk_node_service_stat.stat.exists" diff --git a/roles/matrix-bridge-appservice-kakaotalk/tasks/validate_config.yml b/roles/matrix-bridge-appservice-kakaotalk/tasks/validate_config.yml new file mode 100644 index 00000000..4f838e7a --- /dev/null +++ b/roles/matrix-bridge-appservice-kakaotalk/tasks/validate_config.yml @@ -0,0 +1,10 @@ +--- + +- name: Fail if required settings not defined + ansible.builtin.fail: + msg: >- + You need to define a required configuration setting (`{{ item }}`). + when: "vars[item] == ''" + with_items: + - "matrix_appservice_kakaotalk_appservice_token" + - "matrix_appservice_kakaotalk_homeserver_token" diff --git a/roles/matrix-bridge-appservice-kakaotalk/templates/config.yaml.j2 b/roles/matrix-bridge-appservice-kakaotalk/templates/config.yaml.j2 new file mode 100644 index 00000000..186e58d0 --- /dev/null +++ b/roles/matrix-bridge-appservice-kakaotalk/templates/config.yaml.j2 @@ -0,0 +1,276 @@ +# Homeserver details +homeserver: + # The address that this appservice can use to connect to the homeserver. + address: {{ matrix_appservice_kakaotalk_homeserver_address|to_json }} + # The domain of the homeserver (for MXIDs, etc). + domain: {{ matrix_appservice_kakaotalk_homeserver_domain|to_json }} + # Whether or not to verify the SSL certificate of the homeserver. + # Only applies if address starts with https:// + verify_ssl: true + # Whether or not the homeserver supports asmux-specific endpoints, + # such as /_matrix/client/unstable/net.maunium.asmux/dms for atomically + # updating m.direct. + asmux: false + # Number of retries for all HTTP requests if the homeserver isn't reachable. + http_retry_count: 4 + # The URL to push real-time bridge status to. + # If set, the bridge will make POST requests to this URL whenever a user's MQTT connection state changes. + # The bridge will use the appservice as_token to authorize requests. + status_endpoint: null + # Endpoint for reporting per-message status. + message_send_checkpoint_endpoint: null + # Whether asynchronous uploads via MSC2246 should be enabled for media. + # Requires a media repo that supports MSC2246. + async_media: false + +# Application service host/registration related details +# Changing these values requires regeneration of the registration. +appservice: + # The address that the homeserver can use to connect to this appservice. + address: {{ matrix_appservice_kakaotalk_appservice_address|to_json }} + + # The hostname and port where this appservice should listen. + hostname: 0.0.0.0 + port: 11115 + # The maximum body size of appservice API requests (from the homeserver) in mebibytes + # Usually 1 is enough, but on high-traffic bridges you might need to increase this to avoid 413s + max_body_size: 1 + + # The full URI to the database. SQLite and Postgres are supported. + # Format examples: + # SQLite: sqlite:///filename.db + # Postgres: postgres://username:password@hostname/dbname + database: {{ matrix_appservice_kakaotalk_appservice_database|to_json }} + # Additional arguments for asyncpg.create_pool() or sqlite3.connect() + # https://magicstack.github.io/asyncpg/current/api/index.html#asyncpg.pool.create_pool + # https://docs.python.org/3/library/sqlite3.html#sqlite3.connect + # For sqlite, min_size is used as the connection thread pool size and max_size is ignored. + database_opts: + min_size: 5 + max_size: 10 + + # The unique ID of this appservice. + id: appservice-kakaotalk + # Username of the appservice bot. + bot_username: {{ matrix_appservice_kakaotalk_appservice_bot_username|to_json }} + # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty + # to leave display name/avatar as-is. + bot_displayname: KakaoTalk bridge bot + bot_avatar: + + # Whether or not to receive ephemeral events via appservice transactions. + # Requires MSC2409 support (i.e. Synapse 1.22+). + # You should disable bridge -> sync_with_custom_puppets when this is enabled. + ephemeral_events: false + + # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify. + as_token: {{ matrix_appservice_kakaotalk_appservice_token|to_json }} + hs_token: {{ matrix_appservice_kakaotalk_homeserver_token|to_json }} + +# Prometheus telemetry config. Requires prometheus-client to be installed. +metrics: + enabled: false + listen_port: 8000 + +# Manhole config. +manhole: + # Whether or not opening the manhole is allowed. + enabled: false + # The path for the unix socket. + path: /var/tmp/matrix-appservice-kakaotalk.manhole + # The list of UIDs who can be added to the whitelist. + # If empty, any UIDs can be specified in the open-manhole command. + whitelist: + - 0 + +# Config for things that are directly sent to KakaoTalk. +kakaotalk: + device_name: "KakaoTalk Bridge" + +# Bridge config +bridge: + # Localpart template of MXIDs for KakaoTalk users. + # {userid} is replaced with the user ID of the KakaoTalk user. + username_template: "{{ matrix_appservice_kakaotalk_user_prefix }}{userid}" + # Displayname template for KakaoTalk users. + # {displayname} is replaced with the display name of the KakaoTalk user. + displayname_template: "{displayname} (KT)" + + # The prefix for commands. Only required in non-management rooms. + command_prefix: {{ matrix_appservice_kakaotalk_command_prefix|to_json }} + + # Number of chats to sync (and create portals for) on startup/login. + # Set to 0 to disable automatic syncing, or -1 to sync as much as possible. + initial_chat_sync: 20 + # Whether or not the KakaoTalk users of logged in Matrix users should be + # invited to private chats when the user sends a message from another client. + invite_own_puppet_to_pm: false + # Whether or not to use /sync to get presence, read receipts and typing notifications + # when double puppeting is enabled + sync_with_custom_puppets: true + # Whether or not to update the m.direct account data event when double puppeting is enabled. + # Note that updating the m.direct event is not atomic (except with mautrix-asmux) + # and is therefore prone to race conditions. + sync_direct_chat_list: false + # Servers to always allow double puppeting from + double_puppet_server_map: {} + # Allow using double puppeting from any server with a valid client .well-known file. + double_puppet_allow_discovery: false + # Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth + # + # If set, custom puppets will be enabled automatically for local users + # instead of users having to find an access token and run `login-matrix` + # manually. + # If using this for other servers than the bridge's server, + # you must also set the URL in the double_puppet_server_map. + login_shared_secret_map: {{ matrix_appservice_kakaotalk_bridge_login_shared_secret_map|to_json }} + # Whether or not to update avatars when syncing all contacts at startup. + update_avatar_initial_sync: true + # End-to-bridge encryption support options. These require matrix-nio to be installed with pip + # and login_shared_secret to be configured in order to get a device for the bridge bot. + # + # Additionally, https://github.com/matrix-org/synapse/pull/5758 is required if using a normal + # application service. + encryption: + # Allow encryption, work in group chat rooms with e2ee enabled + allow: false + # Default to encryption, force-enable encryption in all portals the bridge creates + # This will cause the bridge bot to be in private chats for the encryption to work properly. + default: false + # Options for automatic key sharing. + key_sharing: + # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. + # You must use a client that supports requesting keys from other users to use this feature. + allow: false + # Require the requesting device to have a valid cross-signing signature? + # This doesn't require that the bridge has verified the device, only that the user has verified it. + # Not yet implemented. + require_cross_signing: false + # Require devices to be verified by the bridge? + # Verification by the bridge is not yet implemented. + require_verification: true + # Whether or not the bridge should send a read receipt from the bridge bot when a message has + # been sent to KakaoTalk. + delivery_receipts: false + # Whether to allow inviting arbitrary mxids to portal rooms + allow_invites: false + # Whether or not created rooms should have federation enabled. + # If false, created portal rooms will never be federated. + federate_rooms: {{ matrix_appservice_kakaotalk_federate_rooms|to_json }} + # Settings for backfilling messages from KakaoTalk. + backfill: + # Whether or not the KakaoTalk users of logged in Matrix users should be + # invited to private chats when backfilling history from KakaoTalk. This is + # usually needed to prevent rate limits and to allow timestamp massaging. + invite_own_puppet: true + # Maximum number of messages to backfill initially. + # Set to 0 to disable backfilling when creating portal, or -1 to backfill as much as possible. + initial_limit: 0 + # Maximum number of messages to backfill if messages were missed while + # the bridge was disconnected. + # Set to 0 to disable backfilling missed messages, or -1 to backfill as much as possible. + missed_limit: 1000 + # If using double puppeting, should notifications be disabled + # while the initial backfill is in progress? + disable_notifications: false + # The number of seconds that a disconnection can last without triggering an automatic re-sync + # and missed message backfilling when reconnecting. + # Set to 0 to always re-sync, or -1 to never re-sync automatically. + resync_max_disconnected_time: 5 + # Should users remain logged in after being disconnected from chatroom updates? + # This is a convenience feature, but might make the bridge look more suspicious to KakaoTalk. + remain_logged_in_on_disconnect: true + # May the bridge restore user logins with session tokens instead of requiring a password? + # This is a convenience feature, but might make the bridge look more suspicious to KakaoTalk. + # Note that password-based login will be tried first for users who have saved their password. + allow_token_relogin: true + # Should the bridge connect users to chatroom updates after a token-based login? + # This will disconnect any KakaoTalk PC/bridge sessions that were started since the last connection. + # This is a convenience feature, but might make the bridge look more suspicious to KakaoTalk. + reconnect_on_token_relogin: true + # Should the bridge do a resync for connected users on startup? + sync_on_startup: true + # Whether or not temporary disconnections should send notices to the notice room. + # If this is false, disconnections will never send messages and connections will only send + # messages if it was disconnected for more than resync_max_disconnected_time seconds. + temporary_disconnect_notices: true + # Disable bridge notices entirely + disable_bridge_notices: false + # Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run. + # This field will automatically be changed back to false after it, + # except if the config file is not writable. + resend_bridge_info: false + # Whether or not mute status and tags should only be bridged when the portal room is created. + tag_only_on_create: true + # If set to true, downloading media from the CDN will use a plain aiohttp client without the usual headers or + # other configuration. This may be useful if you don't want to use the default proxy for large files. + sandbox_media_download: false + + # Permissions for using the bridge. + # Permitted values: + # relay - Allowed to be relayed through the bridge, no access to commands. + # user - Use the bridge with puppeting. + # admin - Use and administrate the bridge. + # Permitted keys: + # * - All Matrix users + # domain - All users on that homeserver + # mxid - Specific user + permissions: {{ matrix_appservice_kakaotalk_bridge_permissions|to_json }} + + relay: + # Whether relay mode should be allowed. If allowed, `!kt set-relay` can be used to turn any + # authenticated user into a relaybot for that chat. + enabled: false + # The formats to use when sending messages to KakaoTalk via a relay user. + # + # Available variables: + # $sender_displayname - The display name of the sender (e.g. Example User) + # $sender_username - The username (Matrix ID localpart) of the sender (e.g. exampleuser) + # $sender_mxid - The Matrix ID of the sender (e.g. @exampleuser:example.com) + # $message - The message content + message_formats: + m.text: '$sender_displayname: $message' + m.notice: '$sender_displayname: $message' + m.emote: '* $sender_displayname $message' + m.file: 'File from $sender_displayname: $message' + m.image: 'Image from $sender_displayname: $message' + m.audio: 'Audio from $sender_displayname: $message' + m.video: 'Video from $sender_displayname: $message' + m.location: '$sender_displayname sent a location' + +rpc: + connection: + # Either unix or tcp + type: tcp + # Only for type: unix + # path: /rpc/rpc.sock + # Only for type: tcp + host: matrix-appservice-kakaotalk-node + port: 8000 + +# Python logging configuration. +# +# See section 16.7.2 of the Python documentation for more info: +# https://docs.python.org/3.6/library/logging.config.html#configuration-dictionary-schema +logging: + version: 1 + formatters: + colored: + (): matrix_appservice_kakaotalk.util.ColorFormatter + format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s" + normal: + format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s" + handlers: + console: + class: logging.StreamHandler + formatter: colored + loggers: + mau: + level: {{ matrix_appservice_kakaotalk_logging_level|to_json }} + paho: + level: {{ matrix_appservice_kakaotalk_logging_level|to_json }} + aiohttp: + level: {{ matrix_appservice_kakaotalk_logging_level|to_json }} + root: + level: {{ matrix_appservice_kakaotalk_logging_level|to_json }} + handlers: [console] diff --git a/roles/matrix-bridge-appservice-kakaotalk/templates/node-config.json.j2 b/roles/matrix-bridge-appservice-kakaotalk/templates/node-config.json.j2 new file mode 100644 index 00000000..340add39 --- /dev/null +++ b/roles/matrix-bridge-appservice-kakaotalk/templates/node-config.json.j2 @@ -0,0 +1,13 @@ +{ + "listen": { + "type": "tcp", + "host": "0.0.0.0", + "port": 8000, + "force": true + }, + "register_timeout": 3000, + "logging_keys": { + "request": ["mxid"], + "response": ["status"] + } +} diff --git a/roles/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 b/roles/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 new file mode 100644 index 00000000..1a526ee6 --- /dev/null +++ b/roles/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 @@ -0,0 +1,38 @@ +#jinja2: lstrip_blocks: "True" +[Unit] +Description=appservice-kakaotalk-node bridge helper +{% for service in matrix_appservice_kakaotalk_node_systemd_required_services_list %} +Requires={{ service }} +After={{ service }} +{% endfor %} +{% for service in matrix_appservice_kakaotalk_node_systemd_wanted_services_list %} +Wants={{ service }} +{% endfor %} +DefaultDependencies=no + +[Service] +Type=simple +Environment="HOME={{ matrix_systemd_unit_home_path }}" +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-kakaotalk-node 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-kakaotalk-node 2>/dev/null || true' + +ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-kakaotalk-node \ + --log-driver=none \ + --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ + --cap-drop=ALL \ + --network={{ matrix_docker_network }} \ + --mount type=bind,src={{ matrix_appservice_kakaotalk_config_path }}/node-config.json,dst=/config.json,ro \ + {% for arg in matrix_appservice_kakaotalk_node_container_extra_arguments %} + {{ arg }} \ + {% endfor %} + {{ matrix_appservice_kakaotalk_node_docker_image }} \ + node src/main.js --config /config.json + +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-kakaotalk-node 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-kakaotalk-node 2>/dev/null || true' +Restart=always +RestartSec=30 +SyslogIdentifier=matrix-appservice-kakaotalk-node + +[Install] +WantedBy=multi-user.target diff --git a/roles/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 b/roles/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 new file mode 100644 index 00000000..83a8d4dc --- /dev/null +++ b/roles/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 @@ -0,0 +1,42 @@ +#jinja2: lstrip_blocks: "True" +[Unit] +Description=appservice-kakaotalk bridge +{% for service in matrix_appservice_kakaotalk_systemd_required_services_list %} +Requires={{ service }} +After={{ service }} +{% endfor %} +{% for service in matrix_appservice_kakaotalk_systemd_wanted_services_list %} +Wants={{ service }} +{% endfor %} +DefaultDependencies=no + +[Service] +Type=simple +Environment="HOME={{ matrix_systemd_unit_home_path }}" +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-kakaotalk 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-kakaotalk 2>/dev/null || true' + +# Intentional delay, so that the homeserver (we likely depend on) can manage to start. +ExecStartPre={{ matrix_host_command_sleep }} 5 + +ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-kakaotalk \ + --log-driver=none \ + --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ + --cap-drop=ALL \ + --network={{ matrix_docker_network }} \ + --mount type=bind,src={{ matrix_appservice_kakaotalk_config_path }},dst=/config,ro \ + --mount type=bind,src={{ matrix_appservice_kakaotalk_data_path }},dst=/data \ + {% for arg in matrix_appservice_kakaotalk_container_extra_arguments %} + {{ arg }} \ + {% endfor %} + {{ matrix_appservice_kakaotalk_docker_image }} \ + python3 -m matrix_appservice_kakaotalk -c /config/config.yaml --no-update + +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-kakaotalk 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-kakaotalk 2>/dev/null || true' +Restart=always +RestartSec=30 +SyslogIdentifier=matrix-appservice-kakaotalk + +[Install] +WantedBy=multi-user.target diff --git a/setup.yml b/setup.yml index 49612a8c..30538d81 100755 --- a/setup.yml +++ b/setup.yml @@ -17,6 +17,7 @@ - matrix-bridge-appservice-slack - matrix-bridge-appservice-webhooks - matrix-bridge-appservice-irc + - matrix-bridge-appservice-kakaotalk - matrix-bridge-beeper-linkedin - matrix-bridge-go-skype-bridge - matrix-bridge-mautrix-facebook From 7b937cf9a9aae4dff62c5e51beb6f8fdaf72d45b Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 25 Jul 2022 14:56:08 +0300 Subject: [PATCH 093/562] Make ansible-lint happy --- .../defaults/main.yml | 6 ++-- .../templates/config.yaml.j2 | 30 +++++++++---------- 2 files changed, 18 insertions(+), 18 deletions(-) diff --git a/roles/matrix-bridge-appservice-kakaotalk/defaults/main.yml b/roles/matrix-bridge-appservice-kakaotalk/defaults/main.yml index 482f1fb7..dc5e2591 100644 --- a/roles/matrix-bridge-appservice-kakaotalk/defaults/main.yml +++ b/roles/matrix-bridge-appservice-kakaotalk/defaults/main.yml @@ -181,15 +181,15 @@ matrix_appservice_kakaotalk_node_configuration: "{{ matrix_appservice_kakaotalk_ matrix_appservice_kakaotalk_registration_yaml: | id: appservice-kakaotalk - as_token: {{ matrix_appservice_kakaotalk_appservice_token|to_json }} - hs_token: {{ matrix_appservice_kakaotalk_homeserver_token|to_json }} + as_token: {{ matrix_appservice_kakaotalk_appservice_token | to_json }} + hs_token: {{ matrix_appservice_kakaotalk_homeserver_token | to_json }} namespaces: users: - exclusive: true regex: '^@{{ matrix_appservice_kakaotalk_user_prefix | regex_escape }}.*:{{ matrix_appservice_kakaotalk_homeserver_domain | regex_escape }}$' - exclusive: true regex: '^@{{ matrix_appservice_kakaotalk_appservice_bot_username | regex_escape }}:{{ matrix_appservice_kakaotalk_homeserver_domain | regex_escape }}$' - url: {{ matrix_appservice_kakaotalk_appservice_address|to_json }} + url: {{ matrix_appservice_kakaotalk_appservice_address | to_json }} sender_localpart: _appservice_kakaotalk rate_limited: false diff --git a/roles/matrix-bridge-appservice-kakaotalk/templates/config.yaml.j2 b/roles/matrix-bridge-appservice-kakaotalk/templates/config.yaml.j2 index 186e58d0..183377f3 100644 --- a/roles/matrix-bridge-appservice-kakaotalk/templates/config.yaml.j2 +++ b/roles/matrix-bridge-appservice-kakaotalk/templates/config.yaml.j2 @@ -1,9 +1,9 @@ # Homeserver details homeserver: # The address that this appservice can use to connect to the homeserver. - address: {{ matrix_appservice_kakaotalk_homeserver_address|to_json }} + address: {{ matrix_appservice_kakaotalk_homeserver_address | to_json }} # The domain of the homeserver (for MXIDs, etc). - domain: {{ matrix_appservice_kakaotalk_homeserver_domain|to_json }} + domain: {{ matrix_appservice_kakaotalk_homeserver_domain | to_json }} # Whether or not to verify the SSL certificate of the homeserver. # Only applies if address starts with https:// verify_ssl: true @@ -27,7 +27,7 @@ homeserver: # Changing these values requires regeneration of the registration. appservice: # The address that the homeserver can use to connect to this appservice. - address: {{ matrix_appservice_kakaotalk_appservice_address|to_json }} + address: {{ matrix_appservice_kakaotalk_appservice_address | to_json }} # The hostname and port where this appservice should listen. hostname: 0.0.0.0 @@ -40,7 +40,7 @@ appservice: # Format examples: # SQLite: sqlite:///filename.db # Postgres: postgres://username:password@hostname/dbname - database: {{ matrix_appservice_kakaotalk_appservice_database|to_json }} + database: {{ matrix_appservice_kakaotalk_appservice_database | to_json }} # Additional arguments for asyncpg.create_pool() or sqlite3.connect() # https://magicstack.github.io/asyncpg/current/api/index.html#asyncpg.pool.create_pool # https://docs.python.org/3/library/sqlite3.html#sqlite3.connect @@ -52,7 +52,7 @@ appservice: # The unique ID of this appservice. id: appservice-kakaotalk # Username of the appservice bot. - bot_username: {{ matrix_appservice_kakaotalk_appservice_bot_username|to_json }} + bot_username: {{ matrix_appservice_kakaotalk_appservice_bot_username | to_json }} # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty # to leave display name/avatar as-is. bot_displayname: KakaoTalk bridge bot @@ -64,8 +64,8 @@ appservice: ephemeral_events: false # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify. - as_token: {{ matrix_appservice_kakaotalk_appservice_token|to_json }} - hs_token: {{ matrix_appservice_kakaotalk_homeserver_token|to_json }} + as_token: {{ matrix_appservice_kakaotalk_appservice_token | to_json }} + hs_token: {{ matrix_appservice_kakaotalk_homeserver_token | to_json }} # Prometheus telemetry config. Requires prometheus-client to be installed. metrics: @@ -97,7 +97,7 @@ bridge: displayname_template: "{displayname} (KT)" # The prefix for commands. Only required in non-management rooms. - command_prefix: {{ matrix_appservice_kakaotalk_command_prefix|to_json }} + command_prefix: {{ matrix_appservice_kakaotalk_command_prefix | to_json }} # Number of chats to sync (and create portals for) on startup/login. # Set to 0 to disable automatic syncing, or -1 to sync as much as possible. @@ -123,7 +123,7 @@ bridge: # manually. # If using this for other servers than the bridge's server, # you must also set the URL in the double_puppet_server_map. - login_shared_secret_map: {{ matrix_appservice_kakaotalk_bridge_login_shared_secret_map|to_json }} + login_shared_secret_map: {{ matrix_appservice_kakaotalk_bridge_login_shared_secret_map | to_json }} # Whether or not to update avatars when syncing all contacts at startup. update_avatar_initial_sync: true # End-to-bridge encryption support options. These require matrix-nio to be installed with pip @@ -156,7 +156,7 @@ bridge: allow_invites: false # Whether or not created rooms should have federation enabled. # If false, created portal rooms will never be federated. - federate_rooms: {{ matrix_appservice_kakaotalk_federate_rooms|to_json }} + federate_rooms: {{ matrix_appservice_kakaotalk_federate_rooms | to_json }} # Settings for backfilling messages from KakaoTalk. backfill: # Whether or not the KakaoTalk users of logged in Matrix users should be @@ -215,7 +215,7 @@ bridge: # * - All Matrix users # domain - All users on that homeserver # mxid - Specific user - permissions: {{ matrix_appservice_kakaotalk_bridge_permissions|to_json }} + permissions: {{ matrix_appservice_kakaotalk_bridge_permissions | to_json }} relay: # Whether relay mode should be allowed. If allowed, `!kt set-relay` can be used to turn any @@ -266,11 +266,11 @@ logging: formatter: colored loggers: mau: - level: {{ matrix_appservice_kakaotalk_logging_level|to_json }} + level: {{ matrix_appservice_kakaotalk_logging_level | to_json }} paho: - level: {{ matrix_appservice_kakaotalk_logging_level|to_json }} + level: {{ matrix_appservice_kakaotalk_logging_level | to_json }} aiohttp: - level: {{ matrix_appservice_kakaotalk_logging_level|to_json }} + level: {{ matrix_appservice_kakaotalk_logging_level | to_json }} root: - level: {{ matrix_appservice_kakaotalk_logging_level|to_json }} + level: {{ matrix_appservice_kakaotalk_logging_level | to_json }} handlers: [console] From d14e499365b2710ad90b073e7bc71adc005636d4 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 25 Jul 2022 14:58:36 +0300 Subject: [PATCH 094/562] Add dedicated variables for controlling Kakaotalk encryption --- ...ing-playbook-bridge-appservice-kakaotalk.md | 18 +----------------- .../defaults/main.yml | 4 ++++ .../templates/config.yaml.j2 | 4 ++-- 3 files changed, 7 insertions(+), 19 deletions(-) diff --git a/docs/configuring-playbook-bridge-appservice-kakaotalk.md b/docs/configuring-playbook-bridge-appservice-kakaotalk.md index 0b284db1..0b1a03f7 100644 --- a/docs/configuring-playbook-bridge-appservice-kakaotalk.md +++ b/docs/configuring-playbook-bridge-appservice-kakaotalk.md @@ -26,23 +26,7 @@ There are some additional things you may wish to configure about the bridge. Take a look at: - `roles/matrix-bridge-appservice-kakaotalk/defaults/main.yml` for some variables that you can customize via your `vars.yml` file -- `roles/matrix-bridge-appservice-kakaotalk/templates/config.yaml.j2` for the bridge's default configuration. You can override settings using the `matrix_appservice_kakaotalk_configuration_extension_yaml` variable - -Here's some example configuration (which goes into your `vars.yml` file): -```yaml -# This configuration: -# - enables encryption (it's off by default) -# - grants some user on your homeserver 'admin' access to the bridge -# (note: the user specified in the `matrix_admin` (part of `roles/matrix-base/defaults/main.yml`) is made an admin by default) -matrix_appservice_kakaotalk_configuration_extension_yaml: | - bridge: - permissions: - '@YOUR_USERNAME:{{ matrix_domain }}': admin - - encryption: - allow: true - default: true -``` +- `roles/matrix-bridge-appservice-kakaotalk/templates/config.yaml.j2` for the bridge's default configuration. You can override settings (even those that don't have dedicated playbook variables) using the `matrix_appservice_kakaotalk_configuration_extension_yaml` variable ### Set up Double Puppeting diff --git a/roles/matrix-bridge-appservice-kakaotalk/defaults/main.yml b/roles/matrix-bridge-appservice-kakaotalk/defaults/main.yml index dc5e2591..d2bc94f2 100644 --- a/roles/matrix-bridge-appservice-kakaotalk/defaults/main.yml +++ b/roles/matrix-bridge-appservice-kakaotalk/defaults/main.yml @@ -119,6 +119,10 @@ matrix_appservice_kakaotalk_bridge_permissions: | matrix_appservice_kakaotalk_appservice_bot_username: kakaotalkbot matrix_appservice_kakaotalk_user_prefix: 'kakaotalk_as_' +# End-to-bridge encryption configuration +matrix_appservice_kakaotalk_bridge_encryption_allow: false +matrix_appservice_kakaotalk_bridge_encryption_default: "{{ matrix_appservice_kakaotalk_bridge_encryption_allow }}" + # Specifies the default log level for all bridge loggers. matrix_appservice_kakaotalk_logging_level: WARNING diff --git a/roles/matrix-bridge-appservice-kakaotalk/templates/config.yaml.j2 b/roles/matrix-bridge-appservice-kakaotalk/templates/config.yaml.j2 index 183377f3..1bb87cb4 100644 --- a/roles/matrix-bridge-appservice-kakaotalk/templates/config.yaml.j2 +++ b/roles/matrix-bridge-appservice-kakaotalk/templates/config.yaml.j2 @@ -133,10 +133,10 @@ bridge: # application service. encryption: # Allow encryption, work in group chat rooms with e2ee enabled - allow: false + allow: {{ matrix_appservice_kakaotalk_bridge_encryption_allow | to_json }} # Default to encryption, force-enable encryption in all portals the bridge creates # This will cause the bridge bot to be in private chats for the encryption to work properly. - default: false + default: {{ matrix_appservice_kakaotalk_bridge_encryption_default| to_json }} # Options for automatic key sharing. key_sharing: # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. From e5c4731f6812f8884fc330522a7dd4bdc284a0d3 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 25 Jul 2022 15:08:04 +0300 Subject: [PATCH 095/562] Use kakaotalk_ as the puppet prefix This is what upstream uses and also what https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1977 used. Initially, I wanted to make the prefix more unique, in case another Kakaotalk bridge comes along, but.. it's probably on the new bridge to come up with a unique puppet prefix, not on us now to override upstream decisions. --- roles/matrix-bridge-appservice-kakaotalk/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-appservice-kakaotalk/defaults/main.yml b/roles/matrix-bridge-appservice-kakaotalk/defaults/main.yml index d2bc94f2..f27f75c5 100644 --- a/roles/matrix-bridge-appservice-kakaotalk/defaults/main.yml +++ b/roles/matrix-bridge-appservice-kakaotalk/defaults/main.yml @@ -117,7 +117,7 @@ matrix_appservice_kakaotalk_bridge_permissions: | }} matrix_appservice_kakaotalk_appservice_bot_username: kakaotalkbot -matrix_appservice_kakaotalk_user_prefix: 'kakaotalk_as_' +matrix_appservice_kakaotalk_user_prefix: 'kakaotalk_' # End-to-bridge encryption configuration matrix_appservice_kakaotalk_bridge_encryption_allow: false From 532c4ffb7101b3242786457d3cb57f76c4c9714f Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 25 Jul 2022 16:54:37 +0300 Subject: [PATCH 096/562] Use force=false for appservice-kakaotalk-node Not that it matters. This option is only used when `type` is `unix`. --- .../templates/node-config.json.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-appservice-kakaotalk/templates/node-config.json.j2 b/roles/matrix-bridge-appservice-kakaotalk/templates/node-config.json.j2 index 340add39..82709138 100644 --- a/roles/matrix-bridge-appservice-kakaotalk/templates/node-config.json.j2 +++ b/roles/matrix-bridge-appservice-kakaotalk/templates/node-config.json.j2 @@ -3,7 +3,7 @@ "type": "tcp", "host": "0.0.0.0", "port": 8000, - "force": true + "force": false }, "register_timeout": 3000, "logging_keys": { From c85c062c01e6d31ee146b997d95b96f371ccda77 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 26 Jul 2022 09:08:33 +0300 Subject: [PATCH 097/562] Upgrade ddclient (v3.9.1-ls92 -> v3.9.1-ls93) --- roles/matrix-dynamic-dns/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dynamic-dns/defaults/main.yml b/roles/matrix-dynamic-dns/defaults/main.yml index bdeea0f1..c077ee12 100644 --- a/roles/matrix-dynamic-dns/defaults/main.yml +++ b/roles/matrix-dynamic-dns/defaults/main.yml @@ -7,7 +7,7 @@ matrix_dynamic_dns_enabled: true # The dynamic dns daemon interval matrix_dynamic_dns_daemon_interval: '300' -matrix_dynamic_dns_version: v3.9.1-ls92 +matrix_dynamic_dns_version: v3.9.1-ls93 # The docker container to use when in mode matrix_dynamic_dns_docker_image: "{{ matrix_dynamic_dns_docker_image_name_prefix }}linuxserver/ddclient:{{ matrix_dynamic_dns_version }}" From d5f1e5e8f4756ac7d4e1484366736494aef16ceb Mon Sep 17 00:00:00 2001 From: mcnesium Date: Tue, 26 Jul 2022 11:32:58 +0200 Subject: [PATCH 098/562] Double quote to prevent globbing and word splitting. --- inventory/scripts/jitsi-generate-passwords.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/inventory/scripts/jitsi-generate-passwords.sh b/inventory/scripts/jitsi-generate-passwords.sh index c48a0c2d..f24a3fba 100755 --- a/inventory/scripts/jitsi-generate-passwords.sh +++ b/inventory/scripts/jitsi-generate-passwords.sh @@ -18,7 +18,7 @@ JIBRI_XMPP_PASSWORD=$(generatePassword) echo "# Paste these variables into your inventory/host_vars/matrix.DOMAIN/vars.yml file:" echo "" -echo "matrix_jitsi_jicofo_auth_password: "$JICOFO_AUTH_PASSWORD -echo "matrix_jitsi_jvb_auth_password: "$JVB_AUTH_PASSWORD -echo "matrix_jitsi_jibri_recorder_password: "$JIBRI_RECORDER_PASSWORD -echo "matrix_jitsi_jibri_xmpp_password: "$JIBRI_XMPP_PASSWORD +echo "matrix_jitsi_jicofo_auth_password: $JICOFO_AUTH_PASSWORD" +echo "matrix_jitsi_jvb_auth_password: $JVB_AUTH_PASSWORD" +echo "matrix_jitsi_jibri_recorder_password: $JIBRI_RECORDER_PASSWORD" +echo "matrix_jitsi_jibri_xmpp_password: $JIBRI_XMPP_PASSWORD" From 72309ed0a16178de55f2b31fd6c7dc49db5fff03 Mon Sep 17 00:00:00 2001 From: mcnesium Date: Tue, 26 Jul 2022 15:34:55 +0200 Subject: [PATCH 099/562] run the playbook on multiple hosts with different credentials (#1980) * run the playbook on multiple hosts with different credentials with this script * fix: add yaml missing document start "---" * fix: *now really* allow this script to be run from any directory * add about-note to examples/host.yml Co-authored-by: Slavi Pantaleev * improve ansible-all-hosts.sh related docs/configuring-playbook.md Co-authored-by: Slavi Pantaleev * fix typos :) Co-authored-by: Slavi Pantaleev --- docs/configuring-playbook.md | 1 + examples/host.yml | 11 +++++++++ inventory/scripts/ansible-all-hosts.sh | 32 ++++++++++++++++++++++++++ 3 files changed, 44 insertions(+) create mode 100644 examples/host.yml create mode 100755 inventory/scripts/ansible-all-hosts.sh diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index e5301df1..bd652ed3 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -18,6 +18,7 @@ You can then follow these steps inside the playbook directory: 1. edit the inventory hosts file (`inventory/hosts`) to your liking +1. (optional, advanced) to run Ansible against multiple servers with different `sudo` credentials, you can copy the sample inventory hosts yaml file for each of your hosts: (`cp examples/host.yml inventory/my_host1.yml` …) and use the [`ansible-all-hosts.sh`](../inventory/scripts/ansible-all-hosts.sh) script [in the installation step](installing.md). For a basic Matrix installation, that's all you need. For a more custom setup, see the [Other configuration options](#other-configuration-options) below. diff --git a/examples/host.yml b/examples/host.yml new file mode 100644 index 00000000..e9ba2810 --- /dev/null +++ b/examples/host.yml @@ -0,0 +1,11 @@ +--- + +# This is a host file for usage with the `ansible-all-hosts.sh` script, +# which runs Ansible against a bunch of hosts, each with its own `sudo` password. +matrix_servers: + hosts: + matrix.: + ansible_host: + ansible_ssh_user: + become: true + become_user: root diff --git a/inventory/scripts/ansible-all-hosts.sh b/inventory/scripts/ansible-all-hosts.sh new file mode 100755 index 00000000..3b611ab3 --- /dev/null +++ b/inventory/scripts/ansible-all-hosts.sh @@ -0,0 +1,32 @@ +#!/usr/bin/env bash +# +# Run the playbook on multiple hosts with different credentials with this script +# It defaults to ansible tags "setup-all,start". You can pass alternative tags +# to this script as arguments, e.g. +# +# ./inventory/scripts/ansible-all-hosts.sh self-check +# + +# set playbook root path +root=$(dirname "$(readlink -f "$0")")/../.. + +# set default tags or get from first argument if any +tags="${1:-setup-all,start}" + +# init password array +declare -A pws + +# capture passwords for all hosts +for host in "$root"/inventory/*.yml; do + read -rp "sudo password for $(basename "$host"): " -s pw + pws[$host]="$pw" + echo +done + +# run ansible on all captured passwords/hosts +for host in "${!pws[@]}"; do + ansible-playbook "$root"/setup.yml \ + --inventory-file "$host" \ + --extra-vars "ansible_become_pass=${pws[$host]}" \ + --tags="$tags" +done From 9c15474d94e44de3375dea167644f7bf1485377f Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 26 Jul 2022 17:10:00 +0300 Subject: [PATCH 100/562] Upgrade Grafana (9.0.4 -> 9.0.5) --- roles/matrix-grafana/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index a1cd3273..c0e64b4b 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -5,7 +5,7 @@ matrix_grafana_enabled: false -matrix_grafana_version: 9.0.4 +matrix_grafana_version: 9.0.5 matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}" matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}" From 10a5b0d831b321667e45783e50aefc4952edb555 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 26 Jul 2022 17:31:06 +0300 Subject: [PATCH 101/562] Add warnings about using Borg backup with external Postgres Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1982 --- roles/matrix-backup-borg/tasks/setup_install.yml | 7 +++++++ .../tasks/detect_existing_postgres_version.yml | 6 ++++++ 2 files changed, 13 insertions(+) diff --git a/roles/matrix-backup-borg/tasks/setup_install.yml b/roles/matrix-backup-borg/tasks/setup_install.yml index cc9816fa..e3401a13 100644 --- a/roles/matrix-backup-borg/tasks/setup_install.yml +++ b/roles/matrix-backup-borg/tasks/setup_install.yml @@ -1,6 +1,13 @@ --- - block: + - name: Fail with matrix_backup_borg_version advice if Postgres not enabled + ansible.builtin.fail: + msg: >- + You are not running a built-in Postgres server (`matrix_postgres_enabled: false`), so auto-detecting its version and setting `matrix_backup_borg_version` automatically based on that cannot happen. + Consider setting `matrix_backup_borg_version` to your Postgres version manually. + when: not matrix_postgres_enabled + - ansible.builtin.import_role: name: matrix-postgres tasks_from: detect_existing_postgres_version diff --git a/roles/matrix-postgres/tasks/detect_existing_postgres_version.yml b/roles/matrix-postgres/tasks/detect_existing_postgres_version.yml index 4f4e5e9a..687d5e3a 100644 --- a/roles/matrix-postgres/tasks/detect_existing_postgres_version.yml +++ b/roles/matrix-postgres/tasks/detect_existing_postgres_version.yml @@ -6,6 +6,12 @@ # This utility is intentionally not in `tasks/util`, because if it were, it wouldn't be possible # to include it in other roles via the import_role module: https://docs.ansible.com/ansible/latest/collections/ansible/builtin/import_role_module.html + +- name: Fail detection if expectation fails (Postgres not enabled) + ansible.builtin.fail: + msg: "Trying to detect the version of the built-in Postgres server, but Postgres installation is not enabled (`matrix_postgres_enabled: false`)" + when: not matrix_postgres_enabled + - name: Initialize Postgres version determination variables (default to empty) ansible.builtin.set_fact: matrix_postgres_detection_pg_version_path: "{{ matrix_postgres_data_path }}/PG_VERSION" From a1469c8e14953194456a47a800990d6c5d96834e Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 26 Jul 2022 16:08:04 +0000 Subject: [PATCH 102/562] Update Element v1.11.0 -> v1.11.1 --- roles/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index 119f31a2..7951e891 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -10,7 +10,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/vecto # - https://github.com/vector-im/element-web/issues/19544 matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" -matrix_client_element_version: v1.11.0 +matrix_client_element_version: v1.11.1 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" From 2e40ad7d4ee4d3a2cc48f8c2e052510274546cc0 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 27 Jul 2022 09:36:58 +0300 Subject: [PATCH 103/562] Announce Kakaotalk support --- CHANGELOG.md | 9 +++++++++ docs/configuring-playbook-bridge-appservice-kakaotalk.md | 1 + 2 files changed, 10 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 66f740ed..7acc9d3e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,12 @@ +# 2022-07-27 + +## matrix-appservice-kakaotalk support + +The playbook now supports bridging to [Kakaotalk](https://www.kakaocorp.com/page/service/service/KakaoTalk?lang=ENG) via [matrix-appservice-kakaotalk](https://src.miscworks.net/fair/matrix-appservice-kakaotalk) - a bridge based on [node-kakao](https://github.com/storycraft/node-kakao) (now unmaintained) and some [mautrix-facebook](https://github.com/mautrix/facebook) code. Thanks to [hnarjis](https://github.com/hnarjis) for helping us add support for this! + +See our [Setting up Appservice Kakaotalk bridging](docs/configuring-playbook-bridge-appservice-kakaotalk.md) documentation to get started. + + # 2022-07-20 ## maubot support diff --git a/docs/configuring-playbook-bridge-appservice-kakaotalk.md b/docs/configuring-playbook-bridge-appservice-kakaotalk.md index 0b1a03f7..9ea7a3d1 100644 --- a/docs/configuring-playbook-bridge-appservice-kakaotalk.md +++ b/docs/configuring-playbook-bridge-appservice-kakaotalk.md @@ -4,6 +4,7 @@ The playbook can install and configure [matrix-appservice-kakaotalk](https://src See the project's [documentation](https://src.miscworks.net/fair/matrix-appservice-kakaotalk) to learn what it does and why it might be useful to you. + ## Installing To enable the bridge, add this to your `vars.yml` file: From c77f2b8a64ccb0d405cc48522d94f7129f431092 Mon Sep 17 00:00:00 2001 From: snailed Date: Thu, 28 Jul 2022 13:11:42 +0000 Subject: [PATCH 104/562] Make http_host_bind_port vars more useful (#1984) * if variable to bind an exporter container to a host port is set, have matrix-domain.conf (nginx) support this * manipulate some variables to account for just port numbers or 0.0.0.0 IPs * Make sure to use the right variable in the init.yml files * Update roles/matrix-prometheus-node-exporter/tasks/init.yml Co-authored-by: Slavi Pantaleev * Update roles/matrix-prometheus-postgres-exporter/tasks/init.yml Co-authored-by: Slavi Pantaleev * remove extraneous variables and whitespace Co-authored-by: Luca Bilke Co-authored-by: Slavi Pantaleev --- roles/matrix-prometheus-node-exporter/defaults/main.yml | 8 +++++++- roles/matrix-prometheus-node-exporter/tasks/init.yml | 6 +++--- roles/matrix-prometheus-node-exporter/vars/main.yml | 5 +++++ .../matrix-prometheus-postgres-exporter/defaults/main.yml | 8 +++++++- roles/matrix-prometheus-postgres-exporter/tasks/init.yml | 6 +++--- roles/matrix-prometheus-postgres-exporter/vars/main.yml | 5 +++++ 6 files changed, 30 insertions(+), 8 deletions(-) create mode 100644 roles/matrix-prometheus-node-exporter/vars/main.yml create mode 100644 roles/matrix-prometheus-postgres-exporter/vars/main.yml diff --git a/roles/matrix-prometheus-node-exporter/defaults/main.yml b/roles/matrix-prometheus-node-exporter/defaults/main.yml index d9077697..c7d6512f 100644 --- a/roles/matrix-prometheus-node-exporter/defaults/main.yml +++ b/roles/matrix-prometheus-node-exporter/defaults/main.yml @@ -38,7 +38,7 @@ matrix_prometheus_node_exporter_metrics_proxying_enabled: false # Controls whether the matrix-prometheus container exposes its HTTP port (tcp/9100 in the container). # -# Takes an ":" value (e.g. "127.0.0.1:9100"), or empty string to not expose. +# Takes an ":" value (e.g. "127.0.0.1:9100"), just a port number or empty string to not expose. # # You likely don't need to do this. See `matrix_prometheus_node_exporter_metrics_proxying_enabled`. # @@ -54,3 +54,9 @@ matrix_prometheus_node_exporter_metrics_proxying_enabled: false # because node-exporter can't see all interfaces, etc. # For now, we'll live with that, until someone develops a better solution. matrix_prometheus_node_exporter_container_http_host_bind_port: '' + +# If you are supplying your own NGINX proxy but want to use the provided exporters you will have to supply an ":" value for the containers to bind to on your host. +# If matrix_prometheus_node_exporter_container_http_host_bind_port is set to just a port number, this will default to "127.0.0.1:" +# If matrix_prometheus_node_exporter_container_http_host_bind_port is set to an IP that is not 0.0.0.0 and a port, that ":" value will be used +# Otherwise this value will be empty and you will have to manually configure your NGINX config file. (If you are using the config files generated by this playbook, you will have to edit matrix-domain.conf) +matrix_prometheus_node_exporter_matrix_nginx_proxy_not_enabled_proxy_pass_host: "{{ '127.0.0.1' + matrix_prometheus_node_exporter_container_http_host_bind_port_number_raw if not ':' in matrix_prometheus_node_exporter_container_http_host_bind_port else (matrix_prometheus_node_exporter_container_http_host_bind_port if matrix_prometheus_node_exporter_container_http_host_bind_port.split(':')[0] != '0.0.0.0' else '') }}" diff --git a/roles/matrix-prometheus-node-exporter/tasks/init.yml b/roles/matrix-prometheus-node-exporter/tasks/init.yml index 51dd94f2..42f21667 100644 --- a/roles/matrix-prometheus-node-exporter/tasks/init.yml +++ b/roles/matrix-prometheus-node-exporter/tasks/init.yml @@ -23,10 +23,10 @@ resolver 127.0.0.11 valid=5s; set $backend "matrix-prometheus-node-exporter:9100"; proxy_pass http://$backend/metrics; + {% elif matrix_prometheus_node_exporter_matrix_nginx_proxy_not_enabled_proxy_pass_host != '' %} + proxy_pass http://{{ matrix_prometheus_node_exporter_matrix_nginx_proxy_not_enabled_proxy_pass_host }}/metrics; {% else %} - {# Generic configuration for use outside of our container setup #} - {# This may be implemented in the future. #} - return 404 "matrix-nginx-proxy is disabled, so metrics are unavailable"; + return 404 "matrix-nginx-proxy is disabled and no host port was bound to the container, so metrics are unavailable"; {% endif %} } diff --git a/roles/matrix-prometheus-node-exporter/vars/main.yml b/roles/matrix-prometheus-node-exporter/vars/main.yml new file mode 100644 index 00000000..952dc205 --- /dev/null +++ b/roles/matrix-prometheus-node-exporter/vars/main.yml @@ -0,0 +1,5 @@ +--- + +# `matrix_prometheus_node_exporter_container_http_host_bind_port_number_raw` contains the raw port number extracted from `matrix_prometheus_node_exporter_container_http_host_bind_port`, +# which can contain values like this: ('1234', '127.0.0.1:1234', '0.0.0.0:1234') +matrix_prometheus_node_exporter_container_http_host_bind_port_number_raw: "{{ '' if matrix_prometheus_node_exporter_container_http_host_bind_port == '' else (matrix_prometheus_node_exporter_container_http_host_bind_port.split(':')[1] if ':' in matrix_prometheus_node_exporter_container_http_host_bind_port else matrix_prometheus_node_exporter_container_http_host_bind_port) }}" diff --git a/roles/matrix-prometheus-postgres-exporter/defaults/main.yml b/roles/matrix-prometheus-postgres-exporter/defaults/main.yml index 82a12f42..b530df85 100644 --- a/roles/matrix-prometheus-postgres-exporter/defaults/main.yml +++ b/roles/matrix-prometheus-postgres-exporter/defaults/main.yml @@ -35,7 +35,7 @@ matrix_prometheus_postgres_exporter_metrics_proxying_enabled: false # Controls whether the matrix-prometheus container exposes its HTTP port (tcp/9187 in the container). # -# Takes an ":" value (e.g. "127.0.0.1:9187"), or empty string to not expose. +# Takes an ":" value (e.g. "127.0.0.1:9187"), just a port number or an empty string to not expose. # # You likely don't need to do this. See `matrix_prometheus_postgres_exporter_metrics_proxying_enabled`. # @@ -52,5 +52,11 @@ matrix_prometheus_postgres_exporter_metrics_proxying_enabled: false # For now, we'll live with that, until someone develops a better solution. matrix_prometheus_postgres_exporter_container_http_host_bind_port: '' +# If you are supplying your own NGINX proxy but want to use the provided exporters you will have to supply an ":" value for the containers to bind to on your host. +# If matrix_prometheus_postgres_exporter_container_http_host_bind_port is set to just a port number, this will default to "127.0.0.1:" +# If matrix_prometheus_postgres_exporter_container_http_host_bind_port is set to an IP that is not 0.0.0.0 and a port, that ":" value will be used +# Otherwise this value will be empty and you will have to manually configure your NGINX config file. (If you are using the config files generated by this playbook, you will have to edit matrix-domain.conf) +matrix_prometheus_postgres_exporter_matrix_nginx_proxy_not_enabled_proxy_pass_host: "{{ '127.0.0.1' + matrix_prometheus_postgres_exporter_container_http_host_bind_port_number_raw if not ':' in matrix_prometheus_postgres_exporter_container_http_host_bind_port else (matrix_prometheus_postgres_exporter_container_http_host_bind_port if matrix_prometheus_postgres_exporter_container_http_host_bind_port.split(':')[0] != '0.0.0.0' else '') }}" + matrix_prometheus_postgres_exporter_dashboard_urls: - "https://grafana.com/api/dashboards/9628/revisions/7/download" diff --git a/roles/matrix-prometheus-postgres-exporter/tasks/init.yml b/roles/matrix-prometheus-postgres-exporter/tasks/init.yml index 6da16937..03fe965c 100644 --- a/roles/matrix-prometheus-postgres-exporter/tasks/init.yml +++ b/roles/matrix-prometheus-postgres-exporter/tasks/init.yml @@ -23,10 +23,10 @@ resolver 127.0.0.11 valid=5s; set $backend "matrix-prometheus-postgres-exporter:9187"; proxy_pass http://$backend/metrics; + {% elif matrix_prometheus_postgres_exporter_matrix_nginx_proxy_not_enabled_proxy_pass_host != '' %} + proxy_pass http://{{ matrix_prometheus_postgres_exporter_matrix_nginx_proxy_not_enabled_proxy_pass_host }}/metrics; {% else %} - {# Generic configuration for use outside of our container setup #} - {# This may be implemented in the future. #} - return 404 "matrix-nginx-proxy is disabled, so metrics are unavailable"; + return 404 "matrix-nginx-proxy is disabled and no host port was bound to the container, so metrics are unavailable"; {% endif %} } diff --git a/roles/matrix-prometheus-postgres-exporter/vars/main.yml b/roles/matrix-prometheus-postgres-exporter/vars/main.yml new file mode 100644 index 00000000..aed3b216 --- /dev/null +++ b/roles/matrix-prometheus-postgres-exporter/vars/main.yml @@ -0,0 +1,5 @@ +--- + +# `matrix_prometheus_postgres_exporter_container_http_host_bind_port_number_raw` contains the raw port number extracted from `matrix_prometheus_postgres_exporter_container_http_host_bind_port`, +# which can contain values like this: ('1234', '127.0.0.1:1234', '0.0.0.0:1234') +matrix_prometheus_postgres_exporter_container_http_host_bind_port_number_raw: "{{ '' if matrix_prometheus_postgres_exporter_container_http_host_bind_port == '' else (matrix_prometheus_postgres_exporter_container_http_host_bind_port.split(':')[1] if ':' in matrix_prometheus_postgres_exporter_container_http_host_bind_port else matrix_prometheus_postgres_exporter_container_http_host_bind_port) }}" From 953efe6a74a9a68d82a5b636b58a88d7395ec4a6 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 28 Jul 2022 16:58:38 +0300 Subject: [PATCH 105/562] Upgrade prometheus-postgres-exporter (v0.10.1 -> v0.11.0) --- roles/matrix-prometheus-postgres-exporter/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-prometheus-postgres-exporter/defaults/main.yml b/roles/matrix-prometheus-postgres-exporter/defaults/main.yml index b530df85..fbe16ca8 100644 --- a/roles/matrix-prometheus-postgres-exporter/defaults/main.yml +++ b/roles/matrix-prometheus-postgres-exporter/defaults/main.yml @@ -4,7 +4,7 @@ matrix_prometheus_postgres_exporter_enabled: false -matrix_prometheus_postgres_exporter_version: v0.10.1 +matrix_prometheus_postgres_exporter_version: v0.11.0 matrix_prometheus_postgres_exporter_port: 9187 matrix_prometheus_postgres_exporter_docker_image: "quay.io/prometheuscommunity/postgres-exporter:{{ matrix_prometheus_postgres_exporter_version }}" From 6fb961eb12b012dddd79b60dd8985cd5191ed21f Mon Sep 17 00:00:00 2001 From: MdotAmaan <38326222+MdotAmaan@users.noreply.github.com> Date: Thu, 28 Jul 2022 22:14:45 +0400 Subject: [PATCH 106/562] Make changes according to feedback Co-authored-by: Slavi Pantaleev Update group_vars/matrix_servers Co-authored-by: Slavi Pantaleev Remove old data migration tasks Co-authored-by: Slavi Pantaleev Update roles/matrix-bridge-mautrix-discord/tasks/validate_config.yml Co-authored-by: Slavi Pantaleev Redo bridge permissions --- ...iguring-playbook-bridge-mautrix-discord.md | 2 ++ group_vars/matrix_servers | 4 +-- .../defaults/main.yml | 6 +++++ .../tasks/setup_install.yml | 27 ------------------- .../tasks/validate_config.yml | 10 ------- .../templates/config.yaml.j2 | 18 +++++-------- .../systemd/matrix-mautrix-discord.service.j2 | 4 +-- 7 files changed, 19 insertions(+), 52 deletions(-) diff --git a/docs/configuring-playbook-bridge-mautrix-discord.md b/docs/configuring-playbook-bridge-mautrix-discord.md index 73c762a8..46b73e0e 100644 --- a/docs/configuring-playbook-bridge-mautrix-discord.md +++ b/docs/configuring-playbook-bridge-mautrix-discord.md @@ -1,5 +1,7 @@ # Setting up Mautrix Discord (optional) +**Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) and [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md) bridges supported by the playbook. + The playbook can install and configure [mautrix-discord](https://github.com/mautrix/discord) for you. See the project's [documentation](https://docs.mau.fi/bridges/go/discord/index.html) to learn what it does and why it might be useful to you. diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 1d52c3ad..18bd1fc7 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -646,9 +646,9 @@ matrix_mautrix_discord_systemd_required_services_list: | (['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else []) }} -matrix_mautrix_discord_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'maudiscord.as.token') | to_uuid }}" +matrix_mautrix_discord_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'maudisc.as.tok') | to_uuid }}" -matrix_mautrix_discord_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'maudiscord.hs.token') | to_uuid }}" +matrix_mautrix_discord_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'maudisc.hs.tok') | to_uuid }}" matrix_mautrix_discord_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}" diff --git a/roles/matrix-bridge-mautrix-discord/defaults/main.yml b/roles/matrix-bridge-mautrix-discord/defaults/main.yml index a1ff83cd..dbc23031 100644 --- a/roles/matrix-bridge-mautrix-discord/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-discord/defaults/main.yml @@ -25,6 +25,12 @@ matrix_mautrix_discord_appservice_address: "http://matrix-mautrix-discord:8080" matrix_mautrix_discord_command_prefix: "!discord" +matrix_mautrix_discord_bridge_permissions: | + {{ + {matrix_mautrix_discord_homeserver_domain: 'user'} + | combine({matrix_admin: 'admin'} if matrix_admin else {}) + }} + # A list of extra arguments to pass to the container matrix_mautrix_discord_container_extra_arguments: [] diff --git a/roles/matrix-bridge-mautrix-discord/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-discord/tasks/setup_install.yml index 935371ef..7e2ed79c 100644 --- a/roles/matrix-bridge-mautrix-discord/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-discord/tasks/setup_install.yml @@ -87,33 +87,6 @@ pull: true when: "matrix_mautrix_discord_container_image_self_build | bool" -- name: Check if an old database file exists - ansible.builtin.stat: - path: "{{ matrix_mautrix_discord_base_path }}/mautrix-discord.db" - register: matrix_mautrix_discord_stat_database - -- name: Check if an old matrix state file exists - ansible.builtin.stat: - path: "{{ matrix_mautrix_discord_base_path }}/mx-state.json" - register: matrix_mautrix_discord_stat_mx_state - -- name: (Data relocation) Ensure matrix-mautrix-discord.service is stopped - ansible.builtin.service: - name: matrix-mautrix-discord - state: stopped - enabled: false - daemon_reload: true - failed_when: false - when: "matrix_mautrix_discord_stat_database.stat.exists" - -- name: (Data relocation) Move mautrix-discord database file to ./data directory - ansible.builtin.command: "mv {{ matrix_mautrix_discord_base_path }}/mautrix-discord.db {{ matrix_mautrix_discord_data_path }}/mautrix-discord.db" - when: "matrix_mautrix_discord_stat_database.stat.exists" - -- name: (Data relocation) Move mautrix-discord mx-state file to ./data directory - ansible.builtin.command: "mv {{ matrix_mautrix_discord_base_path }}/mx-state.json {{ matrix_mautrix_discord_data_path }}/mx-state.json" - when: "matrix_mautrix_discord_stat_mx_state.stat.exists" - - name: Ensure mautrix-discord config.yaml installed ansible.builtin.copy: content: "{{ matrix_mautrix_discord_configuration | to_nice_yaml(indent=2, width=999999) }}" diff --git a/roles/matrix-bridge-mautrix-discord/tasks/validate_config.yml b/roles/matrix-bridge-mautrix-discord/tasks/validate_config.yml index ddf78524..4ba7e127 100644 --- a/roles/matrix-bridge-mautrix-discord/tasks/validate_config.yml +++ b/roles/matrix-bridge-mautrix-discord/tasks/validate_config.yml @@ -8,13 +8,3 @@ with_items: - "matrix_mautrix_discord_appservice_token" - "matrix_mautrix_discord_homeserver_token" - - -- name: (Deprecation) Catch and report renamed settings - ansible.builtin.fail: - msg: >- - Your configuration contains a variable, which now has a different name. - Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`). - when: "item.old in vars" - with_items: - - {'old': 'matrix_mautrix_discord_log_level', 'new': 'matrix_mautrix_discord_logging_level'} diff --git a/roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 index fb10b1ac..fdd4f788 100644 --- a/roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 @@ -2,9 +2,9 @@ # Homeserver details. homeserver: # The address that this appservice can use to connect to the homeserver. - address: {{ matrix_mautrix_discord_homeserver_address }} + address: {{ matrix_mautrix_discord_homeserver_address | to_json }} # The domain of the homeserver (for MXIDs, etc). - domain: {{ matrix_mautrix_discord_homeserver_domain }} + domain: {{ matrix_mautrix_discord_homeserver_domain | to_json }} # Is the homeserver actually mautrix-asmux? asmux: false # The URL to push real-time bridge status to. @@ -20,7 +20,7 @@ homeserver: # Changing these values requires regeneration of the registration. appservice: # The address that the homeserver can use to connect to this appservice. - address: {{ matrix_mautrix_discord_appservice_address }} + address: {{ matrix_mautrix_discord_appservice_address | to_json }} # The hostname and port where this appservice should listen. hostname: 0.0.0.0 @@ -58,8 +58,8 @@ appservice: ephemeral_events: true # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify. - as_token: "{{ matrix_mautrix_discord_appservice_token }}" - hs_token: "{{ matrix_mautrix_discord_homeserver_token }}" + as_token: {{ matrix_mautrix_discord_appservice_token | to_json }} + hs_token: {{ matrix_mautrix_discord_homeserver_token | to_json }} # Bridge config bridge: @@ -208,11 +208,7 @@ bridge: # * - All Matrix users # domain - All users on that homeserver # mxid - Specific user - permissions: - "{{ matrix_mautrix_discord_homeserver_domain }}": user - {% if matrix_admin %} - "{{ matrix_admin }}": admin - {% endif %} + permissions: {{ matrix_mautrix_discord_bridge_permissions|to_json }} logging: directory: ./logs @@ -220,6 +216,6 @@ logging: file_date_format: "2006-01-02" file_mode: 384 timestamp_format: Jan _2, 2006 15:04:05 - print_level: {{ matrix_mautrix_discord_logging_level }} + print_level: {{ matrix_mautrix_discord_logging_level | to_json }} print_json: false file_json: false diff --git a/roles/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 b/roles/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 index 76046b44..788cd012 100644 --- a/roles/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 +++ b/roles/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 @@ -24,8 +24,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-discor --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ --network={{ matrix_docker_network }} \ - -v {{ matrix_mautrix_discord_config_path }}:/config:z \ - -v {{ matrix_mautrix_discord_data_path }}:/data:z \ + --mount type=bind,src={{ matrix_mautrix_discord_config_path }},dst=/config,ro \ + --mount type=bind,src={{ matrix_mautrix_discord_data_path }},dst=/data \ --workdir=/data \ {% for arg in matrix_mautrix_discord_container_extra_arguments %} {{ arg }} \ From 9d10d5543b4695654946aa6eee27fe7982394b86 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 29 Jul 2022 08:10:09 +0300 Subject: [PATCH 107/562] Announce mautrix-discord support --- CHANGELOG.md | 9 +++++++++ docs/configuring-playbook-bridge-appservice-discord.md | 4 ++-- docs/configuring-playbook-bridge-mx-puppet-discord.md | 2 +- 3 files changed, 12 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 7acc9d3e..c9f20ee3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,12 @@ +# 2022-07-29 + +## mautrix-discord support + +Thanks to [MdotAmaan](https://github.com/MdotAmaan)'s efforts, the playbook now supports bridging to [Discord](https://discordapp.com/) via the [mautrix-discord](https://mau.dev/mautrix/discord) bridge. See our [Setting up Mautrix Discord bridging](docs/configuring-playbook-bridge-mautrix-discord.md) documentation page for getting started. + +**Note**: this is a new Discord bridge. The playbook still retains Discord bridging via [matrix-appservice-discord](docs/configuring-playbook-bridge-appservice-discord.md) and [mx-puppet-discord](docs/configuring-playbook-bridge-mx-puppet-discord.md). You're free too use the bridge that serves you better, or even all three of them (for different users and use-cases). + + # 2022-07-27 ## matrix-appservice-kakaotalk support diff --git a/docs/configuring-playbook-bridge-appservice-discord.md b/docs/configuring-playbook-bridge-appservice-discord.md index e25686bf..8463dc6f 100644 --- a/docs/configuring-playbook-bridge-appservice-discord.md +++ b/docs/configuring-playbook-bridge-appservice-discord.md @@ -1,6 +1,6 @@ # Setting up Appservice Discord (optional) -**Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) bridge supported by the playbook. +**Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) and [mautrix-discord](docs/configuring-playbook-bridge-mautrix-discord.md) bridges supported by the playbook. The playbook can install and configure [matrix-appservice-discord](https://github.com/Half-Shot/matrix-appservice-discord) for you. @@ -61,7 +61,7 @@ To get started with Portal Bridging: 1. To invite the bot to Discord, retrieve the invite link from the `{{ matrix_appservice_discord_config_path }}/invite_link` file on the server (this defaults to `/matrix/appservice-discord/config/invite_link`). You need to peek at the file on the server via SSH, etc., because it's not available via HTTP(S). 2. Room addresses follow this syntax: `#_discord__`. You can easily find the guild and channel IDs by logging into Discord in a browser and opening the desired channel. The URL will have this format: `discord.com/channels//`. -3. Once you have figured out the appropriate room address, you can join by doing `/join #_discord__` in your Matrix client. +3. Once you have figured out the appropriate room address, you can join by doing `/join #_discord__` in your Matrix client. ## Getting Administrator access in a portal bridged room diff --git a/docs/configuring-playbook-bridge-mx-puppet-discord.md b/docs/configuring-playbook-bridge-mx-puppet-discord.md index 2be7f206..404122b6 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-discord.md +++ b/docs/configuring-playbook-bridge-mx-puppet-discord.md @@ -1,6 +1,6 @@ # Setting up MX Puppet Discord (optional) -**Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md) bridge supported by the playbook. +**Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md)and [mautrix-discord](docs/configuring-playbook-bridge-mautrix-discord.md) bridges supported by the playbook. The playbook can install and configure [mx-puppet-discord](https://github.com/matrix-discord/mx-puppet-discord) for you. From 5d7c5d122d51d573a41b0e06f13c7458b9b2d06f Mon Sep 17 00:00:00 2001 From: IUCCA <33322841+IUCCA@users.noreply.github.com> Date: Fri, 29 Jul 2022 07:28:25 +0200 Subject: [PATCH 108/562] Added option to add env variables to mautrix signal daemon container (#1882) * Auto trust new signal identities from signald doku: when a remote key changes, set trust level to TRUSTED_UNVERIFIED instead of UNTRUSTED I find it much more convenient when new identities are automatically recognized as trusted, as the process to do that manually is cumbersome. Should this the default behavior, or should i add an option to configure this behavior? * Added option to trust new signal identities * Using env file * Renamed variable * Corrected typo * Use fully-qualified Ansible module name * removed option trust_new_keys Co-authored-by: Slavi Pantaleev --- roles/matrix-bridge-mautrix-signal/defaults/main.yml | 7 +++++++ .../matrix-bridge-mautrix-signal/tasks/setup_install.yml | 9 +++++++++ roles/matrix-bridge-mautrix-signal/templates/env.j2 | 1 + .../systemd/matrix-mautrix-signal-daemon.service.j2 | 1 + 4 files changed, 18 insertions(+) create mode 100644 roles/matrix-bridge-mautrix-signal/templates/env.j2 diff --git a/roles/matrix-bridge-mautrix-signal/defaults/main.yml b/roles/matrix-bridge-mautrix-signal/defaults/main.yml index 161fa892..bdef7fa5 100644 --- a/roles/matrix-bridge-mautrix-signal/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-signal/defaults/main.yml @@ -143,3 +143,10 @@ matrix_mautrix_signal_log_level: 'DEBUG' matrix_mautrix_signal_bridge_encryption_allow: false matrix_mautrix_signal_bridge_encryption_default: "{{ matrix_mautrix_signal_bridge_encryption_allow }}" matrix_mautrix_signal_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_signal_bridge_encryption_allow }}" + +# Additional environment variables to pass to the Signal Daemon container +# +# Example: +# matrix_mautrix_signal_daemon_environment_variables_extension: | +# SIGNALD_TRUST_NEW_KEYS=true +matrix_mautrix_signal_daemon_environment_variables_extension: '' diff --git a/roles/matrix-bridge-mautrix-signal/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-signal/tasks/setup_install.yml index 3a7ad508..cfc704a8 100644 --- a/roles/matrix-bridge-mautrix-signal/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-signal/tasks/setup_install.yml @@ -92,6 +92,15 @@ - "{{ matrix_mautrix_signal_daemon_path }}/attachments" - "{{ matrix_mautrix_signal_daemon_path }}/data" + +- name: Ensure mautrix-signal-daemon environment variables file created + ansible.builtin.template: + src: "{{ role_path }}/templates/env.j2" + dest: "{{ matrix_mautrix_signal_daemon_path }}/env" + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + mode: 0644 + - name: Ensure mautrix-signal config.yaml installed ansible.builtin.copy: content: "{{ matrix_mautrix_signal_configuration | to_nice_yaml(indent=2, width=999999) }}" diff --git a/roles/matrix-bridge-mautrix-signal/templates/env.j2 b/roles/matrix-bridge-mautrix-signal/templates/env.j2 new file mode 100644 index 00000000..f5357ed2 --- /dev/null +++ b/roles/matrix-bridge-mautrix-signal/templates/env.j2 @@ -0,0 +1 @@ +{{ matrix_mautrix_signal_daemon_environment_variables_extension }} diff --git a/roles/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 b/roles/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 index d6be37e9..31e68ea9 100644 --- a/roles/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 +++ b/roles/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 @@ -34,6 +34,7 @@ ExecStartPre=-{{ matrix_host_command_docker }} run --rm --name matrix-mautrix-si # We can't use `--read-only` for this bridge. ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-signal-daemon \ --log-driver=none \ + --env-file={{ matrix_mautrix_signal_daemon_path }}/env \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ --network={{ matrix_docker_network }} \ From 05cfd488081bc5722ce8b5817474c066557b38e1 Mon Sep 17 00:00:00 2001 From: vaivars Date: Fri, 29 Jul 2022 08:33:42 +0300 Subject: [PATCH 109/562] Add example configuration for Caddy v2 (#1985) * Add example configuration for Caddy v2 Add a basic example how to get synapse-admin running behind Caddy v2 proxy. * Improve working, fix typos * Fix typos Co-authored-by: Slavi Pantaleev --- docs/configuring-playbook-synapse-admin.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/docs/configuring-playbook-synapse-admin.md b/docs/configuring-playbook-synapse-admin.md index 68d70305..ad1bda02 100644 --- a/docs/configuring-playbook-synapse-admin.md +++ b/docs/configuring-playbook-synapse-admin.md @@ -62,3 +62,15 @@ matrix_synapse_admin_container_extra_arguments: # The Synapse Admin container uses port 80 by default - '--label "traefik.http.services.matrix-synapse-admin.loadbalancer.server.port=80"' ``` + +### Sample configuration for running behind Caddy v2 + +Below is a sample configuration for using this playbook with a [Caddy](https://caddyserver.com/v2) 2.0 reverse proxy (non-default configuration where `matrix-nginx-proxy` is disabled - `matrix_nginx_proxy_enabled: false`). + +```caddy +# This is a basic configuration that will function the same as the default nginx proxy - exposing the synapse-admin panel to matrix.YOURSERVER.com/synapse-admin/ + handle_path /synapse-admin* { + reverse_proxy localhost:8766 { + } + } +``` From 544b36eb3c9f0fd973e1718a8d722c54344f427b Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 29 Jul 2022 18:30:52 +0300 Subject: [PATCH 110/562] Upgrade Hydrogen (v0.2.33 -> v0.3.0) This is untested. --- roles/matrix-client-hydrogen/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-hydrogen/defaults/main.yml b/roles/matrix-client-hydrogen/defaults/main.yml index 6d7fb5cf..719665e6 100644 --- a/roles/matrix-client-hydrogen/defaults/main.yml +++ b/roles/matrix-client-hydrogen/defaults/main.yml @@ -8,7 +8,7 @@ matrix_client_hydrogen_enabled: true matrix_client_hydrogen_container_image_self_build: true matrix_client_hydrogen_container_image_self_build_repo: "https://github.com/vector-im/hydrogen-web.git" -matrix_client_hydrogen_version: v0.2.33 +matrix_client_hydrogen_version: v0.3.0 matrix_client_hydrogen_docker_image: "{{ matrix_client_hydrogen_docker_image_name_prefix }}vectorim/hydrogen-web:{{ matrix_client_hydrogen_version }}" matrix_client_hydrogen_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_hydrogen_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_hydrogen_docker_image_force_pull: "{{ matrix_client_hydrogen_docker_image.endswith(':latest') }}" From fdc9fb9d506633462dd1c10caa2d1fa08276a656 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 29 Jul 2022 20:17:52 +0300 Subject: [PATCH 111/562] Improve mautrix-discord docs Related to: - https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1974 - https://github.com/mautrix/discord/issues/17 - https://github.com/mautrix/discord/issues/18 - https://github.com/mautrix/discord/issues/19 --- ...ring-playbook-bridge-appservice-discord.md | 2 +- ...iguring-playbook-bridge-mautrix-discord.md | 53 ++++++++++++++++--- ...uring-playbook-bridge-mx-puppet-discord.md | 2 +- 3 files changed, 48 insertions(+), 9 deletions(-) diff --git a/docs/configuring-playbook-bridge-appservice-discord.md b/docs/configuring-playbook-bridge-appservice-discord.md index 8463dc6f..b2150d9d 100644 --- a/docs/configuring-playbook-bridge-appservice-discord.md +++ b/docs/configuring-playbook-bridge-appservice-discord.md @@ -1,6 +1,6 @@ # Setting up Appservice Discord (optional) -**Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) and [mautrix-discord](docs/configuring-playbook-bridge-mautrix-discord.md) bridges supported by the playbook. +**Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) and [mautrix-discord](docs/configuring-playbook-bridge-mautrix-discord.md) bridges supported by the playbook. The [mautrix-discord](docs/configuring-playbook-bridge-mautrix-discord.md) bridge is the most fully-featured and stable of the 3 Discord bridges supported by the playbook, so it's the one we recommend. The playbook can install and configure [matrix-appservice-discord](https://github.com/Half-Shot/matrix-appservice-discord) for you. diff --git a/docs/configuring-playbook-bridge-mautrix-discord.md b/docs/configuring-playbook-bridge-mautrix-discord.md index 46b73e0e..c855ce78 100644 --- a/docs/configuring-playbook-bridge-mautrix-discord.md +++ b/docs/configuring-playbook-bridge-mautrix-discord.md @@ -1,28 +1,57 @@ # Setting up Mautrix Discord (optional) -**Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) and [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md) bridges supported by the playbook. +**Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) and [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md) bridges supported by the playbook. The `mautrix-discord` bridge (the one being discussed here) is the most fully-featured and stable of the 3 Discord bridges supported by the playbook, so it's the one we recommend. The playbook can install and configure [mautrix-discord](https://github.com/mautrix/discord) for you. See the project's [documentation](https://docs.mau.fi/bridges/go/discord/index.html) to learn what it does and why it might be useful to you. -Use the following playbook configuration: + +## Prerequisites + +Fr using this bridge, you would **need to authenticate by scanning a QR code with the Discord app on your phone**. + +You can delete the Discord app after the authentication process. + +If this is a dealbreaker for you, consider using one of the other Discord bridges supported by the playbook: [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) or [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md). These come with their own complexity and limitations, however, so we recommend that you to proceed with this one if possible. + + +## Installing + +To enable the bridge, add this to your `vars.yml` file: ```yaml matrix_mautrix_discord_enabled: true -``` +``` -## Set up Double Puppeting +You may optionally wish to add some [Additional configuration](#additional-configuration), or to [prepare for double-puppeting](#set-up-double-puppeting) before the initial installation. + +After adjusting your `vars.yml` file, re-run the playbook and restart all services: `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start` + +To make use of the bridge, see [Usage](#usage) below. + + +### Additional configuration + +There are some additional things you may wish to configure about the bridge. + +Take a look at: + +- `roles/matrix-bridge-mautrix-discord/defaults/main.yml` for some variables that you can customize via your `vars.yml` file +- `roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2` for the bridge's default configuration. You can override settings (even those that don't have dedicated playbook variables) using the `matrix_mautrix_discord_configuration_extension_yaml` variable + + +### Set up Double Puppeting If you'd like to use [Double Puppeting](https://docs.mau.fi/bridges/general/double-puppeting.html) (hint: you most likely do), you have 2 ways of going about it. -### Method 1: automatically, by enabling Shared Secret Auth +#### Method 1: automatically, by enabling Shared Secret Auth The bridge will automatically perform Double Puppeting if you enable [Shared Secret Auth](configuring-playbook-shared-secret-auth.md) for this playbook. This is the recommended way of setting up Double Puppeting, as it's easier to accomplish, works for all your users automatically, and has less of a chance of breaking in the future. -### Method 2: manually, by asking each user to provide a working access token +#### Method 2: manually, by asking each user to provide a working access token **Note**: This method for enabling Double Puppeting can be configured only after you've already set up bridging (see [Usage](#usage)). @@ -40,6 +69,16 @@ https://matrix.DOMAIN/_matrix/client/r0/login - make sure you don't log out the `Mautrix-Discord` device some time in the future, as that would break the Double Puppeting feature + ## Usage -You then need to start a chat with `@discordbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). +1. Start a chat with `@discordbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). +2. Send a `login` command +3. You'll see a QR code which you need to scan with the Discord app on your phone. You can scan it with the camera app too, which will open Discord, which will then instruct you to scan it a 2nd time in the Discord app. +4. After confirming (in the Discord app) that you'd like to allow this login, the bot shoul respond with "Succcessfully authenticated as ..." +5. Now that you're logged in, you can send a `help` command to the bot again, to see additional commands you have access to +6. Some Direct Messages from Discord should start syncing automatically +7. If you'd like to bridge guilds: +- send `guilds status` to see the list of guilds +- for each guild that you'd like bridged, send `guilds bridge GUILD_ID --entire` +8. You may wish to uninstall the Discord app from your phone now. It's not needed for the bridge to function. diff --git a/docs/configuring-playbook-bridge-mx-puppet-discord.md b/docs/configuring-playbook-bridge-mx-puppet-discord.md index 404122b6..b5621fa1 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-discord.md +++ b/docs/configuring-playbook-bridge-mx-puppet-discord.md @@ -1,6 +1,6 @@ # Setting up MX Puppet Discord (optional) -**Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md)and [mautrix-discord](docs/configuring-playbook-bridge-mautrix-discord.md) bridges supported by the playbook. +**Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md)and [mautrix-discord](docs/configuring-playbook-bridge-mautrix-discord.md) bridges supported by the playbook. The [mautrix-discord](docs/configuring-playbook-bridge-mautrix-discord.md) bridge is the most fully-featured and stable of the 3 Discord bridges supported by the playbook, so it's the one we recommend. The playbook can install and configure [mx-puppet-discord](https://github.com/matrix-discord/mx-puppet-discord) for you. From dfef71b9a9e80a45b884f44e646fa6fac4b0be45 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 29 Jul 2022 20:19:56 +0300 Subject: [PATCH 112/562] Fix typo --- docs/configuring-playbook-bridge-mautrix-discord.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bridge-mautrix-discord.md b/docs/configuring-playbook-bridge-mautrix-discord.md index c855ce78..1bb39a4f 100644 --- a/docs/configuring-playbook-bridge-mautrix-discord.md +++ b/docs/configuring-playbook-bridge-mautrix-discord.md @@ -9,7 +9,7 @@ See the project's [documentation](https://docs.mau.fi/bridges/go/discord/index.h ## Prerequisites -Fr using this bridge, you would **need to authenticate by scanning a QR code with the Discord app on your phone**. +For using this bridge, you would **need to authenticate by scanning a QR code with the Discord app on your phone**. You can delete the Discord app after the authentication process. From d98f09944df1f88c4a3b7f9282b3b47a168a8586 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 29 Jul 2022 20:22:50 +0300 Subject: [PATCH 113/562] Fix more typos --- docs/configuring-playbook-bridge-mautrix-discord.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-bridge-mautrix-discord.md b/docs/configuring-playbook-bridge-mautrix-discord.md index 1bb39a4f..6bdae5bd 100644 --- a/docs/configuring-playbook-bridge-mautrix-discord.md +++ b/docs/configuring-playbook-bridge-mautrix-discord.md @@ -13,7 +13,7 @@ For using this bridge, you would **need to authenticate by scanning a QR code wi You can delete the Discord app after the authentication process. -If this is a dealbreaker for you, consider using one of the other Discord bridges supported by the playbook: [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) or [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md). These come with their own complexity and limitations, however, so we recommend that you to proceed with this one if possible. +If this is a dealbreaker for you, consider using one of the other Discord bridges supported by the playbook: [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) or [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md). These come with their own complexity and limitations, however, so we recommend that you proceed with this one if possible. ## Installing @@ -75,7 +75,7 @@ https://matrix.DOMAIN/_matrix/client/r0/login 1. Start a chat with `@discordbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). 2. Send a `login` command 3. You'll see a QR code which you need to scan with the Discord app on your phone. You can scan it with the camera app too, which will open Discord, which will then instruct you to scan it a 2nd time in the Discord app. -4. After confirming (in the Discord app) that you'd like to allow this login, the bot shoul respond with "Succcessfully authenticated as ..." +4. After confirming (in the Discord app) that you'd like to allow this login, the bot should respond with "Succcessfully authenticated as ..." 5. Now that you're logged in, you can send a `help` command to the bot again, to see additional commands you have access to 6. Some Direct Messages from Discord should start syncing automatically 7. If you'd like to bridge guilds: From 5c36f14b468fff4df6a7a3a5f346d211b475af04 Mon Sep 17 00:00:00 2001 From: Aine Date: Sat, 30 Jul 2022 13:24:59 +0300 Subject: [PATCH 114/562] Update Honoroit 0.9.10 -> 0.9.11 --- roles/matrix-bot-honoroit/defaults/main.yml | 5 ++++- roles/matrix-bot-honoroit/templates/env.j2 | 1 + 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/roles/matrix-bot-honoroit/defaults/main.yml b/roles/matrix-bot-honoroit/defaults/main.yml index bbb6ecd3..55d1a386 100644 --- a/roles/matrix-bot-honoroit/defaults/main.yml +++ b/roles/matrix-bot-honoroit/defaults/main.yml @@ -9,7 +9,7 @@ matrix_bot_honoroit_docker_repo: "https://gitlab.com/etke.cc/honoroit.git" matrix_bot_honoroit_docker_repo_version: "{{ matrix_bot_honoroit_version }}" matrix_bot_honoroit_docker_src_files_path: "{{ matrix_base_data_path }}/honoroit/docker-src" -matrix_bot_honoroit_version: v0.9.10 +matrix_bot_honoroit_version: v0.9.11 matrix_bot_honoroit_docker_image: "{{ matrix_bot_honoroit_docker_image_name_prefix }}honoroit:{{ matrix_bot_honoroit_version }}" matrix_bot_honoroit_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_honoroit_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" matrix_bot_honoroit_docker_image_force_pull: "{{ matrix_bot_honoroit_docker_image.endswith(':latest') }}" @@ -91,6 +91,9 @@ matrix_bot_honoroit_noencryption: false # Max items in cache matrix_bot_honoroit_cachesize: '' +# List of ignored room IDs +matrix_bot_honoroit_ignoredrooms: [] + # Text prefix: open matrix_bot_honoroit_text_prefix_open: '' diff --git a/roles/matrix-bot-honoroit/templates/env.j2 b/roles/matrix-bot-honoroit/templates/env.j2 index c5f2025b..242b906c 100644 --- a/roles/matrix-bot-honoroit/templates/env.j2 +++ b/roles/matrix-bot-honoroit/templates/env.j2 @@ -9,6 +9,7 @@ HONOROIT_SENTRY={{ matrix_bot_honoroit_sentry }} HONOROIT_LOGLEVEL={{ matrix_bot_honoroit_loglevel }} HONOROIT_CACHESIZE={{ matrix_bot_honoroit_cachesize }} HONOROIT_NOENCRYPTION={{ matrix_bot_honoroit_noencryption }} +HONOROIT_IGNOREDROOMS={{ matrix_bot_honoroit_ignoredrooms|join(' ') }} HONOROIT_TEXT_PREFIX_OPEN={{ matrix_bot_honoroit_text_prefix_open }} HONOROIT_TEXT_PREFIX_DONE={{ matrix_bot_honoroit_text_prefix_done }} HONOROIT_TEXT_NOENCRYPTION={{ matrix_bot_honoroit_text_noencryption }} From 737dc9d490ee08c35ccabd123a077f994cb73ed4 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Sat, 30 Jul 2022 18:10:49 +0000 Subject: [PATCH 115/562] Fix mautrix-telegram permissions --- roles/matrix-bridge-mautrix-telegram/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-telegram/defaults/main.yml b/roles/matrix-bridge-mautrix-telegram/defaults/main.yml index 101889c1..5c3c88fb 100644 --- a/roles/matrix-bridge-mautrix-telegram/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-telegram/defaults/main.yml @@ -29,7 +29,7 @@ matrix_mautrix_telegram_command_prefix: "!tg" matrix_mautrix_telegram_bridge_permissions: | {{ - {matrix_mautrix_telegram_homeserver_domain: 'user'} + {matrix_mautrix_telegram_homeserver_domain: 'full'} | combine({matrix_admin: 'admin'} if matrix_admin else {}) }} From cc58167f4c949b0f14384e4238f274280f907825 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 1 Aug 2022 21:45:59 +0300 Subject: [PATCH 116/562] Upgrade Dendrite (0.8.1 -> 0.9.0) Looks like we've skipped a bunch of 0.8.x versions (up to 0.8.9) and are jumping straight to 0.9.0. This is untested. Judging by Dendrite's changelog, it shouldn't cause any breakage though: https://github.com/matrix-org/dendrite/blob/v0.9.0/CHANGES.md --- roles/matrix-dendrite/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml index f3987af9..c1e3acfb 100644 --- a/roles/matrix-dendrite/defaults/main.yml +++ b/roles/matrix-dendrite/defaults/main.yml @@ -6,7 +6,7 @@ matrix_dendrite_enabled: true matrix_dendrite_docker_image: "{{ matrix_dendrite_docker_image_name_prefix }}matrixdotorg/dendrite-monolith:{{ matrix_dendrite_docker_image_tag }}" matrix_dendrite_docker_image_name_prefix: "docker.io/" -matrix_dendrite_docker_image_tag: "v0.8.1" +matrix_dendrite_docker_image_tag: "v0.9.0" matrix_dendrite_docker_image_force_pull: "{{ matrix_dendrite_docker_image.endswith(':latest') }}" matrix_dendrite_base_path: "{{ matrix_base_data_path }}/dendrite" From 3cde6cace95632e3069145ae267836021bcb43ec Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Arthur=20Brugi=C3=A8re?= <16764085+RoiArthurB@users.noreply.github.com> Date: Tue, 2 Aug 2022 09:10:37 +0700 Subject: [PATCH 117/562] [Go-Skype] Change Docker Hub repository --- roles/matrix-bridge-go-skype-bridge/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-go-skype-bridge/defaults/main.yml b/roles/matrix-bridge-go-skype-bridge/defaults/main.yml index cc456538..44751cad 100644 --- a/roles/matrix-bridge-go-skype-bridge/defaults/main.yml +++ b/roles/matrix-bridge-go-skype-bridge/defaults/main.yml @@ -9,7 +9,7 @@ matrix_go_skype_bridge_container_image_self_build_repo: "https://github.com/kela matrix_go_skype_bridge_container_image_self_build_branch: "{{ 'master' if matrix_go_skype_bridge_version == 'latest' else matrix_go_skype_bridge_version }}" matrix_go_skype_bridge_version: latest -matrix_go_skype_bridge_docker_image: "{{ matrix_go_skype_bridge_docker_image_name_prefix }}kelaresg/go-skype-bridge:{{ matrix_go_skype_bridge_version }}" +matrix_go_skype_bridge_docker_image: "{{ matrix_go_skype_bridge_docker_image_name_prefix }}nodefyme/go-skype-bridge:{{ matrix_go_skype_bridge_version }}" matrix_go_skype_bridge_docker_image_name_prefix: "localhost/" matrix_go_skype_bridge_docker_image_force_pull: "{{ matrix_go_skype_bridge_docker_image.endswith(':latest') }}" From cf6e38a5862b981fde44b493e6d943b9d2ea9ea1 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 2 Aug 2022 07:48:19 +0300 Subject: [PATCH 118/562] Use pre-built image for go-skype-bridge on amd64 and arm64 Related to: - https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1992 - https://github.com/kelaresg/go-skype-bridge/pull/17 --- group_vars/matrix_servers | 4 ++-- roles/matrix-bridge-go-skype-bridge/defaults/main.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 90482810..f8edc5c9 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -298,7 +298,7 @@ matrix_beeper_linkedin_database_password: "{{ '%s' | format(matrix_homeserver_ge # We don't enable bridges by default. matrix_go_skype_bridge_enabled: false -matrix_go_skype_bridge_container_image_self_build: true +matrix_go_skype_bridge_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}" matrix_go_skype_bridge_systemd_required_services_list: | {{ @@ -681,7 +681,7 @@ matrix_mautrix_discord_systemd_required_services_list: | (['matrix-postgres.service'] if matrix_postgres_enabled else []) + (['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else []) - }} + }} matrix_mautrix_discord_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'maudisc.as.tok') | to_uuid }}" diff --git a/roles/matrix-bridge-go-skype-bridge/defaults/main.yml b/roles/matrix-bridge-go-skype-bridge/defaults/main.yml index 44751cad..0777fbc3 100644 --- a/roles/matrix-bridge-go-skype-bridge/defaults/main.yml +++ b/roles/matrix-bridge-go-skype-bridge/defaults/main.yml @@ -4,7 +4,7 @@ matrix_go_skype_bridge_enabled: true -matrix_go_skype_bridge_container_image_self_build: true +matrix_go_skype_bridge_container_image_self_build: false matrix_go_skype_bridge_container_image_self_build_repo: "https://github.com/kelaresg/go-skype-bridge.git" matrix_go_skype_bridge_container_image_self_build_branch: "{{ 'master' if matrix_go_skype_bridge_version == 'latest' else matrix_go_skype_bridge_version }}" From c807af2873dfd3d100d287ac7de2950209d5faa4 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 2 Aug 2022 08:03:22 +0300 Subject: [PATCH 119/562] Upgrade ddclient (v3.9.1-ls93 -> v3.9.1-ls94) --- roles/matrix-dynamic-dns/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dynamic-dns/defaults/main.yml b/roles/matrix-dynamic-dns/defaults/main.yml index c077ee12..2d15db6c 100644 --- a/roles/matrix-dynamic-dns/defaults/main.yml +++ b/roles/matrix-dynamic-dns/defaults/main.yml @@ -7,7 +7,7 @@ matrix_dynamic_dns_enabled: true # The dynamic dns daemon interval matrix_dynamic_dns_daemon_interval: '300' -matrix_dynamic_dns_version: v3.9.1-ls93 +matrix_dynamic_dns_version: v3.9.1-ls94 # The docker container to use when in mode matrix_dynamic_dns_docker_image: "{{ matrix_dynamic_dns_docker_image_name_prefix }}linuxserver/ddclient:{{ matrix_dynamic_dns_version }}" From d81f50d1c06a47116d29bb71a0b56f547d942a5c Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 2 Aug 2022 10:49:48 +0300 Subject: [PATCH 120/562] Update Grafana (9.0.5 -> 9.0.6) --- roles/matrix-grafana/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index c0e64b4b..fb166359 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -5,7 +5,7 @@ matrix_grafana_enabled: false -matrix_grafana_version: 9.0.5 +matrix_grafana_version: 9.0.6 matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}" matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}" From 52f8ee618ba57ab6d9c751d57d32620b297a64af Mon Sep 17 00:00:00 2001 From: JokerGermany <30293477+JokerGermany@users.noreply.github.com> Date: Tue, 2 Aug 2022 11:25:29 +0200 Subject: [PATCH 121/562] specify discord bridge usage; fix links --- docs/configuring-playbook-bridge-appservice-discord.md | 4 +++- docs/configuring-playbook-bridge-mautrix-discord.md | 5 ++++- docs/configuring-playbook-bridge-mx-puppet-discord.md | 4 +++- 3 files changed, 10 insertions(+), 3 deletions(-) diff --git a/docs/configuring-playbook-bridge-appservice-discord.md b/docs/configuring-playbook-bridge-appservice-discord.md index b2150d9d..aa45cac9 100644 --- a/docs/configuring-playbook-bridge-appservice-discord.md +++ b/docs/configuring-playbook-bridge-appservice-discord.md @@ -1,6 +1,8 @@ # Setting up Appservice Discord (optional) -**Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) and [mautrix-discord](docs/configuring-playbook-bridge-mautrix-discord.md) bridges supported by the playbook. The [mautrix-discord](docs/configuring-playbook-bridge-mautrix-discord.md) bridge is the most fully-featured and stable of the 3 Discord bridges supported by the playbook, so it's the one we recommend. +**Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) and [mautrix-discord](docs/configuring-playbook-bridge-mautrix-discord.md) bridges supported by the playbook. +For using as a Bot we are recommend the Appservice Discord bridge (the one being discussed here), because it supports plumbing. +For personal use we recommend the [mautrix-discord](configuring-playbook-bridge-mautrix-discord.md) bridge, because it is the most fully-featured and stable of the 3 Discord bridges supported by the playbook. The playbook can install and configure [matrix-appservice-discord](https://github.com/Half-Shot/matrix-appservice-discord) for you. diff --git a/docs/configuring-playbook-bridge-mautrix-discord.md b/docs/configuring-playbook-bridge-mautrix-discord.md index 6bdae5bd..16fb5aaa 100644 --- a/docs/configuring-playbook-bridge-mautrix-discord.md +++ b/docs/configuring-playbook-bridge-mautrix-discord.md @@ -1,6 +1,9 @@ # Setting up Mautrix Discord (optional) -**Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) and [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md) bridges supported by the playbook. The `mautrix-discord` bridge (the one being discussed here) is the most fully-featured and stable of the 3 Discord bridges supported by the playbook, so it's the one we recommend. +**Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) and [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md) bridges supported by the playbook. +For using as a Bot we are recommend the [Appservice Discord](configuring-playbook-bridge-appservice-discord.md), because it supports plumbing. +For personal use with a discord account we recommend the `mautrix-discord` bridge (the one being discussed here), because it is the most fully-featured and stable of the 3 Discord bridges supported by the playbook. +The `mautrix-discord` bridge (the one being discussed here) is the most fully-featured and stable of the 3 Discord bridges supported by the playbook, so it's the one we recommend. The playbook can install and configure [mautrix-discord](https://github.com/mautrix/discord) for you. diff --git a/docs/configuring-playbook-bridge-mx-puppet-discord.md b/docs/configuring-playbook-bridge-mx-puppet-discord.md index b5621fa1..101f7ddc 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-discord.md +++ b/docs/configuring-playbook-bridge-mx-puppet-discord.md @@ -1,6 +1,8 @@ # Setting up MX Puppet Discord (optional) -**Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md)and [mautrix-discord](docs/configuring-playbook-bridge-mautrix-discord.md) bridges supported by the playbook. The [mautrix-discord](docs/configuring-playbook-bridge-mautrix-discord.md) bridge is the most fully-featured and stable of the 3 Discord bridges supported by the playbook, so it's the one we recommend. +**Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md)and [mautrix-discord](docs/configuring-playbook-bridge-mautrix-discord.md) bridges supported by the playbook. +For using as a Bot we are recommend the [Appservice Discord](configuring-playbook-bridge-appservice-discord.md), because it supports plumbing. +For personal use with a discord account we recommend the [mautrix-discord](configuring-playbook-bridge-mautrix-discord.md) bridge, because it is the most fully-featured and stable of the 3 Discord bridges supported by the playbook. The playbook can install and configure [mx-puppet-discord](https://github.com/matrix-discord/mx-puppet-discord) for you. From 2e330e7fe06ad25efd74f0f27a796a9726db2edb Mon Sep 17 00:00:00 2001 From: JokerGermany <30293477+JokerGermany@users.noreply.github.com> Date: Tue, 2 Aug 2022 12:18:41 +0200 Subject: [PATCH 122/562] fixing links, adding paragraph --- docs/configuring-playbook-bridge-appservice-discord.md | 4 ++-- docs/configuring-playbook-bridge-mautrix-discord.md | 4 ++-- docs/configuring-playbook-bridge-mx-puppet-discord.md | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/configuring-playbook-bridge-appservice-discord.md b/docs/configuring-playbook-bridge-appservice-discord.md index aa45cac9..ff10adec 100644 --- a/docs/configuring-playbook-bridge-appservice-discord.md +++ b/docs/configuring-playbook-bridge-appservice-discord.md @@ -1,7 +1,7 @@ # Setting up Appservice Discord (optional) -**Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) and [mautrix-discord](docs/configuring-playbook-bridge-mautrix-discord.md) bridges supported by the playbook. -For using as a Bot we are recommend the Appservice Discord bridge (the one being discussed here), because it supports plumbing. +**Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) and [mautrix-discord](configuring-playbook-bridge-mautrix-discord.md) bridges supported by the playbook. +For using as a Bot we are recommend the Appservice Discord bridge (the one being discussed here), because it supports plumbing. For personal use we recommend the [mautrix-discord](configuring-playbook-bridge-mautrix-discord.md) bridge, because it is the most fully-featured and stable of the 3 Discord bridges supported by the playbook. The playbook can install and configure [matrix-appservice-discord](https://github.com/Half-Shot/matrix-appservice-discord) for you. diff --git a/docs/configuring-playbook-bridge-mautrix-discord.md b/docs/configuring-playbook-bridge-mautrix-discord.md index 16fb5aaa..0c364896 100644 --- a/docs/configuring-playbook-bridge-mautrix-discord.md +++ b/docs/configuring-playbook-bridge-mautrix-discord.md @@ -1,7 +1,7 @@ # Setting up Mautrix Discord (optional) -**Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) and [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md) bridges supported by the playbook. -For using as a Bot we are recommend the [Appservice Discord](configuring-playbook-bridge-appservice-discord.md), because it supports plumbing. +**Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) and [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md) bridges supported by the playbook. +For using as a Bot we are recommend the [Appservice Discord](configuring-playbook-bridge-appservice-discord.md), because it supports plumbing. For personal use with a discord account we recommend the `mautrix-discord` bridge (the one being discussed here), because it is the most fully-featured and stable of the 3 Discord bridges supported by the playbook. The `mautrix-discord` bridge (the one being discussed here) is the most fully-featured and stable of the 3 Discord bridges supported by the playbook, so it's the one we recommend. diff --git a/docs/configuring-playbook-bridge-mx-puppet-discord.md b/docs/configuring-playbook-bridge-mx-puppet-discord.md index 101f7ddc..bc5c4f23 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-discord.md +++ b/docs/configuring-playbook-bridge-mx-puppet-discord.md @@ -1,7 +1,7 @@ # Setting up MX Puppet Discord (optional) -**Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md)and [mautrix-discord](docs/configuring-playbook-bridge-mautrix-discord.md) bridges supported by the playbook. -For using as a Bot we are recommend the [Appservice Discord](configuring-playbook-bridge-appservice-discord.md), because it supports plumbing. +**Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md)and [mautrix-discord](configuring-playbook-bridge-mautrix-discord.md) bridges supported by the playbook. +For using as a Bot we are recommend the [Appservice Discord](configuring-playbook-bridge-appservice-discord.md), because it supports plumbing. For personal use with a discord account we recommend the [mautrix-discord](configuring-playbook-bridge-mautrix-discord.md) bridge, because it is the most fully-featured and stable of the 3 Discord bridges supported by the playbook. The playbook can install and configure From 27effa02746d410bafe692c4afe43a3ee6905753 Mon Sep 17 00:00:00 2001 From: JokerGermany <30293477+JokerGermany@users.noreply.github.com> Date: Tue, 2 Aug 2022 12:22:41 +0200 Subject: [PATCH 123/562] enumeration for better visibility --- docs/configuring-playbook-bridge-appservice-discord.md | 4 ++-- docs/configuring-playbook-bridge-mautrix-discord.md | 4 ++-- docs/configuring-playbook-bridge-mx-puppet-discord.md | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/configuring-playbook-bridge-appservice-discord.md b/docs/configuring-playbook-bridge-appservice-discord.md index ff10adec..d37724c0 100644 --- a/docs/configuring-playbook-bridge-appservice-discord.md +++ b/docs/configuring-playbook-bridge-appservice-discord.md @@ -1,8 +1,8 @@ # Setting up Appservice Discord (optional) **Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) and [mautrix-discord](configuring-playbook-bridge-mautrix-discord.md) bridges supported by the playbook. -For using as a Bot we are recommend the Appservice Discord bridge (the one being discussed here), because it supports plumbing. -For personal use we recommend the [mautrix-discord](configuring-playbook-bridge-mautrix-discord.md) bridge, because it is the most fully-featured and stable of the 3 Discord bridges supported by the playbook. +- For using as a Bot we are recommend the Appservice Discord bridge (the one being discussed here), because it supports plumbing. +- For personal use we recommend the [mautrix-discord](configuring-playbook-bridge-mautrix-discord.md) bridge, because it is the most fully-featured and stable of the 3 Discord bridges supported by the playbook. The playbook can install and configure [matrix-appservice-discord](https://github.com/Half-Shot/matrix-appservice-discord) for you. diff --git a/docs/configuring-playbook-bridge-mautrix-discord.md b/docs/configuring-playbook-bridge-mautrix-discord.md index 0c364896..b0640a14 100644 --- a/docs/configuring-playbook-bridge-mautrix-discord.md +++ b/docs/configuring-playbook-bridge-mautrix-discord.md @@ -1,8 +1,8 @@ # Setting up Mautrix Discord (optional) **Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) and [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md) bridges supported by the playbook. -For using as a Bot we are recommend the [Appservice Discord](configuring-playbook-bridge-appservice-discord.md), because it supports plumbing. -For personal use with a discord account we recommend the `mautrix-discord` bridge (the one being discussed here), because it is the most fully-featured and stable of the 3 Discord bridges supported by the playbook. +- For using as a Bot we are recommend the [Appservice Discord](configuring-playbook-bridge-appservice-discord.md), because it supports plumbing. +- For personal use with a discord account we recommend the `mautrix-discord` bridge (the one being discussed here), because it is the most fully-featured and stable of the 3 Discord bridges supported by the playbook. The `mautrix-discord` bridge (the one being discussed here) is the most fully-featured and stable of the 3 Discord bridges supported by the playbook, so it's the one we recommend. The playbook can install and configure [mautrix-discord](https://github.com/mautrix/discord) for you. diff --git a/docs/configuring-playbook-bridge-mx-puppet-discord.md b/docs/configuring-playbook-bridge-mx-puppet-discord.md index bc5c4f23..9584549d 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-discord.md +++ b/docs/configuring-playbook-bridge-mx-puppet-discord.md @@ -1,8 +1,8 @@ # Setting up MX Puppet Discord (optional) **Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md)and [mautrix-discord](configuring-playbook-bridge-mautrix-discord.md) bridges supported by the playbook. -For using as a Bot we are recommend the [Appservice Discord](configuring-playbook-bridge-appservice-discord.md), because it supports plumbing. -For personal use with a discord account we recommend the [mautrix-discord](configuring-playbook-bridge-mautrix-discord.md) bridge, because it is the most fully-featured and stable of the 3 Discord bridges supported by the playbook. +- For using as a Bot we are recommend the [Appservice Discord](configuring-playbook-bridge-appservice-discord.md), because it supports plumbing. +- For personal use with a discord account we recommend the [mautrix-discord](configuring-playbook-bridge-mautrix-discord.md) bridge, because it is the most fully-featured and stable of the 3 Discord bridges supported by the playbook. The playbook can install and configure [mx-puppet-discord](https://github.com/matrix-discord/mx-puppet-discord) for you. From 01dfbee51ef2ebfff8410756af0096b4bdbec3dd Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 2 Aug 2022 10:45:32 +0000 Subject: [PATCH 124/562] Update Synapse 1.63.1 -> 1.64.0 --- roles/matrix-synapse/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index e6138bba..99ce80c0 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -9,7 +9,7 @@ matrix_synapse_container_image_self_build_repo: "https://github.com/matrix-org/s matrix_synapse_docker_image: "{{ matrix_synapse_docker_image_name_prefix }}matrixdotorg/synapse:{{ matrix_synapse_docker_image_tag }}" matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_container_image_self_build else matrix_container_global_registry_prefix }}" -matrix_synapse_version: v1.63.1 +matrix_synapse_version: v1.64.0 matrix_synapse_docker_image_tag: "{{ matrix_synapse_version }}" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" From 8c983ba1e27a2613013b3c80e5613fc9b6e891ba Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 2 Aug 2022 10:47:54 +0000 Subject: [PATCH 125/562] Update Hydrogen 0.3.0 -> 0.3.1 --- roles/matrix-client-hydrogen/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-hydrogen/defaults/main.yml b/roles/matrix-client-hydrogen/defaults/main.yml index 719665e6..4edfa20c 100644 --- a/roles/matrix-client-hydrogen/defaults/main.yml +++ b/roles/matrix-client-hydrogen/defaults/main.yml @@ -8,7 +8,7 @@ matrix_client_hydrogen_enabled: true matrix_client_hydrogen_container_image_self_build: true matrix_client_hydrogen_container_image_self_build_repo: "https://github.com/vector-im/hydrogen-web.git" -matrix_client_hydrogen_version: v0.3.0 +matrix_client_hydrogen_version: v0.3.1 matrix_client_hydrogen_docker_image: "{{ matrix_client_hydrogen_docker_image_name_prefix }}vectorim/hydrogen-web:{{ matrix_client_hydrogen_version }}" matrix_client_hydrogen_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_hydrogen_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_hydrogen_docker_image_force_pull: "{{ matrix_client_hydrogen_docker_image.endswith(':latest') }}" From 2fddf812839a2abcef790d001410d2ba75c039bc Mon Sep 17 00:00:00 2001 From: JokerGermany <30293477+JokerGermany@users.noreply.github.com> Date: Wed, 3 Aug 2022 09:33:52 +0200 Subject: [PATCH 126/562] discord-bridges - fixing grammar mistakes, thanks @spontaleev --- docs/configuring-playbook-bridge-mautrix-discord.md | 2 +- docs/configuring-playbook-bridge-mx-puppet-discord.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-bridge-mautrix-discord.md b/docs/configuring-playbook-bridge-mautrix-discord.md index b0640a14..517fd9b4 100644 --- a/docs/configuring-playbook-bridge-mautrix-discord.md +++ b/docs/configuring-playbook-bridge-mautrix-discord.md @@ -1,7 +1,7 @@ # Setting up Mautrix Discord (optional) **Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) and [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md) bridges supported by the playbook. -- For using as a Bot we are recommend the [Appservice Discord](configuring-playbook-bridge-appservice-discord.md), because it supports plumbing. +- For using as a Bot we recommend the [Appservice Discord](configuring-playbook-bridge-appservice-discord.md), because it supports plumbing. - For personal use with a discord account we recommend the `mautrix-discord` bridge (the one being discussed here), because it is the most fully-featured and stable of the 3 Discord bridges supported by the playbook. The `mautrix-discord` bridge (the one being discussed here) is the most fully-featured and stable of the 3 Discord bridges supported by the playbook, so it's the one we recommend. diff --git a/docs/configuring-playbook-bridge-mx-puppet-discord.md b/docs/configuring-playbook-bridge-mx-puppet-discord.md index 9584549d..c266f843 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-discord.md +++ b/docs/configuring-playbook-bridge-mx-puppet-discord.md @@ -1,7 +1,7 @@ # Setting up MX Puppet Discord (optional) **Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md)and [mautrix-discord](configuring-playbook-bridge-mautrix-discord.md) bridges supported by the playbook. -- For using as a Bot we are recommend the [Appservice Discord](configuring-playbook-bridge-appservice-discord.md), because it supports plumbing. +- For using as a Bot we recommend the [Appservice Discord](configuring-playbook-bridge-appservice-discord.md), because it supports plumbing. - For personal use with a discord account we recommend the [mautrix-discord](configuring-playbook-bridge-mautrix-discord.md) bridge, because it is the most fully-featured and stable of the 3 Discord bridges supported by the playbook. The playbook can install and configure From 8b588735e12c3cb81a648a2582d886b5d0fc1f24 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 3 Aug 2022 11:00:40 +0300 Subject: [PATCH 127/562] Fix fully-qualified container image name for go-skype-bridge when not self-building Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1996 Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1992 Regression since cf6e38a5862b981fde44 --- roles/matrix-bridge-go-skype-bridge/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-go-skype-bridge/defaults/main.yml b/roles/matrix-bridge-go-skype-bridge/defaults/main.yml index 0777fbc3..a6f7aa9d 100644 --- a/roles/matrix-bridge-go-skype-bridge/defaults/main.yml +++ b/roles/matrix-bridge-go-skype-bridge/defaults/main.yml @@ -10,7 +10,7 @@ matrix_go_skype_bridge_container_image_self_build_branch: "{{ 'master' if matrix matrix_go_skype_bridge_version: latest matrix_go_skype_bridge_docker_image: "{{ matrix_go_skype_bridge_docker_image_name_prefix }}nodefyme/go-skype-bridge:{{ matrix_go_skype_bridge_version }}" -matrix_go_skype_bridge_docker_image_name_prefix: "localhost/" +matrix_go_skype_bridge_docker_image_name_prefix: "{{ 'localhost/' if matrix_go_skype_bridge_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_go_skype_bridge_docker_image_force_pull: "{{ matrix_go_skype_bridge_docker_image.endswith(':latest') }}" matrix_go_skype_bridge_base_path: "{{ matrix_base_data_path }}/go-skype-bridge" From 311926cbdad26685a93e12ca249091ee944e926e Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Wed, 3 Aug 2022 08:38:15 +0000 Subject: [PATCH 128/562] Update Element 1.11.1 -> 1.11.2 --- roles/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index 7951e891..5cefc3e3 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -10,7 +10,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/vecto # - https://github.com/vector-im/element-web/issues/19544 matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" -matrix_client_element_version: v1.11.1 +matrix_client_element_version: v1.11.2 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" From 747e9dd57cbd8fdb67e798fce97c97304e3409ec Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 3 Aug 2022 21:44:23 +0300 Subject: [PATCH 129/562] Upgrade Dendrite (0.9.0 -> 0.9.1) --- roles/matrix-dendrite/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml index c1e3acfb..476f86a2 100644 --- a/roles/matrix-dendrite/defaults/main.yml +++ b/roles/matrix-dendrite/defaults/main.yml @@ -6,7 +6,7 @@ matrix_dendrite_enabled: true matrix_dendrite_docker_image: "{{ matrix_dendrite_docker_image_name_prefix }}matrixdotorg/dendrite-monolith:{{ matrix_dendrite_docker_image_tag }}" matrix_dendrite_docker_image_name_prefix: "docker.io/" -matrix_dendrite_docker_image_tag: "v0.9.0" +matrix_dendrite_docker_image_tag: "v0.9.1" matrix_dendrite_docker_image_force_pull: "{{ matrix_dendrite_docker_image.endswith(':latest') }}" matrix_dendrite_base_path: "{{ matrix_base_data_path }}/dendrite" From 4461fdfc39cb02c8a073aace4868ca08d5245439 Mon Sep 17 00:00:00 2001 From: krassle <6473406+krassle@users.noreply.github.com> Date: Wed, 3 Aug 2022 23:30:00 +0200 Subject: [PATCH 130/562] Use prebuilt ARM images for Element * element-web arm64 builds available since 2022-08-03 v.1.11.2 [vectorim/element-web:v1.11.2](https://hub.docker.com/layers/element-web/vectorim/element-web/v1.11.2/images/sha256-776f82281936226d91cc1b3b587f4aa28fd46934b8045427ced7c72668eda223?context=explore) --- group_vars/matrix_servers | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index f8edc5c9..52f89cec 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -2094,7 +2094,7 @@ matrix_redis_enabled: "{{ matrix_synapse_workers_enabled }}" # If you wish to connect to your Matrix server by other means, you may wish to disable this. matrix_client_element_enabled: true -matrix_client_element_container_image_self_build: "{{ matrix_architecture != 'amd64' }}" +matrix_client_element_container_image_self_build: "{{ matrix_architecture not in ['arm64', 'amd64'] }}" # Normally, matrix-nginx-proxy is enabled and nginx can reach Element over the container network. # If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose From cad5d56011b9e10cdac386a79e0b5dff5e14167c Mon Sep 17 00:00:00 2001 From: Charles Wright Date: Wed, 3 Aug 2022 21:26:46 -0500 Subject: [PATCH 131/562] Fix Dendrite extra arguments getting lost Move the `matrix_dendrite_process_extra_arguments` line up so it doesn't get lost, and add a trailing backslash --- .../templates/dendrite/systemd/matrix-dendrite.service.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 b/roles/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 index 0457917a..0613f443 100644 --- a/roles/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 +++ b/roles/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 @@ -46,13 +46,13 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-dendrite \ {% endfor %} {{ matrix_dendrite_docker_image }} \ -config /data/dendrite.yaml \ + {{ matrix_dendrite_process_extra_arguments|join(' ') }} \ {% if matrix_dendrite_http_bind_address %} -http-bind-address {{ matrix_dendrite_http_bind_address }} {% endif %} {% if matrix_dendrite_https_bind_address %} -https-bind-address {{ matrix_dendrite_https_bind_address }} {% endif %} - {{ matrix_dendrite_process_extra_arguments|join(' ') }} ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-dendrite 2>/dev/null || true' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-dendrite 2>/dev/null || true' From 6be5672eac6aa29aafd09732a74a037c942865a0 Mon Sep 17 00:00:00 2001 From: Charles Wright Date: Wed, 3 Aug 2022 22:07:42 -0500 Subject: [PATCH 132/562] Adding support for Conduit: First temps: Some rough templates --- .../templates/conduit/conduit.toml.j2 | 52 +++++++++++++++++++ .../conduit/systemd/matrix-conduit.service.j2 | 35 +++++++++++++ 2 files changed, 87 insertions(+) create mode 100644 roles/matrix-conduit/templates/conduit/conduit.toml.j2 create mode 100644 roles/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 diff --git a/roles/matrix-conduit/templates/conduit/conduit.toml.j2 b/roles/matrix-conduit/templates/conduit/conduit.toml.j2 new file mode 100644 index 00000000..a6819ef4 --- /dev/null +++ b/roles/matrix-conduit/templates/conduit/conduit.toml.j2 @@ -0,0 +1,52 @@ +# ============================================================================= +# This is the official example config for Conduit. +# If you use it for your server, you will need to adjust it to your own needs. +# At the very least, change the server_name field! +# ============================================================================= + + +[global] +# The server_name is the pretty name of this server. It is used as a suffix for user +# and room ids. Examples: matrix.org, conduit.rs + +# The Conduit server needs all /_matrix/ requests to be reachable at +# https://your.server.name/ on port 443 (client-server) and 8448 (federation). + +# If that's not possible for you, you can create /.well-known files to redirect +# requests. See +# https://matrix.org/docs/spec/client_server/latest#get-well-known-matrix-client +# and +# https://matrix.org/docs/spec/server_server/r0.1.4#get-well-known-matrix-server +# for more information + +server_name = "{{ matrix_domain }}" + +# This is the only directory where Conduit will save its data +database_path = "/var/lib/matrix-conduit/" +database_backend = "rocksdb" + +# The port Conduit will be running on. You need to set up a reverse proxy in +# your web server (e.g. apache or nginx), so all requests to /_matrix on port +# 443 and 8448 will be forwarded to the Conduit instance running on this port +# Docker users: Don't change this, you'll need to map an external port to this. +port = {{ matrix_conduit_port_number }} + +# Max size for uploads +max_request_size = {{ matrix_conduit_max_request_size }} + +# Enables registration. If set to false, no users can register on this server. +allow_registration = {{ matrix_conduit_allow_registration }} + +allow_federation = {{ matrix_conduit_allow_federation }} + +# Enable the display name lightning bolt on registration. +enable_lightning_bolt = {{ matrix_conduit_enable_lightning_bolt }} + +trusted_servers = {{ matrix_conduit_trusted_servers }} + +max_concurrent_requests = {{ matrix_conduit_max_concurrent_requests }} + +log = "info,state_res=warn,rocket=off,_=off,sled=off" + +address = "0.0.0.0" + diff --git a/roles/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 b/roles/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 new file mode 100644 index 00000000..1254fcf1 --- /dev/null +++ b/roles/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 @@ -0,0 +1,35 @@ +#jinja2: lstrip_blocks: "True" +[Unit] +Description=Conduit Matrix homeserver +After=network.target + +[Service] +Type=simple +Environment="HOME={{ matrix_systemd_unit_home_path }}" +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-conduit 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-conduit 2>/dev/null || true' + +ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-conduit \ + --log-driver=none \ + --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ + --cap-drop=ALL \ + --read-only \ + --tmpfs=/tmp:rw,noexec,nosuid,size={{ matrix_conduit_tmp_directory_size_mb }}m \ + --network={{ matrix_docker_network }} \ + -p 8448:6167 \ + --mount type=bind,src={{ matrix_conduit_config_dir_path }},dst=/etc/matrix-conduit,ro \ + --mount type=bind,src={{ matrix_conduit_data_dir_path }},dst=/var/lib/conduit \ + {% for arg in matrix_conduit_container_extra_arguments %} + {{ arg }} \ + {% endfor %} + {{ matrix_conduit_docker_image }} + +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-conduit 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-conduit 2>/dev/null || true' +ExecReload={{ matrix_host_command_docker }} exec matrix-conduit /bin/sh -c 'kill -HUP 1' +Restart=always +RestartSec=30 +SyslogIdentifier=matrix-conduit + +[Install] +WantedBy=multi-user.target From f9026469cde3da1b1e860dc88f1b298bdf951b62 Mon Sep 17 00:00:00 2001 From: Stuart Mumford Date: Thu, 4 Aug 2022 08:53:46 +0000 Subject: [PATCH 133/562] Add back sqlite plugin database config option --- roles/matrix-bot-maubot/templates/config/config.yaml.j2 | 3 +++ 1 file changed, 3 insertions(+) diff --git a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 index 938901ea..49bbcb87 100644 --- a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 +++ b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 @@ -27,6 +27,9 @@ plugin_directories: # Configuration for storing plugin databases plugin_databases: + # Some plugins still require sqlite, so configure a path here. + # postgres will be used if supported. + sqlite: /data/dbs postgres: default server: From 309a2393c3dc37b5d07c63af65a909567e003c75 Mon Sep 17 00:00:00 2001 From: Stuart Mumford Date: Thu, 4 Aug 2022 09:18:12 +0000 Subject: [PATCH 134/562] Add no update flag as our config is read only --- .../templates/systemd/matrix-bot-maubot.service.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 index 2773c69d..c4cbcb38 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 @@ -31,7 +31,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-maubot \ -p {{ matrix_bot_maubot_management_interface_http_bind_port }}:{{ matrix_bot_maubot_management_interface_port }} {% endif %} {{ matrix_bot_maubot_docker_image }} \ - python3 -m maubot -c /config/config.yaml + python3 -m maubot -c /config/config.yaml --no-update ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-maubot 2>/dev/null || true' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true' From a5476e18571e9125c1c39ea5841f6adf1c74eb62 Mon Sep 17 00:00:00 2001 From: Charles Wright Date: Thu, 4 Aug 2022 12:36:13 -0500 Subject: [PATCH 135/562] Fixes to the conduit systemd config --- .../templates/conduit/systemd/matrix-conduit.service.j2 | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/roles/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 b/roles/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 index 1254fcf1..195e5d58 100644 --- a/roles/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 +++ b/roles/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 @@ -1,7 +1,10 @@ #jinja2: lstrip_blocks: "True" [Unit] Description=Conduit Matrix homeserver -After=network.target +{% for service in matrix_conduit_systemd_required_services_list %} +Requires={{ service }} +After={{ service }} +{% endfor %} [Service] Type=simple @@ -16,7 +19,6 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-conduit \ --read-only \ --tmpfs=/tmp:rw,noexec,nosuid,size={{ matrix_conduit_tmp_directory_size_mb }}m \ --network={{ matrix_docker_network }} \ - -p 8448:6167 \ --mount type=bind,src={{ matrix_conduit_config_dir_path }},dst=/etc/matrix-conduit,ro \ --mount type=bind,src={{ matrix_conduit_data_dir_path }},dst=/var/lib/conduit \ {% for arg in matrix_conduit_container_extra_arguments %} From c484c6294d35ec36000a3a2936e758f1b15bc56b Mon Sep 17 00:00:00 2001 From: Charles Wright Date: Thu, 4 Aug 2022 12:37:08 -0500 Subject: [PATCH 136/562] First pass at creating defaults and tasks for Conduit --- roles/matrix-conduit/defaults/main.yml | 49 +++++++++++++++++++ roles/matrix-conduit/tasks/conduit/setup.yml | 7 +++ .../tasks/conduit/setup_install.yml | 31 ++++++++++++ .../tasks/conduit/setup_uninstall.yml | 30 ++++++++++++ roles/matrix-conduit/tasks/init.yml | 5 ++ roles/matrix-conduit/tasks/main.yml | 17 +++++++ roles/matrix-conduit/tasks/setup_conduit.yml | 14 ++++++ 7 files changed, 153 insertions(+) create mode 100644 roles/matrix-conduit/defaults/main.yml create mode 100644 roles/matrix-conduit/tasks/conduit/setup.yml create mode 100644 roles/matrix-conduit/tasks/conduit/setup_install.yml create mode 100644 roles/matrix-conduit/tasks/conduit/setup_uninstall.yml create mode 100644 roles/matrix-conduit/tasks/init.yml create mode 100644 roles/matrix-conduit/tasks/main.yml create mode 100644 roles/matrix-conduit/tasks/setup_conduit.yml diff --git a/roles/matrix-conduit/defaults/main.yml b/roles/matrix-conduit/defaults/main.yml new file mode 100644 index 00000000..a4a9289d --- /dev/null +++ b/roles/matrix-conduit/defaults/main.yml @@ -0,0 +1,49 @@ +--- +# Conduit is a simple, fast and reliable chat server powered by Matrix +# See: https://conduit.rs + +matrix_conduit_enabled: true + +matrix_conduit_docker_image: "{{ matrix_conduit_docker_image_name_prefix}}matrixconduit/matrix-conduit:{{ matrix_conduit_docker_image_tag }}" +matrix_conduit_docker_image_name_prefix: "docker.io/" +matrix_conduit_docker_image_tag: "v0.4.0" +matrix_conduit_docker_image_force_pull: "{{ matrix_conduit_docker_image.endswith(':latest') }}" + +matrix_conduit_base_path: "{{ matrix_base_data_path }}/conduit" +matrix_conduit_config_dir_path: "{{ matrix_conduit_base_path }}/config" +matrix_conduit_storage_path: "{{ matrix_conduit_base_path }}/storage" + +matrix_conduit_port_number: 6167 + +# List of systemd services that matrix-conduit.service depends on +matrix_conduit_systemd_required_services_list: ["docker.service"] + +# List of systemd services that matrix-conduit.service wants +matrix_conduit_systemd_wanted_services_list: [] + +# Extra arguments for the Docker container +matrix_conduit_container_extra_arguments: [] + +# Specifies which template files to use when configuring Conduit. +# If you'd like to have your own different configuration, feel free to copy and paste +# the original files into your inventory (e.g. in `inventory/host_vars//`) +# and then change the specific host's `vars.yaml` file like this: +# matrix_conduit_template_conduit_config: "{{ playbook_dir }}/inventory/host_vars//conduit.yaml.j2" +matrix_conduit_template_conduit_config: "{{ role_path }}/templates/conduit/conduit.toml.j2" + +# Max size for uploads, in bytes +matrix_conduit_max_request_size: "20_000_000" + +# Enables registration. If set to false, no users can register on this server. +matrix_conduit_allow_registration: true + +matrix_conduit_allow_federation: true + +# Enable the display name lightning bolt on registration. +matrix_conduit_enable_lightning_bolt: true + +matrix_conduit_trusted_servers: + - "matrix.org" + +# How many requests Conduit sends to other servers at the same time +matrix_conduit_max_concurrent_requests: 100 diff --git a/roles/matrix-conduit/tasks/conduit/setup.yml b/roles/matrix-conduit/tasks/conduit/setup.yml new file mode 100644 index 00000000..57aaafdf --- /dev/null +++ b/roles/matrix-conduit/tasks/conduit/setup.yml @@ -0,0 +1,7 @@ +--- + +- import_tasks: "{{ role_path }}/tasks/conduit/setup_install.yml" + when: matrix_conduit_enabled|bool + +- import_tasks: "{{ role_path }}/tasks/conduit/setup_uninstall.yml" + when: "not matrix_conduit_enabled|bool" diff --git a/roles/matrix-conduit/tasks/conduit/setup_install.yml b/roles/matrix-conduit/tasks/conduit/setup_install.yml new file mode 100644 index 00000000..9fd933c7 --- /dev/null +++ b/roles/matrix-conduit/tasks/conduit/setup_install.yml @@ -0,0 +1,31 @@ +--- +- name: Ensure Conduit Docker image is pulled + docker_image: + name: "{{ matrix_conduit_docker_image }}" + source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" + force_source: "{{ matrix_conduit_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_conduit_docker_image_force_pull }}" + register: result + retries: "{{ matrix_container_retries_count }}" + delay: "{{ matrix_container_retries_delay }}" + until: result is not failed + +- name: Ensure Conduit configuration installed + template: + src: "{{ role_path }}/templates/conduit/conduit.toml.j2" + dest: "{{ matrix_conduit_config_dir_path }}/conduit.toml" + mode: 0644 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + +- name: Ensure matrix-conduit.service installed + template: + src: "{{ role_path }}/templates/conduit/systemd/matrix-conduit.service.j2" + dest: "{{ matrix_systemd_path }}/matrix-conduit.service" + mode: 0644 + register: matrix_conduit_systemd_service_result + +- name: Ensure systemd reloaded after matrix-conduit.service installation + service: + daemon_reload: true + when: "matrix_conduit_systemd_service_result.changed|bool" diff --git a/roles/matrix-conduit/tasks/conduit/setup_uninstall.yml b/roles/matrix-conduit/tasks/conduit/setup_uninstall.yml new file mode 100644 index 00000000..73722287 --- /dev/null +++ b/roles/matrix-conduit/tasks/conduit/setup_uninstall.yml @@ -0,0 +1,30 @@ +--- + +- name: Check existence of matrix-conduit service + stat: + path: "{{ matrix_systemd_path }}/matrix-conduit.service" + register: matrix_conduit_service_stat + +- name: Ensure matrix-conduit is stopped + service: + name: matrix-conduit + state: stopped + daemon_reload: true + register: stopping_result + when: "matrix_conduit_service_stat.stat.exists" + +- name: Ensure matrix-conduit.service doesn't exist + file: + path: "{{ matrix_systemd_path }}/matrix-conduit.service" + state: absent + when: "matrix_conduit_service_stat.stat.exists" + +- name: Ensure systemd reloaded after matrix-conduit.service removal + service: + daemon_reload: true + when: "matrix_conduit_service_stat.stat.exists" + +- name: Ensure Conduit Docker image doesn't exist + docker_image: + name: "{{ matrix_conduit_docker_image }}" + state: absent diff --git a/roles/matrix-conduit/tasks/init.yml b/roles/matrix-conduit/tasks/init.yml new file mode 100644 index 00000000..464278b7 --- /dev/null +++ b/roles/matrix-conduit/tasks/init.yml @@ -0,0 +1,5 @@ +--- + +- set_fact: + matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-conduit.service'] }}" + when: matrix_conduit_enabled|bool diff --git a/roles/matrix-conduit/tasks/main.yml b/roles/matrix-conduit/tasks/main.yml new file mode 100644 index 00000000..8ace5f48 --- /dev/null +++ b/roles/matrix-conduit/tasks/main.yml @@ -0,0 +1,17 @@ +--- + +- import_tasks: "{{ role_path }}/tasks/init.yml" + tags: + - always + +- import_tasks: "{{ role_path }}/tasks/setup_conduit.yml" + when: run_setup|bool + tags: + - setup-all + - setup-conduit + +- name: Mark matrix-conduit role as executed + set_fact: + matrix_conduit_role_executed: true + tags: + - always diff --git a/roles/matrix-conduit/tasks/setup_conduit.yml b/roles/matrix-conduit/tasks/setup_conduit.yml new file mode 100644 index 00000000..7979aee4 --- /dev/null +++ b/roles/matrix-conduit/tasks/setup_conduit.yml @@ -0,0 +1,14 @@ +--- +- name: Ensure Conduit paths exist + file: + path: "{{ item.path }}" + state: directory + mode: 0750 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + with_items: + - {path: "{{ matrix_conduit_config_dir_path }}", when: true} + - {path: "{{ matrix_conduit_data_dir_path }}", when: true} + when: "matrix_conduit_enabled|bool and item.when" + +- import_tasks: "{{ role_path }}/tasks/conduit/setup.yml" From f4afbe8edec3dd08926d1dfd3faaf6b23ab91883 Mon Sep 17 00:00:00 2001 From: Charles Wright Date: Thu, 4 Aug 2022 12:39:26 -0500 Subject: [PATCH 137/562] First pass at adding vars for Conduit --- roles/matrix-conduit/vars/main.yml | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 roles/matrix-conduit/vars/main.yml diff --git a/roles/matrix-conduit/vars/main.yml b/roles/matrix-conduit/vars/main.yml new file mode 100644 index 00000000..f6cc471b --- /dev/null +++ b/roles/matrix-conduit/vars/main.yml @@ -0,0 +1,6 @@ +--- +matrix_conduit_client_api_url_endpoint_public: "https://{{ matrix_server_fqn_matrix }}/_matrix/client/versions" +matrix_conduit_federation_api_url_endpoint_public: "https://{{ matrix_server_fqn_matrix }}:{{ matrix_federation_public_port }}/_matrix/federation/v1/version" + +# Tells whether this role had executed or not. Toggled to `true` during runtime. +matrix_conduit_role_executed: false From 2d7c427504410199d81c278dccf000b1c8def936 Mon Sep 17 00:00:00 2001 From: Charles Wright Date: Thu, 4 Aug 2022 13:16:32 -0500 Subject: [PATCH 138/562] Fixes from a first trial run --- roles/matrix-conduit/defaults/main.yml | 4 +++- roles/matrix-conduit/templates/conduit/conduit.toml.j2 | 6 +++--- .../templates/conduit/systemd/matrix-conduit.service.j2 | 3 ++- 3 files changed, 8 insertions(+), 5 deletions(-) diff --git a/roles/matrix-conduit/defaults/main.yml b/roles/matrix-conduit/defaults/main.yml index a4a9289d..05746651 100644 --- a/roles/matrix-conduit/defaults/main.yml +++ b/roles/matrix-conduit/defaults/main.yml @@ -11,10 +11,12 @@ matrix_conduit_docker_image_force_pull: "{{ matrix_conduit_docker_image.endswith matrix_conduit_base_path: "{{ matrix_base_data_path }}/conduit" matrix_conduit_config_dir_path: "{{ matrix_conduit_base_path }}/config" -matrix_conduit_storage_path: "{{ matrix_conduit_base_path }}/storage" +matrix_conduit_data_dir_path: "{{ matrix_conduit_base_path }}/storage" matrix_conduit_port_number: 6167 +matrix_conduit_tmp_directory_size_mb: 500 + # List of systemd services that matrix-conduit.service depends on matrix_conduit_systemd_required_services_list: ["docker.service"] diff --git a/roles/matrix-conduit/templates/conduit/conduit.toml.j2 b/roles/matrix-conduit/templates/conduit/conduit.toml.j2 index a6819ef4..f92910e1 100644 --- a/roles/matrix-conduit/templates/conduit/conduit.toml.j2 +++ b/roles/matrix-conduit/templates/conduit/conduit.toml.j2 @@ -35,12 +35,12 @@ port = {{ matrix_conduit_port_number }} max_request_size = {{ matrix_conduit_max_request_size }} # Enables registration. If set to false, no users can register on this server. -allow_registration = {{ matrix_conduit_allow_registration }} +allow_registration = {{ matrix_conduit_allow_registration | to_json | replace("\"", "") }} -allow_federation = {{ matrix_conduit_allow_federation }} +allow_federation = {{ matrix_conduit_allow_federation | to_json | replace("\"", "") }} # Enable the display name lightning bolt on registration. -enable_lightning_bolt = {{ matrix_conduit_enable_lightning_bolt }} +enable_lightning_bolt = {{ matrix_conduit_enable_lightning_bolt | to_json | replace("\"", "") }} trusted_servers = {{ matrix_conduit_trusted_servers }} diff --git a/roles/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 b/roles/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 index 195e5d58..2d4d2453 100644 --- a/roles/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 +++ b/roles/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 @@ -19,8 +19,9 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-conduit \ --read-only \ --tmpfs=/tmp:rw,noexec,nosuid,size={{ matrix_conduit_tmp_directory_size_mb }}m \ --network={{ matrix_docker_network }} \ + --env CONDUIT_CONFIG=/etc/matrix-conduit/conduit.toml \ + --mount type=bind,src={{ matrix_conduit_data_dir_path }},dst=/var/lib/matrix-conduit \ --mount type=bind,src={{ matrix_conduit_config_dir_path }},dst=/etc/matrix-conduit,ro \ - --mount type=bind,src={{ matrix_conduit_data_dir_path }},dst=/var/lib/conduit \ {% for arg in matrix_conduit_container_extra_arguments %} {{ arg }} \ {% endfor %} From c228ad451d9e5cc589338773d1c2337e855cc879 Mon Sep 17 00:00:00 2001 From: Charles Wright Date: Thu, 4 Aug 2022 13:25:18 -0500 Subject: [PATCH 139/562] Updates to conduit paths --- roles/matrix-conduit/defaults/main.yml | 4 ++-- .../tasks/conduit/setup_install.yml | 2 +- roles/matrix-conduit/tasks/setup_conduit.yml | 16 ++++++++++++++-- .../conduit/systemd/matrix-conduit.service.j2 | 4 ++-- 4 files changed, 19 insertions(+), 7 deletions(-) diff --git a/roles/matrix-conduit/defaults/main.yml b/roles/matrix-conduit/defaults/main.yml index 05746651..f71f6f10 100644 --- a/roles/matrix-conduit/defaults/main.yml +++ b/roles/matrix-conduit/defaults/main.yml @@ -10,8 +10,8 @@ matrix_conduit_docker_image_tag: "v0.4.0" matrix_conduit_docker_image_force_pull: "{{ matrix_conduit_docker_image.endswith(':latest') }}" matrix_conduit_base_path: "{{ matrix_base_data_path }}/conduit" -matrix_conduit_config_dir_path: "{{ matrix_conduit_base_path }}/config" -matrix_conduit_data_dir_path: "{{ matrix_conduit_base_path }}/storage" +matrix_conduit_config_path: "{{ matrix_conduit_base_path }}/config" +matrix_conduit_data_path: "{{ matrix_conduit_base_path }}/storage" matrix_conduit_port_number: 6167 diff --git a/roles/matrix-conduit/tasks/conduit/setup_install.yml b/roles/matrix-conduit/tasks/conduit/setup_install.yml index 9fd933c7..5611e3e3 100644 --- a/roles/matrix-conduit/tasks/conduit/setup_install.yml +++ b/roles/matrix-conduit/tasks/conduit/setup_install.yml @@ -13,7 +13,7 @@ - name: Ensure Conduit configuration installed template: src: "{{ role_path }}/templates/conduit/conduit.toml.j2" - dest: "{{ matrix_conduit_config_dir_path }}/conduit.toml" + dest: "{{ matrix_conduit_config_path }}/conduit.toml" mode: 0644 owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" diff --git a/roles/matrix-conduit/tasks/setup_conduit.yml b/roles/matrix-conduit/tasks/setup_conduit.yml index 7979aee4..17738b17 100644 --- a/roles/matrix-conduit/tasks/setup_conduit.yml +++ b/roles/matrix-conduit/tasks/setup_conduit.yml @@ -7,8 +7,20 @@ owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" with_items: - - {path: "{{ matrix_conduit_config_dir_path }}", when: true} - - {path: "{{ matrix_conduit_data_dir_path }}", when: true} + - {path: "{{ matrix_conduit_config_path }}", when: true} + - {path: "{{ matrix_conduit_data_path }}", when: true} when: "matrix_conduit_enabled|bool and item.when" +# We do this as a separate task, because: +# - we'd like to do it for the data path only, not for the base path (which contains root-owned environment variable files we'd like to leave as-is) +# - matrix-postgres does something similar +- name: Ensure Conduit data path ownership is correct + file: + path: "{{ matrix_conduit_data_path }}" + state: directory + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + recurse: true + when: matrix_conduit_enabled|bool + - import_tasks: "{{ role_path }}/tasks/conduit/setup.yml" diff --git a/roles/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 b/roles/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 index 2d4d2453..51b204f6 100644 --- a/roles/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 +++ b/roles/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 @@ -20,8 +20,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-conduit \ --tmpfs=/tmp:rw,noexec,nosuid,size={{ matrix_conduit_tmp_directory_size_mb }}m \ --network={{ matrix_docker_network }} \ --env CONDUIT_CONFIG=/etc/matrix-conduit/conduit.toml \ - --mount type=bind,src={{ matrix_conduit_data_dir_path }},dst=/var/lib/matrix-conduit \ - --mount type=bind,src={{ matrix_conduit_config_dir_path }},dst=/etc/matrix-conduit,ro \ + --mount type=bind,src={{ matrix_conduit_data_path }},dst=/var/lib/matrix-conduit \ + --mount type=bind,src={{ matrix_conduit_config_path }},dst=/etc/matrix-conduit,ro \ {% for arg in matrix_conduit_container_extra_arguments %} {{ arg }} \ {% endfor %} From 50c4c48f09c137e354c20ee4cb6312322f3ed96f Mon Sep 17 00:00:00 2001 From: Charles Wright Date: Thu, 4 Aug 2022 13:31:28 -0500 Subject: [PATCH 140/562] Rename storage directory to data --- roles/matrix-conduit/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-conduit/defaults/main.yml b/roles/matrix-conduit/defaults/main.yml index f71f6f10..94d1fcfa 100644 --- a/roles/matrix-conduit/defaults/main.yml +++ b/roles/matrix-conduit/defaults/main.yml @@ -11,7 +11,7 @@ matrix_conduit_docker_image_force_pull: "{{ matrix_conduit_docker_image.endswith matrix_conduit_base_path: "{{ matrix_base_data_path }}/conduit" matrix_conduit_config_path: "{{ matrix_conduit_base_path }}/config" -matrix_conduit_data_path: "{{ matrix_conduit_base_path }}/storage" +matrix_conduit_data_path: "{{ matrix_conduit_base_path }}/data" matrix_conduit_port_number: 6167 From 53cf0e18a4ee8d4eab691c78884c83e019f066e2 Mon Sep 17 00:00:00 2001 From: Charles Wright Date: Thu, 4 Aug 2022 13:32:01 -0500 Subject: [PATCH 141/562] Actually make the data dir writable this time --- roles/matrix-conduit/tasks/setup_conduit.yml | 18 ++++++------------ 1 file changed, 6 insertions(+), 12 deletions(-) diff --git a/roles/matrix-conduit/tasks/setup_conduit.yml b/roles/matrix-conduit/tasks/setup_conduit.yml index 17738b17..25632c80 100644 --- a/roles/matrix-conduit/tasks/setup_conduit.yml +++ b/roles/matrix-conduit/tasks/setup_conduit.yml @@ -1,26 +1,20 @@ --- -- name: Ensure Conduit paths exist +- name: Ensure Conduit config path exists file: - path: "{{ item.path }}" + path: "{{ matrix_conduit_config_path }}" state: directory mode: 0750 owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" - with_items: - - {path: "{{ matrix_conduit_config_path }}", when: true} - - {path: "{{ matrix_conduit_data_path }}", when: true} - when: "matrix_conduit_enabled|bool and item.when" + when: "matrix_conduit_enabled|bool" -# We do this as a separate task, because: -# - we'd like to do it for the data path only, not for the base path (which contains root-owned environment variable files we'd like to leave as-is) -# - matrix-postgres does something similar -- name: Ensure Conduit data path ownership is correct +- name: Ensure Conduit data path exists file: path: "{{ matrix_conduit_data_path }}" state: directory + mode: 0770 owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" - recurse: true - when: matrix_conduit_enabled|bool + when: "matrix_conduit_enabled|bool" - import_tasks: "{{ role_path }}/tasks/conduit/setup.yml" From 998dafe9c4d5315369f2082142b4f035ba452b9a Mon Sep 17 00:00:00 2001 From: Aine Date: Thu, 4 Aug 2022 22:02:45 +0300 Subject: [PATCH 142/562] Update Honoroit 0.9.11 -> 0.9.12 --- roles/matrix-bot-honoroit/defaults/main.yml | 5 ++++- roles/matrix-bot-honoroit/templates/env.j2 | 1 + 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/roles/matrix-bot-honoroit/defaults/main.yml b/roles/matrix-bot-honoroit/defaults/main.yml index 55d1a386..fe0b0981 100644 --- a/roles/matrix-bot-honoroit/defaults/main.yml +++ b/roles/matrix-bot-honoroit/defaults/main.yml @@ -9,7 +9,7 @@ matrix_bot_honoroit_docker_repo: "https://gitlab.com/etke.cc/honoroit.git" matrix_bot_honoroit_docker_repo_version: "{{ matrix_bot_honoroit_version }}" matrix_bot_honoroit_docker_src_files_path: "{{ matrix_base_data_path }}/honoroit/docker-src" -matrix_bot_honoroit_version: v0.9.11 +matrix_bot_honoroit_version: v0.9.12 matrix_bot_honoroit_docker_image: "{{ matrix_bot_honoroit_docker_image_name_prefix }}honoroit:{{ matrix_bot_honoroit_version }}" matrix_bot_honoroit_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_honoroit_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" matrix_bot_honoroit_docker_image_force_pull: "{{ matrix_bot_honoroit_docker_image.endswith(':latest') }}" @@ -94,6 +94,9 @@ matrix_bot_honoroit_cachesize: '' # List of ignored room IDs matrix_bot_honoroit_ignoredrooms: [] +# Ignore messages outside of threads +matrix_bot_honoroit_ignorenothread: false + # Text prefix: open matrix_bot_honoroit_text_prefix_open: '' diff --git a/roles/matrix-bot-honoroit/templates/env.j2 b/roles/matrix-bot-honoroit/templates/env.j2 index 242b906c..c8d10c6a 100644 --- a/roles/matrix-bot-honoroit/templates/env.j2 +++ b/roles/matrix-bot-honoroit/templates/env.j2 @@ -9,6 +9,7 @@ HONOROIT_SENTRY={{ matrix_bot_honoroit_sentry }} HONOROIT_LOGLEVEL={{ matrix_bot_honoroit_loglevel }} HONOROIT_CACHESIZE={{ matrix_bot_honoroit_cachesize }} HONOROIT_NOENCRYPTION={{ matrix_bot_honoroit_noencryption }} +HONOROIT_IGNORENOTHREAD={{ matrix_bot_honoroit_ignorenothread }} HONOROIT_IGNOREDROOMS={{ matrix_bot_honoroit_ignoredrooms|join(' ') }} HONOROIT_TEXT_PREFIX_OPEN={{ matrix_bot_honoroit_text_prefix_open }} HONOROIT_TEXT_PREFIX_DONE={{ matrix_bot_honoroit_text_prefix_done }} From 20767b514913c1289a3d7a48a890e34511b7e945 Mon Sep 17 00:00:00 2001 From: Charles Wright Date: Thu, 4 Aug 2022 14:35:41 -0500 Subject: [PATCH 143/562] Fixes to enable Conduit in setup-all --- group_vars/matrix_servers | 31 ++++++++ roles/matrix-base/defaults/main.yml | 2 +- roles/matrix-base/tasks/sanity_check.yml | 2 +- roles/matrix-conduit/defaults/main.yml | 2 +- roles/matrix-nginx-proxy/defaults/main.yml | 15 ++++ .../tasks/setup_nginx_proxy.yml | 13 ++++ .../nginx/conf.d/matrix-conduit.conf.j2 | 77 +++++++++++++++++++ setup.yml | 1 + 8 files changed, 140 insertions(+), 3 deletions(-) create mode 100644 roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-conduit.conf.j2 diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 91324025..ed64c0a4 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -24,6 +24,7 @@ matrix_homeserver_container_url: |- 'http://matrix-nginx-proxy:12080' if matrix_nginx_proxy_enabled else { 'synapse': ('http://matrix-synapse:'+ matrix_synapse_container_client_api_port|string), 'dendrite': ('http://matrix-dendrite:' + matrix_dendrite_http_bind_port|string), + 'conduit': ('http://matrix-conduit:' + matrix_conduit_port_number|string), }[matrix_homeserver_implementation] }} @@ -32,6 +33,7 @@ matrix_homeserver_container_federation_url: |- 'http://matrix-nginx-proxy:12088' if matrix_nginx_proxy_enabled else { 'synapse': ('http://matrix-synapse:'+ matrix_synapse_container_federation_api_plain_port|string), 'dendrite': ('http://matrix-dendrite:' + matrix_dendrite_http_bind_port|string), + 'conduit': ('http://matrix-conduit:' + matrix_conduit_port_number|string), }[matrix_homeserver_implementation] }} @@ -1432,6 +1434,7 @@ matrix_nginx_proxy_proxy_matrix_client_api_client_max_body_size_mb: |- { 'synapse': matrix_synapse_max_upload_size_mb, 'dendrite': (matrix_dendrite_max_file_size_bytes / 1024 / 1024) | round, + 'conduit': (matrix_conduit_max_request_size / 1024 / 1024) | round, }[matrix_homeserver_implementation]|int }} @@ -1464,6 +1467,7 @@ matrix_nginx_proxy_proxy_matrix_federation_api_enabled: |- { 'synapse': (matrix_synapse_federation_port_enabled and not matrix_synapse_tls_federation_listener_enabled), 'dendrite': matrix_dendrite_federation_enabled, + 'conduit': matrix_conduit_allow_federation, }[matrix_homeserver_implementation]|bool }} @@ -1482,6 +1486,12 @@ matrix_nginx_proxy_proxy_dendrite_client_api_addr_sans_container: "127.0.0.1:{{ matrix_nginx_proxy_proxy_dendrite_federation_api_addr_with_container: "matrix-dendrite:{{ matrix_dendrite_http_bind_port|string }}" matrix_nginx_proxy_proxy_dendrite_federation_api_addr_sans_container: "127.0.0.1:{{ matrix_dendrite_http_bind_port|string }}" +matrix_nginx_proxy_proxy_conduit_enabled: "{{ matrix_conduit_enabled }}" +matrix_nginx_proxy_proxy_conduit_client_api_addr_with_container: "matrix-conduit:{{ matrix_conduit_port_number|string }}" +matrix_nginx_proxy_proxy_conduit_client_api_addr_sans_container: "127.0.0.1:{{ matrix_conduit_port_number|string }}" +matrix_nginx_proxy_proxy_conduit_federation_api_addr_with_container: "matrix-conduit:{{ matrix_conduit_port_number|string }}" +matrix_nginx_proxy_proxy_conduit_federation_api_addr_sans_container: "127.0.0.1:{{ matrix_conduit_port_number|string }}" + # When matrix-nginx-proxy is disabled, the actual port number that the vhost uses may begin to matter. matrix_nginx_proxy_proxy_matrix_federation_port: "{{ matrix_federation_public_port }}" @@ -2211,6 +2221,7 @@ matrix_registration_shared_secret: |- { 'synapse': matrix_synapse_registration_shared_secret, 'dendrite': matrix_dendrite_registration_shared_secret, + 'conduit': '' }[matrix_homeserver_implementation] }} @@ -2331,3 +2342,23 @@ matrix_dendrite_systemd_wanted_services_list: | # /matrix-dendrite # ###################################################################### + +###################################################################### +# +# matrix-conduit +# +###################################################################### + +matrix_conduit_enabled: "{{ matrix_homeserver_implementation == 'conduit' }}" + +matrix_conduit_systemd_required_services_list: | + {{ + (['docker.service']) + }} + + +###################################################################### +# +# /matrix-conduit +# +###################################################################### diff --git a/roles/matrix-base/defaults/main.yml b/roles/matrix-base/defaults/main.yml index ae39d00a..9d0ded4a 100644 --- a/roles/matrix-base/defaults/main.yml +++ b/roles/matrix-base/defaults/main.yml @@ -9,7 +9,7 @@ matrix_domain: ~ # This will contain the homeserver implementation that is in use. -# Valid values: synapse, dendrite +# Valid values: synapse, dendrite, conduit # # By default, we use Synapse, because it's the only full-featured Matrix server at the moment. # diff --git a/roles/matrix-base/tasks/sanity_check.yml b/roles/matrix-base/tasks/sanity_check.yml index f78510d7..ad3d35d6 100644 --- a/roles/matrix-base/tasks/sanity_check.yml +++ b/roles/matrix-base/tasks/sanity_check.yml @@ -3,7 +3,7 @@ - name: Fail if invalid homeserver implementation fail: msg: "You need to set a valid homeserver implementation in `matrix_homeserver_implementation`" - when: "matrix_homeserver_implementation not in ['synapse', 'dendrite']" + when: "matrix_homeserver_implementation not in ['synapse', 'dendrite', 'conduit']" # We generally support Ansible 2.7.1 and above. - name: Fail if running on Ansible < 2.7.1 diff --git a/roles/matrix-conduit/defaults/main.yml b/roles/matrix-conduit/defaults/main.yml index 94d1fcfa..9ee83282 100644 --- a/roles/matrix-conduit/defaults/main.yml +++ b/roles/matrix-conduit/defaults/main.yml @@ -34,7 +34,7 @@ matrix_conduit_container_extra_arguments: [] matrix_conduit_template_conduit_config: "{{ role_path }}/templates/conduit/conduit.toml.j2" # Max size for uploads, in bytes -matrix_conduit_max_request_size: "20_000_000" +matrix_conduit_max_request_size: 20_000_000 # Enables registration. If set to false, no users can register on this server. matrix_conduit_allow_registration: true diff --git a/roles/matrix-nginx-proxy/defaults/main.yml b/roles/matrix-nginx-proxy/defaults/main.yml index de1a3146..8d606273 100644 --- a/roles/matrix-nginx-proxy/defaults/main.yml +++ b/roles/matrix-nginx-proxy/defaults/main.yml @@ -147,6 +147,21 @@ matrix_nginx_proxy_proxy_dendrite_client_api_addr_sans_container: "" # A list of strings containing additional configuration blocks to add to the Dendrite's server configuration (matrix-dendrite.conf). matrix_nginx_proxy_proxy_dendrite_additional_server_configuration_blocks: [] +# Controls whether proxying for Conduit should be done. +matrix_nginx_proxy_proxy_conduit_enabled: false +matrix_nginx_proxy_proxy_conduit_hostname: "matrix-nginx-proxy" +matrix_nginx_proxy_proxy_conduit_federation_api_enabled: "{{ matrix_nginx_proxy_proxy_matrix_federation_api_enabled }}" +# Controls whether the Client API server (usually at matrix.DOMAIN:443) should explicitly reject `/_matrix/federation` endpoints. +matrix_nginx_proxy_proxy_conduit_block_federation_api_on_client_port: true +# The addresses where the Matrix Client API is, when using Conduit. +matrix_nginx_proxy_proxy_conduit_client_api_addr_with_container: "" +matrix_nginx_proxy_proxy_conduit_client_api_addr_sans_container: "" +# The addresses where the Federation API is, when using Conduit. +matrix_nginx_proxy_proxy_conduit_federation_api_addr_with_container: "" +matrix_nginx_proxy_proxy_conduit_federation_api_addr_sans_container: "" +# A list of strings containing additional configuration blocks to add to the Conduit's server configuration (matrix-conduit.conf). +matrix_nginx_proxy_proxy_conduit_additional_server_configuration_blocks: [] + # Controls whether proxying the Element domain should be done. matrix_nginx_proxy_proxy_element_enabled: false matrix_nginx_proxy_proxy_element_hostname: "{{ matrix_server_fqn_element }}" diff --git a/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml b/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml index 92454e96..c546a083 100644 --- a/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml +++ b/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml @@ -80,6 +80,19 @@ state: absent when: "not matrix_nginx_proxy_proxy_dendrite_enabled|bool" +- name: Ensure Matrix nginx-proxy configuration for matrix-conduit exists + template: + src: "{{ role_path }}/templates/nginx/conf.d/matrix-conduit.conf.j2" + dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-conduit.conf" + mode: 0644 + when: matrix_nginx_proxy_proxy_conduit_enabled|bool + +- name: Ensure Matrix nginx-proxy configuration for matrix-conduit deleted + file: + path: "{{ matrix_nginx_proxy_confd_path }}/matrix-conduit.conf" + state: absent + when: "not matrix_nginx_proxy_proxy_conduit_enabled|bool" + - name: Ensure Matrix nginx-proxy configuration for Element domain exists template: src: "{{ role_path }}/templates/nginx/conf.d/matrix-client-element.conf.j2" diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-conduit.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-conduit.conf.j2 new file mode 100644 index 00000000..2106acc4 --- /dev/null +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-conduit.conf.j2 @@ -0,0 +1,77 @@ +#jinja2: lstrip_blocks: "True" + +server { + listen 12080; + server_name {{ matrix_nginx_proxy_proxy_conduit_hostname }}; + + server_tokens off; + root /dev/null; + + gzip on; + gzip_types text/plain application/json; + + {% for configuration_block in matrix_nginx_proxy_proxy_conduit_additional_server_configuration_blocks %} + {{- configuration_block }} + {% endfor %} + + {% if matrix_nginx_proxy_proxy_conduit_block_federation_api_on_client_port %} + location /_matrix/federation { + {% if matrix_nginx_proxy_proxy_conduit_federation_api_enabled %} + return 404 'The Federation API is served at https://{{ matrix_server_fqn_matrix }}:{{ matrix_federation_public_port }}'; + {% else %} + return 404 'This Matrix server is running with federation disabled'; + {% endif %} + } + {% endif %} + + {# Everything else just goes to the API server ##} + location / { + {% if matrix_nginx_proxy_enabled %} + {# Use the embedded DNS resolver in Docker containers to discover the service #} + resolver 127.0.0.11 valid=5s; + set $backend "{{ matrix_nginx_proxy_proxy_conduit_client_api_addr_with_container }}"; + proxy_pass http://$backend; + {% else %} + {# Generic configuration for use outside of our container setup #} + proxy_pass http://{{ matrix_nginx_proxy_proxy_conduit_client_api_addr_sans_container }}; + {% endif %} + + proxy_set_header Host $host; + + client_body_buffer_size 25M; + client_max_body_size {{ matrix_nginx_proxy_proxy_matrix_client_api_client_max_body_size_mb }}M; + proxy_max_temp_file_size 0; + } +} + +{% if matrix_nginx_proxy_proxy_conduit_federation_api_enabled %} +server { + listen 12088; + + server_name {{ matrix_nginx_proxy_proxy_conduit_hostname }}; + server_tokens off; + + root /dev/null; + + gzip on; + gzip_types text/plain application/json; + + location / { + {% if matrix_nginx_proxy_enabled %} + {# Use the embedded DNS resolver in Docker containers to discover the service #} + resolver 127.0.0.11 valid=5s; + set $backend "{{ matrix_nginx_proxy_proxy_conduit_federation_api_addr_with_container }}"; + proxy_pass http://$backend; + {% else %} + {# Generic configuration for use outside of our container setup #} + proxy_pass http://{{ matrix_nginx_proxy_proxy_conduit_federation_api_addr_sans_container }}; + {% endif %} + + proxy_set_header Host $host; + + client_body_buffer_size 25M; + client_max_body_size {{ matrix_nginx_proxy_proxy_matrix_federation_api_client_max_body_size_mb }}M; + proxy_max_temp_file_size 0; + } +} +{% endif %} diff --git a/setup.yml b/setup.yml index de86665b..82429d43 100755 --- a/setup.yml +++ b/setup.yml @@ -42,6 +42,7 @@ - matrix-bot-mjolnir - matrix-synapse - matrix-dendrite + - matrix-conduit - matrix-synapse-admin - matrix-prometheus-node-exporter - matrix-prometheus From dffa91ec8e0a3a92e10ef58c932956aca3172fcd Mon Sep 17 00:00:00 2001 From: Charles Wright Date: Fri, 5 Aug 2022 09:01:59 -0500 Subject: [PATCH 144/562] Suggested fix from spantaleev Co-authored-by: Slavi Pantaleev --- group_vars/matrix_servers | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index ed64c0a4..365ecd47 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -2221,7 +2221,7 @@ matrix_registration_shared_secret: |- { 'synapse': matrix_synapse_registration_shared_secret, 'dendrite': matrix_dendrite_registration_shared_secret, - 'conduit': '' + 'conduit': '', }[matrix_homeserver_implementation] }} From 47caba38fb1de77288a90afd04b9626cfacd74f6 Mon Sep 17 00:00:00 2001 From: Charles Wright Date: Fri, 5 Aug 2022 09:59:35 -0500 Subject: [PATCH 145/562] Implemented suggestions from Slavi --- roles/matrix-conduit/tasks/conduit/setup.yml | 18 +++++++++++++++++ roles/matrix-conduit/tasks/main.yml | 2 +- roles/matrix-conduit/tasks/setup_conduit.yml | 20 ------------------- .../templates/conduit/conduit.toml.j2 | 8 ++++---- 4 files changed, 23 insertions(+), 25 deletions(-) delete mode 100644 roles/matrix-conduit/tasks/setup_conduit.yml diff --git a/roles/matrix-conduit/tasks/conduit/setup.yml b/roles/matrix-conduit/tasks/conduit/setup.yml index 57aaafdf..055fbd27 100644 --- a/roles/matrix-conduit/tasks/conduit/setup.yml +++ b/roles/matrix-conduit/tasks/conduit/setup.yml @@ -1,5 +1,23 @@ --- +- name: Ensure Conduit config path exists + file: + path: "{{ matrix_conduit_config_path }}" + state: directory + mode: 0750 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + when: "matrix_conduit_enabled|bool" + +- name: Ensure Conduit data path exists + file: + path: "{{ matrix_conduit_data_path }}" + state: directory + mode: 0770 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + when: "matrix_conduit_enabled|bool" + - import_tasks: "{{ role_path }}/tasks/conduit/setup_install.yml" when: matrix_conduit_enabled|bool diff --git a/roles/matrix-conduit/tasks/main.yml b/roles/matrix-conduit/tasks/main.yml index 8ace5f48..20d91ac8 100644 --- a/roles/matrix-conduit/tasks/main.yml +++ b/roles/matrix-conduit/tasks/main.yml @@ -4,7 +4,7 @@ tags: - always -- import_tasks: "{{ role_path }}/tasks/setup_conduit.yml" +- import_tasks: "{{ role_path }}/tasks/conduit/setup.yml" when: run_setup|bool tags: - setup-all diff --git a/roles/matrix-conduit/tasks/setup_conduit.yml b/roles/matrix-conduit/tasks/setup_conduit.yml deleted file mode 100644 index 25632c80..00000000 --- a/roles/matrix-conduit/tasks/setup_conduit.yml +++ /dev/null @@ -1,20 +0,0 @@ ---- -- name: Ensure Conduit config path exists - file: - path: "{{ matrix_conduit_config_path }}" - state: directory - mode: 0750 - owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_groupname }}" - when: "matrix_conduit_enabled|bool" - -- name: Ensure Conduit data path exists - file: - path: "{{ matrix_conduit_data_path }}" - state: directory - mode: 0770 - owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_groupname }}" - when: "matrix_conduit_enabled|bool" - -- import_tasks: "{{ role_path }}/tasks/conduit/setup.yml" diff --git a/roles/matrix-conduit/templates/conduit/conduit.toml.j2 b/roles/matrix-conduit/templates/conduit/conduit.toml.j2 index f92910e1..6f479084 100644 --- a/roles/matrix-conduit/templates/conduit/conduit.toml.j2 +++ b/roles/matrix-conduit/templates/conduit/conduit.toml.j2 @@ -35,14 +35,14 @@ port = {{ matrix_conduit_port_number }} max_request_size = {{ matrix_conduit_max_request_size }} # Enables registration. If set to false, no users can register on this server. -allow_registration = {{ matrix_conduit_allow_registration | to_json | replace("\"", "") }} +allow_registration = {{ matrix_conduit_allow_registration | to_json }} -allow_federation = {{ matrix_conduit_allow_federation | to_json | replace("\"", "") }} +allow_federation = {{ matrix_conduit_allow_federation | to_json }} # Enable the display name lightning bolt on registration. -enable_lightning_bolt = {{ matrix_conduit_enable_lightning_bolt | to_json | replace("\"", "") }} +enable_lightning_bolt = {{ matrix_conduit_enable_lightning_bolt | to_json }} -trusted_servers = {{ matrix_conduit_trusted_servers }} +trusted_servers = {{ matrix_conduit_trusted_servers | to_json }} max_concurrent_requests = {{ matrix_conduit_max_concurrent_requests }} From 32430de812ec01e6a889552522b85791a8075afb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 5 Aug 2022 19:02:01 +0200 Subject: [PATCH 146/562] Fix bug that prevented user with external nginx from launch (#2003) * Fix bug that prevented user with external nginx from launch The backslash was missing and prevented users from starting the bot * Add necessary config for ext nginx to docs * Add automatic config for ext nginx, adjust docs * Remove unneeded and possibly puzzeling documentation --- docs/configuring-playbook-bot-maubot.md | 7 ------- group_vars/matrix_servers | 2 ++ .../templates/systemd/matrix-bot-maubot.service.j2 | 2 +- 3 files changed, 3 insertions(+), 8 deletions(-) diff --git a/docs/configuring-playbook-bot-maubot.md b/docs/configuring-playbook-bot-maubot.md index d74cfb2f..d5990a11 100644 --- a/docs/configuring-playbook-bot-maubot.md +++ b/docs/configuring-playbook-bot-maubot.md @@ -61,10 +61,3 @@ You can expand "Access token" to copy it. ![Obatining an admin access token with Element](assets/obtain_admin_access_token_element.png) **IMPORTANT**: once you copy the token, just close the Matrix client window/tab. Do not "log out", as that would invalidate the token. - - - - - - - diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 52f89cec..a89e2e9b 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1125,6 +1125,8 @@ matrix_bot_maubot_registration_shared_secret: |- }[matrix_homeserver_implementation] }} +matrix_bot_maubot_management_interface_http_bind_port: "{{ '' if matrix_nginx_proxy_enabled else ('127.0.0.1:' + matrix_bot_maubot_management_interface_port | string) }}" + # Postgres is the default, except if not using `matrix_postgres` (internal postgres) matrix_bot_maubot_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" matrix_bot_maubot_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mxpup.dsc.db') | to_uuid }}" diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 index c4cbcb38..a9e03986 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 @@ -28,7 +28,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-maubot \ {% endfor %} --network={{ matrix_docker_network }} \ {% if matrix_bot_maubot_management_interface_http_bind_port %} - -p {{ matrix_bot_maubot_management_interface_http_bind_port }}:{{ matrix_bot_maubot_management_interface_port }} + -p {{ matrix_bot_maubot_management_interface_http_bind_port }}:{{ matrix_bot_maubot_management_interface_port }} \ {% endif %} {{ matrix_bot_maubot_docker_image }} \ python3 -m maubot -c /config/config.yaml --no-update From 0ee44adde86398f6b38f339915aa5952d27ea63a Mon Sep 17 00:00:00 2001 From: Charles Wright Date: Fri, 5 Aug 2022 13:44:56 -0500 Subject: [PATCH 147/562] Using ansible.builtin where possible --- roles/matrix-conduit/tasks/conduit/setup.yml | 4 ++-- roles/matrix-conduit/tasks/conduit/setup_install.yml | 6 +++--- roles/matrix-conduit/tasks/conduit/setup_uninstall.yml | 8 ++++---- roles/matrix-conduit/tasks/init.yml | 2 +- roles/matrix-conduit/tasks/main.yml | 2 +- 5 files changed, 11 insertions(+), 11 deletions(-) diff --git a/roles/matrix-conduit/tasks/conduit/setup.yml b/roles/matrix-conduit/tasks/conduit/setup.yml index 055fbd27..c4d3d6be 100644 --- a/roles/matrix-conduit/tasks/conduit/setup.yml +++ b/roles/matrix-conduit/tasks/conduit/setup.yml @@ -1,7 +1,7 @@ --- - name: Ensure Conduit config path exists - file: + ansible.builtin.file: path: "{{ matrix_conduit_config_path }}" state: directory mode: 0750 @@ -10,7 +10,7 @@ when: "matrix_conduit_enabled|bool" - name: Ensure Conduit data path exists - file: + ansible.builtin.file: path: "{{ matrix_conduit_data_path }}" state: directory mode: 0770 diff --git a/roles/matrix-conduit/tasks/conduit/setup_install.yml b/roles/matrix-conduit/tasks/conduit/setup_install.yml index 5611e3e3..927d9fa3 100644 --- a/roles/matrix-conduit/tasks/conduit/setup_install.yml +++ b/roles/matrix-conduit/tasks/conduit/setup_install.yml @@ -11,7 +11,7 @@ until: result is not failed - name: Ensure Conduit configuration installed - template: + ansible.builtin.template: src: "{{ role_path }}/templates/conduit/conduit.toml.j2" dest: "{{ matrix_conduit_config_path }}/conduit.toml" mode: 0644 @@ -19,13 +19,13 @@ group: "{{ matrix_user_groupname }}" - name: Ensure matrix-conduit.service installed - template: + ansible.builtin.template: src: "{{ role_path }}/templates/conduit/systemd/matrix-conduit.service.j2" dest: "{{ matrix_systemd_path }}/matrix-conduit.service" mode: 0644 register: matrix_conduit_systemd_service_result - name: Ensure systemd reloaded after matrix-conduit.service installation - service: + ansible.builtin.systemd: daemon_reload: true when: "matrix_conduit_systemd_service_result.changed|bool" diff --git a/roles/matrix-conduit/tasks/conduit/setup_uninstall.yml b/roles/matrix-conduit/tasks/conduit/setup_uninstall.yml index 73722287..3bbbc3a7 100644 --- a/roles/matrix-conduit/tasks/conduit/setup_uninstall.yml +++ b/roles/matrix-conduit/tasks/conduit/setup_uninstall.yml @@ -1,12 +1,12 @@ --- - name: Check existence of matrix-conduit service - stat: + ansible.builtin.stat: path: "{{ matrix_systemd_path }}/matrix-conduit.service" register: matrix_conduit_service_stat - name: Ensure matrix-conduit is stopped - service: + ansible.builtin.systemd: name: matrix-conduit state: stopped daemon_reload: true @@ -14,13 +14,13 @@ when: "matrix_conduit_service_stat.stat.exists" - name: Ensure matrix-conduit.service doesn't exist - file: + ansible.builtin.file: path: "{{ matrix_systemd_path }}/matrix-conduit.service" state: absent when: "matrix_conduit_service_stat.stat.exists" - name: Ensure systemd reloaded after matrix-conduit.service removal - service: + ansible.builtin.systemd: daemon_reload: true when: "matrix_conduit_service_stat.stat.exists" diff --git a/roles/matrix-conduit/tasks/init.yml b/roles/matrix-conduit/tasks/init.yml index 464278b7..11b53e79 100644 --- a/roles/matrix-conduit/tasks/init.yml +++ b/roles/matrix-conduit/tasks/init.yml @@ -1,5 +1,5 @@ --- -- set_fact: +- ansible.builtin.set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-conduit.service'] }}" when: matrix_conduit_enabled|bool diff --git a/roles/matrix-conduit/tasks/main.yml b/roles/matrix-conduit/tasks/main.yml index 20d91ac8..e264853e 100644 --- a/roles/matrix-conduit/tasks/main.yml +++ b/roles/matrix-conduit/tasks/main.yml @@ -11,7 +11,7 @@ - setup-conduit - name: Mark matrix-conduit role as executed - set_fact: + ansible.builtin.set_fact: matrix_conduit_role_executed: true tags: - always From 5799b95c01c58483ca9d88667d3d68ec5bd0dca1 Mon Sep 17 00:00:00 2001 From: Charles Wright Date: Fri, 5 Aug 2022 13:48:45 -0500 Subject: [PATCH 148/562] Ensure space around pipe character for ansible-lint --- roles/matrix-conduit/tasks/conduit/setup.yml | 8 ++++---- roles/matrix-conduit/tasks/conduit/setup_install.yml | 2 +- roles/matrix-conduit/tasks/init.yml | 2 +- roles/matrix-conduit/tasks/main.yml | 2 +- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/roles/matrix-conduit/tasks/conduit/setup.yml b/roles/matrix-conduit/tasks/conduit/setup.yml index c4d3d6be..9b3d4487 100644 --- a/roles/matrix-conduit/tasks/conduit/setup.yml +++ b/roles/matrix-conduit/tasks/conduit/setup.yml @@ -7,7 +7,7 @@ mode: 0750 owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" - when: "matrix_conduit_enabled|bool" + when: "matrix_conduit_enabled | bool" - name: Ensure Conduit data path exists ansible.builtin.file: @@ -16,10 +16,10 @@ mode: 0770 owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" - when: "matrix_conduit_enabled|bool" + when: "matrix_conduit_enabled | bool" - import_tasks: "{{ role_path }}/tasks/conduit/setup_install.yml" - when: matrix_conduit_enabled|bool + when: "matrix_conduit_enabled | bool" - import_tasks: "{{ role_path }}/tasks/conduit/setup_uninstall.yml" - when: "not matrix_conduit_enabled|bool" + when: "not matrix_conduit_enabled | bool" diff --git a/roles/matrix-conduit/tasks/conduit/setup_install.yml b/roles/matrix-conduit/tasks/conduit/setup_install.yml index 927d9fa3..f86db34f 100644 --- a/roles/matrix-conduit/tasks/conduit/setup_install.yml +++ b/roles/matrix-conduit/tasks/conduit/setup_install.yml @@ -28,4 +28,4 @@ - name: Ensure systemd reloaded after matrix-conduit.service installation ansible.builtin.systemd: daemon_reload: true - when: "matrix_conduit_systemd_service_result.changed|bool" + when: "matrix_conduit_systemd_service_result.changed | bool" diff --git a/roles/matrix-conduit/tasks/init.yml b/roles/matrix-conduit/tasks/init.yml index 11b53e79..5f464e40 100644 --- a/roles/matrix-conduit/tasks/init.yml +++ b/roles/matrix-conduit/tasks/init.yml @@ -2,4 +2,4 @@ - ansible.builtin.set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-conduit.service'] }}" - when: matrix_conduit_enabled|bool + when: matrix_conduit_enabled | bool diff --git a/roles/matrix-conduit/tasks/main.yml b/roles/matrix-conduit/tasks/main.yml index e264853e..c8862bd7 100644 --- a/roles/matrix-conduit/tasks/main.yml +++ b/roles/matrix-conduit/tasks/main.yml @@ -5,7 +5,7 @@ - always - import_tasks: "{{ role_path }}/tasks/conduit/setup.yml" - when: run_setup|bool + when: run_setup | bool tags: - setup-all - setup-conduit From 2ca5320371070823838a1891a1b477c869773838 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Sun, 7 Aug 2022 17:02:43 +0000 Subject: [PATCH 149/562] Update Cinny 2.0.4 -> 2.1.1 --- roles/matrix-client-cinny/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-cinny/defaults/main.yml b/roles/matrix-client-cinny/defaults/main.yml index efd88010..743dc077 100644 --- a/roles/matrix-client-cinny/defaults/main.yml +++ b/roles/matrix-client-cinny/defaults/main.yml @@ -6,7 +6,7 @@ matrix_client_cinny_enabled: true matrix_client_cinny_container_image_self_build: false matrix_client_cinny_container_image_self_build_repo: "https://github.com/ajbura/cinny.git" -matrix_client_cinny_version: v2.0.4 +matrix_client_cinny_version: v2.1.1 matrix_client_cinny_docker_image: "{{ matrix_client_cinny_docker_image_name_prefix }}ajbura/cinny:{{ matrix_client_cinny_version }}" matrix_client_cinny_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_cinny_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_cinny_docker_image_force_pull: "{{ matrix_client_cinny_docker_image.endswith(':latest') }}" From a54c06d1a7f22f3582afaad878bdc4821b21ef2f Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Sun, 7 Aug 2022 17:04:20 +0000 Subject: [PATCH 150/562] Update Jitsi stable-7439-2 -> stable-7577 --- roles/matrix-jitsi/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-jitsi/defaults/main.yml b/roles/matrix-jitsi/defaults/main.yml index 5546d19c..2bec0247 100644 --- a/roles/matrix-jitsi/defaults/main.yml +++ b/roles/matrix-jitsi/defaults/main.yml @@ -71,7 +71,7 @@ matrix_jitsi_jibri_recorder_password: '' matrix_jitsi_enable_lobby: false -matrix_jitsi_version: stable-7439-2 +matrix_jitsi_version: stable-7577 matrix_jitsi_container_image_tag: "{{ matrix_jitsi_version }}" # for backward-compatibility matrix_jitsi_web_docker_image: "{{ matrix_container_global_registry_prefix }}jitsi/web:{{ matrix_jitsi_container_image_tag }}" From 5023660f3aa89166b3ecc0f675ea7689e19a45ac Mon Sep 17 00:00:00 2001 From: ganyuke <95439147+ganyuke@users.noreply.github.com> Date: Mon, 8 Aug 2022 03:20:13 +0000 Subject: [PATCH 151/562] Use arm64 images for Cinny Cinny now builds arm64 docker images since [v2.0.4](https://hub.docker.com/layers/cinny/ajbura/cinny/v2.0.4/images/sha256-a7202136f8568eb0397a3d644725a8fb7dca230e08bcfc42040238bda0382057?context=explore). --- group_vars/matrix_servers | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index a89e2e9b..94a6e766 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -2164,7 +2164,7 @@ matrix_client_hydrogen_self_check_validate_certificates: "{{ false if matrix_ssl matrix_client_cinny_enabled: false -matrix_client_cinny_container_image_self_build: "{{ matrix_architecture != 'amd64' }}" +matrix_client_cinny_container_image_self_build: "{{ matrix_architecture not in ['arm64', 'amd64'] }}" # Normally, matrix-nginx-proxy is enabled and nginx can reach Cinny over the container network. # If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose From 7950d3425d847c55f63571f9cca6ac016b47addd Mon Sep 17 00:00:00 2001 From: JokerGermany <30293477+JokerGermany@users.noreply.github.com> Date: Mon, 8 Aug 2022 14:25:40 +0200 Subject: [PATCH 152/562] Update README.md --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index e30f9b54..56e3cc2d 100644 --- a/README.md +++ b/README.md @@ -47,6 +47,8 @@ Using this playbook, you can get the following services configured on your serve - (optional, advanced) the [Matrix Corporal](https://github.com/devture/matrix-corporal) reconciliator and gateway for a managed Matrix server +- (optional) the [mautrix-discord](https://github.com/mautrix/discord) bridge for bridging your Matrix server to [Discord](https://discord.com/) - see [docs/configuring-playbook-bridge-mautrix-discord.md](docs/configuring-playbook-bridge-mautrix-discord.md) for setup documentation + - (optional) the [mautrix-telegram](https://github.com/mautrix/telegram) bridge for bridging your Matrix server to [Telegram](https://telegram.org/) - (optional) the [mautrix-whatsapp](https://github.com/mautrix/whatsapp) bridge for bridging your Matrix server to [WhatsApp](https://www.whatsapp.com/) From cf5af86d92c8e7146cddb6db54b63e36143b1b6b Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Mon, 8 Aug 2022 15:21:23 +0000 Subject: [PATCH 153/562] Update Email2Matrix 1.0.3 -> 1.1.0 --- roles/matrix-email2matrix/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-email2matrix/defaults/main.yml b/roles/matrix-email2matrix/defaults/main.yml index 3084506f..b24cc76c 100644 --- a/roles/matrix-email2matrix/defaults/main.yml +++ b/roles/matrix-email2matrix/defaults/main.yml @@ -11,7 +11,7 @@ matrix_email2matrix_container_image_self_build: false matrix_email2matrix_container_image_self_build_repo: "https://github.com/devture/email2matrix.git" matrix_email2matrix_container_image_self_build_branch: "{{ matrix_email2matrix_version }}" -matrix_email2matrix_version: 1.0.3 +matrix_email2matrix_version: 1.1.0 matrix_email2matrix_docker_image_prefix: "{{ 'localhost/' if matrix_email2matrix_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_email2matrix_docker_image: "{{ matrix_email2matrix_docker_image_prefix }}devture/email2matrix:{{ matrix_email2matrix_version }}" matrix_email2matrix_docker_image_force_pull: "{{ matrix_email2matrix_docker_image.endswith(':latest') }}" From e74560c6efc556dfecdc6e83e77b3f2474626756 Mon Sep 17 00:00:00 2001 From: Charles Wright Date: Mon, 8 Aug 2022 22:08:09 -0500 Subject: [PATCH 154/562] Moved Conduit directory creation from setup.yml into setup_install.yml, as suggested by Slavi --- roles/matrix-conduit/tasks/conduit/setup.yml | 18 ------------------ .../tasks/conduit/setup_install.yml | 16 ++++++++++++++++ 2 files changed, 16 insertions(+), 18 deletions(-) diff --git a/roles/matrix-conduit/tasks/conduit/setup.yml b/roles/matrix-conduit/tasks/conduit/setup.yml index 9b3d4487..fa095f66 100644 --- a/roles/matrix-conduit/tasks/conduit/setup.yml +++ b/roles/matrix-conduit/tasks/conduit/setup.yml @@ -1,23 +1,5 @@ --- -- name: Ensure Conduit config path exists - ansible.builtin.file: - path: "{{ matrix_conduit_config_path }}" - state: directory - mode: 0750 - owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_groupname }}" - when: "matrix_conduit_enabled | bool" - -- name: Ensure Conduit data path exists - ansible.builtin.file: - path: "{{ matrix_conduit_data_path }}" - state: directory - mode: 0770 - owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_groupname }}" - when: "matrix_conduit_enabled | bool" - - import_tasks: "{{ role_path }}/tasks/conduit/setup_install.yml" when: "matrix_conduit_enabled | bool" diff --git a/roles/matrix-conduit/tasks/conduit/setup_install.yml b/roles/matrix-conduit/tasks/conduit/setup_install.yml index f86db34f..ac5be14d 100644 --- a/roles/matrix-conduit/tasks/conduit/setup_install.yml +++ b/roles/matrix-conduit/tasks/conduit/setup_install.yml @@ -10,6 +10,22 @@ delay: "{{ matrix_container_retries_delay }}" until: result is not failed +- name: Ensure Conduit config path exists + ansible.builtin.file: + path: "{{ matrix_conduit_config_path }}" + state: directory + mode: 0750 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + +- name: Ensure Conduit data path exists + ansible.builtin.file: + path: "{{ matrix_conduit_data_path }}" + state: directory + mode: 0770 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + - name: Ensure Conduit configuration installed ansible.builtin.template: src: "{{ role_path }}/templates/conduit/conduit.toml.j2" From 1aff2ca24799dafd28201f128a658e35377dd2a6 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 9 Aug 2022 10:54:39 +0300 Subject: [PATCH 155/562] Fix ansible-lint errors --- roles/matrix-conduit/defaults/main.yml | 2 +- roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/matrix-conduit/defaults/main.yml b/roles/matrix-conduit/defaults/main.yml index 9ee83282..25036939 100644 --- a/roles/matrix-conduit/defaults/main.yml +++ b/roles/matrix-conduit/defaults/main.yml @@ -4,7 +4,7 @@ matrix_conduit_enabled: true -matrix_conduit_docker_image: "{{ matrix_conduit_docker_image_name_prefix}}matrixconduit/matrix-conduit:{{ matrix_conduit_docker_image_tag }}" +matrix_conduit_docker_image: "{{ matrix_conduit_docker_image_name_prefix }}matrixconduit/matrix-conduit:{{ matrix_conduit_docker_image_tag }}" matrix_conduit_docker_image_name_prefix: "docker.io/" matrix_conduit_docker_image_tag: "v0.4.0" matrix_conduit_docker_image_force_pull: "{{ matrix_conduit_docker_image.endswith(':latest') }}" diff --git a/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml b/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml index 2f65e656..4d93e769 100644 --- a/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml +++ b/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml @@ -69,17 +69,17 @@ when: "not matrix_nginx_proxy_proxy_dendrite_enabled | bool" - name: Ensure Matrix nginx-proxy configuration for matrix-conduit exists - template: + ansible.builtin.template: src: "{{ role_path }}/templates/nginx/conf.d/matrix-conduit.conf.j2" dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-conduit.conf" mode: 0644 - when: matrix_nginx_proxy_proxy_conduit_enabled|bool + when: matrix_nginx_proxy_proxy_conduit_enabled | bool - name: Ensure Matrix nginx-proxy configuration for matrix-conduit deleted - file: + ansible.builtin.file: path: "{{ matrix_nginx_proxy_confd_path }}/matrix-conduit.conf" state: absent - when: "not matrix_nginx_proxy_proxy_conduit_enabled|bool" + when: "not matrix_nginx_proxy_proxy_conduit_enabled | bool" - name: Ensure Matrix nginx-proxy configuration for Element domain exists ansible.builtin.template: From 81f4e8cffb9d2e085840578631fa83b639e96d00 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 9 Aug 2022 11:37:57 +0300 Subject: [PATCH 156/562] Announce Conduit support Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2002 --- CHANGELOG.md | 17 +++++++++++++++++ README.md | 2 ++ docs/container-images.md | 4 +++- 3 files changed, 22 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c9f20ee3..fd5c2222 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,20 @@ +# 2022-08-09 + +## Conduit support + +Thanks to [Charles Wright](https://github.com/cvwright), we now have optional experimental [Conduit](https://conduit.rs) homeserver support for new installations. This comes as a follow-up to the playbook getting [Dendrite support](#dendrite-support) earlier this year. + +Existing Synapse or Dendrite installations do **not** need to be updated. **Synapse is still the default homeserver implementation** installed by the playbook. + +To try out Conduit, we recommend that you **use a new server** and the following `vars.yml` configuration: + +```yaml +matrix_homeserver_implementation: conduit +``` + +**The homeserver implementation of an existing server cannot be changed** (e.g. from Synapse or Dendrite to Conduit) without data loss. + + # 2022-07-29 ## mautrix-discord support diff --git a/README.md b/README.md index 56e3cc2d..225e3518 100644 --- a/README.md +++ b/README.md @@ -19,6 +19,8 @@ Using this playbook, you can get the following services configured on your serve - (optional, default) a [Synapse](https://github.com/matrix-org/synapse) homeserver - storing your data and managing your presence in the [Matrix](http://matrix.org/) network +- (optional) a [Conduit](https://conduit.rs) homeserver - storing your data and managing your presence in the [Matrix](http://matrix.org/) network. Conduit is a lightweight open-source server implementation of the Matrix Specification with a focus on easy setup and low system requirements + - (optional) a [Dendrite](https://github.com/matrix-org/dendrite) homeserver - storing your data and managing your presence in the [Matrix](http://matrix.org/) network. Dendrite is a second-generation Matrix homeserver written in Go, an alternative to Synapse. - (optional) [Amazon S3](https://aws.amazon.com/s3/) storage for Synapse's content repository (`media_store`) files using [Goofys](https://github.com/kahing/goofys) diff --git a/docs/container-images.md b/docs/container-images.md index 5f0ed0e0..762f3752 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -30,7 +30,9 @@ These services are not part of our default installation, but can be enabled by [ - [ma1uta/ma1sd](https://hub.docker.com/r/ma1uta/ma1sd/) - the [ma1sd](https://github.com/ma1uta/ma1sd) Matrix Identity server (optional) -- [matrixdotorg/dendrite-monolith](https://hub.docker.com/r/matrixdotorg/dendrite-monolith/) - the official [Dendrite](https://github.com/matrix-org/dendrite) Matrix homeserver (optional) +- [matrixconduit/matrix-conduit](https://hub.docker.com/r/matrixconduit/matrix-conduit) - the [Conduit](https://conduit.rs) Matrix homeserver (optional) + +- [matrixdotorg/dendrite-monolith](https://hub.docker.com/r/matrixdotorg/dendrite-monolith/) - the [Dendrite](https://github.com/matrix-org/dendrite) Matrix homeserver (optional) - [ewoutp/goofys](https://hub.docker.com/r/ewoutp/goofys/) - the [Goofys](https://github.com/kahing/goofys) Amazon [S3](https://aws.amazon.com/s3/) file-system-mounting program (optional) From dcb5a1370bb3fc158e4d37656d9fa29ff2230b18 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 9 Aug 2022 21:41:37 +0300 Subject: [PATCH 157/562] Upgrade Jitsi (stable-7577 -> stable-7577-1) --- roles/matrix-jitsi/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-jitsi/defaults/main.yml b/roles/matrix-jitsi/defaults/main.yml index 2bec0247..69f9aaa3 100644 --- a/roles/matrix-jitsi/defaults/main.yml +++ b/roles/matrix-jitsi/defaults/main.yml @@ -71,7 +71,7 @@ matrix_jitsi_jibri_recorder_password: '' matrix_jitsi_enable_lobby: false -matrix_jitsi_version: stable-7577 +matrix_jitsi_version: stable-7577-1 matrix_jitsi_container_image_tag: "{{ matrix_jitsi_version }}" # for backward-compatibility matrix_jitsi_web_docker_image: "{{ matrix_container_global_registry_prefix }}jitsi/web:{{ matrix_jitsi_container_image_tag }}" From aace9b131fde4f17c509cef9af320d5a3b133903 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 9 Aug 2022 19:59:34 +0000 Subject: [PATCH 158/562] Update Jitsi stable-7577-1 -> stable-7577-2 --- roles/matrix-jitsi/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-jitsi/defaults/main.yml b/roles/matrix-jitsi/defaults/main.yml index 69f9aaa3..806af6ff 100644 --- a/roles/matrix-jitsi/defaults/main.yml +++ b/roles/matrix-jitsi/defaults/main.yml @@ -71,7 +71,7 @@ matrix_jitsi_jibri_recorder_password: '' matrix_jitsi_enable_lobby: false -matrix_jitsi_version: stable-7577-1 +matrix_jitsi_version: stable-7577-2 matrix_jitsi_container_image_tag: "{{ matrix_jitsi_version }}" # for backward-compatibility matrix_jitsi_web_docker_image: "{{ matrix_container_global_registry_prefix }}jitsi/web:{{ matrix_jitsi_container_image_tag }}" From e637db348ad2820b3a98933b3760340af9b33620 Mon Sep 17 00:00:00 2001 From: Aine Date: Tue, 9 Aug 2022 23:45:10 +0300 Subject: [PATCH 159/562] mautrix-whatsapp config adjustements --- roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml | 5 +++++ .../templates/config.yaml.j2 | 8 ++++---- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml index 2bc34a91..d511452f 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml @@ -95,6 +95,11 @@ matrix_mautrix_whatsapp_bridge_encryption_allow: false matrix_mautrix_whatsapp_bridge_encryption_default: "{{ matrix_mautrix_whatsapp_bridge_encryption_allow }}" matrix_mautrix_whatsapp_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_whatsapp_bridge_encryption_allow }}" +matrix_mautrix_whatsapp_bridge_personal_filtering_spaces: true +matrix_mautrix_whatsapp_bridge_mute_bridging: true +matrix_mautrix_whatsapp_bridge_enable_status_broadcast: false +matrix_mautrix_whatsapp_bridge_allow_user_invite: true + matrix_mautrix_whatsapp_bridge_permissions: | {{ {matrix_mautrix_whatsapp_homeserver_domain: 'user'} diff --git a/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 index fab8d964..8073da65 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 @@ -92,7 +92,7 @@ bridge: displayname_template: "{{ '{{if .BusinessName}}{{.BusinessName}}{{else if .PushName}}{{.PushName}}{{else}}{{.JID}}{{end}} (WA)' }}" # Should the bridge create a space for each logged-in user and add bridged rooms to it? # Users who logged in before turning this on should run `!wa sync space` to create and fill the space for the first time. - personal_filtering_spaces: false + personal_filtering_spaces: {{ matrix_mautrix_whatsapp_bridge_personal_filtering_spaces | to_json }} # Should the bridge send a read receipt from the bridge bot when a message has been sent to WhatsApp? delivery_receipts: false # Whether the bridge should send the message status as a custom com.beeper.message_send_status event. @@ -232,7 +232,7 @@ bridge: # This field will automatically be changed back to false after it, except if the config file is not writable. resend_bridge_info: false # When using double puppeting, should muted chats be muted in Matrix? - mute_bridging: false + mute_bridging: {{ matrix_mautrix_whatsapp_bridge_mute_bridging | to_json }} # When using double puppeting, should archived chats be moved to a specific tag in Matrix? # Note that WhatsApp unarchives chats when a message is received, which will also be mirrored to Matrix. # This can be set to a tag (e.g. m.lowpriority), or null to disable. @@ -243,7 +243,7 @@ bridge: tag_only_on_create: true # Should WhatsApp status messages be bridged into a Matrix room? # Disabling this won't affect already created status broadcast rooms. - enable_status_broadcast: true + enable_status_broadcast: {{ matrix_mautrix_whatsapp_bridge_enable_status_broadcast | to_json }} # Should sending WhatsApp status messages be allowed? # This can cause issues if the user has lots of contacts, so it's disabled by default. disable_status_broadcast_send: true @@ -257,7 +257,7 @@ bridge: whatsapp_thumbnail: false # Allow invite permission for user. User can invite any bots to room with whatsapp # users (private chat and groups) - allow_user_invite: false + allow_user_invite: {{ matrix_mautrix_whatsapp_bridge_allow_user_invite | to_json }} # Whether or not created rooms should have federation enabled. # If false, created portal rooms will never be federated. federate_rooms: {{ matrix_mautrix_whatsapp_federate_rooms|to_json }} From f2d613dfeaaa51dfc972c944c74974fc698e1544 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 10 Aug 2022 14:16:44 +0300 Subject: [PATCH 160/562] Upgrade Coturn (4.5.2-r13 -> 4.5.2-r14) --- roles/matrix-coturn/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-coturn/defaults/main.yml b/roles/matrix-coturn/defaults/main.yml index e1a544ba..bc87d654 100644 --- a/roles/matrix-coturn/defaults/main.yml +++ b/roles/matrix-coturn/defaults/main.yml @@ -8,7 +8,7 @@ matrix_coturn_container_image_self_build_repo: "https://github.com/coturn/coturn matrix_coturn_container_image_self_build_repo_version: "docker/{{ matrix_coturn_version }}" matrix_coturn_container_image_self_build_repo_dockerfile_path: "docker/coturn/alpine/Dockerfile" -matrix_coturn_version: 4.5.2-r13 +matrix_coturn_version: 4.5.2-r14 matrix_coturn_docker_image: "{{ matrix_coturn_docker_image_name_prefix }}coturn/coturn:{{ matrix_coturn_version }}-alpine" matrix_coturn_docker_image_name_prefix: "{{ 'localhost/' if matrix_coturn_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_coturn_docker_image_force_pull: "{{ matrix_coturn_docker_image.endswith(':latest') }}" From 9ab6c99434a710e89d250a9e7d4817babbefc506 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 10 Aug 2022 14:38:35 +0300 Subject: [PATCH 161/562] Update changelog Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2012 --- CHANGELOG.md | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index fd5c2222..ffe7825e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,14 @@ +# 2022-08-10 + +## mautrix-whatsapp default configuration changes + +In [Pull Request #2012](https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2012), we've made some changes to the default configuration used by the `mautrix-whatsapp` bridge. + +If you're using this bridge, you should look into this PR and see if the new configuration suits you. If not, you can always change individual preferences in your `vars.yml` file. + +Most notably, spaces support has been enabled by default. The bridge will now group rooms into a Matrix space. **If you've already bridged to Whatsapp** prior to this update, you will need to send `!wa sync space` to the bridge bot to make it create the space and put your existing rooms into it. + + # 2022-08-09 ## Conduit support From 7b150fdb0441e2f9b9635ebb1c20aefe5558db08 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Wed, 10 Aug 2022 15:13:04 +0000 Subject: [PATCH 162/562] Update Grafana 9.0.6 -> 9.0.7 --- roles/matrix-grafana/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index fb166359..2f0de60d 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -5,7 +5,7 @@ matrix_grafana_enabled: false -matrix_grafana_version: 9.0.6 +matrix_grafana_version: 9.0.7 matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}" matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}" From 8d7c6d76fbafe899cd72621b47d9d68ca9f5d043 Mon Sep 17 00:00:00 2001 From: iambeingtracked <94642304+iambeingtracked@users.noreply.github.com> Date: Thu, 11 Aug 2022 13:07:20 +0300 Subject: [PATCH 163/562] Update configuring-playbook-client-element.md I think there should only be one '_' --- docs/configuring-playbook-client-element.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-client-element.md b/docs/configuring-playbook-client-element.md index 45299c55..2248327f 100644 --- a/docs/configuring-playbook-client-element.md +++ b/docs/configuring-playbook-client-element.md @@ -32,7 +32,7 @@ Alternatively, **if there is no pre-defined variable** for an Element setting yo ## Themes -To change the look of Element, you can define your own themes manually by using the `matrix_client_element__settingDefaults_custom_themes` setting. +To change the look of Element, you can define your own themes manually by using the `matrix_client_element_settingDefaults_custom_themes` setting. Or better yet, you can automatically pull it all themes provided by the [aaronraimist/element-themes](https://github.com/aaronraimist/element-themes) project by simply flipping a flag (`matrix_client_element_themes_enabled: true`). From 339c50c493a73407b526013cbce545cafc696c1c Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Thu, 11 Aug 2022 17:04:46 +0000 Subject: [PATCH 164/562] Update Cinny 2.1.1 -> 2.1.2 --- roles/matrix-client-cinny/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-cinny/defaults/main.yml b/roles/matrix-client-cinny/defaults/main.yml index 743dc077..1cb22cd1 100644 --- a/roles/matrix-client-cinny/defaults/main.yml +++ b/roles/matrix-client-cinny/defaults/main.yml @@ -6,7 +6,7 @@ matrix_client_cinny_enabled: true matrix_client_cinny_container_image_self_build: false matrix_client_cinny_container_image_self_build_repo: "https://github.com/ajbura/cinny.git" -matrix_client_cinny_version: v2.1.1 +matrix_client_cinny_version: v2.1.2 matrix_client_cinny_docker_image: "{{ matrix_client_cinny_docker_image_name_prefix }}ajbura/cinny:{{ matrix_client_cinny_version }}" matrix_client_cinny_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_cinny_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_cinny_docker_image_force_pull: "{{ matrix_client_cinny_docker_image.endswith(':latest') }}" From 7170545a5486a882a261b0772d281434626e8b3c Mon Sep 17 00:00:00 2001 From: kapcake Date: Thu, 11 Aug 2022 21:48:17 +0200 Subject: [PATCH 165/562] Update nginx-proxy: 1.23.0 -> 1.23.1 --- roles/matrix-nginx-proxy/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-nginx-proxy/defaults/main.yml b/roles/matrix-nginx-proxy/defaults/main.yml index 44cf8411..8cf24a22 100644 --- a/roles/matrix-nginx-proxy/defaults/main.yml +++ b/roles/matrix-nginx-proxy/defaults/main.yml @@ -1,7 +1,7 @@ --- # Project source code URL: https://github.com/nginx/nginx matrix_nginx_proxy_enabled: true -matrix_nginx_proxy_version: 1.23.0-alpine +matrix_nginx_proxy_version: 1.23.1-alpine # We use an official nginx image, which we fix-up to run unprivileged. # An alternative would be an `nginxinc/nginx-unprivileged` image, but From 7f20b453c3da48f81c897c9c024af538a8d3e10e Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Fri, 12 Aug 2022 04:37:45 +0000 Subject: [PATCH 166/562] Update Signal daeon 0.20.0 -> 0.21.0 There is no docker tag in UI, but it exists: ``` docker pull registry.gitlab.com/signald/signald:0.21.0 0.21.0: Pulling from signald/signald 2f42a0d7a7b7: Pull complete 81c2fb1b6074: Pull complete 7e8b9a51d6b6: Pull complete f6ed8fd77301: Pull complete 64e6fa036bdc: Pull complete 5e98b5369603: Pull complete f2a9b80dd9fc: Pull complete Digest: sha256:201cf93efba689aa0319d2a480deea8ffb7dcdfbda31ea45932fccf4c7626ab9 Status: Downloaded newer image for registry.gitlab.com/signald/signald:0.21.0 registry.gitlab.com/signald/signald:0.21.0 ``` --- roles/matrix-bridge-mautrix-signal/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-signal/defaults/main.yml b/roles/matrix-bridge-mautrix-signal/defaults/main.yml index bdef7fa5..4a9f9cfb 100644 --- a/roles/matrix-bridge-mautrix-signal/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-signal/defaults/main.yml @@ -10,7 +10,7 @@ matrix_mautrix_signal_docker_repo_version: "{{ 'master' if matrix_mautrix_signal matrix_mautrix_signal_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-signal/docker-src" matrix_mautrix_signal_version: v0.3.0 -matrix_mautrix_signal_daemon_version: 0.20.0 +matrix_mautrix_signal_daemon_version: 0.21.0 # See: https://mau.dev/mautrix/signal/container_registry matrix_mautrix_signal_docker_image: "dock.mau.dev/mautrix/signal:{{ matrix_mautrix_signal_version }}" matrix_mautrix_signal_docker_image_force_pull: "{{ matrix_mautrix_signal_docker_image.endswith(':latest') }}" From c9ce431b8c99bc71383f6a34299b4c4cb06e70cf Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Fri, 12 Aug 2022 04:45:48 +0000 Subject: [PATCH 167/562] Update Appservice Discord 1.0.0 -> 3.0.0 Ref: https://github.com/matrix-org/matrix-appservice-discord/pull/826 ``` docker pull ghcr.io/matrix-org/matrix-appservice-discord:v3.0.0 v3.0.0: Pulling from matrix-org/matrix-appservice-discord 751ef25978b2: Pull complete 16af4ec8b188: Pull complete 8c8f56f7dc53: Pull complete afa016f2f989: Pull complete 683e2bbbda4e: Pull complete fb056adbb1d6: Pull complete 716f59a72dc7: Pull complete d52c94fc1da3: Pull complete b7b9cd5ddbeb: Pull complete Digest: sha256:1009697517bfe07a0d2192cf3b982bc2dbe40829cedc82c100aef61f8a43e3de Status: Downloaded newer image for ghcr.io/matrix-org/matrix-appservice-discord:v3.0.0 ghcr.io/matrix-org/matrix-appservice-discord:v3.0.0 ``` --- roles/matrix-bridge-appservice-discord/defaults/main.yml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/roles/matrix-bridge-appservice-discord/defaults/main.yml b/roles/matrix-bridge-appservice-discord/defaults/main.yml index 9f6109ed..85aabce3 100644 --- a/roles/matrix-bridge-appservice-discord/defaults/main.yml +++ b/roles/matrix-bridge-appservice-discord/defaults/main.yml @@ -2,10 +2,12 @@ # matrix-appservice-discord is a Matrix <-> Discord bridge # Project source code URL: https://github.com/Half-Shot/matrix-appservice-discord -matrix_appservice_discord_enabled: true +matrix_appservice_discord_enabled: false +matrix_appservice_discord_container_image_self_build: false -matrix_appservice_discord_version: v1.0.0 -matrix_appservice_discord_docker_image: "{{ matrix_container_global_registry_prefix }}halfshot/matrix-appservice-discord:{{ matrix_appservice_discord_version }}" +matrix_appservice_discord_version: v3.0.0 +matrix_appservice_discord_docker_image: "{{ matrix_appservice_discord_docker_image_name_prefix }}matrix-org/matrix-appservice-discord:{{ matrix_appservice_discord_version }}" +matrix_appservice_discord_docker_image_name_prefix: "{{ 'localhost/' if matrix_appservice_discord_container_image_self_build else 'ghcr.io' }}" matrix_appservice_discord_docker_image_force_pull: "{{ matrix_appservice_discord_docker_image.endswith(':latest') }}" matrix_appservice_discord_base_path: "{{ matrix_base_data_path }}/appservice-discord" From 2c01c5bedf0d5b5dc9f3d00e1693b8ec99277386 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Fri, 12 Aug 2022 16:34:12 +0000 Subject: [PATCH 168/562] Update Jitsi stable-7577-2 -> stable-7648 --- roles/matrix-jitsi/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-jitsi/defaults/main.yml b/roles/matrix-jitsi/defaults/main.yml index 806af6ff..b1c81449 100644 --- a/roles/matrix-jitsi/defaults/main.yml +++ b/roles/matrix-jitsi/defaults/main.yml @@ -71,7 +71,7 @@ matrix_jitsi_jibri_recorder_password: '' matrix_jitsi_enable_lobby: false -matrix_jitsi_version: stable-7577-2 +matrix_jitsi_version: stable-7648 matrix_jitsi_container_image_tag: "{{ matrix_jitsi_version }}" # for backward-compatibility matrix_jitsi_web_docker_image: "{{ matrix_container_global_registry_prefix }}jitsi/web:{{ matrix_jitsi_container_image_tag }}" From e1e2615daf791049caff776728d66eba9ea94083 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 12 Aug 2022 19:54:10 +0300 Subject: [PATCH 169/562] Upgrade Dendrite (0.9.1 -> 0.9.2) --- roles/matrix-dendrite/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml index 476f86a2..d21f0ef0 100644 --- a/roles/matrix-dendrite/defaults/main.yml +++ b/roles/matrix-dendrite/defaults/main.yml @@ -6,7 +6,7 @@ matrix_dendrite_enabled: true matrix_dendrite_docker_image: "{{ matrix_dendrite_docker_image_name_prefix }}matrixdotorg/dendrite-monolith:{{ matrix_dendrite_docker_image_tag }}" matrix_dendrite_docker_image_name_prefix: "docker.io/" -matrix_dendrite_docker_image_tag: "v0.9.1" +matrix_dendrite_docker_image_tag: "v0.9.2" matrix_dendrite_docker_image_force_pull: "{{ matrix_dendrite_docker_image.endswith(':latest') }}" matrix_dendrite_base_path: "{{ matrix_base_data_path }}/dendrite" From f18555f7f9eaa0c28362ddb65d3df2437a66c9ba Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 12 Aug 2022 22:10:42 +0300 Subject: [PATCH 170/562] Fix typo breaking appservice-discord image pull Related to 69dce03 (PR #2019). Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2022 --- roles/matrix-bridge-appservice-discord/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-appservice-discord/defaults/main.yml b/roles/matrix-bridge-appservice-discord/defaults/main.yml index 85aabce3..4a3eddab 100644 --- a/roles/matrix-bridge-appservice-discord/defaults/main.yml +++ b/roles/matrix-bridge-appservice-discord/defaults/main.yml @@ -7,7 +7,7 @@ matrix_appservice_discord_container_image_self_build: false matrix_appservice_discord_version: v3.0.0 matrix_appservice_discord_docker_image: "{{ matrix_appservice_discord_docker_image_name_prefix }}matrix-org/matrix-appservice-discord:{{ matrix_appservice_discord_version }}" -matrix_appservice_discord_docker_image_name_prefix: "{{ 'localhost/' if matrix_appservice_discord_container_image_self_build else 'ghcr.io' }}" +matrix_appservice_discord_docker_image_name_prefix: "{{ 'localhost/' if matrix_appservice_discord_container_image_self_build else 'ghcr.io/' }}" matrix_appservice_discord_docker_image_force_pull: "{{ matrix_appservice_discord_docker_image.endswith(':latest') }}" matrix_appservice_discord_base_path: "{{ matrix_base_data_path }}/appservice-discord" From 12e423fb9d06cdfb84a057ffd15e54c760d9ee2b Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 15 Aug 2022 12:59:49 +0300 Subject: [PATCH 171/562] Upgrade Dendrite (0.9.2 -> 0.9.3) --- roles/matrix-dendrite/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml index d21f0ef0..16899af0 100644 --- a/roles/matrix-dendrite/defaults/main.yml +++ b/roles/matrix-dendrite/defaults/main.yml @@ -6,7 +6,7 @@ matrix_dendrite_enabled: true matrix_dendrite_docker_image: "{{ matrix_dendrite_docker_image_name_prefix }}matrixdotorg/dendrite-monolith:{{ matrix_dendrite_docker_image_tag }}" matrix_dendrite_docker_image_name_prefix: "docker.io/" -matrix_dendrite_docker_image_tag: "v0.9.2" +matrix_dendrite_docker_image_tag: "v0.9.3" matrix_dendrite_docker_image_force_pull: "{{ matrix_dendrite_docker_image.endswith(':latest') }}" matrix_dendrite_base_path: "{{ matrix_base_data_path }}/dendrite" From f99007975d3ff4558fd627a69adeb28ff2597993 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 16 Aug 2022 08:41:58 +0300 Subject: [PATCH 172/562] Upgrade ddclient (v3.9.1-ls94 -> v3.9.1-ls95) --- roles/matrix-dynamic-dns/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dynamic-dns/defaults/main.yml b/roles/matrix-dynamic-dns/defaults/main.yml index 2d15db6c..94d4907b 100644 --- a/roles/matrix-dynamic-dns/defaults/main.yml +++ b/roles/matrix-dynamic-dns/defaults/main.yml @@ -7,7 +7,7 @@ matrix_dynamic_dns_enabled: true # The dynamic dns daemon interval matrix_dynamic_dns_daemon_interval: '300' -matrix_dynamic_dns_version: v3.9.1-ls94 +matrix_dynamic_dns_version: v3.9.1-ls95 # The docker container to use when in mode matrix_dynamic_dns_docker_image: "{{ matrix_dynamic_dns_docker_image_name_prefix }}linuxserver/ddclient:{{ matrix_dynamic_dns_version }}" From 316ff365829a35cdf315b2ae4a41ecd42151b7c4 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 16 Aug 2022 15:36:01 +0000 Subject: [PATCH 173/562] Update Grafana 9.0.7 -> 9.1.0 --- roles/matrix-grafana/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index 2f0de60d..4782c662 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -5,7 +5,7 @@ matrix_grafana_enabled: false -matrix_grafana_version: 9.0.7 +matrix_grafana_version: 9.1.0 matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}" matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}" From f8cc48eaccb6acd5ba4631bc8cb25f111c5b71d0 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 16 Aug 2022 15:36:54 +0000 Subject: [PATCH 174/562] Update Prometheus 2.37.0 -> 2.38.0 --- roles/matrix-prometheus/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-prometheus/defaults/main.yml b/roles/matrix-prometheus/defaults/main.yml index 8f5c2148..002309ac 100644 --- a/roles/matrix-prometheus/defaults/main.yml +++ b/roles/matrix-prometheus/defaults/main.yml @@ -5,7 +5,7 @@ matrix_prometheus_enabled: false -matrix_prometheus_version: v2.37.0 +matrix_prometheus_version: v2.38.0 matrix_prometheus_docker_image: "{{ matrix_container_global_registry_prefix }}prom/prometheus:{{ matrix_prometheus_version }}" matrix_prometheus_docker_image_force_pull: "{{ matrix_prometheus_docker_image.endswith(':latest') }}" From 7f4200acc164d94d0bc0d449c7abca0b9d505b8c Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 16 Aug 2022 15:37:43 +0000 Subject: [PATCH 175/562] Update Element 1.11.2 -> 1.11.3 --- roles/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index 5cefc3e3..e462df8a 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -10,7 +10,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/vecto # - https://github.com/vector-im/element-web/issues/19544 matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" -matrix_client_element_version: v1.11.2 +matrix_client_element_version: v1.11.3 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" From a9bef3337dae2283b710ef6db04f1ef0e070d325 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 16 Aug 2022 20:04:34 +0300 Subject: [PATCH 176/562] Upgrade Synapse (v1.64.0 -> v1.65.0) --- roles/matrix-synapse/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 99ce80c0..c2ac00e2 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -9,7 +9,7 @@ matrix_synapse_container_image_self_build_repo: "https://github.com/matrix-org/s matrix_synapse_docker_image: "{{ matrix_synapse_docker_image_name_prefix }}matrixdotorg/synapse:{{ matrix_synapse_docker_image_tag }}" matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_container_image_self_build else matrix_container_global_registry_prefix }}" -matrix_synapse_version: v1.64.0 +matrix_synapse_version: v1.65.0 matrix_synapse_docker_image_tag: "{{ matrix_synapse_version }}" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" From 514f96a91486980949e83d15a814464bcafb4772 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 16 Aug 2022 17:38:05 +0000 Subject: [PATCH 177/562] Update mautrix-whastapp 0.6.0 -> 0.6.1 --- roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml index d511452f..821f3f28 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml @@ -8,7 +8,7 @@ matrix_mautrix_whatsapp_container_image_self_build: false matrix_mautrix_whatsapp_container_image_self_build_repo: "https://mau.dev/mautrix/whatsapp.git" matrix_mautrix_whatsapp_container_image_self_build_branch: "{{ 'master' if matrix_mautrix_whatsapp_version == 'latest' else matrix_mautrix_whatsapp_version }}" -matrix_mautrix_whatsapp_version: v0.6.0 +matrix_mautrix_whatsapp_version: v0.6.1 # See: https://mau.dev/mautrix/whatsapp/container_registry matrix_mautrix_whatsapp_docker_image: "{{ matrix_mautrix_whatsapp_docker_image_name_prefix }}mautrix/whatsapp:{{ matrix_mautrix_whatsapp_version }}" matrix_mautrix_whatsapp_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_whatsapp_container_image_self_build else 'dock.mau.dev/' }}" From eb54955d639fc2dc00cad68173bb260d4ab46826 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 17 Aug 2022 09:20:52 +0300 Subject: [PATCH 178/562] Revert "Update Jitsi stable-7577-2 -> stable-7648" This reverts commit 2c01c5bedf0d5b5dc9f3d00e1693b8ec99277386. Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2025 Related to https://github.com/jitsi/jitsi-meet/issues/12026 --- roles/matrix-jitsi/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-jitsi/defaults/main.yml b/roles/matrix-jitsi/defaults/main.yml index b1c81449..806af6ff 100644 --- a/roles/matrix-jitsi/defaults/main.yml +++ b/roles/matrix-jitsi/defaults/main.yml @@ -71,7 +71,7 @@ matrix_jitsi_jibri_recorder_password: '' matrix_jitsi_enable_lobby: false -matrix_jitsi_version: stable-7648 +matrix_jitsi_version: stable-7577-2 matrix_jitsi_container_image_tag: "{{ matrix_jitsi_version }}" # for backward-compatibility matrix_jitsi_web_docker_image: "{{ matrix_container_global_registry_prefix }}jitsi/web:{{ matrix_jitsi_container_image_tag }}" From 22db7914e5b5e2c7206d8f1e182c929aa6d7a61b Mon Sep 17 00:00:00 2001 From: Benjamin Castellan Date: Wed, 17 Aug 2022 13:34:33 +0200 Subject: [PATCH 179/562] added rc_invites configuration for synapse --- roles/matrix-synapse/defaults/main.yml | 13 +++++++++++++ .../templates/synapse/homeserver.yaml.j2 | 2 ++ 2 files changed, 15 insertions(+) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index c2ac00e2..3526cd15 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -142,6 +142,19 @@ matrix_synapse_rc_joins: per_second: 0.01 burst_count: 3 + +matrix_synapse_rc_invites: + per_room: + per_second: 0.5 + burst_count: 5 + per_user: + per_second: 0.004 + burst_count: 3 + per_issuer: + per_second: 0.5 + burst_count: 5 + + matrix_synapse_rc_federation: window_size: 1000 sleep_limit: 10 diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 index 5797f185..cb9b8585 100644 --- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -977,6 +977,8 @@ rc_joins: {{ matrix_synapse_rc_joins|to_json }} # per_second: 0.003 # burst_count: 5 # +rc_invites: {{ matrix_synapse_rc_invites|to_json }} + #rc_third_party_invite: # per_second: 0.2 # burst_count: 10 From 066aaf4ed1004b9fd62707e0b7b3cda51760956d Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Thu, 18 Aug 2022 15:05:22 +0000 Subject: [PATCH 180/562] Update Jitsi stable-7577-2 -> stable-7648-2 --- roles/matrix-jitsi/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-jitsi/defaults/main.yml b/roles/matrix-jitsi/defaults/main.yml index 806af6ff..57db192c 100644 --- a/roles/matrix-jitsi/defaults/main.yml +++ b/roles/matrix-jitsi/defaults/main.yml @@ -71,7 +71,7 @@ matrix_jitsi_jibri_recorder_password: '' matrix_jitsi_enable_lobby: false -matrix_jitsi_version: stable-7577-2 +matrix_jitsi_version: stable-7648-2 matrix_jitsi_container_image_tag: "{{ matrix_jitsi_version }}" # for backward-compatibility matrix_jitsi_web_docker_image: "{{ matrix_container_global_registry_prefix }}jitsi/web:{{ matrix_jitsi_container_image_tag }}" From 56497d6d8674593cba4788483c5ef9ab7e966708 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Fri, 19 Aug 2022 07:19:08 +0000 Subject: [PATCH 181/562] Update prometheus postgres exporter 0.11.0 -> 0.11.1 --- roles/matrix-prometheus-postgres-exporter/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-prometheus-postgres-exporter/defaults/main.yml b/roles/matrix-prometheus-postgres-exporter/defaults/main.yml index fbe16ca8..31ff8b8b 100644 --- a/roles/matrix-prometheus-postgres-exporter/defaults/main.yml +++ b/roles/matrix-prometheus-postgres-exporter/defaults/main.yml @@ -4,7 +4,7 @@ matrix_prometheus_postgres_exporter_enabled: false -matrix_prometheus_postgres_exporter_version: v0.11.0 +matrix_prometheus_postgres_exporter_version: v0.11.1 matrix_prometheus_postgres_exporter_port: 9187 matrix_prometheus_postgres_exporter_docker_image: "quay.io/prometheuscommunity/postgres-exporter:{{ matrix_prometheus_postgres_exporter_version }}" From f155d31224dca30e3b933b325282a09d6e726480 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 19 Aug 2022 15:19:43 +0300 Subject: [PATCH 182/562] Upgrade Dendrite (0.9.3 -> 0.9.4) --- roles/matrix-dendrite/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml index 16899af0..b2697858 100644 --- a/roles/matrix-dendrite/defaults/main.yml +++ b/roles/matrix-dendrite/defaults/main.yml @@ -6,7 +6,7 @@ matrix_dendrite_enabled: true matrix_dendrite_docker_image: "{{ matrix_dendrite_docker_image_name_prefix }}matrixdotorg/dendrite-monolith:{{ matrix_dendrite_docker_image_tag }}" matrix_dendrite_docker_image_name_prefix: "docker.io/" -matrix_dendrite_docker_image_tag: "v0.9.3" +matrix_dendrite_docker_image_tag: "v0.9.4" matrix_dendrite_docker_image_force_pull: "{{ matrix_dendrite_docker_image.endswith(':latest') }}" matrix_dendrite_base_path: "{{ matrix_base_data_path }}/dendrite" From 0158c854c6c9cfd41a1580495dfb827b40ec56cf Mon Sep 17 00:00:00 2001 From: Cody Wyatt Neiman Date: Fri, 19 Aug 2022 16:21:46 -0400 Subject: [PATCH 183/562] Update beeper-linkedin v0.5.2 -> v0.5.3 (repo change) --- roles/matrix-bridge-beeper-linkedin/defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-bridge-beeper-linkedin/defaults/main.yml b/roles/matrix-bridge-beeper-linkedin/defaults/main.yml index fc2cc898..cd9a5a4f 100644 --- a/roles/matrix-bridge-beeper-linkedin/defaults/main.yml +++ b/roles/matrix-bridge-beeper-linkedin/defaults/main.yml @@ -4,12 +4,12 @@ matrix_beeper_linkedin_enabled: true -matrix_beeper_linkedin_version: v0.5.2 +matrix_beeper_linkedin_version: v0.5.3 # See: https://gitlab.com/beeper/linkedin/container_registry matrix_beeper_linkedin_docker_image: "{{ matrix_beeper_linkedin_docker_image_name_prefix }}beeper/linkedin:{{ matrix_beeper_linkedin_docker_image_tag }}" matrix_beeper_linkedin_docker_image_force_pull: "{{ matrix_beeper_linkedin_docker_image_tag.startswith('latest') }}" -matrix_beeper_linkedin_docker_image_name_prefix: "{{ 'localhost/' if matrix_beeper_linkedin_container_image_self_build else 'registry.gitlab.com/' }}" +matrix_beeper_linkedin_docker_image_name_prefix: "{{ 'localhost/' if matrix_beeper_linkedin_container_image_self_build else 'ghcr.io/' }}" matrix_beeper_linkedin_docker_image_tag: "{{ 'latest' if matrix_beeper_linkedin_version == 'master' else matrix_beeper_linkedin_version }}-{{ matrix_architecture }}" matrix_beeper_linkedin_container_image_self_build: false From 3a09cbcbf9f78436871c9e1d99cab4db9209fa39 Mon Sep 17 00:00:00 2001 From: Cody Wyatt Neiman Date: Fri, 19 Aug 2022 16:28:29 -0400 Subject: [PATCH 184/562] Update beeper-linkedin URLs to the new GitHub repo --- README.md | 2 +- docs/configuring-playbook-bridge-beeper-linkedin.md | 4 ++-- roles/matrix-bridge-beeper-linkedin/defaults/main.yml | 6 +++--- roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml | 2 +- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 225e3518..4fa2e56a 100644 --- a/README.md +++ b/README.md @@ -67,7 +67,7 @@ Using this playbook, you can get the following services configured on your serve - (optional) the [mautrix-signal](https://github.com/mautrix/signal) bridge for bridging your Matrix server to [Signal](https://www.signal.org/) -- (optional) the [beeper-linkedin](https://gitlab.com/beeper/linkedin) bridge for bridging your Matrix server to [LinkedIn](https://www.linkedin.com/) +- (optional) the [beeper-linkedin](https://github.com/beeper/linkedin) bridge for bridging your Matrix server to [LinkedIn](https://www.linkedin.com/) - (optional) the [matrix-appservice-irc](https://github.com/matrix-org/matrix-appservice-irc) bridge for bridging your Matrix server to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) diff --git a/docs/configuring-playbook-bridge-beeper-linkedin.md b/docs/configuring-playbook-bridge-beeper-linkedin.md index bcc9d0f5..eac756e2 100644 --- a/docs/configuring-playbook-bridge-beeper-linkedin.md +++ b/docs/configuring-playbook-bridge-beeper-linkedin.md @@ -1,8 +1,8 @@ # Setting up Beeper Linkedin (optional) -The playbook can install and configure [beeper-linkedin](https://gitlab.com/beeper/linkedin) for you, for bridging to [LinkedIn](https://www.linkedin.com/) Messaging. This bridge is based on the mautrix-python framework and can be configured in a similar way to the other mautrix bridges +The playbook can install and configure [beeper-linkedin](https://github.com/beeper/linkedin) for you, for bridging to [LinkedIn](https://www.linkedin.com/) Messaging. This bridge is based on the mautrix-python framework and can be configured in a similar way to the other mautrix bridges -See the project's [documentation](https://gitlab.com/beeper/linkedin/-/blob/master/README.md) to learn what it does and why it might be useful to you. +See the project's [documentation](https://github.com/beeper/linkedin/blob/master/README.md) to learn what it does and why it might be useful to you. ```yaml matrix_beeper_linkedin_enabled: true diff --git a/roles/matrix-bridge-beeper-linkedin/defaults/main.yml b/roles/matrix-bridge-beeper-linkedin/defaults/main.yml index cd9a5a4f..2f11bf76 100644 --- a/roles/matrix-bridge-beeper-linkedin/defaults/main.yml +++ b/roles/matrix-bridge-beeper-linkedin/defaults/main.yml @@ -1,19 +1,19 @@ --- # beeper-linkedin is a Matrix <-> LinkedIn bridge -# Project source code URL: https://gitlab.com/beeper/linkedin +# Project source code URL: https://github.com/beeper/linkedin matrix_beeper_linkedin_enabled: true matrix_beeper_linkedin_version: v0.5.3 -# See: https://gitlab.com/beeper/linkedin/container_registry +# See: https://github.com/beeper/linkedin/pkgs/container/linkedin matrix_beeper_linkedin_docker_image: "{{ matrix_beeper_linkedin_docker_image_name_prefix }}beeper/linkedin:{{ matrix_beeper_linkedin_docker_image_tag }}" matrix_beeper_linkedin_docker_image_force_pull: "{{ matrix_beeper_linkedin_docker_image_tag.startswith('latest') }}" matrix_beeper_linkedin_docker_image_name_prefix: "{{ 'localhost/' if matrix_beeper_linkedin_container_image_self_build else 'ghcr.io/' }}" matrix_beeper_linkedin_docker_image_tag: "{{ 'latest' if matrix_beeper_linkedin_version == 'master' else matrix_beeper_linkedin_version }}-{{ matrix_architecture }}" matrix_beeper_linkedin_container_image_self_build: false -matrix_beeper_linkedin_container_image_self_build_repo: "https://gitlab.com/beeper/linkedin" +matrix_beeper_linkedin_container_image_self_build_repo: "https://github.com/beeper/linkedin" matrix_beeper_linkedin_container_image_self_build_branch: "{{ matrix_beeper_linkedin_version }}" matrix_beeper_linkedin_base_path: "{{ matrix_base_data_path }}/beeper-linkedin" diff --git a/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml b/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml index 9df4d75b..f1d7e8fd 100644 --- a/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml +++ b/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml @@ -46,7 +46,7 @@ register: matrix_beeper_linkedin_git_pull_results # Building the container image (using the default Dockerfile) requires that a docker-requirements.txt file be generated. - # See: https://gitlab.com/beeper/linkedin/-/blob/94442db17ccb9769b377cdb8e4bf1cb3955781d7/.gitlab-ci.yml#L30-40 + # See: https://github.com/beeper/linkedin/blob/94442db17ccb9769b377cdb8e4bf1cb3955781d7/.gitlab-ci.yml#L30-40 - name: Ensure docker-requirements.txt is generated before building Beeper LinkedIn Docker Image ansible.builtin.command: cmd: | From 93612d650872cf032624c4247837adcc98224bb6 Mon Sep 17 00:00:00 2001 From: Cody Wyatt Neiman Date: Sat, 20 Aug 2022 01:07:32 -0400 Subject: [PATCH 185/562] Fix: beeper-linkedin architecture no longer used in tag --- roles/matrix-bridge-beeper-linkedin/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-beeper-linkedin/defaults/main.yml b/roles/matrix-bridge-beeper-linkedin/defaults/main.yml index 2f11bf76..4f3d554b 100644 --- a/roles/matrix-bridge-beeper-linkedin/defaults/main.yml +++ b/roles/matrix-bridge-beeper-linkedin/defaults/main.yml @@ -10,7 +10,7 @@ matrix_beeper_linkedin_version: v0.5.3 matrix_beeper_linkedin_docker_image: "{{ matrix_beeper_linkedin_docker_image_name_prefix }}beeper/linkedin:{{ matrix_beeper_linkedin_docker_image_tag }}" matrix_beeper_linkedin_docker_image_force_pull: "{{ matrix_beeper_linkedin_docker_image_tag.startswith('latest') }}" matrix_beeper_linkedin_docker_image_name_prefix: "{{ 'localhost/' if matrix_beeper_linkedin_container_image_self_build else 'ghcr.io/' }}" -matrix_beeper_linkedin_docker_image_tag: "{{ 'latest' if matrix_beeper_linkedin_version == 'master' else matrix_beeper_linkedin_version }}-{{ matrix_architecture }}" +matrix_beeper_linkedin_docker_image_tag: "{{ 'latest' if matrix_beeper_linkedin_version == 'master' else matrix_beeper_linkedin_version }}" matrix_beeper_linkedin_container_image_self_build: false matrix_beeper_linkedin_container_image_self_build_repo: "https://github.com/beeper/linkedin" From 7be2b776e4de9a46c1c6732bad46af1002758a67 Mon Sep 17 00:00:00 2001 From: Dennis Ciba Date: Sat, 20 Aug 2022 11:47:14 +0200 Subject: [PATCH 186/562] Create dedicated doc page on obtaining access tokens --- docs/configuring-playbook-bot-go-neb.md | 15 +----- ...ng-playbook-bot-matrix-registration-bot.md | 9 +--- docs/configuring-playbook-bot-maubot.md | 8 +-- docs/configuring-playbook-bot-mjolnir.md | 12 +---- ...ng-playbook-bridge-appservice-kakaotalk.md | 8 +-- ...iguring-playbook-bridge-mautrix-discord.md | 8 +-- ...guring-playbook-bridge-mautrix-facebook.md | 8 +-- ...ring-playbook-bridge-mautrix-googlechat.md | 8 +-- ...guring-playbook-bridge-mautrix-hangouts.md | 8 +-- ...figuring-playbook-bridge-mautrix-signal.md | 8 +-- ...guring-playbook-bridge-mautrix-telegram.md | 8 +-- ...guring-playbook-bridge-mautrix-whatsapp.md | 8 +-- docs/configuring-playbook-dimension.md | 22 +-------- docs/configuring-playbook-email2matrix.md | 13 +---- docs/maintenance-synapse.md | 9 +--- docs/obtaining-access-tokens.md | 49 +++++++++++++++++++ docs/updating-users-passwords.md | 2 +- 17 files changed, 65 insertions(+), 138 deletions(-) create mode 100644 docs/obtaining-access-tokens.md diff --git a/docs/configuring-playbook-bot-go-neb.md b/docs/configuring-playbook-bot-go-neb.md index 33ce4dd3..6ec2056c 100644 --- a/docs/configuring-playbook-bot-go-neb.md +++ b/docs/configuring-playbook-bot-go-neb.md @@ -21,20 +21,7 @@ You can use the playbook to [register a new user](registering-users.md): ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=bot.go-neb password=PASSWORD_FOR_THE_BOT admin=no' --tags=register-user ``` - -## Getting an access token - -If you use curl, you can get an access token like this: - -``` -curl -X POST --header 'Content-Type: application/json' -d '{ - "identifier": { "type": "m.id.user", "user": "bot.go-neb" }, - "password": "a strong password", - "type": "m.login.password" -}' 'https://matrix.YOURDOMAIN/_matrix/client/r0/login' -``` - -Alternatively, you can use a full-featured client (such as Element) to log in and get the access token from there (note: don't log out from the client as that will invalidate the token), but doing so might lead to decryption problems. That warning comes from [here](https://github.com/matrix-org/go-neb#quick-start). +Once the user is created you can [obtain an access token](obtaining-access-tokens.md). ## Adjusting the playbook configuration diff --git a/docs/configuring-playbook-bot-matrix-registration-bot.md b/docs/configuring-playbook-bot-matrix-registration-bot.md index c47d5bfd..739f0869 100644 --- a/docs/configuring-playbook-bot-matrix-registration-bot.md +++ b/docs/configuring-playbook-bot-matrix-registration-bot.md @@ -26,14 +26,7 @@ Choose a strong password for the bot. You can generate a good password with a co ## Obtaining an admin access token -In order to use the bot you need to add an admin user's access token token to the configuration. As you created an admin user for the -bot, it is recommended to obtain an access token by logging into Element/Schildichat with the bot account -(using the password you set) and navigate to `Settings->Help&About` and scroll to the bottom. -You can expand "Access token" to copy it. - -![Obatining an admin access token with Element](assets/obtain_admin_access_token_element.png) - -**IMPORTANT**: once you copy the token, just close the Matrix client window/tab. Do not "log out", as that would invalidate the token. +In order to use the bot you need to add an admin user's access token token to the configuration. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md). ## Adjusting the playbook configuration diff --git a/docs/configuring-playbook-bot-maubot.md b/docs/configuring-playbook-bot-maubot.md index d5990a11..1a6636d7 100644 --- a/docs/configuring-playbook-bot-maubot.md +++ b/docs/configuring-playbook-bot-maubot.md @@ -54,10 +54,4 @@ Choose a strong password for the bot. You can generate a good password with a co ## Obtaining an admin access token -This can be done via `mbc auth` (see the [maubot documentation](https://docs.mau.fi/maubot/usage/cli/auth.html)) or by logging into Element/Schildichat with the bot account -(using the password you set) and navigate to `Settings->Help&About` and scroll to the bottom. -You can expand "Access token" to copy it. - -![Obatining an admin access token with Element](assets/obtain_admin_access_token_element.png) - -**IMPORTANT**: once you copy the token, just close the Matrix client window/tab. Do not "log out", as that would invalidate the token. +This can be done via `mbc auth` (see the [maubot documentation](https://docs.mau.fi/maubot/usage/cli/auth.html)). Alternatively, use Element or curl to [obtain an access token](obtaining-access-tokens.md). diff --git a/docs/configuring-playbook-bot-mjolnir.md b/docs/configuring-playbook-bot-mjolnir.md index 5ddb2ad3..20760d5e 100644 --- a/docs/configuring-playbook-bot-mjolnir.md +++ b/docs/configuring-playbook-bot-mjolnir.md @@ -24,17 +24,7 @@ If you would like Mjolnir to be able to deactivate users, move aliases, shutdown ## 2. Get an access token -If you use curl, you can get an access token like this: - -``` -curl -X POST --header 'Content-Type: application/json' -d '{ - "identifier": { "type": "m.id.user", "user": "bot.mjolnir" }, - "password": "PASSWORD_FOR_THE_BOT", - "type": "m.login.password" -}' 'https://matrix.DOMAIN/_matrix/client/r0/login' -``` - -Alternatively, you can use a full-featured client (such as Element) to log in and get the access token from there (note: don't log out from the client as that will invalidate the token). +Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md). ## 3. Make sure the account is free from rate limiting diff --git a/docs/configuring-playbook-bridge-appservice-kakaotalk.md b/docs/configuring-playbook-bridge-appservice-kakaotalk.md index 9ea7a3d1..127f18f4 100644 --- a/docs/configuring-playbook-bridge-appservice-kakaotalk.md +++ b/docs/configuring-playbook-bridge-appservice-kakaotalk.md @@ -46,13 +46,7 @@ This is the recommended way of setting up Double Puppeting, as it's easier to ac When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps: -- retrieve a Matrix access token for yourself. You can use the following command: - -``` -curl \ ---data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME" }, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Appservice-Kakaotalk", "initial_device_display_name": "Appservice-Kakaotalk"}' \ -https://matrix.DOMAIN/_matrix/client/r0/login -``` +- retrieve a Matrix access token for yourself. Refer to the documentation on [how to do that](obtaining-access-tokens.md). - send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE` diff --git a/docs/configuring-playbook-bridge-mautrix-discord.md b/docs/configuring-playbook-bridge-mautrix-discord.md index 517fd9b4..9fbf1424 100644 --- a/docs/configuring-playbook-bridge-mautrix-discord.md +++ b/docs/configuring-playbook-bridge-mautrix-discord.md @@ -60,13 +60,7 @@ This is the recommended way of setting up Double Puppeting, as it's easier to ac When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps: -- retrieve a Matrix access token for yourself. You can use the following command: - -``` -curl \ ---data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME" }, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Discord", "initial_device_display_name": "Mautrix-Discord"}' \ -https://matrix.DOMAIN/_matrix/client/r0/login -``` +- retrieve a Matrix access token for yourself. Refer to the documentation on [how to do that](obtaining-access-tokens.md). - send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE` diff --git a/docs/configuring-playbook-bridge-mautrix-facebook.md b/docs/configuring-playbook-bridge-mautrix-facebook.md index 4429f004..d74ec2a3 100644 --- a/docs/configuring-playbook-bridge-mautrix-facebook.md +++ b/docs/configuring-playbook-bridge-mautrix-facebook.md @@ -58,13 +58,7 @@ This is the recommended way of setting up Double Puppeting, as it's easier to ac When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps: -- retrieve a Matrix access token for yourself. You can use the following command: - -``` -curl \ ---data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME" }, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Facebook", "initial_device_display_name": "Mautrix-Facebook"}' \ -https://matrix.DOMAIN/_matrix/client/r0/login -``` +- retrieve a Matrix access token for yourself. Refer to the documentation on [how to do that](obtaining-access-tokens.md). - send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE` diff --git a/docs/configuring-playbook-bridge-mautrix-googlechat.md b/docs/configuring-playbook-bridge-mautrix-googlechat.md index 381d1f29..6527294b 100644 --- a/docs/configuring-playbook-bridge-mautrix-googlechat.md +++ b/docs/configuring-playbook-bridge-mautrix-googlechat.md @@ -29,13 +29,7 @@ This is the recommended way of setting up Double Puppeting, as it's easier to ac When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps: -- retrieve a Matrix access token for yourself. You can use the following command: - -``` -curl \ ---data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME" }, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-googlechat", "initial_device_display_name": "Mautrix-googlechat"}' \ -https://matrix.DOMAIN/_matrix/client/r0/login -``` +- retrieve a Matrix access token for yourself. Refer to the documentation on [how to do that](obtaining-access-tokens.md). - send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE` diff --git a/docs/configuring-playbook-bridge-mautrix-hangouts.md b/docs/configuring-playbook-bridge-mautrix-hangouts.md index f6129777..49dad027 100644 --- a/docs/configuring-playbook-bridge-mautrix-hangouts.md +++ b/docs/configuring-playbook-bridge-mautrix-hangouts.md @@ -31,13 +31,7 @@ This is the recommended way of setting up Double Puppeting, as it's easier to ac When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps: -- retrieve a Matrix access token for yourself. You can use the following command: - -``` -curl \ ---data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME" }, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Hangouts", "initial_device_display_name": "Mautrix-Hangouts"}' \ -https://matrix.DOMAIN/_matrix/client/r0/login -``` +- retrieve a Matrix access token for yourself. Refer to the documentation on [how to do that](obtaining-access-tokens.md). - send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE` diff --git a/docs/configuring-playbook-bridge-mautrix-signal.md b/docs/configuring-playbook-bridge-mautrix-signal.md index f47640b9..403177e6 100644 --- a/docs/configuring-playbook-bridge-mautrix-signal.md +++ b/docs/configuring-playbook-bridge-mautrix-signal.md @@ -73,13 +73,7 @@ This is the recommended way of setting up Double Puppeting, as it's easier to ac When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps: -- retrieve a Matrix access token for yourself. You can use the following command: - -``` -curl \ ---data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME" }, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Signal", "initial_device_display_name": "Mautrix-Signal"}' \ -https://matrix.DOMAIN/_matrix/client/r0/login -``` +- retrieve a Matrix access token for yourself. Refer to the documentation on [how to do that](obtaining-access-tokens.md). - send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE` diff --git a/docs/configuring-playbook-bridge-mautrix-telegram.md b/docs/configuring-playbook-bridge-mautrix-telegram.md index 924de8ca..08ee83cc 100644 --- a/docs/configuring-playbook-bridge-mautrix-telegram.md +++ b/docs/configuring-playbook-bridge-mautrix-telegram.md @@ -28,13 +28,7 @@ This is the recommended way of setting up Double Puppeting, as it's easier to ac When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps: -- retrieve a Matrix access token for yourself. You can use the following command: - -``` -curl \ ---data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME" }, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Telegram", "initial_device_display_name": "Mautrix-Telegram"}' \ -https://matrix.DOMAIN/_matrix/client/r0/login -``` +- retrieve a Matrix access token for yourself. Refer to the documentation on [how to do that](obtaining-access-tokens.md). - send `login-matrix` to the bot and follow instructions about how to send the access token to it diff --git a/docs/configuring-playbook-bridge-mautrix-whatsapp.md b/docs/configuring-playbook-bridge-mautrix-whatsapp.md index 2af38be1..8ae6e5a0 100644 --- a/docs/configuring-playbook-bridge-mautrix-whatsapp.md +++ b/docs/configuring-playbook-bridge-mautrix-whatsapp.md @@ -44,13 +44,7 @@ This is the recommended way of setting up Double Puppeting, as it's easier to ac When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps: -- retrieve a Matrix access token for yourself. You can use the following command: - -``` -curl \ ---data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME" }, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Whatsapp", "initial_device_display_name": "Mautrix-Whatsapp"}' \ -https://matrix.DOMAIN/_matrix/client/r0/login -``` +- retrieve a Matrix access token for yourself. Refer to the documentation on [how to do that](obtaining-access-tokens.md). - send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE` diff --git a/docs/configuring-playbook-dimension.md b/docs/configuring-playbook-dimension.md index 73a7fc0e..b97be764 100644 --- a/docs/configuring-playbook-dimension.md +++ b/docs/configuring-playbook-dimension.md @@ -39,27 +39,7 @@ We recommend that you create a dedicated Matrix user for Dimension (`dimension` Follow our [Registering users](registering-users.md) guide to learn how to register **a regular (non-admin) user**. You are required to specify an access token (belonging to this new user) for Dimension to work. -To get an access token for the Dimension user, you can follow one of two options: - -*Through an interactive login*: - -1. In a private browsing session (incognito window), open Element. -1. Log in with the `dimension` user and its password. -1. Set the display name and avatar, if required. -1. In the settings page choose "Help & About", scroll down to the bottom and expand the `Access Token` section. -1. Copy the access token to your configuration. -1. Close the private browsing session. **Do not log out**. Logging out will invalidate the token, making it not work. - -*With CURL* - -``` -curl -X POST --header 'Content-Type: application/json' -d '{ - "identifier": { "type": "m.id.user", "user": "YourDimensionUsername" }, - "password": "YourDimensionPassword", - "type": "m.login.password" -}' 'https://matrix.YOURDOMAIN/_matrix/client/r0/login' -``` -*Change `YourDimensionUsername`, `YourDimensionPassword`, and `YOURDOMAIN` accordingly.* +To get an access token for the Dimension user, you can follow the documentation on [how to do obtain an access token](obtaining-access-tokens.md). **Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.** diff --git a/docs/configuring-playbook-email2matrix.md b/docs/configuring-playbook-email2matrix.md index 510a9dcc..e1557d13 100644 --- a/docs/configuring-playbook-email2matrix.md +++ b/docs/configuring-playbook-email2matrix.md @@ -34,18 +34,7 @@ You'll need the room id when doing [Configuration](#configuration) below. ### Obtaining an access token for the sender user -In order for the sender user created above to be able to send messages to the room, we'll need to obtain an access token for it. - -To do this, you can execute a command like this: - -``` -curl \ ---data '{"identifier": {"type": "m.id.user", "user": "email2matrix" }, "password": "MATRIX_PASSWORD_FOR_THE_USER", "type": "m.login.password", "device_id": "Email2Matrix", "initial_device_display_name": "Email2Matrix"}' \ -https://matrix.DOMAIN/_matrix/client/r0/login -``` - -Take note of the `access_token` value. You'll need the access token when doing [Configuration](#configuration) below. - +In order for the sender user created above to be able to send messages to the room, we'll need to obtain an access token for it. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md). ## Configuration diff --git a/docs/maintenance-synapse.md b/docs/maintenance-synapse.md index 9727f450..a51811ff 100644 --- a/docs/maintenance-synapse.md +++ b/docs/maintenance-synapse.md @@ -16,14 +16,7 @@ Table of contents: You can use the **[Purge History API](https://github.com/matrix-org/synapse/blob/master/docs/admin_api/purge_history_api.md)** to delete old messages on a per-room basis. **This is destructive** (especially for non-federated rooms), because it means **people will no longer have access to history past a certain point**. -To make use of this API, **you'll need an admin access token** first. You can find your access token in the setting of some clients (like Element). -Alternatively, you can log in and obtain a new access token like this: - -``` -curl \ ---data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME" }, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Synapse-Purge-History-API"}' \ -https://matrix.DOMAIN/_matrix/client/r0/login -``` +To make use of this API, **you'll need an admin access token** first. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md). Synapse's Admin API is not exposed to the internet by default. To expose it you will need to add `matrix_nginx_proxy_proxy_matrix_client_api_forwarded_location_synapse_admin_api_enabled: true` to your `vars.yml` file. diff --git a/docs/obtaining-access-tokens.md b/docs/obtaining-access-tokens.md new file mode 100644 index 00000000..021d8589 --- /dev/null +++ b/docs/obtaining-access-tokens.md @@ -0,0 +1,49 @@ +# Obtaining an Access Token + +When setting up some optional features like bots and bridges you will need to provide an access token for some user. This document provides documentation on how to obtain such an access token. + +**Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.** + +## Prerequisites + +The user for whom you want to obtain an access token needs to already exist. You can use this playbook to [register a new user](registering-users.md), if you have not already. + +There are two ways to generate an access token for a user, either using [Element](#obtain-an-access-token-via-element) or [curl](#obtain-an-access-token-via-curl). For both ways you need the user's password. + +## Obtain an access token via element + +1. In a private browsing session (incognito window), open Element. +1. Log in with the user's credentials. +1. In the settings page, choose "Help & About", scroll down to the bottom and expand the `Access Token` section (see screenshot below). +1. Copy the access token to your configuration. +1. Close the private browsing session. **Do not log out**. Logging out will invalidate the token, making it not work. + +![Obtaining an access token with Element](assets/obtain_admin_access_token_element.png) + + +## Obtain an access token via curl + +You can use the following command to get an access token for your user directly from the [Matrix Client-Server API](https://www.matrix.org/docs/guides/client-server-api#login): + +``` +curl -XPOST -d '{ + "identifier": { "type": "m.id.user", "user": "USERNAME" }, + "password": "PASSWORD", + "type": "m.login.password" + "device_id": "YOURDEVICEID" +}' 'https://matrix.YOURDOMAIN/_matrix/client/r0/login' +``` +Change `USERNAME`, `PASSWORD`, and `YOURDOMAIN` accordingly. + +`YOURDEVICEID` is optional and can be used to more easily identify the session later. When omitted, a random ID will be generated. + +Your response will look like this (prettified): + +``` +{ + "user_id":"@USERNAME:YOURDOMAIN", + "access_token":">>>YOUR_ACCESS_TOKEN_IS_HERE<<<", + "home_server":"YOURDOMAIN", + "device_id":"YOURDEVICEID" +} +``` diff --git a/docs/updating-users-passwords.md b/docs/updating-users-passwords.md index 7d2f2832..2ea20d2f 100644 --- a/docs/updating-users-passwords.md +++ b/docs/updating-users-passwords.md @@ -34,7 +34,7 @@ where `` is the hash returned by the docker command above. Use the Synapse User Admin API as described here: https://github.com/matrix-org/synapse/blob/master/docs/admin_api/user_admin_api.rst#reset-password -This requires an access token from a server admin account. *This method will also log the user out of all of their clients while the other options do not.* +This requires an [access token](obtaining-access-tokens.md) from a server admin account. *This method will also log the user out of all of their clients while the other options do not.* If you didn't make your account a server admin when you created it, you can use the `/usr/local/bin/matrix-change-user-admin-status` script as described in [registering-users.md](registering-users.md). From eb8551be190359a6ee9b0e8f3123592bed3c0ea7 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sun, 21 Aug 2022 10:07:22 +0300 Subject: [PATCH 187/562] Improve wording and fix syntax trouble --- docs/obtaining-access-tokens.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/obtaining-access-tokens.md b/docs/obtaining-access-tokens.md index 021d8589..7db2ef1b 100644 --- a/docs/obtaining-access-tokens.md +++ b/docs/obtaining-access-tokens.md @@ -8,9 +8,9 @@ When setting up some optional features like bots and bridges you will need to pr The user for whom you want to obtain an access token needs to already exist. You can use this playbook to [register a new user](registering-users.md), if you have not already. -There are two ways to generate an access token for a user, either using [Element](#obtain-an-access-token-via-element) or [curl](#obtain-an-access-token-via-curl). For both ways you need the user's password. +Below, we describe 2 ways to generate an access token for a user - using [Element](#obtain-an-access-token-via-element) or [curl](#obtain-an-access-token-via-curl). For both ways you need the user's password. -## Obtain an access token via element +## Obtain an access token via Element 1. In a private browsing session (incognito window), open Element. 1. Log in with the user's credentials. @@ -29,13 +29,13 @@ You can use the following command to get an access token for your user directly curl -XPOST -d '{ "identifier": { "type": "m.id.user", "user": "USERNAME" }, "password": "PASSWORD", - "type": "m.login.password" + "type": "m.login.password", "device_id": "YOURDEVICEID" }' 'https://matrix.YOURDOMAIN/_matrix/client/r0/login' ``` Change `USERNAME`, `PASSWORD`, and `YOURDOMAIN` accordingly. -`YOURDEVICEID` is optional and can be used to more easily identify the session later. When omitted, a random ID will be generated. +`YOURDEVICEID` is optional and can be used to more easily identify the session later. When omitted (mind the commas in the JSON payload if you'll be omitting it), a random device ID will be generated. Your response will look like this (prettified): From fe20c5e0a8d1f95bdb7661d71eab01ad9f37ef20 Mon Sep 17 00:00:00 2001 From: TheOneWithTheBraid Date: Sun, 21 Aug 2022 11:04:47 +0200 Subject: [PATCH 188/562] feat: include matrix_ldap_registration_proxy Fixes: #1144 Signed-off-by: TheOneWithTheBraid --- .../defaults/main.yml | 47 ++++++++++++++ .../tasks/init.yml | 11 ++++ .../tasks/main.yml | 30 +++++++++ ...f_check_matrix_ldap_registration_proxy.yml | 22 +++++++ .../tasks/setup_install.yml | 63 +++++++++++++++++++ .../tasks/setup_uninstall.yml | 36 +++++++++++ .../tasks/validate_config.yml | 0 .../templates/ldap-registration-proxy.env.j2 | 32 ++++++++++ .../matrix-ldap-registration-proxy.service.j2 | 43 +++++++++++++ .../vars/main.yml | 5 ++ 10 files changed, 289 insertions(+) create mode 100644 roles/matrix-ldap-registration-proxy/defaults/main.yml create mode 100644 roles/matrix-ldap-registration-proxy/tasks/init.yml create mode 100644 roles/matrix-ldap-registration-proxy/tasks/main.yml create mode 100644 roles/matrix-ldap-registration-proxy/tasks/self_check_matrix_ldap_registration_proxy.yml create mode 100644 roles/matrix-ldap-registration-proxy/tasks/setup_install.yml create mode 100644 roles/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml create mode 100644 roles/matrix-ldap-registration-proxy/tasks/validate_config.yml create mode 100644 roles/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 create mode 100644 roles/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 create mode 100644 roles/matrix-ldap-registration-proxy/vars/main.yml diff --git a/roles/matrix-ldap-registration-proxy/defaults/main.yml b/roles/matrix-ldap-registration-proxy/defaults/main.yml new file mode 100644 index 00000000..5516f4f9 --- /dev/null +++ b/roles/matrix-ldap-registration-proxy/defaults/main.yml @@ -0,0 +1,47 @@ +--- +# matrix_ldap_registration_proxy - Want to build a large-scale Matrix server using external registration on LDAP? +# Project source code URL: https://gitlab.com/activism.international/matrix_ldap_registration_proxy + +matrix_ldap_registration_proxy_enabled: false + +matrix_ldap_registration_proxy_container_image_self_build_repo: "https://gitlab.com/activism.international/matrix_ldap_registration_proxy.git" +matrix_ldap_registration_proxy_container_image_self_build_branch: "{{ matrix_ldap_registration_proxy_version }}" + +matrix_ldap_registration_proxy_version: "296246afc6a9b3105e67fcf6621cf05ebc74b873" + +matrix_ldap_registration_proxy_base_path: "{{ matrix_base_data_path }}/matrix_ldap_registration_proxy" +# We need the docker src directory to be named matrix_ldap_registration_proxy. +matrix_ldap_registration_proxy_docker_src_files_path: "{{ matrix_ldap_registration_proxy_base_path }}/docker-src/matrix_ldap_registration_proxy" +matrix_ldap_registration_proxy_config_path: "{{ matrix_ldap_registration_proxy_base_path }}/config" + +matrix_ldap_registration_proxy_ldap_uri: "{{ matrix_synapse_ext_password_provider_ldap_uri }}" +matrix_ldap_registration_proxy_ldap_base_dn: "{{ matrix_synapse_ext_password_provider_ldap_base }}" +matrix_ldap_registration_proxy_ldap_user: "{{ matrix_synapse_ext_password_provider_ldap_bind_dn }}" +matrix_ldap_registration_proxy_ldap_password: "{{ matrix_synapse_ext_password_provider_ldap_bind_password }}" +matrix_ldap_registration_proxy_matrix_server_name: "{{ matrix_domain }}" +matrix_ldap_registration_proxy_matrix_server_url: "https://{{ matrix_server_fqn_matrix }}" + +# Controls whether the self-check feature should validate SSL certificates. +matrix_matrix_ldap_registration_proxy_self_check_validate_certificates: true + +matrix_ldap_registration_proxy_container_port: 8080 +# Controls whether the matrix_ldap_registration_proxy container exposes its HTTP port (tcp/{{ matrix_ldap_registration_proxy_container_port }} in the container). +# +# Takes an ":" or "" value (e.g. "127.0.0.1:8080"), or empty string to not expose. +matrix_ldap_registration_proxy_container_http_host_bind_port: '' + +# A list of extra arguments to pass to the container +matrix_ldap_registration_proxy_container_extra_arguments: [] + +# List of systemd services that matrix_ldap_registration_proxy.service depends on +matrix_ldap_registration_proxy_systemd_required_services_list: ['docker.service'] + +# List of systemd services that matrix_ldap_registration_proxy.service wants +matrix_ldap_registration_proxy_systemd_wanted_services_list: [] + +# Default ma1sd configuration template which covers the generic use case. +# You can customize it by controlling the various variables inside it. +matrix_ldap_registration_proxy_configuration_env: "{{ lookup('template', 'templates/ldap-registration-proxy.env.j2') }}" + +# Holds the final ma1sd configuration (a combination of the default and its extension). +matrix_ldap_registration_proxy_configuration: "{{ matrix_ldap_registration_proxy_configuration_env }}" diff --git a/roles/matrix-ldap-registration-proxy/tasks/init.yml b/roles/matrix-ldap-registration-proxy/tasks/init.yml new file mode 100644 index 00000000..312165cc --- /dev/null +++ b/roles/matrix-ldap-registration-proxy/tasks/init.yml @@ -0,0 +1,11 @@ +--- +# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070 +# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 +- name: Fail if trying to self-build on Ansible < 2.8 + ansible.builtin.fail: + msg: "To self-build the matrix_ldap_registration_proxy image, you should use Ansible 2.8 or higher. See docs/ansible.md" + when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_matrix_ldap_registration_proxy_container_image_self_build and matrix_matrix_ldap_registration_proxy_enabled | bool" + +- ansible.builtin.set_fact: + matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-matrix-ldap-registration-proxy.service'] }}" + when: matrix_matrix_ldap_registration_proxy_enabled | bool diff --git a/roles/matrix-ldap-registration-proxy/tasks/main.yml b/roles/matrix-ldap-registration-proxy/tasks/main.yml new file mode 100644 index 00000000..720d27ba --- /dev/null +++ b/roles/matrix-ldap-registration-proxy/tasks/main.yml @@ -0,0 +1,30 @@ +--- + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml" + tags: + - always + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml" + when: "run_setup | bool and matrix_matrix_ldap_registration_proxy_enabled | bool" + tags: + - setup-all + - setup-matrix-ldap-registration-proxy + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_install.yml" + when: "run_setup | bool and matrix_matrix_ldap_registration_proxy_enabled | bool" + tags: + - setup-all + - setup-matrix-ldap-registration-proxy + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" + when: "run_setup | bool and not matrix_matrix_ldap_registration_proxy_enabled | bool" + tags: + - setup-all + - setup-matrix-ldap-registration-proxy + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/self_check_matrix_ldap_registration_proxy.yml" + delegate_to: 127.0.0.1 + become: false + when: "run_self_check | bool and matrix_matrix_ldap_registration_proxy_enabled | bool" + tags: + - self-check diff --git a/roles/matrix-ldap-registration-proxy/tasks/self_check_matrix_ldap_registration_proxy.yml b/roles/matrix-ldap-registration-proxy/tasks/self_check_matrix_ldap_registration_proxy.yml new file mode 100644 index 00000000..ce46c45a --- /dev/null +++ b/roles/matrix-ldap-registration-proxy/tasks/self_check_matrix_ldap_registration_proxy.yml @@ -0,0 +1,22 @@ +--- + +- ansible.builtin.set_fact: + matrix_ldap_registration_proxy_url_endpoint_public: "https://{{ matrix_server_fqn_matrix }}/_matrix/client/r0/register" + +- name: Check matrix_ldap_registration_proxy Service + ansible.builtin.uri: + url: "{{ matrix_ldap_registration_proxy_url_endpoint_public }}" + follow_redirects: none + validate_certs: "{{ matrix_matrix_ldap_registration_proxy_self_check_validate_certificates }}" + check_mode: false + register: result_matrix_ldap_registration_proxy + ignore_errors: true + +- name: Fail if matrix_ldap_registration_proxy Service not working + ansible.builtin.fail: + msg: "Failed checking matrix_ldap_registration_proxy is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_ldap_registration_proxy_url_endpoint_public }}`). Is matrix_ldap_registration_proxy running? Is port 443 open in your firewall? Full error: {{ result_matrix_ldap_registration_proxy }}" + when: "result_matrix_ldap_registration_proxy.failed or 'json' not in result_matrix_ldap_registration_proxy" + +- name: Report working matrix_ldap_registration_proxy Service + ansible.builtin.debug: + msg: "matrix_ldap_registration_proxy at `{{ matrix_server_fqn_matrix }}` is working (checked endpoint: `{{ matrix_ldap_registration_proxy_url_endpoint_public }}`)" diff --git a/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml b/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml new file mode 100644 index 00000000..1f0307ec --- /dev/null +++ b/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml @@ -0,0 +1,63 @@ +--- + +- name: Ensure matrix_ldap_registration_proxy paths exist + ansible.builtin.file: + path: "{{ item.path }}" + state: directory + mode: 0750 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + with_items: + - {path: "{{ matrix_ldap_registration_proxy_config_path }}", when: true} + - {path: "{{ matrix_ldap_registration_proxy_docker_src_files_path }}", when: true} + when: "item.when | bool" + +- ansible.builtin.set_fact: + matrix_ldap_registration_proxy_requires_restart: false + +- name: Ensure matrix_ldap_registration_proxy repository is present on self-build + ansible.builtin.git: + repo: "{{ matrix_ldap_registration_proxy_container_image_self_build_repo }}" + dest: "{{ matrix_ldap_registration_proxy_docker_src_files_path }}" + version: "{{ matrix_ldap_registration_proxy_container_image_self_build_branch }}" + force: "yes" + become: true + become_user: "{{ matrix_user_username }}" + register: matrix_ldap_registration_proxy_git_pull_results + +- name: Ensure matrix_ldap_registration_proxy Docker image is built + docker_image: + name: "{{ matrix_ldap_registration_proxy_docker_image }}" + source: build + force_source: "{{ matrix_ldap_registration_proxy_git_pull_results.changed }}" + build: + dockerfile: Dockerfile + path: "{{ matrix_ldap_registration_proxy_docker_src_files_path }}" + pull: true + when: true + +- name: Ensure matrix_ldap_registration_proxy config installed + ansible.builtin.copy: + content: "{{ matrix_ldap_registration_proxy_configuration }}" + dest: "{{ matrix_ldap_registration_proxy_config_path }}/ldap-registration-proxy.env" + mode: 0644 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + +- name: Ensure matrix-ldap-registration-proxy.service installed + ansible.builtin.template: + src: "{{ role_path }}/templates/systemd/matrix-ldap-registration-proxy.service.j2" + dest: "{{ matrix_systemd_path }}/matrix-ldap-registration-proxy.service" + mode: 0644 + register: matrix_ldap_registration_proxy_systemd_service_result + +- name: Ensure systemd reloaded after matrix-ldap-registration-proxy.service installation + ansible.builtin.service: + daemon_reload: true + when: "matrix_ldap_registration_proxy_systemd_service_result.changed | bool" + +- name: Ensure matrix-ldap-registration-proxy.service restarted, if necessary + ansible.builtin.service: + name: "matrix-ldap-registration-proxy.service" + state: restarted + when: "matrix_ldap_registration_proxy_requires_restart | bool" diff --git a/roles/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml b/roles/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml new file mode 100644 index 00000000..cc542edf --- /dev/null +++ b/roles/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml @@ -0,0 +1,36 @@ +--- + +- name: Check existence of matrix-matrix_ldap_registration_proxy service + ansible.builtin.stat: + path: "{{ matrix_systemd_path }}/matrix-ldap-registration-proxy.service" + register: matrix_matrix_ldap_registration_proxy_service_stat + +- name: Ensure matrix-matrix_ldap_registration_proxy is stopped + ansible.builtin.service: + name: matrix-matrix_ldap_registration_proxy + state: stopped + enabled: false + daemon_reload: true + register: stopping_result + when: "matrix_matrix_ldap_registration_proxy_service_stat.stat.exists | bool" + +- name: Ensure matrix-ldap-registration-proxy.service doesn't exist + ansible.builtin.file: + path: "{{ matrix_systemd_path }}/matrix-ldap-registration-proxy.service" + state: absent + when: "matrix_matrix_ldap_registration_proxy_service_stat.stat.exists | bool" + +- name: Ensure systemd reloaded after matrix-ldap-registration-proxy.service removal + ansible.builtin.service: + daemon_reload: true + when: "matrix_matrix_ldap_registration_proxy_service_stat.stat.exists | bool" + +- name: Ensure Matrix matrix_ldap_registration_proxy paths don't exist + ansible.builtin.file: + path: "{{ matrix_matrix_ldap_registration_proxy_base_path }}" + state: absent + +- name: Ensure matrix_ldap_registration_proxy Docker image doesn't exist + docker_image: + name: "{{ matrix_matrix_ldap_registration_proxy_docker_image }}" + state: absent diff --git a/roles/matrix-ldap-registration-proxy/tasks/validate_config.yml b/roles/matrix-ldap-registration-proxy/tasks/validate_config.yml new file mode 100644 index 00000000..e69de29b diff --git a/roles/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 b/roles/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 new file mode 100644 index 00000000..e7ee29ba --- /dev/null +++ b/roles/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 @@ -0,0 +1,32 @@ +# please specify the configuration here +# +# these settings are mandatory + +# The server to connect to. Please note it must be accessible from the Docker network +# example: `ldap://127.0.0.1:389` +LDAP_SERVER={{ matrix_ldap_registration_proxy_ldap_uri }} + +# the base DN used for user creation + +LDAP_BASE_DN={{ matrix_ldap_registration_proxy_ldap_base_dn }} + +# the privileged user used for user creation including it's DN +# example: `uid=admin,cn=users,cn=accounts,dc=example,dc=org` + +LDAP_USER={{ matrix_ldap_registration_proxy_ldap_user }} + +# the password of the `LDAP_USER` used for authentication +LDAP_PASSWORD={{ matrix_ldap_registration_proxy_ldap_password }} + +# the human-readable server name of your Matrix server as used in the Matrix ID +# example: `example.org` +MATRIX_SERVER_NAME={{ matrix_ldap_registration_proxy_matrix_server_name }} + +# the url to access the Matrix server API without trailing `/` +# example: `https://matrix.example.org` +MATRIX_SERVER_URL={{ matrix_ldap_registration_proxy_matrix_server_url }} + +# these settings are optional: + +# Specify the port to listen on. Default to 8080 +LISTEN_PORT={{ matrix_ldap_registration_proxy_container_port }} diff --git a/roles/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 b/roles/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 new file mode 100644 index 00000000..afbabe72 --- /dev/null +++ b/roles/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 @@ -0,0 +1,43 @@ +#jinja2: lstrip_blocks: "True" +[Unit] +Description=matrix_ldap_registration_proxy +{% for service in matrix_ldap_registration_proxy_systemd_required_services_list %} +Requires={{ service }} +After={{ service }} +{% endfor %} +{% for service in matrix_ldap_registration_proxy_systemd_wanted_services_list %} +Wants={{ service }} +{% endfor %} +DefaultDependencies=no + +[Service] +Type=simple +Environment="HOME={{ matrix_systemd_unit_home_path }}" +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-matrix_ldap_registration_proxy 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-matrix_ldap_registration_proxy 2>/dev/null || true' + +# matrix_ldap_registration_proxy writes an SQLite shared library (libsqlitejdbc.so) to /tmp and executes it from there, +# so /tmp needs to be mounted with an exec option. +ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-ldap-registration-proxy \ + --log-driver=none \ + --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ + --cap-drop=ALL \ + --read-only \ + --network={{ matrix_docker_network }} \ + {% if matrix_ldap_registration_proxy_container_http_host_bind_port %} + -p {{ matrix_ldap_registration_proxy_container_http_host_bind_port }}:{{ matrix_ldap_registration_proxy_container_port }} \ + {% endif %} + --env-file {{ matrix_ldap_registration_proxy_config_path }}/ldap-registration-proxy.env \ + {% for arg in matrix_ldap_registration_proxy_container_extra_arguments %} + {{ arg }} \ + {% endfor %} + {{ matrix_ldap_registration_proxy_docker_image }} + +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-ldap-registration-proxy 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-ldap-registration-proxy 2>/dev/null || true' +Restart=always +RestartSec=30 +SyslogIdentifier=matrix-ldap-registration-proxy + +[Install] +WantedBy=multi-user.target diff --git a/roles/matrix-ldap-registration-proxy/vars/main.yml b/roles/matrix-ldap-registration-proxy/vars/main.yml new file mode 100644 index 00000000..3adc735e --- /dev/null +++ b/roles/matrix-ldap-registration-proxy/vars/main.yml @@ -0,0 +1,5 @@ +--- + +# Doing `|from_yaml` when the extension contains nothing yields an empty string (""). +# We need to ensure it's a dictionary or `|combine` (when building `matrix_ma1sd_configuration`) will fail later. +matrix_ma1sd_configuration_extension: "{{ matrix_ma1sd_configuration_extension_yaml | from_yaml if matrix_ma1sd_configuration_extension_yaml | from_yaml else {} }}" From 4c56ab5ee07ecbf18f9d5c8215047673b701daf7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?P=CE=9BV=CE=9EL=20D?= Date: Sun, 21 Aug 2022 17:12:59 +0300 Subject: [PATCH 189/562] Update heisenbridge 1.13.1 -> 1.14.0 --- roles/matrix-bridge-heisenbridge/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-heisenbridge/defaults/main.yml b/roles/matrix-bridge-heisenbridge/defaults/main.yml index da74ed21..48101db1 100644 --- a/roles/matrix-bridge-heisenbridge/defaults/main.yml +++ b/roles/matrix-bridge-heisenbridge/defaults/main.yml @@ -4,7 +4,7 @@ matrix_heisenbridge_enabled: true -matrix_heisenbridge_version: 1.13.1 +matrix_heisenbridge_version: 1.14.0 matrix_heisenbridge_docker_image: "{{ matrix_container_global_registry_prefix }}hif1/heisenbridge:{{ matrix_heisenbridge_version }}" matrix_heisenbridge_docker_image_force_pull: "{{ matrix_heisenbridge_docker_image.endswith(':latest') }}" From 7e6f6fd62a8445e2b81c172f69fce6e32ee68dca Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Mon, 22 Aug 2022 09:29:22 +0000 Subject: [PATCH 190/562] Update Jitsi stable-7648-2 -> stable-7648-3 --- roles/matrix-jitsi/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-jitsi/defaults/main.yml b/roles/matrix-jitsi/defaults/main.yml index 57db192c..8f1d40db 100644 --- a/roles/matrix-jitsi/defaults/main.yml +++ b/roles/matrix-jitsi/defaults/main.yml @@ -71,7 +71,7 @@ matrix_jitsi_jibri_recorder_password: '' matrix_jitsi_enable_lobby: false -matrix_jitsi_version: stable-7648-2 +matrix_jitsi_version: stable-7648-3 matrix_jitsi_container_image_tag: "{{ matrix_jitsi_version }}" # for backward-compatibility matrix_jitsi_web_docker_image: "{{ matrix_container_global_registry_prefix }}jitsi/web:{{ matrix_jitsi_container_image_tag }}" From cdc971e5b705d71efbb98dfe8c618dadec68ddb9 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Mon, 22 Aug 2022 09:30:21 +0000 Subject: [PATCH 191/562] Update hookshot 1.8.1 -> 2.0.0 --- roles/matrix-bridge-hookshot/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-hookshot/defaults/main.yml b/roles/matrix-bridge-hookshot/defaults/main.yml index 7ffb26a2..306f2891 100644 --- a/roles/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/matrix-bridge-hookshot/defaults/main.yml @@ -10,7 +10,7 @@ matrix_hookshot_container_image_self_build: false matrix_hookshot_container_image_self_build_repo: "https://github.com/matrix-org/matrix-hookshot.git" matrix_hookshot_container_image_self_build_branch: "{{ 'main' if matrix_hookshot_version == 'latest' else matrix_hookshot_version }}" -matrix_hookshot_version: 1.8.1 +matrix_hookshot_version: 2.0.0 matrix_hookshot_docker_image: "{{ matrix_hookshot_docker_image_name_prefix }}halfshot/matrix-hookshot:{{ matrix_hookshot_version }}" matrix_hookshot_docker_image_name_prefix: "{{ 'localhost/' if matrix_hookshot_container_image_self_build else matrix_container_global_registry_prefix }}" From d36adca303fac9de7f6ffdd1c18bbbdb6c406e15 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 22 Aug 2022 13:54:47 +0300 Subject: [PATCH 192/562] Upgrade Hookshot (2.0.0 -> 2.0.1) --- roles/matrix-bridge-hookshot/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-hookshot/defaults/main.yml b/roles/matrix-bridge-hookshot/defaults/main.yml index 306f2891..7b927c92 100644 --- a/roles/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/matrix-bridge-hookshot/defaults/main.yml @@ -10,7 +10,7 @@ matrix_hookshot_container_image_self_build: false matrix_hookshot_container_image_self_build_repo: "https://github.com/matrix-org/matrix-hookshot.git" matrix_hookshot_container_image_self_build_branch: "{{ 'main' if matrix_hookshot_version == 'latest' else matrix_hookshot_version }}" -matrix_hookshot_version: 2.0.0 +matrix_hookshot_version: 2.0.1 matrix_hookshot_docker_image: "{{ matrix_hookshot_docker_image_name_prefix }}halfshot/matrix-hookshot:{{ matrix_hookshot_version }}" matrix_hookshot_docker_image_name_prefix: "{{ 'localhost/' if matrix_hookshot_container_image_self_build else matrix_container_global_registry_prefix }}" From 9c2a8addee93910cb9079f856bc3fb3932592c91 Mon Sep 17 00:00:00 2001 From: Aine Date: Mon, 22 Aug 2022 20:10:35 +0300 Subject: [PATCH 193/562] add postmoogle --- docs/configuring-playbook-bot-postmoogle.md | 54 ++++++++++ docs/configuring-playbook-email2matrix.md | 2 + group_vars/matrix_servers | 35 +++++++ roles/matrix-bot-postmoogle/defaults/main.yml | 96 ++++++++++++++++++ roles/matrix-bot-postmoogle/tasks/init.yml | 5 + roles/matrix-bot-postmoogle/tasks/main.yml | 23 +++++ .../tasks/setup_install.yml | 99 +++++++++++++++++++ .../tasks/setup_uninstall.yml | 36 +++++++ .../tasks/validate_config.yml | 9 ++ roles/matrix-bot-postmoogle/templates/env.j2 | 13 +++ .../systemd/matrix-bot-postmoogle.service.j2 | 40 ++++++++ setup.yml | 1 + 12 files changed, 413 insertions(+) create mode 100644 docs/configuring-playbook-bot-postmoogle.md create mode 100644 roles/matrix-bot-postmoogle/defaults/main.yml create mode 100644 roles/matrix-bot-postmoogle/tasks/init.yml create mode 100644 roles/matrix-bot-postmoogle/tasks/main.yml create mode 100644 roles/matrix-bot-postmoogle/tasks/setup_install.yml create mode 100644 roles/matrix-bot-postmoogle/tasks/setup_uninstall.yml create mode 100644 roles/matrix-bot-postmoogle/tasks/validate_config.yml create mode 100644 roles/matrix-bot-postmoogle/templates/env.j2 create mode 100644 roles/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 diff --git a/docs/configuring-playbook-bot-postmoogle.md b/docs/configuring-playbook-bot-postmoogle.md new file mode 100644 index 00000000..bbbfa405 --- /dev/null +++ b/docs/configuring-playbook-bot-postmoogle.md @@ -0,0 +1,54 @@ +# Setting up Postmoogle (optional) + +**Note**: email bridging can also happen via the [email2matrix](configuring-playbook-email2matrix.md) bridge supported by the playbook. + +The playbook can install and configure [Postmoogle](https://gitlab.com/etke.cc/postmoogle) for you. + +It's a bot/bridge you can use to forward emails to Matrix rooms + +See the project's [documentation](https://gitlab.com/etke.cc/postmoogle) to learn what it does and why it might be useful to you. + + +## Registering the bot user + +By default, the playbook will set up the bot with a username like this: `@postmoogle:DOMAIN`. + +(to use a different username, adjust the `matrix_bot_postmoogle_login` variable). + +You **need to register the bot user manually** before setting up the bot. You can use the playbook to [register a new user](registering-users.md): + +``` +ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=postmoogle password=PASSWORD_FOR_THE_BOT admin=no' --tags=register-user +``` + +Choose a strong password for the bot. You can generate a good password with a command like this: `pwgen -s 64 1`. + + +## Adjusting the playbook configuration + +Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: + +```yaml +matrix_bot_postmoogle_enabled: true + +# Adjust this to whatever password you chose when registering the bot user +matrix_bot_postmoogle_password: PASSWORD_FOR_THE_BOT +``` + + +## Installing + +After configuring the playbook, run the [installation](installing.md) command again: + +``` +ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start +``` + + +## Usage + +To use the bot, invite the `@postmoogle:DOMAIN` into a room you want to use as a mailbox, after that send `mailbox NAME` to enable email address `NAME@matrix.domain` and start receiving emails + +Send `help` to the room to see the bot's help menu for additional commands. + +You can also refer to the upstream [documentation](https://gitlab.com/etke.cc/postmoogle). diff --git a/docs/configuring-playbook-email2matrix.md b/docs/configuring-playbook-email2matrix.md index 510a9dcc..bc3fba8c 100644 --- a/docs/configuring-playbook-email2matrix.md +++ b/docs/configuring-playbook-email2matrix.md @@ -1,5 +1,7 @@ # Setting up Email2Matrix (optional) +**Note**: email bridging can also happen via the [postmoogle](configuring-playbook-bot-postmoogle.md) bot supported by the playbook. + The playbook can install and configure [email2matrix](https://github.com/devture/email2matrix) for you. See the project's [documentation](https://github.com/devture/email2matrix/blob/master/docs/README.md) to learn what it does and why it might be useful to you. diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 90482810..91bfddc6 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1198,6 +1198,35 @@ matrix_bot_buscarron_container_image_self_build: "{{ matrix_architecture not in # ###################################################################### +###################################################################### +# +# matrix-bot-postmoogle +# +###################################################################### + +# We don't enable bots by default. +matrix_bot_postmoogle_enabled: false + +matrix_bot_postmoogle_systemd_required_services_list: | + {{ + ['docker.service'] + + + (['matrix-postgres.service'] if matrix_postgres_enabled else []) + + + (['matrix-synapse.service'] if matrix_synapse_enabled else []) + }} + +# Postgres is the default, except if not using `matrix_postgres` (internal postgres) +matrix_bot_postmoogle_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" +matrix_bot_postmoogle_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'postmoogle.db') | to_uuid }}" +matrix_bot_postmoogle_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm32', 'arm64'] }}" + +###################################################################### +# +# /matrix-bot-postmoogle +# +###################################################################### + ###################################################################### # @@ -1850,6 +1879,12 @@ matrix_postgres_additional_databases: | 'password': matrix_bot_honoroit_database_password, }] if (matrix_bot_honoroit_enabled and matrix_bot_honoroit_database_engine == 'postgres' and matrix_bot_honoroit_database_hostname == 'matrix-postgres') else []) + + ([{ + 'name': matrix_bot_postmoogle_database_name, + 'username': matrix_bot_postmoogle_database_username, + 'password': matrix_bot_postmoogle_database_password, + }] if (matrix_bot_postmoogle_enabled and matrix_bot_postmoogle_database_engine == 'postgres' and matrix_bot_postmoogle_database_hostname == 'matrix-postgres') else []) + + ([{ 'name': matrix_bot_maubot_database_name, 'username': matrix_bot_maubot_database_username, diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml new file mode 100644 index 00000000..7d5818ce --- /dev/null +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -0,0 +1,96 @@ +--- +# postmoogle is an email to matrix bot +# Project source code URL: https://gitlab.com/etke.cc/postmoogle + +matrix_bot_postmoogle_enabled: true + +matrix_bot_postmoogle_container_image_self_build: false +matrix_bot_postmoogle_docker_repo: "https://gitlab.com/etke.cc/postmoogle.git" +matrix_bot_postmoogle_docker_repo_version: "{{ matrix_bot_postmoogle_version }}" +matrix_bot_postmoogle_docker_src_files_path: "{{ matrix_base_data_path }}/postmoogle/docker-src" + +matrix_bot_postmoogle_version: latest +matrix_bot_postmoogle_docker_image: "{{ matrix_bot_postmoogle_docker_image_name_prefix }}postmoogle:{{ matrix_bot_postmoogle_version }}" +matrix_bot_postmoogle_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_postmoogle_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" +matrix_bot_postmoogle_docker_image_force_pull: "{{ matrix_bot_postmoogle_docker_image.endswith(':latest') }}" + +matrix_bot_postmoogle_base_path: "{{ matrix_base_data_path }}/postmoogle" +matrix_bot_postmoogle_config_path: "{{ matrix_bot_postmoogle_base_path }}/config" +matrix_bot_postmoogle_data_path: "{{ matrix_bot_postmoogle_base_path }}/data" + +# A list of extra arguments to pass to the container +matrix_bot_postmoogle_container_extra_arguments: [] + +# List of systemd services that matrix-bot-postmoogle.service depends on +matrix_bot_postmoogle_systemd_required_services_list: ['docker.service'] + +# List of systemd services that matrix-bot-postmoogle.service wants +matrix_bot_postmoogle_systemd_wanted_services_list: [] + + +# Database-related configuration fields. +# +# To use SQLite, stick to these defaults. +# +# To use Postgres: +# - change the engine (`matrix_bot_postmoogle_database_engine: 'postgres'`) +# - adjust your database credentials via the `matrix_bot_postmoogle_database_*` variables +matrix_bot_postmoogle_database_engine: 'sqlite' + +matrix_bot_postmoogle_sqlite_database_path_local: "{{ matrix_bot_postmoogle_data_path }}/bot.db" +matrix_bot_postmoogle_sqlite_database_path_in_container: "/data/bot.db" + +matrix_bot_postmoogle_database_username: 'postmoogle' +matrix_bot_postmoogle_database_password: 'some-password' +matrix_bot_postmoogle_database_hostname: 'matrix-postgres' +matrix_bot_postmoogle_database_port: 5432 +matrix_bot_postmoogle_database_name: 'postmoogle' + +matrix_bot_postmoogle_database_connection_string: 'postgres://{{ matrix_bot_postmoogle_database_username }}:{{ matrix_bot_postmoogle_database_password }}@{{ matrix_bot_postmoogle_database_hostname }}:{{ matrix_bot_postmoogle_database_port }}/{{ matrix_bot_postmoogle_database_name }}?sslmode=disable' + +matrix_bot_postmoogle_storage_database: "{{ + { + 'sqlite': matrix_bot_postmoogle_sqlite_database_path_in_container, + 'postgres': matrix_bot_postmoogle_database_connection_string, + }[matrix_bot_postmoogle_database_engine] +}}" + +matrix_bot_postmoogle_database_dialect: "{{ + { + 'sqlite': 'sqlite3', + 'postgres': 'postgres', + }[matrix_bot_postmoogle_database_engine] +}}" + + +# The bot's username. This user needs to be created manually beforehand. +# Also see `matrix_bot_postmoogle_password`. +matrix_bot_postmoogle_login: "postmoogle" + +# The password that the bot uses to authenticate. +matrix_bot_postmoogle_password: '' + +matrix_bot_postmoogle_homeserver: "{{ matrix_homeserver_container_url }}" + +# Command prefix +matrix_bot_postmoogle_prefix: '' + +# Sentry DSN +matrix_bot_postmoogle_sentry: '' + +# Log level +matrix_bot_postmoogle_loglevel: '' + +# Disable encryption +matrix_bot_postmoogle_noencryption: false + +matrix_bot_postmoogle_domain: "{{ matrix_server_fqn_matrix }}" + +matrix_bot_postmoogle_port: "25" + +# Additional environment variables to pass to the postmoogle container +# +# Example: +# matrix_bot_postmoogle_environment_variables_extension: | +# postmoogle_TEXT_DONE=Done +matrix_bot_postmoogle_environment_variables_extension: '' diff --git a/roles/matrix-bot-postmoogle/tasks/init.yml b/roles/matrix-bot-postmoogle/tasks/init.yml new file mode 100644 index 00000000..16b78171 --- /dev/null +++ b/roles/matrix-bot-postmoogle/tasks/init.yml @@ -0,0 +1,5 @@ +--- + +- ansible.builtin.set_fact: + matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-postmoogle.service'] }}" + when: matrix_bot_postmoogle_enabled | bool diff --git a/roles/matrix-bot-postmoogle/tasks/main.yml b/roles/matrix-bot-postmoogle/tasks/main.yml new file mode 100644 index 00000000..cbe590e1 --- /dev/null +++ b/roles/matrix-bot-postmoogle/tasks/main.yml @@ -0,0 +1,23 @@ +--- + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml" + tags: + - always + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml" + when: "run_setup | bool and matrix_bot_postmoogle_enabled | bool" + tags: + - setup-all + - setup-bot-postmoogle + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_install.yml" + when: "run_setup | bool and matrix_bot_postmoogle_enabled | bool" + tags: + - setup-all + - setup-bot-postmoogle + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" + when: "run_setup | bool and not matrix_bot_postmoogle_enabled | bool" + tags: + - setup-all + - setup-bot-postmoogle diff --git a/roles/matrix-bot-postmoogle/tasks/setup_install.yml b/roles/matrix-bot-postmoogle/tasks/setup_install.yml new file mode 100644 index 00000000..d0885698 --- /dev/null +++ b/roles/matrix-bot-postmoogle/tasks/setup_install.yml @@ -0,0 +1,99 @@ +--- +- block: + - name: Check if an SQLite database already exists + ansible.builtin.stat: + path: "{{ matrix_bot_postmoogle_sqlite_database_path_local }}" + register: matrix_bot_postmoogle_sqlite_database_path_local_stat_result + + - block: + - ansible.builtin.set_fact: + matrix_postgres_db_migration_request: + src: "{{ matrix_bot_postmoogle_sqlite_database_path_local }}" + dst: "{{ matrix_bot_postmoogle_database_connection_string }}" + caller: "{{ role_path | basename }}" + engine_variable_name: 'matrix_bot_postmoogle_database_engine' + engine_old: 'sqlite' + systemd_services_to_stop: ['matrix-bot-postmoogle.service'] + + - ansible.builtin.import_role: + name: matrix-postgres + tasks_from: migrate_db_to_postgres + + - ansible.builtin.set_fact: + matrix_bot_postmoogle_requires_restart: true + when: "matrix_bot_postmoogle_sqlite_database_path_local_stat_result.stat.exists | bool" + when: "matrix_bot_postmoogle_database_engine == 'postgres'" + +- name: Ensure postmoogle paths exist + ansible.builtin.file: + path: "{{ item.path }}" + state: directory + mode: 0750 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + with_items: + - {path: "{{ matrix_bot_postmoogle_config_path }}", when: true} + - {path: "{{ matrix_bot_postmoogle_data_path }}", when: true} + - {path: "{{ matrix_bot_postmoogle_docker_src_files_path }}", when: true} + when: "item.when | bool" + +- name: Ensure postmoogle environment variables file created + ansible.builtin.template: + src: "{{ role_path }}/templates/env.j2" + dest: "{{ matrix_bot_postmoogle_config_path }}/env" + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + mode: 0640 + +- name: Ensure postmoogle image is pulled + docker_image: + name: "{{ matrix_bot_postmoogle_docker_image }}" + source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" + force_source: "{{ matrix_bot_postmoogle_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_postmoogle_docker_image_force_pull }}" + when: "not matrix_bot_postmoogle_container_image_self_build | bool" + register: result + retries: "{{ matrix_container_retries_count }}" + delay: "{{ matrix_container_retries_delay }}" + until: result is not failed + +- name: Ensure postmoogle repository is present on self-build + ansible.builtin.git: + repo: "{{ matrix_bot_postmoogle_docker_repo }}" + version: "{{ matrix_bot_postmoogle_docker_repo_version }}" + dest: "{{ matrix_bot_postmoogle_docker_src_files_path }}" + force: "yes" + become: true + become_user: "{{ matrix_user_username }}" + register: matrix_bot_postmoogle_git_pull_results + when: "matrix_bot_postmoogle_container_image_self_build | bool" + +- name: Ensure postmoogle image is built + docker_image: + name: "{{ matrix_bot_postmoogle_docker_image }}" + source: build + force_source: "{{ matrix_bot_postmoogle_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mailer_git_pull_results.changed }}" + build: + dockerfile: Dockerfile + path: "{{ matrix_bot_postmoogle_docker_src_files_path }}" + pull: true + when: "matrix_bot_postmoogle_container_image_self_build | bool" + +- name: Ensure matrix-bot-postmoogle.service installed + ansible.builtin.template: + src: "{{ role_path }}/templates/systemd/matrix-bot-postmoogle.service.j2" + dest: "{{ matrix_systemd_path }}/matrix-bot-postmoogle.service" + mode: 0644 + register: matrix_bot_postmoogle_systemd_service_result + +- name: Ensure systemd reloaded after matrix-bot-postmoogle.service installation + ansible.builtin.service: + daemon_reload: true + when: "matrix_bot_postmoogle_systemd_service_result.changed | bool" + +- name: Ensure matrix-bot-postmoogle.service restarted, if necessary + ansible.builtin.service: + name: "matrix-bot-postmoogle.service" + state: restarted + when: "matrix_bot_postmoogle_systemd_service_result.changed | bool" diff --git a/roles/matrix-bot-postmoogle/tasks/setup_uninstall.yml b/roles/matrix-bot-postmoogle/tasks/setup_uninstall.yml new file mode 100644 index 00000000..64164a86 --- /dev/null +++ b/roles/matrix-bot-postmoogle/tasks/setup_uninstall.yml @@ -0,0 +1,36 @@ +--- + +- name: Check existence of matrix-postmoogle service + ansible.builtin.stat: + path: "{{ matrix_systemd_path }}/matrix-bot-postmoogle.service" + register: matrix_bot_postmoogle_service_stat + +- name: Ensure matrix-postmoogle is stopped + ansible.builtin.service: + name: matrix-bot-postmoogle + state: stopped + enabled: false + daemon_reload: true + register: stopping_result + when: "matrix_bot_postmoogle_service_stat.stat.exists | bool" + +- name: Ensure matrix-bot-postmoogle.service doesn't exist + ansible.builtin.file: + path: "{{ matrix_systemd_path }}/matrix-bot-postmoogle.service" + state: absent + when: "matrix_bot_postmoogle_service_stat.stat.exists | bool" + +- name: Ensure systemd reloaded after matrix-bot-postmoogle.service removal + ansible.builtin.service: + daemon_reload: true + when: "matrix_bot_postmoogle_service_stat.stat.exists | bool" + +- name: Ensure Matrix postmoogle paths don't exist + ansible.builtin.file: + path: "{{ matrix_bot_postmoogle_base_path }}" + state: absent + +- name: Ensure postmoogle Docker image doesn't exist + docker_image: + name: "{{ matrix_bot_postmoogle_docker_image }}" + state: absent diff --git a/roles/matrix-bot-postmoogle/tasks/validate_config.yml b/roles/matrix-bot-postmoogle/tasks/validate_config.yml new file mode 100644 index 00000000..b5d9d1ed --- /dev/null +++ b/roles/matrix-bot-postmoogle/tasks/validate_config.yml @@ -0,0 +1,9 @@ +--- + +- name: Fail if required settings not defined + ansible.builtin.fail: + msg: >- + You need to define a required configuration setting (`{{ item }}`). + when: "vars[item] == ''" + with_items: + - "matrix_bot_postmoogle_password" diff --git a/roles/matrix-bot-postmoogle/templates/env.j2 b/roles/matrix-bot-postmoogle/templates/env.j2 new file mode 100644 index 00000000..f9f49e79 --- /dev/null +++ b/roles/matrix-bot-postmoogle/templates/env.j2 @@ -0,0 +1,13 @@ +POSTMOOGLE_LOGIN={{ matrix_bot_postmoogle_login }} +POSTMOOGLE_PASSWORD={{ matrix_bot_postmoogle_password }} +POSTMOOGLE_HOMESERVER={{ matrix_bot_postmoogle_homeserver }} +POSTMOOGLE_DOMAIN={{ matrix_bot_postmoogle_domain }} +POSTMOOGLE_PORT={{ matrix_bot_postmoogle_port }} +POSTMOOGLE_DB_DSN={{ matrix_bot_postmoogle_database_connection_string }} +POSTMOOGLE_DB_DIALECT={{ matrix_bot_postmoogle_database_dialect }} +POSTMOOGLE_PREFIX={{ matrix_bot_postmoogle_prefix }} +POSTMOOGLE_SENTRY={{ matrix_bot_postmoogle_sentry }} +POSTMOOGLE_LOGLEVEL={{ matrix_bot_postmoogle_loglevel }} +POSTMOOGLE_NOENCRYPTION={{ matrix_bot_postmoogle_noencryption }} + +{{ matrix_bot_postmoogle_environment_variables_extension }} diff --git a/roles/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 b/roles/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 new file mode 100644 index 00000000..d5368603 --- /dev/null +++ b/roles/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 @@ -0,0 +1,40 @@ +#jinja2: lstrip_blocks: "True" +[Unit] +Description=Matrix helpdesk bot +{% for service in matrix_bot_postmoogle_systemd_required_services_list %} +Requires={{ service }} +After={{ service }} +{% endfor %} +{% for service in matrix_bot_postmoogle_systemd_wanted_services_list %} +Wants={{ service }} +{% endfor %} +DefaultDependencies=no + +[Service] +Type=simple +Environment="HOME={{ matrix_systemd_unit_home_path }}" +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-postmoogle 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-postmoogle 2>/dev/null || true' + +ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-postmoogle \ + --log-driver=none \ + --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ + --cap-drop=ALL \ + --read-only \ + --network={{ matrix_docker_network }} \ + --env-file={{ matrix_bot_postmoogle_config_path }}/env \ + -p {{ matrix_bot_postmoogle_port }}:{{ matrix_bot_postmoogle_port }} \ + --mount type=bind,src={{ matrix_bot_postmoogle_data_path }},dst=/data \ + {% for arg in matrix_bot_postmoogle_container_extra_arguments %} + {{ arg }} \ + {% endfor %} + {{ matrix_bot_postmoogle_docker_image }} + +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-postmoogle 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-postmoogle 2>/dev/null || true' +Restart=always +RestartSec=30 +SyslogIdentifier=matrix-bot-postmoogle + +[Install] +WantedBy=multi-user.target diff --git a/setup.yml b/setup.yml index 18fbdf10..a4ef8c35 100755 --- a/setup.yml +++ b/setup.yml @@ -43,6 +43,7 @@ - matrix-bot-maubot - matrix-bot-buscarron - matrix-bot-honoroit + - matrix-bot-postmoogle - matrix-bot-go-neb - matrix-bot-mjolnir - matrix-synapse From 1338a3c9fcf545977721b0dfce4794d70320b929 Mon Sep 17 00:00:00 2001 From: Aine Date: Mon, 22 Aug 2022 20:23:39 +0300 Subject: [PATCH 194/562] postmoogle: adjust help, add maxsize --- docs/configuring-playbook-bot-postmoogle.md | 4 ++-- roles/matrix-bot-postmoogle/defaults/main.yml | 5 ++++- roles/matrix-bot-postmoogle/templates/env.j2 | 1 + 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/docs/configuring-playbook-bot-postmoogle.md b/docs/configuring-playbook-bot-postmoogle.md index bbbfa405..680365e4 100644 --- a/docs/configuring-playbook-bot-postmoogle.md +++ b/docs/configuring-playbook-bot-postmoogle.md @@ -47,8 +47,8 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start ## Usage -To use the bot, invite the `@postmoogle:DOMAIN` into a room you want to use as a mailbox, after that send `mailbox NAME` to enable email address `NAME@matrix.domain` and start receiving emails +To use the bot, invite the `@postmoogle:DOMAIN` into a room you want to use as a mailbox, after that send `!pm mailbox NAME` to enable email address `NAME@matrix.domain` and start receiving emails -Send `help` to the room to see the bot's help menu for additional commands. +Send `!pm help` to the room to see the bot's help menu for additional commands. You can also refer to the upstream [documentation](https://gitlab.com/etke.cc/postmoogle). diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index 7d5818ce..4679e678 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -73,7 +73,10 @@ matrix_bot_postmoogle_password: '' matrix_bot_postmoogle_homeserver: "{{ matrix_homeserver_container_url }}" # Command prefix -matrix_bot_postmoogle_prefix: '' +matrix_bot_postmoogle_prefix: '!pm' + +# Max email size in megabytes, including attachments +matrix_bot_postmoogle_maxsize: '1024' # Sentry DSN matrix_bot_postmoogle_sentry: '' diff --git a/roles/matrix-bot-postmoogle/templates/env.j2 b/roles/matrix-bot-postmoogle/templates/env.j2 index f9f49e79..d2662fd3 100644 --- a/roles/matrix-bot-postmoogle/templates/env.j2 +++ b/roles/matrix-bot-postmoogle/templates/env.j2 @@ -6,6 +6,7 @@ POSTMOOGLE_PORT={{ matrix_bot_postmoogle_port }} POSTMOOGLE_DB_DSN={{ matrix_bot_postmoogle_database_connection_string }} POSTMOOGLE_DB_DIALECT={{ matrix_bot_postmoogle_database_dialect }} POSTMOOGLE_PREFIX={{ matrix_bot_postmoogle_prefix }} +POSTMOOGLE_MAXSIZE={{ matrix_bot_postmoogle_maxsize }} POSTMOOGLE_SENTRY={{ matrix_bot_postmoogle_sentry }} POSTMOOGLE_LOGLEVEL={{ matrix_bot_postmoogle_loglevel }} POSTMOOGLE_NOENCRYPTION={{ matrix_bot_postmoogle_noencryption }} From 49fa03f8e8f98f772a1476bf43236429c8bc4c54 Mon Sep 17 00:00:00 2001 From: Aine Date: Mon, 22 Aug 2022 20:29:48 +0300 Subject: [PATCH 195/562] update README --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index e30f9b54..b95b1fdc 100644 --- a/README.md +++ b/README.md @@ -109,6 +109,8 @@ Using this playbook, you can get the following services configured on your serve - (optional) [honoroit](https://gitlab.com/etke.cc/honoroit) helpdesk bot - see [docs/configuring-playbook-bot-honoroit.md](docs/configuring-playbook-bot-honoroit.md) for setup documentation +- (optional) [postmoogle](https://gitlab.com/etke.cc/postmoogle) email to matrix bot - see [docs/configuring-playbook-bot-postmoogle.md](docs/configuring-playbook-bot-postmoogle.md) for setup documentation + - (optional) [Go-NEB](https://github.com/matrix-org/go-neb) multi functional bot written in Go - see [docs/configuring-playbook-bot-go-neb.md](docs/configuring-playbook-bot-go-neb.md) for setup documentation - (optional) [Mjolnir](https://github.com/matrix-org/mjolnir), a moderation tool for Matrix - see [docs/configuring-playbook-bot-mjolnir.md](docs/configuring-playbook-bot-mjolnir.md) for setup documentation From 0a734a609a131022499865db358584531edeb242 Mon Sep 17 00:00:00 2001 From: Aine Date: Mon, 22 Aug 2022 22:10:15 +0300 Subject: [PATCH 196/562] postmoogle: add noowner and federation --- roles/matrix-bot-postmoogle/defaults/main.yml | 6 ++++++ roles/matrix-bot-postmoogle/templates/env.j2 | 2 ++ 2 files changed, 8 insertions(+) diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index 4679e678..633d0099 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -78,6 +78,12 @@ matrix_bot_postmoogle_prefix: '!pm' # Max email size in megabytes, including attachments matrix_bot_postmoogle_maxsize: '1024' +# Allow room settings changes by any room participant +matrix_bot_postmoogle_noowner: false + +# Allow Postmoogle use by users over federation +matrix_bot_postmoogle_federation: false + # Sentry DSN matrix_bot_postmoogle_sentry: '' diff --git a/roles/matrix-bot-postmoogle/templates/env.j2 b/roles/matrix-bot-postmoogle/templates/env.j2 index d2662fd3..930681d8 100644 --- a/roles/matrix-bot-postmoogle/templates/env.j2 +++ b/roles/matrix-bot-postmoogle/templates/env.j2 @@ -10,5 +10,7 @@ POSTMOOGLE_MAXSIZE={{ matrix_bot_postmoogle_maxsize }} POSTMOOGLE_SENTRY={{ matrix_bot_postmoogle_sentry }} POSTMOOGLE_LOGLEVEL={{ matrix_bot_postmoogle_loglevel }} POSTMOOGLE_NOENCRYPTION={{ matrix_bot_postmoogle_noencryption }} +POSTMOOGLE_NOOWNER={{ matrix_bot_postmoogle_noowner }} +POSTMOOGLE_FEDERATION={{ matrix_bot_postmoogle_federation }} {{ matrix_bot_postmoogle_environment_variables_extension }} From 5fafbab7ae4b6fd090c152144932da6e57f883cd Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 23 Aug 2022 07:51:52 +0300 Subject: [PATCH 197/562] Upgrade Signald (0.21.0 -> 0.21.1) --- roles/matrix-bridge-mautrix-signal/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-signal/defaults/main.yml b/roles/matrix-bridge-mautrix-signal/defaults/main.yml index 4a9f9cfb..d6d3faa2 100644 --- a/roles/matrix-bridge-mautrix-signal/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-signal/defaults/main.yml @@ -10,7 +10,7 @@ matrix_mautrix_signal_docker_repo_version: "{{ 'master' if matrix_mautrix_signal matrix_mautrix_signal_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-signal/docker-src" matrix_mautrix_signal_version: v0.3.0 -matrix_mautrix_signal_daemon_version: 0.21.0 +matrix_mautrix_signal_daemon_version: 0.21.1 # See: https://mau.dev/mautrix/signal/container_registry matrix_mautrix_signal_docker_image: "dock.mau.dev/mautrix/signal:{{ matrix_mautrix_signal_version }}" matrix_mautrix_signal_docker_image_force_pull: "{{ matrix_mautrix_signal_docker_image.endswith(':latest') }}" From f1802761ded5704df8ee5053c6260ed8d9aabd48 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 23 Aug 2022 09:21:12 +0300 Subject: [PATCH 198/562] Upgrade ddclient (v3.9.1-ls95 -> v3.9.1-ls96) --- roles/matrix-dynamic-dns/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dynamic-dns/defaults/main.yml b/roles/matrix-dynamic-dns/defaults/main.yml index 94d4907b..16f6f3ae 100644 --- a/roles/matrix-dynamic-dns/defaults/main.yml +++ b/roles/matrix-dynamic-dns/defaults/main.yml @@ -7,7 +7,7 @@ matrix_dynamic_dns_enabled: true # The dynamic dns daemon interval matrix_dynamic_dns_daemon_interval: '300' -matrix_dynamic_dns_version: v3.9.1-ls95 +matrix_dynamic_dns_version: v3.9.1-ls96 # The docker container to use when in mode matrix_dynamic_dns_docker_image: "{{ matrix_dynamic_dns_docker_image_name_prefix }}linuxserver/ddclient:{{ matrix_dynamic_dns_version }}" From e8db7611d454eca8d6750fdd73563151eeb6a111 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 23 Aug 2022 11:38:10 +0300 Subject: [PATCH 199/562] Add ENABLE_JAAS_COMPONENTS to Jitsi Related to https://github.com/jitsi/docker-jitsi-meet/issues/1377 Adding this doesn't really help though. `stable-7648-2` is broken regardless. `stable-7648-3` is necessary to make it work. We're already updated to `-3` anyway. This just adds the missing environment variable for completeness. --- roles/matrix-jitsi/defaults/main.yml | 1 + roles/matrix-jitsi/templates/web/env.j2 | 1 + 2 files changed, 2 insertions(+) diff --git a/roles/matrix-jitsi/defaults/main.yml b/roles/matrix-jitsi/defaults/main.yml index 8f1d40db..d94c62f4 100644 --- a/roles/matrix-jitsi/defaults/main.yml +++ b/roles/matrix-jitsi/defaults/main.yml @@ -9,6 +9,7 @@ matrix_jitsi_enable_auth: false matrix_jitsi_enable_guests: false matrix_jitsi_enable_recording: false matrix_jitsi_enable_transcriptions: false +matrix_jitsi_enable_jaas_components: false matrix_jitsi_enable_p2p: true matrix_jitsi_enable_av_moderation: true matrix_jitsi_enable_breakout_rooms: true diff --git a/roles/matrix-jitsi/templates/web/env.j2 b/roles/matrix-jitsi/templates/web/env.j2 index ac15c087..3e9f51b7 100644 --- a/roles/matrix-jitsi/templates/web/env.j2 +++ b/roles/matrix-jitsi/templates/web/env.j2 @@ -57,6 +57,7 @@ ENABLE_TALK_WHILE_MUTED ENABLE_TCC ENABLE_TRANSCRIPTIONS={{ 1 if matrix_jitsi_enable_transcriptions else 0 }} ENABLE_XMPP_WEBSOCKET +ENABLE_JAAS_COMPONENTS={{ 1 if matrix_jitsi_enable_jaas_components else false }} ETHERPAD_PUBLIC_URL ETHERPAD_URL_BASE={{ (matrix_jitsi_etherpad_base + '/') if matrix_jitsi_etherpad_enabled else ''}} GOOGLE_ANALYTICS_ID From e764ab165f7da8fafc68908a67bfa62840d1d134 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 23 Aug 2022 10:25:32 +0000 Subject: [PATCH 200/562] Update group_vars/matrix_servers Co-authored-by: Slavi Pantaleev --- group_vars/matrix_servers | 1 + 1 file changed, 1 insertion(+) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 91bfddc6..8d464e34 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1219,6 +1219,7 @@ matrix_bot_postmoogle_systemd_required_services_list: | # Postgres is the default, except if not using `matrix_postgres` (internal postgres) matrix_bot_postmoogle_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" matrix_bot_postmoogle_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'postmoogle.db') | to_uuid }}" + matrix_bot_postmoogle_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm32', 'arm64'] }}" ###################################################################### From 19f5588b0d583d00f9724a12d16d89843b3260e5 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 23 Aug 2022 10:25:48 +0000 Subject: [PATCH 201/562] Update roles/matrix-bot-postmoogle/tasks/setup_install.yml Co-authored-by: Slavi Pantaleev --- roles/matrix-bot-postmoogle/tasks/setup_install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-postmoogle/tasks/setup_install.yml b/roles/matrix-bot-postmoogle/tasks/setup_install.yml index d0885698..d7e5dbee 100644 --- a/roles/matrix-bot-postmoogle/tasks/setup_install.yml +++ b/roles/matrix-bot-postmoogle/tasks/setup_install.yml @@ -34,7 +34,7 @@ with_items: - {path: "{{ matrix_bot_postmoogle_config_path }}", when: true} - {path: "{{ matrix_bot_postmoogle_data_path }}", when: true} - - {path: "{{ matrix_bot_postmoogle_docker_src_files_path }}", when: true} + - {path: "{{ matrix_bot_postmoogle_docker_src_files_path }}", when: matrix_bot_postmoogle_container_image_self_build} when: "item.when | bool" - name: Ensure postmoogle environment variables file created From b3688cce71baf2a2909bde3903f8b0047487cb97 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 23 Aug 2022 10:31:11 +0000 Subject: [PATCH 202/562] Update docs/configuring-playbook-bot-postmoogle.md Co-authored-by: Slavi Pantaleev --- docs/configuring-playbook-bot-postmoogle.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bot-postmoogle.md b/docs/configuring-playbook-bot-postmoogle.md index 680365e4..70ac57b6 100644 --- a/docs/configuring-playbook-bot-postmoogle.md +++ b/docs/configuring-playbook-bot-postmoogle.md @@ -47,7 +47,9 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start ## Usage -To use the bot, invite the `@postmoogle:DOMAIN` into a room you want to use as a mailbox, after that send `!pm mailbox NAME` to enable email address `NAME@matrix.domain` and start receiving emails +To use the bot, invite the `@postmoogle:DOMAIN` into a room you want to use as a mailbox. + +Then send `!pm mailbox NAME` to expose this Matrix room as an inbox with the email address `NAME@matrix.domain`. Emails sent to that email address will be forwarded to the room. Send `!pm help` to the room to see the bot's help menu for additional commands. From 4a08ae200e0a13b3464752cacc01b0a1aafefc1a Mon Sep 17 00:00:00 2001 From: Aine Date: Tue, 23 Aug 2022 13:55:53 +0300 Subject: [PATCH 203/562] postmoogle: feedback --- roles/matrix-bot-postmoogle/defaults/main.yml | 8 ++++++-- .../templates/systemd/matrix-bot-postmoogle.service.j2 | 2 +- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index 633d0099..c3b363f6 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -88,14 +88,18 @@ matrix_bot_postmoogle_federation: false matrix_bot_postmoogle_sentry: '' # Log level -matrix_bot_postmoogle_loglevel: '' +matrix_bot_postmoogle_loglevel: 'INFO' # Disable encryption matrix_bot_postmoogle_noencryption: false matrix_bot_postmoogle_domain: "{{ matrix_server_fqn_matrix }}" -matrix_bot_postmoogle_port: "25" +# in-container port +matrix_bot_postmoogle_port: '2525' + +# on-host port +matrix_bot_postmoogle_smtp_host_bind_port: '25' # Additional environment variables to pass to the postmoogle container # diff --git a/roles/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 b/roles/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 index d5368603..38eb89a6 100644 --- a/roles/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 +++ b/roles/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 @@ -23,7 +23,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-postmoogle --read-only \ --network={{ matrix_docker_network }} \ --env-file={{ matrix_bot_postmoogle_config_path }}/env \ - -p {{ matrix_bot_postmoogle_port }}:{{ matrix_bot_postmoogle_port }} \ + -p {{ matrix_bot_postmoogle_smtp_host_bind_port }}:{{ matrix_bot_postmoogle_port }} \ --mount type=bind,src={{ matrix_bot_postmoogle_data_path }},dst=/data \ {% for arg in matrix_bot_postmoogle_container_extra_arguments %} {{ arg }} \ From eaf13264e6ba2752b48858a746bf3de795ff07b8 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 23 Aug 2022 14:16:07 +0300 Subject: [PATCH 204/562] Announce Postmoogle email bridge bot Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2043 --- CHANGELOG.md | 9 +++++++++ README.md | 2 +- docs/configuring-playbook-email2matrix.md | 2 +- docs/configuring-playbook.md | 2 ++ docs/container-images.md | 2 ++ 5 files changed, 15 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ffe7825e..0e094858 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,12 @@ +# 2022-08-23 + +## Postmoogle email bridge support + +Thanks to [Aine](https://gitlab.com/etke.cc) of [etke.cc](https://etke.cc/), the playbook can now set up the new [Postmoogle](https://gitlab.com/etke.cc/postmoogle) email bridge/bot. Postmoogle is like the [email2matrix bridge](https://github.com/devture/email2matrix) (also [already supported by the playbook](docs/configuring-playbook-email2matrix.md)), but more capable and with the intention to soon support *sending* emails, not just receiving. + +See our [Setting up Postmoogle email bridging](docs/configuring-playbook-bot-postmoogle.md) documentation to get started. + + # 2022-08-10 ## mautrix-whatsapp default configuration changes diff --git a/README.md b/README.md index a9f34649..221e8a85 100644 --- a/README.md +++ b/README.md @@ -113,7 +113,7 @@ Using this playbook, you can get the following services configured on your serve - (optional) [honoroit](https://gitlab.com/etke.cc/honoroit) helpdesk bot - see [docs/configuring-playbook-bot-honoroit.md](docs/configuring-playbook-bot-honoroit.md) for setup documentation -- (optional) [postmoogle](https://gitlab.com/etke.cc/postmoogle) email to matrix bot - see [docs/configuring-playbook-bot-postmoogle.md](docs/configuring-playbook-bot-postmoogle.md) for setup documentation +- (optional) [Postmoogle](https://gitlab.com/etke.cc/postmoogle) email to matrix bot - see [docs/configuring-playbook-bot-postmoogle.md](docs/configuring-playbook-bot-postmoogle.md) for setup documentation - (optional) [Go-NEB](https://github.com/matrix-org/go-neb) multi functional bot written in Go - see [docs/configuring-playbook-bot-go-neb.md](docs/configuring-playbook-bot-go-neb.md) for setup documentation diff --git a/docs/configuring-playbook-email2matrix.md b/docs/configuring-playbook-email2matrix.md index 0f1d3fb5..9bebe0e9 100644 --- a/docs/configuring-playbook-email2matrix.md +++ b/docs/configuring-playbook-email2matrix.md @@ -1,6 +1,6 @@ # Setting up Email2Matrix (optional) -**Note**: email bridging can also happen via the [postmoogle](configuring-playbook-bot-postmoogle.md) bot supported by the playbook. +**Note**: email bridging can also happen via the [Postmoogle](configuring-playbook-bot-postmoogle.md) bot supported by the playbook. The playbook can install and configure [email2matrix](https://github.com/devture/email2matrix) for you. diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 1c03a9b5..b3b44b5f 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -143,6 +143,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up Email2Matrix](configuring-playbook-email2matrix.md) (optional) +- [Setting up Postmoogle email bridging](configuring-playbook-bot-postmoogle.md) (optional) + - [Setting up Matrix SMS bridging](configuring-playbook-bridge-matrix-bridge-sms.md) (optional) - [Setting up Heisenbridge bouncer-style IRC bridging](configuring-playbook-bridge-heisenbridge.md) (optional) diff --git a/docs/container-images.md b/docs/container-images.md index 762f3752..b16babff 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -100,6 +100,8 @@ These services are not part of our default installation, but can be enabled by [ - [etke.cc/honoroit](https://gitlab.com/etke.cc/honoroit/container_registry) - the [honoroit](https://gitlab.com/etke.cc/honoroit) helpdesk bot (optional) +- [etke.cc/postmoogle](https://gitlab.com/etke.cc/postmoogle/container_registry) - the [Postmoogle](https://gitlab.com/etke.cc/postmoogle) email bridge bot (optional) + - [matrixdotorg/go-neb](https://hub.docker.com/r/matrixdotorg/go-neb) - the [Go-NEB](https://github.com/matrix-org/go-neb) bot (optional) - [matrixdotorg/mjolnir](https://hub.docker.com/r/matrixdotorg/mjolnir) - the [mjolnir](https://github.com/matrix-org/mjolnir) moderation bot (optional) From 5e08e946370cff4f230d4b002628a99b02eee0d5 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 23 Aug 2022 14:34:45 +0300 Subject: [PATCH 205/562] Fix self-building for Postmoogle Before this, it was trying to pull the `latest` git branch. Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2043 --- roles/matrix-bot-postmoogle/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index c3b363f6..5272e2f2 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -6,7 +6,7 @@ matrix_bot_postmoogle_enabled: true matrix_bot_postmoogle_container_image_self_build: false matrix_bot_postmoogle_docker_repo: "https://gitlab.com/etke.cc/postmoogle.git" -matrix_bot_postmoogle_docker_repo_version: "{{ matrix_bot_postmoogle_version }}" +matrix_bot_postmoogle_docker_repo_version: "{{ 'main' if matrix_bot_postmoogle_version == 'latest' else matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_src_files_path: "{{ matrix_base_data_path }}/postmoogle/docker-src" matrix_bot_postmoogle_version: latest From 241bd4785fc331d84669e77afa284faffe70c88e Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 23 Aug 2022 14:25:11 +0000 Subject: [PATCH 206/562] Update Honoroit 0.9.12 -> 0.9.13 --- roles/matrix-bot-honoroit/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-honoroit/defaults/main.yml b/roles/matrix-bot-honoroit/defaults/main.yml index fe0b0981..7a3e0d19 100644 --- a/roles/matrix-bot-honoroit/defaults/main.yml +++ b/roles/matrix-bot-honoroit/defaults/main.yml @@ -9,7 +9,7 @@ matrix_bot_honoroit_docker_repo: "https://gitlab.com/etke.cc/honoroit.git" matrix_bot_honoroit_docker_repo_version: "{{ matrix_bot_honoroit_version }}" matrix_bot_honoroit_docker_src_files_path: "{{ matrix_base_data_path }}/honoroit/docker-src" -matrix_bot_honoroit_version: v0.9.12 +matrix_bot_honoroit_version: v0.9.13 matrix_bot_honoroit_docker_image: "{{ matrix_bot_honoroit_docker_image_name_prefix }}honoroit:{{ matrix_bot_honoroit_version }}" matrix_bot_honoroit_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_honoroit_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" matrix_bot_honoroit_docker_image_force_pull: "{{ matrix_bot_honoroit_docker_image.endswith(':latest') }}" From 9bd5376e03403c3645d630654413e20db189ee21 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 23 Aug 2022 14:26:03 +0000 Subject: [PATCH 207/562] Update Buscarron 1.2.0 -> 1.2.1 --- roles/matrix-bot-buscarron/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-buscarron/defaults/main.yml b/roles/matrix-bot-buscarron/defaults/main.yml index 6d289bb9..648d5344 100644 --- a/roles/matrix-bot-buscarron/defaults/main.yml +++ b/roles/matrix-bot-buscarron/defaults/main.yml @@ -9,7 +9,7 @@ matrix_bot_buscarron_docker_repo: "https://gitlab.com/etke.cc/buscarron.git" matrix_bot_buscarron_docker_repo_version: "{{ matrix_bot_buscarron_version }}" matrix_bot_buscarron_docker_src_files_path: "{{ matrix_base_data_path }}/buscarron/docker-src" -matrix_bot_buscarron_version: v1.2.0 +matrix_bot_buscarron_version: v1.2.1 matrix_bot_buscarron_docker_image: "{{ matrix_bot_buscarron_docker_image_name_prefix }}buscarron:{{ matrix_bot_buscarron_version }}" matrix_bot_buscarron_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_buscarron_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" matrix_bot_buscarron_docker_image_force_pull: "{{ matrix_bot_buscarron_docker_image.endswith(':latest') }}" From 4f3e4dad14e92329dd15023e2aa121f46b399fbe Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 23 Aug 2022 20:46:31 +0000 Subject: [PATCH 208/562] Update mautrix-twitter 0.1.4 -> 0.1.5 --- roles/matrix-bridge-mautrix-twitter/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-twitter/defaults/main.yml b/roles/matrix-bridge-mautrix-twitter/defaults/main.yml index 29999c45..684b889a 100644 --- a/roles/matrix-bridge-mautrix-twitter/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-twitter/defaults/main.yml @@ -8,7 +8,7 @@ matrix_mautrix_twitter_container_image_self_build: false matrix_mautrix_twitter_container_image_self_build_repo: "https://github.com/mautrix/twitter.git" matrix_mautrix_twitter_container_image_self_build_repo_version: "{{ 'master' if matrix_mautrix_twitter_version == 'latest' else matrix_mautrix_twitter_version }}" -matrix_mautrix_twitter_version: v0.1.4 +matrix_mautrix_twitter_version: v0.1.5 # See: https://mau.dev/tulir/mautrix-twitter/container_registry matrix_mautrix_twitter_docker_image: "{{ matrix_mautrix_twitter_docker_image_name_prefix }}mautrix/twitter:{{ matrix_mautrix_twitter_version }}" matrix_mautrix_twitter_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_twitter_container_image_self_build else 'dock.mau.dev/' }}" From fe6b7493126ef3fd8ce21495381932ff2ebeac9b Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 23 Aug 2022 20:47:25 +0000 Subject: [PATCH 209/562] Update grafana 9.1.0 -> 9.1.1 --- roles/matrix-grafana/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index 4782c662..6ef4cb6a 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -5,7 +5,7 @@ matrix_grafana_enabled: false -matrix_grafana_version: 9.1.0 +matrix_grafana_version: 9.1.1 matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}" matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}" From 3f8cb96a1863bb4288147e37f136ca8afa13e371 Mon Sep 17 00:00:00 2001 From: Shaleen Jain Date: Tue, 23 Aug 2022 16:12:09 +0000 Subject: [PATCH 210/562] dendrite: fix user-registration command --- .../usr-local-bin/matrix-dendrite-create-account.j2 | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/templates/dendrite/usr-local-bin/matrix-dendrite-create-account.j2 b/roles/matrix-dendrite/templates/dendrite/usr-local-bin/matrix-dendrite-create-account.j2 index 5332b964..7505566a 100644 --- a/roles/matrix-dendrite/templates/dendrite/usr-local-bin/matrix-dendrite-create-account.j2 +++ b/roles/matrix-dendrite/templates/dendrite/usr-local-bin/matrix-dendrite-create-account.j2 @@ -8,5 +8,10 @@ fi user=$1 password=$2 +admin=$3 -docker exec matrix-dendrite create-account -config /data/dendrite.yaml -username "$user" -password "$password" +if [ "$admin" -eq "1" ]; then + docker exec matrix-dendrite create-account -config /data/dendrite.yaml -username "$user" -password "$password" -admin -url http://localhost:{{ matrix_dendrite_http_bind_port }} +else + docker exec matrix-dendrite create-account -config /data/dendrite.yaml -username "$user" -password "$password" -url http://localhost:{{ matrix_dendrite_http_bind_port }} +fi From 3ff56bff1deb0ce048d8b4919afbd3fb2ffd28d2 Mon Sep 17 00:00:00 2001 From: Shaleen Jain Date: Tue, 23 Aug 2022 21:41:59 +0000 Subject: [PATCH 211/562] dendrite: disabled registration by default --- roles/matrix-dendrite/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml index b2697858..90eedb91 100644 --- a/roles/matrix-dendrite/defaults/main.yml +++ b/roles/matrix-dendrite/defaults/main.yml @@ -83,7 +83,7 @@ matrix_dendrite_rate_limiting_threshold: 5 matrix_dendrite_rate_limiting_cooloff_ms: 500 # Controls whether people with access to the homeserver can register by themselves. -matrix_dendrite_registration_disabled: false +matrix_dendrite_registration_disabled: true # reCAPTCHA API for validating registration attempts matrix_dendrite_enable_registration_captcha: false From 3ffd1638a0b0e45758f86e3d6f4d4366595fc339 Mon Sep 17 00:00:00 2001 From: Vincent Post Date: Tue, 23 Aug 2022 23:55:43 +0200 Subject: [PATCH 212/562] feat(telegram-bridge): add variable to enable encryption support --- .../defaults/main.yml | 5 +++ .../templates/config.yaml.j2 | 32 ++++++++++--------- 2 files changed, 22 insertions(+), 15 deletions(-) diff --git a/roles/matrix-bridge-mautrix-telegram/defaults/main.yml b/roles/matrix-bridge-mautrix-telegram/defaults/main.yml index 5c3c88fb..79c9b7e5 100644 --- a/roles/matrix-bridge-mautrix-telegram/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-telegram/defaults/main.yml @@ -156,3 +156,8 @@ matrix_mautrix_telegram_registration: "{{ matrix_mautrix_telegram_registration_y matrix_mautrix_telegram_username_template: 'telegram_{userid}' matrix_mautrix_telegram_alias_template: 'telegram_{groupname}' matrix_mautrix_telegram_displayname_template: '{displayname} (Telegram)' + +# Enable End-to-bridge encryption +matrix_mautrix_telegram_bridge_encryption_allow: false +matrix_mautrix_telegram_bridge_encryption_default: "{{ matrix_mautrix_telegram_bridge_encryption_allow }}" +matrix_mautrix_telegram_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_telegram_bridge_encryption_allow }}" diff --git a/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 index 3a7ab7f1..d50be47d 100644 --- a/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 @@ -176,27 +176,29 @@ bridge: height: 256 background: "020202" # only for gif fps: 30 # only for webm - # End-to-bridge encryption support options. These require matrix-nio to be installed with pip - # and login_shared_secret to be configured in order to get a device for the bridge bot. + # End-to-bridge encryption support options. # - # Additionally, https://github.com/matrix-org/synapse/pull/5758 is required if using a normal - # application service. + # See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info. encryption: # Allow encryption, work in group chat rooms with e2ee enabled - allow: false + allow: {{ matrix_mautrix_telegram_bridge_encryption_allow|to_json }} # Default to encryption, force-enable encryption in all portals the bridge creates # This will cause the bridge bot to be in private chats for the encryption to work properly. - default: false - # Database for the encryption data. Currently only supports Postgres and an in-memory - # store that's persisted as a pickle. - # If set to `default`, will use the appservice postgres database - # or a pickle file if the appservice database is sqlite. - # - # Format examples: - # Pickle: pickle:///filename.pickle - # Postgres: postgres://username:password@hostname/dbname + default: {{ matrix_mautrix_telegram_bridge_encryption_default|to_json }} + # Database for the encryption data. If set to `default`, will use the appservice database. database: default - + # Options for automatic key sharing. + key_sharing: + # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. + # You must use a client that supports requesting keys from other users to use this feature. + allow: {{ matrix_mautrix_telegram_bridge_encryption_key_sharing_allow|to_json }} + # Require the requesting device to have a valid cross-signing signature? + # This doesn't require that the bridge has verified the device, only that the user has verified it. + # Not yet implemented. + require_cross_signing: false + # Require devices to be verified by the bridge? + # Verification by the bridge is not yet implemented. + require_verification: true # Whether or not to explicitly set the avatar and room name for private # chat portal rooms. This will be implicitly enabled if encryption.default is true. private_chat_portal_meta: false From d7ed672f7f3e7e43569af83ccb0b17e0788cce2d Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 24 Aug 2022 06:59:08 +0300 Subject: [PATCH 213/562] Fix matrix-dendrite-create-account usage help --- .../dendrite/usr-local-bin/matrix-dendrite-create-account.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/templates/dendrite/usr-local-bin/matrix-dendrite-create-account.j2 b/roles/matrix-dendrite/templates/dendrite/usr-local-bin/matrix-dendrite-create-account.j2 index 7505566a..507c7012 100644 --- a/roles/matrix-dendrite/templates/dendrite/usr-local-bin/matrix-dendrite-create-account.j2 +++ b/roles/matrix-dendrite/templates/dendrite/usr-local-bin/matrix-dendrite-create-account.j2 @@ -2,7 +2,7 @@ #!/bin/bash if [ $# -ne 2 ]; then - echo "Usage: "$0" " + echo "Usage: "$0" " exit 1 fi From f674afe5e8d7d4df50ae9f92439f0818c8086a0d Mon Sep 17 00:00:00 2001 From: Shaleen Jain Date: Wed, 24 Aug 2022 11:08:12 +0530 Subject: [PATCH 214/562] appservice: add and use homeserver_container_* vars (#2045) * appservice: add and use matrix_homeserver_* vars * appservice: use the new vars * Apply suggestions from code review Co-authored-by: Slavi Pantaleev Co-authored-by: Slavi Pantaleev --- group_vars/matrix_servers | 6 +++++ roles/matrix-base/vars/main.yml | 3 +++ .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../matrix-bridge-heisenbridge/tasks/init.yml | 8 +++---- roles/matrix-bridge-hookshot/tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- roles/matrix-bridge-sms/tasks/init.yml | 8 +++---- roles/matrix-dendrite/defaults/main.yml | 22 +++++++++++++++++++ .../templates/dendrite/dendrite.yaml.j2 | 2 +- .../systemd/matrix-dendrite.service.j2 | 2 +- roles/matrix-synapse/defaults/main.yml | 22 +++++++++++++++++++ .../templates/synapse/homeserver.yaml.j2 | 2 +- .../systemd/matrix-synapse-worker.service.j2 | 2 +- .../synapse/systemd/matrix-synapse.service.j2 | 2 +- 34 files changed, 158 insertions(+), 105 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index fc67e761..2ac8cc29 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -2331,6 +2331,9 @@ matrix_synapse_redis_enabled: "{{ matrix_redis_enabled }}" matrix_synapse_redis_host: "{{ 'matrix-redis' if matrix_redis_enabled else '' }}" matrix_synapse_redis_password: "{{ matrix_redis_connection_password if matrix_redis_enabled else '' }}" +matrix_synapse_container_runtime_injected_arguments: "{{ matrix_homeserver_container_runtime_injected_arguments }}" +matrix_synapse_app_service_runtime_injected_config_files: "{{ matrix_homeserver_app_service_runtime_injected_config_files }}" + ###################################################################### # # /matrix-synapse @@ -2596,6 +2599,9 @@ matrix_dendrite_systemd_wanted_services_list: | (['matrix-coturn.service'] if matrix_coturn_enabled else []) }} +matrix_dendrite_container_runtime_injected_arguments: "{{ matrix_homeserver_container_runtime_injected_arguments }}" +matrix_dendrite_app_service_runtime_injected_config_files: "{{ matrix_homeserver_app_service_runtime_injected_config_files }}" + ###################################################################### # # /matrix-dendrite diff --git a/roles/matrix-base/vars/main.yml b/roles/matrix-base/vars/main.yml index 28ac226a..3578666f 100644 --- a/roles/matrix-base/vars/main.yml +++ b/roles/matrix-base/vars/main.yml @@ -2,3 +2,6 @@ # This will contain a list of enabled services that the playbook is managing. # Each component is expected to append its service name to this list. matrix_systemd_services_list: [] + +matrix_homeserver_container_runtime_injected_arguments: [] +matrix_homeserver_app_service_runtime_injected_config_files: [] diff --git a/roles/matrix-bridge-appservice-discord/tasks/init.yml b/roles/matrix-bridge-appservice-discord/tasks/init.yml index b9d875da..915d7302 100644 --- a/roles/matrix-bridge-appservice-discord/tasks/init.yml +++ b/roles/matrix-bridge-appservice-discord/tasks/init.yml @@ -13,16 +13,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_appservice_discord_config_path }}/registration.yaml,dst=/matrix-appservice-discord-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-appservice-discord-registration.yaml"] }} diff --git a/roles/matrix-bridge-appservice-irc/tasks/init.yml b/roles/matrix-bridge-appservice-irc/tasks/init.yml index 9713e9b7..03127127 100644 --- a/roles/matrix-bridge-appservice-irc/tasks/init.yml +++ b/roles/matrix-bridge-appservice-irc/tasks/init.yml @@ -20,16 +20,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_appservice_irc_config_path }}/registration.yaml,dst=/matrix-appservice-irc-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-appservice-irc-registration.yaml"] }} diff --git a/roles/matrix-bridge-appservice-kakaotalk/tasks/init.yml b/roles/matrix-bridge-appservice-kakaotalk/tasks/init.yml index c2679b35..6112b5cc 100644 --- a/roles/matrix-bridge-appservice-kakaotalk/tasks/init.yml +++ b/roles/matrix-bridge-appservice-kakaotalk/tasks/init.yml @@ -12,16 +12,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_appservice_kakaotalk_config_path }}/registration.yaml,dst=/matrix-appservice-kakaotalk-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-appservice-kakaotalk-registration.yaml"] }} diff --git a/roles/matrix-bridge-appservice-slack/tasks/init.yml b/roles/matrix-bridge-appservice-slack/tasks/init.yml index e11125ed..023b4288 100644 --- a/roles/matrix-bridge-appservice-slack/tasks/init.yml +++ b/roles/matrix-bridge-appservice-slack/tasks/init.yml @@ -20,16 +20,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_appservice_slack_config_path }}/slack-registration.yaml,dst=/matrix-appservice-slack-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-appservice-slack-registration.yaml"] }} diff --git a/roles/matrix-bridge-appservice-webhooks/tasks/init.yml b/roles/matrix-bridge-appservice-webhooks/tasks/init.yml index 8a12a686..7cb2cfd6 100644 --- a/roles/matrix-bridge-appservice-webhooks/tasks/init.yml +++ b/roles/matrix-bridge-appservice-webhooks/tasks/init.yml @@ -13,16 +13,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_appservice_webhooks_config_path }}/webhooks-registration.yaml,dst=/matrix-appservice-webhooks-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-appservice-webhooks-registration.yaml"] }} diff --git a/roles/matrix-bridge-beeper-linkedin/tasks/init.yml b/roles/matrix-bridge-beeper-linkedin/tasks/init.yml index 14137b70..1208f185 100644 --- a/roles/matrix-bridge-beeper-linkedin/tasks/init.yml +++ b/roles/matrix-bridge-beeper-linkedin/tasks/init.yml @@ -6,16 +6,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_beeper_linkedin_config_path }}/registration.yaml,dst=/matrix-beeper-linkedin-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-beeper-linkedin-registration.yaml"] }} diff --git a/roles/matrix-bridge-go-skype-bridge/tasks/init.yml b/roles/matrix-bridge-go-skype-bridge/tasks/init.yml index 9b826556..58808454 100644 --- a/roles/matrix-bridge-go-skype-bridge/tasks/init.yml +++ b/roles/matrix-bridge-go-skype-bridge/tasks/init.yml @@ -5,16 +5,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_go_skype_bridge_config_path }}/registration.yaml,dst=/matrix-go-skype-bridge-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-go-skype-bridge-registration.yaml"] }} diff --git a/roles/matrix-bridge-heisenbridge/tasks/init.yml b/roles/matrix-bridge-heisenbridge/tasks/init.yml index 1612a505..dd3d4c7d 100644 --- a/roles/matrix-bridge-heisenbridge/tasks/init.yml +++ b/roles/matrix-bridge-heisenbridge/tasks/init.yml @@ -13,16 +13,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_heisenbridge_base_path }}/registration.yaml,dst=/heisenbridge-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/heisenbridge-registration.yaml"] }} diff --git a/roles/matrix-bridge-hookshot/tasks/init.yml b/roles/matrix-bridge-hookshot/tasks/init.yml index f8a1e76c..e6cd1209 100644 --- a/roles/matrix-bridge-hookshot/tasks/init.yml +++ b/roles/matrix-bridge-hookshot/tasks/init.yml @@ -13,16 +13,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_hookshot_base_path }}/registration.yml,dst=/hookshot-registration.yml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/hookshot-registration.yml"] }} diff --git a/roles/matrix-bridge-mautrix-discord/tasks/init.yml b/roles/matrix-bridge-mautrix-discord/tasks/init.yml index 30baf017..3f94a73a 100644 --- a/roles/matrix-bridge-mautrix-discord/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-discord/tasks/init.yml @@ -5,16 +5,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_mautrix_discord_config_path }}/registration.yaml,dst=/matrix-mautrix-discord-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-mautrix-discord-registration.yaml"] }} diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/init.yml b/roles/matrix-bridge-mautrix-facebook/tasks/init.yml index c5eb58be..5252af82 100644 --- a/roles/matrix-bridge-mautrix-facebook/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-facebook/tasks/init.yml @@ -12,16 +12,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_mautrix_facebook_config_path }}/registration.yaml,dst=/matrix-mautrix-facebook-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-mautrix-facebook-registration.yaml"] }} diff --git a/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml b/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml index 7f846526..2c5bdc10 100644 --- a/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml @@ -12,16 +12,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_mautrix_googlechat_config_path }}/registration.yaml,dst=/matrix-mautrix-googlechat-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-mautrix-googlechat-registration.yaml"] }} diff --git a/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml b/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml index 8ad9bc02..39b88edb 100644 --- a/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml @@ -12,16 +12,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_mautrix_hangouts_config_path }}/registration.yaml,dst=/matrix-mautrix-hangouts-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-mautrix-hangouts-registration.yaml"] }} diff --git a/roles/matrix-bridge-mautrix-instagram/tasks/init.yml b/roles/matrix-bridge-mautrix-instagram/tasks/init.yml index 5a78afed..7ef037e3 100644 --- a/roles/matrix-bridge-mautrix-instagram/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-instagram/tasks/init.yml @@ -12,16 +12,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_mautrix_instagram_config_path }}/registration.yaml,dst=/matrix-mautrix-instagram-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-mautrix-instagram-registration.yaml"] }} diff --git a/roles/matrix-bridge-mautrix-signal/tasks/init.yml b/roles/matrix-bridge-mautrix-signal/tasks/init.yml index c96fe596..17ad98a4 100644 --- a/roles/matrix-bridge-mautrix-signal/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-signal/tasks/init.yml @@ -6,16 +6,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_mautrix_signal_config_path }}/registration.yaml,dst=/matrix-mautrix-signal-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-mautrix-signal-registration.yaml"] }} diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/init.yml b/roles/matrix-bridge-mautrix-telegram/tasks/init.yml index fac5a86c..f9b3bb1c 100644 --- a/roles/matrix-bridge-mautrix-telegram/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-telegram/tasks/init.yml @@ -12,16 +12,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_mautrix_telegram_config_path }}/registration.yaml,dst=/matrix-mautrix-telegram-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-mautrix-telegram-registration.yaml"] }} diff --git a/roles/matrix-bridge-mautrix-twitter/tasks/init.yml b/roles/matrix-bridge-mautrix-twitter/tasks/init.yml index 75a60ffa..67f0a7dc 100644 --- a/roles/matrix-bridge-mautrix-twitter/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-twitter/tasks/init.yml @@ -6,16 +6,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_mautrix_twitter_config_path }}/registration.yaml,dst=/matrix-mautrix-twitter-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-mautrix-twitter-registration.yaml"] }} diff --git a/roles/matrix-bridge-mautrix-whatsapp/tasks/init.yml b/roles/matrix-bridge-mautrix-whatsapp/tasks/init.yml index ab10a530..7907c73d 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-whatsapp/tasks/init.yml @@ -5,16 +5,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_mautrix_whatsapp_config_path }}/registration.yaml,dst=/matrix-mautrix-whatsapp-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-mautrix-whatsapp-registration.yaml"] }} diff --git a/roles/matrix-bridge-mx-puppet-discord/tasks/init.yml b/roles/matrix-bridge-mx-puppet-discord/tasks/init.yml index 9fbba3c8..9e2a937f 100644 --- a/roles/matrix-bridge-mx-puppet-discord/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-discord/tasks/init.yml @@ -12,16 +12,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_mx_puppet_discord_config_path }}/registration.yaml,dst=/matrix-mx-puppet-discord-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-mx-puppet-discord-registration.yaml"] }} diff --git a/roles/matrix-bridge-mx-puppet-groupme/tasks/init.yml b/roles/matrix-bridge-mx-puppet-groupme/tasks/init.yml index 1a06b09e..76d184dd 100644 --- a/roles/matrix-bridge-mx-puppet-groupme/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-groupme/tasks/init.yml @@ -12,16 +12,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_mx_puppet_groupme_config_path }}/registration.yaml,dst=/matrix-mx-puppet-groupme-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-mx-puppet-groupme-registration.yaml"] }} diff --git a/roles/matrix-bridge-mx-puppet-instagram/tasks/init.yml b/roles/matrix-bridge-mx-puppet-instagram/tasks/init.yml index 850c6859..741c32c0 100644 --- a/roles/matrix-bridge-mx-puppet-instagram/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-instagram/tasks/init.yml @@ -12,16 +12,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_mx_puppet_instagram_config_path }}/registration.yaml,dst=/matrix-mx-puppet-instagram-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-mx-puppet-instagram-registration.yaml"] }} diff --git a/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml b/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml index 2213df55..506a271d 100644 --- a/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml @@ -12,16 +12,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_mx_puppet_slack_config_path }}/registration.yaml,dst=/matrix-mx-puppet-slack-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-mx-puppet-slack-registration.yaml"] }} diff --git a/roles/matrix-bridge-mx-puppet-steam/tasks/init.yml b/roles/matrix-bridge-mx-puppet-steam/tasks/init.yml index fb3257b2..5f9a5a83 100644 --- a/roles/matrix-bridge-mx-puppet-steam/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-steam/tasks/init.yml @@ -12,16 +12,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_mx_puppet_steam_config_path }}/registration.yaml,dst=/matrix-mx-puppet-steam-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-mx-puppet-steam-registration.yaml"] }} diff --git a/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml b/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml index d6e65964..444491ea 100644 --- a/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml @@ -12,16 +12,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_mx_puppet_twitter_config_path }}/registration.yaml,dst=/matrix-mx-puppet-twitter-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-mx-puppet-twitter-registration.yaml"] }} diff --git a/roles/matrix-bridge-sms/tasks/init.yml b/roles/matrix-bridge-sms/tasks/init.yml index 85684b81..3c044c15 100644 --- a/roles/matrix-bridge-sms/tasks/init.yml +++ b/roles/matrix-bridge-sms/tasks/init.yml @@ -14,16 +14,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_sms_bridge_config_path }}/registration.yaml,dst=/matrix-sms-bridge-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-sms-bridge-registration.yaml"] }} diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml index 90eedb91..52c9680f 100644 --- a/roles/matrix-dendrite/defaults/main.yml +++ b/roles/matrix-dendrite/defaults/main.yml @@ -43,8 +43,19 @@ matrix_dendrite_container_http_host_bind_address: "" matrix_dendrite_container_https_host_bind_address: "" # A list of extra arguments to pass to the container (`docker run` command) +# Also see `matrix_dendrite_container_arguments` matrix_dendrite_container_extra_arguments: [] +# matrix_dendrite_container_runtime_injected_arguments is a list of extra arguments to pass to the container. +# This list is built during runtime. You're not meant to override this variable. +# If you'd like to inject your own arguments, see `matrix_dendrite_container_extra_arguments`. +matrix_dendrite_container_runtime_injected_arguments: [] + +# matrix_dendrite_container_arguments holds the final list of extra arguments to pass to the container. +# You're not meant to override this variable. +# If you'd like to inject your own arguments, see `matrix_dendrite_container_extra_arguments`. +matrix_dendrite_container_arguments: "{{ matrix_dendrite_container_extra_arguments + matrix_dendrite_container_runtime_injected_arguments }}" + # A list of extra arguments to pass to the container process (`dendrite-monolith` command) # Example: # matrix_dendrite_process_extra_arguments: @@ -104,8 +115,19 @@ matrix_dendrite_container_additional_volumes: [] # A list of appservice config files (in-container filesystem paths). # This list gets populated dynamically based on Dendrite extensions that have been enabled. # You may wish to use this together with `matrix_dendrite_container_additional_volumes` or `matrix_dendrite_container_extra_arguments`. +# Also see `matrix_dendrite_app_service_config_files_final` matrix_dendrite_app_service_config_files: [] +# matrix_dendrite_app_service_runtime_injected_config_files is a list of appservice config files. +# This list is built during runtime. You're not meant to override this variable. +# If you'd like to inject your own arguments, see `matrix_dendrite_app_service_config_files`. +matrix_dendrite_app_service_runtime_injected_config_files: [] + +# matrix_dendrite_app_service_config_files_final holds the final list of config files to pass to the container. +# You're not meant to override this variable. +# If you'd like to inject your own arguments, see `matrix_dendrite_app_service_config_files`. +matrix_dendrite_app_service_config_files_final: "{{ matrix_dendrite_app_service_config_files + matrix_dendrite_app_service_runtime_injected_config_files }}" + # Enable exposure of metrics matrix_dendrite_metrics_enabled: false matrix_dendrite_metrics_username: "metrics" diff --git a/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 b/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 index 62f8caba..20131c10 100644 --- a/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 +++ b/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 @@ -145,7 +145,7 @@ app_service_api: disable_tls_validation: {{ matrix_dendrite_disable_tls_validation|to_json }} # Appservice configuration files to load into this homeserver. - config_files: {{ matrix_dendrite_app_service_config_files|to_json }} + config_files: {{ matrix_dendrite_app_service_config_files_final|to_json }} # Configuration for the Client API. client_api: diff --git a/roles/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 b/roles/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 index 0613f443..69eca497 100644 --- a/roles/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 +++ b/roles/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 @@ -41,7 +41,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-dendrite \ {% for volume in matrix_dendrite_container_additional_volumes %} -v {{ volume.src }}:{{ volume.dst }}:{{ volume.options }} \ {% endfor %} - {% for arg in matrix_dendrite_container_extra_arguments %} + {% for arg in matrix_dendrite_container_arguments %} {{ arg }} \ {% endfor %} {{ matrix_dendrite_docker_image }} \ diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 3526cd15..6d204b17 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -61,8 +61,19 @@ matrix_synapse_container_metrics_api_host_bind_port: '' matrix_synapse_container_manhole_api_host_bind_port: '' # A list of extra arguments to pass to the container +# Also see `matrix_synapse_container_arguments` matrix_synapse_container_extra_arguments: [] +# matrix_synapse_container_runtime_injected_arguments is a list of extra arguments to pass to the container. +# This list is built during runtime. You're not meant to override this variable. +# If you'd like to inject your own arguments, see `matrix_synapse_container_extra_arguments`. +matrix_synapse_container_runtime_injected_arguments: [] + +# matrix_synapse_container_arguments holds the final list of extra arguments to pass to the container. +# You're not meant to override this variable. +# If you'd like to inject your own arguments, see `matrix_synapse_container_extra_arguments`. +matrix_synapse_container_arguments: "{{ matrix_synapse_container_extra_arguments + matrix_synapse_container_runtime_injected_arguments }}" + # List of systemd services that matrix-synapse.service depends on matrix_synapse_systemd_required_services_list: ['docker.service'] @@ -324,8 +335,19 @@ matrix_synapse_additional_loggers: [] # A list of appservice config files (in-container filesystem paths). # This list gets populated dynamically based on Synapse extensions that have been enabled. # You may wish to use this together with `matrix_synapse_container_additional_volumes` or `matrix_synapse_container_extra_arguments`. +# Also see `matrix_synapse_app_service_config_files_final` matrix_synapse_app_service_config_files: [] +# matrix_synapse_app_service_runtime_injected_config_files is a list of appservice config files. +# This list is built during runtime. You're not meant to override this variable. +# If you'd like to inject your own arguments, see `matrix_synapse_app_service_config_files`. +matrix_synapse_app_service_runtime_injected_config_files: [] + +# matrix_synapse_app_service_config_files_final holds the final list of config files to pass to the container. +# You're not meant to override this variable. +# If you'd like to inject your own arguments, see `matrix_synapse_app_service_config_files`. +matrix_synapse_app_service_config_files_final: "{{ matrix_synapse_app_service_config_files + matrix_synapse_app_service_runtime_injected_config_files }}" + # This is set dynamically during execution depending on whether # any password providers have been enabled or not. matrix_synapse_password_providers_enabled: false diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 index cb9b8585..07c5ec89 100644 --- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -1647,7 +1647,7 @@ room_prejoin_state: # A list of application service config files to use # -app_service_config_files: {{ matrix_synapse_app_service_config_files|to_json }} +app_service_config_files: {{ matrix_synapse_app_service_config_files_final|to_json }} # Uncomment to enable tracking of application service IP addresses. Implicitly # enables MAU tracking for application service users. diff --git a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 index 43dc42d1..c7ef13fa 100644 --- a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 +++ b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 @@ -39,7 +39,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name {{ matrix_synapse_wor {% for volume in matrix_synapse_container_additional_volumes %} -v {{ volume.src }}:{{ volume.dst }}:{{ volume.options }} \ {% endfor %} - {% for arg in matrix_synapse_container_extra_arguments %} + {% for arg in matrix_synapse_container_arguments %} {{ arg }} \ {% endfor %} {{ matrix_synapse_docker_image }} \ diff --git a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 index 2b59748f..027114fb 100644 --- a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 +++ b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 @@ -57,7 +57,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-synapse \ {% for volume in matrix_synapse_container_additional_volumes %} -v {{ volume.src }}:{{ volume.dst }}:{{ volume.options }} \ {% endfor %} - {% for arg in matrix_synapse_container_extra_arguments %} + {% for arg in matrix_synapse_container_arguments %} {{ arg }} \ {% endfor %} {{ matrix_synapse_docker_image }} \ From b196e157966237f8fd4cc6792a87948208727d03 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 24 Aug 2022 17:08:53 +0300 Subject: [PATCH 215/562] Fix incorrectly named module arguments (ansible.builtin.group -> group) Regression since the mass-replace in 34cdaade0. Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2054 --- roles/matrix-client-element/tasks/setup_install.yml | 2 +- roles/matrix-synapse/tasks/import_media_store.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-client-element/tasks/setup_install.yml b/roles/matrix-client-element/tasks/setup_install.yml index 5fa34fa6..b21da064 100644 --- a/roles/matrix-client-element/tasks/setup_install.yml +++ b/roles/matrix-client-element/tasks/setup_install.yml @@ -45,7 +45,7 @@ line: '\1splitChunks: { maxSize: 100000,' backrefs: true owner: root - ansible.builtin.group: root + group: root mode: '0644' when: "matrix_client_element_container_image_self_build | bool and matrix_client_element_container_image_self_build_low_memory_system_patch_enabled | bool" diff --git a/roles/matrix-synapse/tasks/import_media_store.yml b/roles/matrix-synapse/tasks/import_media_store.yml index 133debe3..36ab9779 100644 --- a/roles/matrix-synapse/tasks/import_media_store.yml +++ b/roles/matrix-synapse/tasks/import_media_store.yml @@ -57,7 +57,7 @@ delete: true # It's wasteful to preserve owner/group now. We chown below anyway. owner: false - ansible.builtin.group: false + group: false times: true delegate_to: "{{ inventory_hostname }}" From c558e0ad02cf648d7c627760b0a6bf4855b41f5b Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 25 Aug 2022 17:21:27 +0300 Subject: [PATCH 216/562] Upgrade Dendrite (v0.9.4 -> v0.9.5) --- roles/matrix-dendrite/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml index 52c9680f..50336a11 100644 --- a/roles/matrix-dendrite/defaults/main.yml +++ b/roles/matrix-dendrite/defaults/main.yml @@ -6,7 +6,7 @@ matrix_dendrite_enabled: true matrix_dendrite_docker_image: "{{ matrix_dendrite_docker_image_name_prefix }}matrixdotorg/dendrite-monolith:{{ matrix_dendrite_docker_image_tag }}" matrix_dendrite_docker_image_name_prefix: "docker.io/" -matrix_dendrite_docker_image_tag: "v0.9.4" +matrix_dendrite_docker_image_tag: "v0.9.5" matrix_dendrite_docker_image_force_pull: "{{ matrix_dendrite_docker_image.endswith(':latest') }}" matrix_dendrite_base_path: "{{ matrix_base_data_path }}/dendrite" From d0c0a204bc521a44520263252fe57ae3bfc8b016 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 26 Aug 2022 07:29:50 +0300 Subject: [PATCH 217/562] Fix --tags=register-user for Dendrite Regression since 3f8cb96a1863 - https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2048 Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2057 --- roles/matrix-dendrite/tasks/register_user.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/tasks/register_user.yml b/roles/matrix-dendrite/tasks/register_user.yml index e1b97482..d37e633b 100644 --- a/roles/matrix-dendrite/tasks/register_user.yml +++ b/roles/matrix-dendrite/tasks/register_user.yml @@ -9,6 +9,11 @@ msg: "The `password` variable needs to be provided to this playbook, via --extra-vars" when: "password is not defined or password == ''" +- name: Fail if playbook called incorrectly + ansible.builtin.fail: + msg: "The `admin` variable needs to be provided to this playbook, via --extra-vars" + when: "admin is not defined or admin not in ['yes', 'no']" + - name: Ensure matrix-dendrite is started ansible.builtin.service: name: matrix-dendrite @@ -23,6 +28,6 @@ - name: Register user ansible.builtin.command: - cmd: "{{ matrix_local_bin_path }}/matrix-dendrite-create-account {{ username | quote }} {{ password | quote }}" + cmd: "{{ matrix_local_bin_path }}/matrix-dendrite-create-account {{ username | quote }} {{ password | quote }} {{ '1' if admin == 'yes' else '0' }}" register: matrix_dendrite_register_user_result changed_when: matrix_dendrite_register_user_result.rc == 0 From 9f0f21cf30b1dc2ef34ae4751dd1c0abb9797b48 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 26 Aug 2022 12:21:38 +0300 Subject: [PATCH 218/562] Pass --no-update to mautrix-discord Possibly fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2060 --- .../templates/systemd/matrix-mautrix-discord.service.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 b/roles/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 index 788cd012..3651840e 100644 --- a/roles/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 +++ b/roles/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 @@ -31,7 +31,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-discor {{ arg }} \ {% endfor %} {{ matrix_mautrix_discord_docker_image }} \ - /usr/bin/mautrix-discord -c /config/config.yaml -r /config/registration.yaml + /usr/bin/mautrix-discord -c /config/config.yaml -r /config/registration.yaml --no-update ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-discord 2>/dev/null || true' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-discord 2>/dev/null || true' From d2769d6bca4ed0b4d118907fddf64bd27c27f7d4 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Fri, 26 Aug 2022 13:47:44 +0000 Subject: [PATCH 219/562] Update mautrix-telegram: 0.11.3 -> 0.12.0 --- roles/matrix-bridge-mautrix-telegram/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-telegram/defaults/main.yml b/roles/matrix-bridge-mautrix-telegram/defaults/main.yml index 79c9b7e5..f540ba2d 100644 --- a/roles/matrix-bridge-mautrix-telegram/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-telegram/defaults/main.yml @@ -16,7 +16,7 @@ matrix_mautrix_telegram_docker_repo: "https://mau.dev/mautrix/telegram.git" matrix_mautrix_telegram_docker_repo_version: "{{ 'master' if matrix_mautrix_telegram_version == 'latest' else matrix_mautrix_telegram_version }}" matrix_mautrix_telegram_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-telegram/docker-src" -matrix_mautrix_telegram_version: v0.11.3 +matrix_mautrix_telegram_version: v0.12.0 # See: https://mau.dev/mautrix/telegram/container_registry matrix_mautrix_telegram_docker_image: "dock.mau.dev/mautrix/telegram:{{ matrix_mautrix_telegram_version }}" matrix_mautrix_telegram_docker_image_force_pull: "{{ matrix_mautrix_telegram_docker_image.endswith(':latest') }}" From ee892c7cf7880112723294a0e9844561dc481a34 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Fri, 26 Aug 2022 13:48:30 +0000 Subject: [PATCH 220/562] Update Jitsi stable-7648-3 -> stable-7648-4 --- roles/matrix-jitsi/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-jitsi/defaults/main.yml b/roles/matrix-jitsi/defaults/main.yml index d94c62f4..9c31a660 100644 --- a/roles/matrix-jitsi/defaults/main.yml +++ b/roles/matrix-jitsi/defaults/main.yml @@ -72,7 +72,7 @@ matrix_jitsi_jibri_recorder_password: '' matrix_jitsi_enable_lobby: false -matrix_jitsi_version: stable-7648-3 +matrix_jitsi_version: stable-7648-4 matrix_jitsi_container_image_tag: "{{ matrix_jitsi_version }}" # for backward-compatibility matrix_jitsi_web_docker_image: "{{ matrix_container_global_registry_prefix }}jitsi/web:{{ matrix_jitsi_container_image_tag }}" From 033b8e57cc9aab3090356f717697286c9a38f71a Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Fri, 26 Aug 2022 14:42:56 +0000 Subject: [PATCH 221/562] Update mautrix-instagram 0.1.3 -> 0.2.0 --- roles/matrix-bridge-mautrix-instagram/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-instagram/defaults/main.yml b/roles/matrix-bridge-mautrix-instagram/defaults/main.yml index bcb6ddb1..eb223405 100644 --- a/roles/matrix-bridge-mautrix-instagram/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-instagram/defaults/main.yml @@ -8,7 +8,7 @@ matrix_mautrix_instagram_container_image_self_build: false matrix_mautrix_instagram_container_image_self_build_repo: "https://github.com/mautrix/instagram.git" matrix_mautrix_instagram_container_image_self_build_repo_version: "{{ 'master' if matrix_mautrix_instagram_version == 'latest' else matrix_mautrix_instagram_version }}" -matrix_mautrix_instagram_version: v0.1.3 +matrix_mautrix_instagram_version: v0.2.0 # See: https://mau.dev/tulir/mautrix-instagram/container_registry matrix_mautrix_instagram_docker_image: "{{ matrix_mautrix_instagram_docker_image_name_prefix }}mautrix/instagram:{{ matrix_mautrix_instagram_version }}" matrix_mautrix_instagram_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_instagram_container_image_self_build else 'dock.mau.dev/' }}" From bb0ce4cac6dfc70a76dd2639116c9832c94678d9 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Fri, 26 Aug 2022 19:47:05 +0000 Subject: [PATCH 222/562] Update Hydrogen 0.3.1 -> 0.3.2 --- roles/matrix-client-hydrogen/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-hydrogen/defaults/main.yml b/roles/matrix-client-hydrogen/defaults/main.yml index 4edfa20c..bd2917d2 100644 --- a/roles/matrix-client-hydrogen/defaults/main.yml +++ b/roles/matrix-client-hydrogen/defaults/main.yml @@ -8,7 +8,7 @@ matrix_client_hydrogen_enabled: true matrix_client_hydrogen_container_image_self_build: true matrix_client_hydrogen_container_image_self_build_repo: "https://github.com/vector-im/hydrogen-web.git" -matrix_client_hydrogen_version: v0.3.1 +matrix_client_hydrogen_version: v0.3.2 matrix_client_hydrogen_docker_image: "{{ matrix_client_hydrogen_docker_image_name_prefix }}vectorim/hydrogen-web:{{ matrix_client_hydrogen_version }}" matrix_client_hydrogen_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_hydrogen_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_hydrogen_docker_image_force_pull: "{{ matrix_client_hydrogen_docker_image.endswith(':latest') }}" From a0ecf13cdbde8edb023d5b0611cddd602a118419 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sun, 28 Aug 2022 18:05:59 +0300 Subject: [PATCH 223/562] Add ability to control RandomizedDelaySec of matrix-backup-borg.timer Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2068 --- roles/matrix-backup-borg/defaults/main.yml | 5 ++++- .../templates/systemd/matrix-backup-borg.timer.j2 | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/roles/matrix-backup-borg/defaults/main.yml b/roles/matrix-backup-borg/defaults/main.yml index 89381788..de086ebd 100644 --- a/roles/matrix-backup-borg/defaults/main.yml +++ b/roles/matrix-backup-borg/defaults/main.yml @@ -26,8 +26,11 @@ matrix_backup_borg_systemd_required_services_list: ['docker.service'] # List of systemd services that matrix-backup-borg.service wants matrix_backup_borg_systemd_wanted_services_list: [] -# systemd calendar configuration for backup job +# systemd calendar configuration for the backup job +# the actual job may run with a delay (see matrix_backup_borg_schedule_randomized_delay_sec) matrix_backup_borg_schedule: "*-*-* 04:00:00" +# the delay with which the systemd timer may run in relation to the `matrix_backup_borg_schedule` schedule +matrix_backup_borg_schedule_randomized_delay_sec: 2h # what directories should be added to backup matrix_backup_borg_location_source_directories: [] diff --git a/roles/matrix-backup-borg/templates/systemd/matrix-backup-borg.timer.j2 b/roles/matrix-backup-borg/templates/systemd/matrix-backup-borg.timer.j2 index 541d0020..fdafef76 100644 --- a/roles/matrix-backup-borg/templates/systemd/matrix-backup-borg.timer.j2 +++ b/roles/matrix-backup-borg/templates/systemd/matrix-backup-borg.timer.j2 @@ -4,7 +4,7 @@ Description=Matrix Borg Backup timer [Timer] Unit=matrix-backup-borg.service OnCalendar={{ matrix_backup_borg_schedule }} -RandomizedDelaySec=2h +RandomizedDelaySec={{ matrix_backup_borg_schedule_randomized_delay_sec }} [Install] WantedBy=timers.target From e8fd3fdc19ac6cab79f360b0bb54bf6df2c73f8f Mon Sep 17 00:00:00 2001 From: Aine Date: Sun, 28 Aug 2022 18:48:18 +0300 Subject: [PATCH 224/562] bot-postmoogle: add POSTMOOGLE_USERS config option --- roles/matrix-bot-postmoogle/defaults/main.yml | 9 +++++++++ roles/matrix-bot-postmoogle/templates/env.j2 | 1 + 2 files changed, 10 insertions(+) diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index 5272e2f2..bcd401e7 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -84,6 +84,15 @@ matrix_bot_postmoogle_noowner: false # Allow Postmoogle use by users over federation matrix_bot_postmoogle_federation: false +# A list of whitelisted users allowed to use the bridge. +# If not defined, everyone is allowed. +# Example set of rules: +# - @someone:example.com +# - @another:example.com +# - @bot.*:example.com +# - @*:another.com +matrix_bot_postmoogle_users: [] + # Sentry DSN matrix_bot_postmoogle_sentry: '' diff --git a/roles/matrix-bot-postmoogle/templates/env.j2 b/roles/matrix-bot-postmoogle/templates/env.j2 index 930681d8..0bd33752 100644 --- a/roles/matrix-bot-postmoogle/templates/env.j2 +++ b/roles/matrix-bot-postmoogle/templates/env.j2 @@ -12,5 +12,6 @@ POSTMOOGLE_LOGLEVEL={{ matrix_bot_postmoogle_loglevel }} POSTMOOGLE_NOENCRYPTION={{ matrix_bot_postmoogle_noencryption }} POSTMOOGLE_NOOWNER={{ matrix_bot_postmoogle_noowner }} POSTMOOGLE_FEDERATION={{ matrix_bot_postmoogle_federation }} +POSTMOOGLE_USERS={{ matrix_bot_postmoogle_users | default('') | join(' ') }} {{ matrix_bot_postmoogle_environment_variables_extension }} From 071424bef2130a28a5386fce9c46d2287740f5f9 Mon Sep 17 00:00:00 2001 From: Array in a Matrix Date: Mon, 29 Aug 2022 02:29:57 -0400 Subject: [PATCH 225/562] Update configuring-playbook-bot-mjolnir.md --- docs/configuring-playbook-bot-mjolnir.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bot-mjolnir.md b/docs/configuring-playbook-bot-mjolnir.md index 20760d5e..d1fe64f7 100644 --- a/docs/configuring-playbook-bot-mjolnir.md +++ b/docs/configuring-playbook-bot-mjolnir.md @@ -29,7 +29,7 @@ Refer to the documentation on [how to obtain an access token](obtaining-access-t ## 3. Make sure the account is free from rate limiting -You will need to prevent Synapse from rate limiting the bot's account. This is not an optional step. If you do not do this step Mjolnir will crash. [Currently there is no Synapse config option for this](https://github.com/matrix-org/synapse/issues/6286) so you have to manually edit the Synapse database. Manually editing the Synapse database is rarely a good idea but in this case it is required. Please ask for help if you are uncomfortable with these steps. +You will need to prevent Synapse from rate limiting the bot's account. This is not an optional step. If you do not do this step Mjolnir will crash. There is a Synapse config option for this but this can also be manually done by editing the Synapse database. Manually editing the Synapse database is rarely a good idea. Please ask for help if you are uncomfortable with these steps. 1. Copy the statement below into a text editor. From b0eb28721b1bfeec72f6fc4dfbf4d20e9a3f86a7 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Mon, 29 Aug 2022 15:13:27 +0000 Subject: [PATCH 226/562] postmoogle: add admins (#2073) * postmoogle: add admins * postmoogle: update jija2 defaults * postmoogle: fix typo --- roles/matrix-bot-postmoogle/defaults/main.yml | 9 +++++++++ roles/matrix-bot-postmoogle/templates/env.j2 | 3 ++- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index bcd401e7..a08c0f46 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -93,6 +93,15 @@ matrix_bot_postmoogle_federation: false # - @*:another.com matrix_bot_postmoogle_users: [] +# A list of admins +# Example set of rules: +# - @someone:example.com +# - @another:example.com +# - @bot.*:example.com +# - @*:another.com +matrix_bot_postmoogle_admins: + - "{{ matrix_admin }}" + # Sentry DSN matrix_bot_postmoogle_sentry: '' diff --git a/roles/matrix-bot-postmoogle/templates/env.j2 b/roles/matrix-bot-postmoogle/templates/env.j2 index 0bd33752..d73c1b6a 100644 --- a/roles/matrix-bot-postmoogle/templates/env.j2 +++ b/roles/matrix-bot-postmoogle/templates/env.j2 @@ -12,6 +12,7 @@ POSTMOOGLE_LOGLEVEL={{ matrix_bot_postmoogle_loglevel }} POSTMOOGLE_NOENCRYPTION={{ matrix_bot_postmoogle_noencryption }} POSTMOOGLE_NOOWNER={{ matrix_bot_postmoogle_noowner }} POSTMOOGLE_FEDERATION={{ matrix_bot_postmoogle_federation }} -POSTMOOGLE_USERS={{ matrix_bot_postmoogle_users | default('') | join(' ') }} +POSTMOOGLE_USERS={{ matrix_bot_postmoogle_users | join(' ') }} +POSTMOOGLE_ADMINS={{ matrix_bot_postmoogle_admins | join(' ') }} {{ matrix_bot_postmoogle_environment_variables_extension }} From aa9269661348ecb679f3316cea505338646427c2 Mon Sep 17 00:00:00 2001 From: Array in a Matrix Date: Mon, 29 Aug 2022 13:10:29 -0400 Subject: [PATCH 227/562] Update configuring-playbook-bot-mjolnir.md --- docs/configuring-playbook-bot-mjolnir.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bot-mjolnir.md b/docs/configuring-playbook-bot-mjolnir.md index d1fe64f7..30aa4c4f 100644 --- a/docs/configuring-playbook-bot-mjolnir.md +++ b/docs/configuring-playbook-bot-mjolnir.md @@ -29,7 +29,7 @@ Refer to the documentation on [how to obtain an access token](obtaining-access-t ## 3. Make sure the account is free from rate limiting -You will need to prevent Synapse from rate limiting the bot's account. This is not an optional step. If you do not do this step Mjolnir will crash. There is a Synapse config option for this but this can also be manually done by editing the Synapse database. Manually editing the Synapse database is rarely a good idea. Please ask for help if you are uncomfortable with these steps. +You will need to prevent Synapse from rate limiting the bot's account. This is not an optional step. If you do not do this step Mjolnir will crash. The Synapse config option for this can be found [here](https://matrix-org.github.io/synapse/latest/usage/configuration/config_documentation.html#ratelimiting) or by using the [admin API](https://matrix-org.github.io/synapse/latest/admin_api/user_admin_api.html#override-ratelimiting-for-users) but this can also be manually done by editing the Synapse database. Manually editing the Synapse database is rarely a good idea. Please ask for help if you are uncomfortable with these steps. 1. Copy the statement below into a text editor. From 76953d8a6961d35b13ae7e0d827c38ce5cc46a70 Mon Sep 17 00:00:00 2001 From: Array in a Matrix Date: Mon, 29 Aug 2022 13:10:53 -0400 Subject: [PATCH 228/562] Update configuring-playbook-bot-mjolnir.md --- docs/configuring-playbook-bot-mjolnir.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bot-mjolnir.md b/docs/configuring-playbook-bot-mjolnir.md index 30aa4c4f..b7d3022f 100644 --- a/docs/configuring-playbook-bot-mjolnir.md +++ b/docs/configuring-playbook-bot-mjolnir.md @@ -29,7 +29,7 @@ Refer to the documentation on [how to obtain an access token](obtaining-access-t ## 3. Make sure the account is free from rate limiting -You will need to prevent Synapse from rate limiting the bot's account. This is not an optional step. If you do not do this step Mjolnir will crash. The Synapse config option for this can be found [here](https://matrix-org.github.io/synapse/latest/usage/configuration/config_documentation.html#ratelimiting) or by using the [admin API](https://matrix-org.github.io/synapse/latest/admin_api/user_admin_api.html#override-ratelimiting-for-users) but this can also be manually done by editing the Synapse database. Manually editing the Synapse database is rarely a good idea. Please ask for help if you are uncomfortable with these steps. +You will need to prevent Synapse from rate limiting the bot's account. This is not an optional step. If you do not do this step Mjolnir will crash. The Synapse config option for this can be found [here](https://matrix-org.github.io/synapse/latest/usage/configuration/config_documentation.html#ratelimiting) or by using the [admin API](https://matrix-org.github.io/synapse/latest/admin_api/user_admin_api.html#override-ratelimiting-for-users). This can also be manually done by editing the Synapse database. Manually editing the Synapse database is rarely a good idea. Please ask for help if you are uncomfortable with these steps. 1. Copy the statement below into a text editor. From cc57af9126218d048059572f2231aeceb1adee7c Mon Sep 17 00:00:00 2001 From: Aine Date: Mon, 29 Aug 2022 20:24:00 +0300 Subject: [PATCH 229/562] =?UTF-8?q?=1B[Apostmoogle:=20remove=20noowner=20a?= =?UTF-8?q?nd=20federation?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- roles/matrix-bot-postmoogle/defaults/main.yml | 6 ------ roles/matrix-bot-postmoogle/templates/env.j2 | 2 -- 2 files changed, 8 deletions(-) diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index a08c0f46..e6de5dcb 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -78,12 +78,6 @@ matrix_bot_postmoogle_prefix: '!pm' # Max email size in megabytes, including attachments matrix_bot_postmoogle_maxsize: '1024' -# Allow room settings changes by any room participant -matrix_bot_postmoogle_noowner: false - -# Allow Postmoogle use by users over federation -matrix_bot_postmoogle_federation: false - # A list of whitelisted users allowed to use the bridge. # If not defined, everyone is allowed. # Example set of rules: diff --git a/roles/matrix-bot-postmoogle/templates/env.j2 b/roles/matrix-bot-postmoogle/templates/env.j2 index d73c1b6a..7c0d10be 100644 --- a/roles/matrix-bot-postmoogle/templates/env.j2 +++ b/roles/matrix-bot-postmoogle/templates/env.j2 @@ -10,8 +10,6 @@ POSTMOOGLE_MAXSIZE={{ matrix_bot_postmoogle_maxsize }} POSTMOOGLE_SENTRY={{ matrix_bot_postmoogle_sentry }} POSTMOOGLE_LOGLEVEL={{ matrix_bot_postmoogle_loglevel }} POSTMOOGLE_NOENCRYPTION={{ matrix_bot_postmoogle_noencryption }} -POSTMOOGLE_NOOWNER={{ matrix_bot_postmoogle_noowner }} -POSTMOOGLE_FEDERATION={{ matrix_bot_postmoogle_federation }} POSTMOOGLE_USERS={{ matrix_bot_postmoogle_users | join(' ') }} POSTMOOGLE_ADMINS={{ matrix_bot_postmoogle_admins | join(' ') }} From c68f69805271017e1fc2a5174cfaca01edf05665 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Mon, 29 Aug 2022 17:43:03 +0000 Subject: [PATCH 230/562] postmoogle: set safe defaults to POSTMOOGLE_USERS --- roles/matrix-bot-postmoogle/defaults/main.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index e6de5dcb..cb4c8f53 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -85,7 +85,8 @@ matrix_bot_postmoogle_maxsize: '1024' # - @another:example.com # - @bot.*:example.com # - @*:another.com -matrix_bot_postmoogle_users: [] +matrix_bot_postmoogle_users: + - "@*:{{ matrix_domain }}" # A list of admins # Example set of rules: From 5d7260a93df9df20842addaa540ab73fc02ee690 Mon Sep 17 00:00:00 2001 From: Array in a Matrix Date: Mon, 29 Aug 2022 14:30:00 -0400 Subject: [PATCH 231/562] removed server wide rate limit link --- docs/configuring-playbook-bot-mjolnir.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bot-mjolnir.md b/docs/configuring-playbook-bot-mjolnir.md index b7d3022f..ada4556a 100644 --- a/docs/configuring-playbook-bot-mjolnir.md +++ b/docs/configuring-playbook-bot-mjolnir.md @@ -29,7 +29,7 @@ Refer to the documentation on [how to obtain an access token](obtaining-access-t ## 3. Make sure the account is free from rate limiting -You will need to prevent Synapse from rate limiting the bot's account. This is not an optional step. If you do not do this step Mjolnir will crash. The Synapse config option for this can be found [here](https://matrix-org.github.io/synapse/latest/usage/configuration/config_documentation.html#ratelimiting) or by using the [admin API](https://matrix-org.github.io/synapse/latest/admin_api/user_admin_api.html#override-ratelimiting-for-users). This can also be manually done by editing the Synapse database. Manually editing the Synapse database is rarely a good idea. Please ask for help if you are uncomfortable with these steps. +You will need to prevent Synapse from rate limiting the bot's account. This is not an optional step. If you do not do this step Mjolnir will crash. The Synapse config option for this by using the [admin API](https://matrix-org.github.io/synapse/latest/admin_api/user_admin_api.html#override-ratelimiting-for-users). This can also be manually done by editing the Synapse database. Manually editing the Synapse database is rarely a good idea. Please ask for help if you are uncomfortable with these steps. 1. Copy the statement below into a text editor. From 8a469adbfbc019c657c17424b07ac28b5dfe9d19 Mon Sep 17 00:00:00 2001 From: Array in a Matrix Date: Mon, 29 Aug 2022 14:33:53 -0400 Subject: [PATCH 232/562] better wording --- docs/configuring-playbook-bot-mjolnir.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bot-mjolnir.md b/docs/configuring-playbook-bot-mjolnir.md index ada4556a..5fc6331e 100644 --- a/docs/configuring-playbook-bot-mjolnir.md +++ b/docs/configuring-playbook-bot-mjolnir.md @@ -29,7 +29,7 @@ Refer to the documentation on [how to obtain an access token](obtaining-access-t ## 3. Make sure the account is free from rate limiting -You will need to prevent Synapse from rate limiting the bot's account. This is not an optional step. If you do not do this step Mjolnir will crash. The Synapse config option for this by using the [admin API](https://matrix-org.github.io/synapse/latest/admin_api/user_admin_api.html#override-ratelimiting-for-users). This can also be manually done by editing the Synapse database. Manually editing the Synapse database is rarely a good idea. Please ask for help if you are uncomfortable with these steps. +You will need to prevent Synapse from rate limiting the bot's account. This is not an optional step. If you do not do this step Mjolnir will crash. This can be done using Synapse's [admin API](https://matrix-org.github.io/synapse/latest/admin_api/user_admin_api.html#override-ratelimiting-for-users). This can also be manually done by editing the Synapse database. Manually editing the Synapse database is rarely a good idea. Please ask for help if you are uncomfortable with these steps. 1. Copy the statement below into a text editor. From caebb7be0b2cd02abbe853d1d1243f53e98fdeff Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 30 Aug 2022 10:53:59 +0300 Subject: [PATCH 233/562] Disable registration for Conduit by default We do this for all other supported homeservers. A "public by default" homeserver is a bad idea for most people. Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2076 --- roles/matrix-conduit/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-conduit/defaults/main.yml b/roles/matrix-conduit/defaults/main.yml index 25036939..df1a87d9 100644 --- a/roles/matrix-conduit/defaults/main.yml +++ b/roles/matrix-conduit/defaults/main.yml @@ -37,7 +37,7 @@ matrix_conduit_template_conduit_config: "{{ role_path }}/templates/conduit/condu matrix_conduit_max_request_size: 20_000_000 # Enables registration. If set to false, no users can register on this server. -matrix_conduit_allow_registration: true +matrix_conduit_allow_registration: false matrix_conduit_allow_federation: true From b018a0a11486787bb0283c7230e86790a90d94bc Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 30 Aug 2022 11:10:58 +0000 Subject: [PATCH 234/562] Update ddclient v3.9.1-ls96 -> v3.9.1-ls97 --- roles/matrix-dynamic-dns/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dynamic-dns/defaults/main.yml b/roles/matrix-dynamic-dns/defaults/main.yml index 16f6f3ae..8354e1d9 100644 --- a/roles/matrix-dynamic-dns/defaults/main.yml +++ b/roles/matrix-dynamic-dns/defaults/main.yml @@ -7,7 +7,7 @@ matrix_dynamic_dns_enabled: true # The dynamic dns daemon interval matrix_dynamic_dns_daemon_interval: '300' -matrix_dynamic_dns_version: v3.9.1-ls96 +matrix_dynamic_dns_version: v3.9.1-ls97 # The docker container to use when in mode matrix_dynamic_dns_docker_image: "{{ matrix_dynamic_dns_docker_image_name_prefix }}linuxserver/ddclient:{{ matrix_dynamic_dns_version }}" From 8e0e9fa878b451c5bb727330430e7993d5418122 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 30 Aug 2022 18:50:44 +0300 Subject: [PATCH 235/562] Deprecate matrix_synapse_account_threepid_delegates_email before Synapse v1.66.0 This is done in anticipation of this option's removal in the upcoming Synapse v1.66.0 release (likely tomorrow). See: https://matrix-org.github.io/synapse/v1.66/upgrade.html#delegation-of-email-validation-no-longer-supported --- group_vars/matrix_servers | 4 +--- roles/matrix-synapse/defaults/main.yml | 4 ---- roles/matrix-synapse/tasks/validate_config.yml | 1 + roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 | 7 +------ 4 files changed, 3 insertions(+), 13 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 2ac8cc29..b0293802 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -2237,9 +2237,7 @@ matrix_synapse_enabled: "{{ matrix_homeserver_implementation == 'synapse' }}" matrix_synapse_container_image_self_build: "{{ matrix_architecture not in ['arm64', 'amd64'] }}" -# When ma1sd is enabled, we can use it to validate email addresses and phone numbers. -# Synapse can validate email addresses by itself as well, but it's probably not what we want by default when we have an identity server. -matrix_synapse_account_threepid_delegates_email: "{{ 'http://matrix-ma1sd:' + matrix_ma1sd_container_port | string if matrix_ma1sd_enabled else '' }}" +# When ma1sd is enabled, we can use it to validate phone numbers. It's something that the homeserver cannot do by itself. matrix_synapse_account_threepid_delegates_msisdn: "{{ 'http://matrix-ma1sd:' + matrix_ma1sd_container_port | string if matrix_ma1sd_enabled else '' }}" # Normally, matrix-nginx-proxy is enabled and nginx can reach Synapse over the container network. diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 6d204b17..1ba7b269 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -257,10 +257,6 @@ matrix_synapse_registrations_require_3pid: [] # pattern: '\+44' matrix_synapse_allowed_local_3pids: [] -# The server to use for email threepid validation. When empty, Synapse does it by itself. -# Otherwise, this should be pointed to an identity server. -matrix_synapse_account_threepid_delegates_email: '' - # The server to use for phone number threepid validation. When empty, validation cannot happen, as Synapse doesn't support it. # To make it work, this should be pointed to an identity server. matrix_synapse_account_threepid_delegates_msisdn: '' diff --git a/roles/matrix-synapse/tasks/validate_config.yml b/roles/matrix-synapse/tasks/validate_config.yml index ba60abf8..d32fce97 100644 --- a/roles/matrix-synapse/tasks/validate_config.yml +++ b/roles/matrix-synapse/tasks/validate_config.yml @@ -61,6 +61,7 @@ - {'old': 'matrix_synapse_use_presence', 'new': 'matrix_synapse_presence_enabled'} - {'old': 'matrix_synapse_version_arm64', 'new': ''} - {'old': 'matrix_synapse_enable_group_creation', 'new': ''} + - {'old': 'matrix_synapse_account_threepid_delegates_email', 'new': ''} - name: (Deprecation) Catch and report renamed settings in matrix_synapse_configuration_extension_yaml ansible.builtin.fail: diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 index 07c5ec89..04c4b3cf 100644 --- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -1419,14 +1419,10 @@ allow_guest_access: {{ matrix_synapse_allow_guest_access|to_json }} # #default_identity_server: https://matrix.org -# Handle threepid (email/phone etc) registration and password resets through a set of +# Handle threepid (phone etc) registration and password resets through a set of # *trusted* identity servers. Note that this allows the configured identity server to # reset passwords for accounts! # -# Be aware that if `email` is not set, and SMTP options have not been -# configured in the email config block, registration and user password resets via -# email will be globally disabled. -# # Additionally, if `msisdn` is not set, registration and password resets via msisdn # will be disabled regardless, and users will not be able to associate an msisdn # identifier to their account. This is due to Synapse currently not supporting @@ -1441,7 +1437,6 @@ allow_guest_access: {{ matrix_synapse_allow_guest_access|to_json }} # https://matrix.org/docs/spec/identity_service/latest # account_threepid_delegates: - email: {{ matrix_synapse_account_threepid_delegates_email|to_json }} msisdn: {{ matrix_synapse_account_threepid_delegates_msisdn|to_json }} # Whether users are allowed to change their displayname after it has From 1bc49949f94825de30448cb58c6428ae5ed731fd Mon Sep 17 00:00:00 2001 From: Aine Date: Tue, 30 Aug 2022 19:48:16 +0300 Subject: [PATCH 236/562] postmoogle 0.9.0 --- roles/matrix-bot-postmoogle/defaults/main.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index cb4c8f53..13953f2a 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -9,7 +9,7 @@ matrix_bot_postmoogle_docker_repo: "https://gitlab.com/etke.cc/postmoogle.git" matrix_bot_postmoogle_docker_repo_version: "{{ 'main' if matrix_bot_postmoogle_version == 'latest' else matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_src_files_path: "{{ matrix_base_data_path }}/postmoogle/docker-src" -matrix_bot_postmoogle_version: latest +matrix_bot_postmoogle_version: v0.9.0 matrix_bot_postmoogle_docker_image: "{{ matrix_bot_postmoogle_docker_image_name_prefix }}postmoogle:{{ matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_postmoogle_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" matrix_bot_postmoogle_docker_image_force_pull: "{{ matrix_bot_postmoogle_docker_image.endswith(':latest') }}" @@ -78,6 +78,7 @@ matrix_bot_postmoogle_prefix: '!pm' # Max email size in megabytes, including attachments matrix_bot_postmoogle_maxsize: '1024' +# DEPRECATED, use !pm users instead # A list of whitelisted users allowed to use the bridge. # If not defined, everyone is allowed. # Example set of rules: From 4bff8c18db7c5649c2e49860d59c38c2856395f2 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 30 Aug 2022 16:49:47 +0000 Subject: [PATCH 237/562] Update grafana 9.1.1 -> 9.1.2 --- roles/matrix-grafana/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index 6ef4cb6a..0b57de77 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -5,7 +5,7 @@ matrix_grafana_enabled: false -matrix_grafana_version: 9.1.1 +matrix_grafana_version: 9.1.2 matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}" matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}" From 09d4a9beab4f631e98bcec32f7ff674ef077ccce Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 31 Aug 2022 11:17:56 +0300 Subject: [PATCH 238/562] Make matrix_bot_postmoogle_admins=[] when matrix_admin not set .. instead of `['']`. The final result in the `env` file will be the same (`POSTMOOGLE_ADMINS=`) in both cases, but it's better to avoid confusion. --- roles/matrix-bot-postmoogle/defaults/main.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index 13953f2a..10c4255b 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -82,6 +82,7 @@ matrix_bot_postmoogle_maxsize: '1024' # A list of whitelisted users allowed to use the bridge. # If not defined, everyone is allowed. # Example set of rules: +# matrix_bot_postmoogle_users: # - @someone:example.com # - @another:example.com # - @bot.*:example.com @@ -91,12 +92,12 @@ matrix_bot_postmoogle_users: # A list of admins # Example set of rules: +# matrix_bot_postmoogle_admins: # - @someone:example.com # - @another:example.com # - @bot.*:example.com # - @*:another.com -matrix_bot_postmoogle_admins: - - "{{ matrix_admin }}" +matrix_bot_postmoogle_admins: "{{ [matrix_admin] if matrix_admin else [] }}" # Sentry DSN matrix_bot_postmoogle_sentry: '' From 664406af57f9f79ba4b7d96b59db0baa84587017 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 31 Aug 2022 15:45:46 +0300 Subject: [PATCH 239/562] Upgrade Synapse (v1.65.0 -> v1.66.0) --- roles/matrix-synapse/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 1ba7b269..a25d2d3f 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -9,7 +9,7 @@ matrix_synapse_container_image_self_build_repo: "https://github.com/matrix-org/s matrix_synapse_docker_image: "{{ matrix_synapse_docker_image_name_prefix }}matrixdotorg/synapse:{{ matrix_synapse_docker_image_tag }}" matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_container_image_self_build else matrix_container_global_registry_prefix }}" -matrix_synapse_version: v1.65.0 +matrix_synapse_version: v1.66.0 matrix_synapse_docker_image_tag: "{{ matrix_synapse_version }}" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" From a6ad396cd29e2ec2e9ad1cc01ffbc8900b316caf Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Wed, 31 Aug 2022 16:35:37 +0000 Subject: [PATCH 240/562] Update Element 1.11.3 -> 1.11.4 --- roles/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index e462df8a..c4e187a9 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -10,7 +10,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/vecto # - https://github.com/vector-im/element-web/issues/19544 matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" -matrix_client_element_version: v1.11.3 +matrix_client_element_version: v1.11.4 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" From 023f27324040fa71edfda16cbf84ff8c17dad59f Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Wed, 31 Aug 2022 16:36:31 +0000 Subject: [PATCH 241/562] Update Cinny 2.1.2 -> 2.1.3 --- roles/matrix-client-cinny/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-cinny/defaults/main.yml b/roles/matrix-client-cinny/defaults/main.yml index 1cb22cd1..c2bc476a 100644 --- a/roles/matrix-client-cinny/defaults/main.yml +++ b/roles/matrix-client-cinny/defaults/main.yml @@ -6,7 +6,7 @@ matrix_client_cinny_enabled: true matrix_client_cinny_container_image_self_build: false matrix_client_cinny_container_image_self_build_repo: "https://github.com/ajbura/cinny.git" -matrix_client_cinny_version: v2.1.2 +matrix_client_cinny_version: v2.1.3 matrix_client_cinny_docker_image: "{{ matrix_client_cinny_docker_image_name_prefix }}ajbura/cinny:{{ matrix_client_cinny_version }}" matrix_client_cinny_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_cinny_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_cinny_docker_image_force_pull: "{{ matrix_client_cinny_docker_image.endswith(':latest') }}" From e74e3c9e8f3c8c4c0b5222ad60284fe8bdb80e8f Mon Sep 17 00:00:00 2001 From: Silas Date: Thu, 1 Sep 2022 22:23:02 -0300 Subject: [PATCH 242/562] Correctly check number of arguments when creating a dendrite account This is probably a continuation of changes made in d7ed672f7. --- .../dendrite/usr-local-bin/matrix-dendrite-create-account.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/templates/dendrite/usr-local-bin/matrix-dendrite-create-account.j2 b/roles/matrix-dendrite/templates/dendrite/usr-local-bin/matrix-dendrite-create-account.j2 index 507c7012..edfa521b 100644 --- a/roles/matrix-dendrite/templates/dendrite/usr-local-bin/matrix-dendrite-create-account.j2 +++ b/roles/matrix-dendrite/templates/dendrite/usr-local-bin/matrix-dendrite-create-account.j2 @@ -1,7 +1,7 @@ #jinja2: lstrip_blocks: "True" #!/bin/bash -if [ $# -ne 2 ]; then +if [ $# -ne 3 ]; then echo "Usage: "$0" " exit 1 fi From 0300c0e96ee29950d0ede995ac841e996adb7424 Mon Sep 17 00:00:00 2001 From: Shaleen Jain Date: Fri, 2 Sep 2022 03:58:41 +0000 Subject: [PATCH 243/562] Update dendrite 0.9.5 -> 0.9.6 Remove appservice database setup/config as the latest update no longer requires it. --- group_vars/matrix_servers | 4 ---- roles/matrix-dendrite/defaults/main.yml | 3 +-- roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 | 5 ----- 3 files changed, 1 insertion(+), 11 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index b0293802..074e06e9 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1837,10 +1837,6 @@ matrix_postgres_additional_databases: | }] if (matrix_synapse_enabled and matrix_synapse_database_database != matrix_postgres_db_name and matrix_synapse_database_host == 'matrix-postgres') else []) + ([{ - 'name': matrix_dendrite_appservice_database, - 'username': matrix_dendrite_database_user, - 'password': matrix_dendrite_database_password, - },{ 'name': matrix_dendrite_federationapi_database, 'username': matrix_dendrite_database_user, 'password': matrix_dendrite_database_password, diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml index 50336a11..28f542e1 100644 --- a/roles/matrix-dendrite/defaults/main.yml +++ b/roles/matrix-dendrite/defaults/main.yml @@ -6,7 +6,7 @@ matrix_dendrite_enabled: true matrix_dendrite_docker_image: "{{ matrix_dendrite_docker_image_name_prefix }}matrixdotorg/dendrite-monolith:{{ matrix_dendrite_docker_image_tag }}" matrix_dendrite_docker_image_name_prefix: "docker.io/" -matrix_dendrite_docker_image_tag: "v0.9.5" +matrix_dendrite_docker_image_tag: "v0.9.6" matrix_dendrite_docker_image_force_pull: "{{ matrix_dendrite_docker_image.endswith(':latest') }}" matrix_dendrite_base_path: "{{ matrix_base_data_path }}/dendrite" @@ -138,7 +138,6 @@ matrix_dendrite_database_str: "postgresql://{{ matrix_dendrite_database_user }}: matrix_dendrite_database_hostname: "matrix-postgres" matrix_dendrite_database_user: "dendrite" matrix_dendrite_database_password: "itsasecret" -matrix_dendrite_appservice_database: "dendrite_appservice" matrix_dendrite_federationapi_database: "dendrite_federationapi" matrix_dendrite_keyserver_database: "dendrite_keyserver" matrix_dendrite_mediaapi_database: "dendrite_mediaapi" diff --git a/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 b/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 index 20131c10..88aacab2 100644 --- a/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 +++ b/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 @@ -133,11 +133,6 @@ app_service_api: internal_api: listen: http://0.0.0.0:7777 connect: http://appservice_api:7777 - database: - connection_string: {{ matrix_dendrite_database_str }}/{{ matrix_dendrite_appservice_database }}?sslmode=disable - max_open_conns: 10 - max_idle_conns: 2 - conn_max_lifetime: -1 # Disable the validation of TLS certificates of appservices. This is # not recommended in production since it may allow appservice traffic From 1efd1045f681fdcb47d4868018aa0a3625634e71 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 2 Sep 2022 14:38:05 +0300 Subject: [PATCH 244/562] Upgrade Hookshot (2.0.1 -> 2.1.0) --- roles/matrix-bridge-hookshot/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-hookshot/defaults/main.yml b/roles/matrix-bridge-hookshot/defaults/main.yml index 7b927c92..d230fcdb 100644 --- a/roles/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/matrix-bridge-hookshot/defaults/main.yml @@ -10,7 +10,7 @@ matrix_hookshot_container_image_self_build: false matrix_hookshot_container_image_self_build_repo: "https://github.com/matrix-org/matrix-hookshot.git" matrix_hookshot_container_image_self_build_branch: "{{ 'main' if matrix_hookshot_version == 'latest' else matrix_hookshot_version }}" -matrix_hookshot_version: 2.0.1 +matrix_hookshot_version: 2.1.0 matrix_hookshot_docker_image: "{{ matrix_hookshot_docker_image_name_prefix }}halfshot/matrix-hookshot:{{ matrix_hookshot_version }}" matrix_hookshot_docker_image_name_prefix: "{{ 'localhost/' if matrix_hookshot_container_image_self_build else matrix_container_global_registry_prefix }}" From 1cae31372c65e6db1d57cd35f37d79d3c85cab36 Mon Sep 17 00:00:00 2001 From: Charles Wright Date: Fri, 2 Sep 2022 13:04:21 -0500 Subject: [PATCH 245/562] Make Conduit's rocksdb_max_open_files parameter configurable, and set it to a higher default value --- roles/matrix-conduit/defaults/main.yml | 5 +++++ roles/matrix-conduit/templates/conduit/conduit.toml.j2 | 3 +++ 2 files changed, 8 insertions(+) diff --git a/roles/matrix-conduit/defaults/main.yml b/roles/matrix-conduit/defaults/main.yml index df1a87d9..48a1ed1b 100644 --- a/roles/matrix-conduit/defaults/main.yml +++ b/roles/matrix-conduit/defaults/main.yml @@ -36,6 +36,11 @@ matrix_conduit_template_conduit_config: "{{ role_path }}/templates/conduit/condu # Max size for uploads, in bytes matrix_conduit_max_request_size: 20_000_000 +# Maximum number of open files for Conduit's embedded RocksDB database +# See https://github.com/facebook/rocksdb/wiki/RocksDB-Tuning-Guide#tuning-other-options +# If not specified, Conduit defaults to a relatively low value of 20 +matrix_conduit_rocksdb_max_open_files: 64 + # Enables registration. If set to false, no users can register on this server. matrix_conduit_allow_registration: false diff --git a/roles/matrix-conduit/templates/conduit/conduit.toml.j2 b/roles/matrix-conduit/templates/conduit/conduit.toml.j2 index 6f479084..15691440 100644 --- a/roles/matrix-conduit/templates/conduit/conduit.toml.j2 +++ b/roles/matrix-conduit/templates/conduit/conduit.toml.j2 @@ -34,6 +34,9 @@ port = {{ matrix_conduit_port_number }} # Max size for uploads max_request_size = {{ matrix_conduit_max_request_size }} +# Max number of open files for the RocksDB database +rocksdb_max_open_files = {{ matrix_conduit_rocksdb_max_open_files }} + # Enables registration. If set to false, no users can register on this server. allow_registration = {{ matrix_conduit_allow_registration | to_json }} From 1c95c8fc3ebd205ce073c617f00ac1d37e8057ae Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Sat, 3 Sep 2022 10:47:39 +0000 Subject: [PATCH 246/562] Update hookshot 2.1.0 -> 2.1.2 --- roles/matrix-bridge-hookshot/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-hookshot/defaults/main.yml b/roles/matrix-bridge-hookshot/defaults/main.yml index d230fcdb..d60cf15b 100644 --- a/roles/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/matrix-bridge-hookshot/defaults/main.yml @@ -10,7 +10,7 @@ matrix_hookshot_container_image_self_build: false matrix_hookshot_container_image_self_build_repo: "https://github.com/matrix-org/matrix-hookshot.git" matrix_hookshot_container_image_self_build_branch: "{{ 'main' if matrix_hookshot_version == 'latest' else matrix_hookshot_version }}" -matrix_hookshot_version: 2.1.0 +matrix_hookshot_version: 2.1.2 matrix_hookshot_docker_image: "{{ matrix_hookshot_docker_image_name_prefix }}halfshot/matrix-hookshot:{{ matrix_hookshot_version }}" matrix_hookshot_docker_image_name_prefix: "{{ 'localhost/' if matrix_hookshot_container_image_self_build else matrix_container_global_registry_prefix }}" From b112480793d10b373645f1969fe2dc03cd8c9d85 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 4 Sep 2022 08:44:49 +0200 Subject: [PATCH 247/562] Remove ma1sd leftovers --- roles/matrix-ldap-registration-proxy/vars/main.yml | 5 ----- 1 file changed, 5 deletions(-) delete mode 100644 roles/matrix-ldap-registration-proxy/vars/main.yml diff --git a/roles/matrix-ldap-registration-proxy/vars/main.yml b/roles/matrix-ldap-registration-proxy/vars/main.yml deleted file mode 100644 index 3adc735e..00000000 --- a/roles/matrix-ldap-registration-proxy/vars/main.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- - -# Doing `|from_yaml` when the extension contains nothing yields an empty string (""). -# We need to ensure it's a dictionary or `|combine` (when building `matrix_ma1sd_configuration`) will fail later. -matrix_ma1sd_configuration_extension: "{{ matrix_ma1sd_configuration_extension_yaml | from_yaml if matrix_ma1sd_configuration_extension_yaml | from_yaml else {} }}" From 88f416638571ba5c88f0815827ff6d518e91412f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 4 Sep 2022 08:46:56 +0200 Subject: [PATCH 248/562] Validate that basic LDAP settings are provided --- .../tasks/validate_config.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/roles/matrix-ldap-registration-proxy/tasks/validate_config.yml b/roles/matrix-ldap-registration-proxy/tasks/validate_config.yml index e69de29b..6b52af9c 100644 --- a/roles/matrix-ldap-registration-proxy/tasks/validate_config.yml +++ b/roles/matrix-ldap-registration-proxy/tasks/validate_config.yml @@ -0,0 +1,12 @@ +--- + +- name: Fail if required settings not defined + ansible.builtin.fail: + msg: >- + You need to define a required configuration setting (`{{ item }}`). + when: "vars[item] == ''" + with_items: + - "matrix_ldap_registration_proxy_ldap_uri" + - "matrix_ldap_registration_proxy_ldap_base_dn" + - "matrix_ldap_registration_proxy_ldap_user" + - "matrix_ldap_registration_proxy_ldap_password" From ab33024665548238933f0ce4a01d36edbd814887 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 4 Sep 2022 08:53:26 +0200 Subject: [PATCH 249/562] Make role enabled in role but turn it off in group vars --- group_vars/matrix_servers | 14 ++++++++++++++ .../defaults/main.yml | 2 +- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 074e06e9..bbfdcf3e 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1538,6 +1538,20 @@ matrix_jitsi_etherpad_base: "{{ matrix_etherpad_base_url if matrix_etherpad_enab # /matrix-jitsi # ###################################################################### +###################################################################### +# +# matrix-ldap-registration-proxy +# +###################################################################### + +# This is only for users with a specific LDAP setup +matrix_ldap_registration_proxy_enabled: false + +###################################################################### +# +# /matrix-ldap-registration-proxy +# +###################################################################### ###################################################################### # diff --git a/roles/matrix-ldap-registration-proxy/defaults/main.yml b/roles/matrix-ldap-registration-proxy/defaults/main.yml index 5516f4f9..44a670c1 100644 --- a/roles/matrix-ldap-registration-proxy/defaults/main.yml +++ b/roles/matrix-ldap-registration-proxy/defaults/main.yml @@ -2,7 +2,7 @@ # matrix_ldap_registration_proxy - Want to build a large-scale Matrix server using external registration on LDAP? # Project source code URL: https://gitlab.com/activism.international/matrix_ldap_registration_proxy -matrix_ldap_registration_proxy_enabled: false +matrix_ldap_registration_proxy_enabled: true matrix_ldap_registration_proxy_container_image_self_build_repo: "https://gitlab.com/activism.international/matrix_ldap_registration_proxy.git" matrix_ldap_registration_proxy_container_image_self_build_branch: "{{ matrix_ldap_registration_proxy_version }}" From 54def0b1e1103cf9b236a5e2a352c826f3a4900e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 4 Sep 2022 08:56:03 +0200 Subject: [PATCH 250/562] Avoid cross-referencing of variables in role, move to group vars --- group_vars/matrix_servers | 6 ++++++ roles/matrix-ldap-registration-proxy/defaults/main.yml | 8 ++++---- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index bbfdcf3e..92cc5c59 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1547,6 +1547,12 @@ matrix_jitsi_etherpad_base: "{{ matrix_etherpad_base_url if matrix_etherpad_enab # This is only for users with a specific LDAP setup matrix_ldap_registration_proxy_enabled: false +# Use the LDAP values specified for the synapse role to setup LDAP proxy +matrix_ldap_registration_proxy_ldap_uri: "{{ matrix_synapse_ext_password_provider_ldap_uri }}" +matrix_ldap_registration_proxy_ldap_base_dn: "{{ matrix_synapse_ext_password_provider_ldap_base }}" +matrix_ldap_registration_proxy_ldap_user: "{{ matrix_synapse_ext_password_provider_ldap_bind_dn }}" +matrix_ldap_registration_proxy_ldap_password: "{{ matrix_synapse_ext_password_provider_ldap_bind_password }}" + ###################################################################### # # /matrix-ldap-registration-proxy diff --git a/roles/matrix-ldap-registration-proxy/defaults/main.yml b/roles/matrix-ldap-registration-proxy/defaults/main.yml index 44a670c1..4165c591 100644 --- a/roles/matrix-ldap-registration-proxy/defaults/main.yml +++ b/roles/matrix-ldap-registration-proxy/defaults/main.yml @@ -14,10 +14,10 @@ matrix_ldap_registration_proxy_base_path: "{{ matrix_base_data_path }}/matrix_ld matrix_ldap_registration_proxy_docker_src_files_path: "{{ matrix_ldap_registration_proxy_base_path }}/docker-src/matrix_ldap_registration_proxy" matrix_ldap_registration_proxy_config_path: "{{ matrix_ldap_registration_proxy_base_path }}/config" -matrix_ldap_registration_proxy_ldap_uri: "{{ matrix_synapse_ext_password_provider_ldap_uri }}" -matrix_ldap_registration_proxy_ldap_base_dn: "{{ matrix_synapse_ext_password_provider_ldap_base }}" -matrix_ldap_registration_proxy_ldap_user: "{{ matrix_synapse_ext_password_provider_ldap_bind_dn }}" -matrix_ldap_registration_proxy_ldap_password: "{{ matrix_synapse_ext_password_provider_ldap_bind_password }}" +matrix_ldap_registration_proxy_ldap_uri: "" +matrix_ldap_registration_proxy_ldap_base_dn: "" +matrix_ldap_registration_proxy_ldap_user: "" +matrix_ldap_registration_proxy_ldap_password: "" matrix_ldap_registration_proxy_matrix_server_name: "{{ matrix_domain }}" matrix_ldap_registration_proxy_matrix_server_url: "https://{{ matrix_server_fqn_matrix }}" From 7665c5e048dbd14ed5854fea36d38817927eec20 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 4 Sep 2022 08:59:07 +0200 Subject: [PATCH 251/562] Remove ma1sd leftovers --- roles/matrix-ldap-registration-proxy/defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-ldap-registration-proxy/defaults/main.yml b/roles/matrix-ldap-registration-proxy/defaults/main.yml index 4165c591..15f59749 100644 --- a/roles/matrix-ldap-registration-proxy/defaults/main.yml +++ b/roles/matrix-ldap-registration-proxy/defaults/main.yml @@ -39,9 +39,9 @@ matrix_ldap_registration_proxy_systemd_required_services_list: ['docker.service' # List of systemd services that matrix_ldap_registration_proxy.service wants matrix_ldap_registration_proxy_systemd_wanted_services_list: [] -# Default ma1sd configuration template which covers the generic use case. +# Default LDAP configuration template which covers the generic use case. # You can customize it by controlling the various variables inside it. matrix_ldap_registration_proxy_configuration_env: "{{ lookup('template', 'templates/ldap-registration-proxy.env.j2') }}" -# Holds the final ma1sd configuration (a combination of the default and its extension). +# Holds the final LDAP configuration (a combination of the default and its extension). matrix_ldap_registration_proxy_configuration: "{{ matrix_ldap_registration_proxy_configuration_env }}" From 949ca115fede8a143df2dde7efdea4fdcdb3eea3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 4 Sep 2022 09:09:09 +0200 Subject: [PATCH 252/562] Use a template option for the env with variable extension --- .../matrix-ldap-registration-proxy/defaults/main.yml | 11 ++++++----- .../tasks/setup_install.yml | 4 ++-- .../templates/ldap-registration-proxy.env.j2 | 3 +++ 3 files changed, 11 insertions(+), 7 deletions(-) diff --git a/roles/matrix-ldap-registration-proxy/defaults/main.yml b/roles/matrix-ldap-registration-proxy/defaults/main.yml index 15f59749..469a2f29 100644 --- a/roles/matrix-ldap-registration-proxy/defaults/main.yml +++ b/roles/matrix-ldap-registration-proxy/defaults/main.yml @@ -39,9 +39,10 @@ matrix_ldap_registration_proxy_systemd_required_services_list: ['docker.service' # List of systemd services that matrix_ldap_registration_proxy.service wants matrix_ldap_registration_proxy_systemd_wanted_services_list: [] -# Default LDAP configuration template which covers the generic use case. -# You can customize it by controlling the various variables inside it. -matrix_ldap_registration_proxy_configuration_env: "{{ lookup('template', 'templates/ldap-registration-proxy.env.j2') }}" +# Additional environment variables to pass to the LDAP proxy environment variables. +# +# Example: +# matrix_ldap_registration_proxy_env_variables_extension: | +# KEY=value +matrix_ldap_registration_proxy_env_variables_extension: '' -# Holds the final LDAP configuration (a combination of the default and its extension). -matrix_ldap_registration_proxy_configuration: "{{ matrix_ldap_registration_proxy_configuration_env }}" diff --git a/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml b/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml index 1f0307ec..87037337 100644 --- a/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml +++ b/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml @@ -37,8 +37,8 @@ when: true - name: Ensure matrix_ldap_registration_proxy config installed - ansible.builtin.copy: - content: "{{ matrix_ldap_registration_proxy_configuration }}" + ansible.builtin.template: + src: "{{ role_path }}/templates/ldap-registration-proxy.env.j2" dest: "{{ matrix_ldap_registration_proxy_config_path }}/ldap-registration-proxy.env" mode: 0644 owner: "{{ matrix_user_username }}" diff --git a/roles/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 b/roles/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 index e7ee29ba..581a0b0d 100644 --- a/roles/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 +++ b/roles/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 @@ -30,3 +30,6 @@ MATRIX_SERVER_URL={{ matrix_ldap_registration_proxy_matrix_server_url }} # Specify the port to listen on. Default to 8080 LISTEN_PORT={{ matrix_ldap_registration_proxy_container_port }} + +# Use this to extend the configuration with custom variables +{{ matrix_ldap_registration_proxy_env_variables_extension }} From 3bc64fb6cc8d2f0a1b2d4decdc5c95a369420a50 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 4 Sep 2022 09:09:59 +0200 Subject: [PATCH 253/562] Remove selfcheck --- .../tasks/main.yml | 7 ------ ...f_check_matrix_ldap_registration_proxy.yml | 22 ------------------- 2 files changed, 29 deletions(-) delete mode 100644 roles/matrix-ldap-registration-proxy/tasks/self_check_matrix_ldap_registration_proxy.yml diff --git a/roles/matrix-ldap-registration-proxy/tasks/main.yml b/roles/matrix-ldap-registration-proxy/tasks/main.yml index 720d27ba..576fc1f4 100644 --- a/roles/matrix-ldap-registration-proxy/tasks/main.yml +++ b/roles/matrix-ldap-registration-proxy/tasks/main.yml @@ -21,10 +21,3 @@ tags: - setup-all - setup-matrix-ldap-registration-proxy - -- ansible.builtin.import_tasks: "{{ role_path }}/tasks/self_check_matrix_ldap_registration_proxy.yml" - delegate_to: 127.0.0.1 - become: false - when: "run_self_check | bool and matrix_matrix_ldap_registration_proxy_enabled | bool" - tags: - - self-check diff --git a/roles/matrix-ldap-registration-proxy/tasks/self_check_matrix_ldap_registration_proxy.yml b/roles/matrix-ldap-registration-proxy/tasks/self_check_matrix_ldap_registration_proxy.yml deleted file mode 100644 index ce46c45a..00000000 --- a/roles/matrix-ldap-registration-proxy/tasks/self_check_matrix_ldap_registration_proxy.yml +++ /dev/null @@ -1,22 +0,0 @@ ---- - -- ansible.builtin.set_fact: - matrix_ldap_registration_proxy_url_endpoint_public: "https://{{ matrix_server_fqn_matrix }}/_matrix/client/r0/register" - -- name: Check matrix_ldap_registration_proxy Service - ansible.builtin.uri: - url: "{{ matrix_ldap_registration_proxy_url_endpoint_public }}" - follow_redirects: none - validate_certs: "{{ matrix_matrix_ldap_registration_proxy_self_check_validate_certificates }}" - check_mode: false - register: result_matrix_ldap_registration_proxy - ignore_errors: true - -- name: Fail if matrix_ldap_registration_proxy Service not working - ansible.builtin.fail: - msg: "Failed checking matrix_ldap_registration_proxy is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_ldap_registration_proxy_url_endpoint_public }}`). Is matrix_ldap_registration_proxy running? Is port 443 open in your firewall? Full error: {{ result_matrix_ldap_registration_proxy }}" - when: "result_matrix_ldap_registration_proxy.failed or 'json' not in result_matrix_ldap_registration_proxy" - -- name: Report working matrix_ldap_registration_proxy Service - ansible.builtin.debug: - msg: "matrix_ldap_registration_proxy at `{{ matrix_server_fqn_matrix }}` is working (checked endpoint: `{{ matrix_ldap_registration_proxy_url_endpoint_public }}`)" From 43bca57798c010146ac7a31ec8c5d979f4429e95 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 4 Sep 2022 19:38:27 +0200 Subject: [PATCH 254/562] Add nginx rewrite for registration --- .../defaults/main.yml | 4 ++++ .../templates/nginx/conf.d/matrix-domain.conf.j2 | 14 ++++++++++++++ 2 files changed, 18 insertions(+) diff --git a/roles/matrix-ldap-registration-proxy/defaults/main.yml b/roles/matrix-ldap-registration-proxy/defaults/main.yml index 469a2f29..712e1101 100644 --- a/roles/matrix-ldap-registration-proxy/defaults/main.yml +++ b/roles/matrix-ldap-registration-proxy/defaults/main.yml @@ -30,6 +30,10 @@ matrix_ldap_registration_proxy_container_port: 8080 # Takes an ":" or "" value (e.g. "127.0.0.1:8080"), or empty string to not expose. matrix_ldap_registration_proxy_container_http_host_bind_port: '' +matrix_ldap_registration_proxy_registration_addr_with_container: "matrix-ldap_-egistration-proxy:{{ matrix_ldap_registration_proxy_container_port }}" +matrix_ldap_registration_proxy_registration_addr_sans_container: "127.0.0.1:{{ matrix_ldap_registration_proxy_container_port }}" + + # A list of extra arguments to pass to the container matrix_ldap_registration_proxy_container_extra_arguments: [] diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 index 2895ba14..0e16e3e3 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 @@ -129,6 +129,20 @@ } {% endif %} + {% if matrix_ldap_registration_proxy_enabled %} + location _matrix/client/r0/register { + {% if matrix_nginx_proxy_enabled %} + {# Use the embedded DNS resolver in Docker containers to discover the service #} + resolver 127.0.0.11 valid=5s; + set $backend "{{ matrix_nginx_proxy_proxy_matrix_3pid_registration_addr_with_container }}"; + proxy_pass http://$backend/register; + {% else %} + {# Generic configuration for use outside of our container setup #} + proxy_pass http://{{ matrix_nginx_proxy_proxy_matrix_3pid_registration_addr_sans_container }}/register; + {% endif %} + } + {% endif %} + {% for configuration_block in matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks %} {{- configuration_block }} {% endfor %} From ee2badf7a6558cded771f8769b1a714065ee7e3b Mon Sep 17 00:00:00 2001 From: Kolja Lampe Date: Mon, 5 Sep 2022 11:01:31 +0200 Subject: [PATCH 255/562] Correctly refer to the placeholder --- docs/configuring-playbook-bot-matrix-registration-bot.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bot-matrix-registration-bot.md b/docs/configuring-playbook-bot-matrix-registration-bot.md index 739f0869..a3e4bbeb 100644 --- a/docs/configuring-playbook-bot-matrix-registration-bot.md +++ b/docs/configuring-playbook-bot-matrix-registration-bot.md @@ -56,7 +56,7 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start ## Usage -To use the bot, create a **non-encrypted** room and invite `@bot.matrix-registration-bot:DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). +To use the bot, create a **non-encrypted** room and invite `@bot.matrix-registration-bot:DOMAIN` (where `DOMAIN` is your base domain, not the `matrix.` domain). In this room send `help` and the bot will reply with all options. From 5f9f891322effa21d81c468cdcde701b6ba8c72c Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 5 Sep 2022 20:04:21 +0300 Subject: [PATCH 256/562] Fix misleading comment Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2086 --- roles/matrix-conduit/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-conduit/defaults/main.yml b/roles/matrix-conduit/defaults/main.yml index 48a1ed1b..366321b9 100644 --- a/roles/matrix-conduit/defaults/main.yml +++ b/roles/matrix-conduit/defaults/main.yml @@ -38,7 +38,7 @@ matrix_conduit_max_request_size: 20_000_000 # Maximum number of open files for Conduit's embedded RocksDB database # See https://github.com/facebook/rocksdb/wiki/RocksDB-Tuning-Guide#tuning-other-options -# If not specified, Conduit defaults to a relatively low value of 20 +# By default, Conduit uses a relatively low value of 20. matrix_conduit_rocksdb_max_open_files: 64 # Enables registration. If set to false, no users can register on this server. From e5ba1daad4a8e7c0b4caabbc0f668401778a5640 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Mon, 5 Sep 2022 21:48:19 +0200 Subject: [PATCH 257/562] Remove matrix LDAP proxy config from nginx role --- .../templates/nginx/conf.d/matrix-domain.conf.j2 | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 index 0e16e3e3..2895ba14 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 @@ -129,20 +129,6 @@ } {% endif %} - {% if matrix_ldap_registration_proxy_enabled %} - location _matrix/client/r0/register { - {% if matrix_nginx_proxy_enabled %} - {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; - set $backend "{{ matrix_nginx_proxy_proxy_matrix_3pid_registration_addr_with_container }}"; - proxy_pass http://$backend/register; - {% else %} - {# Generic configuration for use outside of our container setup #} - proxy_pass http://{{ matrix_nginx_proxy_proxy_matrix_3pid_registration_addr_sans_container }}/register; - {% endif %} - } - {% endif %} - {% for configuration_block in matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks %} {{- configuration_block }} {% endfor %} From 3aa2c8e535e81407782672e76ebd5be27be123e0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Mon, 5 Sep 2022 21:52:43 +0200 Subject: [PATCH 258/562] Inject nginx configuration for ldap proxy at runtime --- .../tasks/init.yml | 51 ++++++++++++++++++- 1 file changed, 49 insertions(+), 2 deletions(-) diff --git a/roles/matrix-ldap-registration-proxy/tasks/init.yml b/roles/matrix-ldap-registration-proxy/tasks/init.yml index 312165cc..15017333 100644 --- a/roles/matrix-ldap-registration-proxy/tasks/init.yml +++ b/roles/matrix-ldap-registration-proxy/tasks/init.yml @@ -4,8 +4,55 @@ - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: msg: "To self-build the matrix_ldap_registration_proxy image, you should use Ansible 2.8 or higher. See docs/ansible.md" - when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_matrix_ldap_registration_proxy_container_image_self_build and matrix_matrix_ldap_registration_proxy_enabled | bool" + when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_ldap_registration_proxy_container_image_self_build and matrix_ldap_registration_proxy_enabled | bool" - ansible.builtin.set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-matrix-ldap-registration-proxy.service'] }}" - when: matrix_matrix_ldap_registration_proxy_enabled | bool + when: matrix_ldap_registration_proxy_enabled | bool + +- block: + - name: Fail if matrix-nginx-proxy role already executed + ansible.builtin.fail: + msg: >- + Trying to append Matrix LDAP registration proxy's reverse-proxying configuration to matrix-nginx-proxy, + but it's pointless since the matrix-nginx-proxy role had already executed. + To fix this, please change the order of roles in your playbook, + so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-telegram role. + when: matrix_nginx_proxy_role_executed | default(False) | bool + + - name: Generate Matrix LDAP registration proxy proxying configuration for matrix-nginx-proxy + ansible.builtin.set_fact: + matrix_ldap_registration_proxy_matrix_nginx_proxy_configuration: | + location {{ matrix_ldap_registration_proxy_public_endpoint }} { + {% if matrix_nginx_proxy_enabled | default(False) %} + {# Use the embedded DNS resolver in Docker containers to discover the service #} + resolver 127.0.0.11 valid=5s; + set $backend "{{ matrix_ldap_registration_proxy_registration_addr_with_container }}"; + proxy_pass http://$backend/register;; + {% else %} + {# Generic configuration for use outside of our container setup #} + proxy_pass http://{{ matrix_ldap_registration_proxy_registration_addr_sans_container }}/register; + {% endif %} + } + + - name: Register Matrix LDAP registration proxy proxying configuration with matrix-nginx-proxy + ansible.builtin.set_fact: + matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: | + {{ + matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([]) + + + [matrix_ldap_registration_proxy_matrix_nginx_proxy_configuration] + }} + - name: Warn about reverse-proxying if matrix-nginx-proxy not used + ansible.builtin.debug: + msg: >- + NOTE: You've enabled the Matrix LDAP registration proxy bridge but are not using the matrix-nginx-proxy + reverse proxy. + Please make sure that you're proxying the `{{ matrix_ldap_registration_proxy_public_endpoint }}` + URL endpoint to the matrix-matrix-ldap-proxy container. + You can expose the container's port using the `matrix_ldap_registration_proxy_container_http_host_bind_port` variable. + when: "not matrix_nginx_proxy_enabled | default(False) | bool" + + tags: + - always + when: matrix_ldap_registration_proxy_enabled | bool and matrix_ldap_registration_proxy_appservice_public_enabled | bool From d03d0dc89797303a36ae01a11aea95b6b7db4f0c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Mon, 5 Sep 2022 21:54:10 +0200 Subject: [PATCH 259/562] Add role to setup.yml --- setup.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/setup.yml b/setup.yml index 3b7d235d..0086b032 100755 --- a/setup.yml +++ b/setup.yml @@ -59,6 +59,7 @@ - matrix-client-hydrogen - matrix-client-cinny - matrix-jitsi + - matrix-ldap-registration-proxy - matrix-ma1sd - matrix-dimension - matrix-etherpad From 24effe36b6e490d13ddd02726ff5692fd3bb7224 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Tue, 6 Sep 2022 09:37:35 +0200 Subject: [PATCH 260/562] Fix typo --- roles/matrix-ldap-registration-proxy/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-ldap-registration-proxy/defaults/main.yml b/roles/matrix-ldap-registration-proxy/defaults/main.yml index 712e1101..5a010f97 100644 --- a/roles/matrix-ldap-registration-proxy/defaults/main.yml +++ b/roles/matrix-ldap-registration-proxy/defaults/main.yml @@ -30,7 +30,7 @@ matrix_ldap_registration_proxy_container_port: 8080 # Takes an ":" or "" value (e.g. "127.0.0.1:8080"), or empty string to not expose. matrix_ldap_registration_proxy_container_http_host_bind_port: '' -matrix_ldap_registration_proxy_registration_addr_with_container: "matrix-ldap_-egistration-proxy:{{ matrix_ldap_registration_proxy_container_port }}" +matrix_ldap_registration_proxy_registration_addr_with_container: "matrix-ldap_registration-proxy:{{ matrix_ldap_registration_proxy_container_port }}" matrix_ldap_registration_proxy_registration_addr_sans_container: "127.0.0.1:{{ matrix_ldap_registration_proxy_container_port }}" From 48a1ab0d22496580d9d7eb14a863cbd9f5ce37a9 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 6 Sep 2022 12:16:09 +0300 Subject: [PATCH 261/562] Upgrade Grafana (9.1.2 -> 9.1.3) --- roles/matrix-grafana/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index 0b57de77..dcd07bf5 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -5,7 +5,7 @@ matrix_grafana_enabled: false -matrix_grafana_version: 9.1.2 +matrix_grafana_version: 9.1.3 matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}" matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}" From 8b40ca8daaa61fdf60bb04f5ff201ee54e942c6d Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 6 Sep 2022 12:16:27 +0300 Subject: [PATCH 262/562] Upgrade ddclient (v3.9.1-ls97 -> v3.9.1-ls98) --- roles/matrix-dynamic-dns/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dynamic-dns/defaults/main.yml b/roles/matrix-dynamic-dns/defaults/main.yml index 8354e1d9..8a5e7cdf 100644 --- a/roles/matrix-dynamic-dns/defaults/main.yml +++ b/roles/matrix-dynamic-dns/defaults/main.yml @@ -7,7 +7,7 @@ matrix_dynamic_dns_enabled: true # The dynamic dns daemon interval matrix_dynamic_dns_daemon_interval: '300' -matrix_dynamic_dns_version: v3.9.1-ls97 +matrix_dynamic_dns_version: v3.9.1-ls98 # The docker container to use when in mode matrix_dynamic_dns_docker_image: "{{ matrix_dynamic_dns_docker_image_name_prefix }}linuxserver/ddclient:{{ matrix_dynamic_dns_version }}" From b92ff748e46e98c55f05aec46bb7047142810216 Mon Sep 17 00:00:00 2001 From: Aine Date: Fri, 9 Sep 2022 10:47:00 +0300 Subject: [PATCH 263/562] Update Postmoogle 0.9.0 -> 0.9.1 --- docs/configuring-dns.md | 33 ++++++++++++------- docs/configuring-playbook-bot-postmoogle.md | 3 ++ group_vars/matrix_servers | 2 ++ roles/matrix-bot-postmoogle/defaults/main.yml | 18 +++++++--- roles/matrix-bot-postmoogle/templates/env.j2 | 5 ++- .../systemd/matrix-bot-postmoogle.service.j2 | 2 ++ 6 files changed, 46 insertions(+), 17 deletions(-) diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index ca7c08b0..e03a8cb8 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -28,18 +28,22 @@ If you are using Cloudflare DNS, make sure to disable the proxy and set all reco ## DNS settings for optional services/features -| Type | Host | Priority | Weight | Port | Target | -| ----- | ---------------------------- | -------- | ------ | ---- | ---------------------- | -| SRV | `_matrix-identity._tcp` | 10 | 0 | 443 | `matrix.` | -| CNAME | `dimension` | - | - | - | `matrix.` | -| CNAME | `jitsi` | - | - | - | `matrix.` | -| CNAME | `stats` | - | - | - | `matrix.` | -| CNAME | `goneb` | - | - | - | `matrix.` | -| CNAME | `sygnal` | - | - | - | `matrix.` | -| CNAME | `ntfy` | - | - | - | `matrix.` | -| CNAME | `hydrogen` | - | - | - | `matrix.` | -| CNAME | `cinny` | - | - | - | `matrix.` | -| CNAME | `buscarron` | - | - | - | `matrix.` | +| Type | Host | Priority | Weight | Port | Target | +| ----- | ------------------------------ | -------- | ------ | ---- | --------------------------- | +| SRV | `_matrix-identity._tcp` | 10 | 0 | 443 | `matrix.` | +| CNAME | `dimension` | - | - | - | `matrix.` | +| CNAME | `jitsi` | - | - | - | `matrix.` | +| CNAME | `stats` | - | - | - | `matrix.` | +| CNAME | `goneb` | - | - | - | `matrix.` | +| CNAME | `sygnal` | - | - | - | `matrix.` | +| CNAME | `ntfy` | - | - | - | `matrix.` | +| CNAME | `hydrogen` | - | - | - | `matrix.` | +| CNAME | `cinny` | - | - | - | `matrix.` | +| CNAME | `buscarron` | - | - | - | `matrix.` | +| MX | `matrix` | 10 | 0 | - | `matrix.` | +| TXT | `matrix` | - | - | - | `v=spf1 ip4: -all` | +| TXT | `_dmarc.matrix` | - | - | - | `v=DMARC1; p=quarantine;` | +| TXT | `postmoogle._domainkey.matrix` | - | - | - | get it from `!pm dkim` | ## Subdomains setup @@ -77,3 +81,8 @@ This is an optional feature for the optionally-installed [ma1sd service](configu Note: This `_matrix-identity._tcp` SRV record for the identity server is different from the `_matrix._tcp` that can be used for Synapse delegation. See [howto-server-delegation.md](howto-server-delegation.md) for more information about delegation. When you're done with the DNS configuration and ready to proceed, continue with [Getting the playbook](getting-the-playbook.md). + +## `_dmarc`, `postmoogle._domainkey` TXT and `matrix` MX records setup + +To make the [postmoogle](https://gitlab.com/etke.cc/postmoogle) email bridge enable its email sending features, you need to configure +SPF (TXT), DMARC (TXT), DKIM (TXT) and MX records diff --git a/docs/configuring-playbook-bot-postmoogle.md b/docs/configuring-playbook-bot-postmoogle.md index 70ac57b6..31566da9 100644 --- a/docs/configuring-playbook-bot-postmoogle.md +++ b/docs/configuring-playbook-bot-postmoogle.md @@ -35,6 +35,9 @@ matrix_bot_postmoogle_enabled: true matrix_bot_postmoogle_password: PASSWORD_FOR_THE_BOT ``` +You will also need to add several DNS records so that postmoogle can send emails. +See [Configuring DNS](configuring-dns.md). + ## Installing diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 074e06e9..6f841168 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1791,6 +1791,8 @@ matrix_ssl_domains_to_obtain_certificates_for: | + ([matrix_server_fqn_ntfy] if matrix_ntfy_enabled else []) + + ([matrix_bot_postmoogle_domain] if matrix_bot_postmoogle_enabled else []) + + ([matrix_domain] if matrix_nginx_proxy_base_domain_serving_enabled else []) + matrix_ssl_additional_domains_to_obtain_certificates_for diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index 10c4255b..718480e3 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -9,7 +9,7 @@ matrix_bot_postmoogle_docker_repo: "https://gitlab.com/etke.cc/postmoogle.git" matrix_bot_postmoogle_docker_repo_version: "{{ 'main' if matrix_bot_postmoogle_version == 'latest' else matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_src_files_path: "{{ matrix_base_data_path }}/postmoogle/docker-src" -matrix_bot_postmoogle_version: v0.9.0 +matrix_bot_postmoogle_version: v0.9.1 matrix_bot_postmoogle_docker_image: "{{ matrix_bot_postmoogle_docker_image_name_prefix }}postmoogle:{{ matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_postmoogle_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" matrix_bot_postmoogle_docker_image_force_pull: "{{ matrix_bot_postmoogle_docker_image.endswith(':latest') }}" @@ -17,6 +17,7 @@ matrix_bot_postmoogle_docker_image_force_pull: "{{ matrix_bot_postmoogle_docker_ matrix_bot_postmoogle_base_path: "{{ matrix_base_data_path }}/postmoogle" matrix_bot_postmoogle_config_path: "{{ matrix_bot_postmoogle_base_path }}/config" matrix_bot_postmoogle_data_path: "{{ matrix_bot_postmoogle_base_path }}/data" +matrix_bot_postmoogle_ssl_path: "{{ matrix_ssl_config_dir_path }}" # A list of extra arguments to pass to the container matrix_bot_postmoogle_container_extra_arguments: [] @@ -110,11 +111,20 @@ matrix_bot_postmoogle_noencryption: false matrix_bot_postmoogle_domain: "{{ matrix_server_fqn_matrix }}" -# in-container port -matrix_bot_postmoogle_port: '2525' +# Mandatory TLS, even on plain SMTP port +matrix_bot_postmoogle_tls_required: false -# on-host port +# in-container ports +matrix_bot_postmoogle_port: '2525' +matrix_bot_postmoogle_tls_port: '25587' + +# on-host ports matrix_bot_postmoogle_smtp_host_bind_port: '25' +matrix_bot_postmoogle_smtps_host_bind_port: '587' + +# in-container SSL paths +matrix_bot_postmoogle_tls_cert: "/ssl/live/{{ matrix_bot_postmoogle_domain }}/fullchain.pem" +matrix_bot_postmoogle_tls_key: "/ssl/live/{{ matrix_bot_postmoogle_domain }}/privkey.pem" # Additional environment variables to pass to the postmoogle container # diff --git a/roles/matrix-bot-postmoogle/templates/env.j2 b/roles/matrix-bot-postmoogle/templates/env.j2 index 7c0d10be..304e0dd8 100644 --- a/roles/matrix-bot-postmoogle/templates/env.j2 +++ b/roles/matrix-bot-postmoogle/templates/env.j2 @@ -10,7 +10,10 @@ POSTMOOGLE_MAXSIZE={{ matrix_bot_postmoogle_maxsize }} POSTMOOGLE_SENTRY={{ matrix_bot_postmoogle_sentry }} POSTMOOGLE_LOGLEVEL={{ matrix_bot_postmoogle_loglevel }} POSTMOOGLE_NOENCRYPTION={{ matrix_bot_postmoogle_noencryption }} -POSTMOOGLE_USERS={{ matrix_bot_postmoogle_users | join(' ') }} POSTMOOGLE_ADMINS={{ matrix_bot_postmoogle_admins | join(' ') }} +POSTMOOGLE_TLS_PORT={{ matrix_bot_postmoogle_tls_port }} +POSTMOOGLE_TLS_CERT={{ matrix_bot_postmoogle_tls_cert }} +POSTMOOGLE_TLS_KEY={{ matrix_bot_postmoogle_tls_key }} +POSTMOOGLE_TLS_REQUIRED={{ matrix_bot_postmoogle_tls_required }} {{ matrix_bot_postmoogle_environment_variables_extension }} diff --git a/roles/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 b/roles/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 index 38eb89a6..8250d20a 100644 --- a/roles/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 +++ b/roles/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 @@ -24,7 +24,9 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-postmoogle --network={{ matrix_docker_network }} \ --env-file={{ matrix_bot_postmoogle_config_path }}/env \ -p {{ matrix_bot_postmoogle_smtp_host_bind_port }}:{{ matrix_bot_postmoogle_port }} \ + -p {{ matrix_bot_postmoogle_smtps_host_bind_port }}:{{ matrix_bot_postmoogle_tls_port }} \ --mount type=bind,src={{ matrix_bot_postmoogle_data_path }},dst=/data \ + --mount type=bind,src={{ matrix_bot_postmoogle_ssl_path }},dst=/ssl \ {% for arg in matrix_bot_postmoogle_container_extra_arguments %} {{ arg }} \ {% endfor %} From 692a7af36afcb301d3e16fc9c2924681871cda2e Mon Sep 17 00:00:00 2001 From: Aine Date: Fri, 9 Sep 2022 13:19:25 +0300 Subject: [PATCH 264/562] postmoogle feedback --- docs/configuring-dns.md | 2 +- group_vars/matrix_servers | 3 ++ roles/matrix-bot-postmoogle/defaults/main.yml | 30 ++++++++++++++----- .../systemd/matrix-bot-postmoogle.service.j2 | 6 +++- .../tasks/ssl/setup_ssl_lets_encrypt.yml | 2 +- .../tasks/ssl/setup_ssl_manually_managed.yml | 2 +- .../tasks/ssl/setup_ssl_self_signed.yml | 2 +- 7 files changed, 34 insertions(+), 13 deletions(-) diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index e03a8cb8..05cb4b7a 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -84,5 +84,5 @@ When you're done with the DNS configuration and ready to proceed, continue with ## `_dmarc`, `postmoogle._domainkey` TXT and `matrix` MX records setup -To make the [postmoogle](https://gitlab.com/etke.cc/postmoogle) email bridge enable its email sending features, you need to configure +To make the [postmoogle](configuring-playbook-bot-postmoogle.md) email bridge enable its email sending features, you need to configure SPF (TXT), DMARC (TXT), DKIM (TXT) and MX records diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 6f841168..2c14a917 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1210,6 +1210,9 @@ matrix_bot_buscarron_container_image_self_build: "{{ matrix_architecture not in # We don't enable bots by default. matrix_bot_postmoogle_enabled: false +matrix_bot_postmoogle_ssl_path: "{{ matrix_ssl_config_dir_path }}" +matrix_bot_postmoogle_tls_cert: "/ssl/live/{{ matrix_bot_postmoogle_domain }}/fullchain.pem" +matrix_bot_postmoogle_tls_key: "/ssl/live/{{ matrix_bot_postmoogle_domain }}/privkey.pem" matrix_bot_postmoogle_systemd_required_services_list: | {{ diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index 718480e3..6f7a96cc 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -17,7 +17,6 @@ matrix_bot_postmoogle_docker_image_force_pull: "{{ matrix_bot_postmoogle_docker_ matrix_bot_postmoogle_base_path: "{{ matrix_base_data_path }}/postmoogle" matrix_bot_postmoogle_config_path: "{{ matrix_bot_postmoogle_base_path }}/config" matrix_bot_postmoogle_data_path: "{{ matrix_bot_postmoogle_base_path }}/data" -matrix_bot_postmoogle_ssl_path: "{{ matrix_ssl_config_dir_path }}" # A list of extra arguments to pass to the container matrix_bot_postmoogle_container_extra_arguments: [] @@ -111,20 +110,35 @@ matrix_bot_postmoogle_noencryption: false matrix_bot_postmoogle_domain: "{{ matrix_server_fqn_matrix }}" -# Mandatory TLS, even on plain SMTP port -matrix_bot_postmoogle_tls_required: false - # in-container ports matrix_bot_postmoogle_port: '2525' matrix_bot_postmoogle_tls_port: '25587' # on-host ports matrix_bot_postmoogle_smtp_host_bind_port: '25' -matrix_bot_postmoogle_smtps_host_bind_port: '587' +matrix_bot_postmoogle_submission_host_bind_port: '587' -# in-container SSL paths -matrix_bot_postmoogle_tls_cert: "/ssl/live/{{ matrix_bot_postmoogle_domain }}/fullchain.pem" -matrix_bot_postmoogle_tls_key: "/ssl/live/{{ matrix_bot_postmoogle_domain }}/privkey.pem" +### SSL +## on-host SSL dir +matrix_bot_postmoogle_ssl_path: "" + +## in-container SSL paths +# matrix_bot_postmoogle_tls_cert is the SSL certificate's certificate. +# This is likely set via group_vars/matrix_servers, so you don't need to set it. +# If you do need to set it manually, note that this is an in-container path. +# To mount a certificates volumes into the container, use matrix_bot_postmoogle_ssl_path +# Example value: /ssl/live/{{ matrix_bot_postmoogle_domain }}/fullchain.pem +matrix_bot_postmoogle_tls_cert: "" + +# matrix_bot_postmoogle_tls_key is the SSL certificate's key. +# This is likely set via group_vars/matrix_servers, so you don't need to set it. +# If you do need to set it manually, note that this is an in-container path. +# To mount a certificates volumes into the container, use matrix_bot_postmoogle_ssl_path +# Example value: /ssl/live/{{ matrix_bot_postmoogle_domain }}/privkey.pem +matrix_bot_postmoogle_tls_key: "" + +# Mandatory TLS, even on plain SMTP port +matrix_bot_postmoogle_tls_required: false # Additional environment variables to pass to the postmoogle container # diff --git a/roles/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 b/roles/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 index 8250d20a..fa45a3a4 100644 --- a/roles/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 +++ b/roles/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 @@ -24,9 +24,13 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-postmoogle --network={{ matrix_docker_network }} \ --env-file={{ matrix_bot_postmoogle_config_path }}/env \ -p {{ matrix_bot_postmoogle_smtp_host_bind_port }}:{{ matrix_bot_postmoogle_port }} \ - -p {{ matrix_bot_postmoogle_smtps_host_bind_port }}:{{ matrix_bot_postmoogle_tls_port }} \ + {% if matrix_bot_postmoogle_ssl_path %} + -p {{ matrix_bot_postmoogle_submission_host_bind_port }}:{{ matrix_bot_postmoogle_tls_port }} \ + {% endif %} --mount type=bind,src={{ matrix_bot_postmoogle_data_path }},dst=/data \ + {% if matrix_bot_postmoogle_ssl_path %} --mount type=bind,src={{ matrix_bot_postmoogle_ssl_path }},dst=/ssl \ + {% endif %} {% for arg in matrix_bot_postmoogle_container_extra_arguments %} {{ arg }} \ {% endfor %} diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml index 0e5339a9..f2afe2ff 100644 --- a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml +++ b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml @@ -26,7 +26,7 @@ - name: Obtain Let's Encrypt certificates ansible.builtin.include_tasks: "{{ role_path }}/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml" - with_items: "{{ matrix_ssl_domains_to_obtain_certificates_for }}" + with_items: "{{ matrix_ssl_domains_to_obtain_certificates_for | unique }}" loop_control: loop_var: domain_name diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_manually_managed.yml b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_manually_managed.yml index f6fc5a81..769af323 100644 --- a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_manually_managed.yml +++ b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_manually_managed.yml @@ -2,7 +2,7 @@ - name: Verify certificates ansible.builtin.include_tasks: "{{ role_path }}/tasks/ssl/setup_ssl_manually_managed_verify_for_domain.yml" - with_items: "{{ matrix_ssl_domains_to_obtain_certificates_for }}" + with_items: "{{ matrix_ssl_domains_to_obtain_certificates_for | unique }}" loop_control: loop_var: domain_name when: "matrix_ssl_retrieval_method == 'manually-managed'" diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml index 3a7f1958..918b74db 100644 --- a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml +++ b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml @@ -5,7 +5,7 @@ - name: Generate self-signed certificates ansible.builtin.include_tasks: "{{ role_path }}/tasks/ssl/setup_ssl_self_signed_obtain_for_domain.yml" - with_items: "{{ matrix_ssl_domains_to_obtain_certificates_for }}" + with_items: "{{ matrix_ssl_domains_to_obtain_certificates_for | unique }}" loop_control: loop_var: domain_name when: "matrix_ssl_retrieval_method == 'self-signed'" From 98b9e2cd848397acfdf1c5573385a2ff7462beb7 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 9 Sep 2022 14:36:53 +0300 Subject: [PATCH 265/562] Add "Component" column to optional-DNS-records table --- docs/configuring-dns.md | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index 05cb4b7a..8b80613a 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -28,22 +28,22 @@ If you are using Cloudflare DNS, make sure to disable the proxy and set all reco ## DNS settings for optional services/features -| Type | Host | Priority | Weight | Port | Target | -| ----- | ------------------------------ | -------- | ------ | ---- | --------------------------- | -| SRV | `_matrix-identity._tcp` | 10 | 0 | 443 | `matrix.` | -| CNAME | `dimension` | - | - | - | `matrix.` | -| CNAME | `jitsi` | - | - | - | `matrix.` | -| CNAME | `stats` | - | - | - | `matrix.` | -| CNAME | `goneb` | - | - | - | `matrix.` | -| CNAME | `sygnal` | - | - | - | `matrix.` | -| CNAME | `ntfy` | - | - | - | `matrix.` | -| CNAME | `hydrogen` | - | - | - | `matrix.` | -| CNAME | `cinny` | - | - | - | `matrix.` | -| CNAME | `buscarron` | - | - | - | `matrix.` | -| MX | `matrix` | 10 | 0 | - | `matrix.` | -| TXT | `matrix` | - | - | - | `v=spf1 ip4: -all` | -| TXT | `_dmarc.matrix` | - | - | - | `v=DMARC1; p=quarantine;` | -| TXT | `postmoogle._domainkey.matrix` | - | - | - | get it from `!pm dkim` | +| Type | Host | Priority | Weight | Port | Target | Used by component | +| ----- | ------------------------------ | -------- | ------ | ---- | --------------------------- | ----------------------------------------------------------------------------------------------------------------------- | +| SRV | `_matrix-identity._tcp` | 10 | 0 | 443 | `matrix.` | [ma1sd](configuring-playbook-ma1sd.md) identity server | +| CNAME | `dimension` | - | - | - | `matrix.` | [Dimension](configuring-playbook-dimension.md) integration server | +| CNAME | `jitsi` | - | - | - | `matrix.` | [Jitsi](configuring-playbook-jitsi.md) video-conferencing platform | +| CNAME | `stats` | - | - | - | `matrix.` | [Prometheus/Grafana](configuring-playbook-prometheus-grafana.md) monitoring system | +| CNAME | `goneb` | - | - | - | `matrix.` | [Go-NEB](configuring-playbook-bot-go-neb.md) bot | +| CNAME | `sygnal` | - | - | - | `matrix.` | [Sygnal](configuring-playbook-sygnal.md) push notification gateway | +| CNAME | `ntfy` | - | - | - | `matrix.` | [ntfy](configuring-playbook-ntfy.md) push notifications server | +| CNAME | `hydrogen` | - | - | - | `matrix.` | [Hydrogen](configuring-playbook-client-hydrogen.md) web client | +| CNAME | `cinny` | - | - | - | `matrix.` | [Cinny](configuring-playbook-client-cinny.md) web client | +| CNAME | `buscarron` | - | - | - | `matrix.` | [Buscarron](configuring-playbook-bot-buscarron.md) helpdesk bot | +| MX | `matrix` | 10 | 0 | - | `matrix.` | [Postmoogle](configuring-playbook-bot-postmoogle.md)/[Email2Matrix](configuring-playbook-email2matrix.md) email bridges | +| TXT | `matrix` | - | - | - | `v=spf1 ip4: -all` | [Postmoogle](configuring-playbook-bot-postmoogle.md)/[Email2Matrix](configuring-playbook-email2matrix.md) email bridges | +| TXT | `_dmarc.matrix` | - | - | - | `v=DMARC1; p=quarantine;` | [Postmoogle](configuring-playbook-bot-postmoogle.md)/[Email2Matrix](configuring-playbook-email2matrix.md) email bridges | +| TXT | `postmoogle._domainkey.matrix` | - | - | - | get it from `!pm dkim` | [Postmoogle](configuring-playbook-bot-postmoogle.md)/[Email2Matrix](configuring-playbook-email2matrix.md) email bridges | ## Subdomains setup From 5825a0c9195b990b727d5c0d507671281f01da71 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 9 Sep 2022 13:37:52 +0200 Subject: [PATCH 266/562] Cactus comments (#2089) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Add construct for cactus comments role * Adjust config files * Add docker self build to defaults * Adjust tasks * Fix smaller syntax errors * Fix env argument * Add tmp path to allow container writing there Background why I did this: https://docs.gunicorn.org/en/stable/settings.html#worker-tmp-dir * Change port back to 5000 as not configurable in container * Try to add appservice config file for synapse to use * Inject appservice file * Correct copied variable name * Comment out unused app service file injection would need mounting the appservice file to the synapse container i guess * Move role before synapse to be able to inject during runtime * Remove unused parts * Change default user id to mirror official docs * Add docs * Update roles/matrix-cactus-comments/tasks/setup_install.yml Co-authored-by: Slavi Pantaleev * Update roles/matrix-cactus-comments/templates/cactus_appservice.yaml.j2 Co-authored-by: Slavi Pantaleev * Generate secrets if necessary, adjust docs * Rename cactusbot userid * Shorten salt strings Co-authored-by: Slavi Pantaleev * Use tmpfs instead of persistent mount * Remove proxy option as it is nonsense * Add download and serving of cc-client files * Add documentation on client * Clarify docs a bit * Add nginx proxy to required services Signed-off-by: Julian-Samuel Gebühr * Use container address Signed-off-by: Julian-Samuel Gebühr * Correct comment of user id Signed-off-by: Julian-Samuel Gebühr * Use releases or local distributed client Signed-off-by: Julian-Samuel Gebühr * Move homeserver url to defaults Signed-off-by: Julian-Samuel Gebühr * Correct truth value Signed-off-by: Julian-Samuel Gebühr * Add documentation of variables Co-authored-by: Slavi Pantaleev * Tabs vs. spaces Co-authored-by: Slavi Pantaleev * Make nginx root configurable Signed-off-by: Julian-Samuel Gebühr * Complete ake nginx root configurable Signed-off-by: Julian-Samuel Gebühr * Fix file permission Signed-off-by: Julian-Samuel Gebühr * Fix lint errors Signed-off-by: Julian-Samuel Gebühr Signed-off-by: Julian-Samuel Gebühr Co-authored-by: Slavi Pantaleev --- README.md | 2 + docs/configuring-playbook-cactus-comments.md | 63 ++++++++ docs/configuring-playbook.md | 2 + docs/container-images.md | 2 + group_vars/matrix_servers | 29 ++++ .../matrix-cactus-comments/defaults/main.yml | 58 ++++++++ roles/matrix-cactus-comments/tasks/init.yml | 67 +++++++++ roles/matrix-cactus-comments/tasks/main.yml | 23 +++ .../tasks/setup_install.yml | 138 ++++++++++++++++++ .../tasks/setup_uninstall.yml | 36 +++++ .../tasks/validate_config.yml | 10 ++ .../templates/cactus_appservice.yaml.j2 | 19 +++ roles/matrix-cactus-comments/templates/env.j2 | 6 + .../systemd/matrix-cactus-comments.service.j2 | 36 +++++ setup.yml | 1 + 15 files changed, 492 insertions(+) create mode 100644 docs/configuring-playbook-cactus-comments.md create mode 100644 roles/matrix-cactus-comments/defaults/main.yml create mode 100644 roles/matrix-cactus-comments/tasks/init.yml create mode 100644 roles/matrix-cactus-comments/tasks/main.yml create mode 100644 roles/matrix-cactus-comments/tasks/setup_install.yml create mode 100644 roles/matrix-cactus-comments/tasks/setup_uninstall.yml create mode 100644 roles/matrix-cactus-comments/tasks/validate_config.yml create mode 100644 roles/matrix-cactus-comments/templates/cactus_appservice.yaml.j2 create mode 100644 roles/matrix-cactus-comments/templates/env.j2 create mode 100644 roles/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 diff --git a/README.md b/README.md index 221e8a85..e545d18f 100644 --- a/README.md +++ b/README.md @@ -137,6 +137,8 @@ Using this playbook, you can get the following services configured on your serve - (optional) the [Buscarron](https://gitlab.com/etke.cc/buscarron) bot - see [docs/configuring-playbook-bot-buscarron.md](docs/configuring-playbook-bot-buscarron.md) for setup documentation +- (optional) [Cactus Comments](https://cactus.chat), a federated comment system built on matrix - see [docs/configuring-playbook-cactus-comments.md](docs/configuring-playbook-cactus-comments.md) for setup documentation + Basically, this playbook aims to get you up-and-running with all the necessities around Matrix, without you having to do anything else. **Note**: the list above is exhaustive. It includes optional or even some advanced components that you will most likely not need. diff --git a/docs/configuring-playbook-cactus-comments.md b/docs/configuring-playbook-cactus-comments.md new file mode 100644 index 00000000..b62d33b2 --- /dev/null +++ b/docs/configuring-playbook-cactus-comments.md @@ -0,0 +1,63 @@ +# Setting up Cactus Comments (optional) + +The playbook can install and configure [Cactus Comments](https://cactus.chat) for you. + +Cactus Comments is a **federated comment system** built on Matrix. The role allows you to self-host the system. +It respects your privacy, and puts you in control. + +See the project's [documentation](https://cactus.chat/docs/getting-started/introduction/) to learn what it +does and why it might be useful to you. + + +## Configuration + +Add the following block to your `vars.yaml` and make sure to exchange the tokens to randomly generated values. + +```ỳaml +################# +## Cactus Chat ## +################# + +matrix_cactus_comments_enabled: true + +# To allow guest comments without users needing to log in, you need to have guest registration enabled. +# To do this you need to uncomment one of the following lines (depending if you are using synapse or dentrite as a homeserver) +# If you don't know which one you use: The default is synapse ;) +# matrix_synapse_allow_guest_access: true +# matrix_dentrite_allow_guest_access +``` + +## Installing + +After configuring the playbook, run the [installation](installing.md) command again: + +``` +ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start +``` + + +## Usage + +To get started wit cactus comments message @bot.cactusbot:your-homeserver.com and type `help` to make sure it works. +Then register a site by typing: `register `. You will then be invited into a moderation room. +Now you are good to go and can include the comment section on your website! + +**Careful:** To really make use of self-hosting you need change a few things in comparison to the official docs! + +Insert the following snippet into you page and make sure to replace `example.com` with your base domain! + + +```html + + +
+ +``` diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index b3b44b5f..b17f902f 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -179,3 +179,5 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up the Sygnal push gateway](configuring-playbook-sygnal.md) (optional) - [Setting up the ntfy push notifications server](configuring-playbook-ntfy.md) (optional) + +- [Setting up a Cactus Comments server](configuring-playbook-cactus-comments.md) - a federated comment system built on Matrix (optional) diff --git a/docs/container-images.md b/docs/container-images.md index b16babff..737a4457 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -117,3 +117,5 @@ These services are not part of our default installation, but can be enabled by [ - [matrixdotorg/sygnal](https://hub.docker.com/r/matrixdotorg/sygnal/) - [Sygnal](https://github.com/matrix-org/sygnal) is a reference Push Gateway for Matrix - [binwiederhier/ntfy](https://hub.docker.com/r/binwiederhier/ntfy/) - [ntfy](https://ntfy.sh/) is a self-hosted, UnifiedPush-compatible push notifications server + +- [cactuscomments/cactus-appservice](https://hub.docker.com/r/cactuscomments/cactus-appservice/) - [Cactus Comments](https://cactus.chat) a federated comment system built on Matrix diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 2c14a917..d96af363 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1332,6 +1332,35 @@ matrix_backup_borg_systemd_required_services_list: | # /matrix-backup-borg # ###################################################################### +###################################################################### +# +# matrix-cactus-comments +# +###################################################################### + +matrix_cactus_comments_enabled: false + +# Derive secret values from homeserver secret +matrix_cactus_comments_as_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'cactus.as.token') | to_uuid }}" +matrix_cactus_comments_hs_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'cactus.hs.token') | to_uuid }}" + +matrix_cactus_comments_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm32', 'arm64'] }}" +matrix_cactus_comments_systemd_required_services_list: | + {{ + (['docker.service']) + + + (['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else []) + + + (['matrix-' + matrix_homeserver_implementation + '.service']) + }} + +matrix_cactus_comments_client_nginx_path: {{ '/cactus-comments/' if matrix_nginx_proxy_enabled else matrix_cactus_comments_client_path + '/' }} + +###################################################################### +# +# /matrix-cactus-comments +# +###################################################################### ###################################################################### # diff --git a/roles/matrix-cactus-comments/defaults/main.yml b/roles/matrix-cactus-comments/defaults/main.yml new file mode 100644 index 00000000..dbd5b844 --- /dev/null +++ b/roles/matrix-cactus-comments/defaults/main.yml @@ -0,0 +1,58 @@ +--- +# Cactus Comments is a federated comment system built on Matrix + +matrix_cactus_comments_enabled: true +matrix_cactus_comments_serve_client_enabled: true +matrix_cactus_comments_container_image_self_build: false +matrix_cactus_comments_docker_repo: "https://gitlab.com/cactus-comments/cactus-appservice.git" +matrix_cactus_comments_docker_repo_version: "{{ matrix_cactus_comments_version if matrix_cactus_comments_version != 'latest' else 'main' }}" +matrix_cactus_comments_docker_src_files_path: "{{ matrix_cactus_comments_base_path }}/docker-src" + + +matrix_cactus_comments_base_path: "{{ matrix_base_data_path }}/cactus-comments" +matrix_cactus_comments_container_tmp_path: "{{ matrix_cactus_comments_base_path }}/tmp" +matrix_cactus_comments_client_path: "{{ matrix_cactus_comments_base_path }}/client" +matrix_cactus_comments_client_file_permissions: "0644" + +matrix_cactus_comments_app_service_config_file: "{{ matrix_cactus_comments_base_path }}/cactus_appservice.yaml" +matrix_cactus_comments_app_service_env_file: "{{ matrix_cactus_comments_base_path }}/cactus.env" + +matrix_cactus_comments_as_token: '' +matrix_cactus_comments_hs_token: '' +matrix_cactus_comments_homeserver_url: "{{ matrix_homeserver_container_url }}" +matrix_cactus_comments_user_id: "bot.cactusbot" +matrix_cactus_comments_tmp_directory_size_mb: 1 + +matrix_cactus_comments_container_port: 5000 + +matrix_cactus_comments_version: latest +matrix_cactus_comments_docker_image: "{{ matrix_container_global_registry_prefix }}cactuscomments/cactus-appservice:{{ matrix_cactus_comments_version }}" +matrix_cactus_comments_docker_image_force_pull: "{{ matrix_cactus_comments_docker_image.endswith(':latest') }}" + +# matrix_cactus_comments_client_version specifies the version of the cactus-client release to use. +# For available versions, see: https://gitlab.com/cactus-comments/cactus-client/-/releases +# Also see: `matrix_cactus_comments_client_local_dir` +matrix_cactus_comments_client_version: "0.13.0" + +# matrix_cactus_comments_client_local_dir specifies a local directory (on the Ansible controller, not on the remote server) with cactus-client files to use. +# This is an alternative to `matrix_cactus_comments_client_version`, to be used when you'd like to +# provide the files locally / manually. +matrix_cactus_comments_client_local_dir: '' + +# matrix_cactus_comments_client_nginx_path specifies the path where nginx can access the client files. +# The default value assumes a container setup. If you're running nginx without a container, consider adjusting this path +matrix_cactus_comments_client_nginx_path: "/cactus-comments/" + +# matrix_cactus_comments_client_endpoint specifies where nginx will serve the files in nginx is enabled +matrix_cactus_comments_client_endpoint: "/cactus-comments/" + +# List of systemd services that matrix-cactus-comments.service depends on +matrix_bot_cactus_comments_systemd_required_services_list: ['docker.service'] + +# List of systemd services that matrix-cactus-comments.service wants +matrix_bot_cactus_comments_systemd_wanted_services_list: [] + +# A list of extra arguments to pass to the container +matrix_cactus_comments_container_extra_arguments: [] + +matrix_cactus_comments_environment_variables_extension: '' diff --git a/roles/matrix-cactus-comments/tasks/init.yml b/roles/matrix-cactus-comments/tasks/init.yml new file mode 100644 index 00000000..78cdd319 --- /dev/null +++ b/roles/matrix-cactus-comments/tasks/init.yml @@ -0,0 +1,67 @@ +--- + +- ansible.builtin.set_fact: + matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-cactus-comments.service'] }}" + when: matrix_cactus_comments_enabled | bool + +# If the matrix-synapse role is not used, these variables may not exist. +- ansible.builtin.set_fact: + matrix_homeserver_container_runtime_injected_arguments: > + {{ + matrix_homeserver_container_runtime_injected_arguments | default([]) + + + ["--mount type=bind,src={{ matrix_cactus_comments_app_service_config_file }},dst=/matrix-cactus-comments.yaml,ro"] + }} + + matrix_homeserver_app_service_runtime_injected_config_files: > + {{ + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + + + ["/matrix-cactus-comments.yaml"] + }} + when: matrix_cactus_comments_enabled | bool + +- block: + - name: Fail if matrix-nginx-proxy role already executed + ansible.builtin.fail: + msg: >- + Trying to append Cactus Comment's reverse-proxying configuration to matrix-nginx-proxy, + but it's pointless since the matrix-nginx-proxy role had already executed. + To fix this, please change the order of roles in your playbook, + so that the matrix-nginx-proxy role would run after the matrix-cactus-comments role. + when: matrix_nginx_proxy_role_executed | default(False) | bool + + - name: Mount volume + ansible.builtin.set_fact: + matrix_nginx_proxy_container_additional_volumes: > + {{ + matrix_nginx_proxy_container_additional_volumes | default([]) + + + [{"src": "{{ matrix_cactus_comments_client_path }}", "dst": "/cactus-comments/cactus-comments", "options": "ro"}] + }} + - name: Generate Cactus Comment proxying configuration for matrix-nginx-proxy + ansible.builtin.set_fact: + matrix_cactus_comments_nginx_proxy_configuration: | + location {{ matrix_cactus_comments_client_endpoint }} { + root {{ matrix_cactus_comments_client_nginx_path }}; + } + when: "matrix_nginx_proxy_enabled | default(False) | bool" + - name: Register Cactus Comment proxying configuration with matrix-nginx-proxy + ansible.builtin.set_fact: + matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: | + {{ + matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([]) + + + [matrix_cactus_comments_nginx_proxy_configuration] + }} + - name: Warn about reverse-proxying if matrix-nginx-proxy not used + ansible.builtin.debug: + msg: >- + NOTE: You've enabled Cactus Comments but are not using the matrix-nginx-proxy + reverse proxy. + Please make sure that you're proxying client files in {{ matrix_cactus_comments_client_path }} correctly + when: "not matrix_nginx_proxy_enabled | default(False) | bool" + + tags: + - always + when: matrix_cactus_comments_enabled | bool and matrix_cactus_comments_serve_client_enabled | bool diff --git a/roles/matrix-cactus-comments/tasks/main.yml b/roles/matrix-cactus-comments/tasks/main.yml new file mode 100644 index 00000000..857e2db1 --- /dev/null +++ b/roles/matrix-cactus-comments/tasks/main.yml @@ -0,0 +1,23 @@ +--- + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml" + tags: + - always + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml" + when: "run_setup | bool and matrix_cactus_comments_enabled | bool" + tags: + - setup-all + - setup-cactus-comments + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_install.yml" + when: "run_setup | bool and matrix_cactus_comments_enabled | bool" + tags: + - setup-all + - setup-cactus-comments + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" + when: "run_setup | bool and not matrix_cactus_comments_enabled | bool" + tags: + - setup-all + - setup-cactus-comments diff --git a/roles/matrix-cactus-comments/tasks/setup_install.yml b/roles/matrix-cactus-comments/tasks/setup_install.yml new file mode 100644 index 00000000..8e6bb68e --- /dev/null +++ b/roles/matrix-cactus-comments/tasks/setup_install.yml @@ -0,0 +1,138 @@ +--- + +- name: Ensure cactus comments paths exist + ansible.builtin.file: + path: "{{ item.path }}" + state: directory + mode: 0750 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + with_items: + - {path: "{{ matrix_cactus_comments_base_path }}", when: true} + - {path: "{{ matrix_cactus_comments_client_path }}", when: true} + - {path: "{{ matrix_cactus_comments_container_tmp_path }}", when: true} + - {path: "{{ matrix_cactus_comments_docker_src_files_path }}", when: matrix_cactus_comments_container_image_self_build} + when: "item.when | bool" + +- name: Ensure cactus comments environment file created + ansible.builtin.template: + src: "{{ role_path }}/templates/env.j2" + dest: "{{ matrix_cactus_comments_app_service_env_file }}" + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + mode: 0640 + +- name: Ensure cactus comments appservice file created + ansible.builtin.template: + src: "{{ role_path }}/templates/cactus_appservice.yaml.j2" + dest: "{{ matrix_cactus_comments_app_service_config_file }}" + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + mode: 0640 + +- name: Ensure cactus comments image is pulled + docker_image: + name: "{{ matrix_cactus_comments_docker_image }}" + source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" + force_source: "{{ matrix_cactus_comments_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_cactus_comments_docker_image_force_pull }}" + when: "not matrix_cactus_comments_container_image_self_build | bool" + register: result + retries: "{{ matrix_container_retries_count }}" + delay: "{{ matrix_container_retries_delay }}" + until: result is not failed + +- name: Ensure cactus comments repository is present on self-build + ansible.builtin.git: + repo: "{{ matrix_cactus_comments_docker_repo }}" + version: "{{ matrix_cactus_comments_docker_repo_version }}" + dest: "{{ matrix_cactus_comments_docker_src_files_path }}" + force: "yes" + become: true + become_user: "{{ matrix_user_username }}" + register: matrix_cactus_comments_git_pull_results + when: "matrix_cactus_comments_container_image_self_build | bool" + +- name: Ensure cactus comments image is built + docker_image: + name: "{{ matrix_cactus_comments_docker_image }}" + source: build + force_source: "{{ matrix_cactus_comments_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mailer_git_pull_results.changed }}" + build: + dockerfile: Dockerfile + path: "{{ matrix_cactus_comments_docker_src_files_path }}" + pull: true + when: "matrix_cactus_comments_container_image_self_build | bool" + +- block: + - name: Download client binary to local folder + ansible.builtin.get_url: + url: "https://gitlab.com/cactus-comments/cactus-client/-/archive/v{{ matrix_cactus_comments_client_version }}/cactus-client-v{{ matrix_cactus_comments_client_version }}.tar.gz" + dest: "/tmp/cactus-comments-{{ matrix_cactus_comments_client_version }}.tar.gz" + mode: '0644' + register: _download_client + until: _download_client is succeeded + retries: 5 + delay: 2 + check_mode: false + + - name: Unpack client + ansible.builtin.unarchive: + src: "/tmp/cactus-comments-{{ matrix_cactus_comments_client_version }}.tar.gz" + dest: "/tmp/" + remote_src: true + mode: 0600 + check_mode: false + + - name: Propagate client javascript file + ansible.builtin.copy: + src: "/tmp/cactus-client-v{{ matrix_cactus_comments_client_version }}/src/cactus.js" + remote_src: true + dest: "{{ matrix_cactus_comments_client_path }}/cactus.js" + mode: "{{ matrix_cactus_comments_client_file_permissions }}" + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + - name: Propagate client style file + ansible.builtin.copy: + src: "/tmp/cactus-client-v{{ matrix_cactus_comments_client_version }}/src/style.css" + remote_src: true + dest: "{{ matrix_cactus_comments_client_path }}/style.css" + mode: "{{ matrix_cactus_comments_client_file_permissions }}" + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + when: matrix_cactus_comments_client_local_dir | length == 0 + +- block: + - name: Propagate locally distributed client javascreipt + ansible.builtin.copy: + src: "{{ matrix_cactus_comments_client_local_dir }}/src/cactus.js" + dest: "{{ matrix_cactus_comments_client_path }}/cactus.js" + mode: "{{ matrix_cactus_comments_client_file_permissions }}" + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + - name: Propagate locally distributed client style.css + ansible.builtin.copy: + src: "{{ matrix_cactus_comments_client_local_dir }}/src/style.css" + dest: "{{ matrix_cactus_comments_client_path }}/style.css" + mode: "{{ matrix_cactus_comments_client_file_permissions }}" + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + when: matrix_cactus_comments_client_local_dir | length > 0 + +- name: Ensure matrix-cactus-comments.service installed + ansible.builtin.template: + src: "{{ role_path }}/templates/systemd/matrix-cactus-comments.service.j2" + dest: "{{ matrix_systemd_path }}/matrix-cactus-comments.service" + mode: 0644 + register: matrix_cactus_comments_systemd_service_result + +- name: Ensure systemd reloaded after matrix-cactus-comments.service installation + ansible.builtin.service: + daemon_reload: true + when: "matrix_cactus_comments_systemd_service_result.changed | bool" + +- name: Ensure matrix-cactus-comments.service restarted, if necessary + ansible.builtin.service: + name: "matrix-cactus-comments.service" + state: restarted diff --git a/roles/matrix-cactus-comments/tasks/setup_uninstall.yml b/roles/matrix-cactus-comments/tasks/setup_uninstall.yml new file mode 100644 index 00000000..011c04b8 --- /dev/null +++ b/roles/matrix-cactus-comments/tasks/setup_uninstall.yml @@ -0,0 +1,36 @@ +--- + +- name: Check existence of matrix-cactus-comments service + ansible.builtin.stat: + path: "{{ matrix_systemd_path }}/matrix-cactus-comments.service" + register: matrix_cactus_comments_service_stat + +- name: Ensure cactus comments is stopped + ansible.builtin.service: + name: matrix-cactus-comments + state: stopped + enabled: false + daemon_reload: true + register: stopping_result + when: "matrix_cactus_comments_service_stat.stat.exists | bool" + +- name: Ensure matrix-cactus-comments.service doesn't exist + ansible.builtin.file: + path: "{{ matrix_systemd_path }}/matrix-cactus-comments.service" + state: absent + when: "matrix_cactus_comments_service_stat.stat.exists | bool" + +- name: Ensure systemd reloaded after matrix-cactus-comments.service removal + ansible.builtin.service: + daemon_reload: true + when: "matrix_cactus_comments_service_stat.stat.exists | bool" + +- name: Ensure Matrix cactus comments paths don't exist + ansible.builtin.file: + path: "{{ matrix_cactus_comments_base_path }}" + state: absent + +- name: Ensure cactus comments Docker image doesn't exist + docker_image: + name: "{{ matrix_cactus_comments_docker_image }}" + state: absent diff --git a/roles/matrix-cactus-comments/tasks/validate_config.yml b/roles/matrix-cactus-comments/tasks/validate_config.yml new file mode 100644 index 00000000..094a203d --- /dev/null +++ b/roles/matrix-cactus-comments/tasks/validate_config.yml @@ -0,0 +1,10 @@ +--- + +- name: Fail if required settings not defined + ansible.builtin.fail: + msg: >- + You need to define a required configuration setting (`{{ item }}`). + when: "vars[item] == ''" + with_items: + - "matrix_cactus_comments_as_token" + - "matrix_cactus_comments_hs_token" diff --git a/roles/matrix-cactus-comments/templates/cactus_appservice.yaml.j2 b/roles/matrix-cactus-comments/templates/cactus_appservice.yaml.j2 new file mode 100644 index 00000000..bfcb4bb3 --- /dev/null +++ b/roles/matrix-cactus-comments/templates/cactus_appservice.yaml.j2 @@ -0,0 +1,19 @@ +# A unique, user-defined ID of the application service which will never change. +id: "Cactus Comments" + +# Where the cactus-appservice is hosted: +url: "http://matrix-cactus-comments:{{ matrix_cactus_comments_container_port }}" + +# Unique tokens used to authenticate requests between our service and the +# homeserver (and the other way). Use the sha256 hashes of something random. +# CHANGE THESE VALUES. +as_token: {{ matrix_cactus_comments_as_token | to_json }} +hs_token: {{ matrix_cactus_comments_hs_token | to_json }} + +# The user id of the cactusbot which can be used to register and moderate sites +sender_localpart: "{{ matrix_cactus_comments_user_id }}" + +namespaces: + aliases: + - exclusive: true + regex: "#comments_.*" diff --git a/roles/matrix-cactus-comments/templates/env.j2 b/roles/matrix-cactus-comments/templates/env.j2 new file mode 100644 index 00000000..ab048961 --- /dev/null +++ b/roles/matrix-cactus-comments/templates/env.j2 @@ -0,0 +1,6 @@ +CACTUS_HS_TOKEN={{ matrix_cactus_comments_hs_token }} +CACTUS_AS_TOKEN={{ matrix_cactus_comments_as_token }} +CACTUS_HOMESERVER_URL={{ matrix_cactus_comments_homeserver_url }} +CACTUS_USER_ID=@{{ matrix_cactus_comments_user_id }}:{{ matrix_domain }} + +{{ matrix_cactus_comments_environment_variables_extension }} diff --git a/roles/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 b/roles/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 new file mode 100644 index 00000000..06825582 --- /dev/null +++ b/roles/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 @@ -0,0 +1,36 @@ +#jinja2: lstrip_blocks: "True" +[Unit] +Description=Cactus Comments +{% for service in matrix_bot_cactus_comments_systemd_required_services_list %} +Requires={{ service }} +After={{ service }} +{% endfor %} +{% for service in matrix_bot_cactus_comments_systemd_wanted_services_list %} +Wants={{ service }} +{% endfor %} +DefaultDependencies=no + +[Service] +Type=simple +Environment="HOME={{ matrix_systemd_unit_home_path }}" +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-cactus-comments 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-cactus-comments 2>/dev/null || true' + +ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-cactus-comments \ + --log-driver=none \ + --cap-drop=ALL \ + --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ + --read-only \ + --env-file {{ matrix_cactus_comments_app_service_env_file }} \ + --tmpfs=/tmp:rw,noexec,nosuid,size={{ matrix_cactus_comments_tmp_directory_size_mb }}m \ + --network={{ matrix_docker_network }} \ + {{ matrix_cactus_comments_docker_image }} + +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-cactus-comments 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-cactus-comments 2>/dev/null || true' +Restart=always +RestartSec=30 +SyslogIdentifier=matrix-cactus-comments + +[Install] +WantedBy=multi-user.target diff --git a/setup.yml b/setup.yml index 3b7d235d..bd78158c 100755 --- a/setup.yml +++ b/setup.yml @@ -46,6 +46,7 @@ - matrix-bot-postmoogle - matrix-bot-go-neb - matrix-bot-mjolnir + - matrix-cactus-comments - matrix-synapse - matrix-dendrite - matrix-conduit From d2dc9149a9c9d2475cddaa1b26dc64565f269894 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 9 Sep 2022 14:43:49 +0300 Subject: [PATCH 267/562] =?UTF-8?q?Fix=20YAML=20block=20(=E1=BB=B3aml=20->?= =?UTF-8?q?=20yaml)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2089 --- docs/configuring-playbook-cactus-comments.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-cactus-comments.md b/docs/configuring-playbook-cactus-comments.md index b62d33b2..668d3cb6 100644 --- a/docs/configuring-playbook-cactus-comments.md +++ b/docs/configuring-playbook-cactus-comments.md @@ -13,7 +13,7 @@ does and why it might be useful to you. Add the following block to your `vars.yaml` and make sure to exchange the tokens to randomly generated values. -```ỳaml +```yaml ################# ## Cactus Chat ## ################# From c00a8d4099ed5011c818c999bd4a124a3f4e0fff Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 9 Sep 2022 14:47:53 +0300 Subject: [PATCH 268/562] Announce Cactus Comments support Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2089 --- CHANGELOG.md | 9 +++++++++ docs/configuring-playbook-cactus-comments.md | 2 +- roles/matrix-cactus-comments/defaults/main.yml | 2 ++ 3 files changed, 12 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0e094858..df4957eb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,12 @@ +# 2022-09-09 + +## Cactus Comments support + +Thanks to [Julian-Samuel Gebühr (@moan0s)](https://github.com/moan0s), the playbook can now set up [Cactus Comments](https://cactus.chat) - federated comment system for the web based on Matrix. + +See our [Setting up a Cactus Comments server](docs/configuring-playbook-cactus-comments.md) documentation to get started. + + # 2022-08-23 ## Postmoogle email bridge support diff --git a/docs/configuring-playbook-cactus-comments.md b/docs/configuring-playbook-cactus-comments.md index 668d3cb6..58a989e8 100644 --- a/docs/configuring-playbook-cactus-comments.md +++ b/docs/configuring-playbook-cactus-comments.md @@ -38,7 +38,7 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start ## Usage -To get started wit cactus comments message @bot.cactusbot:your-homeserver.com and type `help` to make sure it works. +To get started wit cactus comments message `@bot.cactusbot:your-homeserver.com` and type `help` to make sure it works. Then register a site by typing: `register `. You will then be invited into a moderation room. Now you are good to go and can include the comment section on your website! diff --git a/roles/matrix-cactus-comments/defaults/main.yml b/roles/matrix-cactus-comments/defaults/main.yml index dbd5b844..a4c50a66 100644 --- a/roles/matrix-cactus-comments/defaults/main.yml +++ b/roles/matrix-cactus-comments/defaults/main.yml @@ -1,5 +1,7 @@ --- # Cactus Comments is a federated comment system built on Matrix +# Project source code URL: https://gitlab.com/cactus-comments/cactus-appservice +# Project source code URL: https://gitlab.com/cactus-comments/cactus-client matrix_cactus_comments_enabled: true matrix_cactus_comments_serve_client_enabled: true From 71555341d1194e90561fa0d65f30764a047b4028 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 9 Sep 2022 14:49:46 +0300 Subject: [PATCH 269/562] Pin Cactus Comments version (latest -> 0.9.0) Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2089 --- roles/matrix-cactus-comments/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-cactus-comments/defaults/main.yml b/roles/matrix-cactus-comments/defaults/main.yml index a4c50a66..224a5348 100644 --- a/roles/matrix-cactus-comments/defaults/main.yml +++ b/roles/matrix-cactus-comments/defaults/main.yml @@ -27,7 +27,7 @@ matrix_cactus_comments_tmp_directory_size_mb: 1 matrix_cactus_comments_container_port: 5000 -matrix_cactus_comments_version: latest +matrix_cactus_comments_version: 0.9.0 matrix_cactus_comments_docker_image: "{{ matrix_container_global_registry_prefix }}cactuscomments/cactus-appservice:{{ matrix_cactus_comments_version }}" matrix_cactus_comments_docker_image_force_pull: "{{ matrix_cactus_comments_docker_image.endswith(':latest') }}" From a4d8a4094bfe5bb3e100b3d2109e38690087fe9c Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 9 Sep 2022 15:02:45 +0300 Subject: [PATCH 270/562] Put "Component" column first in the optional-DNS configuration table Related to 98b9e2cd848397ac --- docs/configuring-dns.md | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index 8b80613a..8d31ab3f 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -28,22 +28,22 @@ If you are using Cloudflare DNS, make sure to disable the proxy and set all reco ## DNS settings for optional services/features -| Type | Host | Priority | Weight | Port | Target | Used by component | -| ----- | ------------------------------ | -------- | ------ | ---- | --------------------------- | ----------------------------------------------------------------------------------------------------------------------- | -| SRV | `_matrix-identity._tcp` | 10 | 0 | 443 | `matrix.` | [ma1sd](configuring-playbook-ma1sd.md) identity server | -| CNAME | `dimension` | - | - | - | `matrix.` | [Dimension](configuring-playbook-dimension.md) integration server | -| CNAME | `jitsi` | - | - | - | `matrix.` | [Jitsi](configuring-playbook-jitsi.md) video-conferencing platform | -| CNAME | `stats` | - | - | - | `matrix.` | [Prometheus/Grafana](configuring-playbook-prometheus-grafana.md) monitoring system | -| CNAME | `goneb` | - | - | - | `matrix.` | [Go-NEB](configuring-playbook-bot-go-neb.md) bot | -| CNAME | `sygnal` | - | - | - | `matrix.` | [Sygnal](configuring-playbook-sygnal.md) push notification gateway | -| CNAME | `ntfy` | - | - | - | `matrix.` | [ntfy](configuring-playbook-ntfy.md) push notifications server | -| CNAME | `hydrogen` | - | - | - | `matrix.` | [Hydrogen](configuring-playbook-client-hydrogen.md) web client | -| CNAME | `cinny` | - | - | - | `matrix.` | [Cinny](configuring-playbook-client-cinny.md) web client | -| CNAME | `buscarron` | - | - | - | `matrix.` | [Buscarron](configuring-playbook-bot-buscarron.md) helpdesk bot | -| MX | `matrix` | 10 | 0 | - | `matrix.` | [Postmoogle](configuring-playbook-bot-postmoogle.md)/[Email2Matrix](configuring-playbook-email2matrix.md) email bridges | -| TXT | `matrix` | - | - | - | `v=spf1 ip4: -all` | [Postmoogle](configuring-playbook-bot-postmoogle.md)/[Email2Matrix](configuring-playbook-email2matrix.md) email bridges | -| TXT | `_dmarc.matrix` | - | - | - | `v=DMARC1; p=quarantine;` | [Postmoogle](configuring-playbook-bot-postmoogle.md)/[Email2Matrix](configuring-playbook-email2matrix.md) email bridges | -| TXT | `postmoogle._domainkey.matrix` | - | - | - | get it from `!pm dkim` | [Postmoogle](configuring-playbook-bot-postmoogle.md)/[Email2Matrix](configuring-playbook-email2matrix.md) email bridges | +| Used by component | Type | Host | Priority | Weight | Port | Target | +| ----------------------------------------------------------------------------------------------------------------------- | ----- | ------------------------------ | -------- | ------ | ---- | --------------------------- | +| [ma1sd](configuring-playbook-ma1sd.md) identity server | SRV | `_matrix-identity._tcp` | 10 | 0 | 443 | `matrix.` | +| [Dimension](configuring-playbook-dimension.md) integration server | CNAME | `dimension` | - | - | - | `matrix.` | +| [Jitsi](configuring-playbook-jitsi.md) video-conferencing platform | CNAME | `jitsi` | - | - | - | `matrix.` | +| [Prometheus/Grafana](configuring-playbook-prometheus-grafana.md) monitoring system | CNAME | `stats` | - | - | - | `matrix.` | +| [Go-NEB](configuring-playbook-bot-go-neb.md) bot | CNAME | `goneb` | - | - | - | `matrix.` | +| [Sygnal](configuring-playbook-sygnal.md) push notification gateway | CNAME | `sygnal` | - | - | - | `matrix.` | +| [ntfy](configuring-playbook-ntfy.md) push notifications server | CNAME | `ntfy` | - | - | - | `matrix.` | +| [Hydrogen](configuring-playbook-client-hydrogen.md) web client | CNAME | `hydrogen` | - | - | - | `matrix.` | +| [Cinny](configuring-playbook-client-cinny.md) web client | CNAME | `cinny` | - | - | - | `matrix.` | +| [Buscarron](configuring-playbook-bot-buscarron.md) helpdesk bot | CNAME | `buscarron` | - | - | - | `matrix.` | +| [Postmoogle](configuring-playbook-bot-postmoogle.md)/[Email2Matrix](configuring-playbook-email2matrix.md) email bridges | MX | `matrix` | 10 | 0 | - | `matrix.` | +| [Postmoogle](configuring-playbook-bot-postmoogle.md) email bridge | TXT | `matrix` | - | - | - | `v=spf1 ip4: -all` | +| [Postmoogle](configuring-playbook-bot-postmoogle.md) email bridge | TXT | `_dmarc.matrix` | - | - | - | `v=DMARC1; p=quarantine;` | +| [Postmoogle](configuring-playbook-bot-postmoogle.md) email bridge | TXT | `postmoogle._domainkey.matrix` | - | - | - | get it from `!pm dkim` | ## Subdomains setup From 5cfb0fb47799d2eac6ad0437a5548e44a5dd91f3 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 9 Sep 2022 15:06:12 +0300 Subject: [PATCH 271/562] Update Email2Matrix docs page --- docs/configuring-playbook-email2matrix.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docs/configuring-playbook-email2matrix.md b/docs/configuring-playbook-email2matrix.md index 9bebe0e9..56e181f1 100644 --- a/docs/configuring-playbook-email2matrix.md +++ b/docs/configuring-playbook-email2matrix.md @@ -1,6 +1,7 @@ # Setting up Email2Matrix (optional) **Note**: email bridging can also happen via the [Postmoogle](configuring-playbook-bot-postmoogle.md) bot supported by the playbook. +Postmoogle is much more powerful and easier to use, so we recommend that you use it, instead of Email2Matrix. The playbook can install and configure [email2matrix](https://github.com/devture/email2matrix) for you. @@ -9,6 +10,10 @@ See the project's [documentation](https://github.com/devture/email2matrix/blob/m ## Preparation +### DNS configuration + +It's not strictly necessary, but you may increase the chances that incoming emails reach your server by adding an `MX` record for `matrix.DOMAIN`, as described in the [Configuring DNS](configuring-dns.md) documentation page. + ### Port availability Ensure that port 25 is available on your Matrix server and open in your firewall. From b510848c6d35501358b045e9de492c5dbbc7a176 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 9 Sep 2022 15:13:35 +0300 Subject: [PATCH 272/562] Mention that bot.cactusbot is created automatically Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2089 --- docs/configuring-playbook-cactus-comments.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-cactus-comments.md b/docs/configuring-playbook-cactus-comments.md index 58a989e8..00c76f54 100644 --- a/docs/configuring-playbook-cactus-comments.md +++ b/docs/configuring-playbook-cactus-comments.md @@ -38,8 +38,10 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start ## Usage -To get started wit cactus comments message `@bot.cactusbot:your-homeserver.com` and type `help` to make sure it works. -Then register a site by typing: `register `. You will then be invited into a moderation room. +Upon starting Cactus Comments, a `bot.cactusbot` user account is created automatically. + +To get started, send a `help` message to the `@bot.cactusbot:your-homeserver.com` bot to confirm it's working. +Then, register a site by typing: `register `. You will then be invited into a moderation room. Now you are good to go and can include the comment section on your website! **Careful:** To really make use of self-hosting you need change a few things in comparison to the official docs! From d6bd39c79d3f473d357559eb239eb4042f9b5feb Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 9 Sep 2022 15:18:57 +0300 Subject: [PATCH 273/562] Add missing quotes Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2089 --- group_vars/matrix_servers | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index d96af363..31ca6133 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1354,7 +1354,7 @@ matrix_cactus_comments_systemd_required_services_list: | (['matrix-' + matrix_homeserver_implementation + '.service']) }} -matrix_cactus_comments_client_nginx_path: {{ '/cactus-comments/' if matrix_nginx_proxy_enabled else matrix_cactus_comments_client_path + '/' }} +matrix_cactus_comments_client_nginx_path: "{{ '/cactus-comments/' if matrix_nginx_proxy_enabled else matrix_cactus_comments_client_path + '/' }}" ###################################################################### # From c7d8299398fdef5c798fcf41153b6d19f0d18b15 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 9 Sep 2022 16:01:36 +0200 Subject: [PATCH 274/562] Correct service name MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Julian-Samuel Gebühr --- .../systemd/matrix-ldap-registration-proxy.service.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 b/roles/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 index afbabe72..13ada897 100644 --- a/roles/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 +++ b/roles/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-matrix_ldap_registration_proxy 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-matrix_ldap_registration_proxy 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-ldap-registration-proxy 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-ldap-registration-proxy 2>/dev/null || true' # matrix_ldap_registration_proxy writes an SQLite shared library (libsqlitejdbc.so) to /tmp and executes it from there, # so /tmp needs to be mounted with an exec option. From 5c954b0d5a99482332bff90cae17abeb47068d71 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Fri, 9 Sep 2022 15:55:53 +0000 Subject: [PATCH 275/562] Update Grafana 9.1.3 -> 9.1.4 --- roles/matrix-grafana/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index dcd07bf5..5484ed19 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -5,7 +5,7 @@ matrix_grafana_enabled: false -matrix_grafana_version: 9.1.3 +matrix_grafana_version: 9.1.4 matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}" matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}" From 8778c14fe27c304507c156f3f86762e9acf15fff Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 9 Sep 2022 21:03:41 +0300 Subject: [PATCH 276/562] Upgrade Dendrite (0.9.6 -> 0.9.7) --- roles/matrix-dendrite/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml index 28f542e1..db10bafc 100644 --- a/roles/matrix-dendrite/defaults/main.yml +++ b/roles/matrix-dendrite/defaults/main.yml @@ -6,7 +6,7 @@ matrix_dendrite_enabled: true matrix_dendrite_docker_image: "{{ matrix_dendrite_docker_image_name_prefix }}matrixdotorg/dendrite-monolith:{{ matrix_dendrite_docker_image_tag }}" matrix_dendrite_docker_image_name_prefix: "docker.io/" -matrix_dendrite_docker_image_tag: "v0.9.6" +matrix_dendrite_docker_image_tag: "v0.9.7" matrix_dendrite_docker_image_force_pull: "{{ matrix_dendrite_docker_image.endswith(':latest') }}" matrix_dendrite_base_path: "{{ matrix_base_data_path }}/dendrite" From 11f2cda21a9e8f8d3a060131c210c8cad55994bc Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 9 Sep 2022 21:06:17 +0300 Subject: [PATCH 277/562] Upgrade Certbot (1.28 -> 1.30) --- roles/matrix-nginx-proxy/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-nginx-proxy/defaults/main.yml b/roles/matrix-nginx-proxy/defaults/main.yml index 8cf24a22..eec28bee 100644 --- a/roles/matrix-nginx-proxy/defaults/main.yml +++ b/roles/matrix-nginx-proxy/defaults/main.yml @@ -547,7 +547,7 @@ matrix_ssl_lets_encrypt_staging: false # Learn more here: https://eff-certbot.readthedocs.io/en/stable/using.html#changing-the-acme-server matrix_ssl_lets_encrypt_server: '' -matrix_ssl_lets_encrypt_certbot_docker_image: "{{ matrix_container_global_registry_prefix }}certbot/certbot:{{ matrix_ssl_architecture }}-v1.28.0" +matrix_ssl_lets_encrypt_certbot_docker_image: "{{ matrix_container_global_registry_prefix }}certbot/certbot:{{ matrix_ssl_architecture }}-v1.30.0" matrix_ssl_lets_encrypt_certbot_docker_image_force_pull: "{{ matrix_ssl_lets_encrypt_certbot_docker_image.endswith(':latest') }}" matrix_ssl_lets_encrypt_certbot_standalone_http_port: 2402 matrix_ssl_lets_encrypt_support_email: ~ From f12206676f295ad4533e308b54a6b8b4eea9ae89 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 13 Sep 2022 15:45:08 +0300 Subject: [PATCH 278/562] Upgrade Synapse (v1.66.0 -> 1.67.0) and remove `frontend_proxy` workers `frontend_proxy` workers have been superseded by `generic_worker` workers. Related to https://github.com/matrix-org/synapse/pull/13645 --- group_vars/matrix_servers | 1 - roles/matrix-nginx-proxy/defaults/main.yml | 1 - .../nginx/conf.d/matrix-synapse.conf.j2 | 30 ------------------- roles/matrix-synapse/defaults/main.yml | 8 +---- .../tasks/synapse/workers/init.yml | 12 -------- .../matrix-synapse/tasks/validate_config.yml | 3 ++ .../templates/synapse/worker.yaml.j2 | 4 +-- roles/matrix-synapse/vars/workers.yml | 29 ++---------------- 8 files changed, 8 insertions(+), 80 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 31ca6133..c0d831e1 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1762,7 +1762,6 @@ matrix_nginx_proxy_synapse_generic_worker_client_server_locations: "{{ matrix_sy matrix_nginx_proxy_synapse_generic_worker_federation_locations: "{{ matrix_synapse_workers_generic_worker_federation_endpoints }}" matrix_nginx_proxy_synapse_media_repository_locations: "{{matrix_synapse_workers_media_repository_endpoints|default([]) }}" matrix_nginx_proxy_synapse_user_dir_locations: "{{ matrix_synapse_workers_user_dir_endpoints|default([]) }}" -matrix_nginx_proxy_synapse_frontend_proxy_locations: "{{ matrix_synapse_workers_frontend_proxy_endpoints|default([]) }}" matrix_nginx_proxy_systemd_wanted_services_list: | {{ diff --git a/roles/matrix-nginx-proxy/defaults/main.yml b/roles/matrix-nginx-proxy/defaults/main.yml index eec28bee..a7484215 100644 --- a/roles/matrix-nginx-proxy/defaults/main.yml +++ b/roles/matrix-nginx-proxy/defaults/main.yml @@ -625,7 +625,6 @@ matrix_nginx_proxy_synapse_generic_worker_client_server_locations: [] matrix_nginx_proxy_synapse_generic_worker_federation_locations: [] matrix_nginx_proxy_synapse_media_repository_locations: [] matrix_nginx_proxy_synapse_user_dir_locations: [] -matrix_nginx_proxy_synapse_frontend_proxy_locations: [] # synapse content caching matrix_nginx_proxy_synapse_cache_enabled: false diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 index 735f4538..81e31a7c 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 @@ -3,7 +3,6 @@ {% set generic_workers = matrix_nginx_proxy_synapse_workers_list | selectattr('type', 'equalto', 'generic_worker') | list %} {% set media_repository_workers = matrix_nginx_proxy_synapse_workers_list | selectattr('type', 'equalto', 'media_repository') | list %} {% set user_dir_workers = matrix_nginx_proxy_synapse_workers_list | selectattr('type', 'equalto', 'user_dir') | list %} -{% set frontend_proxy_workers = matrix_nginx_proxy_synapse_workers_list | selectattr('type', 'equalto', 'frontend_proxy') | list %} {% if matrix_nginx_proxy_synapse_workers_enabled %} {% if matrix_nginx_proxy_synapse_cache_enabled %} proxy_cache_path {{ matrix_nginx_proxy_synapse_cache_path }} levels=1:2 keys_zone={{ matrix_nginx_proxy_synapse_cache_keys_zone_name }}:{{ matrix_nginx_proxy_synapse_cache_keys_zone_size }} inactive={{ matrix_nginx_proxy_synapse_cache_inactive_time }} max_size={{ matrix_nginx_proxy_synapse_cache_max_size_mb }}m; @@ -26,18 +25,6 @@ } {% endif %} - {% if frontend_proxy_workers %} - upstream frontend_proxy_upstream { - {% for worker in frontend_proxy_workers %} - {% if matrix_nginx_proxy_enabled %} - server "matrix-synapse-worker-{{ worker.type }}-{{ worker.instanceId }}:{{ worker.port }}"; - {% else %} - server "127.0.0.1:{{ worker.port }}"; - {% endif %} - {% endfor %} - } - {% endif %} - {% if media_repository_workers %} upstream media_repository_upstream { {% for worker in media_repository_workers %} @@ -120,23 +107,6 @@ server { } {% endfor %} {% endif %} - - {% if frontend_proxy_workers %} - # https://github.com/matrix-org/synapse/blob/master/docs/workers.md#synapseappfrontend_proxy - {% for location in matrix_nginx_proxy_synapse_frontend_proxy_locations %} - location ~ {{ location }} { - proxy_pass http://frontend_proxy_upstream$request_uri; - proxy_set_header Host $host; - } - {% endfor %} - {% if matrix_nginx_proxy_synapse_presence_disabled %} - # FIXME: keep in sync with synapse workers documentation manually - location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/[^/]+/status { - proxy_pass http://frontend_proxy_upstream$request_uri; - proxy_set_header Host $host; - } - {% endif %} - {% endif %} {# Workers redirects END #} {% endif %} diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index a25d2d3f..a7dab5b6 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -9,7 +9,7 @@ matrix_synapse_container_image_self_build_repo: "https://github.com/matrix-org/s matrix_synapse_docker_image: "{{ matrix_synapse_docker_image_name_prefix }}matrixdotorg/synapse:{{ matrix_synapse_docker_image_tag }}" matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_container_image_self_build else matrix_container_global_registry_prefix }}" -matrix_synapse_version: v1.66.0 +matrix_synapse_version: v1.67.0 matrix_synapse_docker_image_tag: "{{ matrix_synapse_version }}" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" @@ -398,7 +398,6 @@ matrix_synapse_workers_presets: federation_sender_workers_count: 1 media_repository_workers_count: 0 user_dir_workers_count: 0 - frontend_proxy_workers_count: 0 one-of-each: generic_workers_count: 1 pusher_workers_count: 1 @@ -410,7 +409,6 @@ matrix_synapse_workers_presets: # user_dir workers are deprecated since Synapse v1.59. This will be removed. # See: https://github.com/matrix-org/synapse/blob/v1.59.0/docs/upgrade.md#deprecation-of-the-synapseappappservice-and-synapseappuser_dir-worker-application-types user_dir_workers_count: 0 - frontend_proxy_workers_count: 1 # Controls whether the matrix-synapse container exposes the various worker ports # (see `port` and `metrics_port` in `matrix_synapse_workers_enabled_list`) outside of the container. @@ -452,10 +450,6 @@ matrix_synapse_workers_user_dir_workers_count: 0 matrix_synapse_workers_user_dir_workers_port_range_start: 18661 matrix_synapse_workers_user_dir_workers_metrics_range_start: 19661 -matrix_synapse_workers_frontend_proxy_workers_count: "{{ matrix_synapse_workers_presets[matrix_synapse_workers_preset]['frontend_proxy_workers_count'] }}" -matrix_synapse_workers_frontend_proxy_workers_port_range_start: 18771 -matrix_synapse_workers_frontend_proxy_workers_metrics_range_start: 19771 - # Default list of workers to spawn. # # Unless you populate this manually, this list is dynamically generated diff --git a/roles/matrix-synapse/tasks/synapse/workers/init.yml b/roles/matrix-synapse/tasks/synapse/workers/init.yml index 4b007bc3..3aa61923 100644 --- a/roles/matrix-synapse/tasks/synapse/workers/init.yml +++ b/roles/matrix-synapse/tasks/synapse/workers/init.yml @@ -56,16 +56,6 @@ register: "matrix_synapse_workers_list_results_media_repository_workers" loop: "{{ range(0, matrix_synapse_workers_media_repository_workers_count | int) | list }}" -- name: Build frontend_proxy workers - ansible.builtin.set_fact: - worker: - type: 'frontend_proxy' - instanceId: "{{ matrix_synapse_workers_frontend_proxy_workers_port_range_start + item }}" - port: "{{ matrix_synapse_workers_frontend_proxy_workers_port_range_start + item }}" - metrics_port: "{{ matrix_synapse_workers_frontend_proxy_workers_metrics_range_start + item }}" - register: "matrix_synapse_workers_list_results_frontend_proxy_workers" - loop: "{{ range(0, matrix_synapse_workers_frontend_proxy_workers_count | int) | list }}" - - ansible.builtin.set_fact: matrix_synapse_dynamic_workers_list: "{{ matrix_synapse_dynamic_workers_list | default([]) + [item.ansible_facts.worker] }}" with_items: | @@ -79,8 +69,6 @@ matrix_synapse_workers_list_results_appservice_workers.results + matrix_synapse_workers_list_results_media_repository_workers.results - + - matrix_synapse_workers_list_results_frontend_proxy_workers.results }} - ansible.builtin.set_fact: diff --git a/roles/matrix-synapse/tasks/validate_config.yml b/roles/matrix-synapse/tasks/validate_config.yml index d32fce97..bcb71c75 100644 --- a/roles/matrix-synapse/tasks/validate_config.yml +++ b/roles/matrix-synapse/tasks/validate_config.yml @@ -62,6 +62,9 @@ - {'old': 'matrix_synapse_version_arm64', 'new': ''} - {'old': 'matrix_synapse_enable_group_creation', 'new': ''} - {'old': 'matrix_synapse_account_threepid_delegates_email', 'new': ''} + - {'old': 'matrix_synapse_workers_frontend_proxy_workers_count', 'new': ''} + - {'old': 'matrix_synapse_workers_frontend_proxy_workers_port_range_start', 'new': ''} + - {'old': 'matrix_synapse_workers_frontend_proxy_workers_metrics_range_start', 'new': ''} - name: (Deprecation) Catch and report renamed settings in matrix_synapse_configuration_extension_yaml ansible.builtin.fail: diff --git a/roles/matrix-synapse/templates/synapse/worker.yaml.j2 b/roles/matrix-synapse/templates/synapse/worker.yaml.j2 index 239de1f2..33789b0c 100644 --- a/roles/matrix-synapse/templates/synapse/worker.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/worker.yaml.j2 @@ -11,7 +11,7 @@ worker_replication_http_port: {{ matrix_synapse_replication_http_port }} {% set http_resources = [] %} -{% if matrix_synapse_worker_details.type in ['generic_worker', 'frontend_proxy', 'user_dir'] %} +{% if matrix_synapse_worker_details.type in ['generic_worker', 'user_dir'] %} {% set http_resources = http_resources + ['client'] %} {% endif %} {% if matrix_synapse_worker_details.type in ['generic_worker'] %} @@ -38,7 +38,7 @@ worker_listeners: {% endif %} {% endif %} -{% if matrix_synapse_worker_details.type == 'frontend_proxy' %} +{% if matrix_synapse_worker_details.type == 'generic_worker' %} worker_main_http_uri: http://matrix-synapse:{{ matrix_synapse_container_client_api_port }} {% endif %} diff --git a/roles/matrix-synapse/vars/workers.yml b/roles/matrix-synapse/vars/workers.yml index e535d2cc..3f34bcb2 100644 --- a/roles/matrix-synapse/vars/workers.yml +++ b/roles/matrix-synapse/vars/workers.yml @@ -55,10 +55,12 @@ matrix_synapse_workers_generic_worker_endpoints: - ^/_matrix/client/(api/v1|r0|v3|unstable)/search$ # Encryption requests + # Note that ^/_matrix/client/(r0|v3|unstable)/keys/upload/ requires `worker_main_http_uri` - ^/_matrix/client/(r0|v3|unstable)/keys/query$ - ^/_matrix/client/(r0|v3|unstable)/keys/changes$ - ^/_matrix/client/(r0|v3|unstable)/keys/claim$ - ^/_matrix/client/(r0|v3|unstable)/room_keys/ + - ^/_matrix/client/(r0|v3|unstable)/keys/upload/ # Registration/login requests - ^/_matrix/client/(api/v1|r0|v3|unstable)/login$ @@ -172,7 +174,6 @@ matrix_synapse_workers_generic_worker_endpoints: # Additionally, the writing of specific streams (such as events) can be moved off # of the main process to a particular worker. - # (This is only supported with Redis-based replication.) # To enable this, the worker must have a HTTP replication listener configured, # have a `worker_name` and be listed in the `instance_map` config. The same worker @@ -432,35 +433,9 @@ matrix_synapse_workers_user_dir_endpoints: # If `update_user_directory` is set to `false`, and this worker is not running, # the above endpoint may give outdated results. -matrix_synapse_workers_frontend_proxy_endpoints: - # Proxies some frequently-requested client endpoints to add caching and remove - # load from the main synapse. It can handle REST endpoints matching the following - # regular expressions: - - - ^/_matrix/client/(r0|v3|unstable)/keys/upload - - # If `use_presence` is False in the homeserver config, it can also handle REST - # endpoints matching the following regular expressions: - - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/[^/]+/status - - # This "stub" presence handler will pass through `GET` request but make the - # `PUT` effectively a no-op. - - # It will proxy any requests it cannot handle to the main synapse instance. It - # must therefore be configured with the location of the main instance, via - # the `worker_main_http_uri` setting in the `frontend_proxy` worker configuration - # file. For example: - - # ```yaml - # worker_main_http_uri: http://127.0.0.1:8008 - # ``` - matrix_synapse_workers_avail_list: - appservice - federation_sender - - frontend_proxy - generic_worker - media_repository - pusher From afe5a016cb70238668709cf4704de2955a3376f7 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 13 Sep 2022 13:48:57 +0000 Subject: [PATCH 279/562] Update Grafana 9.1.4 -> 9.1.5 --- roles/matrix-grafana/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index 5484ed19..dda120a2 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -5,7 +5,7 @@ matrix_grafana_enabled: false -matrix_grafana_version: 9.1.4 +matrix_grafana_version: 9.1.5 matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}" matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}" From c29a39a6fb56754b9549fcd3ef9d8893336d6f16 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 13 Sep 2022 13:49:39 +0000 Subject: [PATCH 280/562] Update Element 1.11.4 -> 1.11.5 --- roles/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index c4e187a9..4898e9ca 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -10,7 +10,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/vecto # - https://github.com/vector-im/element-web/issues/19544 matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" -matrix_client_element_version: v1.11.4 +matrix_client_element_version: v1.11.5 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" From 83482721f8c849cd71f94ec933852e8d9b420e55 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 13 Sep 2022 13:51:32 +0000 Subject: [PATCH 281/562] Update Coturn 4.5.2-r14 -> 4.6.0-r0 --- roles/matrix-coturn/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-coturn/defaults/main.yml b/roles/matrix-coturn/defaults/main.yml index bc87d654..b2aff984 100644 --- a/roles/matrix-coturn/defaults/main.yml +++ b/roles/matrix-coturn/defaults/main.yml @@ -8,7 +8,7 @@ matrix_coturn_container_image_self_build_repo: "https://github.com/coturn/coturn matrix_coturn_container_image_self_build_repo_version: "docker/{{ matrix_coturn_version }}" matrix_coturn_container_image_self_build_repo_dockerfile_path: "docker/coturn/alpine/Dockerfile" -matrix_coturn_version: 4.5.2-r14 +matrix_coturn_version: 4.6.0-r0 matrix_coturn_docker_image: "{{ matrix_coturn_docker_image_name_prefix }}coturn/coturn:{{ matrix_coturn_version }}-alpine" matrix_coturn_docker_image_name_prefix: "{{ 'localhost/' if matrix_coturn_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_coturn_docker_image_force_pull: "{{ matrix_coturn_docker_image.endswith(':latest') }}" From 2edd9a056e7a5ac5bb6159ba7d504995f361df11 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 13 Sep 2022 13:52:36 +0000 Subject: [PATCH 282/562] Update Appservice IRC 0.34.0 -> 0.35.0 --- roles/matrix-bridge-appservice-irc/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-appservice-irc/defaults/main.yml b/roles/matrix-bridge-appservice-irc/defaults/main.yml index 93a8e084..fb0f3a33 100644 --- a/roles/matrix-bridge-appservice-irc/defaults/main.yml +++ b/roles/matrix-bridge-appservice-irc/defaults/main.yml @@ -11,7 +11,7 @@ matrix_appservice_irc_docker_src_files_path: "{{ matrix_base_data_path }}/appser # matrix_appservice_irc_version used to contain the full Docker image tag (e.g. `release-X.X.X`). # It's a bare version number now. We try to somewhat retain compatibility below. -matrix_appservice_irc_version: 0.34.0 +matrix_appservice_irc_version: 0.35.0 matrix_appservice_irc_docker_image: "{{ matrix_container_global_registry_prefix }}matrixdotorg/matrix-appservice-irc:{{ matrix_appservice_irc_docker_image_tag }}" matrix_appservice_irc_docker_image_tag: "{{ 'latest' if matrix_appservice_irc_version == 'latest' else ('release-' + matrix_appservice_irc_version) }}" matrix_appservice_irc_docker_image_force_pull: "{{ matrix_appservice_irc_docker_image.endswith(':latest') }}" From 17e6c52cbf64882cca428ece1f0dc6730b0a813f Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 13 Sep 2022 13:53:45 +0000 Subject: [PATCH 283/562] Update Dendrite 0.9.7 -> 0.9.8 --- roles/matrix-dendrite/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml index db10bafc..2a6c4fd6 100644 --- a/roles/matrix-dendrite/defaults/main.yml +++ b/roles/matrix-dendrite/defaults/main.yml @@ -6,7 +6,7 @@ matrix_dendrite_enabled: true matrix_dendrite_docker_image: "{{ matrix_dendrite_docker_image_name_prefix }}matrixdotorg/dendrite-monolith:{{ matrix_dendrite_docker_image_tag }}" matrix_dendrite_docker_image_name_prefix: "docker.io/" -matrix_dendrite_docker_image_tag: "v0.9.7" +matrix_dendrite_docker_image_tag: "v0.9.8" matrix_dendrite_docker_image_force_pull: "{{ matrix_dendrite_docker_image.endswith(':latest') }}" matrix_dendrite_base_path: "{{ matrix_base_data_path }}/dendrite" From 6f02a916ec49c290898b9a36badf99a69b351c4d Mon Sep 17 00:00:00 2001 From: TheOneWithTheBraid Date: Sun, 21 Aug 2022 11:04:47 +0200 Subject: [PATCH 284/562] feat: include matrix_ldap_registration_proxy Fixes: #1144 Signed-off-by: TheOneWithTheBraid --- .../defaults/main.yml | 47 ++++++++++++++ .../tasks/init.yml | 11 ++++ .../tasks/main.yml | 30 +++++++++ ...f_check_matrix_ldap_registration_proxy.yml | 22 +++++++ .../tasks/setup_install.yml | 63 +++++++++++++++++++ .../tasks/setup_uninstall.yml | 36 +++++++++++ .../tasks/validate_config.yml | 0 .../templates/ldap-registration-proxy.env.j2 | 32 ++++++++++ .../matrix-ldap-registration-proxy.service.j2 | 43 +++++++++++++ .../vars/main.yml | 5 ++ 10 files changed, 289 insertions(+) create mode 100644 roles/matrix-ldap-registration-proxy/defaults/main.yml create mode 100644 roles/matrix-ldap-registration-proxy/tasks/init.yml create mode 100644 roles/matrix-ldap-registration-proxy/tasks/main.yml create mode 100644 roles/matrix-ldap-registration-proxy/tasks/self_check_matrix_ldap_registration_proxy.yml create mode 100644 roles/matrix-ldap-registration-proxy/tasks/setup_install.yml create mode 100644 roles/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml create mode 100644 roles/matrix-ldap-registration-proxy/tasks/validate_config.yml create mode 100644 roles/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 create mode 100644 roles/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 create mode 100644 roles/matrix-ldap-registration-proxy/vars/main.yml diff --git a/roles/matrix-ldap-registration-proxy/defaults/main.yml b/roles/matrix-ldap-registration-proxy/defaults/main.yml new file mode 100644 index 00000000..5516f4f9 --- /dev/null +++ b/roles/matrix-ldap-registration-proxy/defaults/main.yml @@ -0,0 +1,47 @@ +--- +# matrix_ldap_registration_proxy - Want to build a large-scale Matrix server using external registration on LDAP? +# Project source code URL: https://gitlab.com/activism.international/matrix_ldap_registration_proxy + +matrix_ldap_registration_proxy_enabled: false + +matrix_ldap_registration_proxy_container_image_self_build_repo: "https://gitlab.com/activism.international/matrix_ldap_registration_proxy.git" +matrix_ldap_registration_proxy_container_image_self_build_branch: "{{ matrix_ldap_registration_proxy_version }}" + +matrix_ldap_registration_proxy_version: "296246afc6a9b3105e67fcf6621cf05ebc74b873" + +matrix_ldap_registration_proxy_base_path: "{{ matrix_base_data_path }}/matrix_ldap_registration_proxy" +# We need the docker src directory to be named matrix_ldap_registration_proxy. +matrix_ldap_registration_proxy_docker_src_files_path: "{{ matrix_ldap_registration_proxy_base_path }}/docker-src/matrix_ldap_registration_proxy" +matrix_ldap_registration_proxy_config_path: "{{ matrix_ldap_registration_proxy_base_path }}/config" + +matrix_ldap_registration_proxy_ldap_uri: "{{ matrix_synapse_ext_password_provider_ldap_uri }}" +matrix_ldap_registration_proxy_ldap_base_dn: "{{ matrix_synapse_ext_password_provider_ldap_base }}" +matrix_ldap_registration_proxy_ldap_user: "{{ matrix_synapse_ext_password_provider_ldap_bind_dn }}" +matrix_ldap_registration_proxy_ldap_password: "{{ matrix_synapse_ext_password_provider_ldap_bind_password }}" +matrix_ldap_registration_proxy_matrix_server_name: "{{ matrix_domain }}" +matrix_ldap_registration_proxy_matrix_server_url: "https://{{ matrix_server_fqn_matrix }}" + +# Controls whether the self-check feature should validate SSL certificates. +matrix_matrix_ldap_registration_proxy_self_check_validate_certificates: true + +matrix_ldap_registration_proxy_container_port: 8080 +# Controls whether the matrix_ldap_registration_proxy container exposes its HTTP port (tcp/{{ matrix_ldap_registration_proxy_container_port }} in the container). +# +# Takes an ":" or "" value (e.g. "127.0.0.1:8080"), or empty string to not expose. +matrix_ldap_registration_proxy_container_http_host_bind_port: '' + +# A list of extra arguments to pass to the container +matrix_ldap_registration_proxy_container_extra_arguments: [] + +# List of systemd services that matrix_ldap_registration_proxy.service depends on +matrix_ldap_registration_proxy_systemd_required_services_list: ['docker.service'] + +# List of systemd services that matrix_ldap_registration_proxy.service wants +matrix_ldap_registration_proxy_systemd_wanted_services_list: [] + +# Default ma1sd configuration template which covers the generic use case. +# You can customize it by controlling the various variables inside it. +matrix_ldap_registration_proxy_configuration_env: "{{ lookup('template', 'templates/ldap-registration-proxy.env.j2') }}" + +# Holds the final ma1sd configuration (a combination of the default and its extension). +matrix_ldap_registration_proxy_configuration: "{{ matrix_ldap_registration_proxy_configuration_env }}" diff --git a/roles/matrix-ldap-registration-proxy/tasks/init.yml b/roles/matrix-ldap-registration-proxy/tasks/init.yml new file mode 100644 index 00000000..312165cc --- /dev/null +++ b/roles/matrix-ldap-registration-proxy/tasks/init.yml @@ -0,0 +1,11 @@ +--- +# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070 +# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 +- name: Fail if trying to self-build on Ansible < 2.8 + ansible.builtin.fail: + msg: "To self-build the matrix_ldap_registration_proxy image, you should use Ansible 2.8 or higher. See docs/ansible.md" + when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_matrix_ldap_registration_proxy_container_image_self_build and matrix_matrix_ldap_registration_proxy_enabled | bool" + +- ansible.builtin.set_fact: + matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-matrix-ldap-registration-proxy.service'] }}" + when: matrix_matrix_ldap_registration_proxy_enabled | bool diff --git a/roles/matrix-ldap-registration-proxy/tasks/main.yml b/roles/matrix-ldap-registration-proxy/tasks/main.yml new file mode 100644 index 00000000..720d27ba --- /dev/null +++ b/roles/matrix-ldap-registration-proxy/tasks/main.yml @@ -0,0 +1,30 @@ +--- + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml" + tags: + - always + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml" + when: "run_setup | bool and matrix_matrix_ldap_registration_proxy_enabled | bool" + tags: + - setup-all + - setup-matrix-ldap-registration-proxy + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_install.yml" + when: "run_setup | bool and matrix_matrix_ldap_registration_proxy_enabled | bool" + tags: + - setup-all + - setup-matrix-ldap-registration-proxy + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" + when: "run_setup | bool and not matrix_matrix_ldap_registration_proxy_enabled | bool" + tags: + - setup-all + - setup-matrix-ldap-registration-proxy + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/self_check_matrix_ldap_registration_proxy.yml" + delegate_to: 127.0.0.1 + become: false + when: "run_self_check | bool and matrix_matrix_ldap_registration_proxy_enabled | bool" + tags: + - self-check diff --git a/roles/matrix-ldap-registration-proxy/tasks/self_check_matrix_ldap_registration_proxy.yml b/roles/matrix-ldap-registration-proxy/tasks/self_check_matrix_ldap_registration_proxy.yml new file mode 100644 index 00000000..ce46c45a --- /dev/null +++ b/roles/matrix-ldap-registration-proxy/tasks/self_check_matrix_ldap_registration_proxy.yml @@ -0,0 +1,22 @@ +--- + +- ansible.builtin.set_fact: + matrix_ldap_registration_proxy_url_endpoint_public: "https://{{ matrix_server_fqn_matrix }}/_matrix/client/r0/register" + +- name: Check matrix_ldap_registration_proxy Service + ansible.builtin.uri: + url: "{{ matrix_ldap_registration_proxy_url_endpoint_public }}" + follow_redirects: none + validate_certs: "{{ matrix_matrix_ldap_registration_proxy_self_check_validate_certificates }}" + check_mode: false + register: result_matrix_ldap_registration_proxy + ignore_errors: true + +- name: Fail if matrix_ldap_registration_proxy Service not working + ansible.builtin.fail: + msg: "Failed checking matrix_ldap_registration_proxy is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_ldap_registration_proxy_url_endpoint_public }}`). Is matrix_ldap_registration_proxy running? Is port 443 open in your firewall? Full error: {{ result_matrix_ldap_registration_proxy }}" + when: "result_matrix_ldap_registration_proxy.failed or 'json' not in result_matrix_ldap_registration_proxy" + +- name: Report working matrix_ldap_registration_proxy Service + ansible.builtin.debug: + msg: "matrix_ldap_registration_proxy at `{{ matrix_server_fqn_matrix }}` is working (checked endpoint: `{{ matrix_ldap_registration_proxy_url_endpoint_public }}`)" diff --git a/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml b/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml new file mode 100644 index 00000000..1f0307ec --- /dev/null +++ b/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml @@ -0,0 +1,63 @@ +--- + +- name: Ensure matrix_ldap_registration_proxy paths exist + ansible.builtin.file: + path: "{{ item.path }}" + state: directory + mode: 0750 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + with_items: + - {path: "{{ matrix_ldap_registration_proxy_config_path }}", when: true} + - {path: "{{ matrix_ldap_registration_proxy_docker_src_files_path }}", when: true} + when: "item.when | bool" + +- ansible.builtin.set_fact: + matrix_ldap_registration_proxy_requires_restart: false + +- name: Ensure matrix_ldap_registration_proxy repository is present on self-build + ansible.builtin.git: + repo: "{{ matrix_ldap_registration_proxy_container_image_self_build_repo }}" + dest: "{{ matrix_ldap_registration_proxy_docker_src_files_path }}" + version: "{{ matrix_ldap_registration_proxy_container_image_self_build_branch }}" + force: "yes" + become: true + become_user: "{{ matrix_user_username }}" + register: matrix_ldap_registration_proxy_git_pull_results + +- name: Ensure matrix_ldap_registration_proxy Docker image is built + docker_image: + name: "{{ matrix_ldap_registration_proxy_docker_image }}" + source: build + force_source: "{{ matrix_ldap_registration_proxy_git_pull_results.changed }}" + build: + dockerfile: Dockerfile + path: "{{ matrix_ldap_registration_proxy_docker_src_files_path }}" + pull: true + when: true + +- name: Ensure matrix_ldap_registration_proxy config installed + ansible.builtin.copy: + content: "{{ matrix_ldap_registration_proxy_configuration }}" + dest: "{{ matrix_ldap_registration_proxy_config_path }}/ldap-registration-proxy.env" + mode: 0644 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + +- name: Ensure matrix-ldap-registration-proxy.service installed + ansible.builtin.template: + src: "{{ role_path }}/templates/systemd/matrix-ldap-registration-proxy.service.j2" + dest: "{{ matrix_systemd_path }}/matrix-ldap-registration-proxy.service" + mode: 0644 + register: matrix_ldap_registration_proxy_systemd_service_result + +- name: Ensure systemd reloaded after matrix-ldap-registration-proxy.service installation + ansible.builtin.service: + daemon_reload: true + when: "matrix_ldap_registration_proxy_systemd_service_result.changed | bool" + +- name: Ensure matrix-ldap-registration-proxy.service restarted, if necessary + ansible.builtin.service: + name: "matrix-ldap-registration-proxy.service" + state: restarted + when: "matrix_ldap_registration_proxy_requires_restart | bool" diff --git a/roles/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml b/roles/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml new file mode 100644 index 00000000..cc542edf --- /dev/null +++ b/roles/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml @@ -0,0 +1,36 @@ +--- + +- name: Check existence of matrix-matrix_ldap_registration_proxy service + ansible.builtin.stat: + path: "{{ matrix_systemd_path }}/matrix-ldap-registration-proxy.service" + register: matrix_matrix_ldap_registration_proxy_service_stat + +- name: Ensure matrix-matrix_ldap_registration_proxy is stopped + ansible.builtin.service: + name: matrix-matrix_ldap_registration_proxy + state: stopped + enabled: false + daemon_reload: true + register: stopping_result + when: "matrix_matrix_ldap_registration_proxy_service_stat.stat.exists | bool" + +- name: Ensure matrix-ldap-registration-proxy.service doesn't exist + ansible.builtin.file: + path: "{{ matrix_systemd_path }}/matrix-ldap-registration-proxy.service" + state: absent + when: "matrix_matrix_ldap_registration_proxy_service_stat.stat.exists | bool" + +- name: Ensure systemd reloaded after matrix-ldap-registration-proxy.service removal + ansible.builtin.service: + daemon_reload: true + when: "matrix_matrix_ldap_registration_proxy_service_stat.stat.exists | bool" + +- name: Ensure Matrix matrix_ldap_registration_proxy paths don't exist + ansible.builtin.file: + path: "{{ matrix_matrix_ldap_registration_proxy_base_path }}" + state: absent + +- name: Ensure matrix_ldap_registration_proxy Docker image doesn't exist + docker_image: + name: "{{ matrix_matrix_ldap_registration_proxy_docker_image }}" + state: absent diff --git a/roles/matrix-ldap-registration-proxy/tasks/validate_config.yml b/roles/matrix-ldap-registration-proxy/tasks/validate_config.yml new file mode 100644 index 00000000..e69de29b diff --git a/roles/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 b/roles/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 new file mode 100644 index 00000000..e7ee29ba --- /dev/null +++ b/roles/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 @@ -0,0 +1,32 @@ +# please specify the configuration here +# +# these settings are mandatory + +# The server to connect to. Please note it must be accessible from the Docker network +# example: `ldap://127.0.0.1:389` +LDAP_SERVER={{ matrix_ldap_registration_proxy_ldap_uri }} + +# the base DN used for user creation + +LDAP_BASE_DN={{ matrix_ldap_registration_proxy_ldap_base_dn }} + +# the privileged user used for user creation including it's DN +# example: `uid=admin,cn=users,cn=accounts,dc=example,dc=org` + +LDAP_USER={{ matrix_ldap_registration_proxy_ldap_user }} + +# the password of the `LDAP_USER` used for authentication +LDAP_PASSWORD={{ matrix_ldap_registration_proxy_ldap_password }} + +# the human-readable server name of your Matrix server as used in the Matrix ID +# example: `example.org` +MATRIX_SERVER_NAME={{ matrix_ldap_registration_proxy_matrix_server_name }} + +# the url to access the Matrix server API without trailing `/` +# example: `https://matrix.example.org` +MATRIX_SERVER_URL={{ matrix_ldap_registration_proxy_matrix_server_url }} + +# these settings are optional: + +# Specify the port to listen on. Default to 8080 +LISTEN_PORT={{ matrix_ldap_registration_proxy_container_port }} diff --git a/roles/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 b/roles/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 new file mode 100644 index 00000000..afbabe72 --- /dev/null +++ b/roles/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 @@ -0,0 +1,43 @@ +#jinja2: lstrip_blocks: "True" +[Unit] +Description=matrix_ldap_registration_proxy +{% for service in matrix_ldap_registration_proxy_systemd_required_services_list %} +Requires={{ service }} +After={{ service }} +{% endfor %} +{% for service in matrix_ldap_registration_proxy_systemd_wanted_services_list %} +Wants={{ service }} +{% endfor %} +DefaultDependencies=no + +[Service] +Type=simple +Environment="HOME={{ matrix_systemd_unit_home_path }}" +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-matrix_ldap_registration_proxy 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-matrix_ldap_registration_proxy 2>/dev/null || true' + +# matrix_ldap_registration_proxy writes an SQLite shared library (libsqlitejdbc.so) to /tmp and executes it from there, +# so /tmp needs to be mounted with an exec option. +ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-ldap-registration-proxy \ + --log-driver=none \ + --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ + --cap-drop=ALL \ + --read-only \ + --network={{ matrix_docker_network }} \ + {% if matrix_ldap_registration_proxy_container_http_host_bind_port %} + -p {{ matrix_ldap_registration_proxy_container_http_host_bind_port }}:{{ matrix_ldap_registration_proxy_container_port }} \ + {% endif %} + --env-file {{ matrix_ldap_registration_proxy_config_path }}/ldap-registration-proxy.env \ + {% for arg in matrix_ldap_registration_proxy_container_extra_arguments %} + {{ arg }} \ + {% endfor %} + {{ matrix_ldap_registration_proxy_docker_image }} + +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-ldap-registration-proxy 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-ldap-registration-proxy 2>/dev/null || true' +Restart=always +RestartSec=30 +SyslogIdentifier=matrix-ldap-registration-proxy + +[Install] +WantedBy=multi-user.target diff --git a/roles/matrix-ldap-registration-proxy/vars/main.yml b/roles/matrix-ldap-registration-proxy/vars/main.yml new file mode 100644 index 00000000..3adc735e --- /dev/null +++ b/roles/matrix-ldap-registration-proxy/vars/main.yml @@ -0,0 +1,5 @@ +--- + +# Doing `|from_yaml` when the extension contains nothing yields an empty string (""). +# We need to ensure it's a dictionary or `|combine` (when building `matrix_ma1sd_configuration`) will fail later. +matrix_ma1sd_configuration_extension: "{{ matrix_ma1sd_configuration_extension_yaml | from_yaml if matrix_ma1sd_configuration_extension_yaml | from_yaml else {} }}" From 8e76d712df66e7c0191e064562d8ae563cb79736 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 4 Sep 2022 08:44:49 +0200 Subject: [PATCH 285/562] Remove ma1sd leftovers --- roles/matrix-ldap-registration-proxy/vars/main.yml | 5 ----- 1 file changed, 5 deletions(-) delete mode 100644 roles/matrix-ldap-registration-proxy/vars/main.yml diff --git a/roles/matrix-ldap-registration-proxy/vars/main.yml b/roles/matrix-ldap-registration-proxy/vars/main.yml deleted file mode 100644 index 3adc735e..00000000 --- a/roles/matrix-ldap-registration-proxy/vars/main.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- - -# Doing `|from_yaml` when the extension contains nothing yields an empty string (""). -# We need to ensure it's a dictionary or `|combine` (when building `matrix_ma1sd_configuration`) will fail later. -matrix_ma1sd_configuration_extension: "{{ matrix_ma1sd_configuration_extension_yaml | from_yaml if matrix_ma1sd_configuration_extension_yaml | from_yaml else {} }}" From 91e75d650ec69eb205fdcf59324c26f7d3fb9111 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 4 Sep 2022 08:46:56 +0200 Subject: [PATCH 286/562] Validate that basic LDAP settings are provided --- .../tasks/validate_config.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/roles/matrix-ldap-registration-proxy/tasks/validate_config.yml b/roles/matrix-ldap-registration-proxy/tasks/validate_config.yml index e69de29b..6b52af9c 100644 --- a/roles/matrix-ldap-registration-proxy/tasks/validate_config.yml +++ b/roles/matrix-ldap-registration-proxy/tasks/validate_config.yml @@ -0,0 +1,12 @@ +--- + +- name: Fail if required settings not defined + ansible.builtin.fail: + msg: >- + You need to define a required configuration setting (`{{ item }}`). + when: "vars[item] == ''" + with_items: + - "matrix_ldap_registration_proxy_ldap_uri" + - "matrix_ldap_registration_proxy_ldap_base_dn" + - "matrix_ldap_registration_proxy_ldap_user" + - "matrix_ldap_registration_proxy_ldap_password" From 42230b6765e972d37d6ae4eb2ad008e9de0e8346 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 4 Sep 2022 08:53:26 +0200 Subject: [PATCH 287/562] Make role enabled in role but turn it off in group vars --- group_vars/matrix_servers | 14 ++++++++++++++ .../defaults/main.yml | 2 +- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index c0d831e1..1898d9f7 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1570,6 +1570,20 @@ matrix_jitsi_etherpad_base: "{{ matrix_etherpad_base_url if matrix_etherpad_enab # /matrix-jitsi # ###################################################################### +###################################################################### +# +# matrix-ldap-registration-proxy +# +###################################################################### + +# This is only for users with a specific LDAP setup +matrix_ldap_registration_proxy_enabled: false + +###################################################################### +# +# /matrix-ldap-registration-proxy +# +###################################################################### ###################################################################### # diff --git a/roles/matrix-ldap-registration-proxy/defaults/main.yml b/roles/matrix-ldap-registration-proxy/defaults/main.yml index 5516f4f9..44a670c1 100644 --- a/roles/matrix-ldap-registration-proxy/defaults/main.yml +++ b/roles/matrix-ldap-registration-proxy/defaults/main.yml @@ -2,7 +2,7 @@ # matrix_ldap_registration_proxy - Want to build a large-scale Matrix server using external registration on LDAP? # Project source code URL: https://gitlab.com/activism.international/matrix_ldap_registration_proxy -matrix_ldap_registration_proxy_enabled: false +matrix_ldap_registration_proxy_enabled: true matrix_ldap_registration_proxy_container_image_self_build_repo: "https://gitlab.com/activism.international/matrix_ldap_registration_proxy.git" matrix_ldap_registration_proxy_container_image_self_build_branch: "{{ matrix_ldap_registration_proxy_version }}" From b6fee92f0e3d43ad6e8ffc82195fb3e8ad872aac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 4 Sep 2022 08:56:03 +0200 Subject: [PATCH 288/562] Avoid cross-referencing of variables in role, move to group vars --- group_vars/matrix_servers | 6 ++++++ roles/matrix-ldap-registration-proxy/defaults/main.yml | 8 ++++---- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 1898d9f7..a204093e 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1579,6 +1579,12 @@ matrix_jitsi_etherpad_base: "{{ matrix_etherpad_base_url if matrix_etherpad_enab # This is only for users with a specific LDAP setup matrix_ldap_registration_proxy_enabled: false +# Use the LDAP values specified for the synapse role to setup LDAP proxy +matrix_ldap_registration_proxy_ldap_uri: "{{ matrix_synapse_ext_password_provider_ldap_uri }}" +matrix_ldap_registration_proxy_ldap_base_dn: "{{ matrix_synapse_ext_password_provider_ldap_base }}" +matrix_ldap_registration_proxy_ldap_user: "{{ matrix_synapse_ext_password_provider_ldap_bind_dn }}" +matrix_ldap_registration_proxy_ldap_password: "{{ matrix_synapse_ext_password_provider_ldap_bind_password }}" + ###################################################################### # # /matrix-ldap-registration-proxy diff --git a/roles/matrix-ldap-registration-proxy/defaults/main.yml b/roles/matrix-ldap-registration-proxy/defaults/main.yml index 44a670c1..4165c591 100644 --- a/roles/matrix-ldap-registration-proxy/defaults/main.yml +++ b/roles/matrix-ldap-registration-proxy/defaults/main.yml @@ -14,10 +14,10 @@ matrix_ldap_registration_proxy_base_path: "{{ matrix_base_data_path }}/matrix_ld matrix_ldap_registration_proxy_docker_src_files_path: "{{ matrix_ldap_registration_proxy_base_path }}/docker-src/matrix_ldap_registration_proxy" matrix_ldap_registration_proxy_config_path: "{{ matrix_ldap_registration_proxy_base_path }}/config" -matrix_ldap_registration_proxy_ldap_uri: "{{ matrix_synapse_ext_password_provider_ldap_uri }}" -matrix_ldap_registration_proxy_ldap_base_dn: "{{ matrix_synapse_ext_password_provider_ldap_base }}" -matrix_ldap_registration_proxy_ldap_user: "{{ matrix_synapse_ext_password_provider_ldap_bind_dn }}" -matrix_ldap_registration_proxy_ldap_password: "{{ matrix_synapse_ext_password_provider_ldap_bind_password }}" +matrix_ldap_registration_proxy_ldap_uri: "" +matrix_ldap_registration_proxy_ldap_base_dn: "" +matrix_ldap_registration_proxy_ldap_user: "" +matrix_ldap_registration_proxy_ldap_password: "" matrix_ldap_registration_proxy_matrix_server_name: "{{ matrix_domain }}" matrix_ldap_registration_proxy_matrix_server_url: "https://{{ matrix_server_fqn_matrix }}" From b4fdc622fd671b94d9a1fd5a50751938ca495d89 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 4 Sep 2022 08:59:07 +0200 Subject: [PATCH 289/562] Remove ma1sd leftovers --- roles/matrix-ldap-registration-proxy/defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-ldap-registration-proxy/defaults/main.yml b/roles/matrix-ldap-registration-proxy/defaults/main.yml index 4165c591..15f59749 100644 --- a/roles/matrix-ldap-registration-proxy/defaults/main.yml +++ b/roles/matrix-ldap-registration-proxy/defaults/main.yml @@ -39,9 +39,9 @@ matrix_ldap_registration_proxy_systemd_required_services_list: ['docker.service' # List of systemd services that matrix_ldap_registration_proxy.service wants matrix_ldap_registration_proxy_systemd_wanted_services_list: [] -# Default ma1sd configuration template which covers the generic use case. +# Default LDAP configuration template which covers the generic use case. # You can customize it by controlling the various variables inside it. matrix_ldap_registration_proxy_configuration_env: "{{ lookup('template', 'templates/ldap-registration-proxy.env.j2') }}" -# Holds the final ma1sd configuration (a combination of the default and its extension). +# Holds the final LDAP configuration (a combination of the default and its extension). matrix_ldap_registration_proxy_configuration: "{{ matrix_ldap_registration_proxy_configuration_env }}" From bdfd84e146069290a0942b928bf58ada6e5e3729 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 4 Sep 2022 09:09:09 +0200 Subject: [PATCH 290/562] Use a template option for the env with variable extension --- .../matrix-ldap-registration-proxy/defaults/main.yml | 11 ++++++----- .../tasks/setup_install.yml | 4 ++-- .../templates/ldap-registration-proxy.env.j2 | 3 +++ 3 files changed, 11 insertions(+), 7 deletions(-) diff --git a/roles/matrix-ldap-registration-proxy/defaults/main.yml b/roles/matrix-ldap-registration-proxy/defaults/main.yml index 15f59749..469a2f29 100644 --- a/roles/matrix-ldap-registration-proxy/defaults/main.yml +++ b/roles/matrix-ldap-registration-proxy/defaults/main.yml @@ -39,9 +39,10 @@ matrix_ldap_registration_proxy_systemd_required_services_list: ['docker.service' # List of systemd services that matrix_ldap_registration_proxy.service wants matrix_ldap_registration_proxy_systemd_wanted_services_list: [] -# Default LDAP configuration template which covers the generic use case. -# You can customize it by controlling the various variables inside it. -matrix_ldap_registration_proxy_configuration_env: "{{ lookup('template', 'templates/ldap-registration-proxy.env.j2') }}" +# Additional environment variables to pass to the LDAP proxy environment variables. +# +# Example: +# matrix_ldap_registration_proxy_env_variables_extension: | +# KEY=value +matrix_ldap_registration_proxy_env_variables_extension: '' -# Holds the final LDAP configuration (a combination of the default and its extension). -matrix_ldap_registration_proxy_configuration: "{{ matrix_ldap_registration_proxy_configuration_env }}" diff --git a/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml b/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml index 1f0307ec..87037337 100644 --- a/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml +++ b/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml @@ -37,8 +37,8 @@ when: true - name: Ensure matrix_ldap_registration_proxy config installed - ansible.builtin.copy: - content: "{{ matrix_ldap_registration_proxy_configuration }}" + ansible.builtin.template: + src: "{{ role_path }}/templates/ldap-registration-proxy.env.j2" dest: "{{ matrix_ldap_registration_proxy_config_path }}/ldap-registration-proxy.env" mode: 0644 owner: "{{ matrix_user_username }}" diff --git a/roles/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 b/roles/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 index e7ee29ba..581a0b0d 100644 --- a/roles/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 +++ b/roles/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 @@ -30,3 +30,6 @@ MATRIX_SERVER_URL={{ matrix_ldap_registration_proxy_matrix_server_url }} # Specify the port to listen on. Default to 8080 LISTEN_PORT={{ matrix_ldap_registration_proxy_container_port }} + +# Use this to extend the configuration with custom variables +{{ matrix_ldap_registration_proxy_env_variables_extension }} From 7c79f78d03039c2ba25086dc6e8fea19f372e337 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 4 Sep 2022 09:09:59 +0200 Subject: [PATCH 291/562] Remove selfcheck --- .../tasks/main.yml | 7 ------ ...f_check_matrix_ldap_registration_proxy.yml | 22 ------------------- 2 files changed, 29 deletions(-) delete mode 100644 roles/matrix-ldap-registration-proxy/tasks/self_check_matrix_ldap_registration_proxy.yml diff --git a/roles/matrix-ldap-registration-proxy/tasks/main.yml b/roles/matrix-ldap-registration-proxy/tasks/main.yml index 720d27ba..576fc1f4 100644 --- a/roles/matrix-ldap-registration-proxy/tasks/main.yml +++ b/roles/matrix-ldap-registration-proxy/tasks/main.yml @@ -21,10 +21,3 @@ tags: - setup-all - setup-matrix-ldap-registration-proxy - -- ansible.builtin.import_tasks: "{{ role_path }}/tasks/self_check_matrix_ldap_registration_proxy.yml" - delegate_to: 127.0.0.1 - become: false - when: "run_self_check | bool and matrix_matrix_ldap_registration_proxy_enabled | bool" - tags: - - self-check diff --git a/roles/matrix-ldap-registration-proxy/tasks/self_check_matrix_ldap_registration_proxy.yml b/roles/matrix-ldap-registration-proxy/tasks/self_check_matrix_ldap_registration_proxy.yml deleted file mode 100644 index ce46c45a..00000000 --- a/roles/matrix-ldap-registration-proxy/tasks/self_check_matrix_ldap_registration_proxy.yml +++ /dev/null @@ -1,22 +0,0 @@ ---- - -- ansible.builtin.set_fact: - matrix_ldap_registration_proxy_url_endpoint_public: "https://{{ matrix_server_fqn_matrix }}/_matrix/client/r0/register" - -- name: Check matrix_ldap_registration_proxy Service - ansible.builtin.uri: - url: "{{ matrix_ldap_registration_proxy_url_endpoint_public }}" - follow_redirects: none - validate_certs: "{{ matrix_matrix_ldap_registration_proxy_self_check_validate_certificates }}" - check_mode: false - register: result_matrix_ldap_registration_proxy - ignore_errors: true - -- name: Fail if matrix_ldap_registration_proxy Service not working - ansible.builtin.fail: - msg: "Failed checking matrix_ldap_registration_proxy is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_ldap_registration_proxy_url_endpoint_public }}`). Is matrix_ldap_registration_proxy running? Is port 443 open in your firewall? Full error: {{ result_matrix_ldap_registration_proxy }}" - when: "result_matrix_ldap_registration_proxy.failed or 'json' not in result_matrix_ldap_registration_proxy" - -- name: Report working matrix_ldap_registration_proxy Service - ansible.builtin.debug: - msg: "matrix_ldap_registration_proxy at `{{ matrix_server_fqn_matrix }}` is working (checked endpoint: `{{ matrix_ldap_registration_proxy_url_endpoint_public }}`)" From a03b5efc42a66c5357cf28cefce5f6c2cd786bbf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 4 Sep 2022 19:38:27 +0200 Subject: [PATCH 292/562] Add nginx rewrite for registration --- .../defaults/main.yml | 4 ++++ .../templates/nginx/conf.d/matrix-domain.conf.j2 | 14 ++++++++++++++ 2 files changed, 18 insertions(+) diff --git a/roles/matrix-ldap-registration-proxy/defaults/main.yml b/roles/matrix-ldap-registration-proxy/defaults/main.yml index 469a2f29..712e1101 100644 --- a/roles/matrix-ldap-registration-proxy/defaults/main.yml +++ b/roles/matrix-ldap-registration-proxy/defaults/main.yml @@ -30,6 +30,10 @@ matrix_ldap_registration_proxy_container_port: 8080 # Takes an ":" or "" value (e.g. "127.0.0.1:8080"), or empty string to not expose. matrix_ldap_registration_proxy_container_http_host_bind_port: '' +matrix_ldap_registration_proxy_registration_addr_with_container: "matrix-ldap_-egistration-proxy:{{ matrix_ldap_registration_proxy_container_port }}" +matrix_ldap_registration_proxy_registration_addr_sans_container: "127.0.0.1:{{ matrix_ldap_registration_proxy_container_port }}" + + # A list of extra arguments to pass to the container matrix_ldap_registration_proxy_container_extra_arguments: [] diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 index 2895ba14..0e16e3e3 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 @@ -129,6 +129,20 @@ } {% endif %} + {% if matrix_ldap_registration_proxy_enabled %} + location _matrix/client/r0/register { + {% if matrix_nginx_proxy_enabled %} + {# Use the embedded DNS resolver in Docker containers to discover the service #} + resolver 127.0.0.11 valid=5s; + set $backend "{{ matrix_nginx_proxy_proxy_matrix_3pid_registration_addr_with_container }}"; + proxy_pass http://$backend/register; + {% else %} + {# Generic configuration for use outside of our container setup #} + proxy_pass http://{{ matrix_nginx_proxy_proxy_matrix_3pid_registration_addr_sans_container }}/register; + {% endif %} + } + {% endif %} + {% for configuration_block in matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks %} {{- configuration_block }} {% endfor %} From 94c9312bd0ee4d94145f889cf525775d2356d85c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Mon, 5 Sep 2022 21:48:19 +0200 Subject: [PATCH 293/562] Remove matrix LDAP proxy config from nginx role --- .../templates/nginx/conf.d/matrix-domain.conf.j2 | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 index 0e16e3e3..2895ba14 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 @@ -129,20 +129,6 @@ } {% endif %} - {% if matrix_ldap_registration_proxy_enabled %} - location _matrix/client/r0/register { - {% if matrix_nginx_proxy_enabled %} - {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; - set $backend "{{ matrix_nginx_proxy_proxy_matrix_3pid_registration_addr_with_container }}"; - proxy_pass http://$backend/register; - {% else %} - {# Generic configuration for use outside of our container setup #} - proxy_pass http://{{ matrix_nginx_proxy_proxy_matrix_3pid_registration_addr_sans_container }}/register; - {% endif %} - } - {% endif %} - {% for configuration_block in matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks %} {{- configuration_block }} {% endfor %} From 19e61b0ad726d8b9592a02bb504b2089be91bf3b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Mon, 5 Sep 2022 21:52:43 +0200 Subject: [PATCH 294/562] Inject nginx configuration for ldap proxy at runtime --- .../tasks/init.yml | 51 ++++++++++++++++++- 1 file changed, 49 insertions(+), 2 deletions(-) diff --git a/roles/matrix-ldap-registration-proxy/tasks/init.yml b/roles/matrix-ldap-registration-proxy/tasks/init.yml index 312165cc..15017333 100644 --- a/roles/matrix-ldap-registration-proxy/tasks/init.yml +++ b/roles/matrix-ldap-registration-proxy/tasks/init.yml @@ -4,8 +4,55 @@ - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: msg: "To self-build the matrix_ldap_registration_proxy image, you should use Ansible 2.8 or higher. See docs/ansible.md" - when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_matrix_ldap_registration_proxy_container_image_self_build and matrix_matrix_ldap_registration_proxy_enabled | bool" + when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_ldap_registration_proxy_container_image_self_build and matrix_ldap_registration_proxy_enabled | bool" - ansible.builtin.set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-matrix-ldap-registration-proxy.service'] }}" - when: matrix_matrix_ldap_registration_proxy_enabled | bool + when: matrix_ldap_registration_proxy_enabled | bool + +- block: + - name: Fail if matrix-nginx-proxy role already executed + ansible.builtin.fail: + msg: >- + Trying to append Matrix LDAP registration proxy's reverse-proxying configuration to matrix-nginx-proxy, + but it's pointless since the matrix-nginx-proxy role had already executed. + To fix this, please change the order of roles in your playbook, + so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-telegram role. + when: matrix_nginx_proxy_role_executed | default(False) | bool + + - name: Generate Matrix LDAP registration proxy proxying configuration for matrix-nginx-proxy + ansible.builtin.set_fact: + matrix_ldap_registration_proxy_matrix_nginx_proxy_configuration: | + location {{ matrix_ldap_registration_proxy_public_endpoint }} { + {% if matrix_nginx_proxy_enabled | default(False) %} + {# Use the embedded DNS resolver in Docker containers to discover the service #} + resolver 127.0.0.11 valid=5s; + set $backend "{{ matrix_ldap_registration_proxy_registration_addr_with_container }}"; + proxy_pass http://$backend/register;; + {% else %} + {# Generic configuration for use outside of our container setup #} + proxy_pass http://{{ matrix_ldap_registration_proxy_registration_addr_sans_container }}/register; + {% endif %} + } + + - name: Register Matrix LDAP registration proxy proxying configuration with matrix-nginx-proxy + ansible.builtin.set_fact: + matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: | + {{ + matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([]) + + + [matrix_ldap_registration_proxy_matrix_nginx_proxy_configuration] + }} + - name: Warn about reverse-proxying if matrix-nginx-proxy not used + ansible.builtin.debug: + msg: >- + NOTE: You've enabled the Matrix LDAP registration proxy bridge but are not using the matrix-nginx-proxy + reverse proxy. + Please make sure that you're proxying the `{{ matrix_ldap_registration_proxy_public_endpoint }}` + URL endpoint to the matrix-matrix-ldap-proxy container. + You can expose the container's port using the `matrix_ldap_registration_proxy_container_http_host_bind_port` variable. + when: "not matrix_nginx_proxy_enabled | default(False) | bool" + + tags: + - always + when: matrix_ldap_registration_proxy_enabled | bool and matrix_ldap_registration_proxy_appservice_public_enabled | bool From d33a668e6535c9ddab25289fbb50b1abd76667a2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Mon, 5 Sep 2022 21:54:10 +0200 Subject: [PATCH 295/562] Add role to setup.yml --- setup.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/setup.yml b/setup.yml index bd78158c..723f87d9 100755 --- a/setup.yml +++ b/setup.yml @@ -60,6 +60,7 @@ - matrix-client-hydrogen - matrix-client-cinny - matrix-jitsi + - matrix-ldap-registration-proxy - matrix-ma1sd - matrix-dimension - matrix-etherpad From 1da77f03b16b0832b79189767b143668f226f7af Mon Sep 17 00:00:00 2001 From: TheOneWithTheBraid Date: Tue, 6 Sep 2022 09:01:35 +0000 Subject: [PATCH 296/562] fix: updated default variables Signed-off-by: TheOneWithTheBraid --- .../matrix-ldap-registration-proxy/defaults/main.yml | 7 ++++++- roles/matrix-ldap-registration-proxy/tasks/init.yml | 4 ++-- roles/matrix-ldap-registration-proxy/tasks/main.yml | 6 +++--- .../tasks/setup_uninstall.yml | 12 ++++++------ .../matrix-ldap-registration-proxy.service.j2 | 4 ++-- 5 files changed, 19 insertions(+), 14 deletions(-) diff --git a/roles/matrix-ldap-registration-proxy/defaults/main.yml b/roles/matrix-ldap-registration-proxy/defaults/main.yml index 712e1101..8f7a2e2d 100644 --- a/roles/matrix-ldap-registration-proxy/defaults/main.yml +++ b/roles/matrix-ldap-registration-proxy/defaults/main.yml @@ -7,6 +7,9 @@ matrix_ldap_registration_proxy_enabled: true matrix_ldap_registration_proxy_container_image_self_build_repo: "https://gitlab.com/activism.international/matrix_ldap_registration_proxy.git" matrix_ldap_registration_proxy_container_image_self_build_branch: "{{ matrix_ldap_registration_proxy_version }}" +matrix_ldap_registration_proxy_docker_image: "{{ matrix_ldap_registration_proxy_docker_image_name_prefix }}activism.international/matrix_ldap_registration_proxy:{{ matrix_ldap_registration_proxy_version }}" +matrix_ldap_registration_proxy_docker_image_name_prefix: "localhost/" + matrix_ldap_registration_proxy_version: "296246afc6a9b3105e67fcf6621cf05ebc74b873" matrix_ldap_registration_proxy_base_path: "{{ matrix_base_data_path }}/matrix_ldap_registration_proxy" @@ -14,6 +17,8 @@ matrix_ldap_registration_proxy_base_path: "{{ matrix_base_data_path }}/matrix_ld matrix_ldap_registration_proxy_docker_src_files_path: "{{ matrix_ldap_registration_proxy_base_path }}/docker-src/matrix_ldap_registration_proxy" matrix_ldap_registration_proxy_config_path: "{{ matrix_ldap_registration_proxy_base_path }}/config" +matrix_ldap_registration_proxy_appservice_public_enabled: false + matrix_ldap_registration_proxy_ldap_uri: "" matrix_ldap_registration_proxy_ldap_base_dn: "" matrix_ldap_registration_proxy_ldap_user: "" @@ -22,7 +27,7 @@ matrix_ldap_registration_proxy_matrix_server_name: "{{ matrix_domain }}" matrix_ldap_registration_proxy_matrix_server_url: "https://{{ matrix_server_fqn_matrix }}" # Controls whether the self-check feature should validate SSL certificates. -matrix_matrix_ldap_registration_proxy_self_check_validate_certificates: true +matrix_ldap_registration_proxy_self_check_validate_certificates: true matrix_ldap_registration_proxy_container_port: 8080 # Controls whether the matrix_ldap_registration_proxy container exposes its HTTP port (tcp/{{ matrix_ldap_registration_proxy_container_port }} in the container). diff --git a/roles/matrix-ldap-registration-proxy/tasks/init.yml b/roles/matrix-ldap-registration-proxy/tasks/init.yml index 15017333..f7ed52c5 100644 --- a/roles/matrix-ldap-registration-proxy/tasks/init.yml +++ b/roles/matrix-ldap-registration-proxy/tasks/init.yml @@ -7,7 +7,7 @@ when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_ldap_registration_proxy_container_image_self_build and matrix_ldap_registration_proxy_enabled | bool" - ansible.builtin.set_fact: - matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-matrix-ldap-registration-proxy.service'] }}" + matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-ldap-registration-proxy.service'] }}" when: matrix_ldap_registration_proxy_enabled | bool - block: @@ -49,7 +49,7 @@ NOTE: You've enabled the Matrix LDAP registration proxy bridge but are not using the matrix-nginx-proxy reverse proxy. Please make sure that you're proxying the `{{ matrix_ldap_registration_proxy_public_endpoint }}` - URL endpoint to the matrix-matrix-ldap-proxy container. + URL endpoint to the matrix-ldap-proxy container. You can expose the container's port using the `matrix_ldap_registration_proxy_container_http_host_bind_port` variable. when: "not matrix_nginx_proxy_enabled | default(False) | bool" diff --git a/roles/matrix-ldap-registration-proxy/tasks/main.yml b/roles/matrix-ldap-registration-proxy/tasks/main.yml index 576fc1f4..5815774e 100644 --- a/roles/matrix-ldap-registration-proxy/tasks/main.yml +++ b/roles/matrix-ldap-registration-proxy/tasks/main.yml @@ -5,19 +5,19 @@ - always - ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml" - when: "run_setup | bool and matrix_matrix_ldap_registration_proxy_enabled | bool" + when: "run_setup | bool and matrix_ldap_registration_proxy_enabled | bool" tags: - setup-all - setup-matrix-ldap-registration-proxy - ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_install.yml" - when: "run_setup | bool and matrix_matrix_ldap_registration_proxy_enabled | bool" + when: "run_setup | bool and matrix_ldap_registration_proxy_enabled | bool" tags: - setup-all - setup-matrix-ldap-registration-proxy - ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" - when: "run_setup | bool and not matrix_matrix_ldap_registration_proxy_enabled | bool" + when: "run_setup | bool and not matrix_ldap_registration_proxy_enabled | bool" tags: - setup-all - setup-matrix-ldap-registration-proxy diff --git a/roles/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml b/roles/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml index cc542edf..3225a3ae 100644 --- a/roles/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml +++ b/roles/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml @@ -3,7 +3,7 @@ - name: Check existence of matrix-matrix_ldap_registration_proxy service ansible.builtin.stat: path: "{{ matrix_systemd_path }}/matrix-ldap-registration-proxy.service" - register: matrix_matrix_ldap_registration_proxy_service_stat + register: matrix_ldap_registration_proxy_service_stat - name: Ensure matrix-matrix_ldap_registration_proxy is stopped ansible.builtin.service: @@ -12,25 +12,25 @@ enabled: false daemon_reload: true register: stopping_result - when: "matrix_matrix_ldap_registration_proxy_service_stat.stat.exists | bool" + when: "matrix_ldap_registration_proxy_service_stat.stat.exists | bool" - name: Ensure matrix-ldap-registration-proxy.service doesn't exist ansible.builtin.file: path: "{{ matrix_systemd_path }}/matrix-ldap-registration-proxy.service" state: absent - when: "matrix_matrix_ldap_registration_proxy_service_stat.stat.exists | bool" + when: "matrix_ldap_registration_proxy_service_stat.stat.exists | bool" - name: Ensure systemd reloaded after matrix-ldap-registration-proxy.service removal ansible.builtin.service: daemon_reload: true - when: "matrix_matrix_ldap_registration_proxy_service_stat.stat.exists | bool" + when: "matrix_ldap_registration_proxy_service_stat.stat.exists | bool" - name: Ensure Matrix matrix_ldap_registration_proxy paths don't exist ansible.builtin.file: - path: "{{ matrix_matrix_ldap_registration_proxy_base_path }}" + path: "{{ matrix_ldap_registration_proxy_base_path }}" state: absent - name: Ensure matrix_ldap_registration_proxy Docker image doesn't exist docker_image: - name: "{{ matrix_matrix_ldap_registration_proxy_docker_image }}" + name: "{{ matrix_ldap_registration_proxy_docker_image }}" state: absent diff --git a/roles/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 b/roles/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 index afbabe72..4c68ed46 100644 --- a/roles/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 +++ b/roles/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-matrix_ldap_registration_proxy 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-matrix_ldap_registration_proxy 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix_ldap_registration_proxy 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix_ldap_registration_proxy 2>/dev/null || true' # matrix_ldap_registration_proxy writes an SQLite shared library (libsqlitejdbc.so) to /tmp and executes it from there, # so /tmp needs to be mounted with an exec option. From 54d5741ec14563a454f17982bccd527a0dec1e4d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Tue, 6 Sep 2022 09:37:35 +0200 Subject: [PATCH 297/562] Fix typo --- roles/matrix-ldap-registration-proxy/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-ldap-registration-proxy/defaults/main.yml b/roles/matrix-ldap-registration-proxy/defaults/main.yml index 8f7a2e2d..2d2894c9 100644 --- a/roles/matrix-ldap-registration-proxy/defaults/main.yml +++ b/roles/matrix-ldap-registration-proxy/defaults/main.yml @@ -35,7 +35,7 @@ matrix_ldap_registration_proxy_container_port: 8080 # Takes an ":" or "" value (e.g. "127.0.0.1:8080"), or empty string to not expose. matrix_ldap_registration_proxy_container_http_host_bind_port: '' -matrix_ldap_registration_proxy_registration_addr_with_container: "matrix-ldap_-egistration-proxy:{{ matrix_ldap_registration_proxy_container_port }}" +matrix_ldap_registration_proxy_registration_addr_with_container: "matrix-ldap_registration-proxy:{{ matrix_ldap_registration_proxy_container_port }}" matrix_ldap_registration_proxy_registration_addr_sans_container: "127.0.0.1:{{ matrix_ldap_registration_proxy_container_port }}" From ef523d68a4230233b61b1c41f3bf8fada08cfcd8 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 14 Sep 2022 08:13:01 +0300 Subject: [PATCH 298/562] Suppress errors in docker kill/rm calls for Synapse workers We do the same everywhere else. This is an omission. --- .../synapse/systemd/matrix-synapse-worker.service.j2 | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 index c7ef13fa..4a38251d 100644 --- a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 +++ b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 @@ -8,8 +8,8 @@ After=matrix-synapse.service Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_docker }} kill {{ matrix_synapse_worker_container_name }} -ExecStartPre=-{{ matrix_host_command_docker }} rm {{ matrix_synapse_worker_container_name }} +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' # Intentional delay, so that the homeserver can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -46,8 +46,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name {{ matrix_synapse_wor run -m synapse.app.{{ matrix_synapse_worker_details.type }} -c /data/homeserver.yaml -c /data/{{ matrix_synapse_worker_config_file_name }} -ExecStop=-{{ matrix_host_command_docker }} kill {{ matrix_synapse_worker_container_name }} -ExecStop=-{{ matrix_host_command_docker }} rm {{ matrix_synapse_worker_container_name }} +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' ExecReload={{ matrix_host_command_docker }} exec {{ matrix_synapse_worker_container_name }} /bin/sh -c 'kill -HUP 1' Restart=always From cb2e57e33ad6e95b18a93b0c366f45f4be224c12 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Wed, 14 Sep 2022 09:58:33 +0000 Subject: [PATCH 299/562] Update Postmoogle 0.9.1 -> 0.9.2 --- roles/matrix-bot-postmoogle/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index 6f7a96cc..b411f70d 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -9,7 +9,7 @@ matrix_bot_postmoogle_docker_repo: "https://gitlab.com/etke.cc/postmoogle.git" matrix_bot_postmoogle_docker_repo_version: "{{ 'main' if matrix_bot_postmoogle_version == 'latest' else matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_src_files_path: "{{ matrix_base_data_path }}/postmoogle/docker-src" -matrix_bot_postmoogle_version: v0.9.1 +matrix_bot_postmoogle_version: v0.9.2 matrix_bot_postmoogle_docker_image: "{{ matrix_bot_postmoogle_docker_image_name_prefix }}postmoogle:{{ matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_postmoogle_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" matrix_bot_postmoogle_docker_image_force_pull: "{{ matrix_bot_postmoogle_docker_image.endswith(':latest') }}" From a7067b054d065d419ae632a537891baa88b93e69 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 14 Sep 2022 17:19:47 +0000 Subject: [PATCH 300/562] Bump frenck/action-yamllint from 1.2.0 to 1.3.0 Bumps [frenck/action-yamllint](https://github.com/frenck/action-yamllint) from 1.2.0 to 1.3.0. - [Release notes](https://github.com/frenck/action-yamllint/releases) - [Commits](https://github.com/frenck/action-yamllint/compare/v1.2.0...v1.3.0) --- updated-dependencies: - dependency-name: frenck/action-yamllint dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/matrix.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/matrix.yml b/.github/workflows/matrix.yml index aa107858..f63eade4 100644 --- a/.github/workflows/matrix.yml +++ b/.github/workflows/matrix.yml @@ -13,7 +13,7 @@ jobs: - name: Check out uses: actions/checkout@v3 - name: Run yamllint - uses: frenck/action-yamllint@v1.2.0 + uses: frenck/action-yamllint@v1.3.0 ansible-lint: name: ansible-lint runs-on: ubuntu-latest From fde5fef8b389b0d6a98b61914712f8e3f52d4676 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 14 Sep 2022 20:44:35 +0300 Subject: [PATCH 301/562] Fix Cactus Comments nginx injection when matrix-nginx-proxy disabled Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2101 Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2089 --- roles/matrix-cactus-comments/tasks/init.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/roles/matrix-cactus-comments/tasks/init.yml b/roles/matrix-cactus-comments/tasks/init.yml index 78cdd319..9a15cf89 100644 --- a/roles/matrix-cactus-comments/tasks/init.yml +++ b/roles/matrix-cactus-comments/tasks/init.yml @@ -35,17 +35,18 @@ ansible.builtin.set_fact: matrix_nginx_proxy_container_additional_volumes: > {{ - matrix_nginx_proxy_container_additional_volumes | default([]) + matrix_nginx_proxy_container_additional_volumes | default([]) + [{"src": "{{ matrix_cactus_comments_client_path }}", "dst": "/cactus-comments/cactus-comments", "options": "ro"}] }} + - name: Generate Cactus Comment proxying configuration for matrix-nginx-proxy ansible.builtin.set_fact: matrix_cactus_comments_nginx_proxy_configuration: | location {{ matrix_cactus_comments_client_endpoint }} { root {{ matrix_cactus_comments_client_nginx_path }}; } - when: "matrix_nginx_proxy_enabled | default(False) | bool" + - name: Register Cactus Comment proxying configuration with matrix-nginx-proxy ansible.builtin.set_fact: matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: | @@ -54,6 +55,7 @@ + [matrix_cactus_comments_nginx_proxy_configuration] }} + - name: Warn about reverse-proxying if matrix-nginx-proxy not used ansible.builtin.debug: msg: >- From 05819056bc16b7e5ba2e75060bf1e9dcb003f999 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 14 Sep 2022 20:54:00 +0300 Subject: [PATCH 302/562] Document that using Synapse workers with not-matrix-nginx-proxy causes troubles Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2090 --- docs/configuring-playbook-synapse.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-synapse.md b/docs/configuring-playbook-synapse.md index 50860a17..7c38b5cc 100644 --- a/docs/configuring-playbook-synapse.md +++ b/docs/configuring-playbook-synapse.md @@ -42,7 +42,7 @@ matrix_postgres_process_extra_arguments: [ ] ``` -If you're using the default setup (the `matrix-nginx-proxy` webserver being enabled) or you're using your own `nginx` server (which imports the configuration files generated by the playbook), you're good to go. If you use some other webserver, you may need to tweak your reverse-proxy setup manually to forward traffic to the various workers. +**NOTE**: Disabling `matrix-nginx-proxy` (`matrix_nginx_proxy_enabled: false`) (that is, [using your own other webserver](configuring-playbook-own-webserver.md) when running a Synapse worker setup is likely to cause various troubles (see [this issue](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2090)). In case any problems occur, make sure to have a look at the [list of synapse issues about workers](https://github.com/matrix-org/synapse/issues?q=workers+in%3Atitle) and your `journalctl --unit 'matrix-*'`. From 99f4f5edc77011189fdbd0eacabf14df36624bb0 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 15 Sep 2022 07:46:17 +0300 Subject: [PATCH 303/562] Add note that disabling matrix-nginx-proxy may be a bad idea sometimes Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2090 --- docs/configuring-playbook-own-webserver.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/docs/configuring-playbook-own-webserver.md b/docs/configuring-playbook-own-webserver.md index 76fa2d8b..7e5d6001 100644 --- a/docs/configuring-playbook-own-webserver.md +++ b/docs/configuring-playbook-own-webserver.md @@ -1,11 +1,14 @@ # Using your own webserver, instead of this playbook's nginx proxy (optional, advanced) -By default, this playbook installs its own nginx webserver (in a Docker container) which listens on ports 80 and 443. +By default, this playbook installs its own nginx webserver (called `matrix-nginx-proxy`, in a Docker container) which listens on ports 80 and 443. If that's alright, you can skip this. If you don't want this playbook's nginx webserver to take over your server's 80/443 ports like that, and you'd like to use your own webserver (be it nginx, Apache, Varnish Cache, etc.), you can. +You should note, however, that the playbook's services work best when you keep using the integrated `matrix-nginx-proxy` webserver. +For example, disabling `matrix-nginx-proxy` when running a [Synapse worker setup for load-balancing](configuring-playbook-synapse.md#load-balancing-with-workers) (a more advanced, non-default configuration) is likely to cause various troubles (see [this issue](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2090)). If you need a such more scalable setup, disabling `matrix-nginx-proxy` will be a bad idea. If yours will be a simple (default, non-worker-load-balancing) deployment, disabling `matrix-nginx-proxy` may be fine. + There are **2 ways you can go about it**, if you'd like to use your own webserver: - [Method 1: Disabling the integrated nginx reverse-proxy webserver](#method-1-disabling-the-integrated-nginx-reverse-proxy-webserver) From 226c550ffafc08d3d34d4a92882ed3729124faa0 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 15 Sep 2022 07:05:25 +0300 Subject: [PATCH 304/562] Add support for stream writer Synapse workers As stream writer workers are also powered by the `generic_worker` Synapse app, this necessitated that we provide means for distinguishing between them and regular `generic_workers`. I've also taken the time to optimize nginx configuration generation (more Jinja2 macro usage, less duplication). Worker names have also changed. Workers are now named sequentially like this: - `matrix-synapse-worker-0-generic` - `matrix-synapse-worker-1-stream-writer-typing` - `matrix-synapse-worker-2-pusher` instead of `matrix-synapse-worker_generic_worker-18111` (indexed with a port number). People who modify `matrix_synapse_workers_enabled_list` directly will need to adjust their configuration. --- CHANGELOG.md | 39 ++++++ ...configuring-playbook-prometheus-grafana.md | 8 +- group_vars/matrix_servers | 7 + roles/matrix-nginx-proxy/defaults/main.yml | 5 + .../nginx/conf.d/matrix-synapse.conf.j2 | 125 +++++++++++------- .../templates/prometheus.yml.j2 | 5 +- roles/matrix-synapse/defaults/main.yml | 112 ++++++++++++++-- roles/matrix-synapse/tasks/init.yml | 10 +- .../tasks/synapse/workers/init.yml | 50 ++++++- .../inject_systemd_services_for_worker.yml | 19 --- .../synapse/workers/util/inject_worker.yml | 65 +++++++++ .../workers/util/setup_files_for_worker.yml | 10 +- .../matrix-synapse/tasks/validate_config.yml | 5 + .../templates/synapse/homeserver.yaml.j2 | 8 +- .../external_prometheus.yml.example.j2 | 7 +- .../systemd/matrix-synapse-worker.service.j2 | 2 +- .../synapse/systemd/matrix-synapse.service.j2 | 2 +- .../templates/synapse/worker.yaml.j2 | 36 +++-- roles/matrix-synapse/vars/main.yml | 55 ++++++++ 19 files changed, 449 insertions(+), 121 deletions(-) delete mode 100644 roles/matrix-synapse/tasks/synapse/workers/util/inject_systemd_services_for_worker.yml create mode 100644 roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml diff --git a/CHANGELOG.md b/CHANGELOG.md index df4957eb..2b9b149e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,42 @@ +# 2022-09-15 + +## (Potential Backward Compatibility Break) Major changes to Synapse workers + +People who are interested in running a Synapse worker setup should know that **our Synapse worker implementation is much more powerful now**: + +- we've added [Stream writers support](#stream-writers-support) +- see the [Potential Backward Incompatibilities after these Synapse worker changes](#potential-backward-incompatibilities-after-these-synapse-worker-changes) + +### Stream writers support + +From now on, the playbook lets you easily set up various [stream writer workers](https://matrix-org.github.io/synapse/latest/workers.html#stream-writers) which can handle different streams (`events` stream; `typing` URL endpoints, `to_device` URL endpoints, `account_data` URL endpoints, `receipts` URL endpoints, `presence` URL endpoints). All of this work was previously handled by the main Synapse process, but can now be offloaded to stream writer worker processes. + +If you're using `matrix_synapse_workers_preset: one-of-each`, you'll automatically get 6 additional workers (one for each of the above stream types). Our `little-federation-helper` preset (meant to be quite minimal and focusing in improved federation performance) does not include stream writer workers. + +If you'd like to customize the number of workers we also make that possible using these variables: + +```yaml +# Synapse only supports more than 1 worker for the `events` stream. +# All other streams can utilize either 0 or 1 workers, not more than that. +matrix_synapse_workers_stream_writer_events_stream_workers_count: 5 +matrix_synapse_workers_stream_writer_typing_stream_workers_count: 1 +matrix_synapse_workers_stream_writer_to_device_stream_workers_count: 1 +matrix_synapse_workers_stream_writer_account_data_stream_workers_count: 1 +matrix_synapse_workers_stream_writer_receipts_stream_workers_count: 1 +matrix_synapse_workers_stream_writer_presence_stream_workers_count: 1 +``` + +### Potential Backward Incompatibilities after these Synapse worker changes + +Below we'll discuss **potential backward incompatibilities**. + +- **Worker names** (container names, systemd services, worker configuration files) **have changed**. Workers are now labeled sequentially (e.g. `matrix-synapse-worker_generic_worker-18111` -> `matrix-synapse-worker-generic-0`). The playbook will handle these changes automatically. + +- **Metric endpoints have also changed** (`/metrics/synapse/worker/generic_worker-18111` -> `/metrics/synapse/worker/generic-worker-0`). If you're [collecting metrics to an external Prometheus server](docs/configuring-playbook-prometheus-grafana.md#collecting-metrics-to-an-external-prometheus-server), consider revisiting our [Collecting Synapse worker metrics to an external Prometheus server](docs/configuring-playbook-prometheus-grafana.md#collecting-synapse-worker-metrics-to-an-external-prometheus-server) docs and updating your Prometheus configuration. **If you're collecting metrics to the integrated Prometheus server** (not enabled by default), **your Prometheus configuration will be updated automatically**. Old data (from before this change) may stick around though. + +- **the format of `matrix_synapse_workers_enabled_list` has changed**. You were never advised to use this variable for directly creating workers (we advise people to control workers using `matrix_synapse_workers_preset` or by tweaking `matrix_synapse_workers_*_workers_count` variables only), but some people may have started using the `matrix_synapse_workers_enabled_list` variable to gain more control over workers. If you're one of them, you'll need to adjust its value. See `roles/matrix-synapse/defaults/main.yml` for more information on the new format. The playbook will also do basic validation and complain if you got something wrong. + + # 2022-09-09 ## Cactus Comments support diff --git a/docs/configuring-playbook-prometheus-grafana.md b/docs/configuring-playbook-prometheus-grafana.md index b2878c12..f86566a9 100644 --- a/docs/configuring-playbook-prometheus-grafana.md +++ b/docs/configuring-playbook-prometheus-grafana.md @@ -90,11 +90,11 @@ matrix_nginx_proxy_proxy_matrix_metrics_additional_user_location_configuration_b Using `matrix_nginx_proxy_proxy_matrix_metrics_additional_user_location_configuration_blocks` only takes effect if `matrix_nginx_proxy_proxy_matrix_metrics_enabled: true` (see above). -Note : The playbook will hash the basic_auth password for you on setup. Thus, you need to give the plain-text version of the password as a variable. +Note : The playbook will hash the basic_auth password for you on setup. Thus, you need to give the plain-text version of the password as a variable. ### Collecting Synapse worker metrics to an external Prometheus server -If you are using workers (`matrix_synapse_workers_enabled: true`) and have enabled `matrix_synapse_metrics_proxying_enabled` as described above, the playbook will also automatically expose all Synapse worker threads' metrics to `https://matrix.DOMAIN/metrics/synapse/worker/TYPE-ID`, where `TYPE` corresponds to the type and `ID` to the instanceId of a worker as exemplified in `matrix_synapse_workers_enabled_list`. +If you are using workers (`matrix_synapse_workers_enabled: true`) and have enabled `matrix_synapse_metrics_proxying_enabled` as described above, the playbook will also automatically expose all Synapse worker threads' metrics to `https://matrix.DOMAIN/metrics/synapse/worker/ID`, where `ID` corresponds to the worker `id` as exemplified in `matrix_synapse_workers_enabled_list`. The playbook also generates an exemplary config file (`/matrix/synapse/external_prometheus.yml.template`) with all the correct paths which you can copy to your Prometheus server and adapt to your needs. Make sure to edit the specified `password_file` path and contents and path to your `synapse-v2.rules`. It will look a bit like this: @@ -111,8 +111,8 @@ scrape_configs: labels: job: "master" index: 1 - - job_name: 'synapse-generic_worker-1' - metrics_path: /metrics/synapse/worker/generic_worker-18111 + - job_name: 'matrix-synapse-synapse-worker-generic-worker-0' + metrics_path: /metrics/synapse/worker/generic-worker-0 scheme: https basic_auth: username: prometheus diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index c0d831e1..e891a3d9 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1760,6 +1760,11 @@ matrix_nginx_proxy_synapse_workers_enabled: "{{ matrix_synapse_workers_enabled } matrix_nginx_proxy_synapse_workers_list: "{{ matrix_synapse_workers_enabled_list }}" matrix_nginx_proxy_synapse_generic_worker_client_server_locations: "{{ matrix_synapse_workers_generic_worker_client_server_endpoints }}" matrix_nginx_proxy_synapse_generic_worker_federation_locations: "{{ matrix_synapse_workers_generic_worker_federation_endpoints }}" +matrix_nginx_proxy_synapse_stream_writer_typing_stream_worker_client_server_locations: "{{ matrix_synapse_workers_stream_writer_typing_stream_worker_client_server_endpoints }}" +matrix_nginx_proxy_synapse_stream_writer_to_device_stream_worker_client_server_locations: "{{ matrix_synapse_workers_stream_writer_to_device_stream_worker_client_server_endpoints }}" +matrix_nginx_proxy_synapse_stream_writer_account_data_stream_worker_client_server_locations: "{{ matrix_synapse_workers_stream_writer_account_data_stream_worker_client_server_endpoints }}" +matrix_nginx_proxy_synapse_stream_writer_receipts_stream_worker_client_server_locations: "{{ matrix_synapse_workers_stream_writer_receipts_stream_worker_client_server_endpoints }}" +matrix_nginx_proxy_synapse_stream_writer_presence_stream_worker_client_server_locations: "{{ matrix_synapse_workers_stream_writer_presence_stream_worker_client_server_endpoints }}" matrix_nginx_proxy_synapse_media_repository_locations: "{{matrix_synapse_workers_media_repository_endpoints|default([]) }}" matrix_nginx_proxy_synapse_user_dir_locations: "{{ matrix_synapse_workers_user_dir_endpoints|default([]) }}" @@ -1767,6 +1772,8 @@ matrix_nginx_proxy_systemd_wanted_services_list: | {{ ['matrix-' + matrix_homeserver_implementation + '.service'] + + (matrix_synapse_webserving_workers_systemd_services_list if matrix_homeserver_implementation == 'synapse' and matrix_synapse_workers_enabled) + + (['matrix-corporal.service'] if matrix_corporal_enabled else []) + (['matrix-ma1sd.service'] if matrix_ma1sd_enabled else []) diff --git a/roles/matrix-nginx-proxy/defaults/main.yml b/roles/matrix-nginx-proxy/defaults/main.yml index a7484215..88c99ea9 100644 --- a/roles/matrix-nginx-proxy/defaults/main.yml +++ b/roles/matrix-nginx-proxy/defaults/main.yml @@ -623,6 +623,11 @@ matrix_nginx_proxy_synapse_workers_enabled: false matrix_nginx_proxy_synapse_workers_list: [] matrix_nginx_proxy_synapse_generic_worker_client_server_locations: [] matrix_nginx_proxy_synapse_generic_worker_federation_locations: [] +matrix_nginx_proxy_synapse_stream_writer_typing_stream_worker_client_server_locations: [] +matrix_nginx_proxy_synapse_stream_writer_to_device_stream_worker_client_server_locations: [] +matrix_nginx_proxy_synapse_stream_writer_account_data_stream_worker_client_server_locations: [] +matrix_nginx_proxy_synapse_stream_writer_receipts_stream_worker_client_server_locations: [] +matrix_nginx_proxy_synapse_stream_writer_presence_stream_worker_client_server_locations: [] matrix_nginx_proxy_synapse_media_repository_locations: [] matrix_nginx_proxy_synapse_user_dir_locations: [] diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 index 81e31a7c..bbce7462 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 @@ -1,23 +1,52 @@ #jinja2: lstrip_blocks: "True" {% set generic_workers = matrix_nginx_proxy_synapse_workers_list | selectattr('type', 'equalto', 'generic_worker') | list %} +{% set stream_writer_typing_stream_workers = matrix_nginx_proxy_synapse_workers_list | selectattr('type', 'equalto', 'stream_writer') | selectattr('stream_writer_stream', 'equalto', 'typing') | list %} +{% set stream_writer_to_device_stream_workers = matrix_nginx_proxy_synapse_workers_list | selectattr('type', 'equalto', 'stream_writer') | selectattr('stream_writer_stream', 'equalto', 'to_device') | list %} +{% set stream_writer_account_data_stream_workers = matrix_nginx_proxy_synapse_workers_list | selectattr('type', 'equalto', 'stream_writer') | selectattr('stream_writer_stream', 'equalto', 'account_data') | list %} +{% set stream_writer_receipts_stream_workers = matrix_nginx_proxy_synapse_workers_list | selectattr('type', 'equalto', 'stream_writer') | selectattr('stream_writer_stream', 'equalto', 'receipts') | list %} +{% set stream_writer_presence_stream_workers = matrix_nginx_proxy_synapse_workers_list | selectattr('type', 'equalto', 'stream_writer') | selectattr('stream_writer_stream', 'equalto', 'presence') | list %} {% set media_repository_workers = matrix_nginx_proxy_synapse_workers_list | selectattr('type', 'equalto', 'media_repository') | list %} {% set user_dir_workers = matrix_nginx_proxy_synapse_workers_list | selectattr('type', 'equalto', 'user_dir') | list %} + +{% macro render_worker_upstream(name, workers, matrix_nginx_proxy_enabled) %} +{% if workers | length > 0 %} + upstream {{ name }} { + {% for worker in workers %} + {% if matrix_nginx_proxy_enabled %} + server "{{ worker.name }}:{{ worker.port }}"; + {% else %} + server "127.0.0.1:{{ worker.port }}"; + {% endif %} + {% endfor %} + } +{% endif %} +{% endmacro %} + +{% macro render_locations_to_upstream(locations, upstream_name) %} + {% for location in locations %} + location ~ {{ location }} { + proxy_pass http://{{ upstream_name }}$request_uri; + proxy_set_header Host $host; + } + {% endfor %} +{% endmacro %} + {% if matrix_nginx_proxy_synapse_workers_enabled %} {% if matrix_nginx_proxy_synapse_cache_enabled %} proxy_cache_path {{ matrix_nginx_proxy_synapse_cache_path }} levels=1:2 keys_zone={{ matrix_nginx_proxy_synapse_cache_keys_zone_name }}:{{ matrix_nginx_proxy_synapse_cache_keys_zone_size }} inactive={{ matrix_nginx_proxy_synapse_cache_inactive_time }} max_size={{ matrix_nginx_proxy_synapse_cache_max_size_mb }}m; {% endif %} # Round Robin "upstream" pools for workers - {% if generic_workers %} - upstream generic_worker_upstream { + {% if generic_workers |length > 0 %} + upstream generic_workers_upstream { # ensures that requests from the same client will always be passed # to the same server (except when this server is unavailable) hash $http_x_forwarded_for; {% for worker in generic_workers %} {% if matrix_nginx_proxy_enabled %} - server "matrix-synapse-worker-{{ worker.type }}-{{ worker.instanceId }}:{{ worker.port }}"; + server "{{ worker.name }}:{{ worker.port }}"; {% else %} server "127.0.0.1:{{ worker.port }}"; {% endif %} @@ -25,29 +54,15 @@ } {% endif %} - {% if media_repository_workers %} - upstream media_repository_upstream { - {% for worker in media_repository_workers %} - {% if matrix_nginx_proxy_enabled %} - server "matrix-synapse-worker-{{ worker.type }}-{{ worker.instanceId }}:{{ worker.port }}"; - {% else %} - server "127.0.0.1:{{ worker.port }}"; - {% endif %} - {% endfor %} - } - {% endif %} + {{ render_worker_upstream('stream_writer_typing_stream_workers_upstream', stream_writer_typing_stream_workers, matrix_nginx_proxy_enabled) }} + {{ render_worker_upstream('stream_writer_to_device_stream_workers_upstream', stream_writer_to_device_stream_workers, matrix_nginx_proxy_enabled) }} + {{ render_worker_upstream('stream_writer_account_data_stream_workers_upstream', stream_writer_account_data_stream_workers, matrix_nginx_proxy_enabled) }} + {{ render_worker_upstream('stream_writer_receipts_stream_workers_upstream', stream_writer_receipts_stream_workers, matrix_nginx_proxy_enabled) }} + {{ render_worker_upstream('stream_writer_presence_stream_workers_upstream', stream_writer_presence_stream_workers, matrix_nginx_proxy_enabled) }} - {% if user_dir_workers %} - upstream user_dir_upstream { - {% for worker in user_dir_workers %} - {% if matrix_nginx_proxy_enabled %} - server "matrix-synapse-worker-{{ worker.type }}-{{ worker.instanceId }}:{{ worker.port }}"; - {% else %} - server "127.0.0.1:{{ worker.port }}"; - {% endif %} - {% endfor %} - } - {% endif %} + {{ render_worker_upstream('media_repository_workers_upstream', media_repository_workers, matrix_nginx_proxy_enabled) }} + + {{ render_worker_upstream('user_dir_workers_upstream', user_dir_workers, matrix_nginx_proxy_enabled) }} {% endif %} server { @@ -65,21 +80,41 @@ server { {% if matrix_nginx_proxy_synapse_workers_enabled %} {# Workers redirects BEGIN #} - {% if generic_workers %} + {% if generic_workers | length > 0 %} # https://github.com/matrix-org/synapse/blob/master/docs/workers.md#synapseappgeneric_worker - {% for location in matrix_nginx_proxy_synapse_generic_worker_client_server_locations %} - location ~ {{ location }} { - proxy_pass http://generic_worker_upstream$request_uri; - proxy_set_header Host $host; - } - {% endfor %} + {{ render_locations_to_upstream(matrix_nginx_proxy_synapse_generic_worker_client_server_locations, 'generic_workers_upstream') }} {% endif %} - {% if media_repository_workers %} + {% if stream_writer_typing_stream_workers | length > 0 %} + # https://matrix-org.github.io/synapse/latest/workers.html#the-typing-stream + {{ render_locations_to_upstream(matrix_nginx_proxy_synapse_stream_writer_typing_stream_worker_client_server_locations, 'stream_writer_typing_stream_workers_upstream') }} + {% endif %} + + {% if stream_writer_to_device_stream_workers | length > 0 %} + # https://matrix-org.github.io/synapse/latest/workers.html#the-to_device-stream + {{ render_locations_to_upstream(matrix_nginx_proxy_synapse_stream_writer_to_device_stream_worker_client_server_locations, 'stream_writer_to_device_stream_workers_upstream') }} + {% endif %} + + {% if stream_writer_account_data_stream_workers | length > 0 %} + # https://matrix-org.github.io/synapse/latest/workers.html#the-account_data-stream + {{ render_locations_to_upstream(matrix_nginx_proxy_synapse_stream_writer_account_data_stream_worker_client_server_locations, 'stream_writer_account_data_stream_workers_upstream') }} + {% endif %} + + {% if stream_writer_receipts_stream_workers | length > 0 %} + # https://matrix-org.github.io/synapse/latest/workers.html#the-receipts-stream + {{ render_locations_to_upstream(matrix_nginx_proxy_synapse_stream_writer_receipts_stream_worker_client_server_locations, 'stream_writer_receipts_stream_workers_upstream') }} + {% endif %} + + {% if stream_writer_presence_stream_workers | length > 0 %} + # https://matrix-org.github.io/synapse/latest/workers.html#the-presence-stream + {{ render_locations_to_upstream(matrix_nginx_proxy_synapse_stream_writer_presence_stream_worker_client_server_locations, 'stream_writer_presence_stream_workers_upstream') }} + {% endif %} + + {% if media_repository_workers | length > 0 %} # https://github.com/matrix-org/synapse/blob/master/docs/workers.md#synapseappmedia_repository {% for location in matrix_nginx_proxy_synapse_media_repository_locations %} location ~ {{ location }} { - proxy_pass http://media_repository_upstream$request_uri; + proxy_pass http://media_repository_workers_upstream$request_uri; proxy_set_header Host $host; client_body_buffer_size 25M; @@ -97,15 +132,10 @@ server { {% endfor %} {% endif %} - {% if user_dir_workers %} + {% if user_dir_workers | length > 0 %} # FIXME: obsolete if matrix_nginx_proxy_proxy_matrix_user_directory_search_enabled is set # https://github.com/matrix-org/synapse/blob/master/docs/workers.md#synapseappuser_dir - {% for location in matrix_nginx_proxy_synapse_user_dir_locations %} - location ~ {{ location }} { - proxy_pass http://user_dir_upstream$request_uri; - proxy_set_header Host $host; - } - {% endfor %} + {{ render_locations_to_upstream(matrix_nginx_proxy_synapse_user_dir_locations, 'user_dir_workers_upstream') }} {% endif %} {# Workers redirects END #} {% endif %} @@ -150,20 +180,15 @@ server { gzip_types text/plain application/json; {% if matrix_nginx_proxy_synapse_workers_enabled %} - {% if generic_workers %} + {% if generic_workers | length > 0 %} # https://github.com/matrix-org/synapse/blob/master/docs/workers.md#synapseappgeneric_worker - {% for location in matrix_nginx_proxy_synapse_generic_worker_federation_locations %} - location ~ {{ location }} { - proxy_pass http://generic_worker_upstream$request_uri; - proxy_set_header Host $host; - } - {% endfor %} + {{ render_locations_to_upstream(matrix_nginx_proxy_synapse_generic_worker_federation_locations, 'generic_workers_upstream') }} {% endif %} - {% if media_repository_workers %} + {% if media_repository_workers | length > 0 %} # https://github.com/matrix-org/synapse/blob/master/docs/workers.md#synapseappmedia_repository {% for location in matrix_nginx_proxy_synapse_media_repository_locations %} location ~ {{ location }} { - proxy_pass http://media_repository_upstream$request_uri; + proxy_pass http://media_repository_workers_upstream$request_uri; proxy_set_header Host $host; client_body_buffer_size 25M; diff --git a/roles/matrix-prometheus/templates/prometheus.yml.j2 b/roles/matrix-prometheus/templates/prometheus.yml.j2 index f3262f48..628f4f4f 100644 --- a/roles/matrix-prometheus/templates/prometheus.yml.j2 +++ b/roles/matrix-prometheus/templates/prometheus.yml.j2 @@ -37,11 +37,12 @@ scrape_configs: index: 0 {% for worker in matrix_prometheus_scraper_synapse_workers_enabled_list %} {% if worker.metrics_port != 0 %} - - targets: ['matrix-synapse-worker-{{ worker.type }}-{{ worker.instanceId }}:{{ worker.metrics_port }}'] + - targets: ['{{ worker.name }}:{{ worker.metrics_port }}'] labels: instance: {{ matrix_domain }} + worker_id: {{ worker.id }} job: {{ worker.type }} - index: {{ worker.instanceId }} + app: {{ worker.app }} {% endif %} {% endfor %} {% endif %} diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index a7dab5b6..4213c4f1 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -398,6 +398,12 @@ matrix_synapse_workers_presets: federation_sender_workers_count: 1 media_repository_workers_count: 0 user_dir_workers_count: 0 + stream_writer_events_stream_workers_count: 0 + stream_writer_typing_stream_workers_count: 0 + stream_writer_to_device_stream_workers_count: 0 + stream_writer_account_data_stream_workers_count: 0 + stream_writer_receipts_stream_workers_count: 0 + stream_writer_presence_stream_workers_count: 0 one-of-each: generic_workers_count: 1 pusher_workers_count: 1 @@ -409,6 +415,12 @@ matrix_synapse_workers_presets: # user_dir workers are deprecated since Synapse v1.59. This will be removed. # See: https://github.com/matrix-org/synapse/blob/v1.59.0/docs/upgrade.md#deprecation-of-the-synapseappappservice-and-synapseappuser_dir-worker-application-types user_dir_workers_count: 0 + stream_writer_events_stream_workers_count: 1 + stream_writer_typing_stream_workers_count: 1 + stream_writer_to_device_stream_workers_count: 1 + stream_writer_account_data_stream_workers_count: 1 + stream_writer_receipts_stream_workers_count: 1 + stream_writer_presence_stream_workers_count: 1 # Controls whether the matrix-synapse container exposes the various worker ports # (see `port` and `metrics_port` in `matrix_synapse_workers_enabled_list`) outside of the container. @@ -421,6 +433,71 @@ matrix_synapse_workers_generic_workers_count: "{{ matrix_synapse_workers_presets matrix_synapse_workers_generic_workers_port_range_start: 18111 matrix_synapse_workers_generic_workers_metrics_range_start: 19111 +# matrix_synapse_workers_stream_writer_events_stream_workers_count controls how many stream writers that handle the `events` stream to spawn. +# More than 1 worker is also supported of this type. +matrix_synapse_workers_stream_writer_events_stream_workers_count: "{{ matrix_synapse_workers_presets[matrix_synapse_workers_preset]['stream_writer_events_stream_workers_count'] }}" + +# matrix_synapse_workers_stream_writer_typing_stream_workers_count controls how many stream writers that handle the `typing` stream to spawn. +# The count of these workers can only be 0 or 1. +matrix_synapse_workers_stream_writer_typing_stream_workers_count: "{{ matrix_synapse_workers_presets[matrix_synapse_workers_preset]['stream_writer_typing_stream_workers_count'] }}" + +# matrix_synapse_workers_stream_writer_to_device_stream_workers_count controls how many stream writers that handle the `to_device` stream to spawn. +# The count of these workers can only be 0 or 1. +matrix_synapse_workers_stream_writer_to_device_stream_workers_count: "{{ matrix_synapse_workers_presets[matrix_synapse_workers_preset]['stream_writer_to_device_stream_workers_count'] }}" + +# matrix_synapse_workers_stream_writer_account_data_stream_workers_count controls how many stream writers that handle the `account_data` stream to spawn. +# The count of these workers can only be 0 or 1. +matrix_synapse_workers_stream_writer_account_data_stream_workers_count: "{{ matrix_synapse_workers_presets[matrix_synapse_workers_preset]['stream_writer_account_data_stream_workers_count'] }}" + +# matrix_synapse_workers_stream_writer_receipts_stream_workers_count controls how many stream writers that handle the `receipts` stream to spawn. +# The count of these workers can only be 0 or 1. +matrix_synapse_workers_stream_writer_receipts_stream_workers_count: "{{ matrix_synapse_workers_presets[matrix_synapse_workers_preset]['stream_writer_receipts_stream_workers_count'] }}" + +# matrix_synapse_workers_stream_writer_presence_stream_workers_count controls how many stream writers that handle the `presence` stream to spawn. +# The count of these workers can only be 0 or 1. +matrix_synapse_workers_stream_writer_presence_stream_workers_count: "{{ matrix_synapse_workers_presets[matrix_synapse_workers_preset]['stream_writer_presence_stream_workers_count'] }}" + +# A list of stream writer workers to enable. This list is built automatically based on other variables. +# You're encouraged to enable/disable stream writer workers by setting `matrix_synapse_workers_stream_writer_*_stream_workers_count` variables, instead of adjusting this list manually. +matrix_synapse_workers_stream_writers: | + {{ + [] + + + ([{'stream': 'events'}] * matrix_synapse_workers_stream_writer_events_stream_workers_count | int) + + + ([{'stream': 'typing'}] * matrix_synapse_workers_stream_writer_typing_stream_workers_count | int) + + + ([{'stream': 'to_device'}] * matrix_synapse_workers_stream_writer_to_device_stream_workers_count | int) + + + ([{'stream': 'account_data'}] * matrix_synapse_workers_stream_writer_account_data_stream_workers_count | int) + + + ([{'stream': 'receipts'}] * matrix_synapse_workers_stream_writer_receipts_stream_workers_count | int) + + + ([{'stream': 'presence'}] * matrix_synapse_workers_stream_writer_presence_stream_workers_count | int) + }} + +# matrix_synapse_stream_writers populates the `stream_writers` Synapse configuration used when Synapse workers are in use (`matrix_synapse_workers_enabled`). +# What you see below is an initial default value which will be adjusted at runtime based on the value of `matrix_synapse_workers_stream_writers`. +# Adjusting this value manually is generally not necessary. +# +# It's tempting to initialize this like this: +# matrix_synapse_stream_writers: +# - typing: [] +# - events: [] +# - to_device: [] +# - account_data: [] +# - receipts: [] +# - presence: [] +# .. but Synapse does not like empty lists (see https://github.com/matrix-org/synapse/issues/13804) +matrix_synapse_stream_writers: {} + +# `matrix_synapse_workers_stream_writer_workers_` variables control the port numbers of various stream writer workers +# defined in `matrix_synapse_workers_stream_writers`. +# It should be noted that not all of the background worker types will need to expose HTTP services, etc. +matrix_synapse_workers_stream_writer_workers_http_port_range_start: 20011 +matrix_synapse_workers_stream_writer_workers_replication_port_range_start: 25011 +matrix_synapse_workers_stream_writer_workers_metrics_range_start: 19111 + # matrix_synapse_workers_pusher_workers_count can only be 0 or 1 for now. # More instances are not supported due to a playbook limitation having to do with keeping `pusher_instances` in `homeserver.yaml` updated. # See https://github.com/matrix-org/synapse/commit/ddfdf945064925eba761ae3748e38f3a1c73c328 @@ -463,25 +540,36 @@ matrix_synapse_workers_user_dir_workers_metrics_range_start: 19661 # as certain workers can only be spawned just once. # # Each worker instance in the list defines the following fields: -# - `type` - the type of worker (`generic_worker`, etc.) -# - `instanceId` - a string that identifies the worker. The combination of (`type` + `instanceId`) represents the name of the worker and must be unique. +# - `id` - a string that uniquely identifies the worker +# - `name` - a string that will be used as the container and systemd service name +# - `type` - the type of worker (`generic_worker`, `stream_writer`, `pusher`, etc.) +# - `app` - the Synapse app (https://matrix-org.github.io/synapse/latest/workers.html#available-worker-applications) that powers this worker (`generic_worker`, `federation_sender`, etc.). +# The `app` usually matches the `type`, but not always. For example, `type = stream_writer` workers are served by the `generic_worker` type. # - `port` - an HTTP port where the worker listens for requests (can be `0` for workers that don't do HTTP request processing) # - `metrics_port` - an HTTP port where the worker exports Prometheus metrics +# - `replication_port` - an HTTP port where the worker serves `replication` endpoints (used by stream writers, etc.) +# - `webserving` - tells whether this type of worker serves web (client or federation) requests, so that it can be injected as a dependency to the reverse-proxy # # Example of what this needs to look like, if you're defining it manually: # matrix_synapse_workers_enabled_list: -# - { type: generic_worker, instanceId: '18111', port: 18111, metrics_port: 19111 } -# - { type: generic_worker, instanceId: '18112', port: 18112, metrics_port: 19112 } -# - { type: generic_worker, instanceId: '18113', port: 18113, metrics_port: 19113 } -# - { type: generic_worker, instanceId: '18114', port: 18114, metrics_port: 19114 } -# - { type: generic_worker, instanceId: '18115', port: 18115, metrics_port: 19115 } -# - { type: generic_worker, instanceId: '18116', port: 18116, metrics_port: 19116 } -# - { type: pusher, instanceId: '0', port: 0, metrics_port: 19200 } -# - { type: appservice, instanceId: '0', port: 0, metrics_port: 19300 } -# - { type: federation_sender, instanceId: '0', port: 0, metrics_port: 19400 } -# - { type: media_repository, instanceId: '18551', port: 18551, metrics_port: 19551 } +# - { 'id': 'generic-worker-0', 'name': 'matrix-synapse-worker-generic-0', 'type': 'generic_worker', 'app': 'generic_worker', 'port': 18111, 'metrics_port': 19111, 'webserving': true } +# - { 'id': 'generic-worker-1', 'name': 'matrix-synapse-worker-generic-1', 'type': 'generic_worker', 'app': 'generic_worker', 'port': 18112, 'metrics_port': 19112, 'webserving': true } +# - { 'id': 'generic-worker-2', 'name': 'matrix-synapse-worker-generic-2', 'type': 'generic_worker', 'app': 'generic_worker', 'port': 18113, 'metrics_port': 19113, 'webserving': true } +# - { 'id': 'generic-worker-3', 'name': 'matrix-synapse-worker-generic-3', 'type': 'generic_worker', 'app': 'generic_worker', 'port': 18114, 'metrics_port': 19114, 'webserving': true } +# - { 'id': 'generic-worker-4', 'name': 'matrix-synapse-worker-generic-4', 'type': 'generic_worker', 'app': 'generic_worker', 'port': 18115, 'metrics_port': 19115, 'webserving': true } +# - { 'id': 'generic-worker-5', 'name': 'matrix-synapse-worker-generic-5', 'type': 'generic_worker', 'app': 'generic_worker', 'port': 18116, 'metrics_port': 19116, 'webserving': true } +# - { 'id': 'stream-writer-0-events', 'name': 'matrix-synapse-worker-stream-writer-0-events', 'type': 'stream_writer', 'app': 'generic_worker', 'stream_writer_stream': 'events', 'port': 0, 'replication_port': 25011, metrics_port: 19111, 'webserving': false } +# - { 'id': 'stream-writer-1-typing', 'name': 'matrix-synapse-worker-stream-writer-1-typing', 'type': 'stream_writer', 'app': 'generic_worker', 'stream_writer_stream': 'typing', 'port': 20012, 'replication_port': 25012, metrics_port: 19112, 'webserving': true } +# - { 'id': 'pusher-0', 'name': 'matrix-synapse-worker-pusher-0', 'type': 'pusher', 'app': 'pusher', 'port': 0, 'metrics_port': 19200, 'webserving': false } +# - { 'id': 'appservice-0', 'name': 'matrix-synapse-worker-appservice-0', 'type': 'appservice', 'port': 0, 'metrics_port': 19300, 'webserving': false } +# - { 'id': 'federation-sender-0', 'name': 'matrix-synapse-worker-federation-sender-0', 'type': 'federation_sender', 'port': 0, 'metrics_port': 19400, 'webserving': false } +# - { 'id': 'media-repository-0', 'name': 'matrix-synapse-worker-media-repository-0', 'type': 'media_repository', 'port': 18551, 'metrics_port': 19551, 'webserving': true } matrix_synapse_workers_enabled_list: [] +# matrix_synapse_instance_map holds the instance map used for mapping worker names (for certain generic workers only!) to where they live (host, port which handles replication traffic). +# This is populated automatically based on `matrix_synapse_workers_enabled_list` during runtime, so you're not required to tweak it manually. +matrix_synapse_instance_map: {} + # Redis information matrix_synapse_redis_enabled: false matrix_synapse_redis_host: "" diff --git a/roles/matrix-synapse/tasks/init.yml b/roles/matrix-synapse/tasks/init.yml index 77696bce..8610a33b 100644 --- a/roles/matrix-synapse/tasks/init.yml +++ b/roles/matrix-synapse/tasks/init.yml @@ -8,15 +8,15 @@ # Unless `matrix_synapse_workers_enabled_list` is explicitly defined, # we'll generate it dynamically. -- ansible.builtin.import_tasks: "{{ role_path }}/tasks/synapse/workers/init.yml" +- ansible.builtin.include_tasks: "{{ role_path }}/tasks/synapse/workers/init.yml" when: "matrix_synapse_enabled and matrix_synapse_workers_enabled and matrix_synapse_workers_enabled_list|length == 0" - ansible.builtin.set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-synapse.service'] }}" when: matrix_synapse_enabled | bool -- name: Ensure systemd services for workers are injected - ansible.builtin.include_tasks: "{{ role_path }}/tasks/synapse/workers/util/inject_systemd_services_for_worker.yml" +- name: Ensure workers are injected into various places + ansible.builtin.include_tasks: "{{ role_path }}/tasks/synapse/workers/util/inject_worker.yml" with_items: "{{ matrix_synapse_workers_enabled_list }}" loop_control: loop_var: matrix_synapse_worker_details @@ -65,9 +65,9 @@ matrix_synapse_worker_nginx_metrics_configuration_block: | {% for worker in matrix_synapse_workers_enabled_list %} {% if worker.metrics_port != 0 %} - location /metrics/synapse/worker/{{ worker.type }}-{{ worker.instanceId }} { + location /metrics/synapse/worker/{{ worker.id }} { resolver 127.0.0.11 valid=5s; - set $backend "matrix-synapse-worker-{{ worker.type }}-{{ worker.instanceId }}:{{ worker.metrics_port }}"; + set $backend "{{ worker.name }}:{{ worker.metrics_port }}"; proxy_pass http://$backend/_synapse/metrics; proxy_set_header Host $host; } diff --git a/roles/matrix-synapse/tasks/synapse/workers/init.yml b/roles/matrix-synapse/tasks/synapse/workers/init.yml index 3aa61923..fe613e70 100644 --- a/roles/matrix-synapse/tasks/synapse/workers/init.yml +++ b/roles/matrix-synapse/tasks/synapse/workers/init.yml @@ -7,18 +7,47 @@ - name: Build generic workers ansible.builtin.set_fact: worker: + id: "generic-worker-{{ item }}" + name: "matrix-synapse-worker-generic-{{ item }}" type: 'generic_worker' - instanceId: "{{ matrix_synapse_workers_generic_workers_port_range_start + item }}" + app: 'generic_worker' + webserving: true port: "{{ matrix_synapse_workers_generic_workers_port_range_start + item }}" metrics_port: "{{ matrix_synapse_workers_generic_workers_metrics_range_start + item }}" register: "matrix_synapse_workers_list_results_generic_workers" loop: "{{ range(0, matrix_synapse_workers_generic_workers_count | int) | list }}" +- name: Build stream writer workers + ansible.builtin.set_fact: + worker: + id: "stream-writer-{{ item }}-{{ item.stream }}" + # Names must not include understores. Certain stream writer streams (to_device, account_data, ..) do, so we fix them up. + name: "matrix-synapse-worker-stream-writer-{{ idx }}-{{ item.stream | replace('_', '-') }}" + type: 'stream_writer' + app: "generic_worker" + webserving: "{{ item.stream in matrix_synapse_workers_webserving_stream_writer_types }}" + stream_writer_stream: "{{ item.stream }}" + port: "{{ matrix_synapse_workers_stream_writer_workers_http_port_range_start + idx }}" + replication_port: "{{ matrix_synapse_workers_stream_writer_workers_replication_port_range_start + idx }}" + metrics_port: "{{ matrix_synapse_workers_stream_writer_workers_metrics_range_start + idx }}" + register: "matrix_synapse_workers_list_results_stream_writer_workers" + loop: "{{ matrix_synapse_workers_stream_writers }}" + loop_control: + index_var: idx + +- name: Populate matrix_synapse_stream_writers from enabled stream writer workers list + ansible.builtin.set_fact: + matrix_synapse_stream_writers: "{{ matrix_synapse_stream_writers | combine ({item.ansible_facts.worker.stream_writer_stream: [item.ansible_facts.worker.name]}) }}" + with_items: "{{ matrix_synapse_workers_list_results_stream_writer_workers.results }}" + - name: Build federation sender workers ansible.builtin.set_fact: worker: + id: "federation-sender-{{ item }}" + name: "matrix-synapse-worker-federation-sender-{{ item }}" type: 'federation_sender' - instanceId: "{{ item }}" + app: 'federation_sender' + webserving: false port: 0 metrics_port: "{{ matrix_synapse_workers_federation_sender_workers_metrics_range_start + item }}" register: "matrix_synapse_workers_list_results_federation_sender_workers" @@ -28,8 +57,11 @@ - name: Build pusher workers ansible.builtin.set_fact: worker: + id: "pusher-{{ item }}" + name: "matrix-synapse-worker-pusher-{{ item }}" type: 'pusher' - instanceId: "{{ item }}" + app: 'pusher' + webserving: false port: 0 metrics_port: "{{ matrix_synapse_workers_pusher_workers_metrics_range_start + item }}" register: "matrix_synapse_workers_list_results_pusher_workers" @@ -39,8 +71,11 @@ - name: Build appservice workers ansible.builtin.set_fact: worker: + id: "appservice-{{ item }}" + name: "matrix-synapse-worker-appservice-{{ item }}" type: 'appservice' - instanceId: "{{ item }}" + app: 'appservice' + webserving: false port: 0 metrics_port: "{{ matrix_synapse_workers_appservice_workers_metrics_range_start + item }}" register: "matrix_synapse_workers_list_results_appservice_workers" @@ -49,8 +84,11 @@ - name: Build media_repository workers ansible.builtin.set_fact: worker: + id: "media-repository-{{ item }}" + name: "matrix-synapse-worker-media-repository-{{ item }}" type: 'media_repository' - instanceId: "{{ matrix_synapse_workers_media_repository_workers_port_range_start + item }}" + app: 'media_repository' + webserving: true port: "{{ matrix_synapse_workers_media_repository_workers_port_range_start + item }}" metrics_port: "{{ matrix_synapse_workers_media_repository_workers_metrics_range_start + item }}" register: "matrix_synapse_workers_list_results_media_repository_workers" @@ -62,6 +100,8 @@ {{ matrix_synapse_workers_list_results_generic_workers.results + + matrix_synapse_workers_list_results_stream_writer_workers.results + + matrix_synapse_workers_list_results_federation_sender_workers.results + matrix_synapse_workers_list_results_pusher_workers.results diff --git a/roles/matrix-synapse/tasks/synapse/workers/util/inject_systemd_services_for_worker.yml b/roles/matrix-synapse/tasks/synapse/workers/util/inject_systemd_services_for_worker.yml deleted file mode 100644 index 2ecb3f2b..00000000 --- a/roles/matrix-synapse/tasks/synapse/workers/util/inject_systemd_services_for_worker.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -# The tasks below run before `validate_config.yml`. -# To avoid failing with a cryptic error message, we'll do validation here. -# -# This check is mostly relevant to people who explicitly define `matrix_synapse_workers_enabled_list` -# (Synapse Workers users from the earlier days of this PR - https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/456). -# -# In the future, it should be possible to remove this check. -# Our own code which dynamically builds `matrix_synapse_workers_enabled_list` does things right. -- name: Fail if instanceId not defined for worker - ansible.builtin.fail: - msg: "Synapse workers (like {{ matrix_synapse_worker_details | to_json }}) need to define an instanceId property (type + instanceId must be unique)" - when: "'instanceId' not in matrix_synapse_worker_details" - -- ansible.builtin.set_fact: - matrix_synapse_worker_systemd_service_name: "matrix-synapse-worker-{{ matrix_synapse_worker_details.type }}-{{ matrix_synapse_worker_details.instanceId }}.service" - -- ansible.builtin.set_fact: - matrix_systemd_services_list: "{{ matrix_systemd_services_list + [matrix_synapse_worker_systemd_service_name] }}" diff --git a/roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml b/roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml new file mode 100644 index 00000000..4f6b4398 --- /dev/null +++ b/roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml @@ -0,0 +1,65 @@ +--- +# The tasks below run before `validate_config.yml`. +# To avoid failing with a cryptic error message, we'll do validation here. +# +# This check is mostly relevant to people who explicitly define `matrix_synapse_workers_enabled_list` +# (Synapse Workers users from the earlier days of this PR - https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/456). +# +# In the future, it should be possible to remove this check. +# Our own code which dynamically builds `matrix_synapse_workers_enabled_list` does things right. +- name: Fail if required property not defined for worker + ansible.builtin.fail: + msg: "Synapse workers (like {{ matrix_synapse_worker_details | to_json }}) need to define a `{{ item }}` property" + with_items: + - id + - name + - type + - app + - port + - webserving + when: "item not in matrix_synapse_worker_details" + +# Names are used for container names and systemd services. +# Routing happens based on container names, so Synapse processes that try to route to workers with underscores in the name will complain. Example: +# > InvalidCodepoint Codepoint U+005F at position 46 of 'matrix-synapse-worker-stream-writer-3-account_data' not allowed +- name: Fail if worker name includes underscore + ansible.builtin.fail: + msg: "Unrecognized Synapse worker `name`: `{{ matrix_synapse_worker_details.name }}`. It must not include underscores" + when: "'_' in matrix_synapse_worker_details.name" + +- name: Fail if worker type unknown + ansible.builtin.fail: + msg: "Unrecognized Synapse worker `type`: `{{ matrix_synapse_worker_details.type }}`. Supported types are: {{ matrix_synapse_known_worker_types | join(', ') }}" + when: "matrix_synapse_worker_details.type not in matrix_synapse_known_worker_types" + +- name: Fail if worker app unknown + ansible.builtin.fail: + msg: "Unrecognized Synapse worker `app`: `{{ matrix_synapse_worker_details.app }}`. Supported types are: {{ matrix_synapse_workers_avail_list | join(', ') }}" + when: "matrix_synapse_worker_details.app not in matrix_synapse_workers_avail_list" + +- block: + - name: Fail if stream_writer_stream not defined for stream_writer worker + ansible.builtin.fail: + msg: >- + Synapse stream_writer workers (such as {{ item }}) need to define a valid `stream_writer_stream` property + (not `{{ matrix_synapse_worker_details.stream_writer_stream|default('undefined') }}`). + Supported types are: {{ matrix_synapse_workers_known_stream_writer_stream_types | join(', ') }} + when: "'stream_writer_stream' not in matrix_synapse_worker_details or matrix_synapse_worker_details.stream_writer_stream not in matrix_synapse_workers_known_stream_writer_stream_types" + + - name: Fail if replication_port not defined for stream_writer worker + ansible.builtin.fail: + msg: "Synapse background workers of type stream_writer (such as {{ item }}) need to define a valid `replication_port` property" + when: "'replication_port' not in matrix_synapse_worker_details" + when: "matrix_synapse_worker_details.type == 'stream_writer'" + +- ansible.builtin.set_fact: + matrix_systemd_services_list: "{{ matrix_systemd_services_list + [matrix_synapse_worker_details.name + '.service'] }}" + +- ansible.builtin.set_fact: + matrix_synapse_webserving_workers_systemd_services_list: "{{ matrix_synapse_webserving_workers_systemd_services_list + [matrix_synapse_worker_details.name + '.service'] }}" + when: matrix_synapse_worker_details.webserving | bool + +# Inject stream writers and various other background workers into the instance map. +- ansible.builtin.set_fact: + matrix_synapse_instance_map: "{{ matrix_synapse_instance_map | combine({matrix_synapse_worker_details.name: {'host': matrix_synapse_worker_details.name, 'port': matrix_synapse_worker_details.replication_port}}) }}" + when: matrix_synapse_worker_details.type in matrix_synapse_known_instance_map_eligible_worker_types diff --git a/roles/matrix-synapse/tasks/synapse/workers/util/setup_files_for_worker.yml b/roles/matrix-synapse/tasks/synapse/workers/util/setup_files_for_worker.yml index d6d4924f..d3f30917 100644 --- a/roles/matrix-synapse/tasks/synapse/workers/util/setup_files_for_worker.yml +++ b/roles/matrix-synapse/tasks/synapse/workers/util/setup_files_for_worker.yml @@ -1,13 +1,9 @@ --- - ansible.builtin.set_fact: - matrix_synapse_worker_systemd_service_name: "matrix-synapse-worker-{{ matrix_synapse_worker_details.type }}-{{ matrix_synapse_worker_details.instanceId }}" - -- ansible.builtin.set_fact: - matrix_synapse_worker_container_name: "{{ matrix_synapse_worker_systemd_service_name }}" - -- ansible.builtin.set_fact: - matrix_synapse_worker_config_file_name: "worker.{{ matrix_synapse_worker_details.type }}_{{ matrix_synapse_worker_details.instanceId }}.yaml" + matrix_synapse_worker_systemd_service_name: "{{ matrix_synapse_worker_details.name }}" + matrix_synapse_worker_container_name: "{{ matrix_synapse_worker_details.name }}" + matrix_synapse_worker_config_file_name: "worker.{{ matrix_synapse_worker_details.name }}.yaml" - name: Ensure configuration exists for {{ matrix_synapse_worker_systemd_service_name }} ansible.builtin.template: diff --git a/roles/matrix-synapse/tasks/validate_config.yml b/roles/matrix-synapse/tasks/validate_config.yml index bcb71c75..1fc70816 100644 --- a/roles/matrix-synapse/tasks/validate_config.yml +++ b/roles/matrix-synapse/tasks/validate_config.yml @@ -32,6 +32,11 @@ with_items: - "matrix_synapse_workers_pusher_workers_count" - "matrix_synapse_workers_federation_sender_workers_count" + - "matrix_synapse_workers_stream_writer_typing_stream_workers_count" + - "matrix_synapse_workers_stream_writer_to_device_stream_workers_count" + - "matrix_synapse_workers_stream_writer_account_data_stream_workers_count" + - "matrix_synapse_workers_stream_writer_receipts_stream_workers_count" + - "matrix_synapse_workers_stream_writer_presence_stream_workers_count" - name: (Deprecation) Catch and report renamed settings ansible.builtin.fail: diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 index 04c4b3cf..86d03be4 100644 --- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -352,13 +352,13 @@ worker_app: synapse.app.homeserver # thx https://oznetnerd.com/2017/04/18/jinja2-selectattr-filter/ # reduce the main worker's offerings to core homeserver business -{% if matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'federation_sender') | list %} +{% if matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'federation_sender') | list | length > 0 %} send_federation: false {% endif %} -{% if matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'media_repository') | list %} +{% if matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'media_repository') | list | length > 0 %} enable_media_repo: false {% endif %} -{% if matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'pusher') | list %} +{% if matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'pusher') | list | length > 0 %} start_pushers: false {% endif %} @@ -2870,6 +2870,7 @@ opentracing: # worker1: # host: localhost # port: 8034 +instance_map: {{ matrix_synapse_instance_map | to_json }} # Experimental: When using workers you can define which workers should # handle event persistence and typing notifications. Any worker @@ -2878,6 +2879,7 @@ opentracing: #stream_writers: # events: worker1 # typing: worker1 +stream_writers: {{ matrix_synapse_stream_writers | to_json }} # The worker that is used to run background tasks (e.g. cleaning up expired # data). If not provided this defaults to the main process. diff --git a/roles/matrix-synapse/templates/synapse/prometheus/external_prometheus.yml.example.j2 b/roles/matrix-synapse/templates/synapse/prometheus/external_prometheus.yml.example.j2 index b194c3c2..1501697d 100644 --- a/roles/matrix-synapse/templates/synapse/prometheus/external_prometheus.yml.example.j2 +++ b/roles/matrix-synapse/templates/synapse/prometheus/external_prometheus.yml.example.j2 @@ -24,8 +24,8 @@ scrape_configs: job: "master" index: "0" {% for worker in matrix_synapse_workers_enabled_list %} - - job_name: 'synapse-{{ worker.type }}-{{ worker.instanceId }}' - metrics_path: /metrics/synapse/worker/{{ worker.type }}-{{ worker.instanceId }} + - job_name: '{{ worker.name }}' + metrics_path: /metrics/synapse/worker/{{ worker.id }} scheme: {{ 'https' if matrix_nginx_proxy_https_enabled|default(true) else 'http' }} {% if matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_enabled|default(true) %} basic_auth: @@ -35,6 +35,7 @@ scrape_configs: static_configs: - targets: ['{{ matrix_server_fqn_matrix }}:{{ matrix_nginx_proxy_container_https_host_bind_port|default(443) if matrix_nginx_proxy_https_enabled|default(true) else matrix_nginx_proxy_container_http_host_bind_port|default(80) }}'] labels: + worker_id: {{ worker.id }} job: "{{ worker.type }}" - index: "{{ worker.instanceId }}" + app: {{ worker.app }} {% endfor %} diff --git a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 index 4a38251d..96b65a0a 100644 --- a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 +++ b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 @@ -43,7 +43,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name {{ matrix_synapse_wor {{ arg }} \ {% endfor %} {{ matrix_synapse_docker_image }} \ - run -m synapse.app.{{ matrix_synapse_worker_details.type }} -c /data/homeserver.yaml -c /data/{{ matrix_synapse_worker_config_file_name }} + run -m synapse.app.{{ matrix_synapse_worker_details.app }} -c /data/homeserver.yaml -c /data/{{ matrix_synapse_worker_config_file_name }} ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' diff --git a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 index 027114fb..eed50ad1 100644 --- a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 +++ b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 @@ -12,7 +12,7 @@ Wants={{ service }} {% if matrix_synapse_workers_enabled %} {% for matrix_synapse_worker_details in matrix_synapse_workers_enabled_list %} -Wants=matrix-synapse-worker-{{ matrix_synapse_worker_details.type }}-{{ matrix_synapse_worker_details.port }}.service +Wants={{ matrix_synapse_worker_details.name }}.service {% endfor %} {% endif %} diff --git a/roles/matrix-synapse/templates/synapse/worker.yaml.j2 b/roles/matrix-synapse/templates/synapse/worker.yaml.j2 index 33789b0c..c9637a83 100644 --- a/roles/matrix-synapse/templates/synapse/worker.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/worker.yaml.j2 @@ -1,27 +1,38 @@ #jinja2: lstrip_blocks: "True" -worker_app: synapse.app.{{ matrix_synapse_worker_details.type }} -worker_name: {{ matrix_synapse_worker_details.type ~ ':' ~ matrix_synapse_worker_details.port }} +worker_app: synapse.app.{{ matrix_synapse_worker_details.app }} +worker_name: {{ matrix_synapse_worker_details.name }} {% if matrix_synapse_replication_listener_enabled %} worker_replication_host: matrix-synapse worker_replication_http_port: {{ matrix_synapse_replication_http_port }} {% endif %} -{% set has_listeners = (matrix_synapse_worker_details.type not in [ 'appservice', 'federation_sender', 'pusher' ] or matrix_synapse_metrics_enabled) %} - {% set http_resources = [] %} -{% if matrix_synapse_worker_details.type in ['generic_worker', 'user_dir'] %} +{% if matrix_synapse_worker_details.type == 'user_dir' %} {% set http_resources = http_resources + ['client'] %} {% endif %} -{% if matrix_synapse_worker_details.type in ['generic_worker'] %} - {% set http_resources = http_resources+ ['federation'] %} +{% if matrix_synapse_worker_details.type == 'generic_worker' %} + {% set http_resources = http_resources + ['client', 'federation'] %} {% endif %} -{% if matrix_synapse_worker_details.type in ['media_repository'] %} +{# + None of the background workers need to handle federation traffic. + Only some of the stream writers need to handle client traffic. +#} +{% if matrix_synapse_worker_details.type == 'stream_writer' and matrix_synapse_worker_details.webserving %} + {% set http_resources = http_resources + ['client'] %} +{% endif %} +{% if matrix_synapse_worker_details.type == 'media_repository' %} {% set http_resources = http_resources + ['media'] %} {% endif %} -{% if http_resources|length > 0 or matrix_synapse_metrics_enabled %} +{% set replication_http_resources = [] %} +{% if matrix_synapse_worker_details.type == 'stream_writer' %} + {# All background workers need to handle replication traffic. #} + {% set replication_http_resources = replication_http_resources + ['replication'] %} +{% endif %} + +{% if http_resources|length > 0 or matrix_synapse_metrics_enabled or replication_http_resources|length > 0 %} worker_listeners: {% if http_resources|length > 0 %} - type: http @@ -36,6 +47,13 @@ worker_listeners: bind_addresses: ['0.0.0.0'] port: {{ matrix_synapse_worker_details.metrics_port }} {% endif %} +{% if replication_http_resources|length > 0 %} + - type: http + bind_addresses: ['::'] + port: {{ matrix_synapse_worker_details.replication_port }} + resources: + - names: {{ replication_http_resources|to_json }} +{% endif %} {% endif %} {% if matrix_synapse_worker_details.type == 'generic_worker' %} diff --git a/roles/matrix-synapse/vars/main.yml b/roles/matrix-synapse/vars/main.yml index 2d9b62cf..e8b0e49c 100644 --- a/roles/matrix-synapse/vars/main.yml +++ b/roles/matrix-synapse/vars/main.yml @@ -36,3 +36,58 @@ matrix_synapse_workers_generic_worker_federation_endpoints: "{{ matrix_synapse_w # matrix_synapse_workers_generic_worker_federation_endpoints_regex contains the regex used in matrix_synapse_workers_generic_worker_federation_endpoints. # It's intentionally put in a separate variable, to avoid tripping ansible-lint's var-spacing rule. matrix_synapse_workers_generic_worker_federation_endpoints_regex: '.*(/_matrix/federation|/_matrix/key).*' + +# matrix_synapse_workers_stream_writer_typing_stream_worker_client_server_endpoints contains the endpoints serviced by the `typing` stream writer. +# See: https://matrix-org.github.io/synapse/latest/workers.html#the-typing-stream +matrix_synapse_workers_stream_writer_typing_stream_worker_client_server_endpoints: + - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/typing + +# matrix_synapse_workers_stream_writer_to_device_stream_worker_client_server_endpoints contains the endpoints serviced by the `to_device` stream writer. +# See: https://matrix-org.github.io/synapse/latest/workers.html#the-to_device-stream +matrix_synapse_workers_stream_writer_to_device_stream_worker_client_server_endpoints: + - ^/_matrix/client/(r0|v3|unstable)/sendToDevice/ + +# matrix_synapse_workers_stream_writer_account_data_stream_worker_client_server_endpoints contains the endpoints serviced by the `account_data` stream writer. +# See: https://matrix-org.github.io/synapse/latest/workers.html#the-account_data-stream +matrix_synapse_workers_stream_writer_account_data_stream_worker_client_server_endpoints: + - ^/_matrix/client/(r0|v3|unstable)/.*/tags + - ^/_matrix/client/(r0|v3|unstable)/.*/account_data + +# matrix_synapse_workers_stream_writer_receipts_stream_worker_client_server_endpoints contains the endpoints serviced by the `recepts` stream writer. +# See: https://matrix-org.github.io/synapse/latest/workers.html#the-receipts-stream +matrix_synapse_workers_stream_writer_receipts_stream_worker_client_server_endpoints: + - ^/_matrix/client/(r0|v3|unstable)/rooms/.*/receipt + - ^/_matrix/client/(r0|v3|unstable)/rooms/.*/read_markers + +# matrix_synapse_workers_stream_writer_presence_stream_worker_client_server_endpoints contains the endpoints serviced by the `presence` stream writer. +# See: https://matrix-org.github.io/synapse/latest/workers.html#the-presence-stream +matrix_synapse_workers_stream_writer_presence_stream_worker_client_server_endpoints: + - ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/ + +# matrix_synapse_workers_known_stream_writer_stream_types contains the list of stream writer stream types that the playbook recognizes. +# This is used for validation purposes. If adding support for a new type, besides adding it to this list, +# don't forget to actually configure it where appropriate (see worker.yaml.j2`, the nginx proxy configuration, etc). +matrix_synapse_workers_known_stream_writer_stream_types: ['events', 'typing', 'to_device', 'account_data', 'receipts', 'presence'] + +# matrix_synapse_workers_webserving_stream_writer_types contains a list of stream writer types that serve web (client) requests. +# Not all stream writers serve web requests. Some just perform background tasks. +matrix_synapse_workers_webserving_stream_writer_types: ['typing', 'to_device', 'account_data', 'receipts', 'presence'] + +# matrix_synapse_workers_systemd_services_list contains a list of systemd services (one for each worker systemd service which serves web requests). +# This list is built during runtime. +# Not all workers serve web requests. Those that don't won't be injected here. +matrix_synapse_webserving_workers_systemd_services_list: [] + +# matrix_synapse_known_worker_types contains the list of known worker types. +# A worker type is different than a worker app (e.g. `generic_worker`). +# For example, the `stream_writer` worker type is served by the `generic_worker` app, but is a separate type that we recognize. +matrix_synapse_known_worker_types: | + {{ + matrix_synapse_workers_avail_list + + + ['stream_writer'] + }} + +# matrix_synapse_known_instance_map_eligible_worker_types contains the list of worker types that are to be injected into `matrix_synapse_instance_map`. +matrix_synapse_known_instance_map_eligible_worker_types: + - stream_writer From ec654ca91ee32dcac5fefd5d750bb6aa4e47896f Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 15 Sep 2022 08:13:08 +0300 Subject: [PATCH 305/562] Add support for multiple federation sender workers --- CHANGELOG.md | 8 +++++++- roles/matrix-synapse/defaults/main.yml | 13 +++++++++++-- roles/matrix-synapse/tasks/synapse/workers/init.yml | 7 +++++++ roles/matrix-synapse/tasks/validate_config.yml | 1 - .../templates/synapse/homeserver.yaml.j2 | 5 ++--- 5 files changed, 27 insertions(+), 7 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 2b9b149e..4a1fbb2d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,7 +4,8 @@ People who are interested in running a Synapse worker setup should know that **our Synapse worker implementation is much more powerful now**: -- we've added [Stream writers support](#stream-writers-support) +- we've added support for [Stream writers](#stream-writers-support) +- we've added support for [multiple federation sender workers](#multiple-federation-sender-workers-support) - see the [Potential Backward Incompatibilities after these Synapse worker changes](#potential-backward-incompatibilities-after-these-synapse-worker-changes) ### Stream writers support @@ -26,6 +27,11 @@ matrix_synapse_workers_stream_writer_receipts_stream_workers_count: 1 matrix_synapse_workers_stream_writer_presence_stream_workers_count: 1 ``` +### Multiple federation sender workers support + +Until now, we only supported a single `federation_sender` worker (`matrix_synapse_workers_federation_sender_workers_count` could either be `0` or `1`). +From now on, you can have as many as you want to help with your federation traffic. + ### Potential Backward Incompatibilities after these Synapse worker changes Below we'll discuss **potential backward incompatibilities**. diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 4213c4f1..6349fa6f 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -510,12 +510,21 @@ matrix_synapse_workers_pusher_workers_metrics_range_start: 19200 matrix_synapse_workers_appservice_workers_count: 0 matrix_synapse_workers_appservice_workers_metrics_range_start: 19300 -# matrix_synapse_workers_federation_sender_workers_count can only be 0 or 1 for now. -# More instances are not supported due to a playbook limitation having to do with keeping `federation_sender_instances` in `homeserver.yaml` updated. +# matrix_synapse_workers_federation_sender_workers_count controls the number of federation sender workers to spawn. # See https://github.com/matrix-org/synapse/blob/master/docs/workers.md#synapseappfederation_sender matrix_synapse_workers_federation_sender_workers_count: "{{ matrix_synapse_workers_presets[matrix_synapse_workers_preset]['federation_sender_workers_count'] }}" matrix_synapse_workers_federation_sender_workers_metrics_range_start: 19400 +# matrix_synapse_federation_sender_instances populates the `federation_sender_instances` Synapse configuration used when Synapse workers are in use (`matrix_synapse_workers_enabled`). +# What you see below is an initial default value which will be adjusted at runtime based on the value of `matrix_synapse_workers_federation_sender_workers_count` or `matrix_synapse_workers_enabled_list`. +# Adjusting this value manually is generally not necessary. +matrix_synapse_federation_sender_instances: [] + +# matrix_synapse_send_federation controls if theh main Synapse process should send federation traffic. +# This is allowed if workers are disabled, or if there are no federation sender workers. +# Adjusting this value manually is generally not necessary. +matrix_synapse_send_federation: "{{ not matrix_synapse_workers_enabled or (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'federation_sender') | list | length > 0) }}" + matrix_synapse_workers_media_repository_workers_count: "{{ matrix_synapse_workers_presets[matrix_synapse_workers_preset]['media_repository_workers_count'] }}" matrix_synapse_workers_media_repository_workers_port_range_start: 18551 matrix_synapse_workers_media_repository_workers_metrics_range_start: 19551 diff --git a/roles/matrix-synapse/tasks/synapse/workers/init.yml b/roles/matrix-synapse/tasks/synapse/workers/init.yml index fe613e70..6ab6784f 100644 --- a/roles/matrix-synapse/tasks/synapse/workers/init.yml +++ b/roles/matrix-synapse/tasks/synapse/workers/init.yml @@ -53,6 +53,13 @@ register: "matrix_synapse_workers_list_results_federation_sender_workers" loop: "{{ range(0, matrix_synapse_workers_federation_sender_workers_count | int) | list }}" +- name: Populate matrix_synapse_federation_sender_instances from enabled federation sender workers list + ansible.builtin.set_fact: + matrix_synapse_federation_sender_instances: "{{ matrix_synapse_federation_sender_instances + [item.ansible_facts.worker.name] }}" + with_items: "{{ matrix_synapse_workers_list_results_federation_sender_workers.results }}" + +- debug: var="matrix_synapse_federation_sender_instances" + # This type of worker can only have a count of 1, at most - name: Build pusher workers ansible.builtin.set_fact: diff --git a/roles/matrix-synapse/tasks/validate_config.yml b/roles/matrix-synapse/tasks/validate_config.yml index 1fc70816..04a04cd5 100644 --- a/roles/matrix-synapse/tasks/validate_config.yml +++ b/roles/matrix-synapse/tasks/validate_config.yml @@ -31,7 +31,6 @@ when: "vars[item]|int > 1" with_items: - "matrix_synapse_workers_pusher_workers_count" - - "matrix_synapse_workers_federation_sender_workers_count" - "matrix_synapse_workers_stream_writer_typing_stream_workers_count" - "matrix_synapse_workers_stream_writer_to_device_stream_workers_count" - "matrix_synapse_workers_stream_writer_account_data_stream_workers_count" diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 index 86d03be4..9f6679fc 100644 --- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -352,9 +352,6 @@ worker_app: synapse.app.homeserver # thx https://oznetnerd.com/2017/04/18/jinja2-selectattr-filter/ # reduce the main worker's offerings to core homeserver business -{% if matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'federation_sender') | list | length > 0 %} -send_federation: false -{% endif %} {% if matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'media_repository') | list | length > 0 %} enable_media_repo: false {% endif %} @@ -2851,6 +2848,7 @@ opentracing: # Uncomment if using a federation sender worker. # #send_federation: false +send_federation: {{ matrix_synapse_send_federation | to_json }} # It is possible to run multiple federation sender workers, in which case the # work is balanced across them. @@ -2862,6 +2860,7 @@ opentracing: # #federation_sender_instances: # - federation_sender1 +federation_sender_instances: {{ matrix_synapse_federation_sender_instances | to_json }} # When using workers this should be a map from `worker_name` to the # HTTP replication listener of the worker, if configured. From 22cf259155e0a3cac5d0d53fd330e7ea028bcf13 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 15 Sep 2022 08:14:47 +0300 Subject: [PATCH 306/562] Put common worker configuration options at the top --- .../templates/synapse/worker.yaml.j2 | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/roles/matrix-synapse/templates/synapse/worker.yaml.j2 b/roles/matrix-synapse/templates/synapse/worker.yaml.j2 index c9637a83..2b0df98d 100644 --- a/roles/matrix-synapse/templates/synapse/worker.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/worker.yaml.j2 @@ -2,11 +2,18 @@ worker_app: synapse.app.{{ matrix_synapse_worker_details.app }} worker_name: {{ matrix_synapse_worker_details.name }} +worker_daemonize: false +worker_log_config: /data/{{ matrix_server_fqn_matrix }}.log.config + {% if matrix_synapse_replication_listener_enabled %} worker_replication_host: matrix-synapse worker_replication_http_port: {{ matrix_synapse_replication_http_port }} {% endif %} +{% if matrix_synapse_worker_details.type == 'generic_worker' %} +worker_main_http_uri: http://matrix-synapse:{{ matrix_synapse_container_client_api_port }} +{% endif %} + {% set http_resources = [] %} {% if matrix_synapse_worker_details.type == 'user_dir' %} @@ -55,10 +62,3 @@ worker_listeners: - names: {{ replication_http_resources|to_json }} {% endif %} {% endif %} - -{% if matrix_synapse_worker_details.type == 'generic_worker' %} -worker_main_http_uri: http://matrix-synapse:{{ matrix_synapse_container_client_api_port }} -{% endif %} - -worker_daemonize: false -worker_log_config: /data/{{ matrix_server_fqn_matrix }}.log.config From b842447047be77bcf209d9f3ed0609e063b8a192 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 15 Sep 2022 08:32:55 +0300 Subject: [PATCH 307/562] Add support for multiple pusher workers --- CHANGELOG.md | 7 +++++++ roles/matrix-synapse/defaults/main.yml | 19 ++++++++++++++----- .../matrix-synapse/tasks/validate_config.yml | 3 +-- .../templates/synapse/homeserver.yaml.j2 | 6 +++--- 4 files changed, 25 insertions(+), 10 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4a1fbb2d..90b9b8f7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,7 @@ People who are interested in running a Synapse worker setup should know that **o - we've added support for [Stream writers](#stream-writers-support) - we've added support for [multiple federation sender workers](#multiple-federation-sender-workers-support) +- we've added support for [multiple pusher workers](#multiple-pusher-workers-support) - see the [Potential Backward Incompatibilities after these Synapse worker changes](#potential-backward-incompatibilities-after-these-synapse-worker-changes) ### Stream writers support @@ -32,6 +33,12 @@ matrix_synapse_workers_stream_writer_presence_stream_workers_count: 1 Until now, we only supported a single `federation_sender` worker (`matrix_synapse_workers_federation_sender_workers_count` could either be `0` or `1`). From now on, you can have as many as you want to help with your federation traffic. +### Multiple pusher workers support + +Until now, we only supported a single `pusher` worker (`matrix_synapse_workers_pusher_workers_count` could either be `0` or `1`). +From now on, you can have as many as you want to help with pushing notifications out. + + ### Potential Backward Incompatibilities after these Synapse worker changes Below we'll discuss **potential backward incompatibilities**. diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 6349fa6f..ca84ff38 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -498,12 +498,21 @@ matrix_synapse_workers_stream_writer_workers_http_port_range_start: 20011 matrix_synapse_workers_stream_writer_workers_replication_port_range_start: 25011 matrix_synapse_workers_stream_writer_workers_metrics_range_start: 19111 -# matrix_synapse_workers_pusher_workers_count can only be 0 or 1 for now. -# More instances are not supported due to a playbook limitation having to do with keeping `pusher_instances` in `homeserver.yaml` updated. -# See https://github.com/matrix-org/synapse/commit/ddfdf945064925eba761ae3748e38f3a1c73c328 +# matrix_synapse_workers_pusher_workers_count controls the number of pusher workers (workers who push out notifications) to spawn. +# See https://matrix-org.github.io/synapse/latest/workers.html#synapseapppusher matrix_synapse_workers_pusher_workers_count: "{{ matrix_synapse_workers_presets[matrix_synapse_workers_preset]['pusher_workers_count'] }}" matrix_synapse_workers_pusher_workers_metrics_range_start: 19200 +# matrix_synapse_federation_pusher_instances populates the `pusher_instances` Synapse configuration used when Synapse workers are in use (`matrix_synapse_workers_enabled`). +# What you see below is an initial default value which will be adjusted at runtime based on the value of `matrix_synapse_workers_pusher_workers_count` or `matrix_synapse_workers_enabled_list`. +# Adjusting this value manually is generally not necessary. +matrix_synapse_federation_pusher_instances: [] + +# matrix_synapse_start_pushers controls if theh main Synapse process should push out notifications or if it should be left to pusher workers (see `matrix_synapse_federation_pusher_instances`). +# This is allowed if workers are disabled, or if there are no pusher workers. +# Adjusting this value manually is generally not necessary. +matrix_synapse_start_pushers: "{{ not matrix_synapse_workers_enabled or (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'pusher') | list | length > 0) }}" + # matrix_synapse_workers_appservice_workers_count can only be 0 or 1. More instances are not supported. # appservice workers are deprecated since Synapse v1.59. This will be removed. # See: https://github.com/matrix-org/synapse/blob/v1.59.0/docs/upgrade.md#deprecation-of-the-synapseappappservice-and-synapseappuser_dir-worker-application-types @@ -511,7 +520,7 @@ matrix_synapse_workers_appservice_workers_count: 0 matrix_synapse_workers_appservice_workers_metrics_range_start: 19300 # matrix_synapse_workers_federation_sender_workers_count controls the number of federation sender workers to spawn. -# See https://github.com/matrix-org/synapse/blob/master/docs/workers.md#synapseappfederation_sender +# See https://matrix-org.github.io/synapse/latest/workers.html#synapseappfederation_sender matrix_synapse_workers_federation_sender_workers_count: "{{ matrix_synapse_workers_presets[matrix_synapse_workers_preset]['federation_sender_workers_count'] }}" matrix_synapse_workers_federation_sender_workers_metrics_range_start: 19400 @@ -520,7 +529,7 @@ matrix_synapse_workers_federation_sender_workers_metrics_range_start: 19400 # Adjusting this value manually is generally not necessary. matrix_synapse_federation_sender_instances: [] -# matrix_synapse_send_federation controls if theh main Synapse process should send federation traffic. +# matrix_synapse_send_federation controls if theh main Synapse process should send federation traffic or if it should be left to federation_sender workers (see `matrix_synapse_federation_sender_instances`). # This is allowed if workers are disabled, or if there are no federation sender workers. # Adjusting this value manually is generally not necessary. matrix_synapse_send_federation: "{{ not matrix_synapse_workers_enabled or (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'federation_sender') | list | length > 0) }}" diff --git a/roles/matrix-synapse/tasks/validate_config.yml b/roles/matrix-synapse/tasks/validate_config.yml index 04a04cd5..faab7daa 100644 --- a/roles/matrix-synapse/tasks/validate_config.yml +++ b/roles/matrix-synapse/tasks/validate_config.yml @@ -12,7 +12,7 @@ - "matrix_synapse_database_password" - "matrix_synapse_database_database" -- name: Fail if asking to configure deprecaed workers (appservice, userdir) +- name: Fail if asking to configure deprecated workers (appservice, userdir) ansible.builtin.fail: msg: >- `{{ item }}` cannot be more than 0. @@ -30,7 +30,6 @@ `{{ item }}` cannot be more than 1. This is a single-instance worker. when: "vars[item]|int > 1" with_items: - - "matrix_synapse_workers_pusher_workers_count" - "matrix_synapse_workers_stream_writer_typing_stream_workers_count" - "matrix_synapse_workers_stream_writer_to_device_stream_workers_count" - "matrix_synapse_workers_stream_writer_account_data_stream_workers_count" diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 index 9f6679fc..5e60f1c0 100644 --- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -355,9 +355,6 @@ worker_app: synapse.app.homeserver {% if matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'media_repository') | list | length > 0 %} enable_media_repo: false {% endif %} -{% if matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'pusher') | list | length > 0 %} -start_pushers: false -{% endif %} daemonize: false {% endif %} @@ -2862,6 +2859,9 @@ send_federation: {{ matrix_synapse_send_federation | to_json }} # - federation_sender1 federation_sender_instances: {{ matrix_synapse_federation_sender_instances | to_json }} +pusher_instances: {{ matrix_synapse_federation_pusher_instances | to_json }} +start_pushers: {{ matrix_synapse_start_pushers | to_json }} + # When using workers this should be a map from `worker_name` to the # HTTP replication listener of the worker, if configured. # From 8cd7c1ec2f85d80659f33fe7334f4a4ddfd34ac4 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 15 Sep 2022 08:37:19 +0300 Subject: [PATCH 308/562] Relocate enable_media_repo and make it configurable via matrix_synapse_enable_media_repo .. although.. manual configuration is discouraged in most cases. --- roles/matrix-synapse/defaults/main.yml | 11 ++++++++--- .../templates/synapse/homeserver.yaml.j2 | 8 +------- 2 files changed, 9 insertions(+), 10 deletions(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index ca84ff38..05cd767a 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -508,8 +508,8 @@ matrix_synapse_workers_pusher_workers_metrics_range_start: 19200 # Adjusting this value manually is generally not necessary. matrix_synapse_federation_pusher_instances: [] -# matrix_synapse_start_pushers controls if theh main Synapse process should push out notifications or if it should be left to pusher workers (see `matrix_synapse_federation_pusher_instances`). -# This is allowed if workers are disabled, or if there are no pusher workers. +# matrix_synapse_start_pushers controls if the main Synapse process should push out notifications or if it should be left to pusher workers (see `matrix_synapse_federation_pusher_instances`). +# This is enabled if workers are disabled, or if there are no pusher workers. # Adjusting this value manually is generally not necessary. matrix_synapse_start_pushers: "{{ not matrix_synapse_workers_enabled or (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'pusher') | list | length > 0) }}" @@ -529,7 +529,7 @@ matrix_synapse_workers_federation_sender_workers_metrics_range_start: 19400 # Adjusting this value manually is generally not necessary. matrix_synapse_federation_sender_instances: [] -# matrix_synapse_send_federation controls if theh main Synapse process should send federation traffic or if it should be left to federation_sender workers (see `matrix_synapse_federation_sender_instances`). +# matrix_synapse_send_federation controls if the main Synapse process should send federation traffic or if it should be left to federation_sender workers (see `matrix_synapse_federation_sender_instances`). # This is allowed if workers are disabled, or if there are no federation sender workers. # Adjusting this value manually is generally not necessary. matrix_synapse_send_federation: "{{ not matrix_synapse_workers_enabled or (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'federation_sender') | list | length > 0) }}" @@ -538,6 +538,11 @@ matrix_synapse_workers_media_repository_workers_count: "{{ matrix_synapse_worker matrix_synapse_workers_media_repository_workers_port_range_start: 18551 matrix_synapse_workers_media_repository_workers_metrics_range_start: 19551 +# matrix_synapse_enable_media_repo controls if the main Synapse process should serve media repository endpoints or if it should be left to media_repository workers (see `matrix_synapse_workers_media_repository_workers_count`). +# This is enabled if workers are disabled, or if there are no media repository workers. +# Adjusting this value manually is generally not necessary. +matrix_synapse_enable_media_repo: "{{ not matrix_synapse_workers_enabled or (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'media_repository') | list | length > 0) }}" + # Disabled until https://github.com/matrix-org/synapse/issues/8787 is resolved. # user_dir workers are deprecated since Synapse v1.59. This will be removed. # See: https://github.com/matrix-org/synapse/blob/v1.59.0/docs/upgrade.md#deprecation-of-the-synapseappappservice-and-synapseappuser_dir-worker-application-types diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 index 5e60f1c0..a635559f 100644 --- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -349,13 +349,6 @@ listeners: # c.f. https://github.com/matrix-org/synapse/tree/master/contrib/systemd-with-workers/README.md worker_app: synapse.app.homeserver - -# thx https://oznetnerd.com/2017/04/18/jinja2-selectattr-filter/ -# reduce the main worker's offerings to core homeserver business -{% if matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'media_repository') | list | length > 0 %} -enable_media_repo: false -{% endif %} - daemonize: false {% endif %} @@ -1017,6 +1010,7 @@ federation_rr_transactions_per_room_per_second: {{ matrix_synapse_federation_rr_ # following if you are using a separate media store worker. # #enable_media_repo: false +enable_media_repo: {{ matrix_synapse_enable_media_repo | to_json }} # Directory where uploaded images and attachments are stored. # From 5f3f460cda5653232087c146b4cd0fa74dff1c96 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 15 Sep 2022 10:00:57 +0300 Subject: [PATCH 309/562] Restore support for appservice and user_dir workers --- CHANGELOG.md | 25 +++++++++++- group_vars/matrix_servers | 2 +- .../nginx/conf.d/matrix-synapse.conf.j2 | 5 ++- roles/matrix-synapse/defaults/main.yml | 38 ++++++++++--------- .../tasks/synapse/workers/init.yml | 20 ++++++++-- .../synapse/workers/util/inject_worker.yml | 2 +- .../matrix-synapse/tasks/validate_config.yml | 14 +------ .../templates/synapse/homeserver.yaml.j2 | 8 ++++ roles/matrix-synapse/vars/main.yml | 23 +++++++++-- roles/matrix-synapse/vars/workers.yml | 4 +- 10 files changed, 100 insertions(+), 41 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 90b9b8f7..37032735 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,12 +1,14 @@ # 2022-09-15 -## (Potential Backward Compatibility Break) Major changes to Synapse workers +## (Potential Backward Compatibility Break) Major improvements to Synapse workers People who are interested in running a Synapse worker setup should know that **our Synapse worker implementation is much more powerful now**: - we've added support for [Stream writers](#stream-writers-support) - we've added support for [multiple federation sender workers](#multiple-federation-sender-workers-support) - we've added support for [multiple pusher workers](#multiple-pusher-workers-support) +- we've restored support for [`appservice` workers](#appservice-worker-support-is-back) +- we've restored support for [`user_dir` workers](#user-directory-worker-support-is-back) - see the [Potential Backward Incompatibilities after these Synapse worker changes](#potential-backward-incompatibilities-after-these-synapse-worker-changes) ### Stream writers support @@ -38,6 +40,25 @@ From now on, you can have as many as you want to help with your federation traff Until now, we only supported a single `pusher` worker (`matrix_synapse_workers_pusher_workers_count` could either be `0` or `1`). From now on, you can have as many as you want to help with pushing notifications out. +### Appservice worker support is back + +We previously had an `appservice` worker type, which [Synapse deprecated in v1.59.0](https://github.com/matrix-org/synapse/blob/v1.59.0/docs/upgrade.md#deprecation-of-the-synapseappappservice-and-synapseappuser_dir-worker-application-types). So did we, at the time. + +The new way to implement such workers is by using a `generic_worker` and dedicating it to the task of talking to Application Services. +From now on, we have support for this. + +With `matrix_synapse_workers_preset: one-of-each`, you'll get one `appserice` worker automatically. +You can also control the `appserice` workers count with `matrix_synapse_workers_appserice_workers_count`. Only `0` or `1` workers of this type are supported by Synapse. + +### User Directory worker support is back + +We previously had a `user_dir` worker type, which [Synapse deprecated in v1.59.0](https://github.com/matrix-org/synapse/blob/v1.59.0/docs/upgrade.md#deprecation-of-the-synapseappappservice-and-synapseappuser_dir-worker-application-types). So did we, at the time. + +The new way to implement such workers is by using a `generic_worker` and dedicating it to the task of serving the user directory. +From now on, we have support for this. + +With `matrix_synapse_workers_preset: one-of-each`, you'll get one `user_dir` worker automatically. +You can also control the `user_dir` workers count with `matrix_synapse_workers_user_dir_workers_count`. Only `0` or `1` workers of this type are supported by Synapse. ### Potential Backward Incompatibilities after these Synapse worker changes @@ -45,6 +66,8 @@ Below we'll discuss **potential backward incompatibilities**. - **Worker names** (container names, systemd services, worker configuration files) **have changed**. Workers are now labeled sequentially (e.g. `matrix-synapse-worker_generic_worker-18111` -> `matrix-synapse-worker-generic-0`). The playbook will handle these changes automatically. +- Due to increased worker types support above, people who use `matrix_synapse_workers_preset: one-of-each` should be aware that with these changes, **the playbook will deploy 8 additional workers** (6 stream writers, 1 `appservice` worker, 1 `user_dir` worker). This **may increase RAM/CPU usage**, etc. If you find your server struggling, consider disabling some workers with the appropriate `matrix_synapse_workers_*_workers_count` variables. + - **Metric endpoints have also changed** (`/metrics/synapse/worker/generic_worker-18111` -> `/metrics/synapse/worker/generic-worker-0`). If you're [collecting metrics to an external Prometheus server](docs/configuring-playbook-prometheus-grafana.md#collecting-metrics-to-an-external-prometheus-server), consider revisiting our [Collecting Synapse worker metrics to an external Prometheus server](docs/configuring-playbook-prometheus-grafana.md#collecting-synapse-worker-metrics-to-an-external-prometheus-server) docs and updating your Prometheus configuration. **If you're collecting metrics to the integrated Prometheus server** (not enabled by default), **your Prometheus configuration will be updated automatically**. Old data (from before this change) may stick around though. - **the format of `matrix_synapse_workers_enabled_list` has changed**. You were never advised to use this variable for directly creating workers (we advise people to control workers using `matrix_synapse_workers_preset` or by tweaking `matrix_synapse_workers_*_workers_count` variables only), but some people may have started using the `matrix_synapse_workers_enabled_list` variable to gain more control over workers. If you're one of them, you'll need to adjust its value. See `roles/matrix-synapse/defaults/main.yml` for more information on the new format. The playbook will also do basic validation and complain if you got something wrong. diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index e891a3d9..78d1ed68 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1766,7 +1766,7 @@ matrix_nginx_proxy_synapse_stream_writer_account_data_stream_worker_client_serve matrix_nginx_proxy_synapse_stream_writer_receipts_stream_worker_client_server_locations: "{{ matrix_synapse_workers_stream_writer_receipts_stream_worker_client_server_endpoints }}" matrix_nginx_proxy_synapse_stream_writer_presence_stream_worker_client_server_locations: "{{ matrix_synapse_workers_stream_writer_presence_stream_worker_client_server_endpoints }}" matrix_nginx_proxy_synapse_media_repository_locations: "{{matrix_synapse_workers_media_repository_endpoints|default([]) }}" -matrix_nginx_proxy_synapse_user_dir_locations: "{{ matrix_synapse_workers_user_dir_endpoints|default([]) }}" +matrix_nginx_proxy_synapse_user_dir_locations: "{{ matrix_synapse_workers_user_dir_worker_client_server_endpoints|default([]) }}" matrix_nginx_proxy_systemd_wanted_services_list: | {{ diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 index bbce7462..488ced5a 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 @@ -133,8 +133,9 @@ server { {% endif %} {% if user_dir_workers | length > 0 %} - # FIXME: obsolete if matrix_nginx_proxy_proxy_matrix_user_directory_search_enabled is set - # https://github.com/matrix-org/synapse/blob/master/docs/workers.md#synapseappuser_dir + # https://matrix-org.github.io/synapse/latest/workers.html#updating-the-user-directory + # If matrix_nginx_proxy_proxy_matrix_user_directory_search_enabled is set, requests may not reach here, + # but could be captured early on (see `matrix-domain.conf.j2`) and forwarded elsewhere (to an identity server, etc.). {{ render_locations_to_upstream(matrix_nginx_proxy_synapse_user_dir_locations, 'user_dir_workers_upstream') }} {% endif %} {# Workers redirects END #} diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 05cd767a..7f6ce40f 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -394,9 +394,9 @@ matrix_synapse_workers_presets: little-federation-helper: generic_workers_count: 0 pusher_workers_count: 0 - appservice_workers_count: 0 federation_sender_workers_count: 1 media_repository_workers_count: 0 + appservice_workers_count: 0 user_dir_workers_count: 0 stream_writer_events_stream_workers_count: 0 stream_writer_typing_stream_workers_count: 0 @@ -407,14 +407,10 @@ matrix_synapse_workers_presets: one-of-each: generic_workers_count: 1 pusher_workers_count: 1 - # appservice workers are deprecated since Synapse v1.59. This will be removed. - appservice_workers_count: 0 federation_sender_workers_count: 1 media_repository_workers_count: 1 - # Disabled until https://github.com/matrix-org/synapse/issues/8787 is resolved. - # user_dir workers are deprecated since Synapse v1.59. This will be removed. - # See: https://github.com/matrix-org/synapse/blob/v1.59.0/docs/upgrade.md#deprecation-of-the-synapseappappservice-and-synapseappuser_dir-worker-application-types - user_dir_workers_count: 0 + appservice_workers_count: 1 + user_dir_workers_count: 1 stream_writer_events_stream_workers_count: 1 stream_writer_typing_stream_workers_count: 1 stream_writer_to_device_stream_workers_count: 1 @@ -513,12 +509,6 @@ matrix_synapse_federation_pusher_instances: [] # Adjusting this value manually is generally not necessary. matrix_synapse_start_pushers: "{{ not matrix_synapse_workers_enabled or (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'pusher') | list | length > 0) }}" -# matrix_synapse_workers_appservice_workers_count can only be 0 or 1. More instances are not supported. -# appservice workers are deprecated since Synapse v1.59. This will be removed. -# See: https://github.com/matrix-org/synapse/blob/v1.59.0/docs/upgrade.md#deprecation-of-the-synapseappappservice-and-synapseappuser_dir-worker-application-types -matrix_synapse_workers_appservice_workers_count: 0 -matrix_synapse_workers_appservice_workers_metrics_range_start: 19300 - # matrix_synapse_workers_federation_sender_workers_count controls the number of federation sender workers to spawn. # See https://matrix-org.github.io/synapse/latest/workers.html#synapseappfederation_sender matrix_synapse_workers_federation_sender_workers_count: "{{ matrix_synapse_workers_presets[matrix_synapse_workers_preset]['federation_sender_workers_count'] }}" @@ -543,13 +533,27 @@ matrix_synapse_workers_media_repository_workers_metrics_range_start: 19551 # Adjusting this value manually is generally not necessary. matrix_synapse_enable_media_repo: "{{ not matrix_synapse_workers_enabled or (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'media_repository') | list | length > 0) }}" -# Disabled until https://github.com/matrix-org/synapse/issues/8787 is resolved. -# user_dir workers are deprecated since Synapse v1.59. This will be removed. -# See: https://github.com/matrix-org/synapse/blob/v1.59.0/docs/upgrade.md#deprecation-of-the-synapseappappservice-and-synapseappuser_dir-worker-application-types -matrix_synapse_workers_user_dir_workers_count: 0 +# matrix_synapse_workers_appservice_workers_count can only be 0 or 1. More instances are not supported. +# appservice workers were deprecated since Synapse v1.59 (see: https://github.com/matrix-org/synapse/blob/v1.59.0/docs/upgrade.md#deprecation-of-the-synapseappappservice-and-synapseappuser_dir-worker-application-types). +# Our implementation uses generic worker services and assigns them to perform appservice work using the `notify_appservices_from_worker` Synapse option. +matrix_synapse_workers_appservice_workers_count: "{{ matrix_synapse_workers_presets[matrix_synapse_workers_preset]['appservice_workers_count'] }}" +matrix_synapse_workers_appservice_workers_metrics_range_start: 19300 + +# matrix_synapse_notify_appservices_from_worker populates the `notify_appservices_from_worker` Synapse configuration used when Synapse workers are in use (`matrix_synapse_workers_enabled`). +# `notify_appservices_from_worker` is meant to point to a worker, which is dedicated to sending output traffic to Application Services. +matrix_synapse_notify_appservices_from_worker: "{{ (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'appservice') | list)[0].name if (matrix_synapse_workers_enabled and matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'appservice') | list | length > 0) else '' }}" + +# matrix_synapse_workers_user_dir_workers_count can only be 0 or 1. More instances are not supported. +# user_dir workers were deprecated since Synapse v1.59 (see: https://github.com/matrix-org/synapse/blob/v1.59.0/docs/upgrade.md#deprecation-of-the-synapseappappservice-and-synapseappuser_dir-worker-application-types). +# Our implementation uses generic worker services and assigns them to perform appservice work using the `update_user_directory_from_worker` Synapse option. +matrix_synapse_workers_user_dir_workers_count: "{{ matrix_synapse_workers_presets[matrix_synapse_workers_preset]['user_dir_workers_count'] }}" matrix_synapse_workers_user_dir_workers_port_range_start: 18661 matrix_synapse_workers_user_dir_workers_metrics_range_start: 19661 +# matrix_synapse_update_user_directory_from_worker populates the `update_user_directory_from_worker` Synapse configuration used when Synapse workers are in use (`matrix_synapse_workers_enabled`). +# `update_user_directory_from_worker` is meant to point to a worker, which is dedicated to updating the user directory and servicing some user directory URL endpoints (`matrix_synapse_workers_user_dir_worker_client_server_endpoints`). +matrix_synapse_update_user_directory_from_worker: "{{ (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'user_dir') | list)[0].name if (matrix_synapse_workers_enabled and matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'user_dir') | list | length > 0) else '' }}" + # Default list of workers to spawn. # # Unless you populate this manually, this list is dynamically generated diff --git a/roles/matrix-synapse/tasks/synapse/workers/init.yml b/roles/matrix-synapse/tasks/synapse/workers/init.yml index 6ab6784f..c5a53297 100644 --- a/roles/matrix-synapse/tasks/synapse/workers/init.yml +++ b/roles/matrix-synapse/tasks/synapse/workers/init.yml @@ -58,8 +58,6 @@ matrix_synapse_federation_sender_instances: "{{ matrix_synapse_federation_sender_instances + [item.ansible_facts.worker.name] }}" with_items: "{{ matrix_synapse_workers_list_results_federation_sender_workers.results }}" -- debug: var="matrix_synapse_federation_sender_instances" - # This type of worker can only have a count of 1, at most - name: Build pusher workers ansible.builtin.set_fact: @@ -81,13 +79,27 @@ id: "appservice-{{ item }}" name: "matrix-synapse-worker-appservice-{{ item }}" type: 'appservice' - app: 'appservice' + app: 'generic_worker' webserving: false port: 0 metrics_port: "{{ matrix_synapse_workers_appservice_workers_metrics_range_start + item }}" register: "matrix_synapse_workers_list_results_appservice_workers" loop: "{{ range(0, matrix_synapse_workers_appservice_workers_count | int) | list }}" +# This type of worker can only have a count of 1, at most +- name: Build user_dir workers + ansible.builtin.set_fact: + worker: + id: "user-dir-{{ item }}" + name: "matrix-synapse-worker-user-dir-{{ item }}" + type: 'user_dir' + app: 'generic_worker' + webserving: true + port: "{{ matrix_synapse_workers_user_dir_workers_port_range_start + item }}" + metrics_port: "{{ matrix_synapse_workers_user_dir_workers_metrics_range_start + item }}" + register: "matrix_synapse_workers_list_results_user_dir_workers" + loop: "{{ range(0, matrix_synapse_workers_user_dir_workers_count | int) | list }}" + - name: Build media_repository workers ansible.builtin.set_fact: worker: @@ -115,6 +127,8 @@ + matrix_synapse_workers_list_results_appservice_workers.results + + matrix_synapse_workers_list_results_user_dir_workers.results + + matrix_synapse_workers_list_results_media_repository_workers.results }} diff --git a/roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml b/roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml index 4f6b4398..0a52db32 100644 --- a/roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml +++ b/roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml @@ -59,7 +59,7 @@ matrix_synapse_webserving_workers_systemd_services_list: "{{ matrix_synapse_webserving_workers_systemd_services_list + [matrix_synapse_worker_details.name + '.service'] }}" when: matrix_synapse_worker_details.webserving | bool -# Inject stream writers and various other background workers into the instance map. +# Inject stream writers into the instance map. - ansible.builtin.set_fact: matrix_synapse_instance_map: "{{ matrix_synapse_instance_map | combine({matrix_synapse_worker_details.name: {'host': matrix_synapse_worker_details.name, 'port': matrix_synapse_worker_details.replication_port}}) }}" when: matrix_synapse_worker_details.type in matrix_synapse_known_instance_map_eligible_worker_types diff --git a/roles/matrix-synapse/tasks/validate_config.yml b/roles/matrix-synapse/tasks/validate_config.yml index faab7daa..f6b1fe68 100644 --- a/roles/matrix-synapse/tasks/validate_config.yml +++ b/roles/matrix-synapse/tasks/validate_config.yml @@ -12,24 +12,14 @@ - "matrix_synapse_database_password" - "matrix_synapse_database_database" -- name: Fail if asking to configure deprecated workers (appservice, userdir) - ansible.builtin.fail: - msg: >- - `{{ item }}` cannot be more than 0. - This type of worker has been deprecated since Synapse v1.59. - Please remove your `{{ item }}` configuration to solve this problem. - See: https://github.com/matrix-org/synapse/blob/v1.59.0/docs/upgrade.md#deprecation-of-the-synapseappappservice-and-synapseappuser_dir-worker-application-types - when: "vars[item]|int != 0" - with_items: - - "matrix_synapse_workers_appservice_workers_count" - - "matrix_synapse_workers_user_dir_workers_count" - - name: Fail if asking for more than 1 instance of single-instance workers ansible.builtin.fail: msg: >- `{{ item }}` cannot be more than 1. This is a single-instance worker. when: "vars[item]|int > 1" with_items: + - "matrix_synapse_workers_appservice_workers_count" + - "matrix_synapse_workers_user_dir_workers_count" - "matrix_synapse_workers_stream_writer_typing_stream_workers_count" - "matrix_synapse_workers_stream_writer_to_device_stream_workers_count" - "matrix_synapse_workers_stream_writer_account_data_stream_workers_count" diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 index a635559f..ef8684ab 100644 --- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -2874,6 +2874,14 @@ instance_map: {{ matrix_synapse_instance_map | to_json }} # typing: worker1 stream_writers: {{ matrix_synapse_stream_writers | to_json }} +{% if matrix_synapse_notify_appservices_from_worker != '' %} +notify_appservices_from_worker: {{ matrix_synapse_notify_appservices_from_worker | to_json }} +{% endif %} + +{% if matrix_synapse_update_user_directory_from_worker != '' %} +update_user_directory_from_worker: {{ matrix_synapse_update_user_directory_from_worker | to_json }} +{% endif %} + # The worker that is used to run background tasks (e.g. cleaning up expired # data). If not provided this defaults to the main process. # diff --git a/roles/matrix-synapse/vars/main.yml b/roles/matrix-synapse/vars/main.yml index e8b0e49c..2dc00fea 100644 --- a/roles/matrix-synapse/vars/main.yml +++ b/roles/matrix-synapse/vars/main.yml @@ -64,6 +64,11 @@ matrix_synapse_workers_stream_writer_receipts_stream_worker_client_server_endpoi matrix_synapse_workers_stream_writer_presence_stream_worker_client_server_endpoints: - ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/ +# matrix_synapse_workers_user_dir_worker_client_server_endpoints contains the endpoints serviced by the `type = user_dir` (`app = generic_worker`) worker. +# See: https://matrix-org.github.io/synapse/latest/workers.html#updating-the-user-directory +matrix_synapse_workers_user_dir_worker_client_server_endpoints: + - ^/_matrix/client/(r0|v3|unstable)/user_directory/search$ + # matrix_synapse_workers_known_stream_writer_stream_types contains the list of stream writer stream types that the playbook recognizes. # This is used for validation purposes. If adding support for a new type, besides adding it to this list, # don't forget to actually configure it where appropriate (see worker.yaml.j2`, the nginx proxy configuration, etc). @@ -79,13 +84,25 @@ matrix_synapse_workers_webserving_stream_writer_types: ['typing', 'to_device', ' matrix_synapse_webserving_workers_systemd_services_list: [] # matrix_synapse_known_worker_types contains the list of known worker types. +# # A worker type is different than a worker app (e.g. `generic_worker`). # For example, the `stream_writer` worker type is served by the `generic_worker` app, but is a separate type that we recognize. +# +# Some other types (`appservice` and `user_dir`) used to be Synapse worker apps, which got subsequently deprecated. +# We still allow these types of workers and map them to the `generic_worker` app, +# which is why we make sure they're part of the list below. +# We use the `unique` filter because they're part of `matrix_synapse_workers_avail_list` too (for now; scheduled for removal). matrix_synapse_known_worker_types: | {{ - matrix_synapse_workers_avail_list - + - ['stream_writer'] + ( + matrix_synapse_workers_avail_list + + + ['stream_writer'] + + + ['appservice'] + + + ['user_dir'] + ) | unique }} # matrix_synapse_known_instance_map_eligible_worker_types contains the list of worker types that are to be injected into `matrix_synapse_instance_map`. diff --git a/roles/matrix-synapse/vars/workers.yml b/roles/matrix-synapse/vars/workers.yml index 3f34bcb2..bc49e835 100644 --- a/roles/matrix-synapse/vars/workers.yml +++ b/roles/matrix-synapse/vars/workers.yml @@ -90,7 +90,9 @@ matrix_synapse_workers_generic_worker_endpoints: # - ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/ # User directory search requests - - ^/_matrix/client/(r0|v3|unstable)/user_directory/search$ + # Any worker can handle these, but we have a dedicated user_dir worker for this, + # so we'd like for other generic workers to not try and capture these requests. + # - ^/_matrix/client/(r0|v3|unstable)/user_directory/search$ # Additionally, the following REST endpoints can be handled for GET requests: From a1fb0826183af614c277430f257bfcc729026d53 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 15 Sep 2022 10:32:51 +0300 Subject: [PATCH 310/562] Add support for running background tasks on a worker --- CHANGELOG.md | 10 +++++++++- roles/matrix-synapse/defaults/main.yml | 11 +++++++++++ .../tasks/synapse/workers/init.yml | 16 ++++++++++++++++ roles/matrix-synapse/tasks/validate_config.yml | 1 + .../templates/synapse/homeserver.yaml.j2 | 3 +++ roles/matrix-synapse/vars/main.yml | 2 ++ 6 files changed, 42 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 37032735..06cac7a7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,7 @@ People who are interested in running a Synapse worker setup should know that **o - we've added support for [Stream writers](#stream-writers-support) - we've added support for [multiple federation sender workers](#multiple-federation-sender-workers-support) - we've added support for [multiple pusher workers](#multiple-pusher-workers-support) +- we've added support for [running background tasks on a worker](#background-tasks-can-run-on-a-worker) - we've restored support for [`appservice` workers](#appservice-worker-support-is-back) - we've restored support for [`user_dir` workers](#user-directory-worker-support-is-back) - see the [Potential Backward Incompatibilities after these Synapse worker changes](#potential-backward-incompatibilities-after-these-synapse-worker-changes) @@ -40,6 +41,13 @@ From now on, you can have as many as you want to help with your federation traff Until now, we only supported a single `pusher` worker (`matrix_synapse_workers_pusher_workers_count` could either be `0` or `1`). From now on, you can have as many as you want to help with pushing notifications out. +### Background tasks can run on a worker + +From now on, you can put [background task processing on a worker](https://matrix-org.github.io/synapse/latest/workers.html#background-tasks). + +With `matrix_synapse_workers_preset: one-of-each`, you'll get one `background` worker automatically. +You can also control the `background` workers count with `matrix_synapse_workers_background_workers_count`. Only `0` or `1` workers of this type are supported by Synapse. + ### Appservice worker support is back We previously had an `appservice` worker type, which [Synapse deprecated in v1.59.0](https://github.com/matrix-org/synapse/blob/v1.59.0/docs/upgrade.md#deprecation-of-the-synapseappappservice-and-synapseappuser_dir-worker-application-types). So did we, at the time. @@ -66,7 +74,7 @@ Below we'll discuss **potential backward incompatibilities**. - **Worker names** (container names, systemd services, worker configuration files) **have changed**. Workers are now labeled sequentially (e.g. `matrix-synapse-worker_generic_worker-18111` -> `matrix-synapse-worker-generic-0`). The playbook will handle these changes automatically. -- Due to increased worker types support above, people who use `matrix_synapse_workers_preset: one-of-each` should be aware that with these changes, **the playbook will deploy 8 additional workers** (6 stream writers, 1 `appservice` worker, 1 `user_dir` worker). This **may increase RAM/CPU usage**, etc. If you find your server struggling, consider disabling some workers with the appropriate `matrix_synapse_workers_*_workers_count` variables. +- Due to increased worker types support above, people who use `matrix_synapse_workers_preset: one-of-each` should be aware that with these changes, **the playbook will deploy 9 additional workers** (6 stream writers, 1 `appservice` worker, 1 `user_dir` worker, 1 background task worker). This **may increase RAM/CPU usage**, etc. If you find your server struggling, consider disabling some workers with the appropriate `matrix_synapse_workers_*_workers_count` variables. - **Metric endpoints have also changed** (`/metrics/synapse/worker/generic_worker-18111` -> `/metrics/synapse/worker/generic-worker-0`). If you're [collecting metrics to an external Prometheus server](docs/configuring-playbook-prometheus-grafana.md#collecting-metrics-to-an-external-prometheus-server), consider revisiting our [Collecting Synapse worker metrics to an external Prometheus server](docs/configuring-playbook-prometheus-grafana.md#collecting-synapse-worker-metrics-to-an-external-prometheus-server) docs and updating your Prometheus configuration. **If you're collecting metrics to the integrated Prometheus server** (not enabled by default), **your Prometheus configuration will be updated automatically**. Old data (from before this change) may stick around though. diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 7f6ce40f..672285cc 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -398,6 +398,7 @@ matrix_synapse_workers_presets: media_repository_workers_count: 0 appservice_workers_count: 0 user_dir_workers_count: 0 + background_workers_count: 0 stream_writer_events_stream_workers_count: 0 stream_writer_typing_stream_workers_count: 0 stream_writer_to_device_stream_workers_count: 0 @@ -411,6 +412,7 @@ matrix_synapse_workers_presets: media_repository_workers_count: 1 appservice_workers_count: 1 user_dir_workers_count: 1 + background_workers_count: 1 stream_writer_events_stream_workers_count: 1 stream_writer_typing_stream_workers_count: 1 stream_writer_to_device_stream_workers_count: 1 @@ -554,6 +556,15 @@ matrix_synapse_workers_user_dir_workers_metrics_range_start: 19661 # `update_user_directory_from_worker` is meant to point to a worker, which is dedicated to updating the user directory and servicing some user directory URL endpoints (`matrix_synapse_workers_user_dir_worker_client_server_endpoints`). matrix_synapse_update_user_directory_from_worker: "{{ (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'user_dir') | list)[0].name if (matrix_synapse_workers_enabled and matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'user_dir') | list | length > 0) else '' }}" +# matrix_synapse_workers_background_workers_count can only be 0 or 1. More instances are not supported. +# Our implementation uses a generic worker and assigns Synapse to perform background work on this worker using the `run_background_tasks_on` Synapse option. +matrix_synapse_workers_background_workers_count: "{{ matrix_synapse_workers_presets[matrix_synapse_workers_preset]['background_workers_count'] }}" +matrix_synapse_workers_background_workers_metrics_range_start: 19700 + +# matrix_synapse_run_background_tasks_on populates the `run_background_tasks_on` Synapse configuration used when Synapse workers are in use (`matrix_synapse_workers_enabled`). +# `run_background_tasks_on` is meant to point to a worker, which is dedicated to processing background tasks. +matrix_synapse_run_background_tasks_on: "{{ (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'background') | list)[0].name if (matrix_synapse_workers_enabled and matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'background') | list | length > 0) else '' }}" + # Default list of workers to spawn. # # Unless you populate this manually, this list is dynamically generated diff --git a/roles/matrix-synapse/tasks/synapse/workers/init.yml b/roles/matrix-synapse/tasks/synapse/workers/init.yml index c5a53297..0c2b8a79 100644 --- a/roles/matrix-synapse/tasks/synapse/workers/init.yml +++ b/roles/matrix-synapse/tasks/synapse/workers/init.yml @@ -100,6 +100,20 @@ register: "matrix_synapse_workers_list_results_user_dir_workers" loop: "{{ range(0, matrix_synapse_workers_user_dir_workers_count | int) | list }}" +# This type of worker can only have a count of 1, at most +- name: Build background workers + ansible.builtin.set_fact: + worker: + id: "background-{{ item }}" + name: "matrix-synapse-worker-background-{{ item }}" + type: 'background' + app: 'generic_worker' + webserving: false + port: 0 + metrics_port: "{{ matrix_synapse_workers_background_workers_metrics_range_start + item }}" + register: "matrix_synapse_workers_list_results_background_workers" + loop: "{{ range(0, matrix_synapse_workers_background_workers_count | int) | list }}" + - name: Build media_repository workers ansible.builtin.set_fact: worker: @@ -130,6 +144,8 @@ matrix_synapse_workers_list_results_user_dir_workers.results + matrix_synapse_workers_list_results_media_repository_workers.results + + + matrix_synapse_workers_list_results_background_workers.results }} - ansible.builtin.set_fact: diff --git a/roles/matrix-synapse/tasks/validate_config.yml b/roles/matrix-synapse/tasks/validate_config.yml index f6b1fe68..79e58154 100644 --- a/roles/matrix-synapse/tasks/validate_config.yml +++ b/roles/matrix-synapse/tasks/validate_config.yml @@ -20,6 +20,7 @@ with_items: - "matrix_synapse_workers_appservice_workers_count" - "matrix_synapse_workers_user_dir_workers_count" + - "matrix_synapse_workers_background_workers_count" - "matrix_synapse_workers_stream_writer_typing_stream_workers_count" - "matrix_synapse_workers_stream_writer_to_device_stream_workers_count" - "matrix_synapse_workers_stream_writer_account_data_stream_workers_count" diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 index ef8684ab..e330617f 100644 --- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -2886,6 +2886,9 @@ update_user_directory_from_worker: {{ matrix_synapse_update_user_directory_from_ # data). If not provided this defaults to the main process. # #run_background_tasks_on: worker1 +{% if matrix_synapse_run_background_tasks_on != '' %} +run_background_tasks_on: {{ matrix_synapse_run_background_tasks_on | to_json }} +{% endif %} # A shared secret used by the replication APIs to authenticate HTTP requests # from workers. diff --git a/roles/matrix-synapse/vars/main.yml b/roles/matrix-synapse/vars/main.yml index 2dc00fea..b403b461 100644 --- a/roles/matrix-synapse/vars/main.yml +++ b/roles/matrix-synapse/vars/main.yml @@ -102,6 +102,8 @@ matrix_synapse_known_worker_types: | ['appservice'] + ['user_dir'] + + + ['background'] ) | unique }} From 8887aed500db8f0cc9de30170e9d272d029d14b8 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 15 Sep 2022 10:34:02 +0300 Subject: [PATCH 311/562] Do not add federation_sender_instances/pusher_instances configuration if not necessary This keeps the configuration cleaner and hopefully prevents odd issues if Synapse (by any chance) happens to interpret `pusher_instances: []` as "no pushers", instead of as "push from the master process". I haven't confirmed what an empty pushers/federation-senders list means, so it's safer to just avoid it. --- roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 index e330617f..3cd76bf9 100644 --- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -2851,9 +2851,13 @@ send_federation: {{ matrix_synapse_send_federation | to_json }} # #federation_sender_instances: # - federation_sender1 +{% if matrix_synapse_federation_sender_instances | length > 0 %} federation_sender_instances: {{ matrix_synapse_federation_sender_instances | to_json }} +{% endif %} +{% if matrix_synapse_federation_pusher_instances | length > 0 %} pusher_instances: {{ matrix_synapse_federation_pusher_instances | to_json }} +{% endif %} start_pushers: {{ matrix_synapse_start_pushers | to_json }} # When using workers this should be a map from `worker_name` to the From 109e1addb882304a4fa31db7ae253a72c1c867a8 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 15 Sep 2022 10:45:03 +0300 Subject: [PATCH 312/562] Improve reliability when using more than 1 media_repository worker --- CHANGELOG.md | 8 ++++++++ roles/matrix-synapse/defaults/main.yml | 5 +++++ roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 | 4 ++++ 3 files changed, 17 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 06cac7a7..95356d8c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,6 +10,7 @@ People who are interested in running a Synapse worker setup should know that **o - we've added support for [running background tasks on a worker](#background-tasks-can-run-on-a-worker) - we've restored support for [`appservice` workers](#appservice-worker-support-is-back) - we've restored support for [`user_dir` workers](#user-directory-worker-support-is-back) +- we've made it possible to [reliably use more than 1 `media_repository` worker](#using-more-than-1-media-repository-worker-is-now-more-reliable) - see the [Potential Backward Incompatibilities after these Synapse worker changes](#potential-backward-incompatibilities-after-these-synapse-worker-changes) ### Stream writers support @@ -68,6 +69,13 @@ From now on, we have support for this. With `matrix_synapse_workers_preset: one-of-each`, you'll get one `user_dir` worker automatically. You can also control the `user_dir` workers count with `matrix_synapse_workers_user_dir_workers_count`. Only `0` or `1` workers of this type are supported by Synapse. +### Using more than 1 media repository worker is now more reliable + +With `matrix_synapse_workers_preset: one-of-each`, we only launch one `media_repository` worker. + +If you've been configuring `matrix_synapse_workers_media_repository_workers_count` manually, you may have increased that to more workers. +When multiple media repository workers are in use, background tasks related to the media repository must always be configured to run on a single `media_repository` worker via `media_instance_running_background_jobs`. Until now, we weren't doing this correctly, but we now are. + ### Potential Backward Incompatibilities after these Synapse worker changes Below we'll discuss **potential backward incompatibilities**. diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 672285cc..dab098fb 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -535,6 +535,11 @@ matrix_synapse_workers_media_repository_workers_metrics_range_start: 19551 # Adjusting this value manually is generally not necessary. matrix_synapse_enable_media_repo: "{{ not matrix_synapse_workers_enabled or (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'media_repository') | list | length > 0) }}" +# matrix_synapse_media_instance_running_background_jobs populates the `media_instance_running_background_jobs` Synapse configuration used when Synapse workers are in use (`matrix_synapse_workers_enabled`). +# `media_instance_running_background_jobs` is meant to point to a single media-repository worker, which is dedicated to running background tasks that maintain the media repository. +# Multiple `media_repository` workers may be enabled. We always pick the first one as the background tasks worker. +matrix_synapse_media_instance_running_background_jobs: "{{ (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'media_repository') | list)[0].name if (matrix_synapse_workers_enabled and matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'media_repository') | list | length > 0) else '' }}" + # matrix_synapse_workers_appservice_workers_count can only be 0 or 1. More instances are not supported. # appservice workers were deprecated since Synapse v1.59 (see: https://github.com/matrix-org/synapse/blob/v1.59.0/docs/upgrade.md#deprecation-of-the-synapseappappservice-and-synapseappuser_dir-worker-application-types). # Our implementation uses generic worker services and assigns them to perform appservice work using the `notify_appservices_from_worker` Synapse option. diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 index 3cd76bf9..ae71b7ae 100644 --- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -2894,6 +2894,10 @@ update_user_directory_from_worker: {{ matrix_synapse_update_user_directory_from_ run_background_tasks_on: {{ matrix_synapse_run_background_tasks_on | to_json }} {% endif %} +{% if matrix_synapse_media_instance_running_background_jobs != '' %} +media_instance_running_background_jobs: {{ matrix_synapse_media_instance_running_background_jobs | to_json }} +{% endif %} + # A shared secret used by the replication APIs to authenticate HTTP requests # from workers. # From ef112181a1b4dae89642e2189da610244f03602f Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 15 Sep 2022 10:46:17 +0300 Subject: [PATCH 313/562] Update some Synapse documentation URLs --- .../templates/nginx/conf.d/matrix-synapse.conf.j2 | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 index 488ced5a..1d6f2106 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 @@ -81,7 +81,7 @@ server { {# Workers redirects BEGIN #} {% if generic_workers | length > 0 %} - # https://github.com/matrix-org/synapse/blob/master/docs/workers.md#synapseappgeneric_worker + # https://matrix-org.github.io/synapse/latest/workers.html#synapseappgeneric_worker {{ render_locations_to_upstream(matrix_nginx_proxy_synapse_generic_worker_client_server_locations, 'generic_workers_upstream') }} {% endif %} @@ -111,7 +111,7 @@ server { {% endif %} {% if media_repository_workers | length > 0 %} - # https://github.com/matrix-org/synapse/blob/master/docs/workers.md#synapseappmedia_repository + # https://matrix-org.github.io/synapse/latest/workers.html#synapseappmedia_repository {% for location in matrix_nginx_proxy_synapse_media_repository_locations %} location ~ {{ location }} { proxy_pass http://media_repository_workers_upstream$request_uri; @@ -182,11 +182,11 @@ server { {% if matrix_nginx_proxy_synapse_workers_enabled %} {% if generic_workers | length > 0 %} - # https://github.com/matrix-org/synapse/blob/master/docs/workers.md#synapseappgeneric_worker + # https://matrix-org.github.io/synapse/latest/workers.html#synapseappgeneric_worker {{ render_locations_to_upstream(matrix_nginx_proxy_synapse_generic_worker_federation_locations, 'generic_workers_upstream') }} {% endif %} {% if media_repository_workers | length > 0 %} - # https://github.com/matrix-org/synapse/blob/master/docs/workers.md#synapseappmedia_repository + # https://matrix-org.github.io/synapse/latest/workers.html#synapseappmedia_repository {% for location in matrix_nginx_proxy_synapse_media_repository_locations %} location ~ {{ location }} { proxy_pass http://media_repository_workers_upstream$request_uri; From 800267b1824d98ac3e7bf6043b821ef0cb6dd72d Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 15 Sep 2022 12:33:23 +0300 Subject: [PATCH 314/562] Fix incorrect if checks breaking start_pushers/send_federaiton/enable_media_repo Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2103 --- roles/matrix-synapse/defaults/main.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index dab098fb..4e0af66b 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -507,9 +507,9 @@ matrix_synapse_workers_pusher_workers_metrics_range_start: 19200 matrix_synapse_federation_pusher_instances: [] # matrix_synapse_start_pushers controls if the main Synapse process should push out notifications or if it should be left to pusher workers (see `matrix_synapse_federation_pusher_instances`). -# This is enabled if workers are disabled, or if there are no pusher workers. +# This is enabled if workers are disabled, or if they are enabled, but there are no pusher workers. # Adjusting this value manually is generally not necessary. -matrix_synapse_start_pushers: "{{ not matrix_synapse_workers_enabled or (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'pusher') | list | length > 0) }}" +matrix_synapse_start_pushers: "{{ not matrix_synapse_workers_enabled or (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'pusher') | list | length == 0) }}" # matrix_synapse_workers_federation_sender_workers_count controls the number of federation sender workers to spawn. # See https://matrix-org.github.io/synapse/latest/workers.html#synapseappfederation_sender @@ -522,18 +522,18 @@ matrix_synapse_workers_federation_sender_workers_metrics_range_start: 19400 matrix_synapse_federation_sender_instances: [] # matrix_synapse_send_federation controls if the main Synapse process should send federation traffic or if it should be left to federation_sender workers (see `matrix_synapse_federation_sender_instances`). -# This is allowed if workers are disabled, or if there are no federation sender workers. +# This is allowed if workers are disabled, or they are enabled, but there are no federation sender workers. # Adjusting this value manually is generally not necessary. -matrix_synapse_send_federation: "{{ not matrix_synapse_workers_enabled or (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'federation_sender') | list | length > 0) }}" +matrix_synapse_send_federation: "{{ not matrix_synapse_workers_enabled or (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'federation_sender') | list | length == 0) }}" matrix_synapse_workers_media_repository_workers_count: "{{ matrix_synapse_workers_presets[matrix_synapse_workers_preset]['media_repository_workers_count'] }}" matrix_synapse_workers_media_repository_workers_port_range_start: 18551 matrix_synapse_workers_media_repository_workers_metrics_range_start: 19551 # matrix_synapse_enable_media_repo controls if the main Synapse process should serve media repository endpoints or if it should be left to media_repository workers (see `matrix_synapse_workers_media_repository_workers_count`). -# This is enabled if workers are disabled, or if there are no media repository workers. +# This is enabled if workers are disabled, or if they are enabled, but there are no media repository workers. # Adjusting this value manually is generally not necessary. -matrix_synapse_enable_media_repo: "{{ not matrix_synapse_workers_enabled or (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'media_repository') | list | length > 0) }}" +matrix_synapse_enable_media_repo: "{{ not matrix_synapse_workers_enabled or (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'media_repository') | list | length == 0) }}" # matrix_synapse_media_instance_running_background_jobs populates the `media_instance_running_background_jobs` Synapse configuration used when Synapse workers are in use (`matrix_synapse_workers_enabled`). # `media_instance_running_background_jobs` is meant to point to a single media-repository worker, which is dedicated to running background tasks that maintain the media repository. From b07fd768300ff39054d8204024d3ad01dce36e9c Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 15 Sep 2022 12:46:41 +0300 Subject: [PATCH 315/562] Fix prometheus.yml.j2 indentation and worker ids for stream writers Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2105 --- roles/matrix-prometheus/templates/prometheus.yml.j2 | 10 +++++----- roles/matrix-synapse/tasks/synapse/workers/init.yml | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/matrix-prometheus/templates/prometheus.yml.j2 b/roles/matrix-prometheus/templates/prometheus.yml.j2 index 628f4f4f..83ae8a9a 100644 --- a/roles/matrix-prometheus/templates/prometheus.yml.j2 +++ b/roles/matrix-prometheus/templates/prometheus.yml.j2 @@ -32,17 +32,17 @@ scrape_configs: static_configs: - targets: {{ matrix_prometheus_scraper_synapse_targets|to_json }} labels: - instance: {{ matrix_domain }} + instance: {{ matrix_domain | to_json }} job: master index: 0 {% for worker in matrix_prometheus_scraper_synapse_workers_enabled_list %} {% if worker.metrics_port != 0 %} - targets: ['{{ worker.name }}:{{ worker.metrics_port }}'] labels: - instance: {{ matrix_domain }} - worker_id: {{ worker.id }} - job: {{ worker.type }} - app: {{ worker.app }} + instance: {{ matrix_domain | to_json }} + worker_id: {{ worker.id | to_json }} + job: {{ worker.type | to_json }} + app: {{ worker.app | to_json }} {% endif %} {% endfor %} {% endif %} diff --git a/roles/matrix-synapse/tasks/synapse/workers/init.yml b/roles/matrix-synapse/tasks/synapse/workers/init.yml index 0c2b8a79..43e44b63 100644 --- a/roles/matrix-synapse/tasks/synapse/workers/init.yml +++ b/roles/matrix-synapse/tasks/synapse/workers/init.yml @@ -20,7 +20,7 @@ - name: Build stream writer workers ansible.builtin.set_fact: worker: - id: "stream-writer-{{ item }}-{{ item.stream }}" + id: "stream-writer-{{ idx }}-{{ item.stream }}" # Names must not include understores. Certain stream writer streams (to_device, account_data, ..) do, so we fix them up. name: "matrix-synapse-worker-stream-writer-{{ idx }}-{{ item.stream | replace('_', '-') }}" type: 'stream_writer' From 3d2547329e9bcbbde802d4a9330eae2d0dd90dab Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 15 Sep 2022 13:14:31 +0300 Subject: [PATCH 316/562] Add missing else clause to inline if Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2103 Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2104 --- group_vars/matrix_servers | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 78d1ed68..01e287a7 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1772,7 +1772,7 @@ matrix_nginx_proxy_systemd_wanted_services_list: | {{ ['matrix-' + matrix_homeserver_implementation + '.service'] + - (matrix_synapse_webserving_workers_systemd_services_list if matrix_homeserver_implementation == 'synapse' and matrix_synapse_workers_enabled) + (matrix_synapse_webserving_workers_systemd_services_list if matrix_homeserver_implementation == 'synapse' and matrix_synapse_workers_enabled else []) + (['matrix-corporal.service'] if matrix_corporal_enabled else []) + From b8b7974b78965eb3d7a0fcd9142c0e47b0857c7a Mon Sep 17 00:00:00 2001 From: Jost Alemann <58050402+jalemann@users.noreply.github.com> Date: Fri, 16 Sep 2022 13:13:11 +0200 Subject: [PATCH 317/562] fix: typo --- CHANGELOG.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 95356d8c..deb1bc0c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -56,8 +56,8 @@ We previously had an `appservice` worker type, which [Synapse deprecated in v1.5 The new way to implement such workers is by using a `generic_worker` and dedicating it to the task of talking to Application Services. From now on, we have support for this. -With `matrix_synapse_workers_preset: one-of-each`, you'll get one `appserice` worker automatically. -You can also control the `appserice` workers count with `matrix_synapse_workers_appserice_workers_count`. Only `0` or `1` workers of this type are supported by Synapse. +With `matrix_synapse_workers_preset: one-of-each`, you'll get one `appservice` worker automatically. +You can also control the `appservice` workers count with `matrix_synapse_workers_appservice_workers_count`. Only `0` or `1` workers of this type are supported by Synapse. ### User Directory worker support is back From 0a4ce46e1ee89edce74f3bc7a8be2547c927fcfd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 16 Sep 2022 18:25:36 +0200 Subject: [PATCH 318/562] Add doc page MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Julian-Samuel Gebühr --- ...ng-playbook-matrix-ldap-registration-proxy.md | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 docs/configuring-playbook-matrix-ldap-registration-proxy.md diff --git a/docs/configuring-playbook-matrix-ldap-registration-proxy.md b/docs/configuring-playbook-matrix-ldap-registration-proxy.md new file mode 100644 index 00000000..661535f3 --- /dev/null +++ b/docs/configuring-playbook-matrix-ldap-registration-proxy.md @@ -0,0 +1,16 @@ +# Setting up matrix-ldap-registration-proxy (optional) + +The playbook can install and configure [matrix-ldap-registration-proxy](https://gitlab.com/activism.international/matrix_ldap_registration_proxy) for you. + +This proxy handles Matrix registration requests and forwards them to LDAP. + +**Please note:** This does support the full Matrix specification for registrations. It only provide a very coarse +implementation of a basic password registration. + +## Quickstart + +Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: + +```yaml +matrix_ldap_registration_proxy_enabled: true +``` From e87bee15dd376eac897916d9c609c59e93d32d65 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 16 Sep 2022 19:57:52 +0300 Subject: [PATCH 319/562] Add note about the Kakaotalk bridge being dangerous to use --- docs/configuring-playbook-bridge-appservice-kakaotalk.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/configuring-playbook-bridge-appservice-kakaotalk.md b/docs/configuring-playbook-bridge-appservice-kakaotalk.md index 127f18f4..3c49d726 100644 --- a/docs/configuring-playbook-bridge-appservice-kakaotalk.md +++ b/docs/configuring-playbook-bridge-appservice-kakaotalk.md @@ -2,6 +2,8 @@ The playbook can install and configure [matrix-appservice-kakaotalk](https://src.miscworks.net/fair/matrix-appservice-kakaotalk) for you. `matrix-appservice-kakaotalk` is a bridge to [Kakaotalk](https://www.kakaocorp.com/page/service/service/KakaoTalk?lang=ENG) based on [node-kakao](https://github.com/storycraft/node-kakao) (now unmaintained) and some [mautrix-facebook](https://github.com/mautrix/facebook) code. +**NOTE**: there have been recent reports (~2022-09-16) that **using this bridge may get your account banned**. + See the project's [documentation](https://src.miscworks.net/fair/matrix-appservice-kakaotalk) to learn what it does and why it might be useful to you. From db705aff4f226ae0685a39e7cbe2fc5036b40914 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 16 Sep 2022 19:15:33 +0200 Subject: [PATCH 320/562] Add documentation to readme/list of services MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Julian-Samuel Gebühr --- README.md | 2 ++ docs/configuring-playbook.md | 4 ++++ 2 files changed, 6 insertions(+) diff --git a/README.md b/README.md index 221e8a85..4c64ee2c 100644 --- a/README.md +++ b/README.md @@ -45,6 +45,8 @@ Using this playbook, you can get the following services configured on your serve - (optional, advanced) the [matrix-synapse-ldap3](https://github.com/matrix-org/matrix-synapse-ldap3) LDAP Auth password provider module +- (optional, advanced) the [matrix-ldap-registration-proxy](https://gitlab.com/activism.international/matrix_ldap_registration_proxy) a proxy that handles Matrix registration requests and forwards them to LDAP. + - (optional, advanced) the [synapse-simple-antispam](https://github.com/t2bot/synapse-simple-antispam) spam checker module - (optional, advanced) the [Matrix Corporal](https://github.com/devture/matrix-corporal) reconciliator and gateway for a managed Matrix server diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index b3b44b5f..735dddf2 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -86,6 +86,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up the LDAP password provider module](configuring-playbook-ldap-auth.md) (optional, advanced) +- [Setting up the ldap-registration-proxy](configuring-playbook-matrix-ldap-registration-proxy.md) (optional, advanced) + - [Setting up Synapse Simple Antispam](configuring-playbook-synapse-simple-antispam.md) (optional, advanced) - [Setting up Matrix Corporal](configuring-playbook-matrix-corporal.md) (optional, advanced) @@ -179,3 +181,5 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up the Sygnal push gateway](configuring-playbook-sygnal.md) (optional) - [Setting up the ntfy push notifications server](configuring-playbook-ntfy.md) (optional) + + From d23cef541ebd8c6cc21a1540a50215fddb184c94 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 16 Sep 2022 19:16:45 +0200 Subject: [PATCH 321/562] Redo exposing the service to nginx MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The Service is now exposed by default on port 8585 and forwarded by nginx to the specified endpoint Signed-off-by: Julian-Samuel Gebühr --- roles/matrix-ldap-registration-proxy/defaults/main.yml | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/roles/matrix-ldap-registration-proxy/defaults/main.yml b/roles/matrix-ldap-registration-proxy/defaults/main.yml index 5a010f97..bf7f3564 100644 --- a/roles/matrix-ldap-registration-proxy/defaults/main.yml +++ b/roles/matrix-ldap-registration-proxy/defaults/main.yml @@ -28,10 +28,14 @@ matrix_ldap_registration_proxy_container_port: 8080 # Controls whether the matrix_ldap_registration_proxy container exposes its HTTP port (tcp/{{ matrix_ldap_registration_proxy_container_port }} in the container). # # Takes an ":" or "" value (e.g. "127.0.0.1:8080"), or empty string to not expose. -matrix_ldap_registration_proxy_container_http_host_bind_port: '' +matrix_ldap_registration_proxy_container_http_host_bind_port: '8585'}' -matrix_ldap_registration_proxy_registration_addr_with_container: "matrix-ldap_registration-proxy:{{ matrix_ldap_registration_proxy_container_port }}" -matrix_ldap_registration_proxy_registration_addr_sans_container: "127.0.0.1:{{ matrix_ldap_registration_proxy_container_port }}" +# `matrix_ldap_registration_proxy_container_http_host_bind_port_number_raw` contains the raw port number extracted from `matrix_ldap_registration_proxy_container_http_host_bind_port`, + # which can contain values like this: ('1234', '127.0.0.1:1234', '0.0.0.0:1234') + matrix_ldap_registration_proxy_container_http_host_bind_port_number_raw: "{{ '' if matrix_ldap_registration_proxy_container_http_host_bind_port == '' else (matrix_ldap_registration_proxy_container_http_host_bind_port.split(':')[1] if ':' in matrix_ldap_registration_proxy_container_http_host_bind_port else matrix_ldap_registration_proxy_container_http_host_bind_port) }}" + +matrix_ldap_registration_proxy_registration_addr_with_container: "matrix-ldap_registration-proxy:{{ matrix_ldap_registration_proxy_container_http_host_bind_port_number_raw }}" +matrix_ldap_registration_proxy_registration_addr_sans_container: "127.0.0.1:{{ matrix_ldap_registration_proxy_container_http_host_bind_port_number_raw }}" # A list of extra arguments to pass to the container From 2fa0ddcf539b73882be52a1aefaef93a01133fc4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 16 Sep 2022 19:25:00 +0200 Subject: [PATCH 322/562] TODO: Check if ths documentation is correct MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Julian-Samuel Gebühr --- ...ring-playbook-matrix-ldap-registration-proxy.md | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/docs/configuring-playbook-matrix-ldap-registration-proxy.md b/docs/configuring-playbook-matrix-ldap-registration-proxy.md index 661535f3..31b75a0b 100644 --- a/docs/configuring-playbook-matrix-ldap-registration-proxy.md +++ b/docs/configuring-playbook-matrix-ldap-registration-proxy.md @@ -14,3 +14,17 @@ Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars. ```yaml matrix_ldap_registration_proxy_enabled: true ``` + +That is enough if you use the synapse external password provider via LDAP. +If you want to use your own credentials add the following to your `inventory/host_vars/matrix.DOMAIN/vars.yml`: + + + +# LDAP credentials +```yaml +matrix_ldap_registration_proxy_ldap_uri: +matrix_ldap_registration_proxy_ldap_base_dn: +matrix_ldap_registration_proxy_ldap_user: +matrix_ldap_registration_proxy_ldap_password: +``` +TODO: is the block above correct? Else indicate that it can only be used with the LDAP password provider for Synapse From e25678c57a3910f72b979882418e3a46a527d501 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 17 Sep 2022 09:23:09 +0300 Subject: [PATCH 323/562] Upgrade Hookshot (2.1.2 -> 2.2.0) --- roles/matrix-bridge-hookshot/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-hookshot/defaults/main.yml b/roles/matrix-bridge-hookshot/defaults/main.yml index d60cf15b..57d31af5 100644 --- a/roles/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/matrix-bridge-hookshot/defaults/main.yml @@ -10,7 +10,7 @@ matrix_hookshot_container_image_self_build: false matrix_hookshot_container_image_self_build_repo: "https://github.com/matrix-org/matrix-hookshot.git" matrix_hookshot_container_image_self_build_branch: "{{ 'main' if matrix_hookshot_version == 'latest' else matrix_hookshot_version }}" -matrix_hookshot_version: 2.1.2 +matrix_hookshot_version: 2.2.0 matrix_hookshot_docker_image: "{{ matrix_hookshot_docker_image_name_prefix }}halfshot/matrix-hookshot:{{ matrix_hookshot_version }}" matrix_hookshot_docker_image_name_prefix: "{{ 'localhost/' if matrix_hookshot_container_image_self_build else matrix_container_global_registry_prefix }}" From b45cd7495c66c680b113e367824297783c8959f4 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 17 Sep 2022 09:39:42 +0300 Subject: [PATCH 324/562] Upgrade mautrix-whatsapp (0.6.1 -> 0.7.0) and change some defaults `ephemeral_events`` and `sync_with_custom_puppets` have been flipped to keep up with the default upstream config: https://github.com/mautrix/whatsapp/commit/b33bd9c4a7e070f03008d2b47ed764b05c2fc20d --- .../matrix-bridge-mautrix-whatsapp/defaults/main.yml | 2 +- .../templates/config.yaml.j2 | 12 ++++++++++-- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml index 821f3f28..81494584 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml @@ -8,7 +8,7 @@ matrix_mautrix_whatsapp_container_image_self_build: false matrix_mautrix_whatsapp_container_image_self_build_repo: "https://mau.dev/mautrix/whatsapp.git" matrix_mautrix_whatsapp_container_image_self_build_branch: "{{ 'master' if matrix_mautrix_whatsapp_version == 'latest' else matrix_mautrix_whatsapp_version }}" -matrix_mautrix_whatsapp_version: v0.6.1 +matrix_mautrix_whatsapp_version: v0.7.0 # See: https://mau.dev/mautrix/whatsapp/container_registry matrix_mautrix_whatsapp_docker_image: "{{ matrix_mautrix_whatsapp_docker_image_name_prefix }}mautrix/whatsapp:{{ matrix_mautrix_whatsapp_version }}" matrix_mautrix_whatsapp_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_whatsapp_container_image_self_build else 'dock.mau.dev/' }}" diff --git a/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 index 8073da65..87d4627d 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 @@ -5,6 +5,9 @@ homeserver: address: {{ matrix_mautrix_whatsapp_homeserver_address }} # The domain of the homeserver (for MXIDs, etc). domain: {{ matrix_mautrix_whatsapp_homeserver_domain }} + # What software is the homeserver running? + # Standard Matrix homeservers like Synapse, Dendrite and Conduit should just use "standard" here. + software: standard # The URL to push real-time bridge status to. # If set, the bridge will make POST requests to this URL whenever a user's whatsapp connection state changes. # The bridge will use the appservice as_token to authorize requests. @@ -52,7 +55,7 @@ appservice: # Whether or not to receive ephemeral events via appservice transactions. # Requires MSC2409 support (i.e. Synapse 1.22+). # You should disable bridge -> sync_with_custom_puppets when this is enabled. - ephemeral_events: false + ephemeral_events: true # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify. as_token: "{{ matrix_mautrix_whatsapp_appservice_token }}" @@ -188,7 +191,7 @@ bridge: # Should Matrix users leaving groups be bridged to WhatsApp? bridge_matrix_leave: true # Should the bridge sync with double puppeting to receive EDUs that aren't normally sent to appservices. - sync_with_custom_puppets: true + sync_with_custom_puppets: false # Should the bridge update the m.direct account data event when double puppeting is enabled. # Note that updating the m.direct event is not atomic (except with mautrix-asmux) # and is therefore prone to race conditions. @@ -268,6 +271,9 @@ bridge: # Should the bridge never send alerts to the bridge management room? # These are mostly things like the user being logged out. disable_bridge_alerts: false + # Should the bridge stop if the WhatsApp server says another user connected with the same session? + # This is only safe on single-user bridges. + crash_on_stream_replaced: false # Should the bridge detect URLs in outgoing messages, ask the homeserver to generate a preview, # and send it to WhatsApp? URL previews can always be sent using the `com.beeper.linkpreviews` # key in the event content even if this is disabled. @@ -311,6 +317,8 @@ bridge: # This will cause the bridge bot to be in private chats for the encryption to work properly. # It is recommended to also set private_chat_portal_meta to true when using this. default: {{ matrix_mautrix_whatsapp_bridge_encryption_default|to_json }} + # Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data. + appservice: false # Require encryption, drop any unencrypted messages. require: false # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. From f2b66c3b04cec2a685d919a8a5bfcc0992dc4290 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 17 Sep 2022 10:02:07 +0300 Subject: [PATCH 325/562] Use a different name for appservice-irc image (localhost/ prefix) if self-building enabled Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2108 --- roles/matrix-bridge-appservice-irc/defaults/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/matrix-bridge-appservice-irc/defaults/main.yml b/roles/matrix-bridge-appservice-irc/defaults/main.yml index fb0f3a33..bd69df79 100644 --- a/roles/matrix-bridge-appservice-irc/defaults/main.yml +++ b/roles/matrix-bridge-appservice-irc/defaults/main.yml @@ -15,6 +15,7 @@ matrix_appservice_irc_version: 0.35.0 matrix_appservice_irc_docker_image: "{{ matrix_container_global_registry_prefix }}matrixdotorg/matrix-appservice-irc:{{ matrix_appservice_irc_docker_image_tag }}" matrix_appservice_irc_docker_image_tag: "{{ 'latest' if matrix_appservice_irc_version == 'latest' else ('release-' + matrix_appservice_irc_version) }}" matrix_appservice_irc_docker_image_force_pull: "{{ matrix_appservice_irc_docker_image.endswith(':latest') }}" +matrix_appservice_irc_docker_image_name_prefix: "{{ 'localhost/' if matrix_appservice_irc_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_appservice_irc_base_path: "{{ matrix_base_data_path }}/appservice-irc" matrix_appservice_irc_config_path: "{{ matrix_appservice_irc_base_path }}/config" From 49c64a8d65165d03df9c95c8fa05fc1bf67af988 Mon Sep 17 00:00:00 2001 From: borisrunakov Date: Sat, 17 Sep 2022 10:22:05 +0300 Subject: [PATCH 326/562] change stream writer worker metrics range start --- roles/matrix-synapse/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 4e0af66b..db704311 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -494,7 +494,7 @@ matrix_synapse_stream_writers: {} # It should be noted that not all of the background worker types will need to expose HTTP services, etc. matrix_synapse_workers_stream_writer_workers_http_port_range_start: 20011 matrix_synapse_workers_stream_writer_workers_replication_port_range_start: 25011 -matrix_synapse_workers_stream_writer_workers_metrics_range_start: 19111 +matrix_synapse_workers_stream_writer_workers_metrics_range_start: 19211 # matrix_synapse_workers_pusher_workers_count controls the number of pusher workers (workers who push out notifications) to spawn. # See https://matrix-org.github.io/synapse/latest/workers.html#synapseapppusher From 3a3a0b5c9a6039706c488ac439c9a27777cb035e Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Sat, 17 Sep 2022 13:41:29 +0000 Subject: [PATCH 327/562] Update Cinny 2.1.3 -> 2.2.0 --- roles/matrix-client-cinny/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-cinny/defaults/main.yml b/roles/matrix-client-cinny/defaults/main.yml index c2bc476a..c041794c 100644 --- a/roles/matrix-client-cinny/defaults/main.yml +++ b/roles/matrix-client-cinny/defaults/main.yml @@ -6,7 +6,7 @@ matrix_client_cinny_enabled: true matrix_client_cinny_container_image_self_build: false matrix_client_cinny_container_image_self_build_repo: "https://github.com/ajbura/cinny.git" -matrix_client_cinny_version: v2.1.3 +matrix_client_cinny_version: v2.2.0 matrix_client_cinny_docker_image: "{{ matrix_client_cinny_docker_image_name_prefix }}ajbura/cinny:{{ matrix_client_cinny_version }}" matrix_client_cinny_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_cinny_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_cinny_docker_image_force_pull: "{{ matrix_client_cinny_docker_image.endswith(':latest') }}" From 435c4f8b01896b84fdc3d68d51352b37e02a7ecf Mon Sep 17 00:00:00 2001 From: Shaleen Jain Date: Sat, 17 Sep 2022 14:33:29 +0000 Subject: [PATCH 328/562] dendrite: update config to match upstream defaults --- roles/matrix-dendrite/defaults/main.yml | 2 +- .../templates/dendrite/dendrite.yaml.j2 | 29 +++++++++++++++++++ 2 files changed, 30 insertions(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml index 2a6c4fd6..df78b56d 100644 --- a/roles/matrix-dendrite/defaults/main.yml +++ b/roles/matrix-dendrite/defaults/main.yml @@ -90,7 +90,7 @@ matrix_dendrite_tmp_directory_size_mb: 500 # Rate limits matrix_dendrite_rate_limiting_enabled: true -matrix_dendrite_rate_limiting_threshold: 5 +matrix_dendrite_rate_limiting_threshold: 20 matrix_dendrite_rate_limiting_cooloff_ms: 500 # Controls whether people with access to the homeserver can register by themselves. diff --git a/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 b/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 index 88aacab2..d44da219 100644 --- a/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 +++ b/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 @@ -58,6 +58,10 @@ global: # e.g. localhost:443 well_known_server_name: "" + # The server name to delegate client-server communications to, with optional port + # e.g. localhost:443 + well_known_client_name: "" + # Lists of domains that the server will trust as identity servers to verify third # party identifiers such as phone numbers and email addresses. trusted_third_party_id_servers: {{ matrix_dendrite_trusted_id_servers|to_json }} @@ -73,6 +77,25 @@ global: # Whether outbound presence events are allowed, e.g. sending presence events to other servers enable_outbound: false + # Configuration for in-memory caches. Caches can often improve performance by + # keeping frequently accessed items (like events, identifiers etc.) in memory + # rather than having to read them from the database. + cache: + # The estimated maximum size for the global cache in bytes, or in terabytes, + # gigabytes, megabytes or kilobytes when the appropriate 'tb', 'gb', 'mb' or + # 'kb' suffix is specified. Note that this is not a hard limit, nor is it a + # memory limit for the entire process. A cache that is too small may ultimately + # provide little or no benefit. + max_size_estimated: 1gb + + # The maximum amount of time that a cache entry can live for in memory before + # it will be evicted and/or refreshed from the database. Lower values result in + # easier admission of new cache entries but may also increase database load in + # comparison to higher values, so adjust conservatively. Higher values may make + # it harder for new items to make it into the cache, e.g. if new rooms suddenly + # become popular. + max_age: 1h + # Server notices allows server admins to send messages to all users. server_notices: enabled: false @@ -186,6 +209,8 @@ client_api: enabled: {{ matrix_dendrite_rate_limiting_enabled|to_json }} threshold: {{ matrix_dendrite_rate_limiting_threshold|to_json }} cooloff_ms: {{ matrix_dendrite_rate_limiting_cooloff_ms|to_json }} + exempt_user_ids: + # - "@user:domain.com" # Configuration for the Federation API. federation_api: @@ -324,6 +349,10 @@ sync_api: # a reverse proxy server. # real_ip_header: X-Real-IP real_ip_header: {{ matrix_dendrite_sync_api_real_ip_header|to_json }} + fulltext: + enabled: false + index_path: "./fulltextindex" + language: "en" # more possible languages can be found at https://github.com/blevesearch/bleve/tree/master/analysis/lang # Configuration for the User API. user_api: From 47fa90bdc31876a7df24a57a14a86375da3ec2eb Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Sat, 17 Sep 2022 20:38:07 +0000 Subject: [PATCH 329/562] Update mautrix-signal 0.3.0 -> 0.4.0 --- roles/matrix-bridge-mautrix-signal/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-signal/defaults/main.yml b/roles/matrix-bridge-mautrix-signal/defaults/main.yml index d6d3faa2..d8e4016c 100644 --- a/roles/matrix-bridge-mautrix-signal/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-signal/defaults/main.yml @@ -9,7 +9,7 @@ matrix_mautrix_signal_docker_repo: "https://mau.dev/mautrix/signal.git" matrix_mautrix_signal_docker_repo_version: "{{ 'master' if matrix_mautrix_signal_version == 'latest' else matrix_mautrix_signal_version }}" matrix_mautrix_signal_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-signal/docker-src" -matrix_mautrix_signal_version: v0.3.0 +matrix_mautrix_signal_version: v0.4.0 matrix_mautrix_signal_daemon_version: 0.21.1 # See: https://mau.dev/mautrix/signal/container_registry matrix_mautrix_signal_docker_image: "dock.mau.dev/mautrix/signal:{{ matrix_mautrix_signal_version }}" From f042542086a6e4c40b833dac86b6926ebfe69697 Mon Sep 17 00:00:00 2001 From: Aine Date: Sat, 17 Sep 2022 23:51:05 +0300 Subject: [PATCH 330/562] Update Honoroit 0.9.13 -> 0.9.14 --- roles/matrix-bot-honoroit/defaults/main.yml | 13 ++++++++++++- roles/matrix-bot-honoroit/templates/env.j2 | 3 ++- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/roles/matrix-bot-honoroit/defaults/main.yml b/roles/matrix-bot-honoroit/defaults/main.yml index 7a3e0d19..1c48dc19 100644 --- a/roles/matrix-bot-honoroit/defaults/main.yml +++ b/roles/matrix-bot-honoroit/defaults/main.yml @@ -9,7 +9,7 @@ matrix_bot_honoroit_docker_repo: "https://gitlab.com/etke.cc/honoroit.git" matrix_bot_honoroit_docker_repo_version: "{{ matrix_bot_honoroit_version }}" matrix_bot_honoroit_docker_src_files_path: "{{ matrix_base_data_path }}/honoroit/docker-src" -matrix_bot_honoroit_version: v0.9.13 +matrix_bot_honoroit_version: v0.9.14 matrix_bot_honoroit_docker_image: "{{ matrix_bot_honoroit_docker_image_name_prefix }}honoroit:{{ matrix_bot_honoroit_version }}" matrix_bot_honoroit_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_honoroit_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" matrix_bot_honoroit_docker_image_force_pull: "{{ matrix_bot_honoroit_docker_image.endswith(':latest') }}" @@ -88,6 +88,17 @@ matrix_bot_honoroit_loglevel: '' # Disable encryption matrix_bot_honoroit_noencryption: false +# A list of whitelisted users allowed to use/invite honoroit +# If not defined, everyone is allowed. +# Example set of rules: +# matrix_bot_honoroit_users: +# - @someone:example.com +# - @another:example.com +# - @bot.*:example.com +# - @*:another.com +matrix_bot_honoroit_allowedusers: + - "@*:*" + # Max items in cache matrix_bot_honoroit_cachesize: '' diff --git a/roles/matrix-bot-honoroit/templates/env.j2 b/roles/matrix-bot-honoroit/templates/env.j2 index c8d10c6a..0cfd88c1 100644 --- a/roles/matrix-bot-honoroit/templates/env.j2 +++ b/roles/matrix-bot-honoroit/templates/env.j2 @@ -10,7 +10,8 @@ HONOROIT_LOGLEVEL={{ matrix_bot_honoroit_loglevel }} HONOROIT_CACHESIZE={{ matrix_bot_honoroit_cachesize }} HONOROIT_NOENCRYPTION={{ matrix_bot_honoroit_noencryption }} HONOROIT_IGNORENOTHREAD={{ matrix_bot_honoroit_ignorenothread }} -HONOROIT_IGNOREDROOMS={{ matrix_bot_honoroit_ignoredrooms|join(' ') }} +HONOROIT_IGNOREDROOMS={{ matrix_bot_honoroit_ignoredrooms | join(' ') }} +HONOROIT_ALLOWEDUSERS={{ matrix_bot_honoroit_allowedusers | join(' ') }} HONOROIT_TEXT_PREFIX_OPEN={{ matrix_bot_honoroit_text_prefix_open }} HONOROIT_TEXT_PREFIX_DONE={{ matrix_bot_honoroit_text_prefix_done }} HONOROIT_TEXT_NOENCRYPTION={{ matrix_bot_honoroit_text_noencryption }} From 0259a7a50b46f31fac9f3f1fa2473a1753655200 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sun, 18 Sep 2022 12:03:54 +0300 Subject: [PATCH 331/562] Fix typo Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2114 --- roles/matrix-bot-honoroit/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-honoroit/defaults/main.yml b/roles/matrix-bot-honoroit/defaults/main.yml index 1c48dc19..94d4a5e6 100644 --- a/roles/matrix-bot-honoroit/defaults/main.yml +++ b/roles/matrix-bot-honoroit/defaults/main.yml @@ -91,7 +91,7 @@ matrix_bot_honoroit_noencryption: false # A list of whitelisted users allowed to use/invite honoroit # If not defined, everyone is allowed. # Example set of rules: -# matrix_bot_honoroit_users: +# matrix_bot_honoroit_allowedusers: # - @someone:example.com # - @another:example.com # - @bot.*:example.com From 89648cf58e8de298301b973274947eaa7335afeb Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sun, 18 Sep 2022 12:21:09 +0300 Subject: [PATCH 332/562] Fix some ansible-lint-reported warnings --- roles/matrix-base/defaults/main.yml | 2 +- roles/matrix-base/tasks/server_base/setup_raspbian.yml | 2 +- roles/matrix-bot-maubot/tasks/init.yml | 2 +- roles/matrix-bot-maubot/tasks/setup_uninstall.yml | 6 +++--- .../matrix-bridge-appservice-irc/tasks/validate_config.yml | 2 +- roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml | 4 ---- roles/matrix-common-after/tasks/dump_runtime_results.yml | 2 +- roles/matrix-common-after/tasks/start.yml | 4 ++-- roles/matrix-dynamic-dns/tasks/validate_config.yml | 2 +- roles/matrix-email2matrix/tasks/validate_config.yml | 2 +- roles/matrix-nginx-proxy/defaults/main.yml | 2 +- roles/matrix-postgres/tasks/migrate_db_to_postgres.yml | 2 +- roles/matrix-postgres/tasks/validate_config.yml | 2 +- roles/matrix-sygnal/tasks/validate_config.yml | 2 +- .../tasks/ext/synapse-simple-antispam/setup_install.yml | 2 +- roles/matrix-synapse/tasks/init.yml | 6 +++--- roles/matrix-synapse/tasks/register_user.yml | 2 +- .../tasks/rust-synapse-compress-state/main.yml | 2 +- roles/matrix-synapse/tasks/synapse/workers/init.yml | 2 +- .../tasks/synapse/workers/util/inject_worker.yml | 2 +- roles/matrix-synapse/tasks/update_user_password.yml | 4 ++-- roles/matrix-synapse/tasks/validate_config.yml | 2 +- 22 files changed, 27 insertions(+), 31 deletions(-) diff --git a/roles/matrix-base/defaults/main.yml b/roles/matrix-base/defaults/main.yml index 6d69f3e5..2f8645e5 100644 --- a/roles/matrix-base/defaults/main.yml +++ b/roles/matrix-base/defaults/main.yml @@ -134,7 +134,7 @@ matrix_host_command_openssl: "/usr/bin/env openssl" matrix_host_command_systemctl: "/usr/bin/env systemctl" matrix_host_command_sh: "/usr/bin/env sh" -matrix_ntpd_package: "{{ 'systemd-timesyncd' if (ansible_os_family == 'RedHat' and ansible_distribution_major_version | int > 7) or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version | int > 18) else ( 'systemd' if ansible_os_family == 'Suse' else 'ntp' ) }}" +matrix_ntpd_package: "{{ 'systemd-timesyncd' if (ansible_os_family == 'RedHat' and ansible_distribution_major_version | int > 7) or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version | int > 18) else ('systemd' if ansible_os_family == 'Suse' else 'ntp') }}" matrix_ntpd_service: "{{ 'systemd-timesyncd' if (ansible_os_family == 'RedHat' and ansible_distribution_major_version | int > 7) or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version | int > 18) or ansible_distribution == 'Archlinux' or ansible_os_family == 'Suse' else ('ntpd' if ansible_os_family == 'RedHat' else 'ntp') }}" matrix_homeserver_url: "https://{{ matrix_server_fqn_matrix }}" diff --git a/roles/matrix-base/tasks/server_base/setup_raspbian.yml b/roles/matrix-base/tasks/server_base/setup_raspbian.yml index 54ea4d18..18c6eb65 100644 --- a/roles/matrix-base/tasks/server_base/setup_raspbian.yml +++ b/roles/matrix-base/tasks/server_base/setup_raspbian.yml @@ -36,6 +36,6 @@ ansible.builtin.apt: name: - "{{ matrix_docker_package_name }}" - - "python{{'3' if ansible_python.version.major == 3 else ''}}-docker" + - "python{{ '3' if ansible_python.version.major == 3 else '' }}-docker" state: present when: matrix_docker_installation_enabled | bool diff --git a/roles/matrix-bot-maubot/tasks/init.yml b/roles/matrix-bot-maubot/tasks/init.yml index 251d0b4a..461af060 100644 --- a/roles/matrix-bot-maubot/tasks/init.yml +++ b/roles/matrix-bot-maubot/tasks/init.yml @@ -35,7 +35,7 @@ + [matrix_bot_maubot_matrix_nginx_proxy_configuration] }} - when: matrix_bot_maubot_proxy_management_interface|bool + when: matrix_bot_maubot_proxy_management_interface | bool - name: Warn about reverse-proxying if matrix-nginx-proxy not used ansible.builtin.debug: diff --git a/roles/matrix-bot-maubot/tasks/setup_uninstall.yml b/roles/matrix-bot-maubot/tasks/setup_uninstall.yml index 0be7089c..dd0fc1f6 100644 --- a/roles/matrix-bot-maubot/tasks/setup_uninstall.yml +++ b/roles/matrix-bot-maubot/tasks/setup_uninstall.yml @@ -12,18 +12,18 @@ enabled: false daemon_reload: true register: stopping_result - when: "matrix_bot_maubot_service_stat.stat.exists|bool" + when: "matrix_bot_maubot_service_stat.stat.exists | bool" - name: Ensure matrix-bot-maubot.service doesn't exist ansible.builtin.file: path: "{{ matrix_systemd_path }}/matrix-bot-maubot.service" state: absent - when: "matrix_bot_maubot_service_stat.stat.exists|bool" + when: "matrix_bot_maubot_service_stat.stat.exists | bool" - name: Ensure systemd reloaded after matrix-bot-maubot.service removal ansible.builtin.service: daemon_reload: true - when: "matrix_bot_maubot_service_stat.stat.exists|bool" + when: "matrix_bot_maubot_service_stat.stat.exists | bool" - name: Ensure Matrix maubot paths don't exist ansible.builtin.file: diff --git a/roles/matrix-bridge-appservice-irc/tasks/validate_config.yml b/roles/matrix-bridge-appservice-irc/tasks/validate_config.yml index f101e6fe..f0d887c8 100644 --- a/roles/matrix-bridge-appservice-irc/tasks/validate_config.yml +++ b/roles/matrix-bridge-appservice-irc/tasks/validate_config.yml @@ -23,7 +23,7 @@ You need to define one or more servers by either using `matrix_appservice_irc_ircService_servers` or by extending the base configuration with additional configuration in `matrix_appservice_irc_configuration_extension_yaml`. Overriding the whole bridge's configuration (`matrix_appservice_irc_configuration`) is yet another possibility. - when: "matrix_appservice_irc_configuration.ircService.servers|length == 0" + when: "matrix_appservice_irc_configuration.ircService.servers | length == 0" - name: (Deprecation) Catch and report renamed appservice-irc variables ansible.builtin.fail: diff --git a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml index 81494584..cb4900ee 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml @@ -86,10 +86,6 @@ matrix_mautrix_whatsapp_login_shared_secret: '' matrix_mautrix_whatsapp_bridge_login_shared_secret_map: "{{ {matrix_mautrix_whatsapp_homeserver_domain: matrix_mautrix_whatsapp_login_shared_secret} if matrix_mautrix_whatsapp_login_shared_secret else {} }}" -# Servers to always allow double puppeting from -matrix_mautrix_whatsapp_bridge_double_puppet_server_map: - "{{ matrix_mautrix_whatsapp_homeserver_domain : matrix_mautrix_whatsapp_homeserver_address }}" - # Enable End-to-bridge encryption matrix_mautrix_whatsapp_bridge_encryption_allow: false matrix_mautrix_whatsapp_bridge_encryption_default: "{{ matrix_mautrix_whatsapp_bridge_encryption_allow }}" diff --git a/roles/matrix-common-after/tasks/dump_runtime_results.yml b/roles/matrix-common-after/tasks/dump_runtime_results.yml index 4074a625..7dba367d 100644 --- a/roles/matrix-common-after/tasks/dump_runtime_results.yml +++ b/roles/matrix-common-after/tasks/dump_runtime_results.yml @@ -4,4 +4,4 @@ - ansible.builtin.debug: msg: "" with_items: "{{ matrix_playbook_runtime_results }}" - when: "matrix_playbook_runtime_results is defined and matrix_playbook_runtime_results|length > 0" + when: "matrix_playbook_runtime_results is defined and matrix_playbook_runtime_results | length > 0" diff --git a/roles/matrix-common-after/tasks/start.yml b/roles/matrix-common-after/tasks/start.yml index 890eabfa..605b3f61 100644 --- a/roles/matrix-common-after/tasks/start.yml +++ b/roles/matrix-common-after/tasks/start.yml @@ -49,8 +49,8 @@ See `roles/matrix-common-after/defaults/main.yml` for more details about that. with_items: "{{ matrix_systemd_services_list }}" when: - - "item.endswith('.service') and (ansible_facts.services[item]|default(none) is none or ansible_facts.services[item].state != 'running')" - when: " ansible_distribution != 'Archlinux'" + - "item.endswith('.service') and (ansible_facts.services[item] | default(none) is none or ansible_facts.services[item].state != 'running')" + when: "ansible_distribution != 'Archlinux'" - block: # Currently there is a bug in ansible that renders is incompatible with systemd. diff --git a/roles/matrix-dynamic-dns/tasks/validate_config.yml b/roles/matrix-dynamic-dns/tasks/validate_config.yml index 610dc2f8..60adade8 100644 --- a/roles/matrix-dynamic-dns/tasks/validate_config.yml +++ b/roles/matrix-dynamic-dns/tasks/validate_config.yml @@ -4,7 +4,7 @@ ansible.builtin.fail: msg: >- You need to define at least one configuration in `matrix_dynamic_dns_domain_configurations` for using matrix-dynamic-dns. - when: "matrix_dynamic_dns_domain_configurations|length == 0" + when: "matrix_dynamic_dns_domain_configurations | length == 0" - name: Fail if required settings not defined in configuration blocks ansible.builtin.fail: diff --git a/roles/matrix-email2matrix/tasks/validate_config.yml b/roles/matrix-email2matrix/tasks/validate_config.yml index 59a3581e..8d89f1d6 100644 --- a/roles/matrix-email2matrix/tasks/validate_config.yml +++ b/roles/matrix-email2matrix/tasks/validate_config.yml @@ -4,4 +4,4 @@ ansible.builtin.fail: msg: > You need to define at least one mapping in `matrix_email2matrix_matrix_mappings` for enabling Email2Matrix. - when: "matrix_email2matrix_matrix_mappings|length == 0" + when: "matrix_email2matrix_matrix_mappings | length == 0" diff --git a/roles/matrix-nginx-proxy/defaults/main.yml b/roles/matrix-nginx-proxy/defaults/main.yml index 88c99ea9..7cdc0c92 100644 --- a/roles/matrix-nginx-proxy/defaults/main.yml +++ b/roles/matrix-nginx-proxy/defaults/main.yml @@ -633,7 +633,7 @@ matrix_nginx_proxy_synapse_user_dir_locations: [] # synapse content caching matrix_nginx_proxy_synapse_cache_enabled: false -matrix_nginx_proxy_synapse_cache_path: "{{ '/tmp/synapse-cache' if matrix_nginx_proxy_enabled else matrix_nginx_proxy_data_path+'/synapse-cache' }}" +matrix_nginx_proxy_synapse_cache_path: "{{ '/tmp/synapse-cache' if matrix_nginx_proxy_enabled else matrix_nginx_proxy_data_path + '/synapse-cache' }}" matrix_nginx_proxy_synapse_cache_keys_zone_name: "STATIC" matrix_nginx_proxy_synapse_cache_keys_zone_size: "10m" matrix_nginx_proxy_synapse_cache_inactive_time: "48h" diff --git a/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml b/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml index be967d68..f79a12f8 100644 --- a/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml +++ b/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml @@ -157,7 +157,7 @@ register: matrix_postgres_migrate_db_to_postgres_additional_queries_result changed_when: matrix_postgres_migrate_db_to_postgres_additional_queries_result.rc == 0 - when: "matrix_postgres_db_migration_request.additional_psql_statements_list | default([])|length > 0" + when: "matrix_postgres_db_migration_request.additional_psql_statements_list | default([]) | length > 0" - name: Archive {{ matrix_postgres_db_migration_request.engine_old }} database ({{ matrix_postgres_db_migration_request.src }} -> {{ matrix_postgres_db_migration_request.src }}.backup) ansible.builtin.command: diff --git a/roles/matrix-postgres/tasks/validate_config.yml b/roles/matrix-postgres/tasks/validate_config.yml index f239b116..a6225632 100644 --- a/roles/matrix-postgres/tasks/validate_config.yml +++ b/roles/matrix-postgres/tasks/validate_config.yml @@ -36,4 +36,4 @@ - name: Fail if Postgres password length exceeded ansible.builtin.fail: msg: "The maximum `matrix_postgres_connection_password` length is 99 characters" - when: "matrix_postgres_connection_password|length > 99" + when: "matrix_postgres_connection_password | length > 99" diff --git a/roles/matrix-sygnal/tasks/validate_config.yml b/roles/matrix-sygnal/tasks/validate_config.yml index b2c38010..277bd1b2 100644 --- a/roles/matrix-sygnal/tasks/validate_config.yml +++ b/roles/matrix-sygnal/tasks/validate_config.yml @@ -4,4 +4,4 @@ ansible.builtin.fail: msg: >- Enabling Sygnal requires that you specify at least one app in `matrix_sygnal_apps` - when: "matrix_sygnal_enabled and matrix_sygnal_apps|length == 0" + when: "matrix_sygnal_enabled and matrix_sygnal_apps | length == 0" diff --git a/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml b/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml index 23a382f2..34a7a7e0 100644 --- a/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml +++ b/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml @@ -3,7 +3,7 @@ - name: Fail if Synapse Simple Antispam blocked homeservers is not set ansible.builtin.fail: msg: "Synapse Simple Antispam is enabled, but no blocked homeservers have been set in matrix_synapse_ext_spam_checker_synapse_simple_antispam_config_blocked_homeservers" - when: "matrix_synapse_ext_spam_checker_synapse_simple_antispam_config_blocked_homeservers|length == 0" + when: "matrix_synapse_ext_spam_checker_synapse_simple_antispam_config_blocked_homeservers | length == 0" - name: Ensure git installed (RedHat) ansible.builtin.yum: diff --git a/roles/matrix-synapse/tasks/init.yml b/roles/matrix-synapse/tasks/init.yml index 8610a33b..acfbf031 100644 --- a/roles/matrix-synapse/tasks/init.yml +++ b/roles/matrix-synapse/tasks/init.yml @@ -9,7 +9,7 @@ # Unless `matrix_synapse_workers_enabled_list` is explicitly defined, # we'll generate it dynamically. - ansible.builtin.include_tasks: "{{ role_path }}/tasks/synapse/workers/init.yml" - when: "matrix_synapse_enabled and matrix_synapse_workers_enabled and matrix_synapse_workers_enabled_list|length == 0" + when: "matrix_synapse_enabled and matrix_synapse_workers_enabled and matrix_synapse_workers_enabled_list | length == 0" - ansible.builtin.set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-synapse.service'] }}" @@ -73,7 +73,7 @@ } {% endif %} {% endfor %} - when: matrix_synapse_workers_enabled_list|length > 0 + when: matrix_synapse_workers_enabled_list | length > 0 - name: Register synapse worker metrics proxying configuration with matrix-nginx-proxy (matrix.DOMAIN/metrics/synapse/worker) ansible.builtin.set_fact: @@ -83,5 +83,5 @@ + [matrix_synapse_worker_nginx_metrics_configuration_block] }} - when: matrix_synapse_workers_enabled_list|length > 0 + when: matrix_synapse_workers_enabled_list | length > 0 when: matrix_synapse_enabled | bool and matrix_synapse_metrics_proxying_enabled | bool diff --git a/roles/matrix-synapse/tasks/register_user.yml b/roles/matrix-synapse/tasks/register_user.yml index 8c344b2d..81748449 100644 --- a/roles/matrix-synapse/tasks/register_user.yml +++ b/roles/matrix-synapse/tasks/register_user.yml @@ -28,6 +28,6 @@ when: "start_result.changed" - name: Register user - ansible.builtin.command: "{{ matrix_local_bin_path }}/matrix-synapse-register-user {{ username|quote }} {{ password|quote }} {{ '1' if admin == 'yes' else '0' }}" + ansible.builtin.command: "{{ matrix_local_bin_path }}/matrix-synapse-register-user {{ username | quote }} {{ password | quote }} {{ '1' if admin == 'yes' else '0' }}" register: matrix_synapse_register_user_result changed_when: matrix_synapse_register_user_result.rc == 0 diff --git a/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml b/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml index fcea8606..29860e5a 100644 --- a/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml +++ b/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml @@ -92,7 +92,7 @@ ansible.builtin.fail: msg: >- Expecting 4 lines in the "find rooms" result. - when: "matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.failed or matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.stdout_lines|length != 4" + when: "matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.failed or matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.stdout_lines | length != 4" - block: # matrix_synapse_rust_synapse_compress_state_eligible_rooms is a list diff --git a/roles/matrix-synapse/tasks/synapse/workers/init.yml b/roles/matrix-synapse/tasks/synapse/workers/init.yml index 43e44b63..0fc4e79c 100644 --- a/roles/matrix-synapse/tasks/synapse/workers/init.yml +++ b/roles/matrix-synapse/tasks/synapse/workers/init.yml @@ -37,7 +37,7 @@ - name: Populate matrix_synapse_stream_writers from enabled stream writer workers list ansible.builtin.set_fact: - matrix_synapse_stream_writers: "{{ matrix_synapse_stream_writers | combine ({item.ansible_facts.worker.stream_writer_stream: [item.ansible_facts.worker.name]}) }}" + matrix_synapse_stream_writers: "{{ matrix_synapse_stream_writers | combine({item.ansible_facts.worker.stream_writer_stream: [item.ansible_facts.worker.name]}) }}" with_items: "{{ matrix_synapse_workers_list_results_stream_writer_workers.results }}" - name: Build federation sender workers diff --git a/roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml b/roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml index 0a52db32..eee73151 100644 --- a/roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml +++ b/roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml @@ -42,7 +42,7 @@ ansible.builtin.fail: msg: >- Synapse stream_writer workers (such as {{ item }}) need to define a valid `stream_writer_stream` property - (not `{{ matrix_synapse_worker_details.stream_writer_stream|default('undefined') }}`). + (not `{{ matrix_synapse_worker_details.stream_writer_stream | default('undefined') }}`). Supported types are: {{ matrix_synapse_workers_known_stream_writer_stream_types | join(', ') }} when: "'stream_writer_stream' not in matrix_synapse_worker_details or matrix_synapse_worker_details.stream_writer_stream not in matrix_synapse_workers_known_stream_writer_stream_types" diff --git a/roles/matrix-synapse/tasks/update_user_password.yml b/roles/matrix-synapse/tasks/update_user_password.yml index 586bf51b..f7b40456 100644 --- a/roles/matrix-synapse/tasks/update_user_password.yml +++ b/roles/matrix-synapse/tasks/update_user_password.yml @@ -36,11 +36,11 @@ when: "start_result.changed or postgres_start_result.changed" - name: Generate password hash - ansible.builtin.shell: "{{ matrix_host_command_docker }} exec matrix-synapse /usr/local/bin/hash_password -c /data/homeserver.yaml -p {{ password|quote }}" + ansible.builtin.shell: "{{ matrix_host_command_docker }} exec matrix-synapse /usr/local/bin/hash_password -c /data/homeserver.yaml -p {{ password | quote }}" register: password_hash changed_when: false - name: Update user password hash - ansible.builtin.command: "{{ matrix_local_bin_path }}/matrix-postgres-update-user-password-hash {{ username|quote }} {{ password_hash.stdout|quote }}" + ansible.builtin.command: "{{ matrix_local_bin_path }}/matrix-postgres-update-user-password-hash {{ username | quote }} {{ password_hash.stdout | quote }}" register: matrix_synapse_update_user_password_result changed_when: matrix_synapse_update_user_password_result.rc == 0 diff --git a/roles/matrix-synapse/tasks/validate_config.yml b/roles/matrix-synapse/tasks/validate_config.yml index 79e58154..0758c88f 100644 --- a/roles/matrix-synapse/tasks/validate_config.yml +++ b/roles/matrix-synapse/tasks/validate_config.yml @@ -16,7 +16,7 @@ ansible.builtin.fail: msg: >- `{{ item }}` cannot be more than 1. This is a single-instance worker. - when: "vars[item]|int > 1" + when: "vars[item] | int > 1" with_items: - "matrix_synapse_workers_appservice_workers_count" - "matrix_synapse_workers_user_dir_workers_count" From 139be4870601c3a5df50dd4dc623bc0225b8b3a7 Mon Sep 17 00:00:00 2001 From: Mecallie <33781978+Mecallie@users.noreply.github.com> Date: Mon, 19 Sep 2022 21:04:02 +0200 Subject: [PATCH 333/562] Updated the Element settings. --- docs/configuring-playbook-ntfy.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/configuring-playbook-ntfy.md b/docs/configuring-playbook-ntfy.md index 57dfb3b2..757bcccd 100644 --- a/docs/configuring-playbook-ntfy.md +++ b/docs/configuring-playbook-ntfy.md @@ -71,7 +71,8 @@ Steps needed for specific matrix apps: 3. verify `Settings` -> `Notifications` -> `UnifiedPush: Notification targets` as described below in the "Troubleshooting" section. * Element-android v1.4.26+: - - [not yet documented; should auto-detect and use it?] + 1. choose `Settings` -> `Notifications` -> `Notification method` -> `ntfy` + 2. verify `Settings` -> `Troubleshoot` -> `Troubleshoot notification settings` If the matrix app asks, "Choose a distributor: FCM Fallback or ntfy", then choose "ntfy". From 18836e910f77ea557e174e4467a605f4be7cf736 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 20 Sep 2022 09:03:22 +0000 Subject: [PATCH 334/562] Update mautrix-instagram 0.2.0 -> 0.2.1 --- roles/matrix-bridge-mautrix-instagram/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-instagram/defaults/main.yml b/roles/matrix-bridge-mautrix-instagram/defaults/main.yml index eb223405..b739a4a3 100644 --- a/roles/matrix-bridge-mautrix-instagram/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-instagram/defaults/main.yml @@ -8,7 +8,7 @@ matrix_mautrix_instagram_container_image_self_build: false matrix_mautrix_instagram_container_image_self_build_repo: "https://github.com/mautrix/instagram.git" matrix_mautrix_instagram_container_image_self_build_repo_version: "{{ 'master' if matrix_mautrix_instagram_version == 'latest' else matrix_mautrix_instagram_version }}" -matrix_mautrix_instagram_version: v0.2.0 +matrix_mautrix_instagram_version: v0.2.1 # See: https://mau.dev/tulir/mautrix-instagram/container_registry matrix_mautrix_instagram_docker_image: "{{ matrix_mautrix_instagram_docker_image_name_prefix }}mautrix/instagram:{{ matrix_mautrix_instagram_version }}" matrix_mautrix_instagram_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_instagram_container_image_self_build else 'dock.mau.dev/' }}" From 63423e614fffe8162ce391c205d50b00b49454c5 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 20 Sep 2022 09:09:27 +0000 Subject: [PATCH 335/562] Update ddclient v3.9.1-ls98 -> v3.9.1-ls99 --- roles/matrix-dynamic-dns/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dynamic-dns/defaults/main.yml b/roles/matrix-dynamic-dns/defaults/main.yml index 8a5e7cdf..53ecfa33 100644 --- a/roles/matrix-dynamic-dns/defaults/main.yml +++ b/roles/matrix-dynamic-dns/defaults/main.yml @@ -7,7 +7,7 @@ matrix_dynamic_dns_enabled: true # The dynamic dns daemon interval matrix_dynamic_dns_daemon_interval: '300' -matrix_dynamic_dns_version: v3.9.1-ls98 +matrix_dynamic_dns_version: v3.9.1-ls99 # The docker container to use when in mode matrix_dynamic_dns_docker_image: "{{ matrix_dynamic_dns_docker_image_name_prefix }}linuxserver/ddclient:{{ matrix_dynamic_dns_version }}" From c6f9a42f40c1bb07445f77201c560d8217c9415e Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 20 Sep 2022 14:58:45 +0000 Subject: [PATCH 336/562] Update Grafana 9.1.5 -> 9.1.6 --- roles/matrix-grafana/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index dda120a2..381a9abf 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -5,7 +5,7 @@ matrix_grafana_enabled: false -matrix_grafana_version: 9.1.5 +matrix_grafana_version: 9.1.6 matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}" matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}" From 8717447dc56d9853cb8d338c7ab8d42144d43566 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Wed, 21 Sep 2022 08:08:30 +0000 Subject: [PATCH 337/562] Update Honoroit 0.9.14 -> 0.9.15 --- roles/matrix-bot-honoroit/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-honoroit/defaults/main.yml b/roles/matrix-bot-honoroit/defaults/main.yml index 94d4a5e6..68fb8c17 100644 --- a/roles/matrix-bot-honoroit/defaults/main.yml +++ b/roles/matrix-bot-honoroit/defaults/main.yml @@ -9,7 +9,7 @@ matrix_bot_honoroit_docker_repo: "https://gitlab.com/etke.cc/honoroit.git" matrix_bot_honoroit_docker_repo_version: "{{ matrix_bot_honoroit_version }}" matrix_bot_honoroit_docker_src_files_path: "{{ matrix_base_data_path }}/honoroit/docker-src" -matrix_bot_honoroit_version: v0.9.14 +matrix_bot_honoroit_version: v0.9.15 matrix_bot_honoroit_docker_image: "{{ matrix_bot_honoroit_docker_image_name_prefix }}honoroit:{{ matrix_bot_honoroit_version }}" matrix_bot_honoroit_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_honoroit_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" matrix_bot_honoroit_docker_image_force_pull: "{{ matrix_bot_honoroit_docker_image.endswith(':latest') }}" From 6d29048ed90d6e71906cba664f2cb4c47c595f55 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Wed, 21 Sep 2022 08:20:21 +0000 Subject: [PATCH 338/562] Update Postmoogle 0.9.2 -> 0.9.3 --- roles/matrix-bot-postmoogle/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index b411f70d..b51f81ad 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -9,7 +9,7 @@ matrix_bot_postmoogle_docker_repo: "https://gitlab.com/etke.cc/postmoogle.git" matrix_bot_postmoogle_docker_repo_version: "{{ 'main' if matrix_bot_postmoogle_version == 'latest' else matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_src_files_path: "{{ matrix_base_data_path }}/postmoogle/docker-src" -matrix_bot_postmoogle_version: v0.9.2 +matrix_bot_postmoogle_version: v0.9.3 matrix_bot_postmoogle_docker_image: "{{ matrix_bot_postmoogle_docker_image_name_prefix }}postmoogle:{{ matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_postmoogle_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" matrix_bot_postmoogle_docker_image_force_pull: "{{ matrix_bot_postmoogle_docker_image.endswith(':latest') }}" From 202f54f327965cbefc0ebab505be59983834a236 Mon Sep 17 00:00:00 2001 From: Warrows Date: Thu, 22 Sep 2022 13:48:24 +0200 Subject: [PATCH 339/562] Improve maubot doc Add two important informations: - The `mbc` commands must be ran in the docker container - Not using this method prevent from using encrypted rooms with the bot --- docs/configuring-playbook-bot-maubot.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bot-maubot.md b/docs/configuring-playbook-bot-maubot.md index 1a6636d7..11ab1cce 100644 --- a/docs/configuring-playbook-bot-maubot.md +++ b/docs/configuring-playbook-bot-maubot.md @@ -54,4 +54,5 @@ Choose a strong password for the bot. You can generate a good password with a co ## Obtaining an admin access token -This can be done via `mbc auth` (see the [maubot documentation](https://docs.mau.fi/maubot/usage/cli/auth.html)). Alternatively, use Element or curl to [obtain an access token](obtaining-access-tokens.md). +This can be done via `mbc login` then `mbc auth` (see the [maubot documentation](https://docs.mau.fi/maubot/usage/cli/auth.html)). To run these commands you'll need to open the bot docker container with `docker exec -it matrix-bot-maubot sh` +Alternatively, use Element or curl to [obtain an access token](obtaining-access-tokens.md). However these two methods won't allow the bot to work in encrypted rooms. From 59adb8d02862258c05e09d29c922040c3c675edb Mon Sep 17 00:00:00 2001 From: Darren Rambaud Date: Thu, 22 Sep 2022 09:21:23 -0500 Subject: [PATCH 340/562] dendrite: update image tag version - 0.9.9 (https://github.com/matrix-org/dendrite/releases/tag/v0.9.9) --- roles/matrix-dendrite/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml index df78b56d..542ed136 100644 --- a/roles/matrix-dendrite/defaults/main.yml +++ b/roles/matrix-dendrite/defaults/main.yml @@ -6,7 +6,7 @@ matrix_dendrite_enabled: true matrix_dendrite_docker_image: "{{ matrix_dendrite_docker_image_name_prefix }}matrixdotorg/dendrite-monolith:{{ matrix_dendrite_docker_image_tag }}" matrix_dendrite_docker_image_name_prefix: "docker.io/" -matrix_dendrite_docker_image_tag: "v0.9.8" +matrix_dendrite_docker_image_tag: "v0.9.9" matrix_dendrite_docker_image_force_pull: "{{ matrix_dendrite_docker_image.endswith(':latest') }}" matrix_dendrite_base_path: "{{ matrix_base_data_path }}/dendrite" From fc56288f5ba1f9044616834fb8c911ca77c43923 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Fri, 23 Sep 2022 08:34:58 +0000 Subject: [PATCH 341/562] Update Postmoogle 0.9.3 -> 0.9.4 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * send emails in UTF-8 👋 * fix options descriptions * add SMTP auth * allow sending emails from your apps and scripts using postmoogle as email provider --- roles/matrix-bot-postmoogle/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index b51f81ad..abec64c4 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -9,7 +9,7 @@ matrix_bot_postmoogle_docker_repo: "https://gitlab.com/etke.cc/postmoogle.git" matrix_bot_postmoogle_docker_repo_version: "{{ 'main' if matrix_bot_postmoogle_version == 'latest' else matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_src_files_path: "{{ matrix_base_data_path }}/postmoogle/docker-src" -matrix_bot_postmoogle_version: v0.9.3 +matrix_bot_postmoogle_version: v0.9.4 matrix_bot_postmoogle_docker_image: "{{ matrix_bot_postmoogle_docker_image_name_prefix }}postmoogle:{{ matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_postmoogle_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" matrix_bot_postmoogle_docker_image_force_pull: "{{ matrix_bot_postmoogle_docker_image.endswith(':latest') }}" From b77907f2d4a793c93c73916a390b7a4ab3ea4e47 Mon Sep 17 00:00:00 2001 From: Shaleen Jain Date: Sat, 24 Sep 2022 04:12:49 +0000 Subject: [PATCH 342/562] whatsapp: do not turn on synapse only options --- roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 index 87d4627d..28971447 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 @@ -55,7 +55,7 @@ appservice: # Whether or not to receive ephemeral events via appservice transactions. # Requires MSC2409 support (i.e. Synapse 1.22+). # You should disable bridge -> sync_with_custom_puppets when this is enabled. - ephemeral_events: true + ephemeral_events: false # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify. as_token: "{{ matrix_mautrix_whatsapp_appservice_token }}" @@ -191,7 +191,7 @@ bridge: # Should Matrix users leaving groups be bridged to WhatsApp? bridge_matrix_leave: true # Should the bridge sync with double puppeting to receive EDUs that aren't normally sent to appservices. - sync_with_custom_puppets: false + sync_with_custom_puppets: true # Should the bridge update the m.direct account data event when double puppeting is enabled. # Note that updating the m.direct event is not atomic (except with mautrix-asmux) # and is therefore prone to race conditions. From 484536b039843838a5885e7f91a01d1cfd1406e5 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Sat, 24 Sep 2022 16:01:27 +0000 Subject: [PATCH 343/562] Do not restart postmoogle during installation Reason: during a fresh install, when there is no synapse yet, systemd unit fails to start, thus whole play fails --- roles/matrix-bot-postmoogle/tasks/setup_install.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/roles/matrix-bot-postmoogle/tasks/setup_install.yml b/roles/matrix-bot-postmoogle/tasks/setup_install.yml index d7e5dbee..3e6e6dc6 100644 --- a/roles/matrix-bot-postmoogle/tasks/setup_install.yml +++ b/roles/matrix-bot-postmoogle/tasks/setup_install.yml @@ -91,9 +91,3 @@ ansible.builtin.service: daemon_reload: true when: "matrix_bot_postmoogle_systemd_service_result.changed | bool" - -- name: Ensure matrix-bot-postmoogle.service restarted, if necessary - ansible.builtin.service: - name: "matrix-bot-postmoogle.service" - state: restarted - when: "matrix_bot_postmoogle_systemd_service_result.changed | bool" From dd8106790e831d4b98a8ac491b45f13e33d0246f Mon Sep 17 00:00:00 2001 From: mjarr <87588014+mjarr@users.noreply.github.com> Date: Sat, 24 Sep 2022 18:53:56 +0200 Subject: [PATCH 344/562] synapse: match upstream rate limit defaults --- roles/matrix-synapse/defaults/main.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index db704311..2ef6e949 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -148,22 +148,22 @@ matrix_synapse_rc_admin_redaction: matrix_synapse_rc_joins: local: per_second: 0.1 - burst_count: 3 + burst_count: 10 remote: per_second: 0.01 - burst_count: 3 + burst_count: 10 matrix_synapse_rc_invites: per_room: - per_second: 0.5 - burst_count: 5 + per_second: 0.3 + burst_count: 10 per_user: - per_second: 0.004 - burst_count: 3 - per_issuer: - per_second: 0.5 + per_second: 0.003 burst_count: 5 + per_issuer: + per_second: 0.3 + burst_count: 10 matrix_synapse_rc_federation: From 14af09e4f344819d75f539871bed10e39642dc13 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 26 Sep 2022 08:08:47 +0300 Subject: [PATCH 345/562] Define matrix_grafana_dashboard_download_urls_all variable in matrix-grafana role We shouldn't be using it in the role (`tasks/setup.yml`) without defining at least some default value in the role itself. We've always had the override in `group_vars/matrix_servers`, so the variable was essentially defined (at the playbook level), but that's not the right way to do things. --- roles/matrix-grafana/defaults/main.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index 381a9abf..ffdfa132 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -16,6 +16,10 @@ matrix_grafana_dashboard_download_urls: - "https://raw.githubusercontent.com/matrix-org/synapse/master/contrib/grafana/synapse.json" - "https://raw.githubusercontent.com/rfrail3/grafana-dashboards/master/prometheus/node-exporter-full.json" +# matrix_grafana_dashboard_download_urls_all contains the full list (of URLs) of dashboards to download. +# This variable is overriden elsewhere and additional URLs are injected into it (besides those seen in `matrix_grafana_dashboard_download_urls`) based on the enabled components. +matrix_grafana_dashboard_download_urls_all: "{{ matrix_grafana_dashboard_download_urls }}" + matrix_grafana_base_path: "{{ matrix_base_data_path }}/grafana" matrix_grafana_config_path: "{{ matrix_grafana_base_path }}/config" matrix_grafana_data_path: "{{ matrix_grafana_base_path }}/data" From 6c928d87ca3bd2af445eef3be5430d987abcdaaa Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 26 Sep 2022 08:23:54 +0300 Subject: [PATCH 346/562] Configure Grafana's default_home_dashboard_path properly Using `matrix_synapse_*` variables within the `matrix-grafana` role is not a good practice. We now have a `matrix_grafana_default_home_dashboard_path` variable with a good universal default value and we override it via `group_vars/matrix_servers` based on enabled components, etc. This is a better fix for https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2133 --- group_vars/matrix_servers | 9 +++++++++ roles/matrix-grafana/defaults/main.yml | 4 ++++ roles/matrix-grafana/templates/grafana.ini.j2 | 6 +----- 3 files changed, 14 insertions(+), 5 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 01e287a7..68e52453 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -2484,6 +2484,15 @@ matrix_grafana_dashboard_download_urls_all: | (matrix_prometheus_postgres_exporter_dashboard_urls if matrix_prometheus_postgres_exporter_enabled else []) }} +matrix_grafana_default_home_dashboard_path: |- + {{ + { + 'synapse': ('/etc/grafana/dashboards/synapse.json' if matrix_synapse_metrics_enabled else '/etc/grafana/dashboards/node-exporter-full.json'), + 'dendrite': '/etc/grafana/dashboards/node-exporter-full.json', + 'conduit': '/etc/grafana/dashboards/node-exporter-full.json', + }[matrix_homeserver_implementation] + }} + matrix_grafana_systemd_wanted_services_list: | {{ [] diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index ffdfa132..61d27839 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -54,6 +54,10 @@ matrix_grafana_content_security_policy: true matrix_grafana_content_security_policy_customized: false matrix_grafana_content_security_policy_template: "script-src 'self' 'unsafe-eval' 'unsafe-inline' http: https: 'strict-dynamic' $NONCE;object-src 'none';font-src 'self';style-src 'self' 'unsafe-inline' blob:;img-src * data:;base-uri 'self';connect-src 'self' grafana.com ws://$ROOT_PATH wss://$ROOT_PATH;manifest-src 'self';media-src 'none';form-action 'self';" +# matrix_grafana_default_home_dashboard_path influences the `default_home_dashboard_path` grafana.ini setting, +# which is an in-container path for the default dashboard. +matrix_grafana_default_home_dashboard_path: /etc/grafana/dashboards/node-exporter-full.json + # A list of extra arguments to pass to the container matrix_grafana_container_extra_arguments: [] diff --git a/roles/matrix-grafana/templates/grafana.ini.j2 b/roles/matrix-grafana/templates/grafana.ini.j2 index 1e06683e..ac609f91 100644 --- a/roles/matrix-grafana/templates/grafana.ini.j2 +++ b/roles/matrix-grafana/templates/grafana.ini.j2 @@ -26,8 +26,4 @@ enabled = {{ matrix_grafana_anonymous_access }} org_name = "{{ matrix_grafana_anonymous_access_org_name }}" [dashboards] -{% if matrix_synapse_metrics_enabled %} -default_home_dashboard_path = /etc/grafana/dashboards/synapse.json -{% else %} -default_home_dashboard_path = /etc/grafana/dashboards/node-exporter-full.json -{% endif %} +default_home_dashboard_path = {{ matrix_grafana_default_home_dashboard_path }} From 3f4bedb31e008332c7839899393e7e7ad52f32a3 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 26 Sep 2022 08:26:30 +0300 Subject: [PATCH 347/562] Use matrix_grafana_enabled: true in the matrix-grafana role This is consistent with what all other roles do. If someone includes a role, the assumption is that they want its functionality enabled. The playbook distribution then disables components via `group_vars/matrix_servers`. We've always had `matrix_grafana_enabled: false` there, so flipping the in-role `_enabled` flag to `true` does not change anything for playbook users. Users who import the roles individually in their own other playbooks (and who don't use `group_vars/matrix_servers`) may observe a change in the defaults with this. --- roles/matrix-grafana/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index 61d27839..2b98b2a8 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -3,7 +3,7 @@ # See: https://github.com/matrix-org/synapse/blob/master/docs/metrics-howto.md # Project source code URL: https://github.com/grafana/grafana -matrix_grafana_enabled: false +matrix_grafana_enabled: true matrix_grafana_version: 9.1.6 matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}" From f623cf355065f375a94fa3c2a9c23e582483485b Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 26 Sep 2022 08:46:10 +0300 Subject: [PATCH 348/562] Only download Grafana dashboard URLs for enabled services If someone is using Dendrite and enabling Grafana, we'll no longer download Synapse dashboards. If someone is not using node-exporter, we'll no longer download node exporter dashboards. Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2133 --- group_vars/matrix_servers | 6 ++++-- roles/matrix-grafana/defaults/main.yml | 12 ++---------- roles/matrix-grafana/tasks/setup.yml | 2 +- roles/matrix-grafana/tasks/validate_config.yml | 9 +++++++++ .../defaults/main.yml | 5 +++++ .../defaults/main.yml | 2 ++ roles/matrix-synapse/defaults/main.yml | 5 +++++ 7 files changed, 28 insertions(+), 13 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 68e52453..efbe856d 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -2477,9 +2477,11 @@ matrix_grafana_enabled: false # Grafana's HTTP port to the local host. matrix_grafana_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:3000' }}" -matrix_grafana_dashboard_download_urls_all: | +matrix_grafana_dashboard_download_urls: | {{ - matrix_grafana_dashboard_download_urls + (matrix_synapse_grafana_dashboard_urls if matrix_homeserver_implementation == 'synapse' and matrix_synapse_metrics_enabled else []) + + + (matrix_prometheus_node_exporter_dashboard_urls if matrix_prometheus_node_exporter_enabled else []) + (matrix_prometheus_postgres_exporter_dashboard_urls if matrix_prometheus_postgres_exporter_enabled else []) }} diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index 2b98b2a8..6c02dde7 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -9,16 +9,8 @@ matrix_grafana_version: 9.1.6 matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}" matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}" -# Not conditional, because when someone disables metrics -# they might still want to look at the old existing data. -# So it would be silly to delete the dashboard in such case. -matrix_grafana_dashboard_download_urls: - - "https://raw.githubusercontent.com/matrix-org/synapse/master/contrib/grafana/synapse.json" - - "https://raw.githubusercontent.com/rfrail3/grafana-dashboards/master/prometheus/node-exporter-full.json" - -# matrix_grafana_dashboard_download_urls_all contains the full list (of URLs) of dashboards to download. -# This variable is overriden elsewhere and additional URLs are injected into it (besides those seen in `matrix_grafana_dashboard_download_urls`) based on the enabled components. -matrix_grafana_dashboard_download_urls_all: "{{ matrix_grafana_dashboard_download_urls }}" +# matrix_grafana_dashboard_download_urls holds a list of URLs of dashboards to download +matrix_grafana_dashboard_download_urls: [] matrix_grafana_base_path: "{{ matrix_base_data_path }}/grafana" matrix_grafana_config_path: "{{ matrix_grafana_base_path }}/config" diff --git a/roles/matrix-grafana/tasks/setup.yml b/roles/matrix-grafana/tasks/setup.yml index 591c0222..25378ce7 100644 --- a/roles/matrix-grafana/tasks/setup.yml +++ b/roles/matrix-grafana/tasks/setup.yml @@ -68,7 +68,7 @@ mode: 0440 owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" - with_items: "{{ matrix_grafana_dashboard_download_urls_all }}" + with_items: "{{ matrix_grafana_dashboard_download_urls }}" when: matrix_grafana_enabled | bool register: result retries: "{{ matrix_geturl_retries_count }}" diff --git a/roles/matrix-grafana/tasks/validate_config.yml b/roles/matrix-grafana/tasks/validate_config.yml index cc48c559..21c44dc8 100644 --- a/roles/matrix-grafana/tasks/validate_config.yml +++ b/roles/matrix-grafana/tasks/validate_config.yml @@ -5,3 +5,12 @@ msg: > You need to enable `matrix_prometheus_enabled` to use Prometheus as data source for Grafana. when: "not matrix_prometheus_enabled" + +- name: (Deprecation) Catch and report renamed settings + ansible.builtin.fail: + msg: >- + Your configuration contains a variable, which now has a different name. + Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`). + when: "item.old in vars" + with_items: + - {'old': 'matrix_grafana_dashboard_download_urls_all', 'new': 'matrix_grafana_dashboard_download_urls'} diff --git a/roles/matrix-prometheus-node-exporter/defaults/main.yml b/roles/matrix-prometheus-node-exporter/defaults/main.yml index c7d6512f..b7952d07 100644 --- a/roles/matrix-prometheus-node-exporter/defaults/main.yml +++ b/roles/matrix-prometheus-node-exporter/defaults/main.yml @@ -60,3 +60,8 @@ matrix_prometheus_node_exporter_container_http_host_bind_port: '' # If matrix_prometheus_node_exporter_container_http_host_bind_port is set to an IP that is not 0.0.0.0 and a port, that ":" value will be used # Otherwise this value will be empty and you will have to manually configure your NGINX config file. (If you are using the config files generated by this playbook, you will have to edit matrix-domain.conf) matrix_prometheus_node_exporter_matrix_nginx_proxy_not_enabled_proxy_pass_host: "{{ '127.0.0.1' + matrix_prometheus_node_exporter_container_http_host_bind_port_number_raw if not ':' in matrix_prometheus_node_exporter_container_http_host_bind_port else (matrix_prometheus_node_exporter_container_http_host_bind_port if matrix_prometheus_node_exporter_container_http_host_bind_port.split(':')[0] != '0.0.0.0' else '') }}" + +# matrix_prometheus_node_exporter_dashboard_urls contains a list of URLs with Grafana dashboard definitions. +# If the Grafana role is enabled, these dashboards will be downloaded. +matrix_prometheus_node_exporter_dashboard_urls: + - https://raw.githubusercontent.com/rfrail3/grafana-dashboards/master/prometheus/node-exporter-full.json diff --git a/roles/matrix-prometheus-postgres-exporter/defaults/main.yml b/roles/matrix-prometheus-postgres-exporter/defaults/main.yml index 31ff8b8b..f0cbfede 100644 --- a/roles/matrix-prometheus-postgres-exporter/defaults/main.yml +++ b/roles/matrix-prometheus-postgres-exporter/defaults/main.yml @@ -58,5 +58,7 @@ matrix_prometheus_postgres_exporter_container_http_host_bind_port: '' # Otherwise this value will be empty and you will have to manually configure your NGINX config file. (If you are using the config files generated by this playbook, you will have to edit matrix-domain.conf) matrix_prometheus_postgres_exporter_matrix_nginx_proxy_not_enabled_proxy_pass_host: "{{ '127.0.0.1' + matrix_prometheus_postgres_exporter_container_http_host_bind_port_number_raw if not ':' in matrix_prometheus_postgres_exporter_container_http_host_bind_port else (matrix_prometheus_postgres_exporter_container_http_host_bind_port if matrix_prometheus_postgres_exporter_container_http_host_bind_port.split(':')[0] != '0.0.0.0' else '') }}" +# matrix_prometheus_postgres_exporter_dashboard_urls contains a list of URLs with Grafana dashboard definitions. +# If the Grafana role is enabled, these dashboards will be downloaded. matrix_prometheus_postgres_exporter_dashboard_urls: - "https://grafana.com/api/dashboards/9628/revisions/7/download" diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 2ef6e949..40f20bcd 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -365,6 +365,11 @@ matrix_url_preview_accept_language: ['en-US', 'en'] matrix_synapse_metrics_enabled: false matrix_synapse_metrics_port: 9100 +# matrix_synapse_grafana_dashboard_urls contains a list of URLs with Grafana dashboard definitions. +# If the Grafana role is enabled, these dashboards will be downloaded. +matrix_synapse_grafana_dashboard_urls: + - https://raw.githubusercontent.com/matrix-org/synapse/master/contrib/grafana/synapse.json + # Controls whether Synapse metrics should be proxied (exposed) on: # - `matrix.DOMAIN/metrics/synapse/main-process` for the main process # - `matrix.DOMAIN/metrics/synapse/worker/{type}-{id}` for each worker process From 049969266169c432e94477b92166f38cf3bf564d Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 26 Sep 2022 15:31:20 +0300 Subject: [PATCH 349/562] Upgrade appservice-irc (0.35.0 -> 0.35.1) --- roles/matrix-bridge-appservice-irc/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-appservice-irc/defaults/main.yml b/roles/matrix-bridge-appservice-irc/defaults/main.yml index bd69df79..c4fa75fe 100644 --- a/roles/matrix-bridge-appservice-irc/defaults/main.yml +++ b/roles/matrix-bridge-appservice-irc/defaults/main.yml @@ -11,7 +11,7 @@ matrix_appservice_irc_docker_src_files_path: "{{ matrix_base_data_path }}/appser # matrix_appservice_irc_version used to contain the full Docker image tag (e.g. `release-X.X.X`). # It's a bare version number now. We try to somewhat retain compatibility below. -matrix_appservice_irc_version: 0.35.0 +matrix_appservice_irc_version: 0.35.1 matrix_appservice_irc_docker_image: "{{ matrix_container_global_registry_prefix }}matrixdotorg/matrix-appservice-irc:{{ matrix_appservice_irc_docker_image_tag }}" matrix_appservice_irc_docker_image_tag: "{{ 'latest' if matrix_appservice_irc_version == 'latest' else ('release-' + matrix_appservice_irc_version) }}" matrix_appservice_irc_docker_image_force_pull: "{{ matrix_appservice_irc_docker_image.endswith(':latest') }}" From 8e448aed0fd72f254143010e83dbd4aff9aa382f Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Mon, 26 Sep 2022 18:23:55 +0000 Subject: [PATCH 350/562] Update Prometheus Node Exporter 1.3.1 -> 1.4.0 --- roles/matrix-prometheus-node-exporter/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-prometheus-node-exporter/defaults/main.yml b/roles/matrix-prometheus-node-exporter/defaults/main.yml index b7952d07..9b89519c 100644 --- a/roles/matrix-prometheus-node-exporter/defaults/main.yml +++ b/roles/matrix-prometheus-node-exporter/defaults/main.yml @@ -5,7 +5,7 @@ matrix_prometheus_node_exporter_enabled: false -matrix_prometheus_node_exporter_version: v1.3.1 +matrix_prometheus_node_exporter_version: v1.4.0 matrix_prometheus_node_exporter_docker_image: "{{ matrix_container_global_registry_prefix }}prom/node-exporter:{{ matrix_prometheus_node_exporter_version }}" matrix_prometheus_node_exporter_docker_image_force_pull: "{{ matrix_prometheus_node_exporter_docker_image.endswith(':latest') }}" From 0ab5371ebd81ded69d793e35c2c61c1f019c3b00 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 27 Sep 2022 08:54:20 +0300 Subject: [PATCH 351/562] Upgrade mautrix-telegram (0.12.0 -> 0.12.1) and lottieconverter (alpine-3.15 -> alpine-3.16) --- roles/matrix-bridge-mautrix-telegram/defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-bridge-mautrix-telegram/defaults/main.yml b/roles/matrix-bridge-mautrix-telegram/defaults/main.yml index f540ba2d..9fdfd430 100644 --- a/roles/matrix-bridge-mautrix-telegram/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-telegram/defaults/main.yml @@ -9,14 +9,14 @@ matrix_telegram_lottieconverter_container_image_self_build_mask_arch: false matrix_telegram_lottieconverter_docker_repo: "https://mau.dev/tulir/lottieconverter.git" matrix_telegram_lottieconverter_docker_repo_version: "master" matrix_telegram_lottieconverter_docker_src_files_path: "{{ matrix_base_data_path }}/lotticonverter/docker-src" -matrix_telegram_lottieconverter_docker_image: "dock.mau.dev/tulir/lottieconverter:alpine-3.15" # needs to be ajusted according to FROM clause of Dockerfile of mautrix-telegram +matrix_telegram_lottieconverter_docker_image: "dock.mau.dev/tulir/lottieconverter:alpine-3.16" # needs to be adjusted according to the FROM clause of Dockerfile of mautrix-telegram matrix_mautrix_telegram_container_image_self_build: false matrix_mautrix_telegram_docker_repo: "https://mau.dev/mautrix/telegram.git" matrix_mautrix_telegram_docker_repo_version: "{{ 'master' if matrix_mautrix_telegram_version == 'latest' else matrix_mautrix_telegram_version }}" matrix_mautrix_telegram_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-telegram/docker-src" -matrix_mautrix_telegram_version: v0.12.0 +matrix_mautrix_telegram_version: v0.12.1 # See: https://mau.dev/mautrix/telegram/container_registry matrix_mautrix_telegram_docker_image: "dock.mau.dev/mautrix/telegram:{{ matrix_mautrix_telegram_version }}" matrix_mautrix_telegram_docker_image_force_pull: "{{ matrix_mautrix_telegram_docker_image.endswith(':latest') }}" From 1ea1597020f783864a3d0beba50a59f3b1797c5b Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 27 Sep 2022 11:38:33 +0300 Subject: [PATCH 352/562] Fix some ansible-lint-reported warnings This mostly fixes `key-order` warnings around `block` statements. --- .config/ansible-lint.yml | 3 +++ roles/matrix-backup-borg/tasks/setup_install.yml | 4 ++-- roles/matrix-base/defaults/main.yml | 2 +- roles/matrix-base/tasks/server_base/setup.yml | 6 +++--- roles/matrix-bot-buscarron/tasks/setup_install.yml | 8 ++++---- roles/matrix-bot-honoroit/tasks/setup_install.yml | 8 ++++---- .../tasks/setup_install.yml | 8 ++++---- roles/matrix-bot-postmoogle/tasks/setup_install.yml | 8 ++++---- .../tasks/setup_install.yml | 8 ++++---- .../tasks/setup_install.yml | 12 ++++++------ roles/matrix-bridge-appservice-slack/tasks/init.yml | 8 ++++---- .../tasks/setup_install.yml | 8 ++++---- .../matrix-bridge-appservice-webhooks/tasks/init.yml | 8 ++++---- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 9 ++++----- roles/matrix-bridge-hookshot/tasks/init.yml | 4 ++-- .../tasks/setup_install.yml | 9 ++++----- roles/matrix-bridge-mautrix-facebook/tasks/init.yml | 9 ++++----- .../tasks/setup_install.yml | 8 ++++---- .../tasks/validate_config.yml | 4 ++-- .../matrix-bridge-mautrix-googlechat/tasks/init.yml | 8 ++++---- .../tasks/setup_install.yml | 8 ++++---- roles/matrix-bridge-mautrix-hangouts/tasks/init.yml | 8 ++++---- .../tasks/setup_install.yml | 8 ++++---- roles/matrix-bridge-mautrix-telegram/tasks/init.yml | 9 ++++----- .../tasks/setup_install.yml | 8 ++++---- .../tasks/setup_install.yml | 9 ++++----- .../tasks/setup_install.yml | 12 ++++++------ .../tasks/setup_install.yml | 8 ++++---- .../tasks/setup_install.yml | 8 ++++---- roles/matrix-bridge-mx-puppet-slack/tasks/init.yml | 8 ++++---- .../tasks/setup_install.yml | 8 ++++---- .../tasks/setup_install.yml | 8 ++++---- roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml | 8 ++++---- .../tasks/setup_install.yml | 8 ++++---- roles/matrix-cactus-comments/tasks/init.yml | 9 ++++----- roles/matrix-cactus-comments/tasks/setup_install.yml | 8 ++++---- roles/matrix-client-element/tasks/prepare_themes.yml | 12 +++++------- roles/matrix-common-after/tasks/start.yml | 8 ++++---- roles/matrix-coturn/tasks/setup_install.yml | 4 ++-- roles/matrix-dimension/tasks/setup_install.yml | 8 ++++---- roles/matrix-etherpad/tasks/init.yml | 8 ++++---- roles/matrix-ma1sd/tasks/migrate_mxisd.yml | 4 ++-- roles/matrix-ma1sd/tasks/setup_install.yml | 12 ++++++------ .../tasks/nginx-proxy/setup_metrics_auth.yml | 4 ++-- .../tasks/self_check_well_known.yml | 4 ++-- .../tasks/ssl/setup_ssl_lets_encrypt.yml | 8 ++++---- .../ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml | 4 ++-- roles/matrix-nginx-proxy/tasks/validate_config.yml | 4 ++-- roles/matrix-postgres/defaults/main.yml | 4 ++-- .../tasks/import_generic_sqlite_db.yml | 4 ++-- .../matrix-postgres/tasks/migrate_db_to_postgres.yml | 9 ++++----- .../tasks/migrate_postgres_data_directory.yml | 4 ++-- roles/matrix-prometheus-node-exporter/tasks/init.yml | 4 ++-- .../tasks/init.yml | 4 ++-- roles/matrix-registration/tasks/init.yml | 8 ++++---- roles/matrix-registration/tasks/setup_install.yml | 8 ++++---- roles/matrix-synapse-admin/tasks/init.yml | 8 ++++---- roles/matrix-synapse/tasks/init.yml | 4 ++-- .../tasks/rust-synapse-compress-state/main.yml | 8 ++++---- roles/matrix-synapse/tasks/synapse/setup_install.yml | 4 ++-- .../tasks/synapse/workers/util/inject_worker.yml | 4 ++-- roles/matrix-synapse/vars/main.yml | 2 +- 64 files changed, 217 insertions(+), 223 deletions(-) diff --git a/.config/ansible-lint.yml b/.config/ansible-lint.yml index beff4658..22ba9253 100644 --- a/.config/ansible-lint.yml +++ b/.config/ansible-lint.yml @@ -9,5 +9,8 @@ skip_list: - schema - command-instead-of-shell - role-name + # We frequently load configuration from a template (into a variable), then merge that with another variable (configuration extension) + # before finally dumping it to a file. + - template-instead-of-copy offline: false diff --git a/roles/matrix-backup-borg/tasks/setup_install.yml b/roles/matrix-backup-borg/tasks/setup_install.yml index e3401a13..b44a8fa1 100644 --- a/roles/matrix-backup-borg/tasks/setup_install.yml +++ b/roles/matrix-backup-borg/tasks/setup_install.yml @@ -1,6 +1,7 @@ --- -- block: +- when: matrix_backup_borg_postgresql_enabled | bool and matrix_backup_borg_version == '' + block: - name: Fail with matrix_backup_borg_version advice if Postgres not enabled ansible.builtin.fail: msg: >- @@ -20,7 +21,6 @@ - name: Set the correct borg backup version to use ansible.builtin.set_fact: matrix_backup_borg_version: "{{ matrix_postgres_detected_version }}" - when: matrix_backup_borg_postgresql_enabled | bool and matrix_backup_borg_version == '' - name: Ensure borg paths exist ansible.builtin.file: diff --git a/roles/matrix-base/defaults/main.yml b/roles/matrix-base/defaults/main.yml index 2f8645e5..eccda626 100644 --- a/roles/matrix-base/defaults/main.yml +++ b/roles/matrix-base/defaults/main.yml @@ -134,7 +134,7 @@ matrix_host_command_openssl: "/usr/bin/env openssl" matrix_host_command_systemctl: "/usr/bin/env systemctl" matrix_host_command_sh: "/usr/bin/env sh" -matrix_ntpd_package: "{{ 'systemd-timesyncd' if (ansible_os_family == 'RedHat' and ansible_distribution_major_version | int > 7) or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version | int > 18) else ('systemd' if ansible_os_family == 'Suse' else 'ntp') }}" +matrix_ntpd_package: "{{ 'systemd-timesyncd' if (ansible_os_family == 'RedHat' and ansible_distribution_major_version | int > 7) or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version | int > 18) else ('systemd' if ansible_os_family == 'Suse' else 'ntp') }}" matrix_ntpd_service: "{{ 'systemd-timesyncd' if (ansible_os_family == 'RedHat' and ansible_distribution_major_version | int > 7) or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version | int > 18) or ansible_distribution == 'Archlinux' or ansible_os_family == 'Suse' else ('ntpd' if ansible_os_family == 'RedHat' else 'ntp') }}" matrix_homeserver_url: "https://{{ matrix_server_fqn_matrix }}" diff --git a/roles/matrix-base/tasks/server_base/setup.yml b/roles/matrix-base/tasks/server_base/setup.yml index 40d5a4d0..8cc4dff4 100644 --- a/roles/matrix-base/tasks/server_base/setup.yml +++ b/roles/matrix-base/tasks/server_base/setup.yml @@ -9,7 +9,8 @@ - ansible.builtin.include_tasks: "{{ role_path }}/tasks/server_base/setup_fedora.yml" when: ansible_os_family == 'RedHat' and ansible_distribution_major_version | int > 30 -- block: +- when: ansible_os_family == 'Debian' + block: # ansible_lsb is only available if lsb-release is installed. - name: Ensure lsb-release installed ansible.builtin.apt: @@ -28,7 +29,6 @@ - ansible.builtin.include_tasks: "{{ role_path }}/tasks/server_base/setup_raspbian.yml" when: (ansible_os_family == 'Debian') and (ansible_lsb.id == 'Raspbian') - when: ansible_os_family == 'Debian' - ansible.builtin.include_tasks: "{{ role_path }}/tasks/server_base/setup_archlinux.yml" when: ansible_distribution == 'Archlinux' @@ -39,7 +39,7 @@ state: started enabled: true -- name: "Ensure {{ matrix_ntpd_service }} is started and autoruns" +- name: "Ensure ntpd is started and autoruns" ansible.builtin.service: name: "{{ matrix_ntpd_service }}" state: started diff --git a/roles/matrix-bot-buscarron/tasks/setup_install.yml b/roles/matrix-bot-buscarron/tasks/setup_install.yml index 0db7b728..564ff7e0 100644 --- a/roles/matrix-bot-buscarron/tasks/setup_install.yml +++ b/roles/matrix-bot-buscarron/tasks/setup_install.yml @@ -2,13 +2,15 @@ - ansible.builtin.set_fact: matrix_bot_buscarron_requires_restart: false -- block: +- when: "matrix_bot_buscarron_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_bot_buscarron_sqlite_database_path_local }}" register: matrix_bot_buscarron_sqlite_database_path_local_stat_result - - block: + - when: "matrix_bot_buscarron_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_bot_buscarron_sqlite_database_path_local }}" @@ -24,8 +26,6 @@ - ansible.builtin.set_fact: matrix_bot_buscarron_requires_restart: true - when: "matrix_bot_buscarron_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_bot_buscarron_database_engine == 'postgres'" - name: Ensure buscarron paths exist ansible.builtin.file: diff --git a/roles/matrix-bot-honoroit/tasks/setup_install.yml b/roles/matrix-bot-honoroit/tasks/setup_install.yml index 9bb979fc..8a440484 100644 --- a/roles/matrix-bot-honoroit/tasks/setup_install.yml +++ b/roles/matrix-bot-honoroit/tasks/setup_install.yml @@ -2,13 +2,15 @@ - ansible.builtin.set_fact: matrix_bot_honoroit_requires_restart: false -- block: +- when: "matrix_bot_honoroit_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_bot_honoroit_sqlite_database_path_local }}" register: matrix_bot_honoroit_sqlite_database_path_local_stat_result - - block: + - when: "matrix_bot_honoroit_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_bot_honoroit_sqlite_database_path_local }}" @@ -24,8 +26,6 @@ - ansible.builtin.set_fact: matrix_bot_honoroit_requires_restart: true - when: "matrix_bot_honoroit_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_bot_honoroit_database_engine == 'postgres'" - name: Ensure honoroit paths exist ansible.builtin.file: diff --git a/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml b/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml index 0ad895af..93285bf6 100644 --- a/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml +++ b/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml @@ -3,13 +3,15 @@ - ansible.builtin.set_fact: matrix_bot_matrix_reminder_bot_requires_restart: false -- block: +- when: "matrix_bot_matrix_reminder_bot_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_bot_matrix_reminder_bot_sqlite_database_path_local }}" register: matrix_bot_matrix_reminder_bot_sqlite_database_path_local_stat_result - - block: + - when: "matrix_bot_matrix_reminder_bot_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_bot_matrix_reminder_bot_sqlite_database_path_local }}" @@ -25,8 +27,6 @@ - ansible.builtin.set_fact: matrix_bot_matrix_reminder_bot_requires_restart: true - when: "matrix_bot_matrix_reminder_bot_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_bot_matrix_reminder_bot_database_engine == 'postgres'" - name: Ensure matrix-reminder-bot paths exist ansible.builtin.file: diff --git a/roles/matrix-bot-postmoogle/tasks/setup_install.yml b/roles/matrix-bot-postmoogle/tasks/setup_install.yml index 3e6e6dc6..9c9e59ee 100644 --- a/roles/matrix-bot-postmoogle/tasks/setup_install.yml +++ b/roles/matrix-bot-postmoogle/tasks/setup_install.yml @@ -1,11 +1,13 @@ --- -- block: +- when: "matrix_bot_postmoogle_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_bot_postmoogle_sqlite_database_path_local }}" register: matrix_bot_postmoogle_sqlite_database_path_local_stat_result - - block: + - when: "matrix_bot_postmoogle_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_bot_postmoogle_sqlite_database_path_local }}" @@ -21,8 +23,6 @@ - ansible.builtin.set_fact: matrix_bot_postmoogle_requires_restart: true - when: "matrix_bot_postmoogle_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_bot_postmoogle_database_engine == 'postgres'" - name: Ensure postmoogle paths exist ansible.builtin.file: diff --git a/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml b/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml index af17613c..e12c1572 100644 --- a/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml +++ b/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml @@ -3,13 +3,15 @@ - ansible.builtin.set_fact: matrix_appservice_discord_requires_restart: false -- block: +- when: "matrix_appservice_discord_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_appservice_discord_sqlite_database_path_local }}" register: matrix_appservice_discord_sqlite_database_path_local_stat_result - - block: + - when: "matrix_appservice_discord_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_appservice_discord_sqlite_database_path_local }}" @@ -25,8 +27,6 @@ - ansible.builtin.set_fact: matrix_appservice_discord_requires_restart: true - when: "matrix_appservice_discord_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_appservice_discord_database_engine == 'postgres'" - name: Ensure Appservice Discord image is pulled docker_image: diff --git a/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml b/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml index 6b7fc92d..6794e814 100644 --- a/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml +++ b/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml @@ -21,7 +21,8 @@ path: "{{ matrix_appservice_irc_base_path }}/passkey.pem" register: matrix_appservice_irc_stat_passkey -- block: +- when: "matrix_appservice_irc_stat_passkey.stat.exists" + block: - name: (Data relocation) Ensure matrix-appservice-irc.service is stopped ansible.builtin.service: name: matrix-appservice-irc @@ -44,24 +45,23 @@ - rooms.db - users.db failed_when: false - when: "matrix_appservice_irc_stat_passkey.stat.exists" - ansible.builtin.set_fact: matrix_appservice_irc_requires_restart: false -- block: +- when: "matrix_appservice_irc_database_engine == 'postgres'" + block: - name: Check if a nedb database already exists ansible.builtin.stat: path: "{{ matrix_appservice_irc_data_path }}/users.db" register: matrix_appservice_irc_nedb_database_path_local_stat_result - - block: + - when: "matrix_appservice_irc_nedb_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.import_tasks: "{{ role_path }}/tasks/migrate_nedb_to_postgres.yml" - ansible.builtin.set_fact: matrix_appservice_irc_requires_restart: true - when: "matrix_appservice_irc_nedb_database_path_local_stat_result.stat.exists | bool" - when: "matrix_appservice_irc_database_engine == 'postgres'" - name: Ensure Appservice IRC image is pulled docker_image: diff --git a/roles/matrix-bridge-appservice-slack/tasks/init.yml b/roles/matrix-bridge-appservice-slack/tasks/init.yml index 023b4288..d06e5aaf 100644 --- a/roles/matrix-bridge-appservice-slack/tasks/init.yml +++ b/roles/matrix-bridge-appservice-slack/tasks/init.yml @@ -43,7 +43,10 @@ The matrix-bridge-appservice-slack role needs to execute before the matrix-synapse role. when: "matrix_synapse_role_executed | default(False)" -- block: +- when: matrix_appservice_slack_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -76,9 +79,6 @@ + [matrix_appservice_slack_matrix_nginx_proxy_configuration] }} - tags: - - always - when: matrix_appservice_slack_enabled | bool - name: Warn about reverse-proxying if matrix-nginx-proxy not used ansible.builtin.debug: diff --git a/roles/matrix-bridge-appservice-slack/tasks/setup_install.yml b/roles/matrix-bridge-appservice-slack/tasks/setup_install.yml index a2921d98..9b741d69 100644 --- a/roles/matrix-bridge-appservice-slack/tasks/setup_install.yml +++ b/roles/matrix-bridge-appservice-slack/tasks/setup_install.yml @@ -17,19 +17,19 @@ - ansible.builtin.set_fact: matrix_appservice_slack_requires_restart: false -- block: +- when: "matrix_appservice_slack_database_engine == 'postgres'" + block: - name: Check if a nedb database already exists ansible.builtin.stat: path: "{{ matrix_appservice_slack_data_path }}/teams.db" register: matrix_appservice_slack_nedb_database_path_local_stat_result - - block: + - when: "matrix_appservice_slack_nedb_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.import_tasks: "{{ role_path }}/tasks/migrate_nedb_to_postgres.yml" - ansible.builtin.set_fact: matrix_appservice_slack_requires_restart: true - when: "matrix_appservice_slack_nedb_database_path_local_stat_result.stat.exists | bool" - when: "matrix_appservice_slack_database_engine == 'postgres'" - name: Ensure Appservice Slack image is pulled docker_image: diff --git a/roles/matrix-bridge-appservice-webhooks/tasks/init.yml b/roles/matrix-bridge-appservice-webhooks/tasks/init.yml index 7cb2cfd6..1f8ace9e 100644 --- a/roles/matrix-bridge-appservice-webhooks/tasks/init.yml +++ b/roles/matrix-bridge-appservice-webhooks/tasks/init.yml @@ -36,7 +36,10 @@ The matrix-bridge-appservice-webhooks role needs to execute before the matrix-synapse role. when: "matrix_synapse_role_executed | default(False)" -- block: +- when: matrix_appservice_webhooks_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -71,9 +74,6 @@ + [matrix_appservice_webhooks_matrix_nginx_proxy_configuration] }} - tags: - - always - when: matrix_appservice_webhooks_enabled | bool - name: Warn about reverse-proxying if matrix-nginx-proxy not used ansible.builtin.debug: diff --git a/roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml b/roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml index 603f9d1d..5cd8da88 100644 --- a/roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml +++ b/roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml @@ -26,7 +26,8 @@ delay: "{{ matrix_container_retries_delay }}" until: result is not failed -- block: +- when: "matrix_appservice_webhooks_container_image_self_build | bool" + block: - name: Ensure Appservice webhooks repository is present on self-build ansible.builtin.git: repo: "{{ matrix_appservice_webhooks_container_image_self_build_repo }}" @@ -47,7 +48,6 @@ dockerfile: "{{ matrix_appservice_webhooks_container_image_self_build_repo_dockerfile_path }}" path: "{{ matrix_appservice_webhooks_docker_src_files_path }}" pull: true - when: "matrix_appservice_webhooks_container_image_self_build | bool" - name: Ensure Matrix Appservice webhooks config is installed ansible.builtin.copy: diff --git a/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml b/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml index f1d7e8fd..c1b19df9 100644 --- a/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml +++ b/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml @@ -34,7 +34,8 @@ delay: "{{ matrix_container_retries_delay }}" until: result is not failed -- block: +- when: "matrix_beeper_linkedin_container_image_self_build | bool" + block: - name: Ensure Beeper LinkedIn repository is present on self-build ansible.builtin.git: repo: "{{ matrix_beeper_linkedin_container_image_self_build_repo }}" @@ -72,7 +73,6 @@ pull: true args: TARGETARCH: "{{ matrix_architecture }}" - when: "matrix_beeper_linkedin_container_image_self_build | bool" - name: Ensure beeper-linkedin config.yaml installed ansible.builtin.copy: diff --git a/roles/matrix-bridge-go-skype-bridge/tasks/setup_install.yml b/roles/matrix-bridge-go-skype-bridge/tasks/setup_install.yml index 7403ff5c..32019686 100644 --- a/roles/matrix-bridge-go-skype-bridge/tasks/setup_install.yml +++ b/roles/matrix-bridge-go-skype-bridge/tasks/setup_install.yml @@ -11,13 +11,15 @@ - ansible.builtin.set_fact: matrix_go_skype_bridge_requires_restart: false -- block: +- when: "matrix_go_skype_bridge_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_go_skype_bridge_sqlite_database_path_local }}" register: matrix_go_skype_bridge_sqlite_database_path_local_stat_result - - block: + - when: "matrix_go_skype_bridge_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_go_skype_bridge_sqlite_database_path_local }}" @@ -34,9 +36,6 @@ - ansible.builtin.set_fact: matrix_go_skype_bridge_requires_restart: true - when: "matrix_go_skype_bridge_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_go_skype_bridge_database_engine == 'postgres'" - - name: Ensure Go Skype Bridge paths exists ansible.builtin.file: diff --git a/roles/matrix-bridge-hookshot/tasks/init.yml b/roles/matrix-bridge-hookshot/tasks/init.yml index e6cd1209..63921f31 100644 --- a/roles/matrix-bridge-hookshot/tasks/init.yml +++ b/roles/matrix-bridge-hookshot/tasks/init.yml @@ -28,7 +28,8 @@ }} when: matrix_hookshot_enabled | bool -- block: +- when: matrix_hookshot_enabled | bool + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -128,7 +129,6 @@ [matrix_hookshot_matrix_nginx_proxy_metrics_configuration_matrix_domain] }} when: matrix_hookshot_metrics_enabled | bool and matrix_hookshot_metrics_proxying_enabled | bool - when: matrix_hookshot_enabled | bool - name: Warn about reverse-proxying if matrix-nginx-proxy not used ansible.builtin.debug: diff --git a/roles/matrix-bridge-mautrix-discord/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-discord/tasks/setup_install.yml index 7e2ed79c..4b05765a 100644 --- a/roles/matrix-bridge-mautrix-discord/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-discord/tasks/setup_install.yml @@ -11,13 +11,15 @@ - ansible.builtin.set_fact: matrix_mautrix_discord_requires_restart: false -- block: +- when: "matrix_mautrix_discord_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_mautrix_discord_sqlite_database_path_local }}" register: matrix_mautrix_discord_sqlite_database_path_local_stat_result - - block: + - when: "matrix_mautrix_discord_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_mautrix_discord_sqlite_database_path_local }}" @@ -34,9 +36,6 @@ - ansible.builtin.set_fact: matrix_mautrix_discord_requires_restart: true - when: "matrix_mautrix_discord_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_mautrix_discord_database_engine == 'postgres'" - - name: Ensure Mautrix Discord paths exists ansible.builtin.file: diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/init.yml b/roles/matrix-bridge-mautrix-facebook/tasks/init.yml index 5252af82..5565689f 100644 --- a/roles/matrix-bridge-mautrix-facebook/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-facebook/tasks/init.yml @@ -27,7 +27,10 @@ }} when: matrix_mautrix_facebook_enabled | bool -- block: +- when: matrix_mautrix_facebook_enabled | bool and matrix_mautrix_facebook_appservice_public_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -70,7 +73,3 @@ URL endpoint to the matrix-mautrix-facebook container. You can expose the container's port using the `matrix_mautrix_facebook_container_http_host_bind_port` variable. when: "not matrix_nginx_proxy_enabled | default(False) | bool" - - tags: - - always - when: matrix_mautrix_facebook_enabled | bool and matrix_mautrix_facebook_appservice_public_enabled | bool diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml index 3e7d8f05..ca882fb0 100644 --- a/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml @@ -11,13 +11,15 @@ - ansible.builtin.set_fact: matrix_mautrix_facebook_requires_restart: false -- block: +- when: "matrix_mautrix_facebook_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_mautrix_facebook_sqlite_database_path_local }}" register: matrix_mautrix_facebook_sqlite_database_path_local_stat_result - - block: + - when: "matrix_mautrix_facebook_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_mautrix_facebook_sqlite_database_path_local }}" @@ -33,8 +35,6 @@ - ansible.builtin.set_fact: matrix_mautrix_facebook_requires_restart: true - when: "matrix_mautrix_facebook_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_mautrix_facebook_database_engine == 'postgres'" - name: Ensure Mautrix Facebook image is pulled docker_image: diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/validate_config.yml b/roles/matrix-bridge-mautrix-facebook/tasks/validate_config.yml index 4f588b5f..413ea027 100644 --- a/roles/matrix-bridge-mautrix-facebook/tasks/validate_config.yml +++ b/roles/matrix-bridge-mautrix-facebook/tasks/validate_config.yml @@ -10,7 +10,8 @@ - "matrix_mautrix_facebook_appservice_token" - "matrix_mautrix_facebook_homeserver_token" -- block: +- when: "matrix_mautrix_facebook_database_engine == 'sqlite' and matrix_mautrix_facebook_docker_image.endswith(':da1b4ec596e334325a1589e70829dea46e73064b')" + block: - name: Inject warning if on an old SQLite-supporting version ansible.builtin.set_fact: matrix_playbook_runtime_results: | @@ -21,4 +22,3 @@ "NOTE: Your mautrix-facebook bridge is still on SQLite and on the last version that supported it, before support was dropped. Support has been subsequently re-added in v0.3.2, so we advise you to upgrade (by removing your `matrix_mautrix_facebook_docker_image` definition from vars.yml)" ] }} - when: "matrix_mautrix_facebook_database_engine == 'sqlite' and matrix_mautrix_facebook_docker_image.endswith(':da1b4ec596e334325a1589e70829dea46e73064b')" diff --git a/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml b/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml index 2c5bdc10..c4ae920c 100644 --- a/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml @@ -27,7 +27,10 @@ }} when: matrix_mautrix_googlechat_enabled | bool -- block: +- when: matrix_mautrix_googlechat_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -59,9 +62,6 @@ + [matrix_mautrix_googlechat_matrix_nginx_proxy_configuration] }} - tags: - - always - when: matrix_mautrix_googlechat_enabled | bool - name: Warn about reverse-proxying if matrix-nginx-proxy not used ansible.builtin.debug: diff --git a/roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml index f2192a34..f2fccb29 100644 --- a/roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml @@ -11,13 +11,15 @@ - ansible.builtin.set_fact: matrix_mautrix_googlechat_requires_restart: false -- block: +- when: "matrix_mautrix_googlechat_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_mautrix_googlechat_sqlite_database_path_local }}" register: matrix_mautrix_googlechat_sqlite_database_path_local_stat_result - - block: + - when: "matrix_mautrix_googlechat_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_mautrix_googlechat_sqlite_database_path_local }}" @@ -33,8 +35,6 @@ - ansible.builtin.set_fact: matrix_mautrix_googlechat_requires_restart: true - when: "matrix_mautrix_googlechat_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_mautrix_googlechat_database_engine == 'postgres'" - name: Ensure Mautrix googlechat image is pulled docker_image: diff --git a/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml b/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml index 39b88edb..380dc4b3 100644 --- a/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml @@ -27,7 +27,10 @@ }} when: matrix_mautrix_hangouts_enabled | bool -- block: +- when: matrix_mautrix_hangouts_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -59,9 +62,6 @@ + [matrix_mautrix_hangouts_matrix_nginx_proxy_configuration] }} - tags: - - always - when: matrix_mautrix_hangouts_enabled | bool - name: Warn about reverse-proxying if matrix-nginx-proxy not used ansible.builtin.debug: diff --git a/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml index 4087162e..48c83584 100644 --- a/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml @@ -11,13 +11,15 @@ - ansible.builtin.set_fact: matrix_mautrix_hangouts_requires_restart: false -- block: +- when: "matrix_mautrix_hangouts_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_mautrix_hangouts_sqlite_database_path_local }}" register: matrix_mautrix_hangouts_sqlite_database_path_local_stat_result - - block: + - when: "matrix_mautrix_hangouts_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_mautrix_hangouts_sqlite_database_path_local }}" @@ -33,8 +35,6 @@ - ansible.builtin.set_fact: matrix_mautrix_hangouts_requires_restart: true - when: "matrix_mautrix_hangouts_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_mautrix_hangouts_database_engine == 'postgres'" - name: Ensure Mautrix Hangouts image is pulled docker_image: diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/init.yml b/roles/matrix-bridge-mautrix-telegram/tasks/init.yml index f9b3bb1c..f828f793 100644 --- a/roles/matrix-bridge-mautrix-telegram/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-telegram/tasks/init.yml @@ -27,7 +27,10 @@ }} when: matrix_mautrix_telegram_enabled | bool -- block: +- when: matrix_mautrix_telegram_enabled | bool and matrix_mautrix_telegram_appservice_public_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -69,7 +72,3 @@ URL endpoint to the matrix-mautrix-telegram container. You can expose the container's port using the `matrix_mautrix_telegram_container_http_host_bind_port` variable. when: "not matrix_nginx_proxy_enabled | default(False) | bool" - - tags: - - always - when: matrix_mautrix_telegram_enabled | bool and matrix_mautrix_telegram_appservice_public_enabled | bool diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml index 6ce39657..7a50b709 100644 --- a/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml @@ -11,13 +11,15 @@ - ansible.builtin.set_fact: matrix_mautrix_telegram_requires_restart: false -- block: +- when: "matrix_mautrix_telegram_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_mautrix_telegram_sqlite_database_path_local }}" register: matrix_mautrix_telegram_sqlite_database_path_local_stat_result - - block: + - when: "matrix_mautrix_telegram_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_mautrix_telegram_sqlite_database_path_local }}" @@ -33,8 +35,6 @@ - ansible.builtin.set_fact: matrix_mautrix_telegram_requires_restart: true - when: "matrix_mautrix_telegram_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_mautrix_telegram_database_engine == 'postgres'" - name: Ensure Mautrix Telegram paths exist ansible.builtin.file: diff --git a/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml index c3edd6a7..b58542f7 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml @@ -11,13 +11,15 @@ - ansible.builtin.set_fact: matrix_mautrix_whatsapp_requires_restart: false -- block: +- when: "matrix_mautrix_whatsapp_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_mautrix_whatsapp_sqlite_database_path_local }}" register: matrix_mautrix_whatsapp_sqlite_database_path_local_stat_result - - block: + - when: "matrix_mautrix_whatsapp_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_mautrix_whatsapp_sqlite_database_path_local }}" @@ -34,9 +36,6 @@ - ansible.builtin.set_fact: matrix_mautrix_whatsapp_requires_restart: true - when: "matrix_mautrix_whatsapp_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_mautrix_whatsapp_database_engine == 'postgres'" - - name: Ensure Mautrix Whatsapp paths exists ansible.builtin.file: diff --git a/roles/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml index d60f73f9..b863b444 100644 --- a/roles/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml @@ -27,7 +27,8 @@ path: "{{ matrix_mx_puppet_discord_base_path }}/database.db" register: matrix_mx_puppet_discord_stat_database -- block: +- when: "matrix_mx_puppet_discord_stat_database.stat.exists" + block: - name: (Data relocation) Ensure matrix-mx-puppet-discord.service is stopped ansible.builtin.service: name: matrix-mx-puppet-discord @@ -40,18 +41,19 @@ cmd: "mv {{ matrix_mx_puppet_discord_base_path }}/database.db {{ matrix_mx_puppet_discord_data_path }}/database.db" register: matrix_mx_puppet_discord_relocate_database_result changed_when: matrix_mx_puppet_discord_relocate_database_result.rc == 0 - when: "matrix_mx_puppet_discord_stat_database.stat.exists" - ansible.builtin.set_fact: matrix_mx_puppet_discord_requires_restart: false -- block: +- when: "matrix_mx_puppet_discord_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_mx_puppet_discord_sqlite_database_path_local }}" register: matrix_mx_puppet_discord_sqlite_database_path_local_stat_result - - block: + - when: "matrix_mx_puppet_discord_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_mx_puppet_discord_sqlite_database_path_local }}" @@ -67,8 +69,6 @@ - ansible.builtin.set_fact: matrix_mx_puppet_discord_requires_restart: true - when: "matrix_mx_puppet_discord_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_mx_puppet_discord_database_engine == 'postgres'" - name: Ensure MX Puppet Discord image is pulled docker_image: diff --git a/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml index 497f0109..f81ae4a0 100644 --- a/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml @@ -43,13 +43,15 @@ - ansible.builtin.set_fact: matrix_mx_puppet_groupme_requires_restart: false -- block: +- when: "matrix_mx_puppet_groupme_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_mx_puppet_groupme_sqlite_database_path_local }}" register: matrix_mx_puppet_groupme_sqlite_database_path_local_stat_result - - block: + - when: "matrix_mx_puppet_groupme_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_mx_puppet_groupme_sqlite_database_path_local }}" @@ -65,8 +67,6 @@ - ansible.builtin.set_fact: matrix_mx_puppet_groupme_requires_restart: true - when: "matrix_mx_puppet_groupme_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_mx_puppet_groupme_database_engine == 'postgres'" - name: Ensure MX Puppet Groupme image is pulled docker_image: diff --git a/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml index 7695d88e..600ed63c 100644 --- a/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml @@ -12,13 +12,15 @@ - ansible.builtin.set_fact: matrix_mx_puppet_instagram_requires_restart: false -- block: +- when: "matrix_mx_puppet_instagram_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_mx_puppet_instagram_sqlite_database_path_local }}" register: matrix_mx_puppet_instagram_sqlite_database_path_local_stat_result - - block: + - when: "matrix_mx_puppet_instagram_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_mx_puppet_instagram_sqlite_database_path_local }}" @@ -34,8 +36,6 @@ - ansible.builtin.set_fact: matrix_mx_puppet_instagram_requires_restart: true - when: "matrix_mx_puppet_instagram_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_mx_puppet_instagram_database_engine == 'postgres'" - name: Ensure mx-puppet-instagram image is pulled docker_image: diff --git a/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml b/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml index 506a271d..9eff170a 100644 --- a/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml @@ -27,7 +27,10 @@ }} when: matrix_mx_puppet_slack_enabled | bool -- block: +- when: matrix_mx_puppet_slack_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -60,9 +63,6 @@ + [matrix_mx_puppet_slack_matrix_nginx_proxy_configuration] }} - tags: - - always - when: matrix_mx_puppet_slack_enabled | bool - name: Warn about reverse-proxying if matrix-nginx-proxy not used ansible.builtin.debug: diff --git a/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml index 70dac9ac..9c5ae4fc 100644 --- a/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml @@ -39,13 +39,15 @@ - ansible.builtin.set_fact: matrix_mx_puppet_slack_requires_restart: false -- block: +- when: "matrix_mx_puppet_slack_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_mx_puppet_slack_sqlite_database_path_local }}" register: matrix_mx_puppet_slack_sqlite_database_path_local_stat_result - - block: + - when: "matrix_mx_puppet_slack_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_mx_puppet_slack_sqlite_database_path_local }}" @@ -61,8 +63,6 @@ - ansible.builtin.set_fact: matrix_mx_puppet_slack_requires_restart: true - when: "matrix_mx_puppet_slack_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_mx_puppet_slack_database_engine == 'postgres'" - name: Ensure MX Puppet Slack image is pulled docker_image: diff --git a/roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml index 80487630..c75566f3 100644 --- a/roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml @@ -43,13 +43,15 @@ - ansible.builtin.set_fact: matrix_mx_puppet_steam_requires_restart: false -- block: +- when: "matrix_mx_puppet_steam_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_mx_puppet_steam_sqlite_database_path_local }}" register: matrix_mx_puppet_steam_sqlite_database_path_local_stat_result - - block: + - when: "matrix_mx_puppet_steam_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_mx_puppet_steam_sqlite_database_path_local }}" @@ -65,8 +67,6 @@ - ansible.builtin.set_fact: matrix_mx_puppet_steam_requires_restart: true - when: "matrix_mx_puppet_steam_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_mx_puppet_steam_database_engine == 'postgres'" - name: Ensure MX Puppet Steam image is pulled docker_image: diff --git a/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml b/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml index 444491ea..a58cd9ac 100644 --- a/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml @@ -27,7 +27,10 @@ }} when: matrix_mx_puppet_twitter_enabled | bool -- block: +- when: matrix_mx_puppet_twitter_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -60,9 +63,6 @@ + [matrix_mx_puppet_twitter_matrix_nginx_proxy_configuration] }} - tags: - - always - when: matrix_mx_puppet_twitter_enabled | bool - name: Warn about reverse-proxying if matrix-nginx-proxy not used ansible.builtin.debug: diff --git a/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml index 305cd5de..ed94eae5 100644 --- a/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml @@ -43,13 +43,15 @@ - ansible.builtin.set_fact: matrix_mx_puppet_twitter_requires_restart: false -- block: +- when: "matrix_mx_puppet_twitter_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_mx_puppet_twitter_sqlite_database_path_local }}" register: matrix_mx_puppet_twitter_sqlite_database_path_local_stat_result - - block: + - when: "matrix_mx_puppet_twitter_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_mx_puppet_twitter_sqlite_database_path_local }}" @@ -65,8 +67,6 @@ - ansible.builtin.set_fact: matrix_mx_puppet_twitter_requires_restart: true - when: "matrix_mx_puppet_twitter_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_mx_puppet_twitter_database_engine == 'postgres'" - name: Ensure MX Puppet Twitter image is pulled docker_image: diff --git a/roles/matrix-cactus-comments/tasks/init.yml b/roles/matrix-cactus-comments/tasks/init.yml index 9a15cf89..5067d025 100644 --- a/roles/matrix-cactus-comments/tasks/init.yml +++ b/roles/matrix-cactus-comments/tasks/init.yml @@ -21,7 +21,10 @@ }} when: matrix_cactus_comments_enabled | bool -- block: +- when: matrix_cactus_comments_enabled | bool and matrix_cactus_comments_serve_client_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -63,7 +66,3 @@ reverse proxy. Please make sure that you're proxying client files in {{ matrix_cactus_comments_client_path }} correctly when: "not matrix_nginx_proxy_enabled | default(False) | bool" - - tags: - - always - when: matrix_cactus_comments_enabled | bool and matrix_cactus_comments_serve_client_enabled | bool diff --git a/roles/matrix-cactus-comments/tasks/setup_install.yml b/roles/matrix-cactus-comments/tasks/setup_install.yml index 8e6bb68e..ec5311e8 100644 --- a/roles/matrix-cactus-comments/tasks/setup_install.yml +++ b/roles/matrix-cactus-comments/tasks/setup_install.yml @@ -65,7 +65,8 @@ pull: true when: "matrix_cactus_comments_container_image_self_build | bool" -- block: +- when: matrix_cactus_comments_client_local_dir | length == 0 + block: - name: Download client binary to local folder ansible.builtin.get_url: url: "https://gitlab.com/cactus-comments/cactus-client/-/archive/v{{ matrix_cactus_comments_client_version }}/cactus-client-v{{ matrix_cactus_comments_client_version }}.tar.gz" @@ -101,9 +102,9 @@ mode: "{{ matrix_cactus_comments_client_file_permissions }}" owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" - when: matrix_cactus_comments_client_local_dir | length == 0 -- block: +- when: matrix_cactus_comments_client_local_dir | length > 0 + block: - name: Propagate locally distributed client javascreipt ansible.builtin.copy: src: "{{ matrix_cactus_comments_client_local_dir }}/src/cactus.js" @@ -118,7 +119,6 @@ mode: "{{ matrix_cactus_comments_client_file_permissions }}" owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" - when: matrix_cactus_comments_client_local_dir | length > 0 - name: Ensure matrix-cactus-comments.service installed ansible.builtin.template: diff --git a/roles/matrix-client-element/tasks/prepare_themes.yml b/roles/matrix-client-element/tasks/prepare_themes.yml index 8185122c..3f5c9783 100644 --- a/roles/matrix-client-element/tasks/prepare_themes.yml +++ b/roles/matrix-client-element/tasks/prepare_themes.yml @@ -4,7 +4,11 @@ # Tasks related to setting up Element themes # -- block: +- when: matrix_client_element_themes_enabled | bool + run_once: true + delegate_to: 127.0.0.1 + become: false + block: - name: Ensure Element themes repository is pulled ansible.builtin.git: repo: "{{ matrix_client_element_themes_repository_url }}" @@ -29,12 +33,6 @@ matrix_client_element_settingDefaults_custom_themes: "{{ matrix_client_element_settingDefaults_custom_themes + [item['content'] | b64decode | from_json] }}" # noqa var-naming with_items: "{{ matrix_client_element_theme_file_contents.results }}" - run_once: true - delegate_to: 127.0.0.1 - become: false - when: matrix_client_element_themes_enabled | bool - - # # Tasks related to getting rid of Element themes (if it was previously enabled) # diff --git a/roles/matrix-common-after/tasks/start.yml b/roles/matrix-common-after/tasks/start.yml index 605b3f61..c88eb64f 100644 --- a/roles/matrix-common-after/tasks/start.yml +++ b/roles/matrix-common-after/tasks/start.yml @@ -34,7 +34,8 @@ delegate_to: 127.0.0.1 become: false -- block: +- when: "ansible_distribution != 'Archlinux'" + block: - name: Populate service facts ansible.builtin.service_facts: @@ -50,9 +51,9 @@ with_items: "{{ matrix_systemd_services_list }}" when: - "item.endswith('.service') and (ansible_facts.services[item] | default(none) is none or ansible_facts.services[item].state != 'running')" - when: "ansible_distribution != 'Archlinux'" -- block: +- when: "ansible_distribution == 'Archlinux'" + block: # Currently there is a bug in ansible that renders is incompatible with systemd. # service_facts is not collecting the data successfully. # Therefore iterating here manually @@ -70,4 +71,3 @@ Try running `systemctl status {{ item.item }}` and `journalctl -fu {{ item.item }}` on the server to investigate. with_items: "{{ systemdstatus.results }}" when: "item.status['ActiveState'] != 'active'" - when: "ansible_distribution == 'Archlinux'" diff --git a/roles/matrix-coturn/tasks/setup_install.yml b/roles/matrix-coturn/tasks/setup_install.yml index 2a1af731..be9d8574 100644 --- a/roles/matrix-coturn/tasks/setup_install.yml +++ b/roles/matrix-coturn/tasks/setup_install.yml @@ -29,7 +29,8 @@ delay: "{{ matrix_container_retries_delay }}" until: result is not failed -- block: +- when: "matrix_coturn_container_image_self_build | bool" + block: - name: Ensure Coturn repository is present on self-build ansible.builtin.git: repo: "{{ matrix_coturn_container_image_self_build_repo }}" @@ -50,7 +51,6 @@ dockerfile: "{{ matrix_coturn_container_image_self_build_repo_dockerfile_path }}" path: "{{ matrix_coturn_docker_src_files_path }}" pull: true - when: "matrix_coturn_container_image_self_build | bool" - name: Ensure Coturn configuration path exists ansible.builtin.file: diff --git a/roles/matrix-dimension/tasks/setup_install.yml b/roles/matrix-dimension/tasks/setup_install.yml index 7060285a..c5570836 100644 --- a/roles/matrix-dimension/tasks/setup_install.yml +++ b/roles/matrix-dimension/tasks/setup_install.yml @@ -3,13 +3,15 @@ - ansible.builtin.set_fact: matrix_dimension_requires_restart: false -- block: +- when: "matrix_dimension_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_dimension_sqlite_database_path_local }}" register: matrix_dimension_sqlite_database_path_local_stat_result - - block: + - when: "matrix_dimension_sqlite_database_path_local_stat_result.stat.exists | bool" + block: # pgloader makes a few columns `smallint`, instead of `boolean`. # We need to fix them up. - ansible.builtin.set_fact: @@ -67,8 +69,6 @@ - ansible.builtin.set_fact: matrix_dimension_requires_restart: true - when: "matrix_dimension_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_dimension_database_engine == 'postgres'" - name: Ensure Dimension base path exists ansible.builtin.file: diff --git a/roles/matrix-etherpad/tasks/init.yml b/roles/matrix-etherpad/tasks/init.yml index e16b78dd..cfd127bd 100644 --- a/roles/matrix-etherpad/tasks/init.yml +++ b/roles/matrix-etherpad/tasks/init.yml @@ -4,7 +4,10 @@ matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-etherpad.service'] }}" when: matrix_etherpad_enabled | bool -- block: +- when: matrix_etherpad_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -49,9 +52,6 @@ + [matrix_etherpad_matrix_nginx_proxy_configuration] }} - tags: - - always - when: matrix_etherpad_enabled | bool - name: Warn about reverse-proxying if matrix-nginx-proxy not used ansible.builtin.debug: diff --git a/roles/matrix-ma1sd/tasks/migrate_mxisd.yml b/roles/matrix-ma1sd/tasks/migrate_mxisd.yml index 7457001c..3ba7b14d 100644 --- a/roles/matrix-ma1sd/tasks/migrate_mxisd.yml +++ b/roles/matrix-ma1sd/tasks/migrate_mxisd.yml @@ -42,7 +42,8 @@ # We use shell commands for the migration, because the Ansible copy module cannot # recursively copy remote directories (like `/matrix/mxisd/data/sign.key`) in older versions of Ansible. -- block: +- when: "ma1sd_migrate_mxisd_data_dir_stat.stat.exists" + block: - name: Copy mxisd data files to ma1sd folder ansible.builtin.command: cmd: "cp -ar {{ matrix_base_data_path }}/mxisd/data {{ matrix_ma1sd_base_path }}" @@ -66,7 +67,6 @@ cmd: "mv {{ matrix_base_data_path }}/mxisd {{ matrix_base_data_path }}/mxisd.migrated" register: matrix_ma1sd_migrate_mxisd_move_directory_result changed_when: matrix_ma1sd_migrate_mxisd_move_directory_result.rc == 0 - when: "ma1sd_migrate_mxisd_data_dir_stat.stat.exists" - name: Ensure outdated matrix-mxisd.service doesn't exist ansible.builtin.file: diff --git a/roles/matrix-ma1sd/tasks/setup_install.yml b/roles/matrix-ma1sd/tasks/setup_install.yml index ef32288f..5f4b2957 100644 --- a/roles/matrix-ma1sd/tasks/setup_install.yml +++ b/roles/matrix-ma1sd/tasks/setup_install.yml @@ -21,13 +21,15 @@ - ansible.builtin.set_fact: matrix_ma1sd_requires_restart: false -- block: +- when: "matrix_ma1sd_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_ma1sd_sqlite_database_path_local }}" register: matrix_ma1sd_sqlite_database_path_local_stat_result - - block: + - when: "matrix_ma1sd_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_ma1sd_sqlite_database_path_local }}" @@ -44,8 +46,6 @@ - ansible.builtin.set_fact: matrix_ma1sd_requires_restart: true - when: "matrix_ma1sd_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_ma1sd_database_engine == 'postgres'" - name: Ensure ma1sd image is pulled docker_image: @@ -59,7 +59,8 @@ delay: "{{ matrix_container_retries_delay }}" until: result is not failed -- block: +- when: "matrix_ma1sd_container_image_self_build | bool" + block: - name: Ensure gradle is installed for self-building (Debian) ansible.builtin.apt: name: @@ -111,7 +112,6 @@ repository: "{{ matrix_ma1sd_docker_image }}" force_tag: true source: local - when: "matrix_ma1sd_container_image_self_build | bool" - name: Ensure ma1sd config installed ansible.builtin.copy: diff --git a/roles/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml b/roles/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml index c511e402..c2215eba 100644 --- a/roles/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml +++ b/roles/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml @@ -15,7 +15,8 @@ # See: https://docs.ansible.com/ansible/2.3/htpasswd_module.html#requirements-on-host-that-executes-module # We support various distros, with various versions of Python. Installing additional Python modules can be a hassle. # As a workaround, we run `htpasswd` from an Apache container image. -- block: +- when: matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_username != '' + block: - name: Ensure Apache Docker image is pulled for generating matrix-metrics-htpasswd from username/password (protecting /metrics/* URIs) docker_image: name: "{{ matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_apache_container_image }}" @@ -57,4 +58,3 @@ ansible.builtin.file: path: /tmp/matrix-nginx-proxy-metrics-password state: absent - when: matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_username != '' diff --git a/roles/matrix-nginx-proxy/tasks/self_check_well_known.yml b/roles/matrix-nginx-proxy/tasks/self_check_well_known.yml index 2a5042d5..e7ed549c 100644 --- a/roles/matrix-nginx-proxy/tasks/self_check_well_known.yml +++ b/roles/matrix-nginx-proxy/tasks/self_check_well_known.yml @@ -9,7 +9,8 @@ follow_redirects: "{{ matrix_nginx_proxy_self_check_well_known_matrix_client_follow_redirects }}" validate_certs: "{{ matrix_nginx_proxy_self_check_validate_certificates }}" -- block: +- when: matrix_well_known_matrix_server_enabled | bool + block: - ansible.builtin.set_fact: well_known_file_check_matrix_server: path: /.well-known/matrix/server @@ -21,7 +22,6 @@ - name: Determine domains that we require certificates for (ma1sd) ansible.builtin.set_fact: well_known_file_checks: "{{ well_known_file_checks + [well_known_file_check_matrix_server] }}" - when: matrix_well_known_matrix_server_enabled | bool - name: Perform well-known checks ansible.builtin.include_tasks: "{{ role_path }}/tasks/self_check_well_known_file.yml" diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml index f2afe2ff..029ef860 100644 --- a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml +++ b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml @@ -16,7 +16,8 @@ # Tasks related to setting up Let's Encrypt's management of certificates # -- block: +- when: "matrix_ssl_retrieval_method == 'lets-encrypt'" + block: - name: Ensure certbot Docker image is pulled docker_image: name: "{{ matrix_ssl_lets_encrypt_certbot_docker_image }}" @@ -43,13 +44,13 @@ mode: 0644 when: "item.applicable | bool" with_items: "{{ matrix_ssl_renewal_systemd_units_list }}" - when: "matrix_ssl_retrieval_method == 'lets-encrypt'" # # Tasks related to getting rid of Let's Encrypt's management of certificates # -- block: +- when: "matrix_ssl_retrieval_method != 'lets-encrypt'" + block: - name: Ensure matrix-ssl-lets-encrypt-renew cronjob removed ansible.builtin.file: path: "{{ matrix_systemd_path }}/{{ item.name }}" @@ -61,4 +62,3 @@ ansible.builtin.file: path: "{{ matrix_local_bin_path }}/matrix-ssl-lets-encrypt-certificates-renew" state: absent - when: "matrix_ssl_retrieval_method != 'lets-encrypt'" diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml index 18cae090..176692ff 100644 --- a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml +++ b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml @@ -13,7 +13,8 @@ - ansible.builtin.set_fact: domain_name_needs_cert: "{{ not domain_name_certificate_path_stat.stat.exists }}" -- block: +- when: "domain_name_needs_cert | bool and matrix_ssl_pre_obtaining_required_service_name != ''" + block: - name: Ensure required service for obtaining is started ansible.builtin.service: name: "{{ matrix_ssl_pre_obtaining_required_service_name }}" @@ -24,7 +25,6 @@ ansible.builtin.wait_for: timeout: "{{ matrix_ssl_pre_obtaining_required_service_start_wait_time_seconds }}" when: "matrix_ssl_pre_obtaining_required_service_start_result.changed | bool" - when: "domain_name_needs_cert | bool and matrix_ssl_pre_obtaining_required_service_name != ''" # This will fail if there is something running on port 80 (like matrix-nginx-proxy). # We suppress the error, as we'll try another method below. diff --git a/roles/matrix-nginx-proxy/tasks/validate_config.yml b/roles/matrix-nginx-proxy/tasks/validate_config.yml index 6c87a4bb..f7d18c9e 100644 --- a/roles/matrix-nginx-proxy/tasks/validate_config.yml +++ b/roles/matrix-nginx-proxy/tasks/validate_config.yml @@ -35,7 +35,8 @@ - or raw htpasswd content (provided in `matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_raw_content`) when: "matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_enabled | bool and (matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_raw_content == '' and (matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_username == '' or matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_password == ''))" -- block: +- when: "matrix_ssl_retrieval_method == 'lets-encrypt'" + block: - name: (Deprecation) Catch and report renamed settings ansible.builtin.fail: msg: >- @@ -57,7 +58,6 @@ - "matrix_nginx_proxy_proxy_synapse_client_api_addr_with_container" - "matrix_nginx_proxy_proxy_synapse_client_api_addr_sans_container" when: "vars[item] == '' or vars[item] is none" - when: "matrix_ssl_retrieval_method == 'lets-encrypt'" - name: (Deprecation) Catch and report old metrics usage ansible.builtin.fail: diff --git a/roles/matrix-postgres/defaults/main.yml b/roles/matrix-postgres/defaults/main.yml index 39481f2e..117611a3 100644 --- a/roles/matrix-postgres/defaults/main.yml +++ b/roles/matrix-postgres/defaults/main.yml @@ -78,7 +78,7 @@ matrix_postgres_import_roles_to_ignore: [matrix_postgres_connection_username] # which is unsupported by default by newer Postgres versions (v14+). # When users are created and passwords are set by the playbook, they end up hashed as `scram-sha-256` on Postgres v14+. # If an md5-hashed password is restored on top, Postgres v14+ will refuse to authenticate users with it by default. -matrix_postgres_import_roles_ignore_regex: "^(CREATE|ALTER) ROLE ({{ matrix_postgres_import_roles_to_ignore | join('|') }})(;| WITH)" # noqa var-spacing +matrix_postgres_import_roles_ignore_regex: "^(CREATE|ALTER) ROLE ({{ matrix_postgres_import_roles_to_ignore | join('|') }})(;| WITH)" # noqa jinja[spacing] # A list of databases to avoid creating when importing (or upgrading) the database. # If a dump file contains the databases and they've also been created beforehand (see `matrix_postgres_additional_databases`), @@ -86,7 +86,7 @@ matrix_postgres_import_roles_ignore_regex: "^(CREATE|ALTER) ROLE ({{ matrix_post # We either need to not create them or to ignore the `CREATE DATABASE` statements in the dump. matrix_postgres_import_databases_to_ignore: [matrix_postgres_db_name] -matrix_postgres_import_databases_ignore_regex: "^CREATE DATABASE ({{ matrix_postgres_import_databases_to_ignore | join('|') }})\\s" # noqa var-spacing +matrix_postgres_import_databases_ignore_regex: "^CREATE DATABASE ({{ matrix_postgres_import_databases_to_ignore | join('|') }})\\s" # noqa jinja[spacing] # The number of seconds to wait after starting `matrix-postgres.service` # and before trying to run queries for creating additional databases/users against it. diff --git a/roles/matrix-postgres/tasks/import_generic_sqlite_db.yml b/roles/matrix-postgres/tasks/import_generic_sqlite_db.yml index 671cb33f..f99478dd 100644 --- a/roles/matrix-postgres/tasks/import_generic_sqlite_db.yml +++ b/roles/matrix-postgres/tasks/import_generic_sqlite_db.yml @@ -25,7 +25,8 @@ # We either expect `postgres_db_connection_string` specifying a full Postgres database connection string, # or `postgres_connection_string_variable_name`, specifying a name of a variable, which contains a valid connection string. -- block: +- when: 'postgres_connection_string_variable_name is defined' + block: - name: Fail if postgres_connection_string_variable_name points to an undefined variable ansible.builtin.fail: msg="postgres_connection_string_variable_name is defined, but there is no variable with the name `{{ postgres_connection_string_variable_name }}`" when: "postgres_connection_string_variable_name not in vars" @@ -33,7 +34,6 @@ - name: Get Postgres connection string from variable ansible.builtin.set_fact: postgres_db_connection_string: "{{ lookup('vars', postgres_connection_string_variable_name) }}" - when: 'postgres_connection_string_variable_name is defined' - name: Fail if playbook called incorrectly ansible.builtin.fail: diff --git a/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml b/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml index f79a12f8..bfd91c29 100644 --- a/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml +++ b/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml @@ -31,7 +31,8 @@ msg: "File cannot be found on the server at {{ matrix_postgres_db_migration_request.src }}" when: "not matrix_postgres_db_migration_request_src_stat_result.stat.exists" -- block: +- when: "matrix_postgres_pgloader_container_image_self_build | bool" + block: - name: Ensure pgloader repository is present on self-build ansible.builtin.git: repo: "{{ matrix_postgres_pgloader_container_image_self_build_repo }}" @@ -69,7 +70,6 @@ dockerfile: Dockerfile path: "{{ matrix_postgres_pgloader_container_image_self_build_src_path }}" pull: true - when: "matrix_postgres_pgloader_container_image_self_build | bool" - name: Ensure pgloader Docker image is pulled docker_image: @@ -134,7 +134,8 @@ register: matrix_postgres_migrate_db_to_postgres_import_result changed_when: matrix_postgres_migrate_db_to_postgres_import_result.rc == 0 -- block: +- when: "matrix_postgres_db_migration_request.additional_psql_statements_list | default([]) | length > 0" + block: - ansible.builtin.import_role: name: matrix-postgres tasks_from: detect_existing_postgres_version @@ -157,8 +158,6 @@ register: matrix_postgres_migrate_db_to_postgres_additional_queries_result changed_when: matrix_postgres_migrate_db_to_postgres_additional_queries_result.rc == 0 - when: "matrix_postgres_db_migration_request.additional_psql_statements_list | default([]) | length > 0" - - name: Archive {{ matrix_postgres_db_migration_request.engine_old }} database ({{ matrix_postgres_db_migration_request.src }} -> {{ matrix_postgres_db_migration_request.src }}.backup) ansible.builtin.command: cmd: "mv {{ matrix_postgres_db_migration_request.src }} {{ matrix_postgres_db_migration_request.src }}.backup" diff --git a/roles/matrix-postgres/tasks/migrate_postgres_data_directory.yml b/roles/matrix-postgres/tasks/migrate_postgres_data_directory.yml index fde580f5..0e3a606d 100644 --- a/roles/matrix-postgres/tasks/migrate_postgres_data_directory.yml +++ b/roles/matrix-postgres/tasks/migrate_postgres_data_directory.yml @@ -52,14 +52,14 @@ group: "{{ matrix_user_groupname }}" when: "result_pg_old_data_dir_stat.stat.exists" -- block: +- when: "result_pg_old_data_dir_stat.stat.exists" + block: - name: Relocate Postgres data files from old directory to new ansible.builtin.command: cmd: "mv {{ item.path }} {{ matrix_postgres_data_path }}/{{ item.path | basename }}" with_items: "{{ result_pg_old_data_dir_find.files }}" register: matrix_postgres_migrate_postgres_data_directory_move_result changed_when: matrix_postgres_migrate_postgres_data_directory_move_result.rc == 0 - when: "result_pg_old_data_dir_stat.stat.exists" # Intentionally not starting matrix-postgres here. # It likely needs to be updated to point to the new directory. diff --git a/roles/matrix-prometheus-node-exporter/tasks/init.yml b/roles/matrix-prometheus-node-exporter/tasks/init.yml index 42f21667..460ab137 100644 --- a/roles/matrix-prometheus-node-exporter/tasks/init.yml +++ b/roles/matrix-prometheus-node-exporter/tasks/init.yml @@ -4,7 +4,8 @@ matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-prometheus-node-exporter.service'] }}" when: matrix_prometheus_node_exporter_enabled | bool -- block: +- when: matrix_prometheus_node_exporter_enabled | bool and matrix_prometheus_node_exporter_metrics_proxying_enabled | bool + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -38,4 +39,3 @@ + [matrix_prometheus_node_exporter_nginx_metrics_configuration_block] }} - when: matrix_prometheus_node_exporter_enabled | bool and matrix_prometheus_node_exporter_metrics_proxying_enabled | bool diff --git a/roles/matrix-prometheus-postgres-exporter/tasks/init.yml b/roles/matrix-prometheus-postgres-exporter/tasks/init.yml index 03fe965c..20333dce 100644 --- a/roles/matrix-prometheus-postgres-exporter/tasks/init.yml +++ b/roles/matrix-prometheus-postgres-exporter/tasks/init.yml @@ -4,7 +4,8 @@ matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-prometheus-postgres-exporter.service'] }}" when: matrix_prometheus_postgres_exporter_enabled | bool -- block: +- when: matrix_prometheus_node_exporter_enabled | bool and matrix_prometheus_node_exporter_metrics_proxying_enabled | bool + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -38,4 +39,3 @@ + [matrix_prometheus_postgres_exporter_nginx_metrics_configuration_block] }} - when: matrix_prometheus_node_exporter_enabled | bool and matrix_prometheus_node_exporter_metrics_proxying_enabled | bool diff --git a/roles/matrix-registration/tasks/init.yml b/roles/matrix-registration/tasks/init.yml index 922db0f7..2b43dffd 100644 --- a/roles/matrix-registration/tasks/init.yml +++ b/roles/matrix-registration/tasks/init.yml @@ -10,7 +10,10 @@ matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-registration.service'] }}" when: matrix_registration_enabled | bool -- block: +- when: matrix_registration_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -54,9 +57,6 @@ + [matrix_registration_matrix_nginx_proxy_configuration] }} - tags: - - always - when: matrix_registration_enabled | bool - name: Warn about reverse-proxying if matrix-nginx-proxy not used ansible.builtin.debug: diff --git a/roles/matrix-registration/tasks/setup_install.yml b/roles/matrix-registration/tasks/setup_install.yml index d3048337..6b895d69 100644 --- a/roles/matrix-registration/tasks/setup_install.yml +++ b/roles/matrix-registration/tasks/setup_install.yml @@ -3,13 +3,15 @@ - ansible.builtin.set_fact: matrix_registration_requires_restart: false -- block: +- when: "matrix_registration_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_registration_sqlite_database_path_local }}" register: matrix_registration_sqlite_database_path_local_stat_result - - block: + - when: "matrix_registration_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_registration_sqlite_database_path_local }}" @@ -30,8 +32,6 @@ - ansible.builtin.set_fact: matrix_registration_requires_restart: true - when: "matrix_registration_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_registration_database_engine == 'postgres'" - name: Ensure matrix-registration paths exist ansible.builtin.file: diff --git a/roles/matrix-synapse-admin/tasks/init.yml b/roles/matrix-synapse-admin/tasks/init.yml index f934eced..c2b2d05f 100644 --- a/roles/matrix-synapse-admin/tasks/init.yml +++ b/roles/matrix-synapse-admin/tasks/init.yml @@ -10,7 +10,10 @@ matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-synapse-admin.service'] }}" when: matrix_synapse_admin_enabled | bool -- block: +- when: matrix_synapse_admin_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -45,9 +48,6 @@ + [matrix_synapse_admin_matrix_nginx_proxy_configuration] }} - tags: - - always - when: matrix_synapse_admin_enabled | bool - name: Warn about reverse-proxying if matrix-nginx-proxy not used ansible.builtin.debug: diff --git a/roles/matrix-synapse/tasks/init.yml b/roles/matrix-synapse/tasks/init.yml index acfbf031..a77320c2 100644 --- a/roles/matrix-synapse/tasks/init.yml +++ b/roles/matrix-synapse/tasks/init.yml @@ -26,7 +26,8 @@ matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-goofys.service'] }}" when: matrix_s3_media_store_enabled | bool -- block: +- when: matrix_synapse_enabled | bool and matrix_synapse_metrics_proxying_enabled | bool + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -84,4 +85,3 @@ [matrix_synapse_worker_nginx_metrics_configuration_block] }} when: matrix_synapse_workers_enabled_list | length > 0 - when: matrix_synapse_enabled | bool and matrix_synapse_metrics_proxying_enabled | bool diff --git a/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml b/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml index 29860e5a..fab0af55 100644 --- a/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml +++ b/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml @@ -85,16 +85,17 @@ # # Row 3 contains a space when there's no result. -- block: +- when: "matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.failed or matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.stdout_lines | length != 4" + block: - ansible.builtin.debug: var="matrix_synapse_rust_synapse_compress_state_find_rooms_command_result" - name: Fail if room find result is not what we expect ansible.builtin.fail: msg: >- Expecting 4 lines in the "find rooms" result. - when: "matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.failed or matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.stdout_lines | length != 4" -- block: +- when: "matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.stdout_lines[2] != ' '" + block: # matrix_synapse_rust_synapse_compress_state_eligible_rooms is a list # of dictionaries like this: {'room_id': '!some-id', 'count': 2461329} - ansible.builtin.set_fact: @@ -113,7 +114,6 @@ with_items: "{{ matrix_synapse_rust_synapse_compress_state_eligible_rooms }}" loop_control: loop_var: room_details - when: "matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.stdout_lines[2] != ' '" - name: Show notice about lack of rooms to compress ansible.builtin.debug: diff --git a/roles/matrix-synapse/tasks/synapse/setup_install.yml b/roles/matrix-synapse/tasks/synapse/setup_install.yml index e4ec0f67..aea03f05 100644 --- a/roles/matrix-synapse/tasks/synapse/setup_install.yml +++ b/roles/matrix-synapse/tasks/synapse/setup_install.yml @@ -18,7 +18,8 @@ group: "{{ matrix_user_groupname }}" when: "not local_path_media_store_stat.failed and not local_path_media_store_stat.stat.exists" -- block: +- when: "matrix_synapse_container_image_self_build | bool" + block: - name: Ensure Synapse repository is present on self-build ansible.builtin.git: repo: "{{ matrix_synapse_container_image_self_build_repo }}" @@ -48,7 +49,6 @@ environment: DOCKER_BUILDKIT: 1 when: "matrix_synapse_git_pull_results.changed | bool or matrix_synapse_docker_image_check_result.stdout == ''" - when: "matrix_synapse_container_image_self_build | bool" - name: Ensure Synapse Docker image is pulled docker_image: diff --git a/roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml b/roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml index eee73151..b69529b9 100644 --- a/roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml +++ b/roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml @@ -37,7 +37,8 @@ msg: "Unrecognized Synapse worker `app`: `{{ matrix_synapse_worker_details.app }}`. Supported types are: {{ matrix_synapse_workers_avail_list | join(', ') }}" when: "matrix_synapse_worker_details.app not in matrix_synapse_workers_avail_list" -- block: +- when: "matrix_synapse_worker_details.type == 'stream_writer'" + block: - name: Fail if stream_writer_stream not defined for stream_writer worker ansible.builtin.fail: msg: >- @@ -50,7 +51,6 @@ ansible.builtin.fail: msg: "Synapse background workers of type stream_writer (such as {{ item }}) need to define a valid `replication_port` property" when: "'replication_port' not in matrix_synapse_worker_details" - when: "matrix_synapse_worker_details.type == 'stream_writer'" - ansible.builtin.set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + [matrix_synapse_worker_details.name + '.service'] }}" diff --git a/roles/matrix-synapse/vars/main.yml b/roles/matrix-synapse/vars/main.yml index b403b461..a4d43e78 100644 --- a/roles/matrix-synapse/vars/main.yml +++ b/roles/matrix-synapse/vars/main.yml @@ -34,7 +34,7 @@ matrix_synapse_workers_generic_worker_client_server_endpoints: "{{ matrix_synaps matrix_synapse_workers_generic_worker_federation_endpoints: "{{ matrix_synapse_workers_generic_worker_endpoints | default([]) | map('regex_search', matrix_synapse_workers_generic_worker_federation_endpoints_regex) | list | difference([none]) }}" # matrix_synapse_workers_generic_worker_federation_endpoints_regex contains the regex used in matrix_synapse_workers_generic_worker_federation_endpoints. -# It's intentionally put in a separate variable, to avoid tripping ansible-lint's var-spacing rule. +# It's intentionally put in a separate variable, to avoid tripping ansible-lint's jinja[spacing] rule. matrix_synapse_workers_generic_worker_federation_endpoints_regex: '.*(/_matrix/federation|/_matrix/key).*' # matrix_synapse_workers_stream_writer_typing_stream_worker_client_server_endpoints contains the endpoints serviced by the `typing` stream writer. From 5d5642abc54947e39235423fc33f425073dbf578 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 27 Sep 2022 15:35:40 +0300 Subject: [PATCH 353/562] Upgrade Synapse (v1.67.0 -> v1.68.0) --- roles/matrix-synapse/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 40f20bcd..4c5fc09e 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -9,7 +9,7 @@ matrix_synapse_container_image_self_build_repo: "https://github.com/matrix-org/s matrix_synapse_docker_image: "{{ matrix_synapse_docker_image_name_prefix }}matrixdotorg/synapse:{{ matrix_synapse_docker_image_tag }}" matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_container_image_self_build else matrix_container_global_registry_prefix }}" -matrix_synapse_version: v1.67.0 +matrix_synapse_version: v1.68.0 matrix_synapse_docker_image_tag: "{{ matrix_synapse_version }}" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" From de671ad58a8784e54f3f61495d80a17818edacd8 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 27 Sep 2022 15:37:24 +0300 Subject: [PATCH 354/562] Upgrade ddclient (v3.9.1-ls99 -> v3.9.1-ls100) --- roles/matrix-dynamic-dns/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dynamic-dns/defaults/main.yml b/roles/matrix-dynamic-dns/defaults/main.yml index 53ecfa33..c465fef9 100644 --- a/roles/matrix-dynamic-dns/defaults/main.yml +++ b/roles/matrix-dynamic-dns/defaults/main.yml @@ -7,7 +7,7 @@ matrix_dynamic_dns_enabled: true # The dynamic dns daemon interval matrix_dynamic_dns_daemon_interval: '300' -matrix_dynamic_dns_version: v3.9.1-ls99 +matrix_dynamic_dns_version: v3.9.1-ls100 # The docker container to use when in mode matrix_dynamic_dns_docker_image: "{{ matrix_dynamic_dns_docker_image_name_prefix }}linuxserver/ddclient:{{ matrix_dynamic_dns_version }}" From f9e750c47f1bee8f1caa9381b0b1debd48ce36c6 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 27 Sep 2022 19:42:17 +0000 Subject: [PATCH 355/562] Update Element 1.11.5 -> 1.11.6 --- roles/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index 4898e9ca..a534ba11 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -10,7 +10,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/vecto # - https://github.com/vector-im/element-web/issues/19544 matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" -matrix_client_element_version: v1.11.5 +matrix_client_element_version: v1.11.6 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" From 89ca2e5eda9d511bcd5c4aacf884d00fb7802b3c Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 27 Sep 2022 19:47:05 +0000 Subject: [PATCH 356/562] Update Ntfy 1.27.2 -> 1.28.0 --- roles/matrix-ntfy/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-ntfy/defaults/main.yml b/roles/matrix-ntfy/defaults/main.yml index 66bc5be4..76243980 100644 --- a/roles/matrix-ntfy/defaults/main.yml +++ b/roles/matrix-ntfy/defaults/main.yml @@ -7,7 +7,7 @@ matrix_ntfy_base_path: "{{ matrix_base_data_path }}/ntfy" matrix_ntfy_config_dir_path: "{{ matrix_ntfy_base_path }}/config" matrix_ntfy_data_path: "{{ matrix_ntfy_base_path }}/data" -matrix_ntfy_version: v1.27.2 +matrix_ntfy_version: v1.28.0 matrix_ntfy_docker_image: "{{ matrix_container_global_registry_prefix }}binwiederhier/ntfy:{{ matrix_ntfy_version }}" matrix_ntfy_docker_image_force_pull: "{{ matrix_ntfy_docker_image.endswith(':latest') }}" From 38e19e48d2f5b8fec2fbbcd32654978df3447382 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Wed, 28 Sep 2022 15:59:47 +0200 Subject: [PATCH 357/562] Bump element version This is a security relevant update --- roles/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index a534ba11..4bd51d46 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -10,7 +10,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/vecto # - https://github.com/vector-im/element-web/issues/19544 matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" -matrix_client_element_version: v1.11.6 +matrix_client_element_version: v1.11.7 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" From 01acd6ec3dfc0bb9fe1329136c7c31772c454a07 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 28 Sep 2022 18:23:34 +0300 Subject: [PATCH 358/562] Upgrade Cinny (2.2.0 -> 2.2.1) --- roles/matrix-client-cinny/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-cinny/defaults/main.yml b/roles/matrix-client-cinny/defaults/main.yml index c041794c..817efe39 100644 --- a/roles/matrix-client-cinny/defaults/main.yml +++ b/roles/matrix-client-cinny/defaults/main.yml @@ -6,7 +6,7 @@ matrix_client_cinny_enabled: true matrix_client_cinny_container_image_self_build: false matrix_client_cinny_container_image_self_build_repo: "https://github.com/ajbura/cinny.git" -matrix_client_cinny_version: v2.2.0 +matrix_client_cinny_version: v2.2.1 matrix_client_cinny_docker_image: "{{ matrix_client_cinny_docker_image_name_prefix }}ajbura/cinny:{{ matrix_client_cinny_version }}" matrix_client_cinny_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_cinny_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_cinny_docker_image_force_pull: "{{ matrix_client_cinny_docker_image.endswith(':latest') }}" From 68c2e0bee5a5a9394b20adbaf46c1e4f5b8d53d0 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 28 Sep 2022 18:43:50 +0300 Subject: [PATCH 359/562] Upgrade Element (v1.11.7 -> v1.11.8) --- roles/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index 4bd51d46..e4b6315b 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -10,7 +10,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/vecto # - https://github.com/vector-im/element-web/issues/19544 matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" -matrix_client_element_version: v1.11.7 +matrix_client_element_version: v1.11.8 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" From 5f0fbd6d62295e589fcb93b6a802de4cc8b6a88d Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 28 Sep 2022 18:46:10 +0300 Subject: [PATCH 360/562] Upgrade Cinny (2.2.1 -> 2.2.2) --- roles/matrix-client-cinny/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-cinny/defaults/main.yml b/roles/matrix-client-cinny/defaults/main.yml index 817efe39..de974eb1 100644 --- a/roles/matrix-client-cinny/defaults/main.yml +++ b/roles/matrix-client-cinny/defaults/main.yml @@ -6,7 +6,7 @@ matrix_client_cinny_enabled: true matrix_client_cinny_container_image_self_build: false matrix_client_cinny_container_image_self_build_repo: "https://github.com/ajbura/cinny.git" -matrix_client_cinny_version: v2.2.1 +matrix_client_cinny_version: v2.2.2 matrix_client_cinny_docker_image: "{{ matrix_client_cinny_docker_image_name_prefix }}ajbura/cinny:{{ matrix_client_cinny_version }}" matrix_client_cinny_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_cinny_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_cinny_docker_image_force_pull: "{{ matrix_client_cinny_docker_image.endswith(':latest') }}" From db7cc3bda0883a30f96304d83ddde8fce7220d7a Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Thu, 29 Sep 2022 10:53:35 +0000 Subject: [PATCH 361/562] Update Jitsi stable-7648-4 -> stable-7830 --- roles/matrix-jitsi/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-jitsi/defaults/main.yml b/roles/matrix-jitsi/defaults/main.yml index 9c31a660..80d270d4 100644 --- a/roles/matrix-jitsi/defaults/main.yml +++ b/roles/matrix-jitsi/defaults/main.yml @@ -72,7 +72,7 @@ matrix_jitsi_jibri_recorder_password: '' matrix_jitsi_enable_lobby: false -matrix_jitsi_version: stable-7648-4 +matrix_jitsi_version: stable-7830 matrix_jitsi_container_image_tag: "{{ matrix_jitsi_version }}" # for backward-compatibility matrix_jitsi_web_docker_image: "{{ matrix_container_global_registry_prefix }}jitsi/web:{{ matrix_jitsi_container_image_tag }}" From 41e1da2ff4be785a211c23edb6d7ab34e6c250b6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Thu, 29 Sep 2022 18:00:14 +0200 Subject: [PATCH 362/562] Make registration proxy independent of other roles, document (#7) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Make registration proxy independent of other roles, document Signed-off-by: Julian-Samuel Gebühr * Fix yml issues Signed-off-by: Julian-Samuel Gebühr * Remove undefined variable (as service HAS to be exposed Signed-off-by: Julian-Samuel Gebühr * Add registration endpint Defines the registration endpoint that should be intercepted/forwarded to the proxy Signed-off-by: Julian-Samuel Gebühr * Add image name Signed-off-by: Julian-Samuel Gebühr Signed-off-by: Julian-Samuel Gebühr --- ...playbook-matrix-ldap-registration-proxy.md | 21 +++-- group_vars/matrix_servers | 6 -- .../defaults/main.yml | 10 ++- .../tasks/init.yml | 82 +++++++++---------- 4 files changed, 59 insertions(+), 60 deletions(-) diff --git a/docs/configuring-playbook-matrix-ldap-registration-proxy.md b/docs/configuring-playbook-matrix-ldap-registration-proxy.md index 31b75a0b..8a4adae4 100644 --- a/docs/configuring-playbook-matrix-ldap-registration-proxy.md +++ b/docs/configuring-playbook-matrix-ldap-registration-proxy.md @@ -13,18 +13,21 @@ Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars. ```yaml matrix_ldap_registration_proxy_enabled: true -``` - -That is enough if you use the synapse external password provider via LDAP. -If you want to use your own credentials add the following to your `inventory/host_vars/matrix.DOMAIN/vars.yml`: - - - # LDAP credentials -```yaml matrix_ldap_registration_proxy_ldap_uri: matrix_ldap_registration_proxy_ldap_base_dn: matrix_ldap_registration_proxy_ldap_user: matrix_ldap_registration_proxy_ldap_password: ``` -TODO: is the block above correct? Else indicate that it can only be used with the LDAP password provider for Synapse + +If you already use the [synapse external password provider via LDAP](docs/configuring-playbook-ldap-auth.md) (that is, you have `matrix_synapse_ext_password_provider_ldap_enabled: true` and other options in your configuration) +you can use the following values as configuration: + +```yaml +# Use the LDAP values specified for the synapse role to setup LDAP proxy +matrix_ldap_registration_proxy_ldap_uri: "{{ matrix_synapse_ext_password_provider_ldap_uri }}" +matrix_ldap_registration_proxy_ldap_base_dn: "{{ matrix_synapse_ext_password_provider_ldap_base }}" +matrix_ldap_registration_proxy_ldap_user: "{{ matrix_synapse_ext_password_provider_ldap_bind_dn }}" +matrix_ldap_registration_proxy_ldap_password: "{{ matrix_synapse_ext_password_provider_ldap_bind_password }}" +``` + diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index a204093e..1898d9f7 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1579,12 +1579,6 @@ matrix_jitsi_etherpad_base: "{{ matrix_etherpad_base_url if matrix_etherpad_enab # This is only for users with a specific LDAP setup matrix_ldap_registration_proxy_enabled: false -# Use the LDAP values specified for the synapse role to setup LDAP proxy -matrix_ldap_registration_proxy_ldap_uri: "{{ matrix_synapse_ext_password_provider_ldap_uri }}" -matrix_ldap_registration_proxy_ldap_base_dn: "{{ matrix_synapse_ext_password_provider_ldap_base }}" -matrix_ldap_registration_proxy_ldap_user: "{{ matrix_synapse_ext_password_provider_ldap_bind_dn }}" -matrix_ldap_registration_proxy_ldap_password: "{{ matrix_synapse_ext_password_provider_ldap_bind_password }}" - ###################################################################### # # /matrix-ldap-registration-proxy diff --git a/roles/matrix-ldap-registration-proxy/defaults/main.yml b/roles/matrix-ldap-registration-proxy/defaults/main.yml index bf7f3564..7ee5a947 100644 --- a/roles/matrix-ldap-registration-proxy/defaults/main.yml +++ b/roles/matrix-ldap-registration-proxy/defaults/main.yml @@ -4,6 +4,7 @@ matrix_ldap_registration_proxy_enabled: true +matrix_ldap_registration_proxy_docker_image: matrix_ldap_registration_proxy matrix_ldap_registration_proxy_container_image_self_build_repo: "https://gitlab.com/activism.international/matrix_ldap_registration_proxy.git" matrix_ldap_registration_proxy_container_image_self_build_branch: "{{ matrix_ldap_registration_proxy_version }}" @@ -21,6 +22,8 @@ matrix_ldap_registration_proxy_ldap_password: "" matrix_ldap_registration_proxy_matrix_server_name: "{{ matrix_domain }}" matrix_ldap_registration_proxy_matrix_server_url: "https://{{ matrix_server_fqn_matrix }}" +matrix_ldap_registration_proxy_registration_endpoint: "/_matrix/client/r0/register" + # Controls whether the self-check feature should validate SSL certificates. matrix_matrix_ldap_registration_proxy_self_check_validate_certificates: true @@ -28,11 +31,11 @@ matrix_ldap_registration_proxy_container_port: 8080 # Controls whether the matrix_ldap_registration_proxy container exposes its HTTP port (tcp/{{ matrix_ldap_registration_proxy_container_port }} in the container). # # Takes an ":" or "" value (e.g. "127.0.0.1:8080"), or empty string to not expose. -matrix_ldap_registration_proxy_container_http_host_bind_port: '8585'}' +matrix_ldap_registration_proxy_container_http_host_bind_port: '' # `matrix_ldap_registration_proxy_container_http_host_bind_port_number_raw` contains the raw port number extracted from `matrix_ldap_registration_proxy_container_http_host_bind_port`, - # which can contain values like this: ('1234', '127.0.0.1:1234', '0.0.0.0:1234') - matrix_ldap_registration_proxy_container_http_host_bind_port_number_raw: "{{ '' if matrix_ldap_registration_proxy_container_http_host_bind_port == '' else (matrix_ldap_registration_proxy_container_http_host_bind_port.split(':')[1] if ':' in matrix_ldap_registration_proxy_container_http_host_bind_port else matrix_ldap_registration_proxy_container_http_host_bind_port) }}" +# which can contain values like this: ('1234', '127.0.0.1:1234', '0.0.0.0:1234') +matrix_ldap_registration_proxy_container_http_host_bind_port_number_raw: "{{ '' if matrix_ldap_registration_proxy_container_http_host_bind_port == '' else (matrix_ldap_registration_proxy_container_http_host_bind_port.split(':')[1] if ':' in matrix_ldap_registration_proxy_container_http_host_bind_port else matrix_ldap_registration_proxy_container_http_host_bind_port) }}" matrix_ldap_registration_proxy_registration_addr_with_container: "matrix-ldap_registration-proxy:{{ matrix_ldap_registration_proxy_container_http_host_bind_port_number_raw }}" matrix_ldap_registration_proxy_registration_addr_sans_container: "127.0.0.1:{{ matrix_ldap_registration_proxy_container_http_host_bind_port_number_raw }}" @@ -53,4 +56,3 @@ matrix_ldap_registration_proxy_systemd_wanted_services_list: [] # matrix_ldap_registration_proxy_env_variables_extension: | # KEY=value matrix_ldap_registration_proxy_env_variables_extension: '' - diff --git a/roles/matrix-ldap-registration-proxy/tasks/init.yml b/roles/matrix-ldap-registration-proxy/tasks/init.yml index f7ed52c5..79d603df 100644 --- a/roles/matrix-ldap-registration-proxy/tasks/init.yml +++ b/roles/matrix-ldap-registration-proxy/tasks/init.yml @@ -11,48 +11,48 @@ when: matrix_ldap_registration_proxy_enabled | bool - block: - - name: Fail if matrix-nginx-proxy role already executed - ansible.builtin.fail: - msg: >- - Trying to append Matrix LDAP registration proxy's reverse-proxying configuration to matrix-nginx-proxy, - but it's pointless since the matrix-nginx-proxy role had already executed. - To fix this, please change the order of roles in your playbook, - so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-telegram role. - when: matrix_nginx_proxy_role_executed | default(False) | bool + - name: Fail if matrix-nginx-proxy role already executed + ansible.builtin.fail: + msg: >- + Trying to append Matrix LDAP registration proxy's reverse-proxying configuration to matrix-nginx-proxy, + but it's pointless since the matrix-nginx-proxy role had already executed. + To fix this, please change the order of roles in your playbook, + so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-telegram role. + when: matrix_nginx_proxy_role_executed | default(False) | bool - - name: Generate Matrix LDAP registration proxy proxying configuration for matrix-nginx-proxy - ansible.builtin.set_fact: - matrix_ldap_registration_proxy_matrix_nginx_proxy_configuration: | - location {{ matrix_ldap_registration_proxy_public_endpoint }} { - {% if matrix_nginx_proxy_enabled | default(False) %} - {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; - set $backend "{{ matrix_ldap_registration_proxy_registration_addr_with_container }}"; - proxy_pass http://$backend/register;; - {% else %} - {# Generic configuration for use outside of our container setup #} - proxy_pass http://{{ matrix_ldap_registration_proxy_registration_addr_sans_container }}/register; - {% endif %} - } + - name: Generate Matrix LDAP registration proxy proxying configuration for matrix-nginx-proxy + ansible.builtin.set_fact: + matrix_ldap_registration_proxy_matrix_nginx_proxy_configuration: | + location {{ matrix_ldap_registration_proxy_registration_endpoint }} { + {% if matrix_nginx_proxy_enabled | default(False) %} + {# Use the embedded DNS resolver in Docker containers to discover the service #} + resolver 127.0.0.11 valid=5s; + set $backend "{{ matrix_ldap_registration_proxy_registration_addr_with_container }}"; + proxy_pass http://$backend/register;; + {% else %} + {# Generic configuration for use outside of our container setup #} + proxy_pass http://{{ matrix_ldap_registration_proxy_registration_addr_sans_container }}/register; + {% endif %} + } - - name: Register Matrix LDAP registration proxy proxying configuration with matrix-nginx-proxy - ansible.builtin.set_fact: - matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: | - {{ - matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([]) - + - [matrix_ldap_registration_proxy_matrix_nginx_proxy_configuration] - }} - - name: Warn about reverse-proxying if matrix-nginx-proxy not used - ansible.builtin.debug: - msg: >- - NOTE: You've enabled the Matrix LDAP registration proxy bridge but are not using the matrix-nginx-proxy - reverse proxy. - Please make sure that you're proxying the `{{ matrix_ldap_registration_proxy_public_endpoint }}` - URL endpoint to the matrix-ldap-proxy container. - You can expose the container's port using the `matrix_ldap_registration_proxy_container_http_host_bind_port` variable. - when: "not matrix_nginx_proxy_enabled | default(False) | bool" + - name: Register Matrix LDAP registration proxy proxying configuration with matrix-nginx-proxy + ansible.builtin.set_fact: + matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: | + {{ + matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([]) + + + [matrix_ldap_registration_proxy_matrix_nginx_proxy_configuration] + }} + - name: Warn about reverse-proxying if matrix-nginx-proxy not used + ansible.builtin.debug: + msg: >- + NOTE: You've enabled the Matrix LDAP registration proxy bridge but are not using the matrix-nginx-proxy + reverse proxy. + Please make sure that you're proxying the `{{ matrix_ldap_registration_proxy_public_endpoint }}` + URL endpoint to the matrix-ldap-proxy container. + You can expose the container's port using the `matrix_ldap_registration_proxy_container_http_host_bind_port` variable. + when: "not matrix_nginx_proxy_enabled | default(False) | bool" tags: - - always - when: matrix_ldap_registration_proxy_enabled | bool and matrix_ldap_registration_proxy_appservice_public_enabled | bool + - always + when: matrix_ldap_registration_proxy_enabled | bool From 59c46662e5d3978008ce89a68ccc240df9c8a9de Mon Sep 17 00:00:00 2001 From: Catalan Lover Date: Thu, 29 Sep 2022 20:25:56 +0200 Subject: [PATCH 363/562] Start Updating Mjolnir CFG from Initial to Current --- .../templates/production.yaml.j2 | 222 ++++++++++++------ 1 file changed, 153 insertions(+), 69 deletions(-) diff --git a/roles/matrix-bot-mjolnir/templates/production.yaml.j2 b/roles/matrix-bot-mjolnir/templates/production.yaml.j2 index e5eb3aea..7963982f 100644 --- a/roles/matrix-bot-mjolnir/templates/production.yaml.j2 +++ b/roles/matrix-bot-mjolnir/templates/production.yaml.j2 @@ -1,136 +1,184 @@ -# Where the homeserver is located (client-server URL). This should point at -# pantalaimon if you're using that. +# Endpoint URL that Mjolnir uses to interact with the matrix homeserver (client-server API), +# set this to the pantalaimon URL if you're using that. homeserverUrl: "{{ matrix_homeserver_url }}" -# The access token for the bot to use. Do not populate if using Pantalaimon. +# Endpoint URL that Mjolnir could use to fetch events related to reports (client-server API and /_synapse/), +# only set this to the public-internet homeserver client API URL, do NOT set this to the pantalaimon URL. +rawHomeserverUrl: "{{ matrix_homeserver_url }}" + +# Matrix Access Token to use, Mjolnir will only use this if pantalaimon.use is false. accessToken: "{{ matrix_bot_mjolnir_access_token }}" -# Pantalaimon options (https://github.com/matrix-org/pantalaimon) +# Options related to Pantalaimon (https://github.com/matrix-org/pantalaimon) #pantalaimon: -# # If true, accessToken above is ignored and the username/password below will be -# # used instead. The access token of the bot will be stored in the dataPath. +# # Whether or not Mjolnir will use pantalaimon to access the matrix homeserver, +# # set to `true` if you're using pantalaimon. +# # +# # Be sure to point homeserverUrl to the pantalaimon instance. +# # +# # Mjolnir will log in using the given username and password once, +# # then store the resulting access token in a file under dataPath. # use: false # # # The username to login with. # username: mjolnir # -# # The password to login with. Can be removed after the bot has logged in once and -# # stored the access token. +# # The password Mjolnir will login with. +# # +# # After successfully logging in once, this will be ignored, so this value can be blanked after first startup. # password: your_password -# The directory the bot should store various bits of information in +# The path Mjolnir will store its state/data in, leave default ("/data/storage") when using containers. dataPath: "/data" -# If true (the default), only users in the `managementRoom` can invite the bot -# to new rooms. +# If true (the default), Mjolnir will only accept invites from users present in managementRoom. autojoinOnlyIfManager: true -# If `autojoinOnlyIfManager` is false, only the members in this group can invite +# If `autojoinOnlyIfManager` is false, only the members in this space can invite # the bot to new rooms. -#acceptInvitesFromGroup: '+example:example.org' +#acceptInvitesFromSpace: "!example:example.org" -# If the bot is invited to a room and it won't accept the invite (due to the -# conditions above), report it to the management room. Defaults to disabled (no -# reporting). +# Whether Mjolnir should report ignored invites to the management room (if autojoinOnlyIfManager is true). recordIgnoredInvites: false -# The room ID where people can use the bot. The bot has no access controls, so -# anyone in this room can use the bot - secure your room! +# The room ID (or room alias) of the management room, anyone in this room can issue commands to Mjolnir. +# +# Mjolnir has no more granular access controls other than this, be sure you trust everyone in this room - secure it! +# # This should be a room alias or room ID - not a matrix.to URL. -# Note: Mjolnir is fairly verbose - expect a lot of messages from it. +# +# Note: By default, Mjolnir is fairly verbose - expect a lot of messages in this room. +# (see verboseLogging to adjust this a bit.) managementRoom: "{{ matrix_bot_mjolnir_management_room }}" -# Set to false to make the management room a bit quieter. +# Whether Mjolnir should log a lot more messages in the room, +# mainly involves "all-OK" messages, and debugging messages for when mjolnir checks bans in a room. verboseLogging: false -# The log level for the logs themselves. One of DEBUG, INFO, WARN, and ERROR. +# The log level of terminal (or container) output, +# can be one of DEBUG, INFO, WARN and ERROR, in increasing order of importance and severity. +# # This should be at INFO or DEBUG in order to get support for Mjolnir problems. logLevel: "INFO" -# Set to false to disable synchronizing the ban lists on startup. If true, this -# is the same as running !mjolnir sync immediately after startup. +# Whether or not Mjolnir should synchronize policy lists immediately after startup. +# Equivalent to running '!mjolnir sync'. syncOnStartup: true -# Set to false to prevent Mjolnir from checking its permissions on startup. This -# is recommended to be left as "true" to catch room permission problems (state -# resets, etc) before Mjolnir is needed. +# Whether or not Mjolnir should check moderation permissions in all protected rooms on startup. +# Equivalent to running `!mjolnir verify`. verifyPermissionsOnStartup: true -# If true, Mjolnir won't actually ban users or apply server ACLs, but will -# think it has. This is useful to see what it does in a scenario where the -# bot might not be trusted fully, yet. Default false (do bans/ACLs). +# Whether or not Mjolnir should actually apply bans and policy lists, +# turn on to trial some untrusted configuration or lists. noop: false -# Set to true to use /joined_members instead of /state to figure out who is -# in the room. Using /state is preferred because it means that users are -# banned when they are invited instead of just when they join, though if your -# server struggles with /state requests then set this to true. +# Whether Mjolnir should check member lists quicker (by using a different endpoint), +# keep in mind that enabling this will miss invited (but not joined) users. +# +# Turn on if your bot is in (very) large rooms, or in large amounts of rooms. fasterMembershipChecks: false -# A case-insensitive list of ban reasons to automatically redact a user's -# messages for. Typically this is useful to avoid having to type two commands -# to the bot. Use asterisks to represent globs (ie: "spam*testing" would match -# "spam for testing" as well as "spamtesting"). +# A case-insensitive list of ban reasons to have the bot also automatically redact the user's messages for. +# +# If the bot sees you ban a user with a reason that is an (exact case-insensitive) match to this list, +# it will also remove the user's messages automatically. +# +# Typically this is useful to avoid having to give two commands to the bot. +# Advanced: Use asterisks to have the reason match using "globs" +# (f.e. "spam*testing" would match "spam for testing" as well as "spamtesting"). +# +# See here for more info: https://www.digitalocean.com/community/tools/glob +# Note: Keep in mind that glob is NOT regex! automaticallyRedactForReasons: - - "spam" - - "advertising" + - "spam" + - "advertising" -# A list of rooms to protect (matrix.to URLs) +# A list of rooms to protect. Mjolnir will add this to the list it knows from its account data. +# +# It won't, however, add it to the account data. +# Manually add the room via '!mjolnir rooms add' to have it stay protected regardless if this config value changes. +# +# Note: These must be matrix.to URLs #protectedRooms: # - "https://matrix.to/#/#yourroom:example.org" -# Set this option to true to protect every room the bot is joined to. Note that -# this effectively makes the protectedRooms and associated commands useless because -# the bot by nature must be joined to the room to protect it. +# Whether or not to add all joined rooms to the "protected rooms" list +# (excluding the management room and watched policy list rooms, see below). # -# Note: the management room is *excluded* from this condition. Add it to the -# protected rooms to protect it. +# Note that this effectively makes the protectedRooms and associated commands useless +# for regular rooms. # -# Note: ban list rooms the bot is watching but didn't create will not be protected. -# Manually add these rooms to the protected rooms list if you want them protected. +# Note: the management room is *excluded* from this condition. +# Explicitly add it as a protected room to protect it. +# +# Note: Ban list rooms the bot is watching but didn't create will not be protected. +# Explicitly add these rooms as a protected room list if you want them protected. protectAllJoinedRooms: false +# Increase this delay to have Mjölnir wait longer between two consecutive backgrounded +# operations. The total duration of operations will be longer, but the homeserver won't +# be affected as much. Conversely, decrease this delay to have Mjölnir chain operations +# faster. The total duration of operations will generally be shorter, but the performance +# of the homeserver may be more impacted. +backgroundDelayMS: 500 + +# Server administration commands, these commands will only work if Mjolnir is +# a global server administrator, and the bot's server is a Synapse instance. +#admin: +# # Whether or not Mjolnir can temporarily take control of any eligible account from the local homeserver who's in the room +# # (with enough permissions) to "make" a user an admin. +# # +# # This only works if a local user with enough admin permissions is present in the room. +# enableMakeRoomAdminCommand: false + # Misc options for command handling and commands commands: - # If true, Mjolnir will respond to commands like !help and !ban instead of - # requiring a prefix. This is useful if Mjolnir is the only bot running in - # your management room. + # Whether or not the `!mjolnir` prefix is necessary to submit commands. # - # Note that Mjolnir can be pinged by display name instead of having to use + # If `true`, will allow commands like `!ban`, `!help`, etc. + # + # Note: Mjolnir can also be pinged by display name instead of having to use # the !mjolnir prefix. For example, "my_moderator_bot: ban @spammer:example.org" - # will ban a user. + # will address only my_moderator_bot. allowNoPrefix: false - # In addition to the bot's display name, !mjolnir, and optionally no prefix - # above, the bot will respond to these names. The items here can be used either - # as display names or prefixed with exclamation points. + # Any additional bot prefixes that Mjolnir will listen to. i.e. adding `mod` will allow `!mod help`. additionalPrefixes: - "mjolnir_bot" - # If true, ban commands that use wildcard characters require confirmation with - # an extra `--force` argument + # Whether or not commands with a wildcard (*) will require an additional `--force` argument + # in the command to be able to be submitted. confirmWildcardBan: true -# Configuration specific to certain toggleable protections +# Configuration specific to certain toggle-able protections #protections: # # Configuration for the wordlist plugin, which can ban users based if they say certain # # blocked words shortly after joining. # wordlist: -# # A list of words which should be monitored by the bot. These will match if any part -# # of the word is present in the message in any case. e.g. "hello" also matches -# # "HEllO". Additionally, regular expressions can be used. +# # A list of case-insensitive keywords that the WordList protection will watch for from new users. +# # +# # WordList will ban users who use these words when first joining a room, so take caution when selecting them. +# # +# # For advanced usage, regex can also be used, see the following links for more information; +# # - https://www.digitalocean.com/community/tutorials/an-introduction-to-regular-expressions +# # - https://regexr.com/ +# # - https://regexone.com/ # words: -# - "CaSe" -# - "InSeNsAtIve" -# - "WoRd" -# - "LiSt" +# - "LoReM" +# - "IpSuM" +# - "DoLoR" +# - "aMeT" # -# # How long after a user joins the server should the bot monitor their messages. After -# # this time, users can say words from the wordlist without being banned automatically. -# # Set to zero to disable (users will always be banned if they say a bad word) +# # For how long (in minutes) the user is "new" to the WordList plugin. +# # +# # After this time, the user will no longer be banned for using a word in the above wordlist. +# # +# # Set to zero to disable the timeout and make users *always* appear "new". +# # (users will always be banned if they say a bad word) # minutesBeforeTrusting: 20 -# Options for monitoring the health of the bot +# Options for advanced monitoring of the health of the bot. health: # healthz options. These options are best for use in container environments # like Kubernetes to detect how healthy the service is. The bot will report @@ -160,3 +208,39 @@ health: # The HTTP status code which reports that the bot is not healthy/ready. # Defaults to 418. unhealthyStatus: 418 + +# Options for exposing web APIs. +#web: +# # Whether to enable web APIs. +# enabled: false +# +# # The port to expose the webserver on. Defaults to 8080. +# port: 8080 +# +# # The address to listen for requests on. Defaults to only the current +# # computer. +# address: localhost +# +# # Alternative setting to open to the entire web. Be careful, +# # as this will increase your security perimeter: +# # +# # address: "0.0.0.0" +# +# # A web API designed to intercept Matrix API +# # POST /_matrix/client/r0/rooms/{roomId}/report/{eventId} +# # and display readable abuse reports in the moderation room. +# # +# # If you wish to take advantage of this feature, you will need +# # to configure a reverse proxy, see e.g. test/nginx.conf +# abuseReporting: +# # Whether to enable this feature. +# enabled: false + +# Whether or not to actively poll synapse for abuse reports, to be used +# instead of intercepting client calls to synapse's abuse endpoint, when that +# isn't possible/practical. +pollReports: true + +# Whether or not new reports, received either by webapi or polling, +# should be printed to our managementRoom. +displayReports: true \ No newline at end of file From b51fe595b279b368b959031ac781ca5511efb0ae Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 30 Sep 2022 08:30:26 +0300 Subject: [PATCH 364/562] Upgrade matrix-corporal (2.3.0 -> 2.3.1) --- roles/matrix-corporal/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-corporal/defaults/main.yml b/roles/matrix-corporal/defaults/main.yml index bb1b8fa1..0ea8c75c 100644 --- a/roles/matrix-corporal/defaults/main.yml +++ b/roles/matrix-corporal/defaults/main.yml @@ -23,7 +23,7 @@ matrix_corporal_container_extra_arguments: [] # List of systemd services that matrix-corporal.service depends on matrix_corporal_systemd_required_services_list: ['docker.service'] -matrix_corporal_version: 2.3.0 +matrix_corporal_version: 2.3.1 matrix_corporal_docker_image: "{{ matrix_corporal_docker_image_name_prefix }}devture/matrix-corporal:{{ matrix_corporal_docker_image_tag }}" matrix_corporal_docker_image_name_prefix: "{{ 'localhost/' if matrix_corporal_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_corporal_docker_image_tag: "{{ matrix_corporal_version }}" # for backward-compatibility From c650495c0e6b8e0bb7a779e75e392c6369dd9d2f Mon Sep 17 00:00:00 2001 From: Warrows Date: Fri, 30 Sep 2022 11:50:43 +0200 Subject: [PATCH 365/562] Update proxied nginx for maubot --- roles/matrix-bot-maubot/tasks/init.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/matrix-bot-maubot/tasks/init.yml b/roles/matrix-bot-maubot/tasks/init.yml index 461af060..888d58d8 100644 --- a/roles/matrix-bot-maubot/tasks/init.yml +++ b/roles/matrix-bot-maubot/tasks/init.yml @@ -14,8 +14,9 @@ {% if matrix_nginx_proxy_enabled | default(False) %} {# Use the embedded DNS resolver in Docker containers to discover the service #} resolver 127.0.0.11 valid=5s; - set $backend "matrix-bot-maubot:{{ matrix_bot_maubot_management_interface_port }}/$1"; + set $backend "matrix-bot-maubot:{{ matrix_bot_maubot_management_interface_port }}$request_uri"; proxy_pass http://$backend; + proxy_set_header Host $host; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; {% else %} From 851a52a532e916965c04a0c28a9289173def9ee8 Mon Sep 17 00:00:00 2001 From: Darren Rambaud Date: Fri, 30 Sep 2022 08:35:26 -0500 Subject: [PATCH 366/562] dendrite: update tag image version - update to 0.10.0 (https://github.com/matrix-org/dendrite/releases/tag/v0.10.0) --- roles/matrix-dendrite/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml index 542ed136..e1d1bec1 100644 --- a/roles/matrix-dendrite/defaults/main.yml +++ b/roles/matrix-dendrite/defaults/main.yml @@ -6,7 +6,7 @@ matrix_dendrite_enabled: true matrix_dendrite_docker_image: "{{ matrix_dendrite_docker_image_name_prefix }}matrixdotorg/dendrite-monolith:{{ matrix_dendrite_docker_image_tag }}" matrix_dendrite_docker_image_name_prefix: "docker.io/" -matrix_dendrite_docker_image_tag: "v0.9.9" +matrix_dendrite_docker_image_tag: "v0.10.0" matrix_dendrite_docker_image_force_pull: "{{ matrix_dendrite_docker_image.endswith(':latest') }}" matrix_dendrite_base_path: "{{ matrix_base_data_path }}/dendrite" From ec8daad805b845e9ce8180cc72a98fd99d8cd9bf Mon Sep 17 00:00:00 2001 From: Darren Rambaud Date: Fri, 30 Sep 2022 12:08:18 -0500 Subject: [PATCH 367/562] dendrite: update image tag version - update to v0.10.1 (https://github.com/matrix-org/dendrite/releases/tag/v0.10.1) --- roles/matrix-dendrite/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml index e1d1bec1..9c8789e8 100644 --- a/roles/matrix-dendrite/defaults/main.yml +++ b/roles/matrix-dendrite/defaults/main.yml @@ -6,7 +6,7 @@ matrix_dendrite_enabled: true matrix_dendrite_docker_image: "{{ matrix_dendrite_docker_image_name_prefix }}matrixdotorg/dendrite-monolith:{{ matrix_dendrite_docker_image_tag }}" matrix_dendrite_docker_image_name_prefix: "docker.io/" -matrix_dendrite_docker_image_tag: "v0.10.0" +matrix_dendrite_docker_image_tag: "v0.10.1" matrix_dendrite_docker_image_force_pull: "{{ matrix_dendrite_docker_image.endswith(':latest') }}" matrix_dendrite_base_path: "{{ matrix_base_data_path }}/dendrite" From 81ee2449a8ab8b3d30156fe32021667d94cc49d4 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sun, 2 Oct 2022 09:18:54 +0300 Subject: [PATCH 368/562] Remove double ; --- roles/matrix-ldap-registration-proxy/tasks/init.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-ldap-registration-proxy/tasks/init.yml b/roles/matrix-ldap-registration-proxy/tasks/init.yml index 79d603df..0b2051c3 100644 --- a/roles/matrix-ldap-registration-proxy/tasks/init.yml +++ b/roles/matrix-ldap-registration-proxy/tasks/init.yml @@ -28,7 +28,7 @@ {# Use the embedded DNS resolver in Docker containers to discover the service #} resolver 127.0.0.11 valid=5s; set $backend "{{ matrix_ldap_registration_proxy_registration_addr_with_container }}"; - proxy_pass http://$backend/register;; + proxy_pass http://$backend/register; {% else %} {# Generic configuration for use outside of our container setup #} proxy_pass http://{{ matrix_ldap_registration_proxy_registration_addr_sans_container }}/register; From f4804f475a1cf0d724ca691c434c0ff64d9c3e2d Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sun, 2 Oct 2022 09:27:49 +0300 Subject: [PATCH 369/562] Announce matrix-ldap-registration-proxy Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2038 --- CHANGELOG.md | 9 +++++++++ docs/configuring-playbook-ldap-auth.md | 7 +++++++ ...onfiguring-playbook-matrix-ldap-registration-proxy.md | 2 +- 3 files changed, 17 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index deb1bc0c..06664634 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,12 @@ +# 2022-10-02 + +## matrix-ldap-registration-proxy support + +Thanks to [@TheOneWithTheBraid](https://github.com/TheOneWithTheBraid), we now support installing [matrix-ldap-registration-proxy](https://gitlab.com/activism.international/matrix_ldap_registration_proxy) - a proxy which handles Matrix registration requests and forwards them to LDAP. + +See our [Setting up the ldap-registration-proxy](docs/configuring-playbook-matrix-ldap-registration-proxy.md) documentation to get started. + + # 2022-09-15 ## (Potential Backward Compatibility Break) Major improvements to Synapse workers diff --git a/docs/configuring-playbook-ldap-auth.md b/docs/configuring-playbook-ldap-auth.md index 5144323a..ecc0f257 100644 --- a/docs/configuring-playbook-ldap-auth.md +++ b/docs/configuring-playbook-ldap-auth.md @@ -28,5 +28,12 @@ If you wish for users to **authenticate only against configured password provide matrix_synapse_password_config_localdb_enabled: false ``` + ## Using ma1sd Identity Server for authentication + If you wish to use the ma1sd Identity Server for LDAP authentication instead of [matrix-synapse-ldap3](https://github.com/matrix-org/matrix-synapse-ldap3) consult [Adjusting ma1sd Identity Server configuration](configuring-playbook-ma1sd.md#authentication). + + +## Handling user registration + +If you wish for users to also be able to make new registrations against LDAP, you may **also** wish to [set up the ldap-registration-proxy](configuring-playbook-matrix-ldap-registration-proxy.md). diff --git a/docs/configuring-playbook-matrix-ldap-registration-proxy.md b/docs/configuring-playbook-matrix-ldap-registration-proxy.md index 8a4adae4..16e0641e 100644 --- a/docs/configuring-playbook-matrix-ldap-registration-proxy.md +++ b/docs/configuring-playbook-matrix-ldap-registration-proxy.md @@ -20,7 +20,7 @@ matrix_ldap_registration_proxy_ldap_user: matrix_ldap_registration_proxy_ldap_password: ``` -If you already use the [synapse external password provider via LDAP](docs/configuring-playbook-ldap-auth.md) (that is, you have `matrix_synapse_ext_password_provider_ldap_enabled: true` and other options in your configuration) +If you already use the [synapse external password provider via LDAP](configuring-playbook-ldap-auth.md) (that is, you have `matrix_synapse_ext_password_provider_ldap_enabled: true` and other options in your configuration) you can use the following values as configuration: ```yaml From 033f188c1ee0e1fecd933577d1d517475df2e314 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sun, 2 Oct 2022 11:10:32 +0300 Subject: [PATCH 370/562] Upgrade matrix-corporal (2.3.1 -> 2.3.2) --- roles/matrix-corporal/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-corporal/defaults/main.yml b/roles/matrix-corporal/defaults/main.yml index 0ea8c75c..0cae911b 100644 --- a/roles/matrix-corporal/defaults/main.yml +++ b/roles/matrix-corporal/defaults/main.yml @@ -23,7 +23,7 @@ matrix_corporal_container_extra_arguments: [] # List of systemd services that matrix-corporal.service depends on matrix_corporal_systemd_required_services_list: ['docker.service'] -matrix_corporal_version: 2.3.1 +matrix_corporal_version: 2.3.2 matrix_corporal_docker_image: "{{ matrix_corporal_docker_image_name_prefix }}devture/matrix-corporal:{{ matrix_corporal_docker_image_tag }}" matrix_corporal_docker_image_name_prefix: "{{ 'localhost/' if matrix_corporal_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_corporal_docker_image_tag: "{{ matrix_corporal_version }}" # for backward-compatibility From 43e38170e50834e11010f72e7ccdb53669755ee5 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sun, 2 Oct 2022 16:47:55 +0300 Subject: [PATCH 371/562] Upgrade matrix-corporal (2.3.2 -> 2.4.0) --- roles/matrix-corporal/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-corporal/defaults/main.yml b/roles/matrix-corporal/defaults/main.yml index 0cae911b..8c391dfb 100644 --- a/roles/matrix-corporal/defaults/main.yml +++ b/roles/matrix-corporal/defaults/main.yml @@ -23,7 +23,7 @@ matrix_corporal_container_extra_arguments: [] # List of systemd services that matrix-corporal.service depends on matrix_corporal_systemd_required_services_list: ['docker.service'] -matrix_corporal_version: 2.3.2 +matrix_corporal_version: 2.4.0 matrix_corporal_docker_image: "{{ matrix_corporal_docker_image_name_prefix }}devture/matrix-corporal:{{ matrix_corporal_docker_image_tag }}" matrix_corporal_docker_image_name_prefix: "{{ 'localhost/' if matrix_corporal_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_corporal_docker_image_tag: "{{ matrix_corporal_version }}" # for backward-compatibility From 2aceb445af81f3fa049961bf8946e5687f3f381c Mon Sep 17 00:00:00 2001 From: Catalan Lover <48515417+FSG-Cat@users.noreply.github.com> Date: Sun, 2 Oct 2022 21:14:56 +0200 Subject: [PATCH 372/562] Fix config error that can cause Mjolnir to crash --- roles/matrix-bot-mjolnir/templates/production.yaml.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-bot-mjolnir/templates/production.yaml.j2 b/roles/matrix-bot-mjolnir/templates/production.yaml.j2 index 7963982f..7643d65f 100644 --- a/roles/matrix-bot-mjolnir/templates/production.yaml.j2 +++ b/roles/matrix-bot-mjolnir/templates/production.yaml.j2 @@ -239,8 +239,8 @@ health: # Whether or not to actively poll synapse for abuse reports, to be used # instead of intercepting client calls to synapse's abuse endpoint, when that # isn't possible/practical. -pollReports: true +pollReports: false # Whether or not new reports, received either by webapi or polling, # should be printed to our managementRoom. -displayReports: true \ No newline at end of file +displayReports: false From 936412a08e2335b81cc6fc33ffccf1e18c0df566 Mon Sep 17 00:00:00 2001 From: Warrows Date: Mon, 3 Oct 2022 14:25:30 +0200 Subject: [PATCH 373/562] Update proxied nginx for maubot - Don't put unnecessary Host header. - Update both cases (with or without nginx proxy) --- roles/matrix-bot-maubot/tasks/init.yml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/roles/matrix-bot-maubot/tasks/init.yml b/roles/matrix-bot-maubot/tasks/init.yml index 888d58d8..6d021043 100644 --- a/roles/matrix-bot-maubot/tasks/init.yml +++ b/roles/matrix-bot-maubot/tasks/init.yml @@ -14,14 +14,13 @@ {% if matrix_nginx_proxy_enabled | default(False) %} {# Use the embedded DNS resolver in Docker containers to discover the service #} resolver 127.0.0.11 valid=5s; - set $backend "matrix-bot-maubot:{{ matrix_bot_maubot_management_interface_port }}$request_uri"; - proxy_pass http://$backend; - proxy_set_header Host $host; + set $backend "matrix-bot-maubot:{{ matrix_bot_maubot_management_interface_port }}; + proxy_pass http://$backend$request_uri"; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; {% else %} {# Generic configuration for use outside of our container setup #} - proxy_pass http://127.0.0.1:{{ matrix_bot_maubot_management_interface_port }}/$1; + proxy_pass http://127.0.0.1:{{ matrix_bot_maubot_management_interface_port }}$request_uri"; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; {% endif %} From 5fd94466e17b8d69ff91964bbaa61fc81311f084 Mon Sep 17 00:00:00 2001 From: Warrows Date: Mon, 3 Oct 2022 23:44:45 +0200 Subject: [PATCH 374/562] Fix quote error introduced in 936412a08 --- roles/matrix-bot-maubot/tasks/init.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/matrix-bot-maubot/tasks/init.yml b/roles/matrix-bot-maubot/tasks/init.yml index 6d021043..ccb5956e 100644 --- a/roles/matrix-bot-maubot/tasks/init.yml +++ b/roles/matrix-bot-maubot/tasks/init.yml @@ -14,13 +14,13 @@ {% if matrix_nginx_proxy_enabled | default(False) %} {# Use the embedded DNS resolver in Docker containers to discover the service #} resolver 127.0.0.11 valid=5s; - set $backend "matrix-bot-maubot:{{ matrix_bot_maubot_management_interface_port }}; - proxy_pass http://$backend$request_uri"; + set $backend "matrix-bot-maubot:{{ matrix_bot_maubot_management_interface_port }}"; + proxy_pass http://$backend$request_uri; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; {% else %} {# Generic configuration for use outside of our container setup #} - proxy_pass http://127.0.0.1:{{ matrix_bot_maubot_management_interface_port }}$request_uri"; + proxy_pass http://127.0.0.1:{{ matrix_bot_maubot_management_interface_port }}$request_uri; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; {% endif %} From 0a5cc4436bbe81215d0209bda8485e9393fdae1b Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 4 Oct 2022 13:41:11 +0000 Subject: [PATCH 375/562] Update grafana 9.1.6 -> 9.1.7 --- roles/matrix-grafana/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index 6c02dde7..2b139cd4 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -5,7 +5,7 @@ matrix_grafana_enabled: true -matrix_grafana_version: 9.1.6 +matrix_grafana_version: 9.1.7 matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}" matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}" From 9b1d0a98943403fa07e3fe9a2b64f5f47d3b8500 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Wed, 5 Oct 2022 06:42:02 +0000 Subject: [PATCH 376/562] Update prometheus 2.38.0 -> 2.39.0 --- roles/matrix-prometheus/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-prometheus/defaults/main.yml b/roles/matrix-prometheus/defaults/main.yml index 002309ac..b2d5e964 100644 --- a/roles/matrix-prometheus/defaults/main.yml +++ b/roles/matrix-prometheus/defaults/main.yml @@ -5,7 +5,7 @@ matrix_prometheus_enabled: false -matrix_prometheus_version: v2.38.0 +matrix_prometheus_version: v2.39.0 matrix_prometheus_docker_image: "{{ matrix_container_global_registry_prefix }}prom/prometheus:{{ matrix_prometheus_version }}" matrix_prometheus_docker_image_force_pull: "{{ matrix_prometheus_docker_image.endswith(':latest') }}" From 7872aa1611f5251909b1ff8403a10c3b3c5f2c99 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Wed, 5 Oct 2022 08:47:29 +0000 Subject: [PATCH 377/562] Update hookshot 2.2.0 -> 2.3.0 --- roles/matrix-bridge-hookshot/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-hookshot/defaults/main.yml b/roles/matrix-bridge-hookshot/defaults/main.yml index 57d31af5..b9b30866 100644 --- a/roles/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/matrix-bridge-hookshot/defaults/main.yml @@ -10,7 +10,7 @@ matrix_hookshot_container_image_self_build: false matrix_hookshot_container_image_self_build_repo: "https://github.com/matrix-org/matrix-hookshot.git" matrix_hookshot_container_image_self_build_branch: "{{ 'main' if matrix_hookshot_version == 'latest' else matrix_hookshot_version }}" -matrix_hookshot_version: 2.2.0 +matrix_hookshot_version: 2.3.0 matrix_hookshot_docker_image: "{{ matrix_hookshot_docker_image_name_prefix }}halfshot/matrix-hookshot:{{ matrix_hookshot_version }}" matrix_hookshot_docker_image_name_prefix: "{{ 'localhost/' if matrix_hookshot_container_image_self_build else matrix_container_global_registry_prefix }}" From d1b5681ba0f523b2908eb7eb21239a840f824e66 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 6 Oct 2022 10:03:16 +0300 Subject: [PATCH 378/562] Report async task failures better We were previously trying to reach into `.rc`, but there's no such thing if `async_result.finished == 0`. Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2153 --- roles/matrix-postgres/tasks/import_postgres.yml | 3 ++- roles/matrix-postgres/tasks/run_vacuum.yml | 3 ++- .../tasks/rust-synapse-compress-state/compress_room.yml | 6 ++++-- .../tasks/rust-synapse-compress-state/main.yml | 1 + 4 files changed, 9 insertions(+), 4 deletions(-) diff --git a/roles/matrix-postgres/tasks/import_postgres.yml b/roles/matrix-postgres/tasks/import_postgres.yml index 53d67436..965719e4 100644 --- a/roles/matrix-postgres/tasks/import_postgres.yml +++ b/roles/matrix-postgres/tasks/import_postgres.yml @@ -108,4 +108,5 @@ async: "{{ postgres_import_wait_time }}" poll: 10 register: matrix_postgres_import_postgres_command_result - changed_when: matrix_postgres_import_postgres_command_result.rc == 0 + failed_when: not matrix_postgres_import_postgres_command_result.async_result.finished + changed_when: matrix_postgres_import_postgres_command_result.async_result.finished and matrix_postgres_import_postgres_command_result.rc == 0 diff --git a/roles/matrix-postgres/tasks/run_vacuum.yml b/roles/matrix-postgres/tasks/run_vacuum.yml index ce2bee6b..efe69a83 100644 --- a/roles/matrix-postgres/tasks/run_vacuum.yml +++ b/roles/matrix-postgres/tasks/run_vacuum.yml @@ -78,7 +78,8 @@ async: "{{ postgres_vacuum_wait_time }}" poll: 10 register: matrix_postgres_synapse_vacuum_result - changed_when: matrix_postgres_synapse_vacuum_result.rc == 0 + failed_when: not matrix_postgres_synapse_vacuum_result.async_result.finished + changed_when: matrix_postgres_synapse_vacuum_result.async_result.finished and matrix_postgres_synapse_vacuum_result.rc == 0 # Intentionally show the results - ansible.builtin.debug: var="matrix_postgres_synapse_vacuum_result" diff --git a/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml b/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml index 221a7570..ff42cbc4 100644 --- a/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml +++ b/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml @@ -21,7 +21,8 @@ async: "{{ matrix_synapse_rust_synapse_compress_state_compress_room_time }}" poll: 10 register: matrix_synapse_rust_synapse_compress_state_compress_room_command_result - changed_when: matrix_synapse_rust_synapse_compress_state_compress_room_command_result.rc == 0 + failed_when: not matrix_synapse_rust_synapse_compress_state_compress_room_command_result.async_result.finished + changed_when: matrix_synapse_rust_synapse_compress_state_compress_room_command_result.async_result.finished and matrix_synapse_rust_synapse_compress_state_compress_room_command_result.rc == 0 - ansible.builtin.debug: var="matrix_synapse_rust_synapse_compress_state_compress_room_command_result" @@ -44,7 +45,8 @@ async: "{{ matrix_synapse_rust_synapse_compress_state_psql_import_time }}" poll: 10 register: matrix_synapse_rust_synapse_compress_state_psql_import_command_result - changed_when: matrix_synapse_rust_synapse_compress_state_psql_import_command_result.rc == 0 + failed_when: not matrix_synapse_rust_synapse_compress_state_psql_import_command_result.async_result.finished + changed_when: matrix_synapse_rust_synapse_compress_state_psql_import_command_result.async_result.finished and matrix_synapse_rust_synapse_compress_state_psql_import_command_result.rc == 0 - name: Clean up ansible.builtin.file: diff --git a/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml b/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml index fab0af55..dcf9eed9 100644 --- a/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml +++ b/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml @@ -70,6 +70,7 @@ async: "{{ matrix_synapse_rust_synapse_compress_state_find_rooms_command_wait_time }}" poll: 10 register: matrix_synapse_rust_synapse_compress_state_find_rooms_command_result + failed_when: not matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.async_result.finished changed_when: false # We expect the output to be like this: From 8d40ddd6548b1f90274442c1bc5948d07c1e8a39 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 6 Oct 2022 13:22:52 +0300 Subject: [PATCH 379/562] Adjust importing-postgres docs to mention postgres_default_import_database --- docs/importing-postgres.md | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/docs/importing-postgres.md b/docs/importing-postgres.md index c5a8d828..09c9b667 100644 --- a/docs/importing-postgres.md +++ b/docs/importing-postgres.md @@ -12,7 +12,7 @@ If your database name differs, be sure to change `matrix_synapse_database_databa The playbook supports importing Postgres dump files in **text** (e.g. `pg_dump > dump.sql`) or **gzipped** formats (e.g. `pg_dump | gzip -c > dump.sql.gz`). -Importing multiple databases (as dumped by `pg_dumpall`) is also supported. +Importing multiple databases (as dumped by `pg_dumpall`) is also supported. But the migration might be a good moment, to "reset" a not properly working bridge. Be aware, that it might affect all users (new link to bridge, new roomes, ...) Before doing the actual import, **you need to upload your Postgres dump file to the server** (any path is okay). @@ -24,11 +24,14 @@ To import, run this command (make sure to replace `` must be a file path to a Postgres dump file on the server (not on your local machine!). +**Notes**: + +- `` must be a file path to a Postgres dump file on the server (not on your local machine!) +- `postgres_default_import_database` defaults to `matrix`, which is useful for importing multiple databases (for dumps made with `pg_dumpall`). If you're importing a single database (e.g. `synapse`), consider changing `postgres_default_import_database` accordingly ## Troubleshooting @@ -90,7 +93,7 @@ If not, you probably get this error. `synapse` is the correct table owner, but t "ERROR: role synapse does not exist" ``` -Once the database is clear and the ownership of the tables has been fixed in the SQL file, the import task should succeed. +Once the database is clear and the ownership of the tables has been fixed in the SQL file, the import task should succeed. Check, if `--dbname` is set to `synapse` (not `matrix`) and replace paths (or even better, copy this line from your terminal) ``` From e9993856a6240a4c00e5ceda341adbe77a6a2ae3 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 6 Oct 2022 13:23:48 +0300 Subject: [PATCH 380/562] Fix typo --- docs/importing-postgres.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/importing-postgres.md b/docs/importing-postgres.md index 09c9b667..fe3817f5 100644 --- a/docs/importing-postgres.md +++ b/docs/importing-postgres.md @@ -13,7 +13,7 @@ If your database name differs, be sure to change `matrix_synapse_database_databa The playbook supports importing Postgres dump files in **text** (e.g. `pg_dump > dump.sql`) or **gzipped** formats (e.g. `pg_dump | gzip -c > dump.sql.gz`). Importing multiple databases (as dumped by `pg_dumpall`) is also supported. -But the migration might be a good moment, to "reset" a not properly working bridge. Be aware, that it might affect all users (new link to bridge, new roomes, ...) +But the migration might be a good moment, to "reset" a not properly working bridge. Be aware, that it might affect all users (new link to bridge, new rooms, ...) Before doing the actual import, **you need to upload your Postgres dump file to the server** (any path is okay). From 69b1b56691c6ebdcc41cab8b27c10864c0c7c198 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 6 Oct 2022 14:01:20 +0300 Subject: [PATCH 381/562] Upgrade signald (0.21.1 -> 0.22.2) --- roles/matrix-bridge-mautrix-signal/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-signal/defaults/main.yml b/roles/matrix-bridge-mautrix-signal/defaults/main.yml index d8e4016c..9a06e423 100644 --- a/roles/matrix-bridge-mautrix-signal/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-signal/defaults/main.yml @@ -10,7 +10,7 @@ matrix_mautrix_signal_docker_repo_version: "{{ 'master' if matrix_mautrix_signal matrix_mautrix_signal_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-signal/docker-src" matrix_mautrix_signal_version: v0.4.0 -matrix_mautrix_signal_daemon_version: 0.21.1 +matrix_mautrix_signal_daemon_version: 0.22.2 # See: https://mau.dev/mautrix/signal/container_registry matrix_mautrix_signal_docker_image: "dock.mau.dev/mautrix/signal:{{ matrix_mautrix_signal_version }}" matrix_mautrix_signal_docker_image_force_pull: "{{ matrix_mautrix_signal_docker_image.endswith(':latest') }}" From aff7ca2426a75323cb091765b316d8af9cfdbaf0 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 6 Oct 2022 16:39:07 +0300 Subject: [PATCH 382/562] Upgrade appservice-slack (1.11.0 -> 2.0.1) This also disables self-building on arm64, since it's no longer necessary: https://github.com/matrix-org/matrix-appservice-slack/pull/656 --- group_vars/matrix_servers | 2 +- roles/matrix-bridge-appservice-slack/defaults/main.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 3ca4d6f2..cfccd387 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -139,7 +139,7 @@ matrix_appservice_webhooks_systemd_required_services_list: | # We don't enable bridges by default. matrix_appservice_slack_enabled: false -matrix_appservice_slack_container_image_self_build: "{{ matrix_architecture != 'amd64' }}" +matrix_appservice_slack_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}" # Normally, matrix-nginx-proxy is enabled and nginx can reach matrix-appservice-slack over the container network. # If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose diff --git a/roles/matrix-bridge-appservice-slack/defaults/main.yml b/roles/matrix-bridge-appservice-slack/defaults/main.yml index 71fca8e6..b5fbc13f 100644 --- a/roles/matrix-bridge-appservice-slack/defaults/main.yml +++ b/roles/matrix-bridge-appservice-slack/defaults/main.yml @@ -11,7 +11,7 @@ matrix_appservice_slack_docker_src_files_path: "{{ matrix_base_data_path }}/apps # matrix_appservice_slack_version used to contain the full Docker image tag (e.g. `release-X.X.X`). # It's a bare version number now. We try to somewhat retain compatibility below. -matrix_appservice_slack_version: 1.11.0 +matrix_appservice_slack_version: 2.0.1 matrix_appservice_slack_docker_image: "{{ matrix_container_global_registry_prefix }}matrixdotorg/matrix-appservice-slack:{{ matrix_appservice_slack_docker_image_tag }}" matrix_appservice_slack_docker_image_tag: "{{ 'latest' if matrix_appservice_slack_version == 'latest' else ('release-' + matrix_appservice_slack_version) }}" matrix_appservice_slack_docker_image_force_pull: "{{ matrix_appservice_slack_docker_image.endswith(':latest') }}" From a12cbeac3bfde7a9166b3e18604fdcc1c3db204d Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 6 Oct 2022 19:48:11 +0300 Subject: [PATCH 383/562] Fix async commands Fixes a regression introduced in d1b5681ba0f523. Looks like `.finished` is a property on the main object, not on some `.async_result` object. --- roles/matrix-postgres/tasks/import_postgres.yml | 4 ++-- roles/matrix-postgres/tasks/run_vacuum.yml | 4 ++-- .../tasks/rust-synapse-compress-state/compress_room.yml | 8 ++++---- .../tasks/rust-synapse-compress-state/main.yml | 2 +- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/roles/matrix-postgres/tasks/import_postgres.yml b/roles/matrix-postgres/tasks/import_postgres.yml index 965719e4..40877e0b 100644 --- a/roles/matrix-postgres/tasks/import_postgres.yml +++ b/roles/matrix-postgres/tasks/import_postgres.yml @@ -108,5 +108,5 @@ async: "{{ postgres_import_wait_time }}" poll: 10 register: matrix_postgres_import_postgres_command_result - failed_when: not matrix_postgres_import_postgres_command_result.async_result.finished - changed_when: matrix_postgres_import_postgres_command_result.async_result.finished and matrix_postgres_import_postgres_command_result.rc == 0 + failed_when: not matrix_postgres_import_postgres_command_result.finished + changed_when: matrix_postgres_import_postgres_command_result.finished and matrix_postgres_import_postgres_command_result.rc == 0 diff --git a/roles/matrix-postgres/tasks/run_vacuum.yml b/roles/matrix-postgres/tasks/run_vacuum.yml index efe69a83..aafa761d 100644 --- a/roles/matrix-postgres/tasks/run_vacuum.yml +++ b/roles/matrix-postgres/tasks/run_vacuum.yml @@ -78,8 +78,8 @@ async: "{{ postgres_vacuum_wait_time }}" poll: 10 register: matrix_postgres_synapse_vacuum_result - failed_when: not matrix_postgres_synapse_vacuum_result.async_result.finished - changed_when: matrix_postgres_synapse_vacuum_result.async_result.finished and matrix_postgres_synapse_vacuum_result.rc == 0 + failed_when: not matrix_postgres_synapse_vacuum_result.finished + changed_when: matrix_postgres_synapse_vacuum_result.finished and matrix_postgres_synapse_vacuum_result.rc == 0 # Intentionally show the results - ansible.builtin.debug: var="matrix_postgres_synapse_vacuum_result" diff --git a/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml b/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml index ff42cbc4..6ae016fc 100644 --- a/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml +++ b/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml @@ -21,8 +21,8 @@ async: "{{ matrix_synapse_rust_synapse_compress_state_compress_room_time }}" poll: 10 register: matrix_synapse_rust_synapse_compress_state_compress_room_command_result - failed_when: not matrix_synapse_rust_synapse_compress_state_compress_room_command_result.async_result.finished - changed_when: matrix_synapse_rust_synapse_compress_state_compress_room_command_result.async_result.finished and matrix_synapse_rust_synapse_compress_state_compress_room_command_result.rc == 0 + failed_when: not matrix_synapse_rust_synapse_compress_state_compress_room_command_result.finished + changed_when: matrix_synapse_rust_synapse_compress_state_compress_room_command_result.finished and matrix_synapse_rust_synapse_compress_state_compress_room_command_result.rc == 0 - ansible.builtin.debug: var="matrix_synapse_rust_synapse_compress_state_compress_room_command_result" @@ -45,8 +45,8 @@ async: "{{ matrix_synapse_rust_synapse_compress_state_psql_import_time }}" poll: 10 register: matrix_synapse_rust_synapse_compress_state_psql_import_command_result - failed_when: not matrix_synapse_rust_synapse_compress_state_psql_import_command_result.async_result.finished - changed_when: matrix_synapse_rust_synapse_compress_state_psql_import_command_result.async_result.finished and matrix_synapse_rust_synapse_compress_state_psql_import_command_result.rc == 0 + failed_when: not matrix_synapse_rust_synapse_compress_state_psql_import_command_result.finished + changed_when: matrix_synapse_rust_synapse_compress_state_psql_import_command_result.finished and matrix_synapse_rust_synapse_compress_state_psql_import_command_result.rc == 0 - name: Clean up ansible.builtin.file: diff --git a/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml b/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml index dcf9eed9..b48e6077 100644 --- a/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml +++ b/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml @@ -70,7 +70,7 @@ async: "{{ matrix_synapse_rust_synapse_compress_state_find_rooms_command_wait_time }}" poll: 10 register: matrix_synapse_rust_synapse_compress_state_find_rooms_command_result - failed_when: not matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.async_result.finished + failed_when: not matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.finished changed_when: false # We expect the output to be like this: From 61a1d6a7bd33366b09b6c4680ee3260f5a797955 Mon Sep 17 00:00:00 2001 From: Aine Date: Thu, 6 Oct 2022 23:08:58 +0300 Subject: [PATCH 384/562] Update Postmoogle 0.9.4 -> 0.9.5 --- roles/matrix-bot-postmoogle/defaults/main.yml | 5 ++++- roles/matrix-bot-postmoogle/templates/env.j2 | 1 + 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index abec64c4..949f0913 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -9,7 +9,7 @@ matrix_bot_postmoogle_docker_repo: "https://gitlab.com/etke.cc/postmoogle.git" matrix_bot_postmoogle_docker_repo_version: "{{ 'main' if matrix_bot_postmoogle_version == 'latest' else matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_src_files_path: "{{ matrix_base_data_path }}/postmoogle/docker-src" -matrix_bot_postmoogle_version: v0.9.4 +matrix_bot_postmoogle_version: v0.9.5 matrix_bot_postmoogle_docker_image: "{{ matrix_bot_postmoogle_docker_image_name_prefix }}postmoogle:{{ matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_postmoogle_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" matrix_bot_postmoogle_docker_image_force_pull: "{{ matrix_bot_postmoogle_docker_image.endswith(':latest') }}" @@ -110,6 +110,9 @@ matrix_bot_postmoogle_noencryption: false matrix_bot_postmoogle_domain: "{{ matrix_server_fqn_matrix }}" +# Password (passphrase) to encrypt account data +matrix_bot_postmoogle_data_secret: "" + # in-container ports matrix_bot_postmoogle_port: '2525' matrix_bot_postmoogle_tls_port: '25587' diff --git a/roles/matrix-bot-postmoogle/templates/env.j2 b/roles/matrix-bot-postmoogle/templates/env.j2 index 304e0dd8..c8151053 100644 --- a/roles/matrix-bot-postmoogle/templates/env.j2 +++ b/roles/matrix-bot-postmoogle/templates/env.j2 @@ -15,5 +15,6 @@ POSTMOOGLE_TLS_PORT={{ matrix_bot_postmoogle_tls_port }} POSTMOOGLE_TLS_CERT={{ matrix_bot_postmoogle_tls_cert }} POSTMOOGLE_TLS_KEY={{ matrix_bot_postmoogle_tls_key }} POSTMOOGLE_TLS_REQUIRED={{ matrix_bot_postmoogle_tls_required }} +POSTMOOGLE_DATA_SECRET={{ matrix_bot_postmoogle_data_secret }} {{ matrix_bot_postmoogle_environment_variables_extension }} From 12d4e080fa1bede67b3c57d8fbffb6498895db95 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 7 Oct 2022 21:36:36 +0300 Subject: [PATCH 385/562] Upgrade Dendrite (0.10.1 -> 0.10.2) --- roles/matrix-dendrite/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml index 9c8789e8..92a9ff9f 100644 --- a/roles/matrix-dendrite/defaults/main.yml +++ b/roles/matrix-dendrite/defaults/main.yml @@ -6,7 +6,7 @@ matrix_dendrite_enabled: true matrix_dendrite_docker_image: "{{ matrix_dendrite_docker_image_name_prefix }}matrixdotorg/dendrite-monolith:{{ matrix_dendrite_docker_image_tag }}" matrix_dendrite_docker_image_name_prefix: "docker.io/" -matrix_dendrite_docker_image_tag: "v0.10.1" +matrix_dendrite_docker_image_tag: "v0.10.2" matrix_dendrite_docker_image_force_pull: "{{ matrix_dendrite_docker_image.endswith(':latest') }}" matrix_dendrite_base_path: "{{ matrix_base_data_path }}/dendrite" From 9e0bfcc05e18f955e8cfe34f9d3069e724439332 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 7 Oct 2022 21:37:17 +0300 Subject: [PATCH 386/562] Upgrade Prometheus (2.39.0 -> 2.39.1) --- roles/matrix-prometheus/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-prometheus/defaults/main.yml b/roles/matrix-prometheus/defaults/main.yml index b2d5e964..cbd3575e 100644 --- a/roles/matrix-prometheus/defaults/main.yml +++ b/roles/matrix-prometheus/defaults/main.yml @@ -5,7 +5,7 @@ matrix_prometheus_enabled: false -matrix_prometheus_version: v2.39.0 +matrix_prometheus_version: v2.39.1 matrix_prometheus_docker_image: "{{ matrix_container_global_registry_prefix }}prom/prometheus:{{ matrix_prometheus_version }}" matrix_prometheus_docker_image_force_pull: "{{ matrix_prometheus_docker_image.endswith(':latest') }}" From af910db58349388d01197021270d22508dd67f08 Mon Sep 17 00:00:00 2001 From: Shaleen Jain Date: Fri, 7 Oct 2022 21:37:30 +0000 Subject: [PATCH 387/562] dendrite: update config --- .../templates/dendrite/dendrite.yaml.j2 | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 b/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 index d44da219..86a12d7c 100644 --- a/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 +++ b/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 @@ -349,10 +349,16 @@ sync_api: # a reverse proxy server. # real_ip_header: X-Real-IP real_ip_header: {{ matrix_dendrite_sync_api_real_ip_header|to_json }} - fulltext: + # Configuration for the full-text search engine. + search: + # Whether or not search is enabled. enabled: false - index_path: "./fulltextindex" - language: "en" # more possible languages can be found at https://github.com/blevesearch/bleve/tree/master/analysis/lang + # The path where the search index will be created in. + index_path: "/matrix-media-store-parent/searchindex" + # The language most likely to be used on the server - used when indexing, to + # ensure the returned results match expectations. A full list of possible languages + # can be found at https://github.com/blevesearch/bleve/tree/master/analysis/lang + language: "en" # Configuration for the User API. user_api: From b17b1fb01a29a84837151dabd8fed36caf05c168 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Sun, 9 Oct 2022 15:52:55 +0000 Subject: [PATCH 388/562] Update jitsi stable-7830 -> stable-7882 --- roles/matrix-jitsi/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-jitsi/defaults/main.yml b/roles/matrix-jitsi/defaults/main.yml index 80d270d4..e1fcc318 100644 --- a/roles/matrix-jitsi/defaults/main.yml +++ b/roles/matrix-jitsi/defaults/main.yml @@ -72,7 +72,7 @@ matrix_jitsi_jibri_recorder_password: '' matrix_jitsi_enable_lobby: false -matrix_jitsi_version: stable-7830 +matrix_jitsi_version: stable-7882 matrix_jitsi_container_image_tag: "{{ matrix_jitsi_version }}" # for backward-compatibility matrix_jitsi_web_docker_image: "{{ matrix_container_global_registry_prefix }}jitsi/web:{{ matrix_jitsi_container_image_tag }}" From 1be8f8b0baa3149f8949f08010ead0ab8019b469 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sun, 9 Oct 2022 19:23:40 +0300 Subject: [PATCH 389/562] import_tasks -> ansible.builtin.import_tasks --- roles/matrix-bot-maubot/tasks/main.yml | 8 ++++---- roles/matrix-conduit/tasks/conduit/setup.yml | 4 ++-- roles/matrix-conduit/tasks/main.yml | 4 ++-- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/roles/matrix-bot-maubot/tasks/main.yml b/roles/matrix-bot-maubot/tasks/main.yml index c67e25ee..773f4b9f 100644 --- a/roles/matrix-bot-maubot/tasks/main.yml +++ b/roles/matrix-bot-maubot/tasks/main.yml @@ -1,22 +1,22 @@ --- -- import_tasks: "{{ role_path }}/tasks/init.yml" +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml" tags: - always -- import_tasks: "{{ role_path }}/tasks/validate_config.yml" +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml" when: "run_setup|bool and matrix_bot_maubot_enabled|bool" tags: - setup-all - setup-bot-maubot -- import_tasks: "{{ role_path }}/tasks/setup_install.yml" +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_install.yml" when: "run_setup|bool and matrix_bot_maubot_enabled|bool" tags: - setup-all - setup-bot-maubot -- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" when: "run_setup|bool and not matrix_bot_maubot_enabled|bool" tags: - setup-all diff --git a/roles/matrix-conduit/tasks/conduit/setup.yml b/roles/matrix-conduit/tasks/conduit/setup.yml index fa095f66..425d0f7e 100644 --- a/roles/matrix-conduit/tasks/conduit/setup.yml +++ b/roles/matrix-conduit/tasks/conduit/setup.yml @@ -1,7 +1,7 @@ --- -- import_tasks: "{{ role_path }}/tasks/conduit/setup_install.yml" +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/conduit/setup_install.yml" when: "matrix_conduit_enabled | bool" -- import_tasks: "{{ role_path }}/tasks/conduit/setup_uninstall.yml" +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/conduit/setup_uninstall.yml" when: "not matrix_conduit_enabled | bool" diff --git a/roles/matrix-conduit/tasks/main.yml b/roles/matrix-conduit/tasks/main.yml index c8862bd7..623d0458 100644 --- a/roles/matrix-conduit/tasks/main.yml +++ b/roles/matrix-conduit/tasks/main.yml @@ -1,10 +1,10 @@ --- -- import_tasks: "{{ role_path }}/tasks/init.yml" +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml" tags: - always -- import_tasks: "{{ role_path }}/tasks/conduit/setup.yml" +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/conduit/setup.yml" when: run_setup | bool tags: - setup-all From e6ecd54e724fd0a7394db2b5530aecf5929e6ffc Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sun, 9 Oct 2022 20:42:20 +0300 Subject: [PATCH 390/562] Suppress some ansible-lint errors --- roles/matrix-postgres/tasks/import_generic_sqlite_db.yml | 4 ++-- roles/matrix-postgres/tasks/migrate_db_to_postgres.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/matrix-postgres/tasks/import_generic_sqlite_db.yml b/roles/matrix-postgres/tasks/import_generic_sqlite_db.yml index f99478dd..897ebc2e 100644 --- a/roles/matrix-postgres/tasks/import_generic_sqlite_db.yml +++ b/roles/matrix-postgres/tasks/import_generic_sqlite_db.yml @@ -67,7 +67,7 @@ become: false when: "matrix_postgres_service_start_result.changed | bool" -- name: Import SQLite database from {{ sqlite_database_path }} into Postgres +- name: Import SQLite database from {{ sqlite_database_path }} into Postgres # noqa name[template] ansible.builtin.command: cmd: >- {{ matrix_host_command_docker }} run @@ -83,7 +83,7 @@ register: matrix_postgres_import_generic_sqlite_db_import_result changed_when: matrix_postgres_import_generic_sqlite_db_import_result.rc == 0 -- name: Archive SQLite database ({{ sqlite_database_path }} -> {{ sqlite_database_path }}.backup) +- name: Archive SQLite database ({{ sqlite_database_path }} -> {{ sqlite_database_path }}.backup) # noqa name[template] ansible.builtin.command: cmd: "mv {{ sqlite_database_path }} {{ sqlite_database_path }}.backup" register: matrix_postgres_import_generic_sqlite_db_move_result diff --git a/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml b/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml index bfd91c29..dd75fb17 100644 --- a/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml +++ b/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml @@ -118,7 +118,7 @@ failed_when: false with_items: "{{ matrix_postgres_db_migration_request.systemd_services_to_stop }}" -- name: Import {{ matrix_postgres_db_migration_request.engine_old }} database from {{ matrix_postgres_db_migration_request.src }} into Postgres +- name: Import {{ matrix_postgres_db_migration_request.engine_old }} database from {{ matrix_postgres_db_migration_request.src }} into Postgres # noqa name[template] ansible.builtin.command: cmd: >- {{ matrix_host_command_docker }} run @@ -158,7 +158,7 @@ register: matrix_postgres_migrate_db_to_postgres_additional_queries_result changed_when: matrix_postgres_migrate_db_to_postgres_additional_queries_result.rc == 0 -- name: Archive {{ matrix_postgres_db_migration_request.engine_old }} database ({{ matrix_postgres_db_migration_request.src }} -> {{ matrix_postgres_db_migration_request.src }}.backup) +- name: Archive {{ matrix_postgres_db_migration_request.engine_old }} database ({{ matrix_postgres_db_migration_request.src }} -> {{ matrix_postgres_db_migration_request.src }}.backup) # noqa name[template] ansible.builtin.command: cmd: "mv {{ matrix_postgres_db_migration_request.src }} {{ matrix_postgres_db_migration_request.src }}.backup" register: matrix_postgres_migrate_db_to_postgres_move_result From 7cc3aae041966cd111d1ef9d0b14a3812c60edc2 Mon Sep 17 00:00:00 2001 From: Samuel Meenzen Date: Sun, 9 Oct 2022 21:59:33 +0200 Subject: [PATCH 391/562] fix(mautrix-discord): allow configuring the restricted_rooms option --- roles/matrix-bridge-mautrix-discord/defaults/main.yml | 4 ++++ roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-discord/defaults/main.yml b/roles/matrix-bridge-mautrix-discord/defaults/main.yml index dbc23031..0cc18052 100644 --- a/roles/matrix-bridge-mautrix-discord/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-discord/defaults/main.yml @@ -140,3 +140,7 @@ matrix_mautrix_discord_registration: "{{ matrix_mautrix_discord_registration_yam matrix_mautrix_discord_bridge_encryption_allow: false matrix_mautrix_discord_bridge_encryption_default: "{{ matrix_mautrix_discord_bridge_encryption_allow }}" matrix_mautrix_discord_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_discord_bridge_encryption_allow }}" + +# On conduit this option may prevent you from joining spaces created by the bridge. +# Setting this to false fixes the issue. +matrix_mautrix_discord_restricted_rooms: true \ No newline at end of file diff --git a/roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 index fdd4f788..cd64f5d9 100644 --- a/roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 @@ -101,7 +101,7 @@ bridge: message_error_notices: true # Should the bridge use space-restricted join rules instead of invite-only for guild rooms? # This can avoid unnecessary invite events in guild rooms when members are synced in. - restricted_rooms: true + restricted_rooms: {{ matrix_mautrix_discord_restricted_rooms }} # Should the bridge update the m.direct account data event when double puppeting is enabled. # Note that updating the m.direct event is not atomic (except with mautrix-asmux) # and is therefore prone to race conditions. From 1d024975d650c99f4393c74aa0bcae698c40f435 Mon Sep 17 00:00:00 2001 From: Samuel Meenzen Date: Mon, 10 Oct 2022 07:10:15 +0000 Subject: [PATCH 392/562] Automatically set restricted_rooms to false on conduit --- group_vars/matrix_servers | 4 ++++ roles/matrix-bridge-mautrix-discord/defaults/main.yml | 2 +- roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 | 2 +- 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index cfccd387..ae5395fb 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -695,6 +695,10 @@ matrix_mautrix_discord_login_shared_secret: "{{ matrix_synapse_ext_password_prov matrix_mautrix_discord_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" matrix_mautrix_discord_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'maudiscord.db') | to_uuid }}" +# Enabling bridge.restricted_rooms for this bridge does not work well with Conduit, so we disable it by default. +# See: todo: add link to upstream issue +matrix_mautrix_discord_bridge_restricted_rooms: "{{ false if matrix_homeserver_implementation == 'conduit' else true }}" + ###################################################################### # # /matrix-bridge-mautrix-discord diff --git a/roles/matrix-bridge-mautrix-discord/defaults/main.yml b/roles/matrix-bridge-mautrix-discord/defaults/main.yml index 0cc18052..d3eae38a 100644 --- a/roles/matrix-bridge-mautrix-discord/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-discord/defaults/main.yml @@ -143,4 +143,4 @@ matrix_mautrix_discord_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_d # On conduit this option may prevent you from joining spaces created by the bridge. # Setting this to false fixes the issue. -matrix_mautrix_discord_restricted_rooms: true \ No newline at end of file +matrix_mautrix_discord_bridge_restricted_rooms: true \ No newline at end of file diff --git a/roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 index cd64f5d9..f88d0829 100644 --- a/roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 @@ -101,7 +101,7 @@ bridge: message_error_notices: true # Should the bridge use space-restricted join rules instead of invite-only for guild rooms? # This can avoid unnecessary invite events in guild rooms when members are synced in. - restricted_rooms: {{ matrix_mautrix_discord_restricted_rooms }} + restricted_rooms: {{ matrix_mautrix_discord_bridge_restricted_rooms }} # Should the bridge update the m.direct account data event when double puppeting is enabled. # Note that updating the m.direct event is not atomic (except with mautrix-asmux) # and is therefore prone to race conditions. From 81f90f0ad1d70dabbaacd84736c8281c090861e5 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 10 Oct 2022 17:09:42 +0300 Subject: [PATCH 393/562] Use |to_json for matrix_mautrix_discord_bridge_restricted_rooms --- roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 index f88d0829..03992335 100644 --- a/roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 @@ -101,7 +101,7 @@ bridge: message_error_notices: true # Should the bridge use space-restricted join rules instead of invite-only for guild rooms? # This can avoid unnecessary invite events in guild rooms when members are synced in. - restricted_rooms: {{ matrix_mautrix_discord_bridge_restricted_rooms }} + restricted_rooms: {{ matrix_mautrix_discord_bridge_restricted_rooms|to_json }} # Should the bridge update the m.direct account data event when double puppeting is enabled. # Note that updating the m.direct event is not atomic (except with mautrix-asmux) # and is therefore prone to race conditions. From 9c52a8b3a11ba51e0fd3de90e28994f1373bce21 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20Darveau?= Date: Mon, 10 Oct 2022 16:05:40 -0400 Subject: [PATCH 394/562] update Jitsi on LAN configuration doc --- docs/configuring-playbook-jitsi.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-jitsi.md b/docs/configuring-playbook-jitsi.md index f7e8a949..51ad29b7 100644 --- a/docs/configuring-playbook-jitsi.md +++ b/docs/configuring-playbook-jitsi.md @@ -87,7 +87,7 @@ For more information refer to the [docker-jitsi-meet](https://github.com/jitsi/d By default the Jitsi Meet instance does not work with a client in LAN (Local Area Network), even if others are connected from WAN. There are no video and audio. In the case of WAN to WAN everything is ok. -The reason is the Jitsi VideoBridge git to LAN client the IP address of the docker image instead of the host. The [documentation](https://github.com/jitsi/docker-jitsi-meet#running-behind-nat-or-on-a-lan-environment) of Jitsi in docker suggest to add `DOCKER_HOST_ADDRESS` in enviornment variable to make it work. +The reason is the Jitsi VideoBridge git to LAN client the IP address of the docker image instead of the host. The [documentation](https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-docker/#running-behind-nat-or-on-a-lan-environment) of Jitsi in docker suggest to add `JVB_ADVERTISE_IPS` in enviornment variable to make it work. Here is how to do it in the playbook. @@ -95,7 +95,7 @@ Add these two lines to your `inventory/host_vars/matrix.DOMAIN/vars.yml` configu ```yaml matrix_jitsi_jvb_container_extra_arguments: - - '--env "DOCKER_HOST_ADDRESS="' + - '--env "JVB_ADVERTISE_IPS="' ``` ## (Optional) Fine tune Jitsi From 3a1847e193f6d99bdf5e4551856c302a7a60de55 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20Darveau?= Date: Mon, 10 Oct 2022 16:25:17 -0400 Subject: [PATCH 395/562] moved bind port variables documentation for webserver on different docker network or host in a more generic section --- docs/configuring-playbook-own-webserver.md | 30 ++++++++++++---------- 1 file changed, 16 insertions(+), 14 deletions(-) diff --git a/docs/configuring-playbook-own-webserver.md b/docs/configuring-playbook-own-webserver.md index 7e5d6001..ecae105b 100644 --- a/docs/configuring-playbook-own-webserver.md +++ b/docs/configuring-playbook-own-webserver.md @@ -27,11 +27,23 @@ No matter which external webserver you decide to go with, you'll need to: 1) Make sure your web server user (something like `http`, `apache`, `www-data`, `nginx`) is part of the `matrix` group. You should run something like this: `usermod -a -G matrix nginx`. This allows your webserver user to access files owned by the `matrix` group. When using an external nginx webserver, this allows it to read configuration files from `/matrix/nginx-proxy/conf.d`. When using another server, it would make other files, such as `/matrix/static-files/.well-known`, accessible to it. -2) Edit your configuration file (`inventory/host_vars/matrix./vars.yml`) to disable the integrated nginx server: +2) Edit your configuration file (`inventory/host_vars/matrix./vars.yml`) + - to disable the integrated nginx server: -```yaml -matrix_nginx_proxy_enabled: false -``` + ```yaml + matrix_nginx_proxy_enabled: false + ``` + - if using an external server on another docker network or host, add the `_http_host_bind_port` or `_http_bind_port` variables for the services that will be exposed by the external server on the other docker network or host. The actual name of the variable is listed in the `roles//defaults/vars.yml` file for each service. Most variables follow the `_http_host_bind_port` format. + + These variables will make Docker expose the ports to the local network instead of localhost only. + [Keep in mind that there are some security concerns if you simply proxy everything.](https://github.com/matrix-org/synapse/blob/master/docs/reverse_proxy.md#synapse-administration-endpoints) + + Here are the variables required for the default configuration (Synapse and Element) + ``` + matrix_synapse_container_client_api_host_bind_port: '8008' + matrix_synapse_container_federation_api_plain_host_bind_port: '8048' + matrix_client_element_container_http_host_bind_port: "8765" + ``` 3) **If you'll manage SSL certificates by yourself**, edit your configuration file (`inventory/host_vars/matrix./vars.yml`) to disable SSL certificate retrieval: @@ -41,7 +53,6 @@ matrix_ssl_retrieval_method: none **Note**: During [installation](installing.md), unless you've disabled SSL certificate management (`matrix_ssl_retrieval_method: none`), the playbook would need 80 to be available, in order to retrieve SSL certificates. **Please manually stop your other webserver while installing**. You can start it back up afterwards. - ### Using your own external nginx webserver Once you've followed the [Preparation](#preparation) guide above, it's time to set up your external nginx server. @@ -60,15 +71,6 @@ matrix_nginx_proxy_ssl_protocols: "TLSv1.2" If you are experiencing issues, try updating to a newer version of Nginx. As a data point in May 2021 a user reported that Nginx 1.14.2 was not working for them. They were getting errors about socket leaks. Updating to Nginx 1.19 fixed their issue. -If you are not going to be running your webserver on the same docker network, or the same machine as matrix, these variables can be set to bind synapse to an exposed port. [Keep in mind that there are some security concerns if you simply proxy everything to it](https://github.com/matrix-org/synapse/blob/master/docs/reverse_proxy.md#synapse-administration-endpoints) -```yaml -# Takes an ":" or "" value (e.g. "127.0.0.1:8048" or "192.168.1.3:80"), or empty string to not expose. -matrix_synapse_container_client_api_host_bind_port: '' -matrix_synapse_container_federation_api_plain_host_bind_port: '' -``` - - - ### Using your own external Apache webserver Once you've followed the [Preparation](#preparation) guide above, you can take a look at the [examples/apache](../examples/apache) directory for a sample configuration. From 527184097131b22ef913cc031355d3e5ace8fd0b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20Darveau?= Date: Mon, 10 Oct 2022 16:43:42 -0400 Subject: [PATCH 396/562] caddy2 Caddyfile : add CORS handling, update click-jacking protection to handle different subdomains and add example for cases with other well-knowns --- examples/caddy2/Caddyfile | 45 ++++++++++++++++++++++++++++++++++----- 1 file changed, 40 insertions(+), 5 deletions(-) diff --git a/examples/caddy2/Caddyfile b/examples/caddy2/Caddyfile index 162e539e..a19ce6dd 100644 --- a/examples/caddy2/Caddyfile +++ b/examples/caddy2/Caddyfile @@ -1,3 +1,15 @@ +(cors) { + @cors_preflight method OPTIONS + + handle @cors_preflight { + header Access-Control-Allow-Origin "{args.0}" + header Access-Control-Allow-Methods "HEAD, GET, POST, PUT, PATCH, DELETE" + header Access-Control-Allow-Headers "Content-Type, Authorization" + header Access-Control-Max-Age "3600" + } +} + + matrix.DOMAIN.tld { # creates letsencrypt certificate @@ -81,6 +93,13 @@ matrix.DOMAIN.tld { header Access-Control-Allow-Origin * file_server } + + # If you have other well-knowns already handled by your base domain, you can replace the above block by this one, along with the replacement suggested in the base domain + #handle @wellknown { + # # .well-known is handled by base domain + # reverse_proxy https://DOMAIN.tld { + # header_up Host {http.reverse_proxy.upstream.hostport} + #} handle { encode zstd gzip @@ -114,6 +133,8 @@ element.DOMAIN.tld { # creates letsencrypt certificate # tls your@email.com + import cors https://*.DOMAIN.tld + header { # Enable HTTP Strict Transport Security (HSTS) to force clients to always connect via HTTPS Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" @@ -123,6 +144,8 @@ element.DOMAIN.tld { X-Content-Type-Options "nosniff" # Disallow the site to be rendered within a frame (clickjacking protection) X-Frame-Options "DENY" + # If using integrations that add frames to Element, such as Dimension and its integrations running on the same domain, it can be a good idea to limit sources allowed to be rendered + # Content-Security-Policy frame-src https://*.DOMAIN.tld # X-Robots-Tag X-Robots-Tag "noindex, noarchive, nofollow" } @@ -144,6 +167,8 @@ element.DOMAIN.tld { # # creates letsencrypt certificate # # tls your@email.com # +# import cors https://*.DOMAIN.tld +# # header { # # Enable HTTP Strict Transport Security (HSTS) to force clients to always connect via HTTPS # Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" @@ -151,8 +176,8 @@ element.DOMAIN.tld { # X-XSS-Protection "1; mode=block" # # Prevent some browsers from MIME-sniffing a response away from the declared Content-Type # X-Content-Type-Options "nosniff" -# # Disallow the site to be rendered within a frame (clickjacking protection) -# X-Frame-Options "DENY" +# # Only allow same base domain to render this website in a frame; Can be removed if the client (Element for example) is hosted on another domain (clickjacking protection) +# # Content-Security-Policy frame-ancestors https://*.DOMAIN.tld # # X-Robots-Tag # X-Robots-Tag "noindex, noarchive, nofollow" # } @@ -176,6 +201,8 @@ element.DOMAIN.tld { # creates letsencrypt certificate # tls your@email.com # +# import cors https://*.DOMAIN.tld +# # header { # # Enable HTTP Strict Transport Security (HSTS) to force clients to always connect via HTTPS # Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" @@ -185,9 +212,9 @@ element.DOMAIN.tld { # # # Prevent some browsers from MIME-sniffing a response away from the declared Content-Type # X-Content-Type-Options "nosniff" -# -# # Disallow the site to be rendered within a frame (clickjacking protection) -# X-Frame-Options "SAMEORIGIN" + +# # Only allow same base domain to render this website in a frame; Can be removed if the client (Element for example) is hosted on another domain +# # Content-Security-Policy frame-ancestors https://*.DOMAIN.tld # # # Disable some features # Feature-Policy "accelerometer 'none';ambient-light-sensor 'none'; autoplay 'none';camera 'none';encrypted-media 'none';focus-without-user-activation 'none'; geolocation 'none';gyroscope #'none';magnetometer 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none'; speaker 'none';sync-xhr 'none';usb 'none';vr 'none'" @@ -225,6 +252,14 @@ element.DOMAIN.tld { # header_up Host {http.reverse_proxy.upstream.hostport} # } # } +# # If you have other well-knowns already handled by your base domain, you can replace the above block by this one, along with the replacement suggested in the matrix subdomain +# # handle /.well-known/* { +# # encode zstd gzip +# # header Cache-Control max-age=14400 +# # header Content-Type application/json +# # header Access-Control-Allow-Origin * +# #} +# # # Configration for the base domain goes here # # handle { # # header -Server From a47ce70cd26a83148785d112e8b647377fe50300 Mon Sep 17 00:00:00 2001 From: Jim Myhrberg Date: Tue, 11 Oct 2022 00:43:22 +0100 Subject: [PATCH 397/562] fix(goofys): fix synapse systemd unit file to correctly require goofys On Debian 10 (buster) at least, while the Synapse systemd service unit was referring to Goofys as "matrix-goofys" without a ".service" suffix, systemd was ignoring the goofys dependency, starting Synapse before Goofys. All other dependant units which work are using the ".service" suffix. This generally leads to the mount path goofys using having been populated by Synapse before Goofys starts, causing it to fail due to the mount target not being empty. The fix seems to be to ensure that the Synapse service unit refers to Goofys as "matrix-goofys.service". This change causes the following two lines in "/etc/systemd/system/matrix-synapse.service": Requires=matrix-goofys After=matrix-goofys To be changed to: Requires=matrix-goofys.service After=matrix-goofys.service --- group_vars/matrix_servers | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index cfccd387..b055245b 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -2364,7 +2364,7 @@ matrix_synapse_systemd_required_services_list: | + (['matrix-postgres.service'] if matrix_postgres_enabled else []) + - (['matrix-goofys'] if matrix_s3_media_store_enabled else []) + (['matrix-goofys.service'] if matrix_s3_media_store_enabled else []) }} matrix_synapse_systemd_wanted_services_list: | @@ -2650,7 +2650,7 @@ matrix_dendrite_systemd_required_services_list: | + (['matrix-postgres.service'] if matrix_postgres_enabled else []) + - (['matrix-goofys'] if matrix_s3_media_store_enabled else []) + (['matrix-goofys.service'] if matrix_s3_media_store_enabled else []) }} matrix_dendrite_systemd_wanted_services_list: | From 9412140477902e9aff7177c9a039527ba40c4c8d Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 11 Oct 2022 06:00:49 +0000 Subject: [PATCH 398/562] Enable hookshot feeds by default as per documentation: "Services that need no further configuration are enabled by default" and feeds service doesn't require it --- roles/matrix-bridge-hookshot/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-hookshot/defaults/main.yml b/roles/matrix-bridge-hookshot/defaults/main.yml index b9b30866..0854edbf 100644 --- a/roles/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/matrix-bridge-hookshot/defaults/main.yml @@ -128,7 +128,7 @@ matrix_hookshot_generic_allow_js_transformation_functions: false matrix_hookshot_generic_user_id_prefix: '_webhooks_' -matrix_hookshot_feeds_enabled: false +matrix_hookshot_feeds_enabled: true # polling interval in seconds matrix_hookshot_feeds_interval: 600 From 5ff03c0b15eb16e5e3a7f016925f6df78f36e1c6 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 11 Oct 2022 06:04:18 +0000 Subject: [PATCH 399/562] Change hookshot logging level to warn all other bridges use that level --- roles/matrix-bridge-hookshot/templates/config.yml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-hookshot/templates/config.yml.j2 b/roles/matrix-bridge-hookshot/templates/config.yml.j2 index 6fbce770..5cd11a87 100644 --- a/roles/matrix-bridge-hookshot/templates/config.yml.j2 +++ b/roles/matrix-bridge-hookshot/templates/config.yml.j2 @@ -108,7 +108,7 @@ metrics: logging: # (Optional) Logging settings. You can have a severity debug,info,warn,error # - level: info + level: warn {% if matrix_hookshot_widgets_enabled %} widgets: # (Optional) EXPERIMENTAL support for complimentary widgets From da041bc60c67f674ac9f748e528ee3d42ebafb28 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 11 Oct 2022 09:38:11 +0300 Subject: [PATCH 400/562] Upgrade mautrix-instagram (0.2.1 -> latest) We don't like updating to untagged releases, but.. 0.2.1 has some regression and upstream is not releasing 0.2.2 or 0.3.0 just yet, so we either need to downgrade to 0.2.0 or go `latest`. We can hopefully switch back to a tagged release soon. Related to https://github.com/mautrix/instagram/issues/56 --- roles/matrix-bridge-mautrix-instagram/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-instagram/defaults/main.yml b/roles/matrix-bridge-mautrix-instagram/defaults/main.yml index b739a4a3..7305d0fb 100644 --- a/roles/matrix-bridge-mautrix-instagram/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-instagram/defaults/main.yml @@ -8,7 +8,7 @@ matrix_mautrix_instagram_container_image_self_build: false matrix_mautrix_instagram_container_image_self_build_repo: "https://github.com/mautrix/instagram.git" matrix_mautrix_instagram_container_image_self_build_repo_version: "{{ 'master' if matrix_mautrix_instagram_version == 'latest' else matrix_mautrix_instagram_version }}" -matrix_mautrix_instagram_version: v0.2.1 +matrix_mautrix_instagram_version: latest # See: https://mau.dev/tulir/mautrix-instagram/container_registry matrix_mautrix_instagram_docker_image: "{{ matrix_mautrix_instagram_docker_image_name_prefix }}mautrix/instagram:{{ matrix_mautrix_instagram_version }}" matrix_mautrix_instagram_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_instagram_container_image_self_build else 'dock.mau.dev/' }}" From 8311c59a8fa3a9b13b9076d0d6fbaefff66e74be Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 11 Oct 2022 10:43:01 +0300 Subject: [PATCH 401/562] Add Usage section to Hookshot docs --- docs/configuring-playbook-bridge-hookshot.md | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bridge-hookshot.md b/docs/configuring-playbook-bridge-hookshot.md index 3e8a54a2..51d7a335 100644 --- a/docs/configuring-playbook-bridge-hookshot.md +++ b/docs/configuring-playbook-bridge-hookshot.md @@ -8,6 +8,7 @@ See the project's [documentation](https://matrix-org.github.io/matrix-hookshot/l Note: the playbook also supports [matrix-appservice-webhooks](configuring-playbook-bridge-appservice-webhooks.md), which however is soon to be archived by its author and to be replaced by hookshot. + ## Setup Instructions Refer to the [official instructions](https://matrix-org.github.io/matrix-hookshot/latest/setup.html) to learn what the individual options do. @@ -16,10 +17,25 @@ Refer to the [official instructions](https://matrix-org.github.io/matrix-hooksho 2. Take special note of the `matrix_hookshot_*_enabled` variables. Services that need no further configuration are enabled by default (GitLab, Generic), while you must first add the required configuration and enable the others (GitHub, Jira, Figma). 3. If you're setting up the GitHub bridge, you'll need to generate and download a private key file after you created your GitHub app. Copy the contents of that file to the variable `matrix_hookshot_github_private_key` so the playbook can install it for you, or use one of the [other methods](#manage-github-private-key-with-matrix-aux-role) explained below. 4. If you've already installed Matrix services using the playbook before, you'll need to re-run it (`--tags=setup-all,start`). If not, proceed with [configuring other playbook services](configuring-playbook.md) and then with [Installing](installing.md). Get back to this guide once ready. Hookshot can be set up individually using the tag `setup-hookshot`. -5. Refer to [Hookshot's official instructions](https://matrix-org.github.io/matrix-hookshot/latest/usage.html) to start using the bridge. **Important:** Note that the different listeners are bound to certain paths which might differ from those assumed by the hookshot documentation, see [URLs for bridges setup](urls-for-bridges-setup) below. Other configuration options are available via the `matrix_hookshot_configuration_extension_yaml` and `matrix_hookshot_registration_extension_yaml` variables, see the comments in [main.yml](/roles/matrix-bridge-hookshot/defaults/main.yml) for how to use them. + +## Usage + +Create a room and invite the Hookshot bot (`@hookshot:DOMAIN`) to it. + +Make sure the bot is able to send state events (usually the Moderator power level in clients). + +Send a `!hookshot help` message to see a list of help commands. + +Refer to [Hookshot's documentation](https://matrix-org.github.io/matrix-hookshot/latest/usage.html) for more details about using the brige's various features. + +**Important:** Note that the different listeners are bound to certain paths which might differ from those assumed by the hookshot documentation, see [URLs for bridges setup](#urls-for-bridges-setup) below. + + +## More setup documentation + ### URLs for bridges setup Unless indicated otherwise, the following endpoints are reachable on your `matrix.` subdomain (if the feature is enabled). From 21bed90e13c46b6ed5fb3f0945bf9435e76ede90 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20Darveau?= Date: Tue, 11 Oct 2022 07:26:29 -0400 Subject: [PATCH 402/562] remove mention of other docker host in external webserver documentation (binding ports section) --- docs/configuring-playbook-own-webserver.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/configuring-playbook-own-webserver.md b/docs/configuring-playbook-own-webserver.md index ecae105b..50d9d1da 100644 --- a/docs/configuring-playbook-own-webserver.md +++ b/docs/configuring-playbook-own-webserver.md @@ -33,16 +33,16 @@ No matter which external webserver you decide to go with, you'll need to: ```yaml matrix_nginx_proxy_enabled: false ``` - - if using an external server on another docker network or host, add the `_http_host_bind_port` or `_http_bind_port` variables for the services that will be exposed by the external server on the other docker network or host. The actual name of the variable is listed in the `roles//defaults/vars.yml` file for each service. Most variables follow the `_http_host_bind_port` format. + - if using an external server on another host, add the `_http_host_bind_port` or `_http_bind_port` variables for the services that will be exposed by the external server on the other host. The actual name of the variable is listed in the `roles//defaults/vars.yml` file for each service. Most variables follow the `_http_host_bind_port` format. These variables will make Docker expose the ports to the local network instead of localhost only. [Keep in mind that there are some security concerns if you simply proxy everything.](https://github.com/matrix-org/synapse/blob/master/docs/reverse_proxy.md#synapse-administration-endpoints) Here are the variables required for the default configuration (Synapse and Element) ``` - matrix_synapse_container_client_api_host_bind_port: '8008' - matrix_synapse_container_federation_api_plain_host_bind_port: '8048' - matrix_client_element_container_http_host_bind_port: "8765" + matrix_synapse_container_client_api_host_bind_port: '0.0.0.0:8008' + matrix_synapse_container_federation_api_plain_host_bind_port: '0.0.0.0:8048' + matrix_client_element_container_http_host_bind_port: "0.0.0.0:8765" ``` 3) **If you'll manage SSL certificates by yourself**, edit your configuration file (`inventory/host_vars/matrix./vars.yml`) to disable SSL certificate retrieval: From a061ea54b3e302e1582daa442690ad8d71d6ddc5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20Darveau?= Date: Tue, 11 Oct 2022 07:32:02 -0400 Subject: [PATCH 403/562] Caddyfile example : enable Content-Security-Policy by default instead of having the line commented --- examples/caddy2/Caddyfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/examples/caddy2/Caddyfile b/examples/caddy2/Caddyfile index a19ce6dd..43005ca4 100644 --- a/examples/caddy2/Caddyfile +++ b/examples/caddy2/Caddyfile @@ -177,7 +177,7 @@ element.DOMAIN.tld { # # Prevent some browsers from MIME-sniffing a response away from the declared Content-Type # X-Content-Type-Options "nosniff" # # Only allow same base domain to render this website in a frame; Can be removed if the client (Element for example) is hosted on another domain (clickjacking protection) -# # Content-Security-Policy frame-ancestors https://*.DOMAIN.tld +# Content-Security-Policy frame-ancestors https://*.DOMAIN.tld # # X-Robots-Tag # X-Robots-Tag "noindex, noarchive, nofollow" # } @@ -214,7 +214,7 @@ element.DOMAIN.tld { # X-Content-Type-Options "nosniff" # # Only allow same base domain to render this website in a frame; Can be removed if the client (Element for example) is hosted on another domain -# # Content-Security-Policy frame-ancestors https://*.DOMAIN.tld +# Content-Security-Policy frame-ancestors https://*.DOMAIN.tld # # # Disable some features # Feature-Policy "accelerometer 'none';ambient-light-sensor 'none'; autoplay 'none';camera 'none';encrypted-media 'none';focus-without-user-activation 'none'; geolocation 'none';gyroscope #'none';magnetometer 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none'; speaker 'none';sync-xhr 'none';usb 'none';vr 'none'" From 19f1c8ea5ee3ffbd520cc6c54fc45957bea8b0e5 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 11 Oct 2022 14:29:52 +0000 Subject: [PATCH 404/562] Update element 1.11.8 -> 1.11.9 --- roles/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index e4b6315b..acdaec83 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -10,7 +10,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/vecto # - https://github.com/vector-im/element-web/issues/19544 matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" -matrix_client_element_version: v1.11.8 +matrix_client_element_version: v1.11.9 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" From fe8f91a9dac67e6b48a8704e7010768575eed1ab Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 11 Oct 2022 14:30:55 +0000 Subject: [PATCH 405/562] Update postmoogle 0.9.5 -> 0.9.6 * show recipient's email (header `TO`) * add `norecipient` option * add anti-spam options (`spamcheck:` and `spamlist:`) * fix bugs --- roles/matrix-bot-postmoogle/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index 949f0913..8e76998e 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -9,7 +9,7 @@ matrix_bot_postmoogle_docker_repo: "https://gitlab.com/etke.cc/postmoogle.git" matrix_bot_postmoogle_docker_repo_version: "{{ 'main' if matrix_bot_postmoogle_version == 'latest' else matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_src_files_path: "{{ matrix_base_data_path }}/postmoogle/docker-src" -matrix_bot_postmoogle_version: v0.9.5 +matrix_bot_postmoogle_version: v0.9.6 matrix_bot_postmoogle_docker_image: "{{ matrix_bot_postmoogle_docker_image_name_prefix }}postmoogle:{{ matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_postmoogle_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" matrix_bot_postmoogle_docker_image_force_pull: "{{ matrix_bot_postmoogle_docker_image.endswith(':latest') }}" From 3c669761cec4ffd6e7811776934c8927890d1180 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 11 Oct 2022 18:31:46 +0000 Subject: [PATCH 406/562] Update element 1.11.9 -> 1.11.10 --- roles/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index acdaec83..c8e476a1 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -10,7 +10,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/vecto # - https://github.com/vector-im/element-web/issues/19544 matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" -matrix_client_element_version: v1.11.9 +matrix_client_element_version: v1.11.10 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" From 43b1be9a3c121764c9c48eb7a3542aaee7e0f469 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 11 Oct 2022 18:57:52 +0000 Subject: [PATCH 407/562] Update grafana 9.1.7 -> 9.2.0 --- roles/matrix-grafana/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index 2b139cd4..677435e8 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -5,7 +5,7 @@ matrix_grafana_enabled: true -matrix_grafana_version: 9.1.7 +matrix_grafana_version: 9.2.0 matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}" matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}" From 7c7b9d119f73a42222f089548e4a97be959ca5fe Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Wed, 12 Oct 2022 10:57:25 +0000 Subject: [PATCH 408/562] Update postmoogle 0.9.6 -> 0.9.7 * fix room account data retrieving --- roles/matrix-bot-postmoogle/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index 8e76998e..1bcd570a 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -9,7 +9,7 @@ matrix_bot_postmoogle_docker_repo: "https://gitlab.com/etke.cc/postmoogle.git" matrix_bot_postmoogle_docker_repo_version: "{{ 'main' if matrix_bot_postmoogle_version == 'latest' else matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_src_files_path: "{{ matrix_base_data_path }}/postmoogle/docker-src" -matrix_bot_postmoogle_version: v0.9.6 +matrix_bot_postmoogle_version: v0.9.7 matrix_bot_postmoogle_docker_image: "{{ matrix_bot_postmoogle_docker_image_name_prefix }}postmoogle:{{ matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_postmoogle_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" matrix_bot_postmoogle_docker_image_force_pull: "{{ matrix_bot_postmoogle_docker_image.endswith(':latest') }}" From 35e80b708781e7db6c04a778ce0892c7db225605 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20Darveau?= Date: Wed, 12 Oct 2022 09:15:03 -0400 Subject: [PATCH 409/562] Update docs/configuring-playbook-own-webserver.md Co-authored-by: Slavi Pantaleev --- docs/configuring-playbook-own-webserver.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-own-webserver.md b/docs/configuring-playbook-own-webserver.md index 50d9d1da..87201e3e 100644 --- a/docs/configuring-playbook-own-webserver.md +++ b/docs/configuring-playbook-own-webserver.md @@ -35,7 +35,7 @@ No matter which external webserver you decide to go with, you'll need to: ``` - if using an external server on another host, add the `_http_host_bind_port` or `_http_bind_port` variables for the services that will be exposed by the external server on the other host. The actual name of the variable is listed in the `roles//defaults/vars.yml` file for each service. Most variables follow the `_http_host_bind_port` format. - These variables will make Docker expose the ports to the local network instead of localhost only. + These variables will make Docker expose the ports on all network interfaces instead of localhost only. [Keep in mind that there are some security concerns if you simply proxy everything.](https://github.com/matrix-org/synapse/blob/master/docs/reverse_proxy.md#synapse-administration-endpoints) Here are the variables required for the default configuration (Synapse and Element) From 337016da28e2cb18c4cf3624a47c2faec4fed272 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 14 Oct 2022 09:27:46 +0300 Subject: [PATCH 410/562] Improve S3 docs a bit Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1869 --- docs/configuring-playbook-s3.md | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/docs/configuring-playbook-s3.md b/docs/configuring-playbook-s3.md index 9132ff71..43aaa879 100644 --- a/docs/configuring-playbook-s3.md +++ b/docs/configuring-playbook-s3.md @@ -13,7 +13,7 @@ If you'd like to move your locally-stored media store data to Amazon S3 (or anot ## Amazon S3 -You'll need an Amazon S3 bucket and some IAM user credentials (access key + secret key) with full write access to the bucket. Example security policy: +You'll need an Amazon S3 bucket and some IAM user credentials (access key + secret key) with full write access to the bucket. Example IAM security policy: ```json { @@ -34,6 +34,8 @@ You'll need an Amazon S3 bucket and some IAM user credentials (access key + secr } ``` +**NOTE**: This policy needs to be attached to an IAM user creted from the **Security Credentials** menu. This is not a **Bucket Policy**. + You then need to enable S3 support in your configuration file (`inventory/host_vars/matrix./vars.yml`). It would be something like this: @@ -91,8 +93,13 @@ It's a good idea to [make a complete server backup](faq.md#how-do-i-backup-the-d Follow one of the guides below for a migration path from a locally-stored media store to one stored on S3-compatible storage: -- [Migrating to any S3-compatible storage (universal, but likely slow)](#migrating-to-any-s3-compatible-storage-universal-but-likely-slow) -- [Migrating to Backblaze B2](#migrating-to-backblaze-b2) +- [Storing Matrix media files on Amazon S3 (optional)](#storing-matrix-media-files-on-amazon-s3-optional) + - [Amazon S3](#amazon-s3) + - [Using other S3-compatible object stores](#using-other-s3-compatible-object-stores) + - [Backblaze B2](#backblaze-b2) + - [Migrating from local filesystem storage to S3](#migrating-from-local-filesystem-storage-to-s3) + - [Migrating to any S3-compatible storage (universal, but likely slow)](#migrating-to-any-s3-compatible-storage-universal-but-likely-slow) + - [Migrating to Backblaze B2](#migrating-to-backblaze-b2) ### Migrating to any S3-compatible storage (universal, but likely slow) From 62215a87fed6cbeffdb124261209df00f82ba1a5 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 14 Oct 2022 16:25:57 +0300 Subject: [PATCH 411/562] Upgrade Postgres minor versions (14.4 -> 14.5, 13.7 -> 13.8, etc.) --- roles/matrix-postgres/defaults/main.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/matrix-postgres/defaults/main.yml b/roles/matrix-postgres/defaults/main.yml index 117611a3..de28d7ad 100644 --- a/roles/matrix-postgres/defaults/main.yml +++ b/roles/matrix-postgres/defaults/main.yml @@ -24,11 +24,11 @@ matrix_postgres_architecture: amd64 matrix_postgres_docker_image_suffix: "{{ '-alpine' if matrix_postgres_architecture in ['amd64', 'arm64'] else '' }}" matrix_postgres_docker_image_v9: "{{ matrix_container_global_registry_prefix }}postgres:9.6.24{{ matrix_postgres_docker_image_suffix }}" -matrix_postgres_docker_image_v10: "{{ matrix_container_global_registry_prefix }}postgres:10.21{{ matrix_postgres_docker_image_suffix }}" -matrix_postgres_docker_image_v11: "{{ matrix_container_global_registry_prefix }}postgres:11.16{{ matrix_postgres_docker_image_suffix }}" -matrix_postgres_docker_image_v12: "{{ matrix_container_global_registry_prefix }}postgres:12.11{{ matrix_postgres_docker_image_suffix }}" -matrix_postgres_docker_image_v13: "{{ matrix_container_global_registry_prefix }}postgres:13.7{{ matrix_postgres_docker_image_suffix }}" -matrix_postgres_docker_image_v14: "{{ matrix_container_global_registry_prefix }}postgres:14.4{{ matrix_postgres_docker_image_suffix }}" +matrix_postgres_docker_image_v10: "{{ matrix_container_global_registry_prefix }}postgres:10.22{{ matrix_postgres_docker_image_suffix }}" +matrix_postgres_docker_image_v11: "{{ matrix_container_global_registry_prefix }}postgres:11.17{{ matrix_postgres_docker_image_suffix }}" +matrix_postgres_docker_image_v12: "{{ matrix_container_global_registry_prefix }}postgres:12.12{{ matrix_postgres_docker_image_suffix }}" +matrix_postgres_docker_image_v13: "{{ matrix_container_global_registry_prefix }}postgres:13.8{{ matrix_postgres_docker_image_suffix }}" +matrix_postgres_docker_image_v14: "{{ matrix_container_global_registry_prefix }}postgres:14.5{{ matrix_postgres_docker_image_suffix }}" matrix_postgres_docker_image_latest: "{{ matrix_postgres_docker_image_v14 }}" # This variable is assigned at runtime. Overriding its value has no effect. From 0da068c7e61a35c2fdb226fe95df4f06b6527953 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 14 Oct 2022 16:28:47 +0300 Subject: [PATCH 412/562] Add support for configuring Synapse's media_storage_providers In the future, we'll also inject media storage providers that we support into the `matrix_synapse_media_storage_providers_auto` list. --- roles/matrix-synapse/defaults/main.yml | 20 +++++++++++++++++++ .../templates/synapse/homeserver.yaml.j2 | 1 + 2 files changed, 21 insertions(+) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 4c5fc09e..d117eaaf 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -798,6 +798,26 @@ matrix_synapse_spam_checker: [] # Certain Synapse extensions that you can enable below auto-inject themselves into `matrix_synapse_modules` at runtime. matrix_synapse_modules: [] +# matrix_synapse_media_storage_providers contains the Synapse `media_storage_providers` configuration setting. +# To add your own custom `media_storage_providers`, use `matrix_synapse_media_storage_providers_custom`. +matrix_synapse_media_storage_providers: "{{ matrix_synapse_media_storage_providers_auto + matrix_synapse_media_storage_providers_custom }}" + +# matrix_synapse_media_storage_providers_auto contains a list of storage providers that are added by the playbook based on other configuration +matrix_synapse_media_storage_providers_auto: | + {{ + [] + }} + +# matrix_synapse_media_storage_providers_custom contains your own custom list of storage providers. +# You're meant to define each custom module as valid keys and values, not as a YAML string that needs to be parsed. +# +# Example: +# matrix_synapse_media_storage_providers_custom: +# - module: module.SomeModule +# store_local: True +# # ... +matrix_synapse_media_storage_providers_custom: [] + matrix_synapse_encryption_enabled_by_default_for_room_type: "off" matrix_synapse_trusted_key_servers: diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 index ae71b7ae..9b02346c 100644 --- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -1029,6 +1029,7 @@ media_store_path: "/matrix-media-store-parent/{{ matrix_synapse_media_store_dire # store_synchronous: false # config: # directory: /mnt/some/other/directory +media_storage_providers: {{ matrix_synapse_media_storage_providers | to_json }} # The largest allowed upload size in bytes # From 881fdd28f0bf2e10635ac7a6c3941fa8636cdbff Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 14 Oct 2022 16:33:19 +0300 Subject: [PATCH 413/562] Add support for Synapse container image customization This allows people to augment the Synapse image with custom tools and addons without having to rebuild it from scratch. If customizations are enabled, the playbook will build a new `localhost/matrixdotorg/synapse:VERSION-customized` image on top of the default one (`FROM matrixdotorg/synapse:VERSION`) and with custom Dockerfile build steps. For servers that self-build the Synapse image, the Synapse image will be built first, before proceding to extend it the same way. In the future, we'll also have easy to enable Dockerfile build steps for modules that the playbook supports. --- .../tasks/import_synapse_sqlite_db.yml | 2 +- roles/matrix-synapse/defaults/main.yml | 33 +++++++++++++++++++ roles/matrix-synapse/tasks/setup_synapse.yml | 1 + .../tasks/synapse/setup_install.yml | 19 +++++++++++ .../tasks/synapse/setup_uninstall.yml | 5 ++- .../synapse/customizations/Dockerfile.j2 | 3 ++ .../systemd/matrix-synapse-worker.service.j2 | 2 +- .../synapse/systemd/matrix-synapse.service.j2 | 2 +- 8 files changed, 63 insertions(+), 4 deletions(-) create mode 100644 roles/matrix-synapse/templates/synapse/customizations/Dockerfile.j2 diff --git a/roles/matrix-postgres/tasks/import_synapse_sqlite_db.yml b/roles/matrix-postgres/tasks/import_synapse_sqlite_db.yml index a459b6e1..b885ea97 100644 --- a/roles/matrix-postgres/tasks/import_synapse_sqlite_db.yml +++ b/roles/matrix-postgres/tasks/import_synapse_sqlite_db.yml @@ -83,7 +83,7 @@ --mount type=bind,src={{ matrix_synapse_config_dir_path }},dst=/data --mount type=bind,src={{ matrix_synapse_config_dir_path }},dst=/matrix-media-store-parent/media-store --mount type=bind,src={{ server_path_homeserver_db }},dst=/{{ server_path_homeserver_db | basename }} - {{ matrix_synapse_docker_image }} + {{ matrix_synapse_docker_image_final }} /usr/local/bin/synapse_port_db --sqlite-database /{{ server_path_homeserver_db | basename }} --postgres-config /data/homeserver.yaml register: matrix_postgres_import_synapse_sqlite_db_result changed_when: matrix_postgres_import_synapse_sqlite_db_result.rc == 0 diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index d117eaaf..40e05be7 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -7,14 +7,47 @@ matrix_synapse_enabled: true matrix_synapse_container_image_self_build: false matrix_synapse_container_image_self_build_repo: "https://github.com/matrix-org/synapse.git" +# matrix_synapse_container_image_customizations_enabled controls whether a customized Synapse image will be built. +# +# We toggle this variable to `true` when certain features which require a custom build are enabled. +# Feel free to toggle this to `true` yourself and specify build steps in `matrix_synapse_container_image_customizations_dockerfile_body_custom`. +# +# See: +# - `roles/matrix-synapse/templates/synapse/customizations/Dockerfile.j2` +# - `matrix_synapse_container_image_customizations_dockerfile_body_custom` +# - `matrix_synapse_docker_image_customized` +# - `matrix_synapse_docker_image_final` +matrix_synapse_container_image_customizations_enabled: "{{ matrix_synapse_ext_synapse_s3_storage_provider_enabled }}" + +# matrix_synapse_container_image_customizations_dockerfile_body contains your custom Dockerfile steps +# for building your customized Synapse image based on the original (upstream) image (`matrix_synapse_docker_image`). +# A `FROM ...` clause is included automatically so you don't have to. +# +# Example: +# matrix_synapse_container_image_customizations_dockerfile_body_custom: | +# RUN echo 'This is a custom step for building the customized Docker image for Synapse.' +# RUN echo 'You can override matrix_synapse_container_image_customizations_dockerfile_body_custom to add your own steps.' +# RUN echo 'Note that matrix_synapse_container_image_customizations_dockerfile_body_auto injects steps before this.' +# RUN echo 'You do NOT need to include a FROM clause yourself.' +matrix_synapse_container_image_customizations_dockerfile_body_custom: '' + matrix_synapse_docker_image: "{{ matrix_synapse_docker_image_name_prefix }}matrixdotorg/synapse:{{ matrix_synapse_docker_image_tag }}" matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_synapse_version: v1.68.0 matrix_synapse_docker_image_tag: "{{ matrix_synapse_version }}" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" +# matrix_synapse_docker_image_customized is the name of the locally built Synapse image +# which adds various customizations on top of the original (upstream) Synapse image. +# This image will be based on the upstream `matrix_synapse_docker_image` image, only if `matrix_synapse_container_image_customizations_enabled: true`. +matrix_synapse_docker_image_customized: "localhost/matrixdotorg/synapse:{{ matrix_synapse_docker_image_tag }}-customized" + +# matrix_synapse_docker_image_final holds the name of the Synapse image to run depending on whether or not customizations are enabled. +matrix_synapse_docker_image_final: "{{ matrix_synapse_docker_image_customized if matrix_synapse_container_image_customizations_enabled else matrix_synapse_docker_image }} " + matrix_synapse_base_path: "{{ matrix_base_data_path }}/synapse" matrix_synapse_docker_src_files_path: "{{ matrix_synapse_base_path }}/docker-src" +matrix_synapse_customized_docker_src_files_path: "{{ matrix_synapse_base_path }}/customized-docker-src" matrix_synapse_config_dir_path: "{{ matrix_synapse_base_path }}/config" matrix_synapse_storage_path: "{{ matrix_synapse_base_path }}/storage" matrix_synapse_media_store_path: "{{ matrix_synapse_storage_path }}/media-store" diff --git a/roles/matrix-synapse/tasks/setup_synapse.yml b/roles/matrix-synapse/tasks/setup_synapse.yml index d4e6ae95..7b887f30 100644 --- a/roles/matrix-synapse/tasks/setup_synapse.yml +++ b/roles/matrix-synapse/tasks/setup_synapse.yml @@ -11,6 +11,7 @@ - {path: "{{ matrix_synapse_config_dir_path }}", when: true} - {path: "{{ matrix_synapse_ext_path }}", when: true} - {path: "{{ matrix_synapse_docker_src_files_path }}", when: "{{ matrix_synapse_container_image_self_build }}"} + - {path: "{{ matrix_synapse_customized_docker_src_files_path }}", when: "{{ matrix_synapse_container_image_customizations_enabled }}"} # We handle matrix_synapse_media_store_path elsewhere (in ./synapse/setup_install.yml), # because if it's using Goofys and it's already mounted (from before), # trying to chown/chmod it here will cause trouble. diff --git a/roles/matrix-synapse/tasks/synapse/setup_install.yml b/roles/matrix-synapse/tasks/synapse/setup_install.yml index aea03f05..4d0e749f 100644 --- a/roles/matrix-synapse/tasks/synapse/setup_install.yml +++ b/roles/matrix-synapse/tasks/synapse/setup_install.yml @@ -62,6 +62,25 @@ delay: "{{ matrix_container_retries_delay }}" until: result is not failed +- when: "matrix_synapse_container_image_customizations_enabled | bool" + block: + - name: Ensure customizations Dockerfile is created + ansible.builtin.template: + src: "{{ role_path }}/templates/synapse/customizations/Dockerfile.j2" + dest: "{{ matrix_synapse_customized_docker_src_files_path }}/Dockerfile" + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + mode: 0640 + + - name: Ensure customized Docker image for Synapse is built + docker_image: + name: "{{ matrix_synapse_docker_image_customized }}" + source: build + build: + dockerfile: Dockerfile + path: "{{ matrix_synapse_customized_docker_src_files_path }}" + pull: true + - name: Check if a Synapse signing key exists ansible.builtin.stat: path: "{{ matrix_synapse_config_dir_path }}/{{ matrix_server_fqn_matrix }}.signing.key" diff --git a/roles/matrix-synapse/tasks/synapse/setup_uninstall.yml b/roles/matrix-synapse/tasks/synapse/setup_uninstall.yml index 17b1b8c4..06e55014 100644 --- a/roles/matrix-synapse/tasks/synapse/setup_uninstall.yml +++ b/roles/matrix-synapse/tasks/synapse/setup_uninstall.yml @@ -27,8 +27,11 @@ - name: Ensure Synapse Docker image doesn't exist docker_image: - name: "{{ matrix_synapse_docker_image }}" + name: "{{ item }}" state: absent + with_items: + - "{{ matrix_synapse_docker_image_final }}" + - "{{ matrix_synapse_docker_image }}" - name: Ensure sample prometheus.yml for external scraping is deleted ansible.builtin.file: diff --git a/roles/matrix-synapse/templates/synapse/customizations/Dockerfile.j2 b/roles/matrix-synapse/templates/synapse/customizations/Dockerfile.j2 new file mode 100644 index 00000000..7cce2086 --- /dev/null +++ b/roles/matrix-synapse/templates/synapse/customizations/Dockerfile.j2 @@ -0,0 +1,3 @@ +FROM {{ matrix_synapse_docker_image }} + +{{ matrix_synapse_container_image_customizations_dockerfile_body_custom }} diff --git a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 index 96b65a0a..3855b850 100644 --- a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 +++ b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 @@ -42,7 +42,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name {{ matrix_synapse_wor {% for arg in matrix_synapse_container_arguments %} {{ arg }} \ {% endfor %} - {{ matrix_synapse_docker_image }} \ + {{ matrix_synapse_docker_image_final }} \ run -m synapse.app.{{ matrix_synapse_worker_details.app }} -c /data/homeserver.yaml -c /data/{{ matrix_synapse_worker_config_file_name }} diff --git a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 index eed50ad1..f41cc54c 100644 --- a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 +++ b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 @@ -60,7 +60,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-synapse \ {% for arg in matrix_synapse_container_arguments %} {{ arg }} \ {% endfor %} - {{ matrix_synapse_docker_image }} \ + {{ matrix_synapse_docker_image_final }} \ run -m synapse.app.homeserver -c /data/homeserver.yaml ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-synapse 2>/dev/null || true' From ac7cb3619dfe522af280875566e859007f7a0374 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 14 Oct 2022 17:41:41 +0300 Subject: [PATCH 414/562] Add support for synapse-s3-storage-provider --- docs/configuring-playbook-s3-goofys.md | 137 ++++++++++++ docs/configuring-playbook-s3.md | 195 +++++------------- ...ng-playbook-synapse-s3-storage-provider.md | 104 ++++++++++ roles/matrix-synapse/defaults/main.yml | 35 ++++ .../tasks/ext/s3-storage-provider/init.yml | 5 + .../tasks/ext/s3-storage-provider/setup.yml | 10 + .../ext/s3-storage-provider/setup_install.yml | 54 +++++ .../s3-storage-provider/setup_uninstall.yml | 24 +++ .../s3-storage-provider/validate_config.yml | 18 ++ roles/matrix-synapse/tasks/ext/setup.yml | 2 + roles/matrix-synapse/tasks/init.yml | 3 + roles/matrix-synapse/tasks/setup_synapse.yml | 1 + .../synapse/customizations/Dockerfile.j2 | 4 + .../ext/s3-storage-provider/database.yaml.j2 | 5 + .../synapse/ext/s3-storage-provider/env.j2 | 16 ++ .../media_storage_provider.yaml.j2 | 14 ++ ...pse-s3-storage-provider-migrate.service.j2 | 7 + ...napse-s3-storage-provider-migrate.timer.j2 | 10 + ...rix-synapse-s3-storage-provider-migrate.j2 | 13 ++ ...atrix-synapse-s3-storage-provider-shell.j2 | 13 ++ 20 files changed, 529 insertions(+), 141 deletions(-) create mode 100644 docs/configuring-playbook-s3-goofys.md create mode 100644 docs/configuring-playbook-synapse-s3-storage-provider.md create mode 100644 roles/matrix-synapse/tasks/ext/s3-storage-provider/init.yml create mode 100644 roles/matrix-synapse/tasks/ext/s3-storage-provider/setup.yml create mode 100644 roles/matrix-synapse/tasks/ext/s3-storage-provider/setup_install.yml create mode 100644 roles/matrix-synapse/tasks/ext/s3-storage-provider/setup_uninstall.yml create mode 100644 roles/matrix-synapse/tasks/ext/s3-storage-provider/validate_config.yml create mode 100644 roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/database.yaml.j2 create mode 100644 roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/env.j2 create mode 100644 roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/media_storage_provider.yaml.j2 create mode 100644 roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.service.j2 create mode 100644 roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.timer.j2 create mode 100644 roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-migrate.j2 create mode 100644 roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-shell.j2 diff --git a/docs/configuring-playbook-s3-goofys.md b/docs/configuring-playbook-s3-goofys.md new file mode 100644 index 00000000..2efacddc --- /dev/null +++ b/docs/configuring-playbook-s3-goofys.md @@ -0,0 +1,137 @@ +# Storing Matrix media files on Amazon S3 with Goofys (optional) + +If you'd like to store Synapse's content repository (`media_store`) files on Amazon S3 (or other S3-compatible service), +you can let this playbook configure [Goofys](https://github.com/kahing/goofys) for you. + +Another (and better performing) way to use S3 storage with Synapse is [synapse-s3-storage-provider](configuring-playbook-synapse-s3-storage-provider.md). + +Using a Goofys-backed media store works, but performance may not be ideal. If possible, try to use a region which is close to your Matrix server. + +If you'd like to move your locally-stored media store data to Amazon S3 (or another S3-compatible object store), we also provide some migration instructions below. + + +## Usage + +After [creating the S3 bucket and configuring it](configuring-playbook-s3.md#bucket-creation-and-security-configuration), you can proceed to configure Goofys in your configuration file (`inventory/host_vars/matrix./vars.yml`): + +```yaml +matrix_s3_media_store_enabled: true +matrix_s3_media_store_bucket_name: "your-bucket-name" +matrix_s3_media_store_aws_access_key: "access-key-goes-here" +matrix_s3_media_store_aws_secret_key: "secret-key-goes-here" +matrix_s3_media_store_region: "eu-central-1" +``` + +You can use any S3-compatible object store by **additionally** configuring these variables: + +```yaml +matrix_s3_media_store_custom_endpoint_enabled: true +matrix_s3_media_store_custom_endpoint: "https://your-custom-endpoint" +``` + +If you have local media store files and wish to migrate to Backblaze B2 subsequently, follow our [migration guide to Backblaze B2](#migrating-to-backblaze-b2) below instead of applying this configuration as-is. + + +## Migrating from local filesystem storage to S3 + +It's a good idea to [make a complete server backup](faq.md#how-do-i-backup-the-data-on-my-server) before migrating your local media store to an S3-backed one. + +Follow one of the guides below for a migration path from a locally-stored media store to one stored on S3-compatible storage: + +- [Storing Matrix media files on Amazon S3 with Goofys (optional)](#storing-matrix-media-files-on-amazon-s3-with-goofys-optional) + - [Usage](#usage) + - [Migrating from local filesystem storage to S3](#migrating-from-local-filesystem-storage-to-s3) + - [Migrating to any S3-compatible storage (universal, but likely slow)](#migrating-to-any-s3-compatible-storage-universal-but-likely-slow) + - [Migrating to Backblaze B2](#migrating-to-backblaze-b2) + +### Migrating to any S3-compatible storage (universal, but likely slow) + +It's a good idea to [make a complete server backup](faq.md#how-do-i-backup-the-data-on-my-server) before doing this. + +1. Proceed with the steps below without stopping Matrix services + +2. Start by adding the base S3 configuration in your `vars.yml` file (seen above, may be different depending on the S3 provider of your choice) + +3. In addition to the base configuration you see above, add this to your `vars.yml` file: + +```yaml +matrix_s3_media_store_path: /matrix/s3-media-store +``` + +This enables S3 support, but mounts the S3 storage bucket to `/matrix/s3-media-store` without hooking it to your homeserver yet. Your homeserver will still continue using your local filesystem for its media store. + +5. Run the playbook to apply the changes: `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start` + +6. Do an **initial sync of your files** by running this **on the server** (it may take a very long time): + +```sh +sudo -u matrix -- rsync --size-only --ignore-existing -avr /matrix/synapse/storage/media-store/. /matrix/s3-media-store/. +``` + +You may need to install `rsync` manually. + +7. Stop all Matrix services (`ansible-playbook -i inventory/hosts setup.yml --tags=stop`) + +8. Start the S3 service by running this **on the server**: `systemctl start matrix-goofys` + +9. Sync the files again by re-running the `rsync` command you see in step #6 + +10. Stop the S3 service by running this **on the server**: `systemctl stop matrix-goofys` + +11. Get the old media store out of the way by running this command on the server: + +```sh +mv /matrix/synapse/storage/media-store /matrix/synapse/storage/media-store-local-backup +``` + +12. Remove the `matrix_s3_media_store_path` configuration from your `vars.yml` file (undoing step #3 above) + +13. Run the playbook: `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start` + +14. You're done! Verify that loading existing (old) media files works and that you can upload new ones. + +15. When confident that it all works, get rid of the local media store directory: `rm -rf /matrix/synapse/storage/media-store-local-backup` + + +### Migrating to Backblaze B2 + +It's a good idea to [make a complete server backup](faq.md#how-do-i-backup-the-data-on-my-server) before doing this. + +1. While all Matrix services are running, run the following command on the server: + +(you need to adjust the 3 `--env` line below with your own data) + +```sh +docker run -it --rm -w /work \ +--env='B2_KEY_ID=YOUR_KEY_GOES_HERE' \ +--env='B2_KEY_SECRET=YOUR_SECRET_GOES_HERE' \ +--env='B2_BUCKET_NAME=YOUR_BUCKET_NAME_GOES_HERE' \ +-v /matrix/synapse/storage/media-store/:/work \ +--entrypoint=/bin/sh \ +docker.io/tianon/backblaze-b2:2.1.0 \ +-c 'b2 authorize-account $B2_KEY_ID $B2_KEY_SECRET > /dev/null && b2 sync /work/ b2://$B2_BUCKET_NAME' +``` + +This is some initial file sync, which may take a very long time. + +2. Stop all Matrix services (`ansible-playbook -i inventory/hosts setup.yml --tags=stop`) + +3. Run the command from step #1 again. + +Doing this will sync any new files that may have been created locally in the meantime. + +Now that Matrix services aren't running, we're sure to get Backblaze B2 and your local media store fully in sync. + +4. Get the old media store out of the way by running this command on the server: + +```sh +mv /matrix/synapse/storage/media-store /matrix/synapse/storage/media-store-local-backup +``` + +5. Put the [Backblaze B2 settings seen above](#backblaze-b2) in your `vars.yml` file + +6. Run the playbook: `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start` + +7. You're done! Verify that loading existing (old) media files works and that you can upload new ones. + +8. When confident that it all works, get rid of the local media store directory: `rm -rf /matrix/synapse/storage/media-store-local-backup` diff --git a/docs/configuring-playbook-s3.md b/docs/configuring-playbook-s3.md index 43aaa879..539f96d3 100644 --- a/docs/configuring-playbook-s3.md +++ b/docs/configuring-playbook-s3.md @@ -1,15 +1,44 @@ -# Storing Matrix media files on Amazon S3 (optional) +# Storing Synapse media files on Amazon S3 or another compatible Object Storage (optional) By default, this playbook configures your server to store Synapse's content repository (`media_store`) files on the local filesystem. If that's alright, you can skip this. -If you'd like to store Synapse's content repository (`media_store`) files on Amazon S3 (or other S3-compatible service), -you can let this playbook configure [Goofys](https://github.com/kahing/goofys) for you. +As an alternative to storing media files on the local filesystem, you can store them on [Amazon S3](https://aws.amazon.com/s3/) or another S3-compatible object store. -Using a Goofys-backed media store works, but performance may not be ideal. If possible, try to use a region which is close to your Matrix server. +First, [choose an Object Storage provider](#choosing-an-object-storage-provider). -If you'd like to move your locally-stored media store data to Amazon S3 (or another S3-compatible object store), we also provide some migration instructions below. +Then, [create the S3 bucket](#bucket-creation-and-security-configuration). +Finally, [set up S3 storage for Synapse](#setting-up) (with [Goofys](configuring-playbook-s3-goofys.md) or [synapse-s3-storage-provider](configuring-playbook-synapse-s3-storage-provider.md)). + + +## Choosing an Object Storage provider + +You can create [Amazon S3](https://aws.amazon.com/s3/) or another S3-compatible object store like [Backblaze B2](https://www.backblaze.com/b2/cloud-storage.html), [Wasabi](https://wasabi.com), [Digital Ocean Spaces](https://www.digitalocean.com/products/spaces), etc. + +Amazon S3 and Backblaze S3 are pay-as-you with no minimum charges for storing too little data. + +All these providers have different prices, with Backblaze B2 appearing to be the cheapest. + +Wasabi has a minimum charge of 1TB if you're storing less than 1TB, which becomes expensive if you need to store less data than that. + +Digital Ocean Spaces has a minimum charge of 250GB ($5/month as of 2022-10), which is also expensive if you're storing less data than that. + +Important aspects of choosing the right provider are: + +- a provider by a company you like and trust (or dislike less than the others) +- a provider which has a data region close to your Matrix server (if it's farther away, high latency may cause slowdowns) +- a provider which is OK pricewise +- a provider with free or cheap egress (if you need to get the data out often, for some reason) - likely not too important for the common use-case + + +## Bucket creation and Security Configuration + +Now that you've [chosen an Object Storage provider](#choosing-an-object-storage-provider), you need to create a storage bucket. + +How you do this varies from provider to provider, with Amazon S3 being the most complicated due to its vast number of services and complicated security policies. + +Below, we provider some guides for common providers. If you don't see yours, look at the others for inspiration or read some guides online about how to create a bucket. Feel free to contribute to this documentation with an update! ## Amazon S3 @@ -34,161 +63,45 @@ You'll need an Amazon S3 bucket and some IAM user credentials (access key + secr } ``` -**NOTE**: This policy needs to be attached to an IAM user creted from the **Security Credentials** menu. This is not a **Bucket Policy**. - -You then need to enable S3 support in your configuration file (`inventory/host_vars/matrix./vars.yml`). -It would be something like this: - -```yaml -matrix_s3_media_store_enabled: true -matrix_s3_media_store_bucket_name: "your-bucket-name" -matrix_s3_media_store_aws_access_key: "access-key-goes-here" -matrix_s3_media_store_aws_secret_key: "secret-key-goes-here" -matrix_s3_media_store_region: "eu-central-1" -``` +**NOTE**: This policy needs to be attached to an IAM user created from the **Security Credentials** menu. This is not a **Bucket Policy**. -## Using other S3-compatible object stores +## Backblaze B2 -You can use any S3-compatible object store by **additionally** configuring these variables: +To use [Backblaze B2](https://www.backblaze.com/b2/cloud-storage.html) you first need to sign up. -```yaml -matrix_s3_media_store_custom_endpoint_enabled: true -# Example: "https://storage.googleapis.com" -matrix_s3_media_store_custom_endpoint: "your-custom-endpoint" -``` +You [can't easily change which region (US, Europe) your Backblaze account stores files in](https://old.reddit.com/r/backblaze/comments/hi1v90/make_the_choice_for_the_b2_data_center_region/), so make sure to carefully choose the region when signing up (hint: it's a hard to see dropdown below the username/password fields in the signup form). -### Backblaze B2 - -To use [Backblaze B2](https://www.backblaze.com/b2/cloud-storage.html): +After logging in to Backblaze: - create a new **private** bucket through its user interface (you can call it something like `matrix-DOMAIN-media-store`) -- note the **Endpoint** for your bucket (something like `s3.us-west-002.backblazeb2.com`) -- adjust its lifecycle rules to use the following **custom** rules: - - File Path: *empty value* - - Days Till Hide: *empty value* - - Days Till Delete: `1` +- note the **Endpoint** for your bucket (something like `s3.us-west-002.backblazeb2.com`). +- adjust its Lifecycle Rules to: Keep only the last version of the file - go to [App Keys](https://secure.backblaze.com/app_keys.htm) and use the **Add a New Application Key** to create a new one - restrict it to the previously created bucket (e.g. `matrix-DOMAIN-media-store`) - give it *Read & Write* access -Copy the `keyID` and `applicationKey`. +The `keyID` value is your **Access Key** and `applicationKey` is your **Secret Key**. -You need the following *additional* playbook configuration (on top of what you see above): +For configuring [Goofys](configuring-playbook-s3-goofys.md) or [s3-synapse-storage-provider](configuring-playbook-synapse-s3-storage-provider.md) you will need: -```yaml -matrix_s3_media_store_bucket_name: "YOUR_BUCKET_NAME_GOES_HERE" -matrix_s3_media_store_aws_access_key: "YOUR_keyID_GOES_HERE" -matrix_s3_media_store_aws_secret_key: "YOUR_applicationKey_GOES_HERE" -matrix_s3_media_store_custom_endpoint_enabled: true -matrix_s3_media_store_custom_endpoint: "https://s3.us-west-002.backblazeb2.com" # this may be different for your bucket -``` +- **Endpoint URL** - this is the **Endpoint** value you saw above, but prefixed with `https://` -If you have local media store files and wish to migrate to Backblaze B2 subsequently, follow our [migration guide to Backblaze B2](#migrating-to-backblaze-b2) below instead of applying this configuration as-is. +- **Region** - use the value you see in the Endpoint (e.g. `us-west-002`) + +- **Storage Class** - use `STANDARD`. Backblaze B2 does not have different storage classes, so it doesn't make sense to use any other value. -## Migrating from local filesystem storage to S3 +## Other providers -It's a good idea to [make a complete server backup](faq.md#how-do-i-backup-the-data-on-my-server) before migrating your local media store to an S3-backed one. +For other S3-compatible providers, you may not need to configure security policies, etc. (just like for [Backblaze B2](#backblaze-b2)). -Follow one of the guides below for a migration path from a locally-stored media store to one stored on S3-compatible storage: - -- [Storing Matrix media files on Amazon S3 (optional)](#storing-matrix-media-files-on-amazon-s3-optional) - - [Amazon S3](#amazon-s3) - - [Using other S3-compatible object stores](#using-other-s3-compatible-object-stores) - - [Backblaze B2](#backblaze-b2) - - [Migrating from local filesystem storage to S3](#migrating-from-local-filesystem-storage-to-s3) - - [Migrating to any S3-compatible storage (universal, but likely slow)](#migrating-to-any-s3-compatible-storage-universal-but-likely-slow) - - [Migrating to Backblaze B2](#migrating-to-backblaze-b2) - -### Migrating to any S3-compatible storage (universal, but likely slow) - -It's a good idea to [make a complete server backup](faq.md#how-do-i-backup-the-data-on-my-server) before doing this. - -1. Proceed with the steps below without stopping Matrix services - -2. Start by adding the base S3 configuration in your `vars.yml` file (seen above, may be different depending on the S3 provider of your choice) - -3. In addition to the base configuration you see above, add this to your `vars.yml` file: - -```yaml -matrix_s3_media_store_path: /matrix/s3-media-store -``` - -This enables S3 support, but mounts the S3 storage bucket to `/matrix/s3-media-store` without hooking it to your homeserver yet. Your homeserver will still continue using your local filesystem for its media store. - -5. Run the playbook to apply the changes: `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start` - -6. Do an **initial sync of your files** by running this **on the server** (it may take a very long time): - -```sh -sudo -u matrix -- rsync --size-only --ignore-existing -avr /matrix/synapse/storage/media-store/. /matrix/s3-media-store/. -``` - -You may need to install `rsync` manually. - -7. Stop all Matrix services (`ansible-playbook -i inventory/hosts setup.yml --tags=stop`) - -8. Start the S3 service by running this **on the server**: `systemctl start matrix-goofys` - -9. Sync the files again by re-running the `rsync` command you see in step #6 - -10. Stop the S3 service by running this **on the server**: `systemctl stop matrix-goofys` - -11. Get the old media store out of the way by running this command on the server: - -```sh -mv /matrix/synapse/storage/media-store /matrix/synapse/storage/media-store-local-backup -``` - -12. Remove the `matrix_s3_media_store_path` configuration from your `vars.yml` file (undoing step #3 above) - -13. Run the playbook: `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start` - -14. You're done! Verify that loading existing (old) media files works and that you can upload new ones. - -15. When confident that it all works, get rid of the local media store directory: `rm -rf /matrix/synapse/storage/media-store-local-backup` +You most likely just need to create an S3 bucket and get some credentials (access key and secret key) for accessing the bucket in a read/write manner. -### Migrating to Backblaze B2 +## Setting up -It's a good idea to [make a complete server backup](faq.md#how-do-i-backup-the-data-on-my-server) before doing this. +To set up Synapse to store files in S3, follow the instructions for the method of your choice: -1. While all Matrix services are running, run the following command on the server: - -(you need to adjust the 3 `--env` line below with your own data) - -```sh -docker run -it --rm -w /work \ ---env='B2_KEY_ID=YOUR_KEY_GOES_HERE' \ ---env='B2_KEY_SECRET=YOUR_SECRET_GOES_HERE' \ ---env='B2_BUCKET_NAME=YOUR_BUCKET_NAME_GOES_HERE' \ --v /matrix/synapse/storage/media-store/:/work \ ---entrypoint=/bin/sh \ -docker.io/tianon/backblaze-b2:2.1.0 \ --c 'b2 authorize-account $B2_KEY_ID $B2_KEY_SECRET > /dev/null && b2 sync /work/ b2://$B2_BUCKET_NAME' -``` - -This is some initial file sync, which may take a very long time. - -2. Stop all Matrix services (`ansible-playbook -i inventory/hosts setup.yml --tags=stop`) - -3. Run the command from step #1 again. - -Doing this will sync any new files that may have been created locally in the meantime. - -Now that Matrix services aren't running, we're sure to get Backblaze B2 and your local media store fully in sync. - -4. Get the old media store out of the way by running this command on the server: - -```sh -mv /matrix/synapse/storage/media-store /matrix/synapse/storage/media-store-local-backup -``` - -5. Put the [Backblaze B2 settings seen above](#backblaze-b2) in your `vars.yml` file - -6. Run the playbook: `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start` - -7. You're done! Verify that loading existing (old) media files works and that you can upload new ones. - -8. When confident that it all works, get rid of the local media store directory: `rm -rf /matrix/synapse/storage/media-store-local-backup` +- using [synapse-s3-storage-provider](configuring-playbook-synapse-s3-storage-provider.md) (recommended) +- using [Goofys to mount the S3 store to the local filesystem](configuring-playbook-s3-goofys.md) diff --git a/docs/configuring-playbook-synapse-s3-storage-provider.md b/docs/configuring-playbook-synapse-s3-storage-provider.md new file mode 100644 index 00000000..bc0250f1 --- /dev/null +++ b/docs/configuring-playbook-synapse-s3-storage-provider.md @@ -0,0 +1,104 @@ +# Storing Synapse media files on Amazon S3 with synapse-s3-storage-provider (optional) + +If you'd like to store Synapse's content repository (`media_store`) files on Amazon S3 (or other S3-compatible service), +you can use the [synapse-s3-storage-provider](https://github.com/matrix-org/synapse-s3-storage-provider) media provider module for Synapse. + +An alternative (which has worse performance) is to use [Goofys to mount the S3 store to the local filesystem](configuring-playbook-s3-goofys.md). + + +## How it works? + +Summarized writings here are inspired by [this article](https://quentin.dufour.io/blog/2021-09-14/matrix-synapse-s3-storage/). + +The way media storage providers in Synapse work has some caveats: + +- Synapse still continues to use locally-stored files (for creating thumbnails, serving files, etc) +- the media storage provider is just an extra storage mechanism (in addition to the local filesystem) +- all files are stored locally at first, and then copied to the media storage provider (either synchronously or asynchronously) +- if a file is not available on the local filesystem, it's pulled from a media storage provider + +You may be thinking **if all files are stored locally as well, what's the point**? + +You can run some scripts to delete the local files once in a while, thus freeing up local disk space. If these files are needed in the future (for serving them to users, etc.), Synapse will pull them from the media storage provider on demand. + +While you will need some local disk space around, it's only to accommodate usage, etc., and won't grow as large as your S3 store. + + +## Installing + +After [creating the S3 bucket and configuring it](configuring-playbook-s3.md#bucket-creation-and-security-configuration), you can proceed to configure Goofys in your configuration file (`inventory/host_vars/matrix./vars.yml`): + +```yaml +matrix_synapse_ext_synapse_s3_storage_provider_enabled: true +matrix_synapse_ext_synapse_s3_storage_provider_config_bucket: your-bucket-name +matrix_synapse_ext_synapse_s3_storage_provider_config_region_name: some-region-name # e.g. eu-central-1 +matrix_synapse_ext_synapse_s3_storage_provider_config_endpoint_url: https://.. # delete this whole line for Amazon S3 +matrix_synapse_ext_synapse_s3_storage_provider_config_access_key_id: access-key-goes-here +matrix_synapse_ext_synapse_s3_storage_provider_config_secret_access_key: secret-key-goes-here +matrix_synapse_ext_synapse_s3_storage_provider_config_storage_class: STANDARD # or STANDARD_IA, etc. + +# For additional advanced settings, take a look at `roles/matrix-synapse/defaults/main.yml` +``` + +If you have existing files in Synapse's media repository (`/matrix/synapse/media-store/..`): + +- new files will start being stored both locally and on the S3 store +- the existing files will remain on the local filesystem only until [migrating them to the S3 store](#migrating-your-existing-media-files-to-the-s3-store) +- at some point (and periodically in the future), you can delete local files which have been uploaded to the S3 store already + + +## Migrating your existing media files to the S3 store + +Migrating your existing data can happen in multiple ways: + +- [using the `s3_media_upload` script from `synapse-s3-storage-provider`](#using-the-s3_media_upload-script-from-synapse-s3-storage-provider) (very slow when dealing with lots of data) +- [using another tool in combination with `s3_media_upload`](#using-another-tool-in-combination-with-s3_media_upload) (quicker when dealing with lots of data) + +### Using the `s3_media_upload` script from `synapse-s3-storage-provider` + +Instead of using `s3_media_upload` directly, which is very slow and painful for an initial data migration, we recommend [using another tool in combination with `s3_media_upload`](#using-another-tool-in-combination-with-s3_media_upload). + +To copy your existing files, SSH into the server and run `/usr/local/bin/matrix-synapse-s3-storage-provider-shell`. + +This launches a Synapse container, which has access to the local media store, Postgres database, S3 store and has some convenient environment variables configured for you to use (`MEDIA_PATH`, `BUCKET`, `ENDPOINT`, `UPDATE_DB_DAYS`, etc). + +Then use the following commands (`$` values come from environment variables - they're **not placeholders** that you need to substitute): + +- `s3_media_upload update-db $UPDATE_DB_DURATION` - create a local SQLite database (`cache.db`) with a list of media repository files (from the `synapse` Postgres database) eligible for operating on + - `$UPDATE_DB_DURATION` is influenced by the `matrix_synapse_ext_synapse_s3_storage_provider_update_db_day_count` variable (defaults to `0`) + - `$UPDATE_DB_DURATION` defaults to `0d` (0 days), which means **include files which haven't been accessed for more than 0 days** (that is, **all files will be included**). +- `s3_media_upload check-deleted $MEDIA_PATH` - check whether files in the local cache still exist in the local media repository directory +- `s3_media_upload upload $MEDIA_PATH $BUCKET --delete --endpoint-url $ENDPOINT` - uploads locally-stored files to S3 and deletes them from the local media repository directory + +The `upload` command may take a lot of time to complete. + + +### Using another tool in combination with `s3_media_upload` + +To migrate your existing local data to S3, we recommend to: + +- **first** use another tool ([`aws s3`](#copying-data-to-amazon-s3) or [`b2 sync`](#copying-data-to-backblaze-b2), etc.) to copy the local files to the S3 bucket + +- **only then** [use the `s3_media_upload` tool to finish the migration](#using-the-s3_media_upload-script-from-synapse-s3-storage-provider) (this checks to ensure all files are uploaded and then deletes the local files) + +#### Copying data to Amazon S3 + +Generally, you need to use the `aws s3` tool. + +This documentation section could use an improvement. Ideally, we'd come up with a guide like the one used in [Copying data to Backblaze B2](#copying-data-to-backblaze-b2) - running `aws s3` in a container, etc. + +#### Copying data to Backblaze B2 + +To copy to Backblaze B2, start a container like this: + +```sh +docker run -it --rm \ +-w /work \ +--env='B2_KEY_ID=YOUR_KEY_GOES_HERE' \ +--env='B2_KEY_SECRET=YOUR_SECRET_GOES_HERE' \ +--env='B2_BUCKET_NAME=YOUR_BUCKET_NAME_GOES_HERE' \ +--mount type=bind,src=/matrix/synapse/storage/media-store,dst=/work,ro \ +--entrypoint=/bin/sh \ +tianon/backblaze-b2:3.6.0 \ +-c 'b2 authorize-account $B2_KEY_ID $B2_KEY_SECRET > /dev/null && b2 sync /work b2://$B2_BUCKET_NAME --skipNewer' +``` diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 40e05be7..383e67ab 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -19,6 +19,10 @@ matrix_synapse_container_image_self_build_repo: "https://github.com/matrix-org/s # - `matrix_synapse_docker_image_final` matrix_synapse_container_image_customizations_enabled: "{{ matrix_synapse_ext_synapse_s3_storage_provider_enabled }}" +# Controls whether custom build steps will be added to the Dockerfile for installing s3-storage-provider. +# The version that will be installed is specified in `matrix_synapse_ext_synapse_s3_storage_provider_version`. +matrix_synapse_container_image_customizations_s3_storage_provider_installation_enabled: "{{ matrix_synapse_ext_synapse_s3_storage_provider_enabled }}" + # matrix_synapse_container_image_customizations_dockerfile_body contains your custom Dockerfile steps # for building your customized Synapse image based on the original (upstream) image (`matrix_synapse_docker_image`). # A `FROM ...` clause is included automatically so you don't have to. @@ -52,6 +56,7 @@ matrix_synapse_config_dir_path: "{{ matrix_synapse_base_path }}/config" matrix_synapse_storage_path: "{{ matrix_synapse_base_path }}/storage" matrix_synapse_media_store_path: "{{ matrix_synapse_storage_path }}/media-store" matrix_synapse_ext_path: "{{ matrix_synapse_base_path }}/ext" +matrix_synapse_ext_s3_storage_provider_path: "{{ matrix_synapse_base_path }}/ext/s3-storage-provider" matrix_synapse_container_client_api_port: 8008 @@ -787,6 +792,32 @@ matrix_synapse_ext_encryption_config_yaml: | patch_power_levels: {{ matrix_synapse_ext_encryption_disabler_patch_power_levels | to_json }} +# matrix_synapse_ext_synapse_s3_storage_provider_enabled controls whether to enable https://github.com/matrix-org/synapse-s3-storage-provider +# Installing it requires building a customized Docker image for Synapse (see `matrix_synapse_container_image_customizations_enabled`). +# Enabling this will enable customizations and inject the appropriate Dockerfile clauses for installing synapse-s3-storage-provider. +matrix_synapse_ext_synapse_s3_storage_provider_enabled: false +matrix_synapse_ext_synapse_s3_storage_provider_version: 1.1.2 +# Controls whether media from this (local) server is stored in s3-storage-provider +matrix_synapse_ext_synapse_s3_storage_provider_store_local: true +# Controls whether media from remote servers is stored in s3-storage-provider +matrix_synapse_ext_synapse_s3_storage_provider_store_remote: true +# Controls whether files are stored to S3 at the same time they are stored on the local filesystem. +# For slightly improved reliability, consider setting this to `true`. +# Even with asynchronous uploading to S3 (`false` value), data loss shouldn't be possible, +# because the local filesystem is a reliable data store anyway. +matrix_synapse_ext_synapse_s3_storage_provider_store_synchronous: false +matrix_synapse_ext_synapse_s3_storage_provider_config_bucket: '' +matrix_synapse_ext_synapse_s3_storage_provider_config_region_name: '' +matrix_synapse_ext_synapse_s3_storage_provider_config_endpoint_url: '' +matrix_synapse_ext_synapse_s3_storage_provider_config_access_key_id: '' +matrix_synapse_ext_synapse_s3_storage_provider_config_secret_access_key: '' +matrix_synapse_ext_synapse_s3_storage_provider_config_storage_class: STANDARD +matrix_synapse_ext_synapse_s3_storage_provider_config_threadpool_size: 40 +# matrix_synapse_ext_synapse_s3_storage_provider_update_db_day_count is a day value (number) for the `s3_media_upload update-db` command. +# It specifies how old files need to have been inactive to be eligible for migration from the local filesystem to the S3 data store. +# By default, we use `0` which says "all files are eligible for migration". +matrix_synapse_ext_synapse_s3_storage_provider_update_db_day_count: 0 + matrix_s3_media_store_enabled: false matrix_s3_media_store_custom_endpoint_enabled: false matrix_s3_goofys_docker_image: "ewoutp/goofys:latest" @@ -839,6 +870,10 @@ matrix_synapse_media_storage_providers: "{{ matrix_synapse_media_storage_provide matrix_synapse_media_storage_providers_auto: | {{ [] + + + [ + lookup('ansible.builtin.template', role_path + '/templates/synapse/ext/s3-storage-provider/media_storage_provider.yaml.j2') | from_yaml + ] if matrix_synapse_ext_synapse_s3_storage_provider_enabled else [] }} # matrix_synapse_media_storage_providers_custom contains your own custom list of storage providers. diff --git a/roles/matrix-synapse/tasks/ext/s3-storage-provider/init.yml b/roles/matrix-synapse/tasks/ext/s3-storage-provider/init.yml new file mode 100644 index 00000000..008161cb --- /dev/null +++ b/roles/matrix-synapse/tasks/ext/s3-storage-provider/init.yml @@ -0,0 +1,5 @@ +--- + +- ansible.builtin.set_fact: + matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-synapse-s3-storage-provider-migrate.timer'] }}" + when: matrix_synapse_ext_synapse_s3_storage_provider_enabled | bool diff --git a/roles/matrix-synapse/tasks/ext/s3-storage-provider/setup.yml b/roles/matrix-synapse/tasks/ext/s3-storage-provider/setup.yml new file mode 100644 index 00000000..aefa49fe --- /dev/null +++ b/roles/matrix-synapse/tasks/ext/s3-storage-provider/setup.yml @@ -0,0 +1,10 @@ +--- + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/ext/s3-storage-provider/validate_config.yml" + when: matrix_synapse_ext_synapse_s3_storage_provider_enabled | bool + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/ext/s3-storage-provider/setup_install.yml" + when: matrix_synapse_ext_synapse_s3_storage_provider_enabled | bool + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/ext/s3-storage-provider/setup_uninstall.yml" + when: not matrix_synapse_ext_synapse_s3_storage_provider_enabled | bool diff --git a/roles/matrix-synapse/tasks/ext/s3-storage-provider/setup_install.yml b/roles/matrix-synapse/tasks/ext/s3-storage-provider/setup_install.yml new file mode 100644 index 00000000..31f72181 --- /dev/null +++ b/roles/matrix-synapse/tasks/ext/s3-storage-provider/setup_install.yml @@ -0,0 +1,54 @@ +--- + +# We install this into Synapse by making `matrix_synapse_ext_synapse_s3_storage_provider_enabled` influence other variables: +# - `matrix_synapse_media_storage_providers` (via `matrix_synapse_media_storage_providers_auto`) +# - `matrix_synapse_container_image_customizations_enabled` +# - `matrix_synapse_container_image_customizations_s3_storage_provider_installation_enabled` +# +# Below are additional tasks for setting up various helper scripts, etc. + +- name: Ensure s3-storage-provider env file installed + ansible.builtin.template: + src: "{{ role_path }}/templates/synapse/ext/s3-storage-provider/env.j2" + dest: "{{ matrix_synapse_ext_s3_storage_provider_path }}/env" + mode: 0640 + +- name: Ensure s3-storage-provider data path exists + ansible.builtin.file: + path: "{{ matrix_synapse_ext_s3_storage_provider_path }}/data" + state: directory + mode: 0750 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + +- name: Ensure s3-storage-provider database.yaml file installed + ansible.builtin.template: + src: "{{ role_path }}/templates/synapse/ext/s3-storage-provider/database.yaml.j2" + dest: "{{ matrix_synapse_ext_s3_storage_provider_path }}/data/database.yaml" + mode: 0640 + +- name: Ensure s3-storage-provider scripts installed + ansible.builtin.template: + src: "{{ role_path }}/templates/synapse/ext/s3-storage-provider/usr-local-bin/{{ item }}.j2" + dest: "{{ matrix_local_bin_path }}/{{ item }}" + mode: 0750 + with_items: + - matrix-synapse-s3-storage-provider-shell + - matrix-synapse-s3-storage-provider-migrate + +- name: Ensure matrix-synapse-s3-storage-provider-migrate.service and timer are installed + ansible.builtin.template: + src: "{{ role_path }}/templates/systemd/.j2" + src: "{{ role_path }}/templates/synapse/ext/s3-storage-provider/systemd/{{ item }}.j2" + dest: "{{ matrix_systemd_path }}/{{ item }}" + mode: 0640 + with_items: + - matrix-synapse-s3-storage-provider-migrate.service + - matrix-synapse-s3-storage-provider-migrate.timer + register: matrix_synapse_s3_storage_provider_systemd_service_result + +- name: Ensure systemd reloaded after matrix-synapse-s3-storage-provider-migrate.service installation + ansible.builtin.service: + daemon_reload: true + when: matrix_synapse_s3_storage_provider_systemd_service_result.changed | bool + diff --git a/roles/matrix-synapse/tasks/ext/s3-storage-provider/setup_uninstall.yml b/roles/matrix-synapse/tasks/ext/s3-storage-provider/setup_uninstall.yml new file mode 100644 index 00000000..205a5541 --- /dev/null +++ b/roles/matrix-synapse/tasks/ext/s3-storage-provider/setup_uninstall.yml @@ -0,0 +1,24 @@ +--- + +- name: Ensure matrix-synapse-s3-storage-provider-migrate.service and timer don't exist + ansible.builtin.file: + path: "{{ matrix_systemd_path }}/{{ item }}" + state: absent + with_items: + - matrix-synapse-s3-storage-provider-migrate.timer + - matrix-synapse-s3-storage-provider-migrate.service + register: matrix_synapse_s3_storage_provider_migrate_sevice_removal + +- name: Ensure systemd reloaded after matrix-synapse-s3-storage-provider-migrate.service removal + ansible.builtin.service: + daemon_reload: true + when: matrix_synapse_s3_storage_provider_migrate_sevice_removal.changed | bool + +- name: Ensure s3-storage-provider files don't exist + ansible.builtin.file: + path: "{{ item }}" + state: absent + with_items: + - "{{ matrix_local_bin_path }}/matrix-synapse-s3-storage-provider-shell" + - "{{ matrix_local_bin_path }}/matrix-synapse-s3-storage-provider-migrate" + - "{{ matrix_synapse_ext_s3_storage_provider_path }}" diff --git a/roles/matrix-synapse/tasks/ext/s3-storage-provider/validate_config.yml b/roles/matrix-synapse/tasks/ext/s3-storage-provider/validate_config.yml new file mode 100644 index 00000000..d71809fe --- /dev/null +++ b/roles/matrix-synapse/tasks/ext/s3-storage-provider/validate_config.yml @@ -0,0 +1,18 @@ +--- + +- name: Fail if required s3-storage-provider settings not defined + ansible.builtin.fail: + msg: >- + You need to define a required configuration setting (`{{ item }}`) for using s3-storage-provider. + when: "vars[item] == ''" + with_items: + - "matrix_synapse_ext_synapse_s3_storage_provider_config_bucket" + - "matrix_synapse_ext_synapse_s3_storage_provider_config_region_name" + - "matrix_synapse_ext_synapse_s3_storage_provider_config_access_key_id" + - "matrix_synapse_ext_synapse_s3_storage_provider_config_secret_access_key" + +- name: Fail if required matrix_synapse_ext_synapse_s3_storage_provider_config_endpoint_url looks invalid + ansible.builtin.fail: + msg: >- + `matrix_synapse_ext_synapse_s3_storage_provider_config_endpoint_url` needs to look like a URL (`http://` or `https://` prefix). + when: "matrix_synapse_ext_synapse_s3_storage_provider_config_endpoint_url != '' and not matrix_synapse_ext_synapse_s3_storage_provider_config_endpoint_url.startswith('http')" diff --git a/roles/matrix-synapse/tasks/ext/setup.yml b/roles/matrix-synapse/tasks/ext/setup.yml index d944f257..6cf1afaa 100644 --- a/roles/matrix-synapse/tasks/ext/setup.yml +++ b/roles/matrix-synapse/tasks/ext/setup.yml @@ -11,3 +11,5 @@ - ansible.builtin.import_tasks: "{{ role_path }}/tasks/ext/synapse-simple-antispam/setup.yml" - ansible.builtin.import_tasks: "{{ role_path }}/tasks/ext/mjolnir-antispam/setup.yml" + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/ext/s3-storage-provider/setup.yml" diff --git a/roles/matrix-synapse/tasks/init.yml b/roles/matrix-synapse/tasks/init.yml index a77320c2..9146936a 100644 --- a/roles/matrix-synapse/tasks/init.yml +++ b/roles/matrix-synapse/tasks/init.yml @@ -26,6 +26,9 @@ matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-goofys.service'] }}" when: matrix_s3_media_store_enabled | bool +- ansible.builtin.include_tasks: "{{ role_path }}/tasks/ext/s3-storage-provider/init.yml" + when: matrix_synapse_ext_synapse_s3_storage_provider_enabled | bool + - when: matrix_synapse_enabled | bool and matrix_synapse_metrics_proxying_enabled | bool block: - name: Fail if matrix-nginx-proxy role already executed diff --git a/roles/matrix-synapse/tasks/setup_synapse.yml b/roles/matrix-synapse/tasks/setup_synapse.yml index 7b887f30..13a5819e 100644 --- a/roles/matrix-synapse/tasks/setup_synapse.yml +++ b/roles/matrix-synapse/tasks/setup_synapse.yml @@ -12,6 +12,7 @@ - {path: "{{ matrix_synapse_ext_path }}", when: true} - {path: "{{ matrix_synapse_docker_src_files_path }}", when: "{{ matrix_synapse_container_image_self_build }}"} - {path: "{{ matrix_synapse_customized_docker_src_files_path }}", when: "{{ matrix_synapse_container_image_customizations_enabled }}"} + - {path: "{{ matrix_synapse_ext_s3_storage_provider_path }}", when: "{{ matrix_synapse_ext_synapse_s3_storage_provider_enabled }}"} # We handle matrix_synapse_media_store_path elsewhere (in ./synapse/setup_install.yml), # because if it's using Goofys and it's already mounted (from before), # trying to chown/chmod it here will cause trouble. diff --git a/roles/matrix-synapse/templates/synapse/customizations/Dockerfile.j2 b/roles/matrix-synapse/templates/synapse/customizations/Dockerfile.j2 index 7cce2086..3919e955 100644 --- a/roles/matrix-synapse/templates/synapse/customizations/Dockerfile.j2 +++ b/roles/matrix-synapse/templates/synapse/customizations/Dockerfile.j2 @@ -1,3 +1,7 @@ FROM {{ matrix_synapse_docker_image }} +{% if matrix_synapse_container_image_customizations_s3_storage_provider_installation_enabled %} +RUN pip install synapse-s3-storage-provider=={{ matrix_synapse_ext_synapse_s3_storage_provider_version }} +{% endif %} + {{ matrix_synapse_container_image_customizations_dockerfile_body_custom }} diff --git a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/database.yaml.j2 b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/database.yaml.j2 new file mode 100644 index 00000000..ed11645e --- /dev/null +++ b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/database.yaml.j2 @@ -0,0 +1,5 @@ +user: {{ matrix_synapse_database_user | to_json }} +password: {{ matrix_synapse_database_password | to_json }} +database: {{ matrix_synapse_database_database | to_json }} +host: {{ matrix_synapse_database_host | to_json }} +port: {{ matrix_synapse_database_port | to_json }} diff --git a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/env.j2 b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/env.j2 new file mode 100644 index 00000000..4b09688b --- /dev/null +++ b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/env.j2 @@ -0,0 +1,16 @@ +AWS_ACCESS_KEY_ID={{ matrix_synapse_ext_synapse_s3_storage_provider_config_access_key_id }} +AWS_SECRET_ACCESS_KEY={{ matrix_synapse_ext_synapse_s3_storage_provider_config_secret_access_key }} +AWS_DEFAULT_REGION={{ matrix_synapse_ext_synapse_s3_storage_provider_config_region_name }} + +ENDPOINT={{ matrix_synapse_ext_synapse_s3_storage_provider_config_endpoint_url }} +BUCKET={{ matrix_synapse_ext_synapse_s3_storage_provider_config_bucket }} + +PG_USER={{ matrix_synapse_database_user }} +PG_PASS={{ matrix_synapse_database_password }} +PG_DB={{ matrix_synapse_database_database }} +PG_HOST={{ matrix_synapse_database_host }} +PG_PORT={{ matrix_synapse_database_port }} + +MEDIA_PATH=/matrix-media-store-parent/{{ matrix_synapse_media_store_directory_name }} + +UPDATE_DB_DURATION={{ matrix_synapse_ext_synapse_s3_storage_provider_update_db_day_count }}d diff --git a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/media_storage_provider.yaml.j2 b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/media_storage_provider.yaml.j2 new file mode 100644 index 00000000..97b0f5f2 --- /dev/null +++ b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/media_storage_provider.yaml.j2 @@ -0,0 +1,14 @@ +module: s3_storage_provider.S3StorageProviderBackend +store_local: {{ matrix_synapse_ext_synapse_s3_storage_provider_store_local | to_json }} +store_remote: {{ matrix_synapse_ext_synapse_s3_storage_provider_store_remote | to_json }} +store_synchronous: {{ matrix_synapse_ext_synapse_s3_storage_provider_store_synchronous | to_json }} +config: + bucket: {{ matrix_synapse_ext_synapse_s3_storage_provider_config_bucket | to_json }} + region_name: {{ matrix_synapse_ext_synapse_s3_storage_provider_config_region_name | to_json }} + endpoint_url: {{ matrix_synapse_ext_synapse_s3_storage_provider_config_endpoint_url | to_json }} + access_key_id: {{ matrix_synapse_ext_synapse_s3_storage_provider_config_access_key_id | to_json }} + secret_access_key: {{ matrix_synapse_ext_synapse_s3_storage_provider_config_secret_access_key | to_json }} + + storage_class: {{ matrix_synapse_ext_synapse_s3_storage_provider_config_storage_class | to_json }} + + threadpool_size: {{ matrix_synapse_ext_synapse_s3_storage_provider_config_threadpool_size | to_json }} diff --git a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.service.j2 b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.service.j2 new file mode 100644 index 00000000..ea8f0c8c --- /dev/null +++ b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.service.j2 @@ -0,0 +1,7 @@ +[Unit] +Description=Migrates locally-stored Synapse media store files to S3 + +[Service] +Type=oneshot +Environment="HOME={{ matrix_systemd_unit_home_path }}" +ExecStart={{ matrix_local_bin_path }}/matrix-synapse-s3-storage-provider-migrate diff --git a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.timer.j2 b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.timer.j2 new file mode 100644 index 00000000..61526ac1 --- /dev/null +++ b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.timer.j2 @@ -0,0 +1,10 @@ +[Unit] +Description=Migrates locally-stored Synapse media store files to S3 + +[Timer] +Unit=matrix-synapse-s3-storage-provider-migrate.service +OnCalendar=*-*-* 05:00:00 +RandomizedDelaySec=2h + +[Install] +WantedBy=timers.target diff --git a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-migrate.j2 b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-migrate.j2 new file mode 100644 index 00000000..0893f5d6 --- /dev/null +++ b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-migrate.j2 @@ -0,0 +1,13 @@ +#jinja2: lstrip_blocks: "True" +#!/bin/bash + +{{ matrix_host_command_docker }} run \ + --rm \ + --env-file={{ matrix_synapse_ext_s3_storage_provider_path }}/env \ + --mount type=bind,src={{ matrix_synapse_storage_path }},dst=/matrix-media-store-parent,bind-propagation=slave \ + --mount type=bind,src={{ matrix_synapse_ext_s3_storage_provider_path }}/data,dst=/data \ + --workdir=/data \ + --network={{ matrix_docker_network }} \ + --entrypoint=/bin/bash \ + {{ matrix_synapse_docker_image_final }} \ + -c 's3_media_upload update-db $UPDATE_DB_DURATION && s3_media_upload --no-progress check-deleted $MEDIA_PATH && s3_media_upload --no-progress upload $MEDIA_PATH $BUCKET --delete --endpoint-url $ENDPOINT' diff --git a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-shell.j2 b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-shell.j2 new file mode 100644 index 00000000..c67a6dda --- /dev/null +++ b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-shell.j2 @@ -0,0 +1,13 @@ +#jinja2: lstrip_blocks: "True" +#!/bin/bash + +{{ matrix_host_command_docker }} run \ + -it \ + --rm \ + --env-file={{ matrix_synapse_ext_s3_storage_provider_path }}/env \ + --mount type=bind,src={{ matrix_synapse_storage_path }},dst=/matrix-media-store-parent,bind-propagation=slave \ + --mount type=bind,src={{ matrix_synapse_ext_s3_storage_provider_path }}/data,dst=/data \ + --workdir=/data \ + --network={{ matrix_docker_network }} \ + --entrypoint=/bin/bash \ + {{ matrix_synapse_docker_image_final }} From a3759b0466fac32d482942177d7e690990d799e9 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 14 Oct 2022 17:50:48 +0300 Subject: [PATCH 415/562] Announce Synapse customization and synapse-s3-storage-provider support --- CHANGELOG.md | 33 ++++++++++++++++++++++++++ roles/matrix-synapse/defaults/main.yml | 1 - 2 files changed, 33 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 06664634..e99cd360 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,36 @@ +# 2022-10-14 + +## synapse-s3-storage-provider support + +You can now store your Synapse media repository files on Amazon S3 (or another S3-compatible object store) using [synapse-s3-storage-provider](https://github.com/matrix-org/synapse-s3-storage-provider) - a media provider for Synapse (Python module), which should work faster and more reliably than our previous [Goofys](docs/configuring-playbook-s3-goofys.md) implementation (Goofys will continue to work). + +This is not just for initial installations. Users with existing files (stored in the local filesystem) can also migrate their files to `synapse-s3-storage-provider`. + +To get started, see our [Storing Synapse media files on Amazon S3 with synapse-s3-storage-provider](docs/configuring-playbook-synapse-s3-storage-provider.md) documentation. + + +## Synapse container image customization support + +We now support customizing the Synapse container image by adding additional build steps to its [`Dockerfile`](https://docs.docker.com/engine/reference/builder/). + +Our [synapse-s3-storage-provider support](#synapse-s3-storage-provider-support) is actually built on this. When `s3-storage-provider` is enabled, we automatically add additional build steps to install its Python module into the Synapse image. + +Besides this kind of auto-added build steps (for components supported by the playbook), we also let you inject your own custom build steps using configuration like this: + +```yaml +matrix_synapse_container_image_customizations_enabled: true + +matrix_synapse_container_image_customizations_dockerfile_body_custom: | + RUN echo 'This is a custom step for building the customized Docker image for Synapse.' + RUN echo 'You can override matrix_synapse_container_image_customizations_dockerfile_body_custom to add your own steps.' + RUN echo 'You do NOT need to include a FROM clause yourself.' +``` + +People who have needed to customize Synapse previously had to fork the git repository, make their changes to the `Dockerfile` there, point the playbook to the new repository (`matrix_synapse_container_image_self_build_repo`) and enable self-building from scratch (`matrix_synapse_container_image_self_build: true`). This is harder and slower. + +With the new Synapse-customization feature in the playbook, we use the original upstream (pre-built, if available) Synapse image and only build on top of it, right on the Matrix server. This is much faster than building all of Synapse from scratch. + + # 2022-10-02 ## matrix-ldap-registration-proxy support diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 383e67ab..4b979159 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -31,7 +31,6 @@ matrix_synapse_container_image_customizations_s3_storage_provider_installation_e # matrix_synapse_container_image_customizations_dockerfile_body_custom: | # RUN echo 'This is a custom step for building the customized Docker image for Synapse.' # RUN echo 'You can override matrix_synapse_container_image_customizations_dockerfile_body_custom to add your own steps.' -# RUN echo 'Note that matrix_synapse_container_image_customizations_dockerfile_body_auto injects steps before this.' # RUN echo 'You do NOT need to include a FROM clause yourself.' matrix_synapse_container_image_customizations_dockerfile_body_custom: '' From 63a0e5c4f6b1b3384a8178ac6414712094736bc6 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 14 Oct 2022 17:58:47 +0300 Subject: [PATCH 416/562] Add warnings to synapse-s3-storage-provider support feature --- CHANGELOG.md | 2 ++ docs/configuring-playbook-synapse-s3-storage-provider.md | 2 ++ 2 files changed, 4 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index e99cd360..3ee9afac 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,8 @@ ## synapse-s3-storage-provider support +**`synapse-s3-storage-provider` support is very new and still relatively untested. Using it may cause data loss.** + You can now store your Synapse media repository files on Amazon S3 (or another S3-compatible object store) using [synapse-s3-storage-provider](https://github.com/matrix-org/synapse-s3-storage-provider) - a media provider for Synapse (Python module), which should work faster and more reliably than our previous [Goofys](docs/configuring-playbook-s3-goofys.md) implementation (Goofys will continue to work). This is not just for initial installations. Users with existing files (stored in the local filesystem) can also migrate their files to `synapse-s3-storage-provider`. diff --git a/docs/configuring-playbook-synapse-s3-storage-provider.md b/docs/configuring-playbook-synapse-s3-storage-provider.md index bc0250f1..3490705a 100644 --- a/docs/configuring-playbook-synapse-s3-storage-provider.md +++ b/docs/configuring-playbook-synapse-s3-storage-provider.md @@ -3,6 +3,8 @@ If you'd like to store Synapse's content repository (`media_store`) files on Amazon S3 (or other S3-compatible service), you can use the [synapse-s3-storage-provider](https://github.com/matrix-org/synapse-s3-storage-provider) media provider module for Synapse. +**`synapse-s3-storage-provider` support is very new and still relatively untested. Using it may cause data loss.** + An alternative (which has worse performance) is to use [Goofys to mount the S3 store to the local filesystem](configuring-playbook-s3-goofys.md). From fe9647559538756ca2f0bb547c621de638506c14 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 14 Oct 2022 18:01:51 +0300 Subject: [PATCH 417/562] Remove some useless PG_ variables fron the s3-storage-provider env-file These Postgres configuration variables are part of the `database.yaml` file and don't need to be here. --- .../templates/synapse/ext/s3-storage-provider/env.j2 | 6 ------ 1 file changed, 6 deletions(-) diff --git a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/env.j2 b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/env.j2 index 4b09688b..3788499b 100644 --- a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/env.j2 +++ b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/env.j2 @@ -5,12 +5,6 @@ AWS_DEFAULT_REGION={{ matrix_synapse_ext_synapse_s3_storage_provider_config_regi ENDPOINT={{ matrix_synapse_ext_synapse_s3_storage_provider_config_endpoint_url }} BUCKET={{ matrix_synapse_ext_synapse_s3_storage_provider_config_bucket }} -PG_USER={{ matrix_synapse_database_user }} -PG_PASS={{ matrix_synapse_database_password }} -PG_DB={{ matrix_synapse_database_database }} -PG_HOST={{ matrix_synapse_database_host }} -PG_PORT={{ matrix_synapse_database_port }} - MEDIA_PATH=/matrix-media-store-parent/{{ matrix_synapse_media_store_directory_name }} UPDATE_DB_DURATION={{ matrix_synapse_ext_synapse_s3_storage_provider_update_db_day_count }}d From 2e0fc5c11c9d7dd165b09c8dc7bcbf8fcf6c2020 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 14 Oct 2022 18:04:49 +0300 Subject: [PATCH 418/562] Fix some ansible-lint-reported warnings --- .../tasks/ext/s3-storage-provider/setup_install.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/roles/matrix-synapse/tasks/ext/s3-storage-provider/setup_install.yml b/roles/matrix-synapse/tasks/ext/s3-storage-provider/setup_install.yml index 31f72181..79684270 100644 --- a/roles/matrix-synapse/tasks/ext/s3-storage-provider/setup_install.yml +++ b/roles/matrix-synapse/tasks/ext/s3-storage-provider/setup_install.yml @@ -38,7 +38,6 @@ - name: Ensure matrix-synapse-s3-storage-provider-migrate.service and timer are installed ansible.builtin.template: - src: "{{ role_path }}/templates/systemd/.j2" src: "{{ role_path }}/templates/synapse/ext/s3-storage-provider/systemd/{{ item }}.j2" dest: "{{ matrix_systemd_path }}/{{ item }}" mode: 0640 @@ -51,4 +50,3 @@ ansible.builtin.service: daemon_reload: true when: matrix_synapse_s3_storage_provider_systemd_service_result.changed | bool - From 3cf0dcda6d39506cc71c249d3001ec30d826b554 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 14 Oct 2022 18:07:10 +0300 Subject: [PATCH 419/562] Update "b2 sync" commands --- docs/configuring-playbook-s3-goofys.md | 6 +++--- docs/configuring-playbook-synapse-s3-storage-provider.md | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/configuring-playbook-s3-goofys.md b/docs/configuring-playbook-s3-goofys.md index 2efacddc..ef8f20c2 100644 --- a/docs/configuring-playbook-s3-goofys.md +++ b/docs/configuring-playbook-s3-goofys.md @@ -106,10 +106,10 @@ docker run -it --rm -w /work \ --env='B2_KEY_ID=YOUR_KEY_GOES_HERE' \ --env='B2_KEY_SECRET=YOUR_SECRET_GOES_HERE' \ --env='B2_BUCKET_NAME=YOUR_BUCKET_NAME_GOES_HERE' \ --v /matrix/synapse/storage/media-store/:/work \ +--mount type=bind,src=/matrix/synapse/storage/media-store,dst=/work,ro \ --entrypoint=/bin/sh \ -docker.io/tianon/backblaze-b2:2.1.0 \ --c 'b2 authorize-account $B2_KEY_ID $B2_KEY_SECRET > /dev/null && b2 sync /work/ b2://$B2_BUCKET_NAME' +docker.io/tianon/backblaze-b2:3.6.0 \ +-c 'b2 authorize-account $B2_KEY_ID $B2_KEY_SECRET && b2 sync /work b2://$B2_BUCKET_NAME --skipNewer' ``` This is some initial file sync, which may take a very long time. diff --git a/docs/configuring-playbook-synapse-s3-storage-provider.md b/docs/configuring-playbook-synapse-s3-storage-provider.md index 3490705a..7f2af49c 100644 --- a/docs/configuring-playbook-synapse-s3-storage-provider.md +++ b/docs/configuring-playbook-synapse-s3-storage-provider.md @@ -102,5 +102,5 @@ docker run -it --rm \ --mount type=bind,src=/matrix/synapse/storage/media-store,dst=/work,ro \ --entrypoint=/bin/sh \ tianon/backblaze-b2:3.6.0 \ --c 'b2 authorize-account $B2_KEY_ID $B2_KEY_SECRET > /dev/null && b2 sync /work b2://$B2_BUCKET_NAME --skipNewer' +-c 'b2 authorize-account $B2_KEY_ID $B2_KEY_SECRET && b2 sync /work b2://$B2_BUCKET_NAME --skipNewer' ``` From de8fd519c56e5905b729ce18c558cc478dc05de7 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 14 Oct 2022 18:14:34 +0300 Subject: [PATCH 420/562] Document matrix-synapse-s3-storage-provider-migrate.{service,timer} --- ...iguring-playbook-synapse-s3-storage-provider.md | 14 +++++++++++++- ...ix-synapse-s3-storage-provider-migrate.timer.j2 | 1 - 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-synapse-s3-storage-provider.md b/docs/configuring-playbook-synapse-s3-storage-provider.md index 7f2af49c..6ab2820a 100644 --- a/docs/configuring-playbook-synapse-s3-storage-provider.md +++ b/docs/configuring-playbook-synapse-s3-storage-provider.md @@ -21,7 +21,7 @@ The way media storage providers in Synapse work has some caveats: You may be thinking **if all files are stored locally as well, what's the point**? -You can run some scripts to delete the local files once in a while, thus freeing up local disk space. If these files are needed in the future (for serving them to users, etc.), Synapse will pull them from the media storage provider on demand. +You can run some scripts to delete the local files once in a while (which we do automatically by default - see [Periodically cleaning up the local filesystem](#periodically-cleaning-up-the-local-filesystem)), thus freeing up local disk space. If these files are needed in the future (for serving them to users, etc.), Synapse will pull them from the media storage provider on demand. While you will need some local disk space around, it's only to accommodate usage, etc., and won't grow as large as your S3 store. @@ -104,3 +104,15 @@ docker run -it --rm \ tianon/backblaze-b2:3.6.0 \ -c 'b2 authorize-account $B2_KEY_ID $B2_KEY_SECRET && b2 sync /work b2://$B2_BUCKET_NAME --skipNewer' ``` + +## Periodically cleaning up the local filesystem + +As described in [How it works?](#how-it-works) above, when new media is uploaded to the Synapse homeserver, it's first stored locally and then also stored on the remote S3 storage. + +By default, we periodically ensure that all local files are uploaded to S3 and are then removed from the local filesystem. This is done automatically using: + +- the `/usr/local/bin/matrix-synapse-s3-storage-provider-migrate` script +- .. invoked via the `matrix-synapse-s3-storage-provider-migrate.service` service +- .. triggered by the `matrix-synapse-s3-storage-provider-migrate.timer` timer, every day at 05:00 + +So.. you don't need to perform any maintenance yourself. diff --git a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.timer.j2 b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.timer.j2 index 61526ac1..5013c7a8 100644 --- a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.timer.j2 +++ b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.timer.j2 @@ -4,7 +4,6 @@ Description=Migrates locally-stored Synapse media store files to S3 [Timer] Unit=matrix-synapse-s3-storage-provider-migrate.service OnCalendar=*-*-* 05:00:00 -RandomizedDelaySec=2h [Install] WantedBy=timers.target From 6f56b9fb38fbc5216054067a1658e8530a98f4fc Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 14 Oct 2022 18:17:08 +0300 Subject: [PATCH 421/562] Upgrade Dendrite (0.10.2 -> 0.10.3) --- roles/matrix-dendrite/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml index 92a9ff9f..2adf13da 100644 --- a/roles/matrix-dendrite/defaults/main.yml +++ b/roles/matrix-dendrite/defaults/main.yml @@ -6,7 +6,7 @@ matrix_dendrite_enabled: true matrix_dendrite_docker_image: "{{ matrix_dendrite_docker_image_name_prefix }}matrixdotorg/dendrite-monolith:{{ matrix_dendrite_docker_image_tag }}" matrix_dendrite_docker_image_name_prefix: "docker.io/" -matrix_dendrite_docker_image_tag: "v0.10.2" +matrix_dendrite_docker_image_tag: "v0.10.3" matrix_dendrite_docker_image_force_pull: "{{ matrix_dendrite_docker_image.endswith(':latest') }}" matrix_dendrite_base_path: "{{ matrix_base_data_path }}/dendrite" From 30745db6d5f098fa68ac228b900f6efa82fd5ed1 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 14 Oct 2022 18:29:30 +0300 Subject: [PATCH 422/562] Add storage-class support to the s3_media_upload command and mention matrix-synapse-s3-storage-provider-migrate script --- ...configuring-playbook-synapse-s3-storage-provider.md | 10 ++++++++-- .../templates/synapse/ext/s3-storage-provider/env.j2 | 1 + .../matrix-synapse-s3-storage-provider-migrate.j2 | 2 +- 3 files changed, 10 insertions(+), 3 deletions(-) diff --git a/docs/configuring-playbook-synapse-s3-storage-provider.md b/docs/configuring-playbook-synapse-s3-storage-provider.md index 6ab2820a..fce5b4ed 100644 --- a/docs/configuring-playbook-synapse-s3-storage-provider.md +++ b/docs/configuring-playbook-synapse-s3-storage-provider.md @@ -70,10 +70,16 @@ Then use the following commands (`$` values come from environment variables - th - `$UPDATE_DB_DURATION` is influenced by the `matrix_synapse_ext_synapse_s3_storage_provider_update_db_day_count` variable (defaults to `0`) - `$UPDATE_DB_DURATION` defaults to `0d` (0 days), which means **include files which haven't been accessed for more than 0 days** (that is, **all files will be included**). - `s3_media_upload check-deleted $MEDIA_PATH` - check whether files in the local cache still exist in the local media repository directory -- `s3_media_upload upload $MEDIA_PATH $BUCKET --delete --endpoint-url $ENDPOINT` - uploads locally-stored files to S3 and deletes them from the local media repository directory +- `s3_media_upload upload $MEDIA_PATH $BUCKET --delete --storage-class $STORAGE_CLASS --endpoint-url $ENDPOINT` - uploads locally-stored files to S3 and deletes them from the local media repository directory -The `upload` command may take a lot of time to complete. +The `s3_media_upload upload` command may take a lot of time to complete. +Instead of running the above commands manually in the shell, you can also run the `/usr/local/bin/matrix-synapse-s3-storage-provider-migrate` script which will run the same commands automatically. We demonstrate how to do it manually, because: + +- it's what the upstream project demonstrates and it teaches you how to use the `s3_media_upload` tool +- allows you to check and verify the output of each command, to catch mistakes +- includes progress bars and detailed output for each command +- allows you to easily interrupt slow-running commands, etc. (the `/usr/local/bin/matrix-synapse-s3-storage-provider-migrate` starts a container without interactive TTY support, so `Ctrl+C` may not work and you and require killing via `docker kill ..`) ### Using another tool in combination with `s3_media_upload` diff --git a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/env.j2 b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/env.j2 index 3788499b..6dfcbe41 100644 --- a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/env.j2 +++ b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/env.j2 @@ -4,6 +4,7 @@ AWS_DEFAULT_REGION={{ matrix_synapse_ext_synapse_s3_storage_provider_config_regi ENDPOINT={{ matrix_synapse_ext_synapse_s3_storage_provider_config_endpoint_url }} BUCKET={{ matrix_synapse_ext_synapse_s3_storage_provider_config_bucket }} +STORAGE_CLASS={{ matrix_synapse_ext_synapse_s3_storage_provider_config_storage_class }} MEDIA_PATH=/matrix-media-store-parent/{{ matrix_synapse_media_store_directory_name }} diff --git a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-migrate.j2 b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-migrate.j2 index 0893f5d6..e6684e69 100644 --- a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-migrate.j2 +++ b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-migrate.j2 @@ -10,4 +10,4 @@ --network={{ matrix_docker_network }} \ --entrypoint=/bin/bash \ {{ matrix_synapse_docker_image_final }} \ - -c 's3_media_upload update-db $UPDATE_DB_DURATION && s3_media_upload --no-progress check-deleted $MEDIA_PATH && s3_media_upload --no-progress upload $MEDIA_PATH $BUCKET --delete --endpoint-url $ENDPOINT' + -c 's3_media_upload update-db $UPDATE_DB_DURATION && s3_media_upload --no-progress check-deleted $MEDIA_PATH && s3_media_upload --no-progress upload $MEDIA_PATH $BUCKET --delete --storage-class $STORAGE_CLASS --endpoint-url $ENDPOINT' From 5a7b80d9e48326f8d6bedf1e31a234fbe735c8d6 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 14 Oct 2022 18:31:17 +0300 Subject: [PATCH 423/562] Update configuring-playbook-synapse-s3-storage-provider.md --- docs/configuring-playbook-synapse-s3-storage-provider.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/configuring-playbook-synapse-s3-storage-provider.md b/docs/configuring-playbook-synapse-s3-storage-provider.md index fce5b4ed..a71e5a0b 100644 --- a/docs/configuring-playbook-synapse-s3-storage-provider.md +++ b/docs/configuring-playbook-synapse-s3-storage-provider.md @@ -48,6 +48,8 @@ If you have existing files in Synapse's media repository (`/matrix/synapse/media - the existing files will remain on the local filesystem only until [migrating them to the S3 store](#migrating-your-existing-media-files-to-the-s3-store) - at some point (and periodically in the future), you can delete local files which have been uploaded to the S3 store already +Regardless of whether you need to [Migrate your existing files to the S3 store](#migrating-your-existing-media-files-to-the-s3-store) or not, make sure you've familiarized yourself with [How it works?](#how-it-works) above and [Periodically cleaning up the local filesystem](#periodically-cleaning-up-the-local-filesystem) below. + ## Migrating your existing media files to the S3 store From 1e0d10586d4bd04dde30adb1e860ada432084865 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 14 Oct 2022 18:49:27 +0300 Subject: [PATCH 424/562] Update README to mention synapse-s3-storage-provider --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index b93fdd5d..569dbb3f 100644 --- a/README.md +++ b/README.md @@ -23,7 +23,7 @@ Using this playbook, you can get the following services configured on your serve - (optional) a [Dendrite](https://github.com/matrix-org/dendrite) homeserver - storing your data and managing your presence in the [Matrix](http://matrix.org/) network. Dendrite is a second-generation Matrix homeserver written in Go, an alternative to Synapse. -- (optional) [Amazon S3](https://aws.amazon.com/s3/) storage for Synapse's content repository (`media_store`) files using [Goofys](https://github.com/kahing/goofys) +- (optional) [Amazon S3](https://aws.amazon.com/s3/) (or other S3-compatible object store) storage for Synapse's content repository (`media_store`) files using [Goofys](https://github.com/kahing/goofys) or [`synapse-s3-storage-provider`](https://github.com/matrix-org/synapse-s3-storage-provider) - (optional, default) [PostgreSQL](https://www.postgresql.org/) database for Synapse. [Using an external PostgreSQL server](docs/configuring-playbook-external-postgres.md) is also possible. From 8025bd19b0b93ac52230f756e86155b6b7bf17a7 Mon Sep 17 00:00:00 2001 From: smargold476 <105579587+smargold476@users.noreply.github.com> Date: Sat, 15 Oct 2022 14:33:28 +0200 Subject: [PATCH 425/562] update Docs regarding Filter-Mode-Flag --- docs/configuring-playbook-bridge-mautrix-telegram.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docs/configuring-playbook-bridge-mautrix-telegram.md b/docs/configuring-playbook-bridge-mautrix-telegram.md index 08ee83cc..91596afc 100644 --- a/docs/configuring-playbook-bridge-mautrix-telegram.md +++ b/docs/configuring-playbook-bridge-mautrix-telegram.md @@ -59,3 +59,8 @@ matrix_mautrix_telegram_configuration_extension_yaml: | More details about permissions in this example: https://github.com/mautrix/telegram/blob/master/mautrix_telegram/example-config.yaml#L410 + +If you like to exclude all groups from syncing and use the Telgeram-Bridge only for direct chats, you can add the following additional playbook configuration: +```yaml +matrix_mautrix_telegram_filter_mode: whitelist +``` From 01078fea8f0c32e09e20a81070ce0cc5f6712435 Mon Sep 17 00:00:00 2001 From: smargold476 <105579587+smargold476@users.noreply.github.com> Date: Sat, 15 Oct 2022 14:37:09 +0200 Subject: [PATCH 426/562] add default for TG filter_mode --- roles/matrix-bridge-mautrix-telegram/defaults/main.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/roles/matrix-bridge-mautrix-telegram/defaults/main.yml b/roles/matrix-bridge-mautrix-telegram/defaults/main.yml index 9fdfd430..0f52cc22 100644 --- a/roles/matrix-bridge-mautrix-telegram/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-telegram/defaults/main.yml @@ -38,6 +38,9 @@ matrix_mautrix_telegram_api_id: '' matrix_mautrix_telegram_api_hash: '' matrix_mautrix_telegram_bot_token: disabled +# Define the filter-mode +matrix_mautrix_telegram_filter_mode: "blacklist" + # Whether or not the public-facing endpoints should be enabled (web-based login) matrix_mautrix_telegram_appservice_public_enabled: true From a6e167cf91932eac58fdcb117062f2a31d62ed64 Mon Sep 17 00:00:00 2001 From: smargold476 <105579587+smargold476@users.noreply.github.com> Date: Sat, 15 Oct 2022 14:38:51 +0200 Subject: [PATCH 427/562] add option to change filter_mode --- roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 index d50be47d..2e6aae51 100644 --- a/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 @@ -273,7 +273,7 @@ bridge: # Filter mode to use. Either "blacklist" or "whitelist". # If the mode is "blacklist", the listed chats will never be bridged. # If the mode is "whitelist", only the listed chats can be bridged. - mode: blacklist + mode: "{{ matrix_mautrix_telegram_filter_mode }}" # The list of group/channel IDs to filter. list: [] From 7b3b22ce072ce02d7ebb8665f899147422a84841 Mon Sep 17 00:00:00 2001 From: smargold476 <105579587+smargold476@users.noreply.github.com> Date: Sat, 15 Oct 2022 14:43:25 +0200 Subject: [PATCH 428/562] update docs to exclude grou-sync --- docs/configuring-playbook-bridge-mautrix-telegram.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docs/configuring-playbook-bridge-mautrix-telegram.md b/docs/configuring-playbook-bridge-mautrix-telegram.md index 08ee83cc..91596afc 100644 --- a/docs/configuring-playbook-bridge-mautrix-telegram.md +++ b/docs/configuring-playbook-bridge-mautrix-telegram.md @@ -59,3 +59,8 @@ matrix_mautrix_telegram_configuration_extension_yaml: | More details about permissions in this example: https://github.com/mautrix/telegram/blob/master/mautrix_telegram/example-config.yaml#L410 + +If you like to exclude all groups from syncing and use the Telgeram-Bridge only for direct chats, you can add the following additional playbook configuration: +```yaml +matrix_mautrix_telegram_filter_mode: whitelist +``` From a7dc9a406de907ab21804613a13c335f335c4352 Mon Sep 17 00:00:00 2001 From: Felix Stupp Date: Sat, 15 Oct 2022 20:17:58 +0000 Subject: [PATCH 429/562] docs/configuring-playbook: Add link to etherpad configuration --- docs/configuring-playbook.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 43b68ee8..efb0f7e3 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -34,6 +34,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up the Jitsi video-conferencing platform](configuring-playbook-jitsi.md) (optional) +- [Setting up Etherpad](configuring-playbook-etherpad.md) (optional) + - [Setting up Dynamic DNS](configuring-playbook-dynamic-dns.md) (optional) - [Enabling metrics and graphs (Prometheus, Grafana) for your Matrix server](configuring-playbook-prometheus-grafana.md) (optional) From 4d267dad4084859ca9c69b23e241c4ae2c1d2817 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sun, 16 Oct 2022 18:24:55 +0300 Subject: [PATCH 430/562] Upgrade mautrix-whatsapp (0.7.0 -> 0.7.1) and sync bridge config with upstream --- .../matrix-bridge-mautrix-whatsapp/defaults/main.yml | 2 +- .../templates/config.yaml.j2 | 12 ++++++++++++ 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml index cb4900ee..55b7387f 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml @@ -8,7 +8,7 @@ matrix_mautrix_whatsapp_container_image_self_build: false matrix_mautrix_whatsapp_container_image_self_build_repo: "https://mau.dev/mautrix/whatsapp.git" matrix_mautrix_whatsapp_container_image_self_build_branch: "{{ 'master' if matrix_mautrix_whatsapp_version == 'latest' else matrix_mautrix_whatsapp_version }}" -matrix_mautrix_whatsapp_version: v0.7.0 +matrix_mautrix_whatsapp_version: v0.7.1 # See: https://mau.dev/mautrix/whatsapp/container_registry matrix_mautrix_whatsapp_docker_image: "{{ matrix_mautrix_whatsapp_docker_image_name_prefix }}mautrix/whatsapp:{{ matrix_mautrix_whatsapp_version }}" matrix_mautrix_whatsapp_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_whatsapp_container_image_self_build else 'dock.mau.dev/' }}" diff --git a/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 index 28971447..9c0b95e8 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 @@ -147,6 +147,12 @@ bridge: # provisioning endpoint is used or when a message comes in from that # chat. max_initial_conversations: -1 + # If this value is greater than 0, then if the conversation's last + # message was more than this number of hours ago, then the conversation + # will automatically be marked it as read. + # Conversations that have a last message that is less than this number + # of hours ago will have their unread status synced from WhatsApp. + unread_hours_threshold: 0 # Settings for immediate backfills. These backfills should generally be # small and their main purpose is to populate each of the initial chats # (as configured by max_initial_conversations) with a few messages so @@ -228,7 +234,10 @@ bridge: # manually. login_shared_secret_map: {{ matrix_mautrix_whatsapp_bridge_login_shared_secret_map|to_json }} # Should the bridge explicitly set the avatar and room name for private chat portal rooms? + # This is implicitly enabled in encrypted rooms. private_chat_portal_meta: false + # Should group members be synced in parallel? This makes member sync faster + parallel_member_sync: false # Should Matrix m.notice-type messages be bridged? bridge_notices: true # Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run. @@ -281,6 +290,9 @@ bridge: # Send captions in the same message as images. This will send data compatible with both MSC2530 and MSC3552. # This is currently not supported in most clients. caption_in_message: false + # Should Matrix edits be bridged to WhatsApp edits? + # Official WhatsApp clients don't render edits yet, but once they do, the bridge should work with them right away. + send_whatsapp_edits: false # Maximum time for handling Matrix events. Duration strings formatted for https://pkg.go.dev/time#ParseDuration # Null means there's no enforced timeout. message_handling_timeout: From 07a7234ba0c642f910e3381776edf5b40735c9de Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sun, 16 Oct 2022 18:27:35 +0300 Subject: [PATCH 431/562] Use | to_json --- .../matrix-bridge-mautrix-telegram/templates/config.yaml.j2 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 index 2e6aae51..b7af83f5 100644 --- a/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 @@ -273,12 +273,12 @@ bridge: # Filter mode to use. Either "blacklist" or "whitelist". # If the mode is "blacklist", the listed chats will never be bridged. # If the mode is "whitelist", only the listed chats can be bridged. - mode: "{{ matrix_mautrix_telegram_filter_mode }}" + mode: {{ matrix_mautrix_telegram_filter_mode | to_json }} # The list of group/channel IDs to filter. list: [] # The prefix for commands. Only required in non-management rooms. - command_prefix: "{{ matrix_mautrix_telegram_command_prefix }}" + command_prefix: {{ matrix_mautrix_telegram_command_prefix | to_json }} # Permissions for using the bridge. # Permitted values: @@ -291,7 +291,7 @@ bridge: # * - All Matrix users # domain - All users on that homeserver # mxid - Specific user - permissions: {{ matrix_mautrix_telegram_bridge_permissions|to_json }} + permissions: {{ matrix_mautrix_telegram_bridge_permissions | to_json }} # Options related to the message relay Telegram bot. relaybot: From 6480cc36293da31fa58b3aa1f7fe90fffbae87bf Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 17 Oct 2022 08:03:10 +0300 Subject: [PATCH 432/562] Fix `'something' is undefined` error in matrix-bridge-appservice-slack .. when `matrix_nginx_proxy_enabled: false` Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2177 --- roles/matrix-bridge-appservice-slack/tasks/init.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-appservice-slack/tasks/init.yml b/roles/matrix-bridge-appservice-slack/tasks/init.yml index d06e5aaf..5d03b24b 100644 --- a/roles/matrix-bridge-appservice-slack/tasks/init.yml +++ b/roles/matrix-bridge-appservice-slack/tasks/init.yml @@ -85,7 +85,7 @@ msg: >- NOTE: You've enabled the Matrix Slack bridge but are not using the matrix-nginx-proxy reverse proxy. - Please make sure that you're proxying the `{{ something }}` + Please make sure that you're proxying the `{{ matrix_appservice_slack_public_endpoint }}` URL endpoint to the matrix-appservice-slack container. You can expose the container's port using the `matrix_appservice_slack_container_http_host_bind_port` variable. when: "matrix_appservice_slack_enabled | bool and not matrix_nginx_proxy_enabled | default(False) | bool" From c781bdea992435fd9768d5a7458058528b712300 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Mon, 17 Oct 2022 14:24:57 +0000 Subject: [PATCH 433/562] Update Synapse 1.68.0 -> 1.69.0 --- roles/matrix-synapse/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 4b979159..5e5867eb 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -36,7 +36,7 @@ matrix_synapse_container_image_customizations_dockerfile_body_custom: '' matrix_synapse_docker_image: "{{ matrix_synapse_docker_image_name_prefix }}matrixdotorg/synapse:{{ matrix_synapse_docker_image_tag }}" matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_container_image_self_build else matrix_container_global_registry_prefix }}" -matrix_synapse_version: v1.68.0 +matrix_synapse_version: v1.69.0 matrix_synapse_docker_image_tag: "{{ matrix_synapse_version }}" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" From bcba84389d683f9143dbb7c2ccb516e4b68773d6 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 18 Oct 2022 12:43:13 +0000 Subject: [PATCH 434/562] Update grafana 9.2.0 -> 9.2.1 --- roles/matrix-grafana/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index 677435e8..767a749b 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -5,7 +5,7 @@ matrix_grafana_enabled: true -matrix_grafana_version: 9.2.0 +matrix_grafana_version: 9.2.1 matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}" matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}" From 2eef6af23e6a8c4e5a46c9ccf49a12c0e4f24c91 Mon Sep 17 00:00:00 2001 From: David Napier Date: Wed, 19 Oct 2022 10:45:11 -0400 Subject: [PATCH 435/562] Bump postgres version to newly released 15 --- roles/matrix-postgres/defaults/main.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/matrix-postgres/defaults/main.yml b/roles/matrix-postgres/defaults/main.yml index de28d7ad..93de2612 100644 --- a/roles/matrix-postgres/defaults/main.yml +++ b/roles/matrix-postgres/defaults/main.yml @@ -29,7 +29,8 @@ matrix_postgres_docker_image_v11: "{{ matrix_container_global_registry_prefix }} matrix_postgres_docker_image_v12: "{{ matrix_container_global_registry_prefix }}postgres:12.12{{ matrix_postgres_docker_image_suffix }}" matrix_postgres_docker_image_v13: "{{ matrix_container_global_registry_prefix }}postgres:13.8{{ matrix_postgres_docker_image_suffix }}" matrix_postgres_docker_image_v14: "{{ matrix_container_global_registry_prefix }}postgres:14.5{{ matrix_postgres_docker_image_suffix }}" -matrix_postgres_docker_image_latest: "{{ matrix_postgres_docker_image_v14 }}" +matrix_postgres_docker_image_v15: "{{ matrix_container_global_registry_prefix }}postgres:15{{ matrix_postgres_docker_image_suffix }}" +matrix_postgres_docker_image_latest: "{{ matrix_postgres_docker_image_v15 }}" # This variable is assigned at runtime. Overriding its value has no effect. matrix_postgres_docker_image_to_use: '{{ matrix_postgres_docker_image_latest }}' From c4a57428a6bedac73f1f8253ab0c5e4010aa00dc Mon Sep 17 00:00:00 2001 From: array-in-a-matrix Date: Thu, 20 Oct 2022 00:34:30 -0400 Subject: [PATCH 436/562] add if hostname is not availble for SRV record --- docs/configuring-dns.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index 8d31ab3f..ea5fea88 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -45,6 +45,8 @@ If you are using Cloudflare DNS, make sure to disable the proxy and set all reco | [Postmoogle](configuring-playbook-bot-postmoogle.md) email bridge | TXT | `_dmarc.matrix` | - | - | - | `v=DMARC1; p=quarantine;` | | [Postmoogle](configuring-playbook-bot-postmoogle.md) email bridge | TXT | `postmoogle._domainkey.matrix` | - | - | - | get it from `!pm dkim` | +When setting up a SRV record, if you are asked for a service and protocol instead of a hostname split the host value from the table where the period is. For example use service as `_matrix-identity` and protocol as `_tcp`. + ## Subdomains setup As the table above illustrates, you need to create 2 subdomains (`matrix.` and `element.`) and point both of them to your new server's IP address (DNS `A` record or `CNAME` record is fine). From 20db57d288e037bd651d718e945fff96faa33d77 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 17 Oct 2022 17:35:52 +0300 Subject: [PATCH 437/562] Upgrade certbot (v1.30.0 -> v1.31.0) --- roles/matrix-nginx-proxy/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-nginx-proxy/defaults/main.yml b/roles/matrix-nginx-proxy/defaults/main.yml index 7cdc0c92..84ec4f7e 100644 --- a/roles/matrix-nginx-proxy/defaults/main.yml +++ b/roles/matrix-nginx-proxy/defaults/main.yml @@ -547,7 +547,7 @@ matrix_ssl_lets_encrypt_staging: false # Learn more here: https://eff-certbot.readthedocs.io/en/stable/using.html#changing-the-acme-server matrix_ssl_lets_encrypt_server: '' -matrix_ssl_lets_encrypt_certbot_docker_image: "{{ matrix_container_global_registry_prefix }}certbot/certbot:{{ matrix_ssl_architecture }}-v1.30.0" +matrix_ssl_lets_encrypt_certbot_docker_image: "{{ matrix_container_global_registry_prefix }}certbot/certbot:{{ matrix_ssl_architecture }}-v1.31.0" matrix_ssl_lets_encrypt_certbot_docker_image_force_pull: "{{ matrix_ssl_lets_encrypt_certbot_docker_image.endswith(':latest') }}" matrix_ssl_lets_encrypt_certbot_standalone_http_port: 2402 matrix_ssl_lets_encrypt_support_email: ~ From a32eea41fe56bdee721f8062b1199217704b0daa Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 20 Oct 2022 07:43:01 +0300 Subject: [PATCH 438/562] Make roles/matrix-postgres/tasks/detect_existing_postgres_version.yml detect Postgres v14 --- .../tasks/detect_existing_postgres_version.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/roles/matrix-postgres/tasks/detect_existing_postgres_version.yml b/roles/matrix-postgres/tasks/detect_existing_postgres_version.yml index 687d5e3a..1be8291b 100644 --- a/roles/matrix-postgres/tasks/detect_existing_postgres_version.yml +++ b/roles/matrix-postgres/tasks/detect_existing_postgres_version.yml @@ -68,3 +68,8 @@ ansible.builtin.set_fact: matrix_postgres_detected_version_corresponding_docker_image: "{{ matrix_postgres_docker_image_v13 }}" when: "matrix_postgres_detected_version == '13' or matrix_postgres_detected_version.startswith('13.')" + +- name: Determine corresponding Docker image to detected version (use 14.x, if detected) + ansible.builtin.set_fact: + matrix_postgres_detected_version_corresponding_docker_image: "{{ matrix_postgres_docker_image_v14 }}" + when: "matrix_postgres_detected_version == '14' or matrix_postgres_detected_version.startswith('14.')" From 80da7dfb0bc4dbff1b6982d213ca5cbb98ff7f94 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 20 Oct 2022 11:48:56 +0300 Subject: [PATCH 439/562] Update docs/prerequisites.md --- docs/prerequisites.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/prerequisites.md b/docs/prerequisites.md index 1ed4befe..74954648 100644 --- a/docs/prerequisites.md +++ b/docs/prerequisites.md @@ -26,7 +26,7 @@ If your distro runs within an [LXC container](https://linuxcontainers.org/), you - Properly configured DNS records for `` (details in [Configuring DNS](configuring-dns.md)). -- Some TCP/UDP ports open. This playbook configures the server's internal firewall for you. In most cases, you don't need to do anything special. But **if your server is running behind another firewall**, you'd need to open these ports: +- Some TCP/UDP ports open. This playbook (actually [Docker itself](https://docs.docker.com/network/iptables/)) configures the server's internal firewall for you. In most cases, you don't need to do anything special. But **if your server is running behind another firewall**, you'd need to open these ports: - `80/tcp`: HTTP webserver - `443/tcp`: HTTPS webserver From af3a32cf6a7f7c6f73ee6bd85b3fede721b5e70c Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 20 Oct 2022 15:46:02 +0300 Subject: [PATCH 440/562] Fix Jinja2 interpolation for some default variables We're overriding these in the correct way in `group_vars/matrix_servers` so this wasn't causing any problem in practice. --- roles/matrix-postgres/defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-postgres/defaults/main.yml b/roles/matrix-postgres/defaults/main.yml index 93de2612..1b11bad8 100644 --- a/roles/matrix-postgres/defaults/main.yml +++ b/roles/matrix-postgres/defaults/main.yml @@ -68,7 +68,7 @@ matrix_postgres_additional_databases: [] # If a dump file contains the roles and they've also been created beforehand (see `matrix_postgres_additional_databases`), # importing would fail. # We either need to not create them or to ignore the `CREATE ROLE` statements in the dump. -matrix_postgres_import_roles_to_ignore: [matrix_postgres_connection_username] +matrix_postgres_import_roles_to_ignore: "{{ [matrix_postgres_connection_username] }}" # When importing an existing Postgres database (when restoring a backup) or when doing a Postgres upgrade (which dumps & restores), we'd like to avoid: # - creating users (`CREATE ROLE ..`) @@ -85,7 +85,7 @@ matrix_postgres_import_roles_ignore_regex: "^(CREATE|ALTER) ROLE ({{ matrix_post # If a dump file contains the databases and they've also been created beforehand (see `matrix_postgres_additional_databases`), # importing would fail. # We either need to not create them or to ignore the `CREATE DATABASE` statements in the dump. -matrix_postgres_import_databases_to_ignore: [matrix_postgres_db_name] +matrix_postgres_import_databases_to_ignore: "{{ [matrix_postgres_db_name] }}" matrix_postgres_import_databases_ignore_regex: "^CREATE DATABASE ({{ matrix_postgres_import_databases_to_ignore | join('|') }})\\s" # noqa jinja[spacing] From b8097b0bd6f79f9efb66c4df7676129f86e07bd2 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 20 Oct 2022 16:05:55 +0300 Subject: [PATCH 441/562] Add support for binary content to matrix-aux --- roles/matrix-aux/defaults/main.yml | 9 +++++++++ roles/matrix-aux/tasks/setup.yml | 3 ++- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/roles/matrix-aux/defaults/main.yml b/roles/matrix-aux/defaults/main.yml index e4a4e827..4c1f8879 100644 --- a/roles/matrix-aux/defaults/main.yml +++ b/roles/matrix-aux/defaults/main.yml @@ -50,6 +50,9 @@ matrix_aux_file_default_mode: '0640' # then you likely need to add `/matrix/some/path` to `matrix_aux_directory_definitions` as well. # You don't need to do this for directories that the playbook already creates for you. # +# Use a `content` key for text content and `src` with a location to a file for binary content. +# The `content` key does not support binary content (see https://github.com/ansible/ansible/issues/11594). +# # Example: # # matrix_aux_file_definitions: @@ -69,4 +72,10 @@ matrix_aux_file_default_mode: '0640' # mode: '0600' # owner: 'some-user' # group: 'some-group' +# +# - dest: /matrix/aux/binary-file.dat +# src: "/path/to/binary.dat" +# mode: '0600' +# owner: 'some-user' +# group: 'some-group' matrix_aux_file_definitions: [] diff --git a/roles/matrix-aux/tasks/setup.yml b/roles/matrix-aux/tasks/setup.yml index ccb0bdcb..eb0adad4 100644 --- a/roles/matrix-aux/tasks/setup.yml +++ b/roles/matrix-aux/tasks/setup.yml @@ -11,8 +11,9 @@ - name: Ensure AUX files are created ansible.builtin.copy: + src: "{{ item.src if 'src' in item else omit }}" + content: "{{ item.content if 'content' in item else omit }}" dest: "{{ item.dest }}" - content: "{{ item.content }}" owner: "{{ item.owner | default(matrix_user_username) }}" group: "{{ item.group | default(matrix_user_groupname) }}" mode: "{{ item.mode | default(matrix_aux_file_default_mode) }}" From bed9c18ab04156e6e96521a380acc3be0c36e047 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 21 Oct 2022 05:31:52 +0300 Subject: [PATCH 442/562] Pin Postgres version to 15.0 Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2180 Just specifying `15` means we won't automatically re-pull `15.1` when it comes out. --- roles/matrix-postgres/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-postgres/defaults/main.yml b/roles/matrix-postgres/defaults/main.yml index 1b11bad8..6ddbdf9f 100644 --- a/roles/matrix-postgres/defaults/main.yml +++ b/roles/matrix-postgres/defaults/main.yml @@ -29,7 +29,7 @@ matrix_postgres_docker_image_v11: "{{ matrix_container_global_registry_prefix }} matrix_postgres_docker_image_v12: "{{ matrix_container_global_registry_prefix }}postgres:12.12{{ matrix_postgres_docker_image_suffix }}" matrix_postgres_docker_image_v13: "{{ matrix_container_global_registry_prefix }}postgres:13.8{{ matrix_postgres_docker_image_suffix }}" matrix_postgres_docker_image_v14: "{{ matrix_container_global_registry_prefix }}postgres:14.5{{ matrix_postgres_docker_image_suffix }}" -matrix_postgres_docker_image_v15: "{{ matrix_container_global_registry_prefix }}postgres:15{{ matrix_postgres_docker_image_suffix }}" +matrix_postgres_docker_image_v15: "{{ matrix_container_global_registry_prefix }}postgres:15.0{{ matrix_postgres_docker_image_suffix }}" matrix_postgres_docker_image_latest: "{{ matrix_postgres_docker_image_v15 }}" # This variable is assigned at runtime. Overriding its value has no effect. From e37e86eb1cfdabf0bbe7464037060cbb0cacf2dc Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 21 Oct 2022 07:33:10 +0300 Subject: [PATCH 443/562] Fix 'could not save history to file "//.psql_history"' errors --- roles/matrix-postgres/templates/env-postgres-psql.j2 | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/roles/matrix-postgres/templates/env-postgres-psql.j2 b/roles/matrix-postgres/templates/env-postgres-psql.j2 index c61927a3..22058987 100644 --- a/roles/matrix-postgres/templates/env-postgres-psql.j2 +++ b/roles/matrix-postgres/templates/env-postgres-psql.j2 @@ -1,4 +1,8 @@ #jinja2: lstrip_blocks: "True" PGUSER={{ matrix_postgres_connection_username }} PGPASSWORD={{ matrix_postgres_connection_password }} -PGDATABASE={{ matrix_postgres_db_name }} \ No newline at end of file +PGDATABASE={{ matrix_postgres_db_name }} +# Prevent errors like this: +# > could not save history to file "//.psql_history": Permission denied +# .. due to Postgres not being able to write to the filesystem. +PSQL_HISTORY=/dev/null From 0a022db256688a9924d199828f4f555bbb94d168 Mon Sep 17 00:00:00 2001 From: Array in a Matrix Date: Fri, 21 Oct 2022 00:52:48 -0400 Subject: [PATCH 444/562] grammar correction the word "both" would refer to only 2 urls in this context --- docs/configuring-well-known.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-well-known.md b/docs/configuring-well-known.md index 81caf04c..fd548aa6 100644 --- a/docs/configuring-well-known.md +++ b/docs/configuring-well-known.md @@ -192,7 +192,7 @@ Make sure to: ## Confirming it works -No matter which method you've used to set up the well-known files, if you've done it correctly you should be able to see a JSON file at both of these URLs: +No matter which method you've used to set up the well-known files, if you've done it correctly you should be able to see a JSON file at these URLs: - `https:///.well-known/matrix/server` - `https:///.well-known/matrix/client` From 0b44ec19b4e1d39420710f229808f0780c5820d2 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 21 Oct 2022 10:00:49 +0300 Subject: [PATCH 445/562] Do not override matrix_postgres_import_roles_to_ignore/matrix_postgres_import_databases_to_ignore in group_vars These values that we were setting also make sense in the context of the `matrix-postgres` role even when not used within the playbook. --- group_vars/matrix_servers | 14 -------------- roles/matrix-postgres/defaults/main.yml | 14 ++++++++++++-- 2 files changed, 12 insertions(+), 16 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index b055245b..6728eaaa 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -2112,20 +2112,6 @@ matrix_postgres_additional_databases: | }} -matrix_postgres_import_roles_to_ignore: | - {{ - [matrix_postgres_connection_username] - + - matrix_postgres_additional_databases|map(attribute='username') | list - }} - -matrix_postgres_import_databases_to_ignore: | - {{ - [matrix_postgres_db_name] - + - matrix_postgres_additional_databases|map(attribute='name') | list - }} - ###################################################################### # # /matrix-postgres diff --git a/roles/matrix-postgres/defaults/main.yml b/roles/matrix-postgres/defaults/main.yml index 6ddbdf9f..e34b3b60 100644 --- a/roles/matrix-postgres/defaults/main.yml +++ b/roles/matrix-postgres/defaults/main.yml @@ -68,7 +68,12 @@ matrix_postgres_additional_databases: [] # If a dump file contains the roles and they've also been created beforehand (see `matrix_postgres_additional_databases`), # importing would fail. # We either need to not create them or to ignore the `CREATE ROLE` statements in the dump. -matrix_postgres_import_roles_to_ignore: "{{ [matrix_postgres_connection_username] }}" +matrix_postgres_import_roles_to_ignore: | + {{ + [matrix_postgres_connection_username] + + + matrix_postgres_additional_databases|map(attribute='username') | list + }} # When importing an existing Postgres database (when restoring a backup) or when doing a Postgres upgrade (which dumps & restores), we'd like to avoid: # - creating users (`CREATE ROLE ..`) @@ -85,7 +90,12 @@ matrix_postgres_import_roles_ignore_regex: "^(CREATE|ALTER) ROLE ({{ matrix_post # If a dump file contains the databases and they've also been created beforehand (see `matrix_postgres_additional_databases`), # importing would fail. # We either need to not create them or to ignore the `CREATE DATABASE` statements in the dump. -matrix_postgres_import_databases_to_ignore: "{{ [matrix_postgres_db_name] }}" +matrix_postgres_import_databases_to_ignore: | + {{ + [matrix_postgres_db_name] + + + matrix_postgres_additional_databases|map(attribute='name') | list + }} matrix_postgres_import_databases_ignore_regex: "^CREATE DATABASE ({{ matrix_postgres_import_databases_to_ignore | join('|') }})\\s" # noqa jinja[spacing] From ff0fc88faeac6444dcee93241dca23a24356cde1 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 21 Oct 2022 11:25:30 +0300 Subject: [PATCH 446/562] Make Postgres import not break for databases with special names We haven't encountered such a problem yet, but it doesn't hurt to make things more robust. --- roles/matrix-postgres/defaults/main.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/roles/matrix-postgres/defaults/main.yml b/roles/matrix-postgres/defaults/main.yml index e34b3b60..7b0660bb 100644 --- a/roles/matrix-postgres/defaults/main.yml +++ b/roles/matrix-postgres/defaults/main.yml @@ -84,7 +84,9 @@ matrix_postgres_import_roles_to_ignore: | # which is unsupported by default by newer Postgres versions (v14+). # When users are created and passwords are set by the playbook, they end up hashed as `scram-sha-256` on Postgres v14+. # If an md5-hashed password is restored on top, Postgres v14+ will refuse to authenticate users with it by default. -matrix_postgres_import_roles_ignore_regex: "^(CREATE|ALTER) ROLE ({{ matrix_postgres_import_roles_to_ignore | join('|') }})(;| WITH)" # noqa jinja[spacing] +# +# We also allow for the role name to be quoted, which is rare, but might happen for role names which are special keywords (e.g. `default`). +matrix_postgres_import_roles_ignore_regex: "^(CREATE|ALTER) ROLE \\\"?({{ matrix_postgres_import_roles_to_ignore | join('|') }})\\\"?(;| WITH)" # noqa jinja[spacing] # A list of databases to avoid creating when importing (or upgrading) the database. # If a dump file contains the databases and they've also been created beforehand (see `matrix_postgres_additional_databases`), @@ -97,7 +99,8 @@ matrix_postgres_import_databases_to_ignore: | matrix_postgres_additional_databases|map(attribute='name') | list }} -matrix_postgres_import_databases_ignore_regex: "^CREATE DATABASE ({{ matrix_postgres_import_databases_to_ignore | join('|') }})\\s" # noqa jinja[spacing] +# We also allow for the database name to be quoted, which is rare, but might happen for database names which are special keywords (e.g. `default`). +matrix_postgres_import_databases_ignore_regex: "^CREATE DATABASE \\\"?({{ matrix_postgres_import_databases_to_ignore | join('|') }})\\\"?\\s" # noqa jinja[spacing] # The number of seconds to wait after starting `matrix-postgres.service` # and before trying to run queries for creating additional databases/users against it. From 7e8184e210798da376b2fd16baa7c730811dcbb4 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 21 Oct 2022 14:58:21 +0300 Subject: [PATCH 447/562] Do not break the guided installation flow --- docs/configuring-dns.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index ea5fea88..3803ba8f 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -26,6 +26,8 @@ Be mindful as to how long it will take for the DNS records to propagate. If you are using Cloudflare DNS, make sure to disable the proxy and set all records to `DNS only`. Otherwise, fetching certificates will fail. +When you're done configuring DNS, proceed to [Configuring the playbook](configuring-playbook.md). + ## DNS settings for optional services/features | Used by component | Type | Host | Priority | Weight | Port | Target | From 4cf85605a911e998409d9e2a1cb7a94d83854491 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 21 Oct 2022 17:36:24 +0300 Subject: [PATCH 448/562] Upgrade Dendrite (0.10.3 -> 0.10.4) --- roles/matrix-dendrite/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml index 2adf13da..dc0af2dc 100644 --- a/roles/matrix-dendrite/defaults/main.yml +++ b/roles/matrix-dendrite/defaults/main.yml @@ -6,7 +6,7 @@ matrix_dendrite_enabled: true matrix_dendrite_docker_image: "{{ matrix_dendrite_docker_image_name_prefix }}matrixdotorg/dendrite-monolith:{{ matrix_dendrite_docker_image_tag }}" matrix_dendrite_docker_image_name_prefix: "docker.io/" -matrix_dendrite_docker_image_tag: "v0.10.3" +matrix_dendrite_docker_image_tag: "v0.10.4" matrix_dendrite_docker_image_force_pull: "{{ matrix_dendrite_docker_image.endswith(':latest') }}" matrix_dendrite_base_path: "{{ matrix_base_data_path }}/dendrite" From 463596884028dc38099d40155cc4117976bca8d6 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 21 Oct 2022 20:07:29 +0300 Subject: [PATCH 449/562] Upgrade Hookshot (2.3.0 -> 2.4.0) --- roles/matrix-bridge-hookshot/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-hookshot/defaults/main.yml b/roles/matrix-bridge-hookshot/defaults/main.yml index 0854edbf..1c390f34 100644 --- a/roles/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/matrix-bridge-hookshot/defaults/main.yml @@ -10,7 +10,7 @@ matrix_hookshot_container_image_self_build: false matrix_hookshot_container_image_self_build_repo: "https://github.com/matrix-org/matrix-hookshot.git" matrix_hookshot_container_image_self_build_branch: "{{ 'main' if matrix_hookshot_version == 'latest' else matrix_hookshot_version }}" -matrix_hookshot_version: 2.3.0 +matrix_hookshot_version: 2.4.0 matrix_hookshot_docker_image: "{{ matrix_hookshot_docker_image_name_prefix }}halfshot/matrix-hookshot:{{ matrix_hookshot_version }}" matrix_hookshot_docker_image_name_prefix: "{{ 'localhost/' if matrix_hookshot_container_image_self_build else matrix_container_global_registry_prefix }}" From 7d043489bdc5533b188fe891692d1d85ec13ed93 Mon Sep 17 00:00:00 2001 From: smargold476 <105579587+smargold476@users.noreply.github.com> Date: Fri, 21 Oct 2022 21:51:54 +0200 Subject: [PATCH 450/562] update remote-repo-infos with link to doc was a litte confusing for me, so i added the link to the syntax-descr. --- docs/configuring-playbook-backup-borg.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-backup-borg.md b/docs/configuring-playbook-backup-borg.md index 41ca0156..72ec9e67 100644 --- a/docs/configuring-playbook-backup-borg.md +++ b/docs/configuring-playbook-backup-borg.md @@ -56,7 +56,7 @@ where: * USER - SSH user of a provider/server * HOST - SSH host of a provider/server -* REPO - borg repository name, it will be initialized on backup start, eg: `matrix` +* REPO - borg repository name, it will be initialized on backup start, eg: `matrix`, regarding Syntax see [Remote repositories](https://borgbackup.readthedocs.io/en/stable/usage/general.html#repository-urls) * PASSPHRASE - passphrase used for encrypting backups, you may generate it with `pwgen -s 64 1` or use any password manager * PRIVATE KEY - the content of the **private** part of the SSH key you created before. The whole key (all of its belonging lines) under `matrix_backup_borg_ssh_key_private` needs to be indented with 2 spaces From ac8312d95f58d573488ef49907830cbdf876a62b Mon Sep 17 00:00:00 2001 From: smargold476 <105579587+smargold476@users.noreply.github.com> Date: Fri, 21 Oct 2022 22:19:03 +0200 Subject: [PATCH 451/562] update link to example in my environment i see the matrix. conf in that file: /matrix/nginx-proxy/conf.d/matrix-domain.conf --- docs/configuring-playbook-ssl-certificates.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-ssl-certificates.md b/docs/configuring-playbook-ssl-certificates.md index 30a8f0b8..606160da 100644 --- a/docs/configuring-playbook-ssl-certificates.md +++ b/docs/configuring-playbook-ssl-certificates.md @@ -99,7 +99,7 @@ The certificate files would be made available in `/matrix/ssl/config/live/ Date: Sat, 22 Oct 2022 08:45:27 +0300 Subject: [PATCH 452/562] Make ntfy not try to listen on a privileged port We're starting it with `--user` and dropped capabilities, after all. Hopefully fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2188 --- roles/matrix-ntfy/templates/ntfy/server.yml.j2 | 1 + roles/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/matrix-ntfy/templates/ntfy/server.yml.j2 b/roles/matrix-ntfy/templates/ntfy/server.yml.j2 index 4cafcd62..096991a7 100644 --- a/roles/matrix-ntfy/templates/ntfy/server.yml.j2 +++ b/roles/matrix-ntfy/templates/ntfy/server.yml.j2 @@ -1,3 +1,4 @@ base_url: {{ matrix_ntfy_base_url }} behind_proxy: true cache_file: /data/cache.db +listen-http: :8080 diff --git a/roles/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 b/roles/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 index da292e5c..f4159856 100644 --- a/roles/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 +++ b/roles/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 @@ -21,7 +21,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-ntfy \ {% endfor %} --network={{ matrix_docker_network }} \ {% if matrix_ntfy_container_http_host_bind_port %} - -p {{ matrix_ntfy_container_http_host_bind_port }}:80 \ + -p {{ matrix_ntfy_container_http_host_bind_port }}:8080 \ {% endif %} --mount type=bind,src={{ matrix_ntfy_config_dir_path }},dst=/etc/ntfy,ro \ --mount type=bind,src={{ matrix_ntfy_data_path }},dst=/data \ From 3bd0af76ddec6004e9e794fd821e0809123cc4a5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sat, 22 Oct 2022 07:47:00 +0200 Subject: [PATCH 453/562] Add information on how to manually run the backup MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Julian-Samuel Gebühr --- docs/configuring-playbook-backup-borg.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/docs/configuring-playbook-backup-borg.md b/docs/configuring-playbook-backup-borg.md index 41ca0156..0fda66da 100644 --- a/docs/configuring-playbook-backup-borg.md +++ b/docs/configuring-playbook-backup-borg.md @@ -73,3 +73,9 @@ After configuring the playbook, run the [installation](installing.md) command ag ``` ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start ``` + +## Manually start a backup + +For testing your setup it can be helpful to not wait until 4am. If you want to run the backup immediately, log onto the server +and run `systemctl start matrix-backup-borg`. This will not return until the backup is done, so possibly a long time. +Consider using [tmux](https://en.wikipedia.org/wiki/Tmux) if your SSH connection is unstable. From 9fd3e00b71fdd450bf0643b30179f880e63d175c Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sun, 23 Oct 2022 07:45:54 +0300 Subject: [PATCH 454/562] Upgrade nginx (1.23.1 -> 1.23.2) --- roles/matrix-nginx-proxy/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-nginx-proxy/defaults/main.yml b/roles/matrix-nginx-proxy/defaults/main.yml index 84ec4f7e..efef89af 100644 --- a/roles/matrix-nginx-proxy/defaults/main.yml +++ b/roles/matrix-nginx-proxy/defaults/main.yml @@ -1,7 +1,7 @@ --- # Project source code URL: https://github.com/nginx/nginx matrix_nginx_proxy_enabled: true -matrix_nginx_proxy_version: 1.23.1-alpine +matrix_nginx_proxy_version: 1.23.2-alpine # We use an official nginx image, which we fix-up to run unprivileged. # An alternative would be an `nginxinc/nginx-unprivileged` image, but From 716efe7ad5923cdbdc7721fc58f0db38f588a391 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sun, 23 Oct 2022 09:52:02 +0300 Subject: [PATCH 455/562] Upgrade ddclient (v3.9.1-ls100 -> v3.10.0-ls102) --- roles/matrix-dynamic-dns/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dynamic-dns/defaults/main.yml b/roles/matrix-dynamic-dns/defaults/main.yml index c465fef9..af4d9592 100644 --- a/roles/matrix-dynamic-dns/defaults/main.yml +++ b/roles/matrix-dynamic-dns/defaults/main.yml @@ -7,7 +7,7 @@ matrix_dynamic_dns_enabled: true # The dynamic dns daemon interval matrix_dynamic_dns_daemon_interval: '300' -matrix_dynamic_dns_version: v3.9.1-ls100 +matrix_dynamic_dns_version: v3.10.0-ls102 # The docker container to use when in mode matrix_dynamic_dns_docker_image: "{{ matrix_dynamic_dns_docker_image_name_prefix }}linuxserver/ddclient:{{ matrix_dynamic_dns_version }}" From d44b0378505ac5df4b9f6cafb93f46248234a5c4 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sun, 23 Oct 2022 18:45:22 +0300 Subject: [PATCH 456/562] fgrep -> grep -F --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index f0aeb397..576dcbf5 100644 --- a/Makefile +++ b/Makefile @@ -1,7 +1,7 @@ .PHONY: lint help: ## Show this help. - @fgrep -h "##" $(MAKEFILE_LIST) | fgrep -v fgrep | sed -e 's/\\$$//' | sed -e 's/##//' + @grep -F -h "##" $(MAKEFILE_LIST) | grep -v grep | sed -e 's/\\$$//' | sed -e 's/##//' lint: ## Runs ansible-lint against all roles in the playbook ansible-lint From 24409766eb5cfeadc1f668e077532f0b8b78091d Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Mon, 24 Oct 2022 05:42:18 +0000 Subject: [PATCH 457/562] Fix 502 ref: 57bb340343c692c9439c863cd1d13c54cecb87b8 --- .../templates/nginx/conf.d/matrix-ntfy.conf.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-ntfy.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-ntfy.conf.j2 index 988b3b35..ae100eda 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-ntfy.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-ntfy.conf.j2 @@ -21,7 +21,7 @@ {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} resolver 127.0.0.11 valid=5s; - set $backend "matrix-ntfy:80"; + set $backend "matrix-ntfy:8080"; proxy_pass http://$backend; {% else %} {# Generic configuration for use outside of our container setup #} From 9c549a185f6b035cb2979d0c41f9d7e2858037fc Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 25 Oct 2022 06:28:24 +0300 Subject: [PATCH 458/562] Auto-purge orphaned Let's Encrypt renewal configuration files --- roles/matrix-nginx-proxy/defaults/main.yml | 14 ++++++++++ ...urge_ssl_lets_encrypt_orphaned_configs.yml | 27 +++++++++++++++++++ .../tasks/ssl/setup_ssl_lets_encrypt.yml | 3 +++ 3 files changed, 44 insertions(+) create mode 100644 roles/matrix-nginx-proxy/tasks/ssl/purge_ssl_lets_encrypt_orphaned_configs.yml diff --git a/roles/matrix-nginx-proxy/defaults/main.yml b/roles/matrix-nginx-proxy/defaults/main.yml index efef89af..c233dc43 100644 --- a/roles/matrix-nginx-proxy/defaults/main.yml +++ b/roles/matrix-nginx-proxy/defaults/main.yml @@ -572,6 +572,20 @@ matrix_ssl_log_dir_path: "{{ matrix_ssl_base_path }}/log" matrix_ssl_pre_obtaining_required_service_name: ~ matrix_ssl_pre_obtaining_required_service_start_wait_time_seconds: 60 +# matrix_ssl_orphaned_renewal_configs_purging_enabled controls whether the playbook will delete Let's Encryption renewal configuration files (`/matrix/ssl/config/renewal/*.conf) +# for domains that are not part of the `matrix_ssl_domains_to_obtain_certificates_for` list. +# +# As the `matrix_ssl_domains_to_obtain_certificates_for` list changes over time, the playbook obtains certificates for various domains +# and sets up "renewal" configuration files to keep these certificates fresh. +# When a domain disappears from the `matrix_ssl_domains_to_obtain_certificates_for` list (because its associated service had gotten disabled), +# the certificate files and renewal configuration still remain in the filesystem and certbot may try to renewal the certificate for this domain. +# If there's no DNS record for this domain or it doesn't point to this server anymore, the `matrix-ssl-lets-encrypt-certificates-renew.service` systemd service +# won't be able to renew the certificate and will generate an error. +# +# With `matrix_ssl_orphaned_renewal_configs_purging_enabled` enabled, orphaned renewal configurations will be purged on each playbook run. +# Some other leftover files will still remain, but we don't bother purging them because they don't cause troubles. +matrix_ssl_orphaned_renewal_configs_purging_enabled: true + # Nginx Optimize SSL Session # # ssl_session_cache: diff --git a/roles/matrix-nginx-proxy/tasks/ssl/purge_ssl_lets_encrypt_orphaned_configs.yml b/roles/matrix-nginx-proxy/tasks/ssl/purge_ssl_lets_encrypt_orphaned_configs.yml new file mode 100644 index 00000000..51fd1f31 --- /dev/null +++ b/roles/matrix-nginx-proxy/tasks/ssl/purge_ssl_lets_encrypt_orphaned_configs.yml @@ -0,0 +1,27 @@ +--- + +- name: Check if a Let's Encrypt renewal configuration directory exists + ansible.builtin.stat: + path: "{{ matrix_ssl_config_dir_path }}/renewal" + register: matrix_ssl_config_renewal_directory_stat_result + +- when: matrix_ssl_config_renewal_directory_stat_result.stat.exists | bool + block: + - name: Determine current Let's Encrypt renewal configs + ansible.builtin.find: + path: "{{ matrix_ssl_config_dir_path }}/renewal" + patterns: ".*.conf$" + use_regex: true + register: matrix_ssl_current_renewal_config_files + + - name: Determine unnecessary Let's Encrypt renewal configs + ansible.builtin.set_fact: + matrix_ssl_current_renewal_config_files_to_purge: "{{ matrix_ssl_current_renewal_config_files_to_purge | default([]) + [item.path] }}" + with_items: "{{ matrix_ssl_current_renewal_config_files.files }}" + when: "item.path | basename | replace('.conf', '') not in matrix_ssl_domains_to_obtain_certificates_for" + + - name: Purge unneceessary Let's Encrypt renewal config files + ansible.builtin.file: + path: "{{ item }}" + state: absent + with_items: "{{ matrix_ssl_current_renewal_config_files_to_purge | default([]) }}" diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml index 029ef860..62430f4b 100644 --- a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml +++ b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml @@ -18,6 +18,9 @@ - when: "matrix_ssl_retrieval_method == 'lets-encrypt'" block: + - when: matrix_ssl_orphaned_renewal_configs_purging_enabled | bool + ansible.builtin.import_tasks: "{{ role_path }}/tasks/ssl/purge_ssl_lets_encrypt_orphaned_configs.yml" + - name: Ensure certbot Docker image is pulled docker_image: name: "{{ matrix_ssl_lets_encrypt_certbot_docker_image }}" From cb2fecbea96ead3e9003c22bcabda00e20dd3b01 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 25 Oct 2022 06:43:57 +0300 Subject: [PATCH 459/562] Fix some ansible-lint-reported warnings --- roles/matrix-base/tasks/server_base/setup.yml | 3 ++- .../tasks/validate_config.yml | 3 ++- roles/matrix-ldap-registration-proxy/tasks/init.yml | 9 ++++----- roles/matrix-postgres/tasks/import_generic_sqlite_db.yml | 3 ++- roles/matrix-postgres/tasks/run_vacuum.yml | 3 ++- .../tasks/rust-synapse-compress-state/compress_room.yml | 3 ++- .../tasks/rust-synapse-compress-state/main.yml | 3 ++- 7 files changed, 16 insertions(+), 11 deletions(-) diff --git a/roles/matrix-base/tasks/server_base/setup.yml b/roles/matrix-base/tasks/server_base/setup.yml index 8cc4dff4..9e3319f5 100644 --- a/roles/matrix-base/tasks/server_base/setup.yml +++ b/roles/matrix-base/tasks/server_base/setup.yml @@ -21,7 +21,8 @@ register: lsb_release_installation_result - name: Reread ansible_lsb facts if lsb-release got installed - ansible.builtin.setup: filter=ansible_lsb* + ansible.builtin.setup: + filter: ansible_lsb* when: lsb_release_installation_result.changed - ansible.builtin.include_tasks: "{{ role_path }}/tasks/server_base/setup_debian.yml" diff --git a/roles/matrix-bridge-appservice-discord/tasks/validate_config.yml b/roles/matrix-bridge-appservice-discord/tasks/validate_config.yml index 901b760b..e005f162 100644 --- a/roles/matrix-bridge-appservice-discord/tasks/validate_config.yml +++ b/roles/matrix-bridge-appservice-discord/tasks/validate_config.yml @@ -22,5 +22,6 @@ - {'old': 'matrix_appservice_discord_container_expose_client_server_api_port', 'new': ''} - name: Require a valid database engine - ansible.builtin.fail: msg="`matrix_appservice_discord_database_engine` needs to be either 'sqlite' or 'postgres'" + ansible.builtin.fail: + msg: "`matrix_appservice_discord_database_engine` needs to be either 'sqlite' or 'postgres'" when: "matrix_appservice_discord_database_engine not in ['sqlite', 'postgres']" diff --git a/roles/matrix-ldap-registration-proxy/tasks/init.yml b/roles/matrix-ldap-registration-proxy/tasks/init.yml index 0b2051c3..40623609 100644 --- a/roles/matrix-ldap-registration-proxy/tasks/init.yml +++ b/roles/matrix-ldap-registration-proxy/tasks/init.yml @@ -10,7 +10,10 @@ matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-ldap-registration-proxy.service'] }}" when: matrix_ldap_registration_proxy_enabled | bool -- block: +- when: matrix_ldap_registration_proxy_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -52,7 +55,3 @@ URL endpoint to the matrix-ldap-proxy container. You can expose the container's port using the `matrix_ldap_registration_proxy_container_http_host_bind_port` variable. when: "not matrix_nginx_proxy_enabled | default(False) | bool" - - tags: - - always - when: matrix_ldap_registration_proxy_enabled | bool diff --git a/roles/matrix-postgres/tasks/import_generic_sqlite_db.yml b/roles/matrix-postgres/tasks/import_generic_sqlite_db.yml index 897ebc2e..4a515c27 100644 --- a/roles/matrix-postgres/tasks/import_generic_sqlite_db.yml +++ b/roles/matrix-postgres/tasks/import_generic_sqlite_db.yml @@ -28,7 +28,8 @@ - when: 'postgres_connection_string_variable_name is defined' block: - name: Fail if postgres_connection_string_variable_name points to an undefined variable - ansible.builtin.fail: msg="postgres_connection_string_variable_name is defined, but there is no variable with the name `{{ postgres_connection_string_variable_name }}`" + ansible.builtin.fail: + msg: "postgres_connection_string_variable_name is defined, but there is no variable with the name `{{ postgres_connection_string_variable_name }}`" when: "postgres_connection_string_variable_name not in vars" - name: Get Postgres connection string from variable diff --git a/roles/matrix-postgres/tasks/run_vacuum.yml b/roles/matrix-postgres/tasks/run_vacuum.yml index aafa761d..43959982 100644 --- a/roles/matrix-postgres/tasks/run_vacuum.yml +++ b/roles/matrix-postgres/tasks/run_vacuum.yml @@ -82,7 +82,8 @@ changed_when: matrix_postgres_synapse_vacuum_result.finished and matrix_postgres_synapse_vacuum_result.rc == 0 # Intentionally show the results -- ansible.builtin.debug: var="matrix_postgres_synapse_vacuum_result" +- ansible.builtin.debug: + var: "matrix_postgres_synapse_vacuum_result" - name: Ensure matrix-synapse is started, if it previously was ansible.builtin.service: diff --git a/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml b/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml index 6ae016fc..9834e256 100644 --- a/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml +++ b/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml @@ -24,7 +24,8 @@ failed_when: not matrix_synapse_rust_synapse_compress_state_compress_room_command_result.finished changed_when: matrix_synapse_rust_synapse_compress_state_compress_room_command_result.finished and matrix_synapse_rust_synapse_compress_state_compress_room_command_result.rc == 0 -- ansible.builtin.debug: var="matrix_synapse_rust_synapse_compress_state_compress_room_command_result" +- ansible.builtin.debug: + var: "matrix_synapse_rust_synapse_compress_state_compress_room_command_result" - name: Generate Postgres compression SQL import command ansible.builtin.set_fact: diff --git a/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml b/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml index b48e6077..80c25f7f 100644 --- a/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml +++ b/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml @@ -88,7 +88,8 @@ - when: "matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.failed or matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.stdout_lines | length != 4" block: - - ansible.builtin.debug: var="matrix_synapse_rust_synapse_compress_state_find_rooms_command_result" + - ansible.builtin.debug: + var: "matrix_synapse_rust_synapse_compress_state_find_rooms_command_result" - name: Fail if room find result is not what we expect ansible.builtin.fail: From fd7e1604a5880242b67d92fa1d8df4180fc53c6f Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 25 Oct 2022 09:16:24 +0000 Subject: [PATCH 460/562] Update appservice-irc 0.35.1 -> 0.36.0 --- roles/matrix-bridge-appservice-irc/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-appservice-irc/defaults/main.yml b/roles/matrix-bridge-appservice-irc/defaults/main.yml index c4fa75fe..d54a7685 100644 --- a/roles/matrix-bridge-appservice-irc/defaults/main.yml +++ b/roles/matrix-bridge-appservice-irc/defaults/main.yml @@ -11,7 +11,7 @@ matrix_appservice_irc_docker_src_files_path: "{{ matrix_base_data_path }}/appser # matrix_appservice_irc_version used to contain the full Docker image tag (e.g. `release-X.X.X`). # It's a bare version number now. We try to somewhat retain compatibility below. -matrix_appservice_irc_version: 0.35.1 +matrix_appservice_irc_version: 0.36.0 matrix_appservice_irc_docker_image: "{{ matrix_container_global_registry_prefix }}matrixdotorg/matrix-appservice-irc:{{ matrix_appservice_irc_docker_image_tag }}" matrix_appservice_irc_docker_image_tag: "{{ 'latest' if matrix_appservice_irc_version == 'latest' else ('release-' + matrix_appservice_irc_version) }}" matrix_appservice_irc_docker_image_force_pull: "{{ matrix_appservice_irc_docker_image.endswith(':latest') }}" From 81d8785811bd3aca8a6334910e2143edda8a3dda Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 25 Oct 2022 13:03:50 +0000 Subject: [PATCH 461/562] Update grafana 9.2.1 -> 9.2.2 --- roles/matrix-grafana/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index 767a749b..5bccb60d 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -5,7 +5,7 @@ matrix_grafana_enabled: true -matrix_grafana_version: 9.2.1 +matrix_grafana_version: 9.2.2 matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}" matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}" From 145a57a7b8ad1d01a3a05c28abe6586078611418 Mon Sep 17 00:00:00 2001 From: Aine Date: Tue, 25 Oct 2022 18:25:07 +0300 Subject: [PATCH 462/562] update honoroit 0.9.15 -> 0.9.16 --- group_vars/matrix_servers | 2 +- roles/matrix-bot-honoroit/defaults/main.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 6728eaaa..e31e0dba 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1163,7 +1163,7 @@ matrix_bot_honoroit_systemd_required_services_list: | # Postgres is the default, except if not using `matrix_postgres` (internal postgres) matrix_bot_honoroit_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" matrix_bot_honoroit_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'honoroit.bot.db') | to_uuid }}" -matrix_bot_honoroit_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm32', 'arm64'] }}" +matrix_bot_honoroit_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}" ###################################################################### # diff --git a/roles/matrix-bot-honoroit/defaults/main.yml b/roles/matrix-bot-honoroit/defaults/main.yml index 68fb8c17..3510f473 100644 --- a/roles/matrix-bot-honoroit/defaults/main.yml +++ b/roles/matrix-bot-honoroit/defaults/main.yml @@ -9,7 +9,7 @@ matrix_bot_honoroit_docker_repo: "https://gitlab.com/etke.cc/honoroit.git" matrix_bot_honoroit_docker_repo_version: "{{ matrix_bot_honoroit_version }}" matrix_bot_honoroit_docker_src_files_path: "{{ matrix_base_data_path }}/honoroit/docker-src" -matrix_bot_honoroit_version: v0.9.15 +matrix_bot_honoroit_version: v0.9.16 matrix_bot_honoroit_docker_image: "{{ matrix_bot_honoroit_docker_image_name_prefix }}honoroit:{{ matrix_bot_honoroit_version }}" matrix_bot_honoroit_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_honoroit_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" matrix_bot_honoroit_docker_image_force_pull: "{{ matrix_bot_honoroit_docker_image.endswith(':latest') }}" From a22d5b1726a207f6349e47890684759a14e1e697 Mon Sep 17 00:00:00 2001 From: Aine Date: Tue, 25 Oct 2022 18:26:57 +0300 Subject: [PATCH 463/562] update postmoogle 0.9.7 -> 0.9.8 --- group_vars/matrix_servers | 2 +- roles/matrix-bot-postmoogle/defaults/main.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 6728eaaa..354b6691 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1227,7 +1227,7 @@ matrix_bot_postmoogle_systemd_required_services_list: | matrix_bot_postmoogle_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" matrix_bot_postmoogle_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'postmoogle.db') | to_uuid }}" -matrix_bot_postmoogle_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm32', 'arm64'] }}" +matrix_bot_postmoogle_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}" ###################################################################### # diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index 1bcd570a..af6c23ac 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -9,7 +9,7 @@ matrix_bot_postmoogle_docker_repo: "https://gitlab.com/etke.cc/postmoogle.git" matrix_bot_postmoogle_docker_repo_version: "{{ 'main' if matrix_bot_postmoogle_version == 'latest' else matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_src_files_path: "{{ matrix_base_data_path }}/postmoogle/docker-src" -matrix_bot_postmoogle_version: v0.9.7 +matrix_bot_postmoogle_version: v0.9.8 matrix_bot_postmoogle_docker_image: "{{ matrix_bot_postmoogle_docker_image_name_prefix }}postmoogle:{{ matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_postmoogle_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" matrix_bot_postmoogle_docker_image_force_pull: "{{ matrix_bot_postmoogle_docker_image.endswith(':latest') }}" From 12fe1f417c2816939755bfc5e1e61a376b59ea90 Mon Sep 17 00:00:00 2001 From: Aine Date: Tue, 25 Oct 2022 18:39:39 +0300 Subject: [PATCH 464/562] update buscarron 1.2.1 -> 1.3.0 --- docs/configuring-playbook-bot-buscarron.md | 4 +-- group_vars/matrix_servers | 2 +- roles/matrix-bot-buscarron/defaults/main.yml | 32 ++++++++++++++------ roles/matrix-bot-buscarron/templates/env.j2 | 6 +++- 4 files changed, 30 insertions(+), 14 deletions(-) diff --git a/docs/configuring-playbook-bot-buscarron.md b/docs/configuring-playbook-bot-buscarron.md index 3a5822ab..b38f25c6 100644 --- a/docs/configuring-playbook-bot-buscarron.md +++ b/docs/configuring-playbook-bot-buscarron.md @@ -36,10 +36,10 @@ matrix_bot_buscarron_forms: room: "!yourRoomID:DOMAIN" # (mandatory) Room ID where form submission will be posted redirect: https://DOMAIN # (mandatory) To what page user will be redirected after the form submission ratelimit: 1r/m # (optional) rate limit of the form, format: r/, eg: 1r/s or 54r/m + hasemail: 1 # (optional) form has "email" field that should be validated extensions: [] # (optional) list of form extensions (not used yet) -matrix_bot_buscarron_spam_hosts: [] # (optional) list of email domains/hosts that should be rejected automatically -matrix_bot_buscarron_spam_emails: [] # (optional) list of email addresses that should be rejected automatically +matrix_bot_buscarron_spamlist: [] # (optional) list of emails/domains/hosts (with wildcards support) that should be rejected automatically ``` You will also need to add a DNS record so that buscarron can be accessed. diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 6728eaaa..5d463da2 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1194,7 +1194,7 @@ matrix_bot_buscarron_systemd_required_services_list: | # Postgres is the default, except if not using `matrix_postgres` (internal postgres) matrix_bot_buscarron_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" matrix_bot_buscarron_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'buscarron.bot.db') | to_uuid }}" -matrix_bot_buscarron_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm32', 'arm64'] }}" +matrix_bot_buscarron_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}" ###################################################################### # diff --git a/roles/matrix-bot-buscarron/defaults/main.yml b/roles/matrix-bot-buscarron/defaults/main.yml index 648d5344..21d9a4a3 100644 --- a/roles/matrix-bot-buscarron/defaults/main.yml +++ b/roles/matrix-bot-buscarron/defaults/main.yml @@ -9,7 +9,7 @@ matrix_bot_buscarron_docker_repo: "https://gitlab.com/etke.cc/buscarron.git" matrix_bot_buscarron_docker_repo_version: "{{ matrix_bot_buscarron_version }}" matrix_bot_buscarron_docker_src_files_path: "{{ matrix_base_data_path }}/buscarron/docker-src" -matrix_bot_buscarron_version: v1.2.1 +matrix_bot_buscarron_version: v1.3.0 matrix_bot_buscarron_docker_image: "{{ matrix_bot_buscarron_docker_image_name_prefix }}buscarron:{{ matrix_bot_buscarron_version }}" matrix_bot_buscarron_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_buscarron_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" matrix_bot_buscarron_docker_image_force_pull: "{{ matrix_bot_buscarron_docker_image.endswith(':latest') }}" @@ -78,37 +78,49 @@ matrix_bot_buscarron_homeserver: "{{ matrix_homeserver_container_url }}" matrix_bot_buscarron_forms: [] # Disable encryption -matrix_bot_buscarron_noencryption: +matrix_bot_buscarron_noencryption: false # Sentry DSN -matrix_bot_buscarron_sentry: +matrix_bot_buscarron_sentry: '' # Log level matrix_bot_buscarron_loglevel: INFO -# spam hosts/domains +# list of spammers with wildcards support, eg: *@spam.com spam@*, spam@spam.com +matrix_bot_buscarron_spamlist: [] + +# spam hosts/domains. +# deprecated, use matrix_bot_buscarron_spamlist matrix_bot_buscarron_spam_hosts: [] # spam email addresses +# deprecated, use matrix_bot_buscarron_spamlist matrix_bot_buscarron_spam_emails: [] # spam email localparts +# deprecated, use matrix_bot_buscarron_spamlist matrix_bot_buscarron_spam_localparts: [] -# Ban duration in hours -matrix_bot_buscarron_ban_duration: 24 - # Banlist size matrix_bot_buscarron_ban_size: 10000 +# Permanent banlist +matrix_bot_buscarron_ban_list: [] + # Postmark token (confirmation emails) -matrix_bot_buscarron_pm_token: +matrix_bot_buscarron_pm_token: '' # Postmark sender signature -matrix_bot_buscarron_pm_from: +matrix_bot_buscarron_pm_from: '' # Postmark confirmation email's reply-to -matrix_bot_buscarron_pm_replyto: +matrix_bot_buscarron_pm_replyto: '' + +# email address (from) for SMTP validation. Must be valid email on valid SMTP server, otherwise it will be rejected by other servers +matrix_bot_buscarron_smtp_from: '' + +# enforce SMTP validation +matrix_bot_buscarron_smtp_validation: false # Additional environment variables to pass to the buscarron container # diff --git a/roles/matrix-bot-buscarron/templates/env.j2 b/roles/matrix-bot-buscarron/templates/env.j2 index 42da0d34..90ae5f7e 100644 --- a/roles/matrix-bot-buscarron/templates/env.j2 +++ b/roles/matrix-bot-buscarron/templates/env.j2 @@ -3,22 +3,26 @@ BUSCARRON_PASSWORD={{ matrix_bot_buscarron_password }} BUSCARRON_HOMESERVER={{ matrix_bot_buscarron_homeserver }} BUSCARRON_DB_DSN={{ matrix_bot_buscarron_database_connection_string }} BUSCARRON_DB_DIALECT={{ matrix_bot_buscarron_database_dialect }} +BUSCARRON_SPAMLIST={{ matrix_bot_buscarron_spamlist|join(" ") }} BUSCARRON_SPAM_HOSTS={{ matrix_bot_buscarron_spam_hosts|join(" ") }} BUSCARRON_SPAM_EMAILS={{ matrix_bot_buscarron_spam_emails|join(" ") }} BUSCARRON_SPAM_LOCALPARTS={{ matrix_bot_buscarron_spam_localparts|join(" ") }} BUSCARRON_SENTRY={{ matrix_bot_buscarron_sentry }} BUSCARRON_LOGLEVEL={{ matrix_bot_buscarron_loglevel }} -BUSCARRON_BAN_DURATION={{ matrix_bot_buscarron_ban_duration }} BUSCARRON_BAN_SIZE={{ matrix_bot_buscarron_ban_size }} +BUSCARRON_BAN_LIST={{ matrix_bot_buscarron_ban_list }} BUSCARRON_PM_TOKEN={{ matrix_bot_buscarron_pm_token }} BUSCARRON_PM_FROM={{ matrix_bot_buscarron_pm_from }} BUSCARRON_PM_REPLYTO={{ matrix_bot_buscarron_pm_replyto }} +BUSCARRON_SMTP_FROM={{ matrix_bot_buscarron_smtp_from }} +BUSCARRON_SMTP_VALIDATION={{ matrix_bot_buscarron_smtp_validation }} BUSCARRON_NOENCRYPTION={{ matrix_bot_buscarron_noencryption }} {% set forms = [] %} {% for form in matrix_bot_buscarron_forms -%}{{- forms.append(form.name) -}} BUSCARRON_{{ form.name|upper }}_ROOM={{ form.room|default('') }} BUSCARRON_{{ form.name|upper }}_REDIRECT={{ form.redirect|default('') }} BUSCARRON_{{ form.name|upper }}_HASDOMAIN={{ form.hasdomain|default('') }} +BUSCARRON_{{ form.name|upper }}_HASEMAIL={{ form.hasemail|default('') }} BUSCARRON_{{ form.name|upper }}_RATELIMIT={{ form.ratelimit|default('') }} BUSCARRON_{{ form.name|upper }}_EXTENSIONS={{ form.extensions|default('')|join(' ') }} BUSCARRON_{{ form.name|upper }}_CONFIRMATION_SUBJECT={{ form.confirmation_subject|default('') }} From 437d177d3133827379d303bba452480bd30d3ab9 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 25 Oct 2022 18:17:47 +0000 Subject: [PATCH 465/562] update element v1.11.10 -> v1.11.11 --- roles/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index c8e476a1..7204aa10 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -10,7 +10,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/vecto # - https://github.com/vector-im/element-web/issues/19544 matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" -matrix_client_element_version: v1.11.10 +matrix_client_element_version: v1.11.11 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" From 9a439f91ae5b412756c51bb3dbf55643cd8127a9 Mon Sep 17 00:00:00 2001 From: Array in a Matrix Date: Wed, 26 Oct 2022 12:58:09 -0400 Subject: [PATCH 466/562] update way to login to discord --- docs/configuring-playbook-bridge-mautrix-discord.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-bridge-mautrix-discord.md b/docs/configuring-playbook-bridge-mautrix-discord.md index 9fbf1424..065609b2 100644 --- a/docs/configuring-playbook-bridge-mautrix-discord.md +++ b/docs/configuring-playbook-bridge-mautrix-discord.md @@ -12,7 +12,7 @@ See the project's [documentation](https://docs.mau.fi/bridges/go/discord/index.h ## Prerequisites -For using this bridge, you would **need to authenticate by scanning a QR code with the Discord app on your phone**. +For using this bridge, you would need to authenticate by **scanning a QR code** with the Discord app on your phone **or** by using **discord account token**. You can delete the Discord app after the authentication process. @@ -70,7 +70,7 @@ When using this method, **each user** that wishes to enable Double Puppeting nee ## Usage 1. Start a chat with `@discordbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). -2. Send a `login` command +2. If you would like to login to Discord using a token, send `login-token` command, otherwise, send `login-qr` command. 3. You'll see a QR code which you need to scan with the Discord app on your phone. You can scan it with the camera app too, which will open Discord, which will then instruct you to scan it a 2nd time in the Discord app. 4. After confirming (in the Discord app) that you'd like to allow this login, the bot should respond with "Succcessfully authenticated as ..." 5. Now that you're logged in, you can send a `help` command to the bot again, to see additional commands you have access to From 170960be1aafcdf2b094322f8c9f268b744a29bf Mon Sep 17 00:00:00 2001 From: Joe Kappus Date: Wed, 26 Oct 2022 18:47:09 -0400 Subject: [PATCH 467/562] update element v1.11.11 -> v1.11.12 fixes jitsi issue --- roles/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index 7204aa10..2d5c99d2 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -10,7 +10,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/vecto # - https://github.com/vector-im/element-web/issues/19544 matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" -matrix_client_element_version: v1.11.11 +matrix_client_element_version: v1.11.12 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" From e5e5ee4f7237c8047abfe85fc2aa0e25eb38edb2 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 27 Oct 2022 06:45:37 +0300 Subject: [PATCH 468/562] Use fixed image tags for prodrigestivill/postgres-backup-local At some point, we can drop v9.6 support and use a single variable that holds this value. Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2191 --- roles/matrix-postgres-backup/defaults/main.yml | 16 ++++++++-------- .../tasks/validate_config.yml | 11 +++++++++++ 2 files changed, 19 insertions(+), 8 deletions(-) diff --git a/roles/matrix-postgres-backup/defaults/main.yml b/roles/matrix-postgres-backup/defaults/main.yml index ed42266f..d59c84e9 100644 --- a/roles/matrix-postgres-backup/defaults/main.yml +++ b/roles/matrix-postgres-backup/defaults/main.yml @@ -24,18 +24,18 @@ matrix_postgres_backup_postgres_data_path: "" matrix_postgres_backup_architecture: amd64 -# matrix_postgres_docker_image_suffix controls whether we use Alpine-based images (`-alpine`) or the normal Debian-based images. +# matrix_postgres_backup_docker_image_distro controls whether we use Alpine-based images (`-alpine`) or the normal Debian-based images. # Alpine-based Postgres images are smaller and we usually prefer them, but they don't work on ARM32 (tested on a Raspberry Pi 3 running Raspbian 10.7). # On ARM32, `-alpine` images fail with the following error: # > LOG: startup process (PID 37) was terminated by signal 11: Segmentation fault -matrix_postgres_backup_docker_image_suffix: "{{ '-alpine' if matrix_postgres_backup_architecture in ['amd64', 'arm64'] else '' }}" +matrix_postgres_backup_docker_image_distro: "{{ 'alpine' if matrix_postgres_backup_architecture in ['amd64', 'arm64'] else 'debian' }}" -matrix_postgres_backup_docker_image_v9: "{{ matrix_container_global_registry_prefix }}prodrigestivill/postgres-backup-local:9.6{{ matrix_postgres_backup_docker_image_suffix }}" -matrix_postgres_backup_docker_image_v10: "{{ matrix_container_global_registry_prefix }}prodrigestivill/postgres-backup-local:10{{ matrix_postgres_backup_docker_image_suffix }}" -matrix_postgres_backup_docker_image_v11: "{{ matrix_container_global_registry_prefix }}prodrigestivill/postgres-backup-local:11{{ matrix_postgres_backup_docker_image_suffix }}" -matrix_postgres_backup_docker_image_v12: "{{ matrix_container_global_registry_prefix }}prodrigestivill/postgres-backup-local:12{{ matrix_postgres_backup_docker_image_suffix }}" -matrix_postgres_backup_docker_image_v13: "{{ matrix_container_global_registry_prefix }}prodrigestivill/postgres-backup-local:13{{ matrix_postgres_backup_docker_image_suffix }}" -matrix_postgres_backup_docker_image_v14: "{{ matrix_container_global_registry_prefix }}prodrigestivill/postgres-backup-local:14{{ matrix_postgres_backup_docker_image_suffix }}" +matrix_postgres_backup_docker_image_v9: "{{ matrix_container_global_registry_prefix }}prodrigestivill/postgres-backup-local:9.6-{{ matrix_postgres_backup_docker_image_distro }}-2aa03d1" +matrix_postgres_backup_docker_image_v10: "{{ matrix_container_global_registry_prefix }}prodrigestivill/postgres-backup-local:10-{{ matrix_postgres_backup_docker_image_distro }}-2cf00a5" +matrix_postgres_backup_docker_image_v11: "{{ matrix_container_global_registry_prefix }}prodrigestivill/postgres-backup-local:11-{{ matrix_postgres_backup_docker_image_distro }}-2cf00a5" +matrix_postgres_backup_docker_image_v12: "{{ matrix_container_global_registry_prefix }}prodrigestivill/postgres-backup-local:12-{{ matrix_postgres_backup_docker_image_distro }}-2cf00a5" +matrix_postgres_backup_docker_image_v13: "{{ matrix_container_global_registry_prefix }}prodrigestivill/postgres-backup-local:13-{{ matrix_postgres_backup_docker_image_distro }}-2cf00a5" +matrix_postgres_backup_docker_image_v14: "{{ matrix_container_global_registry_prefix }}prodrigestivill/postgres-backup-local:14-{{ matrix_postgres_backup_docker_image_distro }}-2cf00a5" matrix_postgres_backup_docker_image_latest: "{{ matrix_postgres_backup_docker_image_v14 }}" # This variable is assigned at runtime. Overriding its value has no effect. diff --git a/roles/matrix-postgres-backup/tasks/validate_config.yml b/roles/matrix-postgres-backup/tasks/validate_config.yml index 8a2ddb5a..2ba64374 100644 --- a/roles/matrix-postgres-backup/tasks/validate_config.yml +++ b/roles/matrix-postgres-backup/tasks/validate_config.yml @@ -16,3 +16,14 @@ - "matrix_postgres_backup_keep_months" - "matrix_postgres_backup_path" - "matrix_postgres_backup_databases" + +- name: (Deprecation) Catch and report renamed settings + ansible.builtin.fail: + msg: >- + Your configuration contains a variable, which now has a different name. + Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`). + when: "item.old in vars" + with_items: + - {'old': 'matrix_postgres_backup_docker_image_suffix', 'new': 'matrix_postgres_backup_docker_image_distro'} + + From 6cacf7297d7dc88a37537569fd9d9fc81db62176 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 27 Oct 2022 06:50:04 +0300 Subject: [PATCH 469/562] Add support for postgres-backup-local v15 Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2200 --- roles/matrix-postgres-backup/defaults/main.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/matrix-postgres-backup/defaults/main.yml b/roles/matrix-postgres-backup/defaults/main.yml index d59c84e9..abdfa74c 100644 --- a/roles/matrix-postgres-backup/defaults/main.yml +++ b/roles/matrix-postgres-backup/defaults/main.yml @@ -36,7 +36,8 @@ matrix_postgres_backup_docker_image_v11: "{{ matrix_container_global_registry_pr matrix_postgres_backup_docker_image_v12: "{{ matrix_container_global_registry_prefix }}prodrigestivill/postgres-backup-local:12-{{ matrix_postgres_backup_docker_image_distro }}-2cf00a5" matrix_postgres_backup_docker_image_v13: "{{ matrix_container_global_registry_prefix }}prodrigestivill/postgres-backup-local:13-{{ matrix_postgres_backup_docker_image_distro }}-2cf00a5" matrix_postgres_backup_docker_image_v14: "{{ matrix_container_global_registry_prefix }}prodrigestivill/postgres-backup-local:14-{{ matrix_postgres_backup_docker_image_distro }}-2cf00a5" -matrix_postgres_backup_docker_image_latest: "{{ matrix_postgres_backup_docker_image_v14 }}" +matrix_postgres_backup_docker_image_v15: "{{ matrix_container_global_registry_prefix }}prodrigestivill/postgres-backup-local:15-{{ matrix_postgres_backup_docker_image_distro }}-2cf00a5" +matrix_postgres_backup_docker_image_latest: "{{ matrix_postgres_backup_docker_image_v15 }}" # This variable is assigned at runtime. Overriding its value has no effect. matrix_postgres_backup_docker_image_to_use: '{{ matrix_postgres_backup_docker_image_latest }}' From 35c5c23a3e4c0f0d9981f18895a0da300a7ea8ac Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 27 Oct 2022 06:50:41 +0300 Subject: [PATCH 470/562] Remove useless tasks from matrix-postgres-backup role `matrix-postgres-backup` reuses the `matrix-postgres` role for these tasks, not its own definitions. --- .../util/detect_existing_postgres_version.yml | 61 ------------------- 1 file changed, 61 deletions(-) delete mode 100644 roles/matrix-postgres-backup/tasks/util/detect_existing_postgres_version.yml diff --git a/roles/matrix-postgres-backup/tasks/util/detect_existing_postgres_version.yml b/roles/matrix-postgres-backup/tasks/util/detect_existing_postgres_version.yml deleted file mode 100644 index 877e5934..00000000 --- a/roles/matrix-postgres-backup/tasks/util/detect_existing_postgres_version.yml +++ /dev/null @@ -1,61 +0,0 @@ ---- - -# This utility aims to determine if there is some existing Postgres version in use or not. -# If there is, it also tries to detect the Docker image that corresponds to that version. - -- name: Initialize Postgres version determination variables (default to empty) - ansible.builtin.set_fact: - matrix_postgres_backup_detection_pg_version_path: "{{ matrix_postgres_data_path }}/PG_VERSION" - matrix_postgres_backup_detected_existing: false - matrix_postgres_backup_detected_version: "" - matrix_postgres_backup_detected_version_corresponding_docker_image: "" - -- name: Determine existing Postgres version (check PG_VERSION file) - ansible.builtin.stat: - path: "{{ matrix_postgres_backup_detection_pg_version_path }}" - register: result_pg_version_stat - -- ansible.builtin.set_fact: - matrix_postgres_backup_detected_existing: true - when: "result_pg_version_stat.stat.exists" - -- name: Determine existing Postgres version (read PG_VERSION file) - ansible.builtin.slurp: - src: "{{ matrix_postgres_backup_detection_pg_version_path }}" - register: result_pg_version - when: matrix_postgres_backup_detected_existing | bool - -- name: Determine existing Postgres version (make sense of PG_VERSION file) - ansible.builtin.set_fact: - matrix_postgres_backup_detected_version: "{{ result_pg_version['content'] | b64decode | replace('\n', '') }}" - when: matrix_postgres_backup_detected_existing | bool - -- name: Determine corresponding Docker image to detected version (assume default of latest) - ansible.builtin.set_fact: - matrix_postgres_backup_detected_version_corresponding_docker_image: "{{ matrix_postgres_backup_docker_image_latest }}" - when: "matrix_postgres_backup_detected_version != ''" - -- name: Determine corresponding Docker image to detected version (use 9.x, if detected) - ansible.builtin.set_fact: - matrix_postgres_backup_detected_version_corresponding_docker_image: "{{ matrix_postgres_backup_docker_image_v9 }}" - when: "matrix_postgres_backup_detected_version.startswith('9.')" - -- name: Determine corresponding Docker image to detected version (use 10.x, if detected) - ansible.builtin.set_fact: - matrix_postgres_backup_detected_version_corresponding_docker_image: "{{ matrix_postgres_backup_docker_image_v10 }}" - when: "matrix_postgres_backup_detected_version == '10' or matrix_postgres_backup_detected_version.startswith('10.')" - -- name: Determine corresponding Docker image to detected version (use 11.x, if detected) - ansible.builtin.set_fact: - matrix_postgres_backup_detected_version_corresponding_docker_image: "{{ matrix_postgres_backup_docker_image_v11 }}" - when: "matrix_postgres_backup_detected_version == '11' or matrix_postgres_backup_detected_version.startswith('11.')" - -- name: Determine corresponding Docker image to detected version (use 12.x, if detected) - ansible.builtin.set_fact: - matrix_postgres_backup_detected_version_corresponding_docker_image: "{{ matrix_postgres_backup_docker_image_v12 }}" - when: "matrix_postgres_backup_detected_version == '12' or matrix_postgres_backup_detected_version.startswith('12.')" - -- name: Determine corresponding Docker image to detected version (use 13.x, if detected) - ansible.builtin.set_fact: - matrix_postgres_backup_detected_version_corresponding_docker_image: "{{ matrix_postgres_backup_docker_image_v13 }}" - when: "matrix_postgres_backup_detected_version == '13' or matrix_postgres_backup_detected_version.startswith('13.')" From ce8e9be6a857c2541a00b22a3ec14ca01cd41562 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 27 Oct 2022 09:48:49 +0300 Subject: [PATCH 471/562] Document Conduit installation Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2076 --- docs/configuring-playbook-conduit.md | 58 ++++++++++++++++++++++++++++ docs/configuring-playbook.md | 5 ++- examples/vars.yml | 4 +- 3 files changed, 65 insertions(+), 2 deletions(-) create mode 100644 docs/configuring-playbook-conduit.md diff --git a/docs/configuring-playbook-conduit.md b/docs/configuring-playbook-conduit.md new file mode 100644 index 00000000..8739a567 --- /dev/null +++ b/docs/configuring-playbook-conduit.md @@ -0,0 +1,58 @@ +# Configuring Conduit (optional) + +By default, this playbook configures the [Synapse](https://github.com/matrix-org/synapse) Matrix server, but you can also use [Conduit](https://conduit.rs). + +**NOTES**: + +- **You can't switch an existing Matrix server's implementation** (e.g. Synapse -> Conduit). Proceed below only if you're OK with losing data or you're dealing with a server on a new domain name, which hasn't participated in the Matrix federation yet. + +- **homeserver implementations other than Synapse may not be fully functional**. The playbook may also not assist you in an optimal way (like it does with Synapse). Make yourself familiar with the downsides before proceeding + + +## Installation + +To use Conduit, you **generally** need the following additional `vars.yml` configuration: + +```yaml +matrix_homeserver_implementation: conduit +``` + +However, since Conduit is difficult (see [famedly/conduit#276](https://gitlab.com/famedly/conduit/-/issues/276) and [famedly/conduit#354](https://gitlab.com/famedly/conduit/-/merge_requests/354)) when it comes to creating the first user account and does not support [registering users](registering-users.md) (via the command line or via the playbook) like Synapse and Dendrite do, we recommend the following flow: + +1. Add `matrix_conduit_allow_registration: true` to your `vars.yml` the first time around, temporarily +2. Run the playbook (`ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start` - see [Installing](installing.md)) +3. Create your first user via Element or any other client which supports creating users +4. Get rid of `matrix_conduit_allow_registration: true` from your `vars.yml` +5. Run the playbook again (`ansible-playbook -i inventory/hosts setup.yml --tags=setup-conduit,start` would be enough this time) +6. You can now use your server safely. Additional users can be created by messaging the internal Conduit bot + + +## Configuring bridges / appservices + +Automatic appservice setup is currently unsupported when using conduit. After setting up the service as usual you may notice that it is unable to start. + +You will have to manually register appservices using the the [register-appservice](https://gitlab.com/famedly/conduit/-/blob/next/APPSERVICES.md) command. + +Find the `registration.yaml` in the `/matrix` directory, for example `/matrix/mautrix-signal/bridge/registration.yaml`, then pass the content to conduit: + + + @conduit:your.server.name: register-appservice + ``` + as_token: + de.sorunome.msc2409.push_ephemeral: true + hs_token: + id: signal + namespaces: + aliases: + - exclusive: true + regex: ^#signal_.+:example\.org$ + users: + - exclusive: true + regex: ^@signal_.+:example\.org$ + - exclusive: true + regex: ^@signalbot:example\.org$ + rate_limited: false + sender_localpart: _bot_signalbot + url: http://matrix-mautrix-signal:29328 + ``` + diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index efb0f7e3..127ab47d 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -42,7 +42,10 @@ When you're done with all the configuration you'd like to do, continue with [Ins ### Core service adjustments -- [Configuring Synapse](configuring-playbook-synapse.md) (optional) +- Homeserver configuration: + - [Configuring Synapse](configuring-playbook-synapse.md), if you're going with the default/recommended homeserver implementation (optional) + + - [Configuring Conduit](configuring-playbook-conduit.md), if you've switched to the [Conduit](https://conduit.rs) homeserver implementation (optional) - [Configuring Element](configuring-playbook-client-element.md) (optional) diff --git a/examples/vars.yml b/examples/vars.yml index 3ca8f460..248f906b 100644 --- a/examples/vars.yml +++ b/examples/vars.yml @@ -12,7 +12,9 @@ matrix_domain: YOUR_BARE_DOMAIN_NAME_HERE # The Matrix homeserver software to install. -# See `roles/matrix-base/defaults/main.yml` for valid options. +# See: +# - `roles/matrix-base/defaults/main.yml` for valid options +# - the `docs/configuring-playbook-IMPLEMENTATION_NAME.md` documentation page, if one is available for your implementation choice matrix_homeserver_implementation: synapse # A secret used as a base, for generating various other secrets. From 7303f9241c583ce17a9bc224092c89c73d0233e1 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 27 Oct 2022 09:59:54 +0300 Subject: [PATCH 472/562] Fix yamllint error --- roles/matrix-postgres-backup/tasks/validate_config.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/roles/matrix-postgres-backup/tasks/validate_config.yml b/roles/matrix-postgres-backup/tasks/validate_config.yml index 2ba64374..aab68eaf 100644 --- a/roles/matrix-postgres-backup/tasks/validate_config.yml +++ b/roles/matrix-postgres-backup/tasks/validate_config.yml @@ -25,5 +25,3 @@ when: "item.old in vars" with_items: - {'old': 'matrix_postgres_backup_docker_image_suffix', 'new': 'matrix_postgres_backup_docker_image_distro'} - - From 45226f31410e89ab9a116aa061c293dda4aa2985 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Thu, 27 Oct 2022 08:14:31 +0000 Subject: [PATCH 473/562] Update signald 0.22.2 -> 0.23.0 ref: https://gitlab.com/signald/signald/-/issues/343 --- roles/matrix-bridge-mautrix-signal/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-signal/defaults/main.yml b/roles/matrix-bridge-mautrix-signal/defaults/main.yml index 9a06e423..83b0a5ce 100644 --- a/roles/matrix-bridge-mautrix-signal/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-signal/defaults/main.yml @@ -10,7 +10,7 @@ matrix_mautrix_signal_docker_repo_version: "{{ 'master' if matrix_mautrix_signal matrix_mautrix_signal_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-signal/docker-src" matrix_mautrix_signal_version: v0.4.0 -matrix_mautrix_signal_daemon_version: 0.22.2 +matrix_mautrix_signal_daemon_version: 0.23.0 # See: https://mau.dev/mautrix/signal/container_registry matrix_mautrix_signal_docker_image: "dock.mau.dev/mautrix/signal:{{ matrix_mautrix_signal_version }}" matrix_mautrix_signal_docker_image_force_pull: "{{ matrix_mautrix_signal_docker_image.endswith(':latest') }}" From 3c31638de969e5b1a7fd7fe3e6ced64125afc156 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Thu, 27 Oct 2022 10:45:08 +0000 Subject: [PATCH 474/562] fix buscarron ban list --- roles/matrix-bot-buscarron/templates/env.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-buscarron/templates/env.j2 b/roles/matrix-bot-buscarron/templates/env.j2 index 90ae5f7e..80ddd38c 100644 --- a/roles/matrix-bot-buscarron/templates/env.j2 +++ b/roles/matrix-bot-buscarron/templates/env.j2 @@ -10,7 +10,7 @@ BUSCARRON_SPAM_LOCALPARTS={{ matrix_bot_buscarron_spam_localparts|join(" ") }} BUSCARRON_SENTRY={{ matrix_bot_buscarron_sentry }} BUSCARRON_LOGLEVEL={{ matrix_bot_buscarron_loglevel }} BUSCARRON_BAN_SIZE={{ matrix_bot_buscarron_ban_size }} -BUSCARRON_BAN_LIST={{ matrix_bot_buscarron_ban_list }} +BUSCARRON_BAN_LIST={{ matrix_bot_buscarron_ban_list|default('')|join(' ') }} BUSCARRON_PM_TOKEN={{ matrix_bot_buscarron_pm_token }} BUSCARRON_PM_FROM={{ matrix_bot_buscarron_pm_from }} BUSCARRON_PM_REPLYTO={{ matrix_bot_buscarron_pm_replyto }} From 48388a3d96218fe61a7501c131f67ccf61718254 Mon Sep 17 00:00:00 2001 From: Sebastian Gumprich Date: Fri, 28 Oct 2022 13:20:17 +0200 Subject: [PATCH 475/562] use fqcns for some task Signed-off-by: Sebastian Gumprich --- roles/matrix-backup-borg/tasks/setup_install.yml | 4 ++-- roles/matrix-backup-borg/tasks/setup_uninstall.yml | 2 +- roles/matrix-base/tasks/server_base/setup_archlinux.yml | 4 ++-- roles/matrix-base/tasks/setup_matrix_base.yml | 2 +- roles/matrix-base/tasks/util/ensure_fuse_installed.yml | 2 +- roles/matrix-base/tasks/util/ensure_openssl_installed.yml | 2 +- roles/matrix-bot-buscarron/tasks/setup_install.yml | 4 ++-- roles/matrix-bot-buscarron/tasks/setup_uninstall.yml | 2 +- roles/matrix-bot-go-neb/tasks/setup_install.yml | 2 +- roles/matrix-bot-go-neb/tasks/setup_uninstall.yml | 2 +- roles/matrix-bot-honoroit/tasks/setup_install.yml | 4 ++-- roles/matrix-bot-honoroit/tasks/setup_uninstall.yml | 2 +- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_uninstall.yml | 2 +- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_uninstall.yml | 2 +- roles/matrix-bot-maubot/tasks/setup_install.yml | 4 ++-- roles/matrix-bot-maubot/tasks/setup_uninstall.yml | 2 +- roles/matrix-bot-mjolnir/tasks/setup_install.yml | 4 ++-- roles/matrix-bot-mjolnir/tasks/setup_uninstall.yml | 2 +- roles/matrix-bot-postmoogle/tasks/setup_install.yml | 4 ++-- roles/matrix-bot-postmoogle/tasks/setup_uninstall.yml | 2 +- .../tasks/setup_install.yml | 2 +- .../matrix-bridge-appservice-irc/tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 8 ++++---- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../matrix-bridge-beeper-linkedin/tasks/setup_install.yml | 4 ++-- .../matrix-bridge-go-skype-bridge/tasks/setup_install.yml | 4 ++-- roles/matrix-bridge-heisenbridge/tasks/setup_install.yml | 2 +- roles/matrix-bridge-hookshot/tasks/setup_install.yml | 4 ++-- .../matrix-bridge-mautrix-discord/tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../matrix-bridge-mautrix-signal/tasks/setup_install.yml | 8 ++++---- .../tasks/setup_install.yml | 6 +++--- .../matrix-bridge-mautrix-twitter/tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../matrix-bridge-mx-puppet-slack/tasks/setup_install.yml | 4 ++-- .../matrix-bridge-mx-puppet-steam/tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- roles/matrix-bridge-sms/tasks/setup_install.yml | 2 +- roles/matrix-cactus-comments/tasks/setup_install.yml | 4 ++-- roles/matrix-cactus-comments/tasks/setup_uninstall.yml | 2 +- roles/matrix-client-cinny/tasks/setup_install.yml | 4 ++-- roles/matrix-client-cinny/tasks/setup_uninstall.yml | 2 +- roles/matrix-client-element/tasks/setup_install.yml | 4 ++-- roles/matrix-client-element/tasks/setup_uninstall.yml | 2 +- roles/matrix-client-hydrogen/tasks/setup_install.yml | 4 ++-- roles/matrix-client-hydrogen/tasks/setup_uninstall.yml | 2 +- roles/matrix-conduit/tasks/conduit/setup_install.yml | 2 +- roles/matrix-conduit/tasks/conduit/setup_uninstall.yml | 2 +- roles/matrix-corporal/tasks/setup_corporal.yml | 6 +++--- roles/matrix-coturn/tasks/setup_install.yml | 6 +++--- roles/matrix-dendrite/tasks/dendrite/setup_install.yml | 2 +- roles/matrix-dendrite/tasks/dendrite/setup_uninstall.yml | 2 +- roles/matrix-dimension/tasks/setup_install.yml | 4 ++-- roles/matrix-dimension/tasks/setup_uninstall.yml | 2 +- roles/matrix-dynamic-dns/tasks/install.yml | 4 ++-- roles/matrix-email2matrix/tasks/setup_install.yml | 4 ++-- roles/matrix-email2matrix/tasks/setup_uninstall.yml | 2 +- roles/matrix-etherpad/tasks/setup_install.yml | 2 +- roles/matrix-etherpad/tasks/setup_uninstall.yml | 2 +- roles/matrix-grafana/tasks/setup.yml | 2 +- roles/matrix-jitsi/tasks/setup_jitsi_jicofo.yml | 2 +- roles/matrix-jitsi/tasks/setup_jitsi_jvb.yml | 2 +- roles/matrix-jitsi/tasks/setup_jitsi_prosody.yml | 2 +- roles/matrix-jitsi/tasks/setup_jitsi_web.yml | 2 +- .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 2 +- roles/matrix-ma1sd/tasks/setup_install.yml | 6 +++--- roles/matrix-ma1sd/tasks/setup_uninstall.yml | 2 +- roles/matrix-mailer/tasks/setup_mailer.yml | 6 +++--- .../tasks/nginx-proxy/setup_metrics_auth.yml | 2 +- roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml | 2 +- .../tasks/ssl/setup_ssl_lets_encrypt.yml | 2 +- roles/matrix-ntfy/tasks/setup_install.yml | 2 +- roles/matrix-ntfy/tasks/setup_uninstall.yml | 2 +- .../tasks/setup_postgres_backup.yml | 2 +- roles/matrix-postgres/tasks/migrate_db_to_postgres.yml | 4 ++-- roles/matrix-postgres/tasks/setup_postgres.yml | 2 +- roles/matrix-prometheus-node-exporter/tasks/setup.yml | 2 +- roles/matrix-prometheus-postgres-exporter/tasks/setup.yml | 2 +- roles/matrix-prometheus/tasks/setup_install.yml | 2 +- roles/matrix-redis/tasks/setup_redis.yml | 2 +- roles/matrix-registration/tasks/setup_install.yml | 4 ++-- roles/matrix-registration/tasks/setup_uninstall.yml | 2 +- roles/matrix-sygnal/tasks/setup_install.yml | 2 +- roles/matrix-sygnal/tasks/setup_uninstall.yml | 2 +- roles/matrix-synapse-admin/tasks/setup.yml | 6 +++--- .../tasks/ext/mjolnir-antispam/setup_install.yml | 2 +- .../tasks/ext/synapse-simple-antispam/setup_install.yml | 2 +- roles/matrix-synapse/tasks/goofys/setup_install.yml | 2 +- roles/matrix-synapse/tasks/goofys/setup_uninstall.yml | 2 +- roles/matrix-synapse/tasks/import_media_store.yml | 2 +- .../tasks/rust-synapse-compress-state/main.yml | 2 +- roles/matrix-synapse/tasks/synapse/setup_install.yml | 4 ++-- roles/matrix-synapse/tasks/synapse/setup_uninstall.yml | 2 +- 103 files changed, 159 insertions(+), 159 deletions(-) diff --git a/roles/matrix-backup-borg/tasks/setup_install.yml b/roles/matrix-backup-borg/tasks/setup_install.yml index b44a8fa1..f99051e3 100644 --- a/roles/matrix-backup-borg/tasks/setup_install.yml +++ b/roles/matrix-backup-borg/tasks/setup_install.yml @@ -59,7 +59,7 @@ mode: 0600 - name: Ensure borg image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_backup_borg_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_backup_borg_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -82,7 +82,7 @@ when: "matrix_backup_borg_container_image_self_build | bool" - name: Ensure borg image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_backup_borg_docker_image }}" source: build force_source: "{{ matrix_backup_borg_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-backup-borg/tasks/setup_uninstall.yml b/roles/matrix-backup-borg/tasks/setup_uninstall.yml index fb583f57..37832b2b 100644 --- a/roles/matrix-backup-borg/tasks/setup_uninstall.yml +++ b/roles/matrix-backup-borg/tasks/setup_uninstall.yml @@ -36,6 +36,6 @@ state: absent - name: Ensure borg Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_backup_borg_docker_image }}" state: absent diff --git a/roles/matrix-base/tasks/server_base/setup_archlinux.yml b/roles/matrix-base/tasks/server_base/setup_archlinux.yml index c912e58f..a9313614 100644 --- a/roles/matrix-base/tasks/server_base/setup_archlinux.yml +++ b/roles/matrix-base/tasks/server_base/setup_archlinux.yml @@ -1,7 +1,7 @@ --- - name: Install host dependencies - pacman: + community.general.pacman: name: - python-docker - python-dnspython @@ -9,7 +9,7 @@ update_cache: true - name: Ensure Docker is installed - pacman: + community.general.pacman: name: - docker state: present diff --git a/roles/matrix-base/tasks/setup_matrix_base.yml b/roles/matrix-base/tasks/setup_matrix_base.yml index 2e860987..6eebe3c0 100644 --- a/roles/matrix-base/tasks/setup_matrix_base.yml +++ b/roles/matrix-base/tasks/setup_matrix_base.yml @@ -20,7 +20,7 @@ when: "matrix_vars_yml_snapshotting_enabled | bool" - name: Ensure Matrix network is created in Docker - docker_network: + community.docker.docker_network: name: "{{ matrix_docker_network }}" driver: bridge diff --git a/roles/matrix-base/tasks/util/ensure_fuse_installed.yml b/roles/matrix-base/tasks/util/ensure_fuse_installed.yml index 47d2d9e8..240a5c62 100644 --- a/roles/matrix-base/tasks/util/ensure_fuse_installed.yml +++ b/roles/matrix-base/tasks/util/ensure_fuse_installed.yml @@ -16,7 +16,7 @@ when: ansible_os_family == 'Debian' - name: Ensure fuse installed (Archlinux) - pacman: + community.general.pacman: name: - fuse3 state: present diff --git a/roles/matrix-base/tasks/util/ensure_openssl_installed.yml b/roles/matrix-base/tasks/util/ensure_openssl_installed.yml index ae22fb49..a5bdf21a 100644 --- a/roles/matrix-base/tasks/util/ensure_openssl_installed.yml +++ b/roles/matrix-base/tasks/util/ensure_openssl_installed.yml @@ -16,7 +16,7 @@ when: ansible_os_family == 'Debian' - name: Ensure openssl installed (Archlinux) - pacman: + community.general.pacman: name: - openssl state: present diff --git a/roles/matrix-bot-buscarron/tasks/setup_install.yml b/roles/matrix-bot-buscarron/tasks/setup_install.yml index 564ff7e0..4a23d7e7 100644 --- a/roles/matrix-bot-buscarron/tasks/setup_install.yml +++ b/roles/matrix-bot-buscarron/tasks/setup_install.yml @@ -50,7 +50,7 @@ mode: 0640 - name: Ensure buscarron image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_buscarron_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_bot_buscarron_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -73,7 +73,7 @@ when: "matrix_bot_buscarron_container_image_self_build | bool" - name: Ensure buscarron image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_buscarron_docker_image }}" source: build force_source: "{{ matrix_bot_buscarron_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bot-buscarron/tasks/setup_uninstall.yml b/roles/matrix-bot-buscarron/tasks/setup_uninstall.yml index ad9e78cd..848d24d2 100644 --- a/roles/matrix-bot-buscarron/tasks/setup_uninstall.yml +++ b/roles/matrix-bot-buscarron/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure buscarron Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_buscarron_docker_image }}" state: absent diff --git a/roles/matrix-bot-go-neb/tasks/setup_install.yml b/roles/matrix-bot-go-neb/tasks/setup_install.yml index a651c160..52215597 100644 --- a/roles/matrix-bot-go-neb/tasks/setup_install.yml +++ b/roles/matrix-bot-go-neb/tasks/setup_install.yml @@ -17,7 +17,7 @@ when: "item.when | bool" - name: Ensure go-neb image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_go_neb_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_bot_go_neb_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bot-go-neb/tasks/setup_uninstall.yml b/roles/matrix-bot-go-neb/tasks/setup_uninstall.yml index 9794a90a..83391094 100644 --- a/roles/matrix-bot-go-neb/tasks/setup_uninstall.yml +++ b/roles/matrix-bot-go-neb/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure go-neb Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_go_neb_docker_image }}" state: absent diff --git a/roles/matrix-bot-honoroit/tasks/setup_install.yml b/roles/matrix-bot-honoroit/tasks/setup_install.yml index 8a440484..3c974557 100644 --- a/roles/matrix-bot-honoroit/tasks/setup_install.yml +++ b/roles/matrix-bot-honoroit/tasks/setup_install.yml @@ -50,7 +50,7 @@ mode: 0640 - name: Ensure honoroit image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_honoroit_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_bot_honoroit_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -73,7 +73,7 @@ when: "matrix_bot_honoroit_container_image_self_build | bool" - name: Ensure honoroit image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_honoroit_docker_image }}" source: build force_source: "{{ matrix_bot_honoroit_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bot-honoroit/tasks/setup_uninstall.yml b/roles/matrix-bot-honoroit/tasks/setup_uninstall.yml index 6ede0d1d..54869e31 100644 --- a/roles/matrix-bot-honoroit/tasks/setup_uninstall.yml +++ b/roles/matrix-bot-honoroit/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure honoroit Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_honoroit_docker_image }}" state: absent diff --git a/roles/matrix-bot-matrix-registration-bot/tasks/setup_install.yml b/roles/matrix-bot-matrix-registration-bot/tasks/setup_install.yml index d4522321..5896ac62 100644 --- a/roles/matrix-bot-matrix-registration-bot/tasks/setup_install.yml +++ b/roles/matrix-bot-matrix-registration-bot/tasks/setup_install.yml @@ -22,7 +22,7 @@ mode: 0640 - name: Ensure matrix-registration-bot image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_matrix_registration_bot_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_bot_matrix_registration_bot_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -45,7 +45,7 @@ when: "matrix_bot_matrix_registration_bot_container_image_self_build | bool" - name: Ensure matrix-registration-bot image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_matrix_registration_bot_docker_image }}" source: build force_source: "{{ matrix_bot_matrix_registration_bot_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bot-matrix-registration-bot/tasks/setup_uninstall.yml b/roles/matrix-bot-matrix-registration-bot/tasks/setup_uninstall.yml index 426eefc1..63bc53ad 100644 --- a/roles/matrix-bot-matrix-registration-bot/tasks/setup_uninstall.yml +++ b/roles/matrix-bot-matrix-registration-bot/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure matrix-registration-bot Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_matrix_registration_bot_docker_image }}" state: absent diff --git a/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml b/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml index 93285bf6..5d784ef3 100644 --- a/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml +++ b/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml @@ -43,7 +43,7 @@ when: "item.when | bool" - name: Ensure matrix-reminder-bot image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_matrix_reminder_bot_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_bot_matrix_reminder_bot_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -66,7 +66,7 @@ when: "matrix_bot_matrix_reminder_bot_container_image_self_build | bool" - name: Ensure matrix-reminder-bot image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_matrix_reminder_bot_docker_image }}" source: build force_source: "{{ matrix_bot_matrix_reminder_bot_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bot-matrix-reminder-bot/tasks/setup_uninstall.yml b/roles/matrix-bot-matrix-reminder-bot/tasks/setup_uninstall.yml index d8926df7..de9e0427 100644 --- a/roles/matrix-bot-matrix-reminder-bot/tasks/setup_uninstall.yml +++ b/roles/matrix-bot-matrix-reminder-bot/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure matrix-reminder-bot Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_matrix_reminder_bot_docker_image }}" state: absent diff --git a/roles/matrix-bot-maubot/tasks/setup_install.yml b/roles/matrix-bot-maubot/tasks/setup_install.yml index 185a2988..50e48254 100644 --- a/roles/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/matrix-bot-maubot/tasks/setup_install.yml @@ -26,7 +26,7 @@ mode: "u=rwx" - name: Ensure maubot image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_maubot_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_bot_maubot_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -49,7 +49,7 @@ when: "matrix_bot_maubot_container_image_self_build|bool" - name: Ensure maubot image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_maubot_docker_image }}" source: build force_source: "{{ matrix_bot_maubot_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bot-maubot/tasks/setup_uninstall.yml b/roles/matrix-bot-maubot/tasks/setup_uninstall.yml index dd0fc1f6..6a5e7fdc 100644 --- a/roles/matrix-bot-maubot/tasks/setup_uninstall.yml +++ b/roles/matrix-bot-maubot/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure maubot Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_maubot_docker_image }}" state: absent diff --git a/roles/matrix-bot-mjolnir/tasks/setup_install.yml b/roles/matrix-bot-mjolnir/tasks/setup_install.yml index 08ac9d03..b9bcf37d 100644 --- a/roles/matrix-bot-mjolnir/tasks/setup_install.yml +++ b/roles/matrix-bot-mjolnir/tasks/setup_install.yml @@ -18,7 +18,7 @@ when: "item.when | bool" - name: Ensure mjolnir Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_mjolnir_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_bot_mjolnir_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -41,7 +41,7 @@ when: "matrix_bot_mjolnir_container_image_self_build | bool" - name: Ensure mjolnir Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_mjolnir_docker_image }}" source: build force_source: "{{ matrix_bot_mjolnir_git_pull_results.changed }}" diff --git a/roles/matrix-bot-mjolnir/tasks/setup_uninstall.yml b/roles/matrix-bot-mjolnir/tasks/setup_uninstall.yml index 5c7f4c89..afefcc48 100644 --- a/roles/matrix-bot-mjolnir/tasks/setup_uninstall.yml +++ b/roles/matrix-bot-mjolnir/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure mjolnir Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_mjolnir_docker_image }}" state: absent diff --git a/roles/matrix-bot-postmoogle/tasks/setup_install.yml b/roles/matrix-bot-postmoogle/tasks/setup_install.yml index 9c9e59ee..5edfd4a9 100644 --- a/roles/matrix-bot-postmoogle/tasks/setup_install.yml +++ b/roles/matrix-bot-postmoogle/tasks/setup_install.yml @@ -46,7 +46,7 @@ mode: 0640 - name: Ensure postmoogle image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_postmoogle_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_bot_postmoogle_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -69,7 +69,7 @@ when: "matrix_bot_postmoogle_container_image_self_build | bool" - name: Ensure postmoogle image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_postmoogle_docker_image }}" source: build force_source: "{{ matrix_bot_postmoogle_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bot-postmoogle/tasks/setup_uninstall.yml b/roles/matrix-bot-postmoogle/tasks/setup_uninstall.yml index 64164a86..5502298c 100644 --- a/roles/matrix-bot-postmoogle/tasks/setup_uninstall.yml +++ b/roles/matrix-bot-postmoogle/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure postmoogle Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_postmoogle_docker_image }}" state: absent diff --git a/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml b/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml index e12c1572..3ef48c3d 100644 --- a/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml +++ b/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml @@ -29,7 +29,7 @@ matrix_appservice_discord_requires_restart: true - name: Ensure Appservice Discord image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_appservice_discord_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_appservice_discord_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml b/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml index 6794e814..4b4614b1 100644 --- a/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml +++ b/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml @@ -64,7 +64,7 @@ matrix_appservice_irc_requires_restart: true - name: Ensure Appservice IRC image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_appservice_irc_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_appservice_irc_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -87,7 +87,7 @@ when: "matrix_appservice_irc_enabled | bool and matrix_appservice_irc_container_image_self_build | bool" - name: Ensure matrix-appservice-irc Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_appservice_irc_docker_image }}" source: build force_source: "{{ matrix_appservice_irc_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml b/roles/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml index def73c59..2dd334cb 100644 --- a/roles/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml +++ b/roles/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml @@ -9,7 +9,7 @@ when: "matrix_synapse_role_executed | default(False)" - name: Ensure matrix-appservice-kakaotalk image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_appservice_kakaotalk_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_appservice_kakaotalk_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -21,7 +21,7 @@ until: result is not failed - name: Ensure matrix-appservice-kakaotalk-node image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_appservice_kakaotalk_node_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_appservice_kakaotalk_node_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -58,7 +58,7 @@ when: "matrix_appservice_kakaotalk_container_image_self_build | bool" - name: Ensure matrix-appservice-kakaotalk-node Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_appservice_kakaotalk_node_docker_image }}" source: build force_source: "{{ matrix_appservice_kakaotalk_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -70,7 +70,7 @@ when: "matrix_appservice_kakaotalk_container_image_self_build | bool" - name: Ensure matrix-appservice-kakaotalk Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_appservice_kakaotalk_docker_image }}" source: build force_source: "{{ matrix_appservice_kakaotalk_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-appservice-slack/tasks/setup_install.yml b/roles/matrix-bridge-appservice-slack/tasks/setup_install.yml index 9b741d69..d882d27d 100644 --- a/roles/matrix-bridge-appservice-slack/tasks/setup_install.yml +++ b/roles/matrix-bridge-appservice-slack/tasks/setup_install.yml @@ -32,7 +32,7 @@ matrix_appservice_slack_requires_restart: true - name: Ensure Appservice Slack image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_appservice_slack_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_appservice_slack_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -55,7 +55,7 @@ when: "matrix_appservice_slack_container_image_self_build | bool" - name: Ensure matrix-appservice-slack Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_appservice_slack_docker_image }}" source: build force_source: "{{ matrix_appservice_slack_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml b/roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml index 5cd8da88..824b5b78 100644 --- a/roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml +++ b/roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml @@ -15,7 +15,7 @@ when: "item.when | bool" - name: Ensure Appservice webhooks image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_appservice_webhooks_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_appservice_webhooks_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -39,7 +39,7 @@ register: matrix_appservice_webhooks_git_pull_results - name: Ensure Appservice webhooks Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_appservice_webhooks_docker_image }}" source: build force_source: "{{ matrix_appservice_webhooks_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml b/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml index c1b19df9..97464adc 100644 --- a/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml +++ b/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml @@ -23,7 +23,7 @@ - name: Ensure Beeper LinkedIn image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_beeper_linkedin_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_beeper_linkedin_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -62,7 +62,7 @@ changed_when: matrix_beeper_linkedin_generate_docker_requirements_result.rc == 0 - name: Ensure Beeper LinkedIn Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_beeper_linkedin_docker_image }}" source: build force_source: "{{ matrix_beeper_linkedin_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-go-skype-bridge/tasks/setup_install.yml b/roles/matrix-bridge-go-skype-bridge/tasks/setup_install.yml index 32019686..82ccc72c 100644 --- a/roles/matrix-bridge-go-skype-bridge/tasks/setup_install.yml +++ b/roles/matrix-bridge-go-skype-bridge/tasks/setup_install.yml @@ -52,7 +52,7 @@ when: item.when | bool - name: Ensure Go Skype Bridge image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_go_skype_bridge_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_go_skype_bridge_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -75,7 +75,7 @@ when: "matrix_go_skype_bridge_container_image_self_build | bool" - name: Ensure Go Skype Bridge Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_go_skype_bridge_docker_image }}" source: build force_source: "{{ matrix_go_skype_bridge_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-heisenbridge/tasks/setup_install.yml b/roles/matrix-bridge-heisenbridge/tasks/setup_install.yml index ffcc1c8b..f8e1259b 100644 --- a/roles/matrix-bridge-heisenbridge/tasks/setup_install.yml +++ b/roles/matrix-bridge-heisenbridge/tasks/setup_install.yml @@ -1,7 +1,7 @@ --- - name: Ensure heisenbridge image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_heisenbridge_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_heisenbridge_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-hookshot/tasks/setup_install.yml b/roles/matrix-bridge-hookshot/tasks/setup_install.yml index 0c6bfc34..7c1cdf95 100644 --- a/roles/matrix-bridge-hookshot/tasks/setup_install.yml +++ b/roles/matrix-bridge-hookshot/tasks/setup_install.yml @@ -15,7 +15,7 @@ when: item.when | bool - name: Ensure hookshot image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_hookshot_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_hookshot_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -38,7 +38,7 @@ when: "matrix_hookshot_container_image_self_build | bool" - name: Ensure hookshot Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_hookshot_docker_image }}" source: build force_source: "{{ matrix_hookshot_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-mautrix-discord/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-discord/tasks/setup_install.yml index 4b05765a..ae3862d4 100644 --- a/roles/matrix-bridge-mautrix-discord/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-discord/tasks/setup_install.yml @@ -52,7 +52,7 @@ when: item.when | bool - name: Ensure Mautrix Discord image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_discord_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mautrix_discord_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -75,7 +75,7 @@ when: "matrix_mautrix_discord_container_image_self_build | bool" - name: Ensure Mautrix discord Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_discord_docker_image }}" source: build force_source: "{{ matrix_mautrix_discord_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml index ca882fb0..651e7794 100644 --- a/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml @@ -37,7 +37,7 @@ matrix_mautrix_facebook_requires_restart: true - name: Ensure Mautrix Facebook image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_facebook_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mautrix_facebook_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -74,7 +74,7 @@ when: "matrix_mautrix_facebook_container_image_self_build | bool" - name: Ensure Mautrix Facebook Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_facebook_docker_image }}" source: build force_source: "{{ matrix_mautrix_facebook_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml index f2fccb29..2e043def 100644 --- a/roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml @@ -37,7 +37,7 @@ matrix_mautrix_googlechat_requires_restart: true - name: Ensure Mautrix googlechat image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_googlechat_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mautrix_googlechat_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -74,7 +74,7 @@ when: "matrix_mautrix_googlechat_container_image_self_build | bool" - name: Ensure Mautrix googlechat Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_googlechat_docker_image }}" source: build force_source: "{{ matrix_mautrix_googlechat_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml index 48c83584..e62ef21c 100644 --- a/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml @@ -37,7 +37,7 @@ matrix_mautrix_hangouts_requires_restart: true - name: Ensure Mautrix Hangouts image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_hangouts_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mautrix_hangouts_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -74,7 +74,7 @@ when: "matrix_mautrix_hangouts_container_image_self_build | bool" - name: Ensure Mautrix Hangouts Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_hangouts_docker_image }}" source: build force_source: "{{ matrix_mautrix_hangouts_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-mautrix-instagram/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-instagram/tasks/setup_install.yml index 88b0286e..47076eb7 100644 --- a/roles/matrix-bridge-mautrix-instagram/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-instagram/tasks/setup_install.yml @@ -8,7 +8,7 @@ when: "matrix_synapse_role_executed | default(False)" - name: Ensure Mautrix instagram image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_instagram_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mautrix_instagram_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -45,7 +45,7 @@ when: "matrix_mautrix_instagram_container_image_self_build | bool" - name: Ensure Mautrix instagram Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_instagram_docker_image }}" source: build force_source: "{{ matrix_mautrix_instagram_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-mautrix-signal/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-signal/tasks/setup_install.yml index cfc704a8..577e80a9 100644 --- a/roles/matrix-bridge-mautrix-signal/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-signal/tasks/setup_install.yml @@ -9,7 +9,7 @@ when: "matrix_synapse_role_executed | default(False)" - name: Ensure Mautrix Signal image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_signal_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mautrix_signal_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -33,7 +33,7 @@ when: "matrix_mautrix_signal_container_image_self_build | bool" - name: Ensure Mautrix Signal image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_signal_docker_image }}" source: build force_source: "{{ matrix_mautrix_signal_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -46,7 +46,7 @@ - name: Ensure Mautrix Signal Daemon image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_signal_daemon_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mautrix_signal_daemon_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -66,7 +66,7 @@ when: "matrix_mautrix_signal_daemon_container_image_self_build | bool" - name: Ensure Mautrix Signal Daemon image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_signal_daemon_docker_image }}" source: build force_source: "{{ matrix_mautrix_signal_daemon_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml index 7a50b709..3d6e66f6 100644 --- a/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml @@ -51,7 +51,7 @@ when: item.when | bool - name: Ensure Mautrix Telegram image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_telegram_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mautrix_telegram_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -74,7 +74,7 @@ when: "matrix_telegram_lottieconverter_container_image_self_build | bool and matrix_mautrix_telegram_container_image_self_build | bool" - name: Ensure lottieconverter Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_telegram_lottieconverter_docker_image }}" source: build force_source: "{{ matrix_telegram_lottieconverter_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -97,7 +97,7 @@ when: "matrix_mautrix_telegram_container_image_self_build | bool" - name: Ensure matrix-mautrix-telegram Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_telegram_docker_image }}" source: build force_source: "{{ matrix_mautrix_telegram_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-mautrix-twitter/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-twitter/tasks/setup_install.yml index 05887c6d..485e8be4 100644 --- a/roles/matrix-bridge-mautrix-twitter/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-twitter/tasks/setup_install.yml @@ -12,7 +12,7 @@ matrix_mautrix_twitter_requires_restart: false - name: Ensure Mautrix Twitter image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_twitter_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mautrix_twitter_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -49,7 +49,7 @@ when: "matrix_mautrix_twitter_enabled | bool and matrix_mautrix_twitter_container_image_self_build" - name: Ensure Mautrix Twitter Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_twitter_docker_image }}" source: build force_source: "{{ matrix_mautrix_twitter_git_pull_results.changed }}" diff --git a/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml index b58542f7..20dd2cc1 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml @@ -52,7 +52,7 @@ when: item.when | bool - name: Ensure Mautrix Whatsapp image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_whatsapp_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mautrix_whatsapp_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -75,7 +75,7 @@ when: "matrix_mautrix_whatsapp_container_image_self_build | bool" - name: Ensure Mautrix Whatsapp Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_whatsapp_docker_image }}" source: build force_source: "{{ matrix_mautrix_whatsapp_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml index b863b444..715c9e42 100644 --- a/roles/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml @@ -71,7 +71,7 @@ matrix_mx_puppet_discord_requires_restart: true - name: Ensure MX Puppet Discord image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_mx_puppet_discord_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mx_puppet_discord_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -94,7 +94,7 @@ when: "matrix_mx_puppet_discord_enabled | bool and matrix_mx_puppet_discord_container_image_self_build" - name: Ensure MX Puppet Discord Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_mx_puppet_discord_docker_image }}" source: build force_source: "{{ matrix_mx_puppet_discord_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml index f81ae4a0..4e33961b 100644 --- a/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml @@ -69,7 +69,7 @@ matrix_mx_puppet_groupme_requires_restart: true - name: Ensure MX Puppet Groupme image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_mx_puppet_groupme_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mx_puppet_groupme_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -92,7 +92,7 @@ when: "matrix_mx_puppet_groupme_enabled | bool and matrix_mx_puppet_groupme_container_image_self_build" - name: Ensure MX Puppet Groupme Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_mx_puppet_groupme_docker_image }}" source: build force_source: "{{ matrix_mx_puppet_groupme_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml index 600ed63c..7b1a26ee 100644 --- a/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml @@ -38,7 +38,7 @@ matrix_mx_puppet_instagram_requires_restart: true - name: Ensure mx-puppet-instagram image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_mx_puppet_instagram_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mx_puppet_instagram_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -75,7 +75,7 @@ when: "matrix_mx_puppet_instagram_enabled | bool and matrix_mx_puppet_instagram_container_image_self_build | bool" - name: Ensure mx-puppet-instagram Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_mx_puppet_instagram_docker_image }}" source: build force_source: "{{ matrix_mx_puppet_instagram_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml index 9c5ae4fc..db584124 100644 --- a/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml @@ -65,7 +65,7 @@ matrix_mx_puppet_slack_requires_restart: true - name: Ensure MX Puppet Slack image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_mx_puppet_slack_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mx_puppet_slack_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -88,7 +88,7 @@ when: "matrix_mx_puppet_slack_enabled | bool and matrix_mx_puppet_slack_container_image_self_build" - name: Ensure MX Puppet Slack Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_mx_puppet_slack_docker_image }}" source: build force_source: "{{ matrix_mx_puppet_slack_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml index c75566f3..9875dcce 100644 --- a/roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml @@ -69,7 +69,7 @@ matrix_mx_puppet_steam_requires_restart: true - name: Ensure MX Puppet Steam image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_mx_puppet_steam_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mx_puppet_steam_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -92,7 +92,7 @@ when: "matrix_mx_puppet_steam_enabled | bool and matrix_mx_puppet_steam_container_image_self_build" - name: Ensure MX Puppet Steam Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_mx_puppet_steam_docker_image }}" source: build force_source: "{{ matrix_mx_puppet_steam_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml index ed94eae5..87da97b9 100644 --- a/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml @@ -69,7 +69,7 @@ matrix_mx_puppet_twitter_requires_restart: true - name: Ensure MX Puppet Twitter image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_mx_puppet_twitter_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mx_puppet_twitter_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -92,7 +92,7 @@ when: "matrix_mx_puppet_twitter_enabled | bool and matrix_mx_puppet_twitter_container_image_self_build" - name: Ensure MX Puppet Twitter Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_mx_puppet_twitter_docker_image }}" source: build force_source: "{{ matrix_mx_puppet_twitter_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-sms/tasks/setup_install.yml b/roles/matrix-bridge-sms/tasks/setup_install.yml index dcc317ba..b4125e51 100644 --- a/roles/matrix-bridge-sms/tasks/setup_install.yml +++ b/roles/matrix-bridge-sms/tasks/setup_install.yml @@ -1,7 +1,7 @@ --- - name: Ensure matrix-sms-bridge image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_sms_bridge_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" register: result diff --git a/roles/matrix-cactus-comments/tasks/setup_install.yml b/roles/matrix-cactus-comments/tasks/setup_install.yml index ec5311e8..7085290f 100644 --- a/roles/matrix-cactus-comments/tasks/setup_install.yml +++ b/roles/matrix-cactus-comments/tasks/setup_install.yml @@ -31,7 +31,7 @@ mode: 0640 - name: Ensure cactus comments image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_cactus_comments_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_cactus_comments_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -54,7 +54,7 @@ when: "matrix_cactus_comments_container_image_self_build | bool" - name: Ensure cactus comments image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_cactus_comments_docker_image }}" source: build force_source: "{{ matrix_cactus_comments_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-cactus-comments/tasks/setup_uninstall.yml b/roles/matrix-cactus-comments/tasks/setup_uninstall.yml index 011c04b8..3491d912 100644 --- a/roles/matrix-cactus-comments/tasks/setup_uninstall.yml +++ b/roles/matrix-cactus-comments/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure cactus comments Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_cactus_comments_docker_image }}" state: absent diff --git a/roles/matrix-client-cinny/tasks/setup_install.yml b/roles/matrix-client-cinny/tasks/setup_install.yml index 755b872f..a39c7f9d 100644 --- a/roles/matrix-client-cinny/tasks/setup_install.yml +++ b/roles/matrix-client-cinny/tasks/setup_install.yml @@ -12,7 +12,7 @@ when: "item.when | bool" - name: Ensure Cinny Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_client_cinny_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_client_cinny_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -54,7 +54,7 @@ when: "item.src is not none" - name: Ensure Cinny Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_client_cinny_docker_image }}" source: build force_source: "{{ matrix_client_cinny_git_pull_results.changed }}" diff --git a/roles/matrix-client-cinny/tasks/setup_uninstall.yml b/roles/matrix-client-cinny/tasks/setup_uninstall.yml index e6f71b0b..6cc93e1b 100644 --- a/roles/matrix-client-cinny/tasks/setup_uninstall.yml +++ b/roles/matrix-client-cinny/tasks/setup_uninstall.yml @@ -30,6 +30,6 @@ state: absent - name: Ensure Cinny Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_client_cinny_docker_image }}" state: absent diff --git a/roles/matrix-client-element/tasks/setup_install.yml b/roles/matrix-client-element/tasks/setup_install.yml index b21da064..044ed611 100644 --- a/roles/matrix-client-element/tasks/setup_install.yml +++ b/roles/matrix-client-element/tasks/setup_install.yml @@ -13,7 +13,7 @@ when: "item.when | bool" - name: Ensure Element Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_client_element_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_client_element_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -50,7 +50,7 @@ when: "matrix_client_element_container_image_self_build | bool and matrix_client_element_container_image_self_build_low_memory_system_patch_enabled | bool" - name: Ensure Element Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_client_element_docker_image }}" source: build force_source: "{{ matrix_client_element_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-client-element/tasks/setup_uninstall.yml b/roles/matrix-client-element/tasks/setup_uninstall.yml index b3cdd05e..c40a4fc6 100644 --- a/roles/matrix-client-element/tasks/setup_uninstall.yml +++ b/roles/matrix-client-element/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure Element Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_client_element_docker_image }}" state: absent diff --git a/roles/matrix-client-hydrogen/tasks/setup_install.yml b/roles/matrix-client-hydrogen/tasks/setup_install.yml index 4cd445d0..dfd0607b 100644 --- a/roles/matrix-client-hydrogen/tasks/setup_install.yml +++ b/roles/matrix-client-hydrogen/tasks/setup_install.yml @@ -13,7 +13,7 @@ when: "item.when | bool" - name: Ensure Hydrogen Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_client_hydrogen_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_client_hydrogen_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -58,7 +58,7 @@ # This step MUST come after the steps to install the configuration files because the config files # are currently only read at build time, not at run time like most other components in the playbook - name: Ensure Hydrogen Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_client_hydrogen_docker_image }}" source: build force_source: "{{ matrix_client_hydrogen_git_pull_results.changed }}" diff --git a/roles/matrix-client-hydrogen/tasks/setup_uninstall.yml b/roles/matrix-client-hydrogen/tasks/setup_uninstall.yml index d543cbb3..49d2f4ca 100644 --- a/roles/matrix-client-hydrogen/tasks/setup_uninstall.yml +++ b/roles/matrix-client-hydrogen/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure Hydrogen Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_client_hydrogen_docker_image }}" state: absent diff --git a/roles/matrix-conduit/tasks/conduit/setup_install.yml b/roles/matrix-conduit/tasks/conduit/setup_install.yml index ac5be14d..cf8c6657 100644 --- a/roles/matrix-conduit/tasks/conduit/setup_install.yml +++ b/roles/matrix-conduit/tasks/conduit/setup_install.yml @@ -1,6 +1,6 @@ --- - name: Ensure Conduit Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_conduit_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_conduit_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-conduit/tasks/conduit/setup_uninstall.yml b/roles/matrix-conduit/tasks/conduit/setup_uninstall.yml index 3bbbc3a7..1bba9a9e 100644 --- a/roles/matrix-conduit/tasks/conduit/setup_uninstall.yml +++ b/roles/matrix-conduit/tasks/conduit/setup_uninstall.yml @@ -25,6 +25,6 @@ when: "matrix_conduit_service_stat.stat.exists" - name: Ensure Conduit Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_conduit_docker_image }}" state: absent diff --git a/roles/matrix-corporal/tasks/setup_corporal.yml b/roles/matrix-corporal/tasks/setup_corporal.yml index 583c27eb..e4fce897 100644 --- a/roles/matrix-corporal/tasks/setup_corporal.yml +++ b/roles/matrix-corporal/tasks/setup_corporal.yml @@ -29,7 +29,7 @@ when: "matrix_corporal_enabled | bool and matrix_corporal_container_image_self_build | bool" - name: Ensure Matrix Corporal Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_corporal_docker_image }}" source: build force_source: "{{ matrix_corporal_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -41,7 +41,7 @@ when: "matrix_corporal_enabled | bool and matrix_corporal_container_image_self_build | bool" - name: Ensure Matrix Corporal Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_corporal_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_corporal_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -115,7 +115,7 @@ when: "not matrix_corporal_enabled | bool" - name: Ensure Matrix Corporal Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_corporal_docker_image }}" state: absent when: "not matrix_corporal_enabled | bool" diff --git a/roles/matrix-coturn/tasks/setup_install.yml b/roles/matrix-coturn/tasks/setup_install.yml index be9d8574..ef44c073 100644 --- a/roles/matrix-coturn/tasks/setup_install.yml +++ b/roles/matrix-coturn/tasks/setup_install.yml @@ -18,7 +18,7 @@ when: "item.when | bool" - name: Ensure Coturn image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_coturn_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_coturn_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -42,7 +42,7 @@ register: matrix_coturn_git_pull_results - name: Ensure Coturn Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_coturn_docker_image }}" source: build force_source: "{{ matrix_coturn_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -69,7 +69,7 @@ group: "{{ matrix_user_groupname }}" - name: Ensure Coturn network is created in Docker - docker_network: + community.docker.docker_network: name: "{{ matrix_coturn_docker_network }}" driver: bridge diff --git a/roles/matrix-dendrite/tasks/dendrite/setup_install.yml b/roles/matrix-dendrite/tasks/dendrite/setup_install.yml index 3052e101..98090e15 100644 --- a/roles/matrix-dendrite/tasks/dendrite/setup_install.yml +++ b/roles/matrix-dendrite/tasks/dendrite/setup_install.yml @@ -18,7 +18,7 @@ when: "not local_path_media_store_stat.failed and not local_path_media_store_stat.stat.exists" - name: Ensure Dendrite Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_dendrite_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_dendrite_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-dendrite/tasks/dendrite/setup_uninstall.yml b/roles/matrix-dendrite/tasks/dendrite/setup_uninstall.yml index b6d8cfac..6a2ea5b1 100644 --- a/roles/matrix-dendrite/tasks/dendrite/setup_uninstall.yml +++ b/roles/matrix-dendrite/tasks/dendrite/setup_uninstall.yml @@ -25,6 +25,6 @@ when: "matrix_dendrite_service_stat.stat.exists" - name: Ensure Dendrite Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_dendrite_docker_image }}" state: absent diff --git a/roles/matrix-dimension/tasks/setup_install.yml b/roles/matrix-dimension/tasks/setup_install.yml index c5570836..fc476397 100644 --- a/roles/matrix-dimension/tasks/setup_install.yml +++ b/roles/matrix-dimension/tasks/setup_install.yml @@ -87,7 +87,7 @@ group: "{{ matrix_dimension_user_gid }}" - name: Ensure Dimension image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_dimension_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_dimension_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -110,7 +110,7 @@ register: matrix_dimension_git_pull_results - name: Ensure Dimension Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_dimension_docker_image }}" source: build force_source: "{{ matrix_dimension_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-dimension/tasks/setup_uninstall.yml b/roles/matrix-dimension/tasks/setup_uninstall.yml index 3e2026a1..c939e66a 100644 --- a/roles/matrix-dimension/tasks/setup_uninstall.yml +++ b/roles/matrix-dimension/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure Dimension Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_dimension_docker_image }}" state: absent diff --git a/roles/matrix-dynamic-dns/tasks/install.yml b/roles/matrix-dynamic-dns/tasks/install.yml index e83637bf..4be6d9f0 100644 --- a/roles/matrix-dynamic-dns/tasks/install.yml +++ b/roles/matrix-dynamic-dns/tasks/install.yml @@ -1,7 +1,7 @@ --- - name: Ensure Dynamic DNS image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_dynamic_dns_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_dynamic_dns_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -37,7 +37,7 @@ when: "matrix_dynamic_dns_enabled | bool and matrix_dynamic_dns_container_image_self_build | bool" - name: Ensure Dynamic DNS Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_dynamic_dns_docker_image }}" source: build force_source: "{{ matrix_dynamic_dns_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-email2matrix/tasks/setup_install.yml b/roles/matrix-email2matrix/tasks/setup_install.yml index 2a782a1a..a6399a4e 100644 --- a/roles/matrix-email2matrix/tasks/setup_install.yml +++ b/roles/matrix-email2matrix/tasks/setup_install.yml @@ -22,7 +22,7 @@ mode: 0640 - name: Ensure Email2Matrix image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_email2matrix_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_email2matrix_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -45,7 +45,7 @@ when: "matrix_email2matrix_container_image_self_build | bool" - name: Ensure Email2Matrix Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_email2matrix_docker_image }}" source: build force_source: "{{ matrix_email2matrix_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-email2matrix/tasks/setup_uninstall.yml b/roles/matrix-email2matrix/tasks/setup_uninstall.yml index a713a65a..6aec40d2 100644 --- a/roles/matrix-email2matrix/tasks/setup_uninstall.yml +++ b/roles/matrix-email2matrix/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure Email2Matrix Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_email2matrix_docker_image }}" state: absent diff --git a/roles/matrix-etherpad/tasks/setup_install.yml b/roles/matrix-etherpad/tasks/setup_install.yml index 0243e9d7..4974bd47 100644 --- a/roles/matrix-etherpad/tasks/setup_install.yml +++ b/roles/matrix-etherpad/tasks/setup_install.yml @@ -17,7 +17,7 @@ group: "{{ matrix_etherpad_user_gid }}" - name: Ensure Etherpad image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_etherpad_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_etherpad_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-etherpad/tasks/setup_uninstall.yml b/roles/matrix-etherpad/tasks/setup_uninstall.yml index 38697366..1a5d003e 100644 --- a/roles/matrix-etherpad/tasks/setup_uninstall.yml +++ b/roles/matrix-etherpad/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure Etherpad Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_etherpad_docker_image }}" state: absent diff --git a/roles/matrix-grafana/tasks/setup.yml b/roles/matrix-grafana/tasks/setup.yml index 25378ce7..9198ffd8 100644 --- a/roles/matrix-grafana/tasks/setup.yml +++ b/roles/matrix-grafana/tasks/setup.yml @@ -5,7 +5,7 @@ # - name: Ensure matrix-grafana image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_grafana_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_grafana_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-jitsi/tasks/setup_jitsi_jicofo.yml b/roles/matrix-jitsi/tasks/setup_jitsi_jicofo.yml index 8b2ec6a7..5654fe3d 100644 --- a/roles/matrix-jitsi/tasks/setup_jitsi_jicofo.yml +++ b/roles/matrix-jitsi/tasks/setup_jitsi_jicofo.yml @@ -17,7 +17,7 @@ when: matrix_jitsi_enabled | bool and item.when - name: Ensure jitsi-jicofo Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_jitsi_jicofo_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_jitsi_jicofo_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-jitsi/tasks/setup_jitsi_jvb.yml b/roles/matrix-jitsi/tasks/setup_jitsi_jvb.yml index cdb94ebd..9a50f8c6 100644 --- a/roles/matrix-jitsi/tasks/setup_jitsi_jvb.yml +++ b/roles/matrix-jitsi/tasks/setup_jitsi_jvb.yml @@ -17,7 +17,7 @@ when: matrix_jitsi_enabled | bool and item.when - name: Ensure jitsi-jvb Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_jitsi_jvb_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_jitsi_jvb_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-jitsi/tasks/setup_jitsi_prosody.yml b/roles/matrix-jitsi/tasks/setup_jitsi_prosody.yml index 9383b48b..8ba99f91 100644 --- a/roles/matrix-jitsi/tasks/setup_jitsi_prosody.yml +++ b/roles/matrix-jitsi/tasks/setup_jitsi_prosody.yml @@ -18,7 +18,7 @@ when: matrix_jitsi_enabled | bool and item.when - name: Ensure jitsi-prosody Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_jitsi_prosody_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_jitsi_prosody_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-jitsi/tasks/setup_jitsi_web.yml b/roles/matrix-jitsi/tasks/setup_jitsi_web.yml index 1c7daa4b..9326ee61 100644 --- a/roles/matrix-jitsi/tasks/setup_jitsi_web.yml +++ b/roles/matrix-jitsi/tasks/setup_jitsi_web.yml @@ -19,7 +19,7 @@ when: matrix_jitsi_enabled | bool and item.when - name: Ensure jitsi-web Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_jitsi_web_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_jitsi_web_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml b/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml index 87037337..97b7e8eb 100644 --- a/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml +++ b/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml @@ -26,7 +26,7 @@ register: matrix_ldap_registration_proxy_git_pull_results - name: Ensure matrix_ldap_registration_proxy Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_ldap_registration_proxy_docker_image }}" source: build force_source: "{{ matrix_ldap_registration_proxy_git_pull_results.changed }}" diff --git a/roles/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml b/roles/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml index 3225a3ae..96ab0b67 100644 --- a/roles/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml +++ b/roles/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure matrix_ldap_registration_proxy Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_ldap_registration_proxy_docker_image }}" state: absent diff --git a/roles/matrix-ma1sd/tasks/setup_install.yml b/roles/matrix-ma1sd/tasks/setup_install.yml index 5f4b2957..38ff3036 100644 --- a/roles/matrix-ma1sd/tasks/setup_install.yml +++ b/roles/matrix-ma1sd/tasks/setup_install.yml @@ -48,7 +48,7 @@ matrix_ma1sd_requires_restart: true - name: Ensure ma1sd image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_ma1sd_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_ma1sd_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -75,7 +75,7 @@ when: ansible_os_family == 'RedHat' - name: Ensure gradle is installed for self-building (Archlinux) - pacman: + community.general.pacman: name: - gradle state: present @@ -101,7 +101,7 @@ when: matrix_ma1sd_git_pull_results.changed - name: Ensure ma1sd Docker image is tagged correctly - docker_image: + community.docker.docker_image: # The build script always tags the image with 2 tags: # - based on the branch/version: e.g. `ma1uta/ma1sd:2.4.0` (when on `2.4.0`) # or `ma1uta/ma1sd:2.4.0-19-ga71d32b` (when on a given commit for a pre-release) diff --git a/roles/matrix-ma1sd/tasks/setup_uninstall.yml b/roles/matrix-ma1sd/tasks/setup_uninstall.yml index 2bc505b0..0349ec32 100644 --- a/roles/matrix-ma1sd/tasks/setup_uninstall.yml +++ b/roles/matrix-ma1sd/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure ma1sd Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_ma1sd_docker_image }}" state: absent diff --git a/roles/matrix-mailer/tasks/setup_mailer.yml b/roles/matrix-mailer/tasks/setup_mailer.yml index 2ab39df5..36ec8016 100644 --- a/roles/matrix-mailer/tasks/setup_mailer.yml +++ b/roles/matrix-mailer/tasks/setup_mailer.yml @@ -35,7 +35,7 @@ when: "matrix_mailer_enabled | bool and matrix_mailer_container_image_self_build | bool" - name: Ensure exim-relay Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_mailer_docker_image }}" source: build force_source: "{{ matrix_mailer_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -47,7 +47,7 @@ when: "matrix_mailer_enabled | bool and matrix_mailer_container_image_self_build | bool" - name: Ensure exim-relay image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_mailer_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mailer_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -108,7 +108,7 @@ when: "not matrix_mailer_enabled | bool" - name: Ensure mailer Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_mailer_docker_image }}" state: absent when: "not matrix_mailer_enabled | bool" diff --git a/roles/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml b/roles/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml index c2215eba..6129a49f 100644 --- a/roles/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml +++ b/roles/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml @@ -18,7 +18,7 @@ - when: matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_username != '' block: - name: Ensure Apache Docker image is pulled for generating matrix-metrics-htpasswd from username/password (protecting /metrics/* URIs) - docker_image: + community.docker.docker_image: name: "{{ matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_apache_container_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_apache_container_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml b/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml index 4d93e769..11a1cc06 100644 --- a/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml +++ b/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml @@ -193,7 +193,7 @@ # Tasks related to setting up matrix-nginx-proxy # - name: Ensure nginx Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_nginx_proxy_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_nginx_proxy_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml index 62430f4b..b212752c 100644 --- a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml +++ b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml @@ -22,7 +22,7 @@ ansible.builtin.import_tasks: "{{ role_path }}/tasks/ssl/purge_ssl_lets_encrypt_orphaned_configs.yml" - name: Ensure certbot Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_ssl_lets_encrypt_certbot_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_ssl_lets_encrypt_certbot_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-ntfy/tasks/setup_install.yml b/roles/matrix-ntfy/tasks/setup_install.yml index 9afabc4c..ef50c42a 100644 --- a/roles/matrix-ntfy/tasks/setup_install.yml +++ b/roles/matrix-ntfy/tasks/setup_install.yml @@ -1,7 +1,7 @@ --- - name: Ensure matrix-ntfy image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_ntfy_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_ntfy_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-ntfy/tasks/setup_uninstall.yml b/roles/matrix-ntfy/tasks/setup_uninstall.yml index f6d9cc8a..d5da1d8e 100644 --- a/roles/matrix-ntfy/tasks/setup_uninstall.yml +++ b/roles/matrix-ntfy/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure ntfy Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_ntfy_docker_image }}" state: absent diff --git a/roles/matrix-postgres-backup/tasks/setup_postgres_backup.yml b/roles/matrix-postgres-backup/tasks/setup_postgres_backup.yml index a6246757..2518326a 100644 --- a/roles/matrix-postgres-backup/tasks/setup_postgres_backup.yml +++ b/roles/matrix-postgres-backup/tasks/setup_postgres_backup.yml @@ -17,7 +17,7 @@ when: matrix_postgres_backup_enabled | bool - name: Ensure postgres backup Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_postgres_backup_docker_image_to_use }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_postgres_backup_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml b/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml index dd75fb17..215d36c1 100644 --- a/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml +++ b/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml @@ -61,7 +61,7 @@ replace: 'FROM debian:bullseye-slim' - name: Ensure pgloader Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_postgres_pgloader_docker_image }}" source: build force_source: "{{ matrix_postgres_pgloader_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -72,7 +72,7 @@ pull: true - name: Ensure pgloader Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_postgres_pgloader_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_postgres_pgloader_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-postgres/tasks/setup_postgres.yml b/roles/matrix-postgres/tasks/setup_postgres.yml index 49eb3249..9efc73a6 100644 --- a/roles/matrix-postgres/tasks/setup_postgres.yml +++ b/roles/matrix-postgres/tasks/setup_postgres.yml @@ -37,7 +37,7 @@ # Even if we don't run the internal server, we still need this for running the CLI - name: Ensure postgres Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_postgres_docker_image_to_use }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_postgres_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-prometheus-node-exporter/tasks/setup.yml b/roles/matrix-prometheus-node-exporter/tasks/setup.yml index 0c6e77fc..370b23d1 100644 --- a/roles/matrix-prometheus-node-exporter/tasks/setup.yml +++ b/roles/matrix-prometheus-node-exporter/tasks/setup.yml @@ -5,7 +5,7 @@ # - name: Ensure matrix-prometheus-node-exporter image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_prometheus_node_exporter_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_prometheus_node_exporter_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-prometheus-postgres-exporter/tasks/setup.yml b/roles/matrix-prometheus-postgres-exporter/tasks/setup.yml index 00a61df6..dda614da 100644 --- a/roles/matrix-prometheus-postgres-exporter/tasks/setup.yml +++ b/roles/matrix-prometheus-postgres-exporter/tasks/setup.yml @@ -5,7 +5,7 @@ # - name: Ensure matrix-prometheus-postgres-exporter image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_prometheus_postgres_exporter_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_prometheus_postgres_exporter_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-prometheus/tasks/setup_install.yml b/roles/matrix-prometheus/tasks/setup_install.yml index c3aeaa7a..928b1ab5 100644 --- a/roles/matrix-prometheus/tasks/setup_install.yml +++ b/roles/matrix-prometheus/tasks/setup_install.yml @@ -1,7 +1,7 @@ --- - name: Ensure matrix-prometheus image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_prometheus_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_prometheus_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-redis/tasks/setup_redis.yml b/roles/matrix-redis/tasks/setup_redis.yml index 7dd7ea9f..f3b047c0 100644 --- a/roles/matrix-redis/tasks/setup_redis.yml +++ b/roles/matrix-redis/tasks/setup_redis.yml @@ -5,7 +5,7 @@ # - name: Ensure redis Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_redis_docker_image_to_use }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_redis_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-registration/tasks/setup_install.yml b/roles/matrix-registration/tasks/setup_install.yml index 6b895d69..2f630ef0 100644 --- a/roles/matrix-registration/tasks/setup_install.yml +++ b/roles/matrix-registration/tasks/setup_install.yml @@ -48,7 +48,7 @@ when: "item.when | bool" - name: Ensure matrix-registration image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_registration_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_registration_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -79,7 +79,7 @@ when: "matrix_registration_container_image_self_build | bool and matrix_registration_container_image_self_build_python_dependencies_patch_enabled | bool" - name: Ensure matrix-registration Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_registration_docker_image }}" source: build force_source: "{{ matrix_registration_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-registration/tasks/setup_uninstall.yml b/roles/matrix-registration/tasks/setup_uninstall.yml index e3d713dc..70e4fe97 100644 --- a/roles/matrix-registration/tasks/setup_uninstall.yml +++ b/roles/matrix-registration/tasks/setup_uninstall.yml @@ -26,6 +26,6 @@ when: "matrix_registration_service_stat.stat.exists | bool" - name: Ensure matrix-registration Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_registration_docker_image }}" state: absent diff --git a/roles/matrix-sygnal/tasks/setup_install.yml b/roles/matrix-sygnal/tasks/setup_install.yml index 8f5f6937..e5c41bf0 100644 --- a/roles/matrix-sygnal/tasks/setup_install.yml +++ b/roles/matrix-sygnal/tasks/setup_install.yml @@ -1,7 +1,7 @@ --- - name: Ensure Sygnal image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_sygnal_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_sygnal_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-sygnal/tasks/setup_uninstall.yml b/roles/matrix-sygnal/tasks/setup_uninstall.yml index eff4a74b..dc752def 100644 --- a/roles/matrix-sygnal/tasks/setup_uninstall.yml +++ b/roles/matrix-sygnal/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure Sygnal Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_sygnal_docker_image }}" state: absent diff --git a/roles/matrix-synapse-admin/tasks/setup.yml b/roles/matrix-synapse-admin/tasks/setup.yml index 66021272..1dfa68a2 100644 --- a/roles/matrix-synapse-admin/tasks/setup.yml +++ b/roles/matrix-synapse-admin/tasks/setup.yml @@ -5,7 +5,7 @@ # - name: Ensure matrix-synapse-admin image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_synapse_admin_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_synapse_admin_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -28,7 +28,7 @@ when: "matrix_synapse_admin_enabled | bool and matrix_synapse_admin_container_image_self_build | bool" - name: Ensure matrix-synapse-admin Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_synapse_admin_docker_image }}" source: build force_source: "{{ matrix_synapse_admin_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -82,7 +82,7 @@ when: "not matrix_synapse_admin_enabled | bool and matrix_synapse_admin_service_stat.stat.exists" - name: Ensure matrix-synapse-admin Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_synapse_admin_docker_image }}" state: absent when: "not matrix_synapse_admin_enabled | bool" diff --git a/roles/matrix-synapse/tasks/ext/mjolnir-antispam/setup_install.yml b/roles/matrix-synapse/tasks/ext/mjolnir-antispam/setup_install.yml index 3869f1aa..117fb757 100644 --- a/roles/matrix-synapse/tasks/ext/mjolnir-antispam/setup_install.yml +++ b/roles/matrix-synapse/tasks/ext/mjolnir-antispam/setup_install.yml @@ -17,7 +17,7 @@ when: "ansible_os_family == 'Debian'" - name: Ensure git installed (Archlinux) - pacman: + community.general.pacman: name: - git state: present diff --git a/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml b/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml index 34a7a7e0..dd3ff2d3 100644 --- a/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml +++ b/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml @@ -22,7 +22,7 @@ when: "ansible_os_family == 'Debian'" - name: Ensure git installed (Archlinux) - pacman: + community.general.pacman: name: - git state: present diff --git a/roles/matrix-synapse/tasks/goofys/setup_install.yml b/roles/matrix-synapse/tasks/goofys/setup_install.yml index e3c34150..01eee8b8 100644 --- a/roles/matrix-synapse/tasks/goofys/setup_install.yml +++ b/roles/matrix-synapse/tasks/goofys/setup_install.yml @@ -3,7 +3,7 @@ - ansible.builtin.import_tasks: "{{ role_path }}/../matrix-base/tasks/util/ensure_fuse_installed.yml" - name: Ensure Goofys Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_s3_goofys_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_s3_goofys_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-synapse/tasks/goofys/setup_uninstall.yml b/roles/matrix-synapse/tasks/goofys/setup_uninstall.yml index da78003f..1e9f166d 100644 --- a/roles/matrix-synapse/tasks/goofys/setup_uninstall.yml +++ b/roles/matrix-synapse/tasks/goofys/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure Goofys Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_s3_goofys_docker_image }}" state: absent diff --git a/roles/matrix-synapse/tasks/import_media_store.yml b/roles/matrix-synapse/tasks/import_media_store.yml index 36ab9779..740eb510 100644 --- a/roles/matrix-synapse/tasks/import_media_store.yml +++ b/roles/matrix-synapse/tasks/import_media_store.yml @@ -51,7 +51,7 @@ # This can only work with local files, not if the media store is on Amazon S3, # as it won't be accessible in such a case. - name: Ensure provided media store directory is synchronized - synchronize: + ansible.builtin.synchronize: src: "{{ server_path_media_store }}/" dest: "{{ matrix_synapse_media_store_path }}" delete: true diff --git a/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml b/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml index 80c25f7f..c8138c0b 100644 --- a/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml +++ b/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml @@ -43,7 +43,7 @@ group: "{{ matrix_user_groupname }}" - name: Ensure rust-synapse-compress-state image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_synapse_rust_synapse_compress_state_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_synapse_rust_synapse_compress_state_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-synapse/tasks/synapse/setup_install.yml b/roles/matrix-synapse/tasks/synapse/setup_install.yml index 4d0e749f..86395db2 100644 --- a/roles/matrix-synapse/tasks/synapse/setup_install.yml +++ b/roles/matrix-synapse/tasks/synapse/setup_install.yml @@ -51,7 +51,7 @@ when: "matrix_synapse_git_pull_results.changed | bool or matrix_synapse_docker_image_check_result.stdout == ''" - name: Ensure Synapse Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_synapse_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_synapse_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -73,7 +73,7 @@ mode: 0640 - name: Ensure customized Docker image for Synapse is built - docker_image: + community.docker.docker_image: name: "{{ matrix_synapse_docker_image_customized }}" source: build build: diff --git a/roles/matrix-synapse/tasks/synapse/setup_uninstall.yml b/roles/matrix-synapse/tasks/synapse/setup_uninstall.yml index 06e55014..ac79f370 100644 --- a/roles/matrix-synapse/tasks/synapse/setup_uninstall.yml +++ b/roles/matrix-synapse/tasks/synapse/setup_uninstall.yml @@ -26,7 +26,7 @@ when: "matrix_synapse_service_stat.stat.exists" - name: Ensure Synapse Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ item }}" state: absent with_items: From 7fb45a507d2abf0d34670dd72a342f3fd9bcfa75 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 28 Oct 2022 17:39:53 +0300 Subject: [PATCH 476/562] Make --tags=run-postgres-vacuum and --tags=upgrade-postgres not assume Synapse Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2211 --- group_vars/matrix_servers | 5 +++++ roles/matrix-postgres/defaults/main.yml | 4 ++++ roles/matrix-postgres/tasks/run_vacuum.yml | 11 ++++++----- roles/matrix-postgres/tasks/upgrade_postgres.yml | 11 +++++++---- 4 files changed, 22 insertions(+), 9 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index d4464df9..18aa553c 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -2112,6 +2112,11 @@ matrix_postgres_additional_databases: | }} +matrix_postgres_systemd_services_to_stop_for_maintenance_list: | + {{ + ['matrix-' + matrix_homeserver_implementation + '.service'] + }} + ###################################################################### # # /matrix-postgres diff --git a/roles/matrix-postgres/defaults/main.yml b/roles/matrix-postgres/defaults/main.yml index 7b0660bb..fe469f16 100644 --- a/roles/matrix-postgres/defaults/main.yml +++ b/roles/matrix-postgres/defaults/main.yml @@ -15,6 +15,10 @@ matrix_postgres_db_name: "matrix" matrix_postgres_base_path: "{{ matrix_base_data_path }}/postgres" matrix_postgres_data_path: "{{ matrix_postgres_base_path }}/data" +# matrix_postgres_systemd_services_to_stop_for_maintenance_list specifies the list of systemd services to stop before vacuuming or upgrading. +# These services will be restarted after the operation completes. +matrix_postgres_systemd_services_to_stop_for_maintenance_list: [] + matrix_postgres_architecture: amd64 # matrix_postgres_docker_image_suffix controls whether we use Alpine-based images (`-alpine`) or the normal Debian-based images. diff --git a/roles/matrix-postgres/tasks/run_vacuum.yml b/roles/matrix-postgres/tasks/run_vacuum.yml index 43959982..97dec022 100644 --- a/roles/matrix-postgres/tasks/run_vacuum.yml +++ b/roles/matrix-postgres/tasks/run_vacuum.yml @@ -67,11 +67,12 @@ - ansible.builtin.set_fact: matrix_postgres_synapse_was_running: "{{ ansible_facts.services['matrix-synapse.service'] | default(none) is not none and ansible_facts.services['matrix-synapse.service'].state == 'running' }}" -- name: Ensure matrix-synapse is stopped +- name: Ensure services are stopped ansible.builtin.service: - name: matrix-synapse + name: "{{ item }}" state: stopped daemon_reload: true + with_items: "{{ matrix_postgres_systemd_services_to_stop_for_maintenance_list }}" - name: Run Postgres vacuum command ansible.builtin.command: "{{ matrix_postgres_vacuum_command }}" @@ -85,9 +86,9 @@ - ansible.builtin.debug: var: "matrix_postgres_synapse_vacuum_result" -- name: Ensure matrix-synapse is started, if it previously was +- name: Ensure services are started ansible.builtin.service: - name: matrix-synapse + name: "{{ item }}" state: started daemon_reload: true - when: "matrix_postgres_synapse_was_running | bool" + with_items: "{{ matrix_postgres_systemd_services_to_stop_for_maintenance_list }}" diff --git a/roles/matrix-postgres/tasks/upgrade_postgres.yml b/roles/matrix-postgres/tasks/upgrade_postgres.yml index 2f228a4c..3d22407c 100644 --- a/roles/matrix-postgres/tasks/upgrade_postgres.yml +++ b/roles/matrix-postgres/tasks/upgrade_postgres.yml @@ -55,10 +55,12 @@ - ansible.builtin.debug: msg: "Upgrading database from {{ matrix_postgres_detected_version_corresponding_docker_image }} to {{ matrix_postgres_docker_image_latest }}" -- name: Ensure matrix-synapse is stopped +- name: Ensure services are stopped ansible.builtin.service: - name: matrix-synapse + name: "{{ item }}" state: stopped + daemon_reload: true + with_items: "{{ matrix_postgres_systemd_services_to_stop_for_maintenance_list }}" - name: Ensure matrix-postgres is started ansible.builtin.service: @@ -175,11 +177,12 @@ path: "{{ postgres_dump_dir }}/{{ postgres_dump_name }}" state: absent -- name: Ensure matrix-synapse is started +- name: Ensure services are started ansible.builtin.service: - name: matrix-synapse + name: "{{ item }}" state: started daemon_reload: true + with_items: "{{ matrix_postgres_systemd_services_to_stop_for_maintenance_list }}" - ansible.builtin.debug: msg: "NOTE: Your old Postgres data directory is preserved at `{{ postgres_auto_upgrade_backup_data_path }}`. You might want to get rid of it once you've confirmed that all is well." From 30180048c3b6f797617ddf7f12c20b00db14e5b1 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 28 Oct 2022 19:43:44 +0300 Subject: [PATCH 477/562] Upgrade Synapse (v1.69.0 -> v1.70.1) --- roles/matrix-synapse/defaults/main.yml | 2 +- roles/matrix-synapse/vars/workers.yml | 38 +++++++++++++++++--------- 2 files changed, 26 insertions(+), 14 deletions(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 5e5867eb..2028d8b7 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -36,7 +36,7 @@ matrix_synapse_container_image_customizations_dockerfile_body_custom: '' matrix_synapse_docker_image: "{{ matrix_synapse_docker_image_name_prefix }}matrixdotorg/synapse:{{ matrix_synapse_docker_image_tag }}" matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_container_image_self_build else matrix_container_global_registry_prefix }}" -matrix_synapse_version: v1.69.0 +matrix_synapse_version: v1.70.1 matrix_synapse_docker_image_tag: "{{ matrix_synapse_version }}" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" diff --git a/roles/matrix-synapse/vars/workers.yml b/roles/matrix-synapse/vars/workers.yml index bc49e835..2598caa6 100644 --- a/roles/matrix-synapse/vars/workers.yml +++ b/roles/matrix-synapse/vars/workers.yml @@ -43,6 +43,8 @@ matrix_synapse_workers_generic_worker_endpoints: - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/members$ - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state$ - ^/_matrix/client/v1/rooms/.*/hierarchy$ + - ^/_matrix/client/(v1|unstable)/rooms/.*/relations/ + - ^/_matrix/client/v1/rooms/.*/threads$ - ^/_matrix/client/unstable/org.matrix.msc2716/rooms/.*/batch_send$ - ^/_matrix/client/unstable/im.nheko.summary/rooms/.*/summary$ - ^/_matrix/client/(r0|v3|unstable)/account/3pid$ @@ -136,8 +138,9 @@ matrix_synapse_workers_generic_worker_endpoints: # [#7530](https://github.com/matrix-org/synapse/issues/7530) and # [#9427](https://github.com/matrix-org/synapse/issues/9427). - # Note that a HTTP listener with `client` and `federation` resources must be - # configured in the `worker_listeners` option in the worker config. + # Note that a [HTTP listener](usage/configuration/config_documentation.md#listeners) + # with `client` and `federation` `resources` must be configured in the `worker_listeners` + # option in the worker config. # #### Load balancing @@ -177,7 +180,8 @@ matrix_synapse_workers_generic_worker_endpoints: # Additionally, the writing of specific streams (such as events) can be moved off # of the main process to a particular worker. - # To enable this, the worker must have a HTTP replication listener configured, + # To enable this, the worker must have a + # [HTTP `replication` listener](usage/configuration/config_documentation.md#listeners) configured, # have a `worker_name` and be listed in the `instance_map` config. The same worker # can handle multiple streams, but unless otherwise documented, each stream can only # have a single writer. @@ -266,7 +270,7 @@ matrix_synapse_workers_generic_worker_endpoints: # There is also support for moving background tasks to a separate # worker. Background tasks are run periodically or started via replication. Exactly # which tasks are configured to run depends on your Synapse configuration (e.g. if - # stats is enabled). + # stats is enabled). This worker doesn't handle any REST endpoints itself. # To enable this, the worker must have a `worker_name` and can be configured to run # background tasks. For example, to move background tasks to a dedicated worker, @@ -314,8 +318,8 @@ matrix_synapse_workers_generic_worker_endpoints: # #### Notifying Application Services # You can designate one generic worker to send output traffic to Application Services. - - # Specify its name in the shared configuration as follows: + # Doesn't handle any REST endpoints itself, but you should specify its name in the + # shared configuration as follows: # ```yaml # notify_appservices_from_worker: worker_name @@ -342,6 +346,12 @@ matrix_synapse_workers_generic_worker_endpoints: # - pusher_worker2 # ``` + # An example for a pusher instance: + + # ```yaml + # {{#include systemd-with-workers/workers/pusher_worker.yaml}} + # ``` + # ] # appservice worker (no API endpoints) [ @@ -371,6 +381,12 @@ matrix_synapse_workers_generic_worker_endpoints: # - federation_sender1 # - federation_sender2 # ``` + + # An example for a federation sender instance: + + # ```yaml + # {{#include systemd-with-workers/workers/federation_sender.yaml}} + # ``` # ] matrix_synapse_workers_media_repository_endpoints: @@ -392,16 +408,12 @@ matrix_synapse_workers_media_repository_endpoints: # media repository. Note that doing so will prevent the main process from being # able to handle the above endpoints. - # In the `media_repository` worker configuration file, configure the http listener to + # In the `media_repository` worker configuration file, configure the + # [HTTP listener](usage/configuration/config_documentation.md#listeners) to # expose the `media` resource. For example: # ```yaml - # worker_listeners: - # - type: http - # port: 8085 - # resources: - # - names: - # - media + # {{#include systemd-with-workers/workers/media_worker.yaml}} # ``` # Note that if running multiple media repositories they must be on the same server From e25464409dbc59e53d181ebcb41c37e3bf473e4e Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Fri, 28 Oct 2022 20:53:48 +0000 Subject: [PATCH 478/562] Update mautrix-signal 0.4.0 -> 0.4.1 ref: https://github.com/mautrix/signal/releases/tag/v0.4.1 --- roles/matrix-bridge-mautrix-signal/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-signal/defaults/main.yml b/roles/matrix-bridge-mautrix-signal/defaults/main.yml index 83b0a5ce..24ba9b39 100644 --- a/roles/matrix-bridge-mautrix-signal/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-signal/defaults/main.yml @@ -9,7 +9,7 @@ matrix_mautrix_signal_docker_repo: "https://mau.dev/mautrix/signal.git" matrix_mautrix_signal_docker_repo_version: "{{ 'master' if matrix_mautrix_signal_version == 'latest' else matrix_mautrix_signal_version }}" matrix_mautrix_signal_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-signal/docker-src" -matrix_mautrix_signal_version: v0.4.0 +matrix_mautrix_signal_version: v0.4.1 matrix_mautrix_signal_daemon_version: 0.23.0 # See: https://mau.dev/mautrix/signal/container_registry matrix_mautrix_signal_docker_image: "dock.mau.dev/mautrix/signal:{{ matrix_mautrix_signal_version }}" From 80e57417f497c3c37d53daa04f8ef6b010b96e19 Mon Sep 17 00:00:00 2001 From: ikkemaniac Date: Sun, 19 Jun 2022 11:30:28 +0200 Subject: [PATCH 479/562] To recover from a failure or allow to quickly reset to known state we need to know with what playbook-commit the sever is installed. This commit saves the GIT hash/status when we run the playbook in a file called git_hash.yml. It also backs up that file by copying it to the target machine. --- roles/matrix-base/defaults/main.yml | 4 ++ roles/matrix-base/tasks/setup_matrix_base.yml | 53 +++++++++++++++++++ 2 files changed, 57 insertions(+) diff --git a/roles/matrix-base/defaults/main.yml b/roles/matrix-base/defaults/main.yml index eccda626..9213c661 100644 --- a/roles/matrix-base/defaults/main.yml +++ b/roles/matrix-base/defaults/main.yml @@ -298,3 +298,7 @@ run_setup: true run_self_check: true run_start: true run_stop: true + +# Saves the git hash in a file called git_hash.yml +# Set this to false if GIT is not installed on the local system (the system where the ansible command is run on) +git_save_hash: true \ No newline at end of file diff --git a/roles/matrix-base/tasks/setup_matrix_base.yml b/roles/matrix-base/tasks/setup_matrix_base.yml index 6eebe3c0..5d3c5820 100644 --- a/roles/matrix-base/tasks/setup_matrix_base.yml +++ b/roles/matrix-base/tasks/setup_matrix_base.yml @@ -19,6 +19,59 @@ mode: '0660' when: "matrix_vars_yml_snapshotting_enabled | bool" +- name: Save current git-repo status on the target to aid with restoring in case of problems + block: + - name: Get local git hash + delegate_to: 127.0.0.1 + become: false + register: git_describe + shell: + git describe + --always + --tags + --dirty + --long + --all + + - set_fact: + git_hash: "{{ git_describe.stdout }}" + + - name: Git hash + debug: + msg: "Git hash: {{ git_hash }}" + + - name: Save git hash in git_hash.yml + become: false + local_action: + copy + content="git_hash_last_run{{ ":" }} {{ git_hash }}\n" + dest="{{ matrix_vars_yml_snapshotting_src }}/git_hash.yml" + + - name: Copy git_hash.yml file to target + copy: + src: "{{ matrix_vars_yml_snapshotting_src }}/git_hash.yml" + dest: "{{ matrix_base_data_path }}/git_hash.yml" + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + mode: '0660' + + rescue: + - name: GIT not found error + ansible.builtin.debug: + msg: >- + Couldn't find GIT on the local machine. Continuing without saving the GIT hash. + You can disable saving the GIT hash by setting 'git_save_hash: false' in vars.yml + when: "git_describe.stderr.find('not found') != -1" + + - name: GIT hash error + ansible.builtin.fail: + msg: >- + Error when trying to get the GIT hash. + You can disable saving the GIT hash by setting 'git_save_hash: false' in vars.yml + when: "git_describe.stderr.find('not found') == -1" + + when: "matrix_vars_yml_snapshotting_enabled|bool and git_save_hash|bool" + - name: Ensure Matrix network is created in Docker community.docker.docker_network: name: "{{ matrix_docker_network }}" From ab398276af1d1b82c685a2cbd3f017f4cac2683a Mon Sep 17 00:00:00 2001 From: Stefan Warnat Date: Sun, 30 Oct 2022 00:55:36 +0200 Subject: [PATCH 480/562] Always use resolver variable in nginx conf.d files --- .../nginx/conf.d/matrix-base-domain.conf.j2 | 2 +- .../nginx/conf.d/matrix-bot-buscarron.conf.j2 | 4 ++-- .../nginx/conf.d/matrix-bot-go-neb.conf.j2 | 4 ++-- .../nginx/conf.d/matrix-client-cinny.conf.j2 | 4 ++-- .../nginx/conf.d/matrix-client-element.conf.j2 | 4 ++-- .../nginx/conf.d/matrix-client-hydrogen.conf.j2 | 4 ++-- .../templates/nginx/conf.d/matrix-conduit.conf.j2 | 4 ++-- .../templates/nginx/conf.d/matrix-dendrite.conf.j2 | 4 ++-- .../nginx/conf.d/matrix-dimension.conf.j2 | 4 ++-- .../templates/nginx/conf.d/matrix-domain.conf.j2 | 14 +++++++------- .../templates/nginx/conf.d/matrix-grafana.conf.j2 | 4 ++-- .../templates/nginx/conf.d/matrix-jitsi.conf.j2 | 8 ++++---- .../templates/nginx/conf.d/matrix-ntfy.conf.j2 | 4 ++-- .../templates/nginx/conf.d/matrix-riot-web.conf.j2 | 2 +- .../templates/nginx/conf.d/matrix-sygnal.conf.j2 | 4 ++-- .../templates/nginx/conf.d/matrix-synapse.conf.j2 | 4 ++-- 16 files changed, 37 insertions(+), 37 deletions(-) diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-base-domain.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-base-domain.conf.j2 index 3aff997d..44978dc4 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-base-domain.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-base-domain.conf.j2 @@ -45,7 +45,7 @@ server { location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-certbot:8080"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-buscarron.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-buscarron.conf.j2 index 0ce1473b..4f0fd4a8 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-buscarron.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-buscarron.conf.j2 @@ -24,7 +24,7 @@ location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-bot-buscarron:8080"; proxy_pass http://$backend; {% else %} @@ -51,7 +51,7 @@ server { location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-certbot:8080"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-go-neb.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-go-neb.conf.j2 index e5589f55..a62ddfc8 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-go-neb.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-go-neb.conf.j2 @@ -18,7 +18,7 @@ location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-bot-go-neb:4050"; proxy_pass http://$backend; {% else %} @@ -44,7 +44,7 @@ server { location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-certbot:8080"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-cinny.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-cinny.conf.j2 index df66349f..2ec6eb1b 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-cinny.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-cinny.conf.j2 @@ -24,7 +24,7 @@ location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-client-cinny:8080"; proxy_pass http://$backend; {% else %} @@ -51,7 +51,7 @@ server { location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-certbot:8080"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-element.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-element.conf.j2 index dea91b21..0beeae52 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-element.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-element.conf.j2 @@ -26,7 +26,7 @@ location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-client-element:8080"; proxy_pass http://$backend; {% else %} @@ -53,7 +53,7 @@ server { location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-certbot:8080"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-hydrogen.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-hydrogen.conf.j2 index e9428c55..7a2e9dfa 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-hydrogen.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-hydrogen.conf.j2 @@ -24,7 +24,7 @@ location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-client-hydrogen:8080"; proxy_pass http://$backend; {% else %} @@ -51,7 +51,7 @@ server { location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-certbot:8080"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-conduit.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-conduit.conf.j2 index 2106acc4..6e7aca79 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-conduit.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-conduit.conf.j2 @@ -28,7 +28,7 @@ server { location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "{{ matrix_nginx_proxy_proxy_conduit_client_api_addr_with_container }}"; proxy_pass http://$backend; {% else %} @@ -59,7 +59,7 @@ server { location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "{{ matrix_nginx_proxy_proxy_conduit_federation_api_addr_with_container }}"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dendrite.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dendrite.conf.j2 index 939156a3..10eccf37 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dendrite.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dendrite.conf.j2 @@ -28,7 +28,7 @@ server { location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "{{ matrix_nginx_proxy_proxy_dendrite_client_api_addr_with_container }}"; proxy_pass http://$backend; {% else %} @@ -59,7 +59,7 @@ server { location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "{{ matrix_nginx_proxy_proxy_dendrite_federation_api_addr_with_container }}"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dimension.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dimension.conf.j2 index 07347be6..730fc4c1 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dimension.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dimension.conf.j2 @@ -21,7 +21,7 @@ location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-dimension:8184"; proxy_pass http://$backend; {% else %} @@ -47,7 +47,7 @@ server { location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-certbot:8080"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 index 2895ba14..63d45bc6 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 @@ -62,7 +62,7 @@ location ^~ /_matrix/corporal { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "{{ matrix_nginx_proxy_proxy_matrix_corporal_api_addr_with_container }}"; proxy_pass http://$backend; {% else %} @@ -80,7 +80,7 @@ location ^~ /_matrix/identity { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "{{ matrix_nginx_proxy_proxy_matrix_identity_api_addr_with_container }}"; proxy_pass http://$backend; {% else %} @@ -98,7 +98,7 @@ location ^~ /_matrix/client/r0/user_directory/search { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "{{ matrix_nginx_proxy_proxy_matrix_user_directory_search_addr_with_container }}"; proxy_pass http://$backend; {% else %} @@ -115,7 +115,7 @@ location ~ ^/_matrix/client/r0/register/(email|msisdn)/requestToken$ { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "{{ matrix_nginx_proxy_proxy_matrix_3pid_registration_addr_with_container }}"; proxy_pass http://$backend; {% else %} @@ -140,7 +140,7 @@ location ~* ^({{ matrix_nginx_proxy_proxy_matrix_client_api_forwarded_location_prefix_regexes|join('|') }}) { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "{{ matrix_nginx_proxy_proxy_matrix_client_api_addr_with_container }}"; proxy_pass http://$backend; {% else %} @@ -185,7 +185,7 @@ server { location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-certbot:8080"; proxy_pass http://$backend; {% else %} @@ -288,7 +288,7 @@ server { location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "{{ matrix_nginx_proxy_proxy_matrix_federation_api_addr_with_container }}"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-grafana.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-grafana.conf.j2 index def67f66..09418044 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-grafana.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-grafana.conf.j2 @@ -28,7 +28,7 @@ location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-grafana:3000"; proxy_pass http://$backend; {% else %} @@ -55,7 +55,7 @@ server { location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-certbot:8080"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-jitsi.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-jitsi.conf.j2 index 54b8ea43..aa4b6b44 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-jitsi.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-jitsi.conf.j2 @@ -21,7 +21,7 @@ location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-jitsi-web:80"; proxy_pass http://$backend; {% else %} @@ -36,7 +36,7 @@ # colibri (JVB) websockets location ~ ^/colibri-ws/([a-zA-Z0-9-\.]+)/(.*) { {% if matrix_nginx_proxy_enabled %} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-jitsi-jvb:9090"; proxy_pass http://$backend; {% else %} @@ -57,7 +57,7 @@ # XMPP websocket location = /xmpp-websocket { {% if matrix_nginx_proxy_enabled %} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend {{ matrix_jitsi_xmpp_bosh_url_base }}; proxy_pass $backend/xmpp-websocket; {% else %} @@ -89,7 +89,7 @@ server { location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-certbot:8080"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-ntfy.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-ntfy.conf.j2 index ae100eda..fbae47e1 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-ntfy.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-ntfy.conf.j2 @@ -20,7 +20,7 @@ location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-ntfy:8080"; proxy_pass http://$backend; {% else %} @@ -49,7 +49,7 @@ server { location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-certbot:8080"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-riot-web.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-riot-web.conf.j2 index 5bcbeba5..99026913 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-riot-web.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-riot-web.conf.j2 @@ -36,7 +36,7 @@ server { location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-certbot:8080"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-sygnal.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-sygnal.conf.j2 index 0f33c0a7..e3c6a461 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-sygnal.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-sygnal.conf.j2 @@ -19,7 +19,7 @@ location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-sygnal:6000"; proxy_pass http://$backend; {% else %} @@ -46,7 +46,7 @@ server { location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-certbot:8080"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 index 1d6f2106..da189329 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 @@ -150,7 +150,7 @@ server { location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "{{ matrix_nginx_proxy_proxy_synapse_client_api_addr_with_container }}"; proxy_pass http://$backend; {% else %} @@ -211,7 +211,7 @@ server { location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "{{ matrix_nginx_proxy_proxy_synapse_federation_api_addr_with_container }}"; proxy_pass http://$backend; {% else %} From 678dfc6dc3afe990fc71decf65260115458371bc Mon Sep 17 00:00:00 2001 From: ikkemaniac Date: Sun, 30 Oct 2022 14:00:04 +0100 Subject: [PATCH 481/562] Rename var --- roles/matrix-base/defaults/main.yml | 2 +- roles/matrix-base/tasks/setup_matrix_base.yml | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/matrix-base/defaults/main.yml b/roles/matrix-base/defaults/main.yml index 9213c661..22d89c23 100644 --- a/roles/matrix-base/defaults/main.yml +++ b/roles/matrix-base/defaults/main.yml @@ -301,4 +301,4 @@ run_stop: true # Saves the git hash in a file called git_hash.yml # Set this to false if GIT is not installed on the local system (the system where the ansible command is run on) -git_save_hash: true \ No newline at end of file +matrix_playbook_commit_hash_preservation_enabled: true \ No newline at end of file diff --git a/roles/matrix-base/tasks/setup_matrix_base.yml b/roles/matrix-base/tasks/setup_matrix_base.yml index 5d3c5820..d443fee8 100644 --- a/roles/matrix-base/tasks/setup_matrix_base.yml +++ b/roles/matrix-base/tasks/setup_matrix_base.yml @@ -60,17 +60,17 @@ ansible.builtin.debug: msg: >- Couldn't find GIT on the local machine. Continuing without saving the GIT hash. - You can disable saving the GIT hash by setting 'git_save_hash: false' in vars.yml + You can disable saving the GIT hash by setting 'matrix_playbook_commit_hash_preservation_enabled: false' in vars.yml when: "git_describe.stderr.find('not found') != -1" - name: GIT hash error ansible.builtin.fail: msg: >- Error when trying to get the GIT hash. - You can disable saving the GIT hash by setting 'git_save_hash: false' in vars.yml + You can disable saving the GIT hash by setting 'matrix_playbook_commit_hash_preservation_enabled: false' in vars.yml when: "git_describe.stderr.find('not found') == -1" - when: "matrix_vars_yml_snapshotting_enabled|bool and git_save_hash|bool" + when: "matrix_vars_yml_snapshotting_enabled|bool and matrix_playbook_commit_hash_preservation_enabled|bool" - name: Ensure Matrix network is created in Docker community.docker.docker_network: From 230eea678471e9b46b3a9069d5505c4499dc6f63 Mon Sep 17 00:00:00 2001 From: ikkemaniac Date: Sun, 30 Oct 2022 14:04:33 +0100 Subject: [PATCH 482/562] Save git_hash.yml only on the target --- roles/matrix-base/tasks/setup_matrix_base.yml | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/roles/matrix-base/tasks/setup_matrix_base.yml b/roles/matrix-base/tasks/setup_matrix_base.yml index d443fee8..a9773855 100644 --- a/roles/matrix-base/tasks/setup_matrix_base.yml +++ b/roles/matrix-base/tasks/setup_matrix_base.yml @@ -40,16 +40,9 @@ debug: msg: "Git hash: {{ git_hash }}" - - name: Save git hash in git_hash.yml - become: false - local_action: - copy - content="git_hash_last_run{{ ":" }} {{ git_hash }}\n" - dest="{{ matrix_vars_yml_snapshotting_src }}/git_hash.yml" - - - name: Copy git_hash.yml file to target + - name: Save git_hash.yml on target copy: - src: "{{ matrix_vars_yml_snapshotting_src }}/git_hash.yml" + content: "{{ git_hash }}" dest: "{{ matrix_base_data_path }}/git_hash.yml" owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" From 930867d50d7bf399c843c13211ed78473a430943 Mon Sep 17 00:00:00 2001 From: ikkemaniac Date: Sun, 30 Oct 2022 14:07:39 +0100 Subject: [PATCH 483/562] Remove matrix_vars_yml_snapshotting_enabled condition --- roles/matrix-base/tasks/setup_matrix_base.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-base/tasks/setup_matrix_base.yml b/roles/matrix-base/tasks/setup_matrix_base.yml index a9773855..6fe7e47d 100644 --- a/roles/matrix-base/tasks/setup_matrix_base.yml +++ b/roles/matrix-base/tasks/setup_matrix_base.yml @@ -63,7 +63,7 @@ You can disable saving the GIT hash by setting 'matrix_playbook_commit_hash_preservation_enabled: false' in vars.yml when: "git_describe.stderr.find('not found') == -1" - when: "matrix_vars_yml_snapshotting_enabled|bool and matrix_playbook_commit_hash_preservation_enabled|bool" + when: "matrix_playbook_commit_hash_preservation_enabled|bool" - name: Ensure Matrix network is created in Docker community.docker.docker_network: From 3d902b7fe733957e966593775979ec22e349899e Mon Sep 17 00:00:00 2001 From: ikkemaniac Date: Sun, 30 Oct 2022 14:33:09 +0100 Subject: [PATCH 484/562] be more specific on GIT not found error --- roles/matrix-base/tasks/setup_matrix_base.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/matrix-base/tasks/setup_matrix_base.yml b/roles/matrix-base/tasks/setup_matrix_base.yml index 6fe7e47d..59dbe087 100644 --- a/roles/matrix-base/tasks/setup_matrix_base.yml +++ b/roles/matrix-base/tasks/setup_matrix_base.yml @@ -54,14 +54,14 @@ msg: >- Couldn't find GIT on the local machine. Continuing without saving the GIT hash. You can disable saving the GIT hash by setting 'matrix_playbook_commit_hash_preservation_enabled: false' in vars.yml - when: "git_describe.stderr.find('not found') != -1" + when: "git_describe.stderr.find('git: not found') != -1" - - name: GIT hash error + - name: Get GIT hash error ansible.builtin.fail: msg: >- Error when trying to get the GIT hash. You can disable saving the GIT hash by setting 'matrix_playbook_commit_hash_preservation_enabled: false' in vars.yml - when: "git_describe.stderr.find('not found') == -1" + when: "git_describe.stderr.find('git: not found') == -1" when: "matrix_playbook_commit_hash_preservation_enabled|bool" From fd25cf8f54e9341b005004f1dd991b9458c0be2e Mon Sep 17 00:00:00 2001 From: ikkemaniac Date: Sun, 30 Oct 2022 14:37:45 +0100 Subject: [PATCH 485/562] Update wording --- roles/matrix-base/defaults/main.yml | 11 ++++++----- roles/matrix-base/tasks/setup_matrix_base.yml | 2 +- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/roles/matrix-base/defaults/main.yml b/roles/matrix-base/defaults/main.yml index 22d89c23..4ad5fe55 100644 --- a/roles/matrix-base/defaults/main.yml +++ b/roles/matrix-base/defaults/main.yml @@ -284,6 +284,11 @@ matrix_docker_installation_enabled: true # Possible values are "docker-ce" (default) and "docker.io" (Debian). matrix_docker_package_name: docker-ce +# Controls whether the current playbook's commit hash is saved in `git_hash.yml` on the target +# Set this to false if GIT is not installed on the local system (the system where the ansible command is run on) +# to suppres the warning message. +matrix_playbook_commit_hash_preservation_enabled: true + # Variables to Control which parts of our roles run. run_postgres_import: true run_postgres_upgrade: true @@ -297,8 +302,4 @@ run_dendrite_register_user: true run_setup: true run_self_check: true run_start: true -run_stop: true - -# Saves the git hash in a file called git_hash.yml -# Set this to false if GIT is not installed on the local system (the system where the ansible command is run on) -matrix_playbook_commit_hash_preservation_enabled: true \ No newline at end of file +run_stop: true \ No newline at end of file diff --git a/roles/matrix-base/tasks/setup_matrix_base.yml b/roles/matrix-base/tasks/setup_matrix_base.yml index 59dbe087..44e4137c 100644 --- a/roles/matrix-base/tasks/setup_matrix_base.yml +++ b/roles/matrix-base/tasks/setup_matrix_base.yml @@ -59,7 +59,7 @@ - name: Get GIT hash error ansible.builtin.fail: msg: >- - Error when trying to get the GIT hash. + Error when trying to get the GIT hash. Please consult the error message above. You can disable saving the GIT hash by setting 'matrix_playbook_commit_hash_preservation_enabled: false' in vars.yml when: "git_describe.stderr.find('git: not found') == -1" From 15fbc525cf4f70e8e1f9a0814e4b9fb671d18dd3 Mon Sep 17 00:00:00 2001 From: ikkemaniac Date: Sun, 30 Oct 2022 14:53:27 +0100 Subject: [PATCH 486/562] Typo --- roles/matrix-base/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-base/defaults/main.yml b/roles/matrix-base/defaults/main.yml index 4ad5fe55..bcc821a4 100644 --- a/roles/matrix-base/defaults/main.yml +++ b/roles/matrix-base/defaults/main.yml @@ -286,7 +286,7 @@ matrix_docker_package_name: docker-ce # Controls whether the current playbook's commit hash is saved in `git_hash.yml` on the target # Set this to false if GIT is not installed on the local system (the system where the ansible command is run on) -# to suppres the warning message. +# to suppress the warning message. matrix_playbook_commit_hash_preservation_enabled: true # Variables to Control which parts of our roles run. From 54e71f2012afa055f6a4f119b00ffd76d756cc7a Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 31 Oct 2022 12:38:43 +0200 Subject: [PATCH 487/562] Mention "matrix_hookshot_enabled: true" on the Hookshot documentation page --- docs/configuring-playbook-bridge-hookshot.md | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/docs/configuring-playbook-bridge-hookshot.md b/docs/configuring-playbook-bridge-hookshot.md index 51d7a335..5505d0ad 100644 --- a/docs/configuring-playbook-bridge-hookshot.md +++ b/docs/configuring-playbook-bridge-hookshot.md @@ -13,13 +13,16 @@ Note: the playbook also supports [matrix-appservice-webhooks](configuring-playbo Refer to the [official instructions](https://matrix-org.github.io/matrix-hookshot/latest/setup.html) to learn what the individual options do. -1. For each of the services (GitHub, GitLab, Jira, Figma, generic webhooks) fill in the respective variables `matrix_hookshot_service_*` listed in [main.yml](/roles/matrix-bridge-hookshot/defaults/main.yml) as required. -2. Take special note of the `matrix_hookshot_*_enabled` variables. Services that need no further configuration are enabled by default (GitLab, Generic), while you must first add the required configuration and enable the others (GitHub, Jira, Figma). -3. If you're setting up the GitHub bridge, you'll need to generate and download a private key file after you created your GitHub app. Copy the contents of that file to the variable `matrix_hookshot_github_private_key` so the playbook can install it for you, or use one of the [other methods](#manage-github-private-key-with-matrix-aux-role) explained below. -4. If you've already installed Matrix services using the playbook before, you'll need to re-run it (`--tags=setup-all,start`). If not, proceed with [configuring other playbook services](configuring-playbook.md) and then with [Installing](installing.md). Get back to this guide once ready. Hookshot can be set up individually using the tag `setup-hookshot`. +1. Enable the bridge by adding `matrix_hookshot_enabled: true` to your `vars.yml` file +2. For each of the services (GitHub, GitLab, Jira, Figma, generic webhooks) fill in the respective variables `matrix_hookshot_service_*` listed in [main.yml](/roles/matrix-bridge-hookshot/defaults/main.yml) as required. +3. Take special note of the `matrix_hookshot_*_enabled` variables. Services that need no further configuration are enabled by default (GitLab, Generic), while you must first add the required configuration and enable the others (GitHub, Jira, Figma). +4. If you're setting up the GitHub bridge, you'll need to generate and download a private key file after you created your GitHub app. Copy the contents of that file to the variable `matrix_hookshot_github_private_key` so the playbook can install it for you, or use one of the [other methods](#manage-github-private-key-with-matrix-aux-role) explained below. +5. If you've already installed Matrix services using the playbook before, you'll need to re-run it (`--tags=setup-all,start`). If not, proceed with [configuring other playbook services](configuring-playbook.md) and then with [Installing](installing.md). Get back to this guide once ready. Hookshot can be set up individually using the tag `setup-hookshot`. Other configuration options are available via the `matrix_hookshot_configuration_extension_yaml` and `matrix_hookshot_registration_extension_yaml` variables, see the comments in [main.yml](/roles/matrix-bridge-hookshot/defaults/main.yml) for how to use them. +Finally, run the playbook (see [installing](installing.md)). + ## Usage From cada3ef48b05b35da11b714d8505eeb785173a19 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 31 Oct 2022 12:47:10 +0200 Subject: [PATCH 488/562] Use pre-built image for Hookshot on arm64 --- group_vars/matrix_servers | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 18aa553c..e5de094f 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -765,7 +765,7 @@ matrix_heisenbridge_systemd_wanted_services_list: | # We don't enable bridges by default. matrix_hookshot_enabled: false -matrix_hookshot_container_image_self_build: "{{ matrix_architecture not in ['amd64'] }}" +matrix_hookshot_container_image_self_build: "{{ matrix_architecture not in ['arm64', 'amd64'] }}" matrix_hookshot_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'hookshot.as.tok') | to_uuid }}" From 8338f750e0a89d7f8a015fa82d44a901aa61b326 Mon Sep 17 00:00:00 2001 From: array-in-a-matrix Date: Mon, 31 Oct 2022 14:13:11 -0400 Subject: [PATCH 489/562] document login to discord with token --- docs/configuring-playbook-bridge-mautrix-discord.md | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-bridge-mautrix-discord.md b/docs/configuring-playbook-bridge-mautrix-discord.md index 065609b2..d67e7857 100644 --- a/docs/configuring-playbook-bridge-mautrix-discord.md +++ b/docs/configuring-playbook-bridge-mautrix-discord.md @@ -12,12 +12,19 @@ See the project's [documentation](https://docs.mau.fi/bridges/go/discord/index.h ## Prerequisites -For using this bridge, you would need to authenticate by **scanning a QR code** with the Discord app on your phone **or** by using **discord account token**. +There are 2 ways to link the bridge to discord. + +### Method 1: Login using QR code + +For using this bridge, you would need to authenticate by **scanning a QR code** with the Discord app on your phone. You can delete the Discord app after the authentication process. -If this is a dealbreaker for you, consider using one of the other Discord bridges supported by the playbook: [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) or [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md). These come with their own complexity and limitations, however, so we recommend that you proceed with this one if possible. +If this is a dealbreaker for you, consider using the [second method](#method-2-login-using-discord-token) or one of the other Discord bridges supported by the playbook: [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) or [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md). These come with their own complexity and limitations, however, so we recommend that you proceed with this one if possible. +### Method 2: Login using Discord token + +To acquire the token, open Discord in a private browser window. Then open the developer settings (keybaord shortcut might be "ctrl+shift+i" or by pressing "F12"). Navigate to the "Network" tab then reload the page. In the URL filter or search bar type "/api" and find the response with the file name of "library". Under "Request Headers" you should find a variable called "Authorization", this is the token to your Discord account. ## Installing From 96b923e3aa4e6d9018832f4b3eaab142194d3376 Mon Sep 17 00:00:00 2001 From: array-in-a-matrix Date: Mon, 31 Oct 2022 14:19:20 -0400 Subject: [PATCH 490/562] typo --- docs/configuring-playbook-bridge-mautrix-discord.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bridge-mautrix-discord.md b/docs/configuring-playbook-bridge-mautrix-discord.md index d67e7857..80c2f165 100644 --- a/docs/configuring-playbook-bridge-mautrix-discord.md +++ b/docs/configuring-playbook-bridge-mautrix-discord.md @@ -24,7 +24,7 @@ If this is a dealbreaker for you, consider using the [second method](#method-2-l ### Method 2: Login using Discord token -To acquire the token, open Discord in a private browser window. Then open the developer settings (keybaord shortcut might be "ctrl+shift+i" or by pressing "F12"). Navigate to the "Network" tab then reload the page. In the URL filter or search bar type "/api" and find the response with the file name of "library". Under "Request Headers" you should find a variable called "Authorization", this is the token to your Discord account. +To acquire the token, open Discord in a private browser window. Then open the developer settings (keyboard shortcut might be "ctrl+shift+i" or by pressing "F12"). Navigate to the "Network" tab then reload the page. In the URL filter or search bar type "/api" and find the response with the file name of "library". Under the request headers you should find a variable called "Authorization", this is the token to your Discord account. ## Installing From 975dda54c9db16f7158f33d1263318626c9cf735 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 31 Oct 2022 21:34:14 +0200 Subject: [PATCH 491/562] Upgrade Dendrite (0.10.4 -> 0.10.5) --- roles/matrix-dendrite/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml index dc0af2dc..945c1619 100644 --- a/roles/matrix-dendrite/defaults/main.yml +++ b/roles/matrix-dendrite/defaults/main.yml @@ -6,7 +6,7 @@ matrix_dendrite_enabled: true matrix_dendrite_docker_image: "{{ matrix_dendrite_docker_image_name_prefix }}matrixdotorg/dendrite-monolith:{{ matrix_dendrite_docker_image_tag }}" matrix_dendrite_docker_image_name_prefix: "docker.io/" -matrix_dendrite_docker_image_tag: "v0.10.4" +matrix_dendrite_docker_image_tag: "v0.10.5" matrix_dendrite_docker_image_force_pull: "{{ matrix_dendrite_docker_image.endswith(':latest') }}" matrix_dendrite_base_path: "{{ matrix_base_data_path }}/dendrite" From ec45b873762826044c558e91764b8abfe3651368 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 31 Oct 2022 21:50:39 +0200 Subject: [PATCH 492/562] Add matrix_hookshot_feeds_pollTimeoutSeconds --- roles/matrix-bridge-hookshot/defaults/main.yml | 1 + roles/matrix-bridge-hookshot/templates/config.yml.j2 | 1 + 2 files changed, 2 insertions(+) diff --git a/roles/matrix-bridge-hookshot/defaults/main.yml b/roles/matrix-bridge-hookshot/defaults/main.yml index 1c390f34..775ef087 100644 --- a/roles/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/matrix-bridge-hookshot/defaults/main.yml @@ -131,6 +131,7 @@ matrix_hookshot_generic_user_id_prefix: '_webhooks_' matrix_hookshot_feeds_enabled: true # polling interval in seconds matrix_hookshot_feeds_interval: 600 +matrix_hookshot_feeds_pollTimeoutSeconds: 10 # There is no need to edit ports. use matrix_hookshot_container_http_host_bind_ports below to expose ports instead. diff --git a/roles/matrix-bridge-hookshot/templates/config.yml.j2 b/roles/matrix-bridge-hookshot/templates/config.yml.j2 index 5cd11a87..fb029efd 100644 --- a/roles/matrix-bridge-hookshot/templates/config.yml.j2 +++ b/roles/matrix-bridge-hookshot/templates/config.yml.j2 @@ -84,6 +84,7 @@ feeds: # enabled: {{ matrix_hookshot_feeds_enabled }} pollIntervalSeconds: {{ matrix_hookshot_feeds_interval }} + pollTimeoutSeconds: {{ matrix_hookshot_feeds_pollTimeoutSeconds | to_json }} {% endif %} {% if matrix_hookshot_provisioning_enabled %} provisioning: From e1274a6e56ea3e06284b2867a76d951276c160c8 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 31 Oct 2022 21:52:01 +0200 Subject: [PATCH 493/562] Rename variable (matrix_hookshot_feeds_interval -> matrix_hookshot_feeds_pollIntervalSeconds) This is more consistent with how we name variables. It's also less confusing, especially given that we have `matrix_hookshot_feeds_pollTimeoutSeconds` as well. --- roles/matrix-bridge-hookshot/defaults/main.yml | 3 +-- roles/matrix-bridge-hookshot/tasks/validate_config.yml | 9 +++++++++ roles/matrix-bridge-hookshot/templates/config.yml.j2 | 4 ++-- 3 files changed, 12 insertions(+), 4 deletions(-) diff --git a/roles/matrix-bridge-hookshot/defaults/main.yml b/roles/matrix-bridge-hookshot/defaults/main.yml index 775ef087..96781f9a 100644 --- a/roles/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/matrix-bridge-hookshot/defaults/main.yml @@ -129,8 +129,7 @@ matrix_hookshot_generic_user_id_prefix: '_webhooks_' matrix_hookshot_feeds_enabled: true -# polling interval in seconds -matrix_hookshot_feeds_interval: 600 +matrix_hookshot_feeds_pollIntervalSeconds: 600 matrix_hookshot_feeds_pollTimeoutSeconds: 10 diff --git a/roles/matrix-bridge-hookshot/tasks/validate_config.yml b/roles/matrix-bridge-hookshot/tasks/validate_config.yml index 0fbcf53c..3392f1b6 100644 --- a/roles/matrix-bridge-hookshot/tasks/validate_config.yml +++ b/roles/matrix-bridge-hookshot/tasks/validate_config.yml @@ -58,6 +58,15 @@ with_items: - "matrix_hookshot_provisioning_secret" +- name: (Deprecation) Catch and report renamed Hookshot variables + ansible.builtin.fail: + msg: >- + Your configuration contains a variable, which now has a different name. + Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`). + when: "item.old in vars" + with_items: + - {'old': 'matrix_hookshot_feeds_interval', 'new': 'matrix_hookshot_feeds_pollIntervalSeconds'} + - name: (Deprecation) Catch and report old metrics usage ansible.builtin.fail: msg: >- diff --git a/roles/matrix-bridge-hookshot/templates/config.yml.j2 b/roles/matrix-bridge-hookshot/templates/config.yml.j2 index fb029efd..527afafa 100644 --- a/roles/matrix-bridge-hookshot/templates/config.yml.j2 +++ b/roles/matrix-bridge-hookshot/templates/config.yml.j2 @@ -82,8 +82,8 @@ generic: feeds: # (Optional) Configure this to enable RSS/Atom feed support # - enabled: {{ matrix_hookshot_feeds_enabled }} - pollIntervalSeconds: {{ matrix_hookshot_feeds_interval }} + enabled: {{ matrix_hookshot_feeds_enabled | to_json }} + pollIntervalSeconds: {{ matrix_hookshot_feeds_pollIntervalSeconds | to_json }} pollTimeoutSeconds: {{ matrix_hookshot_feeds_pollTimeoutSeconds | to_json }} {% endif %} {% if matrix_hookshot_provisioning_enabled %} From 39e6484956671080c1d7e2fbd94c6d7427669b66 Mon Sep 17 00:00:00 2001 From: ikkemaniac Date: Mon, 31 Oct 2022 22:57:16 +0100 Subject: [PATCH 494/562] fix lints --- roles/matrix-base/tasks/setup_matrix_base.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/matrix-base/tasks/setup_matrix_base.yml b/roles/matrix-base/tasks/setup_matrix_base.yml index 44e4137c..5c45323e 100644 --- a/roles/matrix-base/tasks/setup_matrix_base.yml +++ b/roles/matrix-base/tasks/setup_matrix_base.yml @@ -21,11 +21,11 @@ - name: Save current git-repo status on the target to aid with restoring in case of problems block: - - name: Get local git hash + - name: Get local git hash delegate_to: 127.0.0.1 become: false register: git_describe - shell: + ansible.builtin.shell: git describe --always --tags @@ -33,15 +33,15 @@ --long --all - - set_fact: + - ansible.builtin.set_fact: git_hash: "{{ git_describe.stdout }}" - name: Git hash - debug: + ansible.builtin.debug: msg: "Git hash: {{ git_hash }}" - + - name: Save git_hash.yml on target - copy: + ansible.builtin.copy: content: "{{ git_hash }}" dest: "{{ matrix_base_data_path }}/git_hash.yml" owner: "{{ matrix_user_username }}" From 2b049da963ddab978e6be9fdc014d23f819ed272 Mon Sep 17 00:00:00 2001 From: ikkemaniac Date: Mon, 31 Oct 2022 23:00:04 +0100 Subject: [PATCH 495/562] move when clause per linting suggestion --- roles/matrix-base/tasks/setup_matrix_base.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/roles/matrix-base/tasks/setup_matrix_base.yml b/roles/matrix-base/tasks/setup_matrix_base.yml index 5c45323e..cdde09d2 100644 --- a/roles/matrix-base/tasks/setup_matrix_base.yml +++ b/roles/matrix-base/tasks/setup_matrix_base.yml @@ -20,6 +20,7 @@ when: "matrix_vars_yml_snapshotting_enabled | bool" - name: Save current git-repo status on the target to aid with restoring in case of problems + when: "matrix_playbook_commit_hash_preservation_enabled|bool" block: - name: Get local git hash delegate_to: 127.0.0.1 @@ -63,8 +64,6 @@ You can disable saving the GIT hash by setting 'matrix_playbook_commit_hash_preservation_enabled: false' in vars.yml when: "git_describe.stderr.find('git: not found') == -1" - when: "matrix_playbook_commit_hash_preservation_enabled|bool" - - name: Ensure Matrix network is created in Docker community.docker.docker_network: name: "{{ matrix_docker_network }}" From 45c9c2b17a6e60f828b0d4a1723c4eb8a5aae1cb Mon Sep 17 00:00:00 2001 From: ikkemaniac Date: Mon, 31 Oct 2022 23:08:45 +0100 Subject: [PATCH 496/562] convert shell to command usage --- roles/matrix-base/tasks/setup_matrix_base.yml | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/roles/matrix-base/tasks/setup_matrix_base.yml b/roles/matrix-base/tasks/setup_matrix_base.yml index cdde09d2..0aafe183 100644 --- a/roles/matrix-base/tasks/setup_matrix_base.yml +++ b/roles/matrix-base/tasks/setup_matrix_base.yml @@ -26,13 +26,14 @@ delegate_to: 127.0.0.1 become: false register: git_describe - ansible.builtin.shell: - git describe - --always - --tags - --dirty - --long - --all + ansible.builtin.command: + cmd: >- + git describe + --always + --tags + --dirty + --long + --all - ansible.builtin.set_fact: git_hash: "{{ git_describe.stdout }}" From 93615b6ad988edb4a7972e32f0595d70fb2fd1e0 Mon Sep 17 00:00:00 2001 From: ikkemaniac Date: Mon, 31 Oct 2022 23:20:56 +0100 Subject: [PATCH 497/562] Revert "convert shell to command usage" to allow for a catching the specific "git: not found" error. This reverts commit 45c9c2b17a6e60f828b0d4a1723c4eb8a5aae1cb. --- roles/matrix-base/tasks/setup_matrix_base.yml | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/roles/matrix-base/tasks/setup_matrix_base.yml b/roles/matrix-base/tasks/setup_matrix_base.yml index 0aafe183..cdde09d2 100644 --- a/roles/matrix-base/tasks/setup_matrix_base.yml +++ b/roles/matrix-base/tasks/setup_matrix_base.yml @@ -26,14 +26,13 @@ delegate_to: 127.0.0.1 become: false register: git_describe - ansible.builtin.command: - cmd: >- - git describe - --always - --tags - --dirty - --long - --all + ansible.builtin.shell: + git describe + --always + --tags + --dirty + --long + --all - ansible.builtin.set_fact: git_hash: "{{ git_describe.stdout }}" From 8b425b995ec446109b6b13f711c85d11b57e8136 Mon Sep 17 00:00:00 2001 From: ikkemaniac Date: Mon, 31 Oct 2022 23:44:47 +0100 Subject: [PATCH 498/562] add newline char --- roles/matrix-base/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-base/defaults/main.yml b/roles/matrix-base/defaults/main.yml index bcc821a4..52049ed5 100644 --- a/roles/matrix-base/defaults/main.yml +++ b/roles/matrix-base/defaults/main.yml @@ -302,4 +302,4 @@ run_dendrite_register_user: true run_setup: true run_self_check: true run_start: true -run_stop: true \ No newline at end of file +run_stop: true From 3fc19295e2373a2149b0ebe67b48d63915c12faf Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 1 Nov 2022 07:05:26 +0200 Subject: [PATCH 499/562] Fix ansible-lint error (ansible.builtin.synchronize -> ansible.posix.synchronize) --- roles/matrix-synapse/tasks/import_media_store.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-synapse/tasks/import_media_store.yml b/roles/matrix-synapse/tasks/import_media_store.yml index 740eb510..bdd99ca4 100644 --- a/roles/matrix-synapse/tasks/import_media_store.yml +++ b/roles/matrix-synapse/tasks/import_media_store.yml @@ -51,7 +51,7 @@ # This can only work with local files, not if the media store is on Amazon S3, # as it won't be accessible in such a case. - name: Ensure provided media store directory is synchronized - ansible.builtin.synchronize: + ansible.posix.synchronize: src: "{{ server_path_media_store }}/" dest: "{{ matrix_synapse_media_store_path }}" delete: true From 3a49b0077c8b8704c6f7b1cf00b8c19d2e24270b Mon Sep 17 00:00:00 2001 From: ikkemaniac Date: Tue, 1 Nov 2022 09:23:55 +0100 Subject: [PATCH 500/562] fix ansible-lint errors --- roles/matrix-base/tasks/setup_matrix_base.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/matrix-base/tasks/setup_matrix_base.yml b/roles/matrix-base/tasks/setup_matrix_base.yml index cdde09d2..0bf197b6 100644 --- a/roles/matrix-base/tasks/setup_matrix_base.yml +++ b/roles/matrix-base/tasks/setup_matrix_base.yml @@ -22,10 +22,11 @@ - name: Save current git-repo status on the target to aid with restoring in case of problems when: "matrix_playbook_commit_hash_preservation_enabled|bool" block: - - name: Get local git hash + - name: Get local git hash # noqa command-instead-of-module delegate_to: 127.0.0.1 become: false register: git_describe + changed_when: false ansible.builtin.shell: git describe --always From f7b45fd4402a25db979da3086d053fd61816dcab Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 1 Nov 2022 12:58:22 +0200 Subject: [PATCH 501/562] Upgrade ddclient (v3.10.0-ls102 -> v3.10.0-ls103) --- roles/matrix-dynamic-dns/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dynamic-dns/defaults/main.yml b/roles/matrix-dynamic-dns/defaults/main.yml index af4d9592..056eecba 100644 --- a/roles/matrix-dynamic-dns/defaults/main.yml +++ b/roles/matrix-dynamic-dns/defaults/main.yml @@ -7,7 +7,7 @@ matrix_dynamic_dns_enabled: true # The dynamic dns daemon interval matrix_dynamic_dns_daemon_interval: '300' -matrix_dynamic_dns_version: v3.10.0-ls102 +matrix_dynamic_dns_version: v3.10.0-ls103 # The docker container to use when in mode matrix_dynamic_dns_docker_image: "{{ matrix_dynamic_dns_docker_image_name_prefix }}linuxserver/ddclient:{{ matrix_dynamic_dns_version }}" From 17caa13a71a36365343ba417c7d42d5d44d68dda Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 1 Nov 2022 12:59:15 +0200 Subject: [PATCH 502/562] Upgrade Grafana (9.2.2 -> 9.2.3) --- roles/matrix-grafana/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index 5bccb60d..43b29c94 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -5,7 +5,7 @@ matrix_grafana_enabled: true -matrix_grafana_version: 9.2.2 +matrix_grafana_version: 9.2.3 matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}" matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}" From 9fb21b89a8a7be51d014ad40fb6bb4cccbbb8dec Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 1 Nov 2022 14:57:29 +0200 Subject: [PATCH 503/562] Fix import-postgres/run-postgres-vacuum failures being suppressed We were only reporting failures for when the async task didn't finish. We also need to report a failure for when the task finished, but returned a non-zero exit code. --- roles/matrix-postgres/tasks/import_postgres.yml | 2 +- roles/matrix-postgres/tasks/run_vacuum.yml | 2 +- .../tasks/rust-synapse-compress-state/compress_room.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/matrix-postgres/tasks/import_postgres.yml b/roles/matrix-postgres/tasks/import_postgres.yml index 40877e0b..302a8f41 100644 --- a/roles/matrix-postgres/tasks/import_postgres.yml +++ b/roles/matrix-postgres/tasks/import_postgres.yml @@ -108,5 +108,5 @@ async: "{{ postgres_import_wait_time }}" poll: 10 register: matrix_postgres_import_postgres_command_result - failed_when: not matrix_postgres_import_postgres_command_result.finished + failed_when: not matrix_postgres_import_postgres_command_result.finished or matrix_postgres_import_postgres_command_result.rc != 0 changed_when: matrix_postgres_import_postgres_command_result.finished and matrix_postgres_import_postgres_command_result.rc == 0 diff --git a/roles/matrix-postgres/tasks/run_vacuum.yml b/roles/matrix-postgres/tasks/run_vacuum.yml index 97dec022..9801ab2c 100644 --- a/roles/matrix-postgres/tasks/run_vacuum.yml +++ b/roles/matrix-postgres/tasks/run_vacuum.yml @@ -79,7 +79,7 @@ async: "{{ postgres_vacuum_wait_time }}" poll: 10 register: matrix_postgres_synapse_vacuum_result - failed_when: not matrix_postgres_synapse_vacuum_result.finished + failed_when: not matrix_postgres_synapse_vacuum_result.finished or matrix_postgres_synapse_vacuum_result.rc != 0 changed_when: matrix_postgres_synapse_vacuum_result.finished and matrix_postgres_synapse_vacuum_result.rc == 0 # Intentionally show the results diff --git a/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml b/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml index 9834e256..88db265d 100644 --- a/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml +++ b/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml @@ -21,7 +21,7 @@ async: "{{ matrix_synapse_rust_synapse_compress_state_compress_room_time }}" poll: 10 register: matrix_synapse_rust_synapse_compress_state_compress_room_command_result - failed_when: not matrix_synapse_rust_synapse_compress_state_compress_room_command_result.finished + failed_when: not matrix_synapse_rust_synapse_compress_state_compress_room_command_result.finished or matrix_synapse_rust_synapse_compress_state_compress_room_command_result.rc != 0 changed_when: matrix_synapse_rust_synapse_compress_state_compress_room_command_result.finished and matrix_synapse_rust_synapse_compress_state_compress_room_command_result.rc == 0 - ansible.builtin.debug: From 74b186a4543cd7c59ffcdf6f13c20da4590ea2dc Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 1 Nov 2022 15:05:41 +0200 Subject: [PATCH 504/562] Fix "too many spaces after colon" ansible-lint error --- roles/matrix-dynamic-dns/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dynamic-dns/defaults/main.yml b/roles/matrix-dynamic-dns/defaults/main.yml index 056eecba..77e01d0e 100644 --- a/roles/matrix-dynamic-dns/defaults/main.yml +++ b/roles/matrix-dynamic-dns/defaults/main.yml @@ -7,7 +7,7 @@ matrix_dynamic_dns_enabled: true # The dynamic dns daemon interval matrix_dynamic_dns_daemon_interval: '300' -matrix_dynamic_dns_version: v3.10.0-ls103 +matrix_dynamic_dns_version: v3.10.0-ls103 # The docker container to use when in mode matrix_dynamic_dns_docker_image: "{{ matrix_dynamic_dns_docker_image_name_prefix }}linuxserver/ddclient:{{ matrix_dynamic_dns_version }}" From a4662660d2ca70cdadf496e1047fc50204937faf Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 1 Nov 2022 15:06:10 +0200 Subject: [PATCH 505/562] Do not wait needlessly when vacuuming or importing Postgres --- roles/matrix-postgres/tasks/import_postgres.yml | 4 +++- roles/matrix-postgres/tasks/run_vacuum.yml | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/roles/matrix-postgres/tasks/import_postgres.yml b/roles/matrix-postgres/tasks/import_postgres.yml index 302a8f41..107a1f88 100644 --- a/roles/matrix-postgres/tasks/import_postgres.yml +++ b/roles/matrix-postgres/tasks/import_postgres.yml @@ -49,8 +49,10 @@ name: matrix-postgres state: started daemon_reload: true + register: matrix_postgres_import_start_result -- name: Wait a bit, so that Postgres can start +- when: matrix_postgres_import_start_result.changed | bool + name: Wait a bit, so that Postgres can start ansible.builtin.wait_for: timeout: "{{ postgres_start_wait_time }}" delegate_to: 127.0.0.1 diff --git a/roles/matrix-postgres/tasks/run_vacuum.yml b/roles/matrix-postgres/tasks/run_vacuum.yml index 9801ab2c..1b769f01 100644 --- a/roles/matrix-postgres/tasks/run_vacuum.yml +++ b/roles/matrix-postgres/tasks/run_vacuum.yml @@ -28,8 +28,10 @@ name: matrix-postgres state: started daemon_reload: true + register: matrix_postgres_vacuum_start_result -- name: Wait a bit, so that Postgres can start +- when: matrix_postgres_vacuum_start_result.changed | bool + name: Wait a bit, so that Postgres can start ansible.builtin.wait_for: timeout: "{{ postgres_start_wait_time }}" delegate_to: 127.0.0.1 From 125ca5569d4cc81d8b0d9f07a9b299dd3852436c Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 1 Nov 2022 15:47:00 +0200 Subject: [PATCH 506/562] Use unique filter for matrix_postgres_import_roles_to_ignore and matrix_postgres_import_databases_to_ignore Dendrite uses a lot of databases, but a single (`dendrite`) role, which leads to `matrix_postgres_import_roles_to_ignore` being something like `['dendrite', 'dendrite', 'dendrite', ...]` needlessly. This leads to weird regexes being generated for `matrix_postgres_import_roles_ignore_regex`. It's not that it hurts, but it just looks odd. --- roles/matrix-postgres/defaults/main.yml | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/roles/matrix-postgres/defaults/main.yml b/roles/matrix-postgres/defaults/main.yml index fe469f16..5a0cdb6c 100644 --- a/roles/matrix-postgres/defaults/main.yml +++ b/roles/matrix-postgres/defaults/main.yml @@ -74,9 +74,11 @@ matrix_postgres_additional_databases: [] # We either need to not create them or to ignore the `CREATE ROLE` statements in the dump. matrix_postgres_import_roles_to_ignore: | {{ - [matrix_postgres_connection_username] - + - matrix_postgres_additional_databases|map(attribute='username') | list + ( + [matrix_postgres_connection_username] + + + matrix_postgres_additional_databases|map(attribute='username') | list + ) | unique }} # When importing an existing Postgres database (when restoring a backup) or when doing a Postgres upgrade (which dumps & restores), we'd like to avoid: @@ -98,9 +100,11 @@ matrix_postgres_import_roles_ignore_regex: "^(CREATE|ALTER) ROLE \\\"?({{ matrix # We either need to not create them or to ignore the `CREATE DATABASE` statements in the dump. matrix_postgres_import_databases_to_ignore: | {{ - [matrix_postgres_db_name] - + - matrix_postgres_additional_databases|map(attribute='name') | list + ( + [matrix_postgres_db_name] + + + matrix_postgres_additional_databases|map(attribute='name') | list + ) | unique }} # We also allow for the database name to be quoted, which is rare, but might happen for database names which are special keywords (e.g. `default`). From 501420f3cc09d2fc071ff620fd949c10b3fa2109 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 1 Nov 2022 14:18:41 +0000 Subject: [PATCH 507/562] Update element 1.11.12 -> 1.11.13 --- roles/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index 2d5c99d2..b2ffd05d 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -10,7 +10,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/vecto # - https://github.com/vector-im/element-web/issues/19544 matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" -matrix_client_element_version: v1.11.12 +matrix_client_element_version: v1.11.13 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" From c3dc64b1d5e06fb356fce37dcab27664ef335ef7 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 1 Nov 2022 16:22:58 +0200 Subject: [PATCH 508/562] Add matrix-user-creator role - automatic user account creation support We no longer ask users to create Matrix user accounts for these bots: - Postmoogle - Honoroit - Reminder Bot Other bots and services (matrix-registration-bot, maubot, mjolnir, Dimension, etc.) require an Access Token to run (not a password), so this new role doesn't help for them. It does help for the above bots though, and for defining your own "initial user accounts" in the `matrix_user_creator_users_additional` variable. --- docs/configuring-playbook-bot-honoroit.md | 30 +++---- ...ng-playbook-bot-matrix-registration-bot.md | 2 +- ...guring-playbook-bot-matrix-reminder-bot.md | 30 +++---- docs/configuring-playbook-bot-postmoogle.md | 30 +++---- docs/installing.md | 84 ++++++++++++++----- group_vars/matrix_servers | 34 ++++++++ roles/matrix-user-creator/defaults/main.yml | 22 +++++ roles/matrix-user-creator/tasks/main.yml | 9 ++ roles/matrix-user-creator/tasks/setup.yml | 33 ++++++++ .../util/ensure_user_registered_conduit.yml | 5 ++ .../util/ensure_user_registered_dendrite.yml | 17 ++++ .../util/ensure_user_registered_synapse.yml | 22 +++++ .../tasks/util/validate_user.yml | 16 ++++ roles/matrix-user-creator/vars/main.yml | 34 ++++++++ setup.yml | 1 + 15 files changed, 294 insertions(+), 75 deletions(-) create mode 100644 roles/matrix-user-creator/defaults/main.yml create mode 100644 roles/matrix-user-creator/tasks/main.yml create mode 100644 roles/matrix-user-creator/tasks/setup.yml create mode 100644 roles/matrix-user-creator/tasks/util/ensure_user_registered_conduit.yml create mode 100644 roles/matrix-user-creator/tasks/util/ensure_user_registered_dendrite.yml create mode 100644 roles/matrix-user-creator/tasks/util/ensure_user_registered_synapse.yml create mode 100644 roles/matrix-user-creator/tasks/util/validate_user.yml create mode 100644 roles/matrix-user-creator/vars/main.yml diff --git a/docs/configuring-playbook-bot-honoroit.md b/docs/configuring-playbook-bot-honoroit.md index 45fc033d..42f31d49 100644 --- a/docs/configuring-playbook-bot-honoroit.md +++ b/docs/configuring-playbook-bot-honoroit.md @@ -7,21 +7,6 @@ It's a bot you can use to setup **your own helpdesk on matrix** See the project's [documentation](https://gitlab.com/etke.cc/honoroit#how-it-looks-like) to learn what it does with screenshots and why it might be useful to you. -## Registering the bot user - -By default, the playbook will set up the bot with a username like this: `@honoroit:DOMAIN`. - -(to use a different username, adjust the `matrix_bot_honoroit_login` variable). - -You **need to register the bot user manually** before setting up the bot. You can use the playbook to [register a new user](registering-users.md): - -``` -ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=honoroit password=PASSWORD_FOR_THE_BOT admin=no' --tags=register-user -``` - -Choose a strong password for the bot. You can generate a good password with a command like this: `pwgen -s 64 1`. - - ## Adjusting the playbook configuration Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: @@ -29,7 +14,10 @@ Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars. ```yaml matrix_bot_honoroit_enabled: true -# Adjust this to whatever password you chose when registering the bot user +# Uncomment and adjust this part if you'd like to use a username different than the default +# matrix_bot_honoroit_login: honoroit + +# Generate a strong password here. Consider generating it with `pwgen -s 64 1` matrix_bot_honoroit_password: PASSWORD_FOR_THE_BOT # Adjust this to your room ID @@ -41,9 +29,15 @@ matrix_bot_honoroit_roomid: "!yourRoomID:DOMAIN" After configuring the playbook, run the [installation](installing.md) command again: +```sh +ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,ensure-matrix-users-created,start ``` -ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start -``` + +**Notes**: + +- the `ensure-matrix-users-created` playbook tag makes the playbook automatically create the bot's user account + +- if you change the bot password (`matrix_bot_honoroit_password` in your `vars.yml` file) subsequently, the bot user's credentials on the homeserver won't be updated automatically. If you'd like to change the bot user's password, use a tool like [synapse-admin](configuring-playbook-synapse-admin.md) to change it, and then update `matrix_bot_honoroit_password` to let the bot know its new password ## Usage diff --git a/docs/configuring-playbook-bot-matrix-registration-bot.md b/docs/configuring-playbook-bot-matrix-registration-bot.md index a3e4bbeb..b1e3fdc6 100644 --- a/docs/configuring-playbook-bot-matrix-registration-bot.md +++ b/docs/configuring-playbook-bot-matrix-registration-bot.md @@ -16,7 +16,7 @@ By default, the playbook will set use the bot with a username like this: `@bot.m (to use a different username, adjust the `matrix_bot_matrix_registration_bot_matrix_user_id_localpart` variable). -You **need to register the bot user manually** before setting up the bot. You can use the playbook to [register a new user](registering-users.md): +For [other bots supported by the playbook](configuring-playbook.md#bots), Matrix bot user accounts are created and put to use automatically. For `matrix-registration-bot`, however, this is not the case - you **need to register the bot user manually** before setting up the bot. You can use the playbook to [register a new user](registering-users.md): ``` ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=bot.matrix-registration-bot password=PASSWORD_FOR_THE_BOT admin=yes' --tags=register-user diff --git a/docs/configuring-playbook-bot-matrix-reminder-bot.md b/docs/configuring-playbook-bot-matrix-reminder-bot.md index aaf5670c..da73e5db 100644 --- a/docs/configuring-playbook-bot-matrix-reminder-bot.md +++ b/docs/configuring-playbook-bot-matrix-reminder-bot.md @@ -7,21 +7,6 @@ It's a bot you can use to **schedule one-off & recurring reminders and alarms**. See the project's [documentation](https://github.com/anoadragon453/matrix-reminder-bot#usage) to learn what it does and why it might be useful to you. -## Registering the bot user - -By default, the playbook will set up the bot with a username like this: `@bot.matrix-reminder-bot:DOMAIN`. - -(to use a different username, adjust the `matrix_bot_matrix_reminder_bot_matrix_user_id_localpart` variable). - -You **need to register the bot user manually** before setting up the bot. You can use the playbook to [register a new user](registering-users.md): - -``` -ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=bot.matrix-reminder-bot password=PASSWORD_FOR_THE_BOT admin=no' --tags=register-user -``` - -Choose a strong password for the bot. You can generate a good password with a command like this: `pwgen -s 64 1`. - - ## Adjusting the playbook configuration Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: @@ -29,7 +14,10 @@ Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars. ```yaml matrix_bot_matrix_reminder_bot_enabled: true -# Adjust this to whatever password you chose when registering the bot user +# Uncomment and adjust this part if you'd like to use a username different than the default +# matrix_bot_matrix_reminder_bot_matrix_user_id_localpart: bot.matrix-reminder-bot + +# Generate a strong password here. Consider generating it with `pwgen -s 64 1` matrix_bot_matrix_reminder_bot_matrix_user_password: PASSWORD_FOR_THE_BOT # Adjust this to your timezone @@ -41,9 +29,15 @@ matrix_bot_matrix_reminder_bot_reminders_timezone: Europe/London After configuring the playbook, run the [installation](installing.md) command again: +```sh +ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,ensure-matrix-users-created,start ``` -ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start -``` + +**Notes**: + +- the `ensure-matrix-users-created` playbook tag makes the playbook automatically create the bot's user account + +- if you change the bot password (`matrix_bot_matrix_reminder_bot_matrix_user_password` in your `vars.yml` file) subsequently, the bot user's credentials on the homeserver won't be updated automatically. If you'd like to change the bot user's password, use a tool like [synapse-admin](configuring-playbook-synapse-admin.md) to change it, and then update `matrix_bot_matrix_reminder_bot_matrix_user_password` to let the bot know its new password ## Usage diff --git a/docs/configuring-playbook-bot-postmoogle.md b/docs/configuring-playbook-bot-postmoogle.md index 31566da9..0fa36693 100644 --- a/docs/configuring-playbook-bot-postmoogle.md +++ b/docs/configuring-playbook-bot-postmoogle.md @@ -9,21 +9,6 @@ It's a bot/bridge you can use to forward emails to Matrix rooms See the project's [documentation](https://gitlab.com/etke.cc/postmoogle) to learn what it does and why it might be useful to you. -## Registering the bot user - -By default, the playbook will set up the bot with a username like this: `@postmoogle:DOMAIN`. - -(to use a different username, adjust the `matrix_bot_postmoogle_login` variable). - -You **need to register the bot user manually** before setting up the bot. You can use the playbook to [register a new user](registering-users.md): - -``` -ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=postmoogle password=PASSWORD_FOR_THE_BOT admin=no' --tags=register-user -``` - -Choose a strong password for the bot. You can generate a good password with a command like this: `pwgen -s 64 1`. - - ## Adjusting the playbook configuration Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: @@ -31,7 +16,10 @@ Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars. ```yaml matrix_bot_postmoogle_enabled: true -# Adjust this to whatever password you chose when registering the bot user +# Uncomment and adjust this part if you'd like to use a username different than the default +# matrix_bot_postmoogle_login: postmoogle + +# Generate a strong password here. Consider generating it with `pwgen -s 64 1` matrix_bot_postmoogle_password: PASSWORD_FOR_THE_BOT ``` @@ -43,9 +31,15 @@ See [Configuring DNS](configuring-dns.md). After configuring the playbook, run the [installation](installing.md) command again: +```sh +ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,ensure-matrix-users-created,start ``` -ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start -``` + +**Notes**: + +- the `ensure-matrix-users-created` playbook tag makes the playbook automatically create the bot's user account + +- if you change the bot password (`matrix_bot_postmoogle_password` in your `vars.yml` file) subsequently, the bot user's credentials on the homeserver won't be updated automatically. If you'd like to change the bot user's password, use a tool like [synapse-admin](configuring-playbook-synapse-admin.md) to change it, and then update `matrix_bot_postmoogle_password` to let the bot know its new password ## Usage diff --git a/docs/installing.md b/docs/installing.md index 8b1b51aa..308e6fe6 100644 --- a/docs/installing.md +++ b/docs/installing.md @@ -1,25 +1,64 @@ # Installing -## 1. Installing the Matrix services - If you've [configured your DNS](configuring-dns.md) and have [configured the playbook](configuring-playbook.md), you can start the installation procedure. -Run this command to install the Matrix services: +## Playbook tags introduction -```bash +The Ansible playbook's tasks are tagged, so that certain parts of the Ansible playbook can be run without running all other tasks. + +The general command syntax is: `ansible-playbook -i inventory/hosts setup.yml --tags=COMMA_SEPARATED_TAGS_GO_HERE` + +Here are some playbook tags that you should be familiar with: + +- `setup-all` - runs all setup tasks for all components, but does not start/restart services + +- `setup-SERVICE` (e.g. `setup-bot-postmoogle`) - runs the setup tasks only for a given role, but does not start/restart services. You can discover these additional tags in each role (`roles/*/main.yml`). Running per-component setup tasks is **not recommended**, as components sometimes depend on each other and running just the setup tasks for a given component may not be enough. For example, setting up the [mautrix-telegram bridge](configuring-playbook-bridge-mautrix-telegram.md), in addition to the `setup-mautrix-telegram` tag, requires database changes (the `setup-postgres` tag) as well as reverse-proxy changes (the `setup-nginx-proxy` tag). + +- `start` - starts all systemd services and makes them start automatically in the future + +- `stop` - stops all systemd services + +- `ensure-matrix-users-created` - a special tag which ensures that all special users needed by the playbook (for bots, etc.) are created + +`setup-*` tags **do not start services** automatically, because you may wish to do things before starting services, such as importing a database dump, restoring data from another server, etc. + + +## 1. Installing Matrix + +If you **don't** use SSH keys for authentication, but rather a regular password, you may need to add `--ask-pass` to the all Ansible commands + +If you **do** use SSH keys for authentication, **and** use a non-root user to *become* root (sudo), you may need to add `-K` (`--ask-become-pass`) to all Ansible commands + +There 2 ways to start the installation process - depending on whether you're [Installing a brand new server (without importing data)](#installing-a-brand-new-server-without-importing-data) or [Installing a server into which you'll import old data](#installing-a-server-into-which-youll-import-old-data). + + +### Installing a brand new server (without importing data) + +If this is **a brand new** Matrix server and you **won't be importing old data into it**, run all these tags: + +```sh +ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,ensure-matrix-users-created,start +``` + +This will do a full installation and start all Matrix services. + +Proceed to [Maintaining your setup in the future](#2-maintaining-your-setup-in-the-future) and [Finalize the installation](#3-finalize-the-installation) + + +### Installing a server into which you'll import old data + +If you will be importing data into your newly created Matrix server, install it, but **do not** start its services just yet. +Starting its services or messing with its database now will affect your data import later on. + +To do the installation **without** starting services, run only the `setup-all` tag: + +```sh ansible-playbook -i inventory/hosts setup.yml --tags=setup-all ``` -The above command **doesn't start any services just yet** (another step does this later - below). Feel free to **re-run this setup command any time** you think something is off with the server configuration. +When this command completes, services won't be running yet. -**Notes**: -- if you **don't** use SSH keys for authentication, but rather a regular password, you may need to add `--ask-pass` to the above (and all other) Ansible commands. -- if you **do** use SSH keys for authentication, **and** use a non-root user to *become* root (sudo), you may need to add `-K` (`--ask-become-pass`) to the above (and all other) Ansible commands. - - -## 2. Things you might want to do after installing - -**Before starting the services**, you may want to do additional things like: +You can now: - [Importing an existing SQLite database (from another Synapse installation)](importing-synapse-sqlite.md) (optional) @@ -27,21 +66,26 @@ The above command **doesn't start any services just yet** (another step does thi - [Importing `media_store` data files from an existing Synapse installation](importing-synapse-media-store.md) (optional) +.. and then proceed to starting all services: -## 3. Starting the services - -When you're ready to start the Matrix services (and set them up to auto-start in the future), run this command: - -```bash +```sh ansible-playbook -i inventory/hosts setup.yml --tags=start ``` -## 4. Finalize the installation +Proceed to [Maintaining your setup in the future](#2-maintaining-your-setup-in-the-future) and [Finalize the installation](#3-finalize-the-installation) + + +## 2. Maintaining your setup in the future + +Feel free to **re-run the setup command any time** you think something is off with the server configuration. Ansible will take your configuration and update your server to match. + + +## 3. Finalize the installation Now that services are running, you need to **finalize the installation process** (required for federation to work!) by [Configuring Service Discovery via .well-known](configuring-well-known.md). -## 5. Things to do next +## 4. Things to do next After you have started the services and **finalized the installation process** (required for federation to work!) by [Configuring Service Discovery via .well-known](configuring-well-known.md), you can: diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index e5de094f..872e778b 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -2677,3 +2677,37 @@ matrix_conduit_systemd_required_services_list: | # /matrix-conduit # ###################################################################### + + +###################################################################### +# +# matrix-user-creator +# +###################################################################### + +matrix_user_creator_users_auto: | + {{ + [{ + 'username': matrix_bot_matrix_reminder_bot_matrix_user_id_localpart, + 'initial_password': matrix_bot_matrix_reminder_bot_matrix_user_password, + 'initial_type': 'bot', + }] if matrix_bot_matrix_reminder_bot_enabled else [] + + + [{ + 'username': matrix_bot_honoroit_login, + 'initial_password': matrix_bot_honoroit_password, + 'initial_type': 'bot', + }] if matrix_bot_honoroit_enabled else [] + + + [{ + 'username': matrix_bot_postmoogle_login, + 'initial_password': matrix_bot_postmoogle_password, + 'initial_type': 'bot', + }] if matrix_bot_postmoogle_enabled else [] + }} + +###################################################################### +# +# /matrix-user-creator +# +###################################################################### diff --git a/roles/matrix-user-creator/defaults/main.yml b/roles/matrix-user-creator/defaults/main.yml new file mode 100644 index 00000000..5c90a1e0 --- /dev/null +++ b/roles/matrix-user-creator/defaults/main.yml @@ -0,0 +1,22 @@ +--- + +# matrix-user-creator is a role that aims to automate initial Matrix user account creation. +# +# This role only supports initial user account creation and will not manage subsequent user-type changes +# or password changes. +# +# The playbook registers various bot user accounts automatically using this role by injecting +# user creation definitions into the `matrix_user_creator_users_auto` variable. +# +# To get started creating your own Matrix user accounts, use the `matrix_user_creator_users_additional` variable. + +# matrix_user_creator_users_auto holds a list of users that should be created on the Matrix homeserver. +# The playbook adds some user definitions here to have them end up in `matrix_user_creator_users` (see `vars/main.yml`) and get automatically created. +# This value is influenced by the playbook and will be overwritten elsewhere (`group_vars/`, etc.) +# To add your own user definitions, use the `matrix_user_creator_users_additional` variable. +matrix_user_creator_users_auto: [] + +# matrix_user_creator_users_additional holds a list of users that should be created on the Matrix homeserver. +# Add your own users here to have them end up in `matrix_user_creator_users` (see `vars/main.yml`) and get automatically created. +# For example syntax for this variable, see the documentation for `matrix_user_creator_users` in `vars/main.yml`. +matrix_user_creator_users_additional: [] diff --git a/roles/matrix-user-creator/tasks/main.yml b/roles/matrix-user-creator/tasks/main.yml new file mode 100644 index 00000000..ba20504f --- /dev/null +++ b/roles/matrix-user-creator/tasks/main.yml @@ -0,0 +1,9 @@ +--- + +- when: matrix_user_creator_users | length > 0 + ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup.yml" + tags: + # This role intentionally doesn't do work on a `setup-all` tag. + # If it did, the initial installation (`--tags=setup-all`) would also potentially polute the database with data, + # which would make importing a database dump problematic. + - ensure-matrix-users-created diff --git a/roles/matrix-user-creator/tasks/setup.yml b/roles/matrix-user-creator/tasks/setup.yml new file mode 100644 index 00000000..73dfd454 --- /dev/null +++ b/roles/matrix-user-creator/tasks/setup.yml @@ -0,0 +1,33 @@ +--- + +- name: Validate Matrix users to create + ansible.builtin.include_tasks: "{{ role_path }}/tasks/util/validate_user.yml" + with_items: "{{ matrix_user_creator_users }}" + loop_control: + loop_var: user + # Suppress logging to avoid dumping the credentials to the shell + no_log: true + +- name: Ensure systemd is reloaded before starting the homeserver + ansible.builtin.service: + daemon_reload: true + +- name: Ensure homeserver is started before creating Matrix users + ansible.builtin.service: + name: "matrix-{{ matrix_homeserver_implementation }}.service" + state: started + daemon_reload: true + register: matrix_user_registrator_homeserver_start_result + +- name: Wait a while, so that the homeserver can manage to start before creating Matrix users + ansible.builtin.pause: + seconds: 7 + when: matrix_user_registrator_homeserver_start_result.changed | bool + +- name: Ensure Matrix users are created + ansible.builtin.include_tasks: "{{ role_path }}/tasks/util/ensure_user_registered_{{ matrix_homeserver_implementation }}.yml" + with_items: "{{ matrix_user_creator_users }}" + loop_control: + loop_var: user + # Suppress logging to avoid dumping the credentials to the shell + no_log: true diff --git a/roles/matrix-user-creator/tasks/util/ensure_user_registered_conduit.yml b/roles/matrix-user-creator/tasks/util/ensure_user_registered_conduit.yml new file mode 100644 index 00000000..8bbd147b --- /dev/null +++ b/roles/matrix-user-creator/tasks/util/ensure_user_registered_conduit.yml @@ -0,0 +1,5 @@ +--- + +- name: Ensure Conduit user registered - {{ user.username | quote }} + ansible.builtin.debug: + msg: "Not registering user. To register Conduit users, message the Conduit bot" diff --git a/roles/matrix-user-creator/tasks/util/ensure_user_registered_dendrite.yml b/roles/matrix-user-creator/tasks/util/ensure_user_registered_dendrite.yml new file mode 100644 index 00000000..5fb1636f --- /dev/null +++ b/roles/matrix-user-creator/tasks/util/ensure_user_registered_dendrite.yml @@ -0,0 +1,17 @@ +--- + +- name: Ensure Dendrite user registered - {{ user.username | quote }} + ansible.builtin.command: + cmd: |- + {{ matrix_host_command_docker }} exec matrix-dendrite + create-account + -config /data/dendrite.yaml + -username {{ user.username | quote }} + -password {{ user.initial_password | quote }} + {% if user.initial_type == 'admin' %} + -admin + {% endif %} + -url http://localhost:{{ matrix_dendrite_http_bind_port }} + register: matrix_dendrite_register_user_result + changed_when: matrix_dendrite_register_user_result.rc == 0 and 'Desired user ID is already taken' not in matrix_dendrite_register_user_result.stderr + failed_when: matrix_dendrite_register_user_result.rc != 0 and 'Desired user ID is already taken' not in matrix_dendrite_register_user_result.stderr diff --git a/roles/matrix-user-creator/tasks/util/ensure_user_registered_synapse.yml b/roles/matrix-user-creator/tasks/util/ensure_user_registered_synapse.yml new file mode 100644 index 00000000..fde82096 --- /dev/null +++ b/roles/matrix-user-creator/tasks/util/ensure_user_registered_synapse.yml @@ -0,0 +1,22 @@ +--- + +- name: Ensure Synapse user registered - {{ user.username | quote }} + ansible.builtin.command: + cmd: |- + {{ matrix_host_command_docker }} exec matrix-synapse + register_new_matrix_user + -u {{ user.username | quote }} + -p {{ user.initial_password | quote }} + -c /data/homeserver.yaml + {% if user.initial_type == 'admin' %} + --admin + {% else %} + --no-admin + {% if user.initial_type != 'user' %} + --user_type={{ user.initial_type | quote }} + {% endif %} + {% endif %} + http://localhost:{{ matrix_synapse_container_client_api_port }} + register: matrix_synapse_register_user_result + changed_when: matrix_synapse_register_user_result.rc == 0 and 'User ID already taken' not in matrix_synapse_register_user_result.stdout + failed_when: matrix_synapse_register_user_result.rc != 0 and 'User ID already taken' not in matrix_synapse_register_user_result.stdout diff --git a/roles/matrix-user-creator/tasks/util/validate_user.yml b/roles/matrix-user-creator/tasks/util/validate_user.yml new file mode 100644 index 00000000..e35475d4 --- /dev/null +++ b/roles/matrix-user-creator/tasks/util/validate_user.yml @@ -0,0 +1,16 @@ +--- + +- name: Fail if invalid username + ansible.builtin.fail: + msg: "Empty usernames values are not allowed ({{ user }})" + when: not (user.username | default('')) + +- name: Fail if invalid initial_password for user - {{ user.username }} + ansible.builtin.fail: + msg: "Empty initial_password values are not allowed" + when: not (user.initial_password | default('')) + +- name: Fail if invalid initial_type for user - {{ user.username }} + ansible.builtin.fail: + msg: "User initial_type `{{ user.initial_type | default('undefined') }}` is not supported" + when: user.initial_type | default('undefined') not in ['admin', 'user', 'bot', 'support'] diff --git a/roles/matrix-user-creator/vars/main.yml b/roles/matrix-user-creator/vars/main.yml new file mode 100644 index 00000000..7b65bb8a --- /dev/null +++ b/roles/matrix-user-creator/vars/main.yml @@ -0,0 +1,34 @@ +--- + +# matrix_user_creator_users holds a list of users that should be created on the Matrix homeserver. +# +# Removing a user from this list will not automatically delete/disable the Matrix user on the homeserver. +# +# As the `initial_password` / `initial_type` field names indicate, these are just initial values. +# Changing the password or type values subsequently will not update the already existing user's details. +# +# The known user types are: 'admin', 'user', 'bot', 'support'. +# These are inspired by Synapse's user types. +# 'admin' and 'user' types are generally recognized across homeservers. +# Other homeservers may not support 'bot' and 'support'. Such homeservers will fall back to whatever types they do support. +# +# Example: +# matrix_user_creator_users: +# - username: root +# initial_password: some-password +# initial_type: admin +# +# - username: john +# initial_password: some-password +# initial_type: user +# +# - username: bot.matrix-reminder-bot +# initial_password: some-password +# initial_type: bot +# +# - username: bot.matrix-reminder-bot +# initial_password: some-password +# initial_type: support +# +# To create you own users, use the `matrix_user_creator_users_additional` variable. +matrix_user_creator_users: "{{ matrix_user_creator_users_auto + matrix_user_creator_users_additional }}" diff --git a/setup.yml b/setup.yml index 723f87d9..b4179354 100755 --- a/setup.yml +++ b/setup.yml @@ -72,4 +72,5 @@ - matrix-aux - matrix-postgres-backup - matrix-backup-borg + - matrix-user-creator - matrix-common-after From 34873da3fd158a5675f88f32eb96e551f128b1ff Mon Sep 17 00:00:00 2001 From: array-in-a-matrix Date: Tue, 1 Nov 2022 10:58:05 -0400 Subject: [PATCH 509/562] moved login instructions to useage --- ...iguring-playbook-bridge-mautrix-discord.md | 28 +++++++++++-------- 1 file changed, 16 insertions(+), 12 deletions(-) diff --git a/docs/configuring-playbook-bridge-mautrix-discord.md b/docs/configuring-playbook-bridge-mautrix-discord.md index 80c2f165..0a704696 100644 --- a/docs/configuring-playbook-bridge-mautrix-discord.md +++ b/docs/configuring-playbook-bridge-mautrix-discord.md @@ -12,19 +12,9 @@ See the project's [documentation](https://docs.mau.fi/bridges/go/discord/index.h ## Prerequisites -There are 2 ways to link the bridge to discord. +There are 2 ways to login to discord using this bridge, either by [scanning a QR code](#method-1-login-using-qr-code-recommended) using the Discord mobile app **or** by using a [Discord token](#method-2-login-using-discord-token-not-recommended). -### Method 1: Login using QR code - -For using this bridge, you would need to authenticate by **scanning a QR code** with the Discord app on your phone. - -You can delete the Discord app after the authentication process. - -If this is a dealbreaker for you, consider using the [second method](#method-2-login-using-discord-token) or one of the other Discord bridges supported by the playbook: [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) or [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md). These come with their own complexity and limitations, however, so we recommend that you proceed with this one if possible. - -### Method 2: Login using Discord token - -To acquire the token, open Discord in a private browser window. Then open the developer settings (keyboard shortcut might be "ctrl+shift+i" or by pressing "F12"). Navigate to the "Network" tab then reload the page. In the URL filter or search bar type "/api" and find the response with the file name of "library". Under the request headers you should find a variable called "Authorization", this is the token to your Discord account. +If this is a dealbreaker for you, consider using one of the other Discord bridges supported by the playbook: [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) or [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md). These come with their own complexity and limitations, however, so we recommend that you proceed with this one if possible. ## Installing @@ -76,6 +66,20 @@ When using this method, **each user** that wishes to enable Double Puppeting nee ## Usage +### Logging in + +#### Method 1: Login using QR code (recommended) + +For using this bridge, you would need to authenticate by **scanning a QR code** with the Discord app on your phone. + +You can delete the Discord app after the authentication process. + +#### Method 2: Login using Discord token (not recommended) + +To acquire the token, open Discord in a private browser window. Then open the developer settings (keyboard shortcut might be "ctrl+shift+i" or by pressing "F12"). Navigate to the "Network" tab then reload the page. In the URL filter or search bar type "/api" and find the response with the file name of "library". Under the request headers you should find a variable called "Authorization", this is the token to your Discord account. After copying the token you can close the browser window. + +### Bridging + 1. Start a chat with `@discordbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). 2. If you would like to login to Discord using a token, send `login-token` command, otherwise, send `login-qr` command. 3. You'll see a QR code which you need to scan with the Discord app on your phone. You can scan it with the camera app too, which will open Discord, which will then instruct you to scan it a 2nd time in the Discord app. From eaa9b7cfc4a05bce65cbc0424508bec827c44fb1 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 1 Nov 2022 17:03:53 +0200 Subject: [PATCH 510/562] Add automatic user account creation support to Buscarron Continuation of c3dc64b1d5e06f --- docs/configuring-playbook-bot-buscarron.md | 29 +++++++++------------- group_vars/matrix_servers | 6 +++++ 2 files changed, 18 insertions(+), 17 deletions(-) diff --git a/docs/configuring-playbook-bot-buscarron.md b/docs/configuring-playbook-bot-buscarron.md index b38f25c6..0b80ba40 100644 --- a/docs/configuring-playbook-bot-buscarron.md +++ b/docs/configuring-playbook-bot-buscarron.md @@ -5,20 +5,6 @@ The playbook can install and configure [buscarron](https://gitlab.com/etke.cc/bu It's a bot you can use to setup **your own helpdesk on matrix** It's a bot you can use to send any form (HTTP POST, HTML) to a (encrypted) matrix room -## Registering the bot user - -By default, the playbook will set up the bot with a username like this: `@bot.buscarron:DOMAIN`. - -(to use a different username, adjust the `matrix_bot_buscarron_login` variable). - -You **need to register the bot user manually** before setting up the bot. You can use the playbook to [register a new user](registering-users.md): - -``` -ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=bot.buscarron password=PASSWORD_FOR_THE_BOT admin=no' --tags=register-user -``` - -Choose a strong password for the bot. You can generate a good password with a command like this: `pwgen -s 64 1`. - ## Adjusting the playbook configuration @@ -27,7 +13,10 @@ Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars. ```yaml matrix_bot_buscarron_enabled: true -# Adjust this to whatever password you chose when registering the bot user +# Uncomment and adjust this part if you'd like to use a username different than the default +# matrix_bot_buscarron_login: bot.buscarron + +# Generate a strong password here. Consider generating it with `pwgen -s 64 1` matrix_bot_buscarron_password: PASSWORD_FOR_THE_BOT # Adjust accepted forms @@ -57,9 +46,15 @@ matrix_server_fqn_buscarron: "form.{{ matrix_domain }}" After configuring the playbook, run the [installation](installing.md) command again: +```sh +ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,ensure-matrix-users-created,start ``` -ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start -``` + +**Notes**: + +- the `ensure-matrix-users-created` playbook tag makes the playbook automatically create the bot's user account + +- if you change the bot password (`matrix_bot_buscarron_password` in your `vars.yml` file) subsequently, the bot user's credentials on the homeserver won't be updated automatically. If you'd like to change the bot user's password, use a tool like [synapse-admin](configuring-playbook-synapse-admin.md) to change it, and then update `matrix_bot_buscarron_password` to let the bot know its new password ## Usage diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 872e778b..bdf5dcce 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -2704,6 +2704,12 @@ matrix_user_creator_users_auto: | 'initial_password': matrix_bot_postmoogle_password, 'initial_type': 'bot', }] if matrix_bot_postmoogle_enabled else [] + + + [{ + 'username': matrix_bot_buscarron_login, + 'initial_password': matrix_bot_buscarron_password, + 'initial_type': 'bot', + }] if matrix_bot_buscarron_enabled else [] }} ###################################################################### From fe360d7f99f645f81c8684f3d30664a23988413a Mon Sep 17 00:00:00 2001 From: array-in-a-matrix Date: Tue, 1 Nov 2022 11:08:10 -0400 Subject: [PATCH 511/562] added missing comma --- docs/configuring-playbook-bridge-mautrix-discord.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bridge-mautrix-discord.md b/docs/configuring-playbook-bridge-mautrix-discord.md index 0a704696..f717f8af 100644 --- a/docs/configuring-playbook-bridge-mautrix-discord.md +++ b/docs/configuring-playbook-bridge-mautrix-discord.md @@ -76,7 +76,7 @@ You can delete the Discord app after the authentication process. #### Method 2: Login using Discord token (not recommended) -To acquire the token, open Discord in a private browser window. Then open the developer settings (keyboard shortcut might be "ctrl+shift+i" or by pressing "F12"). Navigate to the "Network" tab then reload the page. In the URL filter or search bar type "/api" and find the response with the file name of "library". Under the request headers you should find a variable called "Authorization", this is the token to your Discord account. After copying the token you can close the browser window. +To acquire the token, open Discord in a private browser window. Then open the developer settings (keyboard shortcut might be "ctrl+shift+i" or by pressing "F12"). Navigate to the "Network" tab then reload the page. In the URL filter or search bar type "/api" and find the response with the file name of "library". Under the request headers you should find a variable called "Authorization", this is the token to your Discord account. After copying the token, you can close the browser window. ### Bridging From b7bd68d3cb58e7e48e239ba66867a8b4c4f1631e Mon Sep 17 00:00:00 2001 From: Michael Hollister Date: Tue, 1 Nov 2022 13:11:11 -0500 Subject: [PATCH 512/562] Fixed filter for Synapse stream_writer HS config --- roles/matrix-synapse/tasks/synapse/workers/init.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-synapse/tasks/synapse/workers/init.yml b/roles/matrix-synapse/tasks/synapse/workers/init.yml index 0fc4e79c..d88884d0 100644 --- a/roles/matrix-synapse/tasks/synapse/workers/init.yml +++ b/roles/matrix-synapse/tasks/synapse/workers/init.yml @@ -37,7 +37,7 @@ - name: Populate matrix_synapse_stream_writers from enabled stream writer workers list ansible.builtin.set_fact: - matrix_synapse_stream_writers: "{{ matrix_synapse_stream_writers | combine({item.ansible_facts.worker.stream_writer_stream: [item.ansible_facts.worker.name]}) }}" + matrix_synapse_stream_writers: "{{ matrix_synapse_stream_writers | combine({item.ansible_facts.worker.stream_writer_stream: [item.ansible_facts.worker.name]}, list_merge='append') }}" with_items: "{{ matrix_synapse_workers_list_results_stream_writer_workers.results }}" - name: Build federation sender workers From 28d9ee857895e257bef651df9d91e45b5f28335c Mon Sep 17 00:00:00 2001 From: Darren Rambaud Date: Tue, 1 Nov 2022 14:12:52 -0500 Subject: [PATCH 513/562] dendrite: update tag to v0.10.6 - update tag to latest dendrite release (https://github.com/matrix-org/dendrite/releases/tag/v0.10.6) --- roles/matrix-dendrite/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml index 945c1619..a1d03960 100644 --- a/roles/matrix-dendrite/defaults/main.yml +++ b/roles/matrix-dendrite/defaults/main.yml @@ -6,7 +6,7 @@ matrix_dendrite_enabled: true matrix_dendrite_docker_image: "{{ matrix_dendrite_docker_image_name_prefix }}matrixdotorg/dendrite-monolith:{{ matrix_dendrite_docker_image_tag }}" matrix_dendrite_docker_image_name_prefix: "docker.io/" -matrix_dendrite_docker_image_tag: "v0.10.5" +matrix_dendrite_docker_image_tag: "v0.10.6" matrix_dendrite_docker_image_force_pull: "{{ matrix_dendrite_docker_image.endswith(':latest') }}" matrix_dendrite_base_path: "{{ matrix_base_data_path }}/dendrite" From 8a609e5cf2b0bf59fdbf36cdcaafdfc9cf750d1d Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 2 Nov 2022 07:00:45 +0200 Subject: [PATCH 514/562] Fix some ansible-lint-reported errors --- roles/matrix-base/tasks/setup_matrix_base.yml | 2 +- roles/matrix-bridge-hookshot/defaults/main.yml | 4 ++-- roles/matrix-postgres/tasks/import_postgres.yml | 4 ++-- roles/matrix-postgres/tasks/run_vacuum.yml | 4 ++-- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/roles/matrix-base/tasks/setup_matrix_base.yml b/roles/matrix-base/tasks/setup_matrix_base.yml index 0bf197b6..2439fdea 100644 --- a/roles/matrix-base/tasks/setup_matrix_base.yml +++ b/roles/matrix-base/tasks/setup_matrix_base.yml @@ -22,7 +22,7 @@ - name: Save current git-repo status on the target to aid with restoring in case of problems when: "matrix_playbook_commit_hash_preservation_enabled|bool" block: - - name: Get local git hash # noqa command-instead-of-module + - name: Get local git hash # noqa command-instead-of-module delegate_to: 127.0.0.1 become: false register: git_describe diff --git a/roles/matrix-bridge-hookshot/defaults/main.yml b/roles/matrix-bridge-hookshot/defaults/main.yml index 96781f9a..4c39876a 100644 --- a/roles/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/matrix-bridge-hookshot/defaults/main.yml @@ -129,8 +129,8 @@ matrix_hookshot_generic_user_id_prefix: '_webhooks_' matrix_hookshot_feeds_enabled: true -matrix_hookshot_feeds_pollIntervalSeconds: 600 -matrix_hookshot_feeds_pollTimeoutSeconds: 10 +matrix_hookshot_feeds_pollIntervalSeconds: 600 # no-qa var-naming +matrix_hookshot_feeds_pollTimeoutSeconds: 10 # no-qa var-naming # There is no need to edit ports. use matrix_hookshot_container_http_host_bind_ports below to expose ports instead. diff --git a/roles/matrix-postgres/tasks/import_postgres.yml b/roles/matrix-postgres/tasks/import_postgres.yml index 107a1f88..d5bfaa86 100644 --- a/roles/matrix-postgres/tasks/import_postgres.yml +++ b/roles/matrix-postgres/tasks/import_postgres.yml @@ -51,8 +51,8 @@ daemon_reload: true register: matrix_postgres_import_start_result -- when: matrix_postgres_import_start_result.changed | bool - name: Wait a bit, so that Postgres can start +- name: Wait a bit, so that Postgres can start + when: matrix_postgres_import_start_result.changed | bool ansible.builtin.wait_for: timeout: "{{ postgres_start_wait_time }}" delegate_to: 127.0.0.1 diff --git a/roles/matrix-postgres/tasks/run_vacuum.yml b/roles/matrix-postgres/tasks/run_vacuum.yml index 1b769f01..c1bf8d76 100644 --- a/roles/matrix-postgres/tasks/run_vacuum.yml +++ b/roles/matrix-postgres/tasks/run_vacuum.yml @@ -30,8 +30,8 @@ daemon_reload: true register: matrix_postgres_vacuum_start_result -- when: matrix_postgres_vacuum_start_result.changed | bool - name: Wait a bit, so that Postgres can start +- name: Wait a bit, so that Postgres can start + when: matrix_postgres_vacuum_start_result.changed | bool ansible.builtin.wait_for: timeout: "{{ postgres_start_wait_time }}" delegate_to: 127.0.0.1 From 0fd9f3d4f99076fab4bc85a8b16dfda324aa4091 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Wed, 2 Nov 2022 07:21:09 +0000 Subject: [PATCH 515/562] Pin mautrix-instagram to v0.2.2 --- roles/matrix-bridge-mautrix-instagram/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-instagram/defaults/main.yml b/roles/matrix-bridge-mautrix-instagram/defaults/main.yml index 7305d0fb..dcdf6723 100644 --- a/roles/matrix-bridge-mautrix-instagram/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-instagram/defaults/main.yml @@ -8,7 +8,7 @@ matrix_mautrix_instagram_container_image_self_build: false matrix_mautrix_instagram_container_image_self_build_repo: "https://github.com/mautrix/instagram.git" matrix_mautrix_instagram_container_image_self_build_repo_version: "{{ 'master' if matrix_mautrix_instagram_version == 'latest' else matrix_mautrix_instagram_version }}" -matrix_mautrix_instagram_version: latest +matrix_mautrix_instagram_version: v0.2.2 # See: https://mau.dev/tulir/mautrix-instagram/container_registry matrix_mautrix_instagram_docker_image: "{{ matrix_mautrix_instagram_docker_image_name_prefix }}mautrix/instagram:{{ matrix_mautrix_instagram_version }}" matrix_mautrix_instagram_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_instagram_container_image_self_build else 'dock.mau.dev/' }}" From 752d2ba8d0e4ed458633e9acbfd3a4680fe8ddaf Mon Sep 17 00:00:00 2001 From: Samuel Meenzen Date: Wed, 2 Nov 2022 20:39:14 +0100 Subject: [PATCH 516/562] Update matrix_servers --- group_vars/matrix_servers | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 3988a2b3..2e3a217c 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -696,7 +696,7 @@ matrix_mautrix_discord_database_engine: "{{ 'postgres' if matrix_postgres_enable matrix_mautrix_discord_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'maudiscord.db') | to_uuid }}" # Enabling bridge.restricted_rooms for this bridge does not work well with Conduit, so we disable it by default. -# See: todo: add link to upstream issue +# This will be fixed in the upcoming `0.5.0` release of conduit. matrix_mautrix_discord_bridge_restricted_rooms: "{{ false if matrix_homeserver_implementation == 'conduit' else true }}" ###################################################################### From e1cfb6e79ff09f80063db89bc4fee10d6a621222 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 3 Nov 2022 07:42:08 +0200 Subject: [PATCH 517/562] Make yamllint happy --- roles/matrix-bridge-mautrix-discord/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-discord/defaults/main.yml b/roles/matrix-bridge-mautrix-discord/defaults/main.yml index d3eae38a..7163954a 100644 --- a/roles/matrix-bridge-mautrix-discord/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-discord/defaults/main.yml @@ -143,4 +143,4 @@ matrix_mautrix_discord_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_d # On conduit this option may prevent you from joining spaces created by the bridge. # Setting this to false fixes the issue. -matrix_mautrix_discord_bridge_restricted_rooms: true \ No newline at end of file +matrix_mautrix_discord_bridge_restricted_rooms: true From 410a915a8ab72a2715b14488522ad549a2ca1492 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 3 Nov 2022 09:11:29 +0200 Subject: [PATCH 518/562] Move roles/matrix* to roles/custom/matrix* This paves the way for installing other roles into `roles/galaxy` using `ansible-galaxy`, similar to how it's done in: - https://github.com/spantaleev/gitea-docker-ansible-deploy - https://github.com/spantaleev/nextcloud-docker-ansible-deploy In the near future, we'll be removing a lot of the shared role code from here and using upstream roles for it. Some of the core `matrix-*` roles have already been extracted out into other reusable roles: - https://github.com/devture/com.devture.ansible.role.postgres - https://github.com/devture/com.devture.ansible.role.systemd_docker_base - https://github.com/devture/com.devture.ansible.role.timesync - https://github.com/devture/com.devture.ansible.role.vars_preserver - https://github.com/devture/com.devture.ansible.role.playbook_runtime_messages - https://github.com/devture/com.devture.ansible.role.playbook_help We just need to migrate to those. --- .yamllint | 2 +- CHANGELOG.md | 14 +- Makefile | 5 +- docs/configuring-playbook-backup-borg.md | 2 +- ...ng-playbook-bridge-appservice-kakaotalk.md | 4 +- ...iguring-playbook-bridge-beeper-linkedin.md | 2 +- ...onfiguring-playbook-bridge-heisenbridge.md | 2 +- docs/configuring-playbook-bridge-hookshot.md | 12 +- ...iguring-playbook-bridge-mautrix-discord.md | 8 +- ...guring-playbook-bridge-mautrix-facebook.md | 2 +- ...uring-playbook-bridge-mautrix-instagram.md | 2 +- ...figuring-playbook-bridge-mautrix-signal.md | 2 +- docs/configuring-playbook-client-element.md | 6 +- docs/configuring-playbook-dimension.md | 4 +- .../configuring-playbook-external-postgres.md | 2 +- docs/configuring-playbook-jitsi.md | 2 +- docs/configuring-playbook-ma1sd.md | 4 +- docs/configuring-playbook-mautrix-bridges.md | 4 +- docs/configuring-playbook-nginx.md | 4 +- docs/configuring-playbook-ntfy.md | 2 +- docs/configuring-playbook-own-webserver.md | 4 +- docs/configuring-playbook-sygnal.md | 4 +- ...ng-playbook-synapse-s3-storage-provider.md | 2 +- docs/configuring-playbook-synapse.md | 6 +- examples/vars.yml | 2 +- .../{ => custom}/matrix-aux/defaults/main.yml | 0 roles/{ => custom}/matrix-aux/tasks/main.yml | 0 roles/{ => custom}/matrix-aux/tasks/setup.yml | 0 .../matrix-backup-borg/defaults/main.yml | 0 .../matrix-backup-borg/tasks/init.yml | 0 .../matrix-backup-borg/tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../matrix-backup-borg/templates/passwd.j2 | 0 .../matrix-backup-borg/templates/sshkey.j2 | 0 .../systemd/matrix-backup-borg.service.j2 | 0 .../systemd/matrix-backup-borg.timer.j2 | 0 .../matrix-base/defaults/main.yml | 0 .../files/yum.repos.d/docker-ce-centos.repo | 0 .../files/yum.repos.d/docker-ce-fedora.repo | 0 .../matrix-base/tasks/clean_up_old_files.yml | 0 roles/{ => custom}/matrix-base/tasks/main.yml | 0 .../matrix-base/tasks/sanity_check.yml | 0 .../matrix-base/tasks/server_base/setup.yml | 0 .../tasks/server_base/setup_archlinux.yml | 0 .../tasks/server_base/setup_debian.yml | 0 .../tasks/server_base/setup_fedora.yml | 0 .../tasks/server_base/setup_raspbian.yml | 0 .../tasks/server_base/setup_redhat.yml | 0 .../tasks/server_base/setup_redhat8.yml | 0 .../matrix-base/tasks/setup_matrix_base.yml | 0 .../matrix-base/tasks/setup_matrix_user.yml | 0 .../matrix-base/tasks/setup_well_known.yml | 0 .../tasks/util/ensure_fuse_installed.yml | 0 .../tasks/util/ensure_openssl_installed.yml | 0 .../static-files/well-known/matrix-client.j2 | 0 .../static-files/well-known/matrix-server.j2 | 0 .../static-files/well-known/matrix-support.j2 | 0 .../usr-local-bin/matrix-remove-all.j2 | 0 roles/{ => custom}/matrix-base/vars/main.yml | 0 .../matrix-bot-buscarron/defaults/main.yml | 0 .../matrix-bot-buscarron/tasks/init.yml | 0 .../matrix-bot-buscarron/tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../matrix-bot-buscarron/templates/env.j2 | 0 .../systemd/matrix-bot-buscarron.service.j2 | 0 .../matrix-bot-go-neb/defaults/main.yml | 0 .../matrix-bot-go-neb/tasks/init.yml | 0 .../matrix-bot-go-neb/tasks/main.yml | 0 .../matrix-bot-go-neb/tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../systemd/matrix-bot-go-neb.service.j2 | 0 .../matrix-bot-honoroit/defaults/main.yml | 0 .../matrix-bot-honoroit/tasks/init.yml | 0 .../matrix-bot-honoroit/tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../matrix-bot-honoroit/templates/env.j2 | 0 .../systemd/matrix-bot-honoroit.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config/config.yml.j2 | 0 ...rix-bot-matrix-registration-bot.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../matrix-bot-matrix-reminder-bot.service.j2 | 0 .../matrix-bot-maubot/defaults/main.yml | 0 .../matrix-bot-maubot/tasks/init.yml | 0 .../matrix-bot-maubot/tasks/main.yml | 0 .../matrix-bot-maubot/tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config/config.yaml.j2 | 0 .../systemd/matrix-bot-maubot.service.j2 | 0 .../matrix-bot-mjolnir/defaults/main.yml | 0 .../matrix-bot-mjolnir/tasks/init.yml | 0 .../matrix-bot-mjolnir/tasks/main.yml | 0 .../tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/production.yaml.j2 | 0 .../systemd/matrix-bot-mjolnir.service.j2 | 0 .../matrix-bot-postmoogle/defaults/main.yml | 0 .../matrix-bot-postmoogle/tasks/init.yml | 0 .../matrix-bot-postmoogle/tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../matrix-bot-postmoogle/templates/env.j2 | 0 .../systemd/matrix-bot-postmoogle.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../matrix-appservice-discord.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/migrate_nedb_to_postgres.yml | 0 .../tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../systemd/matrix-appservice-irc.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../templates/node-config.json.j2 | 0 ...atrix-appservice-kakaotalk-node.service.j2 | 0 .../matrix-appservice-kakaotalk.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/migrate_nedb_to_postgres.yml | 0 .../tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../matrix-appservice-slack.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../templates/database.json.j2 | 0 .../templates/schema.yml.j2 | 0 .../matrix-appservice-webhooks.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../systemd/matrix-beeper-linkedin.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../systemd/matrix-go-skype-bridge.service.j2 | 0 .../defaults/main.yml | 0 .../matrix-bridge-heisenbridge/tasks/init.yml | 0 .../matrix-bridge-heisenbridge/tasks/main.yml | 0 .../tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../systemd/matrix-heisenbridge.service.j2 | 0 .../matrix-bridge-hookshot/defaults/main.yml | 0 .../matrix-bridge-hookshot/files/.gitkeep | 0 .../matrix-bridge-hookshot/tasks/init.yml | 0 .../matrix-bridge-hookshot/tasks/main.yml | 0 .../tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yml.j2 | 0 .../templates/registration.yml.j2 | 0 .../systemd/matrix-hookshot.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../systemd/matrix-mautrix-discord.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../matrix-mautrix-facebook.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../matrix-mautrix-googlechat.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../matrix-mautrix-hangouts.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../matrix-mautrix-instagram.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../templates/env.j2 | 0 .../templates/registration.yaml.j2 | 0 .../matrix-mautrix-signal-daemon.service.j2 | 0 .../systemd/matrix-mautrix-signal.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../matrix-mautrix-telegram.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../systemd/matrix-mautrix-twitter.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../matrix-mautrix-whatsapp.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../matrix-mx-puppet-discord.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../matrix-mx-puppet-groupme.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../matrix-mx-puppet-instagram.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../systemd/matrix-mx-puppet-slack.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../systemd/matrix-mx-puppet-steam.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../matrix-mx-puppet-twitter.service.j2 | 0 .../matrix-bridge-sms/defaults/main.yml | 0 .../matrix-bridge-sms/tasks/init.yml | 0 .../matrix-bridge-sms/tasks/main.yml | 0 .../matrix-bridge-sms/tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../systemd/matrix-sms-bridge.service.j2 | 0 .../matrix-cactus-comments/defaults/main.yml | 0 .../matrix-cactus-comments/tasks/init.yml | 0 .../matrix-cactus-comments/tasks/main.yml | 0 .../tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/cactus_appservice.yaml.j2 | 0 .../matrix-cactus-comments/templates/env.j2 | 0 .../systemd/matrix-cactus-comments.service.j2 | 0 .../matrix-client-cinny/defaults/main.yml | 0 .../matrix-client-cinny/tasks/init.yml | 0 .../matrix-client-cinny/tasks/main.yml | 0 .../matrix-client-cinny/tasks/self_check.yml | 0 .../tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.json.j2 | 0 .../templates/nginx.conf.j2 | 0 .../systemd/matrix-client-cinny.service.j2 | 0 .../matrix-client-element/defaults/main.yml | 0 .../matrix-client-element/tasks/init.yml | 0 .../matrix-client-element/tasks/main.yml | 0 .../tasks/migrate_riot_web.yml | 0 .../tasks/prepare_themes.yml | 0 .../tasks/self_check.yml | 0 .../tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.json.j2 | 0 .../templates/nginx.conf.j2 | 0 .../systemd/matrix-client-element.service.j2 | 0 .../templates/welcome.html.j2 | 0 .../matrix-client-element/vars/main.yml | 0 .../matrix-client-hydrogen/defaults/main.yml | 0 .../matrix-client-hydrogen/tasks/init.yml | 0 .../matrix-client-hydrogen/tasks/main.yml | 0 .../tasks/self_check.yml | 0 .../tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.json.j2 | 0 .../templates/nginx.conf.j2 | 0 .../systemd/matrix-client-hydrogen.service.j2 | 0 .../matrix-common-after/defaults/main.yml | 0 .../tasks/dump_runtime_results.yml | 0 .../matrix-common-after/tasks/main.yml | 0 .../tasks/run_docker_prune.yml | 0 .../matrix-common-after/tasks/start.yml | 2 +- .../matrix-common-after/tasks/stop.yml | 0 .../matrix-conduit/defaults/main.yml | 0 .../matrix-conduit/tasks/conduit/setup.yml | 0 .../tasks/conduit/setup_install.yml | 0 .../tasks/conduit/setup_uninstall.yml | 0 .../matrix-conduit/tasks/init.yml | 0 .../matrix-conduit/tasks/main.yml | 0 .../templates/conduit/conduit.toml.j2 | 0 .../conduit/systemd/matrix-conduit.service.j2 | 0 .../{ => custom}/matrix-conduit/vars/main.yml | 0 .../matrix-corporal/defaults/main.yml | 0 .../matrix-corporal/tasks/init.yml | 0 .../matrix-corporal/tasks/main.yml | 0 .../tasks/self_check_corporal.yml | 0 .../matrix-corporal/tasks/setup_corporal.yml | 0 .../matrix-corporal/tasks/validate_config.yml | 0 .../matrix-corporal/templates/config.json.j2 | 0 .../systemd/matrix-corporal.service.j2 | 0 .../matrix-coturn/defaults/main.yml | 0 .../{ => custom}/matrix-coturn/tasks/init.yml | 0 .../{ => custom}/matrix-coturn/tasks/main.yml | 0 .../matrix-coturn/tasks/setup_install.yml | 0 .../matrix-coturn/tasks/setup_uninstall.yml | 0 .../matrix-coturn/tasks/validate_config.yml | 0 .../systemd/matrix-coturn-reload.service.j2 | 0 .../systemd/matrix-coturn-reload.timer.j2 | 0 .../systemd/matrix-coturn.service.j2 | 0 .../templates/turnserver.conf.j2 | 0 .../matrix-dendrite/defaults/main.yml | 0 .../matrix-dendrite/tasks/dendrite/setup.yml | 0 .../tasks/dendrite/setup_install.yml | 0 .../tasks/dendrite/setup_uninstall.yml | 0 .../matrix-dendrite/tasks/init.yml | 0 .../matrix-dendrite/tasks/main.yml | 0 .../matrix-dendrite/tasks/register_user.yml | 0 .../tasks/self_check_client_api.yml | 0 .../tasks/self_check_federation_api.yml | 0 .../matrix-dendrite/tasks/setup_dendrite.yml | 0 .../matrix-dendrite/tasks/validate_config.yml | 0 .../templates/dendrite/dendrite.yaml.j2 | 0 .../systemd/matrix-dendrite.service.j2 | 0 .../matrix-dendrite-create-account.j2 | 0 .../matrix-dendrite/vars/main.yml | 0 .../matrix-dimension/defaults/main.yml | 0 .../matrix-dimension/tasks/init.yml | 0 .../matrix-dimension/tasks/main.yml | 0 .../matrix-dimension/tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../matrix-dimension/templates/config.yaml.j2 | 0 .../systemd/matrix-dimension.service.j2 | 0 .../matrix-dimension/vars/main.yml | 0 .../matrix-dynamic-dns/defaults/main.yml | 0 .../matrix-dynamic-dns/tasks/init.yml | 0 .../matrix-dynamic-dns/tasks/install.yml | 0 .../matrix-dynamic-dns/tasks/main.yml | 0 .../matrix-dynamic-dns/tasks/uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/ddclient.conf.j2 | 0 .../systemd/matrix-dynamic-dns.service.j2 | 0 .../matrix-email2matrix/defaults/main.yml | 0 .../matrix-email2matrix/tasks/init.yml | 0 .../matrix-email2matrix/tasks/main.yml | 0 .../tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.json.j2 | 0 .../systemd/matrix-email2matrix.service.j2 | 0 .../matrix-etherpad/defaults/main.yml | 0 .../matrix-etherpad/tasks/init.yml | 0 .../matrix-etherpad/tasks/main.yml | 0 .../matrix-etherpad/tasks/setup_install.yml | 0 .../matrix-etherpad/tasks/setup_uninstall.yml | 0 .../matrix-etherpad/tasks/validate_config.yml | 0 .../templates/settings.json.j2 | 0 .../systemd/matrix-etherpad.service.j2 | 0 .../matrix-grafana/defaults/main.yml | 0 .../matrix-grafana/tasks/init.yml | 0 .../matrix-grafana/tasks/main.yml | 0 .../matrix-grafana/tasks/setup.yml | 0 .../matrix-grafana/tasks/validate_config.yml | 0 .../templates/dashboards.yaml.j2 | 0 .../templates/datasources.yaml.j2 | 0 .../matrix-grafana/templates/grafana.ini.j2 | 0 .../systemd/matrix-grafana.service.j2 | 0 .../matrix-jitsi/defaults/main.yml | 0 .../{ => custom}/matrix-jitsi/tasks/init.yml | 0 .../{ => custom}/matrix-jitsi/tasks/main.yml | 0 .../matrix-jitsi/tasks/setup_jitsi_base.yml | 0 .../matrix-jitsi/tasks/setup_jitsi_jicofo.yml | 0 .../matrix-jitsi/tasks/setup_jitsi_jvb.yml | 0 .../tasks/setup_jitsi_prosody.yml | 0 .../matrix-jitsi/tasks/setup_jitsi_web.yml | 0 .../tasks/util/setup_jitsi_auth.yml | 0 .../matrix-jitsi/tasks/validate_config.yml | 0 .../matrix-jitsi/templates/jicofo/env.j2 | 0 .../templates/jicofo/logging.properties.j2 | 0 .../jicofo/matrix-jitsi-jicofo.service.j2 | 0 .../jicofo/sip-communicator.properties.j2 | 0 .../jvb/custom-sip-communicator.properties.j2 | 0 .../matrix-jitsi/templates/jvb/env.j2 | 0 .../templates/jvb/logging.properties.j2 | 0 .../templates/jvb/matrix-jitsi-jvb.service.j2 | 0 .../matrix-jitsi/templates/prosody/env.j2 | 0 .../prosody/matrix-jitsi-prosody.service.j2 | 0 .../templates/web/custom-config.js.j2 | 0 .../web/custom-interface_config.js.j2 | 0 .../matrix-jitsi/templates/web/env.j2 | 0 .../templates/web/matrix-jitsi-web.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/ldap-registration-proxy.env.j2 | 0 .../matrix-ldap-registration-proxy.service.j2 | 0 .../matrix-ma1sd/defaults/main.yml | 0 .../{ => custom}/matrix-ma1sd/tasks/init.yml | 0 .../{ => custom}/matrix-ma1sd/tasks/main.yml | 0 .../matrix-ma1sd/tasks/migrate_mxisd.yml | 0 .../matrix-ma1sd/tasks/self_check_ma1sd.yml | 0 .../matrix-ma1sd/tasks/setup_install.yml | 2 +- .../matrix-ma1sd/tasks/setup_uninstall.yml | 0 .../matrix-ma1sd/tasks/validate_config.yml | 0 .../matrix-ma1sd/templates/ma1sd.yaml.j2 | 0 .../templates/systemd/matrix-ma1sd.service.j2 | 0 roles/{ => custom}/matrix-ma1sd/vars/main.yml | 0 .../matrix-mailer/defaults/main.yml | 0 .../{ => custom}/matrix-mailer/tasks/init.yml | 0 .../{ => custom}/matrix-mailer/tasks/main.yml | 0 .../matrix-mailer/tasks/setup_mailer.yml | 0 .../matrix-mailer/templates/env-mailer.j2 | 0 .../systemd/matrix-mailer.service.j2 | 0 .../matrix-nginx-proxy/defaults/main.yml | 2 +- .../matrix-nginx-proxy/tasks/init.yml | 0 .../matrix-nginx-proxy/tasks/main.yml | 0 .../tasks/nginx-proxy/setup_metrics_auth.yml | 0 .../tasks/self_check_well_known.yml | 0 .../tasks/self_check_well_known_file.yml | 0 .../tasks/setup_nginx_proxy.yml | 0 .../tasks/setup_well_known.yml | 0 .../matrix-nginx-proxy/tasks/ssl/main.yml | 0 ...urge_ssl_lets_encrypt_orphaned_configs.yml | 0 .../tasks/ssl/setup_ssl_lets_encrypt.yml | 0 ...tup_ssl_lets_encrypt_obtain_for_domain.yml | 0 .../tasks/ssl/setup_ssl_manually_managed.yml | 0 ...ssl_manually_managed_verify_for_domain.yml | 0 .../tasks/ssl/setup_ssl_self_signed.yml | 0 ...etup_ssl_self_signed_obtain_for_domain.yml | 0 .../tasks/validate_config.yml | 0 .../nginx/conf.d/matrix-base-domain.conf.j2 | 0 .../nginx/conf.d/matrix-bot-buscarron.conf.j2 | 0 .../nginx/conf.d/matrix-bot-go-neb.conf.j2 | 0 .../nginx/conf.d/matrix-client-cinny.conf.j2 | 0 .../conf.d/matrix-client-element.conf.j2 | 0 .../conf.d/matrix-client-hydrogen.conf.j2 | 0 .../nginx/conf.d/matrix-conduit.conf.j2 | 0 .../nginx/conf.d/matrix-dendrite.conf.j2 | 0 .../nginx/conf.d/matrix-dimension.conf.j2 | 0 .../nginx/conf.d/matrix-domain.conf.j2 | 0 .../nginx/conf.d/matrix-grafana.conf.j2 | 0 .../nginx/conf.d/matrix-jitsi.conf.j2 | 0 .../nginx/conf.d/matrix-ntfy.conf.j2 | 0 .../nginx/conf.d/matrix-riot-web.conf.j2 | 0 .../nginx/conf.d/matrix-sygnal.conf.j2 | 0 .../nginx/conf.d/matrix-synapse.conf.j2 | 0 .../templates/nginx/conf.d/nginx-http.conf.j2 | 0 .../templates/nginx/nginx.conf.j2 | 0 .../systemd/matrix-nginx-proxy.service.j2 | 0 ...lets-encrypt-certificates-renew.service.j2 | 0 ...l-lets-encrypt-certificates-renew.timer.j2 | 0 .../matrix-ssl-nginx-proxy-reload.service.j2 | 0 .../matrix-ssl-nginx-proxy-reload.timer.j2 | 0 ...rix-ssl-lets-encrypt-certificates-renew.j2 | 0 .../matrix-nginx-proxy/vars/main.yml | 0 .../matrix-ntfy/defaults/main.yml | 0 roles/{ => custom}/matrix-ntfy/tasks/init.yml | 0 roles/{ => custom}/matrix-ntfy/tasks/main.yml | 0 .../matrix-ntfy/tasks/self_check.yml | 0 .../matrix-ntfy/tasks/setup_install.yml | 0 .../matrix-ntfy/tasks/setup_uninstall.yml | 0 .../matrix-ntfy/templates/ntfy/server.yml.j2 | 0 .../templates/systemd/matrix-ntfy.service.j2 | 0 .../matrix-postgres-backup/defaults/main.yml | 0 .../matrix-postgres-backup/tasks/init.yml | 0 .../matrix-postgres-backup/tasks/main.yml | 0 .../tasks/setup_postgres_backup.yml | 2 +- .../tasks/validate_config.yml | 0 .../templates/env-postgres-backup.j2 | 0 .../systemd/matrix-postgres-backup.service.j2 | 0 .../matrix-postgres/defaults/main.yml | 0 .../detect_existing_postgres_version.yml | 0 .../tasks/import_generic_sqlite_db.yml | 0 .../matrix-postgres/tasks/import_postgres.yml | 0 .../tasks/import_synapse_sqlite_db.yml | 0 .../matrix-postgres/tasks/init.yml | 0 .../matrix-postgres/tasks/main.yml | 0 .../tasks/migrate_db_to_postgres.yml | 2 +- .../tasks/migrate_postgres_data_directory.yml | 0 .../matrix-postgres/tasks/run_vacuum.yml | 0 .../matrix-postgres/tasks/setup_postgres.yml | 0 .../tasks/upgrade_postgres.yml | 0 .../tasks/util/create_additional_database.yml | 0 .../util/create_additional_databases.yml | 0 .../matrix-postgres/tasks/validate_config.yml | 0 .../templates/env-postgres-psql.j2 | 0 .../templates/env-postgres-server.j2 | 0 .../init-additional-db-user-and-role.sql.j2 | 0 .../systemd/matrix-postgres.service.j2 | 0 .../matrix-change-user-admin-status.j2 | 0 .../matrix-postgres-cli-non-interactive.j2 | 0 .../usr-local-bin/matrix-postgres-cli.j2 | 0 ...trix-postgres-update-user-password-hash.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup.yml | 0 ...matrix-prometheus-node-exporter.service.j2 | 0 .../vars/main.yml | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup.yml | 0 ...ix-prometheus-postgres-exporter.service.j2 | 0 .../vars/main.yml | 0 .../matrix-prometheus/defaults/main.yml | 0 .../matrix-prometheus/tasks/init.yml | 0 .../matrix-prometheus/tasks/main.yml | 0 .../matrix-prometheus/tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/prometheus.yml.j2 | 0 .../systemd/matrix-prometheus.service.j2 | 0 .../matrix-redis/defaults/main.yml | 0 .../{ => custom}/matrix-redis/tasks/init.yml | 0 .../{ => custom}/matrix-redis/tasks/main.yml | 0 .../matrix-redis/tasks/setup_redis.yml | 0 .../matrix-redis/templates/redis.conf.j2 | 0 .../templates/systemd/matrix-redis.service.j2 | 0 .../matrix-registration/defaults/main.yml | 0 .../tasks/generate_token.yml | 0 .../matrix-registration/tasks/init.yml | 0 .../matrix-registration/tasks/list_tokens.yml | 0 .../matrix-registration/tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../systemd/matrix-registration.service.j2 | 0 .../matrix-sygnal/defaults/main.yml | 0 .../{ => custom}/matrix-sygnal/tasks/init.yml | 0 .../{ => custom}/matrix-sygnal/tasks/main.yml | 0 .../matrix-sygnal/tasks/setup_install.yml | 0 .../matrix-sygnal/tasks/setup_uninstall.yml | 0 .../matrix-sygnal/tasks/validate_config.yml | 0 .../matrix-sygnal/templates/sygnal.yaml.j2 | 0 .../systemd/matrix-sygnal.service.j2 | 0 .../matrix-synapse-admin/defaults/main.yml | 0 .../matrix-synapse-admin/tasks/init.yml | 0 .../matrix-synapse-admin/tasks/main.yml | 0 .../matrix-synapse-admin/tasks/setup.yml | 0 .../tasks/validate_config.yml | 0 .../systemd/matrix-synapse-admin.service.j2 | 0 .../matrix-synapse/defaults/main.yml | 2 +- .../files/workers-doc-to-yaml.awk | 0 .../files/workers-doc-to-yaml.sh | 0 .../tasks/ext/encryption-disabler/setup.yml | 0 .../ext/encryption-disabler/setup_install.yml | 0 .../encryption-disabler/setup_uninstall.yml | 0 .../tasks/ext/ldap-auth/setup.yml | 0 .../tasks/ext/mjolnir-antispam/setup.yml | 0 .../ext/mjolnir-antispam/setup_install.yml | 0 .../ext/mjolnir-antispam/setup_uninstall.yml | 0 .../tasks/ext/rest-auth/setup.yml | 0 .../tasks/ext/rest-auth/setup_install.yml | 0 .../tasks/ext/rest-auth/setup_uninstall.yml | 0 .../tasks/ext/s3-storage-provider/init.yml | 0 .../tasks/ext/s3-storage-provider/setup.yml | 0 .../ext/s3-storage-provider/setup_install.yml | 0 .../s3-storage-provider/setup_uninstall.yml | 0 .../s3-storage-provider/validate_config.yml | 0 .../matrix-synapse/tasks/ext/setup.yml | 0 .../tasks/ext/shared-secret-auth/setup.yml | 0 .../ext/shared-secret-auth/setup_install.yml | 0 .../shared-secret-auth/setup_uninstall.yml | 0 .../ext/synapse-simple-antispam/setup.yml | 0 .../synapse-simple-antispam/setup_install.yml | 0 .../setup_uninstall.yml | 0 .../matrix-synapse/tasks/goofys/setup.yml | 0 .../tasks/goofys/setup_install.yml | 0 .../tasks/goofys/setup_uninstall.yml | 0 .../tasks/import_media_store.yml | 0 .../matrix-synapse/tasks/init.yml | 0 .../matrix-synapse/tasks/main.yml | 0 .../matrix-synapse/tasks/register_user.yml | 0 .../compress_room.yml | 0 .../rust-synapse-compress-state/main.yml | 0 .../tasks/self_check_client_api.yml | 0 .../tasks/self_check_federation_api.yml | 0 .../matrix-synapse/tasks/setup_synapse.yml | 0 .../matrix-synapse/tasks/synapse/setup.yml | 0 .../tasks/synapse/setup_install.yml | 0 .../tasks/synapse/setup_uninstall.yml | 0 .../tasks/synapse/workers/init.yml | 0 .../tasks/synapse/workers/setup.yml | 0 .../tasks/synapse/workers/setup_install.yml | 0 .../tasks/synapse/workers/setup_uninstall.yml | 0 .../synapse/workers/util/inject_worker.yml | 0 .../workers/util/setup_files_for_worker.yml | 0 .../tasks/update_user_password.yml | 0 .../matrix-synapse/tasks/validate_config.yml | 0 .../templates/goofys/env-goofys.j2 | 0 .../goofys/systemd/matrix-goofys.service.j2 | 0 .../synapse/customizations/Dockerfile.j2 | 0 .../ext/s3-storage-provider/database.yaml.j2 | 0 .../synapse/ext/s3-storage-provider/env.j2 | 0 .../media_storage_provider.yaml.j2 | 0 ...pse-s3-storage-provider-migrate.service.j2 | 0 ...napse-s3-storage-provider-migrate.timer.j2 | 0 ...rix-synapse-s3-storage-provider-migrate.j2 | 0 ...atrix-synapse-s3-storage-provider-shell.j2 | 0 .../templates/synapse/homeserver.yaml.j2 | 0 .../external_prometheus.yml.example.j2 | 0 .../templates/synapse/synapse.log.config.j2 | 0 .../systemd/matrix-synapse-worker.service.j2 | 0 .../synapse/systemd/matrix-synapse.service.j2 | 0 .../matrix-synapse-register-user.j2 | 0 .../templates/synapse/worker.yaml.j2 | 0 .../{ => custom}/matrix-synapse/vars/main.yml | 0 .../matrix-synapse/vars/workers.yml | 0 .../matrix-user-creator/defaults/main.yml | 0 .../matrix-user-creator/tasks/main.yml | 0 .../matrix-user-creator/tasks/setup.yml | 0 .../util/ensure_user_registered_conduit.yml | 0 .../util/ensure_user_registered_dendrite.yml | 0 .../util/ensure_user_registered_synapse.yml | 0 .../tasks/util/validate_user.yml | 0 .../matrix-user-creator/vars/main.yml | 0 setup.yml | 136 +++++++++--------- 722 files changed, 148 insertions(+), 145 deletions(-) rename roles/{ => custom}/matrix-aux/defaults/main.yml (100%) rename roles/{ => custom}/matrix-aux/tasks/main.yml (100%) rename roles/{ => custom}/matrix-aux/tasks/setup.yml (100%) rename roles/{ => custom}/matrix-backup-borg/defaults/main.yml (100%) rename roles/{ => custom}/matrix-backup-borg/tasks/init.yml (100%) rename roles/{ => custom}/matrix-backup-borg/tasks/main.yml (100%) rename roles/{ => custom}/matrix-backup-borg/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-backup-borg/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-backup-borg/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-backup-borg/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-backup-borg/templates/passwd.j2 (100%) rename roles/{ => custom}/matrix-backup-borg/templates/sshkey.j2 (100%) rename roles/{ => custom}/matrix-backup-borg/templates/systemd/matrix-backup-borg.service.j2 (100%) rename roles/{ => custom}/matrix-backup-borg/templates/systemd/matrix-backup-borg.timer.j2 (100%) rename roles/{ => custom}/matrix-base/defaults/main.yml (100%) rename roles/{ => custom}/matrix-base/files/yum.repos.d/docker-ce-centos.repo (100%) rename roles/{ => custom}/matrix-base/files/yum.repos.d/docker-ce-fedora.repo (100%) rename roles/{ => custom}/matrix-base/tasks/clean_up_old_files.yml (100%) rename roles/{ => custom}/matrix-base/tasks/main.yml (100%) rename roles/{ => custom}/matrix-base/tasks/sanity_check.yml (100%) rename roles/{ => custom}/matrix-base/tasks/server_base/setup.yml (100%) rename roles/{ => custom}/matrix-base/tasks/server_base/setup_archlinux.yml (100%) rename roles/{ => custom}/matrix-base/tasks/server_base/setup_debian.yml (100%) rename roles/{ => custom}/matrix-base/tasks/server_base/setup_fedora.yml (100%) rename roles/{ => custom}/matrix-base/tasks/server_base/setup_raspbian.yml (100%) rename roles/{ => custom}/matrix-base/tasks/server_base/setup_redhat.yml (100%) rename roles/{ => custom}/matrix-base/tasks/server_base/setup_redhat8.yml (100%) rename roles/{ => custom}/matrix-base/tasks/setup_matrix_base.yml (100%) rename roles/{ => custom}/matrix-base/tasks/setup_matrix_user.yml (100%) rename roles/{ => custom}/matrix-base/tasks/setup_well_known.yml (100%) rename roles/{ => custom}/matrix-base/tasks/util/ensure_fuse_installed.yml (100%) rename roles/{ => custom}/matrix-base/tasks/util/ensure_openssl_installed.yml (100%) rename roles/{ => custom}/matrix-base/templates/static-files/well-known/matrix-client.j2 (100%) rename roles/{ => custom}/matrix-base/templates/static-files/well-known/matrix-server.j2 (100%) rename roles/{ => custom}/matrix-base/templates/static-files/well-known/matrix-support.j2 (100%) rename roles/{ => custom}/matrix-base/templates/usr-local-bin/matrix-remove-all.j2 (100%) rename roles/{ => custom}/matrix-base/vars/main.yml (100%) rename roles/{ => custom}/matrix-bot-buscarron/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bot-buscarron/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bot-buscarron/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bot-buscarron/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-bot-buscarron/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bot-buscarron/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bot-buscarron/templates/env.j2 (100%) rename roles/{ => custom}/matrix-bot-buscarron/templates/systemd/matrix-bot-buscarron.service.j2 (100%) rename roles/{ => custom}/matrix-bot-go-neb/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bot-go-neb/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bot-go-neb/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bot-go-neb/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-bot-go-neb/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bot-go-neb/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bot-go-neb/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 (100%) rename roles/{ => custom}/matrix-bot-honoroit/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bot-honoroit/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bot-honoroit/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bot-honoroit/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-bot-honoroit/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bot-honoroit/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bot-honoroit/templates/env.j2 (100%) rename roles/{ => custom}/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2 (100%) rename roles/{ => custom}/matrix-bot-matrix-registration-bot/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bot-matrix-registration-bot/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bot-matrix-registration-bot/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bot-matrix-registration-bot/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-bot-matrix-registration-bot/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bot-matrix-registration-bot/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bot-matrix-registration-bot/templates/config/config.yml.j2 (100%) rename roles/{ => custom}/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 (100%) rename roles/{ => custom}/matrix-bot-matrix-reminder-bot/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bot-matrix-reminder-bot/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bot-matrix-reminder-bot/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-bot-matrix-reminder-bot/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bot-matrix-reminder-bot/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bot-matrix-reminder-bot/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 (100%) rename roles/{ => custom}/matrix-bot-maubot/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bot-maubot/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bot-maubot/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bot-maubot/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-bot-maubot/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bot-maubot/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bot-maubot/templates/config/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 (100%) rename roles/{ => custom}/matrix-bot-mjolnir/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bot-mjolnir/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bot-mjolnir/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bot-mjolnir/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-bot-mjolnir/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bot-mjolnir/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bot-mjolnir/templates/production.yaml.j2 (100%) rename roles/{ => custom}/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 (100%) rename roles/{ => custom}/matrix-bot-postmoogle/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bot-postmoogle/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bot-postmoogle/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bot-postmoogle/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-bot-postmoogle/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bot-postmoogle/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bot-postmoogle/templates/env.j2 (100%) rename roles/{ => custom}/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-appservice-discord/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-discord/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-discord/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-discord/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-bridge-appservice-discord/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-discord/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-discord/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-appservice-irc/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-irc/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-irc/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-irc/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-irc/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-irc/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-irc/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-appservice-kakaotalk/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-kakaotalk/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-kakaotalk/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-kakaotalk/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-kakaotalk/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-kakaotalk/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-appservice-kakaotalk/templates/node-config.json.j2 (100%) rename roles/{ => custom}/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-appservice-slack/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-slack/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-slack/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-slack/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-slack/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-slack/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-slack/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-appservice-webhooks/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-webhooks/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-webhooks/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-webhooks/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-webhooks/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-webhooks/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-webhooks/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-appservice-webhooks/templates/database.json.j2 (100%) rename roles/{ => custom}/matrix-bridge-appservice-webhooks/templates/schema.yml.j2 (100%) rename roles/{ => custom}/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-beeper-linkedin/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-beeper-linkedin/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-beeper-linkedin/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-beeper-linkedin/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-bridge-beeper-linkedin/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-beeper-linkedin/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-beeper-linkedin/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-go-skype-bridge/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-go-skype-bridge/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-go-skype-bridge/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-go-skype-bridge/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-bridge-go-skype-bridge/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-go-skype-bridge/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-go-skype-bridge/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-go-skype-bridge/templates/systemd/matrix-go-skype-bridge.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-heisenbridge/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-heisenbridge/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-heisenbridge/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-heisenbridge/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-bridge-heisenbridge/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-heisenbridge/templates/systemd/matrix-heisenbridge.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-hookshot/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-hookshot/files/.gitkeep (100%) rename roles/{ => custom}/matrix-bridge-hookshot/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-hookshot/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-hookshot/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-bridge-hookshot/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-hookshot/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-hookshot/templates/config.yml.j2 (100%) rename roles/{ => custom}/matrix-bridge-hookshot/templates/registration.yml.j2 (100%) rename roles/{ => custom}/matrix-bridge-hookshot/templates/systemd/matrix-hookshot.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-discord/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-discord/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-discord/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-discord/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-bridge-mautrix-discord/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-discord/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-discord/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-facebook/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-facebook/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-facebook/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-facebook/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-bridge-mautrix-facebook/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-facebook/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-facebook/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-googlechat/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-googlechat/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-googlechat/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-bridge-mautrix-googlechat/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-googlechat/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-googlechat/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-hangouts/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-hangouts/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-hangouts/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-bridge-mautrix-hangouts/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-hangouts/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-hangouts/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-instagram/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-instagram/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-instagram/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-instagram/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-instagram/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-instagram/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-instagram/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-signal/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-signal/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-signal/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-signal/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-signal/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-signal/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-signal/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-signal/templates/env.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-signal/templates/registration.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-telegram/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-telegram/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-telegram/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-telegram/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-bridge-mautrix-telegram/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-telegram/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-twitter/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-twitter/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-twitter/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-twitter/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-twitter/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-twitter/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-whatsapp/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-whatsapp/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-whatsapp/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-bridge-mautrix-whatsapp/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-whatsapp/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-discord/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-discord/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-discord/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-bridge-mx-puppet-discord/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-discord/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-discord/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-groupme/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-groupme/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-groupme/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-bridge-mx-puppet-groupme/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-groupme/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-groupme/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-instagram/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-instagram/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-instagram/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-bridge-mx-puppet-instagram/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-instagram/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-instagram/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-slack/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-slack/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-slack/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-bridge-mx-puppet-slack/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-slack/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-slack/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-steam/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-steam/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-steam/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-bridge-mx-puppet-steam/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-steam/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-steam/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-twitter/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-twitter/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-twitter/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-bridge-mx-puppet-twitter/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-twitter/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-twitter/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-sms/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-sms/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-sms/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-sms/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-bridge-sms/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-sms/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-sms/templates/systemd/matrix-sms-bridge.service.j2 (100%) rename roles/{ => custom}/matrix-cactus-comments/defaults/main.yml (100%) rename roles/{ => custom}/matrix-cactus-comments/tasks/init.yml (100%) rename roles/{ => custom}/matrix-cactus-comments/tasks/main.yml (100%) rename roles/{ => custom}/matrix-cactus-comments/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-cactus-comments/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-cactus-comments/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-cactus-comments/templates/cactus_appservice.yaml.j2 (100%) rename roles/{ => custom}/matrix-cactus-comments/templates/env.j2 (100%) rename roles/{ => custom}/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 (100%) rename roles/{ => custom}/matrix-client-cinny/defaults/main.yml (100%) rename roles/{ => custom}/matrix-client-cinny/tasks/init.yml (100%) rename roles/{ => custom}/matrix-client-cinny/tasks/main.yml (100%) rename roles/{ => custom}/matrix-client-cinny/tasks/self_check.yml (100%) rename roles/{ => custom}/matrix-client-cinny/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-client-cinny/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-client-cinny/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-client-cinny/templates/config.json.j2 (100%) rename roles/{ => custom}/matrix-client-cinny/templates/nginx.conf.j2 (100%) rename roles/{ => custom}/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2 (100%) rename roles/{ => custom}/matrix-client-element/defaults/main.yml (100%) rename roles/{ => custom}/matrix-client-element/tasks/init.yml (100%) rename roles/{ => custom}/matrix-client-element/tasks/main.yml (100%) rename roles/{ => custom}/matrix-client-element/tasks/migrate_riot_web.yml (100%) rename roles/{ => custom}/matrix-client-element/tasks/prepare_themes.yml (100%) rename roles/{ => custom}/matrix-client-element/tasks/self_check.yml (100%) rename roles/{ => custom}/matrix-client-element/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-client-element/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-client-element/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-client-element/templates/config.json.j2 (100%) rename roles/{ => custom}/matrix-client-element/templates/nginx.conf.j2 (100%) rename roles/{ => custom}/matrix-client-element/templates/systemd/matrix-client-element.service.j2 (100%) rename roles/{ => custom}/matrix-client-element/templates/welcome.html.j2 (100%) rename roles/{ => custom}/matrix-client-element/vars/main.yml (100%) rename roles/{ => custom}/matrix-client-hydrogen/defaults/main.yml (100%) rename roles/{ => custom}/matrix-client-hydrogen/tasks/init.yml (100%) rename roles/{ => custom}/matrix-client-hydrogen/tasks/main.yml (100%) rename roles/{ => custom}/matrix-client-hydrogen/tasks/self_check.yml (100%) rename roles/{ => custom}/matrix-client-hydrogen/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-client-hydrogen/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-client-hydrogen/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-client-hydrogen/templates/config.json.j2 (100%) rename roles/{ => custom}/matrix-client-hydrogen/templates/nginx.conf.j2 (100%) rename roles/{ => custom}/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2 (100%) rename roles/{ => custom}/matrix-common-after/defaults/main.yml (100%) rename roles/{ => custom}/matrix-common-after/tasks/dump_runtime_results.yml (100%) rename roles/{ => custom}/matrix-common-after/tasks/main.yml (100%) rename roles/{ => custom}/matrix-common-after/tasks/run_docker_prune.yml (100%) rename roles/{ => custom}/matrix-common-after/tasks/start.yml (97%) rename roles/{ => custom}/matrix-common-after/tasks/stop.yml (100%) rename roles/{ => custom}/matrix-conduit/defaults/main.yml (100%) rename roles/{ => custom}/matrix-conduit/tasks/conduit/setup.yml (100%) rename roles/{ => custom}/matrix-conduit/tasks/conduit/setup_install.yml (100%) rename roles/{ => custom}/matrix-conduit/tasks/conduit/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-conduit/tasks/init.yml (100%) rename roles/{ => custom}/matrix-conduit/tasks/main.yml (100%) rename roles/{ => custom}/matrix-conduit/templates/conduit/conduit.toml.j2 (100%) rename roles/{ => custom}/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 (100%) rename roles/{ => custom}/matrix-conduit/vars/main.yml (100%) rename roles/{ => custom}/matrix-corporal/defaults/main.yml (100%) rename roles/{ => custom}/matrix-corporal/tasks/init.yml (100%) rename roles/{ => custom}/matrix-corporal/tasks/main.yml (100%) rename roles/{ => custom}/matrix-corporal/tasks/self_check_corporal.yml (100%) rename roles/{ => custom}/matrix-corporal/tasks/setup_corporal.yml (100%) rename roles/{ => custom}/matrix-corporal/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-corporal/templates/config.json.j2 (100%) rename roles/{ => custom}/matrix-corporal/templates/systemd/matrix-corporal.service.j2 (100%) rename roles/{ => custom}/matrix-coturn/defaults/main.yml (100%) rename roles/{ => custom}/matrix-coturn/tasks/init.yml (100%) rename roles/{ => custom}/matrix-coturn/tasks/main.yml (100%) rename roles/{ => custom}/matrix-coturn/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-coturn/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-coturn/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-coturn/templates/systemd/matrix-coturn-reload.service.j2 (100%) rename roles/{ => custom}/matrix-coturn/templates/systemd/matrix-coturn-reload.timer.j2 (100%) rename roles/{ => custom}/matrix-coturn/templates/systemd/matrix-coturn.service.j2 (100%) rename roles/{ => custom}/matrix-coturn/templates/turnserver.conf.j2 (100%) rename roles/{ => custom}/matrix-dendrite/defaults/main.yml (100%) rename roles/{ => custom}/matrix-dendrite/tasks/dendrite/setup.yml (100%) rename roles/{ => custom}/matrix-dendrite/tasks/dendrite/setup_install.yml (100%) rename roles/{ => custom}/matrix-dendrite/tasks/dendrite/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-dendrite/tasks/init.yml (100%) rename roles/{ => custom}/matrix-dendrite/tasks/main.yml (100%) rename roles/{ => custom}/matrix-dendrite/tasks/register_user.yml (100%) rename roles/{ => custom}/matrix-dendrite/tasks/self_check_client_api.yml (100%) rename roles/{ => custom}/matrix-dendrite/tasks/self_check_federation_api.yml (100%) rename roles/{ => custom}/matrix-dendrite/tasks/setup_dendrite.yml (100%) rename roles/{ => custom}/matrix-dendrite/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 (100%) rename roles/{ => custom}/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 (100%) rename roles/{ => custom}/matrix-dendrite/templates/dendrite/usr-local-bin/matrix-dendrite-create-account.j2 (100%) rename roles/{ => custom}/matrix-dendrite/vars/main.yml (100%) rename roles/{ => custom}/matrix-dimension/defaults/main.yml (100%) rename roles/{ => custom}/matrix-dimension/tasks/init.yml (100%) rename roles/{ => custom}/matrix-dimension/tasks/main.yml (100%) rename roles/{ => custom}/matrix-dimension/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-dimension/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-dimension/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-dimension/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-dimension/templates/systemd/matrix-dimension.service.j2 (100%) rename roles/{ => custom}/matrix-dimension/vars/main.yml (100%) rename roles/{ => custom}/matrix-dynamic-dns/defaults/main.yml (100%) rename roles/{ => custom}/matrix-dynamic-dns/tasks/init.yml (100%) rename roles/{ => custom}/matrix-dynamic-dns/tasks/install.yml (100%) rename roles/{ => custom}/matrix-dynamic-dns/tasks/main.yml (100%) rename roles/{ => custom}/matrix-dynamic-dns/tasks/uninstall.yml (100%) rename roles/{ => custom}/matrix-dynamic-dns/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-dynamic-dns/templates/ddclient.conf.j2 (100%) rename roles/{ => custom}/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 (100%) rename roles/{ => custom}/matrix-email2matrix/defaults/main.yml (100%) rename roles/{ => custom}/matrix-email2matrix/tasks/init.yml (100%) rename roles/{ => custom}/matrix-email2matrix/tasks/main.yml (100%) rename roles/{ => custom}/matrix-email2matrix/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-email2matrix/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-email2matrix/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-email2matrix/templates/config.json.j2 (100%) rename roles/{ => custom}/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 (100%) rename roles/{ => custom}/matrix-etherpad/defaults/main.yml (100%) rename roles/{ => custom}/matrix-etherpad/tasks/init.yml (100%) rename roles/{ => custom}/matrix-etherpad/tasks/main.yml (100%) rename roles/{ => custom}/matrix-etherpad/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-etherpad/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-etherpad/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-etherpad/templates/settings.json.j2 (100%) rename roles/{ => custom}/matrix-etherpad/templates/systemd/matrix-etherpad.service.j2 (100%) rename roles/{ => custom}/matrix-grafana/defaults/main.yml (100%) rename roles/{ => custom}/matrix-grafana/tasks/init.yml (100%) rename roles/{ => custom}/matrix-grafana/tasks/main.yml (100%) rename roles/{ => custom}/matrix-grafana/tasks/setup.yml (100%) rename roles/{ => custom}/matrix-grafana/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-grafana/templates/dashboards.yaml.j2 (100%) rename roles/{ => custom}/matrix-grafana/templates/datasources.yaml.j2 (100%) rename roles/{ => custom}/matrix-grafana/templates/grafana.ini.j2 (100%) rename roles/{ => custom}/matrix-grafana/templates/systemd/matrix-grafana.service.j2 (100%) rename roles/{ => custom}/matrix-jitsi/defaults/main.yml (100%) rename roles/{ => custom}/matrix-jitsi/tasks/init.yml (100%) rename roles/{ => custom}/matrix-jitsi/tasks/main.yml (100%) rename roles/{ => custom}/matrix-jitsi/tasks/setup_jitsi_base.yml (100%) rename roles/{ => custom}/matrix-jitsi/tasks/setup_jitsi_jicofo.yml (100%) rename roles/{ => custom}/matrix-jitsi/tasks/setup_jitsi_jvb.yml (100%) rename roles/{ => custom}/matrix-jitsi/tasks/setup_jitsi_prosody.yml (100%) rename roles/{ => custom}/matrix-jitsi/tasks/setup_jitsi_web.yml (100%) rename roles/{ => custom}/matrix-jitsi/tasks/util/setup_jitsi_auth.yml (100%) rename roles/{ => custom}/matrix-jitsi/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-jitsi/templates/jicofo/env.j2 (100%) rename roles/{ => custom}/matrix-jitsi/templates/jicofo/logging.properties.j2 (100%) rename roles/{ => custom}/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 (100%) rename roles/{ => custom}/matrix-jitsi/templates/jicofo/sip-communicator.properties.j2 (100%) rename roles/{ => custom}/matrix-jitsi/templates/jvb/custom-sip-communicator.properties.j2 (100%) rename roles/{ => custom}/matrix-jitsi/templates/jvb/env.j2 (100%) rename roles/{ => custom}/matrix-jitsi/templates/jvb/logging.properties.j2 (100%) rename roles/{ => custom}/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 (100%) rename roles/{ => custom}/matrix-jitsi/templates/prosody/env.j2 (100%) rename roles/{ => custom}/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 (100%) rename roles/{ => custom}/matrix-jitsi/templates/web/custom-config.js.j2 (100%) rename roles/{ => custom}/matrix-jitsi/templates/web/custom-interface_config.js.j2 (100%) rename roles/{ => custom}/matrix-jitsi/templates/web/env.j2 (100%) rename roles/{ => custom}/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 (100%) rename roles/{ => custom}/matrix-ldap-registration-proxy/defaults/main.yml (100%) rename roles/{ => custom}/matrix-ldap-registration-proxy/tasks/init.yml (100%) rename roles/{ => custom}/matrix-ldap-registration-proxy/tasks/main.yml (100%) rename roles/{ => custom}/matrix-ldap-registration-proxy/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-ldap-registration-proxy/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 (100%) rename roles/{ => custom}/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 (100%) rename roles/{ => custom}/matrix-ma1sd/defaults/main.yml (100%) rename roles/{ => custom}/matrix-ma1sd/tasks/init.yml (100%) rename roles/{ => custom}/matrix-ma1sd/tasks/main.yml (100%) rename roles/{ => custom}/matrix-ma1sd/tasks/migrate_mxisd.yml (100%) rename roles/{ => custom}/matrix-ma1sd/tasks/self_check_ma1sd.yml (100%) rename roles/{ => custom}/matrix-ma1sd/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-ma1sd/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-ma1sd/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-ma1sd/templates/ma1sd.yaml.j2 (100%) rename roles/{ => custom}/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 (100%) rename roles/{ => custom}/matrix-ma1sd/vars/main.yml (100%) rename roles/{ => custom}/matrix-mailer/defaults/main.yml (100%) rename roles/{ => custom}/matrix-mailer/tasks/init.yml (100%) rename roles/{ => custom}/matrix-mailer/tasks/main.yml (100%) rename roles/{ => custom}/matrix-mailer/tasks/setup_mailer.yml (100%) rename roles/{ => custom}/matrix-mailer/templates/env-mailer.j2 (100%) rename roles/{ => custom}/matrix-mailer/templates/systemd/matrix-mailer.service.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/defaults/main.yml (99%) rename roles/{ => custom}/matrix-nginx-proxy/tasks/init.yml (100%) rename roles/{ => custom}/matrix-nginx-proxy/tasks/main.yml (100%) rename roles/{ => custom}/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml (100%) rename roles/{ => custom}/matrix-nginx-proxy/tasks/self_check_well_known.yml (100%) rename roles/{ => custom}/matrix-nginx-proxy/tasks/self_check_well_known_file.yml (100%) rename roles/{ => custom}/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml (100%) rename roles/{ => custom}/matrix-nginx-proxy/tasks/setup_well_known.yml (100%) rename roles/{ => custom}/matrix-nginx-proxy/tasks/ssl/main.yml (100%) rename roles/{ => custom}/matrix-nginx-proxy/tasks/ssl/purge_ssl_lets_encrypt_orphaned_configs.yml (100%) rename roles/{ => custom}/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml (100%) rename roles/{ => custom}/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml (100%) rename roles/{ => custom}/matrix-nginx-proxy/tasks/ssl/setup_ssl_manually_managed.yml (100%) rename roles/{ => custom}/matrix-nginx-proxy/tasks/ssl/setup_ssl_manually_managed_verify_for_domain.yml (100%) rename roles/{ => custom}/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml (100%) rename roles/{ => custom}/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed_obtain_for_domain.yml (100%) rename roles/{ => custom}/matrix-nginx-proxy/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/nginx/conf.d/matrix-base-domain.conf.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-buscarron.conf.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-go-neb.conf.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-cinny.conf.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-element.conf.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-hydrogen.conf.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/nginx/conf.d/matrix-conduit.conf.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dendrite.conf.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dimension.conf.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/nginx/conf.d/matrix-grafana.conf.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/nginx/conf.d/matrix-jitsi.conf.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/nginx/conf.d/matrix-ntfy.conf.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/nginx/conf.d/matrix-riot-web.conf.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/nginx/conf.d/matrix-sygnal.conf.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/nginx/conf.d/nginx-http.conf.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/nginx/nginx.conf.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/systemd/matrix-ssl-lets-encrypt-certificates-renew.service.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/systemd/matrix-ssl-lets-encrypt-certificates-renew.timer.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/systemd/matrix-ssl-nginx-proxy-reload.service.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/systemd/matrix-ssl-nginx-proxy-reload.timer.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/usr-local-bin/matrix-ssl-lets-encrypt-certificates-renew.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/vars/main.yml (100%) rename roles/{ => custom}/matrix-ntfy/defaults/main.yml (100%) rename roles/{ => custom}/matrix-ntfy/tasks/init.yml (100%) rename roles/{ => custom}/matrix-ntfy/tasks/main.yml (100%) rename roles/{ => custom}/matrix-ntfy/tasks/self_check.yml (100%) rename roles/{ => custom}/matrix-ntfy/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-ntfy/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-ntfy/templates/ntfy/server.yml.j2 (100%) rename roles/{ => custom}/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 (100%) rename roles/{ => custom}/matrix-postgres-backup/defaults/main.yml (100%) rename roles/{ => custom}/matrix-postgres-backup/tasks/init.yml (100%) rename roles/{ => custom}/matrix-postgres-backup/tasks/main.yml (100%) rename roles/{ => custom}/matrix-postgres-backup/tasks/setup_postgres_backup.yml (99%) rename roles/{ => custom}/matrix-postgres-backup/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-postgres-backup/templates/env-postgres-backup.j2 (100%) rename roles/{ => custom}/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2 (100%) rename roles/{ => custom}/matrix-postgres/defaults/main.yml (100%) rename roles/{ => custom}/matrix-postgres/tasks/detect_existing_postgres_version.yml (100%) rename roles/{ => custom}/matrix-postgres/tasks/import_generic_sqlite_db.yml (100%) rename roles/{ => custom}/matrix-postgres/tasks/import_postgres.yml (100%) rename roles/{ => custom}/matrix-postgres/tasks/import_synapse_sqlite_db.yml (100%) rename roles/{ => custom}/matrix-postgres/tasks/init.yml (100%) rename roles/{ => custom}/matrix-postgres/tasks/main.yml (100%) rename roles/{ => custom}/matrix-postgres/tasks/migrate_db_to_postgres.yml (99%) rename roles/{ => custom}/matrix-postgres/tasks/migrate_postgres_data_directory.yml (100%) rename roles/{ => custom}/matrix-postgres/tasks/run_vacuum.yml (100%) rename roles/{ => custom}/matrix-postgres/tasks/setup_postgres.yml (100%) rename roles/{ => custom}/matrix-postgres/tasks/upgrade_postgres.yml (100%) rename roles/{ => custom}/matrix-postgres/tasks/util/create_additional_database.yml (100%) rename roles/{ => custom}/matrix-postgres/tasks/util/create_additional_databases.yml (100%) rename roles/{ => custom}/matrix-postgres/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-postgres/templates/env-postgres-psql.j2 (100%) rename roles/{ => custom}/matrix-postgres/templates/env-postgres-server.j2 (100%) rename roles/{ => custom}/matrix-postgres/templates/sql/init-additional-db-user-and-role.sql.j2 (100%) rename roles/{ => custom}/matrix-postgres/templates/systemd/matrix-postgres.service.j2 (100%) rename roles/{ => custom}/matrix-postgres/templates/usr-local-bin/matrix-change-user-admin-status.j2 (100%) rename roles/{ => custom}/matrix-postgres/templates/usr-local-bin/matrix-postgres-cli-non-interactive.j2 (100%) rename roles/{ => custom}/matrix-postgres/templates/usr-local-bin/matrix-postgres-cli.j2 (100%) rename roles/{ => custom}/matrix-postgres/templates/usr-local-bin/matrix-postgres-update-user-password-hash.j2 (100%) rename roles/{ => custom}/matrix-prometheus-node-exporter/defaults/main.yml (100%) rename roles/{ => custom}/matrix-prometheus-node-exporter/tasks/init.yml (100%) rename roles/{ => custom}/matrix-prometheus-node-exporter/tasks/main.yml (100%) rename roles/{ => custom}/matrix-prometheus-node-exporter/tasks/setup.yml (100%) rename roles/{ => custom}/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 (100%) rename roles/{ => custom}/matrix-prometheus-node-exporter/vars/main.yml (100%) rename roles/{ => custom}/matrix-prometheus-postgres-exporter/defaults/main.yml (100%) rename roles/{ => custom}/matrix-prometheus-postgres-exporter/tasks/init.yml (100%) rename roles/{ => custom}/matrix-prometheus-postgres-exporter/tasks/main.yml (100%) rename roles/{ => custom}/matrix-prometheus-postgres-exporter/tasks/setup.yml (100%) rename roles/{ => custom}/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2 (100%) rename roles/{ => custom}/matrix-prometheus-postgres-exporter/vars/main.yml (100%) rename roles/{ => custom}/matrix-prometheus/defaults/main.yml (100%) rename roles/{ => custom}/matrix-prometheus/tasks/init.yml (100%) rename roles/{ => custom}/matrix-prometheus/tasks/main.yml (100%) rename roles/{ => custom}/matrix-prometheus/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-prometheus/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-prometheus/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-prometheus/templates/prometheus.yml.j2 (100%) rename roles/{ => custom}/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 (100%) rename roles/{ => custom}/matrix-redis/defaults/main.yml (100%) rename roles/{ => custom}/matrix-redis/tasks/init.yml (100%) rename roles/{ => custom}/matrix-redis/tasks/main.yml (100%) rename roles/{ => custom}/matrix-redis/tasks/setup_redis.yml (100%) rename roles/{ => custom}/matrix-redis/templates/redis.conf.j2 (100%) rename roles/{ => custom}/matrix-redis/templates/systemd/matrix-redis.service.j2 (100%) rename roles/{ => custom}/matrix-registration/defaults/main.yml (100%) rename roles/{ => custom}/matrix-registration/tasks/generate_token.yml (100%) rename roles/{ => custom}/matrix-registration/tasks/init.yml (100%) rename roles/{ => custom}/matrix-registration/tasks/list_tokens.yml (100%) rename roles/{ => custom}/matrix-registration/tasks/main.yml (100%) rename roles/{ => custom}/matrix-registration/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-registration/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-registration/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-registration/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-registration/templates/systemd/matrix-registration.service.j2 (100%) rename roles/{ => custom}/matrix-sygnal/defaults/main.yml (100%) rename roles/{ => custom}/matrix-sygnal/tasks/init.yml (100%) rename roles/{ => custom}/matrix-sygnal/tasks/main.yml (100%) rename roles/{ => custom}/matrix-sygnal/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-sygnal/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-sygnal/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-sygnal/templates/sygnal.yaml.j2 (100%) rename roles/{ => custom}/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 (100%) rename roles/{ => custom}/matrix-synapse-admin/defaults/main.yml (100%) rename roles/{ => custom}/matrix-synapse-admin/tasks/init.yml (100%) rename roles/{ => custom}/matrix-synapse-admin/tasks/main.yml (100%) rename roles/{ => custom}/matrix-synapse-admin/tasks/setup.yml (100%) rename roles/{ => custom}/matrix-synapse-admin/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 (100%) rename roles/{ => custom}/matrix-synapse/defaults/main.yml (99%) rename roles/{ => custom}/matrix-synapse/files/workers-doc-to-yaml.awk (100%) rename roles/{ => custom}/matrix-synapse/files/workers-doc-to-yaml.sh (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/encryption-disabler/setup.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/encryption-disabler/setup_install.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/encryption-disabler/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/ldap-auth/setup.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/mjolnir-antispam/setup.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/mjolnir-antispam/setup_install.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/mjolnir-antispam/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/rest-auth/setup.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/rest-auth/setup_install.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/rest-auth/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/s3-storage-provider/init.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/s3-storage-provider/setup.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/s3-storage-provider/setup_install.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/s3-storage-provider/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/s3-storage-provider/validate_config.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/setup.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/shared-secret-auth/setup.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/shared-secret-auth/setup_install.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/shared-secret-auth/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/synapse-simple-antispam/setup.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/goofys/setup.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/goofys/setup_install.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/goofys/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/import_media_store.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/init.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/main.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/register_user.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/rust-synapse-compress-state/main.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/self_check_client_api.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/self_check_federation_api.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/setup_synapse.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/synapse/setup.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/synapse/setup_install.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/synapse/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/synapse/workers/init.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/synapse/workers/setup.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/synapse/workers/setup_install.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/synapse/workers/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/synapse/workers/util/setup_files_for_worker.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/update_user_password.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-synapse/templates/goofys/env-goofys.j2 (100%) rename roles/{ => custom}/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 (100%) rename roles/{ => custom}/matrix-synapse/templates/synapse/customizations/Dockerfile.j2 (100%) rename roles/{ => custom}/matrix-synapse/templates/synapse/ext/s3-storage-provider/database.yaml.j2 (100%) rename roles/{ => custom}/matrix-synapse/templates/synapse/ext/s3-storage-provider/env.j2 (100%) rename roles/{ => custom}/matrix-synapse/templates/synapse/ext/s3-storage-provider/media_storage_provider.yaml.j2 (100%) rename roles/{ => custom}/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.service.j2 (100%) rename roles/{ => custom}/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.timer.j2 (100%) rename roles/{ => custom}/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-migrate.j2 (100%) rename roles/{ => custom}/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-shell.j2 (100%) rename roles/{ => custom}/matrix-synapse/templates/synapse/homeserver.yaml.j2 (100%) rename roles/{ => custom}/matrix-synapse/templates/synapse/prometheus/external_prometheus.yml.example.j2 (100%) rename roles/{ => custom}/matrix-synapse/templates/synapse/synapse.log.config.j2 (100%) rename roles/{ => custom}/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 (100%) rename roles/{ => custom}/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 (100%) rename roles/{ => custom}/matrix-synapse/templates/synapse/usr-local-bin/matrix-synapse-register-user.j2 (100%) rename roles/{ => custom}/matrix-synapse/templates/synapse/worker.yaml.j2 (100%) rename roles/{ => custom}/matrix-synapse/vars/main.yml (100%) rename roles/{ => custom}/matrix-synapse/vars/workers.yml (100%) rename roles/{ => custom}/matrix-user-creator/defaults/main.yml (100%) rename roles/{ => custom}/matrix-user-creator/tasks/main.yml (100%) rename roles/{ => custom}/matrix-user-creator/tasks/setup.yml (100%) rename roles/{ => custom}/matrix-user-creator/tasks/util/ensure_user_registered_conduit.yml (100%) rename roles/{ => custom}/matrix-user-creator/tasks/util/ensure_user_registered_dendrite.yml (100%) rename roles/{ => custom}/matrix-user-creator/tasks/util/ensure_user_registered_synapse.yml (100%) rename roles/{ => custom}/matrix-user-creator/tasks/util/validate_user.yml (100%) rename roles/{ => custom}/matrix-user-creator/vars/main.yml (100%) diff --git a/.yamllint b/.yamllint index 08b89afd..6f10a36d 100644 --- a/.yamllint +++ b/.yamllint @@ -2,7 +2,7 @@ extends: default ignore: | - roles/matrix-synapse/vars/workers.yml + roles/custom/matrix-synapse/vars/workers.yml rules: line-length: disable diff --git a/CHANGELOG.md b/CHANGELOG.md index 3ee9afac..4d8b9b21 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -130,7 +130,7 @@ Below we'll discuss **potential backward incompatibilities**. - **Metric endpoints have also changed** (`/metrics/synapse/worker/generic_worker-18111` -> `/metrics/synapse/worker/generic-worker-0`). If you're [collecting metrics to an external Prometheus server](docs/configuring-playbook-prometheus-grafana.md#collecting-metrics-to-an-external-prometheus-server), consider revisiting our [Collecting Synapse worker metrics to an external Prometheus server](docs/configuring-playbook-prometheus-grafana.md#collecting-synapse-worker-metrics-to-an-external-prometheus-server) docs and updating your Prometheus configuration. **If you're collecting metrics to the integrated Prometheus server** (not enabled by default), **your Prometheus configuration will be updated automatically**. Old data (from before this change) may stick around though. -- **the format of `matrix_synapse_workers_enabled_list` has changed**. You were never advised to use this variable for directly creating workers (we advise people to control workers using `matrix_synapse_workers_preset` or by tweaking `matrix_synapse_workers_*_workers_count` variables only), but some people may have started using the `matrix_synapse_workers_enabled_list` variable to gain more control over workers. If you're one of them, you'll need to adjust its value. See `roles/matrix-synapse/defaults/main.yml` for more information on the new format. The playbook will also do basic validation and complain if you got something wrong. +- **the format of `matrix_synapse_workers_enabled_list` has changed**. You were never advised to use this variable for directly creating workers (we advise people to control workers using `matrix_synapse_workers_preset` or by tweaking `matrix_synapse_workers_*_workers_count` variables only), but some people may have started using the `matrix_synapse_workers_enabled_list` variable to gain more control over workers. If you're one of them, you'll need to adjust its value. See `roles/custom/matrix-synapse/defaults/main.yml` for more information on the new format. The playbook will also do basic validation and complain if you got something wrong. # 2022-09-09 @@ -412,7 +412,7 @@ matrix_ma1sd_enabled: true We now support installing the [matrix_encryption_disabler](https://github.com/digitalentity/matrix_encryption_disabler) Synapse module, which lets you prevent End-to-End-Encryption from being enabled by users on your homeserver. The popular opinion is that this is dangerous and shouldn't be done, but there are valid use cases for disabling encryption discussed [here](https://github.com/matrix-org/synapse/issues/4401). -To enable this module (and prevent encryption from being used on your homserver), add `matrix_synapse_ext_encryption_disabler_enabled: true` to your configuration. This module provides further customization. Check its other configuration settings (and defaults) in `roles/matrix-synapse/defaults/main.yml`. +To enable this module (and prevent encryption from being used on your homserver), add `matrix_synapse_ext_encryption_disabler_enabled: true` to your configuration. This module provides further customization. Check its other configuration settings (and defaults) in `roles/custom/matrix-synapse/defaults/main.yml`. # 2022-02-01 @@ -799,7 +799,7 @@ You have 3 ways to proceed: - stop the bridge (`systemctl stop matrix-mautrix-facebook`) - create a new `matrix_mautrix_facebook` Postgres database for it - run [pgloader](https://pgloader.io/) manually (we import this bridge's data using default settings and it works well) - - define `matrix_mautrix_facebook_database_*` variables in your `vars.yml` file (credentials, etc.) - you can find their defaults in `roles/matrix-mautrix-facebook/defaults/main.yml` + - define `matrix_mautrix_facebook_database_*` variables in your `vars.yml` file (credentials, etc.) - you can find their defaults in `roles/custom/matrix-mautrix-facebook/defaults/main.yml` - switch the bridge to Postgres (`matrix_mautrix_facebook_database_engine: 'postgres'` in your `vars.yml` file) - re-run the playbook (`--tags=setup-all,start`) and ensure the bridge works (`systemctl status matrix-mautrix-facebook` and `journalctl -fu matrix-mautrix-facebook`) - send a `login` message to the Facebook bridge bot again @@ -1677,7 +1677,7 @@ Having Synapse not be a required component potentially opens the door for instal ## Bridges are now separate from the Synapse role Bridges are no longer part of the `matrix-synapse` role. -Each bridge now lives in its own separate role (`roles/matrix-bridge-*`). +Each bridge now lives in its own separate role (`roles/custom/matrix-bridge-*`). These bridge roles are independent of the `matrix-synapse` role, so it should be possible to use them with a Synapse instance installed another way (not through the playbook). @@ -1971,7 +1971,7 @@ The following variables are no longer supported by this playbook: - `matrix_mxisd_template_config` You are encouraged to use the `matrix_mxisd_configuration_extension_yaml` variable to define your own mxisd configuration additions and overrides. -Refer to the [default variables file](roles/matrix-mxisd/defaults/main.yml) for more information. +Refer to the [default variables file](roles/custom/matrix-mxisd/defaults/main.yml) for more information. This new way of configuring mxisd is beneficial because: @@ -2033,14 +2033,14 @@ Based on feedback from others, running Synapse on Python 3 is supposed to decrea ## Riot homepage customization You can now customize some parts of the Riot homepage (or even completely replace it with your own custom page). -See the `matrix_riot_web_homepage_` variables in `roles/matrix-riot-web/defaults/main.yml`. +See the `matrix_riot_web_homepage_` variables in `roles/custom/matrix-riot-web/defaults/main.yml`. # 2018-12-04 ## mxisd extensibility -The [LDAP identity store for mxisd](https://github.com/kamax-matrix/mxisd/blob/master/docs/stores/ldap.md) can now be configured easily using playbook variables (see the `matrix_mxisd_ldap_` variables in `roles/matrix-server/defaults/main.yml`). +The [LDAP identity store for mxisd](https://github.com/kamax-matrix/mxisd/blob/master/docs/stores/ldap.md) can now be configured easily using playbook variables (see the `matrix_mxisd_ldap_` variables in `roles/custom/matrix-server/defaults/main.yml`). # 2018-11-28 diff --git a/Makefile b/Makefile index 576dcbf5..62419150 100644 --- a/Makefile +++ b/Makefile @@ -1,7 +1,10 @@ -.PHONY: lint +.PHONY: roles lint help: ## Show this help. @grep -F -h "##" $(MAKEFILE_LIST) | grep -v grep | sed -e 's/\\$$//' | sed -e 's/##//' +roles: ## Pull roles + ansible-galaxy install -r requirements.yml -p roles/galaxy/ --force + lint: ## Runs ansible-lint against all roles in the playbook ansible-lint diff --git a/docs/configuring-playbook-backup-borg.md b/docs/configuring-playbook-backup-borg.md index 3d9cad87..f3cfc6de 100644 --- a/docs/configuring-playbook-backup-borg.md +++ b/docs/configuring-playbook-backup-borg.md @@ -64,7 +64,7 @@ To backup without encryption, add `matrix_backup_borg_encryption: 'none'` to you `matrix_backup_borg_location_source_directories` defines the list of directories to back up: it's set to `{{ matrix_base_data_path }}` by default, which is the base directory for every service's data, such as Synapse, Postgres and the bridges. You might want to exclude certain directories or file patterns from the backup using the `matrix_backup_borg_location_exclude_patterns` variable. -Check the `roles/matrix-backup-borg/defaults/main.yml` file for the full list of available options. +Check the `roles/custom/matrix-backup-borg/defaults/main.yml` file for the full list of available options. ## Installing diff --git a/docs/configuring-playbook-bridge-appservice-kakaotalk.md b/docs/configuring-playbook-bridge-appservice-kakaotalk.md index 3c49d726..99ddafe8 100644 --- a/docs/configuring-playbook-bridge-appservice-kakaotalk.md +++ b/docs/configuring-playbook-bridge-appservice-kakaotalk.md @@ -28,8 +28,8 @@ There are some additional things you may wish to configure about the bridge. Take a look at: -- `roles/matrix-bridge-appservice-kakaotalk/defaults/main.yml` for some variables that you can customize via your `vars.yml` file -- `roles/matrix-bridge-appservice-kakaotalk/templates/config.yaml.j2` for the bridge's default configuration. You can override settings (even those that don't have dedicated playbook variables) using the `matrix_appservice_kakaotalk_configuration_extension_yaml` variable +- `roles/custom/matrix-bridge-appservice-kakaotalk/defaults/main.yml` for some variables that you can customize via your `vars.yml` file +- `roles/custom/matrix-bridge-appservice-kakaotalk/templates/config.yaml.j2` for the bridge's default configuration. You can override settings (even those that don't have dedicated playbook variables) using the `matrix_appservice_kakaotalk_configuration_extension_yaml` variable ### Set up Double Puppeting diff --git a/docs/configuring-playbook-bridge-beeper-linkedin.md b/docs/configuring-playbook-bridge-beeper-linkedin.md index eac756e2..6ec294fb 100644 --- a/docs/configuring-playbook-bridge-beeper-linkedin.md +++ b/docs/configuring-playbook-bridge-beeper-linkedin.md @@ -27,7 +27,7 @@ matrix_beeper_linkedin_configuration_extension_yaml: | '@YOUR_USERNAME:YOUR_DOMAIN': admin ``` -You may wish to look at `roles/matrix-bridge-beeper-linkedin/templates/config.yaml.j2` to find other things you would like to configure. +You may wish to look at `roles/custom/matrix-bridge-beeper-linkedin/templates/config.yaml.j2` to find other things you would like to configure. ## Set up Double Puppeting diff --git a/docs/configuring-playbook-bridge-heisenbridge.md b/docs/configuring-playbook-bridge-heisenbridge.md index 2c1b438f..b21eab1f 100644 --- a/docs/configuring-playbook-bridge-heisenbridge.md +++ b/docs/configuring-playbook-bridge-heisenbridge.md @@ -8,7 +8,7 @@ See the project's [README](https://github.com/hifi/heisenbridge/blob/master/READ ## Configuration -Below are the common configuration options that you may want to set, exhaustive list is in [the bridge's defaults var file](../roles/matrix-bridge-heisenbridge/defaults/main.yml). +Below are the common configuration options that you may want to set, exhaustive list is in [the bridge's defaults var file](../roles/custom/matrix-bridge-heisenbridge/defaults/main.yml). At a minimum, you only need to enable the bridge to get it up and running (`inventory/host_vars/matrix.DOMAIN/vars.yml`): diff --git a/docs/configuring-playbook-bridge-hookshot.md b/docs/configuring-playbook-bridge-hookshot.md index 5505d0ad..5cd4dd4c 100644 --- a/docs/configuring-playbook-bridge-hookshot.md +++ b/docs/configuring-playbook-bridge-hookshot.md @@ -14,12 +14,12 @@ Note: the playbook also supports [matrix-appservice-webhooks](configuring-playbo Refer to the [official instructions](https://matrix-org.github.io/matrix-hookshot/latest/setup.html) to learn what the individual options do. 1. Enable the bridge by adding `matrix_hookshot_enabled: true` to your `vars.yml` file -2. For each of the services (GitHub, GitLab, Jira, Figma, generic webhooks) fill in the respective variables `matrix_hookshot_service_*` listed in [main.yml](/roles/matrix-bridge-hookshot/defaults/main.yml) as required. +2. For each of the services (GitHub, GitLab, Jira, Figma, generic webhooks) fill in the respective variables `matrix_hookshot_service_*` listed in [main.yml](/roles/custom/matrix-bridge-hookshot/defaults/main.yml) as required. 3. Take special note of the `matrix_hookshot_*_enabled` variables. Services that need no further configuration are enabled by default (GitLab, Generic), while you must first add the required configuration and enable the others (GitHub, Jira, Figma). 4. If you're setting up the GitHub bridge, you'll need to generate and download a private key file after you created your GitHub app. Copy the contents of that file to the variable `matrix_hookshot_github_private_key` so the playbook can install it for you, or use one of the [other methods](#manage-github-private-key-with-matrix-aux-role) explained below. 5. If you've already installed Matrix services using the playbook before, you'll need to re-run it (`--tags=setup-all,start`). If not, proceed with [configuring other playbook services](configuring-playbook.md) and then with [Installing](installing.md). Get back to this guide once ready. Hookshot can be set up individually using the tag `setup-hookshot`. -Other configuration options are available via the `matrix_hookshot_configuration_extension_yaml` and `matrix_hookshot_registration_extension_yaml` variables, see the comments in [main.yml](/roles/matrix-bridge-hookshot/defaults/main.yml) for how to use them. +Other configuration options are available via the `matrix_hookshot_configuration_extension_yaml` and `matrix_hookshot_registration_extension_yaml` variables, see the comments in [main.yml](/roles/custom/matrix-bridge-hookshot/defaults/main.yml) for how to use them. Finally, run the playbook (see [installing](installing.md)). @@ -54,14 +54,14 @@ Unless indicated otherwise, the following endpoints are reachable on your `matri | widgets | `/hookshot/widgetapi/` | `matrix_hookshot_widgets_endpoint` | Widgets | | metrics | `/metrics/hookshot` | `matrix_hookshot_metrics_enabled` and `matrix_hookshot_metrics_proxying_enabled`. Requires `/metrics/*` endpoints to also be enabled via `matrix_nginx_proxy_proxy_matrix_metrics_enabled` (see the `matrix-nginx-proxy` role). Read more in the [Metrics section](#metrics) below. | Prometheus | -See also `matrix_hookshot_matrix_nginx_proxy_configuration` in [init.yml](/roles/matrix-bridge-hookshot/tasks/init.yml). +See also `matrix_hookshot_matrix_nginx_proxy_configuration` in [init.yml](/roles/custom/matrix-bridge-hookshot/tasks/init.yml). -The different listeners are also reachable *internally* in the docker-network via the container's name (configured by `matrix_hookshot_container_url`) and on different ports (e.g. `matrix_hookshot_appservice_port`). Read [main.yml](/roles/matrix-bridge-hookshot/defaults/main.yml) in detail for more info. +The different listeners are also reachable *internally* in the docker-network via the container's name (configured by `matrix_hookshot_container_url`) and on different ports (e.g. `matrix_hookshot_appservice_port`). Read [main.yml](/roles/custom/matrix-bridge-hookshot/defaults/main.yml) in detail for more info. ### Manage GitHub Private Key with matrix-aux role The GitHub bridge requires you to install a private key file. This can be done in multiple ways: -- copy the *contents* of the downloaded file and set the variable `matrix_hookshot_github_private_key` to the contents (see example in [main.yml](/roles/matrix-bridge-hookshot/defaults/main.yml)). +- copy the *contents* of the downloaded file and set the variable `matrix_hookshot_github_private_key` to the contents (see example in [main.yml](/roles/custom/matrix-bridge-hookshot/defaults/main.yml)). - somehow copy the file to the path `{{ matrix_hookshot_base_path }}/{{ matrix_hookshot_github_private_key_file }}` (default: `/matrix/hookshot/private-key.pem`) on the server manually. - use the `matrix-aux` role to copy the file from an arbitrary path on your ansible client to the correct path on the server. @@ -74,7 +74,7 @@ matrix_aux_file_definitions: owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" ``` -For more info see the documentation in the [matrix-aux base configuration file](/roles/matrix-aux/defaults/main.yml). +For more info see the documentation in the [matrix-aux base configuration file](/roles/custom/matrix-aux/defaults/main.yml). ### Provisioning API diff --git a/docs/configuring-playbook-bridge-mautrix-discord.md b/docs/configuring-playbook-bridge-mautrix-discord.md index 065609b2..439113fd 100644 --- a/docs/configuring-playbook-bridge-mautrix-discord.md +++ b/docs/configuring-playbook-bridge-mautrix-discord.md @@ -1,7 +1,7 @@ # Setting up Mautrix Discord (optional) -**Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) and [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md) bridges supported by the playbook. -- For using as a Bot we recommend the [Appservice Discord](configuring-playbook-bridge-appservice-discord.md), because it supports plumbing. +**Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) and [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md) bridges supported by the playbook. +- For using as a Bot we recommend the [Appservice Discord](configuring-playbook-bridge-appservice-discord.md), because it supports plumbing. - For personal use with a discord account we recommend the `mautrix-discord` bridge (the one being discussed here), because it is the most fully-featured and stable of the 3 Discord bridges supported by the playbook. The `mautrix-discord` bridge (the one being discussed here) is the most fully-featured and stable of the 3 Discord bridges supported by the playbook, so it's the one we recommend. @@ -40,8 +40,8 @@ There are some additional things you may wish to configure about the bridge. Take a look at: -- `roles/matrix-bridge-mautrix-discord/defaults/main.yml` for some variables that you can customize via your `vars.yml` file -- `roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2` for the bridge's default configuration. You can override settings (even those that don't have dedicated playbook variables) using the `matrix_mautrix_discord_configuration_extension_yaml` variable +- `roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml` for some variables that you can customize via your `vars.yml` file +- `roles/custom/matrix-bridge-mautrix-discord/templates/config.yaml.j2` for the bridge's default configuration. You can override settings (even those that don't have dedicated playbook variables) using the `matrix_mautrix_discord_configuration_extension_yaml` variable ### Set up Double Puppeting diff --git a/docs/configuring-playbook-bridge-mautrix-facebook.md b/docs/configuring-playbook-bridge-mautrix-facebook.md index d74ec2a3..82d51df3 100644 --- a/docs/configuring-playbook-bridge-mautrix-facebook.md +++ b/docs/configuring-playbook-bridge-mautrix-facebook.md @@ -39,7 +39,7 @@ matrix_mautrix_facebook_configuration_extension_yaml: | default: true ``` -You may wish to look at `roles/matrix-bridge-mautrix-facebook/templates/config.yaml.j2` and `roles/matrix-bridge-mautrix-facebook/defaults/main.yml` to find other things you would like to configure. +You may wish to look at `roles/custom/matrix-bridge-mautrix-facebook/templates/config.yaml.j2` and `roles/custom/matrix-bridge-mautrix-facebook/defaults/main.yml` to find other things you would like to configure. ## Set up Double Puppeting diff --git a/docs/configuring-playbook-bridge-mautrix-instagram.md b/docs/configuring-playbook-bridge-mautrix-instagram.md index cbfdcb0b..c5b3feb7 100644 --- a/docs/configuring-playbook-bridge-mautrix-instagram.md +++ b/docs/configuring-playbook-bridge-mautrix-instagram.md @@ -31,7 +31,7 @@ matrix_mautrix_instagram_configuration_extension_yaml: | '@YOUR_USERNAME:YOUR_DOMAIN': admin ``` -You may wish to look at `roles/matrix-bridge-mautrix-instagram/templates/config.yaml.j2` and `roles/matrix-bridge-mautrix-instagram/defaults/main.yml` to find other things you would like to configure. +You may wish to look at `roles/custom/matrix-bridge-mautrix-instagram/templates/config.yaml.j2` and `roles/custom/matrix-bridge-mautrix-instagram/defaults/main.yml` to find other things you would like to configure. ## Usage diff --git a/docs/configuring-playbook-bridge-mautrix-signal.md b/docs/configuring-playbook-bridge-mautrix-signal.md index 403177e6..13e424d4 100644 --- a/docs/configuring-playbook-bridge-mautrix-signal.md +++ b/docs/configuring-playbook-bridge-mautrix-signal.md @@ -55,7 +55,7 @@ matrix_mautrix_signal_bridge_permissions: | '@USER:YOUR_DOMAIN' : user ``` -You may wish to look at `roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2` to find more information on the permissions settings and other options you would like to configure. +You may wish to look at `roles/custom/matrix-bridge-mautrix-signal/templates/config.yaml.j2` to find more information on the permissions settings and other options you would like to configure. ## Set up Double Puppeting diff --git a/docs/configuring-playbook-client-element.md b/docs/configuring-playbook-client-element.md index 2248327f..1f90aca6 100644 --- a/docs/configuring-playbook-client-element.md +++ b/docs/configuring-playbook-client-element.md @@ -17,7 +17,7 @@ matrix_client_element_enabled: false The playbook provides some customization variables you could use to change Element's settings. -Their defaults are defined in [`roles/matrix-client-element/defaults/main.yml`](../roles/matrix-client-element/defaults/main.yml) and they ultimately end up in the generated `/matrix/element/config.json` file (on the server). This file is generated from the [`roles/matrix-client-element/templates/config.json.j2`](../roles/matrix-client-element/templates/config.json.j2) template. +Their defaults are defined in [`roles/custom/matrix-client-element/defaults/main.yml`](../roles/custom/matrix-client-element/defaults/main.yml) and they ultimately end up in the generated `/matrix/element/config.json` file (on the server). This file is generated from the [`roles/custom/matrix-client-element/templates/config.json.j2`](../roles/custom/matrix-client-element/templates/config.json.j2) template. **If there's an existing variable** which controls a setting you wish to change, you can simply define that variable in your configuration file (`inventory/host_vars/matrix./vars.yml`) and [re-run the playbook](installing.md) to apply the changes. @@ -25,9 +25,9 @@ Alternatively, **if there is no pre-defined variable** for an Element setting yo - you can either **request a variable to be created** (or you can submit such a contribution yourself). Keep in mind that it's **probably not a good idea** to create variables for each one of Element's various settings that rarely get used. -- or, you can **extend and override the default configuration** ([`config.json.j2`](../roles/matrix-client-element/templates/config.json.j2)) by making use of the `matrix_client_element_configuration_extension_json_` variable. You can find information about this in [`roles/matrix-client-element/defaults/main.yml`](../roles/matrix-client-element/defaults/main.yml). +- or, you can **extend and override the default configuration** ([`config.json.j2`](../roles/custom/matrix-client-element/templates/config.json.j2)) by making use of the `matrix_client_element_configuration_extension_json_` variable. You can find information about this in [`roles/custom/matrix-client-element/defaults/main.yml`](../roles/custom/matrix-client-element/defaults/main.yml). -- or, if extending the configuration is still not powerful enough for your needs, you can **override the configuration completely** using `matrix_client_element_configuration_default` (or `matrix_client_element_configuration`). You can find information about this in [`roles/matrix-client-element/defaults/main.yml`](../roles/matrix-client-element/defaults/main.yml). +- or, if extending the configuration is still not powerful enough for your needs, you can **override the configuration completely** using `matrix_client_element_configuration_default` (or `matrix_client_element_configuration`). You can find information about this in [`roles/custom/matrix-client-element/defaults/main.yml`](../roles/custom/matrix-client-element/defaults/main.yml). ## Themes diff --git a/docs/configuring-playbook-dimension.md b/docs/configuring-playbook-dimension.md index b97be764..e201785a 100644 --- a/docs/configuring-playbook-dimension.md +++ b/docs/configuring-playbook-dimension.md @@ -22,7 +22,7 @@ matrix_dimension_enabled: true ## Define admin users -These users can modify the integrations this Dimension supports. +These users can modify the integrations this Dimension supports. Add this to your configuration file (`inventory/host_vars/matrix./vars.yml`): ```yaml @@ -73,6 +73,6 @@ In the interim until the above limitation is resolved, an admin user needs to co ## Additional features To use a more custom configuration, you can define a `matrix_dimension_configuration_extension_yaml` string variable and put your configuration in it. -To learn more about how to do this, refer to the information about `matrix_dimension_configuration_extension_yaml` in the [default variables file](../roles/matrix-dimension/defaults/main.yml) of the Dimension component. +To learn more about how to do this, refer to the information about `matrix_dimension_configuration_extension_yaml` in the [default variables file](../roles/custom/matrix-dimension/defaults/main.yml) of the Dimension component. You can find all configuration options on [GitHub page of Dimension project](https://github.com/turt2live/matrix-dimension/blob/master/config/default.yaml). diff --git a/docs/configuring-playbook-external-postgres.md b/docs/configuring-playbook-external-postgres.md index eef3cbac..1f1a30e4 100644 --- a/docs/configuring-playbook-external-postgres.md +++ b/docs/configuring-playbook-external-postgres.md @@ -20,7 +20,7 @@ matrix_synapse_database_database: "your-postgres-server-database-name" # Rewire any other service (each `matrix-*` role) you may wish to use to use your external Postgres server. # Each service expects to have its own dedicated database on the Postgres server -# and uses its own variable names (see `roles/matrix-*/defaults/main.yml) for configuring Postgres connectivity. +# and uses its own variable names (see `roles/custom/matrix-*/defaults/main.yml) for configuring Postgres connectivity. ``` The database (as specified in `matrix_synapse_database_database`) must exist and be accessible with the given credentials. diff --git a/docs/configuring-playbook-jitsi.md b/docs/configuring-playbook-jitsi.md index 51ad29b7..f278e54e 100644 --- a/docs/configuring-playbook-jitsi.md +++ b/docs/configuring-playbook-jitsi.md @@ -14,7 +14,7 @@ Before installing Jitsi, make sure you've created the `jitsi.DOMAIN` DNS record. You may also need to open the following ports to your server: - `4443/tcp` - RTP media fallback over TCP -- `10000/udp` - RTP media over UDP. Depending on your firewall/NAT setup, incoming RTP packets on port `10000` may have the external IP of your firewall as destination address, due to the usage of STUN in JVB (see [`matrix_jitsi_jvb_stun_servers`](../roles/matrix-jitsi/defaults/main.yml)). +- `10000/udp` - RTP media over UDP. Depending on your firewall/NAT setup, incoming RTP packets on port `10000` may have the external IP of your firewall as destination address, due to the usage of STUN in JVB (see [`matrix_jitsi_jvb_stun_servers`](../roles/custom/matrix-jitsi/defaults/main.yml)). ## Installation diff --git a/docs/configuring-playbook-ma1sd.md b/docs/configuring-playbook-ma1sd.md index e18a51c5..1e92378a 100644 --- a/docs/configuring-playbook-ma1sd.md +++ b/docs/configuring-playbook-ma1sd.md @@ -33,7 +33,7 @@ matrix_ma1sd_matrixorg_forwarding_enabled: true ## Customizing email templates If you'd like to change the default email templates used by ma1sd, take a look at the `matrix_ma1sd_threepid_medium_email_custom_` variables -(in the `roles/matrix-ma1sd/defaults/main.yml` file. +(in the `roles/custom/matrix-ma1sd/defaults/main.yml` file. ## ma1sd-controlled Registration @@ -86,7 +86,7 @@ You can refer to the [ma1sd website](https://github.com/ma1uta/ma1sd) for more d To use a more custom configuration, you can define a `matrix_ma1sd_configuration_extension_yaml` string variable and put your configuration in it. -To learn more about how to do this, refer to the information about `matrix_ma1sd_configuration_extension_yaml` in the [default variables file](../roles/matrix-ma1sd/defaults/main.yml) of the ma1sd component. +To learn more about how to do this, refer to the information about `matrix_ma1sd_configuration_extension_yaml` in the [default variables file](../roles/custom/matrix-ma1sd/defaults/main.yml) of the ma1sd component. ## Example: SMS verification diff --git a/docs/configuring-playbook-mautrix-bridges.md b/docs/configuring-playbook-mautrix-bridges.md index 1cd76f96..abc6b0f1 100644 --- a/docs/configuring-playbook-mautrix-bridges.md +++ b/docs/configuring-playbook-mautrix-bridges.md @@ -64,7 +64,7 @@ Can be used to set the username for the bridge. ## Discovering additional configuration options -You may wish to look at `roles/matrix-bridge-mautrix-SERVICENAME/templates/config.yaml.j2` and `roles/matrix-bridge-mautrix-SERVICENAME/defaults/main.yml` to find other things you would like to configure. +You may wish to look at `roles/custom/matrix-bridge-mautrix-SERVICENAME/templates/config.yaml.j2` and `roles/custom/matrix-bridge-mautrix-SERVICENAME/defaults/main.yml` to find other things you would like to configure. ## Set up Double Puppeting @@ -97,7 +97,7 @@ If you have issues with a service, and are requesting support, the higher levels ## Usage -You then need to start a chat with `@SERVICENAMEbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). +You then need to start a chat with `@SERVICENAMEbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). Send `login ` to the bridge bot to get started You can learn more here about authentication from the bridge's official documentation on Authentication https://docs.mau.fi/bridges/python/SERVICENAME/authentication.html . diff --git a/docs/configuring-playbook-nginx.md b/docs/configuring-playbook-nginx.md index c8500b37..96f854d0 100644 --- a/docs/configuring-playbook-nginx.md +++ b/docs/configuring-playbook-nginx.md @@ -42,7 +42,7 @@ Besides changing the preset (`matrix_nginx_proxy_ssl_preset`), you can also dire - `matrix_nginx_proxy_ssl_prefer_server_ciphers`: for specifying if the server or the client choice when negotiating the cipher. It can set to `on` or `off`. - `matrix_nginx_proxy_ssl_ciphers`: for specifying the SSL Cipher suites used by nginx. -For more information about these variables, check the `roles/matrix-nginx-proxy/defaults/main.yml` file. +For more information about these variables, check the `roles/custom/matrix-nginx-proxy/defaults/main.yml` file. ## Synapse + OpenID Connect for Single-Sign-On @@ -80,5 +80,5 @@ matrix_nginx_proxy_proxy_http_additional_server_configuration_blocks: # These lines will be included in the nginx configuration. # This is at the top level of the file, so you will need to define all of the `server { ... }` blocks. - | - # For advanced use, have a look at the template files in `roles/matrix-nginx-proxy/templates/nginx/conf.d` + # For advanced use, have a look at the template files in `roles/custom/matrix-nginx-proxy/templates/nginx/conf.d` ``` diff --git a/docs/configuring-playbook-ntfy.md b/docs/configuring-playbook-ntfy.md index 757bcccd..a5aec60b 100644 --- a/docs/configuring-playbook-ntfy.md +++ b/docs/configuring-playbook-ntfy.md @@ -23,7 +23,7 @@ matrix_ntfy_configuration_extension_yaml: | log_level: DEBUG ``` -For a more complete list of variables that you could override, see `roles/matrix-ntfy/defaults/main.yml`. +For a more complete list of variables that you could override, see `roles/custom/matrix-ntfy/defaults/main.yml`. For a complete list of ntfy config options that you could put in `matrix_ntfy_configuration_extension_yaml`, see the [ntfy config documentation](https://ntfy.sh/docs/config/#config-options). diff --git a/docs/configuring-playbook-own-webserver.md b/docs/configuring-playbook-own-webserver.md index 87201e3e..9fd51086 100644 --- a/docs/configuring-playbook-own-webserver.md +++ b/docs/configuring-playbook-own-webserver.md @@ -34,7 +34,7 @@ No matter which external webserver you decide to go with, you'll need to: matrix_nginx_proxy_enabled: false ``` - if using an external server on another host, add the `_http_host_bind_port` or `_http_bind_port` variables for the services that will be exposed by the external server on the other host. The actual name of the variable is listed in the `roles//defaults/vars.yml` file for each service. Most variables follow the `_http_host_bind_port` format. - + These variables will make Docker expose the ports on all network interfaces instead of localhost only. [Keep in mind that there are some security concerns if you simply proxy everything.](https://github.com/matrix-org/synapse/blob/master/docs/reverse_proxy.md#synapse-administration-endpoints) @@ -84,7 +84,7 @@ After following the [Preparation](#preparation) guide above, you can take a loo ### Using another external webserver -Feel free to look at the [examples/apache](../examples/apache) directory, or the [template files in the matrix-nginx-proxy role](../roles/matrix-nginx-proxy/templates/nginx/conf.d/). +Feel free to look at the [examples/apache](../examples/apache) directory, or the [template files in the matrix-nginx-proxy role](../roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/). ## Method 2: Fronting the integrated nginx reverse-proxy webserver with another reverse-proxy diff --git a/docs/configuring-playbook-sygnal.md b/docs/configuring-playbook-sygnal.md index 3eb626eb..1a344530 100644 --- a/docs/configuring-playbook-sygnal.md +++ b/docs/configuring-playbook-sygnal.md @@ -41,14 +41,14 @@ matrix_aux_file_definitions: group: "{{ matrix_user_groupname }}" ``` -For a more complete example of available fields and values they can take, see `roles/matrix-sygnal/templates/sygnal.yaml.j2` (or the [upstream `sygnal.yaml.sample` configuration file](https://github.com/matrix-org/sygnal/blob/master/sygnal.yaml.sample)). +For a more complete example of available fields and values they can take, see `roles/custom/matrix-sygnal/templates/sygnal.yaml.j2` (or the [upstream `sygnal.yaml.sample` configuration file](https://github.com/matrix-org/sygnal/blob/master/sygnal.yaml.sample)). Configuring [GCM/FCM](https://firebase.google.com/docs/cloud-messaging/) is easier, as it only requires that you provide some config values. To configure [APNS](https://developer.apple.com/notifications/) (Apple Push Notification Service), you'd need to provide one or more certificate files. To do that, the above example configuration: -- makes use of the `matrix-aux` role (and its `matrix_aux_file_definitions` variable) to make the playbook install files into `/matrix/sygnal/data` (the `matrix_sygnal_data_path` variable). See `roles/matrix-aux/defaults/main.yml` for usage examples. It also makes sure the files are owned by `matrix:matrix`, so that Sygnal can read them. Of course, you can also install these files manually yourself, if you'd rather not use `matrix-aux`. +- makes use of the `matrix-aux` role (and its `matrix_aux_file_definitions` variable) to make the playbook install files into `/matrix/sygnal/data` (the `matrix_sygnal_data_path` variable). See `roles/custom/matrix-aux/defaults/main.yml` for usage examples. It also makes sure the files are owned by `matrix:matrix`, so that Sygnal can read them. Of course, you can also install these files manually yourself, if you'd rather not use `matrix-aux`. - references these files in the Sygnal configuration (`matrix_sygnal_apps`) using a path like `/data/..` (the `/matrix/sygnal/data` directory on the host system is mounted into the `/data` directory inside the container) diff --git a/docs/configuring-playbook-synapse-s3-storage-provider.md b/docs/configuring-playbook-synapse-s3-storage-provider.md index a71e5a0b..2dba264b 100644 --- a/docs/configuring-playbook-synapse-s3-storage-provider.md +++ b/docs/configuring-playbook-synapse-s3-storage-provider.md @@ -39,7 +39,7 @@ matrix_synapse_ext_synapse_s3_storage_provider_config_access_key_id: access-key- matrix_synapse_ext_synapse_s3_storage_provider_config_secret_access_key: secret-key-goes-here matrix_synapse_ext_synapse_s3_storage_provider_config_storage_class: STANDARD # or STANDARD_IA, etc. -# For additional advanced settings, take a look at `roles/matrix-synapse/defaults/main.yml` +# For additional advanced settings, take a look at `roles/custom/matrix-synapse/defaults/main.yml` ``` If you have existing files in Synapse's media repository (`/matrix/synapse/media-store/..`): diff --git a/docs/configuring-playbook-synapse.md b/docs/configuring-playbook-synapse.md index 7c38b5cc..2e14f1ad 100644 --- a/docs/configuring-playbook-synapse.md +++ b/docs/configuring-playbook-synapse.md @@ -5,7 +5,7 @@ If that's enough for you, you can skip this document. The playbook provides lots of customization variables you could use to change Synapse's settings. -Their defaults are defined in [`roles/matrix-synapse/defaults/main.yml`](../roles/matrix-synapse/defaults/main.yml) and they ultimately end up in the generated `/matrix/synapse/config/homeserver.yaml` file (on the server). This file is generated from the [`roles/matrix-synapse/templates/synapse/homeserver.yaml.j2`](../roles/matrix-synapse/templates/synapse/homeserver.yaml.j2) template. +Their defaults are defined in [`roles/custom/matrix-synapse/defaults/main.yml`](../roles/custom/matrix-synapse/defaults/main.yml) and they ultimately end up in the generated `/matrix/synapse/config/homeserver.yaml` file (on the server). This file is generated from the [`roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2`](../roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2) template. **If there's an existing variable** which controls a setting you wish to change, you can simply define that variable in your configuration file (`inventory/host_vars/matrix./vars.yml`) and [re-run the playbook](installing.md) to apply the changes. @@ -13,9 +13,9 @@ Alternatively, **if there is no pre-defined variable** for a Synapse setting you - you can either **request a variable to be created** (or you can submit such a contribution yourself). Keep in mind that it's **probably not a good idea** to create variables for each one of Synapse's various settings that rarely get used. -- or, you can **extend and override the default configuration** ([`homeserver.yaml.j2`](../roles/matrix-synapse/templates/synapse/homeserver.yaml.j2)) by making use of the `matrix_synapse_configuration_extension_yaml` variable. You can find information about this in [`roles/matrix-synapse/defaults/main.yml`](../roles/matrix-synapse/defaults/main.yml). +- or, you can **extend and override the default configuration** ([`homeserver.yaml.j2`](../roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2)) by making use of the `matrix_synapse_configuration_extension_yaml` variable. You can find information about this in [`roles/custom/matrix-synapse/defaults/main.yml`](../roles/custom/matrix-synapse/defaults/main.yml). -- or, if extending the configuration is still not powerful enough for your needs, you can **override the configuration completely** using `matrix_synapse_configuration` (or `matrix_synapse_configuration_yaml`). You can find information about this in [`roles/matrix-synapse/defaults/main.yml`](../roles/matrix-synapse/defaults/main.yml). +- or, if extending the configuration is still not powerful enough for your needs, you can **override the configuration completely** using `matrix_synapse_configuration` (or `matrix_synapse_configuration_yaml`). You can find information about this in [`roles/custom/matrix-synapse/defaults/main.yml`](../roles/custom/matrix-synapse/defaults/main.yml). ## Load balancing with workers diff --git a/examples/vars.yml b/examples/vars.yml index 248f906b..e1b6cf05 100644 --- a/examples/vars.yml +++ b/examples/vars.yml @@ -13,7 +13,7 @@ matrix_domain: YOUR_BARE_DOMAIN_NAME_HERE # The Matrix homeserver software to install. # See: -# - `roles/matrix-base/defaults/main.yml` for valid options +# - `roles/custom/matrix-base/defaults/main.yml` for valid options # - the `docs/configuring-playbook-IMPLEMENTATION_NAME.md` documentation page, if one is available for your implementation choice matrix_homeserver_implementation: synapse diff --git a/roles/matrix-aux/defaults/main.yml b/roles/custom/matrix-aux/defaults/main.yml similarity index 100% rename from roles/matrix-aux/defaults/main.yml rename to roles/custom/matrix-aux/defaults/main.yml diff --git a/roles/matrix-aux/tasks/main.yml b/roles/custom/matrix-aux/tasks/main.yml similarity index 100% rename from roles/matrix-aux/tasks/main.yml rename to roles/custom/matrix-aux/tasks/main.yml diff --git a/roles/matrix-aux/tasks/setup.yml b/roles/custom/matrix-aux/tasks/setup.yml similarity index 100% rename from roles/matrix-aux/tasks/setup.yml rename to roles/custom/matrix-aux/tasks/setup.yml diff --git a/roles/matrix-backup-borg/defaults/main.yml b/roles/custom/matrix-backup-borg/defaults/main.yml similarity index 100% rename from roles/matrix-backup-borg/defaults/main.yml rename to roles/custom/matrix-backup-borg/defaults/main.yml diff --git a/roles/matrix-backup-borg/tasks/init.yml b/roles/custom/matrix-backup-borg/tasks/init.yml similarity index 100% rename from roles/matrix-backup-borg/tasks/init.yml rename to roles/custom/matrix-backup-borg/tasks/init.yml diff --git a/roles/matrix-backup-borg/tasks/main.yml b/roles/custom/matrix-backup-borg/tasks/main.yml similarity index 100% rename from roles/matrix-backup-borg/tasks/main.yml rename to roles/custom/matrix-backup-borg/tasks/main.yml diff --git a/roles/matrix-backup-borg/tasks/setup_install.yml b/roles/custom/matrix-backup-borg/tasks/setup_install.yml similarity index 99% rename from roles/matrix-backup-borg/tasks/setup_install.yml rename to roles/custom/matrix-backup-borg/tasks/setup_install.yml index f99051e3..9c7429b8 100644 --- a/roles/matrix-backup-borg/tasks/setup_install.yml +++ b/roles/custom/matrix-backup-borg/tasks/setup_install.yml @@ -10,7 +10,7 @@ when: not matrix_postgres_enabled - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: detect_existing_postgres_version - name: Fail if detected Postgres version is unsupported diff --git a/roles/matrix-backup-borg/tasks/setup_uninstall.yml b/roles/custom/matrix-backup-borg/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-backup-borg/tasks/setup_uninstall.yml rename to roles/custom/matrix-backup-borg/tasks/setup_uninstall.yml diff --git a/roles/matrix-backup-borg/tasks/validate_config.yml b/roles/custom/matrix-backup-borg/tasks/validate_config.yml similarity index 100% rename from roles/matrix-backup-borg/tasks/validate_config.yml rename to roles/custom/matrix-backup-borg/tasks/validate_config.yml diff --git a/roles/matrix-backup-borg/templates/config.yaml.j2 b/roles/custom/matrix-backup-borg/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-backup-borg/templates/config.yaml.j2 rename to roles/custom/matrix-backup-borg/templates/config.yaml.j2 diff --git a/roles/matrix-backup-borg/templates/passwd.j2 b/roles/custom/matrix-backup-borg/templates/passwd.j2 similarity index 100% rename from roles/matrix-backup-borg/templates/passwd.j2 rename to roles/custom/matrix-backup-borg/templates/passwd.j2 diff --git a/roles/matrix-backup-borg/templates/sshkey.j2 b/roles/custom/matrix-backup-borg/templates/sshkey.j2 similarity index 100% rename from roles/matrix-backup-borg/templates/sshkey.j2 rename to roles/custom/matrix-backup-borg/templates/sshkey.j2 diff --git a/roles/matrix-backup-borg/templates/systemd/matrix-backup-borg.service.j2 b/roles/custom/matrix-backup-borg/templates/systemd/matrix-backup-borg.service.j2 similarity index 100% rename from roles/matrix-backup-borg/templates/systemd/matrix-backup-borg.service.j2 rename to roles/custom/matrix-backup-borg/templates/systemd/matrix-backup-borg.service.j2 diff --git a/roles/matrix-backup-borg/templates/systemd/matrix-backup-borg.timer.j2 b/roles/custom/matrix-backup-borg/templates/systemd/matrix-backup-borg.timer.j2 similarity index 100% rename from roles/matrix-backup-borg/templates/systemd/matrix-backup-borg.timer.j2 rename to roles/custom/matrix-backup-borg/templates/systemd/matrix-backup-borg.timer.j2 diff --git a/roles/matrix-base/defaults/main.yml b/roles/custom/matrix-base/defaults/main.yml similarity index 100% rename from roles/matrix-base/defaults/main.yml rename to roles/custom/matrix-base/defaults/main.yml diff --git a/roles/matrix-base/files/yum.repos.d/docker-ce-centos.repo b/roles/custom/matrix-base/files/yum.repos.d/docker-ce-centos.repo similarity index 100% rename from roles/matrix-base/files/yum.repos.d/docker-ce-centos.repo rename to roles/custom/matrix-base/files/yum.repos.d/docker-ce-centos.repo diff --git a/roles/matrix-base/files/yum.repos.d/docker-ce-fedora.repo b/roles/custom/matrix-base/files/yum.repos.d/docker-ce-fedora.repo similarity index 100% rename from roles/matrix-base/files/yum.repos.d/docker-ce-fedora.repo rename to roles/custom/matrix-base/files/yum.repos.d/docker-ce-fedora.repo diff --git a/roles/matrix-base/tasks/clean_up_old_files.yml b/roles/custom/matrix-base/tasks/clean_up_old_files.yml similarity index 100% rename from roles/matrix-base/tasks/clean_up_old_files.yml rename to roles/custom/matrix-base/tasks/clean_up_old_files.yml diff --git a/roles/matrix-base/tasks/main.yml b/roles/custom/matrix-base/tasks/main.yml similarity index 100% rename from roles/matrix-base/tasks/main.yml rename to roles/custom/matrix-base/tasks/main.yml diff --git a/roles/matrix-base/tasks/sanity_check.yml b/roles/custom/matrix-base/tasks/sanity_check.yml similarity index 100% rename from roles/matrix-base/tasks/sanity_check.yml rename to roles/custom/matrix-base/tasks/sanity_check.yml diff --git a/roles/matrix-base/tasks/server_base/setup.yml b/roles/custom/matrix-base/tasks/server_base/setup.yml similarity index 100% rename from roles/matrix-base/tasks/server_base/setup.yml rename to roles/custom/matrix-base/tasks/server_base/setup.yml diff --git a/roles/matrix-base/tasks/server_base/setup_archlinux.yml b/roles/custom/matrix-base/tasks/server_base/setup_archlinux.yml similarity index 100% rename from roles/matrix-base/tasks/server_base/setup_archlinux.yml rename to roles/custom/matrix-base/tasks/server_base/setup_archlinux.yml diff --git a/roles/matrix-base/tasks/server_base/setup_debian.yml b/roles/custom/matrix-base/tasks/server_base/setup_debian.yml similarity index 100% rename from roles/matrix-base/tasks/server_base/setup_debian.yml rename to roles/custom/matrix-base/tasks/server_base/setup_debian.yml diff --git a/roles/matrix-base/tasks/server_base/setup_fedora.yml b/roles/custom/matrix-base/tasks/server_base/setup_fedora.yml similarity index 100% rename from roles/matrix-base/tasks/server_base/setup_fedora.yml rename to roles/custom/matrix-base/tasks/server_base/setup_fedora.yml diff --git a/roles/matrix-base/tasks/server_base/setup_raspbian.yml b/roles/custom/matrix-base/tasks/server_base/setup_raspbian.yml similarity index 100% rename from roles/matrix-base/tasks/server_base/setup_raspbian.yml rename to roles/custom/matrix-base/tasks/server_base/setup_raspbian.yml diff --git a/roles/matrix-base/tasks/server_base/setup_redhat.yml b/roles/custom/matrix-base/tasks/server_base/setup_redhat.yml similarity index 100% rename from roles/matrix-base/tasks/server_base/setup_redhat.yml rename to roles/custom/matrix-base/tasks/server_base/setup_redhat.yml diff --git a/roles/matrix-base/tasks/server_base/setup_redhat8.yml b/roles/custom/matrix-base/tasks/server_base/setup_redhat8.yml similarity index 100% rename from roles/matrix-base/tasks/server_base/setup_redhat8.yml rename to roles/custom/matrix-base/tasks/server_base/setup_redhat8.yml diff --git a/roles/matrix-base/tasks/setup_matrix_base.yml b/roles/custom/matrix-base/tasks/setup_matrix_base.yml similarity index 100% rename from roles/matrix-base/tasks/setup_matrix_base.yml rename to roles/custom/matrix-base/tasks/setup_matrix_base.yml diff --git a/roles/matrix-base/tasks/setup_matrix_user.yml b/roles/custom/matrix-base/tasks/setup_matrix_user.yml similarity index 100% rename from roles/matrix-base/tasks/setup_matrix_user.yml rename to roles/custom/matrix-base/tasks/setup_matrix_user.yml diff --git a/roles/matrix-base/tasks/setup_well_known.yml b/roles/custom/matrix-base/tasks/setup_well_known.yml similarity index 100% rename from roles/matrix-base/tasks/setup_well_known.yml rename to roles/custom/matrix-base/tasks/setup_well_known.yml diff --git a/roles/matrix-base/tasks/util/ensure_fuse_installed.yml b/roles/custom/matrix-base/tasks/util/ensure_fuse_installed.yml similarity index 100% rename from roles/matrix-base/tasks/util/ensure_fuse_installed.yml rename to roles/custom/matrix-base/tasks/util/ensure_fuse_installed.yml diff --git a/roles/matrix-base/tasks/util/ensure_openssl_installed.yml b/roles/custom/matrix-base/tasks/util/ensure_openssl_installed.yml similarity index 100% rename from roles/matrix-base/tasks/util/ensure_openssl_installed.yml rename to roles/custom/matrix-base/tasks/util/ensure_openssl_installed.yml diff --git a/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 b/roles/custom/matrix-base/templates/static-files/well-known/matrix-client.j2 similarity index 100% rename from roles/matrix-base/templates/static-files/well-known/matrix-client.j2 rename to roles/custom/matrix-base/templates/static-files/well-known/matrix-client.j2 diff --git a/roles/matrix-base/templates/static-files/well-known/matrix-server.j2 b/roles/custom/matrix-base/templates/static-files/well-known/matrix-server.j2 similarity index 100% rename from roles/matrix-base/templates/static-files/well-known/matrix-server.j2 rename to roles/custom/matrix-base/templates/static-files/well-known/matrix-server.j2 diff --git a/roles/matrix-base/templates/static-files/well-known/matrix-support.j2 b/roles/custom/matrix-base/templates/static-files/well-known/matrix-support.j2 similarity index 100% rename from roles/matrix-base/templates/static-files/well-known/matrix-support.j2 rename to roles/custom/matrix-base/templates/static-files/well-known/matrix-support.j2 diff --git a/roles/matrix-base/templates/usr-local-bin/matrix-remove-all.j2 b/roles/custom/matrix-base/templates/usr-local-bin/matrix-remove-all.j2 similarity index 100% rename from roles/matrix-base/templates/usr-local-bin/matrix-remove-all.j2 rename to roles/custom/matrix-base/templates/usr-local-bin/matrix-remove-all.j2 diff --git a/roles/matrix-base/vars/main.yml b/roles/custom/matrix-base/vars/main.yml similarity index 100% rename from roles/matrix-base/vars/main.yml rename to roles/custom/matrix-base/vars/main.yml diff --git a/roles/matrix-bot-buscarron/defaults/main.yml b/roles/custom/matrix-bot-buscarron/defaults/main.yml similarity index 100% rename from roles/matrix-bot-buscarron/defaults/main.yml rename to roles/custom/matrix-bot-buscarron/defaults/main.yml diff --git a/roles/matrix-bot-buscarron/tasks/init.yml b/roles/custom/matrix-bot-buscarron/tasks/init.yml similarity index 100% rename from roles/matrix-bot-buscarron/tasks/init.yml rename to roles/custom/matrix-bot-buscarron/tasks/init.yml diff --git a/roles/matrix-bot-buscarron/tasks/main.yml b/roles/custom/matrix-bot-buscarron/tasks/main.yml similarity index 100% rename from roles/matrix-bot-buscarron/tasks/main.yml rename to roles/custom/matrix-bot-buscarron/tasks/main.yml diff --git a/roles/matrix-bot-buscarron/tasks/setup_install.yml b/roles/custom/matrix-bot-buscarron/tasks/setup_install.yml similarity index 99% rename from roles/matrix-bot-buscarron/tasks/setup_install.yml rename to roles/custom/matrix-bot-buscarron/tasks/setup_install.yml index 4a23d7e7..431989f8 100644 --- a/roles/matrix-bot-buscarron/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-buscarron/tasks/setup_install.yml @@ -21,7 +21,7 @@ systemd_services_to_stop: ['matrix-bot-buscarron.service'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-bot-buscarron/tasks/setup_uninstall.yml b/roles/custom/matrix-bot-buscarron/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bot-buscarron/tasks/setup_uninstall.yml rename to roles/custom/matrix-bot-buscarron/tasks/setup_uninstall.yml diff --git a/roles/matrix-bot-buscarron/tasks/validate_config.yml b/roles/custom/matrix-bot-buscarron/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bot-buscarron/tasks/validate_config.yml rename to roles/custom/matrix-bot-buscarron/tasks/validate_config.yml diff --git a/roles/matrix-bot-buscarron/templates/env.j2 b/roles/custom/matrix-bot-buscarron/templates/env.j2 similarity index 100% rename from roles/matrix-bot-buscarron/templates/env.j2 rename to roles/custom/matrix-bot-buscarron/templates/env.j2 diff --git a/roles/matrix-bot-buscarron/templates/systemd/matrix-bot-buscarron.service.j2 b/roles/custom/matrix-bot-buscarron/templates/systemd/matrix-bot-buscarron.service.j2 similarity index 100% rename from roles/matrix-bot-buscarron/templates/systemd/matrix-bot-buscarron.service.j2 rename to roles/custom/matrix-bot-buscarron/templates/systemd/matrix-bot-buscarron.service.j2 diff --git a/roles/matrix-bot-go-neb/defaults/main.yml b/roles/custom/matrix-bot-go-neb/defaults/main.yml similarity index 100% rename from roles/matrix-bot-go-neb/defaults/main.yml rename to roles/custom/matrix-bot-go-neb/defaults/main.yml diff --git a/roles/matrix-bot-go-neb/tasks/init.yml b/roles/custom/matrix-bot-go-neb/tasks/init.yml similarity index 100% rename from roles/matrix-bot-go-neb/tasks/init.yml rename to roles/custom/matrix-bot-go-neb/tasks/init.yml diff --git a/roles/matrix-bot-go-neb/tasks/main.yml b/roles/custom/matrix-bot-go-neb/tasks/main.yml similarity index 100% rename from roles/matrix-bot-go-neb/tasks/main.yml rename to roles/custom/matrix-bot-go-neb/tasks/main.yml diff --git a/roles/matrix-bot-go-neb/tasks/setup_install.yml b/roles/custom/matrix-bot-go-neb/tasks/setup_install.yml similarity index 100% rename from roles/matrix-bot-go-neb/tasks/setup_install.yml rename to roles/custom/matrix-bot-go-neb/tasks/setup_install.yml diff --git a/roles/matrix-bot-go-neb/tasks/setup_uninstall.yml b/roles/custom/matrix-bot-go-neb/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bot-go-neb/tasks/setup_uninstall.yml rename to roles/custom/matrix-bot-go-neb/tasks/setup_uninstall.yml diff --git a/roles/matrix-bot-go-neb/tasks/validate_config.yml b/roles/custom/matrix-bot-go-neb/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bot-go-neb/tasks/validate_config.yml rename to roles/custom/matrix-bot-go-neb/tasks/validate_config.yml diff --git a/roles/matrix-bot-go-neb/templates/config.yaml.j2 b/roles/custom/matrix-bot-go-neb/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bot-go-neb/templates/config.yaml.j2 rename to roles/custom/matrix-bot-go-neb/templates/config.yaml.j2 diff --git a/roles/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 b/roles/custom/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 similarity index 100% rename from roles/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 rename to roles/custom/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 diff --git a/roles/matrix-bot-honoroit/defaults/main.yml b/roles/custom/matrix-bot-honoroit/defaults/main.yml similarity index 100% rename from roles/matrix-bot-honoroit/defaults/main.yml rename to roles/custom/matrix-bot-honoroit/defaults/main.yml diff --git a/roles/matrix-bot-honoroit/tasks/init.yml b/roles/custom/matrix-bot-honoroit/tasks/init.yml similarity index 100% rename from roles/matrix-bot-honoroit/tasks/init.yml rename to roles/custom/matrix-bot-honoroit/tasks/init.yml diff --git a/roles/matrix-bot-honoroit/tasks/main.yml b/roles/custom/matrix-bot-honoroit/tasks/main.yml similarity index 100% rename from roles/matrix-bot-honoroit/tasks/main.yml rename to roles/custom/matrix-bot-honoroit/tasks/main.yml diff --git a/roles/matrix-bot-honoroit/tasks/setup_install.yml b/roles/custom/matrix-bot-honoroit/tasks/setup_install.yml similarity index 99% rename from roles/matrix-bot-honoroit/tasks/setup_install.yml rename to roles/custom/matrix-bot-honoroit/tasks/setup_install.yml index 3c974557..5ca63186 100644 --- a/roles/matrix-bot-honoroit/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-honoroit/tasks/setup_install.yml @@ -21,7 +21,7 @@ systemd_services_to_stop: ['matrix-bot-honoroit.service'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-bot-honoroit/tasks/setup_uninstall.yml b/roles/custom/matrix-bot-honoroit/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bot-honoroit/tasks/setup_uninstall.yml rename to roles/custom/matrix-bot-honoroit/tasks/setup_uninstall.yml diff --git a/roles/matrix-bot-honoroit/tasks/validate_config.yml b/roles/custom/matrix-bot-honoroit/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bot-honoroit/tasks/validate_config.yml rename to roles/custom/matrix-bot-honoroit/tasks/validate_config.yml diff --git a/roles/matrix-bot-honoroit/templates/env.j2 b/roles/custom/matrix-bot-honoroit/templates/env.j2 similarity index 100% rename from roles/matrix-bot-honoroit/templates/env.j2 rename to roles/custom/matrix-bot-honoroit/templates/env.j2 diff --git a/roles/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2 b/roles/custom/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2 similarity index 100% rename from roles/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2 rename to roles/custom/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2 diff --git a/roles/matrix-bot-matrix-registration-bot/defaults/main.yml b/roles/custom/matrix-bot-matrix-registration-bot/defaults/main.yml similarity index 100% rename from roles/matrix-bot-matrix-registration-bot/defaults/main.yml rename to roles/custom/matrix-bot-matrix-registration-bot/defaults/main.yml diff --git a/roles/matrix-bot-matrix-registration-bot/tasks/init.yml b/roles/custom/matrix-bot-matrix-registration-bot/tasks/init.yml similarity index 100% rename from roles/matrix-bot-matrix-registration-bot/tasks/init.yml rename to roles/custom/matrix-bot-matrix-registration-bot/tasks/init.yml diff --git a/roles/matrix-bot-matrix-registration-bot/tasks/main.yml b/roles/custom/matrix-bot-matrix-registration-bot/tasks/main.yml similarity index 100% rename from roles/matrix-bot-matrix-registration-bot/tasks/main.yml rename to roles/custom/matrix-bot-matrix-registration-bot/tasks/main.yml diff --git a/roles/matrix-bot-matrix-registration-bot/tasks/setup_install.yml b/roles/custom/matrix-bot-matrix-registration-bot/tasks/setup_install.yml similarity index 100% rename from roles/matrix-bot-matrix-registration-bot/tasks/setup_install.yml rename to roles/custom/matrix-bot-matrix-registration-bot/tasks/setup_install.yml diff --git a/roles/matrix-bot-matrix-registration-bot/tasks/setup_uninstall.yml b/roles/custom/matrix-bot-matrix-registration-bot/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bot-matrix-registration-bot/tasks/setup_uninstall.yml rename to roles/custom/matrix-bot-matrix-registration-bot/tasks/setup_uninstall.yml diff --git a/roles/matrix-bot-matrix-registration-bot/tasks/validate_config.yml b/roles/custom/matrix-bot-matrix-registration-bot/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bot-matrix-registration-bot/tasks/validate_config.yml rename to roles/custom/matrix-bot-matrix-registration-bot/tasks/validate_config.yml diff --git a/roles/matrix-bot-matrix-registration-bot/templates/config/config.yml.j2 b/roles/custom/matrix-bot-matrix-registration-bot/templates/config/config.yml.j2 similarity index 100% rename from roles/matrix-bot-matrix-registration-bot/templates/config/config.yml.j2 rename to roles/custom/matrix-bot-matrix-registration-bot/templates/config/config.yml.j2 diff --git a/roles/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 b/roles/custom/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 similarity index 100% rename from roles/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 rename to roles/custom/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 diff --git a/roles/matrix-bot-matrix-reminder-bot/defaults/main.yml b/roles/custom/matrix-bot-matrix-reminder-bot/defaults/main.yml similarity index 100% rename from roles/matrix-bot-matrix-reminder-bot/defaults/main.yml rename to roles/custom/matrix-bot-matrix-reminder-bot/defaults/main.yml diff --git a/roles/matrix-bot-matrix-reminder-bot/tasks/init.yml b/roles/custom/matrix-bot-matrix-reminder-bot/tasks/init.yml similarity index 100% rename from roles/matrix-bot-matrix-reminder-bot/tasks/init.yml rename to roles/custom/matrix-bot-matrix-reminder-bot/tasks/init.yml diff --git a/roles/matrix-bot-matrix-reminder-bot/tasks/main.yml b/roles/custom/matrix-bot-matrix-reminder-bot/tasks/main.yml similarity index 100% rename from roles/matrix-bot-matrix-reminder-bot/tasks/main.yml rename to roles/custom/matrix-bot-matrix-reminder-bot/tasks/main.yml diff --git a/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml b/roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml similarity index 99% rename from roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml rename to roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml index 5d784ef3..9418892d 100644 --- a/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml @@ -22,7 +22,7 @@ systemd_services_to_stop: ['matrix-bot-matrix-reminder-bot.service'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-bot-matrix-reminder-bot/tasks/setup_uninstall.yml b/roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bot-matrix-reminder-bot/tasks/setup_uninstall.yml rename to roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_uninstall.yml diff --git a/roles/matrix-bot-matrix-reminder-bot/tasks/validate_config.yml b/roles/custom/matrix-bot-matrix-reminder-bot/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bot-matrix-reminder-bot/tasks/validate_config.yml rename to roles/custom/matrix-bot-matrix-reminder-bot/tasks/validate_config.yml diff --git a/roles/matrix-bot-matrix-reminder-bot/templates/config.yaml.j2 b/roles/custom/matrix-bot-matrix-reminder-bot/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bot-matrix-reminder-bot/templates/config.yaml.j2 rename to roles/custom/matrix-bot-matrix-reminder-bot/templates/config.yaml.j2 diff --git a/roles/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 b/roles/custom/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 similarity index 100% rename from roles/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 rename to roles/custom/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/custom/matrix-bot-maubot/defaults/main.yml similarity index 100% rename from roles/matrix-bot-maubot/defaults/main.yml rename to roles/custom/matrix-bot-maubot/defaults/main.yml diff --git a/roles/matrix-bot-maubot/tasks/init.yml b/roles/custom/matrix-bot-maubot/tasks/init.yml similarity index 100% rename from roles/matrix-bot-maubot/tasks/init.yml rename to roles/custom/matrix-bot-maubot/tasks/init.yml diff --git a/roles/matrix-bot-maubot/tasks/main.yml b/roles/custom/matrix-bot-maubot/tasks/main.yml similarity index 100% rename from roles/matrix-bot-maubot/tasks/main.yml rename to roles/custom/matrix-bot-maubot/tasks/main.yml diff --git a/roles/matrix-bot-maubot/tasks/setup_install.yml b/roles/custom/matrix-bot-maubot/tasks/setup_install.yml similarity index 100% rename from roles/matrix-bot-maubot/tasks/setup_install.yml rename to roles/custom/matrix-bot-maubot/tasks/setup_install.yml diff --git a/roles/matrix-bot-maubot/tasks/setup_uninstall.yml b/roles/custom/matrix-bot-maubot/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bot-maubot/tasks/setup_uninstall.yml rename to roles/custom/matrix-bot-maubot/tasks/setup_uninstall.yml diff --git a/roles/matrix-bot-maubot/tasks/validate_config.yml b/roles/custom/matrix-bot-maubot/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bot-maubot/tasks/validate_config.yml rename to roles/custom/matrix-bot-maubot/tasks/validate_config.yml diff --git a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 b/roles/custom/matrix-bot-maubot/templates/config/config.yaml.j2 similarity index 100% rename from roles/matrix-bot-maubot/templates/config/config.yaml.j2 rename to roles/custom/matrix-bot-maubot/templates/config/config.yaml.j2 diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 b/roles/custom/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 similarity index 100% rename from roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 rename to roles/custom/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 diff --git a/roles/matrix-bot-mjolnir/defaults/main.yml b/roles/custom/matrix-bot-mjolnir/defaults/main.yml similarity index 100% rename from roles/matrix-bot-mjolnir/defaults/main.yml rename to roles/custom/matrix-bot-mjolnir/defaults/main.yml diff --git a/roles/matrix-bot-mjolnir/tasks/init.yml b/roles/custom/matrix-bot-mjolnir/tasks/init.yml similarity index 100% rename from roles/matrix-bot-mjolnir/tasks/init.yml rename to roles/custom/matrix-bot-mjolnir/tasks/init.yml diff --git a/roles/matrix-bot-mjolnir/tasks/main.yml b/roles/custom/matrix-bot-mjolnir/tasks/main.yml similarity index 100% rename from roles/matrix-bot-mjolnir/tasks/main.yml rename to roles/custom/matrix-bot-mjolnir/tasks/main.yml diff --git a/roles/matrix-bot-mjolnir/tasks/setup_install.yml b/roles/custom/matrix-bot-mjolnir/tasks/setup_install.yml similarity index 100% rename from roles/matrix-bot-mjolnir/tasks/setup_install.yml rename to roles/custom/matrix-bot-mjolnir/tasks/setup_install.yml diff --git a/roles/matrix-bot-mjolnir/tasks/setup_uninstall.yml b/roles/custom/matrix-bot-mjolnir/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bot-mjolnir/tasks/setup_uninstall.yml rename to roles/custom/matrix-bot-mjolnir/tasks/setup_uninstall.yml diff --git a/roles/matrix-bot-mjolnir/tasks/validate_config.yml b/roles/custom/matrix-bot-mjolnir/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bot-mjolnir/tasks/validate_config.yml rename to roles/custom/matrix-bot-mjolnir/tasks/validate_config.yml diff --git a/roles/matrix-bot-mjolnir/templates/production.yaml.j2 b/roles/custom/matrix-bot-mjolnir/templates/production.yaml.j2 similarity index 100% rename from roles/matrix-bot-mjolnir/templates/production.yaml.j2 rename to roles/custom/matrix-bot-mjolnir/templates/production.yaml.j2 diff --git a/roles/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 b/roles/custom/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 similarity index 100% rename from roles/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 rename to roles/custom/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/custom/matrix-bot-postmoogle/defaults/main.yml similarity index 100% rename from roles/matrix-bot-postmoogle/defaults/main.yml rename to roles/custom/matrix-bot-postmoogle/defaults/main.yml diff --git a/roles/matrix-bot-postmoogle/tasks/init.yml b/roles/custom/matrix-bot-postmoogle/tasks/init.yml similarity index 100% rename from roles/matrix-bot-postmoogle/tasks/init.yml rename to roles/custom/matrix-bot-postmoogle/tasks/init.yml diff --git a/roles/matrix-bot-postmoogle/tasks/main.yml b/roles/custom/matrix-bot-postmoogle/tasks/main.yml similarity index 100% rename from roles/matrix-bot-postmoogle/tasks/main.yml rename to roles/custom/matrix-bot-postmoogle/tasks/main.yml diff --git a/roles/matrix-bot-postmoogle/tasks/setup_install.yml b/roles/custom/matrix-bot-postmoogle/tasks/setup_install.yml similarity index 99% rename from roles/matrix-bot-postmoogle/tasks/setup_install.yml rename to roles/custom/matrix-bot-postmoogle/tasks/setup_install.yml index 5edfd4a9..852b5b1a 100644 --- a/roles/matrix-bot-postmoogle/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-postmoogle/tasks/setup_install.yml @@ -18,7 +18,7 @@ systemd_services_to_stop: ['matrix-bot-postmoogle.service'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-bot-postmoogle/tasks/setup_uninstall.yml b/roles/custom/matrix-bot-postmoogle/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bot-postmoogle/tasks/setup_uninstall.yml rename to roles/custom/matrix-bot-postmoogle/tasks/setup_uninstall.yml diff --git a/roles/matrix-bot-postmoogle/tasks/validate_config.yml b/roles/custom/matrix-bot-postmoogle/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bot-postmoogle/tasks/validate_config.yml rename to roles/custom/matrix-bot-postmoogle/tasks/validate_config.yml diff --git a/roles/matrix-bot-postmoogle/templates/env.j2 b/roles/custom/matrix-bot-postmoogle/templates/env.j2 similarity index 100% rename from roles/matrix-bot-postmoogle/templates/env.j2 rename to roles/custom/matrix-bot-postmoogle/templates/env.j2 diff --git a/roles/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 b/roles/custom/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 similarity index 100% rename from roles/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 rename to roles/custom/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 diff --git a/roles/matrix-bridge-appservice-discord/defaults/main.yml b/roles/custom/matrix-bridge-appservice-discord/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-appservice-discord/defaults/main.yml rename to roles/custom/matrix-bridge-appservice-discord/defaults/main.yml diff --git a/roles/matrix-bridge-appservice-discord/tasks/init.yml b/roles/custom/matrix-bridge-appservice-discord/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-appservice-discord/tasks/init.yml rename to roles/custom/matrix-bridge-appservice-discord/tasks/init.yml diff --git a/roles/matrix-bridge-appservice-discord/tasks/main.yml b/roles/custom/matrix-bridge-appservice-discord/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-appservice-discord/tasks/main.yml rename to roles/custom/matrix-bridge-appservice-discord/tasks/main.yml diff --git a/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-discord/tasks/setup_install.yml similarity index 99% rename from roles/matrix-bridge-appservice-discord/tasks/setup_install.yml rename to roles/custom/matrix-bridge-appservice-discord/tasks/setup_install.yml index 3ef48c3d..ffba95b6 100644 --- a/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-appservice-discord/tasks/setup_install.yml @@ -22,7 +22,7 @@ systemd_services_to_stop: ['matrix-appservice-discord.service'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-appservice-discord/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-appservice-discord/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-appservice-discord/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-appservice-discord/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-appservice-discord/tasks/validate_config.yml b/roles/custom/matrix-bridge-appservice-discord/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-appservice-discord/tasks/validate_config.yml rename to roles/custom/matrix-bridge-appservice-discord/tasks/validate_config.yml diff --git a/roles/matrix-bridge-appservice-discord/templates/config.yaml.j2 b/roles/custom/matrix-bridge-appservice-discord/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-appservice-discord/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-appservice-discord/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 b/roles/custom/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 similarity index 100% rename from roles/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 rename to roles/custom/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 diff --git a/roles/matrix-bridge-appservice-irc/defaults/main.yml b/roles/custom/matrix-bridge-appservice-irc/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-appservice-irc/defaults/main.yml rename to roles/custom/matrix-bridge-appservice-irc/defaults/main.yml diff --git a/roles/matrix-bridge-appservice-irc/tasks/init.yml b/roles/custom/matrix-bridge-appservice-irc/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-appservice-irc/tasks/init.yml rename to roles/custom/matrix-bridge-appservice-irc/tasks/init.yml diff --git a/roles/matrix-bridge-appservice-irc/tasks/main.yml b/roles/custom/matrix-bridge-appservice-irc/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-appservice-irc/tasks/main.yml rename to roles/custom/matrix-bridge-appservice-irc/tasks/main.yml diff --git a/roles/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml b/roles/custom/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml similarity index 100% rename from roles/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml rename to roles/custom/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml diff --git a/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml similarity index 100% rename from roles/matrix-bridge-appservice-irc/tasks/setup_install.yml rename to roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml diff --git a/roles/matrix-bridge-appservice-irc/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-appservice-irc/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-appservice-irc/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-appservice-irc/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-appservice-irc/tasks/validate_config.yml b/roles/custom/matrix-bridge-appservice-irc/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-appservice-irc/tasks/validate_config.yml rename to roles/custom/matrix-bridge-appservice-irc/tasks/validate_config.yml diff --git a/roles/matrix-bridge-appservice-irc/templates/config.yaml.j2 b/roles/custom/matrix-bridge-appservice-irc/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-appservice-irc/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-appservice-irc/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 b/roles/custom/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 similarity index 100% rename from roles/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 rename to roles/custom/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 diff --git a/roles/matrix-bridge-appservice-kakaotalk/defaults/main.yml b/roles/custom/matrix-bridge-appservice-kakaotalk/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-appservice-kakaotalk/defaults/main.yml rename to roles/custom/matrix-bridge-appservice-kakaotalk/defaults/main.yml diff --git a/roles/matrix-bridge-appservice-kakaotalk/tasks/init.yml b/roles/custom/matrix-bridge-appservice-kakaotalk/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-appservice-kakaotalk/tasks/init.yml rename to roles/custom/matrix-bridge-appservice-kakaotalk/tasks/init.yml diff --git a/roles/matrix-bridge-appservice-kakaotalk/tasks/main.yml b/roles/custom/matrix-bridge-appservice-kakaotalk/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-appservice-kakaotalk/tasks/main.yml rename to roles/custom/matrix-bridge-appservice-kakaotalk/tasks/main.yml diff --git a/roles/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml similarity index 100% rename from roles/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml rename to roles/custom/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml diff --git a/roles/matrix-bridge-appservice-kakaotalk/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-appservice-kakaotalk/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-appservice-kakaotalk/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-appservice-kakaotalk/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-appservice-kakaotalk/tasks/validate_config.yml b/roles/custom/matrix-bridge-appservice-kakaotalk/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-appservice-kakaotalk/tasks/validate_config.yml rename to roles/custom/matrix-bridge-appservice-kakaotalk/tasks/validate_config.yml diff --git a/roles/matrix-bridge-appservice-kakaotalk/templates/config.yaml.j2 b/roles/custom/matrix-bridge-appservice-kakaotalk/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-appservice-kakaotalk/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-appservice-kakaotalk/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-appservice-kakaotalk/templates/node-config.json.j2 b/roles/custom/matrix-bridge-appservice-kakaotalk/templates/node-config.json.j2 similarity index 100% rename from roles/matrix-bridge-appservice-kakaotalk/templates/node-config.json.j2 rename to roles/custom/matrix-bridge-appservice-kakaotalk/templates/node-config.json.j2 diff --git a/roles/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 b/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 similarity index 100% rename from roles/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 rename to roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 diff --git a/roles/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 b/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 similarity index 100% rename from roles/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 rename to roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 diff --git a/roles/matrix-bridge-appservice-slack/defaults/main.yml b/roles/custom/matrix-bridge-appservice-slack/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-appservice-slack/defaults/main.yml rename to roles/custom/matrix-bridge-appservice-slack/defaults/main.yml diff --git a/roles/matrix-bridge-appservice-slack/tasks/init.yml b/roles/custom/matrix-bridge-appservice-slack/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-appservice-slack/tasks/init.yml rename to roles/custom/matrix-bridge-appservice-slack/tasks/init.yml diff --git a/roles/matrix-bridge-appservice-slack/tasks/main.yml b/roles/custom/matrix-bridge-appservice-slack/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-appservice-slack/tasks/main.yml rename to roles/custom/matrix-bridge-appservice-slack/tasks/main.yml diff --git a/roles/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml b/roles/custom/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml similarity index 100% rename from roles/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml rename to roles/custom/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml diff --git a/roles/matrix-bridge-appservice-slack/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-slack/tasks/setup_install.yml similarity index 100% rename from roles/matrix-bridge-appservice-slack/tasks/setup_install.yml rename to roles/custom/matrix-bridge-appservice-slack/tasks/setup_install.yml diff --git a/roles/matrix-bridge-appservice-slack/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-appservice-slack/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-appservice-slack/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-appservice-slack/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-appservice-slack/tasks/validate_config.yml b/roles/custom/matrix-bridge-appservice-slack/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-appservice-slack/tasks/validate_config.yml rename to roles/custom/matrix-bridge-appservice-slack/tasks/validate_config.yml diff --git a/roles/matrix-bridge-appservice-slack/templates/config.yaml.j2 b/roles/custom/matrix-bridge-appservice-slack/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-appservice-slack/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-appservice-slack/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 b/roles/custom/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 similarity index 100% rename from roles/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 rename to roles/custom/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 diff --git a/roles/matrix-bridge-appservice-webhooks/defaults/main.yml b/roles/custom/matrix-bridge-appservice-webhooks/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-appservice-webhooks/defaults/main.yml rename to roles/custom/matrix-bridge-appservice-webhooks/defaults/main.yml diff --git a/roles/matrix-bridge-appservice-webhooks/tasks/init.yml b/roles/custom/matrix-bridge-appservice-webhooks/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-appservice-webhooks/tasks/init.yml rename to roles/custom/matrix-bridge-appservice-webhooks/tasks/init.yml diff --git a/roles/matrix-bridge-appservice-webhooks/tasks/main.yml b/roles/custom/matrix-bridge-appservice-webhooks/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-appservice-webhooks/tasks/main.yml rename to roles/custom/matrix-bridge-appservice-webhooks/tasks/main.yml diff --git a/roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-webhooks/tasks/setup_install.yml similarity index 100% rename from roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml rename to roles/custom/matrix-bridge-appservice-webhooks/tasks/setup_install.yml diff --git a/roles/matrix-bridge-appservice-webhooks/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-appservice-webhooks/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-appservice-webhooks/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-appservice-webhooks/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-appservice-webhooks/tasks/validate_config.yml b/roles/custom/matrix-bridge-appservice-webhooks/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-appservice-webhooks/tasks/validate_config.yml rename to roles/custom/matrix-bridge-appservice-webhooks/tasks/validate_config.yml diff --git a/roles/matrix-bridge-appservice-webhooks/templates/config.yaml.j2 b/roles/custom/matrix-bridge-appservice-webhooks/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-appservice-webhooks/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-appservice-webhooks/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-appservice-webhooks/templates/database.json.j2 b/roles/custom/matrix-bridge-appservice-webhooks/templates/database.json.j2 similarity index 100% rename from roles/matrix-bridge-appservice-webhooks/templates/database.json.j2 rename to roles/custom/matrix-bridge-appservice-webhooks/templates/database.json.j2 diff --git a/roles/matrix-bridge-appservice-webhooks/templates/schema.yml.j2 b/roles/custom/matrix-bridge-appservice-webhooks/templates/schema.yml.j2 similarity index 100% rename from roles/matrix-bridge-appservice-webhooks/templates/schema.yml.j2 rename to roles/custom/matrix-bridge-appservice-webhooks/templates/schema.yml.j2 diff --git a/roles/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 b/roles/custom/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 similarity index 100% rename from roles/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 rename to roles/custom/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 diff --git a/roles/matrix-bridge-beeper-linkedin/defaults/main.yml b/roles/custom/matrix-bridge-beeper-linkedin/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-beeper-linkedin/defaults/main.yml rename to roles/custom/matrix-bridge-beeper-linkedin/defaults/main.yml diff --git a/roles/matrix-bridge-beeper-linkedin/tasks/init.yml b/roles/custom/matrix-bridge-beeper-linkedin/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-beeper-linkedin/tasks/init.yml rename to roles/custom/matrix-bridge-beeper-linkedin/tasks/init.yml diff --git a/roles/matrix-bridge-beeper-linkedin/tasks/main.yml b/roles/custom/matrix-bridge-beeper-linkedin/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-beeper-linkedin/tasks/main.yml rename to roles/custom/matrix-bridge-beeper-linkedin/tasks/main.yml diff --git a/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml b/roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_install.yml similarity index 100% rename from roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml rename to roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_install.yml diff --git a/roles/matrix-bridge-beeper-linkedin/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-beeper-linkedin/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-beeper-linkedin/tasks/validate_config.yml b/roles/custom/matrix-bridge-beeper-linkedin/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-beeper-linkedin/tasks/validate_config.yml rename to roles/custom/matrix-bridge-beeper-linkedin/tasks/validate_config.yml diff --git a/roles/matrix-bridge-beeper-linkedin/templates/config.yaml.j2 b/roles/custom/matrix-bridge-beeper-linkedin/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-beeper-linkedin/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-beeper-linkedin/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 b/roles/custom/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 similarity index 100% rename from roles/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 rename to roles/custom/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 diff --git a/roles/matrix-bridge-go-skype-bridge/defaults/main.yml b/roles/custom/matrix-bridge-go-skype-bridge/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-go-skype-bridge/defaults/main.yml rename to roles/custom/matrix-bridge-go-skype-bridge/defaults/main.yml diff --git a/roles/matrix-bridge-go-skype-bridge/tasks/init.yml b/roles/custom/matrix-bridge-go-skype-bridge/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-go-skype-bridge/tasks/init.yml rename to roles/custom/matrix-bridge-go-skype-bridge/tasks/init.yml diff --git a/roles/matrix-bridge-go-skype-bridge/tasks/main.yml b/roles/custom/matrix-bridge-go-skype-bridge/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-go-skype-bridge/tasks/main.yml rename to roles/custom/matrix-bridge-go-skype-bridge/tasks/main.yml diff --git a/roles/matrix-bridge-go-skype-bridge/tasks/setup_install.yml b/roles/custom/matrix-bridge-go-skype-bridge/tasks/setup_install.yml similarity index 99% rename from roles/matrix-bridge-go-skype-bridge/tasks/setup_install.yml rename to roles/custom/matrix-bridge-go-skype-bridge/tasks/setup_install.yml index 82ccc72c..001855fd 100644 --- a/roles/matrix-bridge-go-skype-bridge/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-go-skype-bridge/tasks/setup_install.yml @@ -31,7 +31,7 @@ pgloader_options: ['--with "quote identifiers"'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-go-skype-bridge/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-go-skype-bridge/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-go-skype-bridge/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-go-skype-bridge/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-go-skype-bridge/tasks/validate_config.yml b/roles/custom/matrix-bridge-go-skype-bridge/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-go-skype-bridge/tasks/validate_config.yml rename to roles/custom/matrix-bridge-go-skype-bridge/tasks/validate_config.yml diff --git a/roles/matrix-bridge-go-skype-bridge/templates/config.yaml.j2 b/roles/custom/matrix-bridge-go-skype-bridge/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-go-skype-bridge/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-go-skype-bridge/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-go-skype-bridge/templates/systemd/matrix-go-skype-bridge.service.j2 b/roles/custom/matrix-bridge-go-skype-bridge/templates/systemd/matrix-go-skype-bridge.service.j2 similarity index 100% rename from roles/matrix-bridge-go-skype-bridge/templates/systemd/matrix-go-skype-bridge.service.j2 rename to roles/custom/matrix-bridge-go-skype-bridge/templates/systemd/matrix-go-skype-bridge.service.j2 diff --git a/roles/matrix-bridge-heisenbridge/defaults/main.yml b/roles/custom/matrix-bridge-heisenbridge/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-heisenbridge/defaults/main.yml rename to roles/custom/matrix-bridge-heisenbridge/defaults/main.yml diff --git a/roles/matrix-bridge-heisenbridge/tasks/init.yml b/roles/custom/matrix-bridge-heisenbridge/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-heisenbridge/tasks/init.yml rename to roles/custom/matrix-bridge-heisenbridge/tasks/init.yml diff --git a/roles/matrix-bridge-heisenbridge/tasks/main.yml b/roles/custom/matrix-bridge-heisenbridge/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-heisenbridge/tasks/main.yml rename to roles/custom/matrix-bridge-heisenbridge/tasks/main.yml diff --git a/roles/matrix-bridge-heisenbridge/tasks/setup_install.yml b/roles/custom/matrix-bridge-heisenbridge/tasks/setup_install.yml similarity index 100% rename from roles/matrix-bridge-heisenbridge/tasks/setup_install.yml rename to roles/custom/matrix-bridge-heisenbridge/tasks/setup_install.yml diff --git a/roles/matrix-bridge-heisenbridge/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-heisenbridge/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-heisenbridge/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-heisenbridge/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-heisenbridge/templates/systemd/matrix-heisenbridge.service.j2 b/roles/custom/matrix-bridge-heisenbridge/templates/systemd/matrix-heisenbridge.service.j2 similarity index 100% rename from roles/matrix-bridge-heisenbridge/templates/systemd/matrix-heisenbridge.service.j2 rename to roles/custom/matrix-bridge-heisenbridge/templates/systemd/matrix-heisenbridge.service.j2 diff --git a/roles/matrix-bridge-hookshot/defaults/main.yml b/roles/custom/matrix-bridge-hookshot/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-hookshot/defaults/main.yml rename to roles/custom/matrix-bridge-hookshot/defaults/main.yml diff --git a/roles/matrix-bridge-hookshot/files/.gitkeep b/roles/custom/matrix-bridge-hookshot/files/.gitkeep similarity index 100% rename from roles/matrix-bridge-hookshot/files/.gitkeep rename to roles/custom/matrix-bridge-hookshot/files/.gitkeep diff --git a/roles/matrix-bridge-hookshot/tasks/init.yml b/roles/custom/matrix-bridge-hookshot/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-hookshot/tasks/init.yml rename to roles/custom/matrix-bridge-hookshot/tasks/init.yml diff --git a/roles/matrix-bridge-hookshot/tasks/main.yml b/roles/custom/matrix-bridge-hookshot/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-hookshot/tasks/main.yml rename to roles/custom/matrix-bridge-hookshot/tasks/main.yml diff --git a/roles/matrix-bridge-hookshot/tasks/setup_install.yml b/roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml similarity index 100% rename from roles/matrix-bridge-hookshot/tasks/setup_install.yml rename to roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml diff --git a/roles/matrix-bridge-hookshot/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-hookshot/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-hookshot/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-hookshot/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-hookshot/tasks/validate_config.yml b/roles/custom/matrix-bridge-hookshot/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-hookshot/tasks/validate_config.yml rename to roles/custom/matrix-bridge-hookshot/tasks/validate_config.yml diff --git a/roles/matrix-bridge-hookshot/templates/config.yml.j2 b/roles/custom/matrix-bridge-hookshot/templates/config.yml.j2 similarity index 100% rename from roles/matrix-bridge-hookshot/templates/config.yml.j2 rename to roles/custom/matrix-bridge-hookshot/templates/config.yml.j2 diff --git a/roles/matrix-bridge-hookshot/templates/registration.yml.j2 b/roles/custom/matrix-bridge-hookshot/templates/registration.yml.j2 similarity index 100% rename from roles/matrix-bridge-hookshot/templates/registration.yml.j2 rename to roles/custom/matrix-bridge-hookshot/templates/registration.yml.j2 diff --git a/roles/matrix-bridge-hookshot/templates/systemd/matrix-hookshot.service.j2 b/roles/custom/matrix-bridge-hookshot/templates/systemd/matrix-hookshot.service.j2 similarity index 100% rename from roles/matrix-bridge-hookshot/templates/systemd/matrix-hookshot.service.j2 rename to roles/custom/matrix-bridge-hookshot/templates/systemd/matrix-hookshot.service.j2 diff --git a/roles/matrix-bridge-mautrix-discord/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-mautrix-discord/defaults/main.yml rename to roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml diff --git a/roles/matrix-bridge-mautrix-discord/tasks/init.yml b/roles/custom/matrix-bridge-mautrix-discord/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-mautrix-discord/tasks/init.yml rename to roles/custom/matrix-bridge-mautrix-discord/tasks/init.yml diff --git a/roles/matrix-bridge-mautrix-discord/tasks/main.yml b/roles/custom/matrix-bridge-mautrix-discord/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-mautrix-discord/tasks/main.yml rename to roles/custom/matrix-bridge-mautrix-discord/tasks/main.yml diff --git a/roles/matrix-bridge-mautrix-discord/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-discord/tasks/setup_install.yml similarity index 99% rename from roles/matrix-bridge-mautrix-discord/tasks/setup_install.yml rename to roles/custom/matrix-bridge-mautrix-discord/tasks/setup_install.yml index ae3862d4..ef36acf5 100644 --- a/roles/matrix-bridge-mautrix-discord/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-discord/tasks/setup_install.yml @@ -31,7 +31,7 @@ pgloader_options: ['--with "quote identifiers"'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mautrix-discord/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mautrix-discord/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-mautrix-discord/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-mautrix-discord/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-mautrix-discord/tasks/validate_config.yml b/roles/custom/matrix-bridge-mautrix-discord/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-mautrix-discord/tasks/validate_config.yml rename to roles/custom/matrix-bridge-mautrix-discord/tasks/validate_config.yml diff --git a/roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mautrix-discord/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-mautrix-discord/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 b/roles/custom/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 rename to roles/custom/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 diff --git a/roles/matrix-bridge-mautrix-facebook/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-facebook/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-mautrix-facebook/defaults/main.yml rename to roles/custom/matrix-bridge-mautrix-facebook/defaults/main.yml diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/init.yml b/roles/custom/matrix-bridge-mautrix-facebook/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-mautrix-facebook/tasks/init.yml rename to roles/custom/matrix-bridge-mautrix-facebook/tasks/init.yml diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/main.yml b/roles/custom/matrix-bridge-mautrix-facebook/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-mautrix-facebook/tasks/main.yml rename to roles/custom/matrix-bridge-mautrix-facebook/tasks/main.yml diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_install.yml similarity index 99% rename from roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml rename to roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_install.yml index 651e7794..9ea0e7a4 100644 --- a/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_install.yml @@ -30,7 +30,7 @@ systemd_services_to_stop: ['matrix-mautrix-facebook.service'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-mautrix-facebook/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/validate_config.yml b/roles/custom/matrix-bridge-mautrix-facebook/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-mautrix-facebook/tasks/validate_config.yml rename to roles/custom/matrix-bridge-mautrix-facebook/tasks/validate_config.yml diff --git a/roles/matrix-bridge-mautrix-facebook/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mautrix-facebook/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-facebook/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-mautrix-facebook/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 b/roles/custom/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 rename to roles/custom/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 diff --git a/roles/matrix-bridge-mautrix-googlechat/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-googlechat/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-mautrix-googlechat/defaults/main.yml rename to roles/custom/matrix-bridge-mautrix-googlechat/defaults/main.yml diff --git a/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml b/roles/custom/matrix-bridge-mautrix-googlechat/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-mautrix-googlechat/tasks/init.yml rename to roles/custom/matrix-bridge-mautrix-googlechat/tasks/init.yml diff --git a/roles/matrix-bridge-mautrix-googlechat/tasks/main.yml b/roles/custom/matrix-bridge-mautrix-googlechat/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-mautrix-googlechat/tasks/main.yml rename to roles/custom/matrix-bridge-mautrix-googlechat/tasks/main.yml diff --git a/roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml similarity index 99% rename from roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml rename to roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml index 2e043def..27ef80c6 100644 --- a/roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml @@ -30,7 +30,7 @@ systemd_services_to_stop: ['matrix-mautrix-googlechat.service'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mautrix-googlechat/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-mautrix-googlechat/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-mautrix-googlechat/tasks/validate_config.yml b/roles/custom/matrix-bridge-mautrix-googlechat/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-mautrix-googlechat/tasks/validate_config.yml rename to roles/custom/matrix-bridge-mautrix-googlechat/tasks/validate_config.yml diff --git a/roles/matrix-bridge-mautrix-googlechat/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mautrix-googlechat/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-googlechat/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-mautrix-googlechat/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2 b/roles/custom/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2 rename to roles/custom/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2 diff --git a/roles/matrix-bridge-mautrix-hangouts/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-hangouts/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-mautrix-hangouts/defaults/main.yml rename to roles/custom/matrix-bridge-mautrix-hangouts/defaults/main.yml diff --git a/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml b/roles/custom/matrix-bridge-mautrix-hangouts/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-mautrix-hangouts/tasks/init.yml rename to roles/custom/matrix-bridge-mautrix-hangouts/tasks/init.yml diff --git a/roles/matrix-bridge-mautrix-hangouts/tasks/main.yml b/roles/custom/matrix-bridge-mautrix-hangouts/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-mautrix-hangouts/tasks/main.yml rename to roles/custom/matrix-bridge-mautrix-hangouts/tasks/main.yml diff --git a/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml similarity index 99% rename from roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml rename to roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml index e62ef21c..65241a33 100644 --- a/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml @@ -30,7 +30,7 @@ systemd_services_to_stop: ['matrix-mautrix-hangouts.service'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mautrix-hangouts/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-mautrix-hangouts/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-mautrix-hangouts/tasks/validate_config.yml b/roles/custom/matrix-bridge-mautrix-hangouts/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-mautrix-hangouts/tasks/validate_config.yml rename to roles/custom/matrix-bridge-mautrix-hangouts/tasks/validate_config.yml diff --git a/roles/matrix-bridge-mautrix-hangouts/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mautrix-hangouts/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-hangouts/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-mautrix-hangouts/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 b/roles/custom/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 rename to roles/custom/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 diff --git a/roles/matrix-bridge-mautrix-instagram/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-instagram/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-mautrix-instagram/defaults/main.yml rename to roles/custom/matrix-bridge-mautrix-instagram/defaults/main.yml diff --git a/roles/matrix-bridge-mautrix-instagram/tasks/init.yml b/roles/custom/matrix-bridge-mautrix-instagram/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-mautrix-instagram/tasks/init.yml rename to roles/custom/matrix-bridge-mautrix-instagram/tasks/init.yml diff --git a/roles/matrix-bridge-mautrix-instagram/tasks/main.yml b/roles/custom/matrix-bridge-mautrix-instagram/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-mautrix-instagram/tasks/main.yml rename to roles/custom/matrix-bridge-mautrix-instagram/tasks/main.yml diff --git a/roles/matrix-bridge-mautrix-instagram/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-instagram/tasks/setup_install.yml similarity index 100% rename from roles/matrix-bridge-mautrix-instagram/tasks/setup_install.yml rename to roles/custom/matrix-bridge-mautrix-instagram/tasks/setup_install.yml diff --git a/roles/matrix-bridge-mautrix-instagram/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mautrix-instagram/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-mautrix-instagram/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-mautrix-instagram/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-mautrix-instagram/tasks/validate_config.yml b/roles/custom/matrix-bridge-mautrix-instagram/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-mautrix-instagram/tasks/validate_config.yml rename to roles/custom/matrix-bridge-mautrix-instagram/tasks/validate_config.yml diff --git a/roles/matrix-bridge-mautrix-instagram/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mautrix-instagram/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-instagram/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-mautrix-instagram/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 b/roles/custom/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 rename to roles/custom/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 diff --git a/roles/matrix-bridge-mautrix-signal/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-mautrix-signal/defaults/main.yml rename to roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml diff --git a/roles/matrix-bridge-mautrix-signal/tasks/init.yml b/roles/custom/matrix-bridge-mautrix-signal/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-mautrix-signal/tasks/init.yml rename to roles/custom/matrix-bridge-mautrix-signal/tasks/init.yml diff --git a/roles/matrix-bridge-mautrix-signal/tasks/main.yml b/roles/custom/matrix-bridge-mautrix-signal/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-mautrix-signal/tasks/main.yml rename to roles/custom/matrix-bridge-mautrix-signal/tasks/main.yml diff --git a/roles/matrix-bridge-mautrix-signal/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-signal/tasks/setup_install.yml similarity index 100% rename from roles/matrix-bridge-mautrix-signal/tasks/setup_install.yml rename to roles/custom/matrix-bridge-mautrix-signal/tasks/setup_install.yml diff --git a/roles/matrix-bridge-mautrix-signal/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mautrix-signal/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-mautrix-signal/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-mautrix-signal/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-mautrix-signal/tasks/validate_config.yml b/roles/custom/matrix-bridge-mautrix-signal/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-mautrix-signal/tasks/validate_config.yml rename to roles/custom/matrix-bridge-mautrix-signal/tasks/validate_config.yml diff --git a/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mautrix-signal/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-mautrix-signal/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-mautrix-signal/templates/env.j2 b/roles/custom/matrix-bridge-mautrix-signal/templates/env.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-signal/templates/env.j2 rename to roles/custom/matrix-bridge-mautrix-signal/templates/env.j2 diff --git a/roles/matrix-bridge-mautrix-signal/templates/registration.yaml.j2 b/roles/custom/matrix-bridge-mautrix-signal/templates/registration.yaml.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-signal/templates/registration.yaml.j2 rename to roles/custom/matrix-bridge-mautrix-signal/templates/registration.yaml.j2 diff --git a/roles/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 b/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 rename to roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 diff --git a/roles/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 b/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 rename to roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 diff --git a/roles/matrix-bridge-mautrix-telegram/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-telegram/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-mautrix-telegram/defaults/main.yml rename to roles/custom/matrix-bridge-mautrix-telegram/defaults/main.yml diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/init.yml b/roles/custom/matrix-bridge-mautrix-telegram/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-mautrix-telegram/tasks/init.yml rename to roles/custom/matrix-bridge-mautrix-telegram/tasks/init.yml diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/main.yml b/roles/custom/matrix-bridge-mautrix-telegram/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-mautrix-telegram/tasks/main.yml rename to roles/custom/matrix-bridge-mautrix-telegram/tasks/main.yml diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_install.yml similarity index 99% rename from roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml rename to roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_install.yml index 3d6e66f6..05c5121a 100644 --- a/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_install.yml @@ -30,7 +30,7 @@ systemd_services_to_stop: ['matrix-mautrix-telegram.service'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-mautrix-telegram/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/validate_config.yml b/roles/custom/matrix-bridge-mautrix-telegram/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-mautrix-telegram/tasks/validate_config.yml rename to roles/custom/matrix-bridge-mautrix-telegram/tasks/validate_config.yml diff --git a/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 b/roles/custom/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 rename to roles/custom/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 diff --git a/roles/matrix-bridge-mautrix-twitter/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-twitter/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-mautrix-twitter/defaults/main.yml rename to roles/custom/matrix-bridge-mautrix-twitter/defaults/main.yml diff --git a/roles/matrix-bridge-mautrix-twitter/tasks/init.yml b/roles/custom/matrix-bridge-mautrix-twitter/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-mautrix-twitter/tasks/init.yml rename to roles/custom/matrix-bridge-mautrix-twitter/tasks/init.yml diff --git a/roles/matrix-bridge-mautrix-twitter/tasks/main.yml b/roles/custom/matrix-bridge-mautrix-twitter/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-mautrix-twitter/tasks/main.yml rename to roles/custom/matrix-bridge-mautrix-twitter/tasks/main.yml diff --git a/roles/matrix-bridge-mautrix-twitter/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-twitter/tasks/setup_install.yml similarity index 100% rename from roles/matrix-bridge-mautrix-twitter/tasks/setup_install.yml rename to roles/custom/matrix-bridge-mautrix-twitter/tasks/setup_install.yml diff --git a/roles/matrix-bridge-mautrix-twitter/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mautrix-twitter/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-mautrix-twitter/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-mautrix-twitter/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-mautrix-twitter/tasks/validate_config.yml b/roles/custom/matrix-bridge-mautrix-twitter/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-mautrix-twitter/tasks/validate_config.yml rename to roles/custom/matrix-bridge-mautrix-twitter/tasks/validate_config.yml diff --git a/roles/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 b/roles/custom/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 rename to roles/custom/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 diff --git a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml rename to roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml diff --git a/roles/matrix-bridge-mautrix-whatsapp/tasks/init.yml b/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-mautrix-whatsapp/tasks/init.yml rename to roles/custom/matrix-bridge-mautrix-whatsapp/tasks/init.yml diff --git a/roles/matrix-bridge-mautrix-whatsapp/tasks/main.yml b/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-mautrix-whatsapp/tasks/main.yml rename to roles/custom/matrix-bridge-mautrix-whatsapp/tasks/main.yml diff --git a/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml similarity index 99% rename from roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml rename to roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml index 20dd2cc1..d50be0a4 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml @@ -31,7 +31,7 @@ pgloader_options: ['--with "quote identifiers"'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-mautrix-whatsapp/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-mautrix-whatsapp/tasks/validate_config.yml b/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-mautrix-whatsapp/tasks/validate_config.yml rename to roles/custom/matrix-bridge-mautrix-whatsapp/tasks/validate_config.yml diff --git a/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 b/roles/custom/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 rename to roles/custom/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 diff --git a/roles/matrix-bridge-mx-puppet-discord/defaults/main.yml b/roles/custom/matrix-bridge-mx-puppet-discord/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-discord/defaults/main.yml rename to roles/custom/matrix-bridge-mx-puppet-discord/defaults/main.yml diff --git a/roles/matrix-bridge-mx-puppet-discord/tasks/init.yml b/roles/custom/matrix-bridge-mx-puppet-discord/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-discord/tasks/init.yml rename to roles/custom/matrix-bridge-mx-puppet-discord/tasks/init.yml diff --git a/roles/matrix-bridge-mx-puppet-discord/tasks/main.yml b/roles/custom/matrix-bridge-mx-puppet-discord/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-discord/tasks/main.yml rename to roles/custom/matrix-bridge-mx-puppet-discord/tasks/main.yml diff --git a/roles/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml b/roles/custom/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml similarity index 99% rename from roles/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml rename to roles/custom/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml index 715c9e42..d9b330bb 100644 --- a/roles/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml @@ -64,7 +64,7 @@ systemd_services_to_stop: ['matrix-mx-puppet-discord.service'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mx-puppet-discord/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mx-puppet-discord/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-discord/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-mx-puppet-discord/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-mx-puppet-discord/tasks/validate_config.yml b/roles/custom/matrix-bridge-mx-puppet-discord/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-discord/tasks/validate_config.yml rename to roles/custom/matrix-bridge-mx-puppet-discord/tasks/validate_config.yml diff --git a/roles/matrix-bridge-mx-puppet-discord/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mx-puppet-discord/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-mx-puppet-discord/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-mx-puppet-discord/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 b/roles/custom/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 similarity index 100% rename from roles/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 rename to roles/custom/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 diff --git a/roles/matrix-bridge-mx-puppet-groupme/defaults/main.yml b/roles/custom/matrix-bridge-mx-puppet-groupme/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-groupme/defaults/main.yml rename to roles/custom/matrix-bridge-mx-puppet-groupme/defaults/main.yml diff --git a/roles/matrix-bridge-mx-puppet-groupme/tasks/init.yml b/roles/custom/matrix-bridge-mx-puppet-groupme/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-groupme/tasks/init.yml rename to roles/custom/matrix-bridge-mx-puppet-groupme/tasks/init.yml diff --git a/roles/matrix-bridge-mx-puppet-groupme/tasks/main.yml b/roles/custom/matrix-bridge-mx-puppet-groupme/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-groupme/tasks/main.yml rename to roles/custom/matrix-bridge-mx-puppet-groupme/tasks/main.yml diff --git a/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml b/roles/custom/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml similarity index 99% rename from roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml rename to roles/custom/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml index 4e33961b..cee7f41e 100644 --- a/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml @@ -62,7 +62,7 @@ systemd_services_to_stop: ['matrix-mx-puppet-groupme.service'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mx-puppet-groupme/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-groupme/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-mx-puppet-groupme/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-mx-puppet-groupme/tasks/validate_config.yml b/roles/custom/matrix-bridge-mx-puppet-groupme/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-groupme/tasks/validate_config.yml rename to roles/custom/matrix-bridge-mx-puppet-groupme/tasks/validate_config.yml diff --git a/roles/matrix-bridge-mx-puppet-groupme/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mx-puppet-groupme/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-mx-puppet-groupme/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-mx-puppet-groupme/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 b/roles/custom/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 similarity index 100% rename from roles/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 rename to roles/custom/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 diff --git a/roles/matrix-bridge-mx-puppet-instagram/defaults/main.yml b/roles/custom/matrix-bridge-mx-puppet-instagram/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-instagram/defaults/main.yml rename to roles/custom/matrix-bridge-mx-puppet-instagram/defaults/main.yml diff --git a/roles/matrix-bridge-mx-puppet-instagram/tasks/init.yml b/roles/custom/matrix-bridge-mx-puppet-instagram/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-instagram/tasks/init.yml rename to roles/custom/matrix-bridge-mx-puppet-instagram/tasks/init.yml diff --git a/roles/matrix-bridge-mx-puppet-instagram/tasks/main.yml b/roles/custom/matrix-bridge-mx-puppet-instagram/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-instagram/tasks/main.yml rename to roles/custom/matrix-bridge-mx-puppet-instagram/tasks/main.yml diff --git a/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml b/roles/custom/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml similarity index 99% rename from roles/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml rename to roles/custom/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml index 7b1a26ee..9f0468c1 100644 --- a/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml @@ -31,7 +31,7 @@ systemd_services_to_stop: ['matrix-mx-puppet-instagram.service'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mx-puppet-instagram/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-instagram/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-mx-puppet-instagram/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-mx-puppet-instagram/tasks/validate_config.yml b/roles/custom/matrix-bridge-mx-puppet-instagram/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-instagram/tasks/validate_config.yml rename to roles/custom/matrix-bridge-mx-puppet-instagram/tasks/validate_config.yml diff --git a/roles/matrix-bridge-mx-puppet-instagram/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mx-puppet-instagram/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-mx-puppet-instagram/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-mx-puppet-instagram/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 b/roles/custom/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 similarity index 100% rename from roles/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 rename to roles/custom/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 diff --git a/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml b/roles/custom/matrix-bridge-mx-puppet-slack/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-slack/defaults/main.yml rename to roles/custom/matrix-bridge-mx-puppet-slack/defaults/main.yml diff --git a/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml b/roles/custom/matrix-bridge-mx-puppet-slack/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-slack/tasks/init.yml rename to roles/custom/matrix-bridge-mx-puppet-slack/tasks/init.yml diff --git a/roles/matrix-bridge-mx-puppet-slack/tasks/main.yml b/roles/custom/matrix-bridge-mx-puppet-slack/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-slack/tasks/main.yml rename to roles/custom/matrix-bridge-mx-puppet-slack/tasks/main.yml diff --git a/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml b/roles/custom/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml similarity index 99% rename from roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml rename to roles/custom/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml index db584124..78ac6f08 100644 --- a/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml @@ -58,7 +58,7 @@ systemd_services_to_stop: ['matrix-mx-puppet-slack.service'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mx-puppet-slack/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mx-puppet-slack/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-slack/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-mx-puppet-slack/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-mx-puppet-slack/tasks/validate_config.yml b/roles/custom/matrix-bridge-mx-puppet-slack/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-slack/tasks/validate_config.yml rename to roles/custom/matrix-bridge-mx-puppet-slack/tasks/validate_config.yml diff --git a/roles/matrix-bridge-mx-puppet-slack/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mx-puppet-slack/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-mx-puppet-slack/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-mx-puppet-slack/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 b/roles/custom/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 similarity index 100% rename from roles/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 rename to roles/custom/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 diff --git a/roles/matrix-bridge-mx-puppet-steam/defaults/main.yml b/roles/custom/matrix-bridge-mx-puppet-steam/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-steam/defaults/main.yml rename to roles/custom/matrix-bridge-mx-puppet-steam/defaults/main.yml diff --git a/roles/matrix-bridge-mx-puppet-steam/tasks/init.yml b/roles/custom/matrix-bridge-mx-puppet-steam/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-steam/tasks/init.yml rename to roles/custom/matrix-bridge-mx-puppet-steam/tasks/init.yml diff --git a/roles/matrix-bridge-mx-puppet-steam/tasks/main.yml b/roles/custom/matrix-bridge-mx-puppet-steam/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-steam/tasks/main.yml rename to roles/custom/matrix-bridge-mx-puppet-steam/tasks/main.yml diff --git a/roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml b/roles/custom/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml similarity index 99% rename from roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml rename to roles/custom/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml index 9875dcce..0cccd7fe 100644 --- a/roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml @@ -62,7 +62,7 @@ systemd_services_to_stop: ['matrix-mx-puppet-steam.service'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mx-puppet-steam/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mx-puppet-steam/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-steam/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-mx-puppet-steam/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-mx-puppet-steam/tasks/validate_config.yml b/roles/custom/matrix-bridge-mx-puppet-steam/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-steam/tasks/validate_config.yml rename to roles/custom/matrix-bridge-mx-puppet-steam/tasks/validate_config.yml diff --git a/roles/matrix-bridge-mx-puppet-steam/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mx-puppet-steam/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-mx-puppet-steam/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-mx-puppet-steam/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 b/roles/custom/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 similarity index 100% rename from roles/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 rename to roles/custom/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 diff --git a/roles/matrix-bridge-mx-puppet-twitter/defaults/main.yml b/roles/custom/matrix-bridge-mx-puppet-twitter/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-twitter/defaults/main.yml rename to roles/custom/matrix-bridge-mx-puppet-twitter/defaults/main.yml diff --git a/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml b/roles/custom/matrix-bridge-mx-puppet-twitter/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml rename to roles/custom/matrix-bridge-mx-puppet-twitter/tasks/init.yml diff --git a/roles/matrix-bridge-mx-puppet-twitter/tasks/main.yml b/roles/custom/matrix-bridge-mx-puppet-twitter/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-twitter/tasks/main.yml rename to roles/custom/matrix-bridge-mx-puppet-twitter/tasks/main.yml diff --git a/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml b/roles/custom/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml similarity index 99% rename from roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml rename to roles/custom/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml index 87da97b9..167a62bb 100644 --- a/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml @@ -62,7 +62,7 @@ systemd_services_to_stop: ['matrix-mx-puppet-twitter.service'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mx-puppet-twitter/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-twitter/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-mx-puppet-twitter/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-mx-puppet-twitter/tasks/validate_config.yml b/roles/custom/matrix-bridge-mx-puppet-twitter/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-twitter/tasks/validate_config.yml rename to roles/custom/matrix-bridge-mx-puppet-twitter/tasks/validate_config.yml diff --git a/roles/matrix-bridge-mx-puppet-twitter/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mx-puppet-twitter/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-mx-puppet-twitter/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-mx-puppet-twitter/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 b/roles/custom/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 similarity index 100% rename from roles/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 rename to roles/custom/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 diff --git a/roles/matrix-bridge-sms/defaults/main.yml b/roles/custom/matrix-bridge-sms/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-sms/defaults/main.yml rename to roles/custom/matrix-bridge-sms/defaults/main.yml diff --git a/roles/matrix-bridge-sms/tasks/init.yml b/roles/custom/matrix-bridge-sms/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-sms/tasks/init.yml rename to roles/custom/matrix-bridge-sms/tasks/init.yml diff --git a/roles/matrix-bridge-sms/tasks/main.yml b/roles/custom/matrix-bridge-sms/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-sms/tasks/main.yml rename to roles/custom/matrix-bridge-sms/tasks/main.yml diff --git a/roles/matrix-bridge-sms/tasks/setup_install.yml b/roles/custom/matrix-bridge-sms/tasks/setup_install.yml similarity index 100% rename from roles/matrix-bridge-sms/tasks/setup_install.yml rename to roles/custom/matrix-bridge-sms/tasks/setup_install.yml diff --git a/roles/matrix-bridge-sms/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-sms/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-sms/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-sms/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-sms/tasks/validate_config.yml b/roles/custom/matrix-bridge-sms/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-sms/tasks/validate_config.yml rename to roles/custom/matrix-bridge-sms/tasks/validate_config.yml diff --git a/roles/matrix-bridge-sms/templates/systemd/matrix-sms-bridge.service.j2 b/roles/custom/matrix-bridge-sms/templates/systemd/matrix-sms-bridge.service.j2 similarity index 100% rename from roles/matrix-bridge-sms/templates/systemd/matrix-sms-bridge.service.j2 rename to roles/custom/matrix-bridge-sms/templates/systemd/matrix-sms-bridge.service.j2 diff --git a/roles/matrix-cactus-comments/defaults/main.yml b/roles/custom/matrix-cactus-comments/defaults/main.yml similarity index 100% rename from roles/matrix-cactus-comments/defaults/main.yml rename to roles/custom/matrix-cactus-comments/defaults/main.yml diff --git a/roles/matrix-cactus-comments/tasks/init.yml b/roles/custom/matrix-cactus-comments/tasks/init.yml similarity index 100% rename from roles/matrix-cactus-comments/tasks/init.yml rename to roles/custom/matrix-cactus-comments/tasks/init.yml diff --git a/roles/matrix-cactus-comments/tasks/main.yml b/roles/custom/matrix-cactus-comments/tasks/main.yml similarity index 100% rename from roles/matrix-cactus-comments/tasks/main.yml rename to roles/custom/matrix-cactus-comments/tasks/main.yml diff --git a/roles/matrix-cactus-comments/tasks/setup_install.yml b/roles/custom/matrix-cactus-comments/tasks/setup_install.yml similarity index 100% rename from roles/matrix-cactus-comments/tasks/setup_install.yml rename to roles/custom/matrix-cactus-comments/tasks/setup_install.yml diff --git a/roles/matrix-cactus-comments/tasks/setup_uninstall.yml b/roles/custom/matrix-cactus-comments/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-cactus-comments/tasks/setup_uninstall.yml rename to roles/custom/matrix-cactus-comments/tasks/setup_uninstall.yml diff --git a/roles/matrix-cactus-comments/tasks/validate_config.yml b/roles/custom/matrix-cactus-comments/tasks/validate_config.yml similarity index 100% rename from roles/matrix-cactus-comments/tasks/validate_config.yml rename to roles/custom/matrix-cactus-comments/tasks/validate_config.yml diff --git a/roles/matrix-cactus-comments/templates/cactus_appservice.yaml.j2 b/roles/custom/matrix-cactus-comments/templates/cactus_appservice.yaml.j2 similarity index 100% rename from roles/matrix-cactus-comments/templates/cactus_appservice.yaml.j2 rename to roles/custom/matrix-cactus-comments/templates/cactus_appservice.yaml.j2 diff --git a/roles/matrix-cactus-comments/templates/env.j2 b/roles/custom/matrix-cactus-comments/templates/env.j2 similarity index 100% rename from roles/matrix-cactus-comments/templates/env.j2 rename to roles/custom/matrix-cactus-comments/templates/env.j2 diff --git a/roles/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 b/roles/custom/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 similarity index 100% rename from roles/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 rename to roles/custom/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 diff --git a/roles/matrix-client-cinny/defaults/main.yml b/roles/custom/matrix-client-cinny/defaults/main.yml similarity index 100% rename from roles/matrix-client-cinny/defaults/main.yml rename to roles/custom/matrix-client-cinny/defaults/main.yml diff --git a/roles/matrix-client-cinny/tasks/init.yml b/roles/custom/matrix-client-cinny/tasks/init.yml similarity index 100% rename from roles/matrix-client-cinny/tasks/init.yml rename to roles/custom/matrix-client-cinny/tasks/init.yml diff --git a/roles/matrix-client-cinny/tasks/main.yml b/roles/custom/matrix-client-cinny/tasks/main.yml similarity index 100% rename from roles/matrix-client-cinny/tasks/main.yml rename to roles/custom/matrix-client-cinny/tasks/main.yml diff --git a/roles/matrix-client-cinny/tasks/self_check.yml b/roles/custom/matrix-client-cinny/tasks/self_check.yml similarity index 100% rename from roles/matrix-client-cinny/tasks/self_check.yml rename to roles/custom/matrix-client-cinny/tasks/self_check.yml diff --git a/roles/matrix-client-cinny/tasks/setup_install.yml b/roles/custom/matrix-client-cinny/tasks/setup_install.yml similarity index 100% rename from roles/matrix-client-cinny/tasks/setup_install.yml rename to roles/custom/matrix-client-cinny/tasks/setup_install.yml diff --git a/roles/matrix-client-cinny/tasks/setup_uninstall.yml b/roles/custom/matrix-client-cinny/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-client-cinny/tasks/setup_uninstall.yml rename to roles/custom/matrix-client-cinny/tasks/setup_uninstall.yml diff --git a/roles/matrix-client-cinny/tasks/validate_config.yml b/roles/custom/matrix-client-cinny/tasks/validate_config.yml similarity index 100% rename from roles/matrix-client-cinny/tasks/validate_config.yml rename to roles/custom/matrix-client-cinny/tasks/validate_config.yml diff --git a/roles/matrix-client-cinny/templates/config.json.j2 b/roles/custom/matrix-client-cinny/templates/config.json.j2 similarity index 100% rename from roles/matrix-client-cinny/templates/config.json.j2 rename to roles/custom/matrix-client-cinny/templates/config.json.j2 diff --git a/roles/matrix-client-cinny/templates/nginx.conf.j2 b/roles/custom/matrix-client-cinny/templates/nginx.conf.j2 similarity index 100% rename from roles/matrix-client-cinny/templates/nginx.conf.j2 rename to roles/custom/matrix-client-cinny/templates/nginx.conf.j2 diff --git a/roles/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2 b/roles/custom/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2 similarity index 100% rename from roles/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2 rename to roles/custom/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2 diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/custom/matrix-client-element/defaults/main.yml similarity index 100% rename from roles/matrix-client-element/defaults/main.yml rename to roles/custom/matrix-client-element/defaults/main.yml diff --git a/roles/matrix-client-element/tasks/init.yml b/roles/custom/matrix-client-element/tasks/init.yml similarity index 100% rename from roles/matrix-client-element/tasks/init.yml rename to roles/custom/matrix-client-element/tasks/init.yml diff --git a/roles/matrix-client-element/tasks/main.yml b/roles/custom/matrix-client-element/tasks/main.yml similarity index 100% rename from roles/matrix-client-element/tasks/main.yml rename to roles/custom/matrix-client-element/tasks/main.yml diff --git a/roles/matrix-client-element/tasks/migrate_riot_web.yml b/roles/custom/matrix-client-element/tasks/migrate_riot_web.yml similarity index 100% rename from roles/matrix-client-element/tasks/migrate_riot_web.yml rename to roles/custom/matrix-client-element/tasks/migrate_riot_web.yml diff --git a/roles/matrix-client-element/tasks/prepare_themes.yml b/roles/custom/matrix-client-element/tasks/prepare_themes.yml similarity index 100% rename from roles/matrix-client-element/tasks/prepare_themes.yml rename to roles/custom/matrix-client-element/tasks/prepare_themes.yml diff --git a/roles/matrix-client-element/tasks/self_check.yml b/roles/custom/matrix-client-element/tasks/self_check.yml similarity index 100% rename from roles/matrix-client-element/tasks/self_check.yml rename to roles/custom/matrix-client-element/tasks/self_check.yml diff --git a/roles/matrix-client-element/tasks/setup_install.yml b/roles/custom/matrix-client-element/tasks/setup_install.yml similarity index 100% rename from roles/matrix-client-element/tasks/setup_install.yml rename to roles/custom/matrix-client-element/tasks/setup_install.yml diff --git a/roles/matrix-client-element/tasks/setup_uninstall.yml b/roles/custom/matrix-client-element/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-client-element/tasks/setup_uninstall.yml rename to roles/custom/matrix-client-element/tasks/setup_uninstall.yml diff --git a/roles/matrix-client-element/tasks/validate_config.yml b/roles/custom/matrix-client-element/tasks/validate_config.yml similarity index 100% rename from roles/matrix-client-element/tasks/validate_config.yml rename to roles/custom/matrix-client-element/tasks/validate_config.yml diff --git a/roles/matrix-client-element/templates/config.json.j2 b/roles/custom/matrix-client-element/templates/config.json.j2 similarity index 100% rename from roles/matrix-client-element/templates/config.json.j2 rename to roles/custom/matrix-client-element/templates/config.json.j2 diff --git a/roles/matrix-client-element/templates/nginx.conf.j2 b/roles/custom/matrix-client-element/templates/nginx.conf.j2 similarity index 100% rename from roles/matrix-client-element/templates/nginx.conf.j2 rename to roles/custom/matrix-client-element/templates/nginx.conf.j2 diff --git a/roles/matrix-client-element/templates/systemd/matrix-client-element.service.j2 b/roles/custom/matrix-client-element/templates/systemd/matrix-client-element.service.j2 similarity index 100% rename from roles/matrix-client-element/templates/systemd/matrix-client-element.service.j2 rename to roles/custom/matrix-client-element/templates/systemd/matrix-client-element.service.j2 diff --git a/roles/matrix-client-element/templates/welcome.html.j2 b/roles/custom/matrix-client-element/templates/welcome.html.j2 similarity index 100% rename from roles/matrix-client-element/templates/welcome.html.j2 rename to roles/custom/matrix-client-element/templates/welcome.html.j2 diff --git a/roles/matrix-client-element/vars/main.yml b/roles/custom/matrix-client-element/vars/main.yml similarity index 100% rename from roles/matrix-client-element/vars/main.yml rename to roles/custom/matrix-client-element/vars/main.yml diff --git a/roles/matrix-client-hydrogen/defaults/main.yml b/roles/custom/matrix-client-hydrogen/defaults/main.yml similarity index 100% rename from roles/matrix-client-hydrogen/defaults/main.yml rename to roles/custom/matrix-client-hydrogen/defaults/main.yml diff --git a/roles/matrix-client-hydrogen/tasks/init.yml b/roles/custom/matrix-client-hydrogen/tasks/init.yml similarity index 100% rename from roles/matrix-client-hydrogen/tasks/init.yml rename to roles/custom/matrix-client-hydrogen/tasks/init.yml diff --git a/roles/matrix-client-hydrogen/tasks/main.yml b/roles/custom/matrix-client-hydrogen/tasks/main.yml similarity index 100% rename from roles/matrix-client-hydrogen/tasks/main.yml rename to roles/custom/matrix-client-hydrogen/tasks/main.yml diff --git a/roles/matrix-client-hydrogen/tasks/self_check.yml b/roles/custom/matrix-client-hydrogen/tasks/self_check.yml similarity index 100% rename from roles/matrix-client-hydrogen/tasks/self_check.yml rename to roles/custom/matrix-client-hydrogen/tasks/self_check.yml diff --git a/roles/matrix-client-hydrogen/tasks/setup_install.yml b/roles/custom/matrix-client-hydrogen/tasks/setup_install.yml similarity index 100% rename from roles/matrix-client-hydrogen/tasks/setup_install.yml rename to roles/custom/matrix-client-hydrogen/tasks/setup_install.yml diff --git a/roles/matrix-client-hydrogen/tasks/setup_uninstall.yml b/roles/custom/matrix-client-hydrogen/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-client-hydrogen/tasks/setup_uninstall.yml rename to roles/custom/matrix-client-hydrogen/tasks/setup_uninstall.yml diff --git a/roles/matrix-client-hydrogen/tasks/validate_config.yml b/roles/custom/matrix-client-hydrogen/tasks/validate_config.yml similarity index 100% rename from roles/matrix-client-hydrogen/tasks/validate_config.yml rename to roles/custom/matrix-client-hydrogen/tasks/validate_config.yml diff --git a/roles/matrix-client-hydrogen/templates/config.json.j2 b/roles/custom/matrix-client-hydrogen/templates/config.json.j2 similarity index 100% rename from roles/matrix-client-hydrogen/templates/config.json.j2 rename to roles/custom/matrix-client-hydrogen/templates/config.json.j2 diff --git a/roles/matrix-client-hydrogen/templates/nginx.conf.j2 b/roles/custom/matrix-client-hydrogen/templates/nginx.conf.j2 similarity index 100% rename from roles/matrix-client-hydrogen/templates/nginx.conf.j2 rename to roles/custom/matrix-client-hydrogen/templates/nginx.conf.j2 diff --git a/roles/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2 b/roles/custom/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2 similarity index 100% rename from roles/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2 rename to roles/custom/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2 diff --git a/roles/matrix-common-after/defaults/main.yml b/roles/custom/matrix-common-after/defaults/main.yml similarity index 100% rename from roles/matrix-common-after/defaults/main.yml rename to roles/custom/matrix-common-after/defaults/main.yml diff --git a/roles/matrix-common-after/tasks/dump_runtime_results.yml b/roles/custom/matrix-common-after/tasks/dump_runtime_results.yml similarity index 100% rename from roles/matrix-common-after/tasks/dump_runtime_results.yml rename to roles/custom/matrix-common-after/tasks/dump_runtime_results.yml diff --git a/roles/matrix-common-after/tasks/main.yml b/roles/custom/matrix-common-after/tasks/main.yml similarity index 100% rename from roles/matrix-common-after/tasks/main.yml rename to roles/custom/matrix-common-after/tasks/main.yml diff --git a/roles/matrix-common-after/tasks/run_docker_prune.yml b/roles/custom/matrix-common-after/tasks/run_docker_prune.yml similarity index 100% rename from roles/matrix-common-after/tasks/run_docker_prune.yml rename to roles/custom/matrix-common-after/tasks/run_docker_prune.yml diff --git a/roles/matrix-common-after/tasks/start.yml b/roles/custom/matrix-common-after/tasks/start.yml similarity index 97% rename from roles/matrix-common-after/tasks/start.yml rename to roles/custom/matrix-common-after/tasks/start.yml index c88eb64f..a781dab7 100644 --- a/roles/matrix-common-after/tasks/start.yml +++ b/roles/custom/matrix-common-after/tasks/start.yml @@ -47,7 +47,7 @@ Try running `systemctl status {{ item }}` and `journalctl -fu {{ item }}` on the server to investigate. If you're on a slow or overloaded server, it may be that services take a longer time to start and that this error is a false-positive. You can consider raising the value of the `matrix_common_after_systemd_service_start_wait_for_timeout_seconds` variable. - See `roles/matrix-common-after/defaults/main.yml` for more details about that. + See `roles/custom/matrix-common-after/defaults/main.yml` for more details about that. with_items: "{{ matrix_systemd_services_list }}" when: - "item.endswith('.service') and (ansible_facts.services[item] | default(none) is none or ansible_facts.services[item].state != 'running')" diff --git a/roles/matrix-common-after/tasks/stop.yml b/roles/custom/matrix-common-after/tasks/stop.yml similarity index 100% rename from roles/matrix-common-after/tasks/stop.yml rename to roles/custom/matrix-common-after/tasks/stop.yml diff --git a/roles/matrix-conduit/defaults/main.yml b/roles/custom/matrix-conduit/defaults/main.yml similarity index 100% rename from roles/matrix-conduit/defaults/main.yml rename to roles/custom/matrix-conduit/defaults/main.yml diff --git a/roles/matrix-conduit/tasks/conduit/setup.yml b/roles/custom/matrix-conduit/tasks/conduit/setup.yml similarity index 100% rename from roles/matrix-conduit/tasks/conduit/setup.yml rename to roles/custom/matrix-conduit/tasks/conduit/setup.yml diff --git a/roles/matrix-conduit/tasks/conduit/setup_install.yml b/roles/custom/matrix-conduit/tasks/conduit/setup_install.yml similarity index 100% rename from roles/matrix-conduit/tasks/conduit/setup_install.yml rename to roles/custom/matrix-conduit/tasks/conduit/setup_install.yml diff --git a/roles/matrix-conduit/tasks/conduit/setup_uninstall.yml b/roles/custom/matrix-conduit/tasks/conduit/setup_uninstall.yml similarity index 100% rename from roles/matrix-conduit/tasks/conduit/setup_uninstall.yml rename to roles/custom/matrix-conduit/tasks/conduit/setup_uninstall.yml diff --git a/roles/matrix-conduit/tasks/init.yml b/roles/custom/matrix-conduit/tasks/init.yml similarity index 100% rename from roles/matrix-conduit/tasks/init.yml rename to roles/custom/matrix-conduit/tasks/init.yml diff --git a/roles/matrix-conduit/tasks/main.yml b/roles/custom/matrix-conduit/tasks/main.yml similarity index 100% rename from roles/matrix-conduit/tasks/main.yml rename to roles/custom/matrix-conduit/tasks/main.yml diff --git a/roles/matrix-conduit/templates/conduit/conduit.toml.j2 b/roles/custom/matrix-conduit/templates/conduit/conduit.toml.j2 similarity index 100% rename from roles/matrix-conduit/templates/conduit/conduit.toml.j2 rename to roles/custom/matrix-conduit/templates/conduit/conduit.toml.j2 diff --git a/roles/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 b/roles/custom/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 similarity index 100% rename from roles/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 rename to roles/custom/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 diff --git a/roles/matrix-conduit/vars/main.yml b/roles/custom/matrix-conduit/vars/main.yml similarity index 100% rename from roles/matrix-conduit/vars/main.yml rename to roles/custom/matrix-conduit/vars/main.yml diff --git a/roles/matrix-corporal/defaults/main.yml b/roles/custom/matrix-corporal/defaults/main.yml similarity index 100% rename from roles/matrix-corporal/defaults/main.yml rename to roles/custom/matrix-corporal/defaults/main.yml diff --git a/roles/matrix-corporal/tasks/init.yml b/roles/custom/matrix-corporal/tasks/init.yml similarity index 100% rename from roles/matrix-corporal/tasks/init.yml rename to roles/custom/matrix-corporal/tasks/init.yml diff --git a/roles/matrix-corporal/tasks/main.yml b/roles/custom/matrix-corporal/tasks/main.yml similarity index 100% rename from roles/matrix-corporal/tasks/main.yml rename to roles/custom/matrix-corporal/tasks/main.yml diff --git a/roles/matrix-corporal/tasks/self_check_corporal.yml b/roles/custom/matrix-corporal/tasks/self_check_corporal.yml similarity index 100% rename from roles/matrix-corporal/tasks/self_check_corporal.yml rename to roles/custom/matrix-corporal/tasks/self_check_corporal.yml diff --git a/roles/matrix-corporal/tasks/setup_corporal.yml b/roles/custom/matrix-corporal/tasks/setup_corporal.yml similarity index 100% rename from roles/matrix-corporal/tasks/setup_corporal.yml rename to roles/custom/matrix-corporal/tasks/setup_corporal.yml diff --git a/roles/matrix-corporal/tasks/validate_config.yml b/roles/custom/matrix-corporal/tasks/validate_config.yml similarity index 100% rename from roles/matrix-corporal/tasks/validate_config.yml rename to roles/custom/matrix-corporal/tasks/validate_config.yml diff --git a/roles/matrix-corporal/templates/config.json.j2 b/roles/custom/matrix-corporal/templates/config.json.j2 similarity index 100% rename from roles/matrix-corporal/templates/config.json.j2 rename to roles/custom/matrix-corporal/templates/config.json.j2 diff --git a/roles/matrix-corporal/templates/systemd/matrix-corporal.service.j2 b/roles/custom/matrix-corporal/templates/systemd/matrix-corporal.service.j2 similarity index 100% rename from roles/matrix-corporal/templates/systemd/matrix-corporal.service.j2 rename to roles/custom/matrix-corporal/templates/systemd/matrix-corporal.service.j2 diff --git a/roles/matrix-coturn/defaults/main.yml b/roles/custom/matrix-coturn/defaults/main.yml similarity index 100% rename from roles/matrix-coturn/defaults/main.yml rename to roles/custom/matrix-coturn/defaults/main.yml diff --git a/roles/matrix-coturn/tasks/init.yml b/roles/custom/matrix-coturn/tasks/init.yml similarity index 100% rename from roles/matrix-coturn/tasks/init.yml rename to roles/custom/matrix-coturn/tasks/init.yml diff --git a/roles/matrix-coturn/tasks/main.yml b/roles/custom/matrix-coturn/tasks/main.yml similarity index 100% rename from roles/matrix-coturn/tasks/main.yml rename to roles/custom/matrix-coturn/tasks/main.yml diff --git a/roles/matrix-coturn/tasks/setup_install.yml b/roles/custom/matrix-coturn/tasks/setup_install.yml similarity index 100% rename from roles/matrix-coturn/tasks/setup_install.yml rename to roles/custom/matrix-coturn/tasks/setup_install.yml diff --git a/roles/matrix-coturn/tasks/setup_uninstall.yml b/roles/custom/matrix-coturn/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-coturn/tasks/setup_uninstall.yml rename to roles/custom/matrix-coturn/tasks/setup_uninstall.yml diff --git a/roles/matrix-coturn/tasks/validate_config.yml b/roles/custom/matrix-coturn/tasks/validate_config.yml similarity index 100% rename from roles/matrix-coturn/tasks/validate_config.yml rename to roles/custom/matrix-coturn/tasks/validate_config.yml diff --git a/roles/matrix-coturn/templates/systemd/matrix-coturn-reload.service.j2 b/roles/custom/matrix-coturn/templates/systemd/matrix-coturn-reload.service.j2 similarity index 100% rename from roles/matrix-coturn/templates/systemd/matrix-coturn-reload.service.j2 rename to roles/custom/matrix-coturn/templates/systemd/matrix-coturn-reload.service.j2 diff --git a/roles/matrix-coturn/templates/systemd/matrix-coturn-reload.timer.j2 b/roles/custom/matrix-coturn/templates/systemd/matrix-coturn-reload.timer.j2 similarity index 100% rename from roles/matrix-coturn/templates/systemd/matrix-coturn-reload.timer.j2 rename to roles/custom/matrix-coturn/templates/systemd/matrix-coturn-reload.timer.j2 diff --git a/roles/matrix-coturn/templates/systemd/matrix-coturn.service.j2 b/roles/custom/matrix-coturn/templates/systemd/matrix-coturn.service.j2 similarity index 100% rename from roles/matrix-coturn/templates/systemd/matrix-coturn.service.j2 rename to roles/custom/matrix-coturn/templates/systemd/matrix-coturn.service.j2 diff --git a/roles/matrix-coturn/templates/turnserver.conf.j2 b/roles/custom/matrix-coturn/templates/turnserver.conf.j2 similarity index 100% rename from roles/matrix-coturn/templates/turnserver.conf.j2 rename to roles/custom/matrix-coturn/templates/turnserver.conf.j2 diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/custom/matrix-dendrite/defaults/main.yml similarity index 100% rename from roles/matrix-dendrite/defaults/main.yml rename to roles/custom/matrix-dendrite/defaults/main.yml diff --git a/roles/matrix-dendrite/tasks/dendrite/setup.yml b/roles/custom/matrix-dendrite/tasks/dendrite/setup.yml similarity index 100% rename from roles/matrix-dendrite/tasks/dendrite/setup.yml rename to roles/custom/matrix-dendrite/tasks/dendrite/setup.yml diff --git a/roles/matrix-dendrite/tasks/dendrite/setup_install.yml b/roles/custom/matrix-dendrite/tasks/dendrite/setup_install.yml similarity index 100% rename from roles/matrix-dendrite/tasks/dendrite/setup_install.yml rename to roles/custom/matrix-dendrite/tasks/dendrite/setup_install.yml diff --git a/roles/matrix-dendrite/tasks/dendrite/setup_uninstall.yml b/roles/custom/matrix-dendrite/tasks/dendrite/setup_uninstall.yml similarity index 100% rename from roles/matrix-dendrite/tasks/dendrite/setup_uninstall.yml rename to roles/custom/matrix-dendrite/tasks/dendrite/setup_uninstall.yml diff --git a/roles/matrix-dendrite/tasks/init.yml b/roles/custom/matrix-dendrite/tasks/init.yml similarity index 100% rename from roles/matrix-dendrite/tasks/init.yml rename to roles/custom/matrix-dendrite/tasks/init.yml diff --git a/roles/matrix-dendrite/tasks/main.yml b/roles/custom/matrix-dendrite/tasks/main.yml similarity index 100% rename from roles/matrix-dendrite/tasks/main.yml rename to roles/custom/matrix-dendrite/tasks/main.yml diff --git a/roles/matrix-dendrite/tasks/register_user.yml b/roles/custom/matrix-dendrite/tasks/register_user.yml similarity index 100% rename from roles/matrix-dendrite/tasks/register_user.yml rename to roles/custom/matrix-dendrite/tasks/register_user.yml diff --git a/roles/matrix-dendrite/tasks/self_check_client_api.yml b/roles/custom/matrix-dendrite/tasks/self_check_client_api.yml similarity index 100% rename from roles/matrix-dendrite/tasks/self_check_client_api.yml rename to roles/custom/matrix-dendrite/tasks/self_check_client_api.yml diff --git a/roles/matrix-dendrite/tasks/self_check_federation_api.yml b/roles/custom/matrix-dendrite/tasks/self_check_federation_api.yml similarity index 100% rename from roles/matrix-dendrite/tasks/self_check_federation_api.yml rename to roles/custom/matrix-dendrite/tasks/self_check_federation_api.yml diff --git a/roles/matrix-dendrite/tasks/setup_dendrite.yml b/roles/custom/matrix-dendrite/tasks/setup_dendrite.yml similarity index 100% rename from roles/matrix-dendrite/tasks/setup_dendrite.yml rename to roles/custom/matrix-dendrite/tasks/setup_dendrite.yml diff --git a/roles/matrix-dendrite/tasks/validate_config.yml b/roles/custom/matrix-dendrite/tasks/validate_config.yml similarity index 100% rename from roles/matrix-dendrite/tasks/validate_config.yml rename to roles/custom/matrix-dendrite/tasks/validate_config.yml diff --git a/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 b/roles/custom/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 similarity index 100% rename from roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 rename to roles/custom/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 diff --git a/roles/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 b/roles/custom/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 similarity index 100% rename from roles/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 rename to roles/custom/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 diff --git a/roles/matrix-dendrite/templates/dendrite/usr-local-bin/matrix-dendrite-create-account.j2 b/roles/custom/matrix-dendrite/templates/dendrite/usr-local-bin/matrix-dendrite-create-account.j2 similarity index 100% rename from roles/matrix-dendrite/templates/dendrite/usr-local-bin/matrix-dendrite-create-account.j2 rename to roles/custom/matrix-dendrite/templates/dendrite/usr-local-bin/matrix-dendrite-create-account.j2 diff --git a/roles/matrix-dendrite/vars/main.yml b/roles/custom/matrix-dendrite/vars/main.yml similarity index 100% rename from roles/matrix-dendrite/vars/main.yml rename to roles/custom/matrix-dendrite/vars/main.yml diff --git a/roles/matrix-dimension/defaults/main.yml b/roles/custom/matrix-dimension/defaults/main.yml similarity index 100% rename from roles/matrix-dimension/defaults/main.yml rename to roles/custom/matrix-dimension/defaults/main.yml diff --git a/roles/matrix-dimension/tasks/init.yml b/roles/custom/matrix-dimension/tasks/init.yml similarity index 100% rename from roles/matrix-dimension/tasks/init.yml rename to roles/custom/matrix-dimension/tasks/init.yml diff --git a/roles/matrix-dimension/tasks/main.yml b/roles/custom/matrix-dimension/tasks/main.yml similarity index 100% rename from roles/matrix-dimension/tasks/main.yml rename to roles/custom/matrix-dimension/tasks/main.yml diff --git a/roles/matrix-dimension/tasks/setup_install.yml b/roles/custom/matrix-dimension/tasks/setup_install.yml similarity index 99% rename from roles/matrix-dimension/tasks/setup_install.yml rename to roles/custom/matrix-dimension/tasks/setup_install.yml index fc476397..a16d0407 100644 --- a/roles/matrix-dimension/tasks/setup_install.yml +++ b/roles/custom/matrix-dimension/tasks/setup_install.yml @@ -64,7 +64,7 @@ additional_psql_statements_db_name: "{{ matrix_dimension_database_name }}" - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-dimension/tasks/setup_uninstall.yml b/roles/custom/matrix-dimension/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-dimension/tasks/setup_uninstall.yml rename to roles/custom/matrix-dimension/tasks/setup_uninstall.yml diff --git a/roles/matrix-dimension/tasks/validate_config.yml b/roles/custom/matrix-dimension/tasks/validate_config.yml similarity index 100% rename from roles/matrix-dimension/tasks/validate_config.yml rename to roles/custom/matrix-dimension/tasks/validate_config.yml diff --git a/roles/matrix-dimension/templates/config.yaml.j2 b/roles/custom/matrix-dimension/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-dimension/templates/config.yaml.j2 rename to roles/custom/matrix-dimension/templates/config.yaml.j2 diff --git a/roles/matrix-dimension/templates/systemd/matrix-dimension.service.j2 b/roles/custom/matrix-dimension/templates/systemd/matrix-dimension.service.j2 similarity index 100% rename from roles/matrix-dimension/templates/systemd/matrix-dimension.service.j2 rename to roles/custom/matrix-dimension/templates/systemd/matrix-dimension.service.j2 diff --git a/roles/matrix-dimension/vars/main.yml b/roles/custom/matrix-dimension/vars/main.yml similarity index 100% rename from roles/matrix-dimension/vars/main.yml rename to roles/custom/matrix-dimension/vars/main.yml diff --git a/roles/matrix-dynamic-dns/defaults/main.yml b/roles/custom/matrix-dynamic-dns/defaults/main.yml similarity index 100% rename from roles/matrix-dynamic-dns/defaults/main.yml rename to roles/custom/matrix-dynamic-dns/defaults/main.yml diff --git a/roles/matrix-dynamic-dns/tasks/init.yml b/roles/custom/matrix-dynamic-dns/tasks/init.yml similarity index 100% rename from roles/matrix-dynamic-dns/tasks/init.yml rename to roles/custom/matrix-dynamic-dns/tasks/init.yml diff --git a/roles/matrix-dynamic-dns/tasks/install.yml b/roles/custom/matrix-dynamic-dns/tasks/install.yml similarity index 100% rename from roles/matrix-dynamic-dns/tasks/install.yml rename to roles/custom/matrix-dynamic-dns/tasks/install.yml diff --git a/roles/matrix-dynamic-dns/tasks/main.yml b/roles/custom/matrix-dynamic-dns/tasks/main.yml similarity index 100% rename from roles/matrix-dynamic-dns/tasks/main.yml rename to roles/custom/matrix-dynamic-dns/tasks/main.yml diff --git a/roles/matrix-dynamic-dns/tasks/uninstall.yml b/roles/custom/matrix-dynamic-dns/tasks/uninstall.yml similarity index 100% rename from roles/matrix-dynamic-dns/tasks/uninstall.yml rename to roles/custom/matrix-dynamic-dns/tasks/uninstall.yml diff --git a/roles/matrix-dynamic-dns/tasks/validate_config.yml b/roles/custom/matrix-dynamic-dns/tasks/validate_config.yml similarity index 100% rename from roles/matrix-dynamic-dns/tasks/validate_config.yml rename to roles/custom/matrix-dynamic-dns/tasks/validate_config.yml diff --git a/roles/matrix-dynamic-dns/templates/ddclient.conf.j2 b/roles/custom/matrix-dynamic-dns/templates/ddclient.conf.j2 similarity index 100% rename from roles/matrix-dynamic-dns/templates/ddclient.conf.j2 rename to roles/custom/matrix-dynamic-dns/templates/ddclient.conf.j2 diff --git a/roles/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 b/roles/custom/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 similarity index 100% rename from roles/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 rename to roles/custom/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 diff --git a/roles/matrix-email2matrix/defaults/main.yml b/roles/custom/matrix-email2matrix/defaults/main.yml similarity index 100% rename from roles/matrix-email2matrix/defaults/main.yml rename to roles/custom/matrix-email2matrix/defaults/main.yml diff --git a/roles/matrix-email2matrix/tasks/init.yml b/roles/custom/matrix-email2matrix/tasks/init.yml similarity index 100% rename from roles/matrix-email2matrix/tasks/init.yml rename to roles/custom/matrix-email2matrix/tasks/init.yml diff --git a/roles/matrix-email2matrix/tasks/main.yml b/roles/custom/matrix-email2matrix/tasks/main.yml similarity index 100% rename from roles/matrix-email2matrix/tasks/main.yml rename to roles/custom/matrix-email2matrix/tasks/main.yml diff --git a/roles/matrix-email2matrix/tasks/setup_install.yml b/roles/custom/matrix-email2matrix/tasks/setup_install.yml similarity index 100% rename from roles/matrix-email2matrix/tasks/setup_install.yml rename to roles/custom/matrix-email2matrix/tasks/setup_install.yml diff --git a/roles/matrix-email2matrix/tasks/setup_uninstall.yml b/roles/custom/matrix-email2matrix/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-email2matrix/tasks/setup_uninstall.yml rename to roles/custom/matrix-email2matrix/tasks/setup_uninstall.yml diff --git a/roles/matrix-email2matrix/tasks/validate_config.yml b/roles/custom/matrix-email2matrix/tasks/validate_config.yml similarity index 100% rename from roles/matrix-email2matrix/tasks/validate_config.yml rename to roles/custom/matrix-email2matrix/tasks/validate_config.yml diff --git a/roles/matrix-email2matrix/templates/config.json.j2 b/roles/custom/matrix-email2matrix/templates/config.json.j2 similarity index 100% rename from roles/matrix-email2matrix/templates/config.json.j2 rename to roles/custom/matrix-email2matrix/templates/config.json.j2 diff --git a/roles/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 b/roles/custom/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 similarity index 100% rename from roles/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 rename to roles/custom/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 diff --git a/roles/matrix-etherpad/defaults/main.yml b/roles/custom/matrix-etherpad/defaults/main.yml similarity index 100% rename from roles/matrix-etherpad/defaults/main.yml rename to roles/custom/matrix-etherpad/defaults/main.yml diff --git a/roles/matrix-etherpad/tasks/init.yml b/roles/custom/matrix-etherpad/tasks/init.yml similarity index 100% rename from roles/matrix-etherpad/tasks/init.yml rename to roles/custom/matrix-etherpad/tasks/init.yml diff --git a/roles/matrix-etherpad/tasks/main.yml b/roles/custom/matrix-etherpad/tasks/main.yml similarity index 100% rename from roles/matrix-etherpad/tasks/main.yml rename to roles/custom/matrix-etherpad/tasks/main.yml diff --git a/roles/matrix-etherpad/tasks/setup_install.yml b/roles/custom/matrix-etherpad/tasks/setup_install.yml similarity index 100% rename from roles/matrix-etherpad/tasks/setup_install.yml rename to roles/custom/matrix-etherpad/tasks/setup_install.yml diff --git a/roles/matrix-etherpad/tasks/setup_uninstall.yml b/roles/custom/matrix-etherpad/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-etherpad/tasks/setup_uninstall.yml rename to roles/custom/matrix-etherpad/tasks/setup_uninstall.yml diff --git a/roles/matrix-etherpad/tasks/validate_config.yml b/roles/custom/matrix-etherpad/tasks/validate_config.yml similarity index 100% rename from roles/matrix-etherpad/tasks/validate_config.yml rename to roles/custom/matrix-etherpad/tasks/validate_config.yml diff --git a/roles/matrix-etherpad/templates/settings.json.j2 b/roles/custom/matrix-etherpad/templates/settings.json.j2 similarity index 100% rename from roles/matrix-etherpad/templates/settings.json.j2 rename to roles/custom/matrix-etherpad/templates/settings.json.j2 diff --git a/roles/matrix-etherpad/templates/systemd/matrix-etherpad.service.j2 b/roles/custom/matrix-etherpad/templates/systemd/matrix-etherpad.service.j2 similarity index 100% rename from roles/matrix-etherpad/templates/systemd/matrix-etherpad.service.j2 rename to roles/custom/matrix-etherpad/templates/systemd/matrix-etherpad.service.j2 diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/custom/matrix-grafana/defaults/main.yml similarity index 100% rename from roles/matrix-grafana/defaults/main.yml rename to roles/custom/matrix-grafana/defaults/main.yml diff --git a/roles/matrix-grafana/tasks/init.yml b/roles/custom/matrix-grafana/tasks/init.yml similarity index 100% rename from roles/matrix-grafana/tasks/init.yml rename to roles/custom/matrix-grafana/tasks/init.yml diff --git a/roles/matrix-grafana/tasks/main.yml b/roles/custom/matrix-grafana/tasks/main.yml similarity index 100% rename from roles/matrix-grafana/tasks/main.yml rename to roles/custom/matrix-grafana/tasks/main.yml diff --git a/roles/matrix-grafana/tasks/setup.yml b/roles/custom/matrix-grafana/tasks/setup.yml similarity index 100% rename from roles/matrix-grafana/tasks/setup.yml rename to roles/custom/matrix-grafana/tasks/setup.yml diff --git a/roles/matrix-grafana/tasks/validate_config.yml b/roles/custom/matrix-grafana/tasks/validate_config.yml similarity index 100% rename from roles/matrix-grafana/tasks/validate_config.yml rename to roles/custom/matrix-grafana/tasks/validate_config.yml diff --git a/roles/matrix-grafana/templates/dashboards.yaml.j2 b/roles/custom/matrix-grafana/templates/dashboards.yaml.j2 similarity index 100% rename from roles/matrix-grafana/templates/dashboards.yaml.j2 rename to roles/custom/matrix-grafana/templates/dashboards.yaml.j2 diff --git a/roles/matrix-grafana/templates/datasources.yaml.j2 b/roles/custom/matrix-grafana/templates/datasources.yaml.j2 similarity index 100% rename from roles/matrix-grafana/templates/datasources.yaml.j2 rename to roles/custom/matrix-grafana/templates/datasources.yaml.j2 diff --git a/roles/matrix-grafana/templates/grafana.ini.j2 b/roles/custom/matrix-grafana/templates/grafana.ini.j2 similarity index 100% rename from roles/matrix-grafana/templates/grafana.ini.j2 rename to roles/custom/matrix-grafana/templates/grafana.ini.j2 diff --git a/roles/matrix-grafana/templates/systemd/matrix-grafana.service.j2 b/roles/custom/matrix-grafana/templates/systemd/matrix-grafana.service.j2 similarity index 100% rename from roles/matrix-grafana/templates/systemd/matrix-grafana.service.j2 rename to roles/custom/matrix-grafana/templates/systemd/matrix-grafana.service.j2 diff --git a/roles/matrix-jitsi/defaults/main.yml b/roles/custom/matrix-jitsi/defaults/main.yml similarity index 100% rename from roles/matrix-jitsi/defaults/main.yml rename to roles/custom/matrix-jitsi/defaults/main.yml diff --git a/roles/matrix-jitsi/tasks/init.yml b/roles/custom/matrix-jitsi/tasks/init.yml similarity index 100% rename from roles/matrix-jitsi/tasks/init.yml rename to roles/custom/matrix-jitsi/tasks/init.yml diff --git a/roles/matrix-jitsi/tasks/main.yml b/roles/custom/matrix-jitsi/tasks/main.yml similarity index 100% rename from roles/matrix-jitsi/tasks/main.yml rename to roles/custom/matrix-jitsi/tasks/main.yml diff --git a/roles/matrix-jitsi/tasks/setup_jitsi_base.yml b/roles/custom/matrix-jitsi/tasks/setup_jitsi_base.yml similarity index 100% rename from roles/matrix-jitsi/tasks/setup_jitsi_base.yml rename to roles/custom/matrix-jitsi/tasks/setup_jitsi_base.yml diff --git a/roles/matrix-jitsi/tasks/setup_jitsi_jicofo.yml b/roles/custom/matrix-jitsi/tasks/setup_jitsi_jicofo.yml similarity index 100% rename from roles/matrix-jitsi/tasks/setup_jitsi_jicofo.yml rename to roles/custom/matrix-jitsi/tasks/setup_jitsi_jicofo.yml diff --git a/roles/matrix-jitsi/tasks/setup_jitsi_jvb.yml b/roles/custom/matrix-jitsi/tasks/setup_jitsi_jvb.yml similarity index 100% rename from roles/matrix-jitsi/tasks/setup_jitsi_jvb.yml rename to roles/custom/matrix-jitsi/tasks/setup_jitsi_jvb.yml diff --git a/roles/matrix-jitsi/tasks/setup_jitsi_prosody.yml b/roles/custom/matrix-jitsi/tasks/setup_jitsi_prosody.yml similarity index 100% rename from roles/matrix-jitsi/tasks/setup_jitsi_prosody.yml rename to roles/custom/matrix-jitsi/tasks/setup_jitsi_prosody.yml diff --git a/roles/matrix-jitsi/tasks/setup_jitsi_web.yml b/roles/custom/matrix-jitsi/tasks/setup_jitsi_web.yml similarity index 100% rename from roles/matrix-jitsi/tasks/setup_jitsi_web.yml rename to roles/custom/matrix-jitsi/tasks/setup_jitsi_web.yml diff --git a/roles/matrix-jitsi/tasks/util/setup_jitsi_auth.yml b/roles/custom/matrix-jitsi/tasks/util/setup_jitsi_auth.yml similarity index 100% rename from roles/matrix-jitsi/tasks/util/setup_jitsi_auth.yml rename to roles/custom/matrix-jitsi/tasks/util/setup_jitsi_auth.yml diff --git a/roles/matrix-jitsi/tasks/validate_config.yml b/roles/custom/matrix-jitsi/tasks/validate_config.yml similarity index 100% rename from roles/matrix-jitsi/tasks/validate_config.yml rename to roles/custom/matrix-jitsi/tasks/validate_config.yml diff --git a/roles/matrix-jitsi/templates/jicofo/env.j2 b/roles/custom/matrix-jitsi/templates/jicofo/env.j2 similarity index 100% rename from roles/matrix-jitsi/templates/jicofo/env.j2 rename to roles/custom/matrix-jitsi/templates/jicofo/env.j2 diff --git a/roles/matrix-jitsi/templates/jicofo/logging.properties.j2 b/roles/custom/matrix-jitsi/templates/jicofo/logging.properties.j2 similarity index 100% rename from roles/matrix-jitsi/templates/jicofo/logging.properties.j2 rename to roles/custom/matrix-jitsi/templates/jicofo/logging.properties.j2 diff --git a/roles/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 b/roles/custom/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 similarity index 100% rename from roles/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 rename to roles/custom/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 diff --git a/roles/matrix-jitsi/templates/jicofo/sip-communicator.properties.j2 b/roles/custom/matrix-jitsi/templates/jicofo/sip-communicator.properties.j2 similarity index 100% rename from roles/matrix-jitsi/templates/jicofo/sip-communicator.properties.j2 rename to roles/custom/matrix-jitsi/templates/jicofo/sip-communicator.properties.j2 diff --git a/roles/matrix-jitsi/templates/jvb/custom-sip-communicator.properties.j2 b/roles/custom/matrix-jitsi/templates/jvb/custom-sip-communicator.properties.j2 similarity index 100% rename from roles/matrix-jitsi/templates/jvb/custom-sip-communicator.properties.j2 rename to roles/custom/matrix-jitsi/templates/jvb/custom-sip-communicator.properties.j2 diff --git a/roles/matrix-jitsi/templates/jvb/env.j2 b/roles/custom/matrix-jitsi/templates/jvb/env.j2 similarity index 100% rename from roles/matrix-jitsi/templates/jvb/env.j2 rename to roles/custom/matrix-jitsi/templates/jvb/env.j2 diff --git a/roles/matrix-jitsi/templates/jvb/logging.properties.j2 b/roles/custom/matrix-jitsi/templates/jvb/logging.properties.j2 similarity index 100% rename from roles/matrix-jitsi/templates/jvb/logging.properties.j2 rename to roles/custom/matrix-jitsi/templates/jvb/logging.properties.j2 diff --git a/roles/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 b/roles/custom/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 similarity index 100% rename from roles/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 rename to roles/custom/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 diff --git a/roles/matrix-jitsi/templates/prosody/env.j2 b/roles/custom/matrix-jitsi/templates/prosody/env.j2 similarity index 100% rename from roles/matrix-jitsi/templates/prosody/env.j2 rename to roles/custom/matrix-jitsi/templates/prosody/env.j2 diff --git a/roles/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 b/roles/custom/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 similarity index 100% rename from roles/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 rename to roles/custom/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 diff --git a/roles/matrix-jitsi/templates/web/custom-config.js.j2 b/roles/custom/matrix-jitsi/templates/web/custom-config.js.j2 similarity index 100% rename from roles/matrix-jitsi/templates/web/custom-config.js.j2 rename to roles/custom/matrix-jitsi/templates/web/custom-config.js.j2 diff --git a/roles/matrix-jitsi/templates/web/custom-interface_config.js.j2 b/roles/custom/matrix-jitsi/templates/web/custom-interface_config.js.j2 similarity index 100% rename from roles/matrix-jitsi/templates/web/custom-interface_config.js.j2 rename to roles/custom/matrix-jitsi/templates/web/custom-interface_config.js.j2 diff --git a/roles/matrix-jitsi/templates/web/env.j2 b/roles/custom/matrix-jitsi/templates/web/env.j2 similarity index 100% rename from roles/matrix-jitsi/templates/web/env.j2 rename to roles/custom/matrix-jitsi/templates/web/env.j2 diff --git a/roles/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 b/roles/custom/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 similarity index 100% rename from roles/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 rename to roles/custom/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 diff --git a/roles/matrix-ldap-registration-proxy/defaults/main.yml b/roles/custom/matrix-ldap-registration-proxy/defaults/main.yml similarity index 100% rename from roles/matrix-ldap-registration-proxy/defaults/main.yml rename to roles/custom/matrix-ldap-registration-proxy/defaults/main.yml diff --git a/roles/matrix-ldap-registration-proxy/tasks/init.yml b/roles/custom/matrix-ldap-registration-proxy/tasks/init.yml similarity index 100% rename from roles/matrix-ldap-registration-proxy/tasks/init.yml rename to roles/custom/matrix-ldap-registration-proxy/tasks/init.yml diff --git a/roles/matrix-ldap-registration-proxy/tasks/main.yml b/roles/custom/matrix-ldap-registration-proxy/tasks/main.yml similarity index 100% rename from roles/matrix-ldap-registration-proxy/tasks/main.yml rename to roles/custom/matrix-ldap-registration-proxy/tasks/main.yml diff --git a/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml b/roles/custom/matrix-ldap-registration-proxy/tasks/setup_install.yml similarity index 100% rename from roles/matrix-ldap-registration-proxy/tasks/setup_install.yml rename to roles/custom/matrix-ldap-registration-proxy/tasks/setup_install.yml diff --git a/roles/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml b/roles/custom/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml rename to roles/custom/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml diff --git a/roles/matrix-ldap-registration-proxy/tasks/validate_config.yml b/roles/custom/matrix-ldap-registration-proxy/tasks/validate_config.yml similarity index 100% rename from roles/matrix-ldap-registration-proxy/tasks/validate_config.yml rename to roles/custom/matrix-ldap-registration-proxy/tasks/validate_config.yml diff --git a/roles/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 b/roles/custom/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 similarity index 100% rename from roles/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 rename to roles/custom/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 diff --git a/roles/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 b/roles/custom/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 similarity index 100% rename from roles/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 rename to roles/custom/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 diff --git a/roles/matrix-ma1sd/defaults/main.yml b/roles/custom/matrix-ma1sd/defaults/main.yml similarity index 100% rename from roles/matrix-ma1sd/defaults/main.yml rename to roles/custom/matrix-ma1sd/defaults/main.yml diff --git a/roles/matrix-ma1sd/tasks/init.yml b/roles/custom/matrix-ma1sd/tasks/init.yml similarity index 100% rename from roles/matrix-ma1sd/tasks/init.yml rename to roles/custom/matrix-ma1sd/tasks/init.yml diff --git a/roles/matrix-ma1sd/tasks/main.yml b/roles/custom/matrix-ma1sd/tasks/main.yml similarity index 100% rename from roles/matrix-ma1sd/tasks/main.yml rename to roles/custom/matrix-ma1sd/tasks/main.yml diff --git a/roles/matrix-ma1sd/tasks/migrate_mxisd.yml b/roles/custom/matrix-ma1sd/tasks/migrate_mxisd.yml similarity index 100% rename from roles/matrix-ma1sd/tasks/migrate_mxisd.yml rename to roles/custom/matrix-ma1sd/tasks/migrate_mxisd.yml diff --git a/roles/matrix-ma1sd/tasks/self_check_ma1sd.yml b/roles/custom/matrix-ma1sd/tasks/self_check_ma1sd.yml similarity index 100% rename from roles/matrix-ma1sd/tasks/self_check_ma1sd.yml rename to roles/custom/matrix-ma1sd/tasks/self_check_ma1sd.yml diff --git a/roles/matrix-ma1sd/tasks/setup_install.yml b/roles/custom/matrix-ma1sd/tasks/setup_install.yml similarity index 99% rename from roles/matrix-ma1sd/tasks/setup_install.yml rename to roles/custom/matrix-ma1sd/tasks/setup_install.yml index 38ff3036..e474d906 100644 --- a/roles/matrix-ma1sd/tasks/setup_install.yml +++ b/roles/custom/matrix-ma1sd/tasks/setup_install.yml @@ -41,7 +41,7 @@ pgloader_options: ['--with "quote identifiers"'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-ma1sd/tasks/setup_uninstall.yml b/roles/custom/matrix-ma1sd/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-ma1sd/tasks/setup_uninstall.yml rename to roles/custom/matrix-ma1sd/tasks/setup_uninstall.yml diff --git a/roles/matrix-ma1sd/tasks/validate_config.yml b/roles/custom/matrix-ma1sd/tasks/validate_config.yml similarity index 100% rename from roles/matrix-ma1sd/tasks/validate_config.yml rename to roles/custom/matrix-ma1sd/tasks/validate_config.yml diff --git a/roles/matrix-ma1sd/templates/ma1sd.yaml.j2 b/roles/custom/matrix-ma1sd/templates/ma1sd.yaml.j2 similarity index 100% rename from roles/matrix-ma1sd/templates/ma1sd.yaml.j2 rename to roles/custom/matrix-ma1sd/templates/ma1sd.yaml.j2 diff --git a/roles/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 b/roles/custom/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 similarity index 100% rename from roles/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 rename to roles/custom/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 diff --git a/roles/matrix-ma1sd/vars/main.yml b/roles/custom/matrix-ma1sd/vars/main.yml similarity index 100% rename from roles/matrix-ma1sd/vars/main.yml rename to roles/custom/matrix-ma1sd/vars/main.yml diff --git a/roles/matrix-mailer/defaults/main.yml b/roles/custom/matrix-mailer/defaults/main.yml similarity index 100% rename from roles/matrix-mailer/defaults/main.yml rename to roles/custom/matrix-mailer/defaults/main.yml diff --git a/roles/matrix-mailer/tasks/init.yml b/roles/custom/matrix-mailer/tasks/init.yml similarity index 100% rename from roles/matrix-mailer/tasks/init.yml rename to roles/custom/matrix-mailer/tasks/init.yml diff --git a/roles/matrix-mailer/tasks/main.yml b/roles/custom/matrix-mailer/tasks/main.yml similarity index 100% rename from roles/matrix-mailer/tasks/main.yml rename to roles/custom/matrix-mailer/tasks/main.yml diff --git a/roles/matrix-mailer/tasks/setup_mailer.yml b/roles/custom/matrix-mailer/tasks/setup_mailer.yml similarity index 100% rename from roles/matrix-mailer/tasks/setup_mailer.yml rename to roles/custom/matrix-mailer/tasks/setup_mailer.yml diff --git a/roles/matrix-mailer/templates/env-mailer.j2 b/roles/custom/matrix-mailer/templates/env-mailer.j2 similarity index 100% rename from roles/matrix-mailer/templates/env-mailer.j2 rename to roles/custom/matrix-mailer/templates/env-mailer.j2 diff --git a/roles/matrix-mailer/templates/systemd/matrix-mailer.service.j2 b/roles/custom/matrix-mailer/templates/systemd/matrix-mailer.service.j2 similarity index 100% rename from roles/matrix-mailer/templates/systemd/matrix-mailer.service.j2 rename to roles/custom/matrix-mailer/templates/systemd/matrix-mailer.service.j2 diff --git a/roles/matrix-nginx-proxy/defaults/main.yml b/roles/custom/matrix-nginx-proxy/defaults/main.yml similarity index 99% rename from roles/matrix-nginx-proxy/defaults/main.yml rename to roles/custom/matrix-nginx-proxy/defaults/main.yml index c233dc43..ca4a15e7 100644 --- a/roles/matrix-nginx-proxy/defaults/main.yml +++ b/roles/custom/matrix-nginx-proxy/defaults/main.yml @@ -252,7 +252,7 @@ matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_path: "{{ matrix_nginx_proxy_ # when `matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_username` and `matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_password` are provided. # This image provides the `htpasswd` tool which we use for generating the htpasswd file protecting `/metrics/*`. # To avoid using this, use `matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_raw_content` instead of supplying username/password. -# Learn more in: `roles/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml`. +# Learn more in: `roles/custom/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml`. matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_apache_container_image: "{{ matrix_container_global_registry_prefix }}httpd:{{ matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_apache_container_image_tag }}" matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_apache_container_image_tag: "2.4.54-alpine3.16" matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_apache_container_force_pull: "{{ matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_apache_container_image_tag.endswith(':latest') }}" diff --git a/roles/matrix-nginx-proxy/tasks/init.yml b/roles/custom/matrix-nginx-proxy/tasks/init.yml similarity index 100% rename from roles/matrix-nginx-proxy/tasks/init.yml rename to roles/custom/matrix-nginx-proxy/tasks/init.yml diff --git a/roles/matrix-nginx-proxy/tasks/main.yml b/roles/custom/matrix-nginx-proxy/tasks/main.yml similarity index 100% rename from roles/matrix-nginx-proxy/tasks/main.yml rename to roles/custom/matrix-nginx-proxy/tasks/main.yml diff --git a/roles/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml b/roles/custom/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml similarity index 100% rename from roles/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml rename to roles/custom/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml diff --git a/roles/matrix-nginx-proxy/tasks/self_check_well_known.yml b/roles/custom/matrix-nginx-proxy/tasks/self_check_well_known.yml similarity index 100% rename from roles/matrix-nginx-proxy/tasks/self_check_well_known.yml rename to roles/custom/matrix-nginx-proxy/tasks/self_check_well_known.yml diff --git a/roles/matrix-nginx-proxy/tasks/self_check_well_known_file.yml b/roles/custom/matrix-nginx-proxy/tasks/self_check_well_known_file.yml similarity index 100% rename from roles/matrix-nginx-proxy/tasks/self_check_well_known_file.yml rename to roles/custom/matrix-nginx-proxy/tasks/self_check_well_known_file.yml diff --git a/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml b/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml similarity index 100% rename from roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml rename to roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml diff --git a/roles/matrix-nginx-proxy/tasks/setup_well_known.yml b/roles/custom/matrix-nginx-proxy/tasks/setup_well_known.yml similarity index 100% rename from roles/matrix-nginx-proxy/tasks/setup_well_known.yml rename to roles/custom/matrix-nginx-proxy/tasks/setup_well_known.yml diff --git a/roles/matrix-nginx-proxy/tasks/ssl/main.yml b/roles/custom/matrix-nginx-proxy/tasks/ssl/main.yml similarity index 100% rename from roles/matrix-nginx-proxy/tasks/ssl/main.yml rename to roles/custom/matrix-nginx-proxy/tasks/ssl/main.yml diff --git a/roles/matrix-nginx-proxy/tasks/ssl/purge_ssl_lets_encrypt_orphaned_configs.yml b/roles/custom/matrix-nginx-proxy/tasks/ssl/purge_ssl_lets_encrypt_orphaned_configs.yml similarity index 100% rename from roles/matrix-nginx-proxy/tasks/ssl/purge_ssl_lets_encrypt_orphaned_configs.yml rename to roles/custom/matrix-nginx-proxy/tasks/ssl/purge_ssl_lets_encrypt_orphaned_configs.yml diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml b/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml similarity index 100% rename from roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml rename to roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml b/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml similarity index 100% rename from roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml rename to roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_manually_managed.yml b/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_manually_managed.yml similarity index 100% rename from roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_manually_managed.yml rename to roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_manually_managed.yml diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_manually_managed_verify_for_domain.yml b/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_manually_managed_verify_for_domain.yml similarity index 100% rename from roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_manually_managed_verify_for_domain.yml rename to roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_manually_managed_verify_for_domain.yml diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml b/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml similarity index 100% rename from roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml rename to roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed_obtain_for_domain.yml b/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed_obtain_for_domain.yml similarity index 100% rename from roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed_obtain_for_domain.yml rename to roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed_obtain_for_domain.yml diff --git a/roles/matrix-nginx-proxy/tasks/validate_config.yml b/roles/custom/matrix-nginx-proxy/tasks/validate_config.yml similarity index 100% rename from roles/matrix-nginx-proxy/tasks/validate_config.yml rename to roles/custom/matrix-nginx-proxy/tasks/validate_config.yml diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-base-domain.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-base-domain.conf.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-base-domain.conf.j2 rename to roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-base-domain.conf.j2 diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-buscarron.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-buscarron.conf.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-buscarron.conf.j2 rename to roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-buscarron.conf.j2 diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-go-neb.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-go-neb.conf.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-go-neb.conf.j2 rename to roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-go-neb.conf.j2 diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-cinny.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-cinny.conf.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-cinny.conf.j2 rename to roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-cinny.conf.j2 diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-element.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-element.conf.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-element.conf.j2 rename to roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-element.conf.j2 diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-hydrogen.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-hydrogen.conf.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-hydrogen.conf.j2 rename to roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-hydrogen.conf.j2 diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-conduit.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-conduit.conf.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-conduit.conf.j2 rename to roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-conduit.conf.j2 diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dendrite.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dendrite.conf.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dendrite.conf.j2 rename to roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dendrite.conf.j2 diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dimension.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dimension.conf.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dimension.conf.j2 rename to roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dimension.conf.j2 diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 rename to roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-grafana.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-grafana.conf.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-grafana.conf.j2 rename to roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-grafana.conf.j2 diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-jitsi.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-jitsi.conf.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-jitsi.conf.j2 rename to roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-jitsi.conf.j2 diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-ntfy.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-ntfy.conf.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-ntfy.conf.j2 rename to roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-ntfy.conf.j2 diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-riot-web.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-riot-web.conf.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-riot-web.conf.j2 rename to roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-riot-web.conf.j2 diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-sygnal.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-sygnal.conf.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-sygnal.conf.j2 rename to roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-sygnal.conf.j2 diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 rename to roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/nginx-http.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/nginx-http.conf.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/nginx/conf.d/nginx-http.conf.j2 rename to roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/nginx-http.conf.j2 diff --git a/roles/matrix-nginx-proxy/templates/nginx/nginx.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/nginx.conf.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/nginx/nginx.conf.j2 rename to roles/custom/matrix-nginx-proxy/templates/nginx/nginx.conf.j2 diff --git a/roles/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 b/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 rename to roles/custom/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 diff --git a/roles/matrix-nginx-proxy/templates/systemd/matrix-ssl-lets-encrypt-certificates-renew.service.j2 b/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-ssl-lets-encrypt-certificates-renew.service.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/systemd/matrix-ssl-lets-encrypt-certificates-renew.service.j2 rename to roles/custom/matrix-nginx-proxy/templates/systemd/matrix-ssl-lets-encrypt-certificates-renew.service.j2 diff --git a/roles/matrix-nginx-proxy/templates/systemd/matrix-ssl-lets-encrypt-certificates-renew.timer.j2 b/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-ssl-lets-encrypt-certificates-renew.timer.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/systemd/matrix-ssl-lets-encrypt-certificates-renew.timer.j2 rename to roles/custom/matrix-nginx-proxy/templates/systemd/matrix-ssl-lets-encrypt-certificates-renew.timer.j2 diff --git a/roles/matrix-nginx-proxy/templates/systemd/matrix-ssl-nginx-proxy-reload.service.j2 b/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-ssl-nginx-proxy-reload.service.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/systemd/matrix-ssl-nginx-proxy-reload.service.j2 rename to roles/custom/matrix-nginx-proxy/templates/systemd/matrix-ssl-nginx-proxy-reload.service.j2 diff --git a/roles/matrix-nginx-proxy/templates/systemd/matrix-ssl-nginx-proxy-reload.timer.j2 b/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-ssl-nginx-proxy-reload.timer.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/systemd/matrix-ssl-nginx-proxy-reload.timer.j2 rename to roles/custom/matrix-nginx-proxy/templates/systemd/matrix-ssl-nginx-proxy-reload.timer.j2 diff --git a/roles/matrix-nginx-proxy/templates/usr-local-bin/matrix-ssl-lets-encrypt-certificates-renew.j2 b/roles/custom/matrix-nginx-proxy/templates/usr-local-bin/matrix-ssl-lets-encrypt-certificates-renew.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/usr-local-bin/matrix-ssl-lets-encrypt-certificates-renew.j2 rename to roles/custom/matrix-nginx-proxy/templates/usr-local-bin/matrix-ssl-lets-encrypt-certificates-renew.j2 diff --git a/roles/matrix-nginx-proxy/vars/main.yml b/roles/custom/matrix-nginx-proxy/vars/main.yml similarity index 100% rename from roles/matrix-nginx-proxy/vars/main.yml rename to roles/custom/matrix-nginx-proxy/vars/main.yml diff --git a/roles/matrix-ntfy/defaults/main.yml b/roles/custom/matrix-ntfy/defaults/main.yml similarity index 100% rename from roles/matrix-ntfy/defaults/main.yml rename to roles/custom/matrix-ntfy/defaults/main.yml diff --git a/roles/matrix-ntfy/tasks/init.yml b/roles/custom/matrix-ntfy/tasks/init.yml similarity index 100% rename from roles/matrix-ntfy/tasks/init.yml rename to roles/custom/matrix-ntfy/tasks/init.yml diff --git a/roles/matrix-ntfy/tasks/main.yml b/roles/custom/matrix-ntfy/tasks/main.yml similarity index 100% rename from roles/matrix-ntfy/tasks/main.yml rename to roles/custom/matrix-ntfy/tasks/main.yml diff --git a/roles/matrix-ntfy/tasks/self_check.yml b/roles/custom/matrix-ntfy/tasks/self_check.yml similarity index 100% rename from roles/matrix-ntfy/tasks/self_check.yml rename to roles/custom/matrix-ntfy/tasks/self_check.yml diff --git a/roles/matrix-ntfy/tasks/setup_install.yml b/roles/custom/matrix-ntfy/tasks/setup_install.yml similarity index 100% rename from roles/matrix-ntfy/tasks/setup_install.yml rename to roles/custom/matrix-ntfy/tasks/setup_install.yml diff --git a/roles/matrix-ntfy/tasks/setup_uninstall.yml b/roles/custom/matrix-ntfy/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-ntfy/tasks/setup_uninstall.yml rename to roles/custom/matrix-ntfy/tasks/setup_uninstall.yml diff --git a/roles/matrix-ntfy/templates/ntfy/server.yml.j2 b/roles/custom/matrix-ntfy/templates/ntfy/server.yml.j2 similarity index 100% rename from roles/matrix-ntfy/templates/ntfy/server.yml.j2 rename to roles/custom/matrix-ntfy/templates/ntfy/server.yml.j2 diff --git a/roles/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 b/roles/custom/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 similarity index 100% rename from roles/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 rename to roles/custom/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 diff --git a/roles/matrix-postgres-backup/defaults/main.yml b/roles/custom/matrix-postgres-backup/defaults/main.yml similarity index 100% rename from roles/matrix-postgres-backup/defaults/main.yml rename to roles/custom/matrix-postgres-backup/defaults/main.yml diff --git a/roles/matrix-postgres-backup/tasks/init.yml b/roles/custom/matrix-postgres-backup/tasks/init.yml similarity index 100% rename from roles/matrix-postgres-backup/tasks/init.yml rename to roles/custom/matrix-postgres-backup/tasks/init.yml diff --git a/roles/matrix-postgres-backup/tasks/main.yml b/roles/custom/matrix-postgres-backup/tasks/main.yml similarity index 100% rename from roles/matrix-postgres-backup/tasks/main.yml rename to roles/custom/matrix-postgres-backup/tasks/main.yml diff --git a/roles/matrix-postgres-backup/tasks/setup_postgres_backup.yml b/roles/custom/matrix-postgres-backup/tasks/setup_postgres_backup.yml similarity index 99% rename from roles/matrix-postgres-backup/tasks/setup_postgres_backup.yml rename to roles/custom/matrix-postgres-backup/tasks/setup_postgres_backup.yml index 2518326a..d0335f39 100644 --- a/roles/matrix-postgres-backup/tasks/setup_postgres_backup.yml +++ b/roles/custom/matrix-postgres-backup/tasks/setup_postgres_backup.yml @@ -4,7 +4,7 @@ # Tasks related to setting up postgres backup # - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: detect_existing_postgres_version when: 'matrix_postgres_backup_enabled | bool and matrix_postgres_backup_postgres_data_path != ""' diff --git a/roles/matrix-postgres-backup/tasks/validate_config.yml b/roles/custom/matrix-postgres-backup/tasks/validate_config.yml similarity index 100% rename from roles/matrix-postgres-backup/tasks/validate_config.yml rename to roles/custom/matrix-postgres-backup/tasks/validate_config.yml diff --git a/roles/matrix-postgres-backup/templates/env-postgres-backup.j2 b/roles/custom/matrix-postgres-backup/templates/env-postgres-backup.j2 similarity index 100% rename from roles/matrix-postgres-backup/templates/env-postgres-backup.j2 rename to roles/custom/matrix-postgres-backup/templates/env-postgres-backup.j2 diff --git a/roles/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2 b/roles/custom/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2 similarity index 100% rename from roles/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2 rename to roles/custom/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2 diff --git a/roles/matrix-postgres/defaults/main.yml b/roles/custom/matrix-postgres/defaults/main.yml similarity index 100% rename from roles/matrix-postgres/defaults/main.yml rename to roles/custom/matrix-postgres/defaults/main.yml diff --git a/roles/matrix-postgres/tasks/detect_existing_postgres_version.yml b/roles/custom/matrix-postgres/tasks/detect_existing_postgres_version.yml similarity index 100% rename from roles/matrix-postgres/tasks/detect_existing_postgres_version.yml rename to roles/custom/matrix-postgres/tasks/detect_existing_postgres_version.yml diff --git a/roles/matrix-postgres/tasks/import_generic_sqlite_db.yml b/roles/custom/matrix-postgres/tasks/import_generic_sqlite_db.yml similarity index 100% rename from roles/matrix-postgres/tasks/import_generic_sqlite_db.yml rename to roles/custom/matrix-postgres/tasks/import_generic_sqlite_db.yml diff --git a/roles/matrix-postgres/tasks/import_postgres.yml b/roles/custom/matrix-postgres/tasks/import_postgres.yml similarity index 100% rename from roles/matrix-postgres/tasks/import_postgres.yml rename to roles/custom/matrix-postgres/tasks/import_postgres.yml diff --git a/roles/matrix-postgres/tasks/import_synapse_sqlite_db.yml b/roles/custom/matrix-postgres/tasks/import_synapse_sqlite_db.yml similarity index 100% rename from roles/matrix-postgres/tasks/import_synapse_sqlite_db.yml rename to roles/custom/matrix-postgres/tasks/import_synapse_sqlite_db.yml diff --git a/roles/matrix-postgres/tasks/init.yml b/roles/custom/matrix-postgres/tasks/init.yml similarity index 100% rename from roles/matrix-postgres/tasks/init.yml rename to roles/custom/matrix-postgres/tasks/init.yml diff --git a/roles/matrix-postgres/tasks/main.yml b/roles/custom/matrix-postgres/tasks/main.yml similarity index 100% rename from roles/matrix-postgres/tasks/main.yml rename to roles/custom/matrix-postgres/tasks/main.yml diff --git a/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml b/roles/custom/matrix-postgres/tasks/migrate_db_to_postgres.yml similarity index 99% rename from roles/matrix-postgres/tasks/migrate_db_to_postgres.yml rename to roles/custom/matrix-postgres/tasks/migrate_db_to_postgres.yml index 215d36c1..ab387953 100644 --- a/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml +++ b/roles/custom/matrix-postgres/tasks/migrate_db_to_postgres.yml @@ -137,7 +137,7 @@ - when: "matrix_postgres_db_migration_request.additional_psql_statements_list | default([]) | length > 0" block: - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: detect_existing_postgres_version - ansible.builtin.set_fact: diff --git a/roles/matrix-postgres/tasks/migrate_postgres_data_directory.yml b/roles/custom/matrix-postgres/tasks/migrate_postgres_data_directory.yml similarity index 100% rename from roles/matrix-postgres/tasks/migrate_postgres_data_directory.yml rename to roles/custom/matrix-postgres/tasks/migrate_postgres_data_directory.yml diff --git a/roles/matrix-postgres/tasks/run_vacuum.yml b/roles/custom/matrix-postgres/tasks/run_vacuum.yml similarity index 100% rename from roles/matrix-postgres/tasks/run_vacuum.yml rename to roles/custom/matrix-postgres/tasks/run_vacuum.yml diff --git a/roles/matrix-postgres/tasks/setup_postgres.yml b/roles/custom/matrix-postgres/tasks/setup_postgres.yml similarity index 100% rename from roles/matrix-postgres/tasks/setup_postgres.yml rename to roles/custom/matrix-postgres/tasks/setup_postgres.yml diff --git a/roles/matrix-postgres/tasks/upgrade_postgres.yml b/roles/custom/matrix-postgres/tasks/upgrade_postgres.yml similarity index 100% rename from roles/matrix-postgres/tasks/upgrade_postgres.yml rename to roles/custom/matrix-postgres/tasks/upgrade_postgres.yml diff --git a/roles/matrix-postgres/tasks/util/create_additional_database.yml b/roles/custom/matrix-postgres/tasks/util/create_additional_database.yml similarity index 100% rename from roles/matrix-postgres/tasks/util/create_additional_database.yml rename to roles/custom/matrix-postgres/tasks/util/create_additional_database.yml diff --git a/roles/matrix-postgres/tasks/util/create_additional_databases.yml b/roles/custom/matrix-postgres/tasks/util/create_additional_databases.yml similarity index 100% rename from roles/matrix-postgres/tasks/util/create_additional_databases.yml rename to roles/custom/matrix-postgres/tasks/util/create_additional_databases.yml diff --git a/roles/matrix-postgres/tasks/validate_config.yml b/roles/custom/matrix-postgres/tasks/validate_config.yml similarity index 100% rename from roles/matrix-postgres/tasks/validate_config.yml rename to roles/custom/matrix-postgres/tasks/validate_config.yml diff --git a/roles/matrix-postgres/templates/env-postgres-psql.j2 b/roles/custom/matrix-postgres/templates/env-postgres-psql.j2 similarity index 100% rename from roles/matrix-postgres/templates/env-postgres-psql.j2 rename to roles/custom/matrix-postgres/templates/env-postgres-psql.j2 diff --git a/roles/matrix-postgres/templates/env-postgres-server.j2 b/roles/custom/matrix-postgres/templates/env-postgres-server.j2 similarity index 100% rename from roles/matrix-postgres/templates/env-postgres-server.j2 rename to roles/custom/matrix-postgres/templates/env-postgres-server.j2 diff --git a/roles/matrix-postgres/templates/sql/init-additional-db-user-and-role.sql.j2 b/roles/custom/matrix-postgres/templates/sql/init-additional-db-user-and-role.sql.j2 similarity index 100% rename from roles/matrix-postgres/templates/sql/init-additional-db-user-and-role.sql.j2 rename to roles/custom/matrix-postgres/templates/sql/init-additional-db-user-and-role.sql.j2 diff --git a/roles/matrix-postgres/templates/systemd/matrix-postgres.service.j2 b/roles/custom/matrix-postgres/templates/systemd/matrix-postgres.service.j2 similarity index 100% rename from roles/matrix-postgres/templates/systemd/matrix-postgres.service.j2 rename to roles/custom/matrix-postgres/templates/systemd/matrix-postgres.service.j2 diff --git a/roles/matrix-postgres/templates/usr-local-bin/matrix-change-user-admin-status.j2 b/roles/custom/matrix-postgres/templates/usr-local-bin/matrix-change-user-admin-status.j2 similarity index 100% rename from roles/matrix-postgres/templates/usr-local-bin/matrix-change-user-admin-status.j2 rename to roles/custom/matrix-postgres/templates/usr-local-bin/matrix-change-user-admin-status.j2 diff --git a/roles/matrix-postgres/templates/usr-local-bin/matrix-postgres-cli-non-interactive.j2 b/roles/custom/matrix-postgres/templates/usr-local-bin/matrix-postgres-cli-non-interactive.j2 similarity index 100% rename from roles/matrix-postgres/templates/usr-local-bin/matrix-postgres-cli-non-interactive.j2 rename to roles/custom/matrix-postgres/templates/usr-local-bin/matrix-postgres-cli-non-interactive.j2 diff --git a/roles/matrix-postgres/templates/usr-local-bin/matrix-postgres-cli.j2 b/roles/custom/matrix-postgres/templates/usr-local-bin/matrix-postgres-cli.j2 similarity index 100% rename from roles/matrix-postgres/templates/usr-local-bin/matrix-postgres-cli.j2 rename to roles/custom/matrix-postgres/templates/usr-local-bin/matrix-postgres-cli.j2 diff --git a/roles/matrix-postgres/templates/usr-local-bin/matrix-postgres-update-user-password-hash.j2 b/roles/custom/matrix-postgres/templates/usr-local-bin/matrix-postgres-update-user-password-hash.j2 similarity index 100% rename from roles/matrix-postgres/templates/usr-local-bin/matrix-postgres-update-user-password-hash.j2 rename to roles/custom/matrix-postgres/templates/usr-local-bin/matrix-postgres-update-user-password-hash.j2 diff --git a/roles/matrix-prometheus-node-exporter/defaults/main.yml b/roles/custom/matrix-prometheus-node-exporter/defaults/main.yml similarity index 100% rename from roles/matrix-prometheus-node-exporter/defaults/main.yml rename to roles/custom/matrix-prometheus-node-exporter/defaults/main.yml diff --git a/roles/matrix-prometheus-node-exporter/tasks/init.yml b/roles/custom/matrix-prometheus-node-exporter/tasks/init.yml similarity index 100% rename from roles/matrix-prometheus-node-exporter/tasks/init.yml rename to roles/custom/matrix-prometheus-node-exporter/tasks/init.yml diff --git a/roles/matrix-prometheus-node-exporter/tasks/main.yml b/roles/custom/matrix-prometheus-node-exporter/tasks/main.yml similarity index 100% rename from roles/matrix-prometheus-node-exporter/tasks/main.yml rename to roles/custom/matrix-prometheus-node-exporter/tasks/main.yml diff --git a/roles/matrix-prometheus-node-exporter/tasks/setup.yml b/roles/custom/matrix-prometheus-node-exporter/tasks/setup.yml similarity index 100% rename from roles/matrix-prometheus-node-exporter/tasks/setup.yml rename to roles/custom/matrix-prometheus-node-exporter/tasks/setup.yml diff --git a/roles/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 b/roles/custom/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 similarity index 100% rename from roles/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 rename to roles/custom/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 diff --git a/roles/matrix-prometheus-node-exporter/vars/main.yml b/roles/custom/matrix-prometheus-node-exporter/vars/main.yml similarity index 100% rename from roles/matrix-prometheus-node-exporter/vars/main.yml rename to roles/custom/matrix-prometheus-node-exporter/vars/main.yml diff --git a/roles/matrix-prometheus-postgres-exporter/defaults/main.yml b/roles/custom/matrix-prometheus-postgres-exporter/defaults/main.yml similarity index 100% rename from roles/matrix-prometheus-postgres-exporter/defaults/main.yml rename to roles/custom/matrix-prometheus-postgres-exporter/defaults/main.yml diff --git a/roles/matrix-prometheus-postgres-exporter/tasks/init.yml b/roles/custom/matrix-prometheus-postgres-exporter/tasks/init.yml similarity index 100% rename from roles/matrix-prometheus-postgres-exporter/tasks/init.yml rename to roles/custom/matrix-prometheus-postgres-exporter/tasks/init.yml diff --git a/roles/matrix-prometheus-postgres-exporter/tasks/main.yml b/roles/custom/matrix-prometheus-postgres-exporter/tasks/main.yml similarity index 100% rename from roles/matrix-prometheus-postgres-exporter/tasks/main.yml rename to roles/custom/matrix-prometheus-postgres-exporter/tasks/main.yml diff --git a/roles/matrix-prometheus-postgres-exporter/tasks/setup.yml b/roles/custom/matrix-prometheus-postgres-exporter/tasks/setup.yml similarity index 100% rename from roles/matrix-prometheus-postgres-exporter/tasks/setup.yml rename to roles/custom/matrix-prometheus-postgres-exporter/tasks/setup.yml diff --git a/roles/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2 b/roles/custom/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2 similarity index 100% rename from roles/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2 rename to roles/custom/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2 diff --git a/roles/matrix-prometheus-postgres-exporter/vars/main.yml b/roles/custom/matrix-prometheus-postgres-exporter/vars/main.yml similarity index 100% rename from roles/matrix-prometheus-postgres-exporter/vars/main.yml rename to roles/custom/matrix-prometheus-postgres-exporter/vars/main.yml diff --git a/roles/matrix-prometheus/defaults/main.yml b/roles/custom/matrix-prometheus/defaults/main.yml similarity index 100% rename from roles/matrix-prometheus/defaults/main.yml rename to roles/custom/matrix-prometheus/defaults/main.yml diff --git a/roles/matrix-prometheus/tasks/init.yml b/roles/custom/matrix-prometheus/tasks/init.yml similarity index 100% rename from roles/matrix-prometheus/tasks/init.yml rename to roles/custom/matrix-prometheus/tasks/init.yml diff --git a/roles/matrix-prometheus/tasks/main.yml b/roles/custom/matrix-prometheus/tasks/main.yml similarity index 100% rename from roles/matrix-prometheus/tasks/main.yml rename to roles/custom/matrix-prometheus/tasks/main.yml diff --git a/roles/matrix-prometheus/tasks/setup_install.yml b/roles/custom/matrix-prometheus/tasks/setup_install.yml similarity index 100% rename from roles/matrix-prometheus/tasks/setup_install.yml rename to roles/custom/matrix-prometheus/tasks/setup_install.yml diff --git a/roles/matrix-prometheus/tasks/setup_uninstall.yml b/roles/custom/matrix-prometheus/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-prometheus/tasks/setup_uninstall.yml rename to roles/custom/matrix-prometheus/tasks/setup_uninstall.yml diff --git a/roles/matrix-prometheus/tasks/validate_config.yml b/roles/custom/matrix-prometheus/tasks/validate_config.yml similarity index 100% rename from roles/matrix-prometheus/tasks/validate_config.yml rename to roles/custom/matrix-prometheus/tasks/validate_config.yml diff --git a/roles/matrix-prometheus/templates/prometheus.yml.j2 b/roles/custom/matrix-prometheus/templates/prometheus.yml.j2 similarity index 100% rename from roles/matrix-prometheus/templates/prometheus.yml.j2 rename to roles/custom/matrix-prometheus/templates/prometheus.yml.j2 diff --git a/roles/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 b/roles/custom/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 similarity index 100% rename from roles/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 rename to roles/custom/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 diff --git a/roles/matrix-redis/defaults/main.yml b/roles/custom/matrix-redis/defaults/main.yml similarity index 100% rename from roles/matrix-redis/defaults/main.yml rename to roles/custom/matrix-redis/defaults/main.yml diff --git a/roles/matrix-redis/tasks/init.yml b/roles/custom/matrix-redis/tasks/init.yml similarity index 100% rename from roles/matrix-redis/tasks/init.yml rename to roles/custom/matrix-redis/tasks/init.yml diff --git a/roles/matrix-redis/tasks/main.yml b/roles/custom/matrix-redis/tasks/main.yml similarity index 100% rename from roles/matrix-redis/tasks/main.yml rename to roles/custom/matrix-redis/tasks/main.yml diff --git a/roles/matrix-redis/tasks/setup_redis.yml b/roles/custom/matrix-redis/tasks/setup_redis.yml similarity index 100% rename from roles/matrix-redis/tasks/setup_redis.yml rename to roles/custom/matrix-redis/tasks/setup_redis.yml diff --git a/roles/matrix-redis/templates/redis.conf.j2 b/roles/custom/matrix-redis/templates/redis.conf.j2 similarity index 100% rename from roles/matrix-redis/templates/redis.conf.j2 rename to roles/custom/matrix-redis/templates/redis.conf.j2 diff --git a/roles/matrix-redis/templates/systemd/matrix-redis.service.j2 b/roles/custom/matrix-redis/templates/systemd/matrix-redis.service.j2 similarity index 100% rename from roles/matrix-redis/templates/systemd/matrix-redis.service.j2 rename to roles/custom/matrix-redis/templates/systemd/matrix-redis.service.j2 diff --git a/roles/matrix-registration/defaults/main.yml b/roles/custom/matrix-registration/defaults/main.yml similarity index 100% rename from roles/matrix-registration/defaults/main.yml rename to roles/custom/matrix-registration/defaults/main.yml diff --git a/roles/matrix-registration/tasks/generate_token.yml b/roles/custom/matrix-registration/tasks/generate_token.yml similarity index 100% rename from roles/matrix-registration/tasks/generate_token.yml rename to roles/custom/matrix-registration/tasks/generate_token.yml diff --git a/roles/matrix-registration/tasks/init.yml b/roles/custom/matrix-registration/tasks/init.yml similarity index 100% rename from roles/matrix-registration/tasks/init.yml rename to roles/custom/matrix-registration/tasks/init.yml diff --git a/roles/matrix-registration/tasks/list_tokens.yml b/roles/custom/matrix-registration/tasks/list_tokens.yml similarity index 100% rename from roles/matrix-registration/tasks/list_tokens.yml rename to roles/custom/matrix-registration/tasks/list_tokens.yml diff --git a/roles/matrix-registration/tasks/main.yml b/roles/custom/matrix-registration/tasks/main.yml similarity index 100% rename from roles/matrix-registration/tasks/main.yml rename to roles/custom/matrix-registration/tasks/main.yml diff --git a/roles/matrix-registration/tasks/setup_install.yml b/roles/custom/matrix-registration/tasks/setup_install.yml similarity index 99% rename from roles/matrix-registration/tasks/setup_install.yml rename to roles/custom/matrix-registration/tasks/setup_install.yml index 2f630ef0..cfed9a54 100644 --- a/roles/matrix-registration/tasks/setup_install.yml +++ b/roles/custom/matrix-registration/tasks/setup_install.yml @@ -27,7 +27,7 @@ additional_psql_statements_db_name: "{{ matrix_registration_database_name }}" - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-registration/tasks/setup_uninstall.yml b/roles/custom/matrix-registration/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-registration/tasks/setup_uninstall.yml rename to roles/custom/matrix-registration/tasks/setup_uninstall.yml diff --git a/roles/matrix-registration/tasks/validate_config.yml b/roles/custom/matrix-registration/tasks/validate_config.yml similarity index 100% rename from roles/matrix-registration/tasks/validate_config.yml rename to roles/custom/matrix-registration/tasks/validate_config.yml diff --git a/roles/matrix-registration/templates/config.yaml.j2 b/roles/custom/matrix-registration/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-registration/templates/config.yaml.j2 rename to roles/custom/matrix-registration/templates/config.yaml.j2 diff --git a/roles/matrix-registration/templates/systemd/matrix-registration.service.j2 b/roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2 similarity index 100% rename from roles/matrix-registration/templates/systemd/matrix-registration.service.j2 rename to roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2 diff --git a/roles/matrix-sygnal/defaults/main.yml b/roles/custom/matrix-sygnal/defaults/main.yml similarity index 100% rename from roles/matrix-sygnal/defaults/main.yml rename to roles/custom/matrix-sygnal/defaults/main.yml diff --git a/roles/matrix-sygnal/tasks/init.yml b/roles/custom/matrix-sygnal/tasks/init.yml similarity index 100% rename from roles/matrix-sygnal/tasks/init.yml rename to roles/custom/matrix-sygnal/tasks/init.yml diff --git a/roles/matrix-sygnal/tasks/main.yml b/roles/custom/matrix-sygnal/tasks/main.yml similarity index 100% rename from roles/matrix-sygnal/tasks/main.yml rename to roles/custom/matrix-sygnal/tasks/main.yml diff --git a/roles/matrix-sygnal/tasks/setup_install.yml b/roles/custom/matrix-sygnal/tasks/setup_install.yml similarity index 100% rename from roles/matrix-sygnal/tasks/setup_install.yml rename to roles/custom/matrix-sygnal/tasks/setup_install.yml diff --git a/roles/matrix-sygnal/tasks/setup_uninstall.yml b/roles/custom/matrix-sygnal/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-sygnal/tasks/setup_uninstall.yml rename to roles/custom/matrix-sygnal/tasks/setup_uninstall.yml diff --git a/roles/matrix-sygnal/tasks/validate_config.yml b/roles/custom/matrix-sygnal/tasks/validate_config.yml similarity index 100% rename from roles/matrix-sygnal/tasks/validate_config.yml rename to roles/custom/matrix-sygnal/tasks/validate_config.yml diff --git a/roles/matrix-sygnal/templates/sygnal.yaml.j2 b/roles/custom/matrix-sygnal/templates/sygnal.yaml.j2 similarity index 100% rename from roles/matrix-sygnal/templates/sygnal.yaml.j2 rename to roles/custom/matrix-sygnal/templates/sygnal.yaml.j2 diff --git a/roles/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 b/roles/custom/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 similarity index 100% rename from roles/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 rename to roles/custom/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 diff --git a/roles/matrix-synapse-admin/defaults/main.yml b/roles/custom/matrix-synapse-admin/defaults/main.yml similarity index 100% rename from roles/matrix-synapse-admin/defaults/main.yml rename to roles/custom/matrix-synapse-admin/defaults/main.yml diff --git a/roles/matrix-synapse-admin/tasks/init.yml b/roles/custom/matrix-synapse-admin/tasks/init.yml similarity index 100% rename from roles/matrix-synapse-admin/tasks/init.yml rename to roles/custom/matrix-synapse-admin/tasks/init.yml diff --git a/roles/matrix-synapse-admin/tasks/main.yml b/roles/custom/matrix-synapse-admin/tasks/main.yml similarity index 100% rename from roles/matrix-synapse-admin/tasks/main.yml rename to roles/custom/matrix-synapse-admin/tasks/main.yml diff --git a/roles/matrix-synapse-admin/tasks/setup.yml b/roles/custom/matrix-synapse-admin/tasks/setup.yml similarity index 100% rename from roles/matrix-synapse-admin/tasks/setup.yml rename to roles/custom/matrix-synapse-admin/tasks/setup.yml diff --git a/roles/matrix-synapse-admin/tasks/validate_config.yml b/roles/custom/matrix-synapse-admin/tasks/validate_config.yml similarity index 100% rename from roles/matrix-synapse-admin/tasks/validate_config.yml rename to roles/custom/matrix-synapse-admin/tasks/validate_config.yml diff --git a/roles/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 b/roles/custom/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 similarity index 100% rename from roles/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 rename to roles/custom/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/custom/matrix-synapse/defaults/main.yml similarity index 99% rename from roles/matrix-synapse/defaults/main.yml rename to roles/custom/matrix-synapse/defaults/main.yml index 2028d8b7..ebd55211 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/custom/matrix-synapse/defaults/main.yml @@ -13,7 +13,7 @@ matrix_synapse_container_image_self_build_repo: "https://github.com/matrix-org/s # Feel free to toggle this to `true` yourself and specify build steps in `matrix_synapse_container_image_customizations_dockerfile_body_custom`. # # See: -# - `roles/matrix-synapse/templates/synapse/customizations/Dockerfile.j2` +# - `roles/custom/matrix-synapse/templates/synapse/customizations/Dockerfile.j2` # - `matrix_synapse_container_image_customizations_dockerfile_body_custom` # - `matrix_synapse_docker_image_customized` # - `matrix_synapse_docker_image_final` diff --git a/roles/matrix-synapse/files/workers-doc-to-yaml.awk b/roles/custom/matrix-synapse/files/workers-doc-to-yaml.awk similarity index 100% rename from roles/matrix-synapse/files/workers-doc-to-yaml.awk rename to roles/custom/matrix-synapse/files/workers-doc-to-yaml.awk diff --git a/roles/matrix-synapse/files/workers-doc-to-yaml.sh b/roles/custom/matrix-synapse/files/workers-doc-to-yaml.sh similarity index 100% rename from roles/matrix-synapse/files/workers-doc-to-yaml.sh rename to roles/custom/matrix-synapse/files/workers-doc-to-yaml.sh diff --git a/roles/matrix-synapse/tasks/ext/encryption-disabler/setup.yml b/roles/custom/matrix-synapse/tasks/ext/encryption-disabler/setup.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/encryption-disabler/setup.yml rename to roles/custom/matrix-synapse/tasks/ext/encryption-disabler/setup.yml diff --git a/roles/matrix-synapse/tasks/ext/encryption-disabler/setup_install.yml b/roles/custom/matrix-synapse/tasks/ext/encryption-disabler/setup_install.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/encryption-disabler/setup_install.yml rename to roles/custom/matrix-synapse/tasks/ext/encryption-disabler/setup_install.yml diff --git a/roles/matrix-synapse/tasks/ext/encryption-disabler/setup_uninstall.yml b/roles/custom/matrix-synapse/tasks/ext/encryption-disabler/setup_uninstall.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/encryption-disabler/setup_uninstall.yml rename to roles/custom/matrix-synapse/tasks/ext/encryption-disabler/setup_uninstall.yml diff --git a/roles/matrix-synapse/tasks/ext/ldap-auth/setup.yml b/roles/custom/matrix-synapse/tasks/ext/ldap-auth/setup.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/ldap-auth/setup.yml rename to roles/custom/matrix-synapse/tasks/ext/ldap-auth/setup.yml diff --git a/roles/matrix-synapse/tasks/ext/mjolnir-antispam/setup.yml b/roles/custom/matrix-synapse/tasks/ext/mjolnir-antispam/setup.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/mjolnir-antispam/setup.yml rename to roles/custom/matrix-synapse/tasks/ext/mjolnir-antispam/setup.yml diff --git a/roles/matrix-synapse/tasks/ext/mjolnir-antispam/setup_install.yml b/roles/custom/matrix-synapse/tasks/ext/mjolnir-antispam/setup_install.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/mjolnir-antispam/setup_install.yml rename to roles/custom/matrix-synapse/tasks/ext/mjolnir-antispam/setup_install.yml diff --git a/roles/matrix-synapse/tasks/ext/mjolnir-antispam/setup_uninstall.yml b/roles/custom/matrix-synapse/tasks/ext/mjolnir-antispam/setup_uninstall.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/mjolnir-antispam/setup_uninstall.yml rename to roles/custom/matrix-synapse/tasks/ext/mjolnir-antispam/setup_uninstall.yml diff --git a/roles/matrix-synapse/tasks/ext/rest-auth/setup.yml b/roles/custom/matrix-synapse/tasks/ext/rest-auth/setup.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/rest-auth/setup.yml rename to roles/custom/matrix-synapse/tasks/ext/rest-auth/setup.yml diff --git a/roles/matrix-synapse/tasks/ext/rest-auth/setup_install.yml b/roles/custom/matrix-synapse/tasks/ext/rest-auth/setup_install.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/rest-auth/setup_install.yml rename to roles/custom/matrix-synapse/tasks/ext/rest-auth/setup_install.yml diff --git a/roles/matrix-synapse/tasks/ext/rest-auth/setup_uninstall.yml b/roles/custom/matrix-synapse/tasks/ext/rest-auth/setup_uninstall.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/rest-auth/setup_uninstall.yml rename to roles/custom/matrix-synapse/tasks/ext/rest-auth/setup_uninstall.yml diff --git a/roles/matrix-synapse/tasks/ext/s3-storage-provider/init.yml b/roles/custom/matrix-synapse/tasks/ext/s3-storage-provider/init.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/s3-storage-provider/init.yml rename to roles/custom/matrix-synapse/tasks/ext/s3-storage-provider/init.yml diff --git a/roles/matrix-synapse/tasks/ext/s3-storage-provider/setup.yml b/roles/custom/matrix-synapse/tasks/ext/s3-storage-provider/setup.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/s3-storage-provider/setup.yml rename to roles/custom/matrix-synapse/tasks/ext/s3-storage-provider/setup.yml diff --git a/roles/matrix-synapse/tasks/ext/s3-storage-provider/setup_install.yml b/roles/custom/matrix-synapse/tasks/ext/s3-storage-provider/setup_install.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/s3-storage-provider/setup_install.yml rename to roles/custom/matrix-synapse/tasks/ext/s3-storage-provider/setup_install.yml diff --git a/roles/matrix-synapse/tasks/ext/s3-storage-provider/setup_uninstall.yml b/roles/custom/matrix-synapse/tasks/ext/s3-storage-provider/setup_uninstall.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/s3-storage-provider/setup_uninstall.yml rename to roles/custom/matrix-synapse/tasks/ext/s3-storage-provider/setup_uninstall.yml diff --git a/roles/matrix-synapse/tasks/ext/s3-storage-provider/validate_config.yml b/roles/custom/matrix-synapse/tasks/ext/s3-storage-provider/validate_config.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/s3-storage-provider/validate_config.yml rename to roles/custom/matrix-synapse/tasks/ext/s3-storage-provider/validate_config.yml diff --git a/roles/matrix-synapse/tasks/ext/setup.yml b/roles/custom/matrix-synapse/tasks/ext/setup.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/setup.yml rename to roles/custom/matrix-synapse/tasks/ext/setup.yml diff --git a/roles/matrix-synapse/tasks/ext/shared-secret-auth/setup.yml b/roles/custom/matrix-synapse/tasks/ext/shared-secret-auth/setup.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/shared-secret-auth/setup.yml rename to roles/custom/matrix-synapse/tasks/ext/shared-secret-auth/setup.yml diff --git a/roles/matrix-synapse/tasks/ext/shared-secret-auth/setup_install.yml b/roles/custom/matrix-synapse/tasks/ext/shared-secret-auth/setup_install.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/shared-secret-auth/setup_install.yml rename to roles/custom/matrix-synapse/tasks/ext/shared-secret-auth/setup_install.yml diff --git a/roles/matrix-synapse/tasks/ext/shared-secret-auth/setup_uninstall.yml b/roles/custom/matrix-synapse/tasks/ext/shared-secret-auth/setup_uninstall.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/shared-secret-auth/setup_uninstall.yml rename to roles/custom/matrix-synapse/tasks/ext/shared-secret-auth/setup_uninstall.yml diff --git a/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup.yml b/roles/custom/matrix-synapse/tasks/ext/synapse-simple-antispam/setup.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup.yml rename to roles/custom/matrix-synapse/tasks/ext/synapse-simple-antispam/setup.yml diff --git a/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml b/roles/custom/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml rename to roles/custom/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml diff --git a/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_uninstall.yml b/roles/custom/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_uninstall.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_uninstall.yml rename to roles/custom/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_uninstall.yml diff --git a/roles/matrix-synapse/tasks/goofys/setup.yml b/roles/custom/matrix-synapse/tasks/goofys/setup.yml similarity index 100% rename from roles/matrix-synapse/tasks/goofys/setup.yml rename to roles/custom/matrix-synapse/tasks/goofys/setup.yml diff --git a/roles/matrix-synapse/tasks/goofys/setup_install.yml b/roles/custom/matrix-synapse/tasks/goofys/setup_install.yml similarity index 100% rename from roles/matrix-synapse/tasks/goofys/setup_install.yml rename to roles/custom/matrix-synapse/tasks/goofys/setup_install.yml diff --git a/roles/matrix-synapse/tasks/goofys/setup_uninstall.yml b/roles/custom/matrix-synapse/tasks/goofys/setup_uninstall.yml similarity index 100% rename from roles/matrix-synapse/tasks/goofys/setup_uninstall.yml rename to roles/custom/matrix-synapse/tasks/goofys/setup_uninstall.yml diff --git a/roles/matrix-synapse/tasks/import_media_store.yml b/roles/custom/matrix-synapse/tasks/import_media_store.yml similarity index 100% rename from roles/matrix-synapse/tasks/import_media_store.yml rename to roles/custom/matrix-synapse/tasks/import_media_store.yml diff --git a/roles/matrix-synapse/tasks/init.yml b/roles/custom/matrix-synapse/tasks/init.yml similarity index 100% rename from roles/matrix-synapse/tasks/init.yml rename to roles/custom/matrix-synapse/tasks/init.yml diff --git a/roles/matrix-synapse/tasks/main.yml b/roles/custom/matrix-synapse/tasks/main.yml similarity index 100% rename from roles/matrix-synapse/tasks/main.yml rename to roles/custom/matrix-synapse/tasks/main.yml diff --git a/roles/matrix-synapse/tasks/register_user.yml b/roles/custom/matrix-synapse/tasks/register_user.yml similarity index 100% rename from roles/matrix-synapse/tasks/register_user.yml rename to roles/custom/matrix-synapse/tasks/register_user.yml diff --git a/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml b/roles/custom/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml similarity index 100% rename from roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml rename to roles/custom/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml diff --git a/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml b/roles/custom/matrix-synapse/tasks/rust-synapse-compress-state/main.yml similarity index 100% rename from roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml rename to roles/custom/matrix-synapse/tasks/rust-synapse-compress-state/main.yml diff --git a/roles/matrix-synapse/tasks/self_check_client_api.yml b/roles/custom/matrix-synapse/tasks/self_check_client_api.yml similarity index 100% rename from roles/matrix-synapse/tasks/self_check_client_api.yml rename to roles/custom/matrix-synapse/tasks/self_check_client_api.yml diff --git a/roles/matrix-synapse/tasks/self_check_federation_api.yml b/roles/custom/matrix-synapse/tasks/self_check_federation_api.yml similarity index 100% rename from roles/matrix-synapse/tasks/self_check_federation_api.yml rename to roles/custom/matrix-synapse/tasks/self_check_federation_api.yml diff --git a/roles/matrix-synapse/tasks/setup_synapse.yml b/roles/custom/matrix-synapse/tasks/setup_synapse.yml similarity index 100% rename from roles/matrix-synapse/tasks/setup_synapse.yml rename to roles/custom/matrix-synapse/tasks/setup_synapse.yml diff --git a/roles/matrix-synapse/tasks/synapse/setup.yml b/roles/custom/matrix-synapse/tasks/synapse/setup.yml similarity index 100% rename from roles/matrix-synapse/tasks/synapse/setup.yml rename to roles/custom/matrix-synapse/tasks/synapse/setup.yml diff --git a/roles/matrix-synapse/tasks/synapse/setup_install.yml b/roles/custom/matrix-synapse/tasks/synapse/setup_install.yml similarity index 100% rename from roles/matrix-synapse/tasks/synapse/setup_install.yml rename to roles/custom/matrix-synapse/tasks/synapse/setup_install.yml diff --git a/roles/matrix-synapse/tasks/synapse/setup_uninstall.yml b/roles/custom/matrix-synapse/tasks/synapse/setup_uninstall.yml similarity index 100% rename from roles/matrix-synapse/tasks/synapse/setup_uninstall.yml rename to roles/custom/matrix-synapse/tasks/synapse/setup_uninstall.yml diff --git a/roles/matrix-synapse/tasks/synapse/workers/init.yml b/roles/custom/matrix-synapse/tasks/synapse/workers/init.yml similarity index 100% rename from roles/matrix-synapse/tasks/synapse/workers/init.yml rename to roles/custom/matrix-synapse/tasks/synapse/workers/init.yml diff --git a/roles/matrix-synapse/tasks/synapse/workers/setup.yml b/roles/custom/matrix-synapse/tasks/synapse/workers/setup.yml similarity index 100% rename from roles/matrix-synapse/tasks/synapse/workers/setup.yml rename to roles/custom/matrix-synapse/tasks/synapse/workers/setup.yml diff --git a/roles/matrix-synapse/tasks/synapse/workers/setup_install.yml b/roles/custom/matrix-synapse/tasks/synapse/workers/setup_install.yml similarity index 100% rename from roles/matrix-synapse/tasks/synapse/workers/setup_install.yml rename to roles/custom/matrix-synapse/tasks/synapse/workers/setup_install.yml diff --git a/roles/matrix-synapse/tasks/synapse/workers/setup_uninstall.yml b/roles/custom/matrix-synapse/tasks/synapse/workers/setup_uninstall.yml similarity index 100% rename from roles/matrix-synapse/tasks/synapse/workers/setup_uninstall.yml rename to roles/custom/matrix-synapse/tasks/synapse/workers/setup_uninstall.yml diff --git a/roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml b/roles/custom/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml similarity index 100% rename from roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml rename to roles/custom/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml diff --git a/roles/matrix-synapse/tasks/synapse/workers/util/setup_files_for_worker.yml b/roles/custom/matrix-synapse/tasks/synapse/workers/util/setup_files_for_worker.yml similarity index 100% rename from roles/matrix-synapse/tasks/synapse/workers/util/setup_files_for_worker.yml rename to roles/custom/matrix-synapse/tasks/synapse/workers/util/setup_files_for_worker.yml diff --git a/roles/matrix-synapse/tasks/update_user_password.yml b/roles/custom/matrix-synapse/tasks/update_user_password.yml similarity index 100% rename from roles/matrix-synapse/tasks/update_user_password.yml rename to roles/custom/matrix-synapse/tasks/update_user_password.yml diff --git a/roles/matrix-synapse/tasks/validate_config.yml b/roles/custom/matrix-synapse/tasks/validate_config.yml similarity index 100% rename from roles/matrix-synapse/tasks/validate_config.yml rename to roles/custom/matrix-synapse/tasks/validate_config.yml diff --git a/roles/matrix-synapse/templates/goofys/env-goofys.j2 b/roles/custom/matrix-synapse/templates/goofys/env-goofys.j2 similarity index 100% rename from roles/matrix-synapse/templates/goofys/env-goofys.j2 rename to roles/custom/matrix-synapse/templates/goofys/env-goofys.j2 diff --git a/roles/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 b/roles/custom/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 similarity index 100% rename from roles/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 rename to roles/custom/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 diff --git a/roles/matrix-synapse/templates/synapse/customizations/Dockerfile.j2 b/roles/custom/matrix-synapse/templates/synapse/customizations/Dockerfile.j2 similarity index 100% rename from roles/matrix-synapse/templates/synapse/customizations/Dockerfile.j2 rename to roles/custom/matrix-synapse/templates/synapse/customizations/Dockerfile.j2 diff --git a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/database.yaml.j2 b/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/database.yaml.j2 similarity index 100% rename from roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/database.yaml.j2 rename to roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/database.yaml.j2 diff --git a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/env.j2 b/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/env.j2 similarity index 100% rename from roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/env.j2 rename to roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/env.j2 diff --git a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/media_storage_provider.yaml.j2 b/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/media_storage_provider.yaml.j2 similarity index 100% rename from roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/media_storage_provider.yaml.j2 rename to roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/media_storage_provider.yaml.j2 diff --git a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.service.j2 b/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.service.j2 similarity index 100% rename from roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.service.j2 rename to roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.service.j2 diff --git a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.timer.j2 b/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.timer.j2 similarity index 100% rename from roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.timer.j2 rename to roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.timer.j2 diff --git a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-migrate.j2 b/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-migrate.j2 similarity index 100% rename from roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-migrate.j2 rename to roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-migrate.j2 diff --git a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-shell.j2 b/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-shell.j2 similarity index 100% rename from roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-shell.j2 rename to roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-shell.j2 diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 similarity index 100% rename from roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 rename to roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 diff --git a/roles/matrix-synapse/templates/synapse/prometheus/external_prometheus.yml.example.j2 b/roles/custom/matrix-synapse/templates/synapse/prometheus/external_prometheus.yml.example.j2 similarity index 100% rename from roles/matrix-synapse/templates/synapse/prometheus/external_prometheus.yml.example.j2 rename to roles/custom/matrix-synapse/templates/synapse/prometheus/external_prometheus.yml.example.j2 diff --git a/roles/matrix-synapse/templates/synapse/synapse.log.config.j2 b/roles/custom/matrix-synapse/templates/synapse/synapse.log.config.j2 similarity index 100% rename from roles/matrix-synapse/templates/synapse/synapse.log.config.j2 rename to roles/custom/matrix-synapse/templates/synapse/synapse.log.config.j2 diff --git a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 b/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 similarity index 100% rename from roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 rename to roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 diff --git a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 b/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 similarity index 100% rename from roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 rename to roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 diff --git a/roles/matrix-synapse/templates/synapse/usr-local-bin/matrix-synapse-register-user.j2 b/roles/custom/matrix-synapse/templates/synapse/usr-local-bin/matrix-synapse-register-user.j2 similarity index 100% rename from roles/matrix-synapse/templates/synapse/usr-local-bin/matrix-synapse-register-user.j2 rename to roles/custom/matrix-synapse/templates/synapse/usr-local-bin/matrix-synapse-register-user.j2 diff --git a/roles/matrix-synapse/templates/synapse/worker.yaml.j2 b/roles/custom/matrix-synapse/templates/synapse/worker.yaml.j2 similarity index 100% rename from roles/matrix-synapse/templates/synapse/worker.yaml.j2 rename to roles/custom/matrix-synapse/templates/synapse/worker.yaml.j2 diff --git a/roles/matrix-synapse/vars/main.yml b/roles/custom/matrix-synapse/vars/main.yml similarity index 100% rename from roles/matrix-synapse/vars/main.yml rename to roles/custom/matrix-synapse/vars/main.yml diff --git a/roles/matrix-synapse/vars/workers.yml b/roles/custom/matrix-synapse/vars/workers.yml similarity index 100% rename from roles/matrix-synapse/vars/workers.yml rename to roles/custom/matrix-synapse/vars/workers.yml diff --git a/roles/matrix-user-creator/defaults/main.yml b/roles/custom/matrix-user-creator/defaults/main.yml similarity index 100% rename from roles/matrix-user-creator/defaults/main.yml rename to roles/custom/matrix-user-creator/defaults/main.yml diff --git a/roles/matrix-user-creator/tasks/main.yml b/roles/custom/matrix-user-creator/tasks/main.yml similarity index 100% rename from roles/matrix-user-creator/tasks/main.yml rename to roles/custom/matrix-user-creator/tasks/main.yml diff --git a/roles/matrix-user-creator/tasks/setup.yml b/roles/custom/matrix-user-creator/tasks/setup.yml similarity index 100% rename from roles/matrix-user-creator/tasks/setup.yml rename to roles/custom/matrix-user-creator/tasks/setup.yml diff --git a/roles/matrix-user-creator/tasks/util/ensure_user_registered_conduit.yml b/roles/custom/matrix-user-creator/tasks/util/ensure_user_registered_conduit.yml similarity index 100% rename from roles/matrix-user-creator/tasks/util/ensure_user_registered_conduit.yml rename to roles/custom/matrix-user-creator/tasks/util/ensure_user_registered_conduit.yml diff --git a/roles/matrix-user-creator/tasks/util/ensure_user_registered_dendrite.yml b/roles/custom/matrix-user-creator/tasks/util/ensure_user_registered_dendrite.yml similarity index 100% rename from roles/matrix-user-creator/tasks/util/ensure_user_registered_dendrite.yml rename to roles/custom/matrix-user-creator/tasks/util/ensure_user_registered_dendrite.yml diff --git a/roles/matrix-user-creator/tasks/util/ensure_user_registered_synapse.yml b/roles/custom/matrix-user-creator/tasks/util/ensure_user_registered_synapse.yml similarity index 100% rename from roles/matrix-user-creator/tasks/util/ensure_user_registered_synapse.yml rename to roles/custom/matrix-user-creator/tasks/util/ensure_user_registered_synapse.yml diff --git a/roles/matrix-user-creator/tasks/util/validate_user.yml b/roles/custom/matrix-user-creator/tasks/util/validate_user.yml similarity index 100% rename from roles/matrix-user-creator/tasks/util/validate_user.yml rename to roles/custom/matrix-user-creator/tasks/util/validate_user.yml diff --git a/roles/matrix-user-creator/vars/main.yml b/roles/custom/matrix-user-creator/vars/main.yml similarity index 100% rename from roles/matrix-user-creator/vars/main.yml rename to roles/custom/matrix-user-creator/vars/main.yml diff --git a/setup.yml b/setup.yml index b4179354..906c3bdf 100755 --- a/setup.yml +++ b/setup.yml @@ -4,73 +4,73 @@ become: true vars_files: - - roles/matrix-synapse/vars/workers.yml + - roles/custom/matrix-synapse/vars/workers.yml roles: - - matrix-base - - matrix-dynamic-dns - - matrix-mailer - - matrix-postgres - - matrix-redis - - matrix-corporal - - matrix-bridge-appservice-discord - - matrix-bridge-appservice-slack - - matrix-bridge-appservice-webhooks - - matrix-bridge-appservice-irc - - matrix-bridge-appservice-kakaotalk - - matrix-bridge-beeper-linkedin - - matrix-bridge-go-skype-bridge - - matrix-bridge-mautrix-facebook - - matrix-bridge-mautrix-twitter - - matrix-bridge-mautrix-hangouts - - matrix-bridge-mautrix-googlechat - - matrix-bridge-mautrix-instagram - - matrix-bridge-mautrix-signal - - matrix-bridge-mautrix-telegram - - matrix-bridge-mautrix-whatsapp - - matrix-bridge-mautrix-discord - - matrix-bridge-mx-puppet-discord - - matrix-bridge-mx-puppet-groupme - - matrix-bridge-mx-puppet-steam - - matrix-bridge-mx-puppet-slack - - matrix-bridge-mx-puppet-twitter - - matrix-bridge-mx-puppet-instagram - - matrix-bridge-sms - - matrix-bridge-heisenbridge - - matrix-bridge-hookshot - - matrix-bot-matrix-reminder-bot - - matrix-bot-matrix-registration-bot - - matrix-bot-maubot - - matrix-bot-buscarron - - matrix-bot-honoroit - - matrix-bot-postmoogle - - matrix-bot-go-neb - - matrix-bot-mjolnir - - matrix-cactus-comments - - matrix-synapse - - matrix-dendrite - - matrix-conduit - - matrix-synapse-admin - - matrix-prometheus-node-exporter - - matrix-prometheus-postgres-exporter - - matrix-prometheus - - matrix-grafana - - matrix-registration - - matrix-client-element - - matrix-client-hydrogen - - matrix-client-cinny - - matrix-jitsi - - matrix-ldap-registration-proxy - - matrix-ma1sd - - matrix-dimension - - matrix-etherpad - - matrix-email2matrix - - matrix-sygnal - - matrix-ntfy - - matrix-nginx-proxy - - matrix-coturn - - matrix-aux - - matrix-postgres-backup - - matrix-backup-borg - - matrix-user-creator - - matrix-common-after + - custom/matrix-base + - custom/matrix-dynamic-dns + - custom/matrix-mailer + - custom/matrix-postgres + - custom/matrix-redis + - custom/matrix-corporal + - custom/matrix-bridge-appservice-discord + - custom/matrix-bridge-appservice-slack + - custom/matrix-bridge-appservice-webhooks + - custom/matrix-bridge-appservice-irc + - custom/matrix-bridge-appservice-kakaotalk + - custom/matrix-bridge-beeper-linkedin + - custom/matrix-bridge-go-skype-bridge + - custom/matrix-bridge-mautrix-facebook + - custom/matrix-bridge-mautrix-twitter + - custom/matrix-bridge-mautrix-hangouts + - custom/matrix-bridge-mautrix-googlechat + - custom/matrix-bridge-mautrix-instagram + - custom/matrix-bridge-mautrix-signal + - custom/matrix-bridge-mautrix-telegram + - custom/matrix-bridge-mautrix-whatsapp + - custom/matrix-bridge-mautrix-discord + - custom/matrix-bridge-mx-puppet-discord + - custom/matrix-bridge-mx-puppet-groupme + - custom/matrix-bridge-mx-puppet-steam + - custom/matrix-bridge-mx-puppet-slack + - custom/matrix-bridge-mx-puppet-twitter + - custom/matrix-bridge-mx-puppet-instagram + - custom/matrix-bridge-sms + - custom/matrix-bridge-heisenbridge + - custom/matrix-bridge-hookshot + - custom/matrix-bot-matrix-reminder-bot + - custom/matrix-bot-matrix-registration-bot + - custom/matrix-bot-maubot + - custom/matrix-bot-buscarron + - custom/matrix-bot-honoroit + - custom/matrix-bot-postmoogle + - custom/matrix-bot-go-neb + - custom/matrix-bot-mjolnir + - custom/matrix-cactus-comments + - custom/matrix-synapse + - custom/matrix-dendrite + - custom/matrix-conduit + - custom/matrix-synapse-admin + - custom/matrix-prometheus-node-exporter + - custom/matrix-prometheus-postgres-exporter + - custom/matrix-prometheus + - custom/matrix-grafana + - custom/matrix-registration + - custom/matrix-client-element + - custom/matrix-client-hydrogen + - custom/matrix-client-cinny + - custom/matrix-jitsi + - custom/matrix-ldap-registration-proxy + - custom/matrix-ma1sd + - custom/matrix-dimension + - custom/matrix-etherpad + - custom/matrix-email2matrix + - custom/matrix-sygnal + - custom/matrix-ntfy + - custom/matrix-nginx-proxy + - custom/matrix-coturn + - custom/matrix-aux + - custom/matrix-postgres-backup + - custom/matrix-backup-borg + - custom/matrix-user-creator + - custom/matrix-common-after From a3319b1dc242b22911fb43fbf523d82f86677b36 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 3 Nov 2022 09:16:54 +0200 Subject: [PATCH 519/562] Adjust .gitignore Related to 410a915a8ab72a2 --- .gitignore | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 36c65bda..0b64b859 100644 --- a/.gitignore +++ b/.gitignore @@ -2,6 +2,10 @@ !/inventory/.gitkeep !/inventory/host_vars/.gitkeep !/inventory/scripts -/roles/*/files/scratchpad +/roles/**/files/scratchpad .DS_Store .python-version + +# ignore roles pulled by ansible-galaxy +/roles/galaxy/* +!/roles/galaxy/.gitkeep From 995ef460e73699ea07d48f7e4b260856f2da85e1 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 3 Nov 2022 11:46:12 +0200 Subject: [PATCH 520/562] Upgrade appservice-discord (3.0.0 -> 3.1.0) --- roles/custom/matrix-bridge-appservice-discord/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-bridge-appservice-discord/defaults/main.yml b/roles/custom/matrix-bridge-appservice-discord/defaults/main.yml index 4a3eddab..9e061d67 100644 --- a/roles/custom/matrix-bridge-appservice-discord/defaults/main.yml +++ b/roles/custom/matrix-bridge-appservice-discord/defaults/main.yml @@ -5,7 +5,7 @@ matrix_appservice_discord_enabled: false matrix_appservice_discord_container_image_self_build: false -matrix_appservice_discord_version: v3.0.0 +matrix_appservice_discord_version: v3.1.0 matrix_appservice_discord_docker_image: "{{ matrix_appservice_discord_docker_image_name_prefix }}matrix-org/matrix-appservice-discord:{{ matrix_appservice_discord_version }}" matrix_appservice_discord_docker_image_name_prefix: "{{ 'localhost/' if matrix_appservice_discord_container_image_self_build else 'ghcr.io/' }}" matrix_appservice_discord_docker_image_force_pull: "{{ matrix_appservice_discord_docker_image.endswith(':latest') }}" From 4cbea602dd66844a5ef04953a8b8cfcc67fa13cd Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 3 Nov 2022 11:50:34 +0200 Subject: [PATCH 521/562] Sync appservice-discord configuration with upstream --- .../templates/config.yaml.j2 | 46 ++++++++++++------- 1 file changed, 30 insertions(+), 16 deletions(-) diff --git a/roles/custom/matrix-bridge-appservice-discord/templates/config.yaml.j2 b/roles/custom/matrix-bridge-appservice-discord/templates/config.yaml.j2 index a530af2e..2309be44 100644 --- a/roles/custom/matrix-bridge-appservice-discord/templates/config.yaml.j2 +++ b/roles/custom/matrix-bridge-appservice-discord/templates/config.yaml.j2 @@ -18,6 +18,9 @@ bridge: disableTypingNotifications: false # Disable deleting messages on Discord if a message is redacted on Matrix. disableDeletionForwarding: false + # Disable portal bridging, where Matrix users can search for unbridged Discord + # rooms on their Matrix server. + disablePortalBridging: {{ matrix_appservice_discord_bridge_disablePortalBridging|to_json }} # Enable users to bridge rooms using !discord commands. See # https://t2bot.io/discord for instructions. enableSelfServiceBridging: {{ matrix_appservice_discord_bridge_enableSelfServiceBridging|to_json }} @@ -28,10 +31,14 @@ bridge: disableJoinLeaveNotifications: false # Disable Invite echos from matrix disableInviteNotifications: false - # Disable portal briding (automatic room creation) - disablePortalBridging: {{ matrix_appservice_discord_bridge_disablePortalBridging|to_json }} + # Disable Room Topic echos from matrix + disableRoomTopicNotifications: false # Auto-determine the language of code blocks (this can be CPU-intensive) determineCodeLanguage: false + # MXID of an admin user that will be PMd if the bridge experiences problems. Optional + adminMxid: {{ matrix_admin | to_json }} + # The message to send to the bridge admin if the Discord token is not valid + invalidTokenMessage: 'Your Discord bot token seems to be invalid, and the bridge cannot function. Please update it in your bridge settings and restart the bridge' # Authentication configuration for the discord bot. auth: clientID: {{ matrix_appservice_discord_client_id | string|to_json }} @@ -75,20 +82,20 @@ channel: namePattern: "[Discord] :guild :name" # Changes made to rooms when a channel is deleted. deleteOptions: - # Prefix the room name with a string. - #namePrefix: "[Deleted]" - # Prefix the room topic with a string. - #topicPrefix: "This room has been deleted" - # Disable people from talking in the room by raising the event PL to 50 - disableMessaging: false - # Remove the discord alias from the room. - unsetRoomAlias: true - # Remove the room from the directory. - unlistFromDirectory: true - # Set the room to be unavaliable for joining without an invite. - setInviteOnly: true - # Make all the discord users leave the room. - ghostsLeave: true + # Prefix the room name with a string. + #namePrefix: "[Deleted]" + # Prefix the room topic with a string. + #topicPrefix: "This room has been deleted" + # Disable people from talking in the room by raising the event PL to 50 + disableMessaging: false + # Remove the discord alias from the room. + unsetRoomAlias: true + # Remove the room from the directory. + unlistFromDirectory: true + # Set the room to be unavailable for joining without an invite. + setInviteOnly: true + # Make all the discord users leave the room. + ghostsLeave: true limits: # Delay in milliseconds between discord users joining a room. roomGhostJoinDelay: 6000 @@ -98,8 +105,15 @@ limits: # echos = (Copies of a sent message may arrive from discord before we've # fininished handling it, causing us to echo it back to the room) discordSendDelay: 1500 + # Set a maximum of rooms to be bridged. + # roomCount: 20 ghosts: # Pattern for the ghosts nick, available is :nick, :username, :tag and :id nickPattern: ":nick" # Pattern for the ghosts username, available is :username, :tag and :id usernamePattern: ":username#:tag" +# Prometheus-compatible metrics endpoint +metrics: + enable: false + port: 9001 + host: "127.0.0.1" From 83c40fce1583787ad5ab2eba996d40eab7f0c87a Mon Sep 17 00:00:00 2001 From: Aine Date: Fri, 4 Nov 2022 11:36:10 +0200 Subject: [PATCH 522/562] standalone etherpad --- docs/configuring-dns.md | 3 + docs/configuring-playbook-etherpad.md | 31 ++--- group_vars/matrix_servers | 5 + roles/custom/matrix-base/defaults/main.yml | 3 + .../custom/matrix-etherpad/defaults/main.yml | 1 + roles/custom/matrix-etherpad/tasks/init.yml | 2 +- .../matrix-etherpad/tasks/validate_config.yml | 6 - .../matrix-nginx-proxy/defaults/main.yml | 7 ++ .../tasks/setup_nginx_proxy.yml | 7 ++ .../nginx/conf.d/matrix-etherpad.conf.j2 | 108 ++++++++++++++++++ 10 files changed, 152 insertions(+), 21 deletions(-) create mode 100644 roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-etherpad.conf.j2 diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index 3803ba8f..d7ccf17e 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -39,6 +39,7 @@ When you're done configuring DNS, proceed to [Configuring the playbook](configur | [Go-NEB](configuring-playbook-bot-go-neb.md) bot | CNAME | `goneb` | - | - | - | `matrix.` | | [Sygnal](configuring-playbook-sygnal.md) push notification gateway | CNAME | `sygnal` | - | - | - | `matrix.` | | [ntfy](configuring-playbook-ntfy.md) push notifications server | CNAME | `ntfy` | - | - | - | `matrix.` | +| [Etherpad](configuring-playbook-etherpad.md) collaborative text editor | CNAME | `etherpad` | - | - | - | `matrix.` | | [Hydrogen](configuring-playbook-client-hydrogen.md) web client | CNAME | `hydrogen` | - | - | - | `matrix.` | | [Cinny](configuring-playbook-client-cinny.md) web client | CNAME | `cinny` | - | - | - | `matrix.` | | [Buscarron](configuring-playbook-bot-buscarron.md) helpdesk bot | CNAME | `buscarron` | - | - | - | `matrix.` | @@ -68,6 +69,8 @@ The `sygnal.` subdomain may be necessary, because this playbook cou The `ntfy.` subdomain may be necessary, because this playbook could install the [ntfy](https://ntfy.sh/) UnifiedPush-compatible push notifications server. The installation of ntfy is disabled by default, it is not a core required component. To learn how to install it, see our [configuring ntfy guide](configuring-playbook-ntfy.md). If you do not wish to set up ntfy, feel free to skip the `ntfy.` DNS record. +The `etherpad.` subdomain may be necessary, because this playbook could install the [Etherpad](https://etherpad.org/) a highly customizable open source online editor providing collaborative editing in really real-time. The installation of etherpad is disabled by default, it is not a core required component. To learn how to install it, see our [configuring etherpad guide](configuring-playbook-etherpad.md). If you do not wish to set up etherpad, feel free to skip the `etherpad.` DNS record. + The `hydrogen.` subdomain may be necessary, because this playbook could install the [Hydrogen](https://github.com/vector-im/hydrogen-web) web client. The installation of Hydrogen is disabled by default, it is not a core required component. To learn how to install it, see our [configuring Hydrogen guide](configuring-playbook-client-hydrogen.md). If you do not wish to set up Hydrogen, feel free to skip the `hydrogen.` DNS record. The `cinny.` subdomain may be necessary, because this playbook could install the [Cinny](https://github.com/ajbura/cinny) web client. The installation of cinny is disabled by default, it is not a core required component. To learn how to install it, see our [configuring cinny guide](configuring-playbook-client-cinny.md). If you do not wish to set up cinny, feel free to skip the `cinny.` DNS record. diff --git a/docs/configuring-playbook-etherpad.md b/docs/configuring-playbook-etherpad.md index 4c38bb3c..3214d861 100644 --- a/docs/configuring-playbook-etherpad.md +++ b/docs/configuring-playbook-etherpad.md @@ -1,12 +1,14 @@ # Setting up Etherpad (optional) -[Etherpad](https://etherpad.org) is is an open source collaborative text editor that can be embedded in a Matrix chat room using the [Dimension integrations manager](https://dimension.t2bot.io) +[Etherpad](https://etherpad.org) is is an open source collaborative text editor that can be embedded in a Matrix chat room using the [Dimension integrations manager](https://dimension.t2bot.io) or used as standalone web app When enabled together with the Jitsi audio/video conferencing system (see [our docs on Jitsi](configuring-playbook-jitsi.md)), it will be made available as an option during the conferences. ## Prerequisites -For the self-hosted Etherpad instance to be available to your users, you must first enable and configure the **Dimension integrations manager** as described in [the playbook documentation](configuring-playbook-dimension.md) +The `etherpad.` DNS record must be created. See [Configuring your DNS server](configuring-dns.md) on how to set up DNS record correctly. + +You may enable and configure the **Dimension integrations manager** as described in [the playbook documentation](configuring-playbook-dimension.md) to integrate etherpad with Dimension. ## Installing @@ -16,16 +18,7 @@ For the self-hosted Etherpad instance to be available to your users, you must fi matrix_etherpad_enabled: true ``` -## Set Dimension default to the self-hosted Etherpad - -The Dimension administrator users can configure the default URL template. The Dimension configuration menu can be accessed with the sprocket icon as you begin to add a widget to a room in Element. There you will find the Etherpad Widget Configuration action beneath the _Widgets_ tab. Replace `scalar.vector.im` with your own Dimension domain. - -### Removing the integrated Etherpad chat - -If you wish to disable the Etherpad chat button, you can do it by appending `?showChat=false` to the end of the pad URL, or the template. -Example: `https://dimension./etherpad/p/$roomId_$padName?showChat=false` - -### Etherpad Admin access (optional) +## Etherpad Admin access (optional) Etherpad comes with a admin web-UI which is disabled by default. You can enable it by setting a username and password in your configuration file (`inventory/host_vars/matrix./vars.yml`): @@ -36,11 +29,21 @@ matrix_etherpad_admin_password: some-password The admin web-UI should then be available on: `https://dimension./etherpad/admin` -### Managing / Deleting old pads +## Managing / Deleting old pads If you want to manage and remove old unused pads from Etherpad, you will first need to able Admin access as described above. -Then from the plugin manager page (`https://dimension./etherpad/admin/plugins`), install the `adminpads2` plugin. Once installed, you should have a "Manage pads" section in the Admin web-UI. +Then from the plugin manager page (`https://etherpad./admin/plugins` or `https://dimension./etherpad/admin/plugins`), install the `adminpads2` plugin. Once installed, you should have a "Manage pads" section in the Admin web-UI. + +## Set Dimension default to the self-hosted Etherpad (optional) + +If you decided to install [Dimension integration manager](configuring-playbook-dimension.md) alongside with Etherpad, +the Dimension administrator users can configure the default URL template. The Dimension configuration menu can be accessed with the sprocket icon as you begin to add a widget to a room in Element. There you will find the Etherpad Widget Configuration action beneath the _Widgets_ tab. Replace `scalar.vector.im` with your own Dimension domain. + +### Removing the integrated Etherpad chat + +If you wish to disable the Etherpad chat button, you can do it by appending `?showChat=false` to the end of the pad URL, or the template. +Example: `https://dimension./etherpad/p/$roomId_$padName?showChat=false` ## Known issues diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 2e3a217c..26e5b35f 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1486,6 +1486,8 @@ matrix_etherpad_enabled: false matrix_etherpad_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:9001' }}" +matrix_etherpad_base_url: "{{ 'https://'+ matrix_server_fqn_dimension + matrix_etherpad_public_endpoint if matrix_dimension_enabled else 'https://' + matrix_server_fqn_etherpad + '/' }}" + matrix_etherpad_systemd_required_services_list: | {{ ['docker.service'] @@ -1710,6 +1712,7 @@ matrix_nginx_proxy_proxy_hydrogen_enabled: "{{ matrix_client_hydrogen_enabled }} matrix_nginx_proxy_proxy_cinny_enabled: "{{ matrix_client_cinny_enabled }}" matrix_nginx_proxy_proxy_buscarron_enabled: "{{ matrix_bot_buscarron_enabled }}" matrix_nginx_proxy_proxy_dimension_enabled: "{{ matrix_dimension_enabled }}" +matrix_nginx_proxy_proxy_etherpad_enabled: "{{ matrix_etherpad_enabled }}" matrix_nginx_proxy_proxy_bot_go_neb_enabled: "{{ matrix_bot_go_neb_enabled }}" matrix_nginx_proxy_proxy_jitsi_enabled: "{{ matrix_jitsi_enabled }}" matrix_nginx_proxy_proxy_grafana_enabled: "{{ matrix_grafana_enabled }}" @@ -1837,6 +1840,8 @@ matrix_ssl_domains_to_obtain_certificates_for: | + ([matrix_server_fqn_dimension] if matrix_dimension_enabled else []) + + ([matrix_server_fqn_etherpad] if matrix_etherpad_enabled else []) + + ([matrix_server_fqn_bot_go_neb] if matrix_bot_go_neb_enabled else []) + ([matrix_server_fqn_jitsi] if matrix_jitsi_enabled else []) diff --git a/roles/custom/matrix-base/defaults/main.yml b/roles/custom/matrix-base/defaults/main.yml index 52049ed5..02e26a93 100644 --- a/roles/custom/matrix-base/defaults/main.yml +++ b/roles/custom/matrix-base/defaults/main.yml @@ -62,6 +62,9 @@ matrix_server_fqn_buscarron: "buscarron.{{ matrix_domain }}" # This is where you access the Dimension. matrix_server_fqn_dimension: "dimension.{{ matrix_domain }}" +# This is where you access the etherpad (if enabled via matrix_etherpad_enabled; disabled by default). +matrix_server_fqn_etherpad: "etherpad.{{ matrix_domain }}" + # For use with Go-NEB! (github callback url for example) matrix_server_fqn_bot_go_neb: "goneb.{{ matrix_domain }}" diff --git a/roles/custom/matrix-etherpad/defaults/main.yml b/roles/custom/matrix-etherpad/defaults/main.yml index 8281f27f..35d24090 100644 --- a/roles/custom/matrix-etherpad/defaults/main.yml +++ b/roles/custom/matrix-etherpad/defaults/main.yml @@ -28,6 +28,7 @@ matrix_etherpad_container_http_host_bind_port: '' # A list of extra arguments to pass to the container matrix_etherpad_container_extra_arguments: [] +# Used for dimension only matrix_etherpad_public_endpoint: '/etherpad' # By default, the Etherpad app can be accessed within the Dimension domain diff --git a/roles/custom/matrix-etherpad/tasks/init.yml b/roles/custom/matrix-etherpad/tasks/init.yml index cfd127bd..c787548c 100644 --- a/roles/custom/matrix-etherpad/tasks/init.yml +++ b/roles/custom/matrix-etherpad/tasks/init.yml @@ -4,7 +4,7 @@ matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-etherpad.service'] }}" when: matrix_etherpad_enabled | bool -- when: matrix_etherpad_enabled | bool +- when: matrix_etherpad_enabled | bool and matrix_dimension_enabled | default(False) | bool tags: - always block: diff --git a/roles/custom/matrix-etherpad/tasks/validate_config.yml b/roles/custom/matrix-etherpad/tasks/validate_config.yml index bf78c36f..9832b0b8 100644 --- a/roles/custom/matrix-etherpad/tasks/validate_config.yml +++ b/roles/custom/matrix-etherpad/tasks/validate_config.yml @@ -1,11 +1,5 @@ --- -- name: Fail if Etherpad is enabled without the Dimension integrations manager - ansible.builtin.fail: - msg: >- - To integrate Etherpad notes with Matrix rooms you need to set "matrix_dimension_enabled" to true - when: "not matrix_dimension_enabled | bool" - - name: Fail if no database is configured for Etherpad ansible.builtin.fail: msg: >- diff --git a/roles/custom/matrix-nginx-proxy/defaults/main.yml b/roles/custom/matrix-nginx-proxy/defaults/main.yml index ca4a15e7..b7d4819d 100644 --- a/roles/custom/matrix-nginx-proxy/defaults/main.yml +++ b/roles/custom/matrix-nginx-proxy/defaults/main.yml @@ -192,6 +192,10 @@ matrix_nginx_proxy_proxy_matrix_federation_port: 8448 matrix_nginx_proxy_proxy_dimension_enabled: false matrix_nginx_proxy_proxy_dimension_hostname: "{{ matrix_server_fqn_dimension }}" +# Controls whether proxying the etherpad domain should be done. +matrix_nginx_proxy_proxy_etherpad_enabled: false +matrix_nginx_proxy_proxy_etherpad_hostname: "{{ matrix_server_fqn_etherpad }}" + # Controls whether proxying the goneb domain should be done. matrix_nginx_proxy_proxy_bot_go_neb_enabled: false matrix_nginx_proxy_proxy_bot_go_neb_hostname: "{{ matrix_server_fqn_bot_go_neb }}" @@ -373,6 +377,9 @@ matrix_nginx_proxy_proxy_buscarron_additional_server_configuration_blocks: [] # A list of strings containing additional configuration blocks to add to Dimension's server configuration (matrix-dimension.conf). matrix_nginx_proxy_proxy_dimension_additional_server_configuration_blocks: [] +# A list of strings containing additional configuration blocks to add to etherpad's server configuration (matrix-etherpad.conf). +matrix_nginx_proxy_proxy_etherpad_additional_server_configuration_blocks: [] + # A list of strings containing additional configuration blocks to add to GoNEB's server configuration (matrix-bot-go-neb.conf). matrix_nginx_proxy_proxy_bot_go_neb_additional_server_configuration_blocks: [] diff --git a/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml b/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml index 11a1cc06..3892550f 100644 --- a/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml +++ b/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml @@ -123,6 +123,13 @@ mode: 0644 when: matrix_nginx_proxy_proxy_dimension_enabled | bool +- name: Ensure Matrix nginx-proxy configuration for etherpad domain exists + ansible.builtin.template: + src: "{{ role_path }}/templates/nginx/conf.d/matrix-etherpad.conf.j2" + dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-etherpad.conf" + mode: 0644 + when: matrix_nginx_proxy_proxy_etherpad_enabled | bool + - name: Ensure Matrix nginx-proxy configuration for goneb domain exists ansible.builtin.template: src: "{{ role_path }}/templates/nginx/conf.d/matrix-bot-go-neb.conf.j2" diff --git a/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-etherpad.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-etherpad.conf.j2 new file mode 100644 index 00000000..8cad9ee3 --- /dev/null +++ b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-etherpad.conf.j2 @@ -0,0 +1,108 @@ +#jinja2: lstrip_blocks: "True" + +{% macro render_vhost_directives() %} + gzip on; + gzip_types text/plain application/json application/javascript text/css image/x-icon font/ttf image/gif; + {% if matrix_nginx_proxy_hsts_preload_enabled %} + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; + {% else %} + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + {% endif %} + add_header X-XSS-Protection "{{ matrix_nginx_proxy_xss_protection }}"; + add_header X-Content-Type-Options nosniff; + {% if matrix_nginx_proxy_floc_optout_enabled %} + add_header Permissions-Policy interest-cohort=() always; + {% endif %} + +{% for configuration_block in matrix_nginx_proxy_proxy_etherpad_additional_server_configuration_blocks %} + {{- configuration_block }} +{% endfor %} + + location / { + {% if matrix_nginx_proxy_enabled %} + {# Use the embedded DNS resolver in Docker containers to discover the service #} + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; + set $backend "matrix-etherpad:9001"; + proxy_pass http://$backend; + {# These are proxy directives needed specifically by Etherpad #} + proxy_buffering off; + proxy_http_version 1.1; {# recommended with keepalive connections #} + proxy_pass_header Server; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-Proto {{ matrix_nginx_proxy_x_forwarded_proto_value }}; {# for EP to set secure cookie flag when https is used #} + {# WebSocket proxying - from http://nginx.org/en/docs/http/websocket.html #} + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + {% else %} + {# Generic configuration for use outside of our container setup #} + # A good guide for setting up your Etherpad behind nginx: + # https://docs.gandi.net/en/cloud/tutorials/etherpad_lite.html + proxy_pass http://127.0.0.1:9001/; + {% endif %} + } +{% endmacro %} + +server { + listen {{ 8080 if matrix_nginx_proxy_enabled else 80 }}; + listen [::]:{{ 8080 if matrix_nginx_proxy_enabled else 80 }}; + + server_name {{ matrix_nginx_proxy_proxy_etherpad_hostname }}; + + server_tokens off; + root /dev/null; + + {% if matrix_nginx_proxy_https_enabled %} + location /.well-known/acme-challenge { + {% if matrix_nginx_proxy_enabled %} + {# Use the embedded DNS resolver in Docker containers to discover the service #} + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; + set $backend "matrix-certbot:8080"; + proxy_pass http://$backend; + {% else %} + {# Generic configuration for use outside of our container setup #} + proxy_pass http://127.0.0.1:{{ matrix_ssl_lets_encrypt_certbot_standalone_http_port }}; + {% endif %} + } + + location / { + return 301 https://$http_host$request_uri; + } + {% else %} + {{ render_vhost_directives() }} + {% endif %} +} + +{% if matrix_nginx_proxy_https_enabled %} +server { + listen {{ 8443 if matrix_nginx_proxy_enabled else 443 }} ssl http2; + listen [::]:{{ 8443 if matrix_nginx_proxy_enabled else 443 }} ssl http2; + + server_name {{ matrix_nginx_proxy_proxy_etherpad_hostname }}; + + server_tokens off; + root /dev/null; + + ssl_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_etherpad_hostname }}/fullchain.pem; + ssl_certificate_key {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_etherpad_hostname }}/privkey.pem; + + ssl_protocols {{ matrix_nginx_proxy_ssl_protocols }}; + {% if matrix_nginx_proxy_ssl_ciphers != '' %} + ssl_ciphers {{ matrix_nginx_proxy_ssl_ciphers }}; + {% endif %} + ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }}; + + {% if matrix_nginx_proxy_ocsp_stapling_enabled %} + ssl_stapling on; + ssl_stapling_verify on; + ssl_trusted_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_etherpad_hostname }}/chain.pem; + {% endif %} + + {% if matrix_nginx_proxy_ssl_session_tickets_off %} + ssl_session_tickets off; + {% endif %} + ssl_session_cache {{ matrix_nginx_proxy_ssl_session_cache }}; + ssl_session_timeout {{ matrix_nginx_proxy_ssl_session_timeout }}; + + {{ render_vhost_directives() }} +} +{% endif %} From c3a7237de702b4f4ec26509cb1000f99051a8f83 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 4 Nov 2022 14:58:28 +0200 Subject: [PATCH 523/562] Initial work on using externally defined roles --- CHANGELOG.md | 21 +++++++ Makefile | 1 + docs/installing.md | 3 + docs/maintenance-upgrading-services.md | 4 +- group_vars/matrix_servers | 25 +++++++++ requirements.yml | 13 +++++ roles/custom/matrix-base/defaults/main.yml | 11 ---- .../matrix-base/tasks/setup_matrix_base.yml | 55 ------------------- .../matrix-bridge-hookshot/defaults/main.yml | 4 +- .../matrix_playbook_migration/tasks/main.yml | 5 ++ .../tasks/validate_config.yml | 12 ++++ setup.yml | 17 ++++++ 12 files changed, 101 insertions(+), 70 deletions(-) create mode 100644 requirements.yml create mode 100644 roles/custom/matrix_playbook_migration/tasks/main.yml create mode 100644 roles/custom/matrix_playbook_migration/tasks/validate_config.yml diff --git a/CHANGELOG.md b/CHANGELOG.md index 4d8b9b21..9bd06a8c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,24 @@ +# 2022-11-04 + +## The playbook now uses external roles for some things + +**TLDR**: when updating the playbook and before running it, you'll need to run `make roles` to make [ansible-galaxy](https://docs.ansible.com/ansible/latest/cli/ansible-galaxy.html) download dependency roles (see the [`requirements.yml` file](requirements.yml)) to the `roles/galaxy` directory. Without this, the playbook won't work. + +We're in the process of trimming the playbook and making it reuse Ansible roles. + +Starting now, the playbook is composed of 2 types of Ansible roles: + +- those that live within the playbook itself (`roles/custom/*`) + +- those downloaded from other sources (using [ansible-galaxy](https://docs.ansible.com/ansible/latest/cli/ansible-galaxy.html) to `roles/galaxy`, based on the [`requirements.yml` file](requirements.yml)). These roles are maintained by us or by other people from the Ansible community. + +We're doing this for greater code-reuse (across Ansible playbooks, including our own related playbooks [gitea-docker-ansible-deploy](https://github.com/spantaleev/gitea-docker-ansible-deploy) and [nextcloud-docker-ansible-deploy](https://github.com/spantaleev/nextcloud-docker-ansible-deploy)) and decreased maintenance burden. Until now, certain features were copy-pasted across playbooks or were maintained separately in each one, with improvements often falling behind. We've also tended to do too much by ourselves - installing Docker on the server from our `matrix-base` role, etc. - something that we'd rather not do anymore by switching to the [geerlingguy.docker](https://galaxy.ansible.com/geerlingguy/docker) role. + +Some variable names will change during the transition to having more and more external (galaxy) roles. There's a new `custom/matrix_playbook_migration` role added to the playbook which will tell you about these changes each time you run the playbook. + +From now on, every time you update the playbook (well, every time the `requirements.yml` file changes), it's best to run `make roles` to update the roles downloaded from other sources. + + # 2022-10-14 ## synapse-s3-storage-provider support diff --git a/Makefile b/Makefile index 62419150..b7fc41bd 100644 --- a/Makefile +++ b/Makefile @@ -4,6 +4,7 @@ help: ## Show this help. @grep -F -h "##" $(MAKEFILE_LIST) | grep -v grep | sed -e 's/\\$$//' | sed -e 's/##//' roles: ## Pull roles + rm -rf roles/galaxy ansible-galaxy install -r requirements.yml -p roles/galaxy/ --force lint: ## Runs ansible-lint against all roles in the playbook diff --git a/docs/installing.md b/docs/installing.md index 308e6fe6..7c62cc39 100644 --- a/docs/installing.md +++ b/docs/installing.md @@ -2,6 +2,9 @@ If you've [configured your DNS](configuring-dns.md) and have [configured the playbook](configuring-playbook.md), you can start the installation procedure. +**Before installing** and each time you update the playbook in the future, you will need to update the Ansible roles in this playbook by running `make roles`. + + ## Playbook tags introduction The Ansible playbook's tasks are tagged, so that certain parts of the Ansible playbook can be run without running all other tasks. diff --git a/docs/maintenance-upgrading-services.md b/docs/maintenance-upgrading-services.md index fe289a86..d1c707fd 100644 --- a/docs/maintenance-upgrading-services.md +++ b/docs/maintenance-upgrading-services.md @@ -10,8 +10,8 @@ To upgrade services: - take a look at [the changelog](../CHANGELOG.md) to see if there have been any backward-incompatible changes that you need to take care of -- re-run the [playbook setup](installing.md): `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all` +- download the upstream Ansible roles used by the playbook by running `make roles` -- restart the services: `ansible-playbook -i inventory/hosts setup.yml --tags=start` +- re-run the [playbook setup](installing.md) and restart all serivces: `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,ensure-matrix-users-created,start` **Note**: major version upgrades to the internal PostgreSQL database are not done automatically. To upgrade it, refer to the [upgrading PostgreSQL guide](maintenance-postgres.md#upgrading-postgresql). diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 2e3a217c..a75be04a 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -9,6 +9,31 @@ # You can also override ANY variable (seen here or in any given role), # by re-defining it in your own configuration file (`inventory/host_vars/matrix.`). + + +###################################################################### +# +# com.devture.ansible.role.playbook_state_preserver +# +###################################################################### + +# To completely disable this feature, use `devture_playbook_state_preserver_enabled: false`. + +devture_playbook_state_preserver_uid: "{{ matrix_user_uid }}" +devture_playbook_state_preserver_gid: "{{ matrix_user_gid }}" + +devture_playbook_state_preserver_vars_preservation_dst: "{{ matrix_base_data_path }}/vars.yml" + +devture_playbook_state_preserver_commit_hash_preservation_dst: "{{ matrix_base_data_path }}/git_hash.yml" + +###################################################################### +# +# /com.devture.ansible.role.playbook_state_preserver +# +###################################################################### + + + ###################################################################### # # matrix-base diff --git a/requirements.yml b/requirements.yml new file mode 100644 index 00000000..9d6669af --- /dev/null +++ b/requirements.yml @@ -0,0 +1,13 @@ +--- + +- src: git+https://github.com/devture/com.devture.ansible.role.playbook_help.git + version: c1f40e82b4d6b072b6f0e885239322bdaaaf554f + +- src: git+https://github.com/devture/com.devture.ansible.role.systemd_docker_base.git + version: 327d2e17f5189ac2480d6012f58cf64a2b46efba + +- src: git+https://github.com/devture/com.devture.ansible.role.playbook_state_preserver.git + version: 0857450721d525238ca230c9e6f8f8ad3a248564 + +- src: git+https://github.com/devture/com.devture.ansible.role.playbook_runtime_messages.git + version: f1c78d4e85e875129790c58335d0e44385683f6b diff --git a/roles/custom/matrix-base/defaults/main.yml b/roles/custom/matrix-base/defaults/main.yml index 52049ed5..a18ba6b6 100644 --- a/roles/custom/matrix-base/defaults/main.yml +++ b/roles/custom/matrix-base/defaults/main.yml @@ -255,12 +255,6 @@ matrix_well_known_matrix_support_configuration: "{{ matrix_well_known_matrix_sup # The Docker network that all services would be put into matrix_docker_network: "matrix" -# Controls whether we'll preserve the vars.yml file on the Matrix server. -# If you have a differently organized inventory, you may wish to disable this feature, -# or to repoint `matrix_vars_yml_snapshotting_src` to the file you'd like to preserve. -matrix_vars_yml_snapshotting_enabled: true -matrix_vars_yml_snapshotting_src: "{{ inventory_dir }}/host_vars/{{ inventory_hostname }}/vars.yml" - # Controls whether a `/.well-known/matrix/server` file is generated and used at all. # # If you wish to rely on DNS SRV records only, you can disable this. @@ -284,11 +278,6 @@ matrix_docker_installation_enabled: true # Possible values are "docker-ce" (default) and "docker.io" (Debian). matrix_docker_package_name: docker-ce -# Controls whether the current playbook's commit hash is saved in `git_hash.yml` on the target -# Set this to false if GIT is not installed on the local system (the system where the ansible command is run on) -# to suppress the warning message. -matrix_playbook_commit_hash_preservation_enabled: true - # Variables to Control which parts of our roles run. run_postgres_import: true run_postgres_upgrade: true diff --git a/roles/custom/matrix-base/tasks/setup_matrix_base.yml b/roles/custom/matrix-base/tasks/setup_matrix_base.yml index 2439fdea..f954bd79 100644 --- a/roles/custom/matrix-base/tasks/setup_matrix_base.yml +++ b/roles/custom/matrix-base/tasks/setup_matrix_base.yml @@ -10,61 +10,6 @@ with_items: - "{{ matrix_base_data_path }}" -- name: Preserve vars.yml on the server for easily restoring if it gets lost later on - ansible.builtin.copy: - src: "{{ matrix_vars_yml_snapshotting_src }}" - dest: "{{ matrix_base_data_path }}/vars.yml" - owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_groupname }}" - mode: '0660' - when: "matrix_vars_yml_snapshotting_enabled | bool" - -- name: Save current git-repo status on the target to aid with restoring in case of problems - when: "matrix_playbook_commit_hash_preservation_enabled|bool" - block: - - name: Get local git hash # noqa command-instead-of-module - delegate_to: 127.0.0.1 - become: false - register: git_describe - changed_when: false - ansible.builtin.shell: - git describe - --always - --tags - --dirty - --long - --all - - - ansible.builtin.set_fact: - git_hash: "{{ git_describe.stdout }}" - - - name: Git hash - ansible.builtin.debug: - msg: "Git hash: {{ git_hash }}" - - - name: Save git_hash.yml on target - ansible.builtin.copy: - content: "{{ git_hash }}" - dest: "{{ matrix_base_data_path }}/git_hash.yml" - owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_groupname }}" - mode: '0660' - - rescue: - - name: GIT not found error - ansible.builtin.debug: - msg: >- - Couldn't find GIT on the local machine. Continuing without saving the GIT hash. - You can disable saving the GIT hash by setting 'matrix_playbook_commit_hash_preservation_enabled: false' in vars.yml - when: "git_describe.stderr.find('git: not found') != -1" - - - name: Get GIT hash error - ansible.builtin.fail: - msg: >- - Error when trying to get the GIT hash. Please consult the error message above. - You can disable saving the GIT hash by setting 'matrix_playbook_commit_hash_preservation_enabled: false' in vars.yml - when: "git_describe.stderr.find('git: not found') == -1" - - name: Ensure Matrix network is created in Docker community.docker.docker_network: name: "{{ matrix_docker_network }}" diff --git a/roles/custom/matrix-bridge-hookshot/defaults/main.yml b/roles/custom/matrix-bridge-hookshot/defaults/main.yml index 4c39876a..4e696584 100644 --- a/roles/custom/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/custom/matrix-bridge-hookshot/defaults/main.yml @@ -129,8 +129,8 @@ matrix_hookshot_generic_user_id_prefix: '_webhooks_' matrix_hookshot_feeds_enabled: true -matrix_hookshot_feeds_pollIntervalSeconds: 600 # no-qa var-naming -matrix_hookshot_feeds_pollTimeoutSeconds: 10 # no-qa var-naming +matrix_hookshot_feeds_pollIntervalSeconds: 600 # noqa var-naming +matrix_hookshot_feeds_pollTimeoutSeconds: 10 # noqa var-naming # There is no need to edit ports. use matrix_hookshot_container_http_host_bind_ports below to expose ports instead. diff --git a/roles/custom/matrix_playbook_migration/tasks/main.yml b/roles/custom/matrix_playbook_migration/tasks/main.yml new file mode 100644 index 00000000..c346a759 --- /dev/null +++ b/roles/custom/matrix_playbook_migration/tasks/main.yml @@ -0,0 +1,5 @@ +--- + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml" + tags: + - setup-all diff --git a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml new file mode 100644 index 00000000..111016c9 --- /dev/null +++ b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml @@ -0,0 +1,12 @@ +--- + +- name: (Deprecation) Catch and report renamed Matrix playbook settings + ansible.builtin.fail: + msg: >- + Your configuration contains a variable, which now has a different name. + Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`). + when: "item.old in vars" + with_items: + - {'old': 'matrix_vars_yml_snapshotting_enabled', 'new': 'devture_playbook_state_preserver_vars_preservation_enabled'} + - {'old': 'matrix_vars_yml_snapshotting_src', 'new': 'devture_playbook_state_preserver_vars_preservation_src'} + - {'old': 'matrix_playbook_commit_hash_preservation_enabled', 'new': 'devture_playbook_state_preserver_commit_hash_preservation_enabled'} diff --git a/setup.yml b/setup.yml index 906c3bdf..24f5754b 100755 --- a/setup.yml +++ b/setup.yml @@ -7,6 +7,14 @@ - roles/custom/matrix-synapse/vars/workers.yml roles: + # This role has no tasks at all + - role: galaxy/com.devture.ansible.role.playbook_help + + # This role has no tasks at all + - role: galaxy/com.devture.ansible.role.systemd_docker_base + + - role: custom/matrix_playbook_migration + - custom/matrix-base - custom/matrix-dynamic-dns - custom/matrix-mailer @@ -74,3 +82,12 @@ - custom/matrix-backup-borg - custom/matrix-user-creator - custom/matrix-common-after + + # This is pretty much last, because we want it to better serve as a "last known good configuration". + # See: https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2217#issuecomment-1301487601 + - when: devture_playbook_state_preserver_enabled | bool + role: galaxy/com.devture.ansible.role.playbook_state_preserver + tags: + - setup-all + + - role: galaxy/com.devture.ansible.role.playbook_runtime_messages From db19482d0cc8044093e3d11e785a2c8a8e3f9aaa Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 4 Nov 2022 16:19:17 +0200 Subject: [PATCH 524/562] Replace matrix_playbook_runtime_results with devture_playbook_runtime_messages_list (via com.devture.ansible.role.playbook_runtime_messages) --- .../tasks/migrate_nedb_to_postgres.yml | 4 ++-- .../tasks/migrate_nedb_to_postgres.yml | 4 ++-- .../tasks/validate_config.yml | 4 ++-- .../tasks/dump_runtime_results.yml | 7 ------- roles/custom/matrix-common-after/tasks/main.yml | 4 ---- .../tasks/setup_postgres_backup.yml | 4 ++-- .../tasks/import_generic_sqlite_db.yml | 4 ++-- .../matrix-postgres/tasks/migrate_db_to_postgres.yml | 4 ++-- .../custom/matrix-postgres/tasks/setup_postgres.yml | 12 ++++++------ .../matrix-registration/tasks/generate_token.yml | 6 +++--- .../custom/matrix-registration/tasks/list_tokens.yml | 6 +++--- 11 files changed, 24 insertions(+), 35 deletions(-) delete mode 100644 roles/custom/matrix-common-after/tasks/dump_runtime_results.yml diff --git a/roles/custom/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml b/roles/custom/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml index d5f4eefd..97ae60c5 100644 --- a/roles/custom/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml +++ b/roles/custom/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml @@ -66,9 +66,9 @@ - name: Inject result ansible.builtin.set_fact: - matrix_playbook_runtime_results: | + devture_playbook_runtime_messages_list: | {{ - matrix_playbook_runtime_results | default([]) + devture_playbook_runtime_messages_list | default([]) + [ "NOTE: Your appservice-irc database files have been imported into Postgres. The original database files have been moved from `{{ matrix_appservice_irc_data_path }}/*.db` to `{{ matrix_appservice_irc_data_path }}/*.db.backup`. When you've confirmed that the import went well and everything works, you should be able to safely delete these files." diff --git a/roles/custom/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml b/roles/custom/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml index b9aca080..0d029643 100644 --- a/roles/custom/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml +++ b/roles/custom/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml @@ -62,9 +62,9 @@ - name: Inject result ansible.builtin.set_fact: - matrix_playbook_runtime_results: | + devture_playbook_runtime_messages_list: | {{ - matrix_playbook_runtime_results | default([]) + devture_playbook_runtime_messages_list | default([]) + [ "NOTE: Your appservice-slack database files have been imported into Postgres. The original database files have been moved from `{{ matrix_appservice_slack_data_path }}/*.db` to `{{ matrix_appservice_slack_data_path }}/*.db.backup`. When you've confirmed that the import went well and everything works, you should be able to safely delete these files." diff --git a/roles/custom/matrix-bridge-mautrix-facebook/tasks/validate_config.yml b/roles/custom/matrix-bridge-mautrix-facebook/tasks/validate_config.yml index 413ea027..04e45c31 100644 --- a/roles/custom/matrix-bridge-mautrix-facebook/tasks/validate_config.yml +++ b/roles/custom/matrix-bridge-mautrix-facebook/tasks/validate_config.yml @@ -14,9 +14,9 @@ block: - name: Inject warning if on an old SQLite-supporting version ansible.builtin.set_fact: - matrix_playbook_runtime_results: | + devture_playbook_runtime_messages_list: | {{ - matrix_playbook_runtime_results | default([]) + devture_playbook_runtime_messages_list | default([]) + [ "NOTE: Your mautrix-facebook bridge is still on SQLite and on the last version that supported it, before support was dropped. Support has been subsequently re-added in v0.3.2, so we advise you to upgrade (by removing your `matrix_mautrix_facebook_docker_image` definition from vars.yml)" diff --git a/roles/custom/matrix-common-after/tasks/dump_runtime_results.yml b/roles/custom/matrix-common-after/tasks/dump_runtime_results.yml deleted file mode 100644 index 7dba367d..00000000 --- a/roles/custom/matrix-common-after/tasks/dump_runtime_results.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -# Ansible outputs the message in the `item=` field. -# It's unnecessary to output it again in the actual message, so we don't. -- ansible.builtin.debug: - msg: "" - with_items: "{{ matrix_playbook_runtime_results }}" - when: "matrix_playbook_runtime_results is defined and matrix_playbook_runtime_results | length > 0" diff --git a/roles/custom/matrix-common-after/tasks/main.yml b/roles/custom/matrix-common-after/tasks/main.yml index 1b360698..2cffecb1 100644 --- a/roles/custom/matrix-common-after/tasks/main.yml +++ b/roles/custom/matrix-common-after/tasks/main.yml @@ -10,10 +10,6 @@ tags: - stop -- ansible.builtin.import_tasks: "{{ role_path }}/tasks/dump_runtime_results.yml" - tags: - - always - - ansible.builtin.import_tasks: "{{ role_path }}/tasks/run_docker_prune.yml" tags: - run-docker-prune diff --git a/roles/custom/matrix-postgres-backup/tasks/setup_postgres_backup.yml b/roles/custom/matrix-postgres-backup/tasks/setup_postgres_backup.yml index d0335f39..55980d3c 100644 --- a/roles/custom/matrix-postgres-backup/tasks/setup_postgres_backup.yml +++ b/roles/custom/matrix-postgres-backup/tasks/setup_postgres_backup.yml @@ -101,9 +101,9 @@ # We just want to notify the user. Deleting data is too destructive. - name: Inject warning if matrix-postgres backup data remains ansible.builtin.set_fact: - matrix_playbook_runtime_results: | + devture_playbook_runtime_messages_list: | {{ - matrix_playbook_runtime_results | default([]) + devture_playbook_runtime_messages_list | default([]) + [ "NOTE: You are not using the local backup service to backup the PostgreSQL database, but some old data remains from before in `{{ matrix_postgres_backup_path }}`. Feel free to delete it." diff --git a/roles/custom/matrix-postgres/tasks/import_generic_sqlite_db.yml b/roles/custom/matrix-postgres/tasks/import_generic_sqlite_db.yml index 4a515c27..7fa4a20a 100644 --- a/roles/custom/matrix-postgres/tasks/import_generic_sqlite_db.yml +++ b/roles/custom/matrix-postgres/tasks/import_generic_sqlite_db.yml @@ -92,9 +92,9 @@ - name: Inject result ansible.builtin.set_fact: - matrix_playbook_runtime_results: | + devture_playbook_runtime_messages_list: | {{ - matrix_playbook_runtime_results | default([]) + devture_playbook_runtime_messages_list | default([]) + [ "NOTE: Your SQLite database file has been imported into Postgres. The original file has been moved from `{{ sqlite_database_path }}` to `{{ sqlite_database_path }}.backup`. When you've confirmed that the import went well and everything works, you should be able to safely delete this file." diff --git a/roles/custom/matrix-postgres/tasks/migrate_db_to_postgres.yml b/roles/custom/matrix-postgres/tasks/migrate_db_to_postgres.yml index ab387953..168b66ec 100644 --- a/roles/custom/matrix-postgres/tasks/migrate_db_to_postgres.yml +++ b/roles/custom/matrix-postgres/tasks/migrate_db_to_postgres.yml @@ -166,9 +166,9 @@ - name: Inject result ansible.builtin.set_fact: - matrix_playbook_runtime_results: | + devture_playbook_runtime_messages_list: | {{ - matrix_playbook_runtime_results | default([]) + devture_playbook_runtime_messages_list | default([]) + [ "NOTE: Your {{ matrix_postgres_db_migration_request.engine_old }} database file has been imported into Postgres. The original database file has been moved from `{{ matrix_postgres_db_migration_request.src }}` to `{{ matrix_postgres_db_migration_request.src }}.backup`. When you've confirmed that the import went well and everything works, you should be able to safely delete this file." diff --git a/roles/custom/matrix-postgres/tasks/setup_postgres.yml b/roles/custom/matrix-postgres/tasks/setup_postgres.yml index 9efc73a6..a989e969 100644 --- a/roles/custom/matrix-postgres/tasks/setup_postgres.yml +++ b/roles/custom/matrix-postgres/tasks/setup_postgres.yml @@ -25,9 +25,9 @@ - name: Inject warning if on an old version of Postgres ansible.builtin.set_fact: - matrix_playbook_runtime_results: | + devture_playbook_runtime_messages_list: | {{ - matrix_playbook_runtime_results | default([]) + devture_playbook_runtime_messages_list | default([]) + [ "NOTE: Your setup is on an old Postgres version ({{ matrix_postgres_docker_image_to_use }}), while {{ matrix_postgres_docker_image_latest }} is supported. You can upgrade using --tags=upgrade-postgres" @@ -146,9 +146,9 @@ - name: Inject warning if backup data remains ansible.builtin.set_fact: - matrix_playbook_runtime_results: | + devture_playbook_runtime_messages_list: | {{ - matrix_playbook_runtime_results | default([]) + devture_playbook_runtime_messages_list | default([]) + [ "NOTE: You have some Postgres backup data in `{{ matrix_postgres_data_path }}-auto-upgrade-backup`, which was created during the last major Postgres update you ran. If your setup works well after this upgrade, feel free to delete this whole directory." @@ -194,9 +194,9 @@ # We just want to notify the user. Deleting data is too destructive. - name: Inject warning if matrix-postgres local data remains ansible.builtin.set_fact: - matrix_playbook_runtime_results: | + devture_playbook_runtime_messages_list: | {{ - matrix_playbook_runtime_results | default([]) + devture_playbook_runtime_messages_list | default([]) + [ "NOTE: You are not using a local PostgreSQL database, but some old data remains from before in `{{ matrix_postgres_data_path }}`. Feel free to delete it." diff --git a/roles/custom/matrix-registration/tasks/generate_token.yml b/roles/custom/matrix-registration/tasks/generate_token.yml index c910bf63..aa2b0111 100644 --- a/roles/custom/matrix-registration/tasks/generate_token.yml +++ b/roles/custom/matrix-registration/tasks/generate_token.yml @@ -41,11 +41,11 @@ {{ matrix_registration_api_result.json }} check_mode: false -- name: Inject result message into matrix_playbook_runtime_results +- name: Inject result message into devture_playbook_runtime_messages_list ansible.builtin.set_fact: - matrix_playbook_runtime_results: | + devture_playbook_runtime_messages_list: | {{ - matrix_playbook_runtime_results | default([]) + devture_playbook_runtime_messages_list | default([]) + [matrix_registration_api_result_message] }} diff --git a/roles/custom/matrix-registration/tasks/list_tokens.yml b/roles/custom/matrix-registration/tasks/list_tokens.yml index 4bcd1460..1001c4fa 100644 --- a/roles/custom/matrix-registration/tasks/list_tokens.yml +++ b/roles/custom/matrix-registration/tasks/list_tokens.yml @@ -20,11 +20,11 @@ {{ matrix_registration_api_result.json | to_nice_json }} check_mode: false -- name: Inject result message into matrix_playbook_runtime_results +- name: Inject result message into devture_playbook_runtime_messages_list ansible.builtin.set_fact: - matrix_playbook_runtime_results: | + devture_playbook_runtime_messages_list: | {{ - matrix_playbook_runtime_results | default([]) + devture_playbook_runtime_messages_list | default([]) + [matrix_registration_api_result_message] }} From 04c6c11561f8ace31c377ece2ec7b2a99b6c9290 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 4 Nov 2022 16:33:22 +0200 Subject: [PATCH 525/562] Install ntpd/systemd-timesync via com.devture.ansible.role.timesync --- group_vars/matrix_servers | 15 +++++++++++++++ requirements.yml | 3 +++ roles/custom/matrix-base/defaults/main.yml | 3 --- .../matrix-base/tasks/server_base/setup.yml | 6 ------ .../tasks/server_base/setup_debian.yml | 7 ------- .../tasks/server_base/setup_fedora.yml | 7 ------- .../tasks/server_base/setup_raspbian.yml | 7 ------- .../tasks/server_base/setup_redhat.yml | 7 ------- .../tasks/server_base/setup_redhat8.yml | 7 ------- .../tasks/validate_config.yml | 2 ++ setup.yml | 6 ++++++ 11 files changed, 26 insertions(+), 44 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index a75be04a..b549dc99 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -10,6 +10,21 @@ # by re-defining it in your own configuration file (`inventory/host_vars/matrix.`). +######################################################################## +# # +# com.devture.ansible.role.timesync # +# # +######################################################################## + +# To completely disable installing systemd-timesyncd/ntpd, use `devture_timesync_installation_enabled: false`. + +######################################################################## +# # +# /com.devture.ansible.role.timesync # +# # +######################################################################## + + ###################################################################### # diff --git a/requirements.yml b/requirements.yml index 9d6669af..668f973e 100644 --- a/requirements.yml +++ b/requirements.yml @@ -6,6 +6,9 @@ - src: git+https://github.com/devture/com.devture.ansible.role.systemd_docker_base.git version: 327d2e17f5189ac2480d6012f58cf64a2b46efba +- src: git+https://github.com/devture/com.devture.ansible.role.timesync.git + version: 461ace97fcf0e36c76747b36fcad8587d9b072f5 + - src: git+https://github.com/devture/com.devture.ansible.role.playbook_state_preserver.git version: 0857450721d525238ca230c9e6f8f8ad3a248564 diff --git a/roles/custom/matrix-base/defaults/main.yml b/roles/custom/matrix-base/defaults/main.yml index a18ba6b6..40ee9e55 100644 --- a/roles/custom/matrix-base/defaults/main.yml +++ b/roles/custom/matrix-base/defaults/main.yml @@ -134,9 +134,6 @@ matrix_host_command_openssl: "/usr/bin/env openssl" matrix_host_command_systemctl: "/usr/bin/env systemctl" matrix_host_command_sh: "/usr/bin/env sh" -matrix_ntpd_package: "{{ 'systemd-timesyncd' if (ansible_os_family == 'RedHat' and ansible_distribution_major_version | int > 7) or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version | int > 18) else ('systemd' if ansible_os_family == 'Suse' else 'ntp') }}" -matrix_ntpd_service: "{{ 'systemd-timesyncd' if (ansible_os_family == 'RedHat' and ansible_distribution_major_version | int > 7) or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version | int > 18) or ansible_distribution == 'Archlinux' or ansible_os_family == 'Suse' else ('ntpd' if ansible_os_family == 'RedHat' else 'ntp') }}" - matrix_homeserver_url: "https://{{ matrix_server_fqn_matrix }}" # Specifies where the homeserver's Client-Server API is on the container network. diff --git a/roles/custom/matrix-base/tasks/server_base/setup.yml b/roles/custom/matrix-base/tasks/server_base/setup.yml index 9e3319f5..d0b9f0b9 100644 --- a/roles/custom/matrix-base/tasks/server_base/setup.yml +++ b/roles/custom/matrix-base/tasks/server_base/setup.yml @@ -39,9 +39,3 @@ name: docker state: started enabled: true - -- name: "Ensure ntpd is started and autoruns" - ansible.builtin.service: - name: "{{ matrix_ntpd_service }}" - state: started - enabled: true diff --git a/roles/custom/matrix-base/tasks/server_base/setup_debian.yml b/roles/custom/matrix-base/tasks/server_base/setup_debian.yml index 271fab41..412a11d0 100644 --- a/roles/custom/matrix-base/tasks/server_base/setup_debian.yml +++ b/roles/custom/matrix-base/tasks/server_base/setup_debian.yml @@ -25,13 +25,6 @@ update_cache: true when: matrix_docker_installation_enabled | bool and matrix_docker_package_name == 'docker-ce' -- name: Ensure APT packages are installed - ansible.builtin.apt: - name: - - "{{ matrix_ntpd_package }}" - state: present - update_cache: true - - name: Ensure Docker is installed ansible.builtin.apt: name: diff --git a/roles/custom/matrix-base/tasks/server_base/setup_fedora.yml b/roles/custom/matrix-base/tasks/server_base/setup_fedora.yml index 2c7d528f..19d46571 100644 --- a/roles/custom/matrix-base/tasks/server_base/setup_fedora.yml +++ b/roles/custom/matrix-base/tasks/server_base/setup_fedora.yml @@ -17,13 +17,6 @@ key: https://download.docker.com/linux/fedora/gpg when: matrix_docker_installation_enabled | bool and matrix_docker_package_name == 'docker-ce' -- name: Ensure yum packages are installed - ansible.builtin.yum: - name: - - "{{ matrix_ntpd_package }}" - state: present - update_cache: true - - name: Ensure Docker is installed ansible.builtin.yum: name: diff --git a/roles/custom/matrix-base/tasks/server_base/setup_raspbian.yml b/roles/custom/matrix-base/tasks/server_base/setup_raspbian.yml index 18c6eb65..6959b39c 100644 --- a/roles/custom/matrix-base/tasks/server_base/setup_raspbian.yml +++ b/roles/custom/matrix-base/tasks/server_base/setup_raspbian.yml @@ -25,13 +25,6 @@ update_cache: true when: matrix_docker_installation_enabled | bool and matrix_docker_package_name == 'docker-ce' -- name: Ensure APT packages are installed - ansible.builtin.apt: - name: - - "{{ matrix_ntpd_package }}" - state: present - update_cache: true - - name: Ensure Docker is installed ansible.builtin.apt: name: diff --git a/roles/custom/matrix-base/tasks/server_base/setup_redhat.yml b/roles/custom/matrix-base/tasks/server_base/setup_redhat.yml index 4e5c97d4..dbddd913 100644 --- a/roles/custom/matrix-base/tasks/server_base/setup_redhat.yml +++ b/roles/custom/matrix-base/tasks/server_base/setup_redhat.yml @@ -15,13 +15,6 @@ key: https://download.docker.com/linux/centos/gpg when: matrix_docker_installation_enabled | bool and matrix_docker_package_name == 'docker-ce' -- name: Ensure yum packages are installed - ansible.builtin.yum: - name: - - "{{ matrix_ntpd_package }}" - state: present - update_cache: true - - name: Ensure Docker is installed ansible.builtin.yum: name: diff --git a/roles/custom/matrix-base/tasks/server_base/setup_redhat8.yml b/roles/custom/matrix-base/tasks/server_base/setup_redhat8.yml index 932dbab5..c303abb8 100644 --- a/roles/custom/matrix-base/tasks/server_base/setup_redhat8.yml +++ b/roles/custom/matrix-base/tasks/server_base/setup_redhat8.yml @@ -22,13 +22,6 @@ state: present update_cache: true -- name: Ensure yum packages are installed - ansible.builtin.yum: - name: - - "{{ matrix_ntpd_package }}" - state: present - update_cache: true - - name: Ensure Docker is installed ansible.builtin.yum: name: diff --git a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml index 111016c9..e5a0badd 100644 --- a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml +++ b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml @@ -10,3 +10,5 @@ - {'old': 'matrix_vars_yml_snapshotting_enabled', 'new': 'devture_playbook_state_preserver_vars_preservation_enabled'} - {'old': 'matrix_vars_yml_snapshotting_src', 'new': 'devture_playbook_state_preserver_vars_preservation_src'} - {'old': 'matrix_playbook_commit_hash_preservation_enabled', 'new': 'devture_playbook_state_preserver_commit_hash_preservation_enabled'} + - {'old': 'matrix_ntpd_package', 'new': 'devture_timesync_ntpd_package'} + - {'old': 'matrix_ntpd_service', 'new': 'devture_timesync_ntpd_service'} diff --git a/setup.yml b/setup.yml index 24f5754b..e3372802 100755 --- a/setup.yml +++ b/setup.yml @@ -15,6 +15,12 @@ - role: custom/matrix_playbook_migration + - when: devture_timesync_installation_enabled | bool + role: galaxy/com.devture.ansible.role.timesync + tags: + - setup-timesync + - setup-all + - custom/matrix-base - custom/matrix-dynamic-dns - custom/matrix-mailer From f03f716989de07980f1b94f5c1ad7ef1f28f18da Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 4 Nov 2022 16:37:47 +0200 Subject: [PATCH 526/562] matrix_systemd_unit_home_path -> devture_systemd_docker_base_systemd_unit_home_path (via com.devture.ansible.role.systemd_docker_base) --- .../templates/systemd/matrix-backup-borg.service.j2 | 2 +- roles/custom/matrix-base/defaults/main.yml | 5 ----- .../templates/systemd/matrix-bot-buscarron.service.j2 | 2 +- .../templates/systemd/matrix-bot-go-neb.service.j2 | 2 +- .../templates/systemd/matrix-bot-honoroit.service.j2 | 2 +- .../systemd/matrix-bot-matrix-registration-bot.service.j2 | 2 +- .../systemd/matrix-bot-matrix-reminder-bot.service.j2 | 2 +- .../templates/systemd/matrix-bot-maubot.service.j2 | 2 +- .../templates/systemd/matrix-bot-mjolnir.service.j2 | 2 +- .../templates/systemd/matrix-bot-postmoogle.service.j2 | 2 +- .../templates/systemd/matrix-appservice-discord.service.j2 | 2 +- .../templates/systemd/matrix-appservice-irc.service.j2 | 2 +- .../systemd/matrix-appservice-kakaotalk-node.service.j2 | 2 +- .../templates/systemd/matrix-appservice-kakaotalk.service.j2 | 2 +- .../templates/systemd/matrix-appservice-slack.service.j2 | 2 +- .../templates/systemd/matrix-appservice-webhooks.service.j2 | 2 +- .../templates/systemd/matrix-beeper-linkedin.service.j2 | 2 +- .../templates/systemd/matrix-go-skype-bridge.service.j2 | 2 +- .../templates/systemd/matrix-heisenbridge.service.j2 | 2 +- .../templates/systemd/matrix-hookshot.service.j2 | 2 +- .../templates/systemd/matrix-mautrix-discord.service.j2 | 2 +- .../templates/systemd/matrix-mautrix-facebook.service.j2 | 2 +- .../templates/systemd/matrix-mautrix-googlechat.service.j2 | 2 +- .../templates/systemd/matrix-mautrix-hangouts.service.j2 | 2 +- .../templates/systemd/matrix-mautrix-instagram.service.j2 | 2 +- .../systemd/matrix-mautrix-signal-daemon.service.j2 | 2 +- .../templates/systemd/matrix-mautrix-signal.service.j2 | 2 +- .../templates/systemd/matrix-mautrix-telegram.service.j2 | 2 +- .../templates/systemd/matrix-mautrix-twitter.service.j2 | 2 +- .../templates/systemd/matrix-mautrix-whatsapp.service.j2 | 2 +- .../templates/systemd/matrix-mx-puppet-discord.service.j2 | 2 +- .../templates/systemd/matrix-mx-puppet-groupme.service.j2 | 2 +- .../templates/systemd/matrix-mx-puppet-instagram.service.j2 | 2 +- .../templates/systemd/matrix-mx-puppet-slack.service.j2 | 2 +- .../templates/systemd/matrix-mx-puppet-steam.service.j2 | 2 +- .../templates/systemd/matrix-mx-puppet-twitter.service.j2 | 2 +- .../templates/systemd/matrix-sms-bridge.service.j2 | 2 +- .../templates/systemd/matrix-cactus-comments.service.j2 | 2 +- .../templates/systemd/matrix-client-cinny.service.j2 | 2 +- .../templates/systemd/matrix-client-element.service.j2 | 2 +- .../templates/systemd/matrix-client-hydrogen.service.j2 | 2 +- .../templates/conduit/systemd/matrix-conduit.service.j2 | 2 +- .../templates/systemd/matrix-corporal.service.j2 | 2 +- .../matrix-coturn/templates/systemd/matrix-coturn.service.j2 | 2 +- .../templates/dendrite/systemd/matrix-dendrite.service.j2 | 2 +- .../templates/systemd/matrix-dimension.service.j2 | 2 +- .../templates/systemd/matrix-dynamic-dns.service.j2 | 2 +- .../templates/systemd/matrix-email2matrix.service.j2 | 2 +- .../templates/systemd/matrix-etherpad.service.j2 | 2 +- .../templates/systemd/matrix-grafana.service.j2 | 2 +- .../templates/jicofo/matrix-jitsi-jicofo.service.j2 | 2 +- .../matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 | 2 +- .../templates/prosody/matrix-jitsi-prosody.service.j2 | 2 +- .../matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 | 2 +- .../systemd/matrix-ldap-registration-proxy.service.j2 | 2 +- .../matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 | 2 +- .../matrix-mailer/templates/systemd/matrix-mailer.service.j2 | 2 +- .../templates/systemd/matrix-nginx-proxy.service.j2 | 2 +- .../matrix-ssl-lets-encrypt-certificates-renew.service.j2 | 2 +- .../matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 | 2 +- .../templates/systemd/matrix-postgres-backup.service.j2 | 2 +- .../templates/systemd/matrix-postgres.service.j2 | 2 +- .../systemd/matrix-prometheus-node-exporter.service.j2 | 2 +- .../systemd/matrix-prometheus-postgres-exporter.service.j2 | 2 +- .../templates/systemd/matrix-prometheus.service.j2 | 2 +- .../templates/systemd/matrix-registration.service.j2 | 2 +- .../matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 | 2 +- .../templates/systemd/matrix-synapse-admin.service.j2 | 2 +- .../templates/goofys/systemd/matrix-goofys.service.j2 | 2 +- .../matrix-synapse-s3-storage-provider-migrate.service.j2 | 2 +- .../synapse/systemd/matrix-synapse-worker.service.j2 | 2 +- .../templates/synapse/systemd/matrix-synapse.service.j2 | 2 +- .../matrix_playbook_migration/tasks/validate_config.yml | 1 + 73 files changed, 72 insertions(+), 76 deletions(-) diff --git a/roles/custom/matrix-backup-borg/templates/systemd/matrix-backup-borg.service.j2 b/roles/custom/matrix-backup-borg/templates/systemd/matrix-backup-borg.service.j2 index 76217250..3436ac46 100644 --- a/roles/custom/matrix-backup-borg/templates/systemd/matrix-backup-borg.service.j2 +++ b/roles/custom/matrix-backup-borg/templates/systemd/matrix-backup-borg.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=oneshot -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-backup-borg 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-backup-borg 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_docker }} run --rm --name matrix-backup-borg \ diff --git a/roles/custom/matrix-base/defaults/main.yml b/roles/custom/matrix-base/defaults/main.yml index 40ee9e55..1ca45c74 100644 --- a/roles/custom/matrix-base/defaults/main.yml +++ b/roles/custom/matrix-base/defaults/main.yml @@ -115,11 +115,6 @@ matrix_base_data_path_mode: "750" matrix_static_files_base_path: "{{ matrix_base_data_path }}/static-files" matrix_systemd_path: "/etc/systemd/system" -# Specifies the path to use for the `HOME` environment variable for systemd unit files. -# Docker 20.10 complains with `WARNING: Error loading config file: .dockercfg: $HOME is not defined` -# if `$HOME` is not defined, so we define something to make it happy. -matrix_systemd_unit_home_path: /root - # This is now unused. We keep it so that cleanup tasks can use it. # To be removed in the future. matrix_cron_path: "/etc/cron.d" diff --git a/roles/custom/matrix-bot-buscarron/templates/systemd/matrix-bot-buscarron.service.j2 b/roles/custom/matrix-bot-buscarron/templates/systemd/matrix-bot-buscarron.service.j2 index fd6d0310..4c3abcba 100644 --- a/roles/custom/matrix-bot-buscarron/templates/systemd/matrix-bot-buscarron.service.j2 +++ b/roles/custom/matrix-bot-buscarron/templates/systemd/matrix-bot-buscarron.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-buscarron 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-buscarron 2>/dev/null || true' diff --git a/roles/custom/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 b/roles/custom/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 index 83eb3c7d..73b8175a 100644 --- a/roles/custom/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 +++ b/roles/custom/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-go-neb 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-go-neb 2>/dev/null || true' diff --git a/roles/custom/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2 b/roles/custom/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2 index 2bb14109..d5fe3b02 100644 --- a/roles/custom/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2 +++ b/roles/custom/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-honoroit 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-honoroit 2>/dev/null || true' diff --git a/roles/custom/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 b/roles/custom/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 index e1aa8954..3fd9619c 100644 --- a/roles/custom/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 +++ b/roles/custom/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-matrix-registration-bot 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-matrix-registration-bot 2>/dev/null || true' diff --git a/roles/custom/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 b/roles/custom/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 index a9cf8bb8..19dfc3df 100644 --- a/roles/custom/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 +++ b/roles/custom/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-matrix-reminder-bot 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-matrix-reminder-bot 2>/dev/null || true' diff --git a/roles/custom/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 b/roles/custom/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 index a9e03986..998ec3c6 100644 --- a/roles/custom/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 +++ b/roles/custom/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-maubot 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true' diff --git a/roles/custom/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 b/roles/custom/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 index 7ea6be37..b5795155 100644 --- a/roles/custom/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 +++ b/roles/custom/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-mjolnir 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-mjolnir 2>/dev/null || true' diff --git a/roles/custom/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 b/roles/custom/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 index fa45a3a4..355c85a6 100644 --- a/roles/custom/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 +++ b/roles/custom/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-postmoogle 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-postmoogle 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 b/roles/custom/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 index 0a527c0c..bc565ec0 100644 --- a/roles/custom/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 +++ b/roles/custom/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-discord 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-discord 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 b/roles/custom/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 index 4bbda18e..144ff6c6 100644 --- a/roles/custom/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 +++ b/roles/custom/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-irc 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-irc 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 b/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 index 1a526ee6..47beccd1 100644 --- a/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 +++ b/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-kakaotalk-node 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-kakaotalk-node 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 b/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 index 83a8d4dc..17076ae5 100644 --- a/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 +++ b/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-kakaotalk 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-kakaotalk 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 b/roles/custom/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 index 017f352f..35c3c9f0 100644 --- a/roles/custom/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 +++ b/roles/custom/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-slack 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-slack 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 b/roles/custom/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 index 556467b4..e9a87457 100644 --- a/roles/custom/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 +++ b/roles/custom/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-webhooks 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-webhooks 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 b/roles/custom/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 index 37b4f67d..d2f61b18 100644 --- a/roles/custom/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 +++ b/roles/custom/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-beeper-linkedin 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-beeper-linkedin 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-go-skype-bridge/templates/systemd/matrix-go-skype-bridge.service.j2 b/roles/custom/matrix-bridge-go-skype-bridge/templates/systemd/matrix-go-skype-bridge.service.j2 index fe5ab2d6..bd826d0d 100644 --- a/roles/custom/matrix-bridge-go-skype-bridge/templates/systemd/matrix-go-skype-bridge.service.j2 +++ b/roles/custom/matrix-bridge-go-skype-bridge/templates/systemd/matrix-go-skype-bridge.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-go-skype-bridge 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-go-skype-bridge 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-heisenbridge/templates/systemd/matrix-heisenbridge.service.j2 b/roles/custom/matrix-bridge-heisenbridge/templates/systemd/matrix-heisenbridge.service.j2 index e27b88f1..ac13e61e 100644 --- a/roles/custom/matrix-bridge-heisenbridge/templates/systemd/matrix-heisenbridge.service.j2 +++ b/roles/custom/matrix-bridge-heisenbridge/templates/systemd/matrix-heisenbridge.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-heisenbridge ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-heisenbridge diff --git a/roles/custom/matrix-bridge-hookshot/templates/systemd/matrix-hookshot.service.j2 b/roles/custom/matrix-bridge-hookshot/templates/systemd/matrix-hookshot.service.j2 index 16ff0592..4916e37f 100644 --- a/roles/custom/matrix-bridge-hookshot/templates/systemd/matrix-hookshot.service.j2 +++ b/roles/custom/matrix-bridge-hookshot/templates/systemd/matrix-hookshot.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_docker }} kill {{ matrix_hookshot_container_url }} ExecStartPre=-{{ matrix_host_command_docker }} rm {{ matrix_hookshot_container_url }} diff --git a/roles/custom/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 b/roles/custom/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 index 3651840e..4ee0fc5d 100644 --- a/roles/custom/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-discord 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-discord 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 b/roles/custom/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 index 2103dd05..f15069f3 100644 --- a/roles/custom/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-facebook 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-facebook 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2 b/roles/custom/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2 index 930b58c2..e0bcb2e3 100644 --- a/roles/custom/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 diff --git a/roles/custom/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 b/roles/custom/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 index 10402a51..e1a6781e 100644 --- a/roles/custom/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-hangouts matrix-mautrix-hangouts-db 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-hangouts matrix-mautrix-hangouts-db 2>/dev/null || true' ExecStartPre={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-hangouts-db \ diff --git a/roles/custom/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 b/roles/custom/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 index d2a6aece..a15b3729 100644 --- a/roles/custom/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-instagram 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-instagram 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 b/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 index 31e68ea9..68da20ba 100644 --- a/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 @@ -13,7 +13,7 @@ Wants={{ service }} [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-signal-daemon 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-signal-daemon 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 b/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 index d1ef85f3..369f1b97 100644 --- a/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 @@ -13,7 +13,7 @@ Wants={{ service }} [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-signal 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-signal 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 b/roles/custom/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 index 8b21ee2b..b96ede6a 100644 --- a/roles/custom/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-telegram 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-telegram 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 b/roles/custom/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 index 0ce9a123..67d68404 100644 --- a/roles/custom/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-twitter 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-twitter 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 b/roles/custom/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 index ae44d342..fa4df801 100644 --- a/roles/custom/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-whatsapp 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-whatsapp 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 b/roles/custom/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 index 52b12c3d..53db632b 100644 --- a/roles/custom/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-discord 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-discord 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 b/roles/custom/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 index afb46ecb..d9f29a8a 100644 --- a/roles/custom/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-groupme 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-groupme 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 b/roles/custom/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 index 262518fc..21e93a73 100644 --- a/roles/custom/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-instagram 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-instagram 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 b/roles/custom/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 index 118d0369..ea97de7a 100644 --- a/roles/custom/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-slack 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-slack 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 b/roles/custom/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 index f1079e3f..6fd26b66 100644 --- a/roles/custom/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-steam 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-steam 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 b/roles/custom/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 index 5d7cfca6..816cbe34 100644 --- a/roles/custom/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-twitter 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-twitter 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-sms/templates/systemd/matrix-sms-bridge.service.j2 b/roles/custom/matrix-bridge-sms/templates/systemd/matrix-sms-bridge.service.j2 index 46c3463f..2645d39c 100644 --- a/roles/custom/matrix-bridge-sms/templates/systemd/matrix-sms-bridge.service.j2 +++ b/roles/custom/matrix-bridge-sms/templates/systemd/matrix-sms-bridge.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-/usr/bin/docker kill matrix-sms-bridge ExecStartPre=-/usr/bin/docker rm matrix-sms-bridge diff --git a/roles/custom/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 b/roles/custom/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 index 06825582..259f141a 100644 --- a/roles/custom/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 +++ b/roles/custom/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-cactus-comments 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-cactus-comments 2>/dev/null || true' diff --git a/roles/custom/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2 b/roles/custom/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2 index 3f15ac19..f9250530 100644 --- a/roles/custom/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2 +++ b/roles/custom/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2 @@ -9,7 +9,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-client-cinny 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-client-cinny 2>/dev/null || true' diff --git a/roles/custom/matrix-client-element/templates/systemd/matrix-client-element.service.j2 b/roles/custom/matrix-client-element/templates/systemd/matrix-client-element.service.j2 index 8d3dec57..aaed84b0 100644 --- a/roles/custom/matrix-client-element/templates/systemd/matrix-client-element.service.j2 +++ b/roles/custom/matrix-client-element/templates/systemd/matrix-client-element.service.j2 @@ -9,7 +9,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-client-element 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-client-element 2>/dev/null || true' diff --git a/roles/custom/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2 b/roles/custom/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2 index 0196d35b..481ffb8a 100644 --- a/roles/custom/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2 +++ b/roles/custom/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2 @@ -9,7 +9,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-client-hydrogen 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-client-hydrogen 2>/dev/null || true' diff --git a/roles/custom/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 b/roles/custom/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 index 51b204f6..90cf3074 100644 --- a/roles/custom/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 +++ b/roles/custom/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 @@ -8,7 +8,7 @@ After={{ service }} [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-conduit 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-conduit 2>/dev/null || true' diff --git a/roles/custom/matrix-corporal/templates/systemd/matrix-corporal.service.j2 b/roles/custom/matrix-corporal/templates/systemd/matrix-corporal.service.j2 index d5661b5a..95ab7c80 100644 --- a/roles/custom/matrix-corporal/templates/systemd/matrix-corporal.service.j2 +++ b/roles/custom/matrix-corporal/templates/systemd/matrix-corporal.service.j2 @@ -9,7 +9,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-corporal 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-corporal 2>/dev/null || true' diff --git a/roles/custom/matrix-coturn/templates/systemd/matrix-coturn.service.j2 b/roles/custom/matrix-coturn/templates/systemd/matrix-coturn.service.j2 index 54bd015e..17e0b015 100644 --- a/roles/custom/matrix-coturn/templates/systemd/matrix-coturn.service.j2 +++ b/roles/custom/matrix-coturn/templates/systemd/matrix-coturn.service.j2 @@ -9,7 +9,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-coturn 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-coturn 2>/dev/null || true' diff --git a/roles/custom/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 b/roles/custom/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 index 69eca497..941a2405 100644 --- a/roles/custom/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 +++ b/roles/custom/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-dendrite 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-dendrite 2>/dev/null || true' diff --git a/roles/custom/matrix-dimension/templates/systemd/matrix-dimension.service.j2 b/roles/custom/matrix-dimension/templates/systemd/matrix-dimension.service.j2 index e514a74a..8329f0ca 100644 --- a/roles/custom/matrix-dimension/templates/systemd/matrix-dimension.service.j2 +++ b/roles/custom/matrix-dimension/templates/systemd/matrix-dimension.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-dimension 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-dimension 2>/dev/null || true' diff --git a/roles/custom/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 b/roles/custom/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 index 6f2ff101..ace0f90f 100644 --- a/roles/custom/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 +++ b/roles/custom/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-dynamic-dns 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-dynamic-dns 2>/dev/null || true' ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-dynamic-dns \ diff --git a/roles/custom/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 b/roles/custom/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 index 47c15117..4a098f26 100644 --- a/roles/custom/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 +++ b/roles/custom/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 @@ -7,7 +7,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-email2matrix 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-email2matrix 2>/dev/null || true' diff --git a/roles/custom/matrix-etherpad/templates/systemd/matrix-etherpad.service.j2 b/roles/custom/matrix-etherpad/templates/systemd/matrix-etherpad.service.j2 index d96c4260..4be0f004 100644 --- a/roles/custom/matrix-etherpad/templates/systemd/matrix-etherpad.service.j2 +++ b/roles/custom/matrix-etherpad/templates/systemd/matrix-etherpad.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-etherpad ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-etherpad diff --git a/roles/custom/matrix-grafana/templates/systemd/matrix-grafana.service.j2 b/roles/custom/matrix-grafana/templates/systemd/matrix-grafana.service.j2 index e0f58076..0748f601 100644 --- a/roles/custom/matrix-grafana/templates/systemd/matrix-grafana.service.j2 +++ b/roles/custom/matrix-grafana/templates/systemd/matrix-grafana.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-grafana 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-grafana 2>/dev/null || true' diff --git a/roles/custom/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 b/roles/custom/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 index 694fdc7f..d9f425aa 100644 --- a/roles/custom/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 +++ b/roles/custom/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 @@ -9,7 +9,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-jicofo 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-jicofo 2>/dev/null || true' diff --git a/roles/custom/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 b/roles/custom/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 index f0b141fc..4dd26c76 100644 --- a/roles/custom/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 +++ b/roles/custom/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 @@ -9,7 +9,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-jvb 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-jvb 2>/dev/null || true' diff --git a/roles/custom/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 b/roles/custom/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 index 0c3a3932..efeb3110 100644 --- a/roles/custom/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 +++ b/roles/custom/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 @@ -9,7 +9,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-prosody 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-prosody 2>/dev/null || true' diff --git a/roles/custom/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 b/roles/custom/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 index 8f29bfa8..8fa8f58d 100644 --- a/roles/custom/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 +++ b/roles/custom/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 @@ -9,7 +9,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-web 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-web 2>/dev/null || true' diff --git a/roles/custom/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 b/roles/custom/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 index 13ada897..5ffbae90 100644 --- a/roles/custom/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 +++ b/roles/custom/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-ldap-registration-proxy 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-ldap-registration-proxy 2>/dev/null || true' diff --git a/roles/custom/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 b/roles/custom/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 index 427f6c9f..39438460 100644 --- a/roles/custom/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 +++ b/roles/custom/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-ma1sd 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-ma1sd 2>/dev/null || true' diff --git a/roles/custom/matrix-mailer/templates/systemd/matrix-mailer.service.j2 b/roles/custom/matrix-mailer/templates/systemd/matrix-mailer.service.j2 index 83cd298e..44a46a98 100644 --- a/roles/custom/matrix-mailer/templates/systemd/matrix-mailer.service.j2 +++ b/roles/custom/matrix-mailer/templates/systemd/matrix-mailer.service.j2 @@ -7,7 +7,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mailer 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mailer 2>/dev/null || true' diff --git a/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 b/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 index 74356ea9..49c4c0dd 100755 --- a/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 +++ b/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-nginx-proxy 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-nginx-proxy 2>/dev/null || true' diff --git a/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-ssl-lets-encrypt-certificates-renew.service.j2 b/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-ssl-lets-encrypt-certificates-renew.service.j2 index c14905ce..c7f372d9 100644 --- a/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-ssl-lets-encrypt-certificates-renew.service.j2 +++ b/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-ssl-lets-encrypt-certificates-renew.service.j2 @@ -3,5 +3,5 @@ Description=Renews Let's Encrypt SSL certificates [Service] Type=oneshot -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStart={{ matrix_local_bin_path }}/matrix-ssl-lets-encrypt-certificates-renew diff --git a/roles/custom/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 b/roles/custom/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 index f4159856..47a81dec 100644 --- a/roles/custom/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 +++ b/roles/custom/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 @@ -7,7 +7,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-ntfy 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-ntfy 2>/dev/null || true' diff --git a/roles/custom/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2 b/roles/custom/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2 index 4ecf3745..1622b222 100644 --- a/roles/custom/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2 +++ b/roles/custom/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2 @@ -7,7 +7,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_docker }} stop matrix-postgres-backup ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-postgres-backup 2>/dev/null || true' diff --git a/roles/custom/matrix-postgres/templates/systemd/matrix-postgres.service.j2 b/roles/custom/matrix-postgres/templates/systemd/matrix-postgres.service.j2 index b30c5ef2..264e9b9a 100644 --- a/roles/custom/matrix-postgres/templates/systemd/matrix-postgres.service.j2 +++ b/roles/custom/matrix-postgres/templates/systemd/matrix-postgres.service.j2 @@ -7,7 +7,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-postgres 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-postgres 2>/dev/null || true' diff --git a/roles/custom/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 b/roles/custom/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 index d0bfa4cc..4f0b2009 100644 --- a/roles/custom/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 +++ b/roles/custom/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-prometheus-node-exporter 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-prometheus-node-exporter 2>/dev/null || true' diff --git a/roles/custom/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2 b/roles/custom/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2 index ff8c2ce4..f607beae 100644 --- a/roles/custom/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2 +++ b/roles/custom/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-prometheus-postgres-exporter 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-prometheus-postgres-exporter 2>/dev/null || true' diff --git a/roles/custom/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 b/roles/custom/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 index 56e13c13..45b905eb 100644 --- a/roles/custom/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 +++ b/roles/custom/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-prometheus 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-prometheus 2>/dev/null || true' diff --git a/roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2 b/roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2 index 8acbd3a5..ade1bb03 100644 --- a/roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2 +++ b/roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-registration 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-registration 2>/dev/null || true' diff --git a/roles/custom/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 b/roles/custom/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 index ae7e889d..938dcaf4 100644 --- a/roles/custom/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 +++ b/roles/custom/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-sygnal 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-sygnal 2>/dev/null || true' diff --git a/roles/custom/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 b/roles/custom/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 index 6ed9eaae..82bf7a2d 100644 --- a/roles/custom/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 +++ b/roles/custom/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-synapse-admin 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-synapse-admin 2>/dev/null || true' diff --git a/roles/custom/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 b/roles/custom/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 index df4a4f23..79085446 100644 --- a/roles/custom/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 +++ b/roles/custom/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 @@ -7,7 +7,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_docker }} kill %n ExecStartPre=-{{ matrix_host_command_docker }} rm %n diff --git a/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.service.j2 b/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.service.j2 index ea8f0c8c..159681a0 100644 --- a/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.service.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.service.j2 @@ -3,5 +3,5 @@ Description=Migrates locally-stored Synapse media store files to S3 [Service] Type=oneshot -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStart={{ matrix_local_bin_path }}/matrix-synapse-s3-storage-provider-migrate diff --git a/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 b/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 index 3855b850..fdee677c 100644 --- a/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 @@ -6,7 +6,7 @@ After=matrix-synapse.service [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' diff --git a/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 b/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 index f41cc54c..d6b8706f 100644 --- a/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 @@ -20,7 +20,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-synapse 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-synapse 2>/dev/null || true' {% if matrix_s3_media_store_enabled %} diff --git a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml index e5a0badd..ce00ab52 100644 --- a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml +++ b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml @@ -12,3 +12,4 @@ - {'old': 'matrix_playbook_commit_hash_preservation_enabled', 'new': 'devture_playbook_state_preserver_commit_hash_preservation_enabled'} - {'old': 'matrix_ntpd_package', 'new': 'devture_timesync_ntpd_package'} - {'old': 'matrix_ntpd_service', 'new': 'devture_timesync_ntpd_service'} + - {'old': 'matrix_systemd_unit_home_path', 'new': 'devture_systemd_docker_base_systemd_unit_home_path'} From 835d2e9581e5c4369e46375ef6811472f67cdcfa Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 4 Nov 2022 16:38:38 +0200 Subject: [PATCH 527/562] matrix_systemd_path -> devture_systemd_docker_base_systemd_path (via com.devture.ansible.role.systemd_docker_base) --- roles/custom/matrix-backup-borg/tasks/setup_install.yml | 4 ++-- roles/custom/matrix-backup-borg/tasks/setup_uninstall.yml | 6 +++--- roles/custom/matrix-base/defaults/main.yml | 1 - .../templates/usr-local-bin/matrix-remove-all.j2 | 4 ++-- roles/custom/matrix-bot-buscarron/tasks/setup_install.yml | 2 +- .../custom/matrix-bot-buscarron/tasks/setup_uninstall.yml | 4 ++-- roles/custom/matrix-bot-go-neb/tasks/setup_install.yml | 2 +- roles/custom/matrix-bot-go-neb/tasks/setup_uninstall.yml | 4 ++-- roles/custom/matrix-bot-honoroit/tasks/setup_install.yml | 2 +- .../custom/matrix-bot-honoroit/tasks/setup_uninstall.yml | 4 ++-- .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 4 ++-- .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 4 ++-- roles/custom/matrix-bot-maubot/tasks/setup_install.yml | 2 +- roles/custom/matrix-bot-maubot/tasks/setup_uninstall.yml | 4 ++-- roles/custom/matrix-bot-mjolnir/tasks/setup_install.yml | 2 +- roles/custom/matrix-bot-mjolnir/tasks/setup_uninstall.yml | 4 ++-- .../custom/matrix-bot-postmoogle/tasks/setup_install.yml | 2 +- .../matrix-bot-postmoogle/tasks/setup_uninstall.yml | 4 ++-- .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 4 ++-- .../tasks/migrate_nedb_to_postgres.yml | 2 +- .../matrix-bridge-appservice-irc/tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_uninstall.yml | 8 ++++---- .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 4 ++-- .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 4 ++-- .../matrix-bridge-beeper-linkedin/tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 4 ++-- .../matrix-bridge-go-skype-bridge/tasks/setup_install.yml | 2 +- .../matrix-bridge-heisenbridge/tasks/setup_install.yml | 2 +- .../matrix-bridge-heisenbridge/tasks/setup_uninstall.yml | 4 ++-- .../custom/matrix-bridge-hookshot/tasks/setup_install.yml | 2 +- .../matrix-bridge-hookshot/tasks/setup_uninstall.yml | 4 ++-- .../matrix-bridge-mautrix-discord/tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 4 ++-- .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 4 ++-- .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 4 ++-- .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 4 ++-- .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 4 ++-- .../matrix-bridge-mautrix-signal/tasks/setup_install.yml | 4 ++-- .../tasks/setup_uninstall.yml | 8 ++++---- .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 4 ++-- .../matrix-bridge-mautrix-twitter/tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 4 ++-- .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 4 ++-- roles/custom/matrix-bridge-sms/tasks/setup_install.yml | 2 +- roles/custom/matrix-bridge-sms/tasks/setup_uninstall.yml | 4 ++-- .../custom/matrix-cactus-comments/tasks/setup_install.yml | 2 +- .../matrix-cactus-comments/tasks/setup_uninstall.yml | 4 ++-- roles/custom/matrix-client-cinny/tasks/setup_install.yml | 2 +- .../custom/matrix-client-cinny/tasks/setup_uninstall.yml | 4 ++-- .../matrix-client-element/tasks/migrate_riot_web.yml | 4 ++-- .../custom/matrix-client-element/tasks/setup_install.yml | 2 +- .../matrix-client-element/tasks/setup_uninstall.yml | 4 ++-- .../custom/matrix-client-hydrogen/tasks/setup_install.yml | 2 +- .../matrix-client-hydrogen/tasks/setup_uninstall.yml | 4 ++-- .../custom/matrix-conduit/tasks/conduit/setup_install.yml | 2 +- .../matrix-conduit/tasks/conduit/setup_uninstall.yml | 4 ++-- roles/custom/matrix-corporal/tasks/setup_corporal.yml | 8 ++++---- roles/custom/matrix-coturn/tasks/setup_install.yml | 4 ++-- roles/custom/matrix-coturn/tasks/setup_uninstall.yml | 4 ++-- .../matrix-dendrite/tasks/dendrite/setup_install.yml | 2 +- .../matrix-dendrite/tasks/dendrite/setup_uninstall.yml | 4 ++-- roles/custom/matrix-dimension/tasks/setup_install.yml | 2 +- roles/custom/matrix-dimension/tasks/setup_uninstall.yml | 4 ++-- roles/custom/matrix-dynamic-dns/tasks/uninstall.yml | 4 ++-- roles/custom/matrix-email2matrix/tasks/setup_install.yml | 2 +- .../custom/matrix-email2matrix/tasks/setup_uninstall.yml | 4 ++-- roles/custom/matrix-etherpad/tasks/setup_install.yml | 2 +- roles/custom/matrix-etherpad/tasks/setup_uninstall.yml | 4 ++-- roles/custom/matrix-grafana/tasks/setup.yml | 6 +++--- roles/custom/matrix-jitsi/tasks/setup_jitsi_jicofo.yml | 6 +++--- roles/custom/matrix-jitsi/tasks/setup_jitsi_jvb.yml | 6 +++--- roles/custom/matrix-jitsi/tasks/setup_jitsi_prosody.yml | 6 +++--- roles/custom/matrix-jitsi/tasks/setup_jitsi_web.yml | 6 +++--- .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 4 ++-- roles/custom/matrix-ma1sd/tasks/migrate_mxisd.yml | 6 +++--- roles/custom/matrix-ma1sd/tasks/setup_install.yml | 2 +- roles/custom/matrix-ma1sd/tasks/setup_uninstall.yml | 4 ++-- roles/custom/matrix-mailer/tasks/setup_mailer.yml | 6 +++--- .../custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml | 6 +++--- .../tasks/ssl/setup_ssl_lets_encrypt.yml | 4 ++-- roles/custom/matrix-ntfy/tasks/setup_install.yml | 2 +- roles/custom/matrix-ntfy/tasks/setup_uninstall.yml | 4 ++-- .../tasks/setup_postgres_backup.yml | 6 +++--- .../tasks/migrate_postgres_data_directory.yml | 2 +- roles/custom/matrix-postgres/tasks/setup_postgres.yml | 6 +++--- .../matrix-prometheus-node-exporter/tasks/setup.yml | 6 +++--- .../matrix-prometheus-postgres-exporter/tasks/setup.yml | 6 +++--- roles/custom/matrix-prometheus/tasks/setup_install.yml | 2 +- roles/custom/matrix-prometheus/tasks/setup_uninstall.yml | 4 ++-- roles/custom/matrix-redis/tasks/setup_redis.yml | 6 +++--- roles/custom/matrix-registration/tasks/setup_install.yml | 2 +- .../custom/matrix-registration/tasks/setup_uninstall.yml | 4 ++-- roles/custom/matrix-sygnal/tasks/setup_install.yml | 2 +- roles/custom/matrix-sygnal/tasks/setup_uninstall.yml | 4 ++-- roles/custom/matrix-synapse-admin/tasks/setup.yml | 6 +++--- .../tasks/ext/s3-storage-provider/setup_install.yml | 2 +- .../tasks/ext/s3-storage-provider/setup_uninstall.yml | 2 +- .../custom/matrix-synapse/tasks/goofys/setup_install.yml | 2 +- .../matrix-synapse/tasks/goofys/setup_uninstall.yml | 4 ++-- .../custom/matrix-synapse/tasks/synapse/setup_install.yml | 2 +- .../matrix-synapse/tasks/synapse/setup_uninstall.yml | 4 ++-- .../custom/matrix-synapse/tasks/synapse/workers/setup.yml | 2 +- .../tasks/synapse/workers/setup_install.yml | 2 +- .../tasks/synapse/workers/setup_uninstall.yml | 2 +- .../tasks/synapse/workers/util/setup_files_for_worker.yml | 2 +- .../matrix_playbook_migration/tasks/validate_config.yml | 1 + 120 files changed, 208 insertions(+), 208 deletions(-) diff --git a/roles/custom/matrix-backup-borg/tasks/setup_install.yml b/roles/custom/matrix-backup-borg/tasks/setup_install.yml index 9c7429b8..b9b44236 100644 --- a/roles/custom/matrix-backup-borg/tasks/setup_install.yml +++ b/roles/custom/matrix-backup-borg/tasks/setup_install.yml @@ -96,14 +96,14 @@ - name: Ensure matrix-backup-borg.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-backup-borg.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-backup-borg.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-backup-borg.service" mode: 0644 register: matrix_backup_borg_systemd_service_result - name: Ensure matrix-backup-borg.timer installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-backup-borg.timer.j2" - dest: "{{ matrix_systemd_path }}/matrix-backup-borg.timer" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-backup-borg.timer" mode: 0644 register: matrix_backup_borg_systemd_timer_result diff --git a/roles/custom/matrix-backup-borg/tasks/setup_uninstall.yml b/roles/custom/matrix-backup-borg/tasks/setup_uninstall.yml index 37832b2b..c4c1028d 100644 --- a/roles/custom/matrix-backup-borg/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-backup-borg/tasks/setup_uninstall.yml @@ -1,7 +1,7 @@ --- - name: Check existence of matrix-backup-borg service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-backup-borg.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-backup-borg.service" register: matrix_backup_borg_service_stat - name: Ensure matrix-backup-borg is stopped @@ -15,13 +15,13 @@ - name: Ensure matrix-backup-borg.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-backup-borg.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-backup-borg.service" state: absent when: "matrix_backup_borg_service_stat.stat.exists | bool" - name: Ensure matrix-backup-borg.timer doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-backup-borg.timer" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-backup-borg.timer" state: absent when: "matrix_backup_borg_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-base/defaults/main.yml b/roles/custom/matrix-base/defaults/main.yml index 1ca45c74..ebed1b3a 100644 --- a/roles/custom/matrix-base/defaults/main.yml +++ b/roles/custom/matrix-base/defaults/main.yml @@ -113,7 +113,6 @@ matrix_base_data_path: "/matrix" matrix_base_data_path_mode: "750" matrix_static_files_base_path: "{{ matrix_base_data_path }}/static-files" -matrix_systemd_path: "/etc/systemd/system" # This is now unused. We keep it so that cleanup tasks can use it. # To be removed in the future. diff --git a/roles/custom/matrix-base/templates/usr-local-bin/matrix-remove-all.j2 b/roles/custom/matrix-base/templates/usr-local-bin/matrix-remove-all.j2 index f4b23b44..f9b174e5 100644 --- a/roles/custom/matrix-base/templates/usr-local-bin/matrix-remove-all.j2 +++ b/roles/custom/matrix-base/templates/usr-local-bin/matrix-remove-all.j2 @@ -16,9 +16,9 @@ if [ "$sure" != "Yes, I really want to remove everything!" ]; then else echo "Stop and remove matrix services" - for s in $(find {{ matrix_systemd_path }}/ -type f -name "matrix-*" -printf "%f\n"); do + for s in $(find {{ devture_systemd_docker_base_systemd_path }}/ -type f -name "matrix-*" -printf "%f\n"); do systemctl disable --now $s - rm -f {{ matrix_systemd_path }}/$s + rm -f {{ devture_systemd_docker_base_systemd_path }}/$s done systemctl daemon-reload diff --git a/roles/custom/matrix-bot-buscarron/tasks/setup_install.yml b/roles/custom/matrix-bot-buscarron/tasks/setup_install.yml index 431989f8..fbb05bb1 100644 --- a/roles/custom/matrix-bot-buscarron/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-buscarron/tasks/setup_install.yml @@ -87,7 +87,7 @@ - name: Ensure matrix-bot-buscarron.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-bot-buscarron.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-bot-buscarron.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-buscarron.service" mode: 0644 register: matrix_bot_buscarron_systemd_service_result diff --git a/roles/custom/matrix-bot-buscarron/tasks/setup_uninstall.yml b/roles/custom/matrix-bot-buscarron/tasks/setup_uninstall.yml index 848d24d2..cb3333bf 100644 --- a/roles/custom/matrix-bot-buscarron/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bot-buscarron/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-buscarron service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-bot-buscarron.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-buscarron.service" register: matrix_bot_buscarron_service_stat - name: Ensure matrix-buscarron is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-bot-buscarron.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-bot-buscarron.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-buscarron.service" state: absent when: "matrix_bot_buscarron_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-bot-go-neb/tasks/setup_install.yml b/roles/custom/matrix-bot-go-neb/tasks/setup_install.yml index 52215597..c8345ce3 100644 --- a/roles/custom/matrix-bot-go-neb/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-go-neb/tasks/setup_install.yml @@ -38,7 +38,7 @@ - name: Ensure matrix-bot-go-neb.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-bot-go-neb.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-bot-go-neb.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-go-neb.service" mode: 0644 register: matrix_bot_go_neb_systemd_service_result diff --git a/roles/custom/matrix-bot-go-neb/tasks/setup_uninstall.yml b/roles/custom/matrix-bot-go-neb/tasks/setup_uninstall.yml index 83391094..d5caa86b 100644 --- a/roles/custom/matrix-bot-go-neb/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bot-go-neb/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-go-neb service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-bot-go-neb.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-go-neb.service" register: matrix_bot_go_neb_service_stat - name: Ensure matrix-go-neb is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-bot-go-neb.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-bot-go-neb.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-go-neb.service" state: absent when: "matrix_bot_go_neb_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-bot-honoroit/tasks/setup_install.yml b/roles/custom/matrix-bot-honoroit/tasks/setup_install.yml index 5ca63186..19705320 100644 --- a/roles/custom/matrix-bot-honoroit/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-honoroit/tasks/setup_install.yml @@ -87,7 +87,7 @@ - name: Ensure matrix-bot-honoroit.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-bot-honoroit.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-bot-honoroit.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-honoroit.service" mode: 0644 register: matrix_bot_honoroit_systemd_service_result diff --git a/roles/custom/matrix-bot-honoroit/tasks/setup_uninstall.yml b/roles/custom/matrix-bot-honoroit/tasks/setup_uninstall.yml index 54869e31..0fa83a02 100644 --- a/roles/custom/matrix-bot-honoroit/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bot-honoroit/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-honoroit service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-bot-honoroit.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-honoroit.service" register: matrix_bot_honoroit_service_stat - name: Ensure matrix-honoroit is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-bot-honoroit.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-bot-honoroit.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-honoroit.service" state: absent when: "matrix_bot_honoroit_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-bot-matrix-registration-bot/tasks/setup_install.yml b/roles/custom/matrix-bot-matrix-registration-bot/tasks/setup_install.yml index 5896ac62..505f844a 100644 --- a/roles/custom/matrix-bot-matrix-registration-bot/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-matrix-registration-bot/tasks/setup_install.yml @@ -59,7 +59,7 @@ - name: Ensure matrix-bot-matrix-registration-bot.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-bot-matrix-registration-bot.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-bot-matrix-registration-bot.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-matrix-registration-bot.service" mode: 0644 register: matrix_bot_matrix_registration_bot_systemd_service_result diff --git a/roles/custom/matrix-bot-matrix-registration-bot/tasks/setup_uninstall.yml b/roles/custom/matrix-bot-matrix-registration-bot/tasks/setup_uninstall.yml index 63bc53ad..c7ee1365 100644 --- a/roles/custom/matrix-bot-matrix-registration-bot/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bot-matrix-registration-bot/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-matrix-registration-bot service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-bot-matrix-registration-bot.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-matrix-registration-bot.service" register: matrix_bot_matrix_registration_bot_service_stat - name: Ensure matrix-matrix-registration-bot is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-bot-matrix-registration-bot.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-bot-matrix-registration-bot.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-matrix-registration-bot.service" state: absent when: "matrix_bot_matrix_registration_bot_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml b/roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml index 9418892d..0592cacf 100644 --- a/roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml @@ -88,7 +88,7 @@ - name: Ensure matrix-bot-matrix-reminder-bot.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-bot-matrix-reminder-bot.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-matrix-reminder-bot.service" mode: 0644 register: matrix_bot_matrix_reminder_bot_systemd_service_result diff --git a/roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_uninstall.yml b/roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_uninstall.yml index de9e0427..1b940f32 100644 --- a/roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-matrix-reminder-bot service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-bot-matrix-reminder-bot.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-matrix-reminder-bot.service" register: matrix_bot_matrix_reminder_bot_service_stat - name: Ensure matrix-matrix-reminder-bot is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-bot-matrix-reminder-bot.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-bot-matrix-reminder-bot.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-matrix-reminder-bot.service" state: absent when: "matrix_bot_matrix_reminder_bot_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-bot-maubot/tasks/setup_install.yml b/roles/custom/matrix-bot-maubot/tasks/setup_install.yml index 50e48254..0619a47b 100644 --- a/roles/custom/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-maubot/tasks/setup_install.yml @@ -63,7 +63,7 @@ - name: Ensure matrix-bot-maubot.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-bot-maubot.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-bot-maubot.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-maubot.service" mode: 0644 register: matrix_bot_maubot_systemd_service_result diff --git a/roles/custom/matrix-bot-maubot/tasks/setup_uninstall.yml b/roles/custom/matrix-bot-maubot/tasks/setup_uninstall.yml index 6a5e7fdc..33b8fc14 100644 --- a/roles/custom/matrix-bot-maubot/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bot-maubot/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-maubot service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-bot-maubot.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-maubot.service" register: matrix_bot_maubot_service_stat - name: Ensure matrix-bot-maubot is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-bot-maubot.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-bot-maubot.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-maubot.service" state: absent when: "matrix_bot_maubot_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-bot-mjolnir/tasks/setup_install.yml b/roles/custom/matrix-bot-mjolnir/tasks/setup_install.yml index b9bcf37d..5e46e223 100644 --- a/roles/custom/matrix-bot-mjolnir/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-mjolnir/tasks/setup_install.yml @@ -62,7 +62,7 @@ - name: Ensure matrix-bot-mjolnir.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-bot-mjolnir.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-bot-mjolnir.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-mjolnir.service" mode: 0644 register: matrix_bot_mjolnir_systemd_service_result diff --git a/roles/custom/matrix-bot-mjolnir/tasks/setup_uninstall.yml b/roles/custom/matrix-bot-mjolnir/tasks/setup_uninstall.yml index afefcc48..708a7bb0 100644 --- a/roles/custom/matrix-bot-mjolnir/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bot-mjolnir/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-bot-mjolnir service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-bot-mjolnir.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-mjolnir.service" register: matrix_bot_mjolnir_service_stat - name: Ensure matrix-bot-mjolnir is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-bot-mjolnir.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-bot-mjolnir.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-mjolnir.service" state: absent when: "matrix_bot_mjolnir_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-bot-postmoogle/tasks/setup_install.yml b/roles/custom/matrix-bot-postmoogle/tasks/setup_install.yml index 852b5b1a..e6bfa60f 100644 --- a/roles/custom/matrix-bot-postmoogle/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-postmoogle/tasks/setup_install.yml @@ -83,7 +83,7 @@ - name: Ensure matrix-bot-postmoogle.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-bot-postmoogle.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-bot-postmoogle.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-postmoogle.service" mode: 0644 register: matrix_bot_postmoogle_systemd_service_result diff --git a/roles/custom/matrix-bot-postmoogle/tasks/setup_uninstall.yml b/roles/custom/matrix-bot-postmoogle/tasks/setup_uninstall.yml index 5502298c..198df7d7 100644 --- a/roles/custom/matrix-bot-postmoogle/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bot-postmoogle/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-postmoogle service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-bot-postmoogle.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-postmoogle.service" register: matrix_bot_postmoogle_service_stat - name: Ensure matrix-postmoogle is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-bot-postmoogle.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-bot-postmoogle.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-postmoogle.service" state: absent when: "matrix_bot_postmoogle_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-bridge-appservice-discord/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-discord/tasks/setup_install.yml index ffba95b6..0a2a89a3 100644 --- a/roles/custom/matrix-bridge-appservice-discord/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-appservice-discord/tasks/setup_install.yml @@ -105,7 +105,7 @@ - name: Ensure matrix-appservice-discord.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-appservice-discord.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-appservice-discord.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-discord.service" mode: 0644 register: matrix_appservice_discord_systemd_service_result diff --git a/roles/custom/matrix-bridge-appservice-discord/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-appservice-discord/tasks/setup_uninstall.yml index 83588d1c..50d108fa 100644 --- a/roles/custom/matrix-bridge-appservice-discord/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-appservice-discord/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-appservice-discord service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-appservice-discord.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-discord.service" register: matrix_appservice_discord_service_stat - name: Ensure matrix-appservice-discord is stopped @@ -15,7 +15,7 @@ - name: Ensure matrix-appservice-discord.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-appservice-discord.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-discord.service" state: absent when: "matrix_appservice_discord_service_stat.stat.exists" diff --git a/roles/custom/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml b/roles/custom/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml index 97ae60c5..b6e938b0 100644 --- a/roles/custom/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml +++ b/roles/custom/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml @@ -30,7 +30,7 @@ - name: Check existence of matrix-appservice-irc service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-appservice-irc.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-irc.service" register: matrix_appservice_irc_service_stat - name: Ensure matrix-appservice-irc is stopped diff --git a/roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml index 4b4614b1..f9a81779 100644 --- a/roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml @@ -193,7 +193,7 @@ - name: Ensure matrix-appservice-irc.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-appservice-irc.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-appservice-irc.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-irc.service" mode: 0644 register: matrix_appservice_irc_systemd_service_result diff --git a/roles/custom/matrix-bridge-appservice-irc/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-appservice-irc/tasks/setup_uninstall.yml index 176317de..8921d48e 100644 --- a/roles/custom/matrix-bridge-appservice-irc/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-appservice-irc/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-appservice-irc service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-appservice-irc.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-irc.service" register: matrix_appservice_irc_service_stat - name: Ensure matrix-appservice-irc is stopped @@ -15,7 +15,7 @@ - name: Ensure matrix-appservice-irc.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-appservice-irc.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-irc.service" state: absent when: "matrix_appservice_irc_service_stat.stat.exists" diff --git a/roles/custom/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml index 2dd334cb..3d226e32 100644 --- a/roles/custom/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml @@ -108,14 +108,14 @@ - name: Ensure matrix-appservice-kakaotalk-node.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-appservice-kakaotalk-node.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-appservice-kakaotalk-node.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-kakaotalk-node.service" mode: 0644 register: matrix_appservice_kakaotalk_node_systemd_service_result - name: Ensure matrix-appservice-kakaotalk.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-appservice-kakaotalk.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-appservice-kakaotalk.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-kakaotalk.service" mode: 0644 register: matrix_appservice_kakaotalk_systemd_service_result diff --git a/roles/custom/matrix-bridge-appservice-kakaotalk/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-appservice-kakaotalk/tasks/setup_uninstall.yml index fb11c383..8e46d80f 100644 --- a/roles/custom/matrix-bridge-appservice-kakaotalk/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-appservice-kakaotalk/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-appservice-kakaotalk service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-appservice-kakaotalk.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-kakaotalk.service" register: matrix_appservice_kakaotalk_service_stat - name: Ensure matrix-appservice-kakaotalk is stopped @@ -15,7 +15,7 @@ - name: Check existence of matrix-appservice-kakaotalk-node service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-appservice-kakaotalk-node.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-kakaotalk-node.service" register: matrix_appservice_kakaotalk_node_service_stat - name: Ensure matrix-appservice-kakaotalk-node is stopped @@ -31,8 +31,8 @@ path: "{{ item }}" state: absent with_items: - - "{{ matrix_systemd_path }}/matrix-appservice-kakaotalk-node.service" - - "{{ matrix_systemd_path }}/matrix-appservice-kakaotalk.service" + - "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-kakaotalk-node.service" + - "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-kakaotalk.service" when: "matrix_appservice_kakaotalk_service_stat.stat.exists" - name: Ensure systemd reloaded after matrix-appservice-kakaotalk service files removal diff --git a/roles/custom/matrix-bridge-appservice-slack/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-slack/tasks/setup_install.yml index d882d27d..66a0afee 100644 --- a/roles/custom/matrix-bridge-appservice-slack/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-appservice-slack/tasks/setup_install.yml @@ -85,7 +85,7 @@ - name: Ensure matrix-appservice-slack.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-appservice-slack.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-appservice-slack.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-slack.service" mode: 0644 register: matrix_appservice_slack_systemd_service_result diff --git a/roles/custom/matrix-bridge-appservice-slack/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-appservice-slack/tasks/setup_uninstall.yml index fa1aaf26..434f9067 100644 --- a/roles/custom/matrix-bridge-appservice-slack/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-appservice-slack/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-appservice-slack service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-appservice-slack.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-slack.service" register: matrix_appservice_slack_service_stat - name: Ensure matrix-appservice-slack is stopped @@ -15,7 +15,7 @@ - name: Ensure matrix-appservice-slack.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-appservice-slack.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-slack.service" state: absent when: "matrix_appservice_slack_service_stat.stat.exists" diff --git a/roles/custom/matrix-bridge-appservice-webhooks/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-webhooks/tasks/setup_install.yml index 824b5b78..9a9bd54f 100644 --- a/roles/custom/matrix-bridge-appservice-webhooks/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-appservice-webhooks/tasks/setup_install.yml @@ -84,7 +84,7 @@ - name: Ensure matrix-appservice-webhooks.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-appservice-webhooks.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-appservice-webhooks.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-webhooks.service" mode: 0644 register: matrix_appservice_webhooks_systemd_service_result diff --git a/roles/custom/matrix-bridge-appservice-webhooks/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-appservice-webhooks/tasks/setup_uninstall.yml index 2b3c29d5..960fe58b 100644 --- a/roles/custom/matrix-bridge-appservice-webhooks/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-appservice-webhooks/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-appservice-webhooks service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-appservice-webhooks.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-webhooks.service" register: matrix_appservice_webhooks_service_stat - name: Ensure matrix-appservice-webhooks is stopped @@ -15,7 +15,7 @@ - name: Ensure matrix-appservice-webhooks.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-appservice-webhooks.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-webhooks.service" state: absent when: "matrix_appservice_webhooks_service_stat.stat.exists" diff --git a/roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_install.yml b/roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_install.yml index 97464adc..8ddcb141 100644 --- a/roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_install.yml @@ -93,7 +93,7 @@ - name: Ensure matrix-beeper-linkedin.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-beeper-linkedin.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-beeper-linkedin.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-beeper-linkedin.service" mode: 0644 register: matrix_beeper_linkedin_systemd_service_result diff --git a/roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_uninstall.yml index 25dbf82b..4a75a4c7 100644 --- a/roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-beeper-linkedin service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-beeper-linkedin.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-beeper-linkedin.service" register: matrix_beeper_linkedin_service_stat - name: Ensure matrix-beeper-linkedin is stopped @@ -15,7 +15,7 @@ - name: Ensure matrix-beeper-linkedin.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-beeper-linkedin.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-beeper-linkedin.service" state: absent when: "matrix_beeper_linkedin_service_stat.stat.exists" diff --git a/roles/custom/matrix-bridge-go-skype-bridge/tasks/setup_install.yml b/roles/custom/matrix-bridge-go-skype-bridge/tasks/setup_install.yml index 001855fd..5f61f468 100644 --- a/roles/custom/matrix-bridge-go-skype-bridge/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-go-skype-bridge/tasks/setup_install.yml @@ -132,7 +132,7 @@ - name: Ensure matrix-go-skype-bridge.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-go-skype-bridge.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-go-skype-bridge.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-go-skype-bridge.service" mode: 0644 register: matrix_go_skype_bridge_systemd_service_result diff --git a/roles/custom/matrix-bridge-heisenbridge/tasks/setup_install.yml b/roles/custom/matrix-bridge-heisenbridge/tasks/setup_install.yml index f8e1259b..8943fab0 100644 --- a/roles/custom/matrix-bridge-heisenbridge/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-heisenbridge/tasks/setup_install.yml @@ -32,7 +32,7 @@ - name: Ensure matrix-heisenbridge.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-heisenbridge.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-heisenbridge.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-heisenbridge.service" mode: 0644 register: matrix_heisenbridge_systemd_service_result diff --git a/roles/custom/matrix-bridge-heisenbridge/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-heisenbridge/tasks/setup_uninstall.yml index a0232295..688ff9d4 100644 --- a/roles/custom/matrix-bridge-heisenbridge/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-heisenbridge/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-heisenbridge service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-heisenbridge.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-heisenbridge.service" register: matrix_heisenbridge_service_stat - name: Ensure matrix-heisenbridge is stopped @@ -15,7 +15,7 @@ - name: Ensure matrix-heisenbridge.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-heisenbridge.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-heisenbridge.service" state: absent when: "matrix_heisenbridge_service_stat.stat.exists" diff --git a/roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml b/roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml index 7c1cdf95..677c4137 100644 --- a/roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml @@ -106,7 +106,7 @@ - name: Ensure matrix-hookshot.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-hookshot.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-hookshot.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-hookshot.service" mode: 0644 register: matrix_hookshot_systemd_service_result diff --git a/roles/custom/matrix-bridge-hookshot/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-hookshot/tasks/setup_uninstall.yml index 5aba14de..2028a34e 100644 --- a/roles/custom/matrix-bridge-hookshot/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-hookshot/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-hookshot service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-hookshot.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-hookshot.service" register: matrix_hookshot_service_stat - name: Ensure matrix-hookshot is stopped @@ -15,7 +15,7 @@ - name: Ensure matrix-hookshot.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-hookshot.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-hookshot.service" state: absent when: "matrix_hookshot_service_stat.stat.exists" diff --git a/roles/custom/matrix-bridge-mautrix-discord/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-discord/tasks/setup_install.yml index ef36acf5..ea783df9 100644 --- a/roles/custom/matrix-bridge-mautrix-discord/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-discord/tasks/setup_install.yml @@ -105,7 +105,7 @@ - name: Ensure matrix-mautrix-discord.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-mautrix-discord.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-mautrix-discord.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-discord.service" mode: 0644 register: matrix_mautrix_discord_systemd_service_result diff --git a/roles/custom/matrix-bridge-mautrix-discord/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mautrix-discord/tasks/setup_uninstall.yml index 94fef89a..d75f5164 100644 --- a/roles/custom/matrix-bridge-mautrix-discord/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-mautrix-discord/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-mautrix-discord service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-mautrix-discord.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-discord.service" register: matrix_mautrix_discord_service_stat - name: Ensure matrix-mautrix-discord is stopped @@ -15,7 +15,7 @@ - name: Ensure matrix-mautrix-discord.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-mautrix-discord.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-discord.service" state: absent when: "matrix_mautrix_discord_service_stat.stat.exists" diff --git a/roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_install.yml index 9ea0e7a4..929cd92a 100644 --- a/roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_install.yml @@ -122,7 +122,7 @@ - name: Ensure matrix-mautrix-facebook.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-mautrix-facebook.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-mautrix-facebook.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-facebook.service" mode: 0644 register: matrix_mautrix_facebook_systemd_service_result diff --git a/roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_uninstall.yml index 2635f1f5..fb235b54 100644 --- a/roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-mautrix-facebook service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-mautrix-facebook.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-facebook.service" register: matrix_mautrix_facebook_service_stat - name: Ensure matrix-mautrix-facebook is stopped @@ -15,7 +15,7 @@ - name: Ensure matrix-mautrix-facebook.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-mautrix-facebook.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-facebook.service" state: absent when: "matrix_mautrix_facebook_service_stat.stat.exists" diff --git a/roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml index 27ef80c6..13b380e2 100644 --- a/roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml @@ -122,7 +122,7 @@ - name: Ensure matrix-mautrix-googlechat.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-mautrix-googlechat.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-mautrix-googlechat.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-googlechat.service" mode: 0644 register: matrix_mautrix_googlechat_systemd_service_result diff --git a/roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_uninstall.yml index 104e58a5..37a4e675 100644 --- a/roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-mautrix-googlechat service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-mautrix-googlechat.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-googlechat.service" register: matrix_mautrix_googlechat_service_stat - name: Ensure matrix-mautrix-googlechat is stopped @@ -15,7 +15,7 @@ - name: Ensure matrix-mautrix-googlechat.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-mautrix-googlechat.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-googlechat.service" state: absent when: "matrix_mautrix_googlechat_service_stat.stat.exists" diff --git a/roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml index 65241a33..f7b03779 100644 --- a/roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml @@ -122,7 +122,7 @@ - name: Ensure matrix-mautrix-hangouts.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-mautrix-hangouts.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-mautrix-hangouts.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-hangouts.service" mode: 0644 register: matrix_mautrix_hangouts_systemd_service_result diff --git a/roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_uninstall.yml index 2cb676b5..b7ff7239 100644 --- a/roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-mautrix-hangouts service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-mautrix-hangouts.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-hangouts.service" register: matrix_mautrix_hangouts_service_stat - name: Ensure matrix-mautrix-hangouts is stopped @@ -15,7 +15,7 @@ - name: Ensure matrix-mautrix-hangouts.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-mautrix-hangouts.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-hangouts.service" state: absent when: "matrix_mautrix_hangouts_service_stat.stat.exists" diff --git a/roles/custom/matrix-bridge-mautrix-instagram/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-instagram/tasks/setup_install.yml index 47076eb7..b4c2bd83 100644 --- a/roles/custom/matrix-bridge-mautrix-instagram/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-instagram/tasks/setup_install.yml @@ -75,7 +75,7 @@ - name: Ensure matrix-mautrix-instagram.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-mautrix-instagram.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-mautrix-instagram.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-instagram.service" mode: 0644 register: matrix_mautrix_instagram_systemd_service_result diff --git a/roles/custom/matrix-bridge-mautrix-instagram/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mautrix-instagram/tasks/setup_uninstall.yml index 55d882d3..a029a90a 100644 --- a/roles/custom/matrix-bridge-mautrix-instagram/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-mautrix-instagram/tasks/setup_uninstall.yml @@ -1,7 +1,7 @@ --- - name: Check existence of matrix-mautrix-instagram service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-mautrix-instagram.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-instagram.service" register: matrix_mautrix_instagram_service_stat - name: Ensure matrix-mautrix-instagram is stopped @@ -14,7 +14,7 @@ - name: Ensure matrix-mautrix-instagram.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-mautrix-instagram.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-instagram.service" state: absent when: "matrix_mautrix_instagram_service_stat.stat.exists" diff --git a/roles/custom/matrix-bridge-mautrix-signal/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-signal/tasks/setup_install.yml index 577e80a9..4f4aed49 100644 --- a/roles/custom/matrix-bridge-mautrix-signal/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-signal/tasks/setup_install.yml @@ -120,14 +120,14 @@ - name: Ensure matrix-mautrix-signal-daemon.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-mautrix-signal-daemon.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-mautrix-signal-daemon.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-signal-daemon.service" mode: 0644 register: matrix_mautrix_signal_daemon_systemd_service_result - name: Ensure matrix-mautrix-signal.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-mautrix-signal.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-mautrix-signal.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-signal.service" mode: 0644 register: matrix_mautrix_signal_systemd_service_result diff --git a/roles/custom/matrix-bridge-mautrix-signal/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mautrix-signal/tasks/setup_uninstall.yml index befbcbec..d98d28ba 100644 --- a/roles/custom/matrix-bridge-mautrix-signal/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-mautrix-signal/tasks/setup_uninstall.yml @@ -3,7 +3,7 @@ # Signal daemon service - name: Check existence of matrix-mautrix-signal-daemon service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-mautrix-signal-daemon.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-signal-daemon.service" register: matrix_mautrix_signal_daemon_service_stat - name: Ensure matrix-mautrix-signal-daemon is stopped @@ -16,14 +16,14 @@ - name: Ensure matrix-mautrix-signal-daemon.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-mautrix-signal-daemon.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-signal-daemon.service" state: absent when: "matrix_mautrix_signal_daemon_service_stat.stat.exists" # Bridge service - name: Check existence of matrix-mautrix-signal service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-mautrix-signal.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-signal.service" register: matrix_mautrix_signal_service_stat - name: Ensure matrix-mautrix-signal is stopped @@ -36,7 +36,7 @@ - name: Ensure matrix-mautrix-signal.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-mautrix-signal.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-signal.service" state: absent when: "matrix_mautrix_signal_service_stat.stat.exists" diff --git a/roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_install.yml index 05c5121a..dfb0ec1e 100644 --- a/roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_install.yml @@ -147,7 +147,7 @@ - name: Ensure matrix-mautrix-telegram.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-mautrix-telegram.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-mautrix-telegram.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-telegram.service" mode: 0644 register: matrix_mautrix_telegram_systemd_service_result diff --git a/roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_uninstall.yml index f4a5f569..90ca0195 100644 --- a/roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-mautrix-telegram service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-mautrix-telegram.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-telegram.service" register: matrix_mautrix_telegram_service_stat - name: Ensure matrix-mautrix-telegram is stopped @@ -15,7 +15,7 @@ - name: Ensure matrix-mautrix-telegram.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-mautrix-telegram.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-telegram.service" state: absent when: "matrix_mautrix_telegram_service_stat.stat.exists" diff --git a/roles/custom/matrix-bridge-mautrix-twitter/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-twitter/tasks/setup_install.yml index 485e8be4..94c9e8e0 100644 --- a/roles/custom/matrix-bridge-mautrix-twitter/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-twitter/tasks/setup_install.yml @@ -78,7 +78,7 @@ - name: Ensure matrix-mautrix-twitter.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-mautrix-twitter.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-mautrix-twitter.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-twitter.service" mode: 0644 register: matrix_mautrix_twitter_systemd_service_result diff --git a/roles/custom/matrix-bridge-mautrix-twitter/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mautrix-twitter/tasks/setup_uninstall.yml index 5ce64906..5f6b1491 100644 --- a/roles/custom/matrix-bridge-mautrix-twitter/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-mautrix-twitter/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-mautrix-twitter service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-mautrix-twitter.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-twitter.service" register: matrix_mautrix_twitter_service_stat - name: Ensure matrix-mautrix-twitter is stopped @@ -14,7 +14,7 @@ - name: Ensure matrix-mautrix-twitter.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-mautrix-twitter.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-twitter.service" state: absent when: "matrix_mautrix_twitter_service_stat.stat.exists" diff --git a/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml index d50be0a4..adf316f1 100644 --- a/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml @@ -132,7 +132,7 @@ - name: Ensure matrix-mautrix-whatsapp.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-mautrix-whatsapp.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-mautrix-whatsapp.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-whatsapp.service" mode: 0644 register: matrix_mautrix_whatsapp_systemd_service_result diff --git a/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_uninstall.yml index c531b530..ff215001 100644 --- a/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-mautrix-whatsapp service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-mautrix-whatsapp.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-whatsapp.service" register: matrix_mautrix_whatsapp_service_stat - name: Ensure matrix-mautrix-whatsapp is stopped @@ -15,7 +15,7 @@ - name: Ensure matrix-mautrix-whatsapp.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-mautrix-whatsapp.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-whatsapp.service" state: absent when: "matrix_mautrix_whatsapp_service_stat.stat.exists" diff --git a/roles/custom/matrix-bridge-sms/tasks/setup_install.yml b/roles/custom/matrix-bridge-sms/tasks/setup_install.yml index b4125e51..1da01b09 100644 --- a/roles/custom/matrix-bridge-sms/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-sms/tasks/setup_install.yml @@ -49,7 +49,7 @@ - name: Ensure matrix-sms-bridge.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-sms-bridge.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-sms-bridge.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-sms-bridge.service" mode: 0644 register: matrix_sms_bridge_systemd_service_result diff --git a/roles/custom/matrix-bridge-sms/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-sms/tasks/setup_uninstall.yml index 322190f9..c7d0011e 100644 --- a/roles/custom/matrix-bridge-sms/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-sms/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-sms-bridge service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-sms-bridge.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-sms-bridge.service" register: matrix_sms_bridge_service_stat - name: Ensure matrix-sms-bridge is stopped @@ -15,6 +15,6 @@ - name: Ensure matrix-sms-bridge.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-sms-bridge.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-sms-bridge.service" state: absent when: "matrix_sms_bridge_service_stat.stat.exists" diff --git a/roles/custom/matrix-cactus-comments/tasks/setup_install.yml b/roles/custom/matrix-cactus-comments/tasks/setup_install.yml index 7085290f..b3ccb1c6 100644 --- a/roles/custom/matrix-cactus-comments/tasks/setup_install.yml +++ b/roles/custom/matrix-cactus-comments/tasks/setup_install.yml @@ -123,7 +123,7 @@ - name: Ensure matrix-cactus-comments.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-cactus-comments.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-cactus-comments.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-cactus-comments.service" mode: 0644 register: matrix_cactus_comments_systemd_service_result diff --git a/roles/custom/matrix-cactus-comments/tasks/setup_uninstall.yml b/roles/custom/matrix-cactus-comments/tasks/setup_uninstall.yml index 3491d912..bd46f252 100644 --- a/roles/custom/matrix-cactus-comments/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-cactus-comments/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-cactus-comments service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-cactus-comments.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-cactus-comments.service" register: matrix_cactus_comments_service_stat - name: Ensure cactus comments is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-cactus-comments.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-cactus-comments.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-cactus-comments.service" state: absent when: "matrix_cactus_comments_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-client-cinny/tasks/setup_install.yml b/roles/custom/matrix-client-cinny/tasks/setup_install.yml index a39c7f9d..a6a7fb25 100644 --- a/roles/custom/matrix-client-cinny/tasks/setup_install.yml +++ b/roles/custom/matrix-client-cinny/tasks/setup_install.yml @@ -67,7 +67,7 @@ - name: Ensure matrix-client-cinny.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-client-cinny.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-client-cinny.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-client-cinny.service" mode: 0644 register: matrix_client_cinny_systemd_service_result diff --git a/roles/custom/matrix-client-cinny/tasks/setup_uninstall.yml b/roles/custom/matrix-client-cinny/tasks/setup_uninstall.yml index 6cc93e1b..5b67e819 100644 --- a/roles/custom/matrix-client-cinny/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-client-cinny/tasks/setup_uninstall.yml @@ -1,7 +1,7 @@ --- - name: Check existence of matrix-client-cinny.service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-client-cinny.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-client-cinny.service" register: matrix_client_cinny_service_stat - name: Ensure matrix-client-cinny is stopped @@ -15,7 +15,7 @@ - name: Ensure matrix-client-cinny.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-client-cinny.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-client-cinny.service" state: absent when: "matrix_client_cinny_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-client-element/tasks/migrate_riot_web.yml b/roles/custom/matrix-client-element/tasks/migrate_riot_web.yml index 23011e93..bb62b7ce 100644 --- a/roles/custom/matrix-client-element/tasks/migrate_riot_web.yml +++ b/roles/custom/matrix-client-element/tasks/migrate_riot_web.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-riot-web.service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-riot-web.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-riot-web.service" register: matrix_client_riot_web_service_stat when: "matrix_client_element_enabled | bool" @@ -17,7 +17,7 @@ - name: Ensure matrix-riot-web.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-riot-web.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-riot-web.service" state: absent when: "matrix_client_element_enabled | bool and matrix_client_riot_web_service_stat.stat.exists" diff --git a/roles/custom/matrix-client-element/tasks/setup_install.yml b/roles/custom/matrix-client-element/tasks/setup_install.yml index 044ed611..553b144d 100644 --- a/roles/custom/matrix-client-element/tasks/setup_install.yml +++ b/roles/custom/matrix-client-element/tasks/setup_install.yml @@ -93,7 +93,7 @@ - name: Ensure matrix-client-element.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-client-element.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-client-element.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-client-element.service" mode: 0644 register: matrix_client_element_systemd_service_result diff --git a/roles/custom/matrix-client-element/tasks/setup_uninstall.yml b/roles/custom/matrix-client-element/tasks/setup_uninstall.yml index c40a4fc6..3a1de409 100644 --- a/roles/custom/matrix-client-element/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-client-element/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-client-element.service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-client-element.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-client-element.service" register: matrix_client_element_service_stat - name: Ensure matrix-client-element is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-client-element.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-client-element.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-client-element.service" state: absent when: "matrix_client_element_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-client-hydrogen/tasks/setup_install.yml b/roles/custom/matrix-client-hydrogen/tasks/setup_install.yml index dfd0607b..9509a44b 100644 --- a/roles/custom/matrix-client-hydrogen/tasks/setup_install.yml +++ b/roles/custom/matrix-client-hydrogen/tasks/setup_install.yml @@ -71,7 +71,7 @@ - name: Ensure matrix-client-hydrogen.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-client-hydrogen.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-client-hydrogen.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-client-hydrogen.service" mode: 0644 register: matrix_client_hydrogen_systemd_service_result diff --git a/roles/custom/matrix-client-hydrogen/tasks/setup_uninstall.yml b/roles/custom/matrix-client-hydrogen/tasks/setup_uninstall.yml index 49d2f4ca..090ce567 100644 --- a/roles/custom/matrix-client-hydrogen/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-client-hydrogen/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-client-hydrogen.service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-client-hydrogen.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-client-hydrogen.service" register: matrix_client_hydrogen_service_stat - name: Ensure matrix-client-hydrogen is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-client-hydrogen.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-client-hydrogen.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-client-hydrogen.service" state: absent when: "matrix_client_hydrogen_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-conduit/tasks/conduit/setup_install.yml b/roles/custom/matrix-conduit/tasks/conduit/setup_install.yml index cf8c6657..a5177bec 100644 --- a/roles/custom/matrix-conduit/tasks/conduit/setup_install.yml +++ b/roles/custom/matrix-conduit/tasks/conduit/setup_install.yml @@ -37,7 +37,7 @@ - name: Ensure matrix-conduit.service installed ansible.builtin.template: src: "{{ role_path }}/templates/conduit/systemd/matrix-conduit.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-conduit.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-conduit.service" mode: 0644 register: matrix_conduit_systemd_service_result diff --git a/roles/custom/matrix-conduit/tasks/conduit/setup_uninstall.yml b/roles/custom/matrix-conduit/tasks/conduit/setup_uninstall.yml index 1bba9a9e..efe7d40a 100644 --- a/roles/custom/matrix-conduit/tasks/conduit/setup_uninstall.yml +++ b/roles/custom/matrix-conduit/tasks/conduit/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-conduit service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-conduit.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-conduit.service" register: matrix_conduit_service_stat - name: Ensure matrix-conduit is stopped @@ -15,7 +15,7 @@ - name: Ensure matrix-conduit.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-conduit.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-conduit.service" state: absent when: "matrix_conduit_service_stat.stat.exists" diff --git a/roles/custom/matrix-corporal/tasks/setup_corporal.yml b/roles/custom/matrix-corporal/tasks/setup_corporal.yml index e4fce897..6e9f290c 100644 --- a/roles/custom/matrix-corporal/tasks/setup_corporal.yml +++ b/roles/custom/matrix-corporal/tasks/setup_corporal.yml @@ -64,7 +64,7 @@ - name: Ensure matrix-corporal.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-corporal.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-corporal.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-corporal.service" mode: 0644 register: matrix_corporal_systemd_service_result when: matrix_corporal_enabled | bool @@ -81,7 +81,7 @@ - name: Check existence of matrix-corporal service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-corporal.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-corporal.service" register: matrix_corporal_service_stat when: "not matrix_corporal_enabled | bool" @@ -96,7 +96,7 @@ - name: Ensure matrix-corporal.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-corporal.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-corporal.service" state: absent when: "not matrix_corporal_enabled | bool and matrix_corporal_service_stat.stat.exists" @@ -110,7 +110,7 @@ path: "{{ item }}" state: absent with_items: - - "{{ matrix_systemd_path }}/matrix-corporal.service" + - "{{ devture_systemd_docker_base_systemd_path }}/matrix-corporal.service" - "{{ matrix_corporal_config_dir_path }}/config.json" when: "not matrix_corporal_enabled | bool" diff --git a/roles/custom/matrix-coturn/tasks/setup_install.yml b/roles/custom/matrix-coturn/tasks/setup_install.yml index ef44c073..02e0a26b 100644 --- a/roles/custom/matrix-coturn/tasks/setup_install.yml +++ b/roles/custom/matrix-coturn/tasks/setup_install.yml @@ -76,7 +76,7 @@ - name: Ensure matrix-coturn.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-coturn.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-coturn.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-coturn.service" mode: 0644 register: matrix_coturn_systemd_service_change_results @@ -86,7 +86,7 @@ - name: Ensure reloading systemd units installed, if necessary ansible.builtin.template: src: "{{ role_path }}/templates/systemd/{{ item }}.j2" - dest: "{{ matrix_systemd_path }}/{{ item }}" + dest: "{{ devture_systemd_docker_base_systemd_path }}/{{ item }}" mode: 0644 register: "matrix_coturn_systemd_service_change_results" when: "matrix_coturn_tls_enabled | bool" diff --git a/roles/custom/matrix-coturn/tasks/setup_uninstall.yml b/roles/custom/matrix-coturn/tasks/setup_uninstall.yml index 5dd2788e..bf71b90a 100644 --- a/roles/custom/matrix-coturn/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-coturn/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-coturn service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-coturn.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-coturn.service" register: matrix_coturn_service_stat when: "not matrix_coturn_enabled | bool" @@ -25,7 +25,7 @@ - name: Ensure systemd units don't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/{{ item }}" + path: "{{ devture_systemd_docker_base_systemd_path }}/{{ item }}" state: absent register: matrix_coturn_systemd_unit_uninstallation_result with_items: diff --git a/roles/custom/matrix-dendrite/tasks/dendrite/setup_install.yml b/roles/custom/matrix-dendrite/tasks/dendrite/setup_install.yml index 98090e15..f75b0e10 100644 --- a/roles/custom/matrix-dendrite/tasks/dendrite/setup_install.yml +++ b/roles/custom/matrix-dendrite/tasks/dendrite/setup_install.yml @@ -65,7 +65,7 @@ - name: Ensure matrix-dendrite.service installed ansible.builtin.template: src: "{{ role_path }}/templates/dendrite/systemd/matrix-dendrite.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-dendrite.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-dendrite.service" mode: 0644 register: matrix_dendrite_systemd_service_result diff --git a/roles/custom/matrix-dendrite/tasks/dendrite/setup_uninstall.yml b/roles/custom/matrix-dendrite/tasks/dendrite/setup_uninstall.yml index 6a2ea5b1..ce3e3476 100644 --- a/roles/custom/matrix-dendrite/tasks/dendrite/setup_uninstall.yml +++ b/roles/custom/matrix-dendrite/tasks/dendrite/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-dendrite service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-dendrite.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-dendrite.service" register: matrix_dendrite_service_stat - name: Ensure matrix-dendrite is stopped @@ -15,7 +15,7 @@ - name: Ensure matrix-dendrite.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-dendrite.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-dendrite.service" state: absent when: "matrix_dendrite_service_stat.stat.exists" diff --git a/roles/custom/matrix-dimension/tasks/setup_install.yml b/roles/custom/matrix-dimension/tasks/setup_install.yml index a16d0407..52507ebb 100644 --- a/roles/custom/matrix-dimension/tasks/setup_install.yml +++ b/roles/custom/matrix-dimension/tasks/setup_install.yml @@ -124,7 +124,7 @@ - name: Ensure matrix-dimension.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-dimension.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-dimension.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-dimension.service" mode: 0644 register: matrix_dimension_systemd_service_result diff --git a/roles/custom/matrix-dimension/tasks/setup_uninstall.yml b/roles/custom/matrix-dimension/tasks/setup_uninstall.yml index c939e66a..8a5f5c75 100644 --- a/roles/custom/matrix-dimension/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-dimension/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-dimension service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-dimension.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-dimension.service" register: matrix_dimension_service_stat - name: Ensure matrix-dimension is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-dimension.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-dimension.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-dimension.service" state: absent when: "matrix_dimension_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-dynamic-dns/tasks/uninstall.yml b/roles/custom/matrix-dynamic-dns/tasks/uninstall.yml index 5e6b429c..7b4e7667 100644 --- a/roles/custom/matrix-dynamic-dns/tasks/uninstall.yml +++ b/roles/custom/matrix-dynamic-dns/tasks/uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-dynamic-dns service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-dynamic-dns.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-dynamic-dns.service" register: matrix_dynamic_dns_service_stat - name: Ensure matrix-dynamic-dns is stopped @@ -15,7 +15,7 @@ - name: Ensure matrix-dynamic-dns.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-dynamic-dns.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-dynamic-dns.service" state: absent when: "matrix_dynamic_dns_service_stat.stat.exists" diff --git a/roles/custom/matrix-email2matrix/tasks/setup_install.yml b/roles/custom/matrix-email2matrix/tasks/setup_install.yml index a6399a4e..39fcfdb8 100644 --- a/roles/custom/matrix-email2matrix/tasks/setup_install.yml +++ b/roles/custom/matrix-email2matrix/tasks/setup_install.yml @@ -59,7 +59,7 @@ - name: Ensure matrix-email2matrix.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-email2matrix.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-email2matrix.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-email2matrix.service" mode: 0644 register: matrix_email2matrix_systemd_service_result diff --git a/roles/custom/matrix-email2matrix/tasks/setup_uninstall.yml b/roles/custom/matrix-email2matrix/tasks/setup_uninstall.yml index 6aec40d2..c9600d0c 100644 --- a/roles/custom/matrix-email2matrix/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-email2matrix/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-email2matrix service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-email2matrix.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-email2matrix.service" register: matrix_email2matrix_service_stat - name: Ensure matrix-email2matrix is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-email2matrix.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-email2matrix.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-email2matrix.service" state: absent when: "matrix_email2matrix_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-etherpad/tasks/setup_install.yml b/roles/custom/matrix-etherpad/tasks/setup_install.yml index 4974bd47..2dfb39c5 100644 --- a/roles/custom/matrix-etherpad/tasks/setup_install.yml +++ b/roles/custom/matrix-etherpad/tasks/setup_install.yml @@ -30,7 +30,7 @@ - name: Ensure matrix-etherpad.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-etherpad.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-etherpad.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-etherpad.service" mode: 0644 register: matrix_etherpad_systemd_service_result diff --git a/roles/custom/matrix-etherpad/tasks/setup_uninstall.yml b/roles/custom/matrix-etherpad/tasks/setup_uninstall.yml index 1a5d003e..7d93b9ab 100644 --- a/roles/custom/matrix-etherpad/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-etherpad/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-etherpad service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-etherpad.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-etherpad.service" register: matrix_etherpad_service_stat - name: Ensure matrix-etherpad is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-etherpad.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-etherpad.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-etherpad.service" state: absent when: "matrix_etherpad_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-grafana/tasks/setup.yml b/roles/custom/matrix-grafana/tasks/setup.yml index 9198ffd8..b86316b9 100644 --- a/roles/custom/matrix-grafana/tasks/setup.yml +++ b/roles/custom/matrix-grafana/tasks/setup.yml @@ -78,7 +78,7 @@ - name: Ensure matrix-grafana.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-grafana.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-grafana.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-grafana.service" mode: 0644 register: matrix_grafana_systemd_service_result when: matrix_grafana_enabled | bool @@ -94,7 +94,7 @@ - name: Check existence of matrix-grafana service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-grafana.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-grafana.service" register: matrix_grafana_service_stat - name: Ensure matrix-grafana is stopped @@ -108,7 +108,7 @@ - name: Ensure matrix-grafana.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-grafana.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-grafana.service" state: absent when: "not matrix_grafana_enabled | bool and matrix_grafana_service_stat.stat.exists" diff --git a/roles/custom/matrix-jitsi/tasks/setup_jitsi_jicofo.yml b/roles/custom/matrix-jitsi/tasks/setup_jitsi_jicofo.yml index 5654fe3d..897decee 100644 --- a/roles/custom/matrix-jitsi/tasks/setup_jitsi_jicofo.yml +++ b/roles/custom/matrix-jitsi/tasks/setup_jitsi_jicofo.yml @@ -52,7 +52,7 @@ - name: Ensure matrix-jitsi-jicofo.service installed ansible.builtin.template: src: "{{ role_path }}/templates/jicofo/matrix-jitsi-jicofo.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-jitsi-jicofo.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-jitsi-jicofo.service" mode: 0644 register: matrix_jitsi_jicofo_systemd_service_result when: matrix_jitsi_enabled | bool @@ -68,7 +68,7 @@ - name: Check existence of matrix-jitsi-jicofo service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-jitsi-jicofo.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-jitsi-jicofo.service" register: matrix_jitsi_jicofo_service_stat when: "not matrix_jitsi_enabled | bool" @@ -83,7 +83,7 @@ - name: Ensure matrix-jitsi-jicofo.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-jitsi-jicofo.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-jitsi-jicofo.service" state: absent when: "not matrix_jitsi_enabled | bool and matrix_jitsi_jicofo_service_stat.stat.exists" diff --git a/roles/custom/matrix-jitsi/tasks/setup_jitsi_jvb.yml b/roles/custom/matrix-jitsi/tasks/setup_jitsi_jvb.yml index 9a50f8c6..38a7571d 100644 --- a/roles/custom/matrix-jitsi/tasks/setup_jitsi_jvb.yml +++ b/roles/custom/matrix-jitsi/tasks/setup_jitsi_jvb.yml @@ -52,7 +52,7 @@ - name: Ensure matrix-jitsi-jvb.service installed ansible.builtin.template: src: "{{ role_path }}/templates/jvb/matrix-jitsi-jvb.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-jitsi-jvb.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-jitsi-jvb.service" mode: 0644 register: matrix_jitsi_jvb_systemd_service_result when: matrix_jitsi_enabled | bool @@ -68,7 +68,7 @@ - name: Check existence of matrix-jitsi-jvb service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-jitsi-jvb.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-jitsi-jvb.service" register: matrix_jitsi_jvb_service_stat when: "not matrix_jitsi_enabled | bool" @@ -83,7 +83,7 @@ - name: Ensure matrix-jitsi-jvb.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-jitsi-jvb.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-jitsi-jvb.service" state: absent when: "not matrix_jitsi_enabled | bool and matrix_jitsi_jvb_service_stat.stat.exists" diff --git a/roles/custom/matrix-jitsi/tasks/setup_jitsi_prosody.yml b/roles/custom/matrix-jitsi/tasks/setup_jitsi_prosody.yml index 8ba99f91..9f76e1e6 100644 --- a/roles/custom/matrix-jitsi/tasks/setup_jitsi_prosody.yml +++ b/roles/custom/matrix-jitsi/tasks/setup_jitsi_prosody.yml @@ -41,7 +41,7 @@ - name: Ensure matrix-jitsi-prosody.service file is installed ansible.builtin.template: src: "{{ role_path }}/templates/prosody/matrix-jitsi-prosody.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-jitsi-prosody.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-jitsi-prosody.service" mode: 0644 register: matrix_jitsi_prosody_systemd_service_result when: matrix_jitsi_enabled | bool @@ -65,7 +65,7 @@ - name: Ensure matrix-jitsi-prosody.service file exists ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-jitsi-prosody.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-jitsi-prosody.service" register: matrix_jitsi_prosody_service_stat when: "not matrix_jitsi_enabled | bool" @@ -80,7 +80,7 @@ - name: Ensure matrix-jitsi-prosody.service file doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-jitsi-prosody.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-jitsi-prosody.service" state: absent when: "not matrix_jitsi_enabled | bool and matrix_jitsi_prosody_service_stat.stat.exists" diff --git a/roles/custom/matrix-jitsi/tasks/setup_jitsi_web.yml b/roles/custom/matrix-jitsi/tasks/setup_jitsi_web.yml index 9326ee61..ae6fa08e 100644 --- a/roles/custom/matrix-jitsi/tasks/setup_jitsi_web.yml +++ b/roles/custom/matrix-jitsi/tasks/setup_jitsi_web.yml @@ -54,7 +54,7 @@ - name: Ensure matrix-jitsi-web.service installed ansible.builtin.template: src: "{{ role_path }}/templates/web/matrix-jitsi-web.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-jitsi-web.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-jitsi-web.service" mode: 0644 register: matrix_jitsi_web_systemd_service_result when: matrix_jitsi_enabled | bool @@ -70,7 +70,7 @@ - name: Check existence of matrix-jitsi-web service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-jitsi-web.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-jitsi-web.service" register: matrix_jitsi_web_service_stat when: "not matrix_jitsi_enabled | bool" @@ -85,7 +85,7 @@ - name: Ensure matrix-jitsi-web.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-jitsi-web.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-jitsi-web.service" state: absent when: "not matrix_jitsi_enabled | bool and matrix_jitsi_web_service_stat.stat.exists" diff --git a/roles/custom/matrix-ldap-registration-proxy/tasks/setup_install.yml b/roles/custom/matrix-ldap-registration-proxy/tasks/setup_install.yml index 97b7e8eb..3ac8f9b8 100644 --- a/roles/custom/matrix-ldap-registration-proxy/tasks/setup_install.yml +++ b/roles/custom/matrix-ldap-registration-proxy/tasks/setup_install.yml @@ -47,7 +47,7 @@ - name: Ensure matrix-ldap-registration-proxy.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-ldap-registration-proxy.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-ldap-registration-proxy.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-ldap-registration-proxy.service" mode: 0644 register: matrix_ldap_registration_proxy_systemd_service_result diff --git a/roles/custom/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml b/roles/custom/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml index 96ab0b67..ed19ad9c 100644 --- a/roles/custom/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-matrix_ldap_registration_proxy service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-ldap-registration-proxy.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-ldap-registration-proxy.service" register: matrix_ldap_registration_proxy_service_stat - name: Ensure matrix-matrix_ldap_registration_proxy is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-ldap-registration-proxy.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-ldap-registration-proxy.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-ldap-registration-proxy.service" state: absent when: "matrix_ldap_registration_proxy_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-ma1sd/tasks/migrate_mxisd.yml b/roles/custom/matrix-ma1sd/tasks/migrate_mxisd.yml index 3ba7b14d..ee722895 100644 --- a/roles/custom/matrix-ma1sd/tasks/migrate_mxisd.yml +++ b/roles/custom/matrix-ma1sd/tasks/migrate_mxisd.yml @@ -16,7 +16,7 @@ - name: Check existence of old matrix-mxisd service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-mxisd.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mxisd.service" register: matrix_mxisd_service_stat - name: Ensure matrix-mxisd is stopped @@ -29,7 +29,7 @@ - name: Check existence of matrix-ma1sd service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-ma1sd.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-ma1sd.service" register: matrix_ma1sd_service_stat when: "ma1sd_migrate_mxisd_data_dir_stat.stat.exists" @@ -70,7 +70,7 @@ - name: Ensure outdated matrix-mxisd.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-mxisd.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mxisd.service" state: absent when: "matrix_mxisd_service_stat.stat.exists" diff --git a/roles/custom/matrix-ma1sd/tasks/setup_install.yml b/roles/custom/matrix-ma1sd/tasks/setup_install.yml index e474d906..51e34dac 100644 --- a/roles/custom/matrix-ma1sd/tasks/setup_install.yml +++ b/roles/custom/matrix-ma1sd/tasks/setup_install.yml @@ -162,7 +162,7 @@ - name: Ensure matrix-ma1sd.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-ma1sd.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-ma1sd.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-ma1sd.service" mode: 0644 register: matrix_ma1sd_systemd_service_result diff --git a/roles/custom/matrix-ma1sd/tasks/setup_uninstall.yml b/roles/custom/matrix-ma1sd/tasks/setup_uninstall.yml index 0349ec32..c7e8bf63 100644 --- a/roles/custom/matrix-ma1sd/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-ma1sd/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-ma1sd service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-ma1sd.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-ma1sd.service" register: matrix_ma1sd_service_stat - name: Ensure matrix-ma1sd is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-ma1sd.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-ma1sd.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-ma1sd.service" state: absent when: "matrix_ma1sd_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-mailer/tasks/setup_mailer.yml b/roles/custom/matrix-mailer/tasks/setup_mailer.yml index 36ec8016..fbc16a93 100644 --- a/roles/custom/matrix-mailer/tasks/setup_mailer.yml +++ b/roles/custom/matrix-mailer/tasks/setup_mailer.yml @@ -61,7 +61,7 @@ - name: Ensure matrix-mailer.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-mailer.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-mailer.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mailer.service" mode: 0644 register: matrix_mailer_systemd_service_result when: matrix_mailer_enabled | bool @@ -77,7 +77,7 @@ - name: Check existence of matrix-mailer service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-mailer.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mailer.service" register: matrix_mailer_service_stat when: "not matrix_mailer_enabled | bool" @@ -92,7 +92,7 @@ - name: Ensure matrix-mailer.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-mailer.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mailer.service" state: absent when: "not matrix_mailer_enabled | bool and matrix_mailer_service_stat.stat.exists" diff --git a/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml b/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml index 11a1cc06..04cd8610 100644 --- a/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml +++ b/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml @@ -207,7 +207,7 @@ - name: Ensure matrix-nginx-proxy.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-nginx-proxy.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-nginx-proxy.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-nginx-proxy.service" mode: 0644 register: matrix_nginx_proxy_systemd_service_result when: matrix_nginx_proxy_enabled | bool @@ -224,7 +224,7 @@ - name: Check existence of matrix-nginx-proxy service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-nginx-proxy.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-nginx-proxy.service" register: matrix_nginx_proxy_service_stat when: "not matrix_nginx_proxy_enabled | bool" @@ -239,7 +239,7 @@ - name: Ensure matrix-nginx-proxy.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-nginx-proxy.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-nginx-proxy.service" state: absent when: "not matrix_nginx_proxy_enabled | bool and matrix_nginx_proxy_service_stat.stat.exists" diff --git a/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml b/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml index b212752c..77361f3f 100644 --- a/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml +++ b/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml @@ -43,7 +43,7 @@ - name: Ensure SSL renewal systemd units installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/{{ item.name }}.j2" - dest: "{{ matrix_systemd_path }}/{{ item.name }}" + dest: "{{ devture_systemd_docker_base_systemd_path }}/{{ item.name }}" mode: 0644 when: "item.applicable | bool" with_items: "{{ matrix_ssl_renewal_systemd_units_list }}" @@ -56,7 +56,7 @@ block: - name: Ensure matrix-ssl-lets-encrypt-renew cronjob removed ansible.builtin.file: - path: "{{ matrix_systemd_path }}/{{ item.name }}" + path: "{{ devture_systemd_docker_base_systemd_path }}/{{ item.name }}" state: absent when: "not item.applicable | bool" with_items: "{{ matrix_ssl_renewal_systemd_units_list }}" diff --git a/roles/custom/matrix-ntfy/tasks/setup_install.yml b/roles/custom/matrix-ntfy/tasks/setup_install.yml index ef50c42a..d6b4513f 100644 --- a/roles/custom/matrix-ntfy/tasks/setup_install.yml +++ b/roles/custom/matrix-ntfy/tasks/setup_install.yml @@ -34,7 +34,7 @@ - name: Ensure matrix-ntfy.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-ntfy.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-ntfy.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-ntfy.service" mode: 0644 register: matrix_ntfy_systemd_service_result diff --git a/roles/custom/matrix-ntfy/tasks/setup_uninstall.yml b/roles/custom/matrix-ntfy/tasks/setup_uninstall.yml index d5da1d8e..e0eedfd8 100644 --- a/roles/custom/matrix-ntfy/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-ntfy/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-ntfy service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-ntfy.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-ntfy.service" register: matrix_ntfy_service_stat - name: Ensure matrix-ntfy is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-ntfy.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-ntfy.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-ntfy.service" state: absent when: "matrix_ntfy_service_stat.stat.exists" diff --git a/roles/custom/matrix-postgres-backup/tasks/setup_postgres_backup.yml b/roles/custom/matrix-postgres-backup/tasks/setup_postgres_backup.yml index 55980d3c..8d59462d 100644 --- a/roles/custom/matrix-postgres-backup/tasks/setup_postgres_backup.yml +++ b/roles/custom/matrix-postgres-backup/tasks/setup_postgres_backup.yml @@ -53,7 +53,7 @@ - name: Ensure matrix-postgres-backup.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-postgres-backup.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-postgres-backup.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-postgres-backup.service" mode: 0644 register: matrix_postgres_backup_systemd_service_result when: matrix_postgres_backup_enabled | bool @@ -69,7 +69,7 @@ - name: Check existence of matrix-postgres-backup service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-postgres-backup.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-postgres-backup.service" register: matrix_postgres_backup_service_stat when: "not matrix_postgres_backup_enabled | bool" @@ -83,7 +83,7 @@ - name: Ensure matrix-postgres-backup.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-postgres-backup.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-postgres-backup.service" state: absent when: "not matrix_postgres_backup_enabled | bool and matrix_postgres_backup_service_stat.stat.exists" diff --git a/roles/custom/matrix-postgres/tasks/migrate_postgres_data_directory.yml b/roles/custom/matrix-postgres/tasks/migrate_postgres_data_directory.yml index 0e3a606d..062a05c4 100644 --- a/roles/custom/matrix-postgres/tasks/migrate_postgres_data_directory.yml +++ b/roles/custom/matrix-postgres/tasks/migrate_postgres_data_directory.yml @@ -68,7 +68,7 @@ - name: Ensure outdated matrix-postgres.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-postgres.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-postgres.service" state: absent when: "result_pg_old_data_dir_stat.stat.exists" diff --git a/roles/custom/matrix-postgres/tasks/setup_postgres.yml b/roles/custom/matrix-postgres/tasks/setup_postgres.yml index a989e969..1435d361 100644 --- a/roles/custom/matrix-postgres/tasks/setup_postgres.yml +++ b/roles/custom/matrix-postgres/tasks/setup_postgres.yml @@ -121,7 +121,7 @@ - name: Ensure matrix-postgres.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-postgres.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-postgres.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-postgres.service" mode: 0644 register: matrix_postgres_systemd_service_result when: matrix_postgres_enabled | bool @@ -163,7 +163,7 @@ - name: Check existence of matrix-postgres service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-postgres.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-postgres.service" register: matrix_postgres_service_stat when: "not matrix_postgres_enabled | bool" @@ -176,7 +176,7 @@ - name: Ensure matrix-postgres.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-postgres.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-postgres.service" state: absent when: "not matrix_postgres_enabled | bool and matrix_postgres_service_stat.stat.exists" diff --git a/roles/custom/matrix-prometheus-node-exporter/tasks/setup.yml b/roles/custom/matrix-prometheus-node-exporter/tasks/setup.yml index 370b23d1..5820e3de 100644 --- a/roles/custom/matrix-prometheus-node-exporter/tasks/setup.yml +++ b/roles/custom/matrix-prometheus-node-exporter/tasks/setup.yml @@ -19,7 +19,7 @@ - name: Ensure matrix-prometheus-node-exporter.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-prometheus-node-exporter.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-prometheus-node-exporter.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-prometheus-node-exporter.service" mode: 0644 register: matrix_prometheus_node_exporter_systemd_service_result when: matrix_prometheus_node_exporter_enabled | bool @@ -35,7 +35,7 @@ - name: Check existence of matrix-prometheus-node-exporter service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-prometheus-node-exporter.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-prometheus-node-exporter.service" register: matrix_prometheus_node_exporter_service_stat - name: Ensure matrix-prometheus-node-exporter is stopped @@ -49,7 +49,7 @@ - name: Ensure matrix-prometheus-node-exporter.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-prometheus-node-exporter.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-prometheus-node-exporter.service" state: absent when: "not matrix_prometheus_node_exporter_enabled | bool and matrix_prometheus_node_exporter_service_stat.stat.exists" diff --git a/roles/custom/matrix-prometheus-postgres-exporter/tasks/setup.yml b/roles/custom/matrix-prometheus-postgres-exporter/tasks/setup.yml index dda614da..c322aa4e 100644 --- a/roles/custom/matrix-prometheus-postgres-exporter/tasks/setup.yml +++ b/roles/custom/matrix-prometheus-postgres-exporter/tasks/setup.yml @@ -19,7 +19,7 @@ - name: Ensure matrix-prometheus-postgres-exporter.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-prometheus-postgres-exporter.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-prometheus-postgres-exporter.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-prometheus-postgres-exporter.service" mode: 0644 register: matrix_prometheus_postgres_exporter_systemd_service_result when: matrix_prometheus_postgres_exporter_enabled | bool @@ -35,7 +35,7 @@ - name: Check existence of matrix-prometheus-postgres-exporter service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-prometheus-postgres-exporter.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-prometheus-postgres-exporter.service" register: matrix_prometheus_postgres_exporter_service_stat - name: Ensure matrix-prometheus-postgres-exporter is stopped @@ -49,7 +49,7 @@ - name: Ensure matrix-prometheus-postgres-exporter.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-prometheus-postgres-exporter.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-prometheus-postgres-exporter.service" state: absent when: "not matrix_prometheus_postgres_exporter_enabled | bool and matrix_prometheus_postgres_exporter_service_stat.stat.exists" diff --git a/roles/custom/matrix-prometheus/tasks/setup_install.yml b/roles/custom/matrix-prometheus/tasks/setup_install.yml index 928b1ab5..728bbdde 100644 --- a/roles/custom/matrix-prometheus/tasks/setup_install.yml +++ b/roles/custom/matrix-prometheus/tasks/setup_install.yml @@ -48,7 +48,7 @@ - name: Ensure matrix-prometheus.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-prometheus.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-prometheus.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-prometheus.service" mode: 0644 register: matrix_prometheus_systemd_service_result diff --git a/roles/custom/matrix-prometheus/tasks/setup_uninstall.yml b/roles/custom/matrix-prometheus/tasks/setup_uninstall.yml index 7dd94459..5fe145fc 100644 --- a/roles/custom/matrix-prometheus/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-prometheus/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-prometheus service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-prometheus.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-prometheus.service" register: matrix_prometheus_service_stat - name: Ensure matrix-prometheus is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-prometheus.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-prometheus.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-prometheus.service" state: absent when: "matrix_prometheus_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-redis/tasks/setup_redis.yml b/roles/custom/matrix-redis/tasks/setup_redis.yml index f3b047c0..a09044f4 100644 --- a/roles/custom/matrix-redis/tasks/setup_redis.yml +++ b/roles/custom/matrix-redis/tasks/setup_redis.yml @@ -52,7 +52,7 @@ - name: Ensure matrix-redis.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-redis.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-redis.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-redis.service" mode: 0644 register: matrix_redis_systemd_service_result when: matrix_redis_enabled | bool @@ -68,7 +68,7 @@ - name: Check existence of matrix-redis service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-redis.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-redis.service" register: matrix_redis_service_stat when: "not matrix_redis_enabled | bool" @@ -82,7 +82,7 @@ - name: Ensure matrix-redis.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-redis.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-redis.service" state: absent when: "not matrix_redis_enabled | bool and matrix_redis_service_stat.stat.exists" diff --git a/roles/custom/matrix-registration/tasks/setup_install.yml b/roles/custom/matrix-registration/tasks/setup_install.yml index cfed9a54..4d82a2e4 100644 --- a/roles/custom/matrix-registration/tasks/setup_install.yml +++ b/roles/custom/matrix-registration/tasks/setup_install.yml @@ -101,7 +101,7 @@ - name: Ensure matrix-registration.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-registration.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-registration.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-registration.service" mode: 0644 register: matrix_registration_systemd_service_result diff --git a/roles/custom/matrix-registration/tasks/setup_uninstall.yml b/roles/custom/matrix-registration/tasks/setup_uninstall.yml index 70e4fe97..623db421 100644 --- a/roles/custom/matrix-registration/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-registration/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-registration service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-registration.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-registration.service" register: matrix_registration_service_stat - name: Ensure matrix-registration is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-registration.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-registration.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-registration.service" state: absent when: "matrix_registration_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-sygnal/tasks/setup_install.yml b/roles/custom/matrix-sygnal/tasks/setup_install.yml index e5c41bf0..64bca58e 100644 --- a/roles/custom/matrix-sygnal/tasks/setup_install.yml +++ b/roles/custom/matrix-sygnal/tasks/setup_install.yml @@ -34,7 +34,7 @@ - name: Ensure matrix-sygnal.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-sygnal.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-sygnal.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-sygnal.service" mode: 0644 register: matrix_sygnal_systemd_service_result diff --git a/roles/custom/matrix-sygnal/tasks/setup_uninstall.yml b/roles/custom/matrix-sygnal/tasks/setup_uninstall.yml index dc752def..e398f7a9 100644 --- a/roles/custom/matrix-sygnal/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-sygnal/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-sygnal service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-sygnal.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-sygnal.service" register: matrix_sygnal_service_stat - name: Ensure matrix-sygnal is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-sygnal.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-sygnal.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-sygnal.service" state: absent when: "matrix_sygnal_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-synapse-admin/tasks/setup.yml b/roles/custom/matrix-synapse-admin/tasks/setup.yml index 1dfa68a2..2dc2769b 100644 --- a/roles/custom/matrix-synapse-admin/tasks/setup.yml +++ b/roles/custom/matrix-synapse-admin/tasks/setup.yml @@ -42,7 +42,7 @@ - name: Ensure matrix-synapse-admin.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-synapse-admin.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-synapse-admin.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-synapse-admin.service" mode: 0644 register: matrix_synapse_admin_systemd_service_result when: matrix_synapse_admin_enabled | bool @@ -58,7 +58,7 @@ - name: Check existence of matrix-synapse-admin service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-synapse-admin.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-synapse-admin.service" register: matrix_synapse_admin_service_stat - name: Ensure matrix-synapse-admin is stopped @@ -72,7 +72,7 @@ - name: Ensure matrix-synapse-admin.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-synapse-admin.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-synapse-admin.service" state: absent when: "not matrix_synapse_admin_enabled | bool and matrix_synapse_admin_service_stat.stat.exists" diff --git a/roles/custom/matrix-synapse/tasks/ext/s3-storage-provider/setup_install.yml b/roles/custom/matrix-synapse/tasks/ext/s3-storage-provider/setup_install.yml index 79684270..684fb2c9 100644 --- a/roles/custom/matrix-synapse/tasks/ext/s3-storage-provider/setup_install.yml +++ b/roles/custom/matrix-synapse/tasks/ext/s3-storage-provider/setup_install.yml @@ -39,7 +39,7 @@ - name: Ensure matrix-synapse-s3-storage-provider-migrate.service and timer are installed ansible.builtin.template: src: "{{ role_path }}/templates/synapse/ext/s3-storage-provider/systemd/{{ item }}.j2" - dest: "{{ matrix_systemd_path }}/{{ item }}" + dest: "{{ devture_systemd_docker_base_systemd_path }}/{{ item }}" mode: 0640 with_items: - matrix-synapse-s3-storage-provider-migrate.service diff --git a/roles/custom/matrix-synapse/tasks/ext/s3-storage-provider/setup_uninstall.yml b/roles/custom/matrix-synapse/tasks/ext/s3-storage-provider/setup_uninstall.yml index 205a5541..a828070c 100644 --- a/roles/custom/matrix-synapse/tasks/ext/s3-storage-provider/setup_uninstall.yml +++ b/roles/custom/matrix-synapse/tasks/ext/s3-storage-provider/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Ensure matrix-synapse-s3-storage-provider-migrate.service and timer don't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/{{ item }}" + path: "{{ devture_systemd_docker_base_systemd_path }}/{{ item }}" state: absent with_items: - matrix-synapse-s3-storage-provider-migrate.timer diff --git a/roles/custom/matrix-synapse/tasks/goofys/setup_install.yml b/roles/custom/matrix-synapse/tasks/goofys/setup_install.yml index 01eee8b8..6821813e 100644 --- a/roles/custom/matrix-synapse/tasks/goofys/setup_install.yml +++ b/roles/custom/matrix-synapse/tasks/goofys/setup_install.yml @@ -39,7 +39,7 @@ - name: Ensure matrix-goofys.service installed ansible.builtin.template: src: "{{ role_path }}/templates/goofys/systemd/matrix-goofys.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-goofys.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-goofys.service" mode: 0644 register: matrix_goofys_systemd_service_result diff --git a/roles/custom/matrix-synapse/tasks/goofys/setup_uninstall.yml b/roles/custom/matrix-synapse/tasks/goofys/setup_uninstall.yml index 1e9f166d..ddfa5cf6 100644 --- a/roles/custom/matrix-synapse/tasks/goofys/setup_uninstall.yml +++ b/roles/custom/matrix-synapse/tasks/goofys/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-goofys service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-goofys.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-goofys.service" register: matrix_goofys_service_stat - name: Ensure matrix-goofys is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-goofys.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-goofys.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-goofys.service" state: absent when: "matrix_goofys_service_stat.stat.exists" diff --git a/roles/custom/matrix-synapse/tasks/synapse/setup_install.yml b/roles/custom/matrix-synapse/tasks/synapse/setup_install.yml index 86395db2..111a7a98 100644 --- a/roles/custom/matrix-synapse/tasks/synapse/setup_install.yml +++ b/roles/custom/matrix-synapse/tasks/synapse/setup_install.yml @@ -125,7 +125,7 @@ - name: Ensure matrix-synapse.service installed ansible.builtin.template: src: "{{ role_path }}/templates/synapse/systemd/matrix-synapse.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-synapse.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-synapse.service" mode: 0644 register: matrix_synapse_systemd_service_result diff --git a/roles/custom/matrix-synapse/tasks/synapse/setup_uninstall.yml b/roles/custom/matrix-synapse/tasks/synapse/setup_uninstall.yml index ac79f370..17fa8a4f 100644 --- a/roles/custom/matrix-synapse/tasks/synapse/setup_uninstall.yml +++ b/roles/custom/matrix-synapse/tasks/synapse/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-synapse service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-synapse.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-synapse.service" register: matrix_synapse_service_stat - name: Ensure matrix-synapse is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-synapse.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-synapse.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-synapse.service" state: absent when: "matrix_synapse_service_stat.stat.exists" diff --git a/roles/custom/matrix-synapse/tasks/synapse/workers/setup.yml b/roles/custom/matrix-synapse/tasks/synapse/workers/setup.yml index 836d5a66..1458cc0a 100644 --- a/roles/custom/matrix-synapse/tasks/synapse/workers/setup.yml +++ b/roles/custom/matrix-synapse/tasks/synapse/workers/setup.yml @@ -4,7 +4,7 @@ # This is a temporary cleanup for people who ran that version. - name: Ensure old matrix-synapse.service.wants directory is gone ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-synapse.service.wants" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-synapse.service.wants" state: absent # Same. This was part of a previous version of the worker setup. diff --git a/roles/custom/matrix-synapse/tasks/synapse/workers/setup_install.yml b/roles/custom/matrix-synapse/tasks/synapse/workers/setup_install.yml index c264805a..74ca6c35 100644 --- a/roles/custom/matrix-synapse/tasks/synapse/workers/setup_install.yml +++ b/roles/custom/matrix-synapse/tasks/synapse/workers/setup_install.yml @@ -16,7 +16,7 @@ - name: Determine current worker systemd services ansible.builtin.find: - path: "{{ matrix_systemd_path }}" + path: "{{ devture_systemd_docker_base_systemd_path }}" patterns: "matrix-synapse-worker.*.service" use_regex: true register: matrix_synapse_workers_current_systemd_services diff --git a/roles/custom/matrix-synapse/tasks/synapse/workers/setup_uninstall.yml b/roles/custom/matrix-synapse/tasks/synapse/workers/setup_uninstall.yml index 98c81a2e..2b0d21df 100644 --- a/roles/custom/matrix-synapse/tasks/synapse/workers/setup_uninstall.yml +++ b/roles/custom/matrix-synapse/tasks/synapse/workers/setup_uninstall.yml @@ -25,7 +25,7 @@ - name: Find worker systemd services to be cleaned ansible.builtin.find: - path: "{{ matrix_systemd_path }}" + path: "{{ devture_systemd_docker_base_systemd_path }}" patterns: "matrix-synapse-worker.*.service" use_regex: true register: matrix_synapse_workers_current_systemd_services diff --git a/roles/custom/matrix-synapse/tasks/synapse/workers/util/setup_files_for_worker.yml b/roles/custom/matrix-synapse/tasks/synapse/workers/util/setup_files_for_worker.yml index d3f30917..6910445e 100644 --- a/roles/custom/matrix-synapse/tasks/synapse/workers/util/setup_files_for_worker.yml +++ b/roles/custom/matrix-synapse/tasks/synapse/workers/util/setup_files_for_worker.yml @@ -16,5 +16,5 @@ - name: Ensure systemd service exists for {{ matrix_synapse_worker_systemd_service_name }} ansible.builtin.template: src: "{{ role_path }}/templates/synapse/systemd/matrix-synapse-worker.service.j2" - dest: "{{ matrix_systemd_path }}/{{ matrix_synapse_worker_systemd_service_name }}.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/{{ matrix_synapse_worker_systemd_service_name }}.service" mode: 0644 diff --git a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml index ce00ab52..96e6b84e 100644 --- a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml +++ b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml @@ -13,3 +13,4 @@ - {'old': 'matrix_ntpd_package', 'new': 'devture_timesync_ntpd_package'} - {'old': 'matrix_ntpd_service', 'new': 'devture_timesync_ntpd_service'} - {'old': 'matrix_systemd_unit_home_path', 'new': 'devture_systemd_docker_base_systemd_unit_home_path'} + - {'old': 'matrix_systemd_path', 'new': 'devture_systemd_docker_base_systemd_path'} From a9a81460ecbffb56ac3d274ac7ad1fa971908b38 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 4 Nov 2022 16:39:35 +0200 Subject: [PATCH 528/562] matrix_host_command_docker -> devture_systemd_docker_base_host_command_docker (via com.devture.ansible.role.systemd_docker_base) --- .../systemd/matrix-backup-borg.service.j2 | 12 ++++++------ roles/custom/matrix-base/defaults/main.yml | 1 - .../systemd/matrix-bot-buscarron.service.j2 | 10 +++++----- .../templates/systemd/matrix-bot-go-neb.service.j2 | 10 +++++----- .../systemd/matrix-bot-honoroit.service.j2 | 10 +++++----- .../matrix-bot-matrix-registration-bot.service.j2 | 10 +++++----- .../matrix-bot-matrix-reminder-bot.service.j2 | 10 +++++----- .../templates/systemd/matrix-bot-maubot.service.j2 | 10 +++++----- .../systemd/matrix-bot-mjolnir.service.j2 | 10 +++++----- .../systemd/matrix-bot-postmoogle.service.j2 | 10 +++++----- .../tasks/setup_install.yml | 2 +- .../systemd/matrix-appservice-discord.service.j2 | 10 +++++----- .../tasks/migrate_nedb_to_postgres.yml | 2 +- .../tasks/setup_install.yml | 2 +- .../systemd/matrix-appservice-irc.service.j2 | 10 +++++----- .../matrix-appservice-kakaotalk-node.service.j2 | 10 +++++----- .../systemd/matrix-appservice-kakaotalk.service.j2 | 10 +++++----- .../tasks/migrate_nedb_to_postgres.yml | 2 +- .../systemd/matrix-appservice-slack.service.j2 | 10 +++++----- .../systemd/matrix-appservice-webhooks.service.j2 | 10 +++++----- .../tasks/setup_install.yml | 2 +- .../systemd/matrix-beeper-linkedin.service.j2 | 10 +++++----- .../systemd/matrix-go-skype-bridge.service.j2 | 10 +++++----- .../systemd/matrix-heisenbridge.service.j2 | 10 +++++----- .../matrix-bridge-hookshot/tasks/setup_install.yml | 2 +- .../templates/systemd/matrix-hookshot.service.j2 | 10 +++++----- .../systemd/matrix-mautrix-discord.service.j2 | 10 +++++----- .../systemd/matrix-mautrix-facebook.service.j2 | 10 +++++----- .../systemd/matrix-mautrix-googlechat.service.j2 | 6 +++--- .../systemd/matrix-mautrix-hangouts.service.j2 | 12 ++++++------ .../systemd/matrix-mautrix-instagram.service.j2 | 10 +++++----- .../matrix-mautrix-signal-daemon.service.j2 | 12 ++++++------ .../systemd/matrix-mautrix-signal.service.j2 | 10 +++++----- .../systemd/matrix-mautrix-telegram.service.j2 | 10 +++++----- .../systemd/matrix-mautrix-twitter.service.j2 | 10 +++++----- .../systemd/matrix-mautrix-whatsapp.service.j2 | 10 +++++----- .../systemd/matrix-mx-puppet-discord.service.j2 | 10 +++++----- .../systemd/matrix-mx-puppet-groupme.service.j2 | 10 +++++----- .../systemd/matrix-mx-puppet-instagram.service.j2 | 10 +++++----- .../systemd/matrix-mx-puppet-slack.service.j2 | 10 +++++----- .../systemd/matrix-mx-puppet-steam.service.j2 | 10 +++++----- .../systemd/matrix-mx-puppet-twitter.service.j2 | 10 +++++----- .../systemd/matrix-cactus-comments.service.j2 | 10 +++++----- .../systemd/matrix-client-cinny.service.j2 | 10 +++++----- .../systemd/matrix-client-element.service.j2 | 10 +++++----- .../systemd/matrix-client-hydrogen.service.j2 | 10 +++++----- .../matrix-common-after/tasks/run_docker_prune.yml | 2 +- .../conduit/systemd/matrix-conduit.service.j2 | 12 ++++++------ .../templates/systemd/matrix-corporal.service.j2 | 10 +++++----- .../templates/systemd/matrix-coturn.service.j2 | 12 ++++++------ .../dendrite/systemd/matrix-dendrite.service.j2 | 12 ++++++------ .../templates/systemd/matrix-dimension.service.j2 | 10 +++++----- .../systemd/matrix-dynamic-dns.service.j2 | 10 +++++----- .../systemd/matrix-email2matrix.service.j2 | 10 +++++----- .../templates/systemd/matrix-etherpad.service.j2 | 10 +++++----- .../templates/systemd/matrix-grafana.service.j2 | 10 +++++----- .../matrix-jitsi/tasks/util/setup_jitsi_auth.yml | 2 +- .../jicofo/matrix-jitsi-jicofo.service.j2 | 10 +++++----- .../templates/jvb/matrix-jitsi-jvb.service.j2 | 10 +++++----- .../prosody/matrix-jitsi-prosody.service.j2 | 10 +++++----- .../templates/web/matrix-jitsi-web.service.j2 | 10 +++++----- .../matrix-ldap-registration-proxy.service.j2 | 10 +++++----- .../templates/systemd/matrix-ma1sd.service.j2 | 10 +++++----- .../templates/systemd/matrix-mailer.service.j2 | 10 +++++----- .../tasks/nginx-proxy/setup_metrics_auth.yml | 2 +- .../setup_ssl_lets_encrypt_obtain_for_domain.yml | 4 ++-- .../systemd/matrix-nginx-proxy.service.j2 | 14 +++++++------- .../templates/systemd/matrix-ntfy.service.j2 | 10 +++++----- .../systemd/matrix-postgres-backup.service.j2 | 10 +++++----- .../tasks/import_generic_sqlite_db.yml | 2 +- .../matrix-postgres/tasks/import_postgres.yml | 2 +- .../tasks/migrate_db_to_postgres.yml | 4 ++-- roles/custom/matrix-postgres/tasks/run_vacuum.yml | 2 +- .../matrix-postgres/tasks/upgrade_postgres.yml | 4 ++-- .../tasks/util/create_additional_database.yml | 2 +- .../templates/systemd/matrix-postgres.service.j2 | 10 +++++----- .../matrix-prometheus-node-exporter.service.j2 | 10 +++++----- .../matrix-prometheus-postgres-exporter.service.j2 | 10 +++++----- .../templates/systemd/matrix-prometheus.service.j2 | 10 +++++----- .../systemd/matrix-registration.service.j2 | 10 +++++----- .../templates/systemd/matrix-sygnal.service.j2 | 10 +++++----- .../systemd/matrix-synapse-admin.service.j2 | 10 +++++----- .../rust-synapse-compress-state/compress_room.yml | 4 ++-- .../tasks/rust-synapse-compress-state/main.yml | 2 +- .../matrix-synapse/tasks/synapse/setup_install.yml | 4 ++-- .../matrix-synapse/tasks/update_user_password.yml | 2 +- .../goofys/systemd/matrix-goofys.service.j2 | 12 ++++++------ .../matrix-synapse-s3-storage-provider-migrate.j2 | 2 +- .../matrix-synapse-s3-storage-provider-shell.j2 | 2 +- .../systemd/matrix-synapse-worker.service.j2 | 12 ++++++------ .../synapse/systemd/matrix-synapse.service.j2 | 12 ++++++------ .../tasks/util/ensure_user_registered_dendrite.yml | 2 +- .../tasks/util/ensure_user_registered_synapse.yml | 2 +- .../tasks/validate_config.yml | 1 + 94 files changed, 379 insertions(+), 379 deletions(-) diff --git a/roles/custom/matrix-backup-borg/templates/systemd/matrix-backup-borg.service.j2 b/roles/custom/matrix-backup-borg/templates/systemd/matrix-backup-borg.service.j2 index 3436ac46..70250f8d 100644 --- a/roles/custom/matrix-backup-borg/templates/systemd/matrix-backup-borg.service.j2 +++ b/roles/custom/matrix-backup-borg/templates/systemd/matrix-backup-borg.service.j2 @@ -13,9 +13,9 @@ DefaultDependencies=no [Service] Type=oneshot Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-backup-borg 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-backup-borg 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_docker }} run --rm --name matrix-backup-borg \ +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-backup-borg 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-backup-borg 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-backup-borg \ --log-driver=none \ --cap-drop=ALL \ --read-only \ @@ -33,7 +33,7 @@ ExecStartPre=-{{ matrix_host_command_docker }} run --rm --name matrix-backup-bor {{ matrix_backup_borg_docker_image }} \ sh -c "borgmatic --init --encryption {{ matrix_backup_borg_encryption }}" -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-backup-borg \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-backup-borg \ --log-driver=none \ --cap-drop=ALL \ --read-only \ @@ -50,8 +50,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-backup-borg \ {% endfor %} {{ matrix_backup_borg_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-backup-borg 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-backup-borg 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-backup-borg 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-backup-borg 2>/dev/null || true' SyslogIdentifier=matrix-backup-borg [Install] diff --git a/roles/custom/matrix-base/defaults/main.yml b/roles/custom/matrix-base/defaults/main.yml index ebed1b3a..f6cd06f4 100644 --- a/roles/custom/matrix-base/defaults/main.yml +++ b/roles/custom/matrix-base/defaults/main.yml @@ -120,7 +120,6 @@ matrix_cron_path: "/etc/cron.d" matrix_local_bin_path: "/usr/local/bin" -matrix_host_command_docker: "/usr/bin/env docker" matrix_host_command_sleep: "/usr/bin/env sleep" matrix_host_command_chown: "/usr/bin/env chown" matrix_host_command_fusermount: "/usr/bin/env fusermount" diff --git a/roles/custom/matrix-bot-buscarron/templates/systemd/matrix-bot-buscarron.service.j2 b/roles/custom/matrix-bot-buscarron/templates/systemd/matrix-bot-buscarron.service.j2 index 4c3abcba..89ffe62e 100644 --- a/roles/custom/matrix-bot-buscarron/templates/systemd/matrix-bot-buscarron.service.j2 +++ b/roles/custom/matrix-bot-buscarron/templates/systemd/matrix-bot-buscarron.service.j2 @@ -13,10 +13,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-buscarron 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-buscarron 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-buscarron 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-buscarron 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-buscarron \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-bot-buscarron \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -29,8 +29,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-buscarron {% endfor %} {{ matrix_bot_buscarron_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-buscarron 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-buscarron 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-buscarron 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-buscarron 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-buscarron diff --git a/roles/custom/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 b/roles/custom/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 index 73b8175a..a2143963 100644 --- a/roles/custom/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 +++ b/roles/custom/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 @@ -13,10 +13,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-go-neb 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-go-neb 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-go-neb 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-go-neb 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-go-neb \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-bot-go-neb \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -39,8 +39,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-go-neb \ {{ matrix_bot_go_neb_docker_image }} \ -c "go-neb /config/config.yaml" -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-go-neb 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-go-neb 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-go-neb 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-go-neb 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-go-neb diff --git a/roles/custom/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2 b/roles/custom/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2 index d5fe3b02..d7e53ce9 100644 --- a/roles/custom/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2 +++ b/roles/custom/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2 @@ -13,10 +13,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-honoroit 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-honoroit 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-honoroit 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-honoroit 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-honoroit \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-bot-honoroit \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -29,8 +29,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-honoroit \ {% endfor %} {{ matrix_bot_honoroit_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-honoroit 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-honoroit 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-honoroit 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-honoroit 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-honoroit diff --git a/roles/custom/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 b/roles/custom/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 index 3fd9619c..872a6814 100644 --- a/roles/custom/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 +++ b/roles/custom/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 @@ -13,10 +13,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-matrix-registration-bot 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-matrix-registration-bot 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-matrix-registration-bot 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-matrix-registration-bot 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-matrix-registration-bot \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-bot-matrix-registration-bot \ --log-driver=none \ --cap-drop=ALL \ -e "CONFIG_PATH=/config/config.yml" \ @@ -27,8 +27,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-matrix-reg --network={{ matrix_docker_network }} \ {{ matrix_bot_matrix_registration_bot_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-matrix-registration-bot 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-matrix-registration-bot 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-matrix-registration-bot 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-matrix-registration-bot 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-matrix-registration-bot diff --git a/roles/custom/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 b/roles/custom/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 index 19dfc3df..31c6d610 100644 --- a/roles/custom/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 +++ b/roles/custom/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 @@ -13,10 +13,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-matrix-reminder-bot 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-matrix-reminder-bot 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-matrix-reminder-bot 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-matrix-reminder-bot 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-matrix-reminder-bot \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-bot-matrix-reminder-bot \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-matrix-rem {{ matrix_bot_matrix_reminder_bot_docker_image }} \ -c "matrix-reminder-bot /config/config.yaml" -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-matrix-reminder-bot 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-matrix-reminder-bot 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-matrix-reminder-bot 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-matrix-reminder-bot 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-matrix-reminder-bot diff --git a/roles/custom/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 b/roles/custom/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 index 998ec3c6..fd07d40c 100644 --- a/roles/custom/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 +++ b/roles/custom/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 @@ -13,10 +13,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-maubot 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-maubot 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-maubot \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-bot-maubot \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --read-only \ @@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-maubot \ {{ matrix_bot_maubot_docker_image }} \ python3 -m maubot -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-maubot 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-maubot 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-maubot diff --git a/roles/custom/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 b/roles/custom/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 index b5795155..d4a5b1df 100644 --- a/roles/custom/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 +++ b/roles/custom/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-mjolnir 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-mjolnir 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-mjolnir 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-mjolnir 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-mjolnir \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-bot-mjolnir \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-mjolnir \ {% endfor %} {{ matrix_bot_mjolnir_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-mjolnir 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-mjolnir 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-mjolnir 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-mjolnir 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-mjolnir diff --git a/roles/custom/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 b/roles/custom/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 index 355c85a6..e9c6a0c2 100644 --- a/roles/custom/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 +++ b/roles/custom/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 @@ -13,10 +13,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-postmoogle 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-postmoogle 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-postmoogle 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-postmoogle 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-postmoogle \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-bot-postmoogle \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -36,8 +36,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-postmoogle {% endfor %} {{ matrix_bot_postmoogle_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-postmoogle 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-postmoogle 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-postmoogle 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-postmoogle 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-postmoogle diff --git a/roles/custom/matrix-bridge-appservice-discord/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-discord/tasks/setup_install.yml index 0a2a89a3..ac0ad64d 100644 --- a/roles/custom/matrix-bridge-appservice-discord/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-appservice-discord/tasks/setup_install.yml @@ -93,7 +93,7 @@ # We intentionally suppress Ansible changes. - name: Generate AppService Discord invite link ansible.builtin.shell: >- - {{ matrix_host_command_docker }} run --rm --name matrix-appservice-discord-link-gen + {{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-appservice-discord-link-gen --user={{ matrix_user_uid }}:{{ matrix_user_gid }} --cap-drop=ALL --mount type=bind,src={{ matrix_appservice_discord_config_path }},dst=/cfg diff --git a/roles/custom/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 b/roles/custom/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 index bc565ec0..8cb75b83 100644 --- a/roles/custom/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 +++ b/roles/custom/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-discord 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-discord 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-discord 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-discord 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-discord \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-appservice-discord \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -35,8 +35,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-dis {{ matrix_appservice_discord_docker_image }} \ node /build/src/discordas.js -p 9005 -c /cfg/config.yaml -f /cfg/registration.yaml -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-discord 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-discord 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-discord 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-discord 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-appservice-discord diff --git a/roles/custom/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml b/roles/custom/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml index b6e938b0..9dda2401 100644 --- a/roles/custom/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml +++ b/roles/custom/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml @@ -42,7 +42,7 @@ - name: Import appservice-irc NeDB database into Postgres ansible.builtin.command: cmd: >- - {{ matrix_host_command_docker }} run + {{ devture_systemd_docker_base_host_command_docker }} run --rm --user={{ matrix_user_uid }}:{{ matrix_user_gid }} --cap-drop=ALL diff --git a/roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml index f9a81779..864a2a50 100644 --- a/roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml @@ -147,7 +147,7 @@ # to produce a final registration.yaml file, as we desire. - name: Generate Appservice IRC registration-template.yaml ansible.builtin.shell: >- - {{ matrix_host_command_docker }} run --rm --name matrix-appservice-irc-gen + {{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-appservice-irc-gen --user={{ matrix_user_uid }}:{{ matrix_user_gid }} --cap-drop=ALL -v {{ matrix_appservice_irc_config_path }}:/config:z diff --git a/roles/custom/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 b/roles/custom/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 index 144ff6c6..3e40b801 100644 --- a/roles/custom/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 +++ b/roles/custom/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-irc 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-irc 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-irc 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-irc 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-irc \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-appservice-irc \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -36,8 +36,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-irc {{ matrix_appservice_irc_docker_image }} \ -c 'node app.js -c /config/config.yaml -f /config/registration.yaml -p 9999' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-irc 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-irc 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-irc 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-irc 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-appservice-irc diff --git a/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 b/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 index 47beccd1..879fdc87 100644 --- a/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 +++ b/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 @@ -13,10 +13,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-kakaotalk-node 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-kakaotalk-node 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-kakaotalk-node 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-kakaotalk-node 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-kakaotalk-node \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-appservice-kakaotalk-node \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -28,8 +28,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-kak {{ matrix_appservice_kakaotalk_node_docker_image }} \ node src/main.js --config /config.json -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-kakaotalk-node 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-kakaotalk-node 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-kakaotalk-node 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-kakaotalk-node 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-appservice-kakaotalk-node diff --git a/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 b/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 index 17076ae5..f08d37fc 100644 --- a/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 +++ b/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-kakaotalk 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-kakaotalk 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-kakaotalk 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-kakaotalk 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-kakaotalk \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-appservice-kakaotalk \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-kak {{ matrix_appservice_kakaotalk_docker_image }} \ python3 -m matrix_appservice_kakaotalk -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-kakaotalk 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-kakaotalk 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-kakaotalk 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-kakaotalk 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-appservice-kakaotalk diff --git a/roles/custom/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml b/roles/custom/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml index 0d029643..0ed3e18b 100644 --- a/roles/custom/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml +++ b/roles/custom/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml @@ -36,7 +36,7 @@ - name: Import appservice-slack NeDB database into Postgres ansible.builtin.command: cmd: >- - {{ matrix_host_command_docker }} run + {{ devture_systemd_docker_base_host_command_docker }} run --rm --user={{ matrix_user_uid }}:{{ matrix_user_gid }} --cap-drop=ALL diff --git a/roles/custom/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 b/roles/custom/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 index 35c3c9f0..8e1e350d 100644 --- a/roles/custom/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 +++ b/roles/custom/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-slack 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-slack 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-slack 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-slack 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-slack \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-appservice-slack \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -35,8 +35,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-sla {{ matrix_appservice_slack_docker_image }} \ node app.js -p {{matrix_appservice_slack_matrix_port}} -c /config/config.yaml -f /config/slack-registration.yaml -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-slack 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-slack 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-slack 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-slack 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-appservice-slack diff --git a/roles/custom/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 b/roles/custom/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 index e9a87457..028d3e7b 100644 --- a/roles/custom/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 +++ b/roles/custom/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-webhooks 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-webhooks 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-webhooks 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-webhooks 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-webhooks \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-appservice-webhooks \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -35,8 +35,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-web {{ matrix_appservice_webhooks_docker_image }} \ node index.js -p {{ matrix_appservice_webhooks_matrix_port }} -c /config/config.yaml -f /config/webhooks-registration.yaml -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-webhooks 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-webhooks 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-webhooks 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-webhooks 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-appservice-webhooks diff --git a/roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_install.yml b/roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_install.yml index 8ddcb141..3385ebdd 100644 --- a/roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_install.yml @@ -51,7 +51,7 @@ - name: Ensure docker-requirements.txt is generated before building Beeper LinkedIn Docker Image ansible.builtin.command: cmd: | - {{ matrix_host_command_docker }} run + {{ devture_systemd_docker_base_host_command_docker }} run --rm --entrypoint=/bin/sh --mount type=bind,src={{ matrix_beeper_linkedin_docker_src_files_path }},dst=/work diff --git a/roles/custom/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 b/roles/custom/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 index d2f61b18..665ee434 100644 --- a/roles/custom/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 +++ b/roles/custom/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-beeper-linkedin 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-beeper-linkedin 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-beeper-linkedin 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-beeper-linkedin 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-beeper-linkedin \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-beeper-linkedin \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-beeper-linkedi {{ matrix_beeper_linkedin_docker_image }} \ python3 -m linkedin_matrix -c /data/config.yaml -r /data/registration.yaml -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-beeper-linkedin 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-beeper-linkedin 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-beeper-linkedin 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-beeper-linkedin 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-beeper-linkedin diff --git a/roles/custom/matrix-bridge-go-skype-bridge/templates/systemd/matrix-go-skype-bridge.service.j2 b/roles/custom/matrix-bridge-go-skype-bridge/templates/systemd/matrix-go-skype-bridge.service.j2 index bd826d0d..44aa97dd 100644 --- a/roles/custom/matrix-bridge-go-skype-bridge/templates/systemd/matrix-go-skype-bridge.service.j2 +++ b/roles/custom/matrix-bridge-go-skype-bridge/templates/systemd/matrix-go-skype-bridge.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-go-skype-bridge 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-go-skype-bridge 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-go-skype-bridge 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-go-skype-bridge 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-go-skype-bridge \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-go-skype-bridge \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-go-skype-bridg {{ matrix_go_skype_bridge_docker_image }} \ /usr/bin/matrix-skype -c /config/config.yaml -r /config/registration.yaml -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-go-skype-bridge 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-go-skype-bridge 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-go-skype-bridge 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-go-skype-bridge 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-go-skype-bridge diff --git a/roles/custom/matrix-bridge-heisenbridge/templates/systemd/matrix-heisenbridge.service.j2 b/roles/custom/matrix-bridge-heisenbridge/templates/systemd/matrix-heisenbridge.service.j2 index ac13e61e..49abaf0a 100644 --- a/roles/custom/matrix-bridge-heisenbridge/templates/systemd/matrix-heisenbridge.service.j2 +++ b/roles/custom/matrix-bridge-heisenbridge/templates/systemd/matrix-heisenbridge.service.j2 @@ -13,10 +13,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-heisenbridge -ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-heisenbridge +ExecStartPre=-{{ devture_systemd_docker_base_host_command_docker }} kill matrix-heisenbridge +ExecStartPre=-{{ devture_systemd_docker_base_host_command_docker }} rm matrix-heisenbridge -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-heisenbridge \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-heisenbridge \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -41,8 +41,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-heisenbridge \ --listen-port 9898 \ {{ matrix_heisenbridge_homeserver_url }} -ExecStop=-{{ matrix_host_command_docker }} kill matrix-heisenbridge -ExecStop=-{{ matrix_host_command_docker }} rm matrix-heisenbridge +ExecStop=-{{ devture_systemd_docker_base_host_command_docker }} kill matrix-heisenbridge +ExecStop=-{{ devture_systemd_docker_base_host_command_docker }} rm matrix-heisenbridge Restart=always RestartSec=30 SyslogIdentifier=matrix-heisenbridge diff --git a/roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml b/roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml index 677c4137..09f2539f 100644 --- a/roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml @@ -71,7 +71,7 @@ - name: Validate hookshot config.yml ansible.builtin.command: cmd: | - {{ matrix_host_command_docker }} run + {{ devture_systemd_docker_base_host_command_docker }} run --rm --name={{ matrix_hookshot_container_url }}-validate --user={{ matrix_user_uid }}:{{ matrix_user_gid }} diff --git a/roles/custom/matrix-bridge-hookshot/templates/systemd/matrix-hookshot.service.j2 b/roles/custom/matrix-bridge-hookshot/templates/systemd/matrix-hookshot.service.j2 index 4916e37f..7ebd08b6 100644 --- a/roles/custom/matrix-bridge-hookshot/templates/systemd/matrix-hookshot.service.j2 +++ b/roles/custom/matrix-bridge-hookshot/templates/systemd/matrix-hookshot.service.j2 @@ -13,10 +13,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_docker }} kill {{ matrix_hookshot_container_url }} -ExecStartPre=-{{ matrix_host_command_docker }} rm {{ matrix_hookshot_container_url }} +ExecStartPre=-{{ devture_systemd_docker_base_host_command_docker }} kill {{ matrix_hookshot_container_url }} +ExecStartPre=-{{ devture_systemd_docker_base_host_command_docker }} rm {{ matrix_hookshot_container_url }} -ExecStart={{ matrix_host_command_docker }} run --rm --name {{ matrix_hookshot_container_url }} \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_hookshot_container_url }} \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -30,8 +30,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name {{ matrix_hookshot_co {% endfor %} {{ matrix_hookshot_docker_image }} -ExecStop=-{{ matrix_host_command_docker }} kill {{ matrix_hookshot_container_url }} -ExecStop=-{{ matrix_host_command_docker }} rm {{ matrix_hookshot_container_url }} +ExecStop=-{{ devture_systemd_docker_base_host_command_docker }} kill {{ matrix_hookshot_container_url }} +ExecStop=-{{ devture_systemd_docker_base_host_command_docker }} rm {{ matrix_hookshot_container_url }} Restart=always RestartSec=30 SyslogIdentifier={{ matrix_hookshot_container_url }} diff --git a/roles/custom/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 b/roles/custom/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 index 4ee0fc5d..452c58b9 100644 --- a/roles/custom/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-discord 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-discord 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-discord 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-discord 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-discord \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mautrix-discord \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-discor {{ matrix_mautrix_discord_docker_image }} \ /usr/bin/mautrix-discord -c /config/config.yaml -r /config/registration.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-discord 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-discord 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-discord 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-discord 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-discord diff --git a/roles/custom/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 b/roles/custom/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 index f15069f3..6a8a2c8a 100644 --- a/roles/custom/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-facebook 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-facebook 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-facebook 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-facebook 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-facebook \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mautrix-facebook \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -35,8 +35,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-facebo {{ matrix_mautrix_facebook_docker_image }} \ python3 -m mautrix_facebook -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-facebook 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-facebook 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-facebook 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-facebook 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-facebook diff --git a/roles/custom/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2 b/roles/custom/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2 index e0bcb2e3..d640a14f 100644 --- a/roles/custom/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2 @@ -17,7 +17,7 @@ Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-googlechat \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mautrix-googlechat \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-google {{ matrix_mautrix_googlechat_docker_image }} \ python3 -m mautrix_googlechat -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-googlechat 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-googlechat 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-googlechat 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-googlechat 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-googlechat diff --git a/roles/custom/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 b/roles/custom/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 index e1a6781e..f20f20e3 100644 --- a/roles/custom/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 @@ -13,9 +13,9 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-hangouts matrix-mautrix-hangouts-db 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-hangouts matrix-mautrix-hangouts-db 2>/dev/null || true' -ExecStartPre={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-hangouts-db \ +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-hangouts matrix-mautrix-hangouts-db 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-hangouts matrix-mautrix-hangouts-db 2>/dev/null || true' +ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mautrix-hangouts-db \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -28,7 +28,7 @@ ExecStartPre={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-han # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-hangouts \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mautrix-hangouts \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -44,8 +44,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-hangou {{ matrix_mautrix_hangouts_docker_image }} \ python3 -m mautrix_hangouts -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-hangouts 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-hangouts 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-hangouts 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-hangouts 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-hangouts diff --git a/roles/custom/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 b/roles/custom/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 index a15b3729..f8979fb6 100644 --- a/roles/custom/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-instagram 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-instagram 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-instagram 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-instagram 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-instagram \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mautrix-instagram \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-instag {{ matrix_mautrix_instagram_docker_image }} \ python3 -m mautrix_instagram -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-instagram 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-instagram 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-instagram 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-instagram 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-instagram diff --git a/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 b/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 index 68da20ba..c67f7e62 100644 --- a/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 @@ -15,14 +15,14 @@ Wants={{ service }} Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-signal-daemon 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-signal-daemon 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-signal-daemon 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-signal-daemon 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 # Migration task required by the 0.19.0 upgrade -ExecStartPre=-{{ matrix_host_command_docker }} run --rm --name matrix-mautrix-signal-daemon \ +ExecStartPre=-{{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mautrix-signal-daemon \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -32,7 +32,7 @@ ExecStartPre=-{{ matrix_host_command_docker }} run --rm --name matrix-mautrix-si --migrate-data # We can't use `--read-only` for this bridge. -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-signal-daemon \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mautrix-signal-daemon \ --log-driver=none \ --env-file={{ matrix_mautrix_signal_daemon_path }}/env \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ @@ -41,8 +41,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-signal -v {{ matrix_mautrix_signal_daemon_path }}:/signald:z \ {{ matrix_mautrix_signal_daemon_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-signal-daemon 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-signal-daemon 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-signal-daemon 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-signal-daemon 2>/dev/null || true' Restart=always RestartSec=30 diff --git a/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 b/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 index 369f1b97..1ca46a20 100644 --- a/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 @@ -14,13 +14,13 @@ Wants={{ service }} [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-signal 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-signal 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-signal 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-signal 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-signal \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mautrix-signal \ --log-driver=none \ --network={{ matrix_docker_network }} \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ @@ -38,8 +38,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-signal {{ matrix_mautrix_signal_docker_image }} \ python3 -m mautrix_signal -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-signal 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-signal 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-signal 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-signal 2>/dev/null || true' Restart=always RestartSec=30 diff --git a/roles/custom/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 b/roles/custom/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 index b96ede6a..fae2efcd 100644 --- a/roles/custom/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-telegram 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-telegram 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-telegram 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-telegram 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-telegram \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mautrix-telegram \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -35,8 +35,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-telegr {{ matrix_mautrix_telegram_docker_image }} \ python3 -m mautrix_telegram -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-telegram 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-telegram 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-telegram 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-telegram 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-telegram diff --git a/roles/custom/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 b/roles/custom/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 index 67d68404..48122b9f 100644 --- a/roles/custom/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-twitter 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-twitter 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-twitter 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-twitter 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-twitter \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mautrix-twitter \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-twitte {{ matrix_mautrix_twitter_docker_image }} \ python3 -m mautrix_twitter -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-twitter 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-twitter 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-twitter 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-twitter 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-twitter diff --git a/roles/custom/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 b/roles/custom/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 index fa4df801..f7318475 100644 --- a/roles/custom/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-whatsapp 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-whatsapp 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-whatsapp 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-whatsapp 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-whatsapp \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mautrix-whatsapp \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-whatsa {{ matrix_mautrix_whatsapp_docker_image }} \ /usr/bin/mautrix-whatsapp -c /config/config.yaml -r /config/registration.yaml -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-whatsapp 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-whatsapp 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-whatsapp 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-whatsapp 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-whatsapp diff --git a/roles/custom/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 b/roles/custom/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 index 53db632b..ed034d82 100644 --- a/roles/custom/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-discord 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-discord 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-discord 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-discord 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 15 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-discord \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mx-puppet-discord \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-disc {% endfor %} {{ matrix_mx_puppet_discord_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-discord 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-discord 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-discord 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-discord 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mx-puppet-discord diff --git a/roles/custom/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 b/roles/custom/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 index d9f29a8a..0843f44f 100644 --- a/roles/custom/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-groupme 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-groupme 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-groupme 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-groupme 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-groupme \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mx-puppet-groupme \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-grou {% endfor %} {{ matrix_mx_puppet_groupme_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-groupme 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-groupme 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-groupme 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-groupme 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mx-puppet-groupme diff --git a/roles/custom/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 b/roles/custom/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 index 21e93a73..94bb5aae 100644 --- a/roles/custom/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-instagram 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-instagram 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-instagram 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-instagram 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-instagram \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mx-puppet-instagram \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-inst {% endfor %} {{ matrix_mx_puppet_instagram_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-instagram 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-instagram 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-instagram 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-instagram 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mx-puppet-instagram diff --git a/roles/custom/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 b/roles/custom/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 index ea97de7a..6d55316d 100644 --- a/roles/custom/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-slack 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-slack 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-slack 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-slack 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-slack \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mx-puppet-slack \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -36,8 +36,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-slac {% endfor %} {{ matrix_mx_puppet_slack_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-slack 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-slack 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-slack 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-slack 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mx-puppet-slack diff --git a/roles/custom/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 b/roles/custom/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 index 6fd26b66..fdc9dd1c 100644 --- a/roles/custom/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-steam 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-steam 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-steam 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-steam 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-steam \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mx-puppet-steam \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-stea {% endfor %} {{ matrix_mx_puppet_steam_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-steam 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-steam 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-steam 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-steam 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mx-puppet-steam diff --git a/roles/custom/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 b/roles/custom/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 index 816cbe34..74a6ed01 100644 --- a/roles/custom/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-twitter 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-twitter 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-twitter 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-twitter 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-twitter \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mx-puppet-twitter \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -36,8 +36,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-twit {% endfor %} {{ matrix_mx_puppet_twitter_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-twitter 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-twitter 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-twitter 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-twitter 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mx-puppet-twitter diff --git a/roles/custom/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 b/roles/custom/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 index 259f141a..ffc63b68 100644 --- a/roles/custom/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 +++ b/roles/custom/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 @@ -13,10 +13,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-cactus-comments 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-cactus-comments 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-cactus-comments 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-cactus-comments 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-cactus-comments \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-cactus-comments \ --log-driver=none \ --cap-drop=ALL \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ @@ -26,8 +26,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-cactus-comment --network={{ matrix_docker_network }} \ {{ matrix_cactus_comments_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-cactus-comments 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-cactus-comments 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-cactus-comments 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-cactus-comments 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-cactus-comments diff --git a/roles/custom/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2 b/roles/custom/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2 index f9250530..9aa0239f 100644 --- a/roles/custom/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2 +++ b/roles/custom/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2 @@ -10,10 +10,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-client-cinny 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-client-cinny 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-client-cinny 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-cinny 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-client-cinny \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-client-cinny \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -30,8 +30,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-client-cinny \ {% endfor %} {{ matrix_client_cinny_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-client-cinny 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-client-cinny 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-client-cinny 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-cinny 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-client-cinny diff --git a/roles/custom/matrix-client-element/templates/systemd/matrix-client-element.service.j2 b/roles/custom/matrix-client-element/templates/systemd/matrix-client-element.service.j2 index aaed84b0..a5181f59 100644 --- a/roles/custom/matrix-client-element/templates/systemd/matrix-client-element.service.j2 +++ b/roles/custom/matrix-client-element/templates/systemd/matrix-client-element.service.j2 @@ -10,10 +10,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-client-element 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-client-element 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-client-element 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-element 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-client-element \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-client-element \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -35,8 +35,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-client-element {% endfor %} {{ matrix_client_element_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-client-element 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-client-element 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-client-element 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-element 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-client-element diff --git a/roles/custom/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2 b/roles/custom/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2 index 481ffb8a..70d32bdd 100644 --- a/roles/custom/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2 +++ b/roles/custom/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2 @@ -10,10 +10,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-client-hydrogen 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-client-hydrogen 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-client-hydrogen 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-hydrogen 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-client-hydrogen \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-client-hydrogen \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -29,8 +29,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-client-hydroge {% endfor %} {{ matrix_client_hydrogen_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-client-hydrogen 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-client-hydrogen 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-client-hydrogen 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-hydrogen 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-client-hydrogen diff --git a/roles/custom/matrix-common-after/tasks/run_docker_prune.yml b/roles/custom/matrix-common-after/tasks/run_docker_prune.yml index 02dfadc5..58f0e793 100644 --- a/roles/custom/matrix-common-after/tasks/run_docker_prune.yml +++ b/roles/custom/matrix-common-after/tasks/run_docker_prune.yml @@ -2,6 +2,6 @@ - name: Run Docker System Prune ansible.builtin.command: - cmd: "{{ matrix_host_command_docker }} system prune -a -f" + cmd: "{{ devture_systemd_docker_base_host_command_docker }} system prune -a -f" register: matrix_common_after_docker_prune_result changed_when: matrix_common_after_docker_prune_result.rc == 0 diff --git a/roles/custom/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 b/roles/custom/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 index 90cf3074..d24acfbe 100644 --- a/roles/custom/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 +++ b/roles/custom/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 @@ -9,10 +9,10 @@ After={{ service }} [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-conduit 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-conduit 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-conduit 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-conduit 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-conduit \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-conduit \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -27,9 +27,9 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-conduit \ {% endfor %} {{ matrix_conduit_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-conduit 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-conduit 2>/dev/null || true' -ExecReload={{ matrix_host_command_docker }} exec matrix-conduit /bin/sh -c 'kill -HUP 1' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-conduit 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-conduit 2>/dev/null || true' +ExecReload={{ devture_systemd_docker_base_host_command_docker }} exec matrix-conduit /bin/sh -c 'kill -HUP 1' Restart=always RestartSec=30 SyslogIdentifier=matrix-conduit diff --git a/roles/custom/matrix-corporal/templates/systemd/matrix-corporal.service.j2 b/roles/custom/matrix-corporal/templates/systemd/matrix-corporal.service.j2 index 95ab7c80..8ea4dd42 100644 --- a/roles/custom/matrix-corporal/templates/systemd/matrix-corporal.service.j2 +++ b/roles/custom/matrix-corporal/templates/systemd/matrix-corporal.service.j2 @@ -10,10 +10,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-corporal 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-corporal 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-corporal 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-corporal 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-corporal \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-corporal \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -34,8 +34,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-corporal \ {{ matrix_corporal_docker_image }} \ /matrix-corporal -config=/etc/matrix-corporal/config.json -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-corporal 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-corporal 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-corporal 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-corporal 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-corporal diff --git a/roles/custom/matrix-coturn/templates/systemd/matrix-coturn.service.j2 b/roles/custom/matrix-coturn/templates/systemd/matrix-coturn.service.j2 index 17e0b015..63a42a1b 100644 --- a/roles/custom/matrix-coturn/templates/systemd/matrix-coturn.service.j2 +++ b/roles/custom/matrix-coturn/templates/systemd/matrix-coturn.service.j2 @@ -10,10 +10,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-coturn 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-coturn 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-coturn 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-coturn 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-coturn \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-coturn \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -43,12 +43,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-coturn \ {{ matrix_coturn_docker_image }} \ -c /turnserver.conf -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-coturn 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-coturn 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-coturn 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-coturn 2>/dev/null || true' # This only reloads certificates (not other configuration). # See: https://github.com/coturn/coturn/pull/236 -ExecReload={{ matrix_host_command_docker }} exec matrix-coturn kill -USR2 1 +ExecReload={{ devture_systemd_docker_base_host_command_docker }} exec matrix-coturn kill -USR2 1 Restart=always RestartSec=30 diff --git a/roles/custom/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 b/roles/custom/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 index 941a2405..b3e15fb0 100644 --- a/roles/custom/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 +++ b/roles/custom/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-dendrite 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-dendrite 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-dendrite 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dendrite 2>/dev/null || true' {% if 'matrix-postgres.service' in matrix_dendrite_systemd_required_services_list %} # Dendrite is too quick to start in relation to its matrix-postgres dependency. @@ -22,7 +22,7 @@ ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} ExecStartPre={{ matrix_host_command_sleep }} 5 {% endif %} -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-dendrite \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-dendrite \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -54,9 +54,9 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-dendrite \ -https-bind-address {{ matrix_dendrite_https_bind_address }} {% endif %} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-dendrite 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-dendrite 2>/dev/null || true' -ExecReload={{ matrix_host_command_docker }} exec matrix-dendrite /bin/sh -c 'kill -HUP 1' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-dendrite 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dendrite 2>/dev/null || true' +ExecReload={{ devture_systemd_docker_base_host_command_docker }} exec matrix-dendrite /bin/sh -c 'kill -HUP 1' Restart=always RestartSec=30 SyslogIdentifier=matrix-dendrite diff --git a/roles/custom/matrix-dimension/templates/systemd/matrix-dimension.service.j2 b/roles/custom/matrix-dimension/templates/systemd/matrix-dimension.service.j2 index 8329f0ca..58f29cba 100644 --- a/roles/custom/matrix-dimension/templates/systemd/matrix-dimension.service.j2 +++ b/roles/custom/matrix-dimension/templates/systemd/matrix-dimension.service.j2 @@ -13,15 +13,15 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-dimension 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-dimension 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-dimension 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dimension 2>/dev/null || true' # Fixup database ownership if it got changed somehow (during a server migration, etc.) {% if matrix_dimension_database_engine == 'sqlite' %} ExecStartPre=-{{ matrix_host_command_chown }} {{ matrix_dimension_user_uid }}:{{ matrix_dimension_user_gid }} {{ matrix_dimension_sqlite_database_path_local }} {% endif %} -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-dimension \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-dimension \ --log-driver=none \ --user={{ matrix_dimension_user_uid }}:{{ matrix_dimension_user_gid }} \ --cap-drop=ALL \ @@ -38,8 +38,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-dimension \ {% endfor %} {{ matrix_dimension_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-dimension 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-dimension 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-dimension 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dimension 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-dimension diff --git a/roles/custom/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 b/roles/custom/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 index ace0f90f..7ab2bf54 100644 --- a/roles/custom/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 +++ b/roles/custom/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 @@ -13,9 +13,9 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-dynamic-dns 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-dynamic-dns 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-dynamic-dns \ +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-dynamic-dns 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dynamic-dns 2>/dev/null || true' +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-dynamic-dns \ --log-driver=none \ --network={{ matrix_docker_network }} \ -e PUID={{ matrix_user_uid }} \ @@ -26,8 +26,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-dynamic-dns \ {% endfor %} {{ matrix_dynamic_dns_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-dynamic-dns 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-dynamic-dns 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-dynamic-dns 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dynamic-dns 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-dynamic-dns diff --git a/roles/custom/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 b/roles/custom/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 index 4a098f26..b2bb5862 100644 --- a/roles/custom/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 +++ b/roles/custom/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 @@ -8,10 +8,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-email2matrix 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-email2matrix 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-email2matrix 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-email2matrix 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-email2matrix \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-email2matrix \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -24,8 +24,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-email2matrix \ {% endfor %} {{ matrix_email2matrix_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-email2matrix 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-email2matrix 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-email2matrix 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-email2matrix 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-email2matrix diff --git a/roles/custom/matrix-etherpad/templates/systemd/matrix-etherpad.service.j2 b/roles/custom/matrix-etherpad/templates/systemd/matrix-etherpad.service.j2 index 4be0f004..e0a10481 100644 --- a/roles/custom/matrix-etherpad/templates/systemd/matrix-etherpad.service.j2 +++ b/roles/custom/matrix-etherpad/templates/systemd/matrix-etherpad.service.j2 @@ -13,10 +13,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-etherpad -ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-etherpad +ExecStartPre=-{{ devture_systemd_docker_base_host_command_docker }} kill matrix-etherpad +ExecStartPre=-{{ devture_systemd_docker_base_host_command_docker }} rm matrix-etherpad -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-etherpad \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-etherpad \ --log-driver=none \ --user={{ matrix_etherpad_user_uid }}:{{ matrix_etherpad_user_gid }} \ --cap-drop=ALL \ @@ -34,8 +34,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-etherpad \ --sessionkey /data/sessionkey.json --apikey /data/apijey.json -ExecStop=-{{ matrix_host_command_docker }} kill matrix-etherpad -ExecStop=-{{ matrix_host_command_docker }} rm matrix-etherpad +ExecStop=-{{ devture_systemd_docker_base_host_command_docker }} kill matrix-etherpad +ExecStop=-{{ devture_systemd_docker_base_host_command_docker }} rm matrix-etherpad Restart=always RestartSec=30 SyslogIdentifier=matrix-etherpad diff --git a/roles/custom/matrix-grafana/templates/systemd/matrix-grafana.service.j2 b/roles/custom/matrix-grafana/templates/systemd/matrix-grafana.service.j2 index 0748f601..fe2219e7 100644 --- a/roles/custom/matrix-grafana/templates/systemd/matrix-grafana.service.j2 +++ b/roles/custom/matrix-grafana/templates/systemd/matrix-grafana.service.j2 @@ -13,11 +13,11 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-grafana 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-grafana 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-grafana 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-grafana 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-grafana \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-grafana \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-grafana \ {% endfor %} {{ matrix_grafana_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-grafana 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-grafana 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-grafana 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-grafana 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-grafana diff --git a/roles/custom/matrix-jitsi/tasks/util/setup_jitsi_auth.yml b/roles/custom/matrix-jitsi/tasks/util/setup_jitsi_auth.yml index d9da9ebe..4edc5431 100644 --- a/roles/custom/matrix-jitsi/tasks/util/setup_jitsi_auth.yml +++ b/roles/custom/matrix-jitsi/tasks/util/setup_jitsi_auth.yml @@ -15,7 +15,7 @@ # - name: Ensure Jitsi internal authentication users are configured - ansible.builtin.shell: "{{ matrix_host_command_docker }} exec matrix-jitsi-prosody prosodyctl --config /config/prosody.cfg.lua register {{ item.username | quote }} meet.jitsi {{ item.password | quote }}" + ansible.builtin.shell: "{{ devture_systemd_docker_base_host_command_docker }} exec matrix-jitsi-prosody prosodyctl --config /config/prosody.cfg.lua register {{ item.username | quote }} meet.jitsi {{ item.password | quote }}" with_items: "{{ matrix_jitsi_prosody_auth_internal_accounts }}" when: - matrix_jitsi_auth_type == "internal" diff --git a/roles/custom/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 b/roles/custom/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 index d9f425aa..34749a8b 100644 --- a/roles/custom/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 +++ b/roles/custom/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 @@ -10,10 +10,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-jicofo 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-jicofo 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-jicofo 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-jicofo 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-jicofo \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-jitsi-jicofo \ --log-driver=none \ --network={{ matrix_docker_network }} \ --env-file={{ matrix_jitsi_jicofo_base_path }}/env \ @@ -23,8 +23,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-jicofo \ {% endfor %} {{ matrix_jitsi_jicofo_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-jicofo 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-jicofo 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-jicofo 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-jicofo 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-jitsi-jicofo diff --git a/roles/custom/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 b/roles/custom/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 index 4dd26c76..5d9fc889 100644 --- a/roles/custom/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 +++ b/roles/custom/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 @@ -10,10 +10,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-jvb 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-jvb 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-jvb 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-jvb 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-jvb \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-jitsi-jvb \ --log-driver=none \ --network={{ matrix_docker_network }} \ --network-alias=jvb.meet.jitsi \ @@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-jvb \ {% endfor %} {{ matrix_jitsi_jvb_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-jvb 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-jvb 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-jvb 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-jvb 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-jitsi-jvb diff --git a/roles/custom/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 b/roles/custom/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 index efeb3110..851b3f10 100644 --- a/roles/custom/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 +++ b/roles/custom/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 @@ -10,10 +10,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-prosody 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-prosody 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-prosody 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-prosody 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-prosody \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-jitsi-prosody \ --log-driver=none \ --network={{ matrix_docker_network }} \ --network-alias={{ matrix_jitsi_xmpp_server }} \ @@ -28,8 +28,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-prosody {% endfor %} {{ matrix_jitsi_prosody_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-prosody 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-prosody 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-prosody 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-prosody 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-jitsi-prosody diff --git a/roles/custom/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 b/roles/custom/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 index 8fa8f58d..8e859d12 100644 --- a/roles/custom/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 +++ b/roles/custom/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 @@ -10,10 +10,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-web 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-web 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-web 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-web 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-web \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-jitsi-web \ --log-driver=none \ --network={{ matrix_docker_network }} \ --network-alias={{ matrix_jitsi_xmpp_domain }} \ @@ -29,8 +29,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-web \ {% endfor %} {{ matrix_jitsi_web_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-web 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-web 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-web 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-web 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-jitsi-web diff --git a/roles/custom/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 b/roles/custom/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 index 5ffbae90..2520b04a 100644 --- a/roles/custom/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 +++ b/roles/custom/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 @@ -13,12 +13,12 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-ldap-registration-proxy 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-ldap-registration-proxy 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ldap-registration-proxy 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ldap-registration-proxy 2>/dev/null || true' # matrix_ldap_registration_proxy writes an SQLite shared library (libsqlitejdbc.so) to /tmp and executes it from there, # so /tmp needs to be mounted with an exec option. -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-ldap-registration-proxy \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-ldap-registration-proxy \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-ldap-registrat {% endfor %} {{ matrix_ldap_registration_proxy_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-ldap-registration-proxy 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-ldap-registration-proxy 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ldap-registration-proxy 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ldap-registration-proxy 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-ldap-registration-proxy diff --git a/roles/custom/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 b/roles/custom/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 index 39438460..fcb3b5aa 100644 --- a/roles/custom/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 +++ b/roles/custom/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 @@ -13,12 +13,12 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-ma1sd 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-ma1sd 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ma1sd 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ma1sd 2>/dev/null || true' # ma1sd writes an SQLite shared library (libsqlitejdbc.so) to /tmp and executes it from there, # so /tmp needs to be mounted with an exec option. -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-ma1sd \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-ma1sd \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -38,8 +38,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-ma1sd \ {% endfor %} {{ matrix_ma1sd_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-ma1sd 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-ma1sd 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ma1sd 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ma1sd 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-ma1sd diff --git a/roles/custom/matrix-mailer/templates/systemd/matrix-mailer.service.j2 b/roles/custom/matrix-mailer/templates/systemd/matrix-mailer.service.j2 index 44a46a98..a501bdd4 100644 --- a/roles/custom/matrix-mailer/templates/systemd/matrix-mailer.service.j2 +++ b/roles/custom/matrix-mailer/templates/systemd/matrix-mailer.service.j2 @@ -8,12 +8,12 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mailer 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mailer 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mailer 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mailer 2>/dev/null || true' # --hostname gives us a friendlier hostname than the default. # The real hostname is passed via a `HOSTNAME` environment variable though. -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mailer \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mailer \ --log-driver=none \ --user={{ matrix_mailer_container_user_uid }}:{{ matrix_mailer_container_user_gid }} \ --cap-drop=ALL \ @@ -27,8 +27,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mailer \ {% endfor %} {{ matrix_mailer_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mailer 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mailer 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mailer 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mailer 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mailer diff --git a/roles/custom/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml b/roles/custom/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml index 6129a49f..dfb952a8 100644 --- a/roles/custom/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml +++ b/roles/custom/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml @@ -41,7 +41,7 @@ - name: Generate matrix-metrics-htpasswd from username/password (protecting /metrics/* URIs) ansible.builtin.command: cmd: >- - {{ matrix_host_command_docker }} run + {{ devture_systemd_docker_base_host_command_docker }} run --rm --user={{ matrix_user_uid }}:{{ matrix_user_gid }} --cap-drop=ALL diff --git a/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml b/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml index 176692ff..b10791a7 100644 --- a/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml +++ b/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml @@ -30,7 +30,7 @@ # We suppress the error, as we'll try another method below. - name: Attempt initial SSL certificate retrieval with standalone authenticator (directly) ansible.builtin.shell: >- - {{ matrix_host_command_docker }} run + {{ devture_systemd_docker_base_host_command_docker }} run --rm --name=matrix-certbot --user={{ matrix_user_uid }}:{{ matrix_user_gid }} @@ -59,7 +59,7 @@ # and it's running now, it may be able to proxy requests to `matrix_ssl_lets_encrypt_certbot_standalone_http_port`. - name: Attempt initial SSL certificate retrieval with standalone authenticator (via proxy) ansible.builtin.shell: >- - {{ matrix_host_command_docker }} run + {{ devture_systemd_docker_base_host_command_docker }} run --rm --name=matrix-certbot --user={{ matrix_user_uid }}:{{ matrix_user_gid }} diff --git a/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 b/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 index 49c4c0dd..76d08040 100755 --- a/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 +++ b/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 @@ -13,10 +13,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-nginx-proxy 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-nginx-proxy 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-nginx-proxy 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-nginx-proxy 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-nginx-proxy \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-nginx-proxy \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -51,12 +51,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-nginx-proxy \ {{ matrix_nginx_proxy_docker_image }} {% for network in matrix_nginx_proxy_container_additional_networks %} -ExecStartPost={{ matrix_host_command_sh }} -c 'attempt=0; while [ $attempt -le 29 ]; do attempt=$(( $attempt + 1 )); if [ "`docker inspect -f {{ '{{.State.Running}}' }} matrix-nginx-proxy 2> /dev/null`" = "true" ]; then break; fi; sleep 1; done; {{ matrix_host_command_docker }} network connect {{ network }} matrix-nginx-proxy' +ExecStartPost={{ matrix_host_command_sh }} -c 'attempt=0; while [ $attempt -le 29 ]; do attempt=$(( $attempt + 1 )); if [ "`docker inspect -f {{ '{{.State.Running}}' }} matrix-nginx-proxy 2> /dev/null`" = "true" ]; then break; fi; sleep 1; done; {{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-nginx-proxy' {% endfor %} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-nginx-proxy 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-nginx-proxy 2>/dev/null || true' -ExecReload={{ matrix_host_command_docker }} exec matrix-nginx-proxy /usr/sbin/nginx -s reload +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-nginx-proxy 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-nginx-proxy 2>/dev/null || true' +ExecReload={{ devture_systemd_docker_base_host_command_docker }} exec matrix-nginx-proxy /usr/sbin/nginx -s reload Restart=always RestartSec=30 SyslogIdentifier=matrix-nginx-proxy diff --git a/roles/custom/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 b/roles/custom/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 index 47a81dec..d817cb1a 100644 --- a/roles/custom/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 +++ b/roles/custom/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 @@ -8,10 +8,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-ntfy 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-ntfy 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ntfy 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ntfy 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-ntfy \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-ntfy \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -28,8 +28,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-ntfy \ {{ matrix_ntfy_docker_image }} \ serve -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-ntfy 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-ntfy 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ntfy 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ntfy 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-ntfy diff --git a/roles/custom/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2 b/roles/custom/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2 index 1622b222..e5c06b83 100644 --- a/roles/custom/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2 +++ b/roles/custom/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2 @@ -8,10 +8,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_docker }} stop matrix-postgres-backup -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-postgres-backup 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_docker }} stop matrix-postgres-backup +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-postgres-backup 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-postgres-backup \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-postgres-backup \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -21,8 +21,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-postgres-backu --mount type=bind,src={{ matrix_postgres_backup_path }},dst=/backups \ {{ matrix_postgres_backup_docker_image_to_use }} -ExecStop=-{{ matrix_host_command_docker }} stop matrix-postgres-backup -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-postgres-backup 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_docker }} stop matrix-postgres-backup +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-postgres-backup 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-postgres-backup diff --git a/roles/custom/matrix-postgres/tasks/import_generic_sqlite_db.yml b/roles/custom/matrix-postgres/tasks/import_generic_sqlite_db.yml index 7fa4a20a..c3fff520 100644 --- a/roles/custom/matrix-postgres/tasks/import_generic_sqlite_db.yml +++ b/roles/custom/matrix-postgres/tasks/import_generic_sqlite_db.yml @@ -71,7 +71,7 @@ - name: Import SQLite database from {{ sqlite_database_path }} into Postgres # noqa name[template] ansible.builtin.command: cmd: >- - {{ matrix_host_command_docker }} run + {{ devture_systemd_docker_base_host_command_docker }} run --rm --user={{ matrix_user_uid }}:{{ matrix_user_gid }} --cap-drop=ALL diff --git a/roles/custom/matrix-postgres/tasks/import_postgres.yml b/roles/custom/matrix-postgres/tasks/import_postgres.yml index d5bfaa86..d21333ad 100644 --- a/roles/custom/matrix-postgres/tasks/import_postgres.yml +++ b/roles/custom/matrix-postgres/tasks/import_postgres.yml @@ -72,7 +72,7 @@ - name: Generate Postgres database import command ansible.builtin.set_fact: matrix_postgres_import_command: >- - {{ matrix_host_command_docker }} run --rm --name matrix-postgres-import + {{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-postgres-import --log-driver=none --user={{ matrix_user_uid }}:{{ matrix_user_gid }} --cap-drop=ALL diff --git a/roles/custom/matrix-postgres/tasks/migrate_db_to_postgres.yml b/roles/custom/matrix-postgres/tasks/migrate_db_to_postgres.yml index 168b66ec..dca284ad 100644 --- a/roles/custom/matrix-postgres/tasks/migrate_db_to_postgres.yml +++ b/roles/custom/matrix-postgres/tasks/migrate_db_to_postgres.yml @@ -121,7 +121,7 @@ - name: Import {{ matrix_postgres_db_migration_request.engine_old }} database from {{ matrix_postgres_db_migration_request.src }} into Postgres # noqa name[template] ansible.builtin.command: cmd: >- - {{ matrix_host_command_docker }} run + {{ devture_systemd_docker_base_host_command_docker }} run --rm --user={{ matrix_user_uid }}:{{ matrix_user_gid }} --cap-drop=ALL @@ -146,7 +146,7 @@ - name: Execute additional Postgres SQL migration statements ansible.builtin.command: cmd: >- - {{ matrix_host_command_docker }} run + {{ devture_systemd_docker_base_host_command_docker }} run --rm --user={{ matrix_user_uid }}:{{ matrix_user_gid }} --cap-drop=ALL diff --git a/roles/custom/matrix-postgres/tasks/run_vacuum.yml b/roles/custom/matrix-postgres/tasks/run_vacuum.yml index c1bf8d76..dfa4be7a 100644 --- a/roles/custom/matrix-postgres/tasks/run_vacuum.yml +++ b/roles/custom/matrix-postgres/tasks/run_vacuum.yml @@ -47,7 +47,7 @@ - name: Generate Postgres database vacuum command ansible.builtin.set_fact: matrix_postgres_vacuum_command: >- - {{ matrix_host_command_docker }} run --rm --name matrix-postgres-synapse-vacuum + {{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-postgres-synapse-vacuum --user={{ matrix_user_uid }}:{{ matrix_user_gid }} --cap-drop=ALL --network={{ matrix_docker_network }} diff --git a/roles/custom/matrix-postgres/tasks/upgrade_postgres.yml b/roles/custom/matrix-postgres/tasks/upgrade_postgres.yml index 3d22407c..d5f7e6c3 100644 --- a/roles/custom/matrix-postgres/tasks/upgrade_postgres.yml +++ b/roles/custom/matrix-postgres/tasks/upgrade_postgres.yml @@ -82,7 +82,7 @@ - name: Perform Postgres database dump ansible.builtin.command: cmd: >- - {{ matrix_host_command_docker }} run --rm --name matrix-postgres-dump + {{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-postgres-dump --log-driver=none --user={{ matrix_user_uid }}:{{ matrix_user_gid }} --network={{ matrix_docker_network }} @@ -134,7 +134,7 @@ - name: Generate Postgres database import command ansible.builtin.set_fact: matrix_postgres_import_command: >- - {{ matrix_host_command_docker }} run --rm --name matrix-postgres-import + {{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-postgres-import --log-driver=none --user={{ matrix_user_uid }}:{{ matrix_user_gid }} --cap-drop=ALL diff --git a/roles/custom/matrix-postgres/tasks/util/create_additional_database.yml b/roles/custom/matrix-postgres/tasks/util/create_additional_database.yml index da95b870..ce441ee1 100644 --- a/roles/custom/matrix-postgres/tasks/util/create_additional_database.yml +++ b/roles/custom/matrix-postgres/tasks/util/create_additional_database.yml @@ -22,7 +22,7 @@ - name: Execute Postgres additional database initialization SQL file for {{ additional_db.name }} ansible.builtin.command: cmd: >- - {{ matrix_host_command_docker }} run + {{ devture_systemd_docker_base_host_command_docker }} run --rm --user={{ matrix_user_uid }}:{{ matrix_user_gid }} --cap-drop=ALL diff --git a/roles/custom/matrix-postgres/templates/systemd/matrix-postgres.service.j2 b/roles/custom/matrix-postgres/templates/systemd/matrix-postgres.service.j2 index 264e9b9a..ebf4bfc2 100644 --- a/roles/custom/matrix-postgres/templates/systemd/matrix-postgres.service.j2 +++ b/roles/custom/matrix-postgres/templates/systemd/matrix-postgres.service.j2 @@ -8,14 +8,14 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-postgres 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-postgres 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-postgres 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-postgres 2>/dev/null || true' # We need /dev/shm to be larger than the default to allow VACUUM to work. # See: # - https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1362 # - https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1268 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-postgres \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-postgres \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -36,8 +36,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-postgres \ {{ matrix_postgres_docker_image_to_use }} \ postgres {{ matrix_postgres_process_extra_arguments|join(' ') }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-postgres 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-postgres 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-postgres 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-postgres 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-postgres diff --git a/roles/custom/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 b/roles/custom/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 index 4f0b2009..41655f7e 100644 --- a/roles/custom/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 +++ b/roles/custom/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 @@ -13,11 +13,11 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-prometheus-node-exporter 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-prometheus-node-exporter 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-prometheus-node-exporter 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-prometheus-node-exporter 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-prometheus-node-exporter \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-prometheus-node-exporter \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -34,8 +34,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-prometheus-nod {{ matrix_prometheus_node_exporter_docker_image }} \ --path.rootfs=/host {{ matrix_prometheus_node_exporter_process_extra_arguments|join(' ') }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-prometheus-node-exporter 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-prometheus-node-exporter 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-prometheus-node-exporter 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-prometheus-node-exporter 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-prometheus-node-exporter diff --git a/roles/custom/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2 b/roles/custom/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2 index f607beae..4462c5ed 100644 --- a/roles/custom/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2 +++ b/roles/custom/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2 @@ -13,11 +13,11 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-prometheus-postgres-exporter 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-prometheus-postgres-exporter 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-prometheus-postgres-exporter 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-prometheus-postgres-exporter 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-prometheus-postgres-exporter \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-prometheus-postgres-exporter \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-prometheus-pos --pid=host \ {{ matrix_prometheus_postgres_exporter_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-prometheus-postgres-exporter 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-prometheus-postgres-exporter 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-prometheus-postgres-exporter 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-prometheus-postgres-exporter 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-prometheus-postgres-exporter diff --git a/roles/custom/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 b/roles/custom/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 index 45b905eb..210c193f 100644 --- a/roles/custom/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 +++ b/roles/custom/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 @@ -13,11 +13,11 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-prometheus 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-prometheus 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-prometheus 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-prometheus 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-prometheus \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-prometheus \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-prometheus \ {% endfor %} {{ matrix_prometheus_docker_image }} {{ matrix_prometheus_process_arguments|join(' ') }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-prometheus 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-prometheus 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-prometheus 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-prometheus 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-prometheus diff --git a/roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2 b/roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2 index ade1bb03..8ddd023f 100644 --- a/roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2 +++ b/roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2 @@ -13,10 +13,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-registration 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-registration 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-registration 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-registration 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-registration \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-registration \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-registration \ {{ matrix_registration_docker_image }} \ serve -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-registration 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-registration 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-registration 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-registration 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-registration diff --git a/roles/custom/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 b/roles/custom/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 index 938dcaf4..06783b04 100644 --- a/roles/custom/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 +++ b/roles/custom/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 @@ -13,10 +13,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-sygnal 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-sygnal 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-sygnal 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-sygnal 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-sygnal \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-sygnal \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-sygnal \ {% endfor %} {{ matrix_sygnal_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-sygnal 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-sygnal 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-sygnal 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-sygnal 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-sygnal diff --git a/roles/custom/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 b/roles/custom/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 index 82bf7a2d..8338aedb 100644 --- a/roles/custom/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 +++ b/roles/custom/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 @@ -13,10 +13,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-synapse-admin 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-synapse-admin 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-synapse-admin 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-synapse-admin 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-synapse-admin \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-synapse-admin \ --log-driver=none \ --cap-drop=ALL \ --cap-add=CHOWN \ @@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-synapse-admin {% endfor %} {{ matrix_synapse_admin_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-synapse-admin 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-synapse-admin 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-synapse-admin 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-synapse-admin 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-synapse-admin diff --git a/roles/custom/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml b/roles/custom/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml index 88db265d..e5cf8e8e 100644 --- a/roles/custom/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml +++ b/roles/custom/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml @@ -6,7 +6,7 @@ - name: Generate rust-synapse-compress-state room compression command ansible.builtin.set_fact: matrix_synapse_rust_synapse_compress_state_compress_room_command: >- - {{ matrix_host_command_docker }} run --rm --name matrix-rust-synapse-compress-state-compress-room + {{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-rust-synapse-compress-state-compress-room --user={{ matrix_user_uid }}:{{ matrix_user_gid }} --cap-drop=ALL --network={{ matrix_docker_network }} @@ -30,7 +30,7 @@ - name: Generate Postgres compression SQL import command ansible.builtin.set_fact: matrix_synapse_rust_synapse_compress_state_psql_import_command: >- - {{ matrix_host_command_docker }} run --rm --name matrix-rust-synapse-compress-state-psql-import + {{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-rust-synapse-compress-state-psql-import --user={{ matrix_user_uid }}:{{ matrix_user_gid }} --cap-drop=ALL --network={{ matrix_docker_network }} diff --git a/roles/custom/matrix-synapse/tasks/rust-synapse-compress-state/main.yml b/roles/custom/matrix-synapse/tasks/rust-synapse-compress-state/main.yml index c8138c0b..b9dd7433 100644 --- a/roles/custom/matrix-synapse/tasks/rust-synapse-compress-state/main.yml +++ b/roles/custom/matrix-synapse/tasks/rust-synapse-compress-state/main.yml @@ -56,7 +56,7 @@ - name: Generate rust-synapse-compress-state room find command ansible.builtin.set_fact: matrix_synapse_rust_synapse_compress_state_find_rooms_command: >- - {{ matrix_host_command_docker }} run --rm --name matrix-rust-synapse-compress-state-find-rooms + {{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-rust-synapse-compress-state-find-rooms --user={{ matrix_user_uid }}:{{ matrix_user_gid }} --cap-drop=ALL --network={{ matrix_docker_network }} diff --git a/roles/custom/matrix-synapse/tasks/synapse/setup_install.yml b/roles/custom/matrix-synapse/tasks/synapse/setup_install.yml index 111a7a98..1b468f2d 100644 --- a/roles/custom/matrix-synapse/tasks/synapse/setup_install.yml +++ b/roles/custom/matrix-synapse/tasks/synapse/setup_install.yml @@ -31,7 +31,7 @@ register: matrix_synapse_git_pull_results - name: Check if Synapse Docker image exists - ansible.builtin.command: "{{ matrix_host_command_docker }} images --quiet --filter 'reference={{ matrix_synapse_docker_image }}'" + ansible.builtin.command: "{{ devture_systemd_docker_base_host_command_docker }} images --quiet --filter 'reference={{ matrix_synapse_docker_image }}'" register: matrix_synapse_docker_image_check_result changed_when: false @@ -42,7 +42,7 @@ ansible.builtin.shell: chdir: "{{ matrix_synapse_docker_src_files_path }}" cmd: | - {{ matrix_host_command_docker }} build \ + {{ devture_systemd_docker_base_host_command_docker }} build \ -t "{{ matrix_synapse_docker_image }}" \ -f docker/Dockerfile \ . diff --git a/roles/custom/matrix-synapse/tasks/update_user_password.yml b/roles/custom/matrix-synapse/tasks/update_user_password.yml index f7b40456..3ddc4b8d 100644 --- a/roles/custom/matrix-synapse/tasks/update_user_password.yml +++ b/roles/custom/matrix-synapse/tasks/update_user_password.yml @@ -36,7 +36,7 @@ when: "start_result.changed or postgres_start_result.changed" - name: Generate password hash - ansible.builtin.shell: "{{ matrix_host_command_docker }} exec matrix-synapse /usr/local/bin/hash_password -c /data/homeserver.yaml -p {{ password | quote }}" + ansible.builtin.shell: "{{ devture_systemd_docker_base_host_command_docker }} exec matrix-synapse /usr/local/bin/hash_password -c /data/homeserver.yaml -p {{ password | quote }}" register: password_hash changed_when: false diff --git a/roles/custom/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 b/roles/custom/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 index 79085446..a1174bce 100644 --- a/roles/custom/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 +++ b/roles/custom/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 @@ -8,10 +8,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_docker }} kill %n -ExecStartPre=-{{ matrix_host_command_docker }} rm %n +ExecStartPre=-{{ devture_systemd_docker_base_host_command_docker }} kill %n +ExecStartPre=-{{ devture_systemd_docker_base_host_command_docker }} rm %n -ExecStart={{ matrix_host_command_docker }} run --rm --name %n \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name %n \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --mount type=bind,src=/etc/passwd,dst=/etc/passwd,ro \ @@ -27,9 +27,9 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name %n \ -c 'goofys -f{% if not matrix_s3_media_store_custom_endpoint_enabled %} --storage-class=STANDARD_IA{% endif %}{% if matrix_s3_media_store_custom_endpoint_enabled %} --endpoint={{ matrix_s3_media_store_custom_endpoint }}{% endif %} --region {{ matrix_s3_media_store_region }} --stat-cache-ttl 60m0s --type-cache-ttl 60m0s --dir-mode 0700 --file-mode 0700 {{ matrix_s3_media_store_bucket_name }} /s3' TimeoutStartSec=5min -ExecStop=-{{ matrix_host_command_docker }} stop %n -ExecStop=-{{ matrix_host_command_docker }} kill %n -ExecStop=-{{ matrix_host_command_docker }} rm %n +ExecStop=-{{ devture_systemd_docker_base_host_command_docker }} stop %n +ExecStop=-{{ devture_systemd_docker_base_host_command_docker }} kill %n +ExecStop=-{{ devture_systemd_docker_base_host_command_docker }} rm %n ExecStop=-{{ matrix_host_command_fusermount }} -u {{ matrix_s3_media_store_path }} Restart=always RestartSec=5 diff --git a/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-migrate.j2 b/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-migrate.j2 index e6684e69..d48ae122 100644 --- a/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-migrate.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-migrate.j2 @@ -1,7 +1,7 @@ #jinja2: lstrip_blocks: "True" #!/bin/bash -{{ matrix_host_command_docker }} run \ +{{ devture_systemd_docker_base_host_command_docker }} run \ --rm \ --env-file={{ matrix_synapse_ext_s3_storage_provider_path }}/env \ --mount type=bind,src={{ matrix_synapse_storage_path }},dst=/matrix-media-store-parent,bind-propagation=slave \ diff --git a/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-shell.j2 b/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-shell.j2 index c67a6dda..b46e89b7 100644 --- a/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-shell.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-shell.j2 @@ -1,7 +1,7 @@ #jinja2: lstrip_blocks: "True" #!/bin/bash -{{ matrix_host_command_docker }} run \ +{{ devture_systemd_docker_base_host_command_docker }} run \ -it \ --rm \ --env-file={{ matrix_synapse_ext_s3_storage_provider_path }}/env \ diff --git a/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 b/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 index fdee677c..00a98929 100644 --- a/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 @@ -8,13 +8,13 @@ After=matrix-synapse.service Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' # Intentional delay, so that the homeserver can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name {{ matrix_synapse_worker_container_name }} \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_synapse_worker_container_name }} \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -46,10 +46,10 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name {{ matrix_synapse_wor run -m synapse.app.{{ matrix_synapse_worker_details.app }} -c /data/homeserver.yaml -c /data/{{ matrix_synapse_worker_config_file_name }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' -ExecReload={{ matrix_host_command_docker }} exec {{ matrix_synapse_worker_container_name }} /bin/sh -c 'kill -HUP 1' +ExecReload={{ devture_systemd_docker_base_host_command_docker }} exec {{ matrix_synapse_worker_container_name }} /bin/sh -c 'kill -HUP 1' Restart=always RestartSec=30 SyslogIdentifier={{ matrix_synapse_worker_container_name }} diff --git a/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 b/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 index d6b8706f..c8b80f14 100644 --- a/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 @@ -21,8 +21,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-synapse 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-synapse 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-synapse 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-synapse 2>/dev/null || true' {% if matrix_s3_media_store_enabled %} # Allow for some time before starting, so that media store can mount. # Mounting can happen later too, but if we start writing, @@ -30,7 +30,7 @@ ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} ExecStartPre={{ matrix_host_command_sleep }} 3 {% endif %} -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-synapse \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-synapse \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -63,9 +63,9 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-synapse \ {{ matrix_synapse_docker_image_final }} \ run -m synapse.app.homeserver -c /data/homeserver.yaml -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-synapse 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-synapse 2>/dev/null || true' -ExecReload={{ matrix_host_command_docker }} exec matrix-synapse /bin/sh -c 'kill -HUP 1' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-synapse 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-synapse 2>/dev/null || true' +ExecReload={{ devture_systemd_docker_base_host_command_docker }} exec matrix-synapse /bin/sh -c 'kill -HUP 1' Restart=always RestartSec=30 SyslogIdentifier=matrix-synapse diff --git a/roles/custom/matrix-user-creator/tasks/util/ensure_user_registered_dendrite.yml b/roles/custom/matrix-user-creator/tasks/util/ensure_user_registered_dendrite.yml index 5fb1636f..2fede49f 100644 --- a/roles/custom/matrix-user-creator/tasks/util/ensure_user_registered_dendrite.yml +++ b/roles/custom/matrix-user-creator/tasks/util/ensure_user_registered_dendrite.yml @@ -3,7 +3,7 @@ - name: Ensure Dendrite user registered - {{ user.username | quote }} ansible.builtin.command: cmd: |- - {{ matrix_host_command_docker }} exec matrix-dendrite + {{ devture_systemd_docker_base_host_command_docker }} exec matrix-dendrite create-account -config /data/dendrite.yaml -username {{ user.username | quote }} diff --git a/roles/custom/matrix-user-creator/tasks/util/ensure_user_registered_synapse.yml b/roles/custom/matrix-user-creator/tasks/util/ensure_user_registered_synapse.yml index fde82096..00189e5c 100644 --- a/roles/custom/matrix-user-creator/tasks/util/ensure_user_registered_synapse.yml +++ b/roles/custom/matrix-user-creator/tasks/util/ensure_user_registered_synapse.yml @@ -3,7 +3,7 @@ - name: Ensure Synapse user registered - {{ user.username | quote }} ansible.builtin.command: cmd: |- - {{ matrix_host_command_docker }} exec matrix-synapse + {{ devture_systemd_docker_base_host_command_docker }} exec matrix-synapse register_new_matrix_user -u {{ user.username | quote }} -p {{ user.initial_password | quote }} diff --git a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml index 96e6b84e..ef71a4e0 100644 --- a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml +++ b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml @@ -14,3 +14,4 @@ - {'old': 'matrix_ntpd_service', 'new': 'devture_timesync_ntpd_service'} - {'old': 'matrix_systemd_unit_home_path', 'new': 'devture_systemd_docker_base_systemd_unit_home_path'} - {'old': 'matrix_systemd_path', 'new': 'devture_systemd_docker_base_systemd_path'} + - {'old': 'matrix_host_command_docker', 'new': 'devture_systemd_docker_base_host_command_docker'} From 7086c0ebe3f89726a2dd90e65bc48915d886c0ef Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 4 Nov 2022 16:40:25 +0200 Subject: [PATCH 529/562] matrix_host_command_sh -> devture_systemd_docker_base_host_command_sh (via com.devture.ansible.role.systemd_docker_base) --- .../templates/systemd/matrix-backup-borg.service.j2 | 8 ++++---- roles/custom/matrix-base/defaults/main.yml | 1 - .../templates/systemd/matrix-bot-buscarron.service.j2 | 8 ++++---- .../templates/systemd/matrix-bot-go-neb.service.j2 | 8 ++++---- .../templates/systemd/matrix-bot-honoroit.service.j2 | 8 ++++---- .../matrix-bot-matrix-registration-bot.service.j2 | 8 ++++---- .../systemd/matrix-bot-matrix-reminder-bot.service.j2 | 8 ++++---- .../templates/systemd/matrix-bot-maubot.service.j2 | 8 ++++---- .../templates/systemd/matrix-bot-mjolnir.service.j2 | 8 ++++---- .../templates/systemd/matrix-bot-postmoogle.service.j2 | 8 ++++---- .../systemd/matrix-appservice-discord.service.j2 | 8 ++++---- .../templates/systemd/matrix-appservice-irc.service.j2 | 8 ++++---- .../matrix-appservice-kakaotalk-node.service.j2 | 8 ++++---- .../systemd/matrix-appservice-kakaotalk.service.j2 | 8 ++++---- .../systemd/matrix-appservice-slack.service.j2 | 8 ++++---- .../systemd/matrix-appservice-webhooks.service.j2 | 8 ++++---- .../systemd/matrix-beeper-linkedin.service.j2 | 8 ++++---- .../systemd/matrix-go-skype-bridge.service.j2 | 8 ++++---- .../systemd/matrix-mautrix-discord.service.j2 | 8 ++++---- .../systemd/matrix-mautrix-facebook.service.j2 | 8 ++++---- .../systemd/matrix-mautrix-googlechat.service.j2 | 4 ++-- .../systemd/matrix-mautrix-hangouts.service.j2 | 8 ++++---- .../systemd/matrix-mautrix-instagram.service.j2 | 8 ++++---- .../systemd/matrix-mautrix-signal-daemon.service.j2 | 8 ++++---- .../templates/systemd/matrix-mautrix-signal.service.j2 | 8 ++++---- .../systemd/matrix-mautrix-telegram.service.j2 | 8 ++++---- .../systemd/matrix-mautrix-twitter.service.j2 | 8 ++++---- .../systemd/matrix-mautrix-whatsapp.service.j2 | 8 ++++---- .../systemd/matrix-mx-puppet-discord.service.j2 | 8 ++++---- .../systemd/matrix-mx-puppet-groupme.service.j2 | 8 ++++---- .../systemd/matrix-mx-puppet-instagram.service.j2 | 8 ++++---- .../systemd/matrix-mx-puppet-slack.service.j2 | 8 ++++---- .../systemd/matrix-mx-puppet-steam.service.j2 | 8 ++++---- .../systemd/matrix-mx-puppet-twitter.service.j2 | 8 ++++---- .../systemd/matrix-cactus-comments.service.j2 | 8 ++++---- .../templates/systemd/matrix-client-cinny.service.j2 | 8 ++++---- .../templates/systemd/matrix-client-element.service.j2 | 8 ++++---- .../systemd/matrix-client-hydrogen.service.j2 | 8 ++++---- .../conduit/systemd/matrix-conduit.service.j2 | 8 ++++---- .../templates/systemd/matrix-corporal.service.j2 | 8 ++++---- .../templates/systemd/matrix-coturn.service.j2 | 8 ++++---- .../dendrite/systemd/matrix-dendrite.service.j2 | 8 ++++---- .../templates/systemd/matrix-dimension.service.j2 | 8 ++++---- .../templates/systemd/matrix-dynamic-dns.service.j2 | 8 ++++---- .../templates/systemd/matrix-email2matrix.service.j2 | 8 ++++---- .../templates/systemd/matrix-grafana.service.j2 | 8 ++++---- .../templates/jicofo/matrix-jitsi-jicofo.service.j2 | 8 ++++---- .../templates/jvb/matrix-jitsi-jvb.service.j2 | 8 ++++---- .../templates/prosody/matrix-jitsi-prosody.service.j2 | 8 ++++---- .../templates/web/matrix-jitsi-web.service.j2 | 8 ++++---- .../systemd/matrix-ldap-registration-proxy.service.j2 | 8 ++++---- .../templates/systemd/matrix-ma1sd.service.j2 | 8 ++++---- .../templates/systemd/matrix-mailer.service.j2 | 8 ++++---- .../templates/systemd/matrix-nginx-proxy.service.j2 | 10 +++++----- .../templates/systemd/matrix-ntfy.service.j2 | 8 ++++---- .../systemd/matrix-postgres-backup.service.j2 | 4 ++-- .../templates/systemd/matrix-postgres.service.j2 | 8 ++++---- .../systemd/matrix-prometheus-node-exporter.service.j2 | 8 ++++---- .../matrix-prometheus-postgres-exporter.service.j2 | 8 ++++---- .../templates/systemd/matrix-prometheus.service.j2 | 8 ++++---- .../templates/systemd/matrix-registration.service.j2 | 8 ++++---- .../templates/systemd/matrix-sygnal.service.j2 | 8 ++++---- .../templates/systemd/matrix-synapse-admin.service.j2 | 8 ++++---- .../synapse/systemd/matrix-synapse-worker.service.j2 | 8 ++++---- .../synapse/systemd/matrix-synapse.service.j2 | 8 ++++---- .../tasks/validate_config.yml | 1 + 66 files changed, 254 insertions(+), 254 deletions(-) diff --git a/roles/custom/matrix-backup-borg/templates/systemd/matrix-backup-borg.service.j2 b/roles/custom/matrix-backup-borg/templates/systemd/matrix-backup-borg.service.j2 index 70250f8d..533f6e42 100644 --- a/roles/custom/matrix-backup-borg/templates/systemd/matrix-backup-borg.service.j2 +++ b/roles/custom/matrix-backup-borg/templates/systemd/matrix-backup-borg.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=oneshot Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-backup-borg 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-backup-borg 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-backup-borg 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-backup-borg 2>/dev/null || true' ExecStartPre=-{{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-backup-borg \ --log-driver=none \ --cap-drop=ALL \ @@ -50,8 +50,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_backup_borg_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-backup-borg 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-backup-borg 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-backup-borg 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-backup-borg 2>/dev/null || true' SyslogIdentifier=matrix-backup-borg [Install] diff --git a/roles/custom/matrix-base/defaults/main.yml b/roles/custom/matrix-base/defaults/main.yml index f6cd06f4..c66192b1 100644 --- a/roles/custom/matrix-base/defaults/main.yml +++ b/roles/custom/matrix-base/defaults/main.yml @@ -125,7 +125,6 @@ matrix_host_command_chown: "/usr/bin/env chown" matrix_host_command_fusermount: "/usr/bin/env fusermount" matrix_host_command_openssl: "/usr/bin/env openssl" matrix_host_command_systemctl: "/usr/bin/env systemctl" -matrix_host_command_sh: "/usr/bin/env sh" matrix_homeserver_url: "https://{{ matrix_server_fqn_matrix }}" diff --git a/roles/custom/matrix-bot-buscarron/templates/systemd/matrix-bot-buscarron.service.j2 b/roles/custom/matrix-bot-buscarron/templates/systemd/matrix-bot-buscarron.service.j2 index 89ffe62e..60909dc9 100644 --- a/roles/custom/matrix-bot-buscarron/templates/systemd/matrix-bot-buscarron.service.j2 +++ b/roles/custom/matrix-bot-buscarron/templates/systemd/matrix-bot-buscarron.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-buscarron 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-buscarron 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-buscarron 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-buscarron 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-bot-buscarron \ --log-driver=none \ @@ -29,8 +29,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_bot_buscarron_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-buscarron 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-buscarron 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-buscarron 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-buscarron 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-buscarron diff --git a/roles/custom/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 b/roles/custom/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 index a2143963..a57df57e 100644 --- a/roles/custom/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 +++ b/roles/custom/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-go-neb 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-go-neb 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-go-neb 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-go-neb 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-bot-go-neb \ --log-driver=none \ @@ -39,8 +39,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_bot_go_neb_docker_image }} \ -c "go-neb /config/config.yaml" -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-go-neb 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-go-neb 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-go-neb 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-go-neb 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-go-neb diff --git a/roles/custom/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2 b/roles/custom/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2 index d7e53ce9..2cce62da 100644 --- a/roles/custom/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2 +++ b/roles/custom/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-honoroit 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-honoroit 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-honoroit 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-honoroit 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-bot-honoroit \ --log-driver=none \ @@ -29,8 +29,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_bot_honoroit_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-honoroit 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-honoroit 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-honoroit 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-honoroit 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-honoroit diff --git a/roles/custom/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 b/roles/custom/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 index 872a6814..704c512f 100644 --- a/roles/custom/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 +++ b/roles/custom/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-matrix-registration-bot 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-matrix-registration-bot 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-matrix-registration-bot 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-matrix-registration-bot 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-bot-matrix-registration-bot \ --log-driver=none \ @@ -27,8 +27,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name --network={{ matrix_docker_network }} \ {{ matrix_bot_matrix_registration_bot_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-matrix-registration-bot 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-matrix-registration-bot 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-matrix-registration-bot 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-matrix-registration-bot 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-matrix-registration-bot diff --git a/roles/custom/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 b/roles/custom/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 index 31c6d610..71598232 100644 --- a/roles/custom/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 +++ b/roles/custom/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-matrix-reminder-bot 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-matrix-reminder-bot 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-matrix-reminder-bot 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-matrix-reminder-bot 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-bot-matrix-reminder-bot \ --log-driver=none \ @@ -32,8 +32,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_bot_matrix_reminder_bot_docker_image }} \ -c "matrix-reminder-bot /config/config.yaml" -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-matrix-reminder-bot 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-matrix-reminder-bot 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-matrix-reminder-bot 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-matrix-reminder-bot 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-matrix-reminder-bot diff --git a/roles/custom/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 b/roles/custom/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 index fd07d40c..34c85635 100644 --- a/roles/custom/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 +++ b/roles/custom/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-maubot 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-maubot 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-bot-maubot \ --log-driver=none \ @@ -33,8 +33,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_bot_maubot_docker_image }} \ python3 -m maubot -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-maubot 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-maubot 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-maubot diff --git a/roles/custom/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 b/roles/custom/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 index d4a5b1df..8ac872b7 100644 --- a/roles/custom/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 +++ b/roles/custom/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-mjolnir 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-mjolnir 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-mjolnir 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-mjolnir 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -32,8 +32,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_bot_mjolnir_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-mjolnir 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-mjolnir 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-mjolnir 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-mjolnir 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-mjolnir diff --git a/roles/custom/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 b/roles/custom/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 index e9c6a0c2..f2610600 100644 --- a/roles/custom/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 +++ b/roles/custom/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-postmoogle 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-postmoogle 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-postmoogle 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-postmoogle 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-bot-postmoogle \ --log-driver=none \ @@ -36,8 +36,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_bot_postmoogle_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-postmoogle 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-postmoogle 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-postmoogle 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-postmoogle 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-postmoogle diff --git a/roles/custom/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 b/roles/custom/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 index 8cb75b83..8a793573 100644 --- a/roles/custom/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 +++ b/roles/custom/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-discord 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-discord 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-discord 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-discord 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -35,8 +35,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_appservice_discord_docker_image }} \ node /build/src/discordas.js -p 9005 -c /cfg/config.yaml -f /cfg/registration.yaml -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-discord 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-discord 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-discord 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-discord 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-appservice-discord diff --git a/roles/custom/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 b/roles/custom/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 index 3e40b801..bd5cbbe3 100644 --- a/roles/custom/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 +++ b/roles/custom/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-irc 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-irc 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-irc 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-irc 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -36,8 +36,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_appservice_irc_docker_image }} \ -c 'node app.js -c /config/config.yaml -f /config/registration.yaml -p 9999' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-irc 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-irc 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-irc 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-irc 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-appservice-irc diff --git a/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 b/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 index 879fdc87..4161241a 100644 --- a/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 +++ b/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-kakaotalk-node 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-kakaotalk-node 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-kakaotalk-node 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-kakaotalk-node 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-appservice-kakaotalk-node \ --log-driver=none \ @@ -28,8 +28,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_appservice_kakaotalk_node_docker_image }} \ node src/main.js --config /config.json -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-kakaotalk-node 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-kakaotalk-node 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-kakaotalk-node 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-kakaotalk-node 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-appservice-kakaotalk-node diff --git a/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 b/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 index f08d37fc..0c85e7ba 100644 --- a/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 +++ b/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-kakaotalk 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-kakaotalk 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-kakaotalk 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-kakaotalk 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -32,8 +32,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_appservice_kakaotalk_docker_image }} \ python3 -m matrix_appservice_kakaotalk -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-kakaotalk 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-kakaotalk 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-kakaotalk 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-kakaotalk 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-appservice-kakaotalk diff --git a/roles/custom/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 b/roles/custom/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 index 8e1e350d..0d1009fa 100644 --- a/roles/custom/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 +++ b/roles/custom/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-slack 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-slack 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-slack 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-slack 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -35,8 +35,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_appservice_slack_docker_image }} \ node app.js -p {{matrix_appservice_slack_matrix_port}} -c /config/config.yaml -f /config/slack-registration.yaml -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-slack 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-slack 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-slack 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-slack 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-appservice-slack diff --git a/roles/custom/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 b/roles/custom/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 index 028d3e7b..a5017369 100644 --- a/roles/custom/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 +++ b/roles/custom/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-webhooks 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-webhooks 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-webhooks 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-webhooks 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -35,8 +35,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_appservice_webhooks_docker_image }} \ node index.js -p {{ matrix_appservice_webhooks_matrix_port }} -c /config/config.yaml -f /config/webhooks-registration.yaml -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-webhooks 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-webhooks 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-webhooks 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-webhooks 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-appservice-webhooks diff --git a/roles/custom/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 b/roles/custom/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 index 665ee434..1a63311b 100644 --- a/roles/custom/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 +++ b/roles/custom/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-beeper-linkedin 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-beeper-linkedin 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-beeper-linkedin 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-beeper-linkedin 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -32,8 +32,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_beeper_linkedin_docker_image }} \ python3 -m linkedin_matrix -c /data/config.yaml -r /data/registration.yaml -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-beeper-linkedin 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-beeper-linkedin 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-beeper-linkedin 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-beeper-linkedin 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-beeper-linkedin diff --git a/roles/custom/matrix-bridge-go-skype-bridge/templates/systemd/matrix-go-skype-bridge.service.j2 b/roles/custom/matrix-bridge-go-skype-bridge/templates/systemd/matrix-go-skype-bridge.service.j2 index 44aa97dd..f7ab10f8 100644 --- a/roles/custom/matrix-bridge-go-skype-bridge/templates/systemd/matrix-go-skype-bridge.service.j2 +++ b/roles/custom/matrix-bridge-go-skype-bridge/templates/systemd/matrix-go-skype-bridge.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-go-skype-bridge 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-go-skype-bridge 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-go-skype-bridge 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-go-skype-bridge 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -33,8 +33,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_go_skype_bridge_docker_image }} \ /usr/bin/matrix-skype -c /config/config.yaml -r /config/registration.yaml -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-go-skype-bridge 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-go-skype-bridge 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-go-skype-bridge 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-go-skype-bridge 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-go-skype-bridge diff --git a/roles/custom/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 b/roles/custom/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 index 452c58b9..43a16607 100644 --- a/roles/custom/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-discord 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-discord 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-discord 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-discord 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -33,8 +33,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_mautrix_discord_docker_image }} \ /usr/bin/mautrix-discord -c /config/config.yaml -r /config/registration.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-discord 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-discord 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-discord 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-discord 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-discord diff --git a/roles/custom/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 b/roles/custom/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 index 6a8a2c8a..4097111e 100644 --- a/roles/custom/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-facebook 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-facebook 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-facebook 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-facebook 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -35,8 +35,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_mautrix_facebook_docker_image }} \ python3 -m mautrix_facebook -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-facebook 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-facebook 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-facebook 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-facebook 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-facebook diff --git a/roles/custom/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2 b/roles/custom/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2 index d640a14f..d52e5d6b 100644 --- a/roles/custom/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2 @@ -33,8 +33,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_mautrix_googlechat_docker_image }} \ python3 -m mautrix_googlechat -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-googlechat 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-googlechat 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-googlechat 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-googlechat 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-googlechat diff --git a/roles/custom/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 b/roles/custom/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 index f20f20e3..a24bcf86 100644 --- a/roles/custom/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-hangouts matrix-mautrix-hangouts-db 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-hangouts matrix-mautrix-hangouts-db 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-hangouts matrix-mautrix-hangouts-db 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-hangouts matrix-mautrix-hangouts-db 2>/dev/null || true' ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mautrix-hangouts-db \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ @@ -44,8 +44,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_mautrix_hangouts_docker_image }} \ python3 -m mautrix_hangouts -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-hangouts 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-hangouts 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-hangouts 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-hangouts 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-hangouts diff --git a/roles/custom/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 b/roles/custom/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 index f8979fb6..808ace40 100644 --- a/roles/custom/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-instagram 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-instagram 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-instagram 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-instagram 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -32,8 +32,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_mautrix_instagram_docker_image }} \ python3 -m mautrix_instagram -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-instagram 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-instagram 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-instagram 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-instagram 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-instagram diff --git a/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 b/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 index c67f7e62..11a34d8f 100644 --- a/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 @@ -15,8 +15,8 @@ Wants={{ service }} Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-signal-daemon 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-signal-daemon 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-signal-daemon 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-signal-daemon 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -41,8 +41,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name -v {{ matrix_mautrix_signal_daemon_path }}:/signald:z \ {{ matrix_mautrix_signal_daemon_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-signal-daemon 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-signal-daemon 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-signal-daemon 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-signal-daemon 2>/dev/null || true' Restart=always RestartSec=30 diff --git a/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 b/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 index 1ca46a20..7b70cbe4 100644 --- a/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 @@ -14,8 +14,8 @@ Wants={{ service }} [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-signal 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-signal 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-signal 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-signal 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -38,8 +38,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_mautrix_signal_docker_image }} \ python3 -m mautrix_signal -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-signal 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-signal 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-signal 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-signal 2>/dev/null || true' Restart=always RestartSec=30 diff --git a/roles/custom/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 b/roles/custom/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 index fae2efcd..2948a711 100644 --- a/roles/custom/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-telegram 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-telegram 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-telegram 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-telegram 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -35,8 +35,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_mautrix_telegram_docker_image }} \ python3 -m mautrix_telegram -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-telegram 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-telegram 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-telegram 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-telegram 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-telegram diff --git a/roles/custom/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 b/roles/custom/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 index 48122b9f..c167eb06 100644 --- a/roles/custom/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-twitter 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-twitter 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-twitter 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-twitter 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -32,8 +32,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_mautrix_twitter_docker_image }} \ python3 -m mautrix_twitter -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-twitter 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-twitter 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-twitter 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-twitter 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-twitter diff --git a/roles/custom/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 b/roles/custom/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 index f7318475..effa086d 100644 --- a/roles/custom/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-whatsapp 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-whatsapp 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-whatsapp 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-whatsapp 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -33,8 +33,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_mautrix_whatsapp_docker_image }} \ /usr/bin/mautrix-whatsapp -c /config/config.yaml -r /config/registration.yaml -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-whatsapp 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-whatsapp 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-whatsapp 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-whatsapp 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-whatsapp diff --git a/roles/custom/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 b/roles/custom/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 index ed034d82..7304054e 100644 --- a/roles/custom/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-discord 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-discord 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-discord 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-discord 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 15 @@ -33,8 +33,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_mx_puppet_discord_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-discord 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-discord 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-discord 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-discord 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mx-puppet-discord diff --git a/roles/custom/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 b/roles/custom/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 index 0843f44f..d9fd4929 100644 --- a/roles/custom/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-groupme 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-groupme 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-groupme 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-groupme 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -33,8 +33,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_mx_puppet_groupme_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-groupme 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-groupme 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-groupme 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-groupme 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mx-puppet-groupme diff --git a/roles/custom/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 b/roles/custom/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 index 94bb5aae..5e3ad3ea 100644 --- a/roles/custom/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-instagram 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-instagram 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-instagram 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-instagram 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -33,8 +33,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_mx_puppet_instagram_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-instagram 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-instagram 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-instagram 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-instagram 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mx-puppet-instagram diff --git a/roles/custom/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 b/roles/custom/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 index 6d55316d..06d5e10a 100644 --- a/roles/custom/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-slack 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-slack 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-slack 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-slack 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -36,8 +36,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_mx_puppet_slack_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-slack 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-slack 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-slack 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-slack 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mx-puppet-slack diff --git a/roles/custom/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 b/roles/custom/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 index fdc9dd1c..31dd2fae 100644 --- a/roles/custom/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-steam 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-steam 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-steam 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-steam 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -33,8 +33,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_mx_puppet_steam_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-steam 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-steam 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-steam 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-steam 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mx-puppet-steam diff --git a/roles/custom/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 b/roles/custom/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 index 74a6ed01..918b06d7 100644 --- a/roles/custom/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-twitter 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-twitter 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-twitter 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-twitter 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -36,8 +36,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_mx_puppet_twitter_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-twitter 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-twitter 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-twitter 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-twitter 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mx-puppet-twitter diff --git a/roles/custom/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 b/roles/custom/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 index ffc63b68..1ad84d5b 100644 --- a/roles/custom/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 +++ b/roles/custom/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-cactus-comments 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-cactus-comments 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-cactus-comments 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-cactus-comments 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-cactus-comments \ --log-driver=none \ @@ -26,8 +26,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name --network={{ matrix_docker_network }} \ {{ matrix_cactus_comments_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-cactus-comments 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-cactus-comments 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-cactus-comments 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-cactus-comments 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-cactus-comments diff --git a/roles/custom/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2 b/roles/custom/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2 index 9aa0239f..b9a66c74 100644 --- a/roles/custom/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2 +++ b/roles/custom/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2 @@ -10,8 +10,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-client-cinny 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-cinny 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-client-cinny 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-cinny 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-client-cinny \ --log-driver=none \ @@ -30,8 +30,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_client_cinny_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-client-cinny 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-cinny 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-client-cinny 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-cinny 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-client-cinny diff --git a/roles/custom/matrix-client-element/templates/systemd/matrix-client-element.service.j2 b/roles/custom/matrix-client-element/templates/systemd/matrix-client-element.service.j2 index a5181f59..52f3249a 100644 --- a/roles/custom/matrix-client-element/templates/systemd/matrix-client-element.service.j2 +++ b/roles/custom/matrix-client-element/templates/systemd/matrix-client-element.service.j2 @@ -10,8 +10,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-client-element 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-element 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-client-element 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-element 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-client-element \ --log-driver=none \ @@ -35,8 +35,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_client_element_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-client-element 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-element 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-client-element 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-element 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-client-element diff --git a/roles/custom/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2 b/roles/custom/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2 index 70d32bdd..92bfadcb 100644 --- a/roles/custom/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2 +++ b/roles/custom/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2 @@ -10,8 +10,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-client-hydrogen 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-hydrogen 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-client-hydrogen 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-hydrogen 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-client-hydrogen \ --log-driver=none \ @@ -29,8 +29,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_client_hydrogen_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-client-hydrogen 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-hydrogen 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-client-hydrogen 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-hydrogen 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-client-hydrogen diff --git a/roles/custom/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 b/roles/custom/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 index d24acfbe..cdaead01 100644 --- a/roles/custom/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 +++ b/roles/custom/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 @@ -9,8 +9,8 @@ After={{ service }} [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-conduit 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-conduit 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-conduit 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-conduit 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-conduit \ --log-driver=none \ @@ -27,8 +27,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_conduit_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-conduit 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-conduit 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-conduit 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-conduit 2>/dev/null || true' ExecReload={{ devture_systemd_docker_base_host_command_docker }} exec matrix-conduit /bin/sh -c 'kill -HUP 1' Restart=always RestartSec=30 diff --git a/roles/custom/matrix-corporal/templates/systemd/matrix-corporal.service.j2 b/roles/custom/matrix-corporal/templates/systemd/matrix-corporal.service.j2 index 8ea4dd42..b5ad685a 100644 --- a/roles/custom/matrix-corporal/templates/systemd/matrix-corporal.service.j2 +++ b/roles/custom/matrix-corporal/templates/systemd/matrix-corporal.service.j2 @@ -10,8 +10,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-corporal 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-corporal 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-corporal 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-corporal 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-corporal \ --log-driver=none \ @@ -34,8 +34,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_corporal_docker_image }} \ /matrix-corporal -config=/etc/matrix-corporal/config.json -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-corporal 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-corporal 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-corporal 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-corporal 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-corporal diff --git a/roles/custom/matrix-coturn/templates/systemd/matrix-coturn.service.j2 b/roles/custom/matrix-coturn/templates/systemd/matrix-coturn.service.j2 index 63a42a1b..3a0782bf 100644 --- a/roles/custom/matrix-coturn/templates/systemd/matrix-coturn.service.j2 +++ b/roles/custom/matrix-coturn/templates/systemd/matrix-coturn.service.j2 @@ -10,8 +10,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-coturn 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-coturn 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-coturn 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-coturn 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-coturn \ --log-driver=none \ @@ -43,8 +43,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_coturn_docker_image }} \ -c /turnserver.conf -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-coturn 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-coturn 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-coturn 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-coturn 2>/dev/null || true' # This only reloads certificates (not other configuration). # See: https://github.com/coturn/coturn/pull/236 diff --git a/roles/custom/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 b/roles/custom/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 index b3e15fb0..b83f00bc 100644 --- a/roles/custom/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 +++ b/roles/custom/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-dendrite 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dendrite 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-dendrite 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dendrite 2>/dev/null || true' {% if 'matrix-postgres.service' in matrix_dendrite_systemd_required_services_list %} # Dendrite is too quick to start in relation to its matrix-postgres dependency. @@ -54,8 +54,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name -https-bind-address {{ matrix_dendrite_https_bind_address }} {% endif %} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-dendrite 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dendrite 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-dendrite 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dendrite 2>/dev/null || true' ExecReload={{ devture_systemd_docker_base_host_command_docker }} exec matrix-dendrite /bin/sh -c 'kill -HUP 1' Restart=always RestartSec=30 diff --git a/roles/custom/matrix-dimension/templates/systemd/matrix-dimension.service.j2 b/roles/custom/matrix-dimension/templates/systemd/matrix-dimension.service.j2 index 58f29cba..07428ffa 100644 --- a/roles/custom/matrix-dimension/templates/systemd/matrix-dimension.service.j2 +++ b/roles/custom/matrix-dimension/templates/systemd/matrix-dimension.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-dimension 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dimension 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-dimension 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dimension 2>/dev/null || true' # Fixup database ownership if it got changed somehow (during a server migration, etc.) {% if matrix_dimension_database_engine == 'sqlite' %} @@ -38,8 +38,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_dimension_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-dimension 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dimension 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-dimension 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dimension 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-dimension diff --git a/roles/custom/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 b/roles/custom/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 index 7ab2bf54..39cb94ca 100644 --- a/roles/custom/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 +++ b/roles/custom/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-dynamic-dns 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dynamic-dns 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-dynamic-dns 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dynamic-dns 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-dynamic-dns \ --log-driver=none \ --network={{ matrix_docker_network }} \ @@ -26,8 +26,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_dynamic_dns_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-dynamic-dns 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dynamic-dns 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-dynamic-dns 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dynamic-dns 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-dynamic-dns diff --git a/roles/custom/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 b/roles/custom/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 index b2bb5862..270a0c53 100644 --- a/roles/custom/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 +++ b/roles/custom/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 @@ -8,8 +8,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-email2matrix 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-email2matrix 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-email2matrix 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-email2matrix 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-email2matrix \ --log-driver=none \ @@ -24,8 +24,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_email2matrix_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-email2matrix 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-email2matrix 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-email2matrix 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-email2matrix 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-email2matrix diff --git a/roles/custom/matrix-grafana/templates/systemd/matrix-grafana.service.j2 b/roles/custom/matrix-grafana/templates/systemd/matrix-grafana.service.j2 index fe2219e7..fd48b01e 100644 --- a/roles/custom/matrix-grafana/templates/systemd/matrix-grafana.service.j2 +++ b/roles/custom/matrix-grafana/templates/systemd/matrix-grafana.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-grafana 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-grafana 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-grafana 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-grafana 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-grafana \ @@ -33,8 +33,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_grafana_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-grafana 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-grafana 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-grafana 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-grafana 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-grafana diff --git a/roles/custom/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 b/roles/custom/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 index 34749a8b..1cf08234 100644 --- a/roles/custom/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 +++ b/roles/custom/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 @@ -10,8 +10,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-jicofo 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-jicofo 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-jicofo 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-jicofo 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-jitsi-jicofo \ --log-driver=none \ @@ -23,8 +23,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_jitsi_jicofo_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-jicofo 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-jicofo 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-jicofo 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-jicofo 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-jitsi-jicofo diff --git a/roles/custom/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 b/roles/custom/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 index 5d9fc889..922d201a 100644 --- a/roles/custom/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 +++ b/roles/custom/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 @@ -10,8 +10,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-jvb 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-jvb 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-jvb 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-jvb 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-jitsi-jvb \ --log-driver=none \ @@ -33,8 +33,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_jitsi_jvb_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-jvb 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-jvb 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-jvb 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-jvb 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-jitsi-jvb diff --git a/roles/custom/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 b/roles/custom/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 index 851b3f10..0b2592ae 100644 --- a/roles/custom/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 +++ b/roles/custom/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 @@ -10,8 +10,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-prosody 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-prosody 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-prosody 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-prosody 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-jitsi-prosody \ --log-driver=none \ @@ -28,8 +28,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_jitsi_prosody_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-prosody 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-prosody 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-prosody 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-prosody 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-jitsi-prosody diff --git a/roles/custom/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 b/roles/custom/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 index 8e859d12..fcb5f221 100644 --- a/roles/custom/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 +++ b/roles/custom/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 @@ -10,8 +10,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-web 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-web 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-web 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-web 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-jitsi-web \ --log-driver=none \ @@ -29,8 +29,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_jitsi_web_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-web 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-web 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-web 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-web 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-jitsi-web diff --git a/roles/custom/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 b/roles/custom/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 index 2520b04a..641e321e 100644 --- a/roles/custom/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 +++ b/roles/custom/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ldap-registration-proxy 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ldap-registration-proxy 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ldap-registration-proxy 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ldap-registration-proxy 2>/dev/null || true' # matrix_ldap_registration_proxy writes an SQLite shared library (libsqlitejdbc.so) to /tmp and executes it from there, # so /tmp needs to be mounted with an exec option. @@ -33,8 +33,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_ldap_registration_proxy_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ldap-registration-proxy 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ldap-registration-proxy 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ldap-registration-proxy 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ldap-registration-proxy 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-ldap-registration-proxy diff --git a/roles/custom/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 b/roles/custom/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 index fcb3b5aa..9dbddbbf 100644 --- a/roles/custom/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 +++ b/roles/custom/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ma1sd 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ma1sd 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ma1sd 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ma1sd 2>/dev/null || true' # ma1sd writes an SQLite shared library (libsqlitejdbc.so) to /tmp and executes it from there, # so /tmp needs to be mounted with an exec option. @@ -38,8 +38,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_ma1sd_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ma1sd 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ma1sd 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ma1sd 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ma1sd 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-ma1sd diff --git a/roles/custom/matrix-mailer/templates/systemd/matrix-mailer.service.j2 b/roles/custom/matrix-mailer/templates/systemd/matrix-mailer.service.j2 index a501bdd4..469d0817 100644 --- a/roles/custom/matrix-mailer/templates/systemd/matrix-mailer.service.j2 +++ b/roles/custom/matrix-mailer/templates/systemd/matrix-mailer.service.j2 @@ -8,8 +8,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mailer 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mailer 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mailer 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mailer 2>/dev/null || true' # --hostname gives us a friendlier hostname than the default. # The real hostname is passed via a `HOSTNAME` environment variable though. @@ -27,8 +27,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_mailer_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mailer 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mailer 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mailer 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mailer 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mailer diff --git a/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 b/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 index 76d08040..ee32be38 100755 --- a/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 +++ b/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-nginx-proxy 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-nginx-proxy 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-nginx-proxy 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-nginx-proxy 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-nginx-proxy \ --log-driver=none \ @@ -51,11 +51,11 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_nginx_proxy_docker_image }} {% for network in matrix_nginx_proxy_container_additional_networks %} -ExecStartPost={{ matrix_host_command_sh }} -c 'attempt=0; while [ $attempt -le 29 ]; do attempt=$(( $attempt + 1 )); if [ "`docker inspect -f {{ '{{.State.Running}}' }} matrix-nginx-proxy 2> /dev/null`" = "true" ]; then break; fi; sleep 1; done; {{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-nginx-proxy' +ExecStartPost={{ devture_systemd_docker_base_host_command_sh }} -c 'attempt=0; while [ $attempt -le 29 ]; do attempt=$(( $attempt + 1 )); if [ "`docker inspect -f {{ '{{.State.Running}}' }} matrix-nginx-proxy 2> /dev/null`" = "true" ]; then break; fi; sleep 1; done; {{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-nginx-proxy' {% endfor %} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-nginx-proxy 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-nginx-proxy 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-nginx-proxy 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-nginx-proxy 2>/dev/null || true' ExecReload={{ devture_systemd_docker_base_host_command_docker }} exec matrix-nginx-proxy /usr/sbin/nginx -s reload Restart=always RestartSec=30 diff --git a/roles/custom/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 b/roles/custom/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 index d817cb1a..a10cb584 100644 --- a/roles/custom/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 +++ b/roles/custom/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 @@ -8,8 +8,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ntfy 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ntfy 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ntfy 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ntfy 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-ntfy \ --log-driver=none \ @@ -28,8 +28,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_ntfy_docker_image }} \ serve -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ntfy 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ntfy 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ntfy 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ntfy 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-ntfy diff --git a/roles/custom/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2 b/roles/custom/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2 index e5c06b83..618eb548 100644 --- a/roles/custom/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2 +++ b/roles/custom/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2 @@ -9,7 +9,7 @@ DefaultDependencies=no Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ devture_systemd_docker_base_host_command_docker }} stop matrix-postgres-backup -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-postgres-backup 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-postgres-backup 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-postgres-backup \ --log-driver=none \ @@ -22,7 +22,7 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_postgres_backup_docker_image_to_use }} ExecStop=-{{ devture_systemd_docker_base_host_command_docker }} stop matrix-postgres-backup -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-postgres-backup 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-postgres-backup 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-postgres-backup diff --git a/roles/custom/matrix-postgres/templates/systemd/matrix-postgres.service.j2 b/roles/custom/matrix-postgres/templates/systemd/matrix-postgres.service.j2 index ebf4bfc2..e63267a3 100644 --- a/roles/custom/matrix-postgres/templates/systemd/matrix-postgres.service.j2 +++ b/roles/custom/matrix-postgres/templates/systemd/matrix-postgres.service.j2 @@ -8,8 +8,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-postgres 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-postgres 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-postgres 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-postgres 2>/dev/null || true' # We need /dev/shm to be larger than the default to allow VACUUM to work. # See: @@ -36,8 +36,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_postgres_docker_image_to_use }} \ postgres {{ matrix_postgres_process_extra_arguments|join(' ') }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-postgres 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-postgres 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-postgres 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-postgres 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-postgres diff --git a/roles/custom/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 b/roles/custom/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 index 41655f7e..82aca453 100644 --- a/roles/custom/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 +++ b/roles/custom/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-prometheus-node-exporter 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-prometheus-node-exporter 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-prometheus-node-exporter 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-prometheus-node-exporter 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-prometheus-node-exporter \ @@ -34,8 +34,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_prometheus_node_exporter_docker_image }} \ --path.rootfs=/host {{ matrix_prometheus_node_exporter_process_extra_arguments|join(' ') }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-prometheus-node-exporter 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-prometheus-node-exporter 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-prometheus-node-exporter 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-prometheus-node-exporter 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-prometheus-node-exporter diff --git a/roles/custom/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2 b/roles/custom/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2 index 4462c5ed..5c3fbac6 100644 --- a/roles/custom/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2 +++ b/roles/custom/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-prometheus-postgres-exporter 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-prometheus-postgres-exporter 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-prometheus-postgres-exporter 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-prometheus-postgres-exporter 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-prometheus-postgres-exporter \ @@ -32,8 +32,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name --pid=host \ {{ matrix_prometheus_postgres_exporter_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-prometheus-postgres-exporter 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-prometheus-postgres-exporter 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-prometheus-postgres-exporter 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-prometheus-postgres-exporter 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-prometheus-postgres-exporter diff --git a/roles/custom/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 b/roles/custom/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 index 210c193f..58455734 100644 --- a/roles/custom/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 +++ b/roles/custom/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-prometheus 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-prometheus 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-prometheus 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-prometheus 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-prometheus \ @@ -33,8 +33,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_prometheus_docker_image }} {{ matrix_prometheus_process_arguments|join(' ') }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-prometheus 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-prometheus 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-prometheus 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-prometheus 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-prometheus diff --git a/roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2 b/roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2 index 8ddd023f..f51d9fb9 100644 --- a/roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2 +++ b/roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-registration 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-registration 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-registration 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-registration 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-registration \ --log-driver=none \ @@ -32,8 +32,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_registration_docker_image }} \ serve -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-registration 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-registration 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-registration 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-registration 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-registration diff --git a/roles/custom/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 b/roles/custom/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 index 06783b04..646314df 100644 --- a/roles/custom/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 +++ b/roles/custom/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-sygnal 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-sygnal 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-sygnal 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-sygnal 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-sygnal \ --log-driver=none \ @@ -32,8 +32,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_sygnal_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-sygnal 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-sygnal 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-sygnal 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-sygnal 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-sygnal diff --git a/roles/custom/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 b/roles/custom/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 index 8338aedb..9bae6e03 100644 --- a/roles/custom/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 +++ b/roles/custom/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-synapse-admin 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-synapse-admin 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-synapse-admin 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-synapse-admin 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-synapse-admin \ --log-driver=none \ @@ -32,8 +32,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_synapse_admin_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-synapse-admin 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-synapse-admin 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-synapse-admin 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-synapse-admin 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-synapse-admin diff --git a/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 b/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 index 00a98929..3d50ac9b 100644 --- a/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 @@ -8,8 +8,8 @@ After=matrix-synapse.service Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' # Intentional delay, so that the homeserver can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -46,8 +46,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name run -m synapse.app.{{ matrix_synapse_worker_details.app }} -c /data/homeserver.yaml -c /data/{{ matrix_synapse_worker_config_file_name }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' ExecReload={{ devture_systemd_docker_base_host_command_docker }} exec {{ matrix_synapse_worker_container_name }} /bin/sh -c 'kill -HUP 1' Restart=always diff --git a/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 b/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 index c8b80f14..7f6c2336 100644 --- a/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 @@ -21,8 +21,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-synapse 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-synapse 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-synapse 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-synapse 2>/dev/null || true' {% if matrix_s3_media_store_enabled %} # Allow for some time before starting, so that media store can mount. # Mounting can happen later too, but if we start writing, @@ -63,8 +63,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_synapse_docker_image_final }} \ run -m synapse.app.homeserver -c /data/homeserver.yaml -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-synapse 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-synapse 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-synapse 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-synapse 2>/dev/null || true' ExecReload={{ devture_systemd_docker_base_host_command_docker }} exec matrix-synapse /bin/sh -c 'kill -HUP 1' Restart=always RestartSec=30 diff --git a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml index ef71a4e0..2dda794b 100644 --- a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml +++ b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml @@ -15,3 +15,4 @@ - {'old': 'matrix_systemd_unit_home_path', 'new': 'devture_systemd_docker_base_systemd_unit_home_path'} - {'old': 'matrix_systemd_path', 'new': 'devture_systemd_docker_base_systemd_path'} - {'old': 'matrix_host_command_docker', 'new': 'devture_systemd_docker_base_host_command_docker'} + - {'old': 'matrix_host_command_sh', 'new': 'devture_systemd_docker_base_host_command_sh'} From 4f4c856e43b119c401c1169e649de2a52593aed0 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 4 Nov 2022 16:41:23 +0200 Subject: [PATCH 530/562] matrix_host_command_systemctl -> devture_systemd_docker_base_host_command_systemctl (via com.devture.ansible.role.systemd_docker_base) --- roles/custom/matrix-base/defaults/main.yml | 1 - .../templates/systemd/matrix-coturn-reload.service.j2 | 2 +- .../templates/systemd/matrix-ssl-nginx-proxy-reload.service.j2 | 2 +- .../custom/matrix_playbook_migration/tasks/validate_config.yml | 3 +++ 4 files changed, 5 insertions(+), 3 deletions(-) diff --git a/roles/custom/matrix-base/defaults/main.yml b/roles/custom/matrix-base/defaults/main.yml index c66192b1..5a171ad6 100644 --- a/roles/custom/matrix-base/defaults/main.yml +++ b/roles/custom/matrix-base/defaults/main.yml @@ -124,7 +124,6 @@ matrix_host_command_sleep: "/usr/bin/env sleep" matrix_host_command_chown: "/usr/bin/env chown" matrix_host_command_fusermount: "/usr/bin/env fusermount" matrix_host_command_openssl: "/usr/bin/env openssl" -matrix_host_command_systemctl: "/usr/bin/env systemctl" matrix_homeserver_url: "https://{{ matrix_server_fqn_matrix }}" diff --git a/roles/custom/matrix-coturn/templates/systemd/matrix-coturn-reload.service.j2 b/roles/custom/matrix-coturn/templates/systemd/matrix-coturn-reload.service.j2 index e006e5a0..7d12f6ec 100644 --- a/roles/custom/matrix-coturn/templates/systemd/matrix-coturn-reload.service.j2 +++ b/roles/custom/matrix-coturn/templates/systemd/matrix-coturn-reload.service.j2 @@ -3,4 +3,4 @@ Description=Reloads matrix-coturn so that new SSL certificates can kick in [Service] Type=oneshot -ExecStart={{ matrix_host_command_systemctl }} reload matrix-coturn.service +ExecStart={{ devture_systemd_docker_base_host_command_systemctl }} reload matrix-coturn.service diff --git a/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-ssl-nginx-proxy-reload.service.j2 b/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-ssl-nginx-proxy-reload.service.j2 index 851655ba..025c5e2d 100644 --- a/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-ssl-nginx-proxy-reload.service.j2 +++ b/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-ssl-nginx-proxy-reload.service.j2 @@ -3,4 +3,4 @@ Description=Reloads matrix-nginx-proxy so that new SSL certificates can kick in [Service] Type=oneshot -ExecStart={{ matrix_host_command_systemctl }} reload matrix-nginx-proxy.service +ExecStart={{ devture_systemd_docker_base_host_command_systemctl }} reload matrix-nginx-proxy.service diff --git a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml index 2dda794b..e6235ee4 100644 --- a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml +++ b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml @@ -10,9 +10,12 @@ - {'old': 'matrix_vars_yml_snapshotting_enabled', 'new': 'devture_playbook_state_preserver_vars_preservation_enabled'} - {'old': 'matrix_vars_yml_snapshotting_src', 'new': 'devture_playbook_state_preserver_vars_preservation_src'} - {'old': 'matrix_playbook_commit_hash_preservation_enabled', 'new': 'devture_playbook_state_preserver_commit_hash_preservation_enabled'} + - {'old': 'matrix_ntpd_package', 'new': 'devture_timesync_ntpd_package'} - {'old': 'matrix_ntpd_service', 'new': 'devture_timesync_ntpd_service'} + - {'old': 'matrix_systemd_unit_home_path', 'new': 'devture_systemd_docker_base_systemd_unit_home_path'} - {'old': 'matrix_systemd_path', 'new': 'devture_systemd_docker_base_systemd_path'} - {'old': 'matrix_host_command_docker', 'new': 'devture_systemd_docker_base_host_command_docker'} - {'old': 'matrix_host_command_sh', 'new': 'devture_systemd_docker_base_host_command_sh'} + - {'old': 'matrix_host_command_systemctl', 'new': 'devture_systemd_docker_base_host_command_systemctl'} From d3bd1ca02429138aca0540fa56def042782c40e0 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 4 Nov 2022 16:44:29 +0200 Subject: [PATCH 531/562] matrix_*_retries_{count,delay} -> devture_playbook_help_*_retries_{count,delay} --- roles/custom/matrix-backup-borg/tasks/setup_install.yml | 4 ++-- roles/custom/matrix-base/defaults/main.yml | 8 -------- roles/custom/matrix-bot-buscarron/tasks/setup_install.yml | 4 ++-- roles/custom/matrix-bot-go-neb/tasks/setup_install.yml | 4 ++-- roles/custom/matrix-bot-honoroit/tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- roles/custom/matrix-bot-maubot/tasks/setup_install.yml | 4 ++-- roles/custom/matrix-bot-mjolnir/tasks/setup_install.yml | 4 ++-- .../custom/matrix-bot-postmoogle/tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../matrix-bridge-appservice-irc/tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 8 ++++---- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../matrix-bridge-beeper-linkedin/tasks/setup_install.yml | 4 ++-- .../matrix-bridge-go-skype-bridge/tasks/setup_install.yml | 4 ++-- .../matrix-bridge-heisenbridge/tasks/setup_install.yml | 4 ++-- .../custom/matrix-bridge-hookshot/tasks/setup_install.yml | 4 ++-- .../matrix-bridge-mautrix-discord/tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../matrix-bridge-mautrix-signal/tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../matrix-bridge-mautrix-twitter/tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../matrix-bridge-mx-puppet-slack/tasks/setup_install.yml | 4 ++-- .../matrix-bridge-mx-puppet-steam/tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- roles/custom/matrix-bridge-sms/tasks/setup_install.yml | 4 ++-- .../custom/matrix-cactus-comments/tasks/setup_install.yml | 4 ++-- roles/custom/matrix-client-cinny/tasks/setup_install.yml | 4 ++-- .../custom/matrix-client-element/tasks/setup_install.yml | 4 ++-- .../custom/matrix-client-hydrogen/tasks/setup_install.yml | 4 ++-- .../custom/matrix-conduit/tasks/conduit/setup_install.yml | 4 ++-- roles/custom/matrix-corporal/tasks/setup_corporal.yml | 4 ++-- roles/custom/matrix-coturn/tasks/setup_install.yml | 4 ++-- .../matrix-dendrite/tasks/dendrite/setup_install.yml | 4 ++-- roles/custom/matrix-dimension/tasks/setup_install.yml | 4 ++-- roles/custom/matrix-dynamic-dns/tasks/install.yml | 4 ++-- roles/custom/matrix-email2matrix/tasks/setup_install.yml | 4 ++-- roles/custom/matrix-etherpad/tasks/setup_install.yml | 4 ++-- roles/custom/matrix-grafana/tasks/setup.yml | 8 ++++---- roles/custom/matrix-jitsi/tasks/setup_jitsi_jicofo.yml | 4 ++-- roles/custom/matrix-jitsi/tasks/setup_jitsi_jvb.yml | 4 ++-- roles/custom/matrix-jitsi/tasks/setup_jitsi_prosody.yml | 4 ++-- roles/custom/matrix-jitsi/tasks/setup_jitsi_web.yml | 4 ++-- roles/custom/matrix-ma1sd/tasks/setup_install.yml | 4 ++-- roles/custom/matrix-mailer/tasks/setup_mailer.yml | 4 ++-- .../tasks/nginx-proxy/setup_metrics_auth.yml | 4 ++-- .../custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml | 4 ++-- roles/custom/matrix-ntfy/tasks/setup_install.yml | 4 ++-- .../tasks/setup_postgres_backup.yml | 4 ++-- roles/custom/matrix-postgres/tasks/setup_postgres.yml | 4 ++-- .../matrix-prometheus-node-exporter/tasks/setup.yml | 4 ++-- .../matrix-prometheus-postgres-exporter/tasks/setup.yml | 4 ++-- roles/custom/matrix-prometheus/tasks/setup_install.yml | 8 ++++---- roles/custom/matrix-redis/tasks/setup_redis.yml | 4 ++-- roles/custom/matrix-registration/tasks/setup_install.yml | 4 ++-- roles/custom/matrix-sygnal/tasks/setup_install.yml | 4 ++-- roles/custom/matrix-synapse-admin/tasks/setup.yml | 4 ++-- .../tasks/ext/encryption-disabler/setup_install.yml | 4 ++-- .../matrix-synapse/tasks/ext/rest-auth/setup_install.yml | 4 ++-- .../tasks/ext/shared-secret-auth/setup_install.yml | 4 ++-- .../custom/matrix-synapse/tasks/goofys/setup_install.yml | 4 ++-- .../tasks/rust-synapse-compress-state/main.yml | 4 ++-- .../custom/matrix-synapse/tasks/synapse/setup_install.yml | 4 ++-- .../matrix_playbook_migration/tasks/validate_config.yml | 5 +++++ 73 files changed, 153 insertions(+), 156 deletions(-) diff --git a/roles/custom/matrix-backup-borg/tasks/setup_install.yml b/roles/custom/matrix-backup-borg/tasks/setup_install.yml index b9b44236..d12229e2 100644 --- a/roles/custom/matrix-backup-borg/tasks/setup_install.yml +++ b/roles/custom/matrix-backup-borg/tasks/setup_install.yml @@ -66,8 +66,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_backup_borg_docker_image_force_pull }}" when: "not matrix_backup_borg_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure borg repository is present on self-build diff --git a/roles/custom/matrix-base/defaults/main.yml b/roles/custom/matrix-base/defaults/main.yml index 5a171ad6..f3f45f7b 100644 --- a/roles/custom/matrix-base/defaults/main.yml +++ b/roles/custom/matrix-base/defaults/main.yml @@ -92,14 +92,6 @@ matrix_debian_arch: "{{ 'armhf' if matrix_architecture == 'arm32' else matrix_ar matrix_container_global_registry_prefix: "docker.io/" -# Each docker pull will retry on failed attempt 10 times with delay of 10 seconds between each attempt. -matrix_container_retries_count: 10 -matrix_container_retries_delay: 10 - -# Each get_url will retry on failed attempt 10 times with delay of 10 seconds between each attempt. -matrix_geturl_retries_count: 10 -matrix_geturl_retries_delay: 10 - matrix_user_username: "matrix" matrix_user_groupname: "matrix" diff --git a/roles/custom/matrix-bot-buscarron/tasks/setup_install.yml b/roles/custom/matrix-bot-buscarron/tasks/setup_install.yml index fbb05bb1..156813de 100644 --- a/roles/custom/matrix-bot-buscarron/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-buscarron/tasks/setup_install.yml @@ -57,8 +57,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_buscarron_docker_image_force_pull }}" when: "not matrix_bot_buscarron_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure buscarron repository is present on self-build diff --git a/roles/custom/matrix-bot-go-neb/tasks/setup_install.yml b/roles/custom/matrix-bot-go-neb/tasks/setup_install.yml index c8345ce3..70aec14a 100644 --- a/roles/custom/matrix-bot-go-neb/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-go-neb/tasks/setup_install.yml @@ -23,8 +23,8 @@ force_source: "{{ matrix_bot_go_neb_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_go_neb_docker_image_force_pull }}" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure go-neb config installed diff --git a/roles/custom/matrix-bot-honoroit/tasks/setup_install.yml b/roles/custom/matrix-bot-honoroit/tasks/setup_install.yml index 19705320..05dcd7c7 100644 --- a/roles/custom/matrix-bot-honoroit/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-honoroit/tasks/setup_install.yml @@ -57,8 +57,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_honoroit_docker_image_force_pull }}" when: "not matrix_bot_honoroit_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure honoroit repository is present on self-build diff --git a/roles/custom/matrix-bot-matrix-registration-bot/tasks/setup_install.yml b/roles/custom/matrix-bot-matrix-registration-bot/tasks/setup_install.yml index 505f844a..3838fa07 100644 --- a/roles/custom/matrix-bot-matrix-registration-bot/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-matrix-registration-bot/tasks/setup_install.yml @@ -29,8 +29,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_matrix_registration_bot_docker_image_force_pull }}" when: "not matrix_bot_matrix_registration_bot_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure matrix-registration-bot repository is present on self-build diff --git a/roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml b/roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml index 0592cacf..00e25c36 100644 --- a/roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml @@ -50,8 +50,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_matrix_reminder_bot_docker_image_force_pull }}" when: "not matrix_bot_matrix_reminder_bot_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure matrix-reminder-bot repository is present on self-build diff --git a/roles/custom/matrix-bot-maubot/tasks/setup_install.yml b/roles/custom/matrix-bot-maubot/tasks/setup_install.yml index 0619a47b..22f53b6f 100644 --- a/roles/custom/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-maubot/tasks/setup_install.yml @@ -33,8 +33,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_maubot_docker_image_force_pull }}" when: "not matrix_bot_maubot_container_image_self_build|bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure maubot repository is present on self-build diff --git a/roles/custom/matrix-bot-mjolnir/tasks/setup_install.yml b/roles/custom/matrix-bot-mjolnir/tasks/setup_install.yml index 5e46e223..995e3b2b 100644 --- a/roles/custom/matrix-bot-mjolnir/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-mjolnir/tasks/setup_install.yml @@ -25,8 +25,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_mjolnir_docker_image_force_pull }}" when: "not matrix_bot_mjolnir_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure mjolnir repository is present on self-build diff --git a/roles/custom/matrix-bot-postmoogle/tasks/setup_install.yml b/roles/custom/matrix-bot-postmoogle/tasks/setup_install.yml index e6bfa60f..993cf8e5 100644 --- a/roles/custom/matrix-bot-postmoogle/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-postmoogle/tasks/setup_install.yml @@ -53,8 +53,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_postmoogle_docker_image_force_pull }}" when: "not matrix_bot_postmoogle_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure postmoogle repository is present on self-build diff --git a/roles/custom/matrix-bridge-appservice-discord/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-discord/tasks/setup_install.yml index ac0ad64d..f04e7f69 100644 --- a/roles/custom/matrix-bridge-appservice-discord/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-appservice-discord/tasks/setup_install.yml @@ -35,8 +35,8 @@ force_source: "{{ matrix_appservice_discord_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_discord_docker_image_force_pull }}" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure AppService Discord paths exist diff --git a/roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml index 864a2a50..468dbd7a 100644 --- a/roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml @@ -71,8 +71,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_irc_docker_image_force_pull }}" when: "matrix_appservice_irc_enabled | bool and not matrix_appservice_irc_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure matrix-appservice-irc repository is present when self-building diff --git a/roles/custom/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml index 3d226e32..2f5b6be1 100644 --- a/roles/custom/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml @@ -16,8 +16,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_kakaotalk_docker_image_force_pull }}" when: not matrix_appservice_kakaotalk_container_image_self_build register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure matrix-appservice-kakaotalk-node image is pulled @@ -28,8 +28,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_kakaotalk_node_docker_image_force_pull }}" when: not matrix_appservice_kakaotalk_container_image_self_build register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure matrix-appservice-kakaotalk paths exist diff --git a/roles/custom/matrix-bridge-appservice-slack/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-slack/tasks/setup_install.yml index 66a0afee..2c714085 100644 --- a/roles/custom/matrix-bridge-appservice-slack/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-appservice-slack/tasks/setup_install.yml @@ -39,8 +39,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_slack_docker_image_force_pull }}" when: "not matrix_appservice_slack_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure matrix-appservice-slack repository is present when self-building diff --git a/roles/custom/matrix-bridge-appservice-webhooks/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-webhooks/tasks/setup_install.yml index 9a9bd54f..734b6e60 100644 --- a/roles/custom/matrix-bridge-appservice-webhooks/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-appservice-webhooks/tasks/setup_install.yml @@ -22,8 +22,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_webhooks_docker_image_force_pull }}" when: "not matrix_appservice_webhooks_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - when: "matrix_appservice_webhooks_container_image_self_build | bool" diff --git a/roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_install.yml b/roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_install.yml index 3385ebdd..8784b631 100644 --- a/roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_install.yml @@ -30,8 +30,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_beeper_linkedin_docker_image_force_pull }}" when: "not matrix_beeper_linkedin_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - when: "matrix_beeper_linkedin_container_image_self_build | bool" diff --git a/roles/custom/matrix-bridge-go-skype-bridge/tasks/setup_install.yml b/roles/custom/matrix-bridge-go-skype-bridge/tasks/setup_install.yml index 5f61f468..68718ccf 100644 --- a/roles/custom/matrix-bridge-go-skype-bridge/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-go-skype-bridge/tasks/setup_install.yml @@ -59,8 +59,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_go_skype_bridge_docker_image_force_pull }}" when: not matrix_go_skype_bridge_container_image_self_build register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Go Skype Bridge repository is present on self-build diff --git a/roles/custom/matrix-bridge-heisenbridge/tasks/setup_install.yml b/roles/custom/matrix-bridge-heisenbridge/tasks/setup_install.yml index 8943fab0..9a0cac35 100644 --- a/roles/custom/matrix-bridge-heisenbridge/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-heisenbridge/tasks/setup_install.yml @@ -7,8 +7,8 @@ force_source: "{{ matrix_heisenbridge_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_heisenbridge_docker_image_force_pull }}" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure heisenbridge paths exist diff --git a/roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml b/roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml index 09f2539f..15209d2c 100644 --- a/roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml @@ -22,8 +22,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_hookshot_docker_image_force_pull }}" when: not matrix_hookshot_container_image_self_build register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure hookshot repository is present on self-build diff --git a/roles/custom/matrix-bridge-mautrix-discord/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-discord/tasks/setup_install.yml index ea783df9..06bae8dd 100644 --- a/roles/custom/matrix-bridge-mautrix-discord/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-discord/tasks/setup_install.yml @@ -59,8 +59,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_discord_docker_image_force_pull }}" when: not matrix_mautrix_discord_container_image_self_build register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Mautrix discord repository is present on self-build diff --git a/roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_install.yml index 929cd92a..50a02427 100644 --- a/roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_install.yml @@ -44,8 +44,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_facebook_docker_image_force_pull }}" when: not matrix_mautrix_facebook_container_image_self_build register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Mautrix Facebook paths exist diff --git a/roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml index 13b380e2..daadcba2 100644 --- a/roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml @@ -44,8 +44,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_googlechat_docker_image_force_pull }}" when: not matrix_mautrix_googlechat_container_image_self_build register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Mautrix googlechat paths exist diff --git a/roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml index f7b03779..a846a7b0 100644 --- a/roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml @@ -44,8 +44,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_hangouts_docker_image_force_pull }}" when: not matrix_mautrix_hangouts_container_image_self_build register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Mautrix Hangouts paths exist diff --git a/roles/custom/matrix-bridge-mautrix-instagram/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-instagram/tasks/setup_install.yml index b4c2bd83..19a2ff9a 100644 --- a/roles/custom/matrix-bridge-mautrix-instagram/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-instagram/tasks/setup_install.yml @@ -15,8 +15,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_instagram_docker_image_force_pull }}" when: not matrix_mautrix_instagram_container_image_self_build register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Mautrix instagram paths exist diff --git a/roles/custom/matrix-bridge-mautrix-signal/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-signal/tasks/setup_install.yml index 4f4aed49..f5a162a3 100644 --- a/roles/custom/matrix-bridge-mautrix-signal/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-signal/tasks/setup_install.yml @@ -16,8 +16,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_signal_docker_image_force_pull }}" when: "not matrix_mautrix_signal_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed diff --git a/roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_install.yml index dfb0ec1e..ba9c450f 100644 --- a/roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_install.yml @@ -58,8 +58,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_telegram_docker_image_force_pull }}" when: "not matrix_mautrix_telegram_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure lottieconverter is present when self-building diff --git a/roles/custom/matrix-bridge-mautrix-twitter/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-twitter/tasks/setup_install.yml index 94c9e8e0..c3ab2d4e 100644 --- a/roles/custom/matrix-bridge-mautrix-twitter/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-twitter/tasks/setup_install.yml @@ -19,8 +19,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_twitter_docker_image_force_pull }}" when: matrix_mautrix_twitter_enabled | bool and not matrix_mautrix_twitter_container_image_self_build register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Mautrix Twitter paths exist diff --git a/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml index adf316f1..6b376946 100644 --- a/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml @@ -59,8 +59,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_whatsapp_docker_image_force_pull }}" when: not matrix_mautrix_whatsapp_container_image_self_build register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Mautrix Whatsapp repository is present on self-build diff --git a/roles/custom/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml b/roles/custom/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml index d9b330bb..3b119745 100644 --- a/roles/custom/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml @@ -78,8 +78,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_discord_docker_image_force_pull }}" when: matrix_mx_puppet_discord_enabled | bool and not matrix_mx_puppet_discord_container_image_self_build register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure MX Puppet Discord repository is present on self build diff --git a/roles/custom/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml b/roles/custom/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml index cee7f41e..400de9c5 100644 --- a/roles/custom/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml @@ -76,8 +76,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_groupme_docker_image_force_pull }}" when: matrix_mx_puppet_groupme_enabled | bool and not matrix_mx_puppet_groupme_container_image_self_build register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure MX Puppet Groupme repository is present on self build diff --git a/roles/custom/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml b/roles/custom/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml index 9f0468c1..c98535e3 100644 --- a/roles/custom/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml @@ -45,8 +45,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_instagram_docker_image_force_pull }}" when: matrix_mx_puppet_instagram_enabled | bool and not matrix_mx_puppet_instagram_container_image_self_build register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure mx-puppet-instagram paths exist diff --git a/roles/custom/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml b/roles/custom/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml index 78ac6f08..e5d83763 100644 --- a/roles/custom/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml @@ -72,8 +72,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_slack_docker_image_force_pull }}" when: matrix_mx_puppet_slack_enabled | bool and not matrix_mx_puppet_slack_container_image_self_build register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure MX Puppet Slack repository is present on self build diff --git a/roles/custom/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml b/roles/custom/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml index 0cccd7fe..98854469 100644 --- a/roles/custom/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml @@ -76,8 +76,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_steam_docker_image_force_pull }}" when: matrix_mx_puppet_steam_enabled | bool and not matrix_mx_puppet_steam_container_image_self_build register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure MX Puppet Steam repository is present on self build diff --git a/roles/custom/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml b/roles/custom/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml index 167a62bb..d5ebec74 100644 --- a/roles/custom/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml @@ -76,8 +76,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_twitter_docker_image_force_pull }}" when: matrix_mx_puppet_twitter_enabled | bool and not matrix_mx_puppet_twitter_container_image_self_build register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure MX Puppet Twitter repository is present on self build diff --git a/roles/custom/matrix-bridge-sms/tasks/setup_install.yml b/roles/custom/matrix-bridge-sms/tasks/setup_install.yml index 1da01b09..2050797a 100644 --- a/roles/custom/matrix-bridge-sms/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-sms/tasks/setup_install.yml @@ -5,8 +5,8 @@ name: "{{ matrix_sms_bridge_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure matrix-sms-bridge paths exist diff --git a/roles/custom/matrix-cactus-comments/tasks/setup_install.yml b/roles/custom/matrix-cactus-comments/tasks/setup_install.yml index b3ccb1c6..8de14d19 100644 --- a/roles/custom/matrix-cactus-comments/tasks/setup_install.yml +++ b/roles/custom/matrix-cactus-comments/tasks/setup_install.yml @@ -38,8 +38,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_cactus_comments_docker_image_force_pull }}" when: "not matrix_cactus_comments_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure cactus comments repository is present on self-build diff --git a/roles/custom/matrix-client-cinny/tasks/setup_install.yml b/roles/custom/matrix-client-cinny/tasks/setup_install.yml index a6a7fb25..09b117be 100644 --- a/roles/custom/matrix-client-cinny/tasks/setup_install.yml +++ b/roles/custom/matrix-client-cinny/tasks/setup_install.yml @@ -19,8 +19,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_client_cinny_docker_image_force_pull }}" when: "not matrix_client_cinny_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Cinny repository is present on self-build diff --git a/roles/custom/matrix-client-element/tasks/setup_install.yml b/roles/custom/matrix-client-element/tasks/setup_install.yml index 553b144d..0edb0b50 100644 --- a/roles/custom/matrix-client-element/tasks/setup_install.yml +++ b/roles/custom/matrix-client-element/tasks/setup_install.yml @@ -20,8 +20,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_client_element_docker_image_force_pull }}" when: "not matrix_client_element_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Element repository is present on self-build diff --git a/roles/custom/matrix-client-hydrogen/tasks/setup_install.yml b/roles/custom/matrix-client-hydrogen/tasks/setup_install.yml index 9509a44b..6905081a 100644 --- a/roles/custom/matrix-client-hydrogen/tasks/setup_install.yml +++ b/roles/custom/matrix-client-hydrogen/tasks/setup_install.yml @@ -20,8 +20,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_client_hydrogen_docker_image_force_pull }}" when: "not matrix_client_hydrogen_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Hydrogen repository is present on self-build diff --git a/roles/custom/matrix-conduit/tasks/conduit/setup_install.yml b/roles/custom/matrix-conduit/tasks/conduit/setup_install.yml index a5177bec..ebc5447b 100644 --- a/roles/custom/matrix-conduit/tasks/conduit/setup_install.yml +++ b/roles/custom/matrix-conduit/tasks/conduit/setup_install.yml @@ -6,8 +6,8 @@ force_source: "{{ matrix_conduit_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_conduit_docker_image_force_pull }}" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Conduit config path exists diff --git a/roles/custom/matrix-corporal/tasks/setup_corporal.yml b/roles/custom/matrix-corporal/tasks/setup_corporal.yml index 6e9f290c..3f6ac86c 100644 --- a/roles/custom/matrix-corporal/tasks/setup_corporal.yml +++ b/roles/custom/matrix-corporal/tasks/setup_corporal.yml @@ -48,8 +48,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_corporal_docker_image_force_pull }}" when: "matrix_corporal_enabled | bool and not matrix_corporal_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Matrix Corporal config installed diff --git a/roles/custom/matrix-coturn/tasks/setup_install.yml b/roles/custom/matrix-coturn/tasks/setup_install.yml index 02e0a26b..31b5446c 100644 --- a/roles/custom/matrix-coturn/tasks/setup_install.yml +++ b/roles/custom/matrix-coturn/tasks/setup_install.yml @@ -25,8 +25,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_coturn_docker_image_force_pull }}" when: "not matrix_coturn_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - when: "matrix_coturn_container_image_self_build | bool" diff --git a/roles/custom/matrix-dendrite/tasks/dendrite/setup_install.yml b/roles/custom/matrix-dendrite/tasks/dendrite/setup_install.yml index f75b0e10..aec7f77b 100644 --- a/roles/custom/matrix-dendrite/tasks/dendrite/setup_install.yml +++ b/roles/custom/matrix-dendrite/tasks/dendrite/setup_install.yml @@ -24,8 +24,8 @@ force_source: "{{ matrix_dendrite_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_dendrite_docker_image_force_pull }}" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Check if a Dendrite signing key exists diff --git a/roles/custom/matrix-dimension/tasks/setup_install.yml b/roles/custom/matrix-dimension/tasks/setup_install.yml index 52507ebb..2aeb1e2a 100644 --- a/roles/custom/matrix-dimension/tasks/setup_install.yml +++ b/roles/custom/matrix-dimension/tasks/setup_install.yml @@ -94,8 +94,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_dimension_docker_image_force_pull }}" when: "not matrix_dimension_container_image_self_build | bool" register: matrix_dimension_pull_results - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: matrix_dimension_pull_results is not failed - name: Ensure dimension repository is present on self-build diff --git a/roles/custom/matrix-dynamic-dns/tasks/install.yml b/roles/custom/matrix-dynamic-dns/tasks/install.yml index 4be6d9f0..2367e9cb 100644 --- a/roles/custom/matrix-dynamic-dns/tasks/install.yml +++ b/roles/custom/matrix-dynamic-dns/tasks/install.yml @@ -8,8 +8,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_dynamic_dns_docker_image_force_pull }}" when: matrix_dynamic_dns_enabled | bool and not matrix_dynamic_dns_container_image_self_build register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Dynamic DNS paths exist diff --git a/roles/custom/matrix-email2matrix/tasks/setup_install.yml b/roles/custom/matrix-email2matrix/tasks/setup_install.yml index 39fcfdb8..74050633 100644 --- a/roles/custom/matrix-email2matrix/tasks/setup_install.yml +++ b/roles/custom/matrix-email2matrix/tasks/setup_install.yml @@ -29,8 +29,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_email2matrix_docker_image_force_pull }}" when: "not matrix_email2matrix_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Email2Matrix repository is present on self-build diff --git a/roles/custom/matrix-etherpad/tasks/setup_install.yml b/roles/custom/matrix-etherpad/tasks/setup_install.yml index 2dfb39c5..bb5e0e53 100644 --- a/roles/custom/matrix-etherpad/tasks/setup_install.yml +++ b/roles/custom/matrix-etherpad/tasks/setup_install.yml @@ -23,8 +23,8 @@ force_source: "{{ matrix_etherpad_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_etherpad_docker_image_force_pull }}" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure matrix-etherpad.service installed diff --git a/roles/custom/matrix-grafana/tasks/setup.yml b/roles/custom/matrix-grafana/tasks/setup.yml index b86316b9..eabd25e5 100644 --- a/roles/custom/matrix-grafana/tasks/setup.yml +++ b/roles/custom/matrix-grafana/tasks/setup.yml @@ -12,8 +12,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_grafana_docker_image_force_pull }}" when: "matrix_grafana_enabled | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure grafana paths exists @@ -71,8 +71,8 @@ with_items: "{{ matrix_grafana_dashboard_download_urls }}" when: matrix_grafana_enabled | bool register: result - retries: "{{ matrix_geturl_retries_count }}" - delay: "{{ matrix_geturl_retries_delay }}" + retries: "{{ devture_playbook_help_geturl_retries_count }}" + delay: "{{ devture_playbook_help_geturl_retries_delay }}" until: result is not failed - name: Ensure matrix-grafana.service installed diff --git a/roles/custom/matrix-jitsi/tasks/setup_jitsi_jicofo.yml b/roles/custom/matrix-jitsi/tasks/setup_jitsi_jicofo.yml index 897decee..d9395308 100644 --- a/roles/custom/matrix-jitsi/tasks/setup_jitsi_jicofo.yml +++ b/roles/custom/matrix-jitsi/tasks/setup_jitsi_jicofo.yml @@ -24,8 +24,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_jitsi_jicofo_docker_image_force_pull }}" when: matrix_jitsi_enabled | bool register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure jitsi-jicofo environment variables file created diff --git a/roles/custom/matrix-jitsi/tasks/setup_jitsi_jvb.yml b/roles/custom/matrix-jitsi/tasks/setup_jitsi_jvb.yml index 38a7571d..966572af 100644 --- a/roles/custom/matrix-jitsi/tasks/setup_jitsi_jvb.yml +++ b/roles/custom/matrix-jitsi/tasks/setup_jitsi_jvb.yml @@ -24,8 +24,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_jitsi_jvb_docker_image_force_pull }}" when: matrix_jitsi_enabled | bool register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure jitsi-jvb configuration files created diff --git a/roles/custom/matrix-jitsi/tasks/setup_jitsi_prosody.yml b/roles/custom/matrix-jitsi/tasks/setup_jitsi_prosody.yml index 9f76e1e6..1a1656b2 100644 --- a/roles/custom/matrix-jitsi/tasks/setup_jitsi_prosody.yml +++ b/roles/custom/matrix-jitsi/tasks/setup_jitsi_prosody.yml @@ -25,8 +25,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_jitsi_prosody_docker_image_force_pull }}" when: matrix_jitsi_enabled | bool register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure jitsi-prosody environment variables file is created diff --git a/roles/custom/matrix-jitsi/tasks/setup_jitsi_web.yml b/roles/custom/matrix-jitsi/tasks/setup_jitsi_web.yml index ae6fa08e..b6d3241b 100644 --- a/roles/custom/matrix-jitsi/tasks/setup_jitsi_web.yml +++ b/roles/custom/matrix-jitsi/tasks/setup_jitsi_web.yml @@ -26,8 +26,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_jitsi_web_docker_image_force_pull }}" when: matrix_jitsi_enabled | bool register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure jitsi-web environment variables file created diff --git a/roles/custom/matrix-ma1sd/tasks/setup_install.yml b/roles/custom/matrix-ma1sd/tasks/setup_install.yml index 51e34dac..70f7937a 100644 --- a/roles/custom/matrix-ma1sd/tasks/setup_install.yml +++ b/roles/custom/matrix-ma1sd/tasks/setup_install.yml @@ -55,8 +55,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_ma1sd_docker_image_force_pull }}" when: "not matrix_ma1sd_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - when: "matrix_ma1sd_container_image_self_build | bool" diff --git a/roles/custom/matrix-mailer/tasks/setup_mailer.yml b/roles/custom/matrix-mailer/tasks/setup_mailer.yml index fbc16a93..5d81565a 100644 --- a/roles/custom/matrix-mailer/tasks/setup_mailer.yml +++ b/roles/custom/matrix-mailer/tasks/setup_mailer.yml @@ -54,8 +54,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mailer_docker_image_force_pull }}" when: "matrix_mailer_enabled | bool and not matrix_mailer_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure matrix-mailer.service installed diff --git a/roles/custom/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml b/roles/custom/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml index dfb952a8..a72d26f6 100644 --- a/roles/custom/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml +++ b/roles/custom/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml @@ -24,8 +24,8 @@ force_source: "{{ matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_apache_container_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_apache_container_force_pull }}" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed # We store the password in a file and make the `htpasswd` tool read it from there, diff --git a/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml b/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml index 04cd8610..5fedd662 100644 --- a/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml +++ b/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml @@ -200,8 +200,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_nginx_proxy_docker_image_force_pull }}" when: matrix_nginx_proxy_enabled | bool register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure matrix-nginx-proxy.service installed diff --git a/roles/custom/matrix-ntfy/tasks/setup_install.yml b/roles/custom/matrix-ntfy/tasks/setup_install.yml index d6b4513f..5ad8e507 100644 --- a/roles/custom/matrix-ntfy/tasks/setup_install.yml +++ b/roles/custom/matrix-ntfy/tasks/setup_install.yml @@ -7,8 +7,8 @@ force_source: "{{ matrix_ntfy_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_ntfy_docker_image_force_pull }}" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure matrix-ntfy paths exists diff --git a/roles/custom/matrix-postgres-backup/tasks/setup_postgres_backup.yml b/roles/custom/matrix-postgres-backup/tasks/setup_postgres_backup.yml index 8d59462d..6066ee49 100644 --- a/roles/custom/matrix-postgres-backup/tasks/setup_postgres_backup.yml +++ b/roles/custom/matrix-postgres-backup/tasks/setup_postgres_backup.yml @@ -24,8 +24,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_postgres_backup_docker_image_force_pull }}" when: matrix_postgres_backup_enabled | bool register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Postgres backup paths exist diff --git a/roles/custom/matrix-postgres/tasks/setup_postgres.yml b/roles/custom/matrix-postgres/tasks/setup_postgres.yml index 1435d361..bba0d798 100644 --- a/roles/custom/matrix-postgres/tasks/setup_postgres.yml +++ b/roles/custom/matrix-postgres/tasks/setup_postgres.yml @@ -44,8 +44,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_postgres_docker_image_force_pull }}" when: matrix_postgres_enabled | bool register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Postgres paths exist diff --git a/roles/custom/matrix-prometheus-node-exporter/tasks/setup.yml b/roles/custom/matrix-prometheus-node-exporter/tasks/setup.yml index 5820e3de..0b0c5704 100644 --- a/roles/custom/matrix-prometheus-node-exporter/tasks/setup.yml +++ b/roles/custom/matrix-prometheus-node-exporter/tasks/setup.yml @@ -12,8 +12,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_prometheus_node_exporter_docker_image_force_pull }}" when: "matrix_prometheus_node_exporter_enabled | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure matrix-prometheus-node-exporter.service installed diff --git a/roles/custom/matrix-prometheus-postgres-exporter/tasks/setup.yml b/roles/custom/matrix-prometheus-postgres-exporter/tasks/setup.yml index c322aa4e..1ab15799 100644 --- a/roles/custom/matrix-prometheus-postgres-exporter/tasks/setup.yml +++ b/roles/custom/matrix-prometheus-postgres-exporter/tasks/setup.yml @@ -12,8 +12,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_prometheus_postgres_exporter_docker_image_force_pull }}" when: "matrix_prometheus_postgres_exporter_enabled | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure matrix-prometheus-postgres-exporter.service installed diff --git a/roles/custom/matrix-prometheus/tasks/setup_install.yml b/roles/custom/matrix-prometheus/tasks/setup_install.yml index 728bbdde..8c18ce66 100644 --- a/roles/custom/matrix-prometheus/tasks/setup_install.yml +++ b/roles/custom/matrix-prometheus/tasks/setup_install.yml @@ -7,8 +7,8 @@ force_source: "{{ matrix_prometheus_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_prometheus_docker_image_force_pull }}" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Prometheus paths exists @@ -33,8 +33,8 @@ group: "{{ matrix_user_groupname }}" when: "matrix_prometheus_scraper_synapse_rules_enabled | bool" register: result - retries: "{{ matrix_geturl_retries_count }}" - delay: "{{ matrix_geturl_retries_delay }}" + retries: "{{ devture_playbook_help_geturl_retries_count }}" + delay: "{{ devture_playbook_help_geturl_retries_delay }}" until: result is not failed - name: Ensure prometheus.yml installed diff --git a/roles/custom/matrix-redis/tasks/setup_redis.yml b/roles/custom/matrix-redis/tasks/setup_redis.yml index a09044f4..b1b4c0b5 100644 --- a/roles/custom/matrix-redis/tasks/setup_redis.yml +++ b/roles/custom/matrix-redis/tasks/setup_redis.yml @@ -12,8 +12,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_redis_docker_image_force_pull }}" when: matrix_redis_enabled | bool register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure redis paths exist diff --git a/roles/custom/matrix-registration/tasks/setup_install.yml b/roles/custom/matrix-registration/tasks/setup_install.yml index 4d82a2e4..04b2db3e 100644 --- a/roles/custom/matrix-registration/tasks/setup_install.yml +++ b/roles/custom/matrix-registration/tasks/setup_install.yml @@ -55,8 +55,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_registration_docker_image_force_pull }}" when: "not matrix_registration_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure matrix-registration repository is present when self-building diff --git a/roles/custom/matrix-sygnal/tasks/setup_install.yml b/roles/custom/matrix-sygnal/tasks/setup_install.yml index 64bca58e..27424314 100644 --- a/roles/custom/matrix-sygnal/tasks/setup_install.yml +++ b/roles/custom/matrix-sygnal/tasks/setup_install.yml @@ -7,8 +7,8 @@ force_source: "{{ matrix_sygnal_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_sygnal_docker_image_force_pull }}" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Sygnal paths exists diff --git a/roles/custom/matrix-synapse-admin/tasks/setup.yml b/roles/custom/matrix-synapse-admin/tasks/setup.yml index 2dc2769b..56cee498 100644 --- a/roles/custom/matrix-synapse-admin/tasks/setup.yml +++ b/roles/custom/matrix-synapse-admin/tasks/setup.yml @@ -12,8 +12,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_synapse_admin_docker_image_force_pull }}" when: "matrix_synapse_admin_enabled | bool and not matrix_synapse_admin_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure matrix-synapse-admin repository is present when self-building diff --git a/roles/custom/matrix-synapse/tasks/ext/encryption-disabler/setup_install.yml b/roles/custom/matrix-synapse/tasks/ext/encryption-disabler/setup_install.yml index 00cc1650..6ba5946d 100644 --- a/roles/custom/matrix-synapse/tasks/ext/encryption-disabler/setup_install.yml +++ b/roles/custom/matrix-synapse/tasks/ext/encryption-disabler/setup_install.yml @@ -9,8 +9,8 @@ owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" register: result - retries: "{{ matrix_geturl_retries_count }}" - delay: "{{ matrix_geturl_retries_delay }}" + retries: "{{ devture_playbook_help_geturl_retries_count }}" + delay: "{{ devture_playbook_help_geturl_retries_delay }}" until: result is not failed - ansible.builtin.set_fact: diff --git a/roles/custom/matrix-synapse/tasks/ext/rest-auth/setup_install.yml b/roles/custom/matrix-synapse/tasks/ext/rest-auth/setup_install.yml index 489f1140..3c4d8cb5 100644 --- a/roles/custom/matrix-synapse/tasks/ext/rest-auth/setup_install.yml +++ b/roles/custom/matrix-synapse/tasks/ext/rest-auth/setup_install.yml @@ -14,8 +14,8 @@ owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" register: result - retries: "{{ matrix_geturl_retries_count }}" - delay: "{{ matrix_geturl_retries_delay }}" + retries: "{{ devture_playbook_help_geturl_retries_count }}" + delay: "{{ devture_playbook_help_geturl_retries_delay }}" until: result is not failed - ansible.builtin.set_fact: diff --git a/roles/custom/matrix-synapse/tasks/ext/shared-secret-auth/setup_install.yml b/roles/custom/matrix-synapse/tasks/ext/shared-secret-auth/setup_install.yml index 055d671a..6dead736 100644 --- a/roles/custom/matrix-synapse/tasks/ext/shared-secret-auth/setup_install.yml +++ b/roles/custom/matrix-synapse/tasks/ext/shared-secret-auth/setup_install.yml @@ -19,8 +19,8 @@ owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" register: result - retries: "{{ matrix_geturl_retries_count }}" - delay: "{{ matrix_geturl_retries_delay }}" + retries: "{{ devture_playbook_help_geturl_retries_count }}" + delay: "{{ devture_playbook_help_geturl_retries_delay }}" until: result is not failed - ansible.builtin.set_fact: diff --git a/roles/custom/matrix-synapse/tasks/goofys/setup_install.yml b/roles/custom/matrix-synapse/tasks/goofys/setup_install.yml index 6821813e..7eb7e46c 100644 --- a/roles/custom/matrix-synapse/tasks/goofys/setup_install.yml +++ b/roles/custom/matrix-synapse/tasks/goofys/setup_install.yml @@ -9,8 +9,8 @@ force_source: "{{ matrix_s3_goofys_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_s3_goofys_docker_image_force_pull }}" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed # This will throw a Permission Denied error if already mounted diff --git a/roles/custom/matrix-synapse/tasks/rust-synapse-compress-state/main.yml b/roles/custom/matrix-synapse/tasks/rust-synapse-compress-state/main.yml index b9dd7433..17124e25 100644 --- a/roles/custom/matrix-synapse/tasks/rust-synapse-compress-state/main.yml +++ b/roles/custom/matrix-synapse/tasks/rust-synapse-compress-state/main.yml @@ -49,8 +49,8 @@ force_source: "{{ matrix_synapse_rust_synapse_compress_state_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_synapse_rust_synapse_compress_state_docker_image_force_pull }}" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Generate rust-synapse-compress-state room find command diff --git a/roles/custom/matrix-synapse/tasks/synapse/setup_install.yml b/roles/custom/matrix-synapse/tasks/synapse/setup_install.yml index 1b468f2d..429179de 100644 --- a/roles/custom/matrix-synapse/tasks/synapse/setup_install.yml +++ b/roles/custom/matrix-synapse/tasks/synapse/setup_install.yml @@ -58,8 +58,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_synapse_docker_image_force_pull }}" when: "not matrix_synapse_container_image_self_build" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - when: "matrix_synapse_container_image_customizations_enabled | bool" diff --git a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml index e6235ee4..0b738a57 100644 --- a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml +++ b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml @@ -19,3 +19,8 @@ - {'old': 'matrix_host_command_docker', 'new': 'devture_systemd_docker_base_host_command_docker'} - {'old': 'matrix_host_command_sh', 'new': 'devture_systemd_docker_base_host_command_sh'} - {'old': 'matrix_host_command_systemctl', 'new': 'devture_systemd_docker_base_host_command_systemctl'} + + - {'old': 'matrix_container_retries_count', 'new': 'devture_playbook_help_container_retries_count'} + - {'old': 'matrix_container_retries_delay', 'new': 'devture_playbook_help_container_retries_delay'} + - {'old': 'matrix_geturl_retries_count', 'new': 'devture_playbook_help_geturl_retries_count'} + - {'old': 'matrix_geturl_retries_delay', 'new': 'devture_playbook_help_geturl_retries_delay'} From a4e2a3bc0746c8b8d4775f08cbdbc3e174d95d6d Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 4 Nov 2022 17:07:29 +0200 Subject: [PATCH 532/562] Upgrade Hydrogen (v0.3.2 -> v0.3.3) --- roles/custom/matrix-client-hydrogen/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-client-hydrogen/defaults/main.yml b/roles/custom/matrix-client-hydrogen/defaults/main.yml index bd2917d2..d207df74 100644 --- a/roles/custom/matrix-client-hydrogen/defaults/main.yml +++ b/roles/custom/matrix-client-hydrogen/defaults/main.yml @@ -8,7 +8,7 @@ matrix_client_hydrogen_enabled: true matrix_client_hydrogen_container_image_self_build: true matrix_client_hydrogen_container_image_self_build_repo: "https://github.com/vector-im/hydrogen-web.git" -matrix_client_hydrogen_version: v0.3.2 +matrix_client_hydrogen_version: v0.3.3 matrix_client_hydrogen_docker_image: "{{ matrix_client_hydrogen_docker_image_name_prefix }}vectorim/hydrogen-web:{{ matrix_client_hydrogen_version }}" matrix_client_hydrogen_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_hydrogen_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_hydrogen_docker_image_force_pull: "{{ matrix_client_hydrogen_docker_image.endswith(':latest') }}" From a86cb2336a7d7ccab919812e8f63c3218ecdfc6b Mon Sep 17 00:00:00 2001 From: Aine Date: Fri, 4 Nov 2022 17:16:29 +0200 Subject: [PATCH 533/562] etherpad - do not request ssl cert for subdomain if dimension is installed --- group_vars/matrix_servers | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 26e5b35f..4a3c1193 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1840,7 +1840,7 @@ matrix_ssl_domains_to_obtain_certificates_for: | + ([matrix_server_fqn_dimension] if matrix_dimension_enabled else []) + - ([matrix_server_fqn_etherpad] if matrix_etherpad_enabled else []) + ([matrix_server_fqn_etherpad] if (matrix_etherpad_enabled and not matrix_dimension_enabled) else []) + ([matrix_server_fqn_bot_go_neb] if matrix_bot_go_neb_enabled else []) + From 37d4bf0d1c06175e1a2bb91e14f8f1c34481cc9c Mon Sep 17 00:00:00 2001 From: Aine Date: Fri, 4 Nov 2022 18:55:57 +0200 Subject: [PATCH 534/562] fix workers-doc-to-yaml --- .../files/workers-doc-to-yaml.sh | 5 +- roles/custom/matrix-synapse/vars/main.yml | 458 ++++++++++++++++++ 2 files changed, 461 insertions(+), 2 deletions(-) diff --git a/roles/custom/matrix-synapse/files/workers-doc-to-yaml.sh b/roles/custom/matrix-synapse/files/workers-doc-to-yaml.sh index 5981523b..50a526bc 100755 --- a/roles/custom/matrix-synapse/files/workers-doc-to-yaml.sh +++ b/roles/custom/matrix-synapse/files/workers-doc-to-yaml.sh @@ -1,6 +1,7 @@ #!/bin/sh # Fetch the synapse worker documentation and extract endpoint URLs # matrix-org/synapse master branch points to current stable release +# and put it between `workers:start` and `workers:end` tokens in ../vars/main.yml -URL=https://github.com/matrix-org/synapse/raw/master/docs/workers.md -curl -L ${URL} | awk -f workers-doc-to-yaml.awk > ../vars/workers.yml +snippet="$(curl -L https://github.com/matrix-org/synapse/raw/master/docs/workers.md | awk -f workers-doc-to-yaml.awk)" +awk -v snippet="$snippet" -i inplace '/workers:start/{f=1;print;print snippet}/workers:end/{f=0}!f' ../vars/main.yml diff --git a/roles/custom/matrix-synapse/vars/main.yml b/roles/custom/matrix-synapse/vars/main.yml index a4d43e78..e68ed25d 100644 --- a/roles/custom/matrix-synapse/vars/main.yml +++ b/roles/custom/matrix-synapse/vars/main.yml @@ -110,3 +110,461 @@ matrix_synapse_known_worker_types: | # matrix_synapse_known_instance_map_eligible_worker_types contains the list of worker types that are to be injected into `matrix_synapse_instance_map`. matrix_synapse_known_instance_map_eligible_worker_types: - stream_writer + +# the following section contains semi-automatic generated content +### workers:start +matrix_synapse_workers_generic_worker_endpoints: + # This worker can handle API requests matching the following regular expressions. + # These endpoints can be routed to any worker. If a worker is set up to handle a + # stream then, for maximum efficiency, additional endpoints should be routed to that + # worker: refer to the [stream writers](#stream-writers) section below for further + # information. + + # Sync requests + - ^/_matrix/client/(r0|v3)/sync$ + - ^/_matrix/client/(api/v1|r0|v3)/events$ + - ^/_matrix/client/(api/v1|r0|v3)/initialSync$ + - ^/_matrix/client/(api/v1|r0|v3)/rooms/[^/]+/initialSync$ + + # Federation requests + - ^/_matrix/federation/v1/event/ + - ^/_matrix/federation/v1/state/ + - ^/_matrix/federation/v1/state_ids/ + - ^/_matrix/federation/v1/backfill/ + - ^/_matrix/federation/v1/get_missing_events/ + - ^/_matrix/federation/v1/publicRooms + - ^/_matrix/federation/v1/query/ + - ^/_matrix/federation/v1/make_join/ + - ^/_matrix/federation/v1/make_leave/ + - ^/_matrix/federation/(v1|v2)/send_join/ + - ^/_matrix/federation/(v1|v2)/send_leave/ + - ^/_matrix/federation/(v1|v2)/invite/ + - ^/_matrix/federation/v1/event_auth/ + - ^/_matrix/federation/v1/exchange_third_party_invite/ + - ^/_matrix/federation/v1/user/devices/ + - ^/_matrix/key/v2/query + - ^/_matrix/federation/v1/hierarchy/ + + # Inbound federation transaction request + - ^/_matrix/federation/v1/send/ + + # Client API requests + - ^/_matrix/client/(api/v1|r0|v3|unstable)/createRoom$ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/publicRooms$ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/joined_members$ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/context/.*$ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/members$ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state$ + - ^/_matrix/client/v1/rooms/.*/hierarchy$ + - ^/_matrix/client/(v1|unstable)/rooms/.*/relations/ + - ^/_matrix/client/v1/rooms/.*/threads$ + - ^/_matrix/client/unstable/org.matrix.msc2716/rooms/.*/batch_send$ + - ^/_matrix/client/unstable/im.nheko.summary/rooms/.*/summary$ + - ^/_matrix/client/(r0|v3|unstable)/account/3pid$ + - ^/_matrix/client/(r0|v3|unstable)/account/whoami$ + - ^/_matrix/client/(r0|v3|unstable)/devices$ + - ^/_matrix/client/versions$ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/voip/turnServer$ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/event/ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/joined_rooms$ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/search$ + + # Encryption requests + # Note that ^/_matrix/client/(r0|v3|unstable)/keys/upload/ requires `worker_main_http_uri` + - ^/_matrix/client/(r0|v3|unstable)/keys/query$ + - ^/_matrix/client/(r0|v3|unstable)/keys/changes$ + - ^/_matrix/client/(r0|v3|unstable)/keys/claim$ + - ^/_matrix/client/(r0|v3|unstable)/room_keys/ + - ^/_matrix/client/(r0|v3|unstable)/keys/upload/ + + # Registration/login requests + - ^/_matrix/client/(api/v1|r0|v3|unstable)/login$ + - ^/_matrix/client/(r0|v3|unstable)/register$ + - ^/_matrix/client/v1/register/m.login.registration_token/validity$ + + # Event sending requests + - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/redact + - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/send + - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state/ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/(join|invite|leave|ban|unban|kick)$ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/join/ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/profile/ + +# These appear to be conditional and should not be enabled by default. +# We need to fix up our workers-doc-to-yaml.awk parsing script to exclude them. +# For now, they've been commented out manually. +# # Account data requests +# - ^/_matrix/client/(r0|v3|unstable)/.*/tags +# - ^/_matrix/client/(r0|v3|unstable)/.*/account_data +# +# # Receipts requests +# - ^/_matrix/client/(r0|v3|unstable)/rooms/.*/receipt +# - ^/_matrix/client/(r0|v3|unstable)/rooms/.*/read_markers +# +# # Presence requests +# - ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/ + + # User directory search requests + # Any worker can handle these, but we have a dedicated user_dir worker for this, + # so we'd like for other generic workers to not try and capture these requests. + # - ^/_matrix/client/(r0|v3|unstable)/user_directory/search$ + + # Additionally, the following REST endpoints can be handled for GET requests: + + # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually + # ^/_matrix/client/(api/v1|r0|v3|unstable)/pushrules/ + + # Pagination requests can also be handled, but all requests for a given + # room must be routed to the same instance. Additionally, care must be taken to + # ensure that the purge history admin API is not used while pagination requests + # for the room are in flight: + + # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually + # ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/messages$ + + # Additionally, the following endpoints should be included if Synapse is configured + # to use SSO (you only need to include the ones for whichever SSO provider you're + # using): + + # for all SSO providers + # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually + # ^/_matrix/client/(api/v1|r0|v3|unstable)/login/sso/redirect + # ^/_synapse/client/pick_idp$ + # ^/_synapse/client/pick_username + # ^/_synapse/client/new_user_consent$ + # ^/_synapse/client/sso_register$ + + # OpenID Connect requests. + # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually + # ^/_synapse/client/oidc/callback$ + + # SAML requests. + # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually + # ^/_synapse/client/saml2/authn_response$ + + # CAS requests. + # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually + # ^/_matrix/client/(api/v1|r0|v3|unstable)/login/cas/ticket$ + + # Ensure that all SSO logins go to a single process. + # For multiple workers not handling the SSO endpoints properly, see + # [#7530](https://github.com/matrix-org/synapse/issues/7530) and + # [#9427](https://github.com/matrix-org/synapse/issues/9427). + + # Note that a [HTTP listener](usage/configuration/config_documentation.md#listeners) + # with `client` and `federation` `resources` must be configured in the `worker_listeners` + # option in the worker config. + + # #### Load balancing + + # It is possible to run multiple instances of this worker app, with incoming requests + # being load-balanced between them by the reverse-proxy. However, different endpoints + # have different characteristics and so admins + # may wish to run multiple groups of workers handling different endpoints so that + # load balancing can be done in different ways. + + # For `/sync` and `/initialSync` requests it will be more efficient if all + # requests from a particular user are routed to a single instance. Extracting a + # user ID from the access token or `Authorization` header is currently left as an + # exercise for the reader. Admins may additionally wish to separate out `/sync` + # requests that have a `since` query parameter from those that don't (and + # `/initialSync`), as requests that don't are known as "initial sync" that happens + # when a user logs in on a new device and can be *very* resource intensive, so + # isolating these requests will stop them from interfering with other users ongoing + # syncs. + + # Federation and client requests can be balanced via simple round robin. + + # The inbound federation transaction request `^/_matrix/federation/v1/send/` + # should be balanced by source IP so that transactions from the same remote server + # go to the same process. + + # Registration/login requests can be handled separately purely to help ensure that + # unexpected load doesn't affect new logins and sign ups. + + # Finally, event sending requests can be balanced by the room ID in the URI (or + # the full URI, or even just round robin), the room ID is the path component after + # `/rooms/`. If there is a large bridge connected that is sending or may send lots + # of events, then a dedicated set of workers can be provisioned to limit the + # effects of bursts of events from that bridge on events sent by normal users. + + # #### Stream writers + + # Additionally, the writing of specific streams (such as events) can be moved off + # of the main process to a particular worker. + + # To enable this, the worker must have a + # [HTTP `replication` listener](usage/configuration/config_documentation.md#listeners) configured, + # have a `worker_name` and be listed in the `instance_map` config. The same worker + # can handle multiple streams, but unless otherwise documented, each stream can only + # have a single writer. + + # For example, to move event persistence off to a dedicated worker, the shared + # configuration would include: + + # ```yaml + # instance_map: + # event_persister1: + # host: localhost + # port: 8034 + + # stream_writers: + # events: event_persister1 + # ``` + + # An example for a stream writer instance: + + # ```yaml + # {{#include systemd-with-workers/workers/event_persister.yaml}} + # ``` + + # Some of the streams have associated endpoints which, for maximum efficiency, should + # be routed to the workers handling that stream. See below for the currently supported + # streams and the endpoints associated with them: + + # ##### The `events` stream + + # The `events` stream experimentally supports having multiple writers, where work + # is sharded between them by room ID. Note that you *must* restart all worker + # instances when adding or removing event persisters. An example `stream_writers` + # configuration with multiple writers: + + # ```yaml + # stream_writers: + # events: + # - event_persister1 + # - event_persister2 + # ``` + + # ##### The `typing` stream + + # The following endpoints should be routed directly to the worker configured as + # the stream writer for the `typing` stream: + + # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually + # ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/typing + + # ##### The `to_device` stream + + # The following endpoints should be routed directly to the worker configured as + # the stream writer for the `to_device` stream: + + # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually + # ^/_matrix/client/(r0|v3|unstable)/sendToDevice/ + + # ##### The `account_data` stream + + # The following endpoints should be routed directly to the worker configured as + # the stream writer for the `account_data` stream: + + # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually + # ^/_matrix/client/(r0|v3|unstable)/.*/tags + # ^/_matrix/client/(r0|v3|unstable)/.*/account_data + + # ##### The `receipts` stream + + # The following endpoints should be routed directly to the worker configured as + # the stream writer for the `receipts` stream: + + # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually + # ^/_matrix/client/(r0|v3|unstable)/rooms/.*/receipt + # ^/_matrix/client/(r0|v3|unstable)/rooms/.*/read_markers + + # ##### The `presence` stream + + # The following endpoints should be routed directly to the worker configured as + # the stream writer for the `presence` stream: + + # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually + # ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/ + + # #### Background tasks + + # There is also support for moving background tasks to a separate + # worker. Background tasks are run periodically or started via replication. Exactly + # which tasks are configured to run depends on your Synapse configuration (e.g. if + # stats is enabled). This worker doesn't handle any REST endpoints itself. + + # To enable this, the worker must have a `worker_name` and can be configured to run + # background tasks. For example, to move background tasks to a dedicated worker, + # the shared configuration would include: + + # ```yaml + # run_background_tasks_on: background_worker + # ``` + + # You might also wish to investigate the `update_user_directory_from_worker` and + # `media_instance_running_background_jobs` settings. + + # An example for a dedicated background worker instance: + + # ```yaml + # {{#include systemd-with-workers/workers/background_worker.yaml}} + # ``` + + # #### Updating the User Directory + + # You can designate one generic worker to update the user directory. + + # Specify its name in the shared configuration as follows: + + # ```yaml + # update_user_directory_from_worker: worker_name + # ``` + + # This work cannot be load-balanced; please ensure the main process is restarted + # after setting this option in the shared configuration! + + # User directory updates allow REST endpoints matching the following regular + # expressions to work: + + # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually + # ^/_matrix/client/(r0|v3|unstable)/user_directory/search$ + + # The above endpoints can be routed to any worker, though you may choose to route + # it to the chosen user directory worker. + + # This style of configuration supersedes the legacy `synapse.app.user_dir` + # worker application type. + + + # #### Notifying Application Services + + # You can designate one generic worker to send output traffic to Application Services. + # Doesn't handle any REST endpoints itself, but you should specify its name in the + # shared configuration as follows: + + # ```yaml + # notify_appservices_from_worker: worker_name + # ``` + + # This work cannot be load-balanced; please ensure the main process is restarted + # after setting this option in the shared configuration! + + # This style of configuration supersedes the legacy `synapse.app.appservice` + # worker application type. + + +# pusher worker (no API endpoints) [ + # Handles sending push notifications to sygnal and email. Doesn't handle any + # REST endpoints itself, but you should set `start_pushers: False` in the + # shared configuration file to stop the main synapse sending push notifications. + + # To run multiple instances at once the `pusher_instances` option should list all + # pusher instances by their worker name, e.g.: + + # ```yaml + # pusher_instances: + # - pusher_worker1 + # - pusher_worker2 + # ``` + + # An example for a pusher instance: + + # ```yaml + # {{#include systemd-with-workers/workers/pusher_worker.yaml}} + # ``` + +# ] + +# appservice worker (no API endpoints) [ + # **Deprecated as of Synapse v1.59.** [Use `synapse.app.generic_worker` with the + # `notify_appservices_from_worker` option instead.](#notifying-application-services) + + # Handles sending output traffic to Application Services. Doesn't handle any + # REST endpoints itself, but you should set `notify_appservices: False` in the + # shared configuration file to stop the main synapse sending appservice notifications. + + # Note this worker cannot be load-balanced: only one instance should be active. + +# ] + +# federation_sender worker (no API endpoints) [ + # Handles sending federation traffic to other servers. Doesn't handle any + # REST endpoints itself, but you should set `send_federation: False` in the + # shared configuration file to stop the main synapse sending this traffic. + + # If running multiple federation senders then you must list each + # instance in the `federation_sender_instances` option by their `worker_name`. + # All instances must be stopped and started when adding or removing instances. + # For example: + + # ```yaml + # federation_sender_instances: + # - federation_sender1 + # - federation_sender2 + # ``` + + # An example for a federation sender instance: + + # ```yaml + # {{#include systemd-with-workers/workers/federation_sender.yaml}} + # ``` +# ] + +matrix_synapse_workers_media_repository_endpoints: + # Handles the media repository. It can handle all endpoints starting with: + + - ^/_matrix/media/ + + # ... and the following regular expressions matching media-specific administration APIs: + + - ^/_synapse/admin/v1/purge_media_cache$ + - ^/_synapse/admin/v1/room/.*/media.*$ + - ^/_synapse/admin/v1/user/.*/media.*$ + - ^/_synapse/admin/v1/media/.*$ + - ^/_synapse/admin/v1/quarantine_media/.*$ + - ^/_synapse/admin/v1/users/.*/media$ + + # You should also set `enable_media_repo: False` in the shared configuration + # file to stop the main synapse running background jobs related to managing the + # media repository. Note that doing so will prevent the main process from being + # able to handle the above endpoints. + + # In the `media_repository` worker configuration file, configure the + # [HTTP listener](usage/configuration/config_documentation.md#listeners) to + # expose the `media` resource. For example: + + # ```yaml + # {{#include systemd-with-workers/workers/media_worker.yaml}} + # ``` + + # Note that if running multiple media repositories they must be on the same server + # and you must configure a single instance to run the background tasks, e.g.: + + # ```yaml + # media_instance_running_background_jobs: "media-repository-1" + # ``` + + # Note that if a reverse proxy is used , then `/_matrix/media/` must be routed for both inbound client and federation requests (if they are handled separately). + +matrix_synapse_workers_user_dir_endpoints: + # **Deprecated as of Synapse v1.59.** [Use `synapse.app.generic_worker` with the + # `update_user_directory_from_worker` option instead.](#updating-the-user-directory) + + # Handles searches in the user directory. It can handle REST endpoints matching + # the following regular expressions: + + - ^/_matrix/client/(r0|v3|unstable)/user_directory/search$ + + # When using this worker you must also set `update_user_directory: false` in the + # shared configuration file to stop the main synapse running background + # jobs related to updating the user directory. + + # Above endpoint is not *required* to be routed to this worker. By default, + # `update_user_directory` is set to `true`, which means the main process + # will handle updates. All workers configured with `client` can handle the above + # endpoint as long as either this worker or the main process are configured to + # handle it, and are online. + + # If `update_user_directory` is set to `false`, and this worker is not running, + # the above endpoint may give outdated results. + +matrix_synapse_workers_avail_list: + - appservice + - federation_sender + - generic_worker + - media_repository + - pusher + - user_dir +### workers:end From da4a82c48b799afa235acc096c81d855a52939b5 Mon Sep 17 00:00:00 2001 From: Aine Date: Fri, 4 Nov 2022 19:02:24 +0200 Subject: [PATCH 535/562] remove old workers.yml (already saved into main.yml) --- .yamllint | 3 - .../files/workers-doc-to-yaml.awk | 1 - roles/custom/matrix-synapse/vars/main.yml | 1 + roles/custom/matrix-synapse/vars/workers.yml | 456 ------------------ setup.yml | 3 - 5 files changed, 1 insertion(+), 463 deletions(-) delete mode 100644 roles/custom/matrix-synapse/vars/workers.yml diff --git a/.yamllint b/.yamllint index 6f10a36d..75da2b70 100644 --- a/.yamllint +++ b/.yamllint @@ -1,8 +1,5 @@ --- extends: default -ignore: | - roles/custom/matrix-synapse/vars/workers.yml - rules: line-length: disable diff --git a/roles/custom/matrix-synapse/files/workers-doc-to-yaml.awk b/roles/custom/matrix-synapse/files/workers-doc-to-yaml.awk index 5b99d396..1911690f 100755 --- a/roles/custom/matrix-synapse/files/workers-doc-to-yaml.awk +++ b/roles/custom/matrix-synapse/files/workers-doc-to-yaml.awk @@ -18,7 +18,6 @@ function line_is_endpoint_url(line) { # Put YAML marker at beginning of file. BEGIN { - print "---" endpoint_conditional_comment = " # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually\n" } diff --git a/roles/custom/matrix-synapse/vars/main.yml b/roles/custom/matrix-synapse/vars/main.yml index e68ed25d..d2f45126 100644 --- a/roles/custom/matrix-synapse/vars/main.yml +++ b/roles/custom/matrix-synapse/vars/main.yml @@ -113,6 +113,7 @@ matrix_synapse_known_instance_map_eligible_worker_types: # the following section contains semi-automatic generated content ### workers:start + matrix_synapse_workers_generic_worker_endpoints: # This worker can handle API requests matching the following regular expressions. # These endpoints can be routed to any worker. If a worker is set up to handle a diff --git a/roles/custom/matrix-synapse/vars/workers.yml b/roles/custom/matrix-synapse/vars/workers.yml deleted file mode 100644 index 2598caa6..00000000 --- a/roles/custom/matrix-synapse/vars/workers.yml +++ /dev/null @@ -1,456 +0,0 @@ ---- - -matrix_synapse_workers_generic_worker_endpoints: - # This worker can handle API requests matching the following regular expressions. - # These endpoints can be routed to any worker. If a worker is set up to handle a - # stream then, for maximum efficiency, additional endpoints should be routed to that - # worker: refer to the [stream writers](#stream-writers) section below for further - # information. - - # Sync requests - - ^/_matrix/client/(r0|v3)/sync$ - - ^/_matrix/client/(api/v1|r0|v3)/events$ - - ^/_matrix/client/(api/v1|r0|v3)/initialSync$ - - ^/_matrix/client/(api/v1|r0|v3)/rooms/[^/]+/initialSync$ - - # Federation requests - - ^/_matrix/federation/v1/event/ - - ^/_matrix/federation/v1/state/ - - ^/_matrix/federation/v1/state_ids/ - - ^/_matrix/federation/v1/backfill/ - - ^/_matrix/federation/v1/get_missing_events/ - - ^/_matrix/federation/v1/publicRooms - - ^/_matrix/federation/v1/query/ - - ^/_matrix/federation/v1/make_join/ - - ^/_matrix/federation/v1/make_leave/ - - ^/_matrix/federation/(v1|v2)/send_join/ - - ^/_matrix/federation/(v1|v2)/send_leave/ - - ^/_matrix/federation/(v1|v2)/invite/ - - ^/_matrix/federation/v1/event_auth/ - - ^/_matrix/federation/v1/exchange_third_party_invite/ - - ^/_matrix/federation/v1/user/devices/ - - ^/_matrix/key/v2/query - - ^/_matrix/federation/v1/hierarchy/ - - # Inbound federation transaction request - - ^/_matrix/federation/v1/send/ - - # Client API requests - - ^/_matrix/client/(api/v1|r0|v3|unstable)/createRoom$ - - ^/_matrix/client/(api/v1|r0|v3|unstable)/publicRooms$ - - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/joined_members$ - - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/context/.*$ - - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/members$ - - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state$ - - ^/_matrix/client/v1/rooms/.*/hierarchy$ - - ^/_matrix/client/(v1|unstable)/rooms/.*/relations/ - - ^/_matrix/client/v1/rooms/.*/threads$ - - ^/_matrix/client/unstable/org.matrix.msc2716/rooms/.*/batch_send$ - - ^/_matrix/client/unstable/im.nheko.summary/rooms/.*/summary$ - - ^/_matrix/client/(r0|v3|unstable)/account/3pid$ - - ^/_matrix/client/(r0|v3|unstable)/account/whoami$ - - ^/_matrix/client/(r0|v3|unstable)/devices$ - - ^/_matrix/client/versions$ - - ^/_matrix/client/(api/v1|r0|v3|unstable)/voip/turnServer$ - - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/event/ - - ^/_matrix/client/(api/v1|r0|v3|unstable)/joined_rooms$ - - ^/_matrix/client/(api/v1|r0|v3|unstable)/search$ - - # Encryption requests - # Note that ^/_matrix/client/(r0|v3|unstable)/keys/upload/ requires `worker_main_http_uri` - - ^/_matrix/client/(r0|v3|unstable)/keys/query$ - - ^/_matrix/client/(r0|v3|unstable)/keys/changes$ - - ^/_matrix/client/(r0|v3|unstable)/keys/claim$ - - ^/_matrix/client/(r0|v3|unstable)/room_keys/ - - ^/_matrix/client/(r0|v3|unstable)/keys/upload/ - - # Registration/login requests - - ^/_matrix/client/(api/v1|r0|v3|unstable)/login$ - - ^/_matrix/client/(r0|v3|unstable)/register$ - - ^/_matrix/client/v1/register/m.login.registration_token/validity$ - - # Event sending requests - - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/redact - - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/send - - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state/ - - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/(join|invite|leave|ban|unban|kick)$ - - ^/_matrix/client/(api/v1|r0|v3|unstable)/join/ - - ^/_matrix/client/(api/v1|r0|v3|unstable)/profile/ - -# These appear to be conditional and should not be enabled by default. -# We need to fix up our workers-doc-to-yaml.awk parsing script to exclude them. -# For now, they've been commented out manually. -# # Account data requests -# - ^/_matrix/client/(r0|v3|unstable)/.*/tags -# - ^/_matrix/client/(r0|v3|unstable)/.*/account_data -# -# # Receipts requests -# - ^/_matrix/client/(r0|v3|unstable)/rooms/.*/receipt -# - ^/_matrix/client/(r0|v3|unstable)/rooms/.*/read_markers -# -# # Presence requests -# - ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/ - - # User directory search requests - # Any worker can handle these, but we have a dedicated user_dir worker for this, - # so we'd like for other generic workers to not try and capture these requests. - # - ^/_matrix/client/(r0|v3|unstable)/user_directory/search$ - - # Additionally, the following REST endpoints can be handled for GET requests: - - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(api/v1|r0|v3|unstable)/pushrules/ - - # Pagination requests can also be handled, but all requests for a given - # room must be routed to the same instance. Additionally, care must be taken to - # ensure that the purge history admin API is not used while pagination requests - # for the room are in flight: - - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/messages$ - - # Additionally, the following endpoints should be included if Synapse is configured - # to use SSO (you only need to include the ones for whichever SSO provider you're - # using): - - # for all SSO providers - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(api/v1|r0|v3|unstable)/login/sso/redirect - # ^/_synapse/client/pick_idp$ - # ^/_synapse/client/pick_username - # ^/_synapse/client/new_user_consent$ - # ^/_synapse/client/sso_register$ - - # OpenID Connect requests. - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_synapse/client/oidc/callback$ - - # SAML requests. - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_synapse/client/saml2/authn_response$ - - # CAS requests. - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(api/v1|r0|v3|unstable)/login/cas/ticket$ - - # Ensure that all SSO logins go to a single process. - # For multiple workers not handling the SSO endpoints properly, see - # [#7530](https://github.com/matrix-org/synapse/issues/7530) and - # [#9427](https://github.com/matrix-org/synapse/issues/9427). - - # Note that a [HTTP listener](usage/configuration/config_documentation.md#listeners) - # with `client` and `federation` `resources` must be configured in the `worker_listeners` - # option in the worker config. - - # #### Load balancing - - # It is possible to run multiple instances of this worker app, with incoming requests - # being load-balanced between them by the reverse-proxy. However, different endpoints - # have different characteristics and so admins - # may wish to run multiple groups of workers handling different endpoints so that - # load balancing can be done in different ways. - - # For `/sync` and `/initialSync` requests it will be more efficient if all - # requests from a particular user are routed to a single instance. Extracting a - # user ID from the access token or `Authorization` header is currently left as an - # exercise for the reader. Admins may additionally wish to separate out `/sync` - # requests that have a `since` query parameter from those that don't (and - # `/initialSync`), as requests that don't are known as "initial sync" that happens - # when a user logs in on a new device and can be *very* resource intensive, so - # isolating these requests will stop them from interfering with other users ongoing - # syncs. - - # Federation and client requests can be balanced via simple round robin. - - # The inbound federation transaction request `^/_matrix/federation/v1/send/` - # should be balanced by source IP so that transactions from the same remote server - # go to the same process. - - # Registration/login requests can be handled separately purely to help ensure that - # unexpected load doesn't affect new logins and sign ups. - - # Finally, event sending requests can be balanced by the room ID in the URI (or - # the full URI, or even just round robin), the room ID is the path component after - # `/rooms/`. If there is a large bridge connected that is sending or may send lots - # of events, then a dedicated set of workers can be provisioned to limit the - # effects of bursts of events from that bridge on events sent by normal users. - - # #### Stream writers - - # Additionally, the writing of specific streams (such as events) can be moved off - # of the main process to a particular worker. - - # To enable this, the worker must have a - # [HTTP `replication` listener](usage/configuration/config_documentation.md#listeners) configured, - # have a `worker_name` and be listed in the `instance_map` config. The same worker - # can handle multiple streams, but unless otherwise documented, each stream can only - # have a single writer. - - # For example, to move event persistence off to a dedicated worker, the shared - # configuration would include: - - # ```yaml - # instance_map: - # event_persister1: - # host: localhost - # port: 8034 - - # stream_writers: - # events: event_persister1 - # ``` - - # An example for a stream writer instance: - - # ```yaml - # {{#include systemd-with-workers/workers/event_persister.yaml}} - # ``` - - # Some of the streams have associated endpoints which, for maximum efficiency, should - # be routed to the workers handling that stream. See below for the currently supported - # streams and the endpoints associated with them: - - # ##### The `events` stream - - # The `events` stream experimentally supports having multiple writers, where work - # is sharded between them by room ID. Note that you *must* restart all worker - # instances when adding or removing event persisters. An example `stream_writers` - # configuration with multiple writers: - - # ```yaml - # stream_writers: - # events: - # - event_persister1 - # - event_persister2 - # ``` - - # ##### The `typing` stream - - # The following endpoints should be routed directly to the worker configured as - # the stream writer for the `typing` stream: - - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/typing - - # ##### The `to_device` stream - - # The following endpoints should be routed directly to the worker configured as - # the stream writer for the `to_device` stream: - - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(r0|v3|unstable)/sendToDevice/ - - # ##### The `account_data` stream - - # The following endpoints should be routed directly to the worker configured as - # the stream writer for the `account_data` stream: - - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(r0|v3|unstable)/.*/tags - # ^/_matrix/client/(r0|v3|unstable)/.*/account_data - - # ##### The `receipts` stream - - # The following endpoints should be routed directly to the worker configured as - # the stream writer for the `receipts` stream: - - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(r0|v3|unstable)/rooms/.*/receipt - # ^/_matrix/client/(r0|v3|unstable)/rooms/.*/read_markers - - # ##### The `presence` stream - - # The following endpoints should be routed directly to the worker configured as - # the stream writer for the `presence` stream: - - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/ - - # #### Background tasks - - # There is also support for moving background tasks to a separate - # worker. Background tasks are run periodically or started via replication. Exactly - # which tasks are configured to run depends on your Synapse configuration (e.g. if - # stats is enabled). This worker doesn't handle any REST endpoints itself. - - # To enable this, the worker must have a `worker_name` and can be configured to run - # background tasks. For example, to move background tasks to a dedicated worker, - # the shared configuration would include: - - # ```yaml - # run_background_tasks_on: background_worker - # ``` - - # You might also wish to investigate the `update_user_directory_from_worker` and - # `media_instance_running_background_jobs` settings. - - # An example for a dedicated background worker instance: - - # ```yaml - # {{#include systemd-with-workers/workers/background_worker.yaml}} - # ``` - - # #### Updating the User Directory - - # You can designate one generic worker to update the user directory. - - # Specify its name in the shared configuration as follows: - - # ```yaml - # update_user_directory_from_worker: worker_name - # ``` - - # This work cannot be load-balanced; please ensure the main process is restarted - # after setting this option in the shared configuration! - - # User directory updates allow REST endpoints matching the following regular - # expressions to work: - - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(r0|v3|unstable)/user_directory/search$ - - # The above endpoints can be routed to any worker, though you may choose to route - # it to the chosen user directory worker. - - # This style of configuration supersedes the legacy `synapse.app.user_dir` - # worker application type. - - - # #### Notifying Application Services - - # You can designate one generic worker to send output traffic to Application Services. - # Doesn't handle any REST endpoints itself, but you should specify its name in the - # shared configuration as follows: - - # ```yaml - # notify_appservices_from_worker: worker_name - # ``` - - # This work cannot be load-balanced; please ensure the main process is restarted - # after setting this option in the shared configuration! - - # This style of configuration supersedes the legacy `synapse.app.appservice` - # worker application type. - - -# pusher worker (no API endpoints) [ - # Handles sending push notifications to sygnal and email. Doesn't handle any - # REST endpoints itself, but you should set `start_pushers: False` in the - # shared configuration file to stop the main synapse sending push notifications. - - # To run multiple instances at once the `pusher_instances` option should list all - # pusher instances by their worker name, e.g.: - - # ```yaml - # pusher_instances: - # - pusher_worker1 - # - pusher_worker2 - # ``` - - # An example for a pusher instance: - - # ```yaml - # {{#include systemd-with-workers/workers/pusher_worker.yaml}} - # ``` - -# ] - -# appservice worker (no API endpoints) [ - # **Deprecated as of Synapse v1.59.** [Use `synapse.app.generic_worker` with the - # `notify_appservices_from_worker` option instead.](#notifying-application-services) - - # Handles sending output traffic to Application Services. Doesn't handle any - # REST endpoints itself, but you should set `notify_appservices: False` in the - # shared configuration file to stop the main synapse sending appservice notifications. - - # Note this worker cannot be load-balanced: only one instance should be active. - -# ] - -# federation_sender worker (no API endpoints) [ - # Handles sending federation traffic to other servers. Doesn't handle any - # REST endpoints itself, but you should set `send_federation: False` in the - # shared configuration file to stop the main synapse sending this traffic. - - # If running multiple federation senders then you must list each - # instance in the `federation_sender_instances` option by their `worker_name`. - # All instances must be stopped and started when adding or removing instances. - # For example: - - # ```yaml - # federation_sender_instances: - # - federation_sender1 - # - federation_sender2 - # ``` - - # An example for a federation sender instance: - - # ```yaml - # {{#include systemd-with-workers/workers/federation_sender.yaml}} - # ``` -# ] - -matrix_synapse_workers_media_repository_endpoints: - # Handles the media repository. It can handle all endpoints starting with: - - - ^/_matrix/media/ - - # ... and the following regular expressions matching media-specific administration APIs: - - - ^/_synapse/admin/v1/purge_media_cache$ - - ^/_synapse/admin/v1/room/.*/media.*$ - - ^/_synapse/admin/v1/user/.*/media.*$ - - ^/_synapse/admin/v1/media/.*$ - - ^/_synapse/admin/v1/quarantine_media/.*$ - - ^/_synapse/admin/v1/users/.*/media$ - - # You should also set `enable_media_repo: False` in the shared configuration - # file to stop the main synapse running background jobs related to managing the - # media repository. Note that doing so will prevent the main process from being - # able to handle the above endpoints. - - # In the `media_repository` worker configuration file, configure the - # [HTTP listener](usage/configuration/config_documentation.md#listeners) to - # expose the `media` resource. For example: - - # ```yaml - # {{#include systemd-with-workers/workers/media_worker.yaml}} - # ``` - - # Note that if running multiple media repositories they must be on the same server - # and you must configure a single instance to run the background tasks, e.g.: - - # ```yaml - # media_instance_running_background_jobs: "media-repository-1" - # ``` - - # Note that if a reverse proxy is used , then `/_matrix/media/` must be routed for both inbound client and federation requests (if they are handled separately). - -matrix_synapse_workers_user_dir_endpoints: - # **Deprecated as of Synapse v1.59.** [Use `synapse.app.generic_worker` with the - # `update_user_directory_from_worker` option instead.](#updating-the-user-directory) - - # Handles searches in the user directory. It can handle REST endpoints matching - # the following regular expressions: - - - ^/_matrix/client/(r0|v3|unstable)/user_directory/search$ - - # When using this worker you must also set `update_user_directory: false` in the - # shared configuration file to stop the main synapse running background - # jobs related to updating the user directory. - - # Above endpoint is not *required* to be routed to this worker. By default, - # `update_user_directory` is set to `true`, which means the main process - # will handle updates. All workers configured with `client` can handle the above - # endpoint as long as either this worker or the main process are configured to - # handle it, and are online. - - # If `update_user_directory` is set to `false`, and this worker is not running, - # the above endpoint may give outdated results. - -matrix_synapse_workers_avail_list: - - appservice - - federation_sender - - generic_worker - - media_repository - - pusher - - user_dir diff --git a/setup.yml b/setup.yml index e3372802..c11c75af 100755 --- a/setup.yml +++ b/setup.yml @@ -3,9 +3,6 @@ hosts: "{{ target if target is defined else 'matrix_servers' }}" become: true - vars_files: - - roles/custom/matrix-synapse/vars/workers.yml - roles: # This role has no tasks at all - role: galaxy/com.devture.ansible.role.playbook_help From 1c643263ddc5b96947b49e4f260de4ca8aeeb572 Mon Sep 17 00:00:00 2001 From: Darren Rambaud Date: Fri, 4 Nov 2022 15:16:14 -0500 Subject: [PATCH 536/562] dendrite: update image tag to latest release (0.10.7) - https://github.com/matrix-org/dendrite/releases/tag/v0.10.7 --- roles/custom/matrix-dendrite/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-dendrite/defaults/main.yml b/roles/custom/matrix-dendrite/defaults/main.yml index a1d03960..b9dddfe9 100644 --- a/roles/custom/matrix-dendrite/defaults/main.yml +++ b/roles/custom/matrix-dendrite/defaults/main.yml @@ -6,7 +6,7 @@ matrix_dendrite_enabled: true matrix_dendrite_docker_image: "{{ matrix_dendrite_docker_image_name_prefix }}matrixdotorg/dendrite-monolith:{{ matrix_dendrite_docker_image_tag }}" matrix_dendrite_docker_image_name_prefix: "docker.io/" -matrix_dendrite_docker_image_tag: "v0.10.6" +matrix_dendrite_docker_image_tag: "v0.10.7" matrix_dendrite_docker_image_force_pull: "{{ matrix_dendrite_docker_image.endswith(':latest') }}" matrix_dendrite_base_path: "{{ matrix_base_data_path }}/dendrite" From 5ff59eb31a6f1296b8d850d61749447ffbc46973 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 5 Nov 2022 06:56:10 +0200 Subject: [PATCH 537/562] Upgrade com.devture.ansible.role.playbook_state_preserver --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index 668f973e..a57b63a9 100644 --- a/requirements.yml +++ b/requirements.yml @@ -10,7 +10,7 @@ version: 461ace97fcf0e36c76747b36fcad8587d9b072f5 - src: git+https://github.com/devture/com.devture.ansible.role.playbook_state_preserver.git - version: 0857450721d525238ca230c9e6f8f8ad3a248564 + version: ff2fd42e1c1a9e28e3312bbd725395f9c2fc7f16 - src: git+https://github.com/devture/com.devture.ansible.role.playbook_runtime_messages.git version: f1c78d4e85e875129790c58335d0e44385683f6b From c165bf0a9504f21ad7a695e573c18d7ef6f60bd1 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 5 Nov 2022 07:02:10 +0200 Subject: [PATCH 538/562] Try to make setup.yml more helpful when galaxy roles haven't been downloaded With this change, trying to run the playbook should report an error that looks like this: > The offending line appears to be: > > # Most of the roles below are not distributed with the playbook, but downloaded separately using `ansible-galaxy` via the `make roles` command (see `Makefile`). > - role: galaxy/com.devture.ansible.role.playbook_help > ^ here .. with that comment included, which might help some people who missed the `make roles` part. Improves https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2232 --- setup.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/setup.yml b/setup.yml index e3372802..8c71ac4b 100755 --- a/setup.yml +++ b/setup.yml @@ -7,10 +7,9 @@ - roles/custom/matrix-synapse/vars/workers.yml roles: - # This role has no tasks at all + # Most of the roles below are not distributed with the playbook, but downloaded separately using `ansible-galaxy` via the `make roles` command (see `Makefile`). - role: galaxy/com.devture.ansible.role.playbook_help - # This role has no tasks at all - role: galaxy/com.devture.ansible.role.systemd_docker_base - role: custom/matrix_playbook_migration From 7289992dba30223df073a4d37b63b937b5d6addb Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 5 Nov 2022 07:10:04 +0200 Subject: [PATCH 539/562] Document `make roles` some more Improves: - https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2232 - https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2217#issuecomment-1304366791 --- CHANGELOG.md | 2 +- docs/installing.md | 2 +- docs/prerequisites.md | 2 ++ 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9bd06a8c..f773d999 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -16,7 +16,7 @@ We're doing this for greater code-reuse (across Ansible playbooks, including our Some variable names will change during the transition to having more and more external (galaxy) roles. There's a new `custom/matrix_playbook_migration` role added to the playbook which will tell you about these changes each time you run the playbook. -From now on, every time you update the playbook (well, every time the `requirements.yml` file changes), it's best to run `make roles` to update the roles downloaded from other sources. +**From now on**, every time you update the playbook (well, every time the `requirements.yml` file changes), it's best to run `make roles` to update the roles downloaded from other sources. `make roles` is a shortcut (a `roles` target defined in [`Makefile`](Makefile) and executed by the [`make`](https://www.gnu.org/software/make/) utility) which ultimately runs [ansible-galaxy](https://docs.ansible.com/ansible/latest/cli/ansible-galaxy.html) to download Ansible roles. If you don't have `make`, you can also manually run the commands seen in the `Makefile`. # 2022-10-14 diff --git a/docs/installing.md b/docs/installing.md index 7c62cc39..19506e33 100644 --- a/docs/installing.md +++ b/docs/installing.md @@ -2,7 +2,7 @@ If you've [configured your DNS](configuring-dns.md) and have [configured the playbook](configuring-playbook.md), you can start the installation procedure. -**Before installing** and each time you update the playbook in the future, you will need to update the Ansible roles in this playbook by running `make roles`. +**Before installing** and each time you update the playbook in the future, you will need to update the Ansible roles in this playbook by running `make roles`. `make roles` is a shortcut (a `roles` target defined in [`Makefile`](Makefile) and executed by the [`make`](https://www.gnu.org/software/make/) utility) which ultimately runs [ansible-galaxy](https://docs.ansible.com/ansible/latest/cli/ansible-galaxy.html) to download Ansible roles. If you don't have `make`, you can also manually run the commands seen in the `Makefile`. ## Playbook tags introduction diff --git a/docs/prerequisites.md b/docs/prerequisites.md index 74954648..c0a90640 100644 --- a/docs/prerequisites.md +++ b/docs/prerequisites.md @@ -22,6 +22,8 @@ If your distro runs within an [LXC container](https://linuxcontainers.org/), you - [`git`](https://git-scm.com/) is the recommended way to download the playbook to your computer. `git` may also be required on the server if you will be [self-building](self-building.md) components. +- [`make`](https://www.gnu.org/software/make/) for running `make roles`, etc. (see [`Makefile`](../Makefile)), although you can also run these commands manually (without `make`) + - An HTTPS-capable web server at the base domain name (``) which is capable of serving static files. Unless you decide to [Serve the base domain from the Matrix server](configuring-playbook-base-domain-serving.md) or alternatively, to use DNS SRV records for [Server Delegation](howto-server-delegation.md). - Properly configured DNS records for `` (details in [Configuring DNS](configuring-dns.md)). From a9e2607d80e612339e143bc59f817ee6e9d3b104 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 5 Nov 2022 07:29:47 +0200 Subject: [PATCH 540/562] Fix yaml[comments-indentation] in workers config and remove automation --- .../files/workers-doc-to-yaml.awk | 145 ------- .../files/workers-doc-to-yaml.sh | 7 - roles/custom/matrix-synapse/vars/main.yml | 361 +----------------- 3 files changed, 4 insertions(+), 509 deletions(-) delete mode 100755 roles/custom/matrix-synapse/files/workers-doc-to-yaml.awk delete mode 100755 roles/custom/matrix-synapse/files/workers-doc-to-yaml.sh diff --git a/roles/custom/matrix-synapse/files/workers-doc-to-yaml.awk b/roles/custom/matrix-synapse/files/workers-doc-to-yaml.awk deleted file mode 100755 index 1911690f..00000000 --- a/roles/custom/matrix-synapse/files/workers-doc-to-yaml.awk +++ /dev/null @@ -1,145 +0,0 @@ -#!/usr/bin/awk -# Hackish approach to get a machine-readable list of current matrix -# synapse REST API endpoints from the official documentation at -# https://github.com/matrix-org/synapse/raw/master/docs/workers.md -# -# invoke in shell with: -# URL=https://github.com/matrix-org/synapse/raw/master/docs/workers.md -# curl -L ${URL} | awk -f workers-doc-to-yaml.awk - - -function worker_stanza_append(string) { - worker_stanza = worker_stanza string -} - -function line_is_endpoint_url(line) { - # probably API endpoint if it starts with white-space and ^ or / - return (line ~ /^ +[\^\/].*\//) -} - -# Put YAML marker at beginning of file. -BEGIN { - endpoint_conditional_comment = " # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually\n" -} - -# Enable further processing after the introductory text. -# Read each synapse worker section as record and its lines as fields. -/Available worker applications/ { - enable_parsing = 1 - # set record separator to markdown section header - RS = "\n### " - # set field separator to newline - FS = "\n" -} - -# Once parsing is active, this will process each section as record. -enable_parsing { - # Each worker section starts with a synapse.app.X headline - if ($1 ~ /synapse\.app\./) { - - # get rid of the backticks and extract worker type from headline - gsub("`", "", $1) - gsub("synapse.app.", "", $1) - worker_type = $1 - - # initialize empty worker stanza - worker_stanza = "" - - # track if any endpoints are mentioned in a specific section - worker_has_urls = 0 - - # some endpoint descriptions contain flag terms - endpoints_seem_conditional = 0 - - # also, collect a list of available workers - workers = (workers ? workers "\n" : "") " - " worker_type - - # loop through the lines (2 - number of fields in record) - for (i = 2; i < NF + 1; i++) { - # copy line for gsub replacements - line = $i - - # end all lines but the last with a linefeed - linefeed = (i < NF - 1) ? "\n" : "" - - # line starts with white-space and a hash: endpoint block headline - if (line ~ /^ +#/) { - - # copy to output verbatim, normalizing white-space - gsub(/^ +/, "", line) - worker_stanza_append(" " line linefeed) - - } else if (line_is_endpoint_url(line)) { - - # mark section for special output formatting - worker_has_urls = 1 - - # remove leading white-space - gsub(/^ +/, "", line) - api_endpoint_regex = line - - # FIXME: https://github.com/matrix-org/synapse/issues/new - # munge inconsistent media_repository endpoint notation - if (api_endpoint_regex == "/_matrix/media/") { - api_endpoint_regex = "^" line - } - - # FIXME: https://github.com/matrix-org/synapse/issues/7530 - # https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/456#issuecomment-719015911 - if (api_endpoint_regex == "^/_matrix/client/(r0|v3|unstable)/auth/.*/fallback/web$") { - worker_stanza_append(" # FIXME: possible bug with SSO and multiple generic workers\n") - worker_stanza_append(" # see https://github.com/matrix-org/synapse/issues/7530\n") - worker_stanza_append(" # " api_endpoint_regex linefeed) - continue - } - - # disable endpoints which specify complications - if (endpoints_seem_conditional) { - # only add notice if previous line didn't match - if (!line_is_endpoint_url($(i - 1))) { - worker_stanza_append(endpoint_conditional_comment) - } - worker_stanza_append(" # " api_endpoint_regex linefeed) - } else { - # output endpoint regex - worker_stanza_append(" - " api_endpoint_regex linefeed) - } - - # white-space only line? - } else if (line ~ /^ *$/) { - - if (i > 3 && i < NF) { - # print white-space lines unless 1st or last line in section - worker_stanza_append(line linefeed) - } - - # nothing of the above: the line is regular documentation text - } else { - - # include this text line as comment - worker_stanza_append(" # " line linefeed) - - # and take note of words hinting at additional conditions to be met - if (line ~ /(^[Ii]f|care must be taken|can be handled for)/) { - endpoints_seem_conditional = 1 - } - } - } - - if (worker_has_urls) { - print "\nmatrix_synapse_workers_" worker_type "_endpoints:" - print worker_stanza - } else { - # include workers without endpoints as well for reference - print "\n# " worker_type " worker (no API endpoints) [" - print worker_stanza - print "# ]" - } - } -} - -END { - print "\nmatrix_synapse_workers_avail_list:" - print workers | "sort" -} - -# vim: tabstop=4 shiftwidth=4 expandtab autoindent diff --git a/roles/custom/matrix-synapse/files/workers-doc-to-yaml.sh b/roles/custom/matrix-synapse/files/workers-doc-to-yaml.sh deleted file mode 100755 index 50a526bc..00000000 --- a/roles/custom/matrix-synapse/files/workers-doc-to-yaml.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/sh -# Fetch the synapse worker documentation and extract endpoint URLs -# matrix-org/synapse master branch points to current stable release -# and put it between `workers:start` and `workers:end` tokens in ../vars/main.yml - -snippet="$(curl -L https://github.com/matrix-org/synapse/raw/master/docs/workers.md | awk -f workers-doc-to-yaml.awk)" -awk -v snippet="$snippet" -i inplace '/workers:start/{f=1;print;print snippet}/workers:end/{f=0}!f' ../vars/main.yml diff --git a/roles/custom/matrix-synapse/vars/main.yml b/roles/custom/matrix-synapse/vars/main.yml index d2f45126..69c0ce46 100644 --- a/roles/custom/matrix-synapse/vars/main.yml +++ b/roles/custom/matrix-synapse/vars/main.yml @@ -111,16 +111,12 @@ matrix_synapse_known_worker_types: | matrix_synapse_known_instance_map_eligible_worker_types: - stream_writer -# the following section contains semi-automatic generated content +# The following section contains content that had previously been generated by a script (`workers-doc-to-yaml.awk`) processing https://github.com/matrix-org/synapse/raw/master/docs/workers.md, +# but is now maintained manually due to: +# - the script being tripped up by the content and generating somewhat inaccurate definitions, which had to be fixed up manually. +# - the script being complicated and unmaintainable ### workers:start - matrix_synapse_workers_generic_worker_endpoints: - # This worker can handle API requests matching the following regular expressions. - # These endpoints can be routed to any worker. If a worker is set up to handle a - # stream then, for maximum efficiency, additional endpoints should be routed to that - # worker: refer to the [stream writers](#stream-writers) section below for further - # information. - # Sync requests - ^/_matrix/client/(r0|v3)/sync$ - ^/_matrix/client/(api/v1|r0|v3)/events$ @@ -191,317 +187,6 @@ matrix_synapse_workers_generic_worker_endpoints: - ^/_matrix/client/(api/v1|r0|v3|unstable)/join/ - ^/_matrix/client/(api/v1|r0|v3|unstable)/profile/ -# These appear to be conditional and should not be enabled by default. -# We need to fix up our workers-doc-to-yaml.awk parsing script to exclude them. -# For now, they've been commented out manually. -# # Account data requests -# - ^/_matrix/client/(r0|v3|unstable)/.*/tags -# - ^/_matrix/client/(r0|v3|unstable)/.*/account_data -# -# # Receipts requests -# - ^/_matrix/client/(r0|v3|unstable)/rooms/.*/receipt -# - ^/_matrix/client/(r0|v3|unstable)/rooms/.*/read_markers -# -# # Presence requests -# - ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/ - - # User directory search requests - # Any worker can handle these, but we have a dedicated user_dir worker for this, - # so we'd like for other generic workers to not try and capture these requests. - # - ^/_matrix/client/(r0|v3|unstable)/user_directory/search$ - - # Additionally, the following REST endpoints can be handled for GET requests: - - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(api/v1|r0|v3|unstable)/pushrules/ - - # Pagination requests can also be handled, but all requests for a given - # room must be routed to the same instance. Additionally, care must be taken to - # ensure that the purge history admin API is not used while pagination requests - # for the room are in flight: - - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/messages$ - - # Additionally, the following endpoints should be included if Synapse is configured - # to use SSO (you only need to include the ones for whichever SSO provider you're - # using): - - # for all SSO providers - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(api/v1|r0|v3|unstable)/login/sso/redirect - # ^/_synapse/client/pick_idp$ - # ^/_synapse/client/pick_username - # ^/_synapse/client/new_user_consent$ - # ^/_synapse/client/sso_register$ - - # OpenID Connect requests. - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_synapse/client/oidc/callback$ - - # SAML requests. - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_synapse/client/saml2/authn_response$ - - # CAS requests. - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(api/v1|r0|v3|unstable)/login/cas/ticket$ - - # Ensure that all SSO logins go to a single process. - # For multiple workers not handling the SSO endpoints properly, see - # [#7530](https://github.com/matrix-org/synapse/issues/7530) and - # [#9427](https://github.com/matrix-org/synapse/issues/9427). - - # Note that a [HTTP listener](usage/configuration/config_documentation.md#listeners) - # with `client` and `federation` `resources` must be configured in the `worker_listeners` - # option in the worker config. - - # #### Load balancing - - # It is possible to run multiple instances of this worker app, with incoming requests - # being load-balanced between them by the reverse-proxy. However, different endpoints - # have different characteristics and so admins - # may wish to run multiple groups of workers handling different endpoints so that - # load balancing can be done in different ways. - - # For `/sync` and `/initialSync` requests it will be more efficient if all - # requests from a particular user are routed to a single instance. Extracting a - # user ID from the access token or `Authorization` header is currently left as an - # exercise for the reader. Admins may additionally wish to separate out `/sync` - # requests that have a `since` query parameter from those that don't (and - # `/initialSync`), as requests that don't are known as "initial sync" that happens - # when a user logs in on a new device and can be *very* resource intensive, so - # isolating these requests will stop them from interfering with other users ongoing - # syncs. - - # Federation and client requests can be balanced via simple round robin. - - # The inbound federation transaction request `^/_matrix/federation/v1/send/` - # should be balanced by source IP so that transactions from the same remote server - # go to the same process. - - # Registration/login requests can be handled separately purely to help ensure that - # unexpected load doesn't affect new logins and sign ups. - - # Finally, event sending requests can be balanced by the room ID in the URI (or - # the full URI, or even just round robin), the room ID is the path component after - # `/rooms/`. If there is a large bridge connected that is sending or may send lots - # of events, then a dedicated set of workers can be provisioned to limit the - # effects of bursts of events from that bridge on events sent by normal users. - - # #### Stream writers - - # Additionally, the writing of specific streams (such as events) can be moved off - # of the main process to a particular worker. - - # To enable this, the worker must have a - # [HTTP `replication` listener](usage/configuration/config_documentation.md#listeners) configured, - # have a `worker_name` and be listed in the `instance_map` config. The same worker - # can handle multiple streams, but unless otherwise documented, each stream can only - # have a single writer. - - # For example, to move event persistence off to a dedicated worker, the shared - # configuration would include: - - # ```yaml - # instance_map: - # event_persister1: - # host: localhost - # port: 8034 - - # stream_writers: - # events: event_persister1 - # ``` - - # An example for a stream writer instance: - - # ```yaml - # {{#include systemd-with-workers/workers/event_persister.yaml}} - # ``` - - # Some of the streams have associated endpoints which, for maximum efficiency, should - # be routed to the workers handling that stream. See below for the currently supported - # streams and the endpoints associated with them: - - # ##### The `events` stream - - # The `events` stream experimentally supports having multiple writers, where work - # is sharded between them by room ID. Note that you *must* restart all worker - # instances when adding or removing event persisters. An example `stream_writers` - # configuration with multiple writers: - - # ```yaml - # stream_writers: - # events: - # - event_persister1 - # - event_persister2 - # ``` - - # ##### The `typing` stream - - # The following endpoints should be routed directly to the worker configured as - # the stream writer for the `typing` stream: - - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/typing - - # ##### The `to_device` stream - - # The following endpoints should be routed directly to the worker configured as - # the stream writer for the `to_device` stream: - - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(r0|v3|unstable)/sendToDevice/ - - # ##### The `account_data` stream - - # The following endpoints should be routed directly to the worker configured as - # the stream writer for the `account_data` stream: - - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(r0|v3|unstable)/.*/tags - # ^/_matrix/client/(r0|v3|unstable)/.*/account_data - - # ##### The `receipts` stream - - # The following endpoints should be routed directly to the worker configured as - # the stream writer for the `receipts` stream: - - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(r0|v3|unstable)/rooms/.*/receipt - # ^/_matrix/client/(r0|v3|unstable)/rooms/.*/read_markers - - # ##### The `presence` stream - - # The following endpoints should be routed directly to the worker configured as - # the stream writer for the `presence` stream: - - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/ - - # #### Background tasks - - # There is also support for moving background tasks to a separate - # worker. Background tasks are run periodically or started via replication. Exactly - # which tasks are configured to run depends on your Synapse configuration (e.g. if - # stats is enabled). This worker doesn't handle any REST endpoints itself. - - # To enable this, the worker must have a `worker_name` and can be configured to run - # background tasks. For example, to move background tasks to a dedicated worker, - # the shared configuration would include: - - # ```yaml - # run_background_tasks_on: background_worker - # ``` - - # You might also wish to investigate the `update_user_directory_from_worker` and - # `media_instance_running_background_jobs` settings. - - # An example for a dedicated background worker instance: - - # ```yaml - # {{#include systemd-with-workers/workers/background_worker.yaml}} - # ``` - - # #### Updating the User Directory - - # You can designate one generic worker to update the user directory. - - # Specify its name in the shared configuration as follows: - - # ```yaml - # update_user_directory_from_worker: worker_name - # ``` - - # This work cannot be load-balanced; please ensure the main process is restarted - # after setting this option in the shared configuration! - - # User directory updates allow REST endpoints matching the following regular - # expressions to work: - - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(r0|v3|unstable)/user_directory/search$ - - # The above endpoints can be routed to any worker, though you may choose to route - # it to the chosen user directory worker. - - # This style of configuration supersedes the legacy `synapse.app.user_dir` - # worker application type. - - - # #### Notifying Application Services - - # You can designate one generic worker to send output traffic to Application Services. - # Doesn't handle any REST endpoints itself, but you should specify its name in the - # shared configuration as follows: - - # ```yaml - # notify_appservices_from_worker: worker_name - # ``` - - # This work cannot be load-balanced; please ensure the main process is restarted - # after setting this option in the shared configuration! - - # This style of configuration supersedes the legacy `synapse.app.appservice` - # worker application type. - - -# pusher worker (no API endpoints) [ - # Handles sending push notifications to sygnal and email. Doesn't handle any - # REST endpoints itself, but you should set `start_pushers: False` in the - # shared configuration file to stop the main synapse sending push notifications. - - # To run multiple instances at once the `pusher_instances` option should list all - # pusher instances by their worker name, e.g.: - - # ```yaml - # pusher_instances: - # - pusher_worker1 - # - pusher_worker2 - # ``` - - # An example for a pusher instance: - - # ```yaml - # {{#include systemd-with-workers/workers/pusher_worker.yaml}} - # ``` - -# ] - -# appservice worker (no API endpoints) [ - # **Deprecated as of Synapse v1.59.** [Use `synapse.app.generic_worker` with the - # `notify_appservices_from_worker` option instead.](#notifying-application-services) - - # Handles sending output traffic to Application Services. Doesn't handle any - # REST endpoints itself, but you should set `notify_appservices: False` in the - # shared configuration file to stop the main synapse sending appservice notifications. - - # Note this worker cannot be load-balanced: only one instance should be active. - -# ] - -# federation_sender worker (no API endpoints) [ - # Handles sending federation traffic to other servers. Doesn't handle any - # REST endpoints itself, but you should set `send_federation: False` in the - # shared configuration file to stop the main synapse sending this traffic. - - # If running multiple federation senders then you must list each - # instance in the `federation_sender_instances` option by their `worker_name`. - # All instances must be stopped and started when adding or removing instances. - # For example: - - # ```yaml - # federation_sender_instances: - # - federation_sender1 - # - federation_sender2 - # ``` - - # An example for a federation sender instance: - - # ```yaml - # {{#include systemd-with-workers/workers/federation_sender.yaml}} - # ``` -# ] matrix_synapse_workers_media_repository_endpoints: # Handles the media repository. It can handle all endpoints starting with: @@ -517,50 +202,12 @@ matrix_synapse_workers_media_repository_endpoints: - ^/_synapse/admin/v1/quarantine_media/.*$ - ^/_synapse/admin/v1/users/.*/media$ - # You should also set `enable_media_repo: False` in the shared configuration - # file to stop the main synapse running background jobs related to managing the - # media repository. Note that doing so will prevent the main process from being - # able to handle the above endpoints. - - # In the `media_repository` worker configuration file, configure the - # [HTTP listener](usage/configuration/config_documentation.md#listeners) to - # expose the `media` resource. For example: - - # ```yaml - # {{#include systemd-with-workers/workers/media_worker.yaml}} - # ``` - - # Note that if running multiple media repositories they must be on the same server - # and you must configure a single instance to run the background tasks, e.g.: - - # ```yaml - # media_instance_running_background_jobs: "media-repository-1" - # ``` - - # Note that if a reverse proxy is used , then `/_matrix/media/` must be routed for both inbound client and federation requests (if they are handled separately). - matrix_synapse_workers_user_dir_endpoints: - # **Deprecated as of Synapse v1.59.** [Use `synapse.app.generic_worker` with the - # `update_user_directory_from_worker` option instead.](#updating-the-user-directory) - # Handles searches in the user directory. It can handle REST endpoints matching # the following regular expressions: - ^/_matrix/client/(r0|v3|unstable)/user_directory/search$ - # When using this worker you must also set `update_user_directory: false` in the - # shared configuration file to stop the main synapse running background - # jobs related to updating the user directory. - - # Above endpoint is not *required* to be routed to this worker. By default, - # `update_user_directory` is set to `true`, which means the main process - # will handle updates. All workers configured with `client` can handle the above - # endpoint as long as either this worker or the main process are configured to - # handle it, and are online. - - # If `update_user_directory` is set to `false`, and this worker is not running, - # the above endpoint may give outdated results. - matrix_synapse_workers_avail_list: - appservice - federation_sender From 6c524302d6a0ae646da05b7a2e39abdd2390bbef Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 5 Nov 2022 07:40:56 +0200 Subject: [PATCH 541/562] Add intentionally-ignored-endpoints to intentionally-ignored-endpoints for completeness --- roles/custom/matrix-synapse/vars/main.yml | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/roles/custom/matrix-synapse/vars/main.yml b/roles/custom/matrix-synapse/vars/main.yml index 69c0ce46..4da28410 100644 --- a/roles/custom/matrix-synapse/vars/main.yml +++ b/roles/custom/matrix-synapse/vars/main.yml @@ -187,6 +187,29 @@ matrix_synapse_workers_generic_worker_endpoints: - ^/_matrix/client/(api/v1|r0|v3|unstable)/join/ - ^/_matrix/client/(api/v1|r0|v3|unstable)/profile/ + # Start of intentionally-ignored-endpoints + # + # We ignore these below, because they're better sent to dedicated workers (various stream writers). + # If a stream writer is enabled, the endpoint should be routed to the stream writer, not to a generic worker. + # If a stream writer of a given type is not enabled, then a generic worker may process it. + # Because it's difficult to handle these individually based on which stream writer is enabled and which isn't, + # we just disable them here. + # + # # Account data requests + # - ^/_matrix/client/(r0|v3|unstable)/.*/tags + # - ^/_matrix/client/(r0|v3|unstable)/.*/account_data + # + # # Receipts requests + # - ^/_matrix/client/(r0|v3|unstable)/rooms/.*/receipt + # - ^/_matrix/client/(r0|v3|unstable)/rooms/.*/read_markers + # + # # Presence requests + # - ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/ + # + # # User directory search requests + # - ^/_matrix/client/(r0|v3|unstable)/user_directory/search$ + # End of intentionally-ignored-endpoints + matrix_synapse_workers_media_repository_endpoints: # Handles the media repository. It can handle all endpoints starting with: From c1c152f7acb931021acb3854a070958ca636c540 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 5 Nov 2022 08:31:22 +0200 Subject: [PATCH 542/562] Include potentially distro-specific tasks at runtime This avoids Ansible trying to ensure `community.general.pacman` is available, even if that module will never run (because `when` says so). Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2228 --- .../tasks/util/ensure_fuse_installed.yml | 21 +++++-------------- .../util/ensure_fuse_installed_archlinux.yml | 6 ++++++ .../util/ensure_fuse_installed_debian.yml | 6 ++++++ .../util/ensure_fuse_installed_redhat.yml | 6 ++++++ .../tasks/util/ensure_openssl_installed.yml | 21 +++++-------------- .../ensure_openssl_installed_archlinux.yml | 6 ++++++ .../util/ensure_openssl_installed_debian.yml | 6 ++++++ .../util/ensure_openssl_installed_redhat.yml | 6 ++++++ 8 files changed, 46 insertions(+), 32 deletions(-) create mode 100644 roles/custom/matrix-base/tasks/util/ensure_fuse_installed_archlinux.yml create mode 100644 roles/custom/matrix-base/tasks/util/ensure_fuse_installed_debian.yml create mode 100644 roles/custom/matrix-base/tasks/util/ensure_fuse_installed_redhat.yml create mode 100644 roles/custom/matrix-base/tasks/util/ensure_openssl_installed_archlinux.yml create mode 100644 roles/custom/matrix-base/tasks/util/ensure_openssl_installed_debian.yml create mode 100644 roles/custom/matrix-base/tasks/util/ensure_openssl_installed_redhat.yml diff --git a/roles/custom/matrix-base/tasks/util/ensure_fuse_installed.yml b/roles/custom/matrix-base/tasks/util/ensure_fuse_installed.yml index 240a5c62..a23c77e1 100644 --- a/roles/custom/matrix-base/tasks/util/ensure_fuse_installed.yml +++ b/roles/custom/matrix-base/tasks/util/ensure_fuse_installed.yml @@ -1,23 +1,12 @@ --- + # This is for both RedHat 7 and 8 -- name: Ensure fuse installed (RedHat) - ansible.builtin.yum: - name: - - fuse - state: present +- ansible.builtin.include_tasks: "{{ role_path }}/tasks/util/ensure_fuse_installed_redhat.yml" when: ansible_os_family == 'RedHat' # This is for both Debian and Raspbian -- name: Ensure fuse installed (Debian/Raspbian) - ansible.builtin.apt: - name: - - fuse - state: present +- ansible.builtin.include_tasks: "{{ role_path }}/tasks/util/ensure_fuse_installed_debian.yml" when: ansible_os_family == 'Debian' -- name: Ensure fuse installed (Archlinux) - community.general.pacman: - name: - - fuse3 - state: present - when: ansible_distribution == 'Archlinux' +- ansible.builtin.include_tasks: "{{ role_path }}/tasks/util/ensure_fuse_installed_archlinux.yml" + when: ansible_os_family == 'Archlinux' diff --git a/roles/custom/matrix-base/tasks/util/ensure_fuse_installed_archlinux.yml b/roles/custom/matrix-base/tasks/util/ensure_fuse_installed_archlinux.yml new file mode 100644 index 00000000..676543d8 --- /dev/null +++ b/roles/custom/matrix-base/tasks/util/ensure_fuse_installed_archlinux.yml @@ -0,0 +1,6 @@ +--- + +- name: Ensure fuse installed (Archlinux) + community.general.pacman: + name: fuse3 + state: present diff --git a/roles/custom/matrix-base/tasks/util/ensure_fuse_installed_debian.yml b/roles/custom/matrix-base/tasks/util/ensure_fuse_installed_debian.yml new file mode 100644 index 00000000..b9491eb4 --- /dev/null +++ b/roles/custom/matrix-base/tasks/util/ensure_fuse_installed_debian.yml @@ -0,0 +1,6 @@ +--- + +- name: Ensure fuse installed (Debian/Raspbian) + ansible.builtin.apt: + name: fuse + state: present diff --git a/roles/custom/matrix-base/tasks/util/ensure_fuse_installed_redhat.yml b/roles/custom/matrix-base/tasks/util/ensure_fuse_installed_redhat.yml new file mode 100644 index 00000000..878fb568 --- /dev/null +++ b/roles/custom/matrix-base/tasks/util/ensure_fuse_installed_redhat.yml @@ -0,0 +1,6 @@ +--- + +- name: Ensure fuse installed (RedHat) + ansible.builtin.yum: + name: fuse + state: present diff --git a/roles/custom/matrix-base/tasks/util/ensure_openssl_installed.yml b/roles/custom/matrix-base/tasks/util/ensure_openssl_installed.yml index a5bdf21a..a3b73d68 100644 --- a/roles/custom/matrix-base/tasks/util/ensure_openssl_installed.yml +++ b/roles/custom/matrix-base/tasks/util/ensure_openssl_installed.yml @@ -1,23 +1,12 @@ --- + # This is for both RedHat 7 and 8 -- name: Ensure openssl installed (RedHat) - ansible.builtin.yum: - name: - - openssl - state: present +- ansible.builtin.include_tasks: "{{ role_path }}/tasks/util/ensure_openssl_installed_redhat.yml" when: ansible_os_family == 'RedHat' # This is for both Debian and Raspbian -- name: Ensure openssl installed (Debian/Raspbian) - ansible.builtin.apt: - name: - - openssl - state: present +- ansible.builtin.include_tasks: "{{ role_path }}/tasks/util/ensure_openssl_installed_debian.yml" when: ansible_os_family == 'Debian' -- name: Ensure openssl installed (Archlinux) - community.general.pacman: - name: - - openssl - state: present - when: ansible_distribution == 'Archlinux' +- ansible.builtin.include_tasks: "{{ role_path }}/tasks/util/ensure_openssl_installed_archlinux.yml" + when: ansible_os_family == 'Archlinux' diff --git a/roles/custom/matrix-base/tasks/util/ensure_openssl_installed_archlinux.yml b/roles/custom/matrix-base/tasks/util/ensure_openssl_installed_archlinux.yml new file mode 100644 index 00000000..ce70c562 --- /dev/null +++ b/roles/custom/matrix-base/tasks/util/ensure_openssl_installed_archlinux.yml @@ -0,0 +1,6 @@ +--- + +- name: Ensure openssl installed (Archlinux) + community.general.pacman: + name: openssl + state: present diff --git a/roles/custom/matrix-base/tasks/util/ensure_openssl_installed_debian.yml b/roles/custom/matrix-base/tasks/util/ensure_openssl_installed_debian.yml new file mode 100644 index 00000000..18f1cb95 --- /dev/null +++ b/roles/custom/matrix-base/tasks/util/ensure_openssl_installed_debian.yml @@ -0,0 +1,6 @@ +--- + +- name: Ensure openssl installed (Debian/Raspbian) + ansible.builtin.apt: + name: openssl + state: present diff --git a/roles/custom/matrix-base/tasks/util/ensure_openssl_installed_redhat.yml b/roles/custom/matrix-base/tasks/util/ensure_openssl_installed_redhat.yml new file mode 100644 index 00000000..b8809cf5 --- /dev/null +++ b/roles/custom/matrix-base/tasks/util/ensure_openssl_installed_redhat.yml @@ -0,0 +1,6 @@ +--- + +- name: Ensure openssl installed (RedHat) + ansible.builtin.yum: + name: openssl + state: present From 06eb186729c7d53a5627e2463f3f7a38cdc67664 Mon Sep 17 00:00:00 2001 From: Aine Date: Sat, 5 Nov 2022 09:17:47 +0200 Subject: [PATCH 543/562] add matrix_etherpad_mode --- docs/configuring-playbook-etherpad.md | 8 ++++++-- group_vars/matrix_servers | 8 ++++---- roles/custom/matrix-etherpad/defaults/main.yml | 8 ++++++-- roles/custom/matrix-etherpad/tasks/init.yml | 12 +----------- 4 files changed, 17 insertions(+), 19 deletions(-) diff --git a/docs/configuring-playbook-etherpad.md b/docs/configuring-playbook-etherpad.md index 3214d861..4c5df6fa 100644 --- a/docs/configuring-playbook-etherpad.md +++ b/docs/configuring-playbook-etherpad.md @@ -38,14 +38,18 @@ Then from the plugin manager page (`https://etherpad./admin/plugins ## Set Dimension default to the self-hosted Etherpad (optional) If you decided to install [Dimension integration manager](configuring-playbook-dimension.md) alongside with Etherpad, -the Dimension administrator users can configure the default URL template. The Dimension configuration menu can be accessed with the sprocket icon as you begin to add a widget to a room in Element. There you will find the Etherpad Widget Configuration action beneath the _Widgets_ tab. Replace `scalar.vector.im` with your own Dimension domain. +the Dimension administrator users can configure the default URL template. The Dimension configuration menu can be accessed with the sprocket icon as you begin to add a widget to a room in Element. There you will find the Etherpad Widget Configuration action beneath the _Widgets_ tab. Replace `scalar.vector.im` with your own Dimension domain and add the following to your vars.yml: + +```yaml +matrix_etherpad_mode: dimension +``` ### Removing the integrated Etherpad chat If you wish to disable the Etherpad chat button, you can do it by appending `?showChat=false` to the end of the pad URL, or the template. Example: `https://dimension./etherpad/p/$roomId_$padName?showChat=false` -## Known issues +### Known issues If your Etherpad widget fails to load, this might be due to Dimension generating a Pad name so long, the Etherpad app rejects it. `$roomId_$padName` can end up being longer than 50 characters. You can avoid having this problem by altering the template so it only contains the three word random identifier `$padName`. diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index fcdff5ac..7df71247 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1526,7 +1526,7 @@ matrix_etherpad_enabled: false matrix_etherpad_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:9001' }}" -matrix_etherpad_base_url: "{{ 'https://'+ matrix_server_fqn_dimension + matrix_etherpad_public_endpoint if matrix_dimension_enabled else 'https://' + matrix_server_fqn_etherpad + '/' }}" +matrix_etherpad_base_url: "{{ 'https://'+ matrix_server_fqn_dimension + matrix_etherpad_public_endpoint if matrix_etherpad_mode == 'dimension' else 'https://' + matrix_server_fqn_etherpad + '/' }}" matrix_etherpad_systemd_required_services_list: | {{ @@ -1752,7 +1752,7 @@ matrix_nginx_proxy_proxy_hydrogen_enabled: "{{ matrix_client_hydrogen_enabled }} matrix_nginx_proxy_proxy_cinny_enabled: "{{ matrix_client_cinny_enabled }}" matrix_nginx_proxy_proxy_buscarron_enabled: "{{ matrix_bot_buscarron_enabled }}" matrix_nginx_proxy_proxy_dimension_enabled: "{{ matrix_dimension_enabled }}" -matrix_nginx_proxy_proxy_etherpad_enabled: "{{ matrix_etherpad_enabled }}" +matrix_nginx_proxy_proxy_etherpad_enabled: "{{ matrix_etherpad_enabled and matrix_etherpad_mode == 'standalone' }}" matrix_nginx_proxy_proxy_bot_go_neb_enabled: "{{ matrix_bot_go_neb_enabled }}" matrix_nginx_proxy_proxy_jitsi_enabled: "{{ matrix_jitsi_enabled }}" matrix_nginx_proxy_proxy_grafana_enabled: "{{ matrix_grafana_enabled }}" @@ -1859,7 +1859,7 @@ matrix_nginx_proxy_systemd_wanted_services_list: | + (['matrix-bot-go-neb.service'] if matrix_bot_go_neb_enabled else []) + - (['matrix-etherpad.service'] if matrix_etherpad_enabled and matrix_dimension_enabled else []) + (['matrix-etherpad.service'] if matrix_etherpad_enabled else []) + (['matrix-hookshot.service'] if matrix_hookshot_enabled else []) }} @@ -1880,7 +1880,7 @@ matrix_ssl_domains_to_obtain_certificates_for: | + ([matrix_server_fqn_dimension] if matrix_dimension_enabled else []) + - ([matrix_server_fqn_etherpad] if (matrix_etherpad_enabled and not matrix_dimension_enabled) else []) + ([matrix_server_fqn_etherpad] if (matrix_etherpad_enabled and matrix_etherpad_mode == 'standalone') else []) + ([matrix_server_fqn_bot_go_neb] if matrix_bot_go_neb_enabled else []) + diff --git a/roles/custom/matrix-etherpad/defaults/main.yml b/roles/custom/matrix-etherpad/defaults/main.yml index 35d24090..2a8d24e8 100644 --- a/roles/custom/matrix-etherpad/defaults/main.yml +++ b/roles/custom/matrix-etherpad/defaults/main.yml @@ -3,6 +3,10 @@ matrix_etherpad_enabled: false +# standalone = etherpad installed on subdomain (etherpad.DOMAIN) and can be used as-is +# dimension = etherpad installed in subdir of dimension (dimension.DOMAIN/etherpad) and can be used with dimension +matrix_etherpad_mode: standalone + matrix_etherpad_base_path: "{{ matrix_base_data_path }}/etherpad" matrix_etherpad_version: 1.8.18 @@ -31,8 +35,8 @@ matrix_etherpad_container_extra_arguments: [] # Used for dimension only matrix_etherpad_public_endpoint: '/etherpad' -# By default, the Etherpad app can be accessed within the Dimension domain -matrix_etherpad_base_url: "https://{{ matrix_server_fqn_dimension }}{{ matrix_etherpad_public_endpoint }}" +# By default, the Etherpad app can be accessed on etherpad subdomain +matrix_etherpad_base_url: "https://{{ matrix_server_fqn_etherpad }}/" # Database-related configuration fields. # diff --git a/roles/custom/matrix-etherpad/tasks/init.yml b/roles/custom/matrix-etherpad/tasks/init.yml index c787548c..d35ed375 100644 --- a/roles/custom/matrix-etherpad/tasks/init.yml +++ b/roles/custom/matrix-etherpad/tasks/init.yml @@ -4,7 +4,7 @@ matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-etherpad.service'] }}" when: matrix_etherpad_enabled | bool -- when: matrix_etherpad_enabled | bool and matrix_dimension_enabled | default(False) | bool +- when: matrix_etherpad_enabled | bool and matrix_etherpad_mode == 'dimension' tags: - always block: @@ -52,13 +52,3 @@ + [matrix_etherpad_matrix_nginx_proxy_configuration] }} - -- name: Warn about reverse-proxying if matrix-nginx-proxy not used - ansible.builtin.debug: - msg: >- - NOTE: You've enabled the Etherpad tool but are not using the matrix-nginx-proxy - reverse proxy. - Please make sure that you're proxying the `{{ matrix_etherpad_public_endpoint }}` - URL endpoint to the matrix-etherpad container. - You can expose the container's port using the `matrix_etherpad_container_http_host_bind_port` variable. - when: "matrix_etherpad_enabled | bool and not matrix_nginx_proxy_enabled | default(False) | bool" From 2473cd655b15791d4942ec2c473fbd9acdb0c508 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 5 Nov 2022 09:15:35 +0200 Subject: [PATCH 544/562] Include ensure_openssl_installed and ensure_fuse_installed utils in a more reliable way This fixes a regression since the change done in c1c152f7acb931021acb3. When another role (say `matrix-jitsi`) included `roles/custom/matrix-base/tasks/util/ensure_openssl_installed.yml`, which then included `{{ role_path }}/tasks/util/ensure_openssl_installed_DISTRO.yml`, that `role_path` variable would end up being the parent role (`matrix-jitsi`) and not the `matrix-base` role, so we'd get a failure. An alternative solution may have been to avoid using `role_path`, but importing roles properly (like we've done in this patch) sounds like a better way. Unfortunately, `import_role` fails if `tasks_from` is something like `util/ensure_openssl_installed` (containing a `/`), so I had to move these utils out of `util/`. Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2228 --- .../matrix-base/tasks/ensure_fuse_installed.yml | 12 ++++++++++++ .../{util => }/ensure_fuse_installed_archlinux.yml | 0 .../{util => }/ensure_fuse_installed_debian.yml | 0 .../{util => }/ensure_fuse_installed_redhat.yml | 0 .../matrix-base/tasks/ensure_openssl_installed.yml | 12 ++++++++++++ .../ensure_openssl_installed_archlinux.yml | 0 .../{util => }/ensure_openssl_installed_debian.yml | 0 .../{util => }/ensure_openssl_installed_redhat.yml | 0 .../matrix-base/tasks/util/ensure_fuse_installed.yml | 12 ------------ .../tasks/util/ensure_openssl_installed.yml | 12 ------------ .../tasks/setup_install.yml | 4 +++- .../matrix-bridge-hookshot/tasks/setup_install.yml | 4 +++- roles/custom/matrix-jitsi/tasks/setup_jitsi_base.yml | 4 +++- .../tasks/ssl/setup_ssl_self_signed.yml | 4 +++- .../matrix-synapse/tasks/goofys/setup_install.yml | 4 +++- 15 files changed, 39 insertions(+), 29 deletions(-) create mode 100644 roles/custom/matrix-base/tasks/ensure_fuse_installed.yml rename roles/custom/matrix-base/tasks/{util => }/ensure_fuse_installed_archlinux.yml (100%) rename roles/custom/matrix-base/tasks/{util => }/ensure_fuse_installed_debian.yml (100%) rename roles/custom/matrix-base/tasks/{util => }/ensure_fuse_installed_redhat.yml (100%) create mode 100644 roles/custom/matrix-base/tasks/ensure_openssl_installed.yml rename roles/custom/matrix-base/tasks/{util => }/ensure_openssl_installed_archlinux.yml (100%) rename roles/custom/matrix-base/tasks/{util => }/ensure_openssl_installed_debian.yml (100%) rename roles/custom/matrix-base/tasks/{util => }/ensure_openssl_installed_redhat.yml (100%) delete mode 100644 roles/custom/matrix-base/tasks/util/ensure_fuse_installed.yml delete mode 100644 roles/custom/matrix-base/tasks/util/ensure_openssl_installed.yml diff --git a/roles/custom/matrix-base/tasks/ensure_fuse_installed.yml b/roles/custom/matrix-base/tasks/ensure_fuse_installed.yml new file mode 100644 index 00000000..8f768bd1 --- /dev/null +++ b/roles/custom/matrix-base/tasks/ensure_fuse_installed.yml @@ -0,0 +1,12 @@ +--- + +# This is for both RedHat 7 and 8 +- ansible.builtin.include_tasks: "{{ role_path }}/tasks/ensure_fuse_installed_redhat.yml" + when: ansible_os_family == 'RedHat' + +# This is for both Debian and Raspbian +- ansible.builtin.include_tasks: "{{ role_path }}/tasks/ensure_fuse_installed_debian.yml" + when: ansible_os_family == 'Debian' + +- ansible.builtin.include_tasks: "{{ role_path }}/tasks/ensure_fuse_installed_archlinux.yml" + when: ansible_os_family == 'Archlinux' diff --git a/roles/custom/matrix-base/tasks/util/ensure_fuse_installed_archlinux.yml b/roles/custom/matrix-base/tasks/ensure_fuse_installed_archlinux.yml similarity index 100% rename from roles/custom/matrix-base/tasks/util/ensure_fuse_installed_archlinux.yml rename to roles/custom/matrix-base/tasks/ensure_fuse_installed_archlinux.yml diff --git a/roles/custom/matrix-base/tasks/util/ensure_fuse_installed_debian.yml b/roles/custom/matrix-base/tasks/ensure_fuse_installed_debian.yml similarity index 100% rename from roles/custom/matrix-base/tasks/util/ensure_fuse_installed_debian.yml rename to roles/custom/matrix-base/tasks/ensure_fuse_installed_debian.yml diff --git a/roles/custom/matrix-base/tasks/util/ensure_fuse_installed_redhat.yml b/roles/custom/matrix-base/tasks/ensure_fuse_installed_redhat.yml similarity index 100% rename from roles/custom/matrix-base/tasks/util/ensure_fuse_installed_redhat.yml rename to roles/custom/matrix-base/tasks/ensure_fuse_installed_redhat.yml diff --git a/roles/custom/matrix-base/tasks/ensure_openssl_installed.yml b/roles/custom/matrix-base/tasks/ensure_openssl_installed.yml new file mode 100644 index 00000000..889531f9 --- /dev/null +++ b/roles/custom/matrix-base/tasks/ensure_openssl_installed.yml @@ -0,0 +1,12 @@ +--- + +# This is for both RedHat 7 and 8 +- ansible.builtin.include_tasks: "{{ role_path }}/tasks/ensure_openssl_installed_redhat.yml" + when: ansible_os_family == 'RedHat' + +# This is for both Debian and Raspbian +- ansible.builtin.include_tasks: "{{ role_path }}/tasks/ensure_openssl_installed_debian.yml" + when: ansible_os_family == 'Debian' + +- ansible.builtin.include_tasks: "{{ role_path }}/tasks/ensure_openssl_installed_archlinux.yml" + when: ansible_os_family == 'Archlinux' diff --git a/roles/custom/matrix-base/tasks/util/ensure_openssl_installed_archlinux.yml b/roles/custom/matrix-base/tasks/ensure_openssl_installed_archlinux.yml similarity index 100% rename from roles/custom/matrix-base/tasks/util/ensure_openssl_installed_archlinux.yml rename to roles/custom/matrix-base/tasks/ensure_openssl_installed_archlinux.yml diff --git a/roles/custom/matrix-base/tasks/util/ensure_openssl_installed_debian.yml b/roles/custom/matrix-base/tasks/ensure_openssl_installed_debian.yml similarity index 100% rename from roles/custom/matrix-base/tasks/util/ensure_openssl_installed_debian.yml rename to roles/custom/matrix-base/tasks/ensure_openssl_installed_debian.yml diff --git a/roles/custom/matrix-base/tasks/util/ensure_openssl_installed_redhat.yml b/roles/custom/matrix-base/tasks/ensure_openssl_installed_redhat.yml similarity index 100% rename from roles/custom/matrix-base/tasks/util/ensure_openssl_installed_redhat.yml rename to roles/custom/matrix-base/tasks/ensure_openssl_installed_redhat.yml diff --git a/roles/custom/matrix-base/tasks/util/ensure_fuse_installed.yml b/roles/custom/matrix-base/tasks/util/ensure_fuse_installed.yml deleted file mode 100644 index a23c77e1..00000000 --- a/roles/custom/matrix-base/tasks/util/ensure_fuse_installed.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- - -# This is for both RedHat 7 and 8 -- ansible.builtin.include_tasks: "{{ role_path }}/tasks/util/ensure_fuse_installed_redhat.yml" - when: ansible_os_family == 'RedHat' - -# This is for both Debian and Raspbian -- ansible.builtin.include_tasks: "{{ role_path }}/tasks/util/ensure_fuse_installed_debian.yml" - when: ansible_os_family == 'Debian' - -- ansible.builtin.include_tasks: "{{ role_path }}/tasks/util/ensure_fuse_installed_archlinux.yml" - when: ansible_os_family == 'Archlinux' diff --git a/roles/custom/matrix-base/tasks/util/ensure_openssl_installed.yml b/roles/custom/matrix-base/tasks/util/ensure_openssl_installed.yml deleted file mode 100644 index a3b73d68..00000000 --- a/roles/custom/matrix-base/tasks/util/ensure_openssl_installed.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- - -# This is for both RedHat 7 and 8 -- ansible.builtin.include_tasks: "{{ role_path }}/tasks/util/ensure_openssl_installed_redhat.yml" - when: ansible_os_family == 'RedHat' - -# This is for both Debian and Raspbian -- ansible.builtin.include_tasks: "{{ role_path }}/tasks/util/ensure_openssl_installed_debian.yml" - when: ansible_os_family == 'Debian' - -- ansible.builtin.include_tasks: "{{ role_path }}/tasks/util/ensure_openssl_installed_archlinux.yml" - when: ansible_os_family == 'Archlinux' diff --git a/roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml index 468dbd7a..32d87408 100644 --- a/roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml @@ -1,6 +1,8 @@ --- -- ansible.builtin.import_tasks: "{{ role_path }}/../matrix-base/tasks/util/ensure_openssl_installed.yml" +- ansible.builtin.import_role: + name: custom/matrix-base + tasks_from: ensure_openssl_installed - name: Ensure Appservice IRC paths exist ansible.builtin.file: diff --git a/roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml b/roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml index 15209d2c..e13af198 100644 --- a/roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml @@ -1,6 +1,8 @@ --- -- ansible.builtin.import_tasks: "{{ role_path }}/../matrix-base/tasks/util/ensure_openssl_installed.yml" +- ansible.builtin.import_role: + name: custom/matrix-base + tasks_from: ensure_openssl_installed - name: Ensure hookshot paths exist ansible.builtin.file: diff --git a/roles/custom/matrix-jitsi/tasks/setup_jitsi_base.yml b/roles/custom/matrix-jitsi/tasks/setup_jitsi_base.yml index a91949e1..c52c1902 100644 --- a/roles/custom/matrix-jitsi/tasks/setup_jitsi_base.yml +++ b/roles/custom/matrix-jitsi/tasks/setup_jitsi_base.yml @@ -1,6 +1,8 @@ --- -- ansible.builtin.import_tasks: "{{ role_path }}/../matrix-base/tasks/util/ensure_openssl_installed.yml" +- ansible.builtin.import_role: + name: custom/matrix-base + tasks_from: ensure_openssl_installed # # Tasks related to setting up jitsi diff --git a/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml b/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml index 918b74db..7ebdec79 100644 --- a/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml +++ b/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml @@ -1,6 +1,8 @@ --- -- ansible.builtin.import_tasks: "{{ role_path }}/../matrix-base/tasks/util/ensure_openssl_installed.yml" +- ansible.builtin.import_role: + name: custom/matrix-base + tasks_from: ensure_openssl_installed when: "matrix_ssl_retrieval_method == 'self-signed'" - name: Generate self-signed certificates diff --git a/roles/custom/matrix-synapse/tasks/goofys/setup_install.yml b/roles/custom/matrix-synapse/tasks/goofys/setup_install.yml index 7eb7e46c..7649beb4 100644 --- a/roles/custom/matrix-synapse/tasks/goofys/setup_install.yml +++ b/roles/custom/matrix-synapse/tasks/goofys/setup_install.yml @@ -1,6 +1,8 @@ --- -- ansible.builtin.import_tasks: "{{ role_path }}/../matrix-base/tasks/util/ensure_fuse_installed.yml" +- ansible.builtin.import_role: + name: custom/matrix-base + tasks_from: ensure_fuse_installed - name: Ensure Goofys Docker image is pulled community.docker.docker_image: From 39e4b419dd62d6c62609d51de32dd40ebabc82a5 Mon Sep 17 00:00:00 2001 From: Aine Date: Sat, 5 Nov 2022 09:29:53 +0200 Subject: [PATCH 545/562] matrix-etherpad: fail when mode is 'dimension', but dimension is disabled --- roles/custom/matrix-etherpad/tasks/main.yml | 12 ++++++------ .../custom/matrix-etherpad/tasks/validate_config.yml | 6 ++++++ 2 files changed, 12 insertions(+), 6 deletions(-) diff --git a/roles/custom/matrix-etherpad/tasks/main.yml b/roles/custom/matrix-etherpad/tasks/main.yml index b1c8ab55..caf0dda5 100644 --- a/roles/custom/matrix-etherpad/tasks/main.yml +++ b/roles/custom/matrix-etherpad/tasks/main.yml @@ -4,6 +4,12 @@ tags: - always +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml" + when: run_setup | bool and matrix_etherpad_enabled | bool + tags: + - setup-all + - setup-etherpad + - ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_install.yml" when: run_setup | bool and matrix_etherpad_enabled | bool tags: @@ -15,9 +21,3 @@ tags: - setup-all - setup-etherpad - -- ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml" - when: run_setup | bool and matrix_etherpad_enabled | bool - tags: - - setup-all - - setup-etherpad diff --git a/roles/custom/matrix-etherpad/tasks/validate_config.yml b/roles/custom/matrix-etherpad/tasks/validate_config.yml index 9832b0b8..10ddc584 100644 --- a/roles/custom/matrix-etherpad/tasks/validate_config.yml +++ b/roles/custom/matrix-etherpad/tasks/validate_config.yml @@ -5,3 +5,9 @@ msg: >- Etherpad requires a dedicated Postgres database. Please enable the built in one, or configure an external DB by redefining "matrix_etherpad_database_hostname" when: matrix_etherpad_database_hostname == "matrix-postgres" and not matrix_postgres_enabled + +- name: Fail if wrong mode selected + ansible.builtin.fail: + msg: >- + You're using Etherpad in 'dimension' mode (`matrix_etherpad_serving_mode: dimension`), which tries to host Etherpad at the Dimension subdomain - `{{ matrix_server_fqn_dimension }}`. However, this isn't possible because Dimension is not enabled. To resolve the problem, either enable Dimension (`matrix_dimension_enabled: true`) or switch Etherpad to standalone mode (`matrix_etherpad_mode: standalone`) and have it served on its own domain (`{{ matrix_server_fqn_etherpad }}`). + when: matrix_etherpad_enabled | bool and matrix_etherpad_mode == 'dimension' and not matrix_dimension_enabled | default(False) | bool From 805b70bfa3f521ff486e3191108e0798fc6676ba Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 5 Nov 2022 11:47:47 +0200 Subject: [PATCH 546/562] Announce standalone Etherpad --- CHANGELOG.md | 15 +++++++ docs/configuring-playbook-etherpad.md | 44 +++++++++++-------- .../custom/matrix-etherpad/defaults/main.yml | 2 +- 3 files changed, 41 insertions(+), 20 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9bd06a8c..bd38e1a9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,18 @@ +# 2022-11-05 + +## (Backward Compatibility Break) A new default standalone mode for Etherpad + +Until now, [Etherpad](https://etherpad.org/) (which [the playbook could install for you](docs/configuring-playbook-etherpad.md)) required the [Dimension integration manager](docs/configuring-playbook-dimension.md) to also be installed, because Etherpad was hosted on the Dimension domain (at `dimension.DOMAIN/etherpad`). + +From now on, Etherpad can be installed in `standalone` mode on `etherpad.DOMAIN` and used even without Dimension. This is much more versatile, so the playbook now defaults to this new mode (`matrix_etherpad_mode: standalone`). + +If you've already got both Etherpad and Dimension in use you could: + +- **either** keep hosting Etherpad under the Dimension domain by adding `matrix_etherpad_mode: dimension` to your `vars.yml` file. All your existing room widgets will continue working at the same URLs and no other changes will be necessary. + +- **or**, you could change to hosting Etherpad separately on `etherpad.DOMAIN`. You will need to [configure a DNS record](docs/configuring-dns.md) for this new domain. You will also need to reconfigure Dimension to use the new pad URLs (`https://etherpad.DOMAIN/...`) going forward (refer to our [configuring Etherpad documentation](docs/configuring-playbook-etherpad.md)). All your existing room widgets (which still use `https://dimension.DOMAIN/etherpad/...`) will break as Etherpad is not hosted there anymore. You will need to re-add them or to consider not using `standalone` mode + + # 2022-11-04 ## The playbook now uses external roles for some things diff --git a/docs/configuring-playbook-etherpad.md b/docs/configuring-playbook-etherpad.md index 4c5df6fa..2ea423ef 100644 --- a/docs/configuring-playbook-etherpad.md +++ b/docs/configuring-playbook-etherpad.md @@ -1,14 +1,20 @@ # Setting up Etherpad (optional) -[Etherpad](https://etherpad.org) is is an open source collaborative text editor that can be embedded in a Matrix chat room using the [Dimension integrations manager](https://dimension.t2bot.io) or used as standalone web app +[Etherpad](https://etherpad.org) is is an open source collaborative text editor that can be embedded in a Matrix chat room using the [Dimension integrations manager](https://dimension.t2bot.io) or used as standalone web app. When enabled together with the Jitsi audio/video conferencing system (see [our docs on Jitsi](configuring-playbook-jitsi.md)), it will be made available as an option during the conferences. + ## Prerequisites -The `etherpad.` DNS record must be created. See [Configuring your DNS server](configuring-dns.md) on how to set up DNS record correctly. +Etherpad can be installed in 2 modes: + +- (default) `standalone` mode (`matrix_etherpad_mode: standalone`) - Etherpad will be hosted on `etherpad.` (`matrix_server_fqn_etherpad`), so the DNS record for this domian must be created. See [Configuring your DNS server](configuring-dns.md) on how to set up the `etherpad` DNS record correctly + +- `dimension` mode (`matrix_etherpad_mode: dimension`) - Etherpad will be hosted on `dimension./etherpad` (`matrix_server_fqn_dimension`). This requires that you **first** configure the **Dimension integrations manager** as described in [the playbook documentation](configuring-playbook-dimension.md) + +We recomend that you go with the default (`standalone`) mode, which makes Etherpad independent and allows it to be used with or without Dimension. -You may enable and configure the **Dimension integrations manager** as described in [the playbook documentation](configuring-playbook-dimension.md) to integrate etherpad with Dimension. ## Installing @@ -16,18 +22,17 @@ You may enable and configure the **Dimension integrations manager** as described ```yaml matrix_etherpad_enabled: true + +# Uncomment below if you'd like to install Etherpad on the Dimension domain (not recommended) +# matrix_etherpad_mode: dimension + +# Uncomment below to enable the admin web UI +# matrix_etherpad_admin_username: admin +# matrix_etherpad_admin_password: some-password ``` -## Etherpad Admin access (optional) +If enabled, the admin web-UI should then be available on `https://etherpad./admin` (or `https://dimension./etherpad/admin`, if `matrix_etherpad_mode: dimension`) -Etherpad comes with a admin web-UI which is disabled by default. You can enable it by setting a username and password in your configuration file (`inventory/host_vars/matrix./vars.yml`): - -```yaml -matrix_etherpad_admin_username: admin -matrix_etherpad_admin_password: some-password -``` - -The admin web-UI should then be available on: `https://dimension./etherpad/admin` ## Managing / Deleting old pads @@ -35,19 +40,20 @@ If you want to manage and remove old unused pads from Etherpad, you will first n Then from the plugin manager page (`https://etherpad./admin/plugins` or `https://dimension./etherpad/admin/plugins`), install the `adminpads2` plugin. Once installed, you should have a "Manage pads" section in the Admin web-UI. + ## Set Dimension default to the self-hosted Etherpad (optional) -If you decided to install [Dimension integration manager](configuring-playbook-dimension.md) alongside with Etherpad, -the Dimension administrator users can configure the default URL template. The Dimension configuration menu can be accessed with the sprocket icon as you begin to add a widget to a room in Element. There you will find the Etherpad Widget Configuration action beneath the _Widgets_ tab. Replace `scalar.vector.im` with your own Dimension domain and add the following to your vars.yml: +If you decided to install [Dimension integration manager](configuring-playbook-dimension.md) alongside Etherpad, the Dimension administrator users can configure the default URL template. +The Dimension configuration menu can be accessed with the sprocket icon as you begin to add a widget to a room in Element. There you will find the Etherpad Widget Configuration action beneath the _Widgets_ tab. -```yaml -matrix_etherpad_mode: dimension -``` ### Removing the integrated Etherpad chat -If you wish to disable the Etherpad chat button, you can do it by appending `?showChat=false` to the end of the pad URL, or the template. -Example: `https://dimension./etherpad/p/$roomId_$padName?showChat=false` +If you wish to disable the Etherpad chat button, you can do it by appending `?showChat=false` to the end of the pad URL, or the template. Examples: +- `https://etherpad./p/$roomId_$padName?showChat=false` (for the default - `matrix_etherpad_mode: standalone`) + +- `https://dimension./etherpad/p/$roomId_$padName?showChat=false` (for `matrix_etherpad_mode: dimension`) + ### Known issues diff --git a/roles/custom/matrix-etherpad/defaults/main.yml b/roles/custom/matrix-etherpad/defaults/main.yml index 2a8d24e8..505c9c4b 100644 --- a/roles/custom/matrix-etherpad/defaults/main.yml +++ b/roles/custom/matrix-etherpad/defaults/main.yml @@ -32,7 +32,7 @@ matrix_etherpad_container_http_host_bind_port: '' # A list of extra arguments to pass to the container matrix_etherpad_container_extra_arguments: [] -# Used for dimension only +# Used only when `matrix_etherpad_mode: dimension` matrix_etherpad_public_endpoint: '/etherpad' # By default, the Etherpad app can be accessed on etherpad subdomain From 5ef70015cbaaaa6ff91651ceb52b19870106463b Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 5 Nov 2022 12:09:32 +0200 Subject: [PATCH 547/562] Ensure git is installed using ansible.builtin.package, not using a distro-specific package manager module Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2228 --- .../ext/mjolnir-antispam/setup_install.yml | 25 +++---------------- .../synapse-simple-antispam/setup_install.yml | 25 +++---------------- 2 files changed, 6 insertions(+), 44 deletions(-) diff --git a/roles/custom/matrix-synapse/tasks/ext/mjolnir-antispam/setup_install.yml b/roles/custom/matrix-synapse/tasks/ext/mjolnir-antispam/setup_install.yml index 117fb757..5d36a234 100644 --- a/roles/custom/matrix-synapse/tasks/ext/mjolnir-antispam/setup_install.yml +++ b/roles/custom/matrix-synapse/tasks/ext/mjolnir-antispam/setup_install.yml @@ -1,28 +1,9 @@ --- -- name: Ensure git installed (RedHat) - ansible.builtin.yum: - name: - - git +- name: Ensure git installed + ansible.builtin.package: + name: git state: present - update_cache: false - when: "ansible_os_family == 'RedHat'" - -- name: Ensure git installed (Debian) - ansible.builtin.apt: - name: - - git - state: present - update_cache: false - when: "ansible_os_family == 'Debian'" - -- name: Ensure git installed (Archlinux) - community.general.pacman: - name: - - git - state: present - update_cache: false - when: "ansible_distribution == 'Archlinux'" - name: Clone mjolnir-antispam git repository ansible.builtin.git: diff --git a/roles/custom/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml b/roles/custom/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml index dd3ff2d3..15fe220a 100644 --- a/roles/custom/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml +++ b/roles/custom/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml @@ -5,29 +5,10 @@ msg: "Synapse Simple Antispam is enabled, but no blocked homeservers have been set in matrix_synapse_ext_spam_checker_synapse_simple_antispam_config_blocked_homeservers" when: "matrix_synapse_ext_spam_checker_synapse_simple_antispam_config_blocked_homeservers | length == 0" -- name: Ensure git installed (RedHat) - ansible.builtin.yum: - name: - - git +- name: Ensure git installed + ansible.builtin.package: + name: git state: present - update_cache: false - when: "ansible_os_family == 'RedHat'" - -- name: Ensure git installed (Debian) - ansible.builtin.apt: - name: - - git - state: present - update_cache: false - when: "ansible_os_family == 'Debian'" - -- name: Ensure git installed (Archlinux) - community.general.pacman: - name: - - git - state: present - update_cache: false - when: "ansible_distribution == 'Archlinux'" - name: Clone synapse-simple-antispam git repository ansible.builtin.git: From 663f0bc5efd51c1fd198c5a87e2f278cbe180756 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 5 Nov 2022 12:10:59 +0200 Subject: [PATCH 548/562] Install openssl using ansible.builtin.package, not using a distro-specific package manager module Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2228 --- .../matrix-base/tasks/ensure_openssl_installed.yml | 14 ++++---------- .../tasks/ensure_openssl_installed_archlinux.yml | 6 ------ .../tasks/ensure_openssl_installed_debian.yml | 6 ------ .../tasks/ensure_openssl_installed_redhat.yml | 6 ------ 4 files changed, 4 insertions(+), 28 deletions(-) delete mode 100644 roles/custom/matrix-base/tasks/ensure_openssl_installed_archlinux.yml delete mode 100644 roles/custom/matrix-base/tasks/ensure_openssl_installed_debian.yml delete mode 100644 roles/custom/matrix-base/tasks/ensure_openssl_installed_redhat.yml diff --git a/roles/custom/matrix-base/tasks/ensure_openssl_installed.yml b/roles/custom/matrix-base/tasks/ensure_openssl_installed.yml index 889531f9..d0cd8ede 100644 --- a/roles/custom/matrix-base/tasks/ensure_openssl_installed.yml +++ b/roles/custom/matrix-base/tasks/ensure_openssl_installed.yml @@ -1,12 +1,6 @@ --- -# This is for both RedHat 7 and 8 -- ansible.builtin.include_tasks: "{{ role_path }}/tasks/ensure_openssl_installed_redhat.yml" - when: ansible_os_family == 'RedHat' - -# This is for both Debian and Raspbian -- ansible.builtin.include_tasks: "{{ role_path }}/tasks/ensure_openssl_installed_debian.yml" - when: ansible_os_family == 'Debian' - -- ansible.builtin.include_tasks: "{{ role_path }}/tasks/ensure_openssl_installed_archlinux.yml" - when: ansible_os_family == 'Archlinux' +- name: Ensure openssl installed + ansible.builtin.package: + name: openssl + state: present diff --git a/roles/custom/matrix-base/tasks/ensure_openssl_installed_archlinux.yml b/roles/custom/matrix-base/tasks/ensure_openssl_installed_archlinux.yml deleted file mode 100644 index ce70c562..00000000 --- a/roles/custom/matrix-base/tasks/ensure_openssl_installed_archlinux.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- - -- name: Ensure openssl installed (Archlinux) - community.general.pacman: - name: openssl - state: present diff --git a/roles/custom/matrix-base/tasks/ensure_openssl_installed_debian.yml b/roles/custom/matrix-base/tasks/ensure_openssl_installed_debian.yml deleted file mode 100644 index 18f1cb95..00000000 --- a/roles/custom/matrix-base/tasks/ensure_openssl_installed_debian.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- - -- name: Ensure openssl installed (Debian/Raspbian) - ansible.builtin.apt: - name: openssl - state: present diff --git a/roles/custom/matrix-base/tasks/ensure_openssl_installed_redhat.yml b/roles/custom/matrix-base/tasks/ensure_openssl_installed_redhat.yml deleted file mode 100644 index b8809cf5..00000000 --- a/roles/custom/matrix-base/tasks/ensure_openssl_installed_redhat.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- - -- name: Ensure openssl installed (RedHat) - ansible.builtin.yum: - name: openssl - state: present From e3b3f076077036773a5c670f33d86543d943a833 Mon Sep 17 00:00:00 2001 From: Aine Date: Sat, 5 Nov 2022 13:19:00 +0200 Subject: [PATCH 549/562] etherpad: add abiword and soffice config options --- roles/custom/matrix-etherpad/defaults/main.yml | 2 ++ roles/custom/matrix-etherpad/templates/settings.json.j2 | 6 +++--- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/roles/custom/matrix-etherpad/defaults/main.yml b/roles/custom/matrix-etherpad/defaults/main.yml index 505c9c4b..540b2a51 100644 --- a/roles/custom/matrix-etherpad/defaults/main.yml +++ b/roles/custom/matrix-etherpad/defaults/main.yml @@ -58,6 +58,8 @@ matrix_etherpad_database_connection_string: 'postgres://{{ matrix_etherpad_datab # Variables configuring the etherpad matrix_etherpad_title: 'Etherpad' +matrix_etherpad_abiword: null +matrix_etherpad_soffice: null matrix_etherpad_default_pad_text: | Welcome to Etherpad! diff --git a/roles/custom/matrix-etherpad/templates/settings.json.j2 b/roles/custom/matrix-etherpad/templates/settings.json.j2 index 0a240f3e..cc45d190 100644 --- a/roles/custom/matrix-etherpad/templates/settings.json.j2 +++ b/roles/custom/matrix-etherpad/templates/settings.json.j2 @@ -20,8 +20,8 @@ "editOnly": false, "minify": true, "maxAge": 21600, - "abiword": null, - "soffice": null, + "abiword": {{ matrix_etherpad_abiword|to_json }}, + "soffice": {{ matrix_etherpad_soffice|to_json }}, "tidyHtml": null, "allowUnknownFileEnds": true, "requireAuthentication": false, @@ -103,7 +103,7 @@ "pageUp": true, "pageDown": true }, - "loglevel": "INFO", + "loglevel": "WARN", "logconfig" : { "appenders": [ { "type": "console", From 5e1bcf3f76bfeef44723d2016b1bdddf7c45571a Mon Sep 17 00:00:00 2001 From: mouse Date: Sun, 6 Nov 2022 00:20:44 +1100 Subject: [PATCH 550/562] stop gradle pacman error on ubuntu --- roles/custom/matrix-ma1sd/tasks/setup_install.yml | 9 ++------- .../tasks/util/ensure_gradle_installed_archlinux.yml | 6 ++++++ 2 files changed, 8 insertions(+), 7 deletions(-) create mode 100644 roles/custom/matrix-ma1sd/tasks/util/ensure_gradle_installed_archlinux.yml diff --git a/roles/custom/matrix-ma1sd/tasks/setup_install.yml b/roles/custom/matrix-ma1sd/tasks/setup_install.yml index 70f7937a..b9668a05 100644 --- a/roles/custom/matrix-ma1sd/tasks/setup_install.yml +++ b/roles/custom/matrix-ma1sd/tasks/setup_install.yml @@ -74,13 +74,8 @@ msg: "Installing gradle on RedHat ({{ ansible_distribution }}) is currently not supported, so self-building ma1sd cannot happen at this time" when: ansible_os_family == 'RedHat' - - name: Ensure gradle is installed for self-building (Archlinux) - community.general.pacman: - name: - - gradle - state: present - update_cache: true - when: ansible_distribution == 'Archlinux' + - ansible.builtin.include_tasks: "{{ role_path }}/tasks/util/ensure_gradle_installed_archlinux.yml" + when: "ansible_distribution == 'Archlinux'" - name: Ensure ma1sd repository is present on self-build ansible.builtin.git: diff --git a/roles/custom/matrix-ma1sd/tasks/util/ensure_gradle_installed_archlinux.yml b/roles/custom/matrix-ma1sd/tasks/util/ensure_gradle_installed_archlinux.yml new file mode 100644 index 00000000..cfe38a8d --- /dev/null +++ b/roles/custom/matrix-ma1sd/tasks/util/ensure_gradle_installed_archlinux.yml @@ -0,0 +1,6 @@ +--- + +- name: Ensure gradle installed (Archlinux) + community.general.pacman: + name: gradle + state: present From a4dbc27f34d640829ac84f045e83a346f10086f2 Mon Sep 17 00:00:00 2001 From: Aine Date: Sat, 5 Nov 2022 19:40:09 +0200 Subject: [PATCH 551/562] remove etherpad nginx config automatically --- roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml b/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml index 6585de59..4a74d399 100644 --- a/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml +++ b/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml @@ -321,6 +321,12 @@ state: absent when: "not matrix_nginx_proxy_proxy_ntfy_enabled | bool" +- name: Ensure Matrix nginx-proxy configuration for etherpad domain deleted + ansible.builtin.file: + path: "{{ matrix_nginx_proxy_confd_path }}/matrix-etherpad.conf" + state: absent + when: "not matrix_nginx_proxy_proxy_etherpad_enabled | bool" + - name: Ensure Matrix nginx-proxy homepage for base domain deleted ansible.builtin.file: path: "{{ matrix_nginx_proxy_data_path }}/matrix-domain/index.html" From a93d733bd3144589f8ba82c9cfb6d73620ee18dd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ab=C3=ADlio=20Costa?= Date: Sun, 6 Nov 2022 21:38:27 +0000 Subject: [PATCH 552/562] Remove repeated quote in mautrix-discord docs --- docs/configuring-playbook-bridge-mautrix-discord.md | 1 - 1 file changed, 1 deletion(-) diff --git a/docs/configuring-playbook-bridge-mautrix-discord.md b/docs/configuring-playbook-bridge-mautrix-discord.md index 439113fd..68e5ce33 100644 --- a/docs/configuring-playbook-bridge-mautrix-discord.md +++ b/docs/configuring-playbook-bridge-mautrix-discord.md @@ -3,7 +3,6 @@ **Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) and [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md) bridges supported by the playbook. - For using as a Bot we recommend the [Appservice Discord](configuring-playbook-bridge-appservice-discord.md), because it supports plumbing. - For personal use with a discord account we recommend the `mautrix-discord` bridge (the one being discussed here), because it is the most fully-featured and stable of the 3 Discord bridges supported by the playbook. -The `mautrix-discord` bridge (the one being discussed here) is the most fully-featured and stable of the 3 Discord bridges supported by the playbook, so it's the one we recommend. The playbook can install and configure [mautrix-discord](https://github.com/mautrix/discord) for you. From 7871a92b049e6a0c849e8977e91d6f61678f62a5 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 8 Nov 2022 16:25:52 +0200 Subject: [PATCH 553/562] Upgrade Synapse (v1.70.1 -> v1.71.0) --- roles/custom/matrix-synapse/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-synapse/defaults/main.yml b/roles/custom/matrix-synapse/defaults/main.yml index ebd55211..54351256 100644 --- a/roles/custom/matrix-synapse/defaults/main.yml +++ b/roles/custom/matrix-synapse/defaults/main.yml @@ -36,7 +36,7 @@ matrix_synapse_container_image_customizations_dockerfile_body_custom: '' matrix_synapse_docker_image: "{{ matrix_synapse_docker_image_name_prefix }}matrixdotorg/synapse:{{ matrix_synapse_docker_image_tag }}" matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_container_image_self_build else matrix_container_global_registry_prefix }}" -matrix_synapse_version: v1.70.1 +matrix_synapse_version: v1.71.0 matrix_synapse_docker_image_tag: "{{ matrix_synapse_version }}" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" From 67d0709ea67e968e3fd5b1cdc13961e5efeda29c Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 8 Nov 2022 14:28:37 +0000 Subject: [PATCH 554/562] Update Grafana 9.2.3 -> 9.2.4 --- roles/custom/matrix-grafana/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-grafana/defaults/main.yml b/roles/custom/matrix-grafana/defaults/main.yml index 43b29c94..7c5e8d99 100644 --- a/roles/custom/matrix-grafana/defaults/main.yml +++ b/roles/custom/matrix-grafana/defaults/main.yml @@ -5,7 +5,7 @@ matrix_grafana_enabled: true -matrix_grafana_version: 9.2.3 +matrix_grafana_version: 9.2.4 matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}" matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}" From 6c2612a1a6e24110cb5ab5dfaa38a612774062bc Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 8 Nov 2022 14:29:37 +0000 Subject: [PATCH 555/562] Update prometheus 2.39.1 -> 2.40.0 --- roles/custom/matrix-prometheus/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-prometheus/defaults/main.yml b/roles/custom/matrix-prometheus/defaults/main.yml index cbd3575e..0b4dd3e2 100644 --- a/roles/custom/matrix-prometheus/defaults/main.yml +++ b/roles/custom/matrix-prometheus/defaults/main.yml @@ -5,7 +5,7 @@ matrix_prometheus_enabled: false -matrix_prometheus_version: v2.39.1 +matrix_prometheus_version: v2.40.0 matrix_prometheus_docker_image: "{{ matrix_container_global_registry_prefix }}prom/prometheus:{{ matrix_prometheus_version }}" matrix_prometheus_docker_image_force_pull: "{{ matrix_prometheus_docker_image.endswith(':latest') }}" From 51674887ffa1dd07d678d861159b3c9859537fe1 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 8 Nov 2022 17:39:56 +0200 Subject: [PATCH 556/562] Fix Synapse pusher_instances not being populated correctly This caused push notifications to be delivered more than once if multiple `pusher` workers were enabled. --- .../tasks/synapse/workers/util/inject_worker.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/roles/custom/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml b/roles/custom/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml index b69529b9..4542f19c 100644 --- a/roles/custom/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml +++ b/roles/custom/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml @@ -63,3 +63,8 @@ - ansible.builtin.set_fact: matrix_synapse_instance_map: "{{ matrix_synapse_instance_map | combine({matrix_synapse_worker_details.name: {'host': matrix_synapse_worker_details.name, 'port': matrix_synapse_worker_details.replication_port}}) }}" when: matrix_synapse_worker_details.type in matrix_synapse_known_instance_map_eligible_worker_types + +# Inject pusher instances. +- ansible.builtin.set_fact: + matrix_synapse_federation_pusher_instances: "{{ matrix_synapse_federation_pusher_instances + [matrix_synapse_worker_details.name] }}" + when: matrix_synapse_worker_details.type == 'pusher' From 65e340519d7acb6476a525e004a62d86464ea28d Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 8 Nov 2022 16:24:33 +0000 Subject: [PATCH 557/562] Update element v1.11.13 -> v1.11.14 --- roles/custom/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-client-element/defaults/main.yml b/roles/custom/matrix-client-element/defaults/main.yml index b2ffd05d..a1543b5b 100644 --- a/roles/custom/matrix-client-element/defaults/main.yml +++ b/roles/custom/matrix-client-element/defaults/main.yml @@ -10,7 +10,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/vecto # - https://github.com/vector-im/element-web/issues/19544 matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" -matrix_client_element_version: v1.11.13 +matrix_client_element_version: v1.11.14 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" From 32e5c814e48293048e80229240392ef39a13f735 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 9 Nov 2022 08:43:28 +0200 Subject: [PATCH 558/562] Update containerized Ansible tag and make documentation about "make roles" clearer `devture/ansible:2.13.6-r0` contains the `make` utility. (https://github.com/devture/docker-ansible/commit/8597fd82720bf3aa1d1f3a6b9ea30ae45120e12f) Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2248 --- docs/ansible.md | 9 +++------ docs/installing.md | 2 +- 2 files changed, 4 insertions(+), 7 deletions(-) diff --git a/docs/ansible.md b/docs/ansible.md index bd1fe927..6afc98c8 100644 --- a/docs/ansible.md +++ b/docs/ansible.md @@ -45,10 +45,7 @@ Alternatively, you can run Ansible inside a Docker container (powered by the [de This ensures that you're using a very recent Ansible version, which is less likely to be incompatible with the playbook. -There are 2 ways to go about it: - -- [Running Ansible in a container on the Matrix server itself](#running-ansible-in-a-container-on-the-matrix-server-itself) -- [Running Ansible in a container on another computer (not the Matrix server)](#running-ansible-in-a-container-on-another-computer-not-the-matrix-server) +You can either [run Ansible in a container on the Matrix server itself](#running-ansible-in-a-container-on-the-matrix-server-itself) or [run Ansible in a container on another computer (not the Matrix server)](#running-ansible-in-a-container-on-another-computer-not-the-matrix-server). ### Running Ansible in a container on the Matrix server itself @@ -73,7 +70,7 @@ docker run -it --rm \ -w /work \ -v `pwd`:/work \ --entrypoint=/bin/sh \ -docker.io/devture/ansible:2.13.0-r0 +docker.io/devture/ansible:2.13.6-r0 ``` Once you execute the above command, you'll be dropped into a `/work` directory inside a Docker container. @@ -92,7 +89,7 @@ docker run -it --rm \ -v `pwd`:/work \ -v $HOME/.ssh/id_rsa:/root/.ssh/id_rsa:ro \ --entrypoint=/bin/sh \ -docker.io/devture/ansible:2.13.0-r0 +docker.io/devture/ansible:2.13.6-r0 ``` The above command tries to mount an SSH key (`$HOME/.ssh/id_rsa`) into the container (at `/root/.ssh/id_rsa`). diff --git a/docs/installing.md b/docs/installing.md index 19506e33..53a86585 100644 --- a/docs/installing.md +++ b/docs/installing.md @@ -2,7 +2,7 @@ If you've [configured your DNS](configuring-dns.md) and have [configured the playbook](configuring-playbook.md), you can start the installation procedure. -**Before installing** and each time you update the playbook in the future, you will need to update the Ansible roles in this playbook by running `make roles`. `make roles` is a shortcut (a `roles` target defined in [`Makefile`](Makefile) and executed by the [`make`](https://www.gnu.org/software/make/) utility) which ultimately runs [ansible-galaxy](https://docs.ansible.com/ansible/latest/cli/ansible-galaxy.html) to download Ansible roles. If you don't have `make`, you can also manually run the commands seen in the `Makefile`. +**Before installing** and each time you update the playbook in the future, you will need to update the Ansible roles in this playbook by running `make roles`. `make roles` is a shortcut (a `roles` target defined in [`Makefile`](Makefile) and executed by the [`make`](https://www.gnu.org/software/make/) utility) which ultimately runs [ansible-galaxy](https://docs.ansible.com/ansible/latest/cli/ansible-galaxy.html) to download Ansible roles. If you don't have `make`, you can also manually run the `roles` commands seen in the `Makefile`. ## Playbook tags introduction From 06df2df9e90fd09ac50fcab3f88c85fea5116dae Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 9 Nov 2022 09:01:56 +0200 Subject: [PATCH 559/562] Mention playbook ownership issues when running Ansible in a container and potential workarounds Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2248 --- docs/ansible.md | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/docs/ansible.md b/docs/ansible.md index 6afc98c8..e8a0ddb2 100644 --- a/docs/ansible.md +++ b/docs/ansible.md @@ -76,7 +76,9 @@ docker.io/devture/ansible:2.13.6-r0 Once you execute the above command, you'll be dropped into a `/work` directory inside a Docker container. The `/work` directory contains the playbook's code. -You can execute `ansible-playbook ...` (or `ansible-playbook --connection=community.docker.nsenter ...`) commands as per normal now. +First, consider running `git config --global --add safe.directory /work` to [resolve directory ownership issues](#resolve-directory-ownership-issues). + +Finally, you can execute `ansible-playbook ...` (or `ansible-playbook --connection=community.docker.nsenter ...`) commands as per normal now. ### Running Ansible in a container on another computer (not the Matrix server) @@ -98,7 +100,10 @@ If your SSH key is at a different path (not in `$HOME/.ssh/id_rsa`), adjust that Once you execute the above command, you'll be dropped into a `/work` directory inside a Docker container. The `/work` directory contains the playbook's code. -You can execute `ansible-playbook ...` commands as per normal now. +First, consider running `git config --global --add safe.directory /work` to [resolve directory ownership issues](#resolve-directory-ownership-issues). + +Finally, you execute `ansible-playbook ...` commands as per normal now. + #### If you don't use SSH keys for authentication @@ -109,3 +114,13 @@ apk add sshpass ``` Then, to be asked for the password whenever running an `ansible-playbook` command add `--ask-pass` to the arguments of the command. + +#### Resolve directory ownership issues + +Because you're `root` in the container running Ansible and this likely differs fom the owner (your regular user account) of the playbook directory outside of the container, certain playbook features which use `git` locally may report warnings such as: + +> fatal: unsafe repository ('/work' is owned by someone else) +> To add an exception for this directory, call: +> git config --global --add safe.directory /work + +These errors can be resolved by making `git` trust the playbook directory by running `git config --global --add safe.directory /work` From ea0c7e27e3ba517c9d7b48ea19066bd5b7c3b9c1 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Wed, 9 Nov 2022 15:32:09 +0000 Subject: [PATCH 560/562] Update prometheus 2.40.0 -> 2.40.1 --- roles/custom/matrix-prometheus/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-prometheus/defaults/main.yml b/roles/custom/matrix-prometheus/defaults/main.yml index 0b4dd3e2..adc90387 100644 --- a/roles/custom/matrix-prometheus/defaults/main.yml +++ b/roles/custom/matrix-prometheus/defaults/main.yml @@ -5,7 +5,7 @@ matrix_prometheus_enabled: false -matrix_prometheus_version: v2.40.0 +matrix_prometheus_version: v2.40.1 matrix_prometheus_docker_image: "{{ matrix_container_global_registry_prefix }}prom/prometheus:{{ matrix_prometheus_version }}" matrix_prometheus_docker_image_force_pull: "{{ matrix_prometheus_docker_image.endswith(':latest') }}" From 83e38d59239863454dfeebfb3edfb1abf288d146 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 9 Nov 2022 16:03:21 +0000 Subject: [PATCH 561/562] Bump frenck/action-yamllint from 1.3.0 to 1.3.1 Bumps [frenck/action-yamllint](https://github.com/frenck/action-yamllint) from 1.3.0 to 1.3.1. - [Release notes](https://github.com/frenck/action-yamllint/releases) - [Commits](https://github.com/frenck/action-yamllint/compare/v1.3.0...v1.3.1) --- updated-dependencies: - dependency-name: frenck/action-yamllint dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/matrix.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/matrix.yml b/.github/workflows/matrix.yml index f63eade4..8da5b969 100644 --- a/.github/workflows/matrix.yml +++ b/.github/workflows/matrix.yml @@ -13,7 +13,7 @@ jobs: - name: Check out uses: actions/checkout@v3 - name: Run yamllint - uses: frenck/action-yamllint@v1.3.0 + uses: frenck/action-yamllint@v1.3.1 ansible-lint: name: ansible-lint runs-on: ubuntu-latest From 19b59f9ded388923d73afbd61c4849cb62666a68 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Thu, 10 Nov 2022 17:56:59 +0000 Subject: [PATCH 562/562] Update Hydrogen 0.3.3 -> 0.3.4 --- roles/custom/matrix-client-hydrogen/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-client-hydrogen/defaults/main.yml b/roles/custom/matrix-client-hydrogen/defaults/main.yml index d207df74..80bdb021 100644 --- a/roles/custom/matrix-client-hydrogen/defaults/main.yml +++ b/roles/custom/matrix-client-hydrogen/defaults/main.yml @@ -8,7 +8,7 @@ matrix_client_hydrogen_enabled: true matrix_client_hydrogen_container_image_self_build: true matrix_client_hydrogen_container_image_self_build_repo: "https://github.com/vector-im/hydrogen-web.git" -matrix_client_hydrogen_version: v0.3.3 +matrix_client_hydrogen_version: v0.3.4 matrix_client_hydrogen_docker_image: "{{ matrix_client_hydrogen_docker_image_name_prefix }}vectorim/hydrogen-web:{{ matrix_client_hydrogen_version }}" matrix_client_hydrogen_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_hydrogen_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_hydrogen_docker_image_force_pull: "{{ matrix_client_hydrogen_docker_image.endswith(':latest') }}"