diff --git a/CHANGELOG.md b/CHANGELOG.md index 32153869..5ab03e7e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,13 @@ +# 2020-03-15 + +## Raspberry Pi support + +The playbook supports installing to a Raspberry Pi server, for at least some of the services. + +Since most ready-made container images do not support that architecture, we achieve this by building images locally on the device itself. +See our [Self-building documentation page](docs/self-building.md) for how to get started. + + # 2020-02-26 ## Riot-web themes are here diff --git a/docs/prerequisites.md b/docs/prerequisites.md index 7b3df42f..4e72e2ea 100644 --- a/docs/prerequisites.md +++ b/docs/prerequisites.md @@ -1,6 +1,6 @@ # Prerequisites -- An x86 server running **CentOS** (7 only for now; [8 is not yet supported](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/300)), **Debian** (9/Stretch+) or **Ubuntu** (16.04+). This playbook doesn't support running on ARM so it won't work on a Raspberry Pi. We only strive to support released stable versions of distributions, not betas or pre-releases. This playbook can take over your whole server or co-exist with other services that you have there. +- An x86 server running **CentOS** (7 only for now; [8 is not yet supported](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/300)), **Debian** (9/Stretch+) or **Ubuntu** (16.04+). This playbook doesn't support running on ARM ([see](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/299)), however a minimal subset of the tools can be built on the host, which may result in a working configuration, even on a Raspberry pi (see [Self-Building](self-building.md)). We only strive to support released stable versions of distributions, not betas or pre-releases. This playbook can take over your whole server or co-exist with other services that you have there. - [Python](https://www.python.org/) being installed on the server. Most distributions install Python by default, but some don't (e.g. Ubuntu 18.04) and require manual installation (something like `apt-get install python`). diff --git a/docs/self-building.md b/docs/self-building.md new file mode 100644 index 00000000..a4d6fad9 --- /dev/null +++ b/docs/self-building.md @@ -0,0 +1,19 @@ +# Self-building + +The playbook supports the self-building of some of its components. This may be useful for architectures besides x86_64, which have no Docker images right now (e g. the armv7 for the Raspberry Pi). Some playbook roles have been updated, so they build the necessary image on the host. It needs more space, as some build tools need to be present (like Java, for mxisd). + +To use these modification there is a variable that needs to be switched to enable this functionality. Add this to your `vars.yaml` file: +```yaml +matrix_container_images_self_build = true +``` +Setting that variable will self-build every role which supports self-building. Self-building can be set on a per-role basis as well. + +List of roles where self-building the docker image is currently possible: +- synapse +- riot-web +- coturn +- mxisd +- matrix-bridge-mautrix-facebook +- matrix-bridge-mautrix-hangouts + +Adding self-building support to other roles is welcome. Feel free to contribute! diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 5efde0c9..f722e265 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -172,6 +172,8 @@ matrix_appservice_irc_homeserver_token: "{{ matrix_synapse_macaroon_secret_key | # We don't enable bridges by default. matrix_mautrix_facebook_enabled: false +matrix_mautrix_facebook_container_image_self_build: "{{ matrix_container_images_self_build }}" + matrix_mautrix_facebook_systemd_required_services_list: | {{ ['docker.service'] @@ -201,6 +203,8 @@ matrix_mautrix_facebook_login_shared_secret: "{{ matrix_synapse_ext_password_pro # We don't enable bridges by default. matrix_mautrix_hangouts_enabled: false +matrix_mautrix_hangouts_container_image_self_build: "{{ matrix_container_images_self_build }}" + matrix_mautrix_hangouts_systemd_required_services_list: | {{ ['docker.service'] @@ -329,6 +333,8 @@ matrix_corporal_matrix_registration_shared_secret: "{{ matrix_synapse_registrati matrix_coturn_enabled: true +matrix_coturn_container_image_self_build: "{{ matrix_container_images_self_build }}" + matrix_coturn_turn_external_ip_address: "{{ ansible_host }}" matrix_coturn_tls_enabled: true @@ -415,6 +421,8 @@ matrix_mailer_enabled: true # If you wish to use the public identity servers (matrix.org, vector.im) instead of your own you may wish to disable this. matrix_mxisd_enabled: true +matrix_mxisd_container_image_self_build: "{{ matrix_container_images_self_build }}" + # Normally, matrix-nginx-proxy is enabled and nginx can reach mxisd over the container network. # If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose # mxisd's web-server port. @@ -559,6 +567,8 @@ matrix_postgres_db_name: "homeserver" # If you wish to connect to your Matrix server by other means, you may wish to disable this. matrix_riot_web_enabled: true +matrix_riot_web_container_image_self_build: "{{ matrix_container_images_self_build }}" + # Normally, matrix-nginx-proxy is enabled and nginx can reach riot-web over the container network. # If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose # the riot-web HTTP port to the local host. @@ -600,6 +610,8 @@ matrix_riot_web_welcome_user_id: ~ # ###################################################################### +matrix_synapse_container_image_self_build: "{{ matrix_container_images_self_build }}" + # When mxisd is enabled, we can use it instead of the default public Identity servers. matrix_synapse_trusted_third_party_id_servers: "{{ [matrix_server_fqn_matrix] if matrix_mxisd_enabled else matrix_synapse_id_servers_public }}" diff --git a/roles/matrix-base/defaults/main.yml b/roles/matrix-base/defaults/main.yml index b4fef1dd..c2a81c29 100644 --- a/roles/matrix-base/defaults/main.yml +++ b/roles/matrix-base/defaults/main.yml @@ -66,3 +66,7 @@ run_setup: true run_self_check: true run_start: true run_stop: true + +# Building every docker image from source on the target host +# Controlling docker image build is possible on a per unit base +matrix_container_images_self_build: false \ No newline at end of file diff --git a/roles/matrix-base/tasks/server_base/setup.yml b/roles/matrix-base/tasks/server_base/setup.yml index 45feb152..70b2e4fc 100644 --- a/roles/matrix-base/tasks/server_base/setup.yml +++ b/roles/matrix-base/tasks/server_base/setup.yml @@ -4,7 +4,10 @@ when: ansible_distribution == 'CentOS' - include_tasks: "{{ role_path }}/tasks/server_base/setup_debian.yml" - when: ansible_os_family == 'Debian' + when: (ansible_os_family == 'Debian') and (ansible_lsb.id != 'Raspbian') + +- include_tasks: "{{ role_path }}/tasks/server_base/setup_raspbian.yml" + when: (ansible_os_family == 'Debian') and (ansible_lsb.id == 'Raspbian') - name: Ensure Docker is started and autoruns service: diff --git a/roles/matrix-base/tasks/server_base/setup_raspbian.yml b/roles/matrix-base/tasks/server_base/setup_raspbian.yml new file mode 100644 index 00000000..e9284284 --- /dev/null +++ b/roles/matrix-base/tasks/server_base/setup_raspbian.yml @@ -0,0 +1,42 @@ +--- + +- name: Ensure APT usage dependencies are installed + apt: + name: + - apt-transport-https + - ca-certificates + state: present + update_cache: yes + +- name: Ensure Docker's APT key is trusted + apt_key: + url: https://download.docker.com/linux/raspbian/gpg + id: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88 + state: present + register: add_repository_key + ignore_errors: true + when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce' + +- name: Ensure Docker repository is enabled + apt_repository: + repo: "deb [arch=armhf] https://download.docker.com/linux/raspbian {{ ansible_distribution_release }} stable" + state: present + update_cache: yes + when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce' + +- name: Ensure APT packages are installed + apt: + name: + - bash-completion + - python-docker + - ntp + - fuse + state: latest + update_cache: yes + +- name: Ensure Docker is installed + apt: + name: + - "{{ matrix_docker_package_name }}" + state: latest + when: matrix_docker_installation_enabled|bool diff --git a/roles/matrix-bridge-mautrix-facebook/defaults/main.yml b/roles/matrix-bridge-mautrix-facebook/defaults/main.yml index bf57e926..30693bd5 100644 --- a/roles/matrix-bridge-mautrix-facebook/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-facebook/defaults/main.yml @@ -3,6 +3,8 @@ matrix_mautrix_facebook_enabled: true +matrix_mautrix_facebook_container_image_self_build: false + # See: https://mau.dev/tulir/mautrix-facebook/container_registry matrix_mautrix_facebook_docker_image: "dock.mau.dev/tulir/mautrix-facebook:latest" matrix_mautrix_facebook_docker_image_force_pull: "{{ matrix_mautrix_facebook_docker_image.endswith(':latest') }}" @@ -10,6 +12,7 @@ matrix_mautrix_facebook_docker_image_force_pull: "{{ matrix_mautrix_facebook_doc matrix_mautrix_facebook_base_path: "{{ matrix_base_data_path }}/mautrix-facebook" matrix_mautrix_facebook_config_path: "{{ matrix_mautrix_facebook_base_path }}/config" matrix_mautrix_facebook_data_path: "{{ matrix_mautrix_facebook_base_path }}/data" +matrix_mautrix_facebook_docker_src_files_path: "{{ matrix_mautrix_facebook_base_path }}/docker-src" matrix_mautrix_facebook_homeserver_address: 'http://matrix-synapse:8008' matrix_mautrix_facebook_homeserver_domain: '{{ matrix_domain }}' diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/init.yml b/roles/matrix-bridge-mautrix-facebook/tasks/init.yml index 92f97867..c9688cf0 100644 --- a/roles/matrix-bridge-mautrix-facebook/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-facebook/tasks/init.yml @@ -14,3 +14,10 @@ + {{ ["/matrix-mautrix-facebook-registration.yaml"] }} when: matrix_mautrix_facebook_enabled|bool + +# ansible lower than 2.8, does not support docker_image build parameters +# for self buildig it is explicitly needed, so we rather fail here +- name: Fail if running on Ansible lower than 2.8 and trying self building + fail: + msg: "To self build Mautrix Facebook image, you should usa ansible 2.8 or higher. E.g. pip contains such packages." + when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mautrix_facebook_container_image_self_build" diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml index 68c823c6..5a70c2e4 100644 --- a/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml @@ -14,6 +14,7 @@ source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mautrix_facebook_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_facebook_docker_image_force_pull }}" + when: matrix_mautrix_facebook_enabled|bool and not matrix_mautrix_facebook_container_image_self_build - name: Ensure Mautrix Facebook paths exist file: @@ -26,6 +27,25 @@ - "{{ matrix_mautrix_facebook_base_path }}" - "{{ matrix_mautrix_facebook_config_path }}" - "{{ matrix_mautrix_facebook_data_path }}" + - { src: "{{ matrix_mautrix_facebook_docker_src_files_path }}", when: "{{ matrix_mautrix_facebook_container_image_self_build }}" } + +- name: Ensure Mautrix Facebook repository is present on self-build + git: + repo: https://github.com/tulir/mautrix-facebook.git + dest: "{{ matrix_mautrix_facebook_docker_src_files_path }}" +# version: "{{ matrix_coturn_docker_image.split(':')[1] }}" + force: "yes" + when: "matrix_mautrix_facebook_enabled|bool and matrix_mautrix_facebook_container_image_self_build" + +- name: Ensure Mautrix Facebook Docker image is built + docker_image: + name: "{{ matrix_mautrix_facebook_docker_image }}" + source: build + build: + dockerfile: Dockerfile + path: "{{ matrix_mautrix_facebook_docker_src_files_path }}" + pull: yes + when: "matrix_mautrix_facebook_enabled|bool and matrix_mautrix_facebook_container_image_self_build" - name: Check if an old database file already exists stat: diff --git a/roles/matrix-bridge-mautrix-hangouts/defaults/main.yml b/roles/matrix-bridge-mautrix-hangouts/defaults/main.yml index fdb2c639..5284bc82 100644 --- a/roles/matrix-bridge-mautrix-hangouts/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-hangouts/defaults/main.yml @@ -3,6 +3,8 @@ matrix_mautrix_hangouts_enabled: true +matrix_mautrix_hangouts_container_image_self_build: false + # See: https://mau.dev/tulir/mautrix-hangouts/container_registry matrix_mautrix_hangouts_docker_image: "dock.mau.dev/tulir/mautrix-hangouts:latest" matrix_mautrix_hangouts_docker_image_force_pull: "{{ matrix_mautrix_hangouts_docker_image.endswith(':latest') }}" @@ -10,6 +12,7 @@ matrix_mautrix_hangouts_docker_image_force_pull: "{{ matrix_mautrix_hangouts_doc matrix_mautrix_hangouts_base_path: "{{ matrix_base_data_path }}/mautrix-hangouts" matrix_mautrix_hangouts_config_path: "{{ matrix_mautrix_hangouts_base_path }}/config" matrix_mautrix_hangouts_data_path: "{{ matrix_mautrix_hangouts_base_path }}/data" +matrix_mautrix_hangouts_docker_src_files_path: "{{ matrix_mautrix_hangouts_base_path }}/docker-src" matrix_mautrix_hangouts_public_endpoint: '/mautrix-hangouts' diff --git a/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml b/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml index ee18eeb0..9dd09d81 100644 --- a/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml @@ -59,4 +59,11 @@ Please make sure that you're proxying the `{{ matrix_mautrix_hangouts_public_endpoint }}` URL endpoint to the matrix-mautrix-hangouts container. You can expose the container's port using the `matrix_mautrix_hangouts_container_http_host_bind_port` variable. - when: "matrix_mautrix_hangouts_enabled|bool and matrix_nginx_proxy_enabled is not defined" + when: "matrix_mautrix_hangouts_enabled|bool and (matrix_nginx_proxy_enabled is not defined or matrix_nginx_proxy_enabled|bool == false)" + +# ansible lower than 2.8, does not support docker_image build parameters +# for self buildig it is explicitly needed, so we rather fail here +- name: Fail if running on Ansible lower than 2.8 and trying self building + fail: + msg: "To self build Mautrix Hangouts image, you should usa ansible 2.8 or higher. E.g. pip contains such packages." + when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mautrix_hangouts_container_image_self_build" diff --git a/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml index 7f325165..db1fe736 100644 --- a/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml @@ -14,6 +14,7 @@ source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mautrix_hangouts_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_hangouts_docker_image_force_pull }}" + when: matrix_mautrix_hangouts_enabled|bool and not matrix_mautrix_hangouts_container_image_self_build - name: Ensure Mautrix Hangouts paths exist file: @@ -26,6 +27,26 @@ - "{{ matrix_mautrix_hangouts_base_path }}" - "{{ matrix_mautrix_hangouts_config_path }}" - "{{ matrix_mautrix_hangouts_data_path }}" + - { src: "{{ matrix_mautrix_hangouts_docker_src_files_path }}", when: "{{ matrix_mautrix_hangouts_container_image_self_build }}" } + + when: matrix_mautrix_hangouts_enabled|bool and not matrix_mautrix_hangouts_container_image_self_build + +- name: Ensure Mautrix Hangots repository is present on self build + git: + repo: https://github.com/tulir/mautrix-hangouts.git + dest: "{{ matrix_mautrix_hangouts_docker_src_files_path }}" + force: "yes" + when: "matrix_mautrix_hangouts_enabled|bool and matrix_mautrix_hangouts_container_image_self_build" + +- name: Ensure Mautrix Hangouts Docker image is built + docker_image: + name: "{{ matrix_mautrix_hangouts_docker_image }}" + source: build + build: + dockerfile: Dockerfile + path: "{{ matrix_mautrix_hangouts_docker_src_files_path }}" + pull: yes + when: "matrix_mautrix_hangouts_enabled|bool and matrix_mautrix_hangouts_container_image_self_build" - name: Check if an old database file already exists stat: diff --git a/roles/matrix-coturn/defaults/main.yml b/roles/matrix-coturn/defaults/main.yml index 4bcbb223..06063e3b 100644 --- a/roles/matrix-coturn/defaults/main.yml +++ b/roles/matrix-coturn/defaults/main.yml @@ -1,5 +1,7 @@ matrix_coturn_enabled: true +matrix_coturn_container_image_self_build: false + matrix_coturn_docker_image: "instrumentisto/coturn:4.5.1.1" matrix_coturn_docker_image_force_pull: "{{ matrix_coturn_docker_image.endswith(':latest') }}" @@ -13,6 +15,7 @@ matrix_coturn_docker_image_force_pull: "{{ matrix_coturn_docker_image.endswith(' matrix_coturn_docker_network: "matrix-coturn" matrix_coturn_base_path: "{{ matrix_base_data_path }}/coturn" +matrix_coturn_docker_src_files_path: "{{ matrix_coturn_base_path }}/docker-src" matrix_coturn_config_path: "{{ matrix_coturn_base_path }}/turnserver.conf" # List of systemd services that matrix-coturn.service depends on diff --git a/roles/matrix-coturn/tasks/init.yml b/roles/matrix-coturn/tasks/init.yml index 603b536a..b59feebd 100644 --- a/roles/matrix-coturn/tasks/init.yml +++ b/roles/matrix-coturn/tasks/init.yml @@ -1,3 +1,10 @@ - set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-coturn'] }}" when: matrix_coturn_enabled|bool + +# ansible lower than 2.8, does not support docker_image build parameters +# for self buildig it is explicitly needed, so we rather fail here +- name: Fail if running on Ansible lower than 2.8 and trying self building + fail: + msg: "To self build Coturn image, you should usa ansible 2.8 or higher. E.g. pip contains such packages." + when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_coturn_container_image_self_build" diff --git a/roles/matrix-coturn/tasks/setup_coturn.yml b/roles/matrix-coturn/tasks/setup_coturn.yml index eaa29aa5..d86e4b22 100644 --- a/roles/matrix-coturn/tasks/setup_coturn.yml +++ b/roles/matrix-coturn/tasks/setup_coturn.yml @@ -4,13 +4,42 @@ # Tasks related to setting up Coturn # +- name: Ensure Matrix Coturn path exists + file: + path: "{{ item }}" + state: directory + mode: 0750 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_username }}" + with_items: + - { src: "{{ matrix_coturn_docker_src_files_path }}", when: "{{ matrix_coturn_container_image_self_build }}"} + when: matrix_riot_web_enabled|bool + - name: Ensure Coturn image is pulled docker_image: name: "{{ matrix_coturn_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_coturn_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_coturn_docker_image_force_pull }}" - when: matrix_coturn_enabled|bool + when: matrix_coturn_enabled|bool and not matrix_coturn_container_image_self_build + +- name: Ensure Coturn repository is present on self-build + git: + repo: https://github.com/instrumentisto/coturn-docker-image.git + dest: "{{ matrix_coturn_docker_src_files_path }}" + version: "{{ matrix_coturn_docker_image.split(':')[1] }}" + force: "yes" + when: "matrix_coturn_enabled|bool and matrix_coturn_container_image_self_build" + +- name: Ensure Coturn Docker image is built + docker_image: + name: "{{ matrix_coturn_docker_image }}" + source: build + build: + dockerfile: Dockerfile + path: "{{ matrix_coturn_docker_src_files_path }}" + pull: yes + when: "matrix_coturn_enabled|bool and matrix_coturn_container_image_self_build" - name: Ensure Coturn configuration path exists file: diff --git a/roles/matrix-mxisd/defaults/main.yml b/roles/matrix-mxisd/defaults/main.yml index 286839da..605f4028 100644 --- a/roles/matrix-mxisd/defaults/main.yml +++ b/roles/matrix-mxisd/defaults/main.yml @@ -3,10 +3,13 @@ matrix_mxisd_enabled: true +matrix_mxisd_container_image_self_build: false + matrix_mxisd_docker_image: "kamax/mxisd:1.4.6" matrix_mxisd_docker_image_force_pull: "{{ matrix_mxisd_docker_image.endswith(':latest') }}" matrix_mxisd_base_path: "{{ matrix_base_data_path }}/mxisd" +matrix_mxisd_docker_src_files_path: "{{ matrix_mxisd_base_path }}/docker-src" matrix_mxisd_config_path: "{{ matrix_mxisd_base_path }}/config" matrix_mxisd_data_path: "{{ matrix_mxisd_base_path }}/data" diff --git a/roles/matrix-mxisd/tasks/init.yml b/roles/matrix-mxisd/tasks/init.yml index 94543b35..dcf1d053 100644 --- a/roles/matrix-mxisd/tasks/init.yml +++ b/roles/matrix-mxisd/tasks/init.yml @@ -1,3 +1,10 @@ - set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mxisd'] }}" when: matrix_mxisd_enabled|bool + +# ansible lower than 2.8, does not support docker_image build parameters +# for self buildig it is explicitly needed, so we rather fail here +- name: Fail if running on Ansible lower than 2.8 and trying self building + fail: + msg: "To self build Mxisd image, you should usa ansible 2.8 or higher. E.g. pip contains such packages." + when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mxisd_container_image_self_build" diff --git a/roles/matrix-mxisd/tasks/setup_mxisd.yml b/roles/matrix-mxisd/tasks/setup_mxisd.yml index 2bafa179..27c00c70 100644 --- a/roles/matrix-mxisd/tasks/setup_mxisd.yml +++ b/roles/matrix-mxisd/tasks/setup_mxisd.yml @@ -14,6 +14,7 @@ with_items: - "{{ matrix_mxisd_config_path }}" - "{{ matrix_mxisd_data_path }}" + - { src: "{{ matrix_mxisd_docker_src_files_path }}", when: "{{ matrix_mxisd_container_image_self_build }}"} when: matrix_mxisd_enabled|bool - name: Ensure mxisd image is pulled @@ -22,7 +23,34 @@ source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mxisd_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mxisd_docker_image_force_pull }}" - when: matrix_mxisd_enabled|bool + when: matrix_mxisd_enabled|bool and not matrix_mxisd_container_image_self_build + +- block: + - name: Ensure gradle is installed for self-building + apt: + name: + - gradle + state: present + update_cache: yes + when: (ansible_os_family == 'Debian') + + - name: Ensure gradle is installed for self-building + fail: + msg: "Installing gradle on CentOS is currently not supported, so self-building mxisd cannot happen at this time" + when: ansible_distribution == 'CentOS' + + - name: Ensure mxisd repository is present on self-build + git: + repo: https://github.com/kamax-matrix/mxisd.git + dest: "{{ matrix_mxisd_docker_src_files_path }}" + version: "v{{ matrix_mxisd_docker_image.split(':')[1] }}" + force: "yes" + + - name: Ensure mxisd Docker image is built + shell: "./gradlew dockerBuild" + args: + chdir: "{{ matrix_mxisd_docker_src_files_path }}" + when: "matrix_mxisd_enabled|bool and matrix_mxisd_container_image_self_build" - name: Ensure mxisd config installed copy: diff --git a/roles/matrix-riot-web/defaults/main.yml b/roles/matrix-riot-web/defaults/main.yml index e707a61a..08b141a1 100644 --- a/roles/matrix-riot-web/defaults/main.yml +++ b/roles/matrix-riot-web/defaults/main.yml @@ -1,9 +1,12 @@ matrix_riot_web_enabled: true +matrix_riot_web_container_image_self_build: false + matrix_riot_web_docker_image: "vectorim/riot-web:v1.5.12" matrix_riot_web_docker_image_force_pull: "{{ matrix_riot_web_docker_image.endswith(':latest') }}" matrix_riot_web_data_path: "{{ matrix_base_data_path }}/riot-web" +matrix_riot_web_docker_src_files_path: "{{ matrix_riot_web_data_path }}/docker-src" # Controls whether the matrix-riot-web container exposes its HTTP port (tcp/8080 in the container). # diff --git a/roles/matrix-riot-web/tasks/init.yml b/roles/matrix-riot-web/tasks/init.yml index 52c096ee..7c8a1550 100644 --- a/roles/matrix-riot-web/tasks/init.yml +++ b/roles/matrix-riot-web/tasks/init.yml @@ -1,3 +1,10 @@ - set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-riot-web'] }}" when: matrix_riot_web_enabled|bool + +# ansible lower than 2.8, does not support docker_image build parameters +# for self buildig it is explicitly needed, so we rather fail here +- name: Fail if running on Ansible lower than 2.8 and trying self building + fail: + msg: "To self build Riot Web image, you should usa ansible 2.8 or higher. E.g. pip contains such packages." + when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_riot_web_container_image_self_build" diff --git a/roles/matrix-riot-web/tasks/setup_riot_web.yml b/roles/matrix-riot-web/tasks/setup_riot_web.yml index a3e1048f..feccbe81 100644 --- a/roles/matrix-riot-web/tasks/setup_riot_web.yml +++ b/roles/matrix-riot-web/tasks/setup_riot_web.yml @@ -6,11 +6,14 @@ - name: Ensure Matrix riot-web path exists file: - path: "{{ matrix_riot_web_data_path }}" + path: "{{ item }}" state: directory mode: 0750 owner: "{{ matrix_user_username }}" group: "{{ matrix_user_username }}" + with_items: + - "{{ matrix_riot_web_data_path }}" + - { src: "{{ matrix_riot_web_docker_src_files_path }}", when: "{{ matrix_riot_web_container_image_self_build }}" } when: matrix_riot_web_enabled|bool - name: Ensure riot-web Docker image is pulled @@ -19,7 +22,25 @@ source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_riot_web_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_riot_web_docker_image_force_pull }}" - when: matrix_riot_web_enabled|bool + when: matrix_riot_web_enabled|bool and not matrix_riot_web_container_image_self_build + +- name: Ensure Riot Web repository is present on self-build + git: + repo: https://github.com/vector-im/riot-web.git + dest: "{{ matrix_riot_web_docker_src_files_path }}" + version: "{{ matrix_riot_web_docker_image.split(':')[1] }}" + force: "yes" + when: "matrix_riot_web_enabled|bool and matrix_riot_web_container_image_self_build" + +- name: Ensure Riot Web Docker image is built + docker_image: + name: "{{ matrix_riot_web_docker_image }}" + source: build + build: + dockerfile: Dockerfile + path: "{{ matrix_riot_web_docker_src_files_path }}" + pull: yes + when: "matrix_riot_web_enabled|bool and matrix_riot_web_container_image_self_build" - name: Ensure Matrix riot-web configuration installed copy: diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 05ad9126..fe9f5545 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -3,10 +3,13 @@ matrix_synapse_enabled: true +matrix_synapse_container_image_self_build: false + matrix_synapse_docker_image: "matrixdotorg/synapse:v1.11.1" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" matrix_synapse_base_path: "{{ matrix_base_data_path }}/synapse" +matrix_synapse_docker_src_files_path: "{{ matrix_synapse_base_path }}/docker-src" matrix_synapse_config_dir_path: "{{ matrix_synapse_base_path }}/config" matrix_synapse_run_path: "{{ matrix_synapse_base_path }}/run" matrix_synapse_storage_path: "{{ matrix_synapse_base_path }}/storage" diff --git a/roles/matrix-synapse/tasks/init.yml b/roles/matrix-synapse/tasks/init.yml index d5f64862..004a2a92 100644 --- a/roles/matrix-synapse/tasks/init.yml +++ b/roles/matrix-synapse/tasks/init.yml @@ -5,3 +5,10 @@ - set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-goofys'] }}" when: matrix_s3_media_store_enabled|bool + +# ansible lower than 2.8, does not support docker_image build parameters +# for self buildig it is explicitly needed, so we rather fail here +- name: Fail if running on Ansible lower than 2.8 and trying self building + fail: + msg: "To self build Synapse image, you should usa ansible 2.8 or higher. E.g. pip contains such packages." + when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_synapse_container_image_self_build" diff --git a/roles/matrix-synapse/tasks/setup_synapse.yml b/roles/matrix-synapse/tasks/setup_synapse.yml index b565a4d2..8d5f72d2 100644 --- a/roles/matrix-synapse/tasks/setup_synapse.yml +++ b/roles/matrix-synapse/tasks/setup_synapse.yml @@ -11,6 +11,7 @@ - "{{ matrix_synapse_config_dir_path }}" - "{{ matrix_synapse_run_path }}" - "{{ matrix_synapse_ext_path }}" + - { src: "{{ matrix_synapse_docker_src_files_path }}", when: "{{ matrix_synapse_container_image_self_build }}" } # We handle matrix_synapse_media_store_path elsewhere (in ./synapse/setup_install.yml), # because if it's using Goofys and it's already mounted (from before), # trying to chown/chmod it here will cause trouble. diff --git a/roles/matrix-synapse/tasks/synapse/setup_install.yml b/roles/matrix-synapse/tasks/synapse/setup_install.yml index 88fb0049..cf24cefb 100644 --- a/roles/matrix-synapse/tasks/synapse/setup_install.yml +++ b/roles/matrix-synapse/tasks/synapse/setup_install.yml @@ -18,12 +18,31 @@ group: "{{ matrix_user_username }}" when: "not local_path_media_store_stat.failed and not local_path_media_store_stat.stat.exists" +- name: Ensure Synapse repository is present on self-build + git: + repo: https://github.com/matrix-org/synapse.git + dest: "{{ matrix_synapse_docker_src_files_path }}" + version: "{{ matrix_synapse_docker_image.split(':')[1] }}" + force: "yes" + when: "matrix_synapse_container_image_self_build" + +- name: Ensure Synapse Docker image is built + docker_image: + name: "{{ matrix_synapse_docker_image }}" + source: build + build: + dockerfile: docker/Dockerfile + path: "{{ matrix_synapse_docker_src_files_path }}" + pull: yes + when: "matrix_synapse_container_image_self_build" + - name: Ensure Synapse Docker image is pulled docker_image: name: "{{ matrix_synapse_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_synapse_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_synapse_docker_image_force_pull }}" + when: "not matrix_synapse_container_image_self_build" - name: Check if a Synapse signing key exists stat: