diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml
index 6e7102bf..463b7cd4 100644
--- a/.github/FUNDING.yml
+++ b/.github/FUNDING.yml
@@ -1,3 +1,4 @@
+---
# These are supported funding model platforms
# https://liberapay.com/s.pantaleev/
diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml
new file mode 100644
index 00000000..b9c3cd49
--- /dev/null
+++ b/.github/dependabot.yaml
@@ -0,0 +1,7 @@
+---
+version: 2
+updates:
+ - package-ecosystem: "github-actions"
+ directory: "/"
+ schedule:
+ interval: daily
diff --git a/.github/workflows/matrix.yml b/.github/workflows/matrix.yml
new file mode 100644
index 00000000..6445dc03
--- /dev/null
+++ b/.github/workflows/matrix.yml
@@ -0,0 +1,16 @@
+---
+name: Matrix CI
+
+on: # yamllint disable-line rule:truthy
+ push:
+ pull_request:
+
+jobs:
+ yamllint:
+ name: 🧹 yamllint
+ runs-on: ubuntu-latest
+ steps:
+ - name: ⤵️ Check out configuration from GitHub
+ uses: actions/checkout@v2.4.0
+ - name: 🚀 Run yamllint
+ uses: frenck/action-yamllint@v1.1.2
diff --git a/.yamllint b/.yamllint
new file mode 100644
index 00000000..08b89afd
--- /dev/null
+++ b/.yamllint
@@ -0,0 +1,8 @@
+---
+extends: default
+
+ignore: |
+ roles/matrix-synapse/vars/workers.yml
+
+rules:
+ line-length: disable
diff --git a/CHANGELOG.md b/CHANGELOG.md
index e9f23468..c1ac92e5 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,27 @@
+# 2022-02-12
+
+## matrix_encryption_disabler support
+
+We now support installing the [matrix_encryption_disabler](https://github.com/digitalentity/matrix_encryption_disabler) Synapse module, which lets you prevent End-to-End-Encryption from being enabled by users on your homeserver. The popular opinion is that this is dangerous and shouldn't be done, but there are valid use cases for disabling encryption discussed [here](https://github.com/matrix-org/synapse/issues/4401).
+
+To enable this module (and prevent encryption from being used on your homserver), add `matrix_synapse_ext_encryption_disabler_enabled: true` to your configuration. This module provides further customization. Check its other configuration settings (and defaults) in `roles/matrix-synapse/defaults/main.yml`.
+
+
+# 2022-02-01
+
+## matrix-hookshot bridging support
+
+Thanks to [HarHarLinks](https://github.com/HarHarLinks), the playbook can now install the [matrix-hookshot](https://github.com/Half-Shot/matrix-hookshot) bridge for bridging Matrix to multiple project management services, such as GitHub, GitLab and JIRA.
+See our [Setting up matrix-hookshot](docs/configuring-playbook-bridge-hookshot.md) documentation to get started.
+
+
+# 2022-01-31
+
+## ARM support for matrix-corporal
+
+[matrix-corporal](https://github.com/devture/matrix-corporal) (as of version `2.2.3`) is now published to Docker Hub (see [devture/matrix-corporal](https://hub.docker.com/r/devture/matrix-corporal)) as a multi-arch container image with support for all these platforms: `linux/amd64`, `linux/arm64/v8` and `linux/arm/v7`. The playbook no longer resorts to self-building matrix-corporal on these ARM architectures.
+
+
# 2022-01-07
## Dendrite support
diff --git a/README.md b/README.md
index af02a3b0..6ae3ca0b 100644
--- a/README.md
+++ b/README.md
@@ -73,6 +73,8 @@ Using this playbook, you can get the following services configured on your serve
- (optional) the [matrix-appservice-webhooks](https://github.com/turt2live/matrix-appservice-webhooks) bridge for slack compatible webhooks ([ConcourseCI](https://concourse-ci.org/), [Slack](https://slack.com/) etc. pp.)
+- (optional) the [matrix-hookshot](https://github.com/Half-Shot/matrix-hookshot) bridge for bridging Matrix to generic webhooks and multiple project management services, such as GitHub, GitLab, Figma, and Jira in particular
+
- (optional) the [matrix-sms-bridge](https://github.com/benkuly/matrix-sms-bridge) for bridging your Matrix server to SMS - see [docs/configuring-playbook-bridge-matrix-bridge-sms.md](docs/configuring-playbook-bridge-matrix-bridge-sms.md) for setup documentation
- (optional) the [Heisenbridge](https://github.com/hifi/heisenbridge) for bridging your Matrix server to IRC bouncer-style - see [docs/configuring-playbook-bridge-heisenbridge.md](docs/configuring-playbook-bridge-heisenbridge.md) for setup documentation
diff --git a/collections/requirements.yml b/collections/requirements.yml
index 9d365441..483ed156 100644
--- a/collections/requirements.yml
+++ b/collections/requirements.yml
@@ -1,4 +1,4 @@
---
collections:
- name: community.general
- - name: community.docker
+ - name: community.docker
diff --git a/docs/configuring-playbook-bot-go-neb.md b/docs/configuring-playbook-bot-go-neb.md
index ab84e017..33ce4dd3 100644
--- a/docs/configuring-playbook-bot-go-neb.md
+++ b/docs/configuring-playbook-bot-go-neb.md
@@ -198,8 +198,8 @@ matrix_bot_go_neb_services:
# Each room will get the notification with the alert rendered with the given template
rooms:
"!someroomid:domain.tld":
- text_template: "{{range .Alerts -}} [{{ .Status }}] {{index .Labels \"alertname\" }}: {{index .Annotations \"description\"}} {{ end -}}"
- html_template: "{{range .Alerts -}} {{ $severity := index .Labels \"severity\" }} {{ if eq .Status \"firing\" }} {{ if eq $severity \"critical\"}} [FIRING - CRITICAL] {{ else if eq $severity \"warning\"}} [FIRING - WARNING] {{ else }} [FIRING - {{ $severity }}] {{ end }} {{ else }} [RESOLVED] {{ end }} {{ index .Labels \"alertname\"}} : {{ index .Annotations \"description\"}} source
{{end -}}"
+ text_template: "{% raw %}{{range .Alerts -}} [{{ .Status }}] {{index .Labels \"alertname\" }}: {{index .Annotations \"description\"}} {{ end -}}{% endraw %}"
+ html_template: "{% raw %}{{range .Alerts -}} {{ $severity := index .Labels \"severity\" }} {{ if eq .Status \"firing\" }} {{ if eq $severity \"critical\"}} [FIRING - CRITICAL] {{ else if eq $severity \"warning\"}} [FIRING - WARNING] {{ else }} [FIRING - {{ $severity }}] {{ end }} {{ else }} [RESOLVED] {{ end }} {{ index .Labels \"alertname\"}} : {{ index .Annotations \"description\"}} source
{{end -}}{% endraw %}"
msg_type: "m.text" # Must be either `m.text` or `m.notice`
```
diff --git a/docs/configuring-playbook-bot-matrix-reminder-bot.md b/docs/configuring-playbook-bot-matrix-reminder-bot.md
index c3c8e8bb..aaf5670c 100644
--- a/docs/configuring-playbook-bot-matrix-reminder-bot.md
+++ b/docs/configuring-playbook-bot-matrix-reminder-bot.md
@@ -54,6 +54,6 @@ You can also add the bot to any existing Matrix room (`/invite @bot.matrix-remin
Basic usage is like this: `!remindme in 2 minutes; This is a test`
-Send `!help commands` to the room to see the bot's help menu for additional commands.
+Send `!help reminders` to the room to see the bot's help menu for additional commands.
You can also refer to the upstream [Usage documentation](https://github.com/anoadragon453/matrix-reminder-bot#usage).
diff --git a/docs/configuring-playbook-bridge-appservice-webhooks.md b/docs/configuring-playbook-bridge-appservice-webhooks.md
index 3654bfa4..f4fbfbc0 100644
--- a/docs/configuring-playbook-bridge-appservice-webhooks.md
+++ b/docs/configuring-playbook-bridge-appservice-webhooks.md
@@ -2,6 +2,8 @@
The playbook can install and configure [matrix-appservice-webhooks](https://github.com/turt2live/matrix-appservice-webhooks) for you.
+Note: This bridge is no longer maintained. While not a 1:1 replacement, the bridge's author suggests taking a look at [matrix-hookshot](https://github.com/Half-Shot/matrix-hookshot) as a replacement, which can also be installed using [this playbook](configuring-playbook-bridge-hookshot.md).
+
This bridge provides support for Slack-compatible webhooks.
Setup Instructions:
diff --git a/docs/configuring-playbook-bridge-hookshot.md b/docs/configuring-playbook-bridge-hookshot.md
new file mode 100644
index 00000000..9a7f3f53
--- /dev/null
+++ b/docs/configuring-playbook-bridge-hookshot.md
@@ -0,0 +1,47 @@
+# Setting up Hookshot (optional)
+
+The playbook can install and configure [matrix-hookshot](https://github.com/Half-Shot/matrix-hookshot) for you.
+
+Hookshot can bridge [Webhooks](https://en.wikipedia.org/wiki/Webhook) from software project management services such as GitHub, GitLab, JIRA, and Figma, as well as generic webhooks.
+
+See the project's [documentation](https://half-shot.github.io/matrix-hookshot/hookshot.html) to learn what it does in detail and why it might be useful to you.
+
+Note: the playbook also supports [matrix-appservice-webhooks](configuring-playbook-bridge-appservice-webhooks.md), which however is soon to be archived by its author and to be replaced by hookshot.
+
+## Setup Instructions
+
+Refer to the [official instructions](https://half-shot.github.io/matrix-hookshot/setup.html) to learn what the individual options do.
+
+1. For each of the services (GitHub, GitLab, Jira, Figma, generic webhooks) fill in the respective variables `matrix_hookshot_service_*` listed in [main.yml](/roles/matrix-bridge-hookshot/defaults/main.yml) as required.
+2. Take special note of the `matrix_hookshot_*_enabled` variables. Services that need no further configuration are enabled by default (GitLab, Generic), while you must first add the required configuration and enable the others (GitHub, Jira, Figma).
+3. If you're setting up the GitHub bridge, you'll need to generate and download a private key file after you created your GitHub app. Copy the contents of that file to the variable `matrix_hookshot_github_private_key` so the playbook can install it for you, or use one of the [other methods](#manage-github-private-key-with-matrix-aux-role) explained below.
+4. If you've already installed Matrix services using the playbook before, you'll need to re-run it (`--tags=setup-all,start`). If not, proceed with [configuring other playbook services](configuring-playbook.md) and then with [Installing](installing.md). Get back to this guide once ready. Hookshot can be set up individually using the tag `setup-hookshot`.
+5. Refer to [Hookshot's official instructions](https://half-shot.github.io/matrix-hookshot/usage.html) to start using the bridge. Note that the different listeners are bound to certain paths (see `matrix_hookshot_matrix_nginx_proxy_configuration` in [init.yml](/roles/matrix-bridge-hookshot/tasks/init.yml)): by default webhooks root is `/hookshot/webhooks/`.
+
+Other configuration options are available via the `matrix_hookshot_configuration_extension_yaml` and `matrix_hookshot_registration_extension_yaml` variables, see the comments in [main.yml](/roles/matrix-bridge-hookshot/defaults/main.yml) for how to use them.
+
+### Manage GitHub Private Key with matrix-aux role
+
+The GitHub bridge requires you to install a private key file. This can be done in multiple ways:
+- copy the *contents* of the downloaded file and set the variable `matrix_hookshot_github_private_key` to the contents (see example in [main.yml](/roles/matrix-bridge-hookshot/defaults/main.yml)).
+- somehow copy the file to the path `{{ matrix_hookshot_base_path }}/{{ matrix_hookshot_github_private_key_file }}` (default: `/matrix/hookshot/private-key.pem`) on the server manually.
+- use the `matrix-aux` role to copy the file from an arbitrary path on your ansible client to the correct path on the server.
+
+To use `matrix-aux`, make sure the `matrix_hookshot_github_private_key` variable is empty. Then add to `matrix-aux` configuration like this:
+```yaml
+matrix_aux_file_definitions:
+ - dest: "{{ matrix_hookshot_base_path }}/{{ matrix_hookshot_github_private_key_file }}"
+ content: "{{ lookup('file', '/path/to/your-github-private-key.pem') }}"
+ mode: '0400'
+ owner: "{{ matrix_user_username }}"
+ group: "{{ matrix_user_groupname }}"
+```
+For more info see the documentation in the [matrix-aux base configuration file](/roles/matrix-aux/defaults/main.yml).
+
+### Provisioning API
+
+The provisioning API will be enabled automatically if you set `matrix_dimension_enabled: true` and provided a `matrix_hookshot_provisioning_secret`, unless you override it either way. To use hookshot with dimension, you will need to enter as "Provisioning URL": `http://matrix-hookshot:9002`, which is made up of the variables `matrix_hookshot_container_url` and `matrix_hookshot_provisioning_port`.
+
+### Metrics
+
+If metrics are enabled, they will be automatically available in the builtin Prometheus and Grafana, but you need to set up your own Dashboard for now. If additionally metrics proxying for use with external Prometheus is enabled (`matrix_nginx_proxy_proxy_synapse_metrics`), hookshot metrics will also be available (at `matrix_hookshot_metrics_endpoint`, default `/hookshot/metrics`, on the stats subdomain) and with the same password. See also [the Prometheus and Grafana docs](../configuring-playbook-prometheus-grafana.md).
diff --git a/docs/configuring-playbook-bridge-mx-puppet-slack.md b/docs/configuring-playbook-bridge-mx-puppet-slack.md
index e7d8dba2..0630270f 100644
--- a/docs/configuring-playbook-bridge-mx-puppet-slack.md
+++ b/docs/configuring-playbook-bridge-mx-puppet-slack.md
@@ -1,20 +1,33 @@
# Setting up MX Puppet Slack (optional)
-**Note**: bridging to [Slack](https://slack.com) can also happen via the [matrix-appservice-slack](configuring-playbook-bridge-appservice-slack.md) bridge supported by the playbook.
+**Note**: bridging to [Slack](https://slack.com) can also happen via the
+[matrix-appservice-slack](configuring-playbook-bridge-appservice-slack.md)
+bridge supported by the playbook.
The playbook can install and configure
[mx-puppet-slack](https://github.com/Sorunome/mx-puppet-slack) for you.
See the project page to learn what it does and why it might be useful to you.
-To enable the [Slack](https://slack.com/) bridge just use the following
-playbook configuration:
+## Setup
+To enable the [Slack](https://slack.com/) bridge:
-```yaml
-matrix_mx_puppet_slack_enabled: true
-```
-
+1. Follow the
+ [OAuth credentials](https://github.com/Sorunome/mx-puppet-slack#option-2-oauth)
+ instructions to create a new Slack app, setting the redirect URL to
+ `https://matrix.YOUR_DOMAIN/slack/oauth`.
+2. Update your `vars.yml` with the following:
+ ```yaml
+ matrix_mx_puppet_slack_enabled: true
+ # Client ID must be quoted so YAML does not parse it as a float.
+ matrix_mx_puppet_slack_oauth_client_id: ""
+ matrix_mx_puppet_slack_oauth_client_secret: ""
+ ```
+3. Run playbooks with `setup-all` and `start` tags:
+ ```
+ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start
+ ```
## Usage
diff --git a/docs/configuring-playbook-federation.md b/docs/configuring-playbook-federation.md
index 2e6410ec..4650b5e2 100644
--- a/docs/configuring-playbook-federation.md
+++ b/docs/configuring-playbook-federation.md
@@ -47,3 +47,20 @@ matrix_synapse_federation_port_enabled: false
# This removes the `8448` virtual host from the matrix-nginx-proxy reverse-proxy server.
matrix_nginx_proxy_proxy_matrix_federation_api_enabled: false
```
+
+## Changing the federation port from 8448 to a different port to use a CDN that only accepts 443/80 ports
+
+Why? This change could be useful for people running small Synapse instances on small severs/VPSes to avoid being impacted by a simple DOS/DDOS when bandwidth, RAM, an CPU resources are limited and if your hosting provider does not provide a DOS/DDOS protection.
+
+The following changes in the configuration file (`inventory/host_vars/matrix./vars.yml`) will allow this and make it possible to proxy the federation through a CDN such as CloudFlare or any other:
+
+```
+matrix_synapse_http_listener_resource_names: ["client","federation"]
+# Any port can be used but in this case we use 443
+matrix_federation_public_port: 443
+matrix_synapse_federation_port_enabled: false
+# Note that the following change might not be "required per se" but probably will be due to the proxying of the traffic through the CDN proxy servers (CloudFlare for instance). The security impact of doing this should be minimal as your CDN itself will encrypt the traffic no matter what on their proxy servers. You could however first try and see if federation works while setting the following to true.
+matrix_synapse_tls_federation_listener_enabled: false
+```
+
+**Use this at you own risk as all the possible side-effects of doing this are not fully known. However, it has been tested and works fine and passes all the tests on without issues.**
diff --git a/docs/configuring-playbook-ssl-certificates.md b/docs/configuring-playbook-ssl-certificates.md
index 2e288cc8..07e49c5a 100644
--- a/docs/configuring-playbook-ssl-certificates.md
+++ b/docs/configuring-playbook-ssl-certificates.md
@@ -67,8 +67,13 @@ By default, it obtains certificates for:
- `matrix.` (`matrix_server_fqn_matrix`)
- possibly for `element.`, unless you have disabled the [Element client component](configuring-playbook-client-element.md) using `matrix_client_element_enabled: false`
- possibly for `riot.`, if you have explicitly enabled Riot to Element redirection (for background compatibility) using `matrix_nginx_proxy_proxy_riot_compat_redirect_enabled: true`
+- possibly for `hydrogen.`, if you have explicitly [set up Hydrogen client](configuring-playbook-client-hydrogen.md).
+- possibly for `cinny.`, if you have explicitly [set up Cinny client](configuring-playbook-client-cinny.md).
- possibly for `dimension.`, if you have explicitly [set up Dimension](configuring-playbook-dimension.md).
+- possibly for `goneb.`, if you have explicitly [set up Go-NEB bot](configuring-playbook-bot-go-neb.md).
- possibly for `jitsi.`, if you have explicitly [set up Jitsi](configuring-playbook-jitsi.md).
+- possibly for `stats.`, if you have explicitly [set up Grafana](configuring-playbook-prometheus-grafana.md).
+- possibly for `sygnal.`, if you have explicitly [set up Sygnal](configuring-playbook-sygnal.md).
- possibly for your base domain (``), if you have explicitly configured [Serving the base domain](configuring-playbook-base-domain-serving.md)
If you are hosting other domains on the Matrix machine, you can make the playbook obtain and renew certificates for those other domains too.
diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md
index 31168d23..9b153883 100644
--- a/docs/configuring-playbook.md
+++ b/docs/configuring-playbook.md
@@ -117,6 +117,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins
- [Setting up Appservice Webhooks bridging](configuring-playbook-bridge-appservice-webhooks.md) (optional)
+- [Setting up matrix-hookshot](configuring-playbook-bridge-hookshot.md) - a bridge between Matrix and multiple project management services, such as [GitHub](https://github.com), [GitLab](https://about.gitlab.com) and [JIRA](https://www.atlassian.com/software/jira). (optional)
+
- [Setting up MX Puppet Skype bridging](configuring-playbook-bridge-mx-puppet-skype.md) (optional)
- [Setting up MX Puppet Slack bridging](configuring-playbook-bridge-mx-puppet-slack.md) (optional)
diff --git a/docs/faq.md b/docs/faq.md
index 5181c6ea..d9c7a586 100644
--- a/docs/faq.md
+++ b/docs/faq.md
@@ -226,7 +226,7 @@ Using a separate domain name is easier to manage (although it's a little hard to
We allow `matrix.DOMAIN` to be the Matrix server handling Matrix stuff for `DOMAIN` by [Server Delegation](howto-server-delegation.md). During the installation procedure, we recommend that you set up server delegation using the [.well-known](configuring-well-known.md) method.
-If you'd really like to install Matrix services directly on the base domain, see [How do I install on matrix.DOMAIN without involving the base DOMAIN?](#how-do-i-install-on-matrixdomain-without-involving-the-base-domain).
+If you'd really like to install Matrix services directly on the base domain, see [How do I install on matrix.DOMAIN without involving the base DOMAIN?](#how-do-i-install-on-matrixdomain-without-involving-the-base-domain)
### I don't control anything on the base domain and can't set up delegation to matrix.DOMAIN. What do I do?
diff --git a/examples/haproxy/docker-compose.yml b/examples/haproxy/docker-compose.yml
index 9177161d..b5c9aab7 100644
--- a/examples/haproxy/docker-compose.yml
+++ b/examples/haproxy/docker-compose.yml
@@ -1,7 +1,8 @@
+---
version: '3'
services:
nginx:
- image: local/nginx
+ image: local/nginx
ports:
- 40888:80
volumes:
diff --git a/examples/vars.yml b/examples/vars.yml
index f5776962..3ca8f460 100644
--- a/examples/vars.yml
+++ b/examples/vars.yml
@@ -1,3 +1,4 @@
+---
# The bare domain name which represents your Matrix identity.
# Matrix user ids for your server will be of the form (`@user:`).
#
diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers
index 79bdd088..b4aecf1e 100755
--- a/group_vars/matrix_servers
+++ b/group_vars/matrix_servers
@@ -700,6 +700,45 @@ matrix_heisenbridge_systemd_wanted_services_list: |
#
######################################################################
+######################################################################
+#
+# matrix-bridge-hookshot
+#
+######################################################################
+
+# We don't enable bridges by default.
+matrix_hookshot_enabled: false
+
+matrix_hookshot_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'hookshot.as.tok') | to_uuid }}"
+
+matrix_hookshot_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'hookshot.hs.tok') | to_uuid }}"
+
+matrix_hookshot_systemd_wanted_services_list: |
+ {{
+ (['matrix-' + matrix_homeserver_implementation + '.service'])
+ +
+ (['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else [])
+ }}
+
+matrix_hookshot_container_http_host_bind_ports_defaultmapping:
+ - "127.0.0.1:{{ matrix_hookshot_appservice_port }}:{{ matrix_hookshot_appservice_port }}"
+ - "127.0.0.1:{{ matrix_hookshot_metrics_port }}:{{ matrix_hookshot_metrics_port }}"
+ - "127.0.0.1:{{ matrix_hookshot_webhook_port }}:{{ matrix_hookshot_webhook_port }}"
+ - "127.0.0.1:{{ matrix_hookshot_provisioning_port }}:{{ matrix_hookshot_provisioning_port }}"
+
+matrix_hookshot_container_http_host_bind_ports: "{{ [] if matrix_nginx_proxy_enabled else matrix_hookshot_container_http_host_bind_ports_defaultmapping }}"
+
+matrix_hookshot_provisioning_enabled: "{{ matrix_hookshot_provisioning_secret and matrix_dimension_enabled }}"
+
+matrix_hookshot_proxy_metrics: "{{ matrix_nginx_proxy_proxy_synapse_metrics }}"
+matrix_hookshot_proxy_metrics_basic_auth_enabled: "{{ matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_enabled }}"
+
+######################################################################
+#
+# /matrix-bridge-hookshot
+#
+######################################################################
+
######################################################################
#
# matrix-bridge-mx-puppet-skype
@@ -1097,7 +1136,7 @@ matrix_bot_mjolnir_systemd_required_services_list: |
matrix_corporal_enabled: false
-matrix_corporal_container_image_self_build: "{{ matrix_architecture != 'amd64' }}"
+matrix_corporal_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm32', 'arm64'] }}"
# Normally, matrix-nginx-proxy is enabled and nginx can reach matrix-corporal over the container network.
# If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose
@@ -1127,8 +1166,6 @@ matrix_corporal_matrix_registration_shared_secret: "{{ matrix_synapse_registrati
#
######################################################################
-
-
######################################################################
#
# matrix-coturn
@@ -1163,8 +1200,6 @@ matrix_coturn_container_additional_volumes: |
#
######################################################################
-
-
######################################################################
#
# matrix-dimension
@@ -1242,8 +1277,6 @@ matrix_dynamic_dns_enabled: false
#
######################################################################
-
-
######################################################################
#
# matrix-email2matrix
@@ -1252,7 +1285,7 @@ matrix_dynamic_dns_enabled: false
matrix_email2matrix_enabled: false
-matrix_email2matrix_container_image_self_build: "{{ matrix_architecture != 'amd64' }}"
+matrix_email2matrix_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm32', 'arm64'] }}"
######################################################################
#
@@ -1260,8 +1293,6 @@ matrix_email2matrix_container_image_self_build: "{{ matrix_architecture != 'amd6
#
######################################################################
-
-
######################################################################
#
# matrix-jitsi
@@ -1306,8 +1337,6 @@ matrix_jitsi_etherpad_base: "{{ matrix_etherpad_base_url if matrix_etherpad_enab
#
######################################################################
-
-
######################################################################
#
# matrix-mailer
@@ -1319,7 +1348,7 @@ matrix_jitsi_etherpad_base: "{{ matrix_etherpad_base_url if matrix_etherpad_enab
# Other services (like ma1sd), also use the mailer.
matrix_mailer_enabled: true
-matrix_mailer_container_image_self_build: "{{ matrix_architecture != 'amd64'}}"
+matrix_mailer_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm32', 'arm64'] }}"
######################################################################
#
@@ -1327,8 +1356,6 @@ matrix_mailer_container_image_self_build: "{{ matrix_architecture != 'amd64'}}"
#
######################################################################
-
-
######################################################################
#
# matrix-ma1sd
@@ -1392,8 +1419,6 @@ matrix_ma1sd_database_password: "{{ '%s' | format(matrix_homeserver_generic_secr
#
######################################################################
-
-
######################################################################
#
# matrix-nginx-proxy
@@ -1521,6 +1546,10 @@ matrix_nginx_proxy_systemd_wanted_services_list: |
(['matrix-jitsi.service'] if matrix_jitsi_enabled else [])
+
(['matrix-bot-go-neb.service'] if matrix_bot_go_neb_enabled else [])
+ +
+ (['matrix-etherpad.service'] if matrix_etherpad_enabled and matrix_dimension_enabled else [])
+ +
+ (['matrix-hookshot.service'] if matrix_hookshot_enabled else [])
}}
matrix_ssl_domains_to_obtain_certificates_for: |
@@ -1568,8 +1597,6 @@ matrix_ssl_pre_obtaining_required_service_name: "{{ 'matrix-dynamic-dns' if matr
#
######################################################################
-
-
######################################################################
#
# matrix-postgres
@@ -1818,8 +1845,6 @@ matrix_postgres_import_databases_to_ignore: |
#
######################################################################
-
-
######################################################################
#
# matrix-sygnal
@@ -1840,8 +1865,6 @@ matrix_sygnal_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_enable
#
######################################################################
-
-
######################################################################
#
# matrix-redis
@@ -1856,8 +1879,6 @@ matrix_redis_enabled: "{{ matrix_synapse_workers_enabled }}"
#
######################################################################
-
-
######################################################################
#
# matrix-client-element
@@ -1905,8 +1926,6 @@ matrix_client_element_jitsi_preferredDomain: "{{ matrix_server_fqn_jitsi if matr
#
######################################################################
-
-
######################################################################
#
# matrix-client-hydrogen
@@ -1930,8 +1949,6 @@ matrix_client_hydrogen_self_check_validate_certificates: "{{ false if matrix_ssl
#
######################################################################
-
-
######################################################################
#
# matrix-client-cinny
@@ -1957,8 +1974,6 @@ matrix_client_cinny_self_check_validate_certificates: "{{ false if matrix_ssl_re
#
######################################################################
-
-
######################################################################
#
# matrix-synapse
@@ -2069,8 +2084,6 @@ matrix_synapse_redis_password: "{{ matrix_redis_connection_password if matrix_re
#
######################################################################
-
-
######################################################################
#
# matrix-synapse-admin
@@ -2092,8 +2105,6 @@ matrix_synapse_admin_container_image_self_build: "{{ matrix_architecture != 'amd
#
######################################################################
-
-
######################################################################
#
# matrix-prometheus-node-exporter
@@ -2108,8 +2119,6 @@ matrix_prometheus_node_exporter_enabled: false
#
######################################################################
-
-
######################################################################
#
# matrix-prometheus
@@ -2134,6 +2143,8 @@ matrix_prometheus_scraper_node_targets: "{{ ['matrix-prometheus-node-exporter:91
matrix_prometheus_scraper_postgres_enabled: "{{ matrix_prometheus_postgres_exporter_enabled }}"
matrix_prometheus_scraper_postgres_targets: "{{ ['matrix-prometheus-postgres-exporter:'+ matrix_prometheus_postgres_exporter_port|string] if matrix_prometheus_scraper_postgres_enabled else [] }}"
+matrix_prometheus_scraper_hookshot_enabled: "{{ matrix_hookshot_metrics_enabled }}"
+matrix_prometheus_scraper_hookshot_targets: "{{ [matrix_hookshot_container_url|string +':'+ matrix_hookshot_metrics_port|string] if matrix_hookshot_metrics_enabled else [] }}"
######################################################################
#
@@ -2141,7 +2152,6 @@ matrix_prometheus_scraper_postgres_targets: "{{ ['matrix-prometheus-postgres-exp
#
######################################################################
-
######################################################################
#
# matrix-prometheus-postgres-exporter
@@ -2197,8 +2207,6 @@ matrix_grafana_systemd_wanted_services_list: |
#
######################################################################
-
-
######################################################################
#
# matrix-registration
diff --git a/roles/matrix-aux/tasks/main.yml b/roles/matrix-aux/tasks/main.yml
index ee93f63a..2585715b 100644
--- a/roles/matrix-aux/tasks/main.yml
+++ b/roles/matrix-aux/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/setup.yml"
when: run_stop|bool
tags:
diff --git a/roles/matrix-awx/defaults/main.yml b/roles/matrix-awx/defaults/main.yml
index 1b61797e..cb847325 100755
--- a/roles/matrix-awx/defaults/main.yml
+++ b/roles/matrix-awx/defaults/main.yml
@@ -1,3 +1,5 @@
+---
+
matrix_awx_enabled: true
# Defaults for 'Customise Website + Access Export' template
diff --git a/roles/matrix-awx/tasks/backup_server.yml b/roles/matrix-awx/tasks/backup_server.yml
index d33f0f70..553eb1b9 100644
--- a/roles/matrix-awx/tasks/backup_server.yml
+++ b/roles/matrix-awx/tasks/backup_server.yml
@@ -1,3 +1,4 @@
+---
- name: Record Backup Server variables locally on AWX
delegate_to: 127.0.0.1
@@ -38,18 +39,18 @@
credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/backup_server.json') }}"
- become_enabled: yes
+ become_enabled: true
state: present
verbosity: 1
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
- validate_certs: yes
+ validate_certs: true
tags: use-survey
- name: Include vars in matrix_vars.yml
include_vars:
file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
- no_log: True
+ no_log: true
- name: Copy new 'matrix_vars.yml' to target machine
copy:
@@ -58,8 +59,8 @@
mode: '0660'
tags: use-survey
-- name: Run initial backup of /matrix/ and snapshot the database simultaneously
- command: "{{ item }}"
+- name: Run initial backup of /matrix/ and snapshot the database simultaneously
+ command: "{{ item }}"
with_items:
- borgmatic -c /root/.config/borgmatic/config_1.yaml
- /bin/sh /usr/local/bin/awx-export-service.sh 1 0
diff --git a/roles/matrix-awx/tasks/bridge_discord_appservice.yml b/roles/matrix-awx/tasks/bridge_discord_appservice.yml
index 7cb24028..3c124db3 100644
--- a/roles/matrix-awx/tasks/bridge_discord_appservice.yml
+++ b/roles/matrix-awx/tasks/bridge_discord_appservice.yml
@@ -1,3 +1,4 @@
+---
- name: Record Bridge Discord AppService variables locally on AWX
delegate_to: 127.0.0.1
@@ -33,7 +34,7 @@
- name: Copy new 'Bridge Discord Appservice' survey.json to target machine
copy:
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/bridge_discord_appservice.json'
- dest: '/matrix/awx/bridge_discord_appservice.json'
+ dest: '/matrix/awx/bridge_discord_appservice.json'
mode: '0660'
- name: Recreate 'Bridge Discord Appservice' job template
@@ -54,4 +55,4 @@
verbosity: 1
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
- validate_certs: yes
+ validate_certs: true
diff --git a/roles/matrix-awx/tasks/cache_matrix_variables.yml b/roles/matrix-awx/tasks/cache_matrix_variables.yml
index a34b3792..ca41880a 100644
--- a/roles/matrix-awx/tasks/cache_matrix_variables.yml
+++ b/roles/matrix-awx/tasks/cache_matrix_variables.yml
@@ -1,3 +1,4 @@
+---
- name: Collect current datetime
set_fact:
diff --git a/roles/matrix-awx/tasks/create_session_token.yml b/roles/matrix-awx/tasks/create_session_token.yml
index 9f22a37e..7d984b3d 100644
--- a/roles/matrix-awx/tasks/create_session_token.yml
+++ b/roles/matrix-awx/tasks/create_session_token.yml
@@ -1,3 +1,4 @@
+---
- name: Create a AWX session token for executing modules
awx.awx.tower_token:
@@ -7,4 +8,4 @@
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_master_token }}"
register: awx_session_token
- no_log: True
+ no_log: true
diff --git a/roles/matrix-awx/tasks/create_user.yml b/roles/matrix-awx/tasks/create_user.yml
index fefec426..7d203ed0 100755
--- a/roles/matrix-awx/tasks/create_user.yml
+++ b/roles/matrix-awx/tasks/create_user.yml
@@ -1,3 +1,4 @@
+---
#
# Create user and define if they are admin
#
diff --git a/roles/matrix-awx/tasks/customise_website_access_export.yml b/roles/matrix-awx/tasks/customise_website_access_export.yml
index c9b96026..80d6d795 100755
--- a/roles/matrix-awx/tasks/customise_website_access_export.yml
+++ b/roles/matrix-awx/tasks/customise_website_access_export.yml
@@ -48,7 +48,7 @@
- name: Reload vars in matrix_vars.yml
include_vars:
file: '{{ awx_cached_matrix_vars }}'
- no_log: True
+ no_log: true
- name: Save new 'Customise Website + Access Export' survey.json to the AWX tower, template
delegate_to: 127.0.0.1
@@ -60,7 +60,7 @@
- name: Copy new 'Customise Website + Access Export' survey.json to target machine
copy:
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_website_access_export.json'
- dest: '/matrix/awx/configure_website_access_export.json'
+ dest: '/matrix/awx/configure_website_access_export.json'
mode: '0660'
when: awx_customise_base_domain_website is defined
@@ -74,7 +74,7 @@
- name: Copy new 'Customise Website + Access Export' survey.json to target machine
copy:
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/access_export.json'
- dest: '/matrix/awx/access_export.json'
+ dest: '/matrix/awx/access_export.json'
mode: '0660'
when: awx_customise_base_domain_website is undefined
@@ -92,12 +92,12 @@
credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_website_access_export.json') }}"
- become_enabled: yes
+ become_enabled: true
state: present
verbosity: 1
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
- validate_certs: yes
+ validate_certs: true
when: awx_customise_base_domain_website is defined
- name: Recreate 'Access Export' job template
@@ -114,12 +114,12 @@
credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/access_export.json') }}"
- become_enabled: yes
+ become_enabled: true
state: present
verbosity: 1
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
- validate_certs: yes
+ validate_certs: true
when: awx_customise_base_domain_website is undefined
- name: If user doesn't define a awx_sftp_password, create a disabled 'sftp' account
@@ -153,7 +153,7 @@
user:
name: sftp
groups: sftp
- append: yes
+ append: true
when: awx_customise_base_domain_website is defined
- name: Create the ro /chroot directory with sticky bit if it doesn't exist. (/chroot/website has matrix:matrix permissions and is mounted to nginx container)
@@ -208,7 +208,7 @@
group: sftp
mode: '0644'
when: (awx_sftp_public_key | length > 0) and (awx_sftp_auth_method == "SSH Key")
-
+
- name: Remove any existing Subsystem lines
lineinfile:
path: /etc/ssh/sshd_config
diff --git a/roles/matrix-awx/tasks/export_server.yml b/roles/matrix-awx/tasks/export_server.yml
index d779028e..a2b97e79 100644
--- a/roles/matrix-awx/tasks/export_server.yml
+++ b/roles/matrix-awx/tasks/export_server.yml
@@ -1,7 +1,7 @@
---
-- name: Run export of /matrix/ and snapshot the database simultaneously
- command: "{{ item }}"
+- name: Run export of /matrix/ and snapshot the database simultaneously
+ command: "{{ item }}"
with_items:
- /bin/sh /usr/local/bin/awx-export-service.sh 1 0
- /bin/sh /usr/local/bin/awx-export-service.sh 0 1
@@ -23,7 +23,7 @@
command: rm /chroot/export/matrix*
count: 1
units: days
- unique: yes
+ unique: true
- name: Delete the AWX session token for executing modules
awx.awx.tower_token:
diff --git a/roles/matrix-awx/tasks/load_hosting_and_org_variables.yml b/roles/matrix-awx/tasks/load_hosting_and_org_variables.yml
index 69b2aac8..6e8bb899 100644
--- a/roles/matrix-awx/tasks/load_hosting_and_org_variables.yml
+++ b/roles/matrix-awx/tasks/load_hosting_and_org_variables.yml
@@ -3,14 +3,14 @@
- name: Include vars in organisation.yml
include_vars:
file: '/var/lib/awx/projects/clients/{{ member_id }}/organisation.yml'
- no_log: True
+ no_log: true
- name: Include vars in hosting_vars.yml
include_vars:
file: '/var/lib/awx/projects/hosting/hosting_vars.yml'
- no_log: True
+ no_log: true
- name: Include AWX master token from awx_tokens.yml
include_vars:
file: /var/lib/awx/projects/hosting/awx_tokens.yml
- no_log: True
+ no_log: true
diff --git a/roles/matrix-awx/tasks/load_matrix_variables.yml b/roles/matrix-awx/tasks/load_matrix_variables.yml
index 34754efb..7a76f34b 100755
--- a/roles/matrix-awx/tasks/load_matrix_variables.yml
+++ b/roles/matrix-awx/tasks/load_matrix_variables.yml
@@ -3,9 +3,9 @@
- name: Include new vars in matrix_vars.yml
include_vars:
file: '{{ awx_cached_matrix_vars }}'
- no_log: True
+ no_log: true
-- name: If include_vars succeeds overwrite the old matrix_vars.yml
+- name: If include_vars succeeds overwrite the old matrix_vars.yml
delegate_to: 127.0.0.1
shell: "cp {{ awx_cached_matrix_vars }} /var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml && rm {{ awx_cached_matrix_vars }}"
diff --git a/roles/matrix-awx/tasks/main.yml b/roles/matrix-awx/tasks/main.yml
index 6ac39a49..b5e951c6 100755
--- a/roles/matrix-awx/tasks/main.yml
+++ b/roles/matrix-awx/tasks/main.yml
@@ -1,6 +1,6 @@
-
+---
# Load initial hosting and organisation variables from AWX volume
-- include_tasks:
+- include_tasks:
file: "load_hosting_and_org_variables.yml"
apply:
tags: always
@@ -9,7 +9,7 @@
- always
# Renames or updates the vars.yml if needed
-- include_tasks:
+- include_tasks:
file: "update_variables.yml"
apply:
tags: always
@@ -18,7 +18,7 @@
- always
# Create AWX session token
-- include_tasks:
+- include_tasks:
file: "create_session_token.yml"
apply:
tags: always
@@ -27,7 +27,7 @@
- always
# Perform a backup of the server
-- include_tasks:
+- include_tasks:
file: "backup_server.yml"
apply:
tags: backup-server
@@ -36,7 +36,7 @@
- backup-server
# Perform a export of the server
-- include_tasks:
+- include_tasks:
file: "export_server.yml"
apply:
tags: export-server
@@ -45,7 +45,7 @@
- export-server
# Create a user account if called
-- include_tasks:
+- include_tasks:
file: "create_user.yml"
apply:
tags: create-user
@@ -54,7 +54,7 @@
- create-user
# Purge local/remote media if called
-- include_tasks:
+- include_tasks:
file: "purge_media_main.yml"
apply:
tags: purge-media
@@ -63,7 +63,7 @@
- purge-media
# Purge Synapse database if called
-- include_tasks:
+- include_tasks:
file: "purge_database_main.yml"
apply:
tags: purge-database
@@ -72,7 +72,7 @@
- purge-database
# Rotate SSH key if called
-- include_tasks:
+- include_tasks:
file: "rotate_ssh.yml"
apply:
tags: rotate-ssh
@@ -81,16 +81,16 @@
- rotate-ssh
# Import configs, media repo from /chroot/backup import
-- include_tasks:
+- include_tasks:
file: "import_awx.yml"
apply:
tags: import-awx
when: run_setup|bool and matrix_awx_enabled|bool
tags:
- import-awx
-
+
# Perform extra self-check functions
-- include_tasks:
+- include_tasks:
file: "self_check.yml"
apply:
tags: self-check
@@ -99,7 +99,7 @@
- self-check
# Create cached matrix_vars.yml file
-- include_tasks:
+- include_tasks:
file: "cache_matrix_variables.yml"
apply:
tags: always
@@ -108,7 +108,7 @@
- always
# Configure SFTP so user can upload a static website or access the servers export
-- include_tasks:
+- include_tasks:
file: "customise_website_access_export.yml"
apply:
tags: setup-nginx-proxy
@@ -117,7 +117,7 @@
- setup-nginx-proxy
# Additional playbook to set the variable file during Element configuration
-- include_tasks:
+- include_tasks:
file: "set_variables_element.yml"
apply:
tags: setup-client-element
@@ -126,7 +126,7 @@
- setup-client-element
# Additional playbook to set the variable file during Mailer configuration
-- include_tasks:
+- include_tasks:
file: "set_variables_mailer.yml"
apply:
tags: setup-mailer
@@ -135,7 +135,7 @@
- setup-mailer
# Additional playbook to set the variable file during Element configuration
-- include_tasks:
+- include_tasks:
file: "set_variables_element_subdomain.yml"
apply:
tags: setup-client-element-subdomain
@@ -144,7 +144,7 @@
- setup-client-element-subdomain
# Additional playbook to set the variable file during Synapse configuration
-- include_tasks:
+- include_tasks:
file: "set_variables_synapse.yml"
apply:
tags: setup-synapse
@@ -153,7 +153,7 @@
- setup-synapse
# Additional playbook to set the variable file during Jitsi configuration
-- include_tasks:
+- include_tasks:
file: "set_variables_jitsi.yml"
apply:
tags: setup-jitsi
@@ -162,7 +162,7 @@
- setup-jitsi
# Additional playbook to set the variable file during Ma1sd configuration
-- include_tasks:
+- include_tasks:
file: "set_variables_ma1sd.yml"
apply:
tags: setup-ma1sd
@@ -171,7 +171,7 @@
- setup-ma1sd
# Additional playbook to set the variable file during Corporal configuration
-- include_tasks:
+- include_tasks:
file: "set_variables_corporal.yml"
apply:
tags: setup-corporal
@@ -180,7 +180,7 @@
- setup-corporal
# Additional playbook to set the variable file during Dimension configuration
-- include_tasks:
+- include_tasks:
file: "set_variables_dimension.yml"
apply:
tags: setup-dimension
@@ -189,7 +189,7 @@
- setup-dimension
# Additional playbook to set the variable file during Synapse Admin configuration
-- include_tasks:
+- include_tasks:
file: "set_variables_synapse_admin.yml"
apply:
tags: setup-synapse-admin
@@ -198,7 +198,7 @@
- setup-synapse-admin
# Additional playbook to set the variable file during Discord Appservice Bridge configuration
-- include_tasks:
+- include_tasks:
file: "bridge_discord_appservice.yml"
apply:
tags: bridge-discord-appservice
@@ -207,7 +207,7 @@
- bridge-discord-appservice
# Delete AWX session token
-- include_tasks:
+- include_tasks:
file: "delete_session_token.yml"
apply:
tags: always
@@ -216,7 +216,7 @@
- always
# Load newly formed matrix variables from AWX volume
-- include_tasks:
+- include_tasks:
file: "load_matrix_variables.yml"
apply:
tags: always
diff --git a/roles/matrix-awx/tasks/purge_database_main.yml b/roles/matrix-awx/tasks/purge_database_main.yml
index f29061fb..9882f195 100644
--- a/roles/matrix-awx/tasks/purge_database_main.yml
+++ b/roles/matrix-awx/tasks/purge_database_main.yml
@@ -9,20 +9,20 @@
- name: Include vars in matrix_vars.yml
include_vars:
file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
- no_log: True
+ no_log: true
- name: Ensure curl and jq intalled on target machine
apt:
pkg:
- - curl
- - jq
+ - curl
+ - jq
state: present
- name: Collect before shrink size of Synapse database
shell: du -sh /matrix/postgres/data
register: awx_db_size_before_stat
when: (awx_purge_mode.find("Perform final shrink") != -1)
- no_log: True
+ no_log: true
- name: Collect the internal IP of the matrix-synapse container
shell: "/usr/bin/docker inspect --format '{''{range.NetworkSettings.Networks}''}{''{.IPAddress}''}{''{end}''}' matrix-synapse"
@@ -34,7 +34,7 @@
curl -X POST -d '{"type":"m.login.password", "user":"admin-janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_matrix/client/r0/login" | jq '.access_token'
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
register: awx_janitors_token
- no_log: True
+ no_log: true
- name: Copy build_room_list.py script to target machine
copy:
@@ -55,7 +55,7 @@
fetch:
src: /tmp/room_list_complete.json
dest: "/tmp/{{ subscription_id }}_room_list_complete.json"
- flat: yes
+ flat: true
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
- name: Remove complete room list from target machine
@@ -80,7 +80,7 @@
- name: Setting host fact awx_room_list_no_local_users
set_fact:
awx_room_list_no_local_users: "{{ lookup('file', '/tmp/{{ subscription_id }}_room_list_no_local_users.txt') }}"
- no_log: True
+ no_log: true
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
- name: Purge all rooms with no local users
@@ -113,7 +113,7 @@
set_fact:
awx_room_list_joined_members: "{{ lookup('file', '/tmp/{{ subscription_id }}_room_list_joined_members.txt') }}"
when: awx_purge_mode.find("Number of users [slower]") != -1
- no_log: True
+ no_log: true
- name: Purge all rooms with more then N users
include_tasks: purge_database_users.yml
@@ -138,7 +138,7 @@
set_fact:
awx_room_list_state_events: "{{ lookup('file', '/tmp/{{ subscription_id }}_room_list_state_events.txt') }}"
when: awx_purge_mode.find("Number of events [slower]") != -1
- no_log: True
+ no_log: true
- name: Purge all rooms with more then N events
include_tasks: purge_database_events.yml
@@ -161,17 +161,17 @@
verbosity: 1
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
- validate_certs: yes
+ validate_certs: true
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1)
- name: Execute rust-synapse-compress-state job template
delegate_to: 127.0.0.1
awx.awx.tower_job_launch:
job_template: "{{ matrix_domain }} - 0 - Deploy/Update a Server"
- wait: yes
+ wait: true
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
- validate_certs: yes
+ validate_certs: true
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1)
- name: Revert 'Deploy/Update a Server' job template
@@ -190,14 +190,14 @@
verbosity: 1
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
- validate_certs: yes
+ validate_certs: true
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1)
- name: Ensure matrix-synapse is stopped
service:
name: matrix-synapse
state: stopped
- daemon_reload: yes
+ daemon_reload: true
when: (awx_purge_mode.find("Perform final shrink") != -1)
- name: Re-index Synapse database
@@ -208,7 +208,7 @@
service:
name: matrix-synapse
state: started
- daemon_reload: yes
+ daemon_reload: true
when: (awx_purge_mode.find("Perform final shrink") != -1)
- name: Adjust 'Deploy/Update a Server' job template
@@ -227,17 +227,17 @@
verbosity: 1
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
- validate_certs: yes
+ validate_certs: true
when: (awx_purge_mode.find("Perform final shrink") != -1)
- name: Execute run-postgres-vacuum job template
delegate_to: 127.0.0.1
awx.awx.tower_job_launch:
job_template: "{{ matrix_domain }} - 0 - Deploy/Update a Server"
- wait: yes
+ wait: true
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
- validate_certs: yes
+ validate_certs: true
when: (awx_purge_mode.find("Perform final shrink") != -1)
- name: Revert 'Deploy/Update a Server' job template
@@ -256,7 +256,7 @@
verbosity: 1
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
- validate_certs: yes
+ validate_certs: true
when: (awx_purge_mode.find("Perform final shrink") != -1)
- name: Cleanup room_list files
@@ -264,13 +264,13 @@
shell: |
rm /tmp/{{ subscription_id }}_room_list*
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
- ignore_errors: yes
+ ignore_errors: true
- name: Collect after shrink size of Synapse database
shell: du -sh /matrix/postgres/data
register: awx_db_size_after_stat
when: (awx_purge_mode.find("Perform final shrink") != -1)
- no_log: True
+ no_log: true
- name: Print total number of rooms processed
debug:
diff --git a/roles/matrix-awx/tasks/purge_media_main.yml b/roles/matrix-awx/tasks/purge_media_main.yml
index c836d16c..bd7e7d1c 100644
--- a/roles/matrix-awx/tasks/purge_media_main.yml
+++ b/roles/matrix-awx/tasks/purge_media_main.yml
@@ -1,3 +1,4 @@
+---
- name: Ensure dateutils is installed in AWX
delegate_to: 127.0.0.1
@@ -8,13 +9,13 @@
- name: Include vars in matrix_vars.yml
include_vars:
file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
- no_log: True
+ no_log: true
- name: Ensure curl and jq intalled on target machine
apt:
pkg:
- - curl
- - jq
+ - curl
+ - jq
state: present
- name: Collect the internal IP of the matrix-synapse container
@@ -25,7 +26,7 @@
shell: |
curl -XPOST -d '{"type":"m.login.password", "user":"admin-janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_matrix/client/r0/login" | jq '.access_token'
register: awx_janitors_token
- no_log: True
+ no_log: true
- name: Generate list of dates to purge to
delegate_to: 127.0.0.1
@@ -37,16 +38,16 @@
register: awx_local_media_size_before
when: awx_purge_media_type == "Local Media"
async: 600
- ignore_errors: yes
- no_log: True
+ ignore_errors: true
+ no_log: true
- name: Calculate initial size of remote media repository
shell: du -sh /matrix/synapse/storage/media-store/remote*
register: awx_remote_media_size_before
when: awx_purge_media_type == "Remote Media"
- async: 600
- ignore_errors: yes
- no_log: True
+ async: 600
+ ignore_errors: true
+ no_log: true
- name: Purge local media with loop
include_tasks: purge_media_local.yml
@@ -62,15 +63,15 @@
shell: du -sh /matrix/synapse/storage/media-store/local*
register: awx_local_media_size_after
when: awx_purge_media_type == "Local Media"
- ignore_errors: yes
- no_log: True
+ ignore_errors: true
+ no_log: true
- name: Calculate final size of remote media repository
shell: du -sh /matrix/synapse/storage/media-store/remote*
register: awx_remote_media_size_after
when: awx_purge_media_type == "Remote Media"
- ignore_errors: yes
- no_log: True
+ ignore_errors: true
+ no_log: true
- name: Print size of local media repository before purge
debug:
diff --git a/roles/matrix-awx/tasks/rotate_ssh.yml b/roles/matrix-awx/tasks/rotate_ssh.yml
index 9596f504..bd59cbc1 100644
--- a/roles/matrix-awx/tasks/rotate_ssh.yml
+++ b/roles/matrix-awx/tasks/rotate_ssh.yml
@@ -4,7 +4,7 @@
authorized_key:
user: root
state: present
- exclusive: yes
+ exclusive: true
key: "{{ lookup('file', '/var/lib/awx/projects/hosting/client_public.key') }}"
- name: Delete the AWX session token for executing modules
diff --git a/roles/matrix-awx/tasks/self_check.yml b/roles/matrix-awx/tasks/self_check.yml
index a7b0cb3a..68e833a4 100644
--- a/roles/matrix-awx/tasks/self_check.yml
+++ b/roles/matrix-awx/tasks/self_check.yml
@@ -25,53 +25,53 @@
shell: |
curl -s localhost:9000 | grep "^synapse_admin_mau_current "
register: awx_mau_stat
- no_log: True
+ no_log: true
- name: Calculate CPU usage statistics
shell: iostat -c
register: awx_cpu_usage_stat
- no_log: True
+ no_log: true
- name: Calculate RAM usage statistics
shell: free -mh
register: awx_ram_usage_stat
- no_log: True
+ no_log: true
- name: Calculate free disk space
shell: df -h
register: awx_disk_space_stat
- no_log: True
+ no_log: true
- name: Calculate size of Synapse database
shell: du -sh /matrix/postgres/data
register: awx_db_size_stat
- no_log: True
+ no_log: true
- name: Calculate size of local media repository
shell: du -sh /matrix/synapse/storage/media-store/local*
register: awx_local_media_size_stat
async: 600
- ignore_errors: yes
- no_log: True
+ ignore_errors: true
+ no_log: true
- name: Calculate size of remote media repository
shell: du -sh /matrix/synapse/storage/media-store/remote*
register: awx_remote_media_size_stat
async: 600
- ignore_errors: yes
- no_log: True
+ ignore_errors: true
+ no_log: true
- name: Calculate docker container statistics
shell: docker stats --all --no-stream
register: awx_docker_stats
- ignore_errors: yes
- no_log: True
+ ignore_errors: true
+ no_log: true
- name: Print size of remote media repository
debug:
msg: "{{ awx_remote_media_size_stat.stdout.split('\n') }}"
when: awx_remote_media_size_stat is defined
-
+
- name: Print size of local media repository
debug:
msg: "{{ awx_local_media_size_stat.stdout.split('\n') }}"
diff --git a/roles/matrix-awx/tasks/set_variables_corporal.yml b/roles/matrix-awx/tasks/set_variables_corporal.yml
index e911144d..007ae59f 100755
--- a/roles/matrix-awx/tasks/set_variables_corporal.yml
+++ b/roles/matrix-awx/tasks/set_variables_corporal.yml
@@ -235,9 +235,9 @@
credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_corporal.json') }}"
- become_enabled: yes
+ become_enabled: true
state: present
verbosity: 1
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
- validate_certs: yes
+ validate_certs: true
diff --git a/roles/matrix-awx/tasks/set_variables_dimension.yml b/roles/matrix-awx/tasks/set_variables_dimension.yml
index eee4e6f2..d692e081 100644
--- a/roles/matrix-awx/tasks/set_variables_dimension.yml
+++ b/roles/matrix-awx/tasks/set_variables_dimension.yml
@@ -3,18 +3,18 @@
- name: Include vars in matrix_vars.yml
include_vars:
file: '{{ awx_cached_matrix_vars }}'
- no_log: True
+ no_log: true
- name: Install jq and curl on remote machine
apt:
- name:
+ name:
- jq
- curl
state: present
- name: Collect access token of @admin-dimension user
shell: |
- curl -X POST --header 'Content-Type: application/json' -d '{ "identifier": { "type": "m.id.user","user": "admin-dimension" }, "password": "{{ awx_dimension_user_password }}", "type": "m.login.password"}' 'https://matrix.{{ matrix_domain }}/_matrix/client/r0/login' | jq -c '. | {access_token}' | sed 's/.*\":\"//' | sed 's/\"}//'
+ curl -X POST --header 'Content-Type: application/json' -d '{"identifier": {"type": "m.id.user","user": "admin-dimension"}, "password": "{{ awx_dimension_user_password }}", "type": "m.login.password"}' 'https://matrix.{{ matrix_domain }}/_matrix/client/r0/login' | jq -c '. | {access_token}' | sed 's/.*\":\"//' | sed 's/\"}//'
register: awx_dimension_user_access_token
- name: Record Synapse variables locally on AWX
@@ -27,7 +27,7 @@
with_dict:
'matrix_dimension_enabled': '{{ matrix_dimension_enabled }}'
'matrix_dimension_access_token': '"{{ awx_dimension_user_access_token.stdout }}"'
-
+
- name: Set final users list if users are defined
set_fact:
awx_dimension_users_final: "{{ awx_dimension_users }}"
@@ -80,7 +80,7 @@
- name: Copy new 'Configure Dimension' survey.json to target machine
copy:
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_dimension.json'
- dest: '/matrix/awx/configure_dimension.json'
+ dest: '/matrix/awx/configure_dimension.json'
mode: '0660'
- name: Recreate 'Configure Dimension' job template
@@ -97,9 +97,9 @@
credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_dimension.json') }}"
- become_enabled: yes
+ become_enabled: true
state: present
verbosity: 1
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
- validate_certs: yes
+ validate_certs: true
diff --git a/roles/matrix-awx/tasks/set_variables_element.yml b/roles/matrix-awx/tasks/set_variables_element.yml
index 491c91b3..4b2ce859 100755
--- a/roles/matrix-awx/tasks/set_variables_element.yml
+++ b/roles/matrix-awx/tasks/set_variables_element.yml
@@ -172,9 +172,9 @@
credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_element.json') }}"
- become_enabled: yes
+ become_enabled: true
state: present
verbosity: 1
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
- validate_certs: yes
+ validate_certs: true
diff --git a/roles/matrix-awx/tasks/set_variables_element_subdomain.yml b/roles/matrix-awx/tasks/set_variables_element_subdomain.yml
index 9e47be16..1c78b9e0 100644
--- a/roles/matrix-awx/tasks/set_variables_element_subdomain.yml
+++ b/roles/matrix-awx/tasks/set_variables_element_subdomain.yml
@@ -9,7 +9,7 @@
insertafter: '# Element Settings Start'
with_dict:
'matrix_server_fqn_element': "{{ awx_element_subdomain | trim }}.{{ matrix_domain }}"
-
+
- name: Save new 'Configure Element Subdomain' survey.json to the AWX tower, template
delegate_to: 127.0.0.1
template:
@@ -40,4 +40,4 @@
verbosity: 1
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
- validate_certs: yes
+ validate_certs: true
diff --git a/roles/matrix-awx/tasks/set_variables_jitsi.yml b/roles/matrix-awx/tasks/set_variables_jitsi.yml
index 2e8f1f8e..b12391bf 100755
--- a/roles/matrix-awx/tasks/set_variables_jitsi.yml
+++ b/roles/matrix-awx/tasks/set_variables_jitsi.yml
@@ -20,7 +20,7 @@
- name: Copy new 'Configure Jitsi' survey.json to target machine
copy:
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_jitsi.json'
- dest: '/matrix/awx/configure_jitsi.json'
+ dest: '/matrix/awx/configure_jitsi.json'
mode: '0660'
- name: Recreate 'Configure Jitsi' job template
@@ -37,9 +37,9 @@
credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_jitsi.json') }}"
- become_enabled: yes
+ become_enabled: true
state: present
verbosity: 1
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
- validate_certs: yes
+ validate_certs: true
diff --git a/roles/matrix-awx/tasks/set_variables_ma1sd.yml b/roles/matrix-awx/tasks/set_variables_ma1sd.yml
index db5037d1..fba7225a 100755
--- a/roles/matrix-awx/tasks/set_variables_ma1sd.yml
+++ b/roles/matrix-awx/tasks/set_variables_ma1sd.yml
@@ -66,7 +66,7 @@
with_dict:
'awx_matrix_ma1sd_auth_store': '{{ awx_matrix_ma1sd_auth_store }}'
'awx_matrix_ma1sd_configuration_extension_yaml': '{{ awx_matrix_ma1sd_configuration_extension_yaml.splitlines() | to_json }}'
- no_log: True
+ no_log: true
- name: Save new 'Configure ma1sd' survey.json to the AWX tower, template
delegate_to: 127.0.0.1
@@ -77,7 +77,7 @@
- name: Copy new 'Configure ma1sd' survey.json to target machine
copy:
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_ma1sd.json'
- dest: '/matrix/awx/configure_ma1sd.json'
+ dest: '/matrix/awx/configure_ma1sd.json'
mode: '0660'
- name: Recreate 'Configure ma1sd (Advanced)' job template
@@ -94,10 +94,9 @@
credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_ma1sd.json') }}"
- become_enabled: yes
+ become_enabled: true
state: present
verbosity: 1
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
- validate_certs: yes
-
+ validate_certs: true
diff --git a/roles/matrix-awx/tasks/set_variables_mailer.yml b/roles/matrix-awx/tasks/set_variables_mailer.yml
index 2ae2d513..6581223d 100644
--- a/roles/matrix-awx/tasks/set_variables_mailer.yml
+++ b/roles/matrix-awx/tasks/set_variables_mailer.yml
@@ -36,9 +36,9 @@
credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_email_relay.json') }}"
- become_enabled: yes
+ become_enabled: true
state: present
verbosity: 1
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
- validate_certs: yes
+ validate_certs: true
diff --git a/roles/matrix-awx/tasks/set_variables_synapse.yml b/roles/matrix-awx/tasks/set_variables_synapse.yml
index f0fe2369..f749f03f 100755
--- a/roles/matrix-awx/tasks/set_variables_synapse.yml
+++ b/roles/matrix-awx/tasks/set_variables_synapse.yml
@@ -1,3 +1,4 @@
+---
- name: Limit max upload size to 200MB part 1
set_fact:
@@ -197,7 +198,7 @@
- name: Copy new 'Configure Synapse' survey.json to target machine
copy:
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse.json'
- dest: '/matrix/awx/configure_synapse.json'
+ dest: '/matrix/awx/configure_synapse.json'
mode: '0660'
- name: Recreate 'Configure Synapse' job template
@@ -214,9 +215,9 @@
credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse.json') }}"
- become_enabled: yes
+ become_enabled: true
state: present
verbosity: 1
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
- validate_certs: yes
+ validate_certs: true
diff --git a/roles/matrix-awx/tasks/set_variables_synapse_admin.yml b/roles/matrix-awx/tasks/set_variables_synapse_admin.yml
index 635befb5..1e63fb71 100644
--- a/roles/matrix-awx/tasks/set_variables_synapse_admin.yml
+++ b/roles/matrix-awx/tasks/set_variables_synapse_admin.yml
@@ -19,7 +19,7 @@
- name: Copy new 'Configure Synapse Admin' survey.json to target machine
copy:
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse_admin.json'
- dest: '/matrix/awx/configure_synapse_admin.json'
+ dest: '/matrix/awx/configure_synapse_admin.json'
mode: '0660'
- name: Recreate 'Configure Synapse Admin' job template
@@ -36,9 +36,9 @@
credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse_admin.json') }}"
- become_enabled: yes
+ become_enabled: true
state: present
verbosity: 1
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
- validate_certs: yes
+ validate_certs: true
diff --git a/roles/matrix-awx/tasks/update_variables.yml b/roles/matrix-awx/tasks/update_variables.yml
index 9818a9c2..b281a8c5 100644
--- a/roles/matrix-awx/tasks/update_variables.yml
+++ b/roles/matrix-awx/tasks/update_variables.yml
@@ -7,20 +7,26 @@
regexp: 'matrix_synapse_use_presence'
replace: 'matrix_synapse_presence_enabled'
-- name: Generate matrix_homeserver_generic_secret_key variable
+- name: Search for matrix_homeserver_generic_secret_key variable in matrix_vars.yml
+ delegate_to: 127.0.0.1
+ register: presence
+ shell: "grep -i 'matrix_homeserver_generic_secret_key' /var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml"
+ no_log: true
+
+- name: Generate matrix_homeserver_generic_secret_key variable if not present
delegate_to: 127.0.0.1
command: |
openssl rand -hex 16
register: generic_secret
- no_log: True
- when: ( matrix_homeserver_generic_secret_key is undefined ) or ( matrix_homeserver_generic_secret_key | length == 0 )
+ no_log: true
+ when: presence is not changed
-- name: Add new matrix_homeserver_generic_secret_key variable
+- name: Add new matrix_homeserver_generic_secret_key variable if not present
delegate_to: 127.0.0.1
lineinfile:
path: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
line: "matrix_homeserver_generic_secret_key: {{ generic_secret.stdout }}"
insertbefore: '# Basic Settings End'
mode: '0600'
- state: present
- when: ( matrix_homeserver_generic_secret_key is undefined ) or ( matrix_homeserver_generic_secret_key | length == 0 )
+ state: present
+ when: presence is not changed
diff --git a/roles/matrix-base/defaults/main.yml b/roles/matrix-base/defaults/main.yml
index 8f655fa0..b1285381 100644
--- a/roles/matrix-base/defaults/main.yml
+++ b/roles/matrix-base/defaults/main.yml
@@ -1,3 +1,4 @@
+---
# The bare domain name which represents your Matrix identity.
# Matrix user ids for your server will be of the form (`@user:`).
#
@@ -101,8 +102,8 @@ matrix_host_command_openssl: "/usr/bin/env openssl"
matrix_host_command_systemctl: "/usr/bin/env systemctl"
matrix_host_command_sh: "/usr/bin/env sh"
-matrix_ntpd_package: "{{ 'systemd-timesyncd' if (ansible_distribution == 'CentOS' and ansible_distribution_major_version > '7') or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version > '18') else ( 'systemd' if ansible_os_family == 'Suse' else 'ntp' ) }}"
-matrix_ntpd_service: "{{ 'systemd-timesyncd' if (ansible_distribution == 'CentOS' and ansible_distribution_major_version > '7') or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version > '18') or ansible_distribution == 'Archlinux' or ansible_os_family == 'Suse' else ('ntpd' if ansible_os_family == 'RedHat' else 'ntp') }}"
+matrix_ntpd_package: "{{ 'systemd-timesyncd' if (ansible_os_family == 'RedHat' and ansible_distribution_major_version|int > 7) or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version|int > 18) else ( 'systemd' if ansible_os_family == 'Suse' else 'ntp' ) }}"
+matrix_ntpd_service: "{{ 'systemd-timesyncd' if (ansible_os_family == 'RedHat' and ansible_distribution_major_version|int > 7) or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version|int > 18) or ansible_distribution == 'Archlinux' or ansible_os_family == 'Suse' else ('ntpd' if ansible_os_family == 'RedHat' else 'ntp') }}"
matrix_homeserver_url: "https://{{ matrix_server_fqn_matrix }}"
diff --git a/roles/matrix-base/files/yum.repos.d/docker-ce.repo b/roles/matrix-base/files/yum.repos.d/docker-ce-centos.repo
similarity index 100%
rename from roles/matrix-base/files/yum.repos.d/docker-ce.repo
rename to roles/matrix-base/files/yum.repos.d/docker-ce-centos.repo
diff --git a/roles/matrix-base/files/yum.repos.d/docker-ce-fedora.repo b/roles/matrix-base/files/yum.repos.d/docker-ce-fedora.repo
new file mode 100644
index 00000000..6f94e4fb
--- /dev/null
+++ b/roles/matrix-base/files/yum.repos.d/docker-ce-fedora.repo
@@ -0,0 +1,62 @@
+[docker-ce-stable]
+name=Docker CE Stable - $basearch
+baseurl=https://download.docker.com/linux/fedora/$releasever/$basearch/stable
+enabled=1
+gpgcheck=1
+gpgkey=https://download.docker.com/linux/fedora/gpg
+
+[docker-ce-stable-debuginfo]
+name=Docker CE Stable - Debuginfo $basearch
+baseurl=https://download.docker.com/linux/fedora/$releasever/debug-$basearch/stable
+enabled=0
+gpgcheck=1
+gpgkey=https://download.docker.com/linux/fedora/gpg
+
+[docker-ce-stable-source]
+name=Docker CE Stable - Sources
+baseurl=https://download.docker.com/linux/fedora/$releasever/source/stable
+enabled=0
+gpgcheck=1
+gpgkey=https://download.docker.com/linux/fedora/gpg
+
+[docker-ce-test]
+name=Docker CE Test - $basearch
+baseurl=https://download.docker.com/linux/fedora/$releasever/$basearch/test
+enabled=0
+gpgcheck=1
+gpgkey=https://download.docker.com/linux/fedora/gpg
+
+[docker-ce-test-debuginfo]
+name=Docker CE Test - Debuginfo $basearch
+baseurl=https://download.docker.com/linux/fedora/$releasever/debug-$basearch/test
+enabled=0
+gpgcheck=1
+gpgkey=https://download.docker.com/linux/fedora/gpg
+
+[docker-ce-test-source]
+name=Docker CE Test - Sources
+baseurl=https://download.docker.com/linux/fedora/$releasever/source/test
+enabled=0
+gpgcheck=1
+gpgkey=https://download.docker.com/linux/fedora/gpg
+
+[docker-ce-nightly]
+name=Docker CE Nightly - $basearch
+baseurl=https://download.docker.com/linux/fedora/$releasever/$basearch/nightly
+enabled=0
+gpgcheck=1
+gpgkey=https://download.docker.com/linux/fedora/gpg
+
+[docker-ce-nightly-debuginfo]
+name=Docker CE Nightly - Debuginfo $basearch
+baseurl=https://download.docker.com/linux/fedora/$releasever/debug-$basearch/nightly
+enabled=0
+gpgcheck=1
+gpgkey=https://download.docker.com/linux/fedora/gpg
+
+[docker-ce-nightly-source]
+name=Docker CE Nightly - Sources
+baseurl=https://download.docker.com/linux/fedora/$releasever/source/nightly
+enabled=0
+gpgcheck=1
+gpgkey=https://download.docker.com/linux/fedora/gpg
diff --git a/roles/matrix-base/tasks/clean_up_old_files.yml b/roles/matrix-base/tasks/clean_up_old_files.yml
index 01d4a83d..03eb8bcc 100644
--- a/roles/matrix-base/tasks/clean_up_old_files.yml
+++ b/roles/matrix-base/tasks/clean_up_old_files.yml
@@ -6,4 +6,4 @@
state: absent
with_items:
- "{{ matrix_base_data_path }}/environment-variables"
- - "{{ matrix_base_data_path }}/scratchpad"
\ No newline at end of file
+ - "{{ matrix_base_data_path }}/scratchpad"
diff --git a/roles/matrix-base/tasks/main.yml b/roles/matrix-base/tasks/main.yml
index f9db37b3..1cdc0432 100644
--- a/roles/matrix-base/tasks/main.yml
+++ b/roles/matrix-base/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/sanity_check.yml"
tags:
- always
diff --git a/roles/matrix-base/tasks/server_base/setup.yml b/roles/matrix-base/tasks/server_base/setup.yml
index 0869e501..bbfa077c 100644
--- a/roles/matrix-base/tasks/server_base/setup.yml
+++ b/roles/matrix-base/tasks/server_base/setup.yml
@@ -1,10 +1,13 @@
---
-- include_tasks: "{{ role_path }}/tasks/server_base/setup_centos.yml"
- when: ansible_distribution == 'CentOS' and ansible_distribution_major_version < '8'
+- include_tasks: "{{ role_path }}/tasks/server_base/setup_redhat.yml"
+ when: ansible_os_family == 'RedHat' and ansible_distribution_major_version|int < 8
-- include_tasks: "{{ role_path }}/tasks/server_base/setup_centos8.yml"
- when: ansible_distribution == 'CentOS' and ansible_distribution_major_version > '7'
+- include_tasks: "{{ role_path }}/tasks/server_base/setup_redhat8.yml"
+ when: ansible_os_family == 'RedHat' and ansible_distribution_major_version|int > 7 and ansible_distribution_major_version|int < 30
+
+- include_tasks: "{{ role_path }}/tasks/server_base/setup_fedora.yml"
+ when: ansible_os_family == 'RedHat' and ansible_distribution_major_version|int > 30
- block:
# ansible_lsb is only available if lsb-release is installed.
@@ -13,7 +16,7 @@
name:
- lsb-release
state: present
- update_cache: yes
+ update_cache: true
register: lsb_release_installation_result
- name: Reread ansible_lsb facts if lsb-release got installed
@@ -34,10 +37,10 @@
service:
name: docker
state: started
- enabled: yes
+ enabled: true
- name: "Ensure {{ matrix_ntpd_service }} is started and autoruns"
service:
name: "{{ matrix_ntpd_service }}"
state: started
- enabled: yes
+ enabled: true
diff --git a/roles/matrix-base/tasks/server_base/setup_archlinux.yml b/roles/matrix-base/tasks/server_base/setup_archlinux.yml
index 6c5cdff8..a4912a5d 100644
--- a/roles/matrix-base/tasks/server_base/setup_archlinux.yml
+++ b/roles/matrix-base/tasks/server_base/setup_archlinux.yml
@@ -6,7 +6,7 @@
- python-docker
- python-dnspython
state: latest
- update_cache: yes
+ update_cache: true
- name: Ensure Docker is installed
pacman:
diff --git a/roles/matrix-base/tasks/server_base/setup_debian.yml b/roles/matrix-base/tasks/server_base/setup_debian.yml
index 1cd7ac41..5b169df7 100644
--- a/roles/matrix-base/tasks/server_base/setup_debian.yml
+++ b/roles/matrix-base/tasks/server_base/setup_debian.yml
@@ -7,7 +7,7 @@
- ca-certificates
- gnupg
state: present
- update_cache: yes
+ update_cache: true
- name: Ensure Docker's APT key is trusted
apt_key:
@@ -22,7 +22,7 @@
apt_repository:
repo: "deb [arch={{ matrix_debian_arch }}] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} stable"
state: present
- update_cache: yes
+ update_cache: true
when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce'
- name: Ensure APT packages are installed
@@ -30,7 +30,7 @@
name:
- "{{ matrix_ntpd_package }}"
state: latest
- update_cache: yes
+ update_cache: true
- name: Ensure Docker is installed
apt:
diff --git a/roles/matrix-base/tasks/server_base/setup_fedora.yml b/roles/matrix-base/tasks/server_base/setup_fedora.yml
new file mode 100644
index 00000000..7369b6ad
--- /dev/null
+++ b/roles/matrix-base/tasks/server_base/setup_fedora.yml
@@ -0,0 +1,39 @@
+---
+
+- name: Ensure Docker repository is enabled
+ template:
+ src: "{{ role_path }}/files/yum.repos.d/{{ item }}"
+ dest: "/etc/yum.repos.d/docker-ce.repo"
+ owner: "root"
+ group: "root"
+ mode: 0644
+ with_items:
+ - docker-ce-fedora.repo
+ when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce'
+
+- name: Ensure Docker's RPM key is trusted
+ rpm_key:
+ state: present
+ key: https://download.docker.com/linux/fedora/gpg
+ when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce'
+
+- name: Ensure yum packages are installed
+ yum:
+ name:
+ - "{{ matrix_ntpd_package }}"
+ state: latest
+ update_cache: true
+
+- name: Ensure Docker is installed
+ yum:
+ name:
+ - "{{ matrix_docker_package_name }}"
+ - python3-pip
+ state: latest
+ when: matrix_docker_installation_enabled|bool
+
+- name: Ensure Docker-Py is installed
+ pip:
+ name: docker-py
+ state: latest
+ when: matrix_docker_installation_enabled|bool
diff --git a/roles/matrix-base/tasks/server_base/setup_raspbian.yml b/roles/matrix-base/tasks/server_base/setup_raspbian.yml
index 4aed3c76..6a09f2fe 100644
--- a/roles/matrix-base/tasks/server_base/setup_raspbian.yml
+++ b/roles/matrix-base/tasks/server_base/setup_raspbian.yml
@@ -7,7 +7,7 @@
- ca-certificates
- gnupg
state: present
- update_cache: yes
+ update_cache: true
- name: Ensure Docker's APT key is trusted
apt_key:
@@ -22,7 +22,7 @@
apt_repository:
repo: "deb [arch={{ matrix_debian_arch }}] https://download.docker.com/linux/raspbian {{ ansible_distribution_release }} stable"
state: present
- update_cache: yes
+ update_cache: true
when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce'
- name: Ensure APT packages are installed
@@ -30,7 +30,7 @@
name:
- "{{ matrix_ntpd_package }}"
state: latest
- update_cache: yes
+ update_cache: true
- name: Ensure Docker is installed
apt:
diff --git a/roles/matrix-base/tasks/server_base/setup_centos.yml b/roles/matrix-base/tasks/server_base/setup_redhat.yml
similarity index 82%
rename from roles/matrix-base/tasks/server_base/setup_centos.yml
rename to roles/matrix-base/tasks/server_base/setup_redhat.yml
index cbf7fbc6..b4be1d08 100644
--- a/roles/matrix-base/tasks/server_base/setup_centos.yml
+++ b/roles/matrix-base/tasks/server_base/setup_redhat.yml
@@ -2,13 +2,11 @@
- name: Ensure Docker repository is enabled
template:
- src: "{{ role_path }}/files/yum.repos.d/{{ item }}"
- dest: "/etc/yum.repos.d/{{ item }}"
+ src: "{{ role_path }}/files/yum.repos.d/docker-ce-centos.repo"
+ dest: "/etc/yum.repos.d/docker-ce.repo"
owner: "root"
group: "root"
mode: 0644
- with_items:
- - docker-ce.repo
when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce'
- name: Ensure Docker's RPM key is trusted
@@ -22,7 +20,7 @@
name:
- "{{ matrix_ntpd_package }}"
state: latest
- update_cache: yes
+ update_cache: true
- name: Ensure Docker is installed
yum:
diff --git a/roles/matrix-base/tasks/server_base/setup_centos8.yml b/roles/matrix-base/tasks/server_base/setup_redhat8.yml
similarity index 84%
rename from roles/matrix-base/tasks/server_base/setup_centos8.yml
rename to roles/matrix-base/tasks/server_base/setup_redhat8.yml
index e6127f47..d9dd6e23 100644
--- a/roles/matrix-base/tasks/server_base/setup_centos8.yml
+++ b/roles/matrix-base/tasks/server_base/setup_redhat8.yml
@@ -2,13 +2,11 @@
- name: Ensure Docker repository is enabled
template:
- src: "{{ role_path }}/files/yum.repos.d/{{ item }}"
- dest: "/etc/yum.repos.d/{{ item }}"
+ src: "{{ role_path }}/files/yum.repos.d/docker-ce-centos.repo"
+ dest: "/etc/yum.repos.d/docker-ce.repo"
owner: "root"
group: "root"
mode: 0644
- with_items:
- - docker-ce.repo
when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce'
- name: Ensure Docker's RPM key is trusted
@@ -22,14 +20,14 @@
name:
- epel-release
state: latest
- update_cache: yes
+ update_cache: true
- name: Ensure yum packages are installed
yum:
name:
- "{{ matrix_ntpd_package }}"
state: latest
- update_cache: yes
+ update_cache: true
- name: Ensure Docker is installed
yum:
diff --git a/roles/matrix-base/tasks/setup_matrix_user.yml b/roles/matrix-base/tasks/setup_matrix_user.yml
index ab5e8111..41604f87 100644
--- a/roles/matrix-base/tasks/setup_matrix_user.yml
+++ b/roles/matrix-base/tasks/setup_matrix_user.yml
@@ -18,8 +18,8 @@
state: present
group: "{{ matrix_user_groupname }}"
home: "{{ matrix_base_data_path }}"
- create_home: no
- system: yes
+ create_home: false
+ system: true
register: matrix_user
- name: Set Matrix Group UID Variable
diff --git a/roles/matrix-base/tasks/setup_well_known.yml b/roles/matrix-base/tasks/setup_well_known.yml
index 11ee48b9..3f475950 100644
--- a/roles/matrix-base/tasks/setup_well_known.yml
+++ b/roles/matrix-base/tasks/setup_well_known.yml
@@ -1,3 +1,4 @@
+---
# We need others to be able to read these directories too,
# so that matrix-nginx-proxy's nginx user can access the files.
#
diff --git a/roles/matrix-base/tasks/util/ensure_fuse_installed.yml b/roles/matrix-base/tasks/util/ensure_fuse_installed.yml
index 948c6082..7a3fde41 100644
--- a/roles/matrix-base/tasks/util/ensure_fuse_installed.yml
+++ b/roles/matrix-base/tasks/util/ensure_fuse_installed.yml
@@ -1,11 +1,11 @@
-
-# This is for both CentOS 7 and 8
-- name: Ensure fuse installed (CentOS)
+---
+# This is for both RedHat 7 and 8
+- name: Ensure fuse installed (RedHat)
yum:
name:
- fuse
state: latest
- when: ansible_distribution == 'CentOS'
+ when: ansible_os_family == 'RedHat'
# This is for both Debian and Raspbian
- name: Ensure fuse installed (Debian/Raspbian)
diff --git a/roles/matrix-base/tasks/util/ensure_openssl_installed.yml b/roles/matrix-base/tasks/util/ensure_openssl_installed.yml
new file mode 100644
index 00000000..53fc9b03
--- /dev/null
+++ b/roles/matrix-base/tasks/util/ensure_openssl_installed.yml
@@ -0,0 +1,23 @@
+---
+# This is for both RedHat 7 and 8
+- name: Ensure openssl installed (RedHat)
+ yum:
+ name:
+ - openssl
+ state: latest
+ when: ansible_os_family == 'RedHat'
+
+# This is for both Debian and Raspbian
+- name: Ensure openssl installed (Debian/Raspbian)
+ apt:
+ name:
+ - openssl
+ state: latest
+ when: ansible_os_family == 'Debian'
+
+- name: Ensure openssl installed (Archlinux)
+ pacman:
+ name:
+ - openssl
+ state: latest
+ when: ansible_distribution == 'Archlinux'
diff --git a/roles/matrix-base/vars/main.yml b/roles/matrix-base/vars/main.yml
index 8b99708b..28ac226a 100644
--- a/roles/matrix-base/vars/main.yml
+++ b/roles/matrix-base/vars/main.yml
@@ -1,3 +1,4 @@
+---
# This will contain a list of enabled services that the playbook is managing.
# Each component is expected to append its service name to this list.
matrix_systemd_services_list: []
diff --git a/roles/matrix-bot-go-neb/defaults/main.yml b/roles/matrix-bot-go-neb/defaults/main.yml
index 4dd4f1f6..fa57b109 100644
--- a/roles/matrix-bot-go-neb/defaults/main.yml
+++ b/roles/matrix-bot-go-neb/defaults/main.yml
@@ -1,3 +1,4 @@
+---
# Go-NEB is a Matrix bot written in Go. It is the successor to Matrix-NEB, the original Matrix bot written in Python.
# See: https://github.com/matrix-org/go-neb
@@ -203,8 +204,8 @@ matrix_bot_go_neb_services: []
# # Each room will get the notification with the alert rendered with the given template
# rooms:
# "!someroomid:domain.tld":
-# text_template: "{{range .Alerts -}} [{{ .Status }}] {{index .Labels \"alertname\" }}: {{index .Annotations \"description\"}} {{ end -}}"
-# html_template: "{{range .Alerts -}} {{ $severity := index .Labels \"severity\" }} {{ if eq .Status \"firing\" }} {{ if eq $severity \"critical\"}} [FIRING - CRITICAL] {{ else if eq $severity \"warning\"}} [FIRING - WARNING] {{ else }} [FIRING - {{ $severity }}] {{ end }} {{ else }} [RESOLVED] {{ end }} {{ index .Labels \"alertname\"}} : {{ index .Annotations \"description\"}} source
{{end -}}"
+# text_template: "{% raw %}{{range .Alerts -}} [{{ .Status }}] {{index .Labels \"alertname\"}}: {{index .Annotations \"description\"}} {{ end -}}{% endraw %}"
+# html_template: "{% raw %}{{range .Alerts -}} {{ $severity := index .Labels \"severity\"}} {{ if eq .Status \"firing\"}} {{ if eq $severity \"critical\"}} [FIRING - CRITICAL] {{ else if eq $severity \"warning\"}} [FIRING - WARNING] {{ else }} [FIRING - {{ $severity }}] {{ end }} {{ else }} [RESOLVED] {{ end }} {{ index .Labels \"alertname\"}} : {{ index .Annotations \"description\"}} source
{{end -}}{% endraw %}"
# msg_type: "m.text" # Must be either `m.text` or `m.notice`
# Default configuration template which covers the generic use case.
@@ -228,4 +229,3 @@ matrix_bot_go_neb_configuration_extension: "{{ matrix_bot_go_neb_configuration_e
# Holds the final configuration (a combination of the default and its extension).
# You most likely don't need to touch this variable. Instead, see `matrix_bot_go_neb_configuration_yaml`.
matrix_bot_go_neb_configuration: "{{ matrix_bot_go_neb_configuration_yaml|from_yaml|combine(matrix_bot_go_neb_configuration_extension, recursive=True) }}"
-
diff --git a/roles/matrix-bot-go-neb/tasks/init.yml b/roles/matrix-bot-go-neb/tasks/init.yml
index 169f5978..b046d494 100644
--- a/roles/matrix-bot-go-neb/tasks/init.yml
+++ b/roles/matrix-bot-go-neb/tasks/init.yml
@@ -1,3 +1,5 @@
+---
+
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-go-neb.service'] }}"
when: matrix_bot_go_neb_enabled|bool
diff --git a/roles/matrix-bot-go-neb/tasks/main.yml b/roles/matrix-bot-go-neb/tasks/main.yml
index 1a4fe70a..3c2ed9c5 100644
--- a/roles/matrix-bot-go-neb/tasks/main.yml
+++ b/roles/matrix-bot-go-neb/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-bot-go-neb/tasks/setup_install.yml b/roles/matrix-bot-go-neb/tasks/setup_install.yml
index e26be080..a390eb5e 100644
--- a/roles/matrix-bot-go-neb/tasks/setup_install.yml
+++ b/roles/matrix-bot-go-neb/tasks/setup_install.yml
@@ -11,9 +11,9 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_bot_go_neb_config_path }}", when: true }
- - { path: "{{ matrix_bot_go_neb_data_path }}", when: true }
- - { path: "{{ matrix_bot_go_neb_data_store_path }}", when: true }
+ - {path: "{{ matrix_bot_go_neb_config_path }}", when: true}
+ - {path: "{{ matrix_bot_go_neb_data_path }}", when: true}
+ - {path: "{{ matrix_bot_go_neb_data_store_path }}", when: true}
when: "item.when|bool"
- name: Ensure go-neb image is pulled
@@ -40,7 +40,7 @@
- name: Ensure systemd reloaded after matrix-bot-go-neb.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_bot_go_neb_systemd_service_result.changed|bool"
- name: Ensure matrix-bot-go-neb.service restarted, if necessary
diff --git a/roles/matrix-bot-go-neb/tasks/setup_uninstall.yml b/roles/matrix-bot-go-neb/tasks/setup_uninstall.yml
index 3610eb44..a009badf 100644
--- a/roles/matrix-bot-go-neb/tasks/setup_uninstall.yml
+++ b/roles/matrix-bot-go-neb/tasks/setup_uninstall.yml
@@ -9,8 +9,8 @@
service:
name: matrix-bot-go-neb
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
register: stopping_result
when: "matrix_bot_go_neb_service_stat.stat.exists|bool"
@@ -22,7 +22,7 @@
- name: Ensure systemd reloaded after matrix-bot-go-neb.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_bot_go_neb_service_stat.stat.exists|bool"
- name: Ensure Matrix go-neb paths don't exist
diff --git a/roles/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 b/roles/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2
index 056447eb..eabf1137 100644
--- a/roles/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2
+++ b/roles/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2
@@ -39,8 +39,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-go-neb \
{{ matrix_bot_go_neb_docker_image }} \
-c "go-neb /config/config.yaml"
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-go-neb 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-go-neb 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-go-neb 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-go-neb 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-bot-go-neb
diff --git a/roles/matrix-bot-honoroit/defaults/main.yml b/roles/matrix-bot-honoroit/defaults/main.yml
index 0b868a94..2c50a1f7 100644
--- a/roles/matrix-bot-honoroit/defaults/main.yml
+++ b/roles/matrix-bot-honoroit/defaults/main.yml
@@ -1,3 +1,4 @@
+---
# honoroit is a helpdesk bot
# See: https://gitlab.com/etke.cc/honoroit
@@ -7,7 +8,7 @@ matrix_bot_honoroit_container_image_self_build: false
matrix_bot_honoroit_docker_repo: "https://gitlab.com/etke.cc/honoroit.git"
matrix_bot_honoroit_docker_src_files_path: "{{ matrix_base_data_path }}/honoroit/docker-src"
-matrix_bot_honoroit_version: v0.9.1
+matrix_bot_honoroit_version: v0.9.4
matrix_bot_honoroit_docker_image: "{{ matrix_bot_honoroit_docker_image_name_prefix }}honoroit:{{ matrix_bot_honoroit_version }}"
matrix_bot_honoroit_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_honoroit_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}"
matrix_bot_honoroit_docker_image_force_pull: "{{ matrix_bot_honoroit_docker_image.endswith(':latest') }}"
@@ -83,6 +84,12 @@ matrix_bot_honoroit_sentry: ''
# Log level
matrix_bot_honoroit_loglevel: ''
+# Text prefix: open
+matrix_bot_honoroit_text_prefix_open: ''
+
+# Text prefix: done
+matrix_bot_honoroit_text_prefix_done: ''
+
# Text: greetings
matrix_bot_honoroit_text_greetings: ''
diff --git a/roles/matrix-bot-honoroit/tasks/init.yml b/roles/matrix-bot-honoroit/tasks/init.yml
index 1b652e56..5ace015b 100644
--- a/roles/matrix-bot-honoroit/tasks/init.yml
+++ b/roles/matrix-bot-honoroit/tasks/init.yml
@@ -1,3 +1,5 @@
+---
+
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-honoroit.service'] }}"
when: matrix_bot_honoroit_enabled|bool
diff --git a/roles/matrix-bot-honoroit/tasks/main.yml b/roles/matrix-bot-honoroit/tasks/main.yml
index bc5c1490..7d66177c 100644
--- a/roles/matrix-bot-honoroit/tasks/main.yml
+++ b/roles/matrix-bot-honoroit/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-bot-honoroit/tasks/setup_install.yml b/roles/matrix-bot-honoroit/tasks/setup_install.yml
index 0d2d325b..81f2eabc 100644
--- a/roles/matrix-bot-honoroit/tasks/setup_install.yml
+++ b/roles/matrix-bot-honoroit/tasks/setup_install.yml
@@ -33,10 +33,10 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_bot_honoroit_config_path }}", when: true }
- - { path: "{{ matrix_bot_honoroit_data_path }}", when: true }
- - { path: "{{ matrix_bot_honoroit_data_store_path }}", when: true }
- - { path: "{{ matrix_bot_honoroit_docker_src_files_path }}", when: true}
+ - {path: "{{ matrix_bot_honoroit_config_path }}", when: true}
+ - {path: "{{ matrix_bot_honoroit_data_path }}", when: true}
+ - {path: "{{ matrix_bot_honoroit_data_store_path }}", when: true}
+ - {path: "{{ matrix_bot_honoroit_docker_src_files_path }}", when: true}
when: "item.when|bool"
- name: Ensure honoroit environment variables file created
@@ -70,7 +70,7 @@
build:
dockerfile: Dockerfile
path: "{{ matrix_bot_honoroit_docker_src_files_path }}"
- pull: yes
+ pull: true
when: "matrix_bot_honoroit_container_image_self_build|bool"
- name: Ensure matrix-bot-honoroit.service installed
@@ -82,7 +82,7 @@
- name: Ensure systemd reloaded after matrix-bot-honoroit.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_bot_honoroit_systemd_service_result.changed|bool"
- name: Ensure matrix-bot-honoroit.service restarted, if necessary
diff --git a/roles/matrix-bot-honoroit/tasks/setup_uninstall.yml b/roles/matrix-bot-honoroit/tasks/setup_uninstall.yml
index afad2cc1..45bccabd 100644
--- a/roles/matrix-bot-honoroit/tasks/setup_uninstall.yml
+++ b/roles/matrix-bot-honoroit/tasks/setup_uninstall.yml
@@ -9,8 +9,8 @@
service:
name: matrix-bot-honoroit
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
register: stopping_result
when: "matrix_bot_honoroit_service_stat.stat.exists|bool"
@@ -22,7 +22,7 @@
- name: Ensure systemd reloaded after matrix-bot-honoroit.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_bot_honoroit_service_stat.stat.exists|bool"
- name: Ensure Matrix honoroit paths don't exist
diff --git a/roles/matrix-bot-honoroit/templates/env.j2 b/roles/matrix-bot-honoroit/templates/env.j2
index 4b1dd43f..fdd9b13d 100644
--- a/roles/matrix-bot-honoroit/templates/env.j2
+++ b/roles/matrix-bot-honoroit/templates/env.j2
@@ -7,6 +7,8 @@ HONOROIT_DB_DIALECT={{ matrix_bot_honoroit_database_dialect }}
HONOROIT_PREFIX={{ matrix_bot_honoroit_prefix }}
HONOROIT_SENTRY={{ matrix_bot_honoroit_sentry }}
HONOROIT_LOGLEVEL={{ matrix_bot_honoroit_loglevel }}
+HONOROIT_TEXT_PREFIX_OPEN={{ matrix_bot_honoroit_text_prefix_open }}
+HONOROIT_TEXT_PREFIX_DONE={{ matrix_bot_honoroit_text_prefix_done }}
HONOROIT_TEXT_GREETINGS={{ matrix_bot_honoroit_text_greetings }}
HONOROIT_TEXT_ERROR={{ matrix_bot_honoroit_text_error }}
HONOROIT_TEXT_EMPTYROOM={{ matrix_bot_honoroit_text_emptyroom }}
diff --git a/roles/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2 b/roles/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2
index c4eb1a94..a2ba1a98 100644
--- a/roles/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2
+++ b/roles/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2
@@ -29,8 +29,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-honoroit \
{% endfor %}
{{ matrix_bot_honoroit_docker_image }}
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-honoroit 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-honoroit 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-honoroit 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-honoroit 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-bot-honoroit
diff --git a/roles/matrix-bot-matrix-reminder-bot/defaults/main.yml b/roles/matrix-bot-matrix-reminder-bot/defaults/main.yml
index 419e3cca..76b153e7 100644
--- a/roles/matrix-bot-matrix-reminder-bot/defaults/main.yml
+++ b/roles/matrix-bot-matrix-reminder-bot/defaults/main.yml
@@ -1,3 +1,4 @@
+---
# matrix-reminder-bot is a bot for one-off and recurring reminders
# See: https://github.com/anoadragon453/matrix-reminder-bot
diff --git a/roles/matrix-bot-matrix-reminder-bot/tasks/init.yml b/roles/matrix-bot-matrix-reminder-bot/tasks/init.yml
index 7fd12524..41496955 100644
--- a/roles/matrix-bot-matrix-reminder-bot/tasks/init.yml
+++ b/roles/matrix-bot-matrix-reminder-bot/tasks/init.yml
@@ -1,3 +1,5 @@
+---
+
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-matrix-reminder-bot.service'] }}"
when: matrix_bot_matrix_reminder_bot_enabled|bool
diff --git a/roles/matrix-bot-matrix-reminder-bot/tasks/main.yml b/roles/matrix-bot-matrix-reminder-bot/tasks/main.yml
index fc2afddb..d9a1df7e 100644
--- a/roles/matrix-bot-matrix-reminder-bot/tasks/main.yml
+++ b/roles/matrix-bot-matrix-reminder-bot/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml b/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml
index bd33326f..e237bc21 100644
--- a/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml
+++ b/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml
@@ -34,10 +34,10 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_bot_matrix_reminder_bot_config_path }}", when: true }
- - { path: "{{ matrix_bot_matrix_reminder_bot_data_path }}", when: true }
- - { path: "{{ matrix_bot_matrix_reminder_bot_data_store_path }}", when: true }
- - { path: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}", when: true}
+ - {path: "{{ matrix_bot_matrix_reminder_bot_config_path }}", when: true}
+ - {path: "{{ matrix_bot_matrix_reminder_bot_data_path }}", when: true}
+ - {path: "{{ matrix_bot_matrix_reminder_bot_data_store_path }}", when: true}
+ - {path: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}", when: true}
when: "item.when|bool"
- name: Ensure matrix-reminder-bot image is pulled
@@ -65,7 +65,7 @@
build:
dockerfile: docker/Dockerfile
path: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}"
- pull: yes
+ pull: true
when: "matrix_bot_matrix_reminder_bot_container_image_self_build|bool"
- name: Ensure matrix-reminder-bot config installed
@@ -85,7 +85,7 @@
- name: Ensure systemd reloaded after matrix-bot-matrix-reminder-bot.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_bot_matrix_reminder_bot_systemd_service_result.changed|bool"
- name: Ensure matrix-bot-matrix-reminder-bot.service restarted, if necessary
diff --git a/roles/matrix-bot-matrix-reminder-bot/tasks/setup_uninstall.yml b/roles/matrix-bot-matrix-reminder-bot/tasks/setup_uninstall.yml
index d7e41201..eb7543c5 100644
--- a/roles/matrix-bot-matrix-reminder-bot/tasks/setup_uninstall.yml
+++ b/roles/matrix-bot-matrix-reminder-bot/tasks/setup_uninstall.yml
@@ -9,8 +9,8 @@
service:
name: matrix-bot-matrix-reminder-bot
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
register: stopping_result
when: "matrix_bot_matrix_reminder_bot_service_stat.stat.exists|bool"
@@ -22,7 +22,7 @@
- name: Ensure systemd reloaded after matrix-bot-matrix-reminder-bot.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_bot_matrix_reminder_bot_service_stat.stat.exists|bool"
- name: Ensure Matrix matrix-reminder-bot paths don't exist
diff --git a/roles/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 b/roles/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2
index 14b5fa45..b1fe3c32 100644
--- a/roles/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2
+++ b/roles/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2
@@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-matrix-rem
{{ matrix_bot_matrix_reminder_bot_docker_image }} \
-c "matrix-reminder-bot /config/config.yaml"
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-matrix-reminder-bot 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-matrix-reminder-bot 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-matrix-reminder-bot 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-matrix-reminder-bot 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-bot-matrix-reminder-bot
diff --git a/roles/matrix-bot-mjolnir/defaults/main.yml b/roles/matrix-bot-mjolnir/defaults/main.yml
index 72c68502..9f45432c 100644
--- a/roles/matrix-bot-mjolnir/defaults/main.yml
+++ b/roles/matrix-bot-mjolnir/defaults/main.yml
@@ -1,9 +1,10 @@
+---
# A moderation tool for Matrix
# See: https://github.com/matrix-org/mjolnir
matrix_bot_mjolnir_enabled: true
-matrix_bot_mjolnir_version: "v1.2.1"
+matrix_bot_mjolnir_version: "v1.3.1"
matrix_bot_mjolnir_container_image_self_build: false
matrix_bot_mjolnir_container_image_self_build_repo: "https://github.com/matrix-org/mjolnir.git"
@@ -56,4 +57,3 @@ matrix_bot_mjolnir_configuration_extension: "{{ matrix_bot_mjolnir_configuration
# Holds the final configuration (a combination of the default and its extension).
# You most likely don't need to touch this variable. Instead, see `matrix_bot_mjolnir_configuration_yaml`.
matrix_bot_mjolnir_configuration: "{{ matrix_bot_mjolnir_configuration_yaml|from_yaml|combine(matrix_bot_mjolnir_configuration_extension, recursive=True) }}"
-
diff --git a/roles/matrix-bot-mjolnir/tasks/init.yml b/roles/matrix-bot-mjolnir/tasks/init.yml
index b8ab58f1..e09964ec 100644
--- a/roles/matrix-bot-mjolnir/tasks/init.yml
+++ b/roles/matrix-bot-mjolnir/tasks/init.yml
@@ -1,3 +1,4 @@
+---
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
- name: Fail if trying to self-build on Ansible < 2.8
diff --git a/roles/matrix-bot-mjolnir/tasks/main.yml b/roles/matrix-bot-mjolnir/tasks/main.yml
index eada8de5..a2a20914 100644
--- a/roles/matrix-bot-mjolnir/tasks/main.yml
+++ b/roles/matrix-bot-mjolnir/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-bot-mjolnir/tasks/setup_install.yml b/roles/matrix-bot-mjolnir/tasks/setup_install.yml
index e770b6d5..3f4d5d8f 100644
--- a/roles/matrix-bot-mjolnir/tasks/setup_install.yml
+++ b/roles/matrix-bot-mjolnir/tasks/setup_install.yml
@@ -11,10 +11,10 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_bot_mjolnir_base_path }}", when: true }
- - { path: "{{ matrix_bot_mjolnir_config_path }}", when: true }
- - { path: "{{ matrix_bot_mjolnir_data_path }}", when: true }
- - { path: "{{ matrix_bot_mjolnir_docker_src_files_path }}", when: "{{ matrix_bot_mjolnir_container_image_self_build }}" }
+ - {path: "{{ matrix_bot_mjolnir_base_path }}", when: true}
+ - {path: "{{ matrix_bot_mjolnir_config_path }}", when: true}
+ - {path: "{{ matrix_bot_mjolnir_data_path }}", when: true}
+ - {path: "{{ matrix_bot_mjolnir_docker_src_files_path }}", when: "{{ matrix_bot_mjolnir_container_image_self_build }}"}
when: "item.when|bool"
- name: Ensure mjolnir Docker image is pulled
@@ -42,7 +42,7 @@
build:
dockerfile: Dockerfile
path: "{{ matrix_bot_mjolnir_docker_src_files_path }}"
- pull: yes
+ pull: true
when: "matrix_bot_mjolnir_container_image_self_build|bool"
- name: Ensure matrix-bot-mjolnir config installed
@@ -62,7 +62,7 @@
- name: Ensure systemd reloaded after matrix-bot-mjolnir.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_bot_mjolnir_systemd_service_result.changed|bool"
- name: Ensure matrix-bot-mjolnir.service restarted, if necessary
diff --git a/roles/matrix-bot-mjolnir/tasks/setup_uninstall.yml b/roles/matrix-bot-mjolnir/tasks/setup_uninstall.yml
index 7fff5e13..93585977 100644
--- a/roles/matrix-bot-mjolnir/tasks/setup_uninstall.yml
+++ b/roles/matrix-bot-mjolnir/tasks/setup_uninstall.yml
@@ -9,8 +9,8 @@
service:
name: matrix-bot-mjolnir
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
register: stopping_result
when: "matrix_bot_mjolnir_service_stat.stat.exists|bool"
@@ -22,7 +22,7 @@
- name: Ensure systemd reloaded after matrix-bot-mjolnir.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_bot_mjolnir_service_stat.stat.exists|bool"
- name: Ensure matrix-bot-mjolnir paths don't exist
diff --git a/roles/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 b/roles/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2
index b2298312..0b018f25 100644
--- a/roles/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2
+++ b/roles/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2
@@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-mjolnir \
{% endfor %}
{{ matrix_bot_mjolnir_docker_image }}
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-mjolnir 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-mjolnir 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-mjolnir 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-mjolnir 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-bot-mjolnir
diff --git a/roles/matrix-bridge-appservice-discord/defaults/main.yml b/roles/matrix-bridge-appservice-discord/defaults/main.yml
index 92a51a31..daa83dea 100644
--- a/roles/matrix-bridge-appservice-discord/defaults/main.yml
+++ b/roles/matrix-bridge-appservice-discord/defaults/main.yml
@@ -1,3 +1,4 @@
+---
# matrix-appservice-discord is a Matrix <-> Discord bridge
# See: https://github.com/Half-Shot/matrix-appservice-discord
diff --git a/roles/matrix-bridge-appservice-discord/tasks/init.yml b/roles/matrix-bridge-appservice-discord/tasks/init.yml
index ef64e78a..e16a6979 100644
--- a/roles/matrix-bridge-appservice-discord/tasks/init.yml
+++ b/roles/matrix-bridge-appservice-discord/tasks/init.yml
@@ -1,3 +1,4 @@
+---
# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
# We don't want to fail in such cases.
- name: Fail if matrix-synapse role already executed
diff --git a/roles/matrix-bridge-appservice-discord/tasks/main.yml b/roles/matrix-bridge-appservice-discord/tasks/main.yml
index bad5e320..5df7bfe2 100644
--- a/roles/matrix-bridge-appservice-discord/tasks/main.yml
+++ b/roles/matrix-bridge-appservice-discord/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml b/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml
index 546e5043..924531ad 100644
--- a/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml
+++ b/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml
@@ -54,8 +54,8 @@
service:
name: matrix-appservice-discord
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
failed_when: false
when: "matrix_appservice_discord_stat_db.stat.exists"
@@ -105,7 +105,7 @@
- name: Ensure systemd reloaded after matrix-appservice-discord.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_appservice_discord_systemd_service_result.changed"
- name: Ensure matrix-appservice-discord.service restarted, if necessary
diff --git a/roles/matrix-bridge-appservice-discord/tasks/setup_uninstall.yml b/roles/matrix-bridge-appservice-discord/tasks/setup_uninstall.yml
index 5dd8075d..ab56c26b 100644
--- a/roles/matrix-bridge-appservice-discord/tasks/setup_uninstall.yml
+++ b/roles/matrix-bridge-appservice-discord/tasks/setup_uninstall.yml
@@ -9,8 +9,8 @@
service:
name: matrix-appservice-discord
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
when: "matrix_appservice_discord_service_stat.stat.exists"
- name: Ensure matrix-appservice-discord.service doesn't exist
@@ -21,5 +21,5 @@
- name: Ensure systemd reloaded after matrix-appservice-discord.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_appservice_discord_service_stat.stat.exists"
diff --git a/roles/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 b/roles/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2
index 8f61bd9f..84dee801 100644
--- a/roles/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2
+++ b/roles/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2
@@ -35,8 +35,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-dis
{{ matrix_appservice_discord_docker_image }} \
node /build/src/discordas.js -p 9005 -c /cfg/config.yaml -f /cfg/registration.yaml
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-discord 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-discord 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-discord 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-discord 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-appservice-discord
diff --git a/roles/matrix-bridge-appservice-irc/defaults/main.yml b/roles/matrix-bridge-appservice-irc/defaults/main.yml
index 25b0a241..fa861308 100644
--- a/roles/matrix-bridge-appservice-irc/defaults/main.yml
+++ b/roles/matrix-bridge-appservice-irc/defaults/main.yml
@@ -1,3 +1,4 @@
+---
# Matrix Appservice IRC is a Matrix <-> IRC bridge
# See: https://github.com/matrix-org/matrix-appservice-irc
diff --git a/roles/matrix-bridge-appservice-irc/tasks/init.yml b/roles/matrix-bridge-appservice-irc/tasks/init.yml
index b90d93a5..5e181412 100644
--- a/roles/matrix-bridge-appservice-irc/tasks/init.yml
+++ b/roles/matrix-bridge-appservice-irc/tasks/init.yml
@@ -1,3 +1,4 @@
+---
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
- name: Fail if trying to self-build on Ansible < 2.8
diff --git a/roles/matrix-bridge-appservice-irc/tasks/main.yml b/roles/matrix-bridge-appservice-irc/tasks/main.yml
index da92ecf0..339615ea 100644
--- a/roles/matrix-bridge-appservice-irc/tasks/main.yml
+++ b/roles/matrix-bridge-appservice-irc/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml b/roles/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml
index 6b39ac62..d7fcaa07 100644
--- a/roles/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml
+++ b/roles/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml
@@ -1,3 +1,5 @@
+---
+
- name: Fail if Postgres not enabled
fail:
msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot migrate."
@@ -16,7 +18,7 @@
service:
name: matrix-postgres
state: started
- daemon_reload: yes
+ daemon_reload: true
register: matrix_postgres_service_start_result
- name: Wait a bit, so that Postgres can start
diff --git a/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml b/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml
index 20714a41..23c175c4 100644
--- a/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml
+++ b/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml
@@ -1,5 +1,7 @@
---
+- import_tasks: "{{ role_path }}/../matrix-base/tasks/util/ensure_openssl_installed.yml"
+
- name: Ensure Appservice IRC paths exist
file:
path: "{{ item.path }}"
@@ -8,10 +10,10 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_appservice_irc_base_path }}", when: true }
- - { path: "{{ matrix_appservice_irc_config_path }}", when: true }
- - { path: "{{ matrix_appservice_irc_data_path }}", when: true }
- - { path: "{{ matrix_appservice_irc_docker_src_files_path }}", when: "{{ matrix_appservice_irc_container_image_self_build }}" }
+ - {path: "{{ matrix_appservice_irc_base_path }}", when: true}
+ - {path: "{{ matrix_appservice_irc_config_path }}", when: true}
+ - {path: "{{ matrix_appservice_irc_data_path }}", when: true}
+ - {path: "{{ matrix_appservice_irc_docker_src_files_path }}", when: "{{ matrix_appservice_irc_container_image_self_build }}"}
when: item.when|bool
- name: Check if an old passkey file already exists
@@ -24,7 +26,7 @@
service:
name: matrix-appservice-irc
state: stopped
- daemon_reload: yes
+ daemon_reload: true
failed_when: false
- name: (Data relocation) Move AppService IRC passkey.pem file to ./data directory
@@ -80,7 +82,7 @@
build:
dockerfile: Dockerfile
path: "{{ matrix_appservice_irc_docker_src_files_path }}"
- pull: yes
+ pull: true
when: "matrix_appservice_irc_enabled|bool and matrix_appservice_irc_container_image_self_build|bool and matrix_appservice_irc_git_pull_results.changed"
- name: Ensure Matrix Appservice IRC config installed
@@ -184,7 +186,7 @@
- name: Ensure systemd reloaded after matrix-appservice-irc.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_appservice_irc_systemd_service_result.changed"
- name: Ensure matrix-appservice-irc.service restarted, if necessary
diff --git a/roles/matrix-bridge-appservice-irc/tasks/setup_uninstall.yml b/roles/matrix-bridge-appservice-irc/tasks/setup_uninstall.yml
index 51507817..a4d95df5 100644
--- a/roles/matrix-bridge-appservice-irc/tasks/setup_uninstall.yml
+++ b/roles/matrix-bridge-appservice-irc/tasks/setup_uninstall.yml
@@ -9,8 +9,8 @@
service:
name: matrix-appservice-irc
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
when: "matrix_appservice_irc_service_stat.stat.exists"
- name: Ensure matrix-appservice-irc.service doesn't exist
@@ -21,5 +21,5 @@
- name: Ensure systemd reloaded after matrix-appservice-irc.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_appservice_irc_service_stat.stat.exists"
diff --git a/roles/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 b/roles/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2
index 2c26c782..8650bd8d 100644
--- a/roles/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2
+++ b/roles/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2
@@ -36,8 +36,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-irc
{{ matrix_appservice_irc_docker_image }} \
-c 'node app.js -c /config/config.yaml -f /config/registration.yaml -p 9999'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-irc 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-irc 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-irc 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-irc 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-appservice-irc
diff --git a/roles/matrix-bridge-appservice-slack/defaults/main.yml b/roles/matrix-bridge-appservice-slack/defaults/main.yml
index 0a578b41..e303f834 100644
--- a/roles/matrix-bridge-appservice-slack/defaults/main.yml
+++ b/roles/matrix-bridge-appservice-slack/defaults/main.yml
@@ -1,3 +1,4 @@
+---
# matrix-appservice-slack is a Matrix <-> Slack bridge
# See: https://github.com/matrix-org/matrix-appservice-slack
@@ -7,7 +8,7 @@ matrix_appservice_slack_container_image_self_build: false
matrix_appservice_slack_docker_repo: "https://github.com/matrix-org/matrix-appservice-slack.git"
matrix_appservice_slack_docker_src_files_path: "{{ matrix_base_data_path }}/appservice-slack/docker-src"
-matrix_appservice_slack_version: release-1.8.0
+matrix_appservice_slack_version: release-1.10.0
matrix_appservice_slack_docker_image: "{{ matrix_container_global_registry_prefix }}matrixdotorg/matrix-appservice-slack:{{ matrix_appservice_slack_version }}"
matrix_appservice_slack_docker_image_force_pull: "{{ matrix_appservice_slack_docker_image.endswith(':latest') }}"
diff --git a/roles/matrix-bridge-appservice-slack/tasks/init.yml b/roles/matrix-bridge-appservice-slack/tasks/init.yml
index 7f251ec5..2ff7c942 100644
--- a/roles/matrix-bridge-appservice-slack/tasks/init.yml
+++ b/roles/matrix-bridge-appservice-slack/tasks/init.yml
@@ -1,3 +1,4 @@
+---
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
- name: Fail if trying to self-build on Ansible < 2.8
@@ -39,40 +40,40 @@
when: "matrix_synapse_role_executed|default(False)"
- block:
- - name: Fail if matrix-nginx-proxy role already executed
- fail:
- msg: >-
- Trying to append Slack Appservice's reverse-proxying configuration to matrix-nginx-proxy,
- but it's pointless since the matrix-nginx-proxy role had already executed.
- To fix this, please change the order of roles in your playbook,
- so that the matrix-nginx-proxy role would run after the matrix-bridge-appservice-slack role.
- when: matrix_nginx_proxy_role_executed|default(False)|bool
+ - name: Fail if matrix-nginx-proxy role already executed
+ fail:
+ msg: >-
+ Trying to append Slack Appservice's reverse-proxying configuration to matrix-nginx-proxy,
+ but it's pointless since the matrix-nginx-proxy role had already executed.
+ To fix this, please change the order of roles in your playbook,
+ so that the matrix-nginx-proxy role would run after the matrix-bridge-appservice-slack role.
+ when: matrix_nginx_proxy_role_executed|default(False)|bool
- - name: Generate Matrix Appservice Slack proxying configuration for matrix-nginx-proxy
- set_fact:
- matrix_appservice_slack_matrix_nginx_proxy_configuration: |
- location {{ matrix_appservice_slack_public_endpoint }} {
- {% if matrix_nginx_proxy_enabled|default(False) %}
- {# Use the embedded DNS resolver in Docker containers to discover the service #}
- resolver 127.0.0.11 valid=5s;
- set $backend "{{ matrix_appservice_slack_appservice_url }}:{{ matrix_appservice_slack_slack_port }}";
- proxy_pass $backend;
- {% else %}
- {# Generic configuration for use outside of our container setup #}
- proxy_pass http://127.0.0.1:{{ matrix_appservice_slack_slack_port }};
- {% endif %}
- }
+ - name: Generate Matrix Appservice Slack proxying configuration for matrix-nginx-proxy
+ set_fact:
+ matrix_appservice_slack_matrix_nginx_proxy_configuration: |
+ location {{ matrix_appservice_slack_public_endpoint }} {
+ {% if matrix_nginx_proxy_enabled|default(False) %}
+ {# Use the embedded DNS resolver in Docker containers to discover the service #}
+ resolver 127.0.0.11 valid=5s;
+ set $backend "{{ matrix_appservice_slack_appservice_url }}:{{ matrix_appservice_slack_slack_port }}";
+ proxy_pass $backend;
+ {% else %}
+ {# Generic configuration for use outside of our container setup #}
+ proxy_pass http://127.0.0.1:{{ matrix_appservice_slack_slack_port }};
+ {% endif %}
+ }
- - name: Register Slack Appservice proxying configuration with matrix-nginx-proxy
- set_fact:
- matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
- {{
- matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
- +
- [matrix_appservice_slack_matrix_nginx_proxy_configuration]
- }}
+ - name: Register Slack Appservice proxying configuration with matrix-nginx-proxy
+ set_fact:
+ matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
+ {{
+ matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
+ +
+ [matrix_appservice_slack_matrix_nginx_proxy_configuration]
+ }}
tags:
- - always
+ - always
when: matrix_appservice_slack_enabled|bool
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
diff --git a/roles/matrix-bridge-appservice-slack/tasks/main.yml b/roles/matrix-bridge-appservice-slack/tasks/main.yml
index acd03fff..06c3abb6 100644
--- a/roles/matrix-bridge-appservice-slack/tasks/main.yml
+++ b/roles/matrix-bridge-appservice-slack/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml b/roles/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml
index fedad977..0bea65bc 100644
--- a/roles/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml
+++ b/roles/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml
@@ -1,3 +1,5 @@
+---
+
- name: Fail if Postgres not enabled
fail:
msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot migrate."
@@ -16,7 +18,7 @@
service:
name: matrix-postgres
state: started
- daemon_reload: yes
+ daemon_reload: true
register: matrix_postgres_service_start_result
- name: Wait a bit, so that Postgres can start
diff --git a/roles/matrix-bridge-appservice-slack/tasks/setup_install.yml b/roles/matrix-bridge-appservice-slack/tasks/setup_install.yml
index 8c5a1eed..af2003fc 100644
--- a/roles/matrix-bridge-appservice-slack/tasks/setup_install.yml
+++ b/roles/matrix-bridge-appservice-slack/tasks/setup_install.yml
@@ -8,10 +8,10 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_appservice_slack_base_path }}", when: true }
- - { path: "{{ matrix_appservice_slack_config_path }}", when: true }
- - { path: "{{ matrix_appservice_slack_data_path }}", when: true }
- - { path: "{{ matrix_appservice_slack_docker_src_files_path }}", when: "{{ matrix_appservice_slack_container_image_self_build }}" }
+ - {path: "{{ matrix_appservice_slack_base_path }}", when: true}
+ - {path: "{{ matrix_appservice_slack_config_path }}", when: true}
+ - {path: "{{ matrix_appservice_slack_data_path }}", when: true}
+ - {path: "{{ matrix_appservice_slack_docker_src_files_path }}", when: "{{ matrix_appservice_slack_container_image_self_build }}"}
when: item.when|bool
- set_fact:
@@ -56,7 +56,7 @@
build:
dockerfile: Dockerfile
path: "{{ matrix_appservice_slack_docker_src_files_path }}"
- pull: yes
+ pull: true
when: "matrix_appservice_slack_container_image_self_build|bool and matrix_appservice_slack_git_pull_results.changed"
- name: Ensure Matrix Appservice Slack config installed
@@ -84,7 +84,7 @@
- name: Ensure systemd reloaded after matrix-appservice-slack.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_appservice_slack_systemd_service_result.changed"
- name: Ensure matrix-appservice-slack.service restarted, if necessary
diff --git a/roles/matrix-bridge-appservice-slack/tasks/setup_uninstall.yml b/roles/matrix-bridge-appservice-slack/tasks/setup_uninstall.yml
index 2dfe1c7b..dffe78b3 100644
--- a/roles/matrix-bridge-appservice-slack/tasks/setup_uninstall.yml
+++ b/roles/matrix-bridge-appservice-slack/tasks/setup_uninstall.yml
@@ -9,8 +9,8 @@
service:
name: matrix-appservice-slack
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
when: "matrix_appservice_slack_service_stat.stat.exists"
- name: Ensure matrix-appservice-slack.service doesn't exist
@@ -21,5 +21,5 @@
- name: Ensure systemd reloaded after matrix-appservice-slack.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_appservice_slack_service_stat.stat.exists"
diff --git a/roles/matrix-bridge-appservice-slack/templates/config.yaml.j2 b/roles/matrix-bridge-appservice-slack/templates/config.yaml.j2
index bf8072c1..96e68967 100644
--- a/roles/matrix-bridge-appservice-slack/templates/config.yaml.j2
+++ b/roles/matrix-bridge-appservice-slack/templates/config.yaml.j2
@@ -5,9 +5,9 @@ bot_username: "{{ matrix_appservice_slack_bot_name }}"
username_prefix: {{ matrix_appservice_slack_user_prefix }}
homeserver:
- media_url: "{{ matrix_appservice_slack_homeserver_media_url }}"
- url: "{{ matrix_appservice_slack_homeserver_url }}"
server_name: "{{ matrix_domain }}"
+ url: "{{ matrix_appservice_slack_homeserver_url }}"
+ media_url: "{{ matrix_appservice_slack_homeserver_media_url }}"
{% if matrix_appservice_slack_database_engine == 'nedb' %}
dbdir: "/data"
diff --git a/roles/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 b/roles/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2
index 9bf73711..21ba27ef 100644
--- a/roles/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2
+++ b/roles/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2
@@ -35,8 +35,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-sla
{{ matrix_appservice_slack_docker_image }} \
node app.js -p {{matrix_appservice_slack_matrix_port}} -c /config/config.yaml -f /config/slack-registration.yaml
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-slack 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-slack 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-slack 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-slack 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-appservice-slack
diff --git a/roles/matrix-bridge-appservice-webhooks/defaults/main.yml b/roles/matrix-bridge-appservice-webhooks/defaults/main.yml
index 32b0cbba..7a6db2d0 100644
--- a/roles/matrix-bridge-appservice-webhooks/defaults/main.yml
+++ b/roles/matrix-bridge-appservice-webhooks/defaults/main.yml
@@ -1,3 +1,4 @@
+---
# matrix-appservice-webhooks is a Matrix <-> webhook bridge
# See: https://github.com/redoonetworks/matrix-appservice-webhooks
@@ -8,7 +9,7 @@ matrix_appservice_webhooks_container_image_self_build_repo: "https://github.com/
matrix_appservice_webhooks_container_image_self_build_repo_version: "{{ 'master' if matrix_appservice_webhooks_version == 'latest' else matrix_appservice_webhooks_version }}"
matrix_appservice_webhooks_container_image_self_build_repo_dockerfile_path: "Dockerfile"
-matrix_appservice_webhooks_version: v1.0.2-01
+matrix_appservice_webhooks_version: v1.0.3-01
matrix_appservice_webhooks_docker_image: "{{ matrix_appservice_webhooks_docker_image_name_prefix }}redoonetworks/matrix-appservice-webhooks:{{ matrix_appservice_webhooks_version }}"
matrix_appservice_webhooks_docker_image_name_prefix: "{{ 'localhost/' if matrix_appservice_webhooks_container_image_self_build else matrix_container_global_registry_prefix }}"
matrix_appservice_webhooks_docker_image_force_pull: "{{ matrix_appservice_webhooks_docker_image.endswith(':latest') }}"
diff --git a/roles/matrix-bridge-appservice-webhooks/tasks/init.yml b/roles/matrix-bridge-appservice-webhooks/tasks/init.yml
index 7f49e8b6..35d62ded 100644
--- a/roles/matrix-bridge-appservice-webhooks/tasks/init.yml
+++ b/roles/matrix-bridge-appservice-webhooks/tasks/init.yml
@@ -1,3 +1,4 @@
+---
# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
# We don't want to fail in such cases.
- name: Fail if matrix-synapse role already executed
@@ -32,42 +33,42 @@
when: "matrix_synapse_role_executed|default(False)"
- block:
- - name: Fail if matrix-nginx-proxy role already executed
- fail:
- msg: >-
- Trying to append webhooks Appservice's reverse-proxying configuration to matrix-nginx-proxy,
- but it's pointless since the matrix-nginx-proxy role had already executed.
- To fix this, please change the order of roles in your playbook,
- so that the matrix-nginx-proxy role would run after the matrix-bridge-appservice-webhooks role.
- when: matrix_nginx_proxy_role_executed|default(False)|bool
+ - name: Fail if matrix-nginx-proxy role already executed
+ fail:
+ msg: >-
+ Trying to append webhooks Appservice's reverse-proxying configuration to matrix-nginx-proxy,
+ but it's pointless since the matrix-nginx-proxy role had already executed.
+ To fix this, please change the order of roles in your playbook,
+ so that the matrix-nginx-proxy role would run after the matrix-bridge-appservice-webhooks role.
+ when: matrix_nginx_proxy_role_executed|default(False)|bool
- - name: Generate Matrix Appservice webhooks proxying configuration for matrix-nginx-proxy
- set_fact:
- matrix_appservice_webhooks_matrix_nginx_proxy_configuration: |
- {% if matrix_nginx_proxy_enabled|default(False) %}
- {# Use the embedded DNS resolver in Docker containers to discover the service #}
- location ~ ^{{ matrix_appservice_webhooks_public_endpoint }}/(.*)$ {
- resolver 127.0.0.11 valid=5s;
- set $backend "matrix-appservice-webhooks:{{ matrix_appservice_webhooks_matrix_port }}";
- proxy_pass http://$backend/$1;
- }
- {% else %}
- {# Generic configuration for use outside of our container setup #}
- location {{ matrix_appservice_webhooks_public_endpoint }}/ {
- proxy_pass http://127.0.0.1:{{ matrix_appservice_webhooks_matrix_port }}/;
- }
- {% endif %}
+ - name: Generate Matrix Appservice webhooks proxying configuration for matrix-nginx-proxy
+ set_fact:
+ matrix_appservice_webhooks_matrix_nginx_proxy_configuration: |
+ {% if matrix_nginx_proxy_enabled|default(False) %}
+ {# Use the embedded DNS resolver in Docker containers to discover the service #}
+ location ~ ^{{ matrix_appservice_webhooks_public_endpoint }}/(.*)$ {
+ resolver 127.0.0.11 valid=5s;
+ set $backend "matrix-appservice-webhooks:{{ matrix_appservice_webhooks_matrix_port }}";
+ proxy_pass http://$backend/$1;
+ }
+ {% else %}
+ {# Generic configuration for use outside of our container setup #}
+ location {{ matrix_appservice_webhooks_public_endpoint }}/ {
+ proxy_pass http://127.0.0.1:{{ matrix_appservice_webhooks_matrix_port }}/;
+ }
+ {% endif %}
- - name: Register webhooks Appservice proxying configuration with matrix-nginx-proxy
- set_fact:
- matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
- {{
- matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
- +
- [matrix_appservice_webhooks_matrix_nginx_proxy_configuration]
- }}
+ - name: Register webhooks Appservice proxying configuration with matrix-nginx-proxy
+ set_fact:
+ matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
+ {{
+ matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
+ +
+ [matrix_appservice_webhooks_matrix_nginx_proxy_configuration]
+ }}
tags:
- - always
+ - always
when: matrix_appservice_webhooks_enabled|bool
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
diff --git a/roles/matrix-bridge-appservice-webhooks/tasks/main.yml b/roles/matrix-bridge-appservice-webhooks/tasks/main.yml
index 216905f3..26a7e24c 100644
--- a/roles/matrix-bridge-appservice-webhooks/tasks/main.yml
+++ b/roles/matrix-bridge-appservice-webhooks/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml b/roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml
index 1b276efc..1f40d731 100644
--- a/roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml
+++ b/roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml
@@ -8,10 +8,10 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_appservice_webhooks_base_path }}", when: true }
- - { path: "{{ matrix_appservice_webhooks_config_path }}", when: true }
- - { path: "{{ matrix_appservice_webhooks_data_path }}", when: true }
- - { path: "{{ matrix_appservice_webhooks_docker_src_files_path }}", when: "{{ matrix_appservice_webhooks_container_image_self_build }}"}
+ - {path: "{{ matrix_appservice_webhooks_base_path }}", when: true}
+ - {path: "{{ matrix_appservice_webhooks_config_path }}", when: true}
+ - {path: "{{ matrix_appservice_webhooks_data_path }}", when: true}
+ - {path: "{{ matrix_appservice_webhooks_docker_src_files_path }}", when: "{{ matrix_appservice_webhooks_container_image_self_build }}"}
when: "item.when|bool"
- name: Ensure Appservice webhooks image is pulled
@@ -40,7 +40,7 @@
build:
dockerfile: "{{ matrix_appservice_webhooks_container_image_self_build_repo_dockerfile_path }}"
path: "{{ matrix_appservice_webhooks_docker_src_files_path }}"
- pull: yes
+ pull: true
when: "matrix_appservice_webhooks_container_image_self_build|bool"
- name: Ensure Matrix Appservice webhooks config is installed
@@ -84,5 +84,5 @@
- name: Ensure systemd reloaded after matrix-appservice-webhooks.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_appservice_webhooks_systemd_service_result.changed"
diff --git a/roles/matrix-bridge-appservice-webhooks/tasks/setup_uninstall.yml b/roles/matrix-bridge-appservice-webhooks/tasks/setup_uninstall.yml
index 81440b88..38235652 100644
--- a/roles/matrix-bridge-appservice-webhooks/tasks/setup_uninstall.yml
+++ b/roles/matrix-bridge-appservice-webhooks/tasks/setup_uninstall.yml
@@ -9,8 +9,8 @@
service:
name: matrix-appservice-webhooks
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
when: "matrix_appservice_webhooks_service_stat.stat.exists"
- name: Ensure matrix-appservice-webhooks.service doesn't exist
@@ -21,5 +21,5 @@
- name: Ensure systemd reloaded after matrix-appservice-webhooks.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_appservice_webhooks_service_stat.stat.exists"
diff --git a/roles/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 b/roles/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2
index a227387a..f27111b3 100644
--- a/roles/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2
+++ b/roles/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2
@@ -35,8 +35,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-web
{{ matrix_appservice_webhooks_docker_image }} \
node index.js -p {{ matrix_appservice_webhooks_matrix_port }} -c /config/config.yaml -f /config/webhooks-registration.yaml
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-webhooks 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-webhooks 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-webhooks 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-webhooks 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-appservice-webhooks
diff --git a/roles/matrix-bridge-beeper-linkedin/defaults/main.yml b/roles/matrix-bridge-beeper-linkedin/defaults/main.yml
index 87561ff5..e622522d 100644
--- a/roles/matrix-bridge-beeper-linkedin/defaults/main.yml
+++ b/roles/matrix-bridge-beeper-linkedin/defaults/main.yml
@@ -1,9 +1,10 @@
+---
# beeper-linkedin is a Matrix <-> LinkedIn bridge
# See: https://gitlab.com/beeper/linkedin
matrix_beeper_linkedin_enabled: true
-matrix_beeper_linkedin_version: v0.5.1
+matrix_beeper_linkedin_version: v0.5.2
# See: https://gitlab.com/beeper/linkedin/container_registry
matrix_beeper_linkedin_docker_image: "{{ matrix_beeper_linkedin_docker_image_name_prefix }}beeper/linkedin:{{ matrix_beeper_linkedin_docker_image_tag }}"
diff --git a/roles/matrix-bridge-beeper-linkedin/tasks/init.yml b/roles/matrix-bridge-beeper-linkedin/tasks/init.yml
index 755ac2f5..977db925 100644
--- a/roles/matrix-bridge-beeper-linkedin/tasks/init.yml
+++ b/roles/matrix-bridge-beeper-linkedin/tasks/init.yml
@@ -1,3 +1,5 @@
+---
+
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-beeper-linkedin.service'] }}"
when: matrix_beeper_linkedin_enabled|bool
diff --git a/roles/matrix-bridge-beeper-linkedin/tasks/main.yml b/roles/matrix-bridge-beeper-linkedin/tasks/main.yml
index 79c54f1a..920265fb 100644
--- a/roles/matrix-bridge-beeper-linkedin/tasks/main.yml
+++ b/roles/matrix-bridge-beeper-linkedin/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml b/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml
index c873d0c2..3cec1c1f 100644
--- a/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml
+++ b/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml
@@ -15,10 +15,10 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_beeper_linkedin_base_path }}", when: true }
- - { path: "{{ matrix_beeper_linkedin_config_path }}", when: true }
- - { path: "{{ matrix_beeper_linkedin_data_path }}", when: true }
- - { path: "{{ matrix_beeper_linkedin_docker_src_files_path }}", when: "{{ matrix_beeper_linkedin_container_image_self_build }}" }
+ - {path: "{{ matrix_beeper_linkedin_base_path }}", when: true}
+ - {path: "{{ matrix_beeper_linkedin_config_path }}", when: true}
+ - {path: "{{ matrix_beeper_linkedin_data_path }}", when: true}
+ - {path: "{{ matrix_beeper_linkedin_docker_src_files_path }}", when: "{{ matrix_beeper_linkedin_container_image_self_build }}"}
when: "item.when|bool"
@@ -31,38 +31,38 @@
when: "not matrix_beeper_linkedin_container_image_self_build|bool"
- block:
- - name: Ensure Beeper LinkedIn repository is present on self-build
- git:
- repo: "{{ matrix_beeper_linkedin_container_image_self_build_repo }}"
- dest: "{{ matrix_beeper_linkedin_docker_src_files_path }}"
- version: "{{ matrix_beeper_linkedin_container_image_self_build_branch }}"
- force: "yes"
- register: matrix_beeper_linkedin_git_pull_results
+ - name: Ensure Beeper LinkedIn repository is present on self-build
+ git:
+ repo: "{{ matrix_beeper_linkedin_container_image_self_build_repo }}"
+ dest: "{{ matrix_beeper_linkedin_docker_src_files_path }}"
+ version: "{{ matrix_beeper_linkedin_container_image_self_build_branch }}"
+ force: "yes"
+ register: matrix_beeper_linkedin_git_pull_results
- # Building the container image (using the default Dockerfile) requires that a docker-requirements.txt file be generated.
- # See: https://gitlab.com/beeper/linkedin/-/blob/94442db17ccb9769b377cdb8e4bf1cb3955781d7/.gitlab-ci.yml#L30-40
- - name: Ensure docker-requirements.txt is generated before building Beeper LinkedIn Docker Image
- command: |
- {{ matrix_host_command_docker }} run \
- --rm \
- --entrypoint=/bin/sh \
- --mount type=bind,src={{ matrix_beeper_linkedin_docker_src_files_path }},dst=/work \
- -w /work \
- docker.io/python:3.9.6-buster \
- -c "pip install poetry && poetry export --without-hashes -E e2be -E images -E metrics | sed 's/==.*//g' > docker-requirements.txt"
+ # Building the container image (using the default Dockerfile) requires that a docker-requirements.txt file be generated.
+ # See: https://gitlab.com/beeper/linkedin/-/blob/94442db17ccb9769b377cdb8e4bf1cb3955781d7/.gitlab-ci.yml#L30-40
+ - name: Ensure docker-requirements.txt is generated before building Beeper LinkedIn Docker Image
+ command: |
+ {{ matrix_host_command_docker }} run \
+ --rm \
+ --entrypoint=/bin/sh \
+ --mount type=bind,src={{ matrix_beeper_linkedin_docker_src_files_path }},dst=/work \
+ -w /work \
+ docker.io/python:3.9.6-buster \
+ -c "pip install poetry && poetry export --without-hashes -E e2be -E images -E metrics | sed 's/==.*//g' > docker-requirements.txt"
- - name: Ensure Beeper LinkedIn Docker image is built
- docker_image:
- name: "{{ matrix_beeper_linkedin_docker_image }}"
- source: build
- force_source: "{{ matrix_beeper_linkedin_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
- force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_beeper_linkedin_git_pull_results.changed }}"
- build:
- dockerfile: Dockerfile
- path: "{{ matrix_beeper_linkedin_docker_src_files_path }}"
- pull: yes
- args:
- TARGETARCH: "{{ matrix_architecture }}"
+ - name: Ensure Beeper LinkedIn Docker image is built
+ docker_image:
+ name: "{{ matrix_beeper_linkedin_docker_image }}"
+ source: build
+ force_source: "{{ matrix_beeper_linkedin_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
+ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_beeper_linkedin_git_pull_results.changed }}"
+ build:
+ dockerfile: Dockerfile
+ path: "{{ matrix_beeper_linkedin_docker_src_files_path }}"
+ pull: true
+ args:
+ TARGETARCH: "{{ matrix_architecture }}"
when: "matrix_beeper_linkedin_container_image_self_build|bool"
- name: Ensure beeper-linkedin config.yaml installed
@@ -90,5 +90,5 @@
- name: Ensure systemd reloaded after matrix-beeper-linkedin.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_beeper_linkedin_systemd_service_result.changed"
diff --git a/roles/matrix-bridge-beeper-linkedin/tasks/setup_uninstall.yml b/roles/matrix-bridge-beeper-linkedin/tasks/setup_uninstall.yml
index 175613f0..befa2f61 100644
--- a/roles/matrix-bridge-beeper-linkedin/tasks/setup_uninstall.yml
+++ b/roles/matrix-bridge-beeper-linkedin/tasks/setup_uninstall.yml
@@ -9,8 +9,8 @@
service:
name: matrix-beeper-linkedin
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
when: "matrix_beeper_linkedin_service_stat.stat.exists"
- name: Ensure matrix-beeper-linkedin.service doesn't exist
@@ -21,5 +21,5 @@
- name: Ensure systemd reloaded after matrix-beeper-linkedin.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_beeper_linkedin_service_stat.stat.exists"
diff --git a/roles/matrix-bridge-beeper-linkedin/tasks/validate_config.yml b/roles/matrix-bridge-beeper-linkedin/tasks/validate_config.yml
index fe33defa..d808de08 100644
--- a/roles/matrix-bridge-beeper-linkedin/tasks/validate_config.yml
+++ b/roles/matrix-bridge-beeper-linkedin/tasks/validate_config.yml
@@ -8,4 +8,3 @@
with_items:
- "matrix_beeper_linkedin_appservice_token"
- "matrix_beeper_linkedin_homeserver_token"
-
diff --git a/roles/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 b/roles/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2
index 84e4a9c2..4498b4f0 100644
--- a/roles/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2
+++ b/roles/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2
@@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-beeper-linkedi
{{ matrix_beeper_linkedin_docker_image }} \
python3 -m linkedin_matrix -c /data/config.yaml -r /data/registration.yaml
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-beeper-linkedin 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-beeper-linkedin 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-beeper-linkedin 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-beeper-linkedin 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-beeper-linkedin
diff --git a/roles/matrix-bridge-heisenbridge/defaults/main.yml b/roles/matrix-bridge-heisenbridge/defaults/main.yml
index 5d393a81..80b3c95a 100644
--- a/roles/matrix-bridge-heisenbridge/defaults/main.yml
+++ b/roles/matrix-bridge-heisenbridge/defaults/main.yml
@@ -1,9 +1,10 @@
+---
# heisenbridge is a bouncer-style Matrix IRC bridge
# See: https://github.com/hifi/heisenbridge
matrix_heisenbridge_enabled: true
-matrix_heisenbridge_version: 1.9.0
+matrix_heisenbridge_version: 1.10.1
matrix_heisenbridge_docker_image: "{{ matrix_container_global_registry_prefix }}hif1/heisenbridge:{{ matrix_heisenbridge_version }}"
matrix_heisenbridge_docker_image_force_pull: "{{ matrix_heisenbridge_docker_image.endswith(':latest') }}"
@@ -34,13 +35,13 @@ matrix_heisenbridge_registration_yaml:
id: heisenbridge
url: http://matrix-heisenbridge:9898
as_token: "{{ matrix_heisenbridge_appservice_token }}"
- hs_token: "{{ matrix_heisenbridge_homeserver_token }}"
+ hs_token: "{{ matrix_heisenbridge_homeserver_token }}"
rate_limited: false
sender_localpart: heisenbridge
namespaces:
users:
- - regex: '@hbirc_.*'
- exclusive: true
+ - regex: '@hbirc_.*'
+ exclusive: true
aliases: []
rooms: []
diff --git a/roles/matrix-bridge-heisenbridge/tasks/init.yml b/roles/matrix-bridge-heisenbridge/tasks/init.yml
index 18e89b68..a66d7199 100644
--- a/roles/matrix-bridge-heisenbridge/tasks/init.yml
+++ b/roles/matrix-bridge-heisenbridge/tasks/init.yml
@@ -1,3 +1,4 @@
+---
# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
# We don't want to fail in such cases.
- name: Fail if matrix-synapse role already executed
diff --git a/roles/matrix-bridge-heisenbridge/tasks/main.yml b/roles/matrix-bridge-heisenbridge/tasks/main.yml
index 1358709d..a266643d 100644
--- a/roles/matrix-bridge-heisenbridge/tasks/main.yml
+++ b/roles/matrix-bridge-heisenbridge/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-bridge-heisenbridge/tasks/setup_install.yml b/roles/matrix-bridge-heisenbridge/tasks/setup_install.yml
index 03cf9ec3..29b5842b 100644
--- a/roles/matrix-bridge-heisenbridge/tasks/setup_install.yml
+++ b/roles/matrix-bridge-heisenbridge/tasks/setup_install.yml
@@ -4,8 +4,8 @@
docker_image:
name: "{{ matrix_heisenbridge_docker_image }}"
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
- force_source: "{{ matrix_heisenbridge_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
- force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_heisenbridge_docker_image_force_pull }}"
+ force_source: "{{ matrix_heisenbridge_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
+ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_heisenbridge_docker_image_force_pull }}"
- name: Ensure heisenbridge paths exist
file:
@@ -34,5 +34,5 @@
- name: Ensure systemd reloaded after matrix-heisenbridge.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: matrix_heisenbridge_systemd_service_result.changed
diff --git a/roles/matrix-bridge-heisenbridge/tasks/setup_uninstall.yml b/roles/matrix-bridge-heisenbridge/tasks/setup_uninstall.yml
index cf100a89..54d5bd67 100644
--- a/roles/matrix-bridge-heisenbridge/tasks/setup_uninstall.yml
+++ b/roles/matrix-bridge-heisenbridge/tasks/setup_uninstall.yml
@@ -9,8 +9,8 @@
service:
name: matrix-heisenbridge
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
when: "matrix_heisenbridge_service_stat.stat.exists"
- name: Ensure matrix-heisenbridge.service doesn't exist
@@ -21,5 +21,5 @@
- name: Ensure systemd reloaded after matrix-heisenbridge.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_heisenbridge_service_stat.stat.exists"
diff --git a/roles/matrix-bridge-heisenbridge/templates/systemd/matrix-heisenbridge.service.j2 b/roles/matrix-bridge-heisenbridge/templates/systemd/matrix-heisenbridge.service.j2
index 6a0750bf..e27b88f1 100644
--- a/roles/matrix-bridge-heisenbridge/templates/systemd/matrix-heisenbridge.service.j2
+++ b/roles/matrix-bridge-heisenbridge/templates/systemd/matrix-heisenbridge.service.j2
@@ -41,8 +41,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-heisenbridge \
--listen-port 9898 \
{{ matrix_heisenbridge_homeserver_url }}
-ExecStopPost=-{{ matrix_host_command_docker }} kill matrix-heisenbridge
-ExecStopPost=-{{ matrix_host_command_docker }} rm matrix-heisenbridge
+ExecStop=-{{ matrix_host_command_docker }} kill matrix-heisenbridge
+ExecStop=-{{ matrix_host_command_docker }} rm matrix-heisenbridge
Restart=always
RestartSec=30
SyslogIdentifier=matrix-heisenbridge
diff --git a/roles/matrix-bridge-hookshot/defaults/main.yml b/roles/matrix-bridge-hookshot/defaults/main.yml
new file mode 100644
index 00000000..2db8ba77
--- /dev/null
+++ b/roles/matrix-bridge-hookshot/defaults/main.yml
@@ -0,0 +1,203 @@
+---
+
+# A bridge between Matrix and multiple project management services, such as GitHub, GitLab and JIRA.
+# https://github.com/Half-Shot/matrix-hookshot
+
+matrix_hookshot_enabled: true
+
+matrix_hookshot_version: 1.1.0
+matrix_hookshot_docker_image: "{{ matrix_container_global_registry_prefix }}halfshot/matrix-hookshot:{{ matrix_hookshot_version }}"
+matrix_hookshot_docker_image_force_pull: "{{ matrix_hookshot_docker_image.endswith(':latest') }}"
+
+matrix_hookshot_base_path: "{{ matrix_base_data_path }}/hookshot"
+
+matrix_hookshot_homeserver_address: "{{ matrix_homeserver_container_url }}"
+matrix_hookshot_container_url: 'matrix-hookshot'
+
+matrix_hookshot_public_endpoint: /hookshot
+
+# There is no need to edit ports. use matrix_hookshot_container_http_host_bind_ports below to expose ports instead.
+matrix_hookshot_appservice_port: 9993
+matrix_hookshot_appservice_endpoint: "{{ matrix_hookshot_public_endpoint }}/_matrix/app"
+
+# Metrics work only in conjunction with matrix_synapse_metrics_enabled etc
+matrix_hookshot_metrics_enabled: true
+# There is no need to edit ports.
+# Read the documentation to learn about using hookshot metrics with external Prometheus
+# If you still want something different, use matrix_hookshot_container_http_host_bind_ports below to expose ports instead.
+matrix_hookshot_metrics_port: 9001
+matrix_hookshot_metrics_endpoint: "{{ matrix_hookshot_public_endpoint }}/metrics"
+
+# There is no need to edit ports. use matrix_hookshot_container_http_host_bind_ports below to expose ports instead.
+matrix_hookshot_webhook_port: 9000
+matrix_hookshot_webhook_endpoint: "{{ matrix_hookshot_public_endpoint }}/webhooks"
+
+
+# You need to create a GitHub app to enable this and fill in the empty variables below
+# https://half-shot.github.io/matrix-hookshot/setup/github.html
+matrix_hookshot_github_enabled: false
+matrix_hookshot_github_appid: ''
+# Set this variable to the contents of the generated and downloaded GitHub private key:
+# matrix_hookshot_github_private_key: |
+# -----BEGIN RSA PRIVATE KEY-----
+# 0123456789ABCDEF...
+# -----END RSA PRIVATE KEY-----
+# Alternatively, leave it empty and do it manually or use matrix-aux instead, see docs/matrix-bridge-hookshot.md for info.
+matrix_hookshot_github_private_key: ''
+matrix_hookshot_github_private_key_file: 'private-key.pem'
+matrix_hookshot_github_secret: '' # "Webhook secret" on the GitHub App page
+matrix_hookshot_github_oauth_enabled: false
+# You need to configure oauth settings only when you have enabled oauth (optional)
+matrix_hookshot_github_oauth_id: '' # "Client ID" on the GitHub App page
+matrix_hookshot_github_oauth_secret: '' # "Client Secret" on the GitHub App page
+# Default value of matrix_hookshot_github_oauth_endpoint: "/hookshot/webhooks/oauth"
+matrix_hookshot_github_oauth_endpoint: "{{ matrix_hookshot_webhook_endpoint }}/oauth"
+matrix_hookshot_github_oauth_uri: "https://{{ matrix_server_fqn_matrix }}{{ matrix_hookshot_github_oauth_endpoint }}"
+# These are the default settings mentioned here and don't need to be modified: https://half-shot.github.io/matrix-hookshot/usage/room_configuration/github_repo.html#configuration
+matrix_hookshot_github_ignore_hooks: "{}"
+matrix_hookshot_github_command_prefix: '!gh'
+matrix_hookshot_github_show_issue_room_link: false
+matrix_hookshot_github_pr_diff: "{enabled: false, maxLines: 5}"
+matrix_hookshot_github_including_labels: ''
+matrix_hookshot_github_excluding_labels: ''
+
+
+matrix_hookshot_gitlab_enabled: true
+# Optionally add your instances, e.g.
+# matrix_hookshot_gitlab_instances:
+# gitlab.com:
+# url: https://gitlab.com
+# mygitlab:
+# url: https://gitlab.example.org
+matrix_hookshot_gitlab_instances:
+ gitlab.com:
+ url: https://gitlab.com
+
+# This will be the "Secret token" you have to enter into all GitLab instances for authentication
+matrix_hookshot_gitlab_secret: ''
+
+
+matrix_hookshot_jira_enabled: false
+# Get the these values from https://half-shot.github.io/matrix-hookshot/setup/jira.html#jira-oauth
+matrix_hookshot_jira_secret: ''
+matrix_hookshot_jira_oauth_enabled: false
+matrix_hookshot_jira_oauth_id: ''
+matrix_hookshot_jira_oauth_secret: ''
+# Default value of matrix_hookshot_jira_oauth_endpoint: "/hookshot/webhooks/jira/oauth"
+matrix_hookshot_jira_oauth_endpoint: "{{ matrix_hookshot_webhook_endpoint }}/jira/oauth"
+matrix_hookshot_jira_oauth_uri: "{{ matrix_server_fqn_matrix }}{{ matrix_hookshot_jira_oauth_endpoint }}"
+
+
+# No need to change these
+matrix_hookshot_generic_enabled: true
+# Default value of matrix_hookshot_generic_endpoint: "/hookshot/webhooks"
+matrix_hookshot_generic_endpoint: "{{ matrix_hookshot_webhook_endpoint }}"
+matrix_hookshot_generic_urlprefix: "{{ matrix_server_fqn_matrix }}{{ matrix_hookshot_generic_endpoint }}"
+matrix_hookshot_generic_allow_js_transformation_functions: false
+# If you're also using matrix-appservice-webhooks, take care that these prefixes don't overlap
+matrix_hookshot_generic_user_id_prefix: '_webhooks_'
+
+
+matrix_hookshot_figma_enabled: false
+# Default value of matrix_hookshot_figma_endpoint: "/hookshot/webhooks/figma/webhook"
+matrix_hookshot_figma_endpoint: "{{ matrix_hookshot_webhook_endpoint }}/figma/webhook"
+matrix_hookshot_figma_publicUrl: "{{ matrix_server_fqn_matrix }}{{ matrix_hookshot_figma_endpoint }}"
+# To bridge figma webhooks, you need to configure one of multiple instances like this:
+# matrix_hookshot_figma_instances:
+# your-instance:
+# teamId: your-team-id
+# accessToken: your-personal-access-token
+# passcode: your-webhook-passcode
+
+
+# There is no need to edit ports. use matrix_hookshot_container_http_host_bind_ports below to expose ports instead.
+matrix_hookshot_provisioning_port: 9002
+matrix_hookshot_provisioning_secret: ''
+# Provisioning will be automatically enabled if dimension is enabled and you have provided a provisioning secret, unless you override it
+matrix_hookshot_provisioning_enabled: false
+matrix_hookshot_provisioning_endpoint: "{{ matrix_hookshot_public_endpoint }}/v1"
+
+# You can configure access to the bridge as documented here https://half-shot.github.io/matrix-hookshot/setup.html#permissions
+# When empty, the default permissions are applied.
+# Example:
+# matrix_hookshot_permissions:
+# - actor: *
+# services:
+# - service: *
+# level: commands
+# - actor: example.com
+# services:
+# - service: "*"
+# level: admin
+matrix_hookshot_permissions: []
+
+matrix_hookshot_bot_displayname: Hookshot Bot
+matrix_hookshot_bot_avatar: 'mxc://half-shot.uk/2876e89ccade4cb615e210c458e2a7a6883fe17d'
+
+# A list of extra arguments to pass to the container
+matrix_hookshot_container_extra_arguments: []
+
+# List of systemd services that service depends on.
+matrix_hookshot_systemd_required_services_list: ['docker.service']
+
+# List of systemd services that service wants
+matrix_hookshot_systemd_wanted_services_list: []
+
+# List of ports to bind to the host to expose them directly.
+# Ports will automatically be bound to localhost if matrix_nginx_proxy_enabled is false.
+# Setting this variable will override that behaviour in either case.
+# Supply docker port bind arguments in a list like this:
+#
+# matrix_hookshot_container_http_host_bind_ports:
+# - "127.0.0.1:9999:{{ matrix_hookshot_metrics_port }}"
+#
+# Above example will bind the metrics port in the container to port 9999 on localhost.
+matrix_hookshot_container_http_host_bind_ports: []
+
+# These tokens will be set automatically
+matrix_hookshot_appservice_token: ''
+matrix_hookshot_homeserver_token: ''
+
+# Default configuration template which covers the generic use case.
+# You can customize it by controlling the various variables inside it.
+#
+# For a more advanced customization, you can extend the default (see `matrixhookshot_configuration_extension_yaml`)
+# or completely replace this variable with your own template.
+matrix_hookshot_configuration_yaml: "{{ lookup('template', 'templates/config.yml.j2') }}"
+
+matrix_hookshot_configuration_extension_yaml: |
+ # Your custom YAML configuration goes here.
+ # This configuration extends the default starting configuration (`matrix_hookshot_configuration_yaml`).
+ #
+ # You can override individual variables from the default configuration, or introduce new ones.
+ #
+ # If you need something more special, you can take full control by
+ # completely redefining `matrix_hookshot_configuration_yaml`.
+
+matrix_hookshot_configuration_extension: "{{ matrix_hookshot_configuration_extension_yaml|from_yaml if matrix_hookshot_configuration_extension_yaml|from_yaml is mapping else {} }}"
+
+# Holds the final configuration (a combination of the default and its extension).
+# You most likely don't need to touch this variable. Instead, see `matrix_hookshot_configuration_yaml`.
+matrix_hookshot_configuration: "{{ matrix_hookshot_configuration_yaml|from_yaml|combine(matrix_hookshot_configuration_extension, recursive=True) }}"
+
+# Default registration template which covers the generic use case.
+# You can customize it by controlling the various variables inside it.
+#
+# For a more advanced customization, you can extend the default (see `matrixhookshot_registration_extension_yaml`)
+# or completely replace this variable with your own template.
+matrix_hookshot_registration_yaml: "{{ lookup('template', 'templates/registration.yml.j2') }}"
+
+matrix_hookshot_registration_extension_yaml: |
+ # Your custom YAML registration goes here.
+ # This registration extends the default starting registration (`matrix_hookshot_registration_yaml`).
+ #
+ # You can override individual variables from the default registration, or introduce new ones.
+ #
+ # If you need something more special, you can take full control by
+ # completely redefining `matrix_hookshot_registration_yaml`.
+
+matrix_hookshot_registration_extension: "{{ matrix_hookshot_registration_extension_yaml|from_yaml if matrix_hookshot_registration_extension_yaml|from_yaml is mapping else {} }}"
+
+# Holds the final registration (a combination of the default and its extension).
+# You most likely don't need to touch this variable. Instead, see `matrix_hookshot_registration_yaml`.
+matrix_hookshot_registration: "{{ matrix_hookshot_registration_yaml|from_yaml|combine(matrix_hookshot_registration_extension, recursive=True) }}"
diff --git a/roles/matrix-bridge-hookshot/files/.gitkeep b/roles/matrix-bridge-hookshot/files/.gitkeep
new file mode 100644
index 00000000..e69de29b
diff --git a/roles/matrix-bridge-hookshot/tasks/init.yml b/roles/matrix-bridge-hookshot/tasks/init.yml
new file mode 100644
index 00000000..a2229c36
--- /dev/null
+++ b/roles/matrix-bridge-hookshot/tasks/init.yml
@@ -0,0 +1,130 @@
+---
+# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
+# We don't want to fail in such cases.
+- name: Fail if matrix-synapse role already executed
+ fail:
+ msg: >-
+ The matrix-bridge-hookshot role needs to execute before the matrix-synapse role.
+ when: "matrix_hookshot_enabled and matrix_synapse_role_executed|default(False)"
+
+- set_fact:
+ matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-hookshot.service'] }}"
+ when: matrix_hookshot_enabled|bool
+
+# If the matrix-synapse role is not used, these variables may not exist.
+- set_fact:
+ matrix_synapse_container_extra_arguments: >
+ {{ matrix_synapse_container_extra_arguments|default([]) }}
+ +
+ ["--mount type=bind,src={{ matrix_hookshot_base_path }}/registration.yml,dst=/hookshot-registration.yml,ro"]
+
+ matrix_synapse_app_service_config_files: >
+ {{ matrix_synapse_app_service_config_files|default([]) }}
+ +
+ {{ ["/hookshot-registration.yml"] }}
+ when: matrix_hookshot_enabled|bool
+
+- block:
+ - name: Fail if matrix-nginx-proxy role already executed
+ fail:
+ msg: >-
+ Trying to append hookshot's reverse-proxying configuration to matrix-nginx-proxy,
+ but it's pointless since the matrix-nginx-proxy role had already executed.
+ To fix this, please change the order of roles in your playbook,
+ so that the matrix-nginx-proxy role would run after the matrix-bridge-hookshot role.
+ when: matrix_nginx_proxy_role_executed|default(False)|bool
+
+ - name: Generate Matrix hookshot proxying configuration for matrix-nginx-proxy
+ set_fact:
+ matrix_hookshot_matrix_nginx_proxy_configuration: |
+ location ~ ^{{ matrix_hookshot_appservice_endpoint }}/(.*)$ {
+ {% if matrix_nginx_proxy_enabled|default(False) %}
+ {# Use the embedded DNS resolver in Docker containers to discover the service #}
+ resolver 127.0.0.11 valid=5s;
+ set $backend "{{ matrix_hookshot_container_url }}:{{ matrix_hookshot_appservice_port }}";
+ proxy_pass http://$backend/$1;
+ {% else %}
+ {# Generic configuration for use outside of our container setup #}
+ proxy_pass http://127.0.0.1:{{ matrix_hookshot_appservice_port }}/$1;
+ {% endif %}
+ proxy_set_header Host $host;
+ }
+ {% if matrix_hookshot_provisioning_enabled %}
+ location ~ ^{{ matrix_hookshot_provisioning_endpoint }}/(.*)$ {
+ {% if matrix_nginx_proxy_enabled|default(False) %}
+ {# Use the embedded DNS resolver in Docker containers to discover the service #}
+ resolver 127.0.0.11 valid=5s;
+ set $backend "{{ matrix_hookshot_container_url }}:{{ matrix_hookshot_provisioning_port }}";
+ proxy_pass http://$backend/$1;
+ {% else %}
+ {# Generic configuration for use outside of our container setup #}
+ proxy_pass http://127.0.0.1:{{ matrix_hookshot_provisioning_port }}/$1;
+ {% endif %}
+ proxy_set_header Host $host;
+ }
+ {% endif %}
+ location ~ ^{{ matrix_hookshot_webhook_endpoint }}/(.*)$ {
+ {% if matrix_nginx_proxy_enabled|default(False) %}
+ {# Use the embedded DNS resolver in Docker containers to discover the service #}
+ resolver 127.0.0.11 valid=5s;
+ set $backend "{{ matrix_hookshot_container_url }}:{{ matrix_hookshot_webhook_port }}";
+ proxy_pass http://$backend/$1;
+ {% else %}
+ {# Generic configuration for use outside of our container setup #}
+ proxy_pass http://127.0.0.1:{{ matrix_hookshot_webhook_port }}/$1;
+ {% endif %}
+ proxy_set_header Host $host;
+ }
+
+ - name: Register hookshot proxying configuration with matrix-nginx-proxy
+ set_fact:
+ matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
+ {{
+ matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
+ +
+ [matrix_hookshot_matrix_nginx_proxy_configuration]
+ }}
+
+ - name: Generate Matrix hookshot proxying configuration for matrix-nginx-proxy
+ set_fact:
+ matrix_hookshot_matrix_nginx_proxy_metrics_configuration: |
+ {% if matrix_hookshot_metrics_enabled and matrix_hookshot_proxy_metrics %}
+ location {{ matrix_hookshot_metrics_endpoint }} {
+ {% if matrix_nginx_proxy_enabled|default(False) %}
+ {# Use the embedded DNS resolver in Docker containers to discover the service #}
+ resolver 127.0.0.11 valid=5s;
+ set $backend "{{ matrix_hookshot_container_url }}:{{ matrix_hookshot_metrics_port }}";
+ proxy_pass http://$backend/metrics;
+ {% else %}
+ {# Generic configuration for use outside of our container setup #}
+ proxy_pass http://127.0.0.1:{{ matrix_hookshot_metrics_port }}/metrics;
+ {% endif %}
+ proxy_set_header Host $host;
+ {% if matrix_hookshot_proxy_metrics_basic_auth_enabled %}
+ auth_basic "protected";
+ auth_basic_user_file /nginx-data/matrix-synapse-metrics-htpasswd;
+ {% endif %}
+ }
+ {% endif %}
+
+ - name: Register hookshot metrics proxying configuration with matrix-nginx-proxy
+ set_fact:
+ matrix_nginx_proxy_proxy_grafana_additional_server_configuration_blocks: |
+ {{
+ matrix_nginx_proxy_proxy_grafana_additional_server_configuration_blocks|default([])
+ +
+ [matrix_hookshot_matrix_nginx_proxy_metrics_configuration]
+ }}
+ tags:
+ - always
+ when: matrix_hookshot_enabled|bool
+
+- name: Warn about reverse-proxying if matrix-nginx-proxy not used
+ debug:
+ msg: >-
+ NOTE: You've enabled the hookshot bridge but are not using the matrix-nginx-proxy
+ reverse proxy.
+ Please make sure that you're proxying the `{{ matrix_hookshot_public_endpoint }}`
+ URL endpoint to the matrix-hookshot container.
+ You can expose the container's ports using the `matrix_hookshot_container_http_host_bind_ports` variable.
+ when: "matrix_hookshot_enabled|bool and matrix_nginx_proxy_enabled is not defined"
diff --git a/roles/matrix-bridge-hookshot/tasks/main.yml b/roles/matrix-bridge-hookshot/tasks/main.yml
new file mode 100644
index 00000000..409b6175
--- /dev/null
+++ b/roles/matrix-bridge-hookshot/tasks/main.yml
@@ -0,0 +1,23 @@
+---
+
+- import_tasks: "{{ role_path }}/tasks/init.yml"
+ tags:
+ - always
+
+- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
+ when: "run_setup|bool and matrix_hookshot_enabled|bool"
+ tags:
+ - setup-all
+ - setup-hookshot
+
+- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
+ when: "run_setup|bool and matrix_hookshot_enabled|bool"
+ tags:
+ - setup-all
+ - setup-hookshot
+
+- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
+ when: "run_setup|bool and not matrix_hookshot_enabled|bool"
+ tags:
+ - setup-all
+ - setup-hookshot
diff --git a/roles/matrix-bridge-hookshot/tasks/setup_install.yml b/roles/matrix-bridge-hookshot/tasks/setup_install.yml
new file mode 100644
index 00000000..66a452f0
--- /dev/null
+++ b/roles/matrix-bridge-hookshot/tasks/setup_install.yml
@@ -0,0 +1,84 @@
+---
+
+- import_tasks: "{{ role_path }}/../matrix-base/tasks/util/ensure_openssl_installed.yml"
+
+- name: Ensure hookshot image is pulled
+ docker_image:
+ name: "{{ matrix_hookshot_docker_image }}"
+ source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
+ force_source: "{{ matrix_hookshot_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
+ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_hookshot_docker_image_force_pull }}"
+
+- name: Ensure hookshot paths exist
+ file:
+ path: "{{ item }}"
+ state: directory
+ mode: 0750
+ owner: "{{ matrix_user_username }}"
+ group: "{{ matrix_user_groupname }}"
+ with_items:
+ - "{{ matrix_hookshot_base_path }}"
+
+- name: Check if hookshot passkey exists
+ stat:
+ path: "{{ matrix_hookshot_base_path }}/passkey.pem"
+ register: hookshot_passkey_file
+
+- name: Generate hookshot passkey if it doesn't exist
+ shell: "{{ matrix_host_command_openssl }} genpkey -out {{ matrix_hookshot_base_path }}/passkey.pem -outform PEM -algorithm RSA -pkeyopt rsa_keygen_bits:4096"
+ become: true
+ become_user: "{{ matrix_user_username }}"
+ when: "not hookshot_passkey_file.stat.exists"
+
+- name: Ensure hookshot config.yml installed if provided
+ copy:
+ content: "{{ matrix_hookshot_configuration|to_nice_yaml }}"
+ dest: "{{ matrix_hookshot_base_path }}/config.yml"
+ mode: 0644
+ owner: "{{ matrix_user_username }}"
+ group: "{{ matrix_user_groupname }}"
+
+- name: Validate hookshot config.yml
+ command: |
+ {{ matrix_host_command_docker }} run
+ --rm
+ --name={{ matrix_hookshot_container_url }}-validate
+ --user={{ matrix_user_uid }}:{{ matrix_user_gid }}
+ --cap-drop=ALL
+ -v {{ matrix_hookshot_base_path }}/config.yml:/config.yml
+ {{ matrix_hookshot_docker_image }} node Config/Config.js /config.yml
+ register: hookshot_config_validation_result
+
+- name: Fail if hookshot config.yml invalid
+ fail:
+ msg: "Your hookshot configuration did not pass validation:\n{{ hookshot_config_validation_result.stdout }}\n{{ hookshot_config_validation_result.stderr }}"
+ when: "hookshot_config_validation_result.rc > 0"
+
+- name: Ensure hookshot registration.yml installed if provided
+ copy:
+ content: "{{ matrix_hookshot_registration|to_nice_yaml }}"
+ dest: "{{ matrix_hookshot_base_path }}/registration.yml"
+ mode: 0644
+ owner: "{{ matrix_user_username }}"
+ group: "{{ matrix_user_groupname }}"
+
+- name: Ensure hookshot github private key file installed if github is enabled
+ copy:
+ content: "{{ matrix_hookshot_github_private_key }}"
+ dest: "{{ matrix_hookshot_base_path }}/{{ matrix_hookshot_github_private_key_file }}"
+ mode: 0400
+ owner: "{{ matrix_user_username }}"
+ group: "{{ matrix_user_groupname }}"
+ when: matrix_hookshot_github_enabled|bool and matrix_hookshot_github_private_key|length > 0
+
+- name: Ensure matrix-hookshot.service installed
+ template:
+ src: "{{ role_path }}/templates/systemd/matrix-hookshot.service.j2"
+ dest: "{{ matrix_systemd_path }}/matrix-hookshot.service"
+ mode: 0644
+ register: matrix_hookshot_systemd_service_result
+
+- name: Ensure systemd reloaded after matrix-hookshot.service installation
+ service:
+ daemon_reload: true
+ when: matrix_hookshot_systemd_service_result.changed
diff --git a/roles/matrix-bridge-hookshot/tasks/setup_uninstall.yml b/roles/matrix-bridge-hookshot/tasks/setup_uninstall.yml
new file mode 100644
index 00000000..d8efbb02
--- /dev/null
+++ b/roles/matrix-bridge-hookshot/tasks/setup_uninstall.yml
@@ -0,0 +1,25 @@
+---
+
+- name: Check existence of matrix-hookshot service
+ stat:
+ path: "{{ matrix_systemd_path }}/matrix-hookshot.service"
+ register: matrix_hookshot_service_stat
+
+- name: Ensure matrix-hookshot is stopped
+ service:
+ name: matrix-hookshot
+ state: stopped
+ enabled: false
+ daemon_reload: true
+ when: "matrix_hookshot_service_stat.stat.exists"
+
+- name: Ensure matrix-hookshot.service doesn't exist
+ file:
+ path: "{{ matrix_systemd_path }}/matrix-hookshot.service"
+ state: absent
+ when: "matrix_hookshot_service_stat.stat.exists"
+
+- name: Ensure systemd reloaded after matrix-hookshot.service removal
+ service:
+ daemon_reload: true
+ when: "matrix_hookshot_service_stat.stat.exists"
diff --git a/roles/matrix-bridge-hookshot/tasks/validate_config.yml b/roles/matrix-bridge-hookshot/tasks/validate_config.yml
new file mode 100644
index 00000000..5da8809e
--- /dev/null
+++ b/roles/matrix-bridge-hookshot/tasks/validate_config.yml
@@ -0,0 +1,59 @@
+---
+
+- name: Fail if required settings not defined
+ fail:
+ msg: >-
+ You need to define a required configuration setting (`{{ item }}`).
+ when: "vars[item] == ''"
+ with_items:
+ - "matrix_hookshot_appservice_token"
+ - "matrix_hookshot_homeserver_token"
+
+- name: Fail if required GitHub settings not defined
+ fail:
+ msg: >-
+ You need to define a required configuration setting (`{{ item }}`) to enable GitHub.
+ when: "matrix_hookshot_github_enabled and vars[item] == ''"
+ with_items:
+ - "matrix_hookshot_github_appid"
+ - "matrix_hookshot_github_secret"
+
+- name: Fail if required GitHub OAuth settings not defined
+ fail:
+ msg: >-
+ You need to define a required configuration setting (`{{ item }}`) to enable GitHub OAuth.
+ when: "matrix_hookshot_github_oauth_enabled and vars[item] == ''"
+ with_items:
+ - "matrix_hookshot_github_oauth_id"
+ - "matrix_hookshot_github_oauth_secret"
+
+- name: Fail if required Jira settings not defined
+ fail:
+ msg: >-
+ You need to define a required configuration setting (`{{ item }}`) to enable Jira.
+ when: "matrix_hookshot_jira_enabled and vars[item] == ''"
+ with_items:
+ - "matrix_hookshot_jira_secret"
+
+- name: Fail if required Jira OAuth settings not defined
+ fail:
+ msg: >-
+ You need to define a required configuration setting (`{{ item }}`) to enable Jira OAuth.
+ when: "matrix_hookshot_jira_oauth_enabled and vars[item] == ''"
+ with_items:
+ - "matrix_hookshot_jira_oauth_id"
+ - "matrix_hookshot_jira_oauth_secret"
+
+- name: Fail if required Figma settings not defined
+ fail:
+ msg: >-
+ You need to define at least one Figma instance to enable Figma.
+ when: "matrix_hookshot_figma_enabled and matrix_hookshot_figma_instances is undefined"
+
+- name: Fail if required provisioning settings not defined
+ fail:
+ msg: >-
+ You need to define a required configuration setting (`{{ item }}`) to enable provisioning.
+ when: "matrix_hookshot_provisioning_enabled and vars[item] == ''"
+ with_items:
+ - "matrix_hookshot_provisioning_secret"
diff --git a/roles/matrix-bridge-hookshot/templates/config.yml.j2 b/roles/matrix-bridge-hookshot/templates/config.yml.j2
new file mode 100644
index 00000000..fc04c755
--- /dev/null
+++ b/roles/matrix-bridge-hookshot/templates/config.yml.j2
@@ -0,0 +1,127 @@
+#jinja2: lstrip_blocks: "True"
+bridge:
+ # Basic homeserver configuration
+ #
+ domain: {{ matrix_domain }}
+ url: {{ matrix_hookshot_homeserver_address }}
+ mediaUrl: {{ matrix_hookshot_homeserver_address }}
+ port: {{ matrix_hookshot_appservice_port }}
+ bindAddress: 0.0.0.0
+{% if matrix_hookshot_github_enabled %}
+github:
+ # (Optional) Configure this to enable GitHub support
+ #
+ auth:
+ # Authentication for the GitHub App.
+ #
+ id: {{ matrix_hookshot_github_appid }}
+ privateKeyFile: /data/{{ matrix_hookshot_github_private_key_file }}
+ webhook:
+ # Webhook settings for the GitHub app.
+ #
+ secret: {{ matrix_hookshot_github_secret|to_json }}
+{% if matrix_hookshot_github_oauth_enabled %}
+ oauth:
+ # (Optional) Settings for allowing users to sign in via OAuth.
+ #
+ client_id: {{ matrix_hookshot_github_oauth_id }}
+ client_secret: {{ matrix_hookshot_github_oauth_secret|to_json }}
+ redirect_uri: {{ matrix_hookshot_github_oauth_uri }}
+{% endif %}
+ defaultOptions:
+ # (Optional) Default options for GitHub connections.
+ #
+ ignoreHooks: {{ matrix_hookshot_github_ignore_hooks }}
+ commandPrefix: "{{ matrix_hookshot_github_command_prefix }}"
+ showIssueRoomLink: {{ matrix_hookshot_github_show_issue_room_link }}
+ prDiff: {{ matrix_hookshot_github_pr_diff }}
+ includingLabels:{{ matrix_hookshot_github_including_labels }}
+ excludingLabels: {{ matrix_hookshot_github_excluding_labels }}
+{% endif %}
+{% if matrix_hookshot_gitlab_enabled %}
+gitlab:
+ # (Optional) Configure this to enable GitLab support
+ #
+ instances:
+ {{ matrix_hookshot_gitlab_instances }}
+ webhook:
+ secret: {{ matrix_hookshot_gitlab_secret|to_json }}
+{% endif %}
+{% if matrix_hookshot_jira_enabled %}
+jira:
+ # (Optional) Configure this to enable Jira support
+ #
+ webhook:
+ secret: {{ matrix_hookshot_jira_secret|to_json }}
+{% if matrix_hookshot_jira_oauth_enabled %}
+ oauth:
+ client_id: {{ matrix_hookshot_jira_oauth_id|to_json }}
+ client_secret: {{ matrix_hookshot_jira_oauth_secret|to_json }}
+ redirect_uri: {{ matrix_hookshot_jira_oauth_uri }}
+{% endif %}
+{% endif %}
+{% if matrix_hookshot_generic_enabled %}
+generic:
+ # (Optional) Support for generic webhook events. `allowJsTransformationFunctions` will allow users to write short transformation snippets in code, and thus is unsafe in untrusted environments
+ #
+ enabled: {{ matrix_hookshot_generic_enabled }}
+ urlPrefix: {{ matrix_hookshot_generic_urlprefix }}
+ allowJsTransformationFunctions: {{ matrix_hookshot_generic_allow_js_transformation_functions }}
+ userIdPrefix: {{ matrix_hookshot_generic_user_id_prefix|to_json }}
+{% endif %}
+{% if matrix_hookshot_figma_enabled %}
+figma:
+ # (Optional) Configure this to enable Figma support
+ #
+ publicUrl: {{ matrix_hookshot_figma_publicUrl }}
+ instances: {{ matrix_hookshot_figma_instances }}
+{% endif %}
+{% if matrix_hookshot_provisioning_enabled %}
+provisioning:
+ # (Optional) Provisioning API for integration managers
+ #
+ secret: {{ matrix_hookshot_provisioning_secret|to_json }}
+{% endif %}
+passFile:
+ # A passkey used to encrypt tokens stored inside the bridge.
+ # Run openssl genpkey -out passkey.pem -outform PEM -algorithm RSA -pkeyopt rsa_keygen_bits:4096 to generate
+ #
+ /data/passkey.pem
+bot:
+ # (Optional) Define profile information for the bot user
+ #
+ displayname: {{ matrix_hookshot_bot_displayname }}
+ avatar: {{ matrix_hookshot_bot_avatar }}
+metrics:
+ # (Optional) Prometheus metrics support
+ #
+ enabled: {{ matrix_hookshot_metrics_enabled }}
+logging:
+ # (Optional) Logging settings. You can have a severity debug,info,warn,error
+ #
+ level: info
+{% if matrix_hookshot_permissions %}
+permissions: {{ matrix_hookshot_permissions }}
+{% endif %}
+listeners:
+ # (Optional) HTTP Listener configuration.
+ # Bind resource endpoints to ports and addresses.
+ # 'resources' may be any of webhooks, widgets, metrics, provisioning, appservice
+ #
+{# always enabled since all services need it #}
+ - port: {{ matrix_hookshot_webhook_port }}
+ bindAddress: 0.0.0.0
+ resources:
+ - webhooks
+{% if matrix_hookshot_metrics_enabled %}
+ - port: {{ matrix_hookshot_metrics_port }}
+ bindAddress: 0.0.0.0
+ resources:
+ - metrics
+{% endif %}
+{% if matrix_hookshot_provisioning_enabled %}
+ - port: {{ matrix_hookshot_provisioning_port }}
+ bindAddress: 0.0.0.0
+ resources:
+ - provisioning
+{% endif %}
diff --git a/roles/matrix-bridge-hookshot/templates/registration.yml.j2 b/roles/matrix-bridge-hookshot/templates/registration.yml.j2
new file mode 100644
index 00000000..ced3bd77
--- /dev/null
+++ b/roles/matrix-bridge-hookshot/templates/registration.yml.j2
@@ -0,0 +1,16 @@
+#jinja2: lstrip_blocks: "True"
+id: matrix-hookshot # This can be anything, but must be unique within your homeserver
+as_token: {{ matrix_hookshot_appservice_token|to_json }} # This again can be a random string
+hs_token: {{ matrix_hookshot_homeserver_token|to_json }} # ..as can this
+namespaces:
+ rooms: []
+ users:
+ - regex: "@_github_.*:{{ matrix_domain }}"
+ exclusive: true
+ aliases:
+ - regex: "#github_.+:{{ matrix_domain }}"
+ exclusive: true
+
+sender_localpart: hookshot
+url: "http://{{ matrix_hookshot_container_url }}:{{ matrix_hookshot_appservice_port }}" # This should match the bridge.port in your config file
+rate_limited: false
diff --git a/roles/matrix-bridge-hookshot/templates/systemd/matrix-hookshot.service.j2 b/roles/matrix-bridge-hookshot/templates/systemd/matrix-hookshot.service.j2
new file mode 100644
index 00000000..16ff0592
--- /dev/null
+++ b/roles/matrix-bridge-hookshot/templates/systemd/matrix-hookshot.service.j2
@@ -0,0 +1,40 @@
+#jinja2: lstrip_blocks: "True"
+[Unit]
+Description=A bridge between Matrix and multiple project management services, such as GitHub, GitLab and JIRA.
+{% for service in matrix_hookshot_systemd_required_services_list %}
+Requires={{ service }}
+After={{ service }}
+{% endfor %}
+{% for service in matrix_hookshot_systemd_wanted_services_list %}
+Wants={{ service }}
+{% endfor %}
+DefaultDependencies=no
+
+[Service]
+Type=simple
+Environment="HOME={{ matrix_systemd_unit_home_path }}"
+ExecStartPre=-{{ matrix_host_command_docker }} kill {{ matrix_hookshot_container_url }}
+ExecStartPre=-{{ matrix_host_command_docker }} rm {{ matrix_hookshot_container_url }}
+
+ExecStart={{ matrix_host_command_docker }} run --rm --name {{ matrix_hookshot_container_url }} \
+ --log-driver=none \
+ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
+ --cap-drop=ALL \
+ --network={{ matrix_docker_network }} \
+ -v {{ matrix_hookshot_base_path }}:/data:z \
+ {% for port in matrix_hookshot_container_http_host_bind_ports %}
+ -p {{ port }} \
+ {% endfor %}
+ {% for arg in matrix_hookshot_container_extra_arguments %}
+ {{ arg }} \
+ {% endfor %}
+ {{ matrix_hookshot_docker_image }}
+
+ExecStop=-{{ matrix_host_command_docker }} kill {{ matrix_hookshot_container_url }}
+ExecStop=-{{ matrix_host_command_docker }} rm {{ matrix_hookshot_container_url }}
+Restart=always
+RestartSec=30
+SyslogIdentifier={{ matrix_hookshot_container_url }}
+
+[Install]
+WantedBy=multi-user.target
diff --git a/roles/matrix-bridge-mautrix-facebook/defaults/main.yml b/roles/matrix-bridge-mautrix-facebook/defaults/main.yml
index 5d83e9cc..f781ba91 100644
--- a/roles/matrix-bridge-mautrix-facebook/defaults/main.yml
+++ b/roles/matrix-bridge-mautrix-facebook/defaults/main.yml
@@ -1,3 +1,4 @@
+---
# mautrix-facebook is a Matrix <-> Facebook bridge
# See: https://github.com/mautrix/facebook
@@ -6,7 +7,7 @@ matrix_mautrix_facebook_enabled: true
matrix_mautrix_facebook_container_image_self_build: false
matrix_mautrix_facebook_container_image_self_build_repo: "https://mau.dev/mautrix/facebook.git"
-matrix_mautrix_facebook_version: v0.3.2
+matrix_mautrix_facebook_version: v0.3.3
matrix_mautrix_facebook_docker_image: "{{ matrix_mautrix_facebook_docker_image_name_prefix }}mautrix/facebook:{{ matrix_mautrix_facebook_version }}"
matrix_mautrix_facebook_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_facebook_container_image_self_build else 'dock.mau.dev/' }}"
matrix_mautrix_facebook_docker_image_force_pull: "{{ matrix_mautrix_facebook_docker_image.endswith(':latest') }}"
diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/init.yml b/roles/matrix-bridge-mautrix-facebook/tasks/init.yml
index cf67f227..d97a3230 100644
--- a/roles/matrix-bridge-mautrix-facebook/tasks/init.yml
+++ b/roles/matrix-bridge-mautrix-facebook/tasks/init.yml
@@ -1,3 +1,4 @@
+---
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
- name: Fail if trying to self-build on Ansible < 2.8
diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/main.yml b/roles/matrix-bridge-mautrix-facebook/tasks/main.yml
index 54fb6f9d..b6e65fe2 100644
--- a/roles/matrix-bridge-mautrix-facebook/tasks/main.yml
+++ b/roles/matrix-bridge-mautrix-facebook/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml
index d5230bca..3fa42970 100644
--- a/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml
+++ b/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml
@@ -50,10 +50,10 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_mautrix_facebook_base_path }}", when: true }
- - { path: "{{ matrix_mautrix_facebook_config_path }}", when: true }
- - { path: "{{ matrix_mautrix_facebook_data_path }}", when: true }
- - { path: "{{ matrix_mautrix_facebook_docker_src_files_path }}", when: "{{ matrix_mautrix_facebook_container_image_self_build }}" }
+ - {path: "{{ matrix_mautrix_facebook_base_path }}", when: true}
+ - {path: "{{ matrix_mautrix_facebook_config_path }}", when: true}
+ - {path: "{{ matrix_mautrix_facebook_data_path }}", when: true}
+ - {path: "{{ matrix_mautrix_facebook_docker_src_files_path }}", when: "{{ matrix_mautrix_facebook_container_image_self_build }}"}
when: item.when|bool
- name: Ensure Mautrix Facebook repository is present on self-build
@@ -74,7 +74,7 @@
build:
dockerfile: Dockerfile
path: "{{ matrix_mautrix_facebook_docker_src_files_path }}"
- pull: yes
+ pull: true
when: "matrix_mautrix_facebook_container_image_self_build|bool"
- name: Check if an old database file already exists
@@ -86,8 +86,8 @@
service:
name: matrix-mautrix-facebook
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
failed_when: false
when: "matrix_mautrix_facebook_stat_database.stat.exists"
@@ -120,7 +120,7 @@
- name: Ensure systemd reloaded after matrix-mautrix-facebook.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_mautrix_facebook_systemd_service_result.changed"
- name: Ensure matrix-mautrix-facebook.service restarted, if necessary
diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/setup_uninstall.yml b/roles/matrix-bridge-mautrix-facebook/tasks/setup_uninstall.yml
index abbce350..1c8fbd3b 100644
--- a/roles/matrix-bridge-mautrix-facebook/tasks/setup_uninstall.yml
+++ b/roles/matrix-bridge-mautrix-facebook/tasks/setup_uninstall.yml
@@ -9,8 +9,8 @@
service:
name: matrix-mautrix-facebook
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
when: "matrix_mautrix_facebook_service_stat.stat.exists"
- name: Ensure matrix-mautrix-facebook.service doesn't exist
@@ -21,5 +21,5 @@
- name: Ensure systemd reloaded after matrix-mautrix-facebook.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_mautrix_facebook_service_stat.stat.exists"
diff --git a/roles/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 b/roles/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2
index 07ee8fb7..f3af4b9f 100644
--- a/roles/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2
+++ b/roles/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2
@@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-facebo
{{ matrix_mautrix_facebook_docker_image }} \
python3 -m mautrix_facebook -c /config/config.yaml --no-update
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-facebook 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-facebook 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-facebook 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-facebook 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-mautrix-facebook
diff --git a/roles/matrix-bridge-mautrix-googlechat/defaults/main.yml b/roles/matrix-bridge-mautrix-googlechat/defaults/main.yml
index 02bef16a..1b89bea6 100644
--- a/roles/matrix-bridge-mautrix-googlechat/defaults/main.yml
+++ b/roles/matrix-bridge-mautrix-googlechat/defaults/main.yml
@@ -1,3 +1,4 @@
+---
# mautrix-googlechat is a Matrix <-> googlechat bridge
# See: https://github.com/mautrix/googlechat
diff --git a/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml b/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml
index 5c8d82bf..e64cb44c 100644
--- a/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml
+++ b/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml
@@ -1,3 +1,4 @@
+---
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
- name: Fail if trying to self-build on Ansible < 2.8
@@ -23,39 +24,39 @@
when: matrix_mautrix_googlechat_enabled|bool
- block:
- - name: Fail if matrix-nginx-proxy role already executed
- fail:
- msg: >-
- Trying to append Mautrix googlechat's reverse-proxying configuration to matrix-nginx-proxy,
- but it's pointless since the matrix-nginx-proxy role had already executed.
- To fix this, please change the order of roles in your playbook,
- so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-googlechat role.
- when: matrix_nginx_proxy_role_executed|default(False)|bool
+ - name: Fail if matrix-nginx-proxy role already executed
+ fail:
+ msg: >-
+ Trying to append Mautrix googlechat's reverse-proxying configuration to matrix-nginx-proxy,
+ but it's pointless since the matrix-nginx-proxy role had already executed.
+ To fix this, please change the order of roles in your playbook,
+ so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-googlechat role.
+ when: matrix_nginx_proxy_role_executed|default(False)|bool
- - name: Generate Mautrix googlechat proxying configuration for matrix-nginx-proxy
- set_fact:
- matrix_mautrix_googlechat_matrix_nginx_proxy_configuration: |
- location {{ matrix_mautrix_googlechat_public_endpoint }} {
- {% if matrix_nginx_proxy_enabled|default(False) %}
- {# Use the embedded DNS resolver in Docker containers to discover the service #}
- resolver 127.0.0.11 valid=5s;
- set $backend "matrix-mautrix-googlechat:8080";
- proxy_pass http://$backend;
- {% else %}
- {# Generic configuration for use outside of our container setup #}
- proxy_pass http://127.0.0.1:9007;
- {% endif %}
- }
- - name: Register Mautrix googlechat proxying configuration with matrix-nginx-proxy
- set_fact:
- matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
- {{
- matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
- +
- [matrix_mautrix_googlechat_matrix_nginx_proxy_configuration]
- }}
+ - name: Generate Mautrix googlechat proxying configuration for matrix-nginx-proxy
+ set_fact:
+ matrix_mautrix_googlechat_matrix_nginx_proxy_configuration: |
+ location {{ matrix_mautrix_googlechat_public_endpoint }} {
+ {% if matrix_nginx_proxy_enabled|default(False) %}
+ {# Use the embedded DNS resolver in Docker containers to discover the service #}
+ resolver 127.0.0.11 valid=5s;
+ set $backend "matrix-mautrix-googlechat:8080";
+ proxy_pass http://$backend;
+ {% else %}
+ {# Generic configuration for use outside of our container setup #}
+ proxy_pass http://127.0.0.1:9007;
+ {% endif %}
+ }
+ - name: Register Mautrix googlechat proxying configuration with matrix-nginx-proxy
+ set_fact:
+ matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
+ {{
+ matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
+ +
+ [matrix_mautrix_googlechat_matrix_nginx_proxy_configuration]
+ }}
tags:
- - always
+ - always
when: matrix_mautrix_googlechat_enabled|bool
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
diff --git a/roles/matrix-bridge-mautrix-googlechat/tasks/main.yml b/roles/matrix-bridge-mautrix-googlechat/tasks/main.yml
index defcd58a..16054e7b 100644
--- a/roles/matrix-bridge-mautrix-googlechat/tasks/main.yml
+++ b/roles/matrix-bridge-mautrix-googlechat/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml
index 293e8817..9faf344f 100644
--- a/roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml
+++ b/roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml
@@ -50,10 +50,10 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_mautrix_googlechat_base_path }}", when: true }
- - { path: "{{ matrix_mautrix_googlechat_config_path }}", when: true }
- - { path: "{{ matrix_mautrix_googlechat_data_path }}", when: true }
- - { path: "{{ matrix_mautrix_googlechat_docker_src_files_path }}", when: "{{ matrix_mautrix_googlechat_container_image_self_build }}" }
+ - {path: "{{ matrix_mautrix_googlechat_base_path }}", when: true}
+ - {path: "{{ matrix_mautrix_googlechat_config_path }}", when: true}
+ - {path: "{{ matrix_mautrix_googlechat_data_path }}", when: true}
+ - {path: "{{ matrix_mautrix_googlechat_docker_src_files_path }}", when: "{{ matrix_mautrix_googlechat_container_image_self_build }}"}
when: "item.when|bool"
- name: Ensure Mautrix Hangots repository is present on self build
@@ -73,7 +73,7 @@
build:
dockerfile: Dockerfile
path: "{{ matrix_mautrix_googlechat_docker_src_files_path }}"
- pull: yes
+ pull: true
when: "matrix_mautrix_googlechat_container_image_self_build|bool"
- name: Check if an old database file already exists
@@ -85,8 +85,8 @@
service:
name: matrix-mautrix-googlechat
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
failed_when: false
when: "matrix_mautrix_googlechat_stat_database.stat.exists"
@@ -119,7 +119,7 @@
- name: Ensure systemd reloaded after matrix-mautrix-googlechat.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_mautrix_googlechat_systemd_service_result.changed"
- name: Ensure matrix-mautrix-googlechat.service restarted, if necessary
diff --git a/roles/matrix-bridge-mautrix-googlechat/tasks/setup_uninstall.yml b/roles/matrix-bridge-mautrix-googlechat/tasks/setup_uninstall.yml
index bdcaa6e7..a315c0c8 100644
--- a/roles/matrix-bridge-mautrix-googlechat/tasks/setup_uninstall.yml
+++ b/roles/matrix-bridge-mautrix-googlechat/tasks/setup_uninstall.yml
@@ -9,8 +9,8 @@
service:
name: matrix-mautrix-googlechat
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
when: "matrix_mautrix_googlechat_service_stat.stat.exists"
- name: Ensure matrix-mautrix-googlechat.service doesn't exist
@@ -21,5 +21,5 @@
- name: Ensure systemd reloaded after matrix-mautrix-googlechat.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_mautrix_googlechat_service_stat.stat.exists"
diff --git a/roles/matrix-bridge-mautrix-googlechat/tasks/validate_config.yml b/roles/matrix-bridge-mautrix-googlechat/tasks/validate_config.yml
index 7aa42870..083e8d34 100644
--- a/roles/matrix-bridge-mautrix-googlechat/tasks/validate_config.yml
+++ b/roles/matrix-bridge-mautrix-googlechat/tasks/validate_config.yml
@@ -11,4 +11,4 @@
- "matrix_mautrix_googlechat_homeserver_token"
- debug:
msg:
- - '`matrix_mautrix_googlechat_homeserver_domain` == {{ matrix_mautrix_googlechat_homeserver_domain }}'
+ - '`matrix_mautrix_googlechat_homeserver_domain` == {{ matrix_mautrix_googlechat_homeserver_domain }}'
diff --git a/roles/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2 b/roles/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2
index 5a6ab799..c56473be 100644
--- a/roles/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2
+++ b/roles/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2
@@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-google
{{ matrix_mautrix_googlechat_docker_image }} \
python3 -m mautrix_googlechat -c /config/config.yaml --no-update
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-googlechat 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-googlechat 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-googlechat 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-googlechat 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-mautrix-googlechat
diff --git a/roles/matrix-bridge-mautrix-hangouts/defaults/main.yml b/roles/matrix-bridge-mautrix-hangouts/defaults/main.yml
index 013e1d14..911c81c6 100644
--- a/roles/matrix-bridge-mautrix-hangouts/defaults/main.yml
+++ b/roles/matrix-bridge-mautrix-hangouts/defaults/main.yml
@@ -1,3 +1,4 @@
+---
# mautrix-hangouts is a Matrix <-> Hangouts bridge
# See: https://github.com/mautrix/hangouts
diff --git a/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml b/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml
index 59756ec9..65d4776e 100644
--- a/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml
+++ b/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml
@@ -1,3 +1,4 @@
+---
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
- name: Fail if trying to self-build on Ansible < 2.8
@@ -23,39 +24,39 @@
when: matrix_mautrix_hangouts_enabled|bool
- block:
- - name: Fail if matrix-nginx-proxy role already executed
- fail:
- msg: >-
- Trying to append Mautrix Hangouts's reverse-proxying configuration to matrix-nginx-proxy,
- but it's pointless since the matrix-nginx-proxy role had already executed.
- To fix this, please change the order of roles in your playbook,
- so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-hangouts role.
- when: matrix_nginx_proxy_role_executed|default(False)|bool
+ - name: Fail if matrix-nginx-proxy role already executed
+ fail:
+ msg: >-
+ Trying to append Mautrix Hangouts's reverse-proxying configuration to matrix-nginx-proxy,
+ but it's pointless since the matrix-nginx-proxy role had already executed.
+ To fix this, please change the order of roles in your playbook,
+ so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-hangouts role.
+ when: matrix_nginx_proxy_role_executed|default(False)|bool
- - name: Generate Mautrix Hangouts proxying configuration for matrix-nginx-proxy
- set_fact:
- matrix_mautrix_hangouts_matrix_nginx_proxy_configuration: |
- location {{ matrix_mautrix_hangouts_public_endpoint }} {
- {% if matrix_nginx_proxy_enabled|default(False) %}
- {# Use the embedded DNS resolver in Docker containers to discover the service #}
- resolver 127.0.0.11 valid=5s;
- set $backend "matrix-mautrix-hangouts:8080";
- proxy_pass http://$backend;
- {% else %}
- {# Generic configuration for use outside of our container setup #}
- proxy_pass http://127.0.0.1:9007;
- {% endif %}
- }
- - name: Register Mautrix Hangouts proxying configuration with matrix-nginx-proxy
- set_fact:
- matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
- {{
- matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
- +
- [matrix_mautrix_hangouts_matrix_nginx_proxy_configuration]
- }}
+ - name: Generate Mautrix Hangouts proxying configuration for matrix-nginx-proxy
+ set_fact:
+ matrix_mautrix_hangouts_matrix_nginx_proxy_configuration: |
+ location {{ matrix_mautrix_hangouts_public_endpoint }} {
+ {% if matrix_nginx_proxy_enabled|default(False) %}
+ {# Use the embedded DNS resolver in Docker containers to discover the service #}
+ resolver 127.0.0.11 valid=5s;
+ set $backend "matrix-mautrix-hangouts:8080";
+ proxy_pass http://$backend;
+ {% else %}
+ {# Generic configuration for use outside of our container setup #}
+ proxy_pass http://127.0.0.1:9007;
+ {% endif %}
+ }
+ - name: Register Mautrix Hangouts proxying configuration with matrix-nginx-proxy
+ set_fact:
+ matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
+ {{
+ matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
+ +
+ [matrix_mautrix_hangouts_matrix_nginx_proxy_configuration]
+ }}
tags:
- - always
+ - always
when: matrix_mautrix_hangouts_enabled|bool
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
diff --git a/roles/matrix-bridge-mautrix-hangouts/tasks/main.yml b/roles/matrix-bridge-mautrix-hangouts/tasks/main.yml
index 0df0d0e3..b43ff478 100644
--- a/roles/matrix-bridge-mautrix-hangouts/tasks/main.yml
+++ b/roles/matrix-bridge-mautrix-hangouts/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml
index fb5236fd..368ee5f8 100644
--- a/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml
+++ b/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml
@@ -50,10 +50,10 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_mautrix_hangouts_base_path }}", when: true }
- - { path: "{{ matrix_mautrix_hangouts_config_path }}", when: true }
- - { path: "{{ matrix_mautrix_hangouts_data_path }}", when: true }
- - { path: "{{ matrix_mautrix_hangouts_docker_src_files_path }}", when: "{{ matrix_mautrix_hangouts_container_image_self_build }}" }
+ - {path: "{{ matrix_mautrix_hangouts_base_path }}", when: true}
+ - {path: "{{ matrix_mautrix_hangouts_config_path }}", when: true}
+ - {path: "{{ matrix_mautrix_hangouts_data_path }}", when: true}
+ - {path: "{{ matrix_mautrix_hangouts_docker_src_files_path }}", when: "{{ matrix_mautrix_hangouts_container_image_self_build }}"}
when: "item.when|bool"
- name: Ensure Mautrix Hangots repository is present on self build
@@ -73,7 +73,7 @@
build:
dockerfile: Dockerfile
path: "{{ matrix_mautrix_hangouts_docker_src_files_path }}"
- pull: yes
+ pull: true
when: "matrix_mautrix_hangouts_container_image_self_build|bool"
- name: Check if an old database file already exists
@@ -85,8 +85,8 @@
service:
name: matrix-mautrix-hangouts
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
failed_when: false
when: "matrix_mautrix_hangouts_stat_database.stat.exists"
@@ -119,7 +119,7 @@
- name: Ensure systemd reloaded after matrix-mautrix-hangouts.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_mautrix_hangouts_systemd_service_result.changed"
- name: Ensure matrix-mautrix-hangouts.service restarted, if necessary
diff --git a/roles/matrix-bridge-mautrix-hangouts/tasks/setup_uninstall.yml b/roles/matrix-bridge-mautrix-hangouts/tasks/setup_uninstall.yml
index 34348cfd..8ce859c8 100644
--- a/roles/matrix-bridge-mautrix-hangouts/tasks/setup_uninstall.yml
+++ b/roles/matrix-bridge-mautrix-hangouts/tasks/setup_uninstall.yml
@@ -9,8 +9,8 @@
service:
name: matrix-mautrix-hangouts
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
when: "matrix_mautrix_hangouts_service_stat.stat.exists"
- name: Ensure matrix-mautrix-hangouts.service doesn't exist
@@ -21,5 +21,5 @@
- name: Ensure systemd reloaded after matrix-mautrix-hangouts.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_mautrix_hangouts_service_stat.stat.exists"
diff --git a/roles/matrix-bridge-mautrix-hangouts/tasks/validate_config.yml b/roles/matrix-bridge-mautrix-hangouts/tasks/validate_config.yml
index 8922bef4..0242ef16 100644
--- a/roles/matrix-bridge-mautrix-hangouts/tasks/validate_config.yml
+++ b/roles/matrix-bridge-mautrix-hangouts/tasks/validate_config.yml
@@ -11,4 +11,4 @@
- "matrix_mautrix_hangouts_homeserver_token"
- debug:
msg:
- - '`matrix_mautrix_hangouts_homeserver_domain` == {{ matrix_mautrix_hangouts_homeserver_domain }}'
+ - '`matrix_mautrix_hangouts_homeserver_domain` == {{ matrix_mautrix_hangouts_homeserver_domain }}'
diff --git a/roles/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 b/roles/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2
index 66f34d94..60f0e055 100644
--- a/roles/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2
+++ b/roles/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2
@@ -44,8 +44,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-hangou
{{ matrix_mautrix_hangouts_docker_image }} \
python3 -m mautrix_hangouts -c /config/config.yaml --no-update
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-hangouts 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-hangouts 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-hangouts 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-hangouts 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-mautrix-hangouts
diff --git a/roles/matrix-bridge-mautrix-instagram/defaults/main.yml b/roles/matrix-bridge-mautrix-instagram/defaults/main.yml
index e1a1bdda..9fc42cea 100644
--- a/roles/matrix-bridge-mautrix-instagram/defaults/main.yml
+++ b/roles/matrix-bridge-mautrix-instagram/defaults/main.yml
@@ -1,3 +1,4 @@
+---
# mautrix-instagram is a Matrix <-> Instagram bridge
# See: https://github.com/mautrix/instagram
@@ -6,7 +7,7 @@ matrix_mautrix_instagram_enabled: true
matrix_mautrix_instagram_container_image_self_build: false
matrix_mautrix_instagram_container_image_self_build_repo: "https://github.com/mautrix/instagram.git"
-matrix_mautrix_instagram_version: latest
+matrix_mautrix_instagram_version: v0.1.2
# See: https://mau.dev/tulir/mautrix-instagram/container_registry
matrix_mautrix_instagram_docker_image: "{{ matrix_mautrix_instagram_docker_image_name_prefix }}mautrix/instagram:{{ matrix_mautrix_instagram_version }}"
matrix_mautrix_instagram_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_instagram_container_image_self_build else 'dock.mau.dev/' }}"
diff --git a/roles/matrix-bridge-mautrix-instagram/tasks/init.yml b/roles/matrix-bridge-mautrix-instagram/tasks/init.yml
index c44855d8..d33acd09 100644
--- a/roles/matrix-bridge-mautrix-instagram/tasks/init.yml
+++ b/roles/matrix-bridge-mautrix-instagram/tasks/init.yml
@@ -1,3 +1,4 @@
+---
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
- name: Fail if trying to self-build on Ansible < 2.8
diff --git a/roles/matrix-bridge-mautrix-instagram/tasks/main.yml b/roles/matrix-bridge-mautrix-instagram/tasks/main.yml
index 7326e22d..b6ffcd06 100644
--- a/roles/matrix-bridge-mautrix-instagram/tasks/main.yml
+++ b/roles/matrix-bridge-mautrix-instagram/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-bridge-mautrix-instagram/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-instagram/tasks/setup_install.yml
index 38a7f62e..dc95af3a 100644
--- a/roles/matrix-bridge-mautrix-instagram/tasks/setup_install.yml
+++ b/roles/matrix-bridge-mautrix-instagram/tasks/setup_install.yml
@@ -23,13 +23,10 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_mautrix_instagram_base_path }}", when: true }
- - { path: "{{ matrix_mautrix_instagram_config_path }}", when: true }
- - { path: "{{ matrix_mautrix_instagram_data_path }}", when: true }
- - {
- path: "{{ matrix_mautrix_instagram_docker_src_files_path }}",
- when: "{{ matrix_mautrix_instagram_container_image_self_build }}",
- }
+ - {path: "{{ matrix_mautrix_instagram_base_path }}", when: true}
+ - {path: "{{ matrix_mautrix_instagram_config_path }}", when: true}
+ - {path: "{{ matrix_mautrix_instagram_data_path }}", when: true}
+ - {path: "{{ matrix_mautrix_instagram_docker_src_files_path }}", when: "{{ matrix_mautrix_instagram_container_image_self_build }}"}
when: item.when|bool
- name: Ensure Mautrix instagram repository is present on self-build
@@ -49,7 +46,7 @@
build:
dockerfile: Dockerfile
path: "{{ matrix_mautrix_instagram_docker_src_files_path }}"
- pull: yes
+ pull: true
when: "matrix_mautrix_instagram_container_image_self_build|bool"
- name: Ensure mautrix-instagram config.yaml installed
@@ -77,5 +74,5 @@
- name: Ensure systemd reloaded after matrix-mautrix-instagram.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_mautrix_instagram_systemd_service_result.changed"
diff --git a/roles/matrix-bridge-mautrix-instagram/tasks/setup_uninstall.yml b/roles/matrix-bridge-mautrix-instagram/tasks/setup_uninstall.yml
index 02e20b61..2cc0e0e9 100644
--- a/roles/matrix-bridge-mautrix-instagram/tasks/setup_uninstall.yml
+++ b/roles/matrix-bridge-mautrix-instagram/tasks/setup_uninstall.yml
@@ -8,8 +8,8 @@
service:
name: matrix-mautrix-instagram
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
when: "matrix_mautrix_instagram_service_stat.stat.exists"
- name: Ensure matrix-mautrix-instagram.service doesn't exist
@@ -20,5 +20,5 @@
- name: Ensure systemd reloaded after matrix-mautrix-instagram.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_mautrix_instagram_service_stat.stat.exists"
diff --git a/roles/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 b/roles/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2
index 0157accc..33a5bab3 100644
--- a/roles/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2
+++ b/roles/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2
@@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-instag
{{ matrix_mautrix_instagram_docker_image }} \
python3 -m mautrix_instagram -c /config/config.yaml --no-update
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-instagram 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-instagram 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-instagram 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-instagram 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-mautrix-instagram
diff --git a/roles/matrix-bridge-mautrix-signal/defaults/main.yml b/roles/matrix-bridge-mautrix-signal/defaults/main.yml
index 9eebedd7..0f91d6cc 100644
--- a/roles/matrix-bridge-mautrix-signal/defaults/main.yml
+++ b/roles/matrix-bridge-mautrix-signal/defaults/main.yml
@@ -1,3 +1,4 @@
+---
# mautrix-signal is a Matrix <-> Signal bridge
# See: https://github.com/mautrix/signal
@@ -7,8 +8,8 @@ matrix_mautrix_signal_container_image_self_build: false
matrix_mautrix_signal_docker_repo: "https://mau.dev/mautrix/signal.git"
matrix_mautrix_signal_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-signal/docker-src"
-matrix_mautrix_signal_version: latest
-matrix_mautrix_signal_daemon_version: latest
+matrix_mautrix_signal_version: v0.2.3
+matrix_mautrix_signal_daemon_version: 0.17.0
# See: https://mau.dev/mautrix/signal/container_registry
matrix_mautrix_signal_docker_image: "dock.mau.dev/mautrix/signal:{{ matrix_mautrix_signal_version }}"
matrix_mautrix_signal_docker_image_force_pull: "{{ matrix_mautrix_signal_docker_image.endswith(':latest') }}"
diff --git a/roles/matrix-bridge-mautrix-signal/tasks/init.yml b/roles/matrix-bridge-mautrix-signal/tasks/init.yml
index 6133e865..21d52066 100644
--- a/roles/matrix-bridge-mautrix-signal/tasks/init.yml
+++ b/roles/matrix-bridge-mautrix-signal/tasks/init.yml
@@ -1,3 +1,5 @@
+---
+
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-signal.service', 'matrix-mautrix-signal-daemon.service'] }}"
when: matrix_mautrix_signal_enabled|bool
diff --git a/roles/matrix-bridge-mautrix-signal/tasks/main.yml b/roles/matrix-bridge-mautrix-signal/tasks/main.yml
index edca20e6..643b94c9 100644
--- a/roles/matrix-bridge-mautrix-signal/tasks/main.yml
+++ b/roles/matrix-bridge-mautrix-signal/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-bridge-mautrix-signal/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-signal/tasks/setup_install.yml
index 1a9b2915..6fd0f813 100644
--- a/roles/matrix-bridge-mautrix-signal/tasks/setup_install.yml
+++ b/roles/matrix-bridge-mautrix-signal/tasks/setup_install.yml
@@ -34,7 +34,7 @@
build:
dockerfile: Dockerfile
path: "{{ matrix_mautrix_signal_docker_src_files_path }}"
- pull: yes
+ pull: true
when: "matrix_mautrix_signal_container_image_self_build|bool"
@@ -64,7 +64,7 @@
build:
dockerfile: Dockerfile
path: "{{ matrix_mautrix_signal_daemon_docker_src_files_path }}"
- pull: yes
+ pull: true
when: "matrix_mautrix_signal_daemon_container_image_self_build|bool"
- name: Ensure Mautrix Signal paths exist
@@ -114,5 +114,5 @@
- name: Ensure systemd reloaded after matrix-mautrix-signal.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_mautrix_signal_systemd_service_result.changed or matrix_mautrix_signal_daemon_systemd_service_result.changed"
diff --git a/roles/matrix-bridge-mautrix-signal/tasks/setup_uninstall.yml b/roles/matrix-bridge-mautrix-signal/tasks/setup_uninstall.yml
index b36ef81d..8ca2be3f 100644
--- a/roles/matrix-bridge-mautrix-signal/tasks/setup_uninstall.yml
+++ b/roles/matrix-bridge-mautrix-signal/tasks/setup_uninstall.yml
@@ -10,8 +10,8 @@
service:
name: matrix-mautrix-signal-daemon
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
when: "matrix_mautrix_signal_daemon_service_stat.stat.exists"
- name: Ensure matrix-mautrix-signal-daemon.service doesn't exist
@@ -30,8 +30,8 @@
service:
name: matrix-mautrix-signal
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
when: "matrix_mautrix_signal_service_stat.stat.exists"
- name: Ensure matrix-mautrix-signal.service doesn't exist
@@ -43,5 +43,5 @@
# All services
- name: Ensure systemd reloaded after matrix-mautrix-signal_X.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_mautrix_signal_service_stat.stat.exists or matrix_mautrix_signal_daemon_service_stat.stat.exists"
diff --git a/roles/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 b/roles/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2
index 314bba6d..6f128da3 100644
--- a/roles/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2
+++ b/roles/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2
@@ -30,8 +30,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-signal
-v {{ matrix_mautrix_signal_daemon_path }}:/signald:z \
{{ matrix_mautrix_signal_daemon_docker_image }}
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-signal-daemon 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-signal-daemon 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-signal-daemon 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-signal-daemon 2>/dev/null'
Restart=always
RestartSec=30
diff --git a/roles/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 b/roles/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2
index 244e2a48..a65895ed 100644
--- a/roles/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2
+++ b/roles/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2
@@ -26,6 +26,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-signal
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
--cap-drop=ALL \
--read-only \
+ --tmpfs /tmp \
{% if matrix_mautrix_signal_container_http_host_bind_port %}
-p {{ matrix_mautrix_signal_container_http_host_bind_port }}:29328 \
{% endif %}
@@ -37,8 +38,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-signal
{{ matrix_mautrix_signal_docker_image }} \
python3 -m mautrix_signal -c /config/config.yaml --no-update
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-signal 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-signal 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-signal 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-signal 2>/dev/null'
Restart=always
RestartSec=30
diff --git a/roles/matrix-bridge-mautrix-telegram/defaults/main.yml b/roles/matrix-bridge-mautrix-telegram/defaults/main.yml
index 7e7ee0a6..d1397b21 100644
--- a/roles/matrix-bridge-mautrix-telegram/defaults/main.yml
+++ b/roles/matrix-bridge-mautrix-telegram/defaults/main.yml
@@ -1,3 +1,4 @@
+---
# mautrix-telegram is a Matrix <-> Telegram bridge
# See: https://github.com/mautrix/telegram
@@ -7,13 +8,13 @@ matrix_telegram_lottieconverter_container_image_self_build: false
matrix_telegram_lottieconverter_container_image_self_build_mask_arch: false
matrix_telegram_lottieconverter_docker_repo: "https://mau.dev/tulir/lottieconverter.git"
matrix_telegram_lottieconverter_docker_src_files_path: "{{ matrix_base_data_path }}/lotticonverter/docker-src"
-matrix_telegram_lottieconverter_docker_image: "dock.mau.dev/tulir/lottieconverter:alpine-3.14" # needs to be ajusted according to FROM clause of Dockerfile of mautrix-telegram
+matrix_telegram_lottieconverter_docker_image: "dock.mau.dev/tulir/lottieconverter:alpine-3.15" # needs to be ajusted according to FROM clause of Dockerfile of mautrix-telegram
matrix_mautrix_telegram_container_image_self_build: false
matrix_mautrix_telegram_docker_repo: "https://mau.dev/mautrix/telegram.git"
matrix_mautrix_telegram_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-telegram/docker-src"
-matrix_mautrix_telegram_version: v0.10.2
+matrix_mautrix_telegram_version: v0.11.2
# See: https://mau.dev/mautrix/telegram/container_registry
matrix_mautrix_telegram_docker_image: "dock.mau.dev/mautrix/telegram:{{ matrix_mautrix_telegram_version }}"
matrix_mautrix_telegram_docker_image_force_pull: "{{ matrix_mautrix_telegram_docker_image.endswith(':latest') }}"
diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/init.yml b/roles/matrix-bridge-mautrix-telegram/tasks/init.yml
index 662ea1c3..267658ef 100644
--- a/roles/matrix-bridge-mautrix-telegram/tasks/init.yml
+++ b/roles/matrix-bridge-mautrix-telegram/tasks/init.yml
@@ -1,3 +1,4 @@
+---
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
- name: Fail if trying to self-build on Ansible < 2.8
@@ -23,40 +24,40 @@
when: matrix_mautrix_telegram_enabled|bool
- block:
- - name: Fail if matrix-nginx-proxy role already executed
- fail:
- msg: >-
- Trying to append Mautrix Telegram's reverse-proxying configuration to matrix-nginx-proxy,
- but it's pointless since the matrix-nginx-proxy role had already executed.
- To fix this, please change the order of roles in your playbook,
- so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-telegram role.
- when: matrix_nginx_proxy_role_executed|default(False)|bool
+ - name: Fail if matrix-nginx-proxy role already executed
+ fail:
+ msg: >-
+ Trying to append Mautrix Telegram's reverse-proxying configuration to matrix-nginx-proxy,
+ but it's pointless since the matrix-nginx-proxy role had already executed.
+ To fix this, please change the order of roles in your playbook,
+ so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-telegram role.
+ when: matrix_nginx_proxy_role_executed|default(False)|bool
- - name: Generate Mautrix Telegram proxying configuration for matrix-nginx-proxy
- set_fact:
- matrix_mautrix_telegram_matrix_nginx_proxy_configuration: |
- location {{ matrix_mautrix_telegram_public_endpoint }} {
- {% if matrix_nginx_proxy_enabled|default(False) %}
- {# Use the embedded DNS resolver in Docker containers to discover the service #}
- resolver 127.0.0.11 valid=5s;
- set $backend "matrix-mautrix-telegram:8080";
- proxy_pass http://$backend;
- {% else %}
- {# Generic configuration for use outside of our container setup #}
- proxy_pass http://127.0.0.1:9006;
- {% endif %}
- }
+ - name: Generate Mautrix Telegram proxying configuration for matrix-nginx-proxy
+ set_fact:
+ matrix_mautrix_telegram_matrix_nginx_proxy_configuration: |
+ location {{ matrix_mautrix_telegram_public_endpoint }} {
+ {% if matrix_nginx_proxy_enabled|default(False) %}
+ {# Use the embedded DNS resolver in Docker containers to discover the service #}
+ resolver 127.0.0.11 valid=5s;
+ set $backend "matrix-mautrix-telegram:8080";
+ proxy_pass http://$backend;
+ {% else %}
+ {# Generic configuration for use outside of our container setup #}
+ proxy_pass http://127.0.0.1:9006;
+ {% endif %}
+ }
- - name: Register Mautrix Telegram proxying configuration with matrix-nginx-proxy
- set_fact:
- matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
- {{
- matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
- +
- [matrix_mautrix_telegram_matrix_nginx_proxy_configuration]
- }}
+ - name: Register Mautrix Telegram proxying configuration with matrix-nginx-proxy
+ set_fact:
+ matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
+ {{
+ matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
+ +
+ [matrix_mautrix_telegram_matrix_nginx_proxy_configuration]
+ }}
tags:
- - always
+ - always
when: matrix_mautrix_telegram_enabled|bool
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/main.yml b/roles/matrix-bridge-mautrix-telegram/tasks/main.yml
index 8a218ed8..018b30da 100644
--- a/roles/matrix-bridge-mautrix-telegram/tasks/main.yml
+++ b/roles/matrix-bridge-mautrix-telegram/tasks/main.yml
@@ -1,3 +1,4 @@
+---
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml
index 1e34e2cd..ceda10a5 100644
--- a/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml
+++ b/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml
@@ -42,10 +42,10 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_mautrix_telegram_base_path }}", when: true }
- - { path: "{{ matrix_mautrix_telegram_config_path }}", when: true }
- - { path: "{{ matrix_mautrix_telegram_data_path }}", when: true }
- - { path: "{{ matrix_mautrix_telegram_docker_src_files_path }}", when: "{{ matrix_mautrix_telegram_container_image_self_build }}" }
+ - {path: "{{ matrix_mautrix_telegram_base_path }}", when: true}
+ - {path: "{{ matrix_mautrix_telegram_config_path }}", when: true}
+ - {path: "{{ matrix_mautrix_telegram_data_path }}", when: true}
+ - {path: "{{ matrix_mautrix_telegram_docker_src_files_path }}", when: "{{ matrix_mautrix_telegram_container_image_self_build }}"}
when: item.when|bool
- name: Ensure Mautrix Telegram image is pulled
@@ -73,7 +73,7 @@
build:
dockerfile: Dockerfile
path: "{{ matrix_telegram_lottieconverter_docker_src_files_path }}"
- pull: yes
+ pull: true
when: "matrix_telegram_lottieconverter_container_image_self_build|bool and matrix_telegram_lottieconverter_git_pull_results.changed and matrix_mautrix_telegram_container_image_self_build|bool"
- name: Ensure matrix-mautrix-telegram repository is present when self-building
@@ -107,8 +107,8 @@
service:
name: matrix-mautrix-telegram
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
failed_when: false
when: "matrix_mautrix_telegram_stat_database.stat.exists"
@@ -141,7 +141,7 @@
- name: Ensure systemd reloaded after matrix-mautrix-telegram.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_mautrix_telegram_systemd_service_result.changed"
- name: Ensure matrix-mautrix-telegram.service restarted, if necessary
diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/setup_uninstall.yml b/roles/matrix-bridge-mautrix-telegram/tasks/setup_uninstall.yml
index bc84edbb..a713898b 100644
--- a/roles/matrix-bridge-mautrix-telegram/tasks/setup_uninstall.yml
+++ b/roles/matrix-bridge-mautrix-telegram/tasks/setup_uninstall.yml
@@ -9,8 +9,8 @@
service:
name: matrix-mautrix-telegram
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
when: "matrix_mautrix_telegram_service_stat.stat.exists"
- name: Ensure matrix-mautrix-telegram.service doesn't exist
@@ -21,5 +21,5 @@
- name: Ensure systemd reloaded after matrix-mautrix-telegram.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_mautrix_telegram_service_stat.stat.exists"
diff --git a/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2
index 9492d79e..94694351 100644
--- a/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2
+++ b/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2
@@ -225,17 +225,6 @@ bridge:
# notices from users listed here will be bridged.
exceptions: []
- # Some config options related to Telegram message deduplication.
- # The default values are usually fine, but some debug messages/warnings might recommend you
- # change these.
- deduplication:
- # Whether or not to check the database if the message about to be sent is a duplicate.
- pre_db_check: false
- # The number of latest events to keep when checking for duplicates.
- # You might need to increase this on high-traffic bridge instances.
- cache_queue_length: 20
-
-
# The formats to use when sending messages to Telegram via the relay bot.
#
# Telegram doesn't have built-in emotes, so the m.emote format is also used for non-relaybot users.
diff --git a/roles/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 b/roles/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2
index 69ab167a..d24e960e 100644
--- a/roles/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2
+++ b/roles/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2
@@ -15,15 +15,6 @@ Type=simple
Environment="HOME={{ matrix_systemd_unit_home_path }}"
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-telegram 2>/dev/null'
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-telegram 2>/dev/null'
-ExecStartPre={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-telegram-db \
- --log-driver=none \
- --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
- --cap-drop=ALL \
- --network={{ matrix_docker_network }} \
- -v {{ matrix_mautrix_telegram_config_path }}:/config:z \
- -v {{ matrix_mautrix_telegram_data_path }}:/data:z \
- {{ matrix_mautrix_telegram_docker_image }} \
- alembic -x config=/config/config.yaml upgrade head
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
ExecStartPre={{ matrix_host_command_sleep }} 5
@@ -44,8 +35,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-telegr
{{ matrix_mautrix_telegram_docker_image }} \
python3 -m mautrix_telegram -c /config/config.yaml --no-update
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-telegram 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-telegram 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-telegram 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-telegram 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-mautrix-telegram
diff --git a/roles/matrix-bridge-mautrix-twitter/defaults/main.yml b/roles/matrix-bridge-mautrix-twitter/defaults/main.yml
index 826bc4b6..f8fd29c8 100644
--- a/roles/matrix-bridge-mautrix-twitter/defaults/main.yml
+++ b/roles/matrix-bridge-mautrix-twitter/defaults/main.yml
@@ -1,3 +1,4 @@
+---
# mautrix-twitter is a Matrix <-> Twitter bridge
# See: https://github.com/mautrix/twitter
@@ -6,7 +7,7 @@ matrix_mautrix_twitter_enabled: true
matrix_mautrix_twitter_container_image_self_build: false
matrix_mautrix_twitter_container_image_self_build_repo: "https://github.com/mautrix/twitter.git"
-matrix_mautrix_twitter_version: latest
+matrix_mautrix_twitter_version: v0.1.3
# See: https://mau.dev/tulir/mautrix-twitter/container_registry
matrix_mautrix_twitter_docker_image: "{{ matrix_mautrix_twitter_docker_image_name_prefix }}mautrix/twitter:{{ matrix_mautrix_twitter_version }}"
matrix_mautrix_twitter_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_twitter_container_image_self_build else 'dock.mau.dev/' }}"
diff --git a/roles/matrix-bridge-mautrix-twitter/tasks/init.yml b/roles/matrix-bridge-mautrix-twitter/tasks/init.yml
index 4f8df9e0..5b526bbd 100644
--- a/roles/matrix-bridge-mautrix-twitter/tasks/init.yml
+++ b/roles/matrix-bridge-mautrix-twitter/tasks/init.yml
@@ -1,3 +1,5 @@
+---
+
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-twitter.service'] }}"
when: matrix_mautrix_twitter_enabled|bool
diff --git a/roles/matrix-bridge-mautrix-twitter/tasks/main.yml b/roles/matrix-bridge-mautrix-twitter/tasks/main.yml
index 60eea099..6c0abe4f 100644
--- a/roles/matrix-bridge-mautrix-twitter/tasks/main.yml
+++ b/roles/matrix-bridge-mautrix-twitter/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-bridge-mautrix-twitter/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-twitter/tasks/setup_install.yml
index c27eeccd..86134d2b 100644
--- a/roles/matrix-bridge-mautrix-twitter/tasks/setup_install.yml
+++ b/roles/matrix-bridge-mautrix-twitter/tasks/setup_install.yml
@@ -27,17 +27,17 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_mautrix_twitter_base_path }}", when: true }
- - { path: "{{ matrix_mautrix_twitter_config_path }}", when: true }
- - { path: "{{ matrix_mautrix_twitter_data_path }}", when: true }
- - { path: "{{ matrix_mautrix_twitter_docker_src_files_path }}", when: "{{ matrix_mautrix_twitter_container_image_self_build }}" }
+ - {path: "{{ matrix_mautrix_twitter_base_path }}", when: true}
+ - {path: "{{ matrix_mautrix_twitter_config_path }}", when: true}
+ - {path: "{{ matrix_mautrix_twitter_data_path }}", when: true}
+ - {path: "{{ matrix_mautrix_twitter_docker_src_files_path }}", when: "{{ matrix_mautrix_twitter_container_image_self_build }}"}
when: item.when|bool
- name: Ensure Mautrix Twitter repository is present on self-build
git:
repo: "{{ matrix_mautrix_twitter_container_image_self_build_repo }}"
dest: "{{ matrix_mautrix_twitter_docker_src_files_path }}"
-# version: "{{ matrix_coturn_docker_image.split(':')[1] }}"
+ # version: "{{ matrix_coturn_docker_image.split(':')[1] }}"
force: "yes"
register: matrix_mautrix_twitter_git_pull_results
when: "matrix_mautrix_twitter_enabled|bool and matrix_mautrix_twitter_container_image_self_build"
@@ -50,7 +50,7 @@
build:
dockerfile: Dockerfile
path: "{{ matrix_mautrix_twitter_docker_src_files_path }}"
- pull: yes
+ pull: true
when: "matrix_mautrix_twitter_enabled|bool and matrix_mautrix_twitter_container_image_self_build|bool"
- name: Ensure mautrix-twitter config.yaml installed
@@ -78,7 +78,7 @@
- name: Ensure systemd reloaded after matrix-mautrix-twitter.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_mautrix_twitter_systemd_service_result.changed"
- name: Ensure matrix-mautrix-twitter.service restarted, if necessary
diff --git a/roles/matrix-bridge-mautrix-twitter/tasks/setup_uninstall.yml b/roles/matrix-bridge-mautrix-twitter/tasks/setup_uninstall.yml
index 28819726..024603e7 100644
--- a/roles/matrix-bridge-mautrix-twitter/tasks/setup_uninstall.yml
+++ b/roles/matrix-bridge-mautrix-twitter/tasks/setup_uninstall.yml
@@ -9,7 +9,7 @@
service:
name: matrix-mautrix-twitter
state: stopped
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_mautrix_twitter_service_stat.stat.exists"
- name: Ensure matrix-mautrix-twitter.service doesn't exist
@@ -20,5 +20,5 @@
- name: Ensure systemd reloaded after matrix-mautrix-twitter.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_mautrix_twitter_service_stat.stat.exists"
diff --git a/roles/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 b/roles/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2
index 55509b85..73bdbc86 100644
--- a/roles/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2
+++ b/roles/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2
@@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-twitte
{{ matrix_mautrix_twitter_docker_image }} \
python3 -m mautrix_twitter -c /config/config.yaml --no-update
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-twitter 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-twitter 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-twitter 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-twitter 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-mautrix-twitter
diff --git a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml
index 81c451cf..54097ad8 100644
--- a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml
+++ b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml
@@ -1,3 +1,4 @@
+---
# mautrix-whatsapp is a Matrix <-> Whatsapp bridge
# See: https://github.com/mautrix/whatsapp
@@ -7,7 +8,7 @@ matrix_mautrix_whatsapp_container_image_self_build: false
matrix_mautrix_whatsapp_container_image_self_build_repo: "https://mau.dev/mautrix/whatsapp.git"
matrix_mautrix_whatsapp_container_image_self_build_branch: "{{ 'master' if matrix_mautrix_whatsapp_version == 'latest' else matrix_mautrix_whatsapp_version }}"
-matrix_mautrix_whatsapp_version: latest
+matrix_mautrix_whatsapp_version: v0.2.4
# See: https://mau.dev/mautrix/whatsapp/container_registry
matrix_mautrix_whatsapp_docker_image: "{{ matrix_mautrix_whatsapp_docker_image_name_prefix }}mautrix/whatsapp:{{ matrix_mautrix_whatsapp_version }}"
matrix_mautrix_whatsapp_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_whatsapp_container_image_self_build else 'dock.mau.dev/' }}"
@@ -77,7 +78,7 @@ matrix_mautrix_whatsapp_bridge_login_shared_secret_map:
# Servers to always allow double puppeting from
matrix_mautrix_whatsapp_bridge_double_puppet_server_map:
- "{{ matrix_mautrix_whatsapp_homeserver_domain : matrix_mautrix_whatsapp_homeserver_address }}"
+ "{{ matrix_mautrix_whatsapp_homeserver_domain : matrix_mautrix_whatsapp_homeserver_address }}"
# Default mautrix-whatsapp configuration template which covers the generic use case.
# You can customize it by controlling the various variables inside it.
diff --git a/roles/matrix-bridge-mautrix-whatsapp/tasks/init.yml b/roles/matrix-bridge-mautrix-whatsapp/tasks/init.yml
index f320bc74..57166386 100644
--- a/roles/matrix-bridge-mautrix-whatsapp/tasks/init.yml
+++ b/roles/matrix-bridge-mautrix-whatsapp/tasks/init.yml
@@ -1,3 +1,4 @@
+---
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-whatsapp.service'] }}"
when: matrix_mautrix_whatsapp_enabled|bool
diff --git a/roles/matrix-bridge-mautrix-whatsapp/tasks/main.yml b/roles/matrix-bridge-mautrix-whatsapp/tasks/main.yml
index 188eae4a..0a963eb2 100644
--- a/roles/matrix-bridge-mautrix-whatsapp/tasks/main.yml
+++ b/roles/matrix-bridge-mautrix-whatsapp/tasks/main.yml
@@ -1,3 +1,4 @@
+---
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml
index ddd49dd0..d33524f3 100644
--- a/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml
+++ b/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml
@@ -44,10 +44,10 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_mautrix_whatsapp_base_path }}", when: true }
- - { path: "{{ matrix_mautrix_whatsapp_config_path }}", when: true }
- - { path: "{{ matrix_mautrix_whatsapp_data_path }}", when: true }
- - { path: "{{ matrix_mautrix_whatsapp_docker_src_files_path }}", when: "{{ matrix_mautrix_whatsapp_container_image_self_build }}" }
+ - {path: "{{ matrix_mautrix_whatsapp_base_path }}", when: true}
+ - {path: "{{ matrix_mautrix_whatsapp_config_path }}", when: true}
+ - {path: "{{ matrix_mautrix_whatsapp_data_path }}", when: true}
+ - {path: "{{ matrix_mautrix_whatsapp_docker_src_files_path }}", when: "{{ matrix_mautrix_whatsapp_container_image_self_build }}"}
when: item.when|bool
- name: Ensure Mautrix Whatsapp image is pulled
@@ -76,7 +76,7 @@
build:
dockerfile: Dockerfile
path: "{{ matrix_mautrix_whatsapp_docker_src_files_path }}"
- pull: yes
+ pull: true
when: "matrix_mautrix_whatsapp_container_image_self_build|bool"
- name: Check if an old database file exists
@@ -93,8 +93,8 @@
service:
name: matrix-mautrix-whatsapp
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
failed_when: false
when: "matrix_mautrix_whatsapp_stat_database.stat.exists"
@@ -131,7 +131,7 @@
- name: Ensure systemd reloaded after matrix-mautrix-whatsapp.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_mautrix_whatsapp_systemd_service_result.changed"
- name: Ensure matrix-mautrix-whatsapp.service restarted, if necessary
diff --git a/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_uninstall.yml b/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_uninstall.yml
index 7dd4b402..3884f9e7 100644
--- a/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_uninstall.yml
+++ b/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_uninstall.yml
@@ -9,8 +9,8 @@
service:
name: matrix-mautrix-whatsapp
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
when: "matrix_mautrix_whatsapp_service_stat.stat.exists"
- name: Ensure matrix-mautrix-whatsapp.service doesn't exist
@@ -21,5 +21,5 @@
- name: Ensure systemd reloaded after matrix-mautrix-whatsapp.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_mautrix_whatsapp_service_stat.stat.exists"
diff --git a/roles/matrix-bridge-mautrix-whatsapp/tasks/validate_config.yml b/roles/matrix-bridge-mautrix-whatsapp/tasks/validate_config.yml
index 48314190..c983c4cc 100644
--- a/roles/matrix-bridge-mautrix-whatsapp/tasks/validate_config.yml
+++ b/roles/matrix-bridge-mautrix-whatsapp/tasks/validate_config.yml
@@ -8,4 +8,3 @@
with_items:
- "matrix_mautrix_whatsapp_appservice_token"
- "matrix_mautrix_whatsapp_homeserver_token"
-
diff --git a/roles/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 b/roles/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2
index 77daa825..4a492492 100644
--- a/roles/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2
+++ b/roles/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2
@@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-whatsa
{{ matrix_mautrix_whatsapp_docker_image }} \
/usr/bin/mautrix-whatsapp -c /config/config.yaml -r /config/registration.yaml
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-whatsapp 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-whatsapp 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-whatsapp 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-whatsapp 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-mautrix-whatsapp
diff --git a/roles/matrix-bridge-mx-puppet-discord/defaults/main.yml b/roles/matrix-bridge-mx-puppet-discord/defaults/main.yml
index cd9c1477..80734c25 100644
--- a/roles/matrix-bridge-mx-puppet-discord/defaults/main.yml
+++ b/roles/matrix-bridge-mx-puppet-discord/defaults/main.yml
@@ -1,3 +1,4 @@
+---
# Mx Puppet Discord is a Matrix <-> Discord bridge
# See: https://github.com/matrix-discord/mx-puppet-discord
@@ -27,7 +28,7 @@ matrix_mx_puppet_discord_homeserver_address: "{{ matrix_homeserver_container_url
matrix_mx_puppet_discord_homeserver_domain: '{{ matrix_domain }}'
matrix_mx_puppet_discord_appservice_address: 'http://matrix-mx-puppet-discord:{{ matrix_mx_puppet_discord_appservice_port }}'
-matrix_mx_puppet_discord_bridge_mediaUrl: "https:/{{ matrix_server_fqn_matrix }}"
+matrix_mx_puppet_discord_bridge_mediaUrl: "https://{{ matrix_server_fqn_matrix }}"
# "@user:server.com" to allow specific user
# "@.*:yourserver.com" to allow users on a specific homeserver
diff --git a/roles/matrix-bridge-mx-puppet-discord/tasks/init.yml b/roles/matrix-bridge-mx-puppet-discord/tasks/init.yml
index 6fa43037..69458093 100644
--- a/roles/matrix-bridge-mx-puppet-discord/tasks/init.yml
+++ b/roles/matrix-bridge-mx-puppet-discord/tasks/init.yml
@@ -1,3 +1,4 @@
+---
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
- name: Fail if trying to self-build on Ansible < 2.8
diff --git a/roles/matrix-bridge-mx-puppet-discord/tasks/main.yml b/roles/matrix-bridge-mx-puppet-discord/tasks/main.yml
index 3ca32335..e11a2db0 100644
--- a/roles/matrix-bridge-mx-puppet-discord/tasks/main.yml
+++ b/roles/matrix-bridge-mx-puppet-discord/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml
index f9985ed8..3ef57cb7 100644
--- a/roles/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml
+++ b/roles/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml
@@ -16,10 +16,10 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_mx_puppet_discord_base_path }}", when: true }
- - { path: "{{ matrix_mx_puppet_discord_config_path }}", when: true }
- - { path: "{{ matrix_mx_puppet_discord_data_path }}", when: true }
- - { path: "{{ matrix_mx_puppet_discord_docker_src_files_path }}", when: "{{ matrix_mx_puppet_discord_container_image_self_build }}" }
+ - {path: "{{ matrix_mx_puppet_discord_base_path }}", when: true}
+ - {path: "{{ matrix_mx_puppet_discord_config_path }}", when: true}
+ - {path: "{{ matrix_mx_puppet_discord_data_path }}", when: true}
+ - {path: "{{ matrix_mx_puppet_discord_docker_src_files_path }}", when: "{{ matrix_mx_puppet_discord_container_image_self_build }}"}
when: matrix_mx_puppet_discord_enabled|bool and item.when|bool
- name: Check if an old database file already exists
@@ -32,8 +32,8 @@
service:
name: matrix-mx-puppet-discord
state: stopped
- daemon_reload: yes
- failed_when: False
+ daemon_reload: true
+ failed_when: false
- name: (Data relocation) Move mx-puppet-discord database file to ./data directory
command: "mv {{ matrix_mx_puppet_discord_base_path }}/database.db {{ matrix_mx_puppet_discord_data_path }}/database.db"
@@ -90,7 +90,7 @@
build:
dockerfile: Dockerfile
path: "{{ matrix_mx_puppet_discord_docker_src_files_path }}"
- pull: yes
+ pull: true
when: "matrix_mx_puppet_discord_enabled|bool and matrix_mx_puppet_discord_container_image_self_build|bool"
- name: Ensure mx-puppet-discord config.yaml installed
@@ -118,7 +118,7 @@
- name: Ensure systemd reloaded after matrix-mx-puppet-discord.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_mx_puppet_discord_systemd_service_result.changed"
- name: Ensure matrix-mx-puppet-discord.service restarted, if necessary
diff --git a/roles/matrix-bridge-mx-puppet-discord/tasks/setup_uninstall.yml b/roles/matrix-bridge-mx-puppet-discord/tasks/setup_uninstall.yml
index a0298ad9..b3ab8e39 100644
--- a/roles/matrix-bridge-mx-puppet-discord/tasks/setup_uninstall.yml
+++ b/roles/matrix-bridge-mx-puppet-discord/tasks/setup_uninstall.yml
@@ -9,8 +9,8 @@
service:
name: matrix-mx-puppet-discord
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
when: "matrix_mx_puppet_discord_service_stat.stat.exists"
- name: Ensure matrix-mx-puppet-discord.service doesn't exist
@@ -21,5 +21,5 @@
- name: Ensure systemd reloaded after matrix-mx-puppet-discord.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_mx_puppet_discord_service_stat.stat.exists"
diff --git a/roles/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 b/roles/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2
index 58b01e20..6ffb87cd 100644
--- a/roles/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2
+++ b/roles/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2
@@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-disc
{% endfor %}
{{ matrix_mx_puppet_discord_docker_image }}
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-discord 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-discord 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-discord 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-discord 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-mx-puppet-discord
diff --git a/roles/matrix-bridge-mx-puppet-groupme/defaults/main.yml b/roles/matrix-bridge-mx-puppet-groupme/defaults/main.yml
index 8b382605..0daf6dfc 100644
--- a/roles/matrix-bridge-mx-puppet-groupme/defaults/main.yml
+++ b/roles/matrix-bridge-mx-puppet-groupme/defaults/main.yml
@@ -1,3 +1,4 @@
+---
# Mx Puppet GroupMe is a Matrix <-> GroupMe bridge
# See: https://gitlab.com/robintown/mx-puppet-groupme
diff --git a/roles/matrix-bridge-mx-puppet-groupme/tasks/init.yml b/roles/matrix-bridge-mx-puppet-groupme/tasks/init.yml
index b4469ea1..db28f324 100644
--- a/roles/matrix-bridge-mx-puppet-groupme/tasks/init.yml
+++ b/roles/matrix-bridge-mx-puppet-groupme/tasks/init.yml
@@ -1,3 +1,4 @@
+---
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
- name: Fail if trying to self-build on Ansible < 2.8
diff --git a/roles/matrix-bridge-mx-puppet-groupme/tasks/main.yml b/roles/matrix-bridge-mx-puppet-groupme/tasks/main.yml
index 994e7e45..070f920b 100644
--- a/roles/matrix-bridge-mx-puppet-groupme/tasks/main.yml
+++ b/roles/matrix-bridge-mx-puppet-groupme/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml
index 3ed4867c..84802c4f 100644
--- a/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml
+++ b/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml
@@ -16,10 +16,10 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_mx_puppet_groupme_base_path }}", when: true }
- - { path: "{{ matrix_mx_puppet_groupme_config_path }}", when: true }
- - { path: "{{ matrix_mx_puppet_groupme_data_path }}", when: true }
- - { path: "{{ matrix_mx_puppet_groupme_docker_src_files_path }}", when: "{{ matrix_mx_puppet_groupme_container_image_self_build }}" }
+ - {path: "{{ matrix_mx_puppet_groupme_base_path }}", when: true}
+ - {path: "{{ matrix_mx_puppet_groupme_config_path }}", when: true}
+ - {path: "{{ matrix_mx_puppet_groupme_data_path }}", when: true}
+ - {path: "{{ matrix_mx_puppet_groupme_docker_src_files_path }}", when: "{{ matrix_mx_puppet_groupme_container_image_self_build }}"}
when: matrix_mx_puppet_groupme_enabled|bool and item.when|bool
- name: Check if an old database file already exists
@@ -31,8 +31,8 @@
service:
name: matrix-mx-puppet-groupme
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
failed_when: false
when: "matrix_mx_puppet_groupme_stat_database.stat.exists"
@@ -91,7 +91,7 @@
build:
dockerfile: Dockerfile
path: "{{ matrix_mx_puppet_groupme_docker_src_files_path }}"
- pull: yes
+ pull: true
when: "matrix_mx_puppet_groupme_enabled|bool and matrix_mx_puppet_groupme_container_image_self_build"
- name: Ensure mx-puppet-groupme config.yaml installed
@@ -119,7 +119,7 @@
- name: Ensure systemd reloaded after matrix-mx-puppet-groupme.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_mx_puppet_groupme_systemd_service_result.changed"
- name: Ensure matrix-mx-puppet-groupme.service restarted, if necessary
diff --git a/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_uninstall.yml b/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_uninstall.yml
index f9ecce58..24daf7be 100644
--- a/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_uninstall.yml
+++ b/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_uninstall.yml
@@ -9,8 +9,8 @@
service:
name: matrix-mx-puppet-groupme
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
when: "matrix_mx_puppet_groupme_service_stat.stat.exists"
- name: Ensure matrix-mx-puppet-groupme.service doesn't exist
@@ -21,5 +21,5 @@
- name: Ensure systemd reloaded after matrix-mx-puppet-groupme.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_mx_puppet_groupme_service_stat.stat.exists"
diff --git a/roles/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 b/roles/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2
index 7e008aeb..dabafd18 100644
--- a/roles/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2
+++ b/roles/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2
@@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-grou
{% endfor %}
{{ matrix_mx_puppet_groupme_docker_image }}
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-groupme 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-groupme 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-groupme 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-groupme 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-mx-puppet-groupme
diff --git a/roles/matrix-bridge-mx-puppet-instagram/defaults/main.yml b/roles/matrix-bridge-mx-puppet-instagram/defaults/main.yml
index 27210360..3a73e0fe 100644
--- a/roles/matrix-bridge-mx-puppet-instagram/defaults/main.yml
+++ b/roles/matrix-bridge-mx-puppet-instagram/defaults/main.yml
@@ -1,3 +1,4 @@
+---
# mx-puppet-instagram bridges instagram DMs
# See: https://github.com/Sorunome/mx-puppet-instagram
diff --git a/roles/matrix-bridge-mx-puppet-instagram/tasks/init.yml b/roles/matrix-bridge-mx-puppet-instagram/tasks/init.yml
index a12885e7..d16e6be0 100644
--- a/roles/matrix-bridge-mx-puppet-instagram/tasks/init.yml
+++ b/roles/matrix-bridge-mx-puppet-instagram/tasks/init.yml
@@ -1,3 +1,4 @@
+---
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
- name: Fail if trying to self-build on Ansible < 2.8
@@ -21,4 +22,3 @@
+
{{ ["/matrix-mx-puppet-instagram-registration.yaml"] }}
when: matrix_mx_puppet_instagram_enabled|bool
-
diff --git a/roles/matrix-bridge-mx-puppet-instagram/tasks/main.yml b/roles/matrix-bridge-mx-puppet-instagram/tasks/main.yml
index d0fe90e4..6abb281f 100644
--- a/roles/matrix-bridge-mx-puppet-instagram/tasks/main.yml
+++ b/roles/matrix-bridge-mx-puppet-instagram/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml
index cdbaa18e..63f1878b 100644
--- a/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml
+++ b/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml
@@ -51,10 +51,10 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_mx_puppet_instagram_base_path }}", when: true }
- - { path: "{{ matrix_mx_puppet_instagram_config_path }}", when: true }
- - { path: "{{ matrix_mx_puppet_instagram_data_path }}", when: true }
- - { path: "{{ matrix_mx_puppet_instagram_docker_src_files_path }}", when: "{{ matrix_mx_puppet_instagram_container_image_self_build }}" }
+ - {path: "{{ matrix_mx_puppet_instagram_base_path }}", when: true}
+ - {path: "{{ matrix_mx_puppet_instagram_config_path }}", when: true}
+ - {path: "{{ matrix_mx_puppet_instagram_data_path }}", when: true}
+ - {path: "{{ matrix_mx_puppet_instagram_docker_src_files_path }}", when: "{{ matrix_mx_puppet_instagram_container_image_self_build }}"}
when: matrix_mx_puppet_instagram_enabled|bool and item.when|bool
- name: Ensure mx-puppet-instagram repository is present on self build
@@ -74,7 +74,7 @@
build:
dockerfile: Dockerfile
path: "{{ matrix_mx_puppet_instagram_docker_src_files_path }}"
- pull: yes
+ pull: true
when: "matrix_mx_puppet_instagram_enabled|bool and matrix_mx_puppet_instagram_container_image_self_build|bool"
- name: Ensure mx-puppet-instagram config.yaml installed
@@ -102,7 +102,7 @@
- name: Ensure systemd reloaded after matrix-mx-puppet-instagram.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_mx_puppet_instagram_systemd_service_result.changed"
- name: Ensure matrix-mx-puppet-instagram.service restarted, if necessary
diff --git a/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_uninstall.yml b/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_uninstall.yml
index 9ad4e13d..e4435a3e 100644
--- a/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_uninstall.yml
+++ b/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_uninstall.yml
@@ -9,8 +9,8 @@
service:
name: matrix-mx-puppet-instagram
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
when: "matrix_mx_puppet_instagram_service_stat.stat.exists"
- name: Ensure matrix-mx-puppet-instagram.service doesn't exist
@@ -21,5 +21,5 @@
- name: Ensure systemd reloaded after matrix-mx-puppet-instagram.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_mx_puppet_instagram_service_stat.stat.exists"
diff --git a/roles/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 b/roles/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2
index b2921a4f..965bb41c 100644
--- a/roles/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2
+++ b/roles/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2
@@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-inst
{% endfor %}
{{ matrix_mx_puppet_instagram_docker_image }}
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-instagram 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-instagram 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-instagram 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-instagram 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-mx-puppet-instagram
diff --git a/roles/matrix-bridge-mx-puppet-skype/defaults/main.yml b/roles/matrix-bridge-mx-puppet-skype/defaults/main.yml
index 8dcb2faf..905e5086 100644
--- a/roles/matrix-bridge-mx-puppet-skype/defaults/main.yml
+++ b/roles/matrix-bridge-mx-puppet-skype/defaults/main.yml
@@ -1,3 +1,4 @@
+---
# Mx Puppet Skype is a Matrix <-> Skype bridge
# See: https://github.com/Sorunome/mx-puppet-skype
diff --git a/roles/matrix-bridge-mx-puppet-skype/tasks/init.yml b/roles/matrix-bridge-mx-puppet-skype/tasks/init.yml
index 5618821b..d28f6ca1 100644
--- a/roles/matrix-bridge-mx-puppet-skype/tasks/init.yml
+++ b/roles/matrix-bridge-mx-puppet-skype/tasks/init.yml
@@ -1,3 +1,4 @@
+---
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
- name: Fail if trying to self-build on Ansible < 2.8
diff --git a/roles/matrix-bridge-mx-puppet-skype/tasks/main.yml b/roles/matrix-bridge-mx-puppet-skype/tasks/main.yml
index 01ddd7d8..0793e994 100644
--- a/roles/matrix-bridge-mx-puppet-skype/tasks/main.yml
+++ b/roles/matrix-bridge-mx-puppet-skype/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-bridge-mx-puppet-skype/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-skype/tasks/setup_install.yml
index a39e7acf..28573533 100644
--- a/roles/matrix-bridge-mx-puppet-skype/tasks/setup_install.yml
+++ b/roles/matrix-bridge-mx-puppet-skype/tasks/setup_install.yml
@@ -16,10 +16,10 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_mx_puppet_skype_base_path }}", when: true }
- - { path: "{{ matrix_mx_puppet_skype_config_path }}", when: true }
- - { path: "{{ matrix_mx_puppet_skype_data_path }}", when: true }
- - { path: "{{ matrix_mx_puppet_skype_docker_src_files_path }}", when: "{{ matrix_mx_puppet_skype_container_image_self_build }}" }
+ - {path: "{{ matrix_mx_puppet_skype_base_path }}", when: true}
+ - {path: "{{ matrix_mx_puppet_skype_config_path }}", when: true}
+ - {path: "{{ matrix_mx_puppet_skype_data_path }}", when: true}
+ - {path: "{{ matrix_mx_puppet_skype_docker_src_files_path }}", when: "{{ matrix_mx_puppet_skype_container_image_self_build }}"}
when: matrix_mx_puppet_skype_enabled|bool and item.when|bool
- name: Check if an old database file already exists
@@ -31,8 +31,8 @@
service:
name: matrix-mx-puppet-skype
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
failed_when: false
when: "matrix_mx_puppet_skype_stat_database.stat.exists"
@@ -91,7 +91,7 @@
build:
dockerfile: Dockerfile
path: "{{ matrix_mx_puppet_skype_docker_src_files_path }}"
- pull: yes
+ pull: true
when: "matrix_mx_puppet_skype_enabled|bool and matrix_mx_puppet_skype_container_image_self_build|bool"
- name: Ensure mx-puppet-skype config.yaml installed
@@ -119,7 +119,7 @@
- name: Ensure systemd reloaded after matrix-mx-puppet-skype.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_mx_puppet_skype_systemd_service_result.changed"
- name: Ensure matrix-mx-puppet-skype.service restarted, if necessary
diff --git a/roles/matrix-bridge-mx-puppet-skype/tasks/setup_uninstall.yml b/roles/matrix-bridge-mx-puppet-skype/tasks/setup_uninstall.yml
index a1af7e33..838c3be5 100644
--- a/roles/matrix-bridge-mx-puppet-skype/tasks/setup_uninstall.yml
+++ b/roles/matrix-bridge-mx-puppet-skype/tasks/setup_uninstall.yml
@@ -9,8 +9,8 @@
service:
name: matrix-mx-puppet-skype
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
when: "matrix_mx_puppet_skype_service_stat.stat.exists"
- name: Ensure matrix-mx-puppet-skype.service doesn't exist
@@ -21,5 +21,5 @@
- name: Ensure systemd reloaded after matrix-mx-puppet-skype.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_mx_puppet_skype_service_stat.stat.exists"
diff --git a/roles/matrix-bridge-mx-puppet-skype/templates/systemd/matrix-mx-puppet-skype.service.j2 b/roles/matrix-bridge-mx-puppet-skype/templates/systemd/matrix-mx-puppet-skype.service.j2
index 4c604bb7..9a7986e4 100644
--- a/roles/matrix-bridge-mx-puppet-skype/templates/systemd/matrix-mx-puppet-skype.service.j2
+++ b/roles/matrix-bridge-mx-puppet-skype/templates/systemd/matrix-mx-puppet-skype.service.j2
@@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-skyp
{% endfor %}
{{ matrix_mx_puppet_skype_docker_image }}
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-skype 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-skype 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-skype 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-skype 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-mx-puppet-skype
diff --git a/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml b/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml
index 30d42475..bf5c6dfa 100644
--- a/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml
+++ b/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml
@@ -1,8 +1,12 @@
+---
# Mx Puppet Slack is a Matrix <-> Slack bridge
# See: https://github.com/Sorunome/mx-puppet-slack
matrix_mx_puppet_slack_enabled: true
+matrix_mx_puppet_slack_oauth_client_id: ''
+matrix_mx_puppet_slack_oauth_client_secret: ''
+
matrix_mx_puppet_slack_container_image_self_build: false
matrix_mx_puppet_slack_container_image_self_build_repo: "https://github.com/Sorunome/mx-puppet-slack.git"
diff --git a/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml b/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml
index 74ec0350..897f3f8f 100644
--- a/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml
+++ b/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml
@@ -1,3 +1,4 @@
+---
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
- name: Fail if trying to self-build on Ansible < 2.8
@@ -23,40 +24,40 @@
when: matrix_mx_puppet_slack_enabled|bool
- block:
- - name: Fail if matrix-nginx-proxy role already executed
- fail:
- msg: >-
- Trying to append Slack Appservice's reverse-proxying configuration to matrix-nginx-proxy,
- but it's pointless since the matrix-nginx-proxy role had already executed.
- To fix this, please change the order of roles in your playbook,
- so that the matrix-nginx-proxy role would run after the matrix-mx-puppet-slack role.
- when: matrix_nginx_proxy_role_executed|default(False)|bool
+ - name: Fail if matrix-nginx-proxy role already executed
+ fail:
+ msg: >-
+ Trying to append Slack Appservice's reverse-proxying configuration to matrix-nginx-proxy,
+ but it's pointless since the matrix-nginx-proxy role had already executed.
+ To fix this, please change the order of roles in your playbook,
+ so that the matrix-nginx-proxy role would run after the matrix-mx-puppet-slack role.
+ when: matrix_nginx_proxy_role_executed|default(False)|bool
- - name: Generate Matrix MX Puppet Slack proxying configuration for matrix-nginx-proxy
- set_fact:
- matrix_mx_puppet_slack_matrix_nginx_proxy_configuration: |
- location {{ matrix_mx_puppet_slack_redirect_path }} {
- {% if matrix_nginx_proxy_enabled|default(False) %}
- {# Use the embedded DNS resolver in Docker containers to discover the service #}
- resolver 127.0.0.11 valid=5s;
- set $backend "{{ matrix_mx_puppet_slack_appservice_address }}";
- proxy_pass $backend;
- {% else %}
- {# Generic configuration for use outside of our container setup #}
- proxy_pass http://127.0.0.1:{{ matrix_mx_puppet_slack_appservice_port }};
- {% endif %}
- }
+ - name: Generate Matrix MX Puppet Slack proxying configuration for matrix-nginx-proxy
+ set_fact:
+ matrix_mx_puppet_slack_matrix_nginx_proxy_configuration: |
+ location {{ matrix_mx_puppet_slack_redirect_path }} {
+ {% if matrix_nginx_proxy_enabled|default(False) %}
+ {# Use the embedded DNS resolver in Docker containers to discover the service #}
+ resolver 127.0.0.11 valid=5s;
+ set $backend "{{ matrix_mx_puppet_slack_appservice_address }}";
+ proxy_pass $backend;
+ {% else %}
+ {# Generic configuration for use outside of our container setup #}
+ proxy_pass http://127.0.0.1:{{ matrix_mx_puppet_slack_appservice_port }};
+ {% endif %}
+ }
- - name: Register Slack Appservice proxying configuration with matrix-nginx-proxy
- set_fact:
- matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
- {{
- matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
- +
- [matrix_mx_puppet_slack_matrix_nginx_proxy_configuration]
- }}
+ - name: Register Slack Appservice proxying configuration with matrix-nginx-proxy
+ set_fact:
+ matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
+ {{
+ matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
+ +
+ [matrix_mx_puppet_slack_matrix_nginx_proxy_configuration]
+ }}
tags:
- - always
+ - always
when: matrix_mx_puppet_slack_enabled|bool
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
diff --git a/roles/matrix-bridge-mx-puppet-slack/tasks/main.yml b/roles/matrix-bridge-mx-puppet-slack/tasks/main.yml
index 6aa0fd0f..0e886d45 100644
--- a/roles/matrix-bridge-mx-puppet-slack/tasks/main.yml
+++ b/roles/matrix-bridge-mx-puppet-slack/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml
index 8ef8ac4e..eca29e9b 100644
--- a/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml
+++ b/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml
@@ -16,10 +16,10 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_mx_puppet_slack_base_path }}", when: true }
- - { path: "{{ matrix_mx_puppet_slack_config_path }}", when: true }
- - { path: "{{ matrix_mx_puppet_slack_data_path }}", when: true }
- - { path: "{{ matrix_mx_puppet_slack_docker_src_files_path }}", when: "{{ matrix_mx_puppet_slack_container_image_self_build }}" }
+ - {path: "{{ matrix_mx_puppet_slack_base_path }}", when: true}
+ - {path: "{{ matrix_mx_puppet_slack_config_path }}", when: true}
+ - {path: "{{ matrix_mx_puppet_slack_data_path }}", when: true}
+ - {path: "{{ matrix_mx_puppet_slack_docker_src_files_path }}", when: "{{ matrix_mx_puppet_slack_container_image_self_build }}"}
when: matrix_mx_puppet_slack_enabled|bool and item.when|bool
- name: Check if an old database file already exists
@@ -31,8 +31,8 @@
service:
name: matrix-mx-puppet-slack
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
failed_when: false
when: "matrix_mx_puppet_slack_stat_database.stat.exists"
@@ -87,7 +87,7 @@
build:
dockerfile: Dockerfile
path: "{{ matrix_mx_puppet_slack_docker_src_files_path }}"
- pull: yes
+ pull: true
when: "matrix_mx_puppet_slack_enabled|bool and matrix_mx_puppet_slack_container_image_self_build"
- name: (Data relocation) Move mx-puppet-slack database file to ./data directory
@@ -119,7 +119,7 @@
- name: Ensure systemd reloaded after matrix-mx-puppet-slack.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_mx_puppet_slack_systemd_service_result.changed"
- name: Ensure matrix-mx-puppet-slack.service restarted, if necessary
diff --git a/roles/matrix-bridge-mx-puppet-slack/tasks/setup_uninstall.yml b/roles/matrix-bridge-mx-puppet-slack/tasks/setup_uninstall.yml
index f6e7d33e..3a119267 100644
--- a/roles/matrix-bridge-mx-puppet-slack/tasks/setup_uninstall.yml
+++ b/roles/matrix-bridge-mx-puppet-slack/tasks/setup_uninstall.yml
@@ -9,8 +9,8 @@
service:
name: matrix-mx-puppet-slack
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
when: "matrix_mx_puppet_slack_service_stat.stat.exists"
- name: Ensure matrix-mx-puppet-slack.service doesn't exist
@@ -21,5 +21,5 @@
- name: Ensure systemd reloaded after matrix-mx-puppet-slack.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_mx_puppet_slack_service_stat.stat.exists"
diff --git a/roles/matrix-bridge-mx-puppet-slack/templates/config.yaml.j2 b/roles/matrix-bridge-mx-puppet-slack/templates/config.yaml.j2
index b1917b86..c7497a84 100644
--- a/roles/matrix-bridge-mx-puppet-slack/templates/config.yaml.j2
+++ b/roles/matrix-bridge-mx-puppet-slack/templates/config.yaml.j2
@@ -18,6 +18,10 @@ bridge:
# Slack OAuth settings. Create a slack app at https://api.slack.com/apps
oauth:
enabled: true
+ # Slack app credentials.
+ # N.B. This must be quoted so YAML does not parse it as a float.
+ clientId: '{{ matrix_mx_puppet_slack_oauth_client_id }}'
+ clientSecret: {{ matrix_mx_puppet_slack_oauth_client_secret|to_json }}
# Path where to listen for OAuth redirect callbacks.
redirectPath: {{ matrix_mx_puppet_slack_redirect_path }}
# Set up proxying from https://your.domain/redirect_path to http://bindAddress:port/redirect_path,
diff --git a/roles/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 b/roles/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2
index f130c095..973771b3 100644
--- a/roles/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2
+++ b/roles/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2
@@ -36,8 +36,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-slac
{% endfor %}
{{ matrix_mx_puppet_slack_docker_image }}
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-slack 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-slack 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-slack 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-slack 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-mx-puppet-slack
diff --git a/roles/matrix-bridge-mx-puppet-steam/defaults/main.yml b/roles/matrix-bridge-mx-puppet-steam/defaults/main.yml
index 2af4a32a..91675fce 100644
--- a/roles/matrix-bridge-mx-puppet-steam/defaults/main.yml
+++ b/roles/matrix-bridge-mx-puppet-steam/defaults/main.yml
@@ -1,3 +1,4 @@
+---
# Mx Puppet Steam is a Matrix <-> Steam bridge
# See: https://github.com/matrix-steam/mx-puppet-steam
diff --git a/roles/matrix-bridge-mx-puppet-steam/tasks/init.yml b/roles/matrix-bridge-mx-puppet-steam/tasks/init.yml
index c3218e89..efca4110 100644
--- a/roles/matrix-bridge-mx-puppet-steam/tasks/init.yml
+++ b/roles/matrix-bridge-mx-puppet-steam/tasks/init.yml
@@ -1,3 +1,4 @@
+---
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
- name: Fail if trying to self-build on Ansible < 2.8
diff --git a/roles/matrix-bridge-mx-puppet-steam/tasks/main.yml b/roles/matrix-bridge-mx-puppet-steam/tasks/main.yml
index cd6bb147..733cfa90 100644
--- a/roles/matrix-bridge-mx-puppet-steam/tasks/main.yml
+++ b/roles/matrix-bridge-mx-puppet-steam/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml
index a92d63fb..a1786ba9 100644
--- a/roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml
+++ b/roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml
@@ -16,10 +16,10 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_mx_puppet_steam_base_path }}", when: true }
- - { path: "{{ matrix_mx_puppet_steam_config_path }}", when: true }
- - { path: "{{ matrix_mx_puppet_steam_data_path }}", when: true }
- - { path: "{{ matrix_mx_puppet_steam_docker_src_files_path }}", when: "{{ matrix_mx_puppet_steam_container_image_self_build }}" }
+ - {path: "{{ matrix_mx_puppet_steam_base_path }}", when: true}
+ - {path: "{{ matrix_mx_puppet_steam_config_path }}", when: true}
+ - {path: "{{ matrix_mx_puppet_steam_data_path }}", when: true}
+ - {path: "{{ matrix_mx_puppet_steam_docker_src_files_path }}", when: "{{ matrix_mx_puppet_steam_container_image_self_build }}"}
when: matrix_mx_puppet_steam_enabled|bool and item.when|bool
- name: Check if an old database file already exists
@@ -31,8 +31,8 @@
service:
name: matrix-mx-puppet-steam
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
failed_when: false
when: "matrix_mx_puppet_steam_stat_database.stat.exists"
@@ -91,7 +91,7 @@
build:
dockerfile: Dockerfile
path: "{{ matrix_mx_puppet_steam_docker_src_files_path }}"
- pull: yes
+ pull: true
when: "matrix_mx_puppet_steam_enabled|bool and matrix_mx_puppet_steam_container_image_self_build"
- name: Ensure mx-puppet-steam config.yaml installed
@@ -119,7 +119,7 @@
- name: Ensure systemd reloaded after matrix-mx-puppet-steam.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_mx_puppet_steam_systemd_service_result.changed"
- name: Ensure matrix-mx-puppet-steam.service restarted, if necessary
diff --git a/roles/matrix-bridge-mx-puppet-steam/tasks/setup_uninstall.yml b/roles/matrix-bridge-mx-puppet-steam/tasks/setup_uninstall.yml
index 608bde73..2e152ef6 100644
--- a/roles/matrix-bridge-mx-puppet-steam/tasks/setup_uninstall.yml
+++ b/roles/matrix-bridge-mx-puppet-steam/tasks/setup_uninstall.yml
@@ -9,8 +9,8 @@
service:
name: matrix-mx-puppet-steam
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
when: "matrix_mx_puppet_steam_service_stat.stat.exists"
- name: Ensure matrix-mx-puppet-steam.service doesn't exist
@@ -21,5 +21,5 @@
- name: Ensure systemd reloaded after matrix-mx-puppet-steam.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_mx_puppet_steam_service_stat.stat.exists"
diff --git a/roles/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 b/roles/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2
index c736b7ca..0772872b 100644
--- a/roles/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2
+++ b/roles/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2
@@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-stea
{% endfor %}
{{ matrix_mx_puppet_steam_docker_image }}
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-steam 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-steam 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-steam 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-steam 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-mx-puppet-steam
diff --git a/roles/matrix-bridge-mx-puppet-twitter/defaults/main.yml b/roles/matrix-bridge-mx-puppet-twitter/defaults/main.yml
index 0e37d51f..37be2be2 100644
--- a/roles/matrix-bridge-mx-puppet-twitter/defaults/main.yml
+++ b/roles/matrix-bridge-mx-puppet-twitter/defaults/main.yml
@@ -1,3 +1,5 @@
+---
+
# Mx Puppet Twitter is a Matrix <-> Twitter bridge
# See: https://github.com/Sorunome/mx-puppet-twitter
diff --git a/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml b/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml
index 2054d23c..9d868bfe 100644
--- a/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml
+++ b/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml
@@ -1,3 +1,4 @@
+---
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
- name: Fail if trying to self-build on Ansible < 2.8
@@ -23,40 +24,40 @@
when: matrix_mx_puppet_twitter_enabled|bool
- block:
- - name: Fail if matrix-nginx-proxy role already executed
- fail:
- msg: >-
- Trying to append Twitter Appservice's reverse-proxying configuration to matrix-nginx-proxy,
- but it's pointless since the matrix-nginx-proxy role had already executed.
- To fix this, please change the order of roles in your playbook,
- so that the matrix-nginx-proxy role would run after the matrix-mx-puppet-twitter role.
- when: matrix_nginx_proxy_role_executed|default(False)|bool
+ - name: Fail if matrix-nginx-proxy role already executed
+ fail:
+ msg: >-
+ Trying to append Twitter Appservice's reverse-proxying configuration to matrix-nginx-proxy,
+ but it's pointless since the matrix-nginx-proxy role had already executed.
+ To fix this, please change the order of roles in your playbook,
+ so that the matrix-nginx-proxy role would run after the matrix-mx-puppet-twitter role.
+ when: matrix_nginx_proxy_role_executed|default(False)|bool
- - name: Generate Matrix MX Puppet Twitter proxying configuration for matrix-nginx-proxy
- set_fact:
- matrix_mx_puppet_twitter_matrix_nginx_proxy_configuration: |
- location {{ matrix_mx_puppet_twitter_webhook_path }} {
- {% if matrix_nginx_proxy_enabled|default(False) %}
- {# Use the embedded DNS resolver in Docker containers to discover the service #}
- resolver 127.0.0.11 valid=5s;
- set $backend "{{ matrix_mx_puppet_twitter_appservice_address }}";
- proxy_pass $backend;
- {% else %}
- {# Generic configuration for use outside of our container setup #}
- proxy_pass http://127.0.0.1:{{ matrix_mx_puppet_twitter_appservice_port }};
- {% endif %}
- }
+ - name: Generate Matrix MX Puppet Twitter proxying configuration for matrix-nginx-proxy
+ set_fact:
+ matrix_mx_puppet_twitter_matrix_nginx_proxy_configuration: |
+ location {{ matrix_mx_puppet_twitter_webhook_path }} {
+ {% if matrix_nginx_proxy_enabled|default(False) %}
+ {# Use the embedded DNS resolver in Docker containers to discover the service #}
+ resolver 127.0.0.11 valid=5s;
+ set $backend "{{ matrix_mx_puppet_twitter_appservice_address }}";
+ proxy_pass $backend;
+ {% else %}
+ {# Generic configuration for use outside of our container setup #}
+ proxy_pass http://127.0.0.1:{{ matrix_mx_puppet_twitter_appservice_port }};
+ {% endif %}
+ }
- - name: Register Twitter Appservice proxying configuration with matrix-nginx-proxy
- set_fact:
- matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
- {{
- matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
- +
- [matrix_mx_puppet_twitter_matrix_nginx_proxy_configuration]
- }}
+ - name: Register Twitter Appservice proxying configuration with matrix-nginx-proxy
+ set_fact:
+ matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
+ {{
+ matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
+ +
+ [matrix_mx_puppet_twitter_matrix_nginx_proxy_configuration]
+ }}
tags:
- - always
+ - always
when: matrix_mx_puppet_twitter_enabled|bool
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
diff --git a/roles/matrix-bridge-mx-puppet-twitter/tasks/main.yml b/roles/matrix-bridge-mx-puppet-twitter/tasks/main.yml
index af355df3..7d65257c 100644
--- a/roles/matrix-bridge-mx-puppet-twitter/tasks/main.yml
+++ b/roles/matrix-bridge-mx-puppet-twitter/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml
index a6250a16..8ca4f3f1 100644
--- a/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml
+++ b/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml
@@ -16,10 +16,10 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_mx_puppet_twitter_base_path }}", when: true }
- - { path: "{{ matrix_mx_puppet_twitter_config_path }}", when: true }
- - { path: "{{ matrix_mx_puppet_twitter_data_path }}", when: true }
- - { path: "{{ matrix_mx_puppet_twitter_docker_src_files_path }}", when: "{{ matrix_mx_puppet_twitter_container_image_self_build }}" }
+ - {path: "{{ matrix_mx_puppet_twitter_base_path }}", when: true}
+ - {path: "{{ matrix_mx_puppet_twitter_config_path }}", when: true}
+ - {path: "{{ matrix_mx_puppet_twitter_data_path }}", when: true}
+ - {path: "{{ matrix_mx_puppet_twitter_docker_src_files_path }}", when: "{{ matrix_mx_puppet_twitter_container_image_self_build }}"}
when: matrix_mx_puppet_twitter_enabled|bool and item.when|bool
- name: Check if an old database file already exists
@@ -31,8 +31,8 @@
service:
name: matrix-mx-puppet-twitter
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
failed_when: false
when: "matrix_mx_puppet_twitter_stat_database.stat.exists"
@@ -91,7 +91,7 @@
build:
dockerfile: Dockerfile
path: "{{ matrix_mx_puppet_twitter_docker_src_files_path }}"
- pull: yes
+ pull: true
when: "matrix_mx_puppet_twitter_enabled|bool and matrix_mx_puppet_twitter_container_image_self_build"
- name: Ensure mx-puppet-twitter config.yaml installed
@@ -119,7 +119,7 @@
- name: Ensure systemd reloaded after matrix-mx-puppet-twitter.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_mx_puppet_twitter_systemd_service_result.changed"
- name: Ensure matrix-mx-puppet-twitter.service restarted, if necessary
diff --git a/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_uninstall.yml b/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_uninstall.yml
index 1382ee58..56dcd9ce 100644
--- a/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_uninstall.yml
+++ b/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_uninstall.yml
@@ -9,8 +9,8 @@
service:
name: matrix-mx-puppet-twitter
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
when: "matrix_mx_puppet_twitter_service_stat.stat.exists"
- name: Ensure matrix-mx-puppet-twitter.service doesn't exist
@@ -21,5 +21,5 @@
- name: Ensure systemd reloaded after matrix-mx-puppet-twitter.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_mx_puppet_twitter_service_stat.stat.exists"
diff --git a/roles/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 b/roles/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2
index efa3e4e3..7e1b1c32 100644
--- a/roles/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2
+++ b/roles/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2
@@ -36,8 +36,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-twit
{% endfor %}
{{ matrix_mx_puppet_twitter_docker_image }}
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-twitter 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-twitter 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-twitter 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-twitter 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-mx-puppet-twitter
diff --git a/roles/matrix-bridge-sms/defaults/main.yml b/roles/matrix-bridge-sms/defaults/main.yml
index d3a686ce..82ffce6e 100644
--- a/roles/matrix-bridge-sms/defaults/main.yml
+++ b/roles/matrix-bridge-sms/defaults/main.yml
@@ -1,3 +1,4 @@
+---
# matrix-sms-bridge is a Matrix <-> SMS bridge
# See: https://github.com/benkuly/matrix-sms-bridge
diff --git a/roles/matrix-bridge-sms/tasks/init.yml b/roles/matrix-bridge-sms/tasks/init.yml
index 5979d132..b8af8e60 100644
--- a/roles/matrix-bridge-sms/tasks/init.yml
+++ b/roles/matrix-bridge-sms/tasks/init.yml
@@ -1,3 +1,5 @@
+---
+
# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
# We don't want to fail in such cases.
- name: Fail if matrix-synapse role already executed
diff --git a/roles/matrix-bridge-sms/tasks/main.yml b/roles/matrix-bridge-sms/tasks/main.yml
index c1c499de..b06e1a54 100644
--- a/roles/matrix-bridge-sms/tasks/main.yml
+++ b/roles/matrix-bridge-sms/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-bridge-sms/tasks/setup_install.yml b/roles/matrix-bridge-sms/tasks/setup_install.yml
index 61de923f..1f296043 100644
--- a/roles/matrix-bridge-sms/tasks/setup_install.yml
+++ b/roles/matrix-bridge-sms/tasks/setup_install.yml
@@ -51,5 +51,5 @@
- name: Ensure systemd reloaded after matrix-sms-bridge.service installation
service:
- daemon_reload: yes
- when: matrix_sms_bridge_systemd_service_result.changed
\ No newline at end of file
+ daemon_reload: true
+ when: matrix_sms_bridge_systemd_service_result.changed
diff --git a/roles/matrix-bridge-sms/tasks/setup_uninstall.yml b/roles/matrix-bridge-sms/tasks/setup_uninstall.yml
index ad8442bc..d74476eb 100644
--- a/roles/matrix-bridge-sms/tasks/setup_uninstall.yml
+++ b/roles/matrix-bridge-sms/tasks/setup_uninstall.yml
@@ -9,8 +9,8 @@
service:
name: matrix-sms-bridge
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
when: "matrix_sms_bridge_service_stat.stat.exists"
- name: Ensure matrix-sms-bridge.service doesn't exist
diff --git a/roles/matrix-bridge-sms/tasks/validate_config.yml b/roles/matrix-bridge-sms/tasks/validate_config.yml
index f89b18fa..96e41755 100644
--- a/roles/matrix-bridge-sms/tasks/validate_config.yml
+++ b/roles/matrix-bridge-sms/tasks/validate_config.yml
@@ -13,4 +13,4 @@
- "matrix_sms_bridge_default_timezone"
- "matrix_sms_bridge_provider_android_baseurl"
- "matrix_sms_bridge_provider_android_username"
- - "matrix_sms_bridge_provider_android_password"
\ No newline at end of file
+ - "matrix_sms_bridge_provider_android_password"
diff --git a/roles/matrix-bridge-sms/templates/systemd/matrix-sms-bridge.service.j2 b/roles/matrix-bridge-sms/templates/systemd/matrix-sms-bridge.service.j2
index 404b5aab..46c3463f 100644
--- a/roles/matrix-bridge-sms/templates/systemd/matrix-sms-bridge.service.j2
+++ b/roles/matrix-bridge-sms/templates/systemd/matrix-sms-bridge.service.j2
@@ -35,8 +35,8 @@ ExecStart=/usr/bin/docker run --rm --name matrix-sms-bridge \
{% endfor %}
{{ matrix_sms_bridge_docker_image }}
-ExecStopPost=-/usr/bin/docker kill matrix-sms-bridge
-ExecStopPost=-/usr/bin/docker rm matrix-sms-bridge
+ExecStop=-/usr/bin/docker kill matrix-sms-bridge
+ExecStop=-/usr/bin/docker rm matrix-sms-bridge
Restart=always
RestartSec=30
SyslogIdentifier=matrix-sms-bridge
diff --git a/roles/matrix-client-cinny/defaults/main.yml b/roles/matrix-client-cinny/defaults/main.yml
index 21ce09d4..1cb9b26f 100644
--- a/roles/matrix-client-cinny/defaults/main.yml
+++ b/roles/matrix-client-cinny/defaults/main.yml
@@ -1,9 +1,11 @@
+---
+
matrix_client_cinny_enabled: true
matrix_client_cinny_container_image_self_build: false
matrix_client_cinny_container_image_self_build_repo: "https://github.com/ajbura/cinny.git"
-matrix_client_cinny_version: v1.6.1
+matrix_client_cinny_version: v1.7.0
matrix_client_cinny_docker_image: "{{ matrix_client_cinny_docker_image_name_prefix }}ajbura/cinny:{{ matrix_client_cinny_version }}"
matrix_client_cinny_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_cinny_container_image_self_build else matrix_container_global_registry_prefix }}"
matrix_client_cinny_docker_image_force_pull: "{{ matrix_client_cinny_docker_image.endswith(':latest') }}"
diff --git a/roles/matrix-client-cinny/tasks/init.yml b/roles/matrix-client-cinny/tasks/init.yml
index e6889e4d..04fbd8a2 100644
--- a/roles/matrix-client-cinny/tasks/init.yml
+++ b/roles/matrix-client-cinny/tasks/init.yml
@@ -1,3 +1,4 @@
+---
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
- name: Fail if trying to self-build on Ansible < 2.8
diff --git a/roles/matrix-client-cinny/tasks/main.yml b/roles/matrix-client-cinny/tasks/main.yml
index 8a39c021..5c37d38e 100644
--- a/roles/matrix-client-cinny/tasks/main.yml
+++ b/roles/matrix-client-cinny/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-client-cinny/tasks/self_check.yml b/roles/matrix-client-cinny/tasks/self_check.yml
index df1241a8..d00408da 100644
--- a/roles/matrix-client-cinny/tasks/self_check.yml
+++ b/roles/matrix-client-cinny/tasks/self_check.yml
@@ -9,7 +9,7 @@
follow_redirects: none
validate_certs: "{{ matrix_client_cinny_self_check_validate_certificates }}"
register: matrix_client_cinny_self_check_result
- check_mode: no
+ check_mode: false
ignore_errors: true
- name: Fail if Cinny not working
diff --git a/roles/matrix-client-cinny/tasks/setup_install.yml b/roles/matrix-client-cinny/tasks/setup_install.yml
index 5d92f1d3..5571d8d0 100644
--- a/roles/matrix-client-cinny/tasks/setup_install.yml
+++ b/roles/matrix-client-cinny/tasks/setup_install.yml
@@ -7,16 +7,16 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_client_cinny_data_path }}", when: true }
- - { path: "{{ matrix_client_cinny_docker_src_files_path }}", when: "{{ matrix_client_cinny_container_image_self_build }}" }
+ - {path: "{{ matrix_client_cinny_data_path }}", when: true}
+ - {path: "{{ matrix_client_cinny_docker_src_files_path }}", when: "{{ matrix_client_cinny_container_image_self_build }}"}
when: "item.when|bool"
- name: Ensure Cinny Docker image is pulled
docker_image:
- name: "{{ matrix_client_cinny_docker_image }}"
- source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
- force_source: "{{ matrix_client_cinny_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
- force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_client_cinny_docker_image_force_pull }}"
+ name: "{{ matrix_client_cinny_docker_image }}"
+ source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
+ force_source: "{{ matrix_client_cinny_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
+ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_client_cinny_docker_image_force_pull }}"
when: "not matrix_client_cinny_container_image_self_build|bool"
- name: Ensure Cinny repository is present on self-build
@@ -55,7 +55,7 @@
build:
dockerfile: Dockerfile
path: "{{ matrix_client_cinny_docker_src_files_path }}"
- pull: yes
+ pull: true
when: "matrix_client_cinny_container_image_self_build|bool"
- name: Ensure matrix-client-cinny.service installed
@@ -67,5 +67,5 @@
- name: Ensure systemd reloaded after matrix-client-cinny.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_client_cinny_systemd_service_result.changed|bool"
diff --git a/roles/matrix-client-cinny/tasks/setup_uninstall.yml b/roles/matrix-client-cinny/tasks/setup_uninstall.yml
index 2a3bffb5..507c5d70 100644
--- a/roles/matrix-client-cinny/tasks/setup_uninstall.yml
+++ b/roles/matrix-client-cinny/tasks/setup_uninstall.yml
@@ -8,8 +8,8 @@
service:
name: matrix-client-cinny
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
register: stopping_result
when: "matrix_client_cinny_service_stat.stat.exists|bool"
@@ -21,7 +21,7 @@
- name: Ensure systemd reloaded after matrix-client-cinny.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_client_cinny_service_stat.stat.exists|bool"
- name: Ensure Cinny paths doesn't exist
diff --git a/roles/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2 b/roles/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2
index aa5a0432..f4ebd6a0 100644
--- a/roles/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2
+++ b/roles/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2
@@ -30,8 +30,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-client-cinny \
{% endfor %}
{{ matrix_client_cinny_docker_image }}
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-client-cinny 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-client-cinny 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-client-cinny 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-client-cinny 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-client-cinny
diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml
index 7853292a..51ddf1c2 100644
--- a/roles/matrix-client-element/defaults/main.yml
+++ b/roles/matrix-client-element/defaults/main.yml
@@ -1,3 +1,5 @@
+---
+
matrix_client_element_enabled: true
matrix_client_element_container_image_self_build: false
@@ -7,7 +9,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/vecto
# - https://github.com/vector-im/element-web/issues/19544
matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}"
-matrix_client_element_version: v1.9.8
+matrix_client_element_version: v1.10.4
matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}"
matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}"
matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}"
diff --git a/roles/matrix-client-element/tasks/init.yml b/roles/matrix-client-element/tasks/init.yml
index 44fa1544..cb1df0b5 100644
--- a/roles/matrix-client-element/tasks/init.yml
+++ b/roles/matrix-client-element/tasks/init.yml
@@ -1,3 +1,5 @@
+---
+
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-client-element.service'] }}"
when: matrix_client_element_enabled|bool
diff --git a/roles/matrix-client-element/tasks/main.yml b/roles/matrix-client-element/tasks/main.yml
index f020382a..28e23e8a 100644
--- a/roles/matrix-client-element/tasks/main.yml
+++ b/roles/matrix-client-element/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-client-element/tasks/migrate_riot_web.yml b/roles/matrix-client-element/tasks/migrate_riot_web.yml
index 304e9fbf..ee0fd446 100644
--- a/roles/matrix-client-element/tasks/migrate_riot_web.yml
+++ b/roles/matrix-client-element/tasks/migrate_riot_web.yml
@@ -10,8 +10,8 @@
service:
name: matrix-riot-web
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
register: stopping_result
when: "matrix_client_element_enabled|bool and matrix_client_riot_web_service_stat.stat.exists"
@@ -23,7 +23,7 @@
- name: Ensure systemd reloaded after matrix-riot-web.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_client_element_enabled|bool and matrix_client_riot_web_service_stat.stat.exists"
- name: Check existence of /matrix/riot-web
diff --git a/roles/matrix-client-element/tasks/prepare_themes.yml b/roles/matrix-client-element/tasks/prepare_themes.yml
index 1453e37d..bfb9837b 100644
--- a/roles/matrix-client-element/tasks/prepare_themes.yml
+++ b/roles/matrix-client-element/tasks/prepare_themes.yml
@@ -25,7 +25,7 @@
- name: Load Element theme
set_fact:
- matrix_client_element_settingDefaults_custom_themes: "{{ matrix_client_element_settingDefaults_custom_themes + [item['content'] | b64decode | from_json] }}"
+ matrix_client_element_settingDefaults_custom_themes: "{{ matrix_client_element_settingDefaults_custom_themes + [item['content'] | b64decode | from_json] }}"
with_items: "{{ matrix_client_element_theme_file_contents.results }}"
run_once: true
diff --git a/roles/matrix-client-element/tasks/self_check.yml b/roles/matrix-client-element/tasks/self_check.yml
index 34b6b88b..d05644c8 100644
--- a/roles/matrix-client-element/tasks/self_check.yml
+++ b/roles/matrix-client-element/tasks/self_check.yml
@@ -9,7 +9,7 @@
follow_redirects: none
validate_certs: "{{ matrix_client_element_self_check_validate_certificates }}"
register: matrix_client_element_self_check_result
- check_mode: no
+ check_mode: false
ignore_errors: true
- name: Fail if Element not working
diff --git a/roles/matrix-client-element/tasks/setup_install.yml b/roles/matrix-client-element/tasks/setup_install.yml
index b14a0dd5..3b877e8e 100644
--- a/roles/matrix-client-element/tasks/setup_install.yml
+++ b/roles/matrix-client-element/tasks/setup_install.yml
@@ -8,8 +8,8 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_client_element_data_path }}", when: true }
- - { path: "{{ matrix_client_element_docker_src_files_path }}", when: "{{ matrix_client_element_container_image_self_build }}" }
+ - {path: "{{ matrix_client_element_data_path }}", when: true}
+ - {path: "{{ matrix_client_element_docker_src_files_path }}", when: "{{ matrix_client_element_container_image_self_build }}"}
when: "item.when|bool"
- name: Ensure Element Docker image is pulled
@@ -37,7 +37,7 @@
path: "{{ matrix_client_element_docker_src_files_path }}/webpack.config.js"
regexp: '(\s+)splitChunks: \{'
line: '\1splitChunks: { maxSize: 100000,'
- backrefs: yes
+ backrefs: true
owner: root
group: root
mode: '0644'
@@ -52,7 +52,7 @@
build:
dockerfile: Dockerfile
path: "{{ matrix_client_element_docker_src_files_path }}"
- pull: yes
+ pull: true
when: "matrix_client_element_container_image_self_build|bool"
- name: Ensure Element configuration installed
@@ -93,5 +93,5 @@
- name: Ensure systemd reloaded after matrix-client-element.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_client_element_systemd_service_result.changed|bool"
diff --git a/roles/matrix-client-element/tasks/setup_uninstall.yml b/roles/matrix-client-element/tasks/setup_uninstall.yml
index 82805b78..55bc20d6 100644
--- a/roles/matrix-client-element/tasks/setup_uninstall.yml
+++ b/roles/matrix-client-element/tasks/setup_uninstall.yml
@@ -9,8 +9,8 @@
service:
name: matrix-client-element
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
register: stopping_result
when: "matrix_client_element_service_stat.stat.exists|bool"
@@ -22,7 +22,7 @@
- name: Ensure systemd reloaded after matrix-client-element.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_client_element_service_stat.stat.exists|bool"
- name: Ensure Element paths doesn't exist
diff --git a/roles/matrix-client-element/templates/systemd/matrix-client-element.service.j2 b/roles/matrix-client-element/templates/systemd/matrix-client-element.service.j2
index d4ad2b9e..fe2a3a86 100644
--- a/roles/matrix-client-element/templates/systemd/matrix-client-element.service.j2
+++ b/roles/matrix-client-element/templates/systemd/matrix-client-element.service.j2
@@ -35,8 +35,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-client-element
{% endfor %}
{{ matrix_client_element_docker_image }}
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-client-element 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-client-element 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-client-element 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-client-element 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-client-element
diff --git a/roles/matrix-client-hydrogen/defaults/main.yml b/roles/matrix-client-hydrogen/defaults/main.yml
index 4ca2224b..4b91eb2b 100644
--- a/roles/matrix-client-hydrogen/defaults/main.yml
+++ b/roles/matrix-client-hydrogen/defaults/main.yml
@@ -1,3 +1,5 @@
+---
+
matrix_client_hydrogen_enabled: true
# Self building is used by default because the `config.json` file is only read at build time.
@@ -5,7 +7,7 @@ matrix_client_hydrogen_enabled: true
matrix_client_hydrogen_container_image_self_build: true
matrix_client_hydrogen_container_image_self_build_repo: "https://github.com/vector-im/hydrogen-web.git"
-matrix_client_hydrogen_version: v0.2.19
+matrix_client_hydrogen_version: v0.2.26
matrix_client_hydrogen_docker_image: "{{ matrix_client_hydrogen_docker_image_name_prefix }}vectorim/hydrogen-web:{{ matrix_client_hydrogen_version }}"
matrix_client_hydrogen_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_hydrogen_container_image_self_build else matrix_container_global_registry_prefix }}"
matrix_client_hydrogen_docker_image_force_pull: "{{ matrix_client_hydrogen_docker_image.endswith(':latest') }}"
diff --git a/roles/matrix-client-hydrogen/tasks/init.yml b/roles/matrix-client-hydrogen/tasks/init.yml
index 8116a003..c6801e51 100644
--- a/roles/matrix-client-hydrogen/tasks/init.yml
+++ b/roles/matrix-client-hydrogen/tasks/init.yml
@@ -1,3 +1,4 @@
+---
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
- name: Fail if trying to self-build on Ansible < 2.8
diff --git a/roles/matrix-client-hydrogen/tasks/main.yml b/roles/matrix-client-hydrogen/tasks/main.yml
index 8d5c493f..13d157cc 100644
--- a/roles/matrix-client-hydrogen/tasks/main.yml
+++ b/roles/matrix-client-hydrogen/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-client-hydrogen/tasks/self_check.yml b/roles/matrix-client-hydrogen/tasks/self_check.yml
index c7407dcd..28af9c78 100644
--- a/roles/matrix-client-hydrogen/tasks/self_check.yml
+++ b/roles/matrix-client-hydrogen/tasks/self_check.yml
@@ -9,7 +9,7 @@
follow_redirects: none
validate_certs: "{{ matrix_client_hydrogen_self_check_validate_certificates }}"
register: matrix_client_hydrogen_self_check_result
- check_mode: no
+ check_mode: false
ignore_errors: true
- name: Fail if Hydrogen not working
diff --git a/roles/matrix-client-hydrogen/tasks/setup_install.yml b/roles/matrix-client-hydrogen/tasks/setup_install.yml
index b512a1a8..d8372768 100644
--- a/roles/matrix-client-hydrogen/tasks/setup_install.yml
+++ b/roles/matrix-client-hydrogen/tasks/setup_install.yml
@@ -8,16 +8,16 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_client_hydrogen_data_path }}", when: true }
- - { path: "{{ matrix_client_hydrogen_docker_src_files_path }}", when: "{{ matrix_client_hydrogen_container_image_self_build }}" }
+ - {path: "{{ matrix_client_hydrogen_data_path }}", when: true}
+ - {path: "{{ matrix_client_hydrogen_docker_src_files_path }}", when: "{{ matrix_client_hydrogen_container_image_self_build }}"}
when: "item.when|bool"
- name: Ensure Hydrogen Docker image is pulled
docker_image:
- name: "{{ matrix_client_hydrogen_docker_image }}"
- source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
- force_source: "{{ matrix_client_hydrogen_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
- force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_client_hydrogen_docker_image_force_pull }}"
+ name: "{{ matrix_client_hydrogen_docker_image }}"
+ source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
+ force_source: "{{ matrix_client_hydrogen_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
+ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_client_hydrogen_docker_image_force_pull }}"
when: "not matrix_client_hydrogen_container_image_self_build|bool"
- name: Ensure Hydrogen repository is present on self-build
@@ -32,7 +32,7 @@
- name: Ensure Hydrogen configuration installed
copy:
content: "{{ matrix_client_hydrogen_configuration|to_nice_json }}"
- dest: "{{ matrix_client_hydrogen_docker_src_files_path }}/assets/config.json"
+ dest: "{{ matrix_client_hydrogen_docker_src_files_path }}/src/platform/web/assets/config.json"
mode: 0644
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
@@ -59,7 +59,7 @@
build:
dockerfile: Dockerfile
path: "{{ matrix_client_hydrogen_docker_src_files_path }}"
- pull: yes
+ pull: true
when: "matrix_client_hydrogen_container_image_self_build|bool"
- name: Ensure matrix-client-hydrogen.service installed
@@ -71,5 +71,5 @@
- name: Ensure systemd reloaded after matrix-client-hydrogen.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_client_hydrogen_systemd_service_result.changed|bool"
diff --git a/roles/matrix-client-hydrogen/tasks/setup_uninstall.yml b/roles/matrix-client-hydrogen/tasks/setup_uninstall.yml
index 64d20166..7aff2916 100644
--- a/roles/matrix-client-hydrogen/tasks/setup_uninstall.yml
+++ b/roles/matrix-client-hydrogen/tasks/setup_uninstall.yml
@@ -9,8 +9,8 @@
service:
name: matrix-client-hydrogen
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
register: stopping_result
when: "matrix_client_hydrogen_service_stat.stat.exists|bool"
@@ -22,7 +22,7 @@
- name: Ensure systemd reloaded after matrix-client-hydrogen.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_client_hydrogen_service_stat.stat.exists|bool"
- name: Ensure Hydrogen paths doesn't exist
diff --git a/roles/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2 b/roles/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2
index 7a72e876..c85aeb97 100644
--- a/roles/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2
+++ b/roles/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2
@@ -29,8 +29,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-client-hydroge
{% endfor %}
{{ matrix_client_hydrogen_docker_image }}
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-client-hydrogen 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-client-hydrogen 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-client-hydrogen 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-client-hydrogen 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-client-hydrogen
diff --git a/roles/matrix-common-after/defaults/main.yml b/roles/matrix-common-after/defaults/main.yml
index 8112191a..51c48c7d 100644
--- a/roles/matrix-common-after/defaults/main.yml
+++ b/roles/matrix-common-after/defaults/main.yml
@@ -1,3 +1,4 @@
+---
# Specifies how long to wait between starting systemd services and checking if they're started.
#
# A too low value may lead to a failure, as services may not have enough time to start and potentially fail.
diff --git a/roles/matrix-common-after/tasks/awx_post.yml b/roles/matrix-common-after/tasks/awx_post.yml
index 9c472ca3..ad0a0ee8 100644
--- a/roles/matrix-common-after/tasks/awx_post.yml
+++ b/roles/matrix-common-after/tasks/awx_post.yml
@@ -6,7 +6,7 @@
register: cmd
when: not awx_janitor_user_created|bool
no_log: false
-
+
- name: Update AWX janitor user created variable
delegate_to: 127.0.0.1
lineinfile:
@@ -24,7 +24,7 @@
register: cmd
when: not awx_dimension_user_created|bool
no_log: false
-
+
- name: Update AWX dimension user created variable
delegate_to: 127.0.0.1
lineinfile:
@@ -42,7 +42,7 @@
register: cmd
when: not awx_mjolnir_user_created|bool
no_log: false
-
+
- name: Update AWX dimension user created variable
delegate_to: 127.0.0.1
lineinfile:
diff --git a/roles/matrix-common-after/tasks/dump_runtime_results.yml b/roles/matrix-common-after/tasks/dump_runtime_results.yml
index 9788bf84..44ae1a30 100644
--- a/roles/matrix-common-after/tasks/dump_runtime_results.yml
+++ b/roles/matrix-common-after/tasks/dump_runtime_results.yml
@@ -1,3 +1,4 @@
+---
# Ansible outputs the message in the `item=` field.
# It's unnecessary to output it again in the actual message, so we don't.
- debug:
diff --git a/roles/matrix-common-after/tasks/main.yml b/roles/matrix-common-after/tasks/main.yml
index b4503ae1..75dee15d 100644
--- a/roles/matrix-common-after/tasks/main.yml
+++ b/roles/matrix-common-after/tasks/main.yml
@@ -1,3 +1,4 @@
+---
- import_tasks: "{{ role_path }}/tasks/start.yml"
when: run_start|bool
@@ -12,7 +13,7 @@
- import_tasks: "{{ role_path }}/tasks/dump_runtime_results.yml"
tags:
- always
-
+
- import_tasks: "{{ role_path }}/tasks/awx_post.yml"
when: run_setup|bool and matrix_awx_enabled|bool
tags:
@@ -21,5 +22,3 @@
- import_tasks: "{{ role_path }}/tasks/run_docker_prune.yml"
tags:
- run-docker-prune
-
-
diff --git a/roles/matrix-common-after/tasks/start.yml b/roles/matrix-common-after/tasks/start.yml
index 64ab4d99..02fa672e 100644
--- a/roles/matrix-common-after/tasks/start.yml
+++ b/roles/matrix-common-after/tasks/start.yml
@@ -6,7 +6,7 @@
- name: Ensure systemd is reloaded
service:
- daemon_reload: yes
+ daemon_reload: true
- name: Ensure Matrix services are stopped
service:
@@ -35,39 +35,39 @@
become: false
- block:
- - name: Populate service facts
- service_facts:
+ - name: Populate service facts
+ service_facts:
- - name: Fail if service isn't detected to be running
- fail:
- msg: >-
- {{ item }} was not detected to be running.
- It's possible that there's a configuration problem or another service on your server interferes with it (uses the same ports, etc.).
- Try running `systemctl status {{ item }}` and `journalctl -fu {{ item }}` on the server to investigate.
- If you're on a slow or overloaded server, it may be that services take a longer time to start and that this error is a false-positive.
- You can consider raising the value of the `matrix_common_after_systemd_service_start_wait_for_timeout_seconds` variable.
- See `roles/matrix-common-after/defaults/main.yml` for more details about that.
- with_items: "{{ matrix_systemd_services_list }}"
- when:
- - "item.endswith('.service') and (ansible_facts.services[item]|default(none) is none or ansible_facts.services[item].state != 'running')"
+ - name: Fail if service isn't detected to be running
+ fail:
+ msg: >-
+ {{ item }} was not detected to be running.
+ It's possible that there's a configuration problem or another service on your server interferes with it (uses the same ports, etc.).
+ Try running `systemctl status {{ item }}` and `journalctl -fu {{ item }}` on the server to investigate.
+ If you're on a slow or overloaded server, it may be that services take a longer time to start and that this error is a false-positive.
+ You can consider raising the value of the `matrix_common_after_systemd_service_start_wait_for_timeout_seconds` variable.
+ See `roles/matrix-common-after/defaults/main.yml` for more details about that.
+ with_items: "{{ matrix_systemd_services_list }}"
+ when:
+ - "item.endswith('.service') and (ansible_facts.services[item]|default(none) is none or ansible_facts.services[item].state != 'running')"
when: " ansible_distribution != 'Archlinux'"
- block:
- # Currently there is a bug in ansible that renders is incompatible with systemd.
- # service_facts is not collecting the data successfully.
- # Therefore iterating here manually
- - name: Fetch systemd information
- systemd:
- name: "{{ item }}"
- register: systemdstatus
- with_items: "{{ matrix_systemd_services_list }}"
+ # Currently there is a bug in ansible that renders is incompatible with systemd.
+ # service_facts is not collecting the data successfully.
+ # Therefore iterating here manually
+ - name: Fetch systemd information
+ systemd:
+ name: "{{ item }}"
+ register: systemdstatus
+ with_items: "{{ matrix_systemd_services_list }}"
- - name: Fail if service isn't detected to be running
- fail:
- msg: >-
- {{ item.item }} was not detected to be running.
- It's possible that there's a configuration problem or another service on your server interferes with it (uses the same ports, etc.).
- Try running `systemctl status {{ item.item }}` and `journalctl -fu {{ item.item }}` on the server to investigate.
- with_items: "{{ systemdstatus.results }}"
- when: "item.status['ActiveState'] != 'active'"
+ - name: Fail if service isn't detected to be running
+ fail:
+ msg: >-
+ {{ item.item }} was not detected to be running.
+ It's possible that there's a configuration problem or another service on your server interferes with it (uses the same ports, etc.).
+ Try running `systemctl status {{ item.item }}` and `journalctl -fu {{ item.item }}` on the server to investigate.
+ with_items: "{{ systemdstatus.results }}"
+ when: "item.status['ActiveState'] != 'active'"
when: "ansible_distribution == 'Archlinux'"
diff --git a/roles/matrix-corporal/defaults/main.yml b/roles/matrix-corporal/defaults/main.yml
index aede4d50..66896e0e 100644
--- a/roles/matrix-corporal/defaults/main.yml
+++ b/roles/matrix-corporal/defaults/main.yml
@@ -1,3 +1,4 @@
+---
# matrix-corporal is a reconciliator and gateway for a managed Matrix server.
# See: https://github.com/devture/matrix-corporal
@@ -22,10 +23,10 @@ matrix_corporal_container_extra_arguments: []
# List of systemd services that matrix-corporal.service depends on
matrix_corporal_systemd_required_services_list: ['docker.service']
-matrix_corporal_version: 2.2.2
+matrix_corporal_version: 2.2.3
matrix_corporal_docker_image: "{{ matrix_corporal_docker_image_name_prefix }}devture/matrix-corporal:{{ matrix_corporal_docker_image_tag }}"
matrix_corporal_docker_image_name_prefix: "{{ 'localhost/' if matrix_corporal_container_image_self_build else matrix_container_global_registry_prefix }}"
-matrix_corporal_docker_image_tag: "{{ matrix_corporal_version }}" # for backward-compatibility
+matrix_corporal_docker_image_tag: "{{ matrix_corporal_version }}" # for backward-compatibility
matrix_corporal_docker_image_force_pull: "{{ matrix_corporal_docker_image.endswith(':latest') }}"
matrix_corporal_base_path: "{{ matrix_base_data_path }}/corporal"
diff --git a/roles/matrix-corporal/tasks/init.yml b/roles/matrix-corporal/tasks/init.yml
index e5062c27..b2f50e93 100644
--- a/roles/matrix-corporal/tasks/init.yml
+++ b/roles/matrix-corporal/tasks/init.yml
@@ -1,3 +1,4 @@
+---
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
- name: Fail if trying to self-build on Ansible < 2.8
diff --git a/roles/matrix-corporal/tasks/main.yml b/roles/matrix-corporal/tasks/main.yml
index 90c8105c..7ff359d0 100644
--- a/roles/matrix-corporal/tasks/main.yml
+++ b/roles/matrix-corporal/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-corporal/tasks/self_check_corporal.yml b/roles/matrix-corporal/tasks/self_check_corporal.yml
index f7c15109..b702c00f 100644
--- a/roles/matrix-corporal/tasks/self_check_corporal.yml
+++ b/roles/matrix-corporal/tasks/self_check_corporal.yml
@@ -8,7 +8,7 @@
url: "{{ corporal_client_api_url_endpoint_public }}"
follow_redirects: none
return_content: true
- check_mode: no
+ check_mode: false
register: result_corporal_client_api
ignore_errors: true
diff --git a/roles/matrix-corporal/tasks/setup_corporal.yml b/roles/matrix-corporal/tasks/setup_corporal.yml
index 8e007c4f..b8edc596 100644
--- a/roles/matrix-corporal/tasks/setup_corporal.yml
+++ b/roles/matrix-corporal/tasks/setup_corporal.yml
@@ -35,7 +35,7 @@
build:
dockerfile: etc/docker/Dockerfile
path: "{{ matrix_corporal_container_src_files_path }}"
- pull: yes
+ pull: true
when: "matrix_corporal_enabled|bool and matrix_corporal_container_image_self_build|bool"
- name: Ensure Matrix Corporal Docker image is pulled
@@ -65,7 +65,7 @@
- name: Ensure systemd reloaded after matrix-corporal.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_corporal_enabled|bool and matrix_corporal_systemd_service_result.changed"
@@ -83,8 +83,8 @@
service:
name: matrix-corporal
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
register: stopping_result
when: "not matrix_corporal_enabled|bool and matrix_corporal_service_stat.stat.exists"
@@ -96,7 +96,7 @@
- name: Ensure systemd reloaded after matrix-corporal.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "not matrix_corporal_enabled|bool and matrix_corporal_service_stat.stat.exists"
- name: Ensure matrix-corporal files don't exist
diff --git a/roles/matrix-corporal/templates/systemd/matrix-corporal.service.j2 b/roles/matrix-corporal/templates/systemd/matrix-corporal.service.j2
index 9c42f2b1..262e2e77 100644
--- a/roles/matrix-corporal/templates/systemd/matrix-corporal.service.j2
+++ b/roles/matrix-corporal/templates/systemd/matrix-corporal.service.j2
@@ -34,8 +34,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-corporal \
{{ matrix_corporal_docker_image }} \
/matrix-corporal -config=/etc/matrix-corporal/config.json
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-corporal 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-corporal 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-corporal 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-corporal 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-corporal
diff --git a/roles/matrix-coturn/defaults/main.yml b/roles/matrix-coturn/defaults/main.yml
index 4d7ccf6b..f1274657 100644
--- a/roles/matrix-coturn/defaults/main.yml
+++ b/roles/matrix-coturn/defaults/main.yml
@@ -1,3 +1,5 @@
+---
+
matrix_coturn_enabled: true
matrix_coturn_container_image_self_build: false
diff --git a/roles/matrix-coturn/tasks/init.yml b/roles/matrix-coturn/tasks/init.yml
index a7d8a343..93e4fa3a 100644
--- a/roles/matrix-coturn/tasks/init.yml
+++ b/roles/matrix-coturn/tasks/init.yml
@@ -1,3 +1,4 @@
+---
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
- name: Fail if trying to self-build on Ansible < 2.8
diff --git a/roles/matrix-coturn/tasks/main.yml b/roles/matrix-coturn/tasks/main.yml
index 9794bcb3..76352df1 100644
--- a/roles/matrix-coturn/tasks/main.yml
+++ b/roles/matrix-coturn/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-coturn/tasks/setup_install.yml b/roles/matrix-coturn/tasks/setup_install.yml
index c31406b1..f5726e32 100644
--- a/roles/matrix-coturn/tasks/setup_install.yml
+++ b/roles/matrix-coturn/tasks/setup_install.yml
@@ -14,7 +14,7 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_coturn_docker_src_files_path }}", when: "{{ matrix_coturn_container_image_self_build }}"}
+ - {path: "{{ matrix_coturn_docker_src_files_path }}", when: "{{ matrix_coturn_container_image_self_build }}"}
when: "item.when|bool"
- name: Ensure Coturn image is pulled
@@ -43,7 +43,7 @@
build:
dockerfile: "{{ matrix_coturn_container_image_self_build_repo_dockerfile_path }}"
path: "{{ matrix_coturn_docker_src_files_path }}"
- pull: yes
+ pull: true
when: "matrix_coturn_container_image_self_build|bool"
- name: Ensure Coturn configuration path exists
@@ -101,5 +101,5 @@
- name: Ensure systemd reloaded if systemd units changed
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_coturn_systemd_service_change_results.changed"
diff --git a/roles/matrix-coturn/tasks/setup_uninstall.yml b/roles/matrix-coturn/tasks/setup_uninstall.yml
index b642c6d0..097ba873 100644
--- a/roles/matrix-coturn/tasks/setup_uninstall.yml
+++ b/roles/matrix-coturn/tasks/setup_uninstall.yml
@@ -10,16 +10,16 @@
service:
name: matrix-coturn
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
when: "matrix_coturn_service_stat.stat.exists|bool"
- name: Ensure matrix-coturn-reload.timer is stopped
service:
name: matrix-coturn
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
failed_when: false
when: "matrix_coturn_service_stat.stat.exists|bool"
@@ -35,7 +35,7 @@
- name: Ensure systemd reloaded after unit removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_coturn_systemd_unit_uninstallation_result.changed|bool"
- name: Ensure Matrix coturn paths don't exist
diff --git a/roles/matrix-coturn/templates/systemd/matrix-coturn.service.j2 b/roles/matrix-coturn/templates/systemd/matrix-coturn.service.j2
index 778f8185..a39030af 100644
--- a/roles/matrix-coturn/templates/systemd/matrix-coturn.service.j2
+++ b/roles/matrix-coturn/templates/systemd/matrix-coturn.service.j2
@@ -43,8 +43,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-coturn \
{{ matrix_coturn_docker_image }} \
-c /turnserver.conf
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-coturn 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-coturn 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-coturn 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-coturn 2>/dev/null'
# This only reloads certificates (not other configuration).
# See: https://github.com/coturn/coturn/pull/236
diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml
index 23789540..ec3937c7 100644
--- a/roles/matrix-dendrite/defaults/main.yml
+++ b/roles/matrix-dendrite/defaults/main.yml
@@ -1,3 +1,4 @@
+---
# Dendrite is a second-generation Matrix homeserver currently in Beta
# See: https://github.com/matrix-org/dendrite
@@ -127,7 +128,7 @@ matrix_dendrite_mscs_database: "dendrite_mscs"
matrix_dendrite_turn_uris: []
matrix_dendrite_turn_shared_secret: ""
-matrix_dendrite_turn_allow_guests: False
+matrix_dendrite_turn_allow_guests: false
# Controls whether the self-check feature should validate TLS certificates.
matrix_dendrite_disable_tls_validation: false
diff --git a/roles/matrix-dendrite/tasks/dendrite/setup.yml b/roles/matrix-dendrite/tasks/dendrite/setup.yml
index 8b669193..f988d918 100644
--- a/roles/matrix-dendrite/tasks/dendrite/setup.yml
+++ b/roles/matrix-dendrite/tasks/dendrite/setup.yml
@@ -1,4 +1,5 @@
---
+
- import_tasks: "{{ role_path }}/tasks/dendrite/setup_install.yml"
when: matrix_dendrite_enabled|bool
diff --git a/roles/matrix-dendrite/tasks/dendrite/setup_install.yml b/roles/matrix-dendrite/tasks/dendrite/setup_install.yml
index 3e3b2199..7b3c12d5 100644
--- a/roles/matrix-dendrite/tasks/dendrite/setup_install.yml
+++ b/roles/matrix-dendrite/tasks/dendrite/setup_install.yml
@@ -4,7 +4,7 @@
stat:
path: "{{ matrix_dendrite_media_store_path }}"
register: local_path_media_store_stat
- ignore_errors: yes
+ ignore_errors: true
# This is separate and conditional, to ensure we don't execute it
# if the path already exists or we failed to check, because it's mounted using fuse.
@@ -67,7 +67,7 @@
- name: Ensure systemd reloaded after matrix-dendrite.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_dendrite_systemd_service_result.changed|bool"
- name: Ensure matrix-dendrite-create-account script created
diff --git a/roles/matrix-dendrite/tasks/dendrite/setup_uninstall.yml b/roles/matrix-dendrite/tasks/dendrite/setup_uninstall.yml
index 7e953365..89d5481c 100644
--- a/roles/matrix-dendrite/tasks/dendrite/setup_uninstall.yml
+++ b/roles/matrix-dendrite/tasks/dendrite/setup_uninstall.yml
@@ -1,3 +1,5 @@
+---
+
- name: Check existence of matrix-dendrite service
stat:
path: "{{ matrix_systemd_path }}/matrix-dendrite.service"
@@ -7,7 +9,7 @@
service:
name: matrix-dendrite
state: stopped
- daemon_reload: yes
+ daemon_reload: true
register: stopping_result
when: "matrix_dendrite_service_stat.stat.exists"
@@ -19,7 +21,7 @@
- name: Ensure systemd reloaded after matrix-dendrite.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_dendrite_service_stat.stat.exists"
- name: Ensure Dendrite Docker image doesn't exist
diff --git a/roles/matrix-dendrite/tasks/init.yml b/roles/matrix-dendrite/tasks/init.yml
index 2e2e551a..524ef6ee 100644
--- a/roles/matrix-dendrite/tasks/init.yml
+++ b/roles/matrix-dendrite/tasks/init.yml
@@ -1,3 +1,5 @@
+---
+
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-dendrite.service'] }}"
when: matrix_dendrite_enabled|bool
diff --git a/roles/matrix-dendrite/tasks/main.yml b/roles/matrix-dendrite/tasks/main.yml
index 815135d7..5483adec 100644
--- a/roles/matrix-dendrite/tasks/main.yml
+++ b/roles/matrix-dendrite/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-dendrite/tasks/register_user.yml b/roles/matrix-dendrite/tasks/register_user.yml
index 099d57e9..b8e3ae5e 100644
--- a/roles/matrix-dendrite/tasks/register_user.yml
+++ b/roles/matrix-dendrite/tasks/register_user.yml
@@ -13,7 +13,7 @@
service:
name: matrix-dendrite
state: started
- daemon_reload: yes
+ daemon_reload: true
register: start_result
- name: Wait a while, so that Dendrite can manage to start
diff --git a/roles/matrix-dendrite/tasks/self_check_client_api.yml b/roles/matrix-dendrite/tasks/self_check_client_api.yml
index 7c2f6b5e..2470d818 100644
--- a/roles/matrix-dendrite/tasks/self_check_client_api.yml
+++ b/roles/matrix-dendrite/tasks/self_check_client_api.yml
@@ -6,7 +6,7 @@
validate_certs: "{{ matrix_dendrite_self_check_validate_certificates }}"
register: result_matrix_dendrite_client_api
ignore_errors: true
- check_mode: no
+ check_mode: false
- name: Fail if Matrix Client API not working
fail:
diff --git a/roles/matrix-dendrite/tasks/self_check_federation_api.yml b/roles/matrix-dendrite/tasks/self_check_federation_api.yml
index a7c60a67..0afca2cb 100644
--- a/roles/matrix-dendrite/tasks/self_check_federation_api.yml
+++ b/roles/matrix-dendrite/tasks/self_check_federation_api.yml
@@ -6,7 +6,7 @@
validate_certs: "{{ matrix_dendrite_self_check_validate_certificates }}"
register: result_matrix_dendrite_federation_api
ignore_errors: true
- check_mode: no
+ check_mode: false
- name: Fail if Matrix Federation API not working
fail:
diff --git a/roles/matrix-dendrite/tasks/setup_dendrite.yml b/roles/matrix-dendrite/tasks/setup_dendrite.yml
index 04c3a7fe..cbe0cf84 100644
--- a/roles/matrix-dendrite/tasks/setup_dendrite.yml
+++ b/roles/matrix-dendrite/tasks/setup_dendrite.yml
@@ -7,8 +7,8 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_dendrite_config_dir_path }}", when: true }
- - { path: "{{ matrix_dendrite_ext_path }}", when: true }
+ - {path: "{{ matrix_dendrite_config_dir_path }}", when: true}
+ - {path: "{{ matrix_dendrite_ext_path }}", when: true}
when: "matrix_dendrite_enabled|bool and item.when"
- import_tasks: "{{ role_path }}/tasks/dendrite/setup.yml"
diff --git a/roles/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 b/roles/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2
index 7592fca8..e14734dd 100644
--- a/roles/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2
+++ b/roles/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2
@@ -53,8 +53,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-dendrite \
{% endif %}
{{ matrix_dendrite_process_extra_arguments|join(' ') }}
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-dendrite 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-dendrite 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-dendrite 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-dendrite 2>/dev/null'
ExecReload={{ matrix_host_command_docker }} exec matrix-dendrite /bin/sh -c 'kill -HUP 1'
Restart=always
RestartSec=30
diff --git a/roles/matrix-dimension/defaults/main.yml b/roles/matrix-dimension/defaults/main.yml
index 1ca5f5b8..c4da906d 100644
--- a/roles/matrix-dimension/defaults/main.yml
+++ b/roles/matrix-dimension/defaults/main.yml
@@ -1,3 +1,5 @@
+---
+
matrix_dimension_enabled: false
# You are required to specify an access token for Dimension to work.
diff --git a/roles/matrix-dimension/tasks/init.yml b/roles/matrix-dimension/tasks/init.yml
index 85ca04ea..6336cb4d 100644
--- a/roles/matrix-dimension/tasks/init.yml
+++ b/roles/matrix-dimension/tasks/init.yml
@@ -1,3 +1,4 @@
+---
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-dimension.service'] }}"
when: matrix_dimension_enabled|bool
diff --git a/roles/matrix-dimension/tasks/main.yml b/roles/matrix-dimension/tasks/main.yml
index aad55286..c2f01399 100644
--- a/roles/matrix-dimension/tasks/main.yml
+++ b/roles/matrix-dimension/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-dimension/tasks/setup_install.yml b/roles/matrix-dimension/tasks/setup_install.yml
index c75fc0b9..92c21c9e 100644
--- a/roles/matrix-dimension/tasks/setup_install.yml
+++ b/roles/matrix-dimension/tasks/setup_install.yml
@@ -111,7 +111,7 @@
build:
dockerfile: Dockerfile
path: "{{ matrix_dimension_docker_src_files_path }}"
- pull: yes
+ pull: true
when: "matrix_dimension_container_image_self_build|bool"
- name: Ensure matrix-dimension.service installed
@@ -123,7 +123,7 @@
- name: Ensure systemd reloaded after matrix-dimension.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_dimension_systemd_service_result.changed|bool"
- name: Ensure matrix-dimension.service restarted, if necessary
diff --git a/roles/matrix-dimension/tasks/setup_uninstall.yml b/roles/matrix-dimension/tasks/setup_uninstall.yml
index 21f34df0..cdfbe07a 100644
--- a/roles/matrix-dimension/tasks/setup_uninstall.yml
+++ b/roles/matrix-dimension/tasks/setup_uninstall.yml
@@ -9,8 +9,8 @@
service:
name: matrix-dimension
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
register: stopping_result
when: "matrix_dimension_service_stat.stat.exists|bool"
@@ -22,7 +22,7 @@
- name: Ensure systemd reloaded after matrix-dimension.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_dimension_service_stat.stat.exists|bool"
- name: Ensure Dimension base directory doesn't exist
diff --git a/roles/matrix-dimension/tasks/validate_config.yml b/roles/matrix-dimension/tasks/validate_config.yml
index ead8352b..8413c42f 100644
--- a/roles/matrix-dimension/tasks/validate_config.yml
+++ b/roles/matrix-dimension/tasks/validate_config.yml
@@ -1,3 +1,4 @@
+---
- name: Fail if required Dimension settings not defined
fail:
msg: >-
diff --git a/roles/matrix-dimension/templates/systemd/matrix-dimension.service.j2 b/roles/matrix-dimension/templates/systemd/matrix-dimension.service.j2
index 0451231b..e27a5558 100644
--- a/roles/matrix-dimension/templates/systemd/matrix-dimension.service.j2
+++ b/roles/matrix-dimension/templates/systemd/matrix-dimension.service.j2
@@ -38,8 +38,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-dimension \
{% endfor %}
{{ matrix_dimension_docker_image }}
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-dimension 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-dimension 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-dimension 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-dimension 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-dimension
diff --git a/roles/matrix-dimension/vars/main.yml b/roles/matrix-dimension/vars/main.yml
index 107bb4fa..131024cc 100644
--- a/roles/matrix-dimension/vars/main.yml
+++ b/roles/matrix-dimension/vars/main.yml
@@ -2,4 +2,4 @@
# Doing `|from_yaml` when the extension contains nothing yields an empty string ("").
# We need to ensure it's a dictionary or `|combine` (when building `matrix_dimension_configuration`) will fail later.
-matrix_dimension_configuration_extension: "{{ matrix_dimension_configuration_extension_yaml|from_yaml if matrix_dimension_configuration_extension_yaml|from_yaml else {} }}"
\ No newline at end of file
+matrix_dimension_configuration_extension: "{{ matrix_dimension_configuration_extension_yaml|from_yaml if matrix_dimension_configuration_extension_yaml|from_yaml else {} }}"
diff --git a/roles/matrix-dynamic-dns/defaults/main.yml b/roles/matrix-dynamic-dns/defaults/main.yml
index 3411d0f8..5d733eb3 100644
--- a/roles/matrix-dynamic-dns/defaults/main.yml
+++ b/roles/matrix-dynamic-dns/defaults/main.yml
@@ -1,10 +1,11 @@
+---
# Whether dynamic dns is enabled
matrix_dynamic_dns_enabled: true
# The dynamic dns daemon interval
matrix_dynamic_dns_daemon_interval: '300'
-matrix_dynamic_dns_version: v3.9.1-ls45
+matrix_dynamic_dns_version: v3.9.1-ls79
# The docker container to use when in mode
matrix_dynamic_dns_docker_image: "{{ matrix_dynamic_dns_docker_image_name_prefix }}linuxserver/ddclient:{{ matrix_dynamic_dns_version }}"
diff --git a/roles/matrix-dynamic-dns/tasks/init.yml b/roles/matrix-dynamic-dns/tasks/init.yml
index e7d33ff2..6ea6a60b 100644
--- a/roles/matrix-dynamic-dns/tasks/init.yml
+++ b/roles/matrix-dynamic-dns/tasks/init.yml
@@ -1,3 +1,4 @@
+---
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
- name: Fail if trying to self-build on Ansible < 2.8
diff --git a/roles/matrix-dynamic-dns/tasks/install.yml b/roles/matrix-dynamic-dns/tasks/install.yml
index ac69ec89..e2e4f043 100644
--- a/roles/matrix-dynamic-dns/tasks/install.yml
+++ b/roles/matrix-dynamic-dns/tasks/install.yml
@@ -16,9 +16,9 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_dynamic_dns_base_path }}", when: true }
- - { path: "{{ matrix_dynamic_dns_config_path }}", when: true }
- - { path: "{{ matrix_dynamic_dns_docker_src_files_path }}", when: "{{ matrix_dynamic_dns_container_image_self_build }}" }
+ - {path: "{{ matrix_dynamic_dns_base_path }}", when: true}
+ - {path: "{{ matrix_dynamic_dns_config_path }}", when: true}
+ - {path: "{{ matrix_dynamic_dns_docker_src_files_path }}", when: "{{ matrix_dynamic_dns_container_image_self_build }}"}
when: matrix_dynamic_dns_enabled|bool and item.when|bool
- name: Ensure Dynamic DNS repository is present on self build
@@ -38,7 +38,7 @@
build:
dockerfile: Dockerfile
path: "{{ matrix_dynamic_dns_docker_src_files_path }}"
- pull: yes
+ pull: true
when: "matrix_dynamic_dns_enabled|bool and matrix_dynamic_dns_container_image_self_build|bool"
- name: Ensure Dynamic DNS ddclient.conf installed
@@ -58,5 +58,5 @@
- name: Ensure systemd reloaded after matrix-dynamic-dns.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_dynamic_dns_systemd_service_result.changed"
diff --git a/roles/matrix-dynamic-dns/tasks/main.yml b/roles/matrix-dynamic-dns/tasks/main.yml
index f9aaab8f..8b8b306c 100644
--- a/roles/matrix-dynamic-dns/tasks/main.yml
+++ b/roles/matrix-dynamic-dns/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-dynamic-dns/tasks/uninstall.yml b/roles/matrix-dynamic-dns/tasks/uninstall.yml
index 9d511051..80842c9c 100644
--- a/roles/matrix-dynamic-dns/tasks/uninstall.yml
+++ b/roles/matrix-dynamic-dns/tasks/uninstall.yml
@@ -9,8 +9,8 @@
service:
name: matrix-dynamic-dns
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
when: "matrix_dynamic_dns_service_stat.stat.exists"
- name: Ensure matrix-dynamic-dns.service doesn't exist
@@ -21,7 +21,7 @@
- name: Ensure systemd reloaded after matrix-dynamic-dns.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_dynamic_dns_service_stat.stat.exists"
# Intentionally not removing the Docker image when uninstalling.
diff --git a/roles/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 b/roles/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2
index 31e106f0..dfdd2f72 100644
--- a/roles/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2
+++ b/roles/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2
@@ -26,8 +26,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-dynamic-dns \
{% endfor %}
{{ matrix_dynamic_dns_docker_image }}
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-dynamic-dns 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-dynamic-dns 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-dynamic-dns 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-dynamic-dns 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-dynamic-dns
diff --git a/roles/matrix-email2matrix/defaults/main.yml b/roles/matrix-email2matrix/defaults/main.yml
index 3dfabc1a..fe5d3399 100644
--- a/roles/matrix-email2matrix/defaults/main.yml
+++ b/roles/matrix-email2matrix/defaults/main.yml
@@ -1,3 +1,5 @@
+---
+
matrix_email2matrix_enabled: true
matrix_email2matrix_base_path: "{{ matrix_base_data_path }}/email2matrix"
@@ -8,7 +10,7 @@ matrix_email2matrix_container_image_self_build: false
matrix_email2matrix_container_image_self_build_repo: "https://github.com/devture/email2matrix.git"
matrix_email2matrix_container_image_self_build_branch: "{{ matrix_email2matrix_version }}"
-matrix_email2matrix_version: 1.0.1
+matrix_email2matrix_version: 1.0.3
matrix_email2matrix_docker_image_prefix: "{{ 'localhost/' if matrix_email2matrix_container_image_self_build else matrix_container_global_registry_prefix }}"
matrix_email2matrix_docker_image: "{{ matrix_email2matrix_docker_image_prefix }}devture/email2matrix:{{ matrix_email2matrix_version }}"
matrix_email2matrix_docker_image_force_pull: "{{ matrix_email2matrix_docker_image.endswith(':latest') }}"
diff --git a/roles/matrix-email2matrix/tasks/init.yml b/roles/matrix-email2matrix/tasks/init.yml
index 0c8ffc0c..5f582212 100644
--- a/roles/matrix-email2matrix/tasks/init.yml
+++ b/roles/matrix-email2matrix/tasks/init.yml
@@ -1,3 +1,5 @@
+---
+
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-email2matrix.service'] }}"
when: matrix_email2matrix_enabled|bool
diff --git a/roles/matrix-email2matrix/tasks/main.yml b/roles/matrix-email2matrix/tasks/main.yml
index 77be7279..35bda4fa 100644
--- a/roles/matrix-email2matrix/tasks/main.yml
+++ b/roles/matrix-email2matrix/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-email2matrix/tasks/setup_install.yml b/roles/matrix-email2matrix/tasks/setup_install.yml
index 7805c2c1..44f2ef7d 100644
--- a/roles/matrix-email2matrix/tasks/setup_install.yml
+++ b/roles/matrix-email2matrix/tasks/setup_install.yml
@@ -8,9 +8,9 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_email2matrix_base_path }}", when: true }
- - { path: "{{ matrix_email2matrix_config_dir_path }}", when: true }
- - { path: "{{ matrix_email2matrix_docker_src_files_path }}", when: "{{ matrix_email2matrix_container_image_self_build }}"}
+ - {path: "{{ matrix_email2matrix_base_path }}", when: true}
+ - {path: "{{ matrix_email2matrix_config_dir_path }}", when: true}
+ - {path: "{{ matrix_email2matrix_docker_src_files_path }}", when: "{{ matrix_email2matrix_container_image_self_build }}"}
when: "item.when|bool"
- name: Ensure Email2Matrix configuration file created
@@ -47,7 +47,7 @@
build:
dockerfile: etc/docker/Dockerfile
path: "{{ matrix_email2matrix_docker_src_files_path }}"
- pull: yes
+ pull: true
when: "matrix_email2matrix_container_image_self_build|bool"
- name: Ensure matrix-email2matrix.service installed
@@ -59,5 +59,5 @@
- name: Ensure systemd reloaded after matrix-email2matrix.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_email2matrix_systemd_service_result.changed|bool"
diff --git a/roles/matrix-email2matrix/tasks/setup_uninstall.yml b/roles/matrix-email2matrix/tasks/setup_uninstall.yml
index 270b9250..27d35f2d 100644
--- a/roles/matrix-email2matrix/tasks/setup_uninstall.yml
+++ b/roles/matrix-email2matrix/tasks/setup_uninstall.yml
@@ -9,8 +9,8 @@
service:
name: matrix-email2matrix
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
register: stopping_result
when: "matrix_email2matrix_service_stat.stat.exists|bool"
@@ -22,7 +22,7 @@
- name: Ensure systemd reloaded after matrix-email2matrix.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_email2matrix_service_stat.stat.exists|bool"
- name: Ensure Email2Matrix data path doesn't exist
diff --git a/roles/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 b/roles/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2
index b620a13f..c9226768 100644
--- a/roles/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2
+++ b/roles/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2
@@ -24,8 +24,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-email2matrix \
{% endfor %}
{{ matrix_email2matrix_docker_image }}
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-email2matrix 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-email2matrix 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-email2matrix 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-email2matrix 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-email2matrix
diff --git a/roles/matrix-etherpad/defaults/main.yml b/roles/matrix-etherpad/defaults/main.yml
index bcabc3dd..0daf24a3 100644
--- a/roles/matrix-etherpad/defaults/main.yml
+++ b/roles/matrix-etherpad/defaults/main.yml
@@ -1,3 +1,5 @@
+---
+
matrix_etherpad_enabled: false
matrix_etherpad_base_path: "{{ matrix_base_data_path }}/etherpad"
diff --git a/roles/matrix-etherpad/tasks/init.yml b/roles/matrix-etherpad/tasks/init.yml
index c94e0817..b155064c 100644
--- a/roles/matrix-etherpad/tasks/init.yml
+++ b/roles/matrix-etherpad/tasks/init.yml
@@ -1,52 +1,54 @@
+---
+
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-etherpad.service'] }}"
when: matrix_etherpad_enabled|bool
- block:
- - name: Fail if matrix-nginx-proxy role already executed
- fail:
- msg: >-
- Trying to append Etherpad's reverse-proxying configuration to matrix-nginx-proxy,
- but it's pointless since the matrix-nginx-proxy role had already executed.
- To fix this, please change the order of roles in your playbook,
- so that the matrix-nginx-proxy role would run after the matrix-etherpad role.
- when: matrix_nginx_proxy_role_executed|default(False)|bool
+ - name: Fail if matrix-nginx-proxy role already executed
+ fail:
+ msg: >-
+ Trying to append Etherpad's reverse-proxying configuration to matrix-nginx-proxy,
+ but it's pointless since the matrix-nginx-proxy role had already executed.
+ To fix this, please change the order of roles in your playbook,
+ so that the matrix-nginx-proxy role would run after the matrix-etherpad role.
+ when: matrix_nginx_proxy_role_executed|default(False)|bool
- - name: Generate Etherpad proxying configuration for matrix-nginx-proxy
- set_fact:
- matrix_etherpad_matrix_nginx_proxy_configuration: |
- rewrite ^{{ matrix_etherpad_public_endpoint }}$ {{ matrix_nginx_proxy_x_forwarded_proto_value }}://$server_name{{ matrix_etherpad_public_endpoint }}/ permanent;
+ - name: Generate Etherpad proxying configuration for matrix-nginx-proxy
+ set_fact:
+ matrix_etherpad_matrix_nginx_proxy_configuration: |
+ rewrite ^{{ matrix_etherpad_public_endpoint }}$ {{ matrix_nginx_proxy_x_forwarded_proto_value }}://$server_name{{ matrix_etherpad_public_endpoint }}/ permanent;
- location {{ matrix_etherpad_public_endpoint }}/ {
- {% if matrix_nginx_proxy_enabled|default(False) %}
- {# Use the embedded DNS resolver in Docker containers to discover the service #}
- resolver 127.0.0.11 valid=5s;
- proxy_pass http://matrix-etherpad:9001/;
- {# These are proxy directives needed specifically by Etherpad #}
- proxy_buffering off;
- proxy_http_version 1.1; # recommended with keepalive connections
- proxy_pass_header Server;
- proxy_set_header Host $host;
- proxy_set_header X-Forwarded-Proto {{ matrix_nginx_proxy_x_forwarded_proto_value }}; # for EP to set secure cookie flag when https is used
- # WebSocket proxying - from http://nginx.org/en/docs/http/websocket.html
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection $connection_upgrade;
- {% else %}
- {# Generic configuration for use outside of our container setup #}
- # A good guide for setting up your Etherpad behind nginx:
- # https://docs.gandi.net/en/cloud/tutorials/etherpad_lite.html
- proxy_pass http://127.0.0.1:9001/;
- {% endif %}
- }
+ location {{ matrix_etherpad_public_endpoint }}/ {
+ {% if matrix_nginx_proxy_enabled|default(False) %}
+ {# Use the embedded DNS resolver in Docker containers to discover the service #}
+ resolver 127.0.0.11 valid=5s;
+ proxy_pass http://matrix-etherpad:9001/;
+ {# These are proxy directives needed specifically by Etherpad #}
+ proxy_buffering off;
+ proxy_http_version 1.1; # recommended with keepalive connections
+ proxy_pass_header Server;
+ proxy_set_header Host $host;
+ proxy_set_header X-Forwarded-Proto {{ matrix_nginx_proxy_x_forwarded_proto_value }}; # for EP to set secure cookie flag when https is used
+ # WebSocket proxying - from http://nginx.org/en/docs/http/websocket.html
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection $connection_upgrade;
+ {% else %}
+ {# Generic configuration for use outside of our container setup #}
+ # A good guide for setting up your Etherpad behind nginx:
+ # https://docs.gandi.net/en/cloud/tutorials/etherpad_lite.html
+ proxy_pass http://127.0.0.1:9001/;
+ {% endif %}
+ }
- - name: Register Etherpad proxying configuration with matrix-nginx-proxy
- set_fact:
- matrix_nginx_proxy_proxy_dimension_additional_server_configuration_blocks: |
- {{
- matrix_nginx_proxy_proxy_dimension_additional_server_configuration_blocks|default([])
- +
- [matrix_etherpad_matrix_nginx_proxy_configuration]
- }}
+ - name: Register Etherpad proxying configuration with matrix-nginx-proxy
+ set_fact:
+ matrix_nginx_proxy_proxy_dimension_additional_server_configuration_blocks: |
+ {{
+ matrix_nginx_proxy_proxy_dimension_additional_server_configuration_blocks|default([])
+ +
+ [matrix_etherpad_matrix_nginx_proxy_configuration]
+ }}
tags:
- always
when: matrix_etherpad_enabled|bool
diff --git a/roles/matrix-etherpad/tasks/main.yml b/roles/matrix-etherpad/tasks/main.yml
index 27548aaf..bf59d838 100644
--- a/roles/matrix-etherpad/tasks/main.yml
+++ b/roles/matrix-etherpad/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-etherpad/tasks/setup_install.yml b/roles/matrix-etherpad/tasks/setup_install.yml
index a93c28de..27832e14 100644
--- a/roles/matrix-etherpad/tasks/setup_install.yml
+++ b/roles/matrix-etherpad/tasks/setup_install.yml
@@ -32,5 +32,5 @@
- name: Ensure systemd reloaded after matrix-etherpad.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_etherpad_systemd_service_result.changed|bool"
diff --git a/roles/matrix-etherpad/tasks/setup_uninstall.yml b/roles/matrix-etherpad/tasks/setup_uninstall.yml
index a63d3fb1..ae1f2604 100644
--- a/roles/matrix-etherpad/tasks/setup_uninstall.yml
+++ b/roles/matrix-etherpad/tasks/setup_uninstall.yml
@@ -9,8 +9,8 @@
service:
name: matrix-etherpad
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
register: stopping_result
when: "matrix_etherpad_service_stat.stat.exists|bool"
@@ -22,7 +22,7 @@
- name: Ensure systemd reloaded after matrix-etherpad.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_etherpad_service_stat.stat.exists|bool"
- name: Ensure Etherpad base directory doesn't exist
diff --git a/roles/matrix-etherpad/tasks/validate_config.yml b/roles/matrix-etherpad/tasks/validate_config.yml
index c76dc3b5..f9438e7b 100644
--- a/roles/matrix-etherpad/tasks/validate_config.yml
+++ b/roles/matrix-etherpad/tasks/validate_config.yml
@@ -1,3 +1,5 @@
+---
+
- name: Fail if Etherpad is enabled without the Dimension integrations manager
fail:
msg: >-
diff --git a/roles/matrix-etherpad/templates/systemd/matrix-etherpad.service.j2 b/roles/matrix-etherpad/templates/systemd/matrix-etherpad.service.j2
index e55c57c7..d96c4260 100644
--- a/roles/matrix-etherpad/templates/systemd/matrix-etherpad.service.j2
+++ b/roles/matrix-etherpad/templates/systemd/matrix-etherpad.service.j2
@@ -34,8 +34,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-etherpad \
--sessionkey /data/sessionkey.json --apikey /data/apijey.json
-ExecStopPost=-{{ matrix_host_command_docker }} kill matrix-etherpad
-ExecStopPost=-{{ matrix_host_command_docker }} rm matrix-etherpad
+ExecStop=-{{ matrix_host_command_docker }} kill matrix-etherpad
+ExecStop=-{{ matrix_host_command_docker }} rm matrix-etherpad
Restart=always
RestartSec=30
SyslogIdentifier=matrix-etherpad
diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml
index f802d2e5..0ee7a86a 100644
--- a/roles/matrix-grafana/defaults/main.yml
+++ b/roles/matrix-grafana/defaults/main.yml
@@ -1,9 +1,10 @@
+---
# matrix-grafana is open source visualization and analytics software
# See: https://github.com/matrix-org/synapse/blob/master/docs/metrics-howto.md
matrix_grafana_enabled: false
-matrix_grafana_version: 8.3.3
+matrix_grafana_version: 8.4.1
matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}"
matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}"
@@ -11,8 +12,8 @@ matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith
# they might still want to look at the old existing data.
# So it would be silly to delete the dashboard in such case.
matrix_grafana_dashboard_download_urls:
-- "https://raw.githubusercontent.com/matrix-org/synapse/master/contrib/grafana/synapse.json"
-- "https://raw.githubusercontent.com/rfrail3/grafana-dashboards/master/prometheus/node-exporter-full.json"
+ - "https://raw.githubusercontent.com/matrix-org/synapse/master/contrib/grafana/synapse.json"
+ - "https://raw.githubusercontent.com/rfrail3/grafana-dashboards/master/prometheus/node-exporter-full.json"
matrix_grafana_base_path: "{{ matrix_base_data_path }}/grafana"
matrix_grafana_config_path: "{{ matrix_grafana_base_path }}/config"
@@ -21,6 +22,10 @@ matrix_grafana_data_path: "{{ matrix_grafana_base_path }}/data"
# Allow viewing Grafana without logging in
matrix_grafana_anonymous_access: false
+# When `false`, sends a `X-Frame-Options: deny` HTTP header, which allows Grafana from being embeded in a frame.
+# Read more here: https://grafana.com/docs/grafana/latest/administration/configuration/#allow_embedding
+matrix_grafana_allow_embedding: false
+
# specify organization name that should be used for unauthenticated users
# if you change this in the Grafana admin panel, this needs to be updated
# to match to keep anonymous logins working
@@ -32,7 +37,7 @@ matrix_grafana_default_admin_user: admin
matrix_grafana_default_admin_password: admin
# Set to true to add the Content-Security-Policy header to your requests.
-# CSP allows to control resources that the user agent can load and helps
+# CSP allows to control resources that the user agent can load and helps
# prevent XSS attacks.
# [Content Security Policy](https://grafana.com/docs/grafana/latest/administration/configuration/#content_security_policy)
matrix_grafana_content_security_policy: true
diff --git a/roles/matrix-grafana/tasks/init.yml b/roles/matrix-grafana/tasks/init.yml
index 8a22e301..4c2cbf06 100644
--- a/roles/matrix-grafana/tasks/init.yml
+++ b/roles/matrix-grafana/tasks/init.yml
@@ -1,5 +1,5 @@
+---
+
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-grafana.service'] }}"
when: matrix_grafana_enabled|bool
-
-
diff --git a/roles/matrix-grafana/tasks/main.yml b/roles/matrix-grafana/tasks/main.yml
index fb16c394..c93fd500 100644
--- a/roles/matrix-grafana/tasks/main.yml
+++ b/roles/matrix-grafana/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-grafana/tasks/setup.yml b/roles/matrix-grafana/tasks/setup.yml
index c5cee64c..5f9d21c1 100644
--- a/roles/matrix-grafana/tasks/setup.yml
+++ b/roles/matrix-grafana/tasks/setup.yml
@@ -77,7 +77,7 @@
- name: Ensure systemd reloaded after matrix-grafana.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_grafana_enabled|bool and matrix_grafana_systemd_service_result.changed"
#
@@ -93,8 +93,8 @@
service:
name: matrix-grafana
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
register: stopping_result
when: "not matrix_grafana_enabled|bool and matrix_grafana_service_stat.stat.exists"
@@ -106,6 +106,5 @@
- name: Ensure systemd reloaded after matrix-grafana.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "not matrix_grafana_enabled|bool and matrix_grafana_service_stat.stat.exists"
-
diff --git a/roles/matrix-grafana/templates/grafana.ini.j2 b/roles/matrix-grafana/templates/grafana.ini.j2
index 8f4c88f0..1e06683e 100644
--- a/roles/matrix-grafana/templates/grafana.ini.j2
+++ b/roles/matrix-grafana/templates/grafana.ini.j2
@@ -16,6 +16,8 @@ content_security_policy = "{{ matrix_grafana_content_security_policy }}"
content_security_policy_template = """{{ matrix_grafana_content_security_policy_template }}"""
{% endif %}
+allow_embedding = {{ matrix_grafana_allow_embedding }}
+
[auth.anonymous]
# enable anonymous access
enabled = {{ matrix_grafana_anonymous_access }}
diff --git a/roles/matrix-grafana/templates/systemd/matrix-grafana.service.j2 b/roles/matrix-grafana/templates/systemd/matrix-grafana.service.j2
index 64d40a5c..a4f81e35 100644
--- a/roles/matrix-grafana/templates/systemd/matrix-grafana.service.j2
+++ b/roles/matrix-grafana/templates/systemd/matrix-grafana.service.j2
@@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-grafana \
{% endfor %}
{{ matrix_grafana_docker_image }}
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-grafana 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-grafana 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-grafana 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-grafana 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-grafana
diff --git a/roles/matrix-jitsi/defaults/main.yml b/roles/matrix-jitsi/defaults/main.yml
index 33dad388..5f543d4a 100644
--- a/roles/matrix-jitsi/defaults/main.yml
+++ b/roles/matrix-jitsi/defaults/main.yml
@@ -1,3 +1,5 @@
+---
+
matrix_jitsi_enabled: true
matrix_jitsi_base_path: "{{ matrix_base_data_path }}/jitsi"
@@ -68,8 +70,8 @@ matrix_jitsi_jibri_recorder_password: ''
matrix_jitsi_enable_lobby: false
-matrix_jitsi_version: stable-6726-1
-matrix_jitsi_container_image_tag: "{{ matrix_jitsi_version }}" # for backward-compatibility
+matrix_jitsi_version: stable-6865
+matrix_jitsi_container_image_tag: "{{ matrix_jitsi_version }}" # for backward-compatibility
matrix_jitsi_web_docker_image: "{{ matrix_container_global_registry_prefix }}jitsi/web:{{ matrix_jitsi_container_image_tag }}"
matrix_jitsi_web_docker_image_force_pull: "{{ matrix_jitsi_web_docker_image.endswith(':latest') }}"
diff --git a/roles/matrix-jitsi/tasks/init.yml b/roles/matrix-jitsi/tasks/init.yml
index 1f7a2d1c..efab8745 100644
--- a/roles/matrix-jitsi/tasks/init.yml
+++ b/roles/matrix-jitsi/tasks/init.yml
@@ -1,3 +1,5 @@
+---
+
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-jitsi-web.service', 'matrix-jitsi-prosody.service', 'matrix-jitsi-jicofo.service', 'matrix-jitsi-jvb.service'] }}"
when: matrix_jitsi_enabled|bool
diff --git a/roles/matrix-jitsi/tasks/main.yml b/roles/matrix-jitsi/tasks/main.yml
index e4f3508f..fe9da205 100644
--- a/roles/matrix-jitsi/tasks/main.yml
+++ b/roles/matrix-jitsi/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-jitsi/tasks/setup_jitsi_base.yml b/roles/matrix-jitsi/tasks/setup_jitsi_base.yml
index 408027ee..4b390c18 100644
--- a/roles/matrix-jitsi/tasks/setup_jitsi_base.yml
+++ b/roles/matrix-jitsi/tasks/setup_jitsi_base.yml
@@ -1,5 +1,7 @@
---
+- import_tasks: "{{ role_path }}/../matrix-base/tasks/util/ensure_openssl_installed.yml"
+
#
# Tasks related to setting up jitsi
#
@@ -12,7 +14,7 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_jitsi_base_path }}", when: true }
+ - {path: "{{ matrix_jitsi_base_path }}", when: true}
when: matrix_jitsi_enabled|bool and item.when
#
diff --git a/roles/matrix-jitsi/tasks/setup_jitsi_jicofo.yml b/roles/matrix-jitsi/tasks/setup_jitsi_jicofo.yml
index 4e2be696..2bb781c1 100644
--- a/roles/matrix-jitsi/tasks/setup_jitsi_jicofo.yml
+++ b/roles/matrix-jitsi/tasks/setup_jitsi_jicofo.yml
@@ -12,8 +12,8 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_jitsi_jicofo_base_path }}", when: true }
- - { path: "{{ matrix_jitsi_jicofo_config_path }}", when: true }
+ - {path: "{{ matrix_jitsi_jicofo_base_path }}", when: true}
+ - {path: "{{ matrix_jitsi_jicofo_config_path }}", when: true}
when: matrix_jitsi_enabled|bool and item.when
- name: Ensure jitsi-jicofo Docker image is pulled
@@ -51,7 +51,7 @@
- name: Ensure systemd reloaded after matrix-jitsi-jicofo.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_jitsi_enabled and matrix_jitsi_jicofo_systemd_service_result.changed"
#
@@ -68,8 +68,8 @@
service:
name: matrix-jitsi-jicofo
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
register: stopping_result
when: "not matrix_jitsi_enabled|bool and matrix_jitsi_jicofo_service_stat.stat.exists"
@@ -81,7 +81,7 @@
- name: Ensure systemd reloaded after matrix-jitsi-jicofo.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "not matrix_jitsi_enabled|bool and matrix_jitsi_jicofo_service_stat.stat.exists"
- name: Ensure Matrix jitsi-jicofo paths doesn't exist
diff --git a/roles/matrix-jitsi/tasks/setup_jitsi_jvb.yml b/roles/matrix-jitsi/tasks/setup_jitsi_jvb.yml
index 558a6cf1..3b3b8dbf 100644
--- a/roles/matrix-jitsi/tasks/setup_jitsi_jvb.yml
+++ b/roles/matrix-jitsi/tasks/setup_jitsi_jvb.yml
@@ -12,8 +12,8 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_jitsi_jvb_base_path }}", when: true }
- - { path: "{{ matrix_jitsi_jvb_config_path }}", when: true }
+ - {path: "{{ matrix_jitsi_jvb_base_path }}", when: true}
+ - {path: "{{ matrix_jitsi_jvb_config_path }}", when: true}
when: matrix_jitsi_enabled|bool and item.when
- name: Ensure jitsi-jvb Docker image is pulled
@@ -51,7 +51,7 @@
- name: Ensure systemd reloaded after matrix-jitsi-jvb.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_jitsi_enabled and matrix_jitsi_jvb_systemd_service_result.changed"
#
@@ -68,8 +68,8 @@
service:
name: matrix-jitsi-jvb
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
register: stopping_result
when: "not matrix_jitsi_enabled|bool and matrix_jitsi_jvb_service_stat.stat.exists"
@@ -81,7 +81,7 @@
- name: Ensure systemd reloaded after matrix-jitsi-jvb.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "not matrix_jitsi_enabled|bool and matrix_jitsi_jvb_service_stat.stat.exists"
- name: Ensure Matrix jitsi-jvb paths doesn't exist
diff --git a/roles/matrix-jitsi/tasks/setup_jitsi_prosody.yml b/roles/matrix-jitsi/tasks/setup_jitsi_prosody.yml
index c1c7c7fc..437e1e9c 100644
--- a/roles/matrix-jitsi/tasks/setup_jitsi_prosody.yml
+++ b/roles/matrix-jitsi/tasks/setup_jitsi_prosody.yml
@@ -12,9 +12,9 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_jitsi_prosody_base_path }}", when: true }
- - { path: "{{ matrix_jitsi_prosody_config_path }}", when: true }
- - { path: "{{ matrix_jitsi_prosody_plugins_path }}", when: true }
+ - {path: "{{ matrix_jitsi_prosody_base_path }}", when: true}
+ - {path: "{{ matrix_jitsi_prosody_config_path }}", when: true}
+ - {path: "{{ matrix_jitsi_prosody_plugins_path }}", when: true}
when: matrix_jitsi_enabled|bool and item.when
- name: Ensure jitsi-prosody Docker image is pulled
@@ -42,7 +42,7 @@
- name: Ensure systemd service is reloaded after matrix-jitsi-prosody.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_jitsi_enabled and matrix_jitsi_prosody_systemd_service_result.changed"
- name: Ensure authentication is properly configured
@@ -67,8 +67,8 @@
service:
name: matrix-jitsi-prosody
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
register: stopping_result
when: "not matrix_jitsi_enabled|bool and matrix_jitsi_prosody_service_stat.stat.exists"
@@ -80,7 +80,7 @@
- name: Ensure systemd is reloaded after matrix-jitsi-prosody.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "not matrix_jitsi_enabled|bool and matrix_jitsi_prosody_service_stat.stat.exists"
- name: Ensure Matrix jitsi-prosody paths doesn't exist
diff --git a/roles/matrix-jitsi/tasks/setup_jitsi_web.yml b/roles/matrix-jitsi/tasks/setup_jitsi_web.yml
index bcb1b49e..0a4d43b0 100644
--- a/roles/matrix-jitsi/tasks/setup_jitsi_web.yml
+++ b/roles/matrix-jitsi/tasks/setup_jitsi_web.yml
@@ -12,10 +12,10 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_jitsi_web_base_path }}", when: true }
- - { path: "{{ matrix_jitsi_web_config_path }}", when: true }
- - { path: "{{ matrix_jitsi_web_transcripts_path }}", when: true }
- - { path: "{{ matrix_jitsi_web_crontabs_path }}", when: true }
+ - {path: "{{ matrix_jitsi_web_base_path }}", when: true}
+ - {path: "{{ matrix_jitsi_web_config_path }}", when: true}
+ - {path: "{{ matrix_jitsi_web_transcripts_path }}", when: true}
+ - {path: "{{ matrix_jitsi_web_crontabs_path }}", when: true}
when: matrix_jitsi_enabled|bool and item.when
- name: Ensure jitsi-web Docker image is pulled
@@ -53,7 +53,7 @@
- name: Ensure systemd reloaded after matrix-jitsi-web.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_jitsi_enabled and matrix_jitsi_web_systemd_service_result.changed"
#
@@ -70,8 +70,8 @@
service:
name: matrix-jitsi-web
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
register: stopping_result
when: "not matrix_jitsi_enabled|bool and matrix_jitsi_web_service_stat.stat.exists"
@@ -83,7 +83,7 @@
- name: Ensure systemd reloaded after matrix-jitsi-web.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "not matrix_jitsi_enabled|bool and matrix_jitsi_web_service_stat.stat.exists"
- name: Ensure Matrix jitsi-web paths doesn't exist
@@ -94,4 +94,3 @@
# Intentionally not removing the Docker image when uninstalling.
# We can't be sure it had been pulled by us in the first place.
-
diff --git a/roles/matrix-jitsi/tasks/util/setup_jitsi_auth.yml b/roles/matrix-jitsi/tasks/util/setup_jitsi_auth.yml
index 66fb7e5d..50973acb 100644
--- a/roles/matrix-jitsi/tasks/util/setup_jitsi_auth.yml
+++ b/roles/matrix-jitsi/tasks/util/setup_jitsi_auth.yml
@@ -21,18 +21,14 @@
- matrix_jitsi_auth_type == "internal"
- matrix_jitsi_prosody_auth_internal_accounts|length > 0
-
#
# Tasks related to configuring other Jitsi authentication mechanisms
#
-
-
#
# Tasks related to cleaning after Jitsi authentication configuration
#
-
#
# Stop Necessary Services
#
@@ -40,4 +36,4 @@
systemd:
state: stopped
name: matrix-jitsi-prosody
- when: matrix_jitsi_prosody_start_result.changed|bool
\ No newline at end of file
+ when: matrix_jitsi_prosody_start_result.changed|bool
diff --git a/roles/matrix-jitsi/tasks/validate_config.yml b/roles/matrix-jitsi/tasks/validate_config.yml
index 4defe986..5131396d 100644
--- a/roles/matrix-jitsi/tasks/validate_config.yml
+++ b/roles/matrix-jitsi/tasks/validate_config.yml
@@ -24,7 +24,6 @@
fail:
msg: >-
At least one Jitsi user needs to be defined in `matrix_jitsi_prosody_auth_internal_accounts` when using internal authentication.
-
If you're setting up Jitsi for the first time, you may have missed a step.
Refer to our setup instructions (docs/configuring-playbook-jitsi.md).
when:
diff --git a/roles/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 b/roles/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2
index b4944c84..6ecafaa0 100644
--- a/roles/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2
+++ b/roles/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2
@@ -23,8 +23,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-jicofo \
{% endfor %}
{{ matrix_jitsi_jicofo_docker_image }}
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-jicofo 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-jicofo 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-jicofo 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-jicofo 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-jitsi-jicofo
diff --git a/roles/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 b/roles/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2
index 5be32210..2785795d 100644
--- a/roles/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2
+++ b/roles/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2
@@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-jvb \
{% endfor %}
{{ matrix_jitsi_jvb_docker_image }}
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-jvb 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-jvb 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-jvb 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-jvb 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-jitsi-jvb
diff --git a/roles/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 b/roles/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2
index 452ff954..5a4a81e5 100644
--- a/roles/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2
+++ b/roles/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2
@@ -28,8 +28,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-prosody
{% endfor %}
{{ matrix_jitsi_prosody_docker_image }}
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-prosody 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-prosody 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-prosody 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-prosody 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-jitsi-prosody
diff --git a/roles/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 b/roles/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2
index ff577670..35bfca67 100644
--- a/roles/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2
+++ b/roles/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2
@@ -29,8 +29,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-web \
{% endfor %}
{{ matrix_jitsi_web_docker_image }}
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-web 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-web 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-web 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-web 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-jitsi-web
diff --git a/roles/matrix-ma1sd/defaults/main.yml b/roles/matrix-ma1sd/defaults/main.yml
index f0e96eff..f1d57049 100644
--- a/roles/matrix-ma1sd/defaults/main.yml
+++ b/roles/matrix-ma1sd/defaults/main.yml
@@ -1,3 +1,4 @@
+---
# ma1sd is a Federated Matrix Identity Server
# See: https://github.com/ma1uta/ma1sd
diff --git a/roles/matrix-ma1sd/tasks/init.yml b/roles/matrix-ma1sd/tasks/init.yml
index 04cc3a21..a7c914db 100644
--- a/roles/matrix-ma1sd/tasks/init.yml
+++ b/roles/matrix-ma1sd/tasks/init.yml
@@ -1,3 +1,4 @@
+---
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
- name: Fail if trying to self-build on Ansible < 2.8
diff --git a/roles/matrix-ma1sd/tasks/main.yml b/roles/matrix-ma1sd/tasks/main.yml
index 0b8a114e..2902c05d 100644
--- a/roles/matrix-ma1sd/tasks/main.yml
+++ b/roles/matrix-ma1sd/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-ma1sd/tasks/migrate_mxisd.yml b/roles/matrix-ma1sd/tasks/migrate_mxisd.yml
index c36c3de9..720afa76 100644
--- a/roles/matrix-ma1sd/tasks/migrate_mxisd.yml
+++ b/roles/matrix-ma1sd/tasks/migrate_mxisd.yml
@@ -23,8 +23,8 @@
service:
name: matrix-mxisd
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
when: "matrix_mxisd_service_stat.stat.exists"
- name: Check existence of matrix-ma1sd service
@@ -37,26 +37,26 @@
service:
name: matrix-ma1sd
state: stopped
- daemon_reload: yes
+ daemon_reload: true
when: "ma1sd_migrate_mxisd_data_dir_stat.stat.exists and matrix_ma1sd_service_stat.stat.exists"
# We use shell commands for the migration, because the Ansible copy module cannot
# recursively copy remote directories (like `/matrix/mxisd/data/sign.key`) in older versions of Ansible.
- block:
- - name: Copy mxisd data files to ma1sd folder
- command: "cp -ar {{ matrix_base_data_path }}/mxisd/data {{ matrix_ma1sd_base_path }}"
+ - name: Copy mxisd data files to ma1sd folder
+ command: "cp -ar {{ matrix_base_data_path }}/mxisd/data {{ matrix_ma1sd_base_path }}"
- - name: Check existence of mxisd.db file
- stat:
- path: "{{ matrix_ma1sd_data_path }}/mxisd.db"
- register: matrix_ma1sd_mxisd_db_stat
+ - name: Check existence of mxisd.db file
+ stat:
+ path: "{{ matrix_ma1sd_data_path }}/mxisd.db"
+ register: matrix_ma1sd_mxisd_db_stat
- - name: Rename database (mxisd.db -> ma1sd.db)
- command: "mv {{ matrix_ma1sd_data_path }}/mxisd.db {{ matrix_ma1sd_data_path }}/ma1sd.db"
- when: "matrix_ma1sd_mxisd_db_stat.stat.exists"
+ - name: Rename database (mxisd.db -> ma1sd.db)
+ command: "mv {{ matrix_ma1sd_data_path }}/mxisd.db {{ matrix_ma1sd_data_path }}/ma1sd.db"
+ when: "matrix_ma1sd_mxisd_db_stat.stat.exists"
- - name: Rename mxisd folder
- command: "mv {{ matrix_base_data_path }}/mxisd {{ matrix_base_data_path }}/mxisd.migrated"
+ - name: Rename mxisd folder
+ command: "mv {{ matrix_base_data_path }}/mxisd {{ matrix_base_data_path }}/mxisd.migrated"
when: "ma1sd_migrate_mxisd_data_dir_stat.stat.exists"
- name: Ensure outdated matrix-mxisd.service doesn't exist
@@ -67,7 +67,5 @@
- name: Ensure systemd reloaded after removing outdated matrix-mxisd.service
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_mxisd_service_stat.stat.exists"
-
-
diff --git a/roles/matrix-ma1sd/tasks/self_check_ma1sd.yml b/roles/matrix-ma1sd/tasks/self_check_ma1sd.yml
index b8a7faaa..4a4c7136 100644
--- a/roles/matrix-ma1sd/tasks/self_check_ma1sd.yml
+++ b/roles/matrix-ma1sd/tasks/self_check_ma1sd.yml
@@ -8,7 +8,7 @@
url: "{{ ma1sd_url_endpoint_public }}"
follow_redirects: none
validate_certs: "{{ matrix_ma1sd_self_check_validate_certificates }}"
- check_mode: no
+ check_mode: false
register: result_ma1sd
ignore_errors: true
diff --git a/roles/matrix-ma1sd/tasks/setup_install.yml b/roles/matrix-ma1sd/tasks/setup_install.yml
index 3f319eef..6fc6902a 100644
--- a/roles/matrix-ma1sd/tasks/setup_install.yml
+++ b/roles/matrix-ma1sd/tasks/setup_install.yml
@@ -8,9 +8,9 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_ma1sd_config_path }}", when: true }
- - { path: "{{ matrix_ma1sd_data_path }}", when: true }
- - { path: "{{ matrix_ma1sd_docker_src_files_path }}", when: "{{ matrix_ma1sd_container_image_self_build }}"}
+ - {path: "{{ matrix_ma1sd_config_path }}", when: true}
+ - {path: "{{ matrix_ma1sd_data_path }}", when: true}
+ - {path: "{{ matrix_ma1sd_docker_src_files_path }}", when: "{{ matrix_ma1sd_container_image_self_build }}"}
when: "item.when|bool"
- import_tasks: "{{ role_path }}/tasks/migrate_mxisd.yml"
@@ -54,52 +54,52 @@
when: "not matrix_ma1sd_container_image_self_build|bool"
- block:
- - name: Ensure gradle is installed for self-building (Debian)
- apt:
- name:
- - gradle
- state: present
- update_cache: yes
- when: (ansible_os_family == 'Debian')
+ - name: Ensure gradle is installed for self-building (Debian)
+ apt:
+ name:
+ - gradle
+ state: present
+ update_cache: true
+ when: (ansible_os_family == 'Debian')
- - name: Ensure gradle is installed for self-building (CentOS)
- fail:
- msg: "Installing gradle on CentOS is currently not supported, so self-building ma1sd cannot happen at this time"
- when: ansible_distribution == 'CentOS'
+ - name: Ensure gradle is installed for self-building (RedHat)
+ fail:
+ msg: "Installing gradle on RedHat ({{ ansible_distribution }}) is currently not supported, so self-building ma1sd cannot happen at this time"
+ when: ansible_os_family == 'RedHat'
- - name: Ensure gradle is installed for self-building (Archlinux)
- pacman:
- name:
- - gradle
- state: latest
- update_cache: yes
- when: ansible_distribution == 'Archlinux'
+ - name: Ensure gradle is installed for self-building (Archlinux)
+ pacman:
+ name:
+ - gradle
+ state: latest
+ update_cache: true
+ when: ansible_distribution == 'Archlinux'
- - name: Ensure ma1sd repository is present on self-build
- git:
- repo: "{{ matrix_ma1sd_container_image_self_build_repo }}"
- dest: "{{ matrix_ma1sd_docker_src_files_path }}"
- version: "{{ matrix_ma1sd_container_image_self_build_branch }}"
- force: "yes"
- register: matrix_ma1sd_git_pull_results
+ - name: Ensure ma1sd repository is present on self-build
+ git:
+ repo: "{{ matrix_ma1sd_container_image_self_build_repo }}"
+ dest: "{{ matrix_ma1sd_docker_src_files_path }}"
+ version: "{{ matrix_ma1sd_container_image_self_build_branch }}"
+ force: "yes"
+ register: matrix_ma1sd_git_pull_results
- - name: Ensure ma1sd Docker image is built
- shell: "DOCKER_BUILDKIT=1 ./gradlew dockerBuild"
- args:
- chdir: "{{ matrix_ma1sd_docker_src_files_path }}"
+ - name: Ensure ma1sd Docker image is built
+ shell: "DOCKER_BUILDKIT=1 ./gradlew dockerBuild"
+ args:
+ chdir: "{{ matrix_ma1sd_docker_src_files_path }}"
- - name: Ensure ma1sd Docker image is tagged correctly
- docker_image:
- # The build script always tags the image with 2 tags:
- # - based on the branch/version: e.g. `ma1uta/ma1sd:2.4.0` (when on `2.4.0`)
- # or `ma1uta/ma1sd:2.4.0-19-ga71d32b` (when on a given commit for a pre-release)
- # - generic one: `ma1uta/ma1sd:latest-dev`
- #
- # It's hard to predict the first one, so we'll use the latter.
- name: "ma1uta/ma1sd:latest-dev"
- repository: "{{ matrix_ma1sd_docker_image }}"
- force_tag: yes
- source: local
+ - name: Ensure ma1sd Docker image is tagged correctly
+ docker_image:
+ # The build script always tags the image with 2 tags:
+ # - based on the branch/version: e.g. `ma1uta/ma1sd:2.4.0` (when on `2.4.0`)
+ # or `ma1uta/ma1sd:2.4.0-19-ga71d32b` (when on a given commit for a pre-release)
+ # - generic one: `ma1uta/ma1sd:latest-dev`
+ #
+ # It's hard to predict the first one, so we'll use the latter.
+ name: "ma1uta/ma1sd:latest-dev"
+ repository: "{{ matrix_ma1sd_docker_image }}"
+ force_tag: true
+ source: local
when: "matrix_ma1sd_container_image_self_build|bool"
- name: Ensure ma1sd config installed
@@ -157,7 +157,7 @@
- name: Ensure systemd reloaded after matrix-ma1sd.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_ma1sd_systemd_service_result.changed|bool"
- name: Ensure matrix-ma1sd.service restarted, if necessary
diff --git a/roles/matrix-ma1sd/tasks/setup_uninstall.yml b/roles/matrix-ma1sd/tasks/setup_uninstall.yml
index 153f6e08..30a1bfda 100644
--- a/roles/matrix-ma1sd/tasks/setup_uninstall.yml
+++ b/roles/matrix-ma1sd/tasks/setup_uninstall.yml
@@ -9,8 +9,8 @@
service:
name: matrix-ma1sd
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
register: stopping_result
when: "matrix_ma1sd_service_stat.stat.exists|bool"
@@ -22,7 +22,7 @@
- name: Ensure systemd reloaded after matrix-ma1sd.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_ma1sd_service_stat.stat.exists|bool"
- name: Ensure Matrix ma1sd paths don't exist
diff --git a/roles/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 b/roles/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2
index c3d5850f..8e5cc6dd 100644
--- a/roles/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2
+++ b/roles/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2
@@ -38,8 +38,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-ma1sd \
{% endfor %}
{{ matrix_ma1sd_docker_image }}
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-ma1sd 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-ma1sd 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-ma1sd 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-ma1sd 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-ma1sd
diff --git a/roles/matrix-mailer/defaults/main.yml b/roles/matrix-mailer/defaults/main.yml
index f006568f..682126d2 100644
--- a/roles/matrix-mailer/defaults/main.yml
+++ b/roles/matrix-mailer/defaults/main.yml
@@ -1,3 +1,5 @@
+---
+
matrix_mailer_enabled: true
matrix_mailer_base_path: "{{ matrix_base_data_path }}/mailer"
@@ -7,7 +9,7 @@ matrix_mailer_container_image_self_build_repository_url: "https://github.com/dev
matrix_mailer_container_image_self_build_src_files_path: "{{ matrix_mailer_base_path }}/docker-src"
matrix_mailer_container_image_self_build_version: "{{ matrix_mailer_docker_image.split(':')[1] }}"
-matrix_mailer_version: 4.95-r0
+matrix_mailer_version: 4.95-r0-2
matrix_mailer_docker_image: "{{ matrix_mailer_docker_image_name_prefix }}devture/exim-relay:{{ matrix_mailer_version }}"
matrix_mailer_docker_image_name_prefix: "{{ 'localhost/' if matrix_mailer_container_image_self_build else matrix_container_global_registry_prefix }}"
matrix_mailer_docker_image_force_pull: "{{ matrix_mailer_docker_image.endswith(':latest') }}"
diff --git a/roles/matrix-mailer/tasks/init.yml b/roles/matrix-mailer/tasks/init.yml
index d07380f0..c928d557 100644
--- a/roles/matrix-mailer/tasks/init.yml
+++ b/roles/matrix-mailer/tasks/init.yml
@@ -1,3 +1,4 @@
+---
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
- name: Fail if trying to self-build on Ansible < 2.8
diff --git a/roles/matrix-mailer/tasks/main.yml b/roles/matrix-mailer/tasks/main.yml
index f636614e..c69dad20 100644
--- a/roles/matrix-mailer/tasks/main.yml
+++ b/roles/matrix-mailer/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-mailer/tasks/setup_mailer.yml b/roles/matrix-mailer/tasks/setup_mailer.yml
index def17883..1ac4f339 100644
--- a/roles/matrix-mailer/tasks/setup_mailer.yml
+++ b/roles/matrix-mailer/tasks/setup_mailer.yml
@@ -12,8 +12,8 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_mailer_base_path }}", when: true }
- - { path: "{{ matrix_mailer_container_image_self_build_src_files_path }}", when: "{{ matrix_mailer_container_image_self_build }}" }
+ - {path: "{{ matrix_mailer_base_path }}", when: true}
+ - {path: "{{ matrix_mailer_container_image_self_build_src_files_path }}", when: "{{ matrix_mailer_container_image_self_build }}"}
when: "matrix_mailer_enabled|bool and item.when"
- name: Ensure mailer environment variables file created
@@ -41,7 +41,7 @@
build:
dockerfile: Dockerfile
path: "{{ matrix_mailer_container_image_self_build_src_files_path }}"
- pull: yes
+ pull: true
when: "matrix_mailer_enabled|bool and matrix_mailer_container_image_self_build|bool"
- name: Ensure exim-relay image is pulled
@@ -62,7 +62,7 @@
- name: Ensure systemd reloaded after matrix-mailer.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_mailer_enabled|bool and matrix_mailer_systemd_service_result.changed"
#
@@ -79,8 +79,8 @@
service:
name: matrix-mailer
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
register: stopping_result
when: "not matrix_mailer_enabled|bool and matrix_mailer_service_stat.stat.exists"
@@ -92,7 +92,7 @@
- name: Ensure systemd reloaded after matrix-mailer.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "not matrix_mailer_enabled|bool and matrix_mailer_service_stat.stat.exists"
- name: Ensure Matrix mailer environment variables path doesn't exist
diff --git a/roles/matrix-mailer/templates/systemd/matrix-mailer.service.j2 b/roles/matrix-mailer/templates/systemd/matrix-mailer.service.j2
index ee316469..bf5a2e42 100644
--- a/roles/matrix-mailer/templates/systemd/matrix-mailer.service.j2
+++ b/roles/matrix-mailer/templates/systemd/matrix-mailer.service.j2
@@ -27,8 +27,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mailer \
{% endfor %}
{{ matrix_mailer_docker_image }}
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mailer 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mailer 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mailer 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mailer 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-mailer
diff --git a/roles/matrix-nginx-proxy/defaults/main.yml b/roles/matrix-nginx-proxy/defaults/main.yml
index 124f5236..92d50aca 100644
--- a/roles/matrix-nginx-proxy/defaults/main.yml
+++ b/roles/matrix-nginx-proxy/defaults/main.yml
@@ -1,5 +1,6 @@
+---
matrix_nginx_proxy_enabled: true
-matrix_nginx_proxy_version: 1.21.5-alpine
+matrix_nginx_proxy_version: 1.21.6-alpine
# We use an official nginx image, which we fix-up to run unprivileged.
# An alternative would be an `nginxinc/nginx-unprivileged` image, but
@@ -483,7 +484,7 @@ matrix_ssl_lets_encrypt_staging: false
# Learn more here: https://eff-certbot.readthedocs.io/en/stable/using.html#changing-the-acme-server
matrix_ssl_lets_encrypt_server: ''
-matrix_ssl_lets_encrypt_certbot_docker_image: "{{ matrix_container_global_registry_prefix }}certbot/certbot:{{ matrix_ssl_architecture }}-v1.21.0"
+matrix_ssl_lets_encrypt_certbot_docker_image: "{{ matrix_container_global_registry_prefix }}certbot/certbot:{{ matrix_ssl_architecture }}-v1.23.0"
matrix_ssl_lets_encrypt_certbot_docker_image_force_pull: "{{ matrix_ssl_lets_encrypt_certbot_docker_image.endswith(':latest') }}"
matrix_ssl_lets_encrypt_certbot_standalone_http_port: 2402
matrix_ssl_lets_encrypt_support_email: ~
@@ -562,5 +563,5 @@ matrix_nginx_proxy_synapse_frontend_proxy_locations: []
# The amount of worker processes and connections
# Consider increasing these when you are expecting high amounts of traffic
# http://nginx.org/en/docs/ngx_core_module.html#worker_connections
-matrix_nginx_proxy_worker_processes: 1
+matrix_nginx_proxy_worker_processes: auto
matrix_nginx_proxy_worker_connections: 1024
diff --git a/roles/matrix-nginx-proxy/tasks/init.yml b/roles/matrix-nginx-proxy/tasks/init.yml
index 0161da23..ddc8cb47 100644
--- a/roles/matrix-nginx-proxy/tasks/init.yml
+++ b/roles/matrix-nginx-proxy/tasks/init.yml
@@ -1,3 +1,4 @@
+---
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-nginx-proxy.service'] }}"
when: matrix_nginx_proxy_enabled|bool
diff --git a/roles/matrix-nginx-proxy/tasks/main.yml b/roles/matrix-nginx-proxy/tasks/main.yml
index ad111951..74f8e8d1 100644
--- a/roles/matrix-nginx-proxy/tasks/main.yml
+++ b/roles/matrix-nginx-proxy/tasks/main.yml
@@ -1,3 +1,4 @@
+---
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
@@ -35,4 +36,4 @@
set_fact:
matrix_nginx_proxy_role_executed: true
tags:
- - always
+ - always
diff --git a/roles/matrix-nginx-proxy/tasks/self_check_well_known_file.yml b/roles/matrix-nginx-proxy/tasks/self_check_well_known_file.yml
index 6f831a29..588cd1e7 100644
--- a/roles/matrix-nginx-proxy/tasks/self_check_well_known_file.yml
+++ b/roles/matrix-nginx-proxy/tasks/self_check_well_known_file.yml
@@ -14,7 +14,7 @@
validate_certs: "{{ well_known_file_check.validate_certs }}"
headers:
Origin: example.com
- check_mode: no
+ check_mode: false
register: result_well_known_matrix
ignore_errors: true
@@ -44,7 +44,7 @@
validate_certs: "{{ well_known_file_check.validate_certs }}"
headers:
Origin: example.com
- check_mode: no
+ check_mode: false
register: result_well_known_identity
ignore_errors: true
diff --git a/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml b/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml
index ec786d2c..7f0be205 100644
--- a/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml
+++ b/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml
@@ -202,7 +202,7 @@
- name: Ensure systemd reloaded after matrix-nginx-proxy.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_nginx_proxy_enabled and matrix_nginx_proxy_systemd_service_result.changed"
@@ -220,8 +220,8 @@
service:
name: matrix-nginx-proxy
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
register: stopping_result
when: "not matrix_nginx_proxy_enabled|bool and matrix_nginx_proxy_service_stat.stat.exists"
@@ -233,7 +233,7 @@
- name: Ensure systemd reloaded after matrix-nginx-proxy.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "not matrix_nginx_proxy_enabled|bool and matrix_nginx_proxy_service_stat.stat.exists"
- name: Ensure Matrix nginx-proxy configuration for matrix domain deleted
diff --git a/roles/matrix-nginx-proxy/tasks/setup_well_known.yml b/roles/matrix-nginx-proxy/tasks/setup_well_known.yml
index 3e43a8c6..1c85552c 100644
--- a/roles/matrix-nginx-proxy/tasks/setup_well_known.yml
+++ b/roles/matrix-nginx-proxy/tasks/setup_well_known.yml
@@ -1,3 +1,4 @@
+---
- set_fact:
matrix_well_known_file_path: "{{ matrix_static_files_base_path }}/.well-known/matrix/client"
@@ -21,4 +22,4 @@
dest: "{{ matrix_static_files_base_path }}/.well-known/matrix"
mode: 0644
owner: "{{ matrix_user_username }}"
- group: "{{ matrix_user_groupname }}"
\ No newline at end of file
+ group: "{{ matrix_user_groupname }}"
diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml
index e820b0ed..e4dd53c2 100644
--- a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml
+++ b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml
@@ -1,3 +1,4 @@
+---
- debug:
msg: "Dealing with SSL certificate retrieval for domain: {{ domain_name }}"
@@ -13,16 +14,16 @@
domain_name_needs_cert: "{{ not domain_name_certificate_path_stat.stat.exists }}"
- block:
- - name: Ensure required service for obtaining is started
- service:
- name: "{{ matrix_ssl_pre_obtaining_required_service_name }}"
- state: started
- register: matrix_ssl_pre_obtaining_required_service_start_result
+ - name: Ensure required service for obtaining is started
+ service:
+ name: "{{ matrix_ssl_pre_obtaining_required_service_name }}"
+ state: started
+ register: matrix_ssl_pre_obtaining_required_service_start_result
- - name: Wait some time, so that the required service for obtaining can start
- wait_for:
- timeout: "{{ matrix_ssl_pre_obtaining_required_service_start_wait_time_seconds }}"
- when: "matrix_ssl_pre_obtaining_required_service_start_result.changed|bool"
+ - name: Wait some time, so that the required service for obtaining can start
+ wait_for:
+ timeout: "{{ matrix_ssl_pre_obtaining_required_service_start_wait_time_seconds }}"
+ when: "matrix_ssl_pre_obtaining_required_service_start_result.changed|bool"
when: "domain_name_needs_cert|bool and matrix_ssl_pre_obtaining_required_service_name != ''"
# This will fail if there is something running on port 80 (like matrix-nginx-proxy).
diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_manually_managed.yml b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_manually_managed.yml
index ea39f5e9..7bcd3d74 100644
--- a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_manually_managed.yml
+++ b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_manually_managed.yml
@@ -5,4 +5,4 @@
with_items: "{{ matrix_ssl_domains_to_obtain_certificates_for }}"
loop_control:
loop_var: domain_name
- when: "matrix_ssl_retrieval_method == 'manually-managed'"
\ No newline at end of file
+ when: "matrix_ssl_retrieval_method == 'manually-managed'"
diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_manually_managed_verify_for_domain.yml b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_manually_managed_verify_for_domain.yml
index be0444b1..2b5bb1f3 100644
--- a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_manually_managed_verify_for_domain.yml
+++ b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_manually_managed_verify_for_domain.yml
@@ -20,4 +20,4 @@
- fail:
msg: "Failed finding a certificate key file (for domain `{{ domain_name }}`) at `{{ matrix_ssl_certificate_verification_cert_key_path }}`"
- when: "not matrix_ssl_certificate_verification_cert_key_path_stat_result.stat.exists"
\ No newline at end of file
+ when: "not matrix_ssl_certificate_verification_cert_key_path_stat_result.stat.exists"
diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml
index 8fa316da..47ec40aa 100644
--- a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml
+++ b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml
@@ -1,28 +1,7 @@
---
-- name: Ensure OpenSSL installed (RedHat)
- yum:
- name:
- - openssl
- state: present
- update_cache: no
- when: "matrix_ssl_retrieval_method == 'self-signed' and ansible_os_family == 'RedHat'"
-
-- name: Ensure APT usage dependencies are installed (Debian)
- apt:
- name:
- - openssl
- state: present
- update_cache: no
- when: "matrix_ssl_retrieval_method == 'self-signed' and ansible_os_family == 'Debian'"
-
-- name: Ensure OpenSSL installed (Archlinux)
- pacman:
- name:
- - openssl
- state: latest
- update_cache: no
- when: "matrix_ssl_retrieval_method == 'self-signed' and ansible_distribution == 'Archlinux'"
+- import_tasks: "{{ role_path }}/../matrix-base/tasks/util/ensure_openssl_installed.yml"
+ when: "matrix_ssl_retrieval_method == 'self-signed'"
- name: Generate self-signed certificates
include_tasks: "{{ role_path }}/tasks/ssl/setup_ssl_self_signed_obtain_for_domain.yml"
diff --git a/roles/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 b/roles/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2
index 03bc32af..1143efd4 100755
--- a/roles/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2
+++ b/roles/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2
@@ -51,8 +51,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-nginx-proxy \
ExecStartPost={{ matrix_host_command_sh }} -c 'attempt=0; while [ $attempt -le 29 ]; do attempt=$(( $attempt + 1 )); if [ "`docker inspect -f {{ '{{.State.Running}}' }} matrix-nginx-proxy 2> /dev/null`" = "true" ]; then break; fi; sleep 1; done; {{ matrix_host_command_docker }} network connect {{ network }} matrix-nginx-proxy'
{% endfor %}
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-nginx-proxy 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-nginx-proxy 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-nginx-proxy 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-nginx-proxy 2>/dev/null'
ExecReload={{ matrix_host_command_docker }} exec matrix-nginx-proxy /usr/sbin/nginx -s reload
Restart=always
RestartSec=30
diff --git a/roles/matrix-postgres-backup/defaults/main.yml b/roles/matrix-postgres-backup/defaults/main.yml
index efce3656..59ae5076 100644
--- a/roles/matrix-postgres-backup/defaults/main.yml
+++ b/roles/matrix-postgres-backup/defaults/main.yml
@@ -1,3 +1,5 @@
+---
+
matrix_postgres_backup_enabled: false
matrix_postgres_backup_connection_hostname: "matrix-postgres"
diff --git a/roles/matrix-postgres-backup/tasks/init.yml b/roles/matrix-postgres-backup/tasks/init.yml
index c6a9bd7e..f74cea06 100644
--- a/roles/matrix-postgres-backup/tasks/init.yml
+++ b/roles/matrix-postgres-backup/tasks/init.yml
@@ -1,3 +1,5 @@
+---
+
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-postgres-backup.service'] }}"
when: matrix_postgres_backup_enabled|bool
diff --git a/roles/matrix-postgres-backup/tasks/setup_postgres_backup.yml b/roles/matrix-postgres-backup/tasks/setup_postgres_backup.yml
index 68eae443..72329db3 100644
--- a/roles/matrix-postgres-backup/tasks/setup_postgres_backup.yml
+++ b/roles/matrix-postgres-backup/tasks/setup_postgres_backup.yml
@@ -52,7 +52,7 @@
- name: Ensure systemd reloaded after matrix-postgres-backup.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_postgres_backup_enabled|bool and matrix_postgres_backup_systemd_service_result.changed"
#
@@ -69,8 +69,8 @@
service:
name: matrix-postgres-backup
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
when: "not matrix_postgres_backup_enabled|bool and matrix_postgres_backup_service_stat.stat.exists"
- name: Ensure matrix-postgres-backup.service doesn't exist
@@ -81,7 +81,7 @@
- name: Ensure systemd reloaded after matrix-postgres-backup.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "not matrix_postgres_backup_enabled|bool and matrix_postgres_backup_service_stat.stat.exists"
- name: Check existence of matrix-postgres-backup backup path
diff --git a/roles/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2 b/roles/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2
index 52e12edb..97c9ae7f 100644
--- a/roles/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2
+++ b/roles/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2
@@ -21,8 +21,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-postgres-backu
--mount type=bind,src={{ matrix_postgres_backup_path }},dst=/backups \
{{ matrix_postgres_backup_docker_image_to_use }}
-ExecStopPost=-{{ matrix_host_command_docker }} stop matrix-postgres-backup
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-postgres-backup 2>/dev/null'
+ExecStop=-{{ matrix_host_command_docker }} stop matrix-postgres-backup
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-postgres-backup 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-postgres-backup
diff --git a/roles/matrix-postgres/defaults/main.yml b/roles/matrix-postgres/defaults/main.yml
index 42413286..76529a82 100644
--- a/roles/matrix-postgres/defaults/main.yml
+++ b/roles/matrix-postgres/defaults/main.yml
@@ -1,3 +1,5 @@
+---
+
matrix_postgres_enabled: true
matrix_postgres_connection_hostname: "matrix-postgres"
@@ -18,11 +20,11 @@ matrix_postgres_architecture: amd64
matrix_postgres_docker_image_suffix: "{{ '-alpine' if matrix_postgres_architecture in ['amd64', 'arm64'] else '' }}"
matrix_postgres_docker_image_v9: "{{ matrix_container_global_registry_prefix }}postgres:9.6.23{{ matrix_postgres_docker_image_suffix }}"
-matrix_postgres_docker_image_v10: "{{ matrix_container_global_registry_prefix }}postgres:10.19{{ matrix_postgres_docker_image_suffix }}"
-matrix_postgres_docker_image_v11: "{{ matrix_container_global_registry_prefix }}postgres:11.14{{ matrix_postgres_docker_image_suffix }}"
-matrix_postgres_docker_image_v12: "{{ matrix_container_global_registry_prefix }}postgres:12.9{{ matrix_postgres_docker_image_suffix }}"
-matrix_postgres_docker_image_v13: "{{ matrix_container_global_registry_prefix }}postgres:13.5{{ matrix_postgres_docker_image_suffix }}"
-matrix_postgres_docker_image_v14: "{{ matrix_container_global_registry_prefix }}postgres:14.1{{ matrix_postgres_docker_image_suffix }}"
+matrix_postgres_docker_image_v10: "{{ matrix_container_global_registry_prefix }}postgres:10.20{{ matrix_postgres_docker_image_suffix }}"
+matrix_postgres_docker_image_v11: "{{ matrix_container_global_registry_prefix }}postgres:11.15{{ matrix_postgres_docker_image_suffix }}"
+matrix_postgres_docker_image_v12: "{{ matrix_container_global_registry_prefix }}postgres:12.10{{ matrix_postgres_docker_image_suffix }}"
+matrix_postgres_docker_image_v13: "{{ matrix_container_global_registry_prefix }}postgres:13.6{{ matrix_postgres_docker_image_suffix }}"
+matrix_postgres_docker_image_v14: "{{ matrix_container_global_registry_prefix }}postgres:14.2{{ matrix_postgres_docker_image_suffix }}"
matrix_postgres_docker_image_latest: "{{ matrix_postgres_docker_image_v14 }}"
# This variable is assigned at runtime. Overriding its value has no effect.
diff --git a/roles/matrix-postgres/tasks/import_generic_sqlite_db.yml b/roles/matrix-postgres/tasks/import_generic_sqlite_db.yml
index a42c6f55..2a673ee3 100644
--- a/roles/matrix-postgres/tasks/import_generic_sqlite_db.yml
+++ b/roles/matrix-postgres/tasks/import_generic_sqlite_db.yml
@@ -57,7 +57,7 @@
service:
name: matrix-postgres
state: started
- daemon_reload: yes
+ daemon_reload: true
register: matrix_postgres_service_start_result
- name: Wait a bit, so that Postgres can start
diff --git a/roles/matrix-postgres/tasks/import_postgres.yml b/roles/matrix-postgres/tasks/import_postgres.yml
index b8e93219..948c4b3a 100644
--- a/roles/matrix-postgres/tasks/import_postgres.yml
+++ b/roles/matrix-postgres/tasks/import_postgres.yml
@@ -48,7 +48,7 @@
service:
name: matrix-postgres
state: started
- daemon_reload: yes
+ daemon_reload: true
- name: Wait a bit, so that Postgres can start
wait_for:
diff --git a/roles/matrix-postgres/tasks/import_synapse_sqlite_db.yml b/roles/matrix-postgres/tasks/import_synapse_sqlite_db.yml
index ea15c5a8..2dafba59 100644
--- a/roles/matrix-postgres/tasks/import_synapse_sqlite_db.yml
+++ b/roles/matrix-postgres/tasks/import_synapse_sqlite_db.yml
@@ -37,7 +37,7 @@
service:
name: matrix-postgres
state: stopped
- daemon_reload: yes
+ daemon_reload: true
- name: Ensure postgres data is wiped out
file:
@@ -56,7 +56,7 @@
service:
name: matrix-postgres
state: restarted
- daemon_reload: yes
+ daemon_reload: true
- name: Wait a bit, so that Postgres can start
wait_for:
diff --git a/roles/matrix-postgres/tasks/init.yml b/roles/matrix-postgres/tasks/init.yml
index a0f2ae60..e5ebd9c5 100644
--- a/roles/matrix-postgres/tasks/init.yml
+++ b/roles/matrix-postgres/tasks/init.yml
@@ -1,3 +1,5 @@
+---
+
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-postgres.service'] }}"
when: matrix_postgres_enabled|bool
diff --git a/roles/matrix-postgres/tasks/main.yml b/roles/matrix-postgres/tasks/main.yml
index b9c2ae7c..79890417 100644
--- a/roles/matrix-postgres/tasks/main.yml
+++ b/roles/matrix-postgres/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-postgres/tasks/migrate_postgres_data_directory.yml b/roles/matrix-postgres/tasks/migrate_postgres_data_directory.yml
index e62feee3..f927783f 100644
--- a/roles/matrix-postgres/tasks/migrate_postgres_data_directory.yml
+++ b/roles/matrix-postgres/tasks/migrate_postgres_data_directory.yml
@@ -29,7 +29,7 @@
service:
name: matrix-postgres
state: stopped
- daemon_reload: yes
+ daemon_reload: true
when: "result_pg_old_data_dir_stat.stat.exists"
- name: Find files and directories in old Postgres data path
@@ -68,5 +68,5 @@
- name: Ensure systemd reloaded after getting rid of outdated matrix-postgres.service
service:
- daemon_reload: yes
+ daemon_reload: true
when: "result_pg_old_data_dir_stat.stat.exists"
diff --git a/roles/matrix-postgres/tasks/run_vacuum.yml b/roles/matrix-postgres/tasks/run_vacuum.yml
index 19a27562..0b7a60f8 100644
--- a/roles/matrix-postgres/tasks/run_vacuum.yml
+++ b/roles/matrix-postgres/tasks/run_vacuum.yml
@@ -27,7 +27,7 @@
service:
name: matrix-postgres
state: started
- daemon_reload: yes
+ daemon_reload: true
- name: Wait a bit, so that Postgres can start
wait_for:
@@ -71,7 +71,7 @@
service:
name: matrix-synapse
state: stopped
- daemon_reload: yes
+ daemon_reload: true
- name: Run Postgres vacuum command
command: "{{ matrix_postgres_vacuum_command }}"
@@ -86,5 +86,5 @@
service:
name: matrix-synapse
state: started
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_postgres_synapse_was_running|bool"
diff --git a/roles/matrix-postgres/tasks/setup_postgres.yml b/roles/matrix-postgres/tasks/setup_postgres.yml
index 96a20d25..dc170460 100644
--- a/roles/matrix-postgres/tasks/setup_postgres.yml
+++ b/roles/matrix-postgres/tasks/setup_postgres.yml
@@ -65,7 +65,7 @@
state: directory
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
- recurse: yes
+ recurse: true
when: matrix_postgres_enabled|bool
- name: Ensure Postgres environment variables file created
@@ -115,7 +115,7 @@
- name: Ensure systemd reloaded after matrix-postgres.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_postgres_enabled|bool and matrix_postgres_systemd_service_result.changed"
- include_tasks:
@@ -158,7 +158,7 @@
service:
name: matrix-postgres
state: stopped
- daemon_reload: yes
+ daemon_reload: true
when: "not matrix_postgres_enabled|bool and matrix_postgres_service_stat.stat.exists"
- name: Ensure matrix-postgres.service doesn't exist
@@ -169,7 +169,7 @@
- name: Ensure systemd reloaded after matrix-postgres.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "not matrix_postgres_enabled|bool and matrix_postgres_service_stat.stat.exists"
- name: Check existence of matrix-postgres local data path
diff --git a/roles/matrix-postgres/tasks/upgrade_postgres.yml b/roles/matrix-postgres/tasks/upgrade_postgres.yml
index 564265d8..bf98d938 100644
--- a/roles/matrix-postgres/tasks/upgrade_postgres.yml
+++ b/roles/matrix-postgres/tasks/upgrade_postgres.yml
@@ -64,7 +64,7 @@
service:
name: matrix-postgres
state: started
- daemon_reload: yes
+ daemon_reload: true
- name: Wait a bit, so that Postgres can start
wait_for:
@@ -107,9 +107,9 @@
- name: Ensure matrix-postgres autoruns and is restarted
service:
name: matrix-postgres
- enabled: yes
+ enabled: true
state: restarted
- daemon_reload: yes
+ daemon_reload: true
- name: Wait a bit, so that Postgres can start
wait_for:
@@ -166,7 +166,7 @@
service:
name: matrix-synapse
state: started
- daemon_reload: yes
+ daemon_reload: true
- debug:
msg: "NOTE: Your old Postgres data directory is preserved at `{{ postgres_auto_upgrade_backup_data_path }}`. You might want to get rid of it once you've confirmed that all is well."
diff --git a/roles/matrix-postgres/tasks/util/create_additional_databases.yml b/roles/matrix-postgres/tasks/util/create_additional_databases.yml
index 0ad460dd..de87f98c 100644
--- a/roles/matrix-postgres/tasks/util/create_additional_databases.yml
+++ b/roles/matrix-postgres/tasks/util/create_additional_databases.yml
@@ -4,7 +4,7 @@
service:
name: matrix-postgres
state: started
- daemon_reload: yes
+ daemon_reload: true
register: matrix_postgres_service_start_result
- name: Wait a bit, so that Postgres can start
diff --git a/roles/matrix-postgres/tasks/util/migrate_db_to_postgres.yml b/roles/matrix-postgres/tasks/util/migrate_db_to_postgres.yml
index cf595ade..73acb433 100644
--- a/roles/matrix-postgres/tasks/util/migrate_db_to_postgres.yml
+++ b/roles/matrix-postgres/tasks/util/migrate_db_to_postgres.yml
@@ -66,7 +66,7 @@
build:
dockerfile: Dockerfile
path: "{{ matrix_postgres_pgloader_container_image_self_build_src_path }}"
- pull: yes
+ pull: true
when: "matrix_postgres_pgloader_container_image_self_build|bool"
- name: Ensure pgloader Docker image is pulled
@@ -91,7 +91,7 @@
service:
name: matrix-postgres
state: started
- daemon_reload: yes
+ daemon_reload: true
register: matrix_postgres_service_start_result
- name: Wait a bit, so that Postgres can start
diff --git a/roles/matrix-postgres/templates/systemd/matrix-postgres.service.j2 b/roles/matrix-postgres/templates/systemd/matrix-postgres.service.j2
index 5ef3646d..d62a689a 100644
--- a/roles/matrix-postgres/templates/systemd/matrix-postgres.service.j2
+++ b/roles/matrix-postgres/templates/systemd/matrix-postgres.service.j2
@@ -36,8 +36,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-postgres \
{{ matrix_postgres_docker_image_to_use }} \
postgres {{ matrix_postgres_process_extra_arguments|join(' ') }}
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-postgres 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-postgres 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-postgres 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-postgres 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-postgres
diff --git a/roles/matrix-prometheus-node-exporter/defaults/main.yml b/roles/matrix-prometheus-node-exporter/defaults/main.yml
index 481864d3..5e50a1d7 100644
--- a/roles/matrix-prometheus-node-exporter/defaults/main.yml
+++ b/roles/matrix-prometheus-node-exporter/defaults/main.yml
@@ -1,9 +1,10 @@
+---
# matrix-prometheus-node-exporter is an Prometheus exporter for machine metrics
# See: https://prometheus.io/docs/guides/node-exporter/
matrix_prometheus_node_exporter_enabled: false
-matrix_prometheus_node_exporter_version: v1.2.2
+matrix_prometheus_node_exporter_version: v1.3.1
matrix_prometheus_node_exporter_docker_image: "{{ matrix_container_global_registry_prefix }}prom/node-exporter:{{ matrix_prometheus_node_exporter_version }}"
matrix_prometheus_node_exporter_docker_image_force_pull: "{{ matrix_prometheus_node_exporter_docker_image.endswith(':latest') }}"
diff --git a/roles/matrix-prometheus-node-exporter/tasks/init.yml b/roles/matrix-prometheus-node-exporter/tasks/init.yml
index 2894b717..db44a7ab 100644
--- a/roles/matrix-prometheus-node-exporter/tasks/init.yml
+++ b/roles/matrix-prometheus-node-exporter/tasks/init.yml
@@ -1,5 +1,5 @@
+---
+
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-prometheus-node-exporter.service'] }}"
when: matrix_prometheus_node_exporter_enabled|bool
-
-
diff --git a/roles/matrix-prometheus-node-exporter/tasks/main.yml b/roles/matrix-prometheus-node-exporter/tasks/main.yml
index 172b5721..71bbb8d7 100644
--- a/roles/matrix-prometheus-node-exporter/tasks/main.yml
+++ b/roles/matrix-prometheus-node-exporter/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-prometheus-node-exporter/tasks/setup.yml b/roles/matrix-prometheus-node-exporter/tasks/setup.yml
index fa8eb767..419f3592 100644
--- a/roles/matrix-prometheus-node-exporter/tasks/setup.yml
+++ b/roles/matrix-prometheus-node-exporter/tasks/setup.yml
@@ -22,7 +22,7 @@
- name: Ensure systemd reloaded after matrix-prometheus.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_prometheus_node_exporter_enabled|bool and matrix_prometheus_node_exporter_systemd_service_result.changed"
#
@@ -38,8 +38,8 @@
service:
name: matrix-prometheus-node-exporter
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
register: stopping_result
when: "not matrix_prometheus_node_exporter_enabled|bool and matrix_prometheus_node_exporter_service_stat.stat.exists"
@@ -51,5 +51,5 @@
- name: Ensure systemd reloaded after matrix-prometheus-node-exporter.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "not matrix_prometheus_node_exporter_enabled|bool and matrix_prometheus_node_exporter_service_stat.stat.exists"
diff --git a/roles/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 b/roles/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2
index 0139b916..210a0d97 100644
--- a/roles/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2
+++ b/roles/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2
@@ -34,8 +34,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-prometheus-nod
{{ matrix_prometheus_node_exporter_docker_image }} \
--path.rootfs=/host
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-prometheus-node-exporter 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-prometheus-node-exporter 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-prometheus-node-exporter 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-prometheus-node-exporter 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-prometheus-node-exporter
diff --git a/roles/matrix-prometheus-postgres-exporter/defaults/main.yml b/roles/matrix-prometheus-postgres-exporter/defaults/main.yml
index 0857d3e7..c96a6ea8 100644
--- a/roles/matrix-prometheus-postgres-exporter/defaults/main.yml
+++ b/roles/matrix-prometheus-postgres-exporter/defaults/main.yml
@@ -1,9 +1,10 @@
+---
# matrix-prometheus-postgres-exporter is an Prometheus exporter for postgres metrics
# See: https://github.com/prometheus-community/postgres_exporter
matrix_prometheus_postgres_exporter_enabled: false
-matrix_prometheus_postgres_exporter_version: v0.10.0
+matrix_prometheus_postgres_exporter_version: v0.10.1
matrix_prometheus_postgres_exporter_port: 9187
matrix_prometheus_postgres_exporter_docker_image: "quay.io/prometheuscommunity/postgres-exporter:{{ matrix_prometheus_postgres_exporter_version }}"
@@ -11,8 +12,8 @@ matrix_prometheus_postgres_exporter_docker_image_force_pull: "{{ matrix_promethe
# A list of extra arguments to pass to the container
matrix_prometheus_postgres_exporter_container_extra_arguments: ["-e PG_EXPORTER_AUTO_DISCOVER_DATABASES=true",
- "-e PG_EXPORTER_WEB_LISTEN_ADDRESS=\":{{matrix_prometheus_postgres_exporter_port}}\"",
- "-e DATA_SOURCE_NAME=\"postgresql://{{matrix_prometheus_postgres_exporter_database_username}}:{{matrix_prometheus_postgres_exporter_database_password}}@{{matrix_prometheus_postgres_exporter_database_hostname}}:5432/{{matrix_prometheus_postgres_exporter_database_name}}?sslmode=disable\"" ]
+ "-e PG_EXPORTER_WEB_LISTEN_ADDRESS=\":{{matrix_prometheus_postgres_exporter_port}}\"",
+ "-e DATA_SOURCE_NAME=\"postgresql://{{matrix_prometheus_postgres_exporter_database_username}}:{{matrix_prometheus_postgres_exporter_database_password}}@{{matrix_prometheus_postgres_exporter_database_hostname}}:5432/{{matrix_prometheus_postgres_exporter_database_name}}?sslmode=disable\""]
# List of systemd services that matrix-prometheus-postgres-exporter.service depends on
matrix_prometheus_postgres_exporter_systemd_required_services_list: ['docker.service']
@@ -46,4 +47,4 @@ matrix_prometheus_postgres_exporter_database_name: 'matrix_prometheus_postgres_e
matrix_prometheus_postgres_exporter_container_http_host_bind_port: ''
matrix_prometheus_postgres_exporter_dashboard_urls:
-- "https://grafana.com/api/dashboards/9628/revisions/7/download"
\ No newline at end of file
+ - "https://grafana.com/api/dashboards/9628/revisions/7/download"
diff --git a/roles/matrix-prometheus-postgres-exporter/tasks/init.yml b/roles/matrix-prometheus-postgres-exporter/tasks/init.yml
index 2bd6904e..ddea23ab 100644
--- a/roles/matrix-prometheus-postgres-exporter/tasks/init.yml
+++ b/roles/matrix-prometheus-postgres-exporter/tasks/init.yml
@@ -1,5 +1,5 @@
+---
+
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-prometheus-postgres-exporter.service'] }}"
when: matrix_prometheus_postgres_exporter_enabled|bool
-
-
diff --git a/roles/matrix-prometheus-postgres-exporter/tasks/main.yml b/roles/matrix-prometheus-postgres-exporter/tasks/main.yml
index e3c364fa..e9497099 100644
--- a/roles/matrix-prometheus-postgres-exporter/tasks/main.yml
+++ b/roles/matrix-prometheus-postgres-exporter/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-prometheus-postgres-exporter/tasks/setup.yml b/roles/matrix-prometheus-postgres-exporter/tasks/setup.yml
index 37743b66..a6c49816 100644
--- a/roles/matrix-prometheus-postgres-exporter/tasks/setup.yml
+++ b/roles/matrix-prometheus-postgres-exporter/tasks/setup.yml
@@ -22,7 +22,7 @@
- name: Ensure systemd reloaded after matrix-prometheus.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_prometheus_postgres_exporter_enabled|bool and matrix_prometheus_postgres_exporter_systemd_service_result.changed"
#
@@ -38,8 +38,8 @@
service:
name: matrix-prometheus-postgres-exporter
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
register: stopping_result
when: "not matrix_prometheus_postgres_exporter_enabled|bool and matrix_prometheus_postgres_exporter_service_stat.stat.exists"
@@ -51,5 +51,5 @@
- name: Ensure systemd reloaded after matrix-prometheus-postgres-exporter.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "not matrix_prometheus_postgres_exporter_enabled|bool and matrix_prometheus_postgres_exporter_service_stat.stat.exists"
diff --git a/roles/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2 b/roles/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2
index 4c9a4eda..993ebac4 100644
--- a/roles/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2
+++ b/roles/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2
@@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-prometheus-pos
--pid=host \
{{ matrix_prometheus_postgres_exporter_docker_image }}
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-prometheus-postgres-exporter 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-prometheus-postgres-exporter 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-prometheus-postgres-exporter 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-prometheus-postgres-exporter 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-prometheus-postgres-exporter
diff --git a/roles/matrix-prometheus/defaults/main.yml b/roles/matrix-prometheus/defaults/main.yml
index d76ce744..843a90e8 100644
--- a/roles/matrix-prometheus/defaults/main.yml
+++ b/roles/matrix-prometheus/defaults/main.yml
@@ -1,9 +1,10 @@
+---
# matrix-prometheus is an open-source systems monitoring and alerting toolkit
# See: https://github.com/matrix-org/synapse/blob/master/docs/metrics-howto.md
matrix_prometheus_enabled: false
-matrix_prometheus_version: v2.31.1
+matrix_prometheus_version: v2.33.3
matrix_prometheus_docker_image: "{{ matrix_container_global_registry_prefix }}prom/prometheus:{{ matrix_prometheus_version }}"
matrix_prometheus_docker_image_force_pull: "{{ matrix_prometheus_docker_image.endswith(':latest') }}"
diff --git a/roles/matrix-prometheus/tasks/init.yml b/roles/matrix-prometheus/tasks/init.yml
index 12fae831..6587ddd9 100644
--- a/roles/matrix-prometheus/tasks/init.yml
+++ b/roles/matrix-prometheus/tasks/init.yml
@@ -1,5 +1,5 @@
+---
+
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-prometheus.service'] }}"
when: matrix_prometheus_enabled|bool
-
-
diff --git a/roles/matrix-prometheus/tasks/main.yml b/roles/matrix-prometheus/tasks/main.yml
index 20f18cc3..c74918fa 100644
--- a/roles/matrix-prometheus/tasks/main.yml
+++ b/roles/matrix-prometheus/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-prometheus/tasks/setup_install.yml b/roles/matrix-prometheus/tasks/setup_install.yml
index 15a69279..80f3e5d7 100644
--- a/roles/matrix-prometheus/tasks/setup_install.yml
+++ b/roles/matrix-prometheus/tasks/setup_install.yml
@@ -46,5 +46,5 @@
- name: Ensure systemd reloaded after matrix-prometheus.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_prometheus_systemd_service_result.changed|bool"
diff --git a/roles/matrix-prometheus/tasks/setup_uninstall.yml b/roles/matrix-prometheus/tasks/setup_uninstall.yml
index d99c1a8e..c9f07f52 100644
--- a/roles/matrix-prometheus/tasks/setup_uninstall.yml
+++ b/roles/matrix-prometheus/tasks/setup_uninstall.yml
@@ -9,8 +9,8 @@
service:
name: matrix-prometheus
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
register: stopping_result
when: "matrix_prometheus_service_stat.stat.exists|bool"
@@ -22,5 +22,5 @@
- name: Ensure systemd reloaded after matrix-prometheus.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_prometheus_service_stat.stat.exists|bool"
diff --git a/roles/matrix-prometheus/templates/prometheus.yml.j2 b/roles/matrix-prometheus/templates/prometheus.yml.j2
index 869b2da8..f3262f48 100644
--- a/roles/matrix-prometheus/templates/prometheus.yml.j2
+++ b/roles/matrix-prometheus/templates/prometheus.yml.j2
@@ -57,3 +57,9 @@ scrape_configs:
static_configs:
- targets: {{ matrix_prometheus_scraper_postgres_targets|to_json }}
{% endif %}
+
+ {% if matrix_prometheus_scraper_hookshot_enabled %}
+ - job_name: hookshot
+ static_configs:
+ - targets: {{ matrix_prometheus_scraper_hookshot_targets|to_json }}
+ {% endif %}
diff --git a/roles/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 b/roles/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2
index 2070ece3..ad75d664 100644
--- a/roles/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2
+++ b/roles/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2
@@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-prometheus \
{% endfor %}
{{ matrix_prometheus_docker_image }}
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-prometheus 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-prometheus 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-prometheus 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-prometheus 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-prometheus
diff --git a/roles/matrix-redis/defaults/main.yml b/roles/matrix-redis/defaults/main.yml
index 355679d0..88d3d739 100644
--- a/roles/matrix-redis/defaults/main.yml
+++ b/roles/matrix-redis/defaults/main.yml
@@ -1,3 +1,5 @@
+---
+
matrix_redis_enabled: true
matrix_redis_connection_password: ""
diff --git a/roles/matrix-redis/tasks/init.yml b/roles/matrix-redis/tasks/init.yml
index 49068851..99c52026 100644
--- a/roles/matrix-redis/tasks/init.yml
+++ b/roles/matrix-redis/tasks/init.yml
@@ -1,3 +1,5 @@
+---
+
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-redis'] }}"
when: matrix_redis_enabled|bool
diff --git a/roles/matrix-redis/tasks/main.yml b/roles/matrix-redis/tasks/main.yml
index 595b09f5..430b6a64 100644
--- a/roles/matrix-redis/tasks/main.yml
+++ b/roles/matrix-redis/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-redis/tasks/setup_redis.yml b/roles/matrix-redis/tasks/setup_redis.yml
index f1f32238..a37174a3 100644
--- a/roles/matrix-redis/tasks/setup_redis.yml
+++ b/roles/matrix-redis/tasks/setup_redis.yml
@@ -33,7 +33,7 @@
state: directory
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_username }}"
- recurse: yes
+ recurse: true
when: matrix_redis_enabled|bool
- name: Ensure redis environment variables file created
@@ -55,7 +55,7 @@
- name: Ensure systemd reloaded after matrix-redis.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_redis_enabled|bool and matrix_redis_systemd_service_result.changed"
#
@@ -72,8 +72,8 @@
service:
name: matrix-redis
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
when: "not matrix_redis_enabled|bool and matrix_redis_service_stat.stat.exists"
- name: Ensure matrix-redis.service doesn't exist
@@ -84,7 +84,7 @@
- name: Ensure systemd reloaded after matrix-redis.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "not matrix_redis_enabled|bool and matrix_redis_service_stat.stat.exists"
- name: Check existence of matrix-redis local data path
diff --git a/roles/matrix-redis/templates/systemd/matrix-redis.service.j2 b/roles/matrix-redis/templates/systemd/matrix-redis.service.j2
index 9f9d2902..5f6699f8 100644
--- a/roles/matrix-redis/templates/systemd/matrix-redis.service.j2
+++ b/roles/matrix-redis/templates/systemd/matrix-redis.service.j2
@@ -27,8 +27,8 @@ ExecStart=/usr/bin/docker run --rm --name matrix-redis \
{{ matrix_redis_docker_image_to_use }} \
redis-server /usr/local/etc/redis/redis.conf
-ExecStopPost=-/usr/bin/docker stop matrix-redis
-ExecStopPost=-/usr/bin/docker rm matrix-redis
+ExecStop=-/usr/bin/docker stop matrix-redis
+ExecStop=-/usr/bin/docker rm matrix-redis
Restart=always
RestartSec=30
SyslogIdentifier=matrix-redis
diff --git a/roles/matrix-registration/defaults/main.yml b/roles/matrix-registration/defaults/main.yml
index 4705fb5e..d924551a 100644
--- a/roles/matrix-registration/defaults/main.yml
+++ b/roles/matrix-registration/defaults/main.yml
@@ -1,3 +1,4 @@
+---
# matrix-registration is a simple python application to have a token based matrix registration
# See: https://zeratax.github.io/matrix-registration/
diff --git a/roles/matrix-registration/tasks/generate_token.yml b/roles/matrix-registration/tasks/generate_token.yml
index ae5bdf4c..4e337b01 100644
--- a/roles/matrix-registration/tasks/generate_token.yml
+++ b/roles/matrix-registration/tasks/generate_token.yml
@@ -1,3 +1,5 @@
+---
+
- name: Fail if playbook called incorrectly
fail:
msg: "The `one_time` variable needs to be provided to this playbook, via --extra-vars"
@@ -23,7 +25,7 @@
"one_time": {{ 'true' if one_time == 'yes' else 'false' }},
"ex_date": {{ ex_date|to_json }}
}
- check_mode: no
+ check_mode: false
register: matrix_registration_api_result
- set_fact:
@@ -37,7 +39,7 @@
Full token details are:
{{ matrix_registration_api_result.json }}
- check_mode: no
+ check_mode: false
- name: Inject result message into matrix_playbook_runtime_results
set_fact:
@@ -47,4 +49,4 @@
+
[matrix_registration_api_result_message]
}}
- check_mode: no
+ check_mode: false
diff --git a/roles/matrix-registration/tasks/init.yml b/roles/matrix-registration/tasks/init.yml
index 47220103..cae18258 100644
--- a/roles/matrix-registration/tasks/init.yml
+++ b/roles/matrix-registration/tasks/init.yml
@@ -1,3 +1,4 @@
+---
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
- name: Fail if trying to self-build on Ansible < 2.8
@@ -10,49 +11,49 @@
when: matrix_registration_enabled|bool
- block:
- - name: Fail if matrix-nginx-proxy role already executed
- fail:
- msg: >-
- Trying to append matrix-registration's reverse-proxying configuration to matrix-nginx-proxy,
- but it's pointless since the matrix-nginx-proxy role had already executed.
- To fix this, please change the order of roles in your playbook,
- so that the matrix-nginx-proxy role would run after the matrix-registration role.
- when: matrix_nginx_proxy_role_executed|default(False)|bool
+ - name: Fail if matrix-nginx-proxy role already executed
+ fail:
+ msg: >-
+ Trying to append matrix-registration's reverse-proxying configuration to matrix-nginx-proxy,
+ but it's pointless since the matrix-nginx-proxy role had already executed.
+ To fix this, please change the order of roles in your playbook,
+ so that the matrix-nginx-proxy role would run after the matrix-registration role.
+ when: matrix_nginx_proxy_role_executed|default(False)|bool
- - name: Generate matrix-registration proxying configuration for matrix-nginx-proxy
- set_fact:
- matrix_registration_matrix_nginx_proxy_configuration: |
- rewrite ^{{ matrix_registration_public_endpoint }}$ {{ matrix_nginx_proxy_x_forwarded_proto_value }}://$server_name{{ matrix_registration_public_endpoint }}/ permanent;
- rewrite ^{{ matrix_registration_public_endpoint }}/$ {{ matrix_nginx_proxy_x_forwarded_proto_value }}://$server_name{{ matrix_registration_public_endpoint }}/register redirect;
+ - name: Generate matrix-registration proxying configuration for matrix-nginx-proxy
+ set_fact:
+ matrix_registration_matrix_nginx_proxy_configuration: |
+ rewrite ^{{ matrix_registration_public_endpoint }}$ {{ matrix_nginx_proxy_x_forwarded_proto_value }}://$server_name{{ matrix_registration_public_endpoint }}/ permanent;
+ rewrite ^{{ matrix_registration_public_endpoint }}/$ {{ matrix_nginx_proxy_x_forwarded_proto_value }}://$server_name{{ matrix_registration_public_endpoint }}/register redirect;
- location ~ ^{{ matrix_registration_public_endpoint }}/(.*) {
- {% if matrix_nginx_proxy_enabled|default(False) %}
- {# Use the embedded DNS resolver in Docker containers to discover the service #}
- resolver 127.0.0.11 valid=5s;
- set $backend "matrix-registration:5000";
- proxy_pass http://$backend/$1;
- {% else %}
- {# Generic configuration for use outside of our container setup #}
- proxy_pass http://127.0.0.1:8767/$1;
- {% endif %}
+ location ~ ^{{ matrix_registration_public_endpoint }}/(.*) {
+ {% if matrix_nginx_proxy_enabled|default(False) %}
+ {# Use the embedded DNS resolver in Docker containers to discover the service #}
+ resolver 127.0.0.11 valid=5s;
+ set $backend "matrix-registration:5000";
+ proxy_pass http://$backend/$1;
+ {% else %}
+ {# Generic configuration for use outside of our container setup #}
+ proxy_pass http://127.0.0.1:8767/$1;
+ {% endif %}
- {#
- Workaround matrix-registration serving the background image at /static
- (see https://github.com/ZerataX/matrix-registration/issues/47)
- #}
- sub_filter_once off;
- sub_filter_types text/css;
- sub_filter "/static/" "{{ matrix_registration_public_endpoint }}/static/";
- }
+ {#
+ Workaround matrix-registration serving the background image at /static
+ (see https://github.com/ZerataX/matrix-registration/issues/47)
+ #}
+ sub_filter_once off;
+ sub_filter_types text/css;
+ sub_filter "/static/" "{{ matrix_registration_public_endpoint }}/static/";
+ }
- - name: Register matrix-registration proxying configuration with matrix-nginx-proxy
- set_fact:
- matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
- {{
- matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
- +
- [matrix_registration_matrix_nginx_proxy_configuration]
- }}
+ - name: Register matrix-registration proxying configuration with matrix-nginx-proxy
+ set_fact:
+ matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
+ {{
+ matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
+ +
+ [matrix_registration_matrix_nginx_proxy_configuration]
+ }}
tags:
- always
when: matrix_registration_enabled|bool
diff --git a/roles/matrix-registration/tasks/list_tokens.yml b/roles/matrix-registration/tasks/list_tokens.yml
index dea3eb31..9ef40d27 100644
--- a/roles/matrix-registration/tasks/list_tokens.yml
+++ b/roles/matrix-registration/tasks/list_tokens.yml
@@ -1,3 +1,5 @@
+---
+
- name: Call matrix-registration list all tokens API
uri:
url: "{{ matrix_registration_api_token_endpoint }}"
@@ -8,7 +10,7 @@
Authorization: "SharedSecret {{ matrix_registration_admin_secret }}"
method: GET
body_format: json
- check_mode: no
+ check_mode: false
register: matrix_registration_api_result
- set_fact:
@@ -16,7 +18,7 @@
matrix-registration result:
{{ matrix_registration_api_result.json | to_nice_json }}
- check_mode: no
+ check_mode: false
- name: Inject result message into matrix_playbook_runtime_results
set_fact:
@@ -26,4 +28,4 @@
+
[matrix_registration_api_result_message]
}}
- check_mode: no
+ check_mode: false
diff --git a/roles/matrix-registration/tasks/main.yml b/roles/matrix-registration/tasks/main.yml
index 3324e083..ca574384 100644
--- a/roles/matrix-registration/tasks/main.yml
+++ b/roles/matrix-registration/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-registration/tasks/setup_install.yml b/roles/matrix-registration/tasks/setup_install.yml
index 0d7da9ce..31e9c35d 100644
--- a/roles/matrix-registration/tasks/setup_install.yml
+++ b/roles/matrix-registration/tasks/setup_install.yml
@@ -39,10 +39,10 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_registration_base_path }}", when: true }
- - { path: "{{ matrix_registration_config_path }}", when: true }
- - { path: "{{ matrix_registration_data_path }}", when: true }
- - { path: "{{ matrix_registration_docker_src_files_path }}", when: "{{ matrix_registration_container_image_self_build }}"}
+ - {path: "{{ matrix_registration_base_path }}", when: true}
+ - {path: "{{ matrix_registration_config_path }}", when: true}
+ - {path: "{{ matrix_registration_data_path }}", when: true}
+ - {path: "{{ matrix_registration_docker_src_files_path }}", when: "{{ matrix_registration_container_image_self_build }}"}
when: "item.when|bool"
- name: Ensure matrix-registration image is pulled
@@ -71,7 +71,7 @@
build:
dockerfile: Dockerfile
path: "{{ matrix_registration_docker_src_files_path }}"
- pull: yes
+ pull: true
when: "matrix_registration_container_image_self_build|bool"
- name: Ensure matrix-registration config installed
@@ -91,7 +91,7 @@
- name: Ensure systemd reloaded after matrix-registration.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_registration_systemd_service_result.changed|bool"
- name: Ensure matrix-registration.service restarted, if necessary
diff --git a/roles/matrix-registration/tasks/setup_uninstall.yml b/roles/matrix-registration/tasks/setup_uninstall.yml
index 8afd1084..4b7c195f 100644
--- a/roles/matrix-registration/tasks/setup_uninstall.yml
+++ b/roles/matrix-registration/tasks/setup_uninstall.yml
@@ -9,8 +9,8 @@
service:
name: matrix-registration
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
register: stopping_result
when: "matrix_registration_service_stat.stat.exists|bool"
@@ -22,7 +22,7 @@
- name: Ensure systemd reloaded after matrix-registration.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_registration_service_stat.stat.exists|bool"
- name: Ensure matrix-registration Docker image doesn't exist
diff --git a/roles/matrix-registration/templates/systemd/matrix-registration.service.j2 b/roles/matrix-registration/templates/systemd/matrix-registration.service.j2
index 8de331bf..e73e3e5f 100644
--- a/roles/matrix-registration/templates/systemd/matrix-registration.service.j2
+++ b/roles/matrix-registration/templates/systemd/matrix-registration.service.j2
@@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-registration \
{{ matrix_registration_docker_image }} \
serve
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-registration 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-registration 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-registration 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-registration 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-registration
diff --git a/roles/matrix-sygnal/defaults/main.yml b/roles/matrix-sygnal/defaults/main.yml
index 70d530f8..15bce68c 100644
--- a/roles/matrix-sygnal/defaults/main.yml
+++ b/roles/matrix-sygnal/defaults/main.yml
@@ -1,3 +1,4 @@
+---
# Sygnal is a reference Push Gateway for Matrix.
# To make use of it for delivering push notificatins, you'll need to develop/build your own Matrix app.
# Learn more here: https://github.com/matrix-org/sygnal
@@ -7,7 +8,7 @@ matrix_sygnal_base_path: "{{ matrix_base_data_path }}/sygnal"
matrix_sygnal_config_path: "{{ matrix_sygnal_base_path }}/config"
matrix_sygnal_data_path: "{{ matrix_sygnal_base_path }}/data"
-matrix_sygnal_version: v0.10.1
+matrix_sygnal_version: v0.11.0
matrix_sygnal_docker_image: "{{ matrix_container_global_registry_prefix }}matrixdotorg/sygnal:{{ matrix_sygnal_version }}"
matrix_sygnal_docker_image_force_pull: "{{ matrix_sygnal_docker_image.endswith(':latest') }}"
diff --git a/roles/matrix-sygnal/tasks/init.yml b/roles/matrix-sygnal/tasks/init.yml
index 559a3681..efa17a4d 100644
--- a/roles/matrix-sygnal/tasks/init.yml
+++ b/roles/matrix-sygnal/tasks/init.yml
@@ -1,3 +1,5 @@
+---
+
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-sygnal.service'] }}"
when: matrix_sygnal_enabled|bool
diff --git a/roles/matrix-sygnal/tasks/main.yml b/roles/matrix-sygnal/tasks/main.yml
index c00862a4..38579822 100644
--- a/roles/matrix-sygnal/tasks/main.yml
+++ b/roles/matrix-sygnal/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-sygnal/tasks/setup_install.yml b/roles/matrix-sygnal/tasks/setup_install.yml
index b85b6bff..cd54a51d 100644
--- a/roles/matrix-sygnal/tasks/setup_install.yml
+++ b/roles/matrix-sygnal/tasks/setup_install.yml
@@ -36,5 +36,5 @@
- name: Ensure systemd reloaded after matrix-sygnal.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_sygnal_systemd_service_result.changed|bool"
diff --git a/roles/matrix-sygnal/tasks/setup_uninstall.yml b/roles/matrix-sygnal/tasks/setup_uninstall.yml
index f2b6133f..5a81a1b2 100644
--- a/roles/matrix-sygnal/tasks/setup_uninstall.yml
+++ b/roles/matrix-sygnal/tasks/setup_uninstall.yml
@@ -9,8 +9,8 @@
service:
name: matrix-sygnal
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
register: stopping_result
when: "matrix_sygnal_service_stat.stat.exists|bool"
@@ -22,7 +22,7 @@
- name: Ensure systemd reloaded after matrix-sygnal.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_sygnal_service_stat.stat.exists|bool"
- name: Ensure Sygnal base directory doesn't exist
diff --git a/roles/matrix-sygnal/tasks/validate_config.yml b/roles/matrix-sygnal/tasks/validate_config.yml
index 1cf8357e..2121edf4 100644
--- a/roles/matrix-sygnal/tasks/validate_config.yml
+++ b/roles/matrix-sygnal/tasks/validate_config.yml
@@ -1,3 +1,5 @@
+---
+
- name: Fail if no Sygnal apps defined
fail:
msg: >-
diff --git a/roles/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 b/roles/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2
index 84c6f6ea..019ab40c 100644
--- a/roles/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2
+++ b/roles/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2
@@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-sygnal \
{% endfor %}
{{ matrix_sygnal_docker_image }}
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-sygnal 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-sygnal 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-sygnal 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-sygnal 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-sygnal
diff --git a/roles/matrix-synapse-admin/defaults/main.yml b/roles/matrix-synapse-admin/defaults/main.yml
index db1024fa..0aa19e86 100644
--- a/roles/matrix-synapse-admin/defaults/main.yml
+++ b/roles/matrix-synapse-admin/defaults/main.yml
@@ -1,3 +1,4 @@
+---
# matrix-synapse-admin is a web UI for mananging the Synapse Matrix server
# See: https://github.com/Awesome-Technologies/synapse-admin
@@ -8,7 +9,7 @@ matrix_synapse_admin_container_image_self_build_repo: "https://github.com/Awesom
matrix_synapse_admin_docker_src_files_path: "{{ matrix_base_data_path }}/synapse-admin/docker-src"
-matrix_synapse_admin_version: 0.8.4
+matrix_synapse_admin_version: 0.8.5
matrix_synapse_admin_docker_image: "{{ matrix_synapse_admin_docker_image_name_prefix }}awesometechnologies/synapse-admin:{{ matrix_synapse_admin_version }}"
matrix_synapse_admin_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_admin_container_image_self_build else matrix_container_global_registry_prefix }}"
matrix_synapse_admin_docker_image_force_pull: "{{ matrix_synapse_admin_docker_image.endswith(':latest') }}"
diff --git a/roles/matrix-synapse-admin/tasks/init.yml b/roles/matrix-synapse-admin/tasks/init.yml
index 3ce5a693..ccaa03f6 100644
--- a/roles/matrix-synapse-admin/tasks/init.yml
+++ b/roles/matrix-synapse-admin/tasks/init.yml
@@ -1,3 +1,4 @@
+---
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
- name: Fail if trying to self-build on Ansible < 2.8
@@ -10,40 +11,40 @@
when: matrix_synapse_admin_enabled|bool
- block:
- - name: Fail if matrix-nginx-proxy role already executed
- fail:
- msg: >-
- Trying to append Synapse Admin's reverse-proxying configuration to matrix-nginx-proxy,
- but it's pointless since the matrix-nginx-proxy role had already executed.
- To fix this, please change the order of roles in your playbook,
- so that the matrix-nginx-proxy role would run after the matrix-synapse-admin role.
- when: matrix_nginx_proxy_role_executed|default(False)|bool
+ - name: Fail if matrix-nginx-proxy role already executed
+ fail:
+ msg: >-
+ Trying to append Synapse Admin's reverse-proxying configuration to matrix-nginx-proxy,
+ but it's pointless since the matrix-nginx-proxy role had already executed.
+ To fix this, please change the order of roles in your playbook,
+ so that the matrix-nginx-proxy role would run after the matrix-synapse-admin role.
+ when: matrix_nginx_proxy_role_executed|default(False)|bool
- - name: Generate Synapse Admin proxying configuration for matrix-nginx-proxy
- set_fact:
- matrix_synapse_admin_matrix_nginx_proxy_configuration: |
- rewrite ^{{ matrix_synapse_admin_public_endpoint }}$ {{ matrix_nginx_proxy_x_forwarded_proto_value }}://$server_name{{ matrix_synapse_admin_public_endpoint }}/ permanent;
+ - name: Generate Synapse Admin proxying configuration for matrix-nginx-proxy
+ set_fact:
+ matrix_synapse_admin_matrix_nginx_proxy_configuration: |
+ rewrite ^{{ matrix_synapse_admin_public_endpoint }}$ {{ matrix_nginx_proxy_x_forwarded_proto_value }}://$server_name{{ matrix_synapse_admin_public_endpoint }}/ permanent;
- location ~ ^{{ matrix_synapse_admin_public_endpoint }}/(.*) {
- {% if matrix_nginx_proxy_enabled|default(False) %}
- {# Use the embedded DNS resolver in Docker containers to discover the service #}
- resolver 127.0.0.11 valid=5s;
- set $backend "matrix-synapse-admin:80";
- proxy_pass http://$backend/$1;
- {% else %}
- {# Generic configuration for use outside of our container setup #}
- proxy_pass http://127.0.0.1:8766/$1;
- {% endif %}
- }
+ location ~ ^{{ matrix_synapse_admin_public_endpoint }}/(.*) {
+ {% if matrix_nginx_proxy_enabled|default(False) %}
+ {# Use the embedded DNS resolver in Docker containers to discover the service #}
+ resolver 127.0.0.11 valid=5s;
+ set $backend "matrix-synapse-admin:80";
+ proxy_pass http://$backend/$1;
+ {% else %}
+ {# Generic configuration for use outside of our container setup #}
+ proxy_pass http://127.0.0.1:8766/$1;
+ {% endif %}
+ }
- - name: Register Synapse Admin proxying configuration with matrix-nginx-proxy
- set_fact:
- matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
- {{
- matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
- +
- [matrix_synapse_admin_matrix_nginx_proxy_configuration]
- }}
+ - name: Register Synapse Admin proxying configuration with matrix-nginx-proxy
+ set_fact:
+ matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
+ {{
+ matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
+ +
+ [matrix_synapse_admin_matrix_nginx_proxy_configuration]
+ }}
tags:
- always
when: matrix_synapse_admin_enabled|bool
diff --git a/roles/matrix-synapse-admin/tasks/main.yml b/roles/matrix-synapse-admin/tasks/main.yml
index b5cb1689..0095f753 100644
--- a/roles/matrix-synapse-admin/tasks/main.yml
+++ b/roles/matrix-synapse-admin/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
diff --git a/roles/matrix-synapse-admin/tasks/setup.yml b/roles/matrix-synapse-admin/tasks/setup.yml
index 9eac7f90..ab1e6d46 100644
--- a/roles/matrix-synapse-admin/tasks/setup.yml
+++ b/roles/matrix-synapse-admin/tasks/setup.yml
@@ -30,7 +30,7 @@
build:
dockerfile: Dockerfile
path: "{{ matrix_synapse_admin_docker_src_files_path }}"
- pull: yes
+ pull: true
when: "matrix_synapse_admin_enabled|bool and matrix_synapse_admin_container_image_self_build|bool"
- name: Ensure matrix-synapse-admin.service installed
@@ -43,7 +43,7 @@
- name: Ensure systemd reloaded after matrix-synapse-admin.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_synapse_admin_enabled|bool and matrix_synapse_admin_systemd_service_result.changed"
#
@@ -59,8 +59,8 @@
service:
name: matrix-synapse-admin
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
register: stopping_result
when: "not matrix_synapse_admin_enabled|bool and matrix_synapse_admin_service_stat.stat.exists"
@@ -72,7 +72,7 @@
- name: Ensure systemd reloaded after matrix-synapse-admin.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "not matrix_synapse_admin_enabled|bool and matrix_synapse_admin_service_stat.stat.exists"
- name: Ensure matrix-synapse-admin Docker image doesn't exist
diff --git a/roles/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 b/roles/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2
index 28fe08aa..4823d89c 100644
--- a/roles/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2
+++ b/roles/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2
@@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-synapse-admin
{% endfor %}
{{ matrix_synapse_admin_docker_image }}
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-synapse-admin 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-synapse-admin 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-synapse-admin 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-synapse-admin 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-synapse-admin
diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml
index ce5235d3..3e3ee121 100644
--- a/roles/matrix-synapse/defaults/main.yml
+++ b/roles/matrix-synapse/defaults/main.yml
@@ -1,3 +1,4 @@
+---
# Synapse is a Matrix homeserver
# See: https://github.com/matrix-org/synapse
@@ -8,16 +9,8 @@ matrix_synapse_container_image_self_build_repo: "https://github.com/matrix-org/s
matrix_synapse_docker_image: "{{ matrix_synapse_docker_image_name_prefix }}matrixdotorg/synapse:{{ matrix_synapse_docker_image_tag }}"
matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_container_image_self_build else matrix_container_global_registry_prefix }}"
-# The if statement below may look silly at times (leading to the same version being returned),
-# but ARM-compatible container images are only released 1-7 hours after a release,
-# so we may often be on different versions for different architectures when new Synapse releases come out.
-#
-# amd64 gets released first.
-# arm32 relies on self-building, so the same version can be built immediately.
-# arm64 users need to wait for a prebuilt image to become available.
-matrix_synapse_version: v1.49.2
-matrix_synapse_version_arm64: v1.49.2
-matrix_synapse_docker_image_tag: "{{ matrix_synapse_version if matrix_architecture in ['arm32', 'amd64'] else matrix_synapse_version_arm64 }}"
+matrix_synapse_version: v1.53.0
+matrix_synapse_docker_image_tag: "{{ matrix_synapse_version }}"
matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}"
matrix_synapse_base_path: "{{ matrix_base_data_path }}/synapse"
@@ -471,7 +464,7 @@ matrix_synapse_database_database: "synapse"
matrix_synapse_turn_uris: []
matrix_synapse_turn_shared_secret: ""
-matrix_synapse_turn_allow_guests: False
+matrix_synapse_turn_allow_guests: false
matrix_synapse_email_enabled: false
matrix_synapse_email_smtp_host: ""
@@ -496,8 +489,16 @@ matrix_synapse_ext_password_provider_rest_auth_login_profile_name_autofill: fals
# Enable this to activate the Shared Secret Auth password provider module.
# See: https://github.com/devture/matrix-synapse-shared-secret-auth
matrix_synapse_ext_password_provider_shared_secret_auth_enabled: false
-matrix_synapse_ext_password_provider_shared_secret_auth_download_url: "https://raw.githubusercontent.com/devture/matrix-synapse-shared-secret-auth/1.0.2/shared_secret_authenticator.py"
+matrix_synapse_ext_password_provider_shared_secret_auth_download_url: "https://raw.githubusercontent.com/devture/matrix-synapse-shared-secret-auth/2.0.2/shared_secret_authenticator.py"
matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret: ""
+matrix_synapse_ext_password_provider_shared_secret_auth_m_login_password_support_enabled: true
+# We'd like to enable this, but it causes trouble for Element: https://github.com/vector-im/element-web/issues/19605
+matrix_synapse_ext_password_provider_shared_secret_auth_com_devture_shared_secret_auth_support_enabled: false
+matrix_synapse_ext_password_provider_shared_secret_config: "{{ matrix_synapse_ext_password_provider_shared_secret_config_yaml|from_yaml }}"
+matrix_synapse_ext_password_provider_shared_secret_config_yaml: |
+ shared_secret: {{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret|string|to_json }}
+ m_login_password_support_enabled: {{ matrix_synapse_ext_password_provider_shared_secret_auth_m_login_password_support_enabled|to_json }}
+ com_devture_shared_secret_auth_support_enabled: {{ matrix_synapse_ext_password_provider_shared_secret_auth_com_devture_shared_secret_auth_support_enabled|to_json }}
# Enable this to activate LDAP password provider
matrix_synapse_ext_password_provider_ldap_enabled: false
@@ -517,7 +518,7 @@ matrix_synapse_ext_password_provider_ldap_default_domain: ""
# See: https://github.com/t2bot/synapse-simple-antispam
matrix_synapse_ext_spam_checker_synapse_simple_antispam_enabled: false
matrix_synapse_ext_spam_checker_synapse_simple_antispam_git_repository_url: "https://github.com/t2bot/synapse-simple-antispam"
-matrix_synapse_ext_spam_checker_synapse_simple_antispam_git_version: "923ca5c85b08f157181721abbae50dd89c31e4b5"
+matrix_synapse_ext_spam_checker_synapse_simple_antispam_git_version: "5ab711971e3a4541a7a40310ff85e17f8262cc05"
matrix_synapse_ext_spam_checker_synapse_simple_antispam_config_blocked_homeservers: []
# Enable this to activate the Mjolnir Antispam spam-checker module.
@@ -541,6 +542,30 @@ matrix_synapse_ext_spam_checker_mjolnir_antispam_config_block_usernames: false
matrix_synapse_ext_spam_checker_mjolnir_antispam_config_ban_lists: []
+# Enable this to activate the E2EE disabling Synapse module.
+# See: https://github.com/digitalentity/matrix_encryption_disabler
+matrix_synapse_ext_encryption_disabler_enabled: false
+matrix_synapse_ext_encryption_disabler_download_url: "https://raw.githubusercontent.com/digitalentity/matrix_encryption_disabler/1182388f7019e8ec1e28f035070c7919d0e4cc24/matrix_e2ee_filter.py"
+# A list of server domain names for which to deny encryption if the event sender's domain matches the domain in the list.
+# By default, with the configuration below, we prevent all homeserver users from initiating encryption in ANY room.
+matrix_synapse_ext_encryption_disabler_deny_encryption_for_users_of: ["{{ matrix_domain }}"]
+# A list of server domain names for which to deny encryption if the destination room id's domain matches the domain in the list.
+# By default, with the configuration below, we prevent locally-created encryption events by ANY user encrypt rooms on the homeserver.
+# Note: foreign users with enough room privileges will still be able to send an encryption event to your rooms and encrypt them.
+matrix_synapse_ext_encryption_disabler_deny_encryption_for_rooms_of: ["{{ matrix_domain }}"]
+# Specifies whether the power levels event (setting) provided during room creation should be patched.
+# This makes it impossible for anybody (locally or over federation) from enabling room encryption
+# for the lifetime of rooms created while this setting is enabled (irreversible).
+# Enabling this may have incompatiblity consequences with servers / clients.
+# Familiarize yourself with the caveats upstream: https://github.com/digitalentity/matrix_encryption_disabler
+matrix_synapse_ext_encryption_disabler_patch_power_levels: false
+matrix_synapse_ext_encryption_config: "{{ matrix_synapse_ext_encryption_config_yaml|from_yaml }}"
+matrix_synapse_ext_encryption_config_yaml: |
+ deny_encryption_for_users_of: {{ matrix_synapse_ext_encryption_disabler_deny_encryption_for_users_of|to_json }}
+ deny_encryption_for_rooms_of: {{ matrix_synapse_ext_encryption_disabler_deny_encryption_for_rooms_of|to_json }}
+ patch_power_levels: {{ matrix_synapse_ext_encryption_disabler_patch_power_levels|to_json }}
+
+
matrix_s3_media_store_enabled: false
matrix_s3_media_store_custom_endpoint_enabled: false
matrix_s3_goofys_docker_image: "ewoutp/goofys:latest"
@@ -572,7 +597,7 @@ matrix_synapse_room_list_publication_rules:
room_id: "*"
action: allow
-matrix_synapse_default_room_version: "6"
+matrix_synapse_default_room_version: "9"
# Controls the Synapse `spam_checker` setting.
#
@@ -580,7 +605,12 @@ matrix_synapse_default_room_version: "6"
# If not, you can also control its value manually.
matrix_synapse_spam_checker: []
-matrix_synapse_encryption_enabled_by_default_for_room_type: off
+# Controls the Synapse `modules` list.
+# You can define your own list of modules here. See the `modules` syntax in `homeserver.yaml.j2`
+# Certain Synapse extensions that you can enable below auto-inject themselves into `matrix_synapse_modules` at runtime.
+matrix_synapse_modules: []
+
+matrix_synapse_encryption_enabled_by_default_for_room_type: "off"
matrix_synapse_trusted_key_servers:
- server_name: "matrix.org"
diff --git a/roles/matrix-synapse/tasks/ext/encryption-disabler/setup.yml b/roles/matrix-synapse/tasks/ext/encryption-disabler/setup.yml
new file mode 100644
index 00000000..8fda082d
--- /dev/null
+++ b/roles/matrix-synapse/tasks/ext/encryption-disabler/setup.yml
@@ -0,0 +1,7 @@
+---
+
+- import_tasks: "{{ role_path }}/tasks/ext/encryption-disabler/setup_install.yml"
+ when: matrix_synapse_ext_encryption_disabler_enabled|bool
+
+- import_tasks: "{{ role_path }}/tasks/ext/encryption-disabler/setup_uninstall.yml"
+ when: "not matrix_synapse_ext_encryption_disabler_enabled|bool"
diff --git a/roles/matrix-synapse/tasks/ext/encryption-disabler/setup_install.yml b/roles/matrix-synapse/tasks/ext/encryption-disabler/setup_install.yml
new file mode 100644
index 00000000..dfc15a20
--- /dev/null
+++ b/roles/matrix-synapse/tasks/ext/encryption-disabler/setup_install.yml
@@ -0,0 +1,33 @@
+---
+
+- name: Download matrix_encryption_disabler
+ get_url:
+ url: "{{ matrix_synapse_ext_encryption_disabler_download_url }}"
+ dest: "{{ matrix_synapse_ext_path }}/matrix_e2ee_filter.py"
+ force: true
+ mode: 0440
+ owner: "{{ matrix_user_username }}"
+ group: "{{ matrix_user_groupname }}"
+
+- set_fact:
+ matrix_synapse_modules: |
+ {{
+ matrix_synapse_modules|default([])
+ +
+ [
+ {
+ "module": "matrix_e2ee_filter.EncryptedRoomFilter",
+ "config": matrix_synapse_ext_encryption_config
+ }
+ ]
+ }}
+
+ matrix_synapse_container_extra_arguments: >
+ {{ matrix_synapse_container_extra_arguments|default([]) }}
+ +
+ ["--mount type=bind,src={{ matrix_synapse_ext_path }}/matrix_e2ee_filter.py,dst={{ matrix_synapse_in_container_python_packages_path }}/matrix_e2ee_filter.py,ro"]
+
+ matrix_synapse_additional_loggers: >
+ {{ matrix_synapse_additional_loggers }}
+ +
+ {{ [{'name': 'matrix_e2ee_filter', 'level': 'INFO'}] }}
diff --git a/roles/matrix-synapse/tasks/ext/encryption-disabler/setup_uninstall.yml b/roles/matrix-synapse/tasks/ext/encryption-disabler/setup_uninstall.yml
new file mode 100644
index 00000000..a532464d
--- /dev/null
+++ b/roles/matrix-synapse/tasks/ext/encryption-disabler/setup_uninstall.yml
@@ -0,0 +1,6 @@
+---
+
+- name: Ensure matrix_encryption_disabler doesn't exist
+ file:
+ path: "{{ matrix_synapse_ext_path }}/matrix_e2ee_filter.py"
+ state: absent
diff --git a/roles/matrix-synapse/tasks/ext/ldap-auth/setup.yml b/roles/matrix-synapse/tasks/ext/ldap-auth/setup.yml
index e760626d..374c9e55 100644
--- a/roles/matrix-synapse/tasks/ext/ldap-auth/setup.yml
+++ b/roles/matrix-synapse/tasks/ext/ldap-auth/setup.yml
@@ -1,3 +1,5 @@
+---
+
- set_fact:
matrix_synapse_password_providers_enabled: true
diff --git a/roles/matrix-synapse/tasks/ext/mjolnir-antispam/setup_install.yml b/roles/matrix-synapse/tasks/ext/mjolnir-antispam/setup_install.yml
index a416e42b..ec298ccd 100644
--- a/roles/matrix-synapse/tasks/ext/mjolnir-antispam/setup_install.yml
+++ b/roles/matrix-synapse/tasks/ext/mjolnir-antispam/setup_install.yml
@@ -5,7 +5,7 @@
name:
- git
state: present
- update_cache: no
+ update_cache: false
when: "ansible_os_family == 'RedHat'"
- name: Ensure git installed (Debian)
@@ -13,7 +13,7 @@
name:
- git
state: present
- update_cache: no
+ update_cache: false
when: "ansible_os_family == 'Debian'"
- name: Ensure git installed (Archlinux)
@@ -21,7 +21,7 @@
name:
- git
state: present
- update_cache: no
+ update_cache: false
when: "ansible_distribution == 'Archlinux'"
- name: Clone mjolnir-antispam git repository
diff --git a/roles/matrix-synapse/tasks/ext/setup.yml b/roles/matrix-synapse/tasks/ext/setup.yml
index 31637fa9..25c8809d 100644
--- a/roles/matrix-synapse/tasks/ext/setup.yml
+++ b/roles/matrix-synapse/tasks/ext/setup.yml
@@ -1,5 +1,7 @@
---
+- import_tasks: "{{ role_path }}/tasks/ext/encryption-disabler/setup.yml"
+
- import_tasks: "{{ role_path }}/tasks/ext/rest-auth/setup.yml"
- import_tasks: "{{ role_path }}/tasks/ext/shared-secret-auth/setup.yml"
diff --git a/roles/matrix-synapse/tasks/ext/shared-secret-auth/setup_install.yml b/roles/matrix-synapse/tasks/ext/shared-secret-auth/setup_install.yml
index af92041d..f408e2f9 100644
--- a/roles/matrix-synapse/tasks/ext/shared-secret-auth/setup_install.yml
+++ b/roles/matrix-synapse/tasks/ext/shared-secret-auth/setup_install.yml
@@ -5,6 +5,11 @@
msg: "Shared Secret Auth is enabled, but no secret has been set in matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret"
when: "matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret == ''"
+- name: Fail if no Shared Secret Auth login types enabled
+ fail:
+ msg: "Shared Secret Auth is enabled, but none of the login types are"
+ when: "not (matrix_synapse_ext_password_provider_shared_secret_auth_m_login_password_support_enabled or matrix_synapse_ext_password_provider_shared_secret_auth_com_devture_shared_secret_auth_support_enabled)"
+
- name: Download matrix-synapse-shared-secret-auth
get_url:
url: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_download_url }}"
@@ -15,7 +20,17 @@
group: "{{ matrix_user_groupname }}"
- set_fact:
- matrix_synapse_password_providers_enabled: true
+ matrix_synapse_modules: |
+ {{
+ matrix_synapse_modules|default([])
+ +
+ [
+ {
+ "module": "shared_secret_authenticator.SharedSecretAuthProvider",
+ "config": matrix_synapse_ext_password_provider_shared_secret_config
+ }
+ ]
+ }}
matrix_synapse_container_extra_arguments: >
{{ matrix_synapse_container_extra_arguments|default([]) }}
diff --git a/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml b/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml
index 2599e7f1..740d9474 100644
--- a/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml
+++ b/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml
@@ -10,7 +10,7 @@
name:
- git
state: present
- update_cache: no
+ update_cache: false
when: "ansible_os_family == 'RedHat'"
- name: Ensure git installed (Debian)
@@ -18,7 +18,7 @@
name:
- git
state: present
- update_cache: no
+ update_cache: false
when: "ansible_os_family == 'Debian'"
- name: Ensure git installed (Archlinux)
@@ -26,7 +26,7 @@
name:
- git
state: present
- update_cache: no
+ update_cache: false
when: "ansible_distribution == 'Archlinux'"
- name: Clone synapse-simple-antispam git repository
@@ -38,8 +38,8 @@
become_user: "{{ matrix_user_username }}"
- set_fact:
- matrix_synapse_spam_checker: >
- {{ matrix_synapse_spam_checker }}
+ matrix_synapse_modules: >
+ {{ matrix_synapse_modules }}
+
[{
"module": "synapse_simple_antispam.AntiSpamInvites",
diff --git a/roles/matrix-synapse/tasks/goofys/setup_install.yml b/roles/matrix-synapse/tasks/goofys/setup_install.yml
index 147efabf..9e3870e5 100644
--- a/roles/matrix-synapse/tasks/goofys/setup_install.yml
+++ b/roles/matrix-synapse/tasks/goofys/setup_install.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/../matrix-base/tasks/util/ensure_fuse_installed.yml"
- name: Ensure Goofys Docker image is pulled
@@ -12,7 +14,7 @@
stat:
path: "{{ matrix_s3_media_store_path }}"
register: local_path_matrix_s3_media_store_path_stat
- ignore_errors: yes
+ ignore_errors: true
- name: Ensure Matrix Goofys external storage mountpoint exists
file:
@@ -39,5 +41,5 @@
- name: Ensure systemd reloaded after matrix-goofys.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_goofys_systemd_service_result.changed"
diff --git a/roles/matrix-synapse/tasks/goofys/setup_uninstall.yml b/roles/matrix-synapse/tasks/goofys/setup_uninstall.yml
index 317a5371..c00206ef 100644
--- a/roles/matrix-synapse/tasks/goofys/setup_uninstall.yml
+++ b/roles/matrix-synapse/tasks/goofys/setup_uninstall.yml
@@ -1,3 +1,5 @@
+---
+
- name: Check existence of matrix-goofys service
stat:
path: "{{ matrix_systemd_path }}/matrix-goofys.service"
@@ -7,8 +9,8 @@
service:
name: matrix-goofys
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
register: stopping_result
when: "matrix_goofys_service_stat.stat.exists"
@@ -20,7 +22,7 @@
- name: Ensure systemd reloaded after matrix-goofys.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_goofys_service_stat.stat.exists"
- name: Ensure goofys environment variables file doesn't exist
diff --git a/roles/matrix-synapse/tasks/import_media_store.yml b/roles/matrix-synapse/tasks/import_media_store.yml
index 42455b44..8e962680 100644
--- a/roles/matrix-synapse/tasks/import_media_store.yml
+++ b/roles/matrix-synapse/tasks/import_media_store.yml
@@ -44,8 +44,8 @@
service:
name: matrix-synapse
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
register: stopping_result
# This can only work with local files, not if the media store is on Amazon S3,
@@ -54,11 +54,11 @@
synchronize:
src: "{{ server_path_media_store }}/"
dest: "{{ matrix_synapse_media_store_path }}"
- delete: yes
+ delete: true
# It's wasteful to preserve owner/group now. We chown below anyway.
- owner: no
- group: no
- times: yes
+ owner: false
+ group: false
+ times: true
delegate_to: "{{ inventory_hostname }}"
# This is for the generic case and fails in other cases (remote file systems),
@@ -68,7 +68,7 @@
path: "{{ matrix_synapse_media_store_path }}"
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
- recurse: yes
+ recurse: true
when: "not matrix_s3_media_store_enabled|bool"
# We don't chown for Goofys, because due to the way it's mounted,
@@ -78,7 +78,7 @@
service:
name: "{{ item }}"
state: started
- daemon_reload: yes
+ daemon_reload: true
when: "stopping_result.changed"
with_items:
- matrix-synapse
diff --git a/roles/matrix-synapse/tasks/init.yml b/roles/matrix-synapse/tasks/init.yml
index bc23fc86..88065049 100644
--- a/roles/matrix-synapse/tasks/init.yml
+++ b/roles/matrix-synapse/tasks/init.yml
@@ -1,8 +1,9 @@
+---
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
- name: Fail if trying to self-build on Ansible < 2.8
fail:
- msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md"
+ msg: "To self-build the Synapse image, you should use Ansible 2.8 or higher. See docs/ansible.md"
when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_synapse_container_image_self_build and matrix_synapse_enabled"
# Unless `matrix_synapse_workers_enabled_list` is explicitly defined,
diff --git a/roles/matrix-synapse/tasks/main.yml b/roles/matrix-synapse/tasks/main.yml
index 17eef9cc..55235843 100644
--- a/roles/matrix-synapse/tasks/main.yml
+++ b/roles/matrix-synapse/tasks/main.yml
@@ -1,3 +1,5 @@
+---
+
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
@@ -52,4 +54,4 @@
set_fact:
matrix_synapse_role_executed: true
tags:
- - always
+ - always
diff --git a/roles/matrix-synapse/tasks/register_user.yml b/roles/matrix-synapse/tasks/register_user.yml
index 9c2a3ea0..2a1c5708 100644
--- a/roles/matrix-synapse/tasks/register_user.yml
+++ b/roles/matrix-synapse/tasks/register_user.yml
@@ -19,7 +19,7 @@
service:
name: matrix-synapse
state: started
- daemon_reload: yes
+ daemon_reload: true
register: start_result
- name: Wait a while, so that Synapse can manage to start
diff --git a/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml b/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml
index 46cad808..36ef0a3a 100644
--- a/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml
+++ b/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml
@@ -1,3 +1,5 @@
+---
+
- debug:
msg: "Compressing room `{{ room_details.room_id }}` having {{ room_details.count }} state group rows"
diff --git a/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml b/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml
index 106c59d5..ad8497cc 100644
--- a/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml
+++ b/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml
@@ -1,3 +1,4 @@
+---
# Pre-checks
- name: Fail if Postgres not enabled
@@ -80,12 +81,12 @@
# Row 3 contains a space when there's no result.
- block:
- - debug: var="matrix_synapse_rust_synapse_compress_state_find_rooms_command_result"
+ - debug: var="matrix_synapse_rust_synapse_compress_state_find_rooms_command_result"
- - name: Fail if room find result is not what we expect
- fail:
- msg: >-
- Expecting 4 lines in the "find rooms" result.
+ - name: Fail if room find result is not what we expect
+ fail:
+ msg: >-
+ Expecting 4 lines in the "find rooms" result.
when: "matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.failed or matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.stdout_lines|length != 4"
- block:
diff --git a/roles/matrix-synapse/tasks/self_check_client_api.yml b/roles/matrix-synapse/tasks/self_check_client_api.yml
index 30244d50..407a79ff 100644
--- a/roles/matrix-synapse/tasks/self_check_client_api.yml
+++ b/roles/matrix-synapse/tasks/self_check_client_api.yml
@@ -7,7 +7,7 @@
validate_certs: "{{ matrix_synapse_self_check_validate_certificates }}"
register: result_matrix_synapse_client_api
ignore_errors: true
- check_mode: no
+ check_mode: false
when: matrix_synapse_enabled|bool
- name: Fail if Matrix Client API not working
diff --git a/roles/matrix-synapse/tasks/self_check_federation_api.yml b/roles/matrix-synapse/tasks/self_check_federation_api.yml
index 57c9e56b..32249372 100644
--- a/roles/matrix-synapse/tasks/self_check_federation_api.yml
+++ b/roles/matrix-synapse/tasks/self_check_federation_api.yml
@@ -7,7 +7,7 @@
validate_certs: "{{ matrix_synapse_self_check_validate_certificates }}"
register: result_matrix_synapse_federation_api
ignore_errors: true
- check_mode: no
+ check_mode: false
when: matrix_synapse_enabled|bool
- name: Fail if Matrix Federation API not working
@@ -17,7 +17,7 @@
- name: Fail if Matrix Federation API unexpectedly enabled
fail:
- msg: "Matrix Federation API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`) despite being disabled."
+ msg: "Matrix Federation API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`) despite being disabled."
when: "matrix_synapse_enabled|bool and not matrix_synapse_federation_enabled|bool and not result_matrix_synapse_federation_api.failed"
- name: Report working Matrix Federation API
diff --git a/roles/matrix-synapse/tasks/setup_synapse.yml b/roles/matrix-synapse/tasks/setup_synapse.yml
index f8bc05a1..47e404f4 100644
--- a/roles/matrix-synapse/tasks/setup_synapse.yml
+++ b/roles/matrix-synapse/tasks/setup_synapse.yml
@@ -8,9 +8,9 @@
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- - { path: "{{ matrix_synapse_config_dir_path }}", when: true }
- - { path: "{{ matrix_synapse_ext_path }}", when: true }
- - { path: "{{ matrix_synapse_docker_src_files_path }}", when: "{{ matrix_synapse_container_image_self_build }}" }
+ - {path: "{{ matrix_synapse_config_dir_path }}", when: true}
+ - {path: "{{ matrix_synapse_ext_path }}", when: true}
+ - {path: "{{ matrix_synapse_docker_src_files_path }}", when: "{{ matrix_synapse_container_image_self_build }}"}
# We handle matrix_synapse_media_store_path elsewhere (in ./synapse/setup_install.yml),
# because if it's using Goofys and it's already mounted (from before),
# trying to chown/chmod it here will cause trouble.
diff --git a/roles/matrix-synapse/tasks/synapse/setup_install.yml b/roles/matrix-synapse/tasks/synapse/setup_install.yml
index 09ec798d..bd7da90d 100644
--- a/roles/matrix-synapse/tasks/synapse/setup_install.yml
+++ b/roles/matrix-synapse/tasks/synapse/setup_install.yml
@@ -5,7 +5,7 @@
stat:
path: "{{ matrix_synapse_media_store_path }}"
register: local_path_media_store_stat
- ignore_errors: yes
+ ignore_errors: true
# This is separate and conditional, to ensure we don't execute it
# if the path already exists or we failed to check, because it's mounted using fuse.
@@ -18,25 +18,33 @@
group: "{{ matrix_user_groupname }}"
when: "not local_path_media_store_stat.failed and not local_path_media_store_stat.stat.exists"
-- name: Ensure Synapse repository is present on self-build
- git:
- repo: "{{ matrix_synapse_container_image_self_build_repo }}"
- dest: "{{ matrix_synapse_docker_src_files_path }}"
- version: "{{ matrix_synapse_docker_image.split(':')[1] }}"
- force: "yes"
- register: matrix_synapse_git_pull_results
- when: "matrix_synapse_container_image_self_build|bool"
+- block:
+ - name: Ensure Synapse repository is present on self-build
+ git:
+ repo: "{{ matrix_synapse_container_image_self_build_repo }}"
+ dest: "{{ matrix_synapse_docker_src_files_path }}"
+ version: "{{ matrix_synapse_docker_image.split(':')[1] }}"
+ force: "yes"
+ register: matrix_synapse_git_pull_results
-- name: Ensure Synapse Docker image is built
- docker_image:
- name: "{{ matrix_synapse_docker_image }}"
- source: build
- force_source: "{{ matrix_synapse_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
- force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_synapse_git_pull_results.changed }}"
- build:
- dockerfile: docker/Dockerfile
- path: "{{ matrix_synapse_docker_src_files_path }}"
- pull: yes
+ - name: Check if Synapse Docker image exists
+ command: "{{ matrix_host_command_docker }} images --quiet --filter 'reference={{ matrix_synapse_docker_image }}'"
+ register: matrix_synapse_docker_image_check_result
+
+ # Invoking the `docker build` command here, instead of calling the `docker_image` Ansible module,
+ # because the latter does not support BuildKit.
+ # See: https://github.com/ansible-collections/community.general/issues/514
+ - name: Ensure Synapse Docker image is built
+ shell:
+ chdir: "{{ matrix_synapse_docker_src_files_path }}"
+ cmd: |
+ {{ matrix_host_command_docker }} build \
+ -t "{{ matrix_synapse_docker_image }}" \
+ -f docker/Dockerfile \
+ .
+ environment:
+ DOCKER_BUILDKIT: 1
+ when: "matrix_synapse_git_pull_results.changed|bool or matrix_synapse_docker_image_check_result.stdout == ''"
when: "matrix_synapse_container_image_self_build|bool"
- name: Ensure Synapse Docker image is pulled
@@ -55,10 +63,10 @@
# We do this so that the signing key would get generated.
#
# This will also generate a default homeserver.yaml configuration file and a log configuration file.
-# We don't care about those configuraiton files, as we replace them with our own anyway (see below).
+# We don't care about those configuration files, as we replace them with our own anyway (see below).
#
# We don't use the `docker_container` module, because using it with `cap_drop` requires
-# a very recent version, which is not available for a lot of people yet.
+# a very recent docker-py version, which is not available for a lot of people yet.
- name: Generate initial Synapse config and signing key
command: |
docker run
@@ -97,7 +105,7 @@
- name: Ensure systemd reloaded after matrix-synapse.service installation
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_synapse_systemd_service_result.changed"
- name: Ensure matrix-synapse-register-user script created
diff --git a/roles/matrix-synapse/tasks/synapse/setup_uninstall.yml b/roles/matrix-synapse/tasks/synapse/setup_uninstall.yml
index 070856e4..911d1285 100644
--- a/roles/matrix-synapse/tasks/synapse/setup_uninstall.yml
+++ b/roles/matrix-synapse/tasks/synapse/setup_uninstall.yml
@@ -1,3 +1,5 @@
+---
+
- name: Check existence of matrix-synapse service
stat:
path: "{{ matrix_systemd_path }}/matrix-synapse.service"
@@ -7,8 +9,8 @@
service:
name: matrix-synapse
state: stopped
- enabled: no
- daemon_reload: yes
+ enabled: false
+ daemon_reload: true
register: stopping_result
when: "matrix_synapse_service_stat.stat.exists"
@@ -20,7 +22,7 @@
- name: Ensure systemd reloaded after matrix-synapse.service removal
service:
- daemon_reload: yes
+ daemon_reload: true
when: "matrix_synapse_service_stat.stat.exists"
- name: Ensure Synapse Docker image doesn't exist
diff --git a/roles/matrix-synapse/tasks/synapse/workers/init.yml b/roles/matrix-synapse/tasks/synapse/workers/init.yml
index c6fc32c3..f59313bd 100644
--- a/roles/matrix-synapse/tasks/synapse/workers/init.yml
+++ b/roles/matrix-synapse/tasks/synapse/workers/init.yml
@@ -1,3 +1,4 @@
+---
# Below is a huge hack for dynamically building a list of workers and finally assigning it to `matrix_synapse_workers_enabled_list`.
#
# set_fact within a loop does not work reliably in Ansible (it only executes on the first iteration for some reason),
diff --git a/roles/matrix-synapse/tasks/synapse/workers/setup_uninstall.yml b/roles/matrix-synapse/tasks/synapse/workers/setup_uninstall.yml
index d0440d22..f0357611 100644
--- a/roles/matrix-synapse/tasks/synapse/workers/setup_uninstall.yml
+++ b/roles/matrix-synapse/tasks/synapse/workers/setup_uninstall.yml
@@ -8,7 +8,7 @@
name: "{{ item.key }}"
state: stopped
with_dict: "{{ ansible_facts.services|default({})|dict2items|selectattr('key', 'match', 'matrix-synapse-worker-.+\\.service')|list|items2dict }}"
- when: "item.value['status'] != 'not-found'" # see https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1461
+ when: "item.value['status'] != 'not-found'" # see https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1461
- name: Find worker configs to be cleaned
find:
diff --git a/roles/matrix-synapse/tasks/synapse/workers/util/inject_systemd_services_for_worker.yml b/roles/matrix-synapse/tasks/synapse/workers/util/inject_systemd_services_for_worker.yml
index 62b42625..2669e149 100644
--- a/roles/matrix-synapse/tasks/synapse/workers/util/inject_systemd_services_for_worker.yml
+++ b/roles/matrix-synapse/tasks/synapse/workers/util/inject_systemd_services_for_worker.yml
@@ -1,3 +1,4 @@
+---
# The tasks below run before `validate_config.yml`.
# To avoid failing with a cryptic error message, we'll do validation here.
#
diff --git a/roles/matrix-synapse/tasks/synapse/workers/util/setup_files_for_worker.yml b/roles/matrix-synapse/tasks/synapse/workers/util/setup_files_for_worker.yml
index 93ed6575..2247cd89 100644
--- a/roles/matrix-synapse/tasks/synapse/workers/util/setup_files_for_worker.yml
+++ b/roles/matrix-synapse/tasks/synapse/workers/util/setup_files_for_worker.yml
@@ -1,3 +1,5 @@
+---
+
- set_fact:
matrix_synapse_worker_systemd_service_name: "matrix-synapse-worker-{{ matrix_synapse_worker_details.type }}-{{ matrix_synapse_worker_details.instanceId }}"
diff --git a/roles/matrix-synapse/tasks/update_user_password.yml b/roles/matrix-synapse/tasks/update_user_password.yml
index 78136785..fd348d9d 100644
--- a/roles/matrix-synapse/tasks/update_user_password.yml
+++ b/roles/matrix-synapse/tasks/update_user_password.yml
@@ -19,14 +19,14 @@
service:
name: matrix-synapse
state: started
- daemon_reload: yes
+ daemon_reload: true
register: start_result
- name: Ensure matrix-postgres is started
service:
name: matrix-postgres
state: started
- daemon_reload: yes
+ daemon_reload: true
register: postgres_start_result
diff --git a/roles/matrix-synapse/tasks/validate_config.yml b/roles/matrix-synapse/tasks/validate_config.yml
index 6dcb50ce..89107c0a 100644
--- a/roles/matrix-synapse/tasks/validate_config.yml
+++ b/roles/matrix-synapse/tasks/validate_config.yml
@@ -48,6 +48,7 @@
- {'old': 'matrix_synapse_cache_factor', 'new': 'matrix_synapse_caches_global_factor'}
- {'old': 'matrix_synapse_trusted_third_party_id_servers', 'new': ''}
- {'old': 'matrix_synapse_use_presence', 'new': 'matrix_synapse_presence_enabled'}
+ - {'old': 'matrix_synapse_version_arm64', 'new': ''}
- name: (Deprecation) Catch and report renamed settings in matrix_synapse_configuration_extension_yaml
fail:
diff --git a/roles/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 b/roles/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2
index f74cbad9..df4a4f23 100644
--- a/roles/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2
+++ b/roles/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2
@@ -27,10 +27,10 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name %n \
-c 'goofys -f{% if not matrix_s3_media_store_custom_endpoint_enabled %} --storage-class=STANDARD_IA{% endif %}{% if matrix_s3_media_store_custom_endpoint_enabled %} --endpoint={{ matrix_s3_media_store_custom_endpoint }}{% endif %} --region {{ matrix_s3_media_store_region }} --stat-cache-ttl 60m0s --type-cache-ttl 60m0s --dir-mode 0700 --file-mode 0700 {{ matrix_s3_media_store_bucket_name }} /s3'
TimeoutStartSec=5min
-ExecStopPost=-{{ matrix_host_command_docker }} stop %n
-ExecStopPost=-{{ matrix_host_command_docker }} kill %n
-ExecStopPost=-{{ matrix_host_command_docker }} rm %n
-ExecStopPost=-{{ matrix_host_command_fusermount }} -u {{ matrix_s3_media_store_path }}
+ExecStop=-{{ matrix_host_command_docker }} stop %n
+ExecStop=-{{ matrix_host_command_docker }} kill %n
+ExecStop=-{{ matrix_host_command_docker }} rm %n
+ExecStop=-{{ matrix_host_command_fusermount }} -u {{ matrix_s3_media_store_path }}
Restart=always
RestartSec=5
SyslogIdentifier=matrix-goofys
diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2
index 5d7502fd..0308b406 100644
--- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2
+++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2
@@ -12,15 +12,16 @@
# Server admins can expand Synapse's functionality with external modules.
#
-# See https://matrix-org.github.io/synapse/develop/modules.html for more
+# See https://matrix-org.github.io/synapse/latest/modules/index.html for more
# documentation on how to configure or create custom modules for Synapse.
#
-modules:
- # - module: my_super_module.MySuperClass
- # config:
- # do_thing: true
- # - module: my_other_super_module.SomeClass
- # config: {}
+#modules:
+ #- module: my_super_module.MySuperClass
+ # config:
+ # do_thing: true
+ #- module: my_other_super_module.SomeClass
+ # config: {}
+modules: {{ matrix_synapse_modules|to_json }}
## Server ##
@@ -49,13 +50,7 @@ server_name: "{{ matrix_domain }}"
#
pid_file: /homeserver.pid
-# The absolute URL to the web client which /_matrix/client will redirect
-# to if 'webclient' is configured under the 'listeners' configuration.
-#
-# This option can be also set to the filesystem path to the web client
-# which will be served at /_matrix/client/ if 'webclient' is configured
-# under the 'listeners' configuration, however this is a security risk:
-# https://github.com/matrix-org/synapse#security-note
+# The absolute URL to the web client which / will redirect to.
#
#web_client_location: https://riot.example.com/
@@ -139,7 +134,7 @@ allow_public_rooms_over_federation: {{ matrix_synapse_allow_public_rooms_over_fe
# The default room version for newly created rooms.
#
# Known room versions are listed here:
-# https://matrix.org/docs/spec/#complete-list-of-room-versions
+# https://spec.matrix.org/latest/rooms/#complete-list-of-room-versions
#
# For example, for room version 1, default_room_version should be set
# to "1".
@@ -284,8 +279,6 @@ default_room_version: {{ matrix_synapse_default_room_version|to_json }}
# static: static resources under synapse/static (/_matrix/static). (Mostly
# useful for 'fallback authentication'.)
#
-# webclient: A web client. Requires web_client_location to be set.
-#
listeners:
{% if matrix_synapse_metrics_enabled %}
- type: metrics
@@ -495,6 +488,20 @@ limit_remote_rooms:
#
#allow_per_room_profiles: false
+# The largest allowed file size for a user avatar. Defaults to no restriction.
+#
+# Note that user avatar changes will not work if this is set without
+# using Synapse's media repository.
+#
+#max_avatar_size: 10M
+
+# The MIME types allowed for user avatars. Defaults to no restriction.
+#
+# Note that user avatar changes will not work if this is set without
+# using Synapse's media repository.
+#
+#allowed_avatar_mimetypes: ["image/png", "image/jpeg", "image/gif"]
+
# How long to keep redacted events in unredacted form in the database. After
# this period redacted events get replaced with their redacted form in the DB.
#
@@ -769,11 +776,16 @@ caches:
per_cache_factors:
#get_users_who_share_room_with_user: 2.0
- # Controls how long an entry can be in a cache without having been
- # accessed before being evicted. Defaults to None, which means
- # entries are never evicted based on time.
+ # Controls whether cache entries are evicted after a specified time
+ # period. Defaults to true. Uncomment to disable this feature.
#
- #expiry_time: 30m
+ #expire_caches: false
+
+ # If expire_caches is enabled, this flag controls how long an entry can
+ # be in a cache without having been accessed before being evicted.
+ # Defaults to 30m. Uncomment to set a different time to live for cache entries.
+ #
+ #cache_entry_ttl: 30m
# Controls how long the results of a /sync request are cached for after
# a successful response is returned. A higher duration can help clients with
@@ -883,6 +895,9 @@ log_config: "/data/{{ matrix_server_fqn_matrix }}.log.config"
# - one for ratelimiting how often a user or IP can attempt to validate a 3PID.
# - two for ratelimiting how often invites can be sent in a room or to a
# specific user.
+# - one for ratelimiting 3PID invites (i.e. invites sent to a third-party ID
+# such as an email address or a phone number) based on the account that's
+# sending the invite.
#
# The defaults are as shown below.
#
@@ -937,6 +952,10 @@ rc_joins: {{ matrix_synapse_rc_joins|to_json }}
# per_user:
# per_second: 0.003
# burst_count: 5
+#
+#rc_third_party_invite:
+# per_second: 0.2
+# burst_count: 10
# Ratelimiting settings for incoming federation
#
@@ -1465,6 +1484,16 @@ autocreate_auto_join_rooms: {{ matrix_synapse_autocreate_auto_join_rooms|to_json
#
#auto_join_rooms_for_guests: false
+# Whether to inhibit errors raised when registering a new account if the user ID
+# already exists. If turned on, that requests to /register/available will always
+# show a user ID as available, and Synapse won't raise an error when starting
+# a registration with a user ID that already exists. However, Synapse will still
+# raise an error if the registration completes and the username conflicts.
+#
+# Defaults to false.
+#
+#inhibit_user_in_use_error: true
+
## Metrics ###
@@ -1519,6 +1548,7 @@ room_prejoin_state:
# - m.room.encryption
# - m.room.name
# - m.room.create
+ # - m.room.topic
#
# Uncomment the following to disable these defaults (so that only the event
# types listed in 'additional_event_types' are shared). Defaults to 'false'.
@@ -1533,6 +1563,21 @@ room_prejoin_state:
#additional_event_types:
# - org.example.custom.event.type
+# We record the IP address of clients used to access the API for various
+# reasons, including displaying it to the user in the "Where you're signed in"
+# dialog.
+#
+# By default, when puppeting another user via the admin API, the client IP
+# address is recorded against the user who created the access token (ie, the
+# admin user), and *not* the puppeted user.
+#
+# Uncomment the following to also record the IP address against the puppeted
+# user. (This also means that the puppeted user will count as an "active" user
+# for the purpose of monthly active user tracking - see 'limit_usage_by_mau' etc
+# above.)
+#
+#track_puppeted_user_ips: true
+
# A list of application service config files to use
#
@@ -1898,10 +1943,13 @@ saml2_config:
# Defaults to false. Avoid this in production.
#
# user_profile_method: Whether to fetch the user profile from the userinfo
-# endpoint. Valid values are: 'auto' or 'userinfo_endpoint'.
+# endpoint, or to rely on the data returned in the id_token from the
+# token_endpoint.
#
-# Defaults to 'auto', which fetches the userinfo endpoint if 'openid' is
-# included in 'scopes'. Set to 'userinfo_endpoint' to always fetch the
+# Valid values are: 'auto' or 'userinfo_endpoint'.
+#
+# Defaults to 'auto', which uses the userinfo endpoint if 'openid' is
+# not included in 'scopes'. Set to 'userinfo_endpoint' to always use the
# userinfo endpoint.
#
# allow_existing_users: set to 'true' to allow a user logging in via OIDC to
@@ -2550,11 +2598,6 @@ email:
# #filter: "(objectClass=posixAccount)"
{% if matrix_synapse_password_providers_enabled %}
password_providers:
-{% if matrix_synapse_ext_password_provider_shared_secret_auth_enabled %}
- - module: "shared_secret_authenticator.SharedSecretAuthenticator"
- config:
- sharedSecret: {{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret|string|to_json }}
-{% endif %}
{% if matrix_synapse_ext_password_provider_rest_auth_enabled %}
- module: "rest_auth_provider.RestAuthProvider"
config:
diff --git a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2
index 66a323f9..43dc42d1 100644
--- a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2
+++ b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2
@@ -46,8 +46,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name {{ matrix_synapse_wor
run -m synapse.app.{{ matrix_synapse_worker_details.type }} -c /data/homeserver.yaml -c /data/{{ matrix_synapse_worker_config_file_name }}
-ExecStopPost=-{{ matrix_host_command_docker }} kill {{ matrix_synapse_worker_container_name }}
-ExecStopPost=-{{ matrix_host_command_docker }} rm {{ matrix_synapse_worker_container_name }}
+ExecStop=-{{ matrix_host_command_docker }} kill {{ matrix_synapse_worker_container_name }}
+ExecStop=-{{ matrix_host_command_docker }} rm {{ matrix_synapse_worker_container_name }}
ExecReload={{ matrix_host_command_docker }} exec {{ matrix_synapse_worker_container_name }} /bin/sh -c 'kill -HUP 1'
Restart=always
diff --git a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2
index bfc8dd61..188db5ef 100644
--- a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2
+++ b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2
@@ -63,8 +63,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-synapse \
{{ matrix_synapse_docker_image }} \
run -m synapse.app.homeserver -c /data/homeserver.yaml
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-synapse 2>/dev/null'
-ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-synapse 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-synapse 2>/dev/null'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-synapse 2>/dev/null'
ExecReload={{ matrix_host_command_docker }} exec matrix-synapse /bin/sh -c 'kill -HUP 1'
Restart=always
RestartSec=30
diff --git a/roles/matrix-synapse/vars/workers.yml b/roles/matrix-synapse/vars/workers.yml
index 1a279ad6..48530312 100644
--- a/roles/matrix-synapse/vars/workers.yml
+++ b/roles/matrix-synapse/vars/workers.yml
@@ -64,7 +64,7 @@ matrix_synapse_workers_generic_worker_endpoints:
# Registration/login requests
- ^/_matrix/client/(api/v1|r0|v3|unstable)/login$
- ^/_matrix/client/(r0|v3|unstable)/register$
- - ^/_matrix/client/unstable/org.matrix.msc3231/register/org.matrix.msc3231.login.registration_token/validity$
+ - ^/_matrix/client/v1/register/m.login.registration_token/validity$
# Event sending requests
- ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/redact
diff --git a/setup.yml b/setup.yml
index b81c765a..3d99cbdf 100755
--- a/setup.yml
+++ b/setup.yml
@@ -37,6 +37,7 @@
- matrix-bridge-mx-puppet-instagram
- matrix-bridge-sms
- matrix-bridge-heisenbridge
+ - matrix-bridge-hookshot
- matrix-bot-matrix-reminder-bot
- matrix-bot-honoroit
- matrix-bot-go-neb